Begrifferklärungen

Paravirtualisierung

- Cooperation with OS: OS is aware of virtualisation - Needs to modify guest - Not usable for closed source OSes   WIKI: In computing, para-virtualization is a virtualization technique that presents a software interface to the virtual machines which is similar, yet not identical to the underlying hardware–software interface.

User - Kernel

Two mechanisms used by the OS kernel to prevent user programs from overwriting kernel data structures   - Userspace permission bit: inaccessible due to userspace permission bit (set to 0 for kernel pages)   - Shared memory

User mode to kernel mode

Name three ways in which the processor can transition from user mode to kernel mode? Can the user execute arbitrary code after transition?   The transition from user mode to kernel mode occurs when the application requests the help of operating system or an interrupt or a system call occurs. The mode bit is set to 1 in the user mode. It is changed from 1 to 0 when switching from user mode to kernel mode.  

Hypervisor

A hypervisor or virtual machine monitor (VMM) is computer software, firmware or hardware that creates and runs virtual machines.  A computer on which a hypervisor runs one or more virtual machines is called a host machine, and each virtual machine is called a guest machine.

Working Set

Die Pages, die ein Prozess im Zeitraum k bis zum Zeitpunkt t hält. Das working set wird benötigt um beim Wechsel auf einen Prozess das working set (Prepaging) zu laden, da er mit hoher Wahrscheinlichkeit (lokalitätsprinzip) diese wieder benötigen wird. Somit werden Pagefaults minimiert.

User Mode - Kernel Mode

Arbeitet die CPU im Kernel-Mode, so ist jeder beliebige Befehl zur Ausführung zugelassen. Es kann auf sämtliche Speicherbereiche für Daten- und Programmtext, sowie auf alle Betriebsmittel zugegriffen werden. Hier ist alles erlaubt, es bestehen die höchsten Privilegien. Das Betriebssystem arbeitet üblicherweise im Kernel-Mode und hat somit alle Möglichkeiten, seine definierten Aufgaben zu erfüllen.

Arbeitet die CPU im User-Mode, so ist nur ein eingeschränkter Befehlssatz zur Ausführung zugelassen. Es sind also nicht alle Befehle erlaubt, ebenso kann nicht auf alle Speicherbereiche und auch nicht auf alle Betriebsmittel zugegriffen werden. Anwendungsprogramme arbeiten üblicherweise im User-Mode. Diese haben damit nur sehr eingeschränkte Möglichkeiten, das soll auch so sein.

System call - Subroutine call

Among computer control instructions, we can find subroutine call instructions with the acronym "Call" and subroutine return instructions with the acronym "Ret". A subroutine is a sequence of instructions ended with the return instruction "Ret". In the subroutine call instruction there is always placed the address of the first instruction in the subroutine called the subroutine address.

A system call is the programmatic way in which a computer program requests a service from the kernel of the operating system it is executed on.

Semaphore - Mutex

Semaphore is a signalling mechanism. Semaphore is an integer variable. A semaphore is a generalized mutex. In lieu of single buffer, we can split the 4 KB buffer into four 1 KB buffers (identical resources). A semaphore can be associated with these four buffers. The consumer and producer can work on different buffers at the same time.

Mutex is a locking mechanism. Mutex is an object. A mutex provides mutual exclusion, either producer or consumer can have the key (mutex) and proceed with their work. As long as the buffer is filled by producer, the consumer needs to wait, and vice versa. At any point of time, only one thread can work with the entire buffer.

Program - Process - Thread

Program: Binary file mit Code und Daten    Aktionen: write, install, load, compile    Ressourcen: file Thread: Führt Anwendungen/Programme aus    Aktionen: run, stop, interrupt    Ressourcen: CPU time, stack, registers,  Process: Container für Threads und memory contents eines Programms      Aktionen: create, start, terminate    Ressourcen: threads, memory, program

Shadow page table - Extendet page table

The shadow page table is a data structure that is actively maintained and re-filled by the VMM. Theshadow page table mirrors what the guest is doing in terms of its own page tables and in terms of what the VMM translates the guest physical address to the host physical address.

"Extended page tables" are Intel's implementation of Second Level Address Translation (SLAT), also known as nested paging, which is used to more efficiently virtualize the memory of guest VMs. Basically, guest virtual addresses are first translated to guest physical addresses, which are then translated to host physical addresses. This is all done in hardware (by the MMU) to avoid extra work needing to be done in software by the VMM.

1 (binary/octet-stream)

Zustandsdiagramm eines Prozesses

Caption: :

Übergang 1 [Ready]: Der Prozess wurde soeben erzeugt und all seine Ressourcen sind Verfügbar, sein Zustand wird auf bereit gesetzt. Übergang 2 [Run]: Der Prozess wird vom Scheduler ausgewählt und erhält die CPU, solange er die CPU hat befindet er sich im Zustand Run Übergang 3 [Yield]: Der Prozess muss die CPU wieder freigeben um einem anderen Prozess Rechenzeit zu gewähren. Übergang 4 [Sleep]: Der Prozess muss aufgrund eines speziellen Ereignisses auf etwas warten. Z.b. I/O oder Acquirieren eines Locks. Übergang 5 [Ready to Run]: Das Ereignis auf das der Prozess gewartet hat ist eingetreten, er ist wieder bereit seine Arbeit fortzusetzen. Übergang 6 [Finish]: Der Prozess hat seine Ausführung beendet oder wird aus einem anderen Grund beendet. Er ist somit zerstört. 

What are the conditions for a deadlock and are they fulfilled? (there are 4 conditions) - Mutual Exclusion condition    Each resource is either currently assigned to exactly one    process or is available. - Hold-and-wait condition    Processes currently holding resources that were granted    earlier can request new resources - No-preemption condition    Resources previously granted cannot be forcibly taken away    from a process. They must be explicitly released by the    process holding them - Circular wait condition    There must be a circular list of two or more processes, each    of which is waiting for a resource held by the next member of    the chain We discussed options to deal with deadlocks. Discuss al of them and if/how can/cannot be applied to this situation - Ignore it (maybe it ignores us too...) - Detection and Recovery - Avoidance - Prevention

Kreisverkehr

1 (binary/octet-stream)

Extent

Variable sized region of a file stored in a contiguours region on the storage device.

File metadata

Is data that describes the data of the file (creation date, size...)

Copy-on-Write file system

-> Never overwrites data or metadata   Kopiert Ressourcen nur wenn dies nötig ist (wenn etwas geändert wird), sonst wird die Ressource zwischen Kopie und Original geteilt.

Working set

Amount of memory that a process requires in a given time interval.

fork()

fork() creates an exact copy of the calling process, expect...? Name at least 3 expections.   The child does not inherit its parent's memory locks The child does not inherit semaphores The child does not inherit process-associated record locks The child does not inherit timers The child does not inherit outstanding asynchronous I/O operations from its parent The child does not inherit directory change notifications

Given an example that demonstrates that the principle of locality is not purely theoretical.   Page replacement algorithm -> z.B. LRU (least recently used) oder NFU (not frequently used) Beide gehen vom Prinzip der Lokalität aus und performen besser als random PRA, somit ist es ein Beweis dass das Prinzip angewandt werden kann.

Principle of locality

Process memory layout

2 (binary/octet-stream)

Caption: : PLT: Procedure Linkage Table - GOT: Global Object Table

1 (binary/octet-stream)

Page table entry

ELF Binaries

1 (binary/octet-stream)

OS as...

...Referee    - manage resources among users and applications    - isolation of users, application, operating systems... ...Illusionist    - abstraction of Hardware and other things    - each application appears to have the entire machine to itself    - illusion of: infinite number of processes, (near) infinite amount of memory... ...Glue    - libraries, user interface widgets, software-hardware

Program contains following code:

asm("hlt");   The hlt instruction halts the central processing unit (CPU) until the next external interrupt is fired.   asm("cli");   CLI clears the IF flag in the EFLAGS register. No other flags are affected. Clearing the IF flag causes the processor to ignore maskable external interrupts​​​​​​​

Paging structure (x86-64)

1 (binary/octet-stream)

External fragmentation

External fragmentation: free space holes in memory or disk space Internal fragmentation: wasted space within each allocated block   A virtual memory system that uses paging is vulnerable to external fragmentation. Why or Why not?   Nein, es ist anfällig gegen internal fragmentation, da man große pages haben könnte, welche nur zu einem kleinen Teil gefüllt sind. Segmentation ist hingegen anfällig gegen external fragmentation, da zwischen den Segmenten Platz "verloren" geht (free space holes).

Safe state

A state is safe if there is some scheduling order in which every process can run to completion even if all of them request their maximum.   If the system can allocate resources to the process in such a way that it can avoid deadlock, then the system is in safe state.

PTE bits

1 (binary/octet-stream)

For each of the three mechanisms that supports dualmode operations (user/kernel mode) -   privileged instructions -   memory protection -   timer interrupts explain what might fo wrong without that mechanism, assuming the system still had the other two. Provide a specific example for each one. -   Most instructions cannot do any harm, but some can, for exmple: asm ( ” c l i ”) ; asm ( ” h l t ”) ; Without privileged instructions a user program could run these instructions and harm the system. -   Without memory protection a user program could read and write kernel memory, which could cause a lot of problems. -   Every time a timer interrupt occurs, the os gets control, if there where no timer interrupts it could happen that a user programm runs forever and the OS will never get back control again.

User/kernel mode protection

1 (binary/octet-stream)

Syscalls on an IA32 platform

Caption: : If you belive an action plays no role, mark it with an X