DOCSLIB.ORG

Evolving Ideas Jeetendra Pande Computing, Communication and Networking Nihar Ranjan Pande Deep Chandra Joshi Publish by Global Vision Publishing House

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Evolving Ideas Jeetendra Pande Computing, Communication and Networking Nihar Ranjan Pande Deep Chandra Joshi Publish by Global Vision Publishing House Edited169 by Evolving Ideas Jeetendra Pande Computing, Communication and Networking Nihar Ranjan Pande Deep Chandra Joshi Publish by Global Vision Publishing House Advanced Architecture Based OS Neeraj Sharma1, Rajat Goel2 and Rajeev Kumar3 ABSTRACT The modern operating systems are made with the advanced architecture, which made the efficient utilization, highly scalable, and high availability of the resources and the services. The earliest operating systems were developed for mainframe computer architectures in the 1960s. The enormous investment in software for these systems caused most of the original computer manufacturers to continue to develop hardware and operating systems that are compatible with those early operating systems. Those early systems pioneered many of the features of modern operating systems. Modern mainframes typically also run Linux or Unix variants. A “Datacenter” variant of Windows Server 2003 is also available for some mainframe systems. INTRODUCTION Basically an operating system is software which enable the user to interact with hardware also provide an interface to the user to run an application. The core basic architecture was design by considering certain issues in the existing hardware they are: Processors are executing the instructions serially one by one at a time; there is a need of such an architecture, which can handle the multiple users simultaneously; hardware was too costly so people use to buy the computers on the leased basis. That made to a need for the time-sharing system. There is need for a communicator who can interact with the system and can manage the hardware resources efficiently and optimistically. There is the core component of the system that is responsible for the all there issues named as kernel. KERNEL AND ITS TYPES Kernel is the core of the operating system, which manages the resources and users. The kernel’s primary purpose is to manage the computer’s resources and allow other programs to run and use these 1. Associate Proffesor JP Institute of Engineering & Technology, Meerut. 2. Lecturer Translam Institute of Technology & Management, Meerut. 3. Lecturer Translam Institute of Technology & Management, Meerut. 170 Neeraj Sharma, Rajat Goel and Rajeev Kumar resources. Typically, the resources consist of: the CPU (frequently called the processor), the most central part of a computer system, responsible for running or executing programs on it. The kernel takes responsibility for deciding at any time which of the many running programs should be allocated to the processor or processors (each of which can usually run only one program at a time). There are various types of the kernel: a) Micro kernel; b) Monolithic Kernel; c) Nano Kernel; d) Hybrid Kernel. A microkernel is a minimal computer operating system kernel which, in its purest form, provides no operating-system services at all, only the mechanisms needed to implement such services, such as low- level address space management, thread management, and inter-process communication (IPC). The microkernel is the only part of the system executing in a kernel mode. The actual operating-system services are provided by user-mode servers. These include device drivers, protocol stacks, file systems and user- interface code. A monolithic kernel is a kernel architecture where the entire kernel is run in kernel space in supervisor mode. In common with other architectures (microkernel, hybrid kernels), the kernel defines a high-level virtual interface over computer hardware, with a set of primitives or system calls to implement operating system services such as process management, concurrency, and memory management in one or more modules. Courtesy: Wikipedia.org:: Graphical Overview of Monolithic Kernel Fig. 1 A nanokernel or picokernel is a very minimalist operating system kernel. The nanokernel represents the closest hardware abstraction layer of the operating system by interfacing the CPU, managing interrupts and interacting with the MMU. The interrupt management and MMU interface are not necessarily part of a nanokernel; however, on most architectures these components are directly connected to the CPU, therefore, it often makes sense to integrate these interfaces into the kernel. Hybrid kernel is a kernel architecture based on combining aspects of microkernel and monolithic kernel architectures used in computer operating systems. Advanced Architecture Based OS 171 Fig. 2 Modern kernel architecture comes with the hierarchical protection domains are much less flexible, as is the case with every kernel with a hierarchical structure assumed as global design criterion. In the case of protection it is not possible to assign different privileges to processes that are at the same privileged level, and therefore is not possible to satisfy Denning’s four principles for fault tolerance (particularly the Principle of least privilege). Hierarchical protection domains also have a majaor performance drawback, since interaction between different levels of protection, when a process has to manipulate a data structure both in ‘user mode’ and ‘supervisor mode’, always requires message copying (transmission by value). A kernel based on capabilities, however, is more flexible in assigning privileges, can satisfy Denning’s fault tolerance principles, and typically doesn’t suffer from the performance issues of copy by value. Ring 3 least privilege Ring 2 Ring 1 Ring 0 Kernel Device drivers Most Privilege Device drivers Applications Fig. 3 Based on the application and purpose there are different kernel architectures and based on them there are various types of operating systems: Disk Operating System [DOS] Many vendors had introduces with the DOS operating system for the PC’s and mini computer. It includes basic disk management and data retrival commands, along with some editing commands. File 172 Neeraj Sharma, Rajat Goel and Rajeev Kumar system vary from vendor to vendor basically. MS-DOS and PC-DOS were using FAT16 as their file system. Later MS-DOS 7.1 added a support for FAT32. DOS is having capability to swap its kernel with the application. It is 16 bit operating system, programmed in assembly language. As every application is having its own starting point, the linker and loader in the kernel loads at its entry point, and kernel swaps its memory loaction to other location. Initially, DOS was design for PC’s and supported only disk level operation later on it supported network and FAT32 file system. Following are the list of DOS distributed by different vendors for different architecture: • CP/M – Control Program/Monitor developed by Digital Research Inc; • MP/M –Multi user version of CP/M, developed by Digital Research Inc; • DR-DOS –developed by Digital Research Inc; • OpenDOS – by Free Software Foundation; • Apple DOS – developed by Apple; • DOS/360 – developed by IBM; • PC-DOS/386 - by IBM; • FreeDOS32 - by GNU. Network Operating System (NOS) A network operating system (NOS) is a computer operating system that is designed primarily to support workstation, personal computer, and, in some instances, older terminal that are connected on a local area network (LAN). Artisoft’s, LANtastic, Banyan VINES, Novell’s NetWare, and Microsoft’s LAN Manager are examples of network operating systems. In addition, some multi-purpose operating systems, such as Windows NT and Digital’s OpenVMS come with capabilities that enable them to be described as a network operating system. A network operating system provides printer sharing, common file system and database sharing, application sharing, and the ability to manage a network name directory, etc. There is NOS oprating system that includes Novel Netware, Windows NT and 2000, Solaris, IBM OS/2, UNIX, etc. While Cisco IOS is called as Internet Operating System. Some of the features of network operating system are: • Provide basic operating system features such as support for processors, protocols, automatic hardware detection and support multi-processing of applications; • Security features such as authentication, authorization, logon restrictions and access control; • Provide name and directory services; • Provide file, print, web services, back-up and replication services; • Support Internetworking such as routing and WAN ports; • User management and support for logon and logoff, remote access, system management, administration and auditing tools with graphic interfaces; • Clustering capabilities, fault tolerant and high availability systems. Embedded Operating System Embedded systems use a variety of dedicated operating systems. In some cases, the “operating system” software is directly linked to the application to produce a monolithic special-purpose program. In Advanced Architecture Based OS 173 the simplest embedded systems, there is no distinction between the OS and the application. Embedded systems that have certain time requirements are known as Real-time operating systems. There are many vendors who introduce with their distributions: • Open BSD; • Embedded Linux; • Free RTOS; • LynxOS RTOS; • NetBSD; • Windows XP Embedded; • Windows CE; • Symbian OS. WINDOWS NT ARCHITECTURE The architecture of Windows NT is highly modular and consists of two main layers: a user mode and a kernel mode. Programs and subsystems in user mode are limited in terms of what system resources they have access to, while the kernel mode has unrestricted access to the system memory and external devices. The kernels of the operating systems in this line are all known as hybrid kernel, although this term is disputed, with the claim
Load more

Recommended publications
  • Distribution and Operating Systems
    Distributed Systems | Distribution and Operating Systems Allan Clark School of Informatics University of Edinburgh http://www.inf.ed.ac.uk/teaching/courses/ds Autumn Term 2012 Distribution and Operating Systems Overview I This part of the course will be chiefly concerned with the components of a modern operating system which allow for distributed systems I We will examine the design of an operating system within the context that we expect it to be used as part of a network of communicating peers, even if only as a client I In particular we will look at providing concurrency of individual processes all running on the same machine I Concurrency is important because messages take time to send and the machine can do useful work in between messages which may arrive at any time I An important point is that in general we hope to provide transparency of concurrency, that is each process believes that it has sole use of the machine I Recent client machines such as smartphones, have, to some extent, shunned this idea Distribution and Operating Systems Operating Systems I An Operating System is a single process which has direct access to the hardware of the machine upon which it is run I The operating system must therefore provide and manage access to: I The processor I System memory I Storage media I Networks I Other devices, printers, scanners, coffee machines etc http://fotis.home.cern.ch/fotis/Coffee.html Distribution and Operating Systems Operating Systems I As a provider of access to physical resources we are interested in the operating system providing: I Encapsulation: Not only should the operating system provide access to physical resources but also hide their low-level details behind a useful abstraction that applications can use to get work done I Concurrent Processing: Applications may access these physcial resources (including the processor) concurrently, and the process manager is responsible for achieving concurrency transparency I Protection: Physical resources should only be accessed by processes with the correct permissions and then only in safe ways.
    [Show full text]
  • Impact of Hybrid Kernel for the Performance of the Operating System
    ISSN (Online) 2278-1021 ISSN (Print) 2319-5940 International Journal of Advanced Research in Computer and Communication Engineering Vol. 4, Issue 3, March 2015 Impact of Hybrid Kernel for the Performance of the Operating System Miss Hema K Reddy1, Dr. M A Pund2 ME Student, CSE , Prof. Ram Meghe Institute of Technology Research, Badnera1 Professor, CSE, Prof. Ram Meghe Institute of Technology & Research, Badnera2 Abstract: Embedded system application is a hot topic in today’s date & Linux gradually becomes the most important operating system for embedded applications. Embedded real-time system must be able to response and deal with system events within the pre-defined time limitation. In real-time multi-tasking system, a lot of events and multiple concurrent tasks are running at the same time. Therefore, to meet the system response time requirement, we must ensure that each mission can be achieved within the required time frame. Current Operating Systems includes a graphical user interface that is widely used. Due to the absence of Real-Time ability, current Operating Systems has not been suitable for all industrial applications. On the other hand normal operating system has the advantage of having both widespread applications and broad user acceptance. Moreover lot many low priced user programs are available. This is an attempt to create a way to make operating system useful for industrial real-time applications eliminating its disadvantages without giving up its advantages of popular user applications. Keywords: Operating System Kernel, Hybrid Kernel, Performance arguments. I. INTRODUCTION The Hybrid Kernel combines the Desktop OS and RTOS operating system provides a powerful tool for real-time so that they can run concurrently on the same PC and the systems design and development because of its real-time user can get best of both worlds.
    [Show full text]
  • Introduction to Linux Operating System Table of Contents
    Introduction to Linux Operating System Table of contents • Operating system tasks • UNIX history, Linux history • Linux basic features • Linux distributions • Building OS kernels • Linux modules • eBPF • Linux structure and kernel functions • Basic concepts – process, user mode and kernel mode, context switch, system calls, user stack and kernel stack, process state transitions • Kernel reports – what is going on in the kernel • Additional reading 2 Operating system tasks Operating System is a program that mediates between user and computer hardware. • Hides hardware details of the computer system by creating abstractions (virtual machines). Examples: – a unified way to access external devices, – sets of disk blocks seen as files with symbolic names, – large, fast, dedicated operating memory, – concurrent program execution (as an abstraction of parallelism), – a container provides OS-level virtualization by abstracting the „user space”. • Manages resources: – resources are objects necessary to execute the program, e.g. memory, processor (CPU), input/output, communication ports, – strategies for allocation and deallocation of resources (memory management, processor management, file management, device management), – efficiency of resource management determines efficient operation of computer hardware. • Provides a friendly interface. 3 Computer system layers (source: Stallings, Operating Systems) 4 UNIX history • Created in 1969; authors: Ken Thompson, Denis Ritchie from Bell Laboratories, machine: PDP-7, which had many features of MULTICS.
    [Show full text]
  • Openafs Client for Macos
    OpenAFS client for macOS Marcio Barbosa 2021 OpenAFS Workshop AGENDA • A high-level view of XNU • Kernel Extensions • Securing Modular Architecture • System Extensions • Apple Silicon • Conclusion • References / Contact A HIGH-LEVEL VIEW OF XNU A HIGH-LEVEL VIEW OF XNU • The Mac OS X kernel is called XNU. • Stands for X is Not UNIX. • Microkernel architecture? No, XNU is a hybrid kernel. FreeBSD Mach MONOLITHIC KERNELS • "Classic" kernel architecture. • Predominant in the UNIX and Linux realms. • All kernel functionality in one address space. • If any service fails, the whole system crashes. • Hard to extend. MICROKERNELS • Consists of only the core kernel functionality. • The rest of the functionality exported to external servers. • There exists complete isolation between the individual servers. • Communication between them is carried out by message passing. • Failure is contained. • Monolithic kernel failures usually trigger a complete kernel panic. • Performance can be an issue. HYBRID KERNELS • Hybrid kernels attempt to synthesize the best of both worlds. • The innermost core of the kernel is self-contained. • All other services are outside this core, but in the same memory space. • XNU is a hybrid. • The kernel is modular and allows for pluggable Kernel Extensions. • Absence of isolation exposes the system to bugs introduced by KEXTs. MONOLITHIC, MICROKERNELS, AND HYBRID Golftheman, Public domain, via Wikimedia Commons https://commons.wikimedia.org/wiki/File:OS-structure2.svg KERNEL EXTENSIONS KERNEL EXTENSIONS • No kernel can completely accommodate all the hardware, peripheral devices, and services available. • KEXTs are kernel modules, which may be dynamically inserted or removed on demand. • Augments kernel functionality with entirely self-contained subsystems.
    [Show full text]
  • Cocoa Touch Framework
    Mobile OSs, Development Environments, iOS and Android Lesson 04 Apple iOS © Oxford University Press 2018. All rights reserved. 1 iPhone 6 • Multimedia and Internet-enabled mobile phone • Apple iPhone 6 uses A8 processor, a power-efficient processor for the mobiles • Three versions with 16 GB, 64 GB, and 128 GB flash memory • © Oxford University Press 2018. All rights reserved. 2 Devices and Sensors Support • Global positioning system (GPS), Accelerometer, Magnetometer, Picture camera, Camera controls with digital zoom, a scene mode, white balance controls, macro focus, and colour effects. • Video camera in camcorder mode supports video recording and playing. • . © Oxford University Press 2018. All rights reserved. 3 ApplE iPhone • FaceTime app for videoconferencing • Support to iCloud and iCloud Drive, Health and Home Kits © Oxford University Press 2018. All rights reserved. 4 Apple iPhone 6 • Uses Mac OS 8-based iOS 6, 7, and 8 • iOS 8 requires more than 500 MB and more than 5 GB for the apps • Actual memory requirement depends on the OS version • Mac OS very fast responding UIs, direct manipulation using multi-touch gestures. © Oxford University Press 2018. All rights reserved. 5 Apple iPhones • Mac OS X • Four abstract layers • First layer for basic services • Second for core services • Third the media layer • Fourth the touch layer called Cocoa Touch layer © Oxford University Press 2018. All rights reserved. 6 Cocoa Touch Framework • Include libraries, APIs, and run-times • Framework gives an abstraction layer to the iOS © Oxford University Press 2018. All rights reserved. 7 Four Layer iOS Architecture © Oxford University Press 2018. All rights reserved. 8 model-view-controller (MVC) architecture • Framework model-view-controller (MVC) architecture • The core services layer is above the iOS kernel/Core OS.
    [Show full text]
  • Are Central to Operating Systems As They Provide an Efficient Way for the Operating System to Interact and React to Its Environment
    1 www.onlineeducation.bharatsevaksamaj.net www.bssskillmission.in OPERATING SYSTEMS DESIGN Topic Objective: At the end of this topic student will be able to understand: Understand the operating system Understand the Program execution Understand the Interrupts Understand the Supervisor mode Understand the Memory management Understand the Virtual memory Understand the Multitasking Definition/Overview: An operating system: An operating system (commonly abbreviated to either OS or O/S) is an interface between hardware and applications; it is responsible for the management and coordination of activities and the sharing of the limited resources of the computer. The operating system acts as a host for applications that are run on the machine. Program execution: The operating system acts as an interface between an application and the hardware. Interrupts: InterruptsWWW.BSSVE.IN are central to operating systems as they provide an efficient way for the operating system to interact and react to its environment. Supervisor mode: Modern CPUs support something called dual mode operation. CPUs with this capability use two modes: protected mode and supervisor mode, which allow certain CPU functions to be controlled and affected only by the operating system kernel. Here, protected mode does not refer specifically to the 80286 (Intel's x86 16-bit microprocessor) CPU feature, although its protected mode is very similar to it. Memory management: Among other things, a multiprogramming operating system kernel must be responsible for managing all system memory which is currently in use by programs. www.bsscommunitycollege.in www.bssnewgeneration.in www.bsslifeskillscollege.in 2 www.onlineeducation.bharatsevaksamaj.net www.bssskillmission.in Key Points: 1.
    [Show full text]
  • An Operating System
    Page 1 of 7 What is an Operating System 2.1 Examples: An operating system (OS) is software that manages computer hardware and software resources and provides common services for computer programs. The operating system is an essential component of the system software in a computer system. Application programs usually require an operating system to function. Unix and Unix-like operating systems Unix was originally written in assembly language.[6] Ken Thompson wrote B, mainly based on BCPL, based on his experience in the MULTICS project. B was replaced by C, and Unix, rewritten in C, developed into a large, complex family of inter-related operating systems which have been influential in every modern operating system (see History). The Unix-like family is a diverse group of operating systems, with several major sub-categories including System V, BSD, and Linux. The name "UNIX" is a trademark of The Open Group which licenses it for use with any operating system that has been shown to conform to their definitions. "UNIX-like" is commonly used to refer to the large set of operating systems which resemble the original UNIX. Unix-like systems run on a wide variety of computer architectures. They are used heavily for servers in business, as well as workstations in academic and engineering environments. Free UNIX variants, such as Linux and BSD, are popular in these areas. Four operating systems are certified by The Open Group (holder of the Unix trademark) as Unix. HP's HP-UX and IBM's AIX are both descendants of the original System V Unix and are designed to run only on their respective vendor's hardware.
    [Show full text]
  • Microkernels: Mach and L4
    Microkernels: Mach and L4 Presented by Jason Wu With content borrowed from Dan Williams (2009) and Hakim Weatherspoon (2008) Outline • Introduction to Kernels • 1st Generation Microkernels – Mach • 2nd Generation Microkernels – L4 • Conclusions Introduction to Kernels • Different Types of Kernel Designs – Monolithic kernel – Microkernel – Hybrid Kernel – Exokernel – Virtual Machines? Monolithic Kernels • All OS services operate in kernel space • Good performance • Disadvantages – Dependencies between system component – Complex & huge (millions(!) of lines of code) – Larger size makes it hard to maintain • E.g. Multics, Unix, BSD, Linux Microkernels • Minimalist approach – IPC, virtual memory, thread scheduling • Put the rest into user space – Device drivers, networking, file system, user interface • More stable with less services in kernel space • Disadvantages – Lots of system calls and context switches • E.g. Mach, L4, AmigaOS, Minix, K42 Monolithic Kernels VS Microkernels Hybrid Kernels • Combine the best of both worlds – Speed and simple design of a monolithic kernel – Modularity and stability of a microkernel • Still similar to a monolithic kernel – Disadvantages still apply here • E.g. Windows NT, NetWare, BeOS Exokernels • Follows end-to-end principle – Extremely minimal – Fewest hardware abstractions as possible – Just allocates physical resources to apps • Disadvantages – More work for application developers • E.g. Nemesis, ExOS • Next Thursday! The Microkernel Debate • How big should it be? • Big debate during the 1980’s Summary:
    [Show full text]
  • Peter Mandl Grundkurs Betriebssysteme Architekturen, Betriebsmittelverwaltung, Synchronisation, Prozesskommunikation, Virtualisierung 5
    Peter Mandl Grundkurs Betriebssysteme Architekturen, Betriebsmittelverwaltung, Synchronisation, Prozesskommunikation, Virtualisierung 5. Auflage Grundkurs Betriebssysteme Peter Mandl Grundkurs Betriebssysteme Architekturen, Betriebsmittelverwaltung, Synchronisation, Prozesskommunikation, Virtualisierung 5., aktualisierte Auflage Prof. Dr. Peter Mandl Fakultät für Informatik und Mathematik Hochschule München München, Deutschland ISBN 978-3-658-30546-8 ISBN 978-3-658-30547-5 (eBook) https://doi.org/10.1007/978-3-658-30547-5 Die Deutsche Nationalbibliothek verzeichnet diese Publikation in der Deutschen Nationalbibliografie; detaillierte bibliografische Daten sind im Internet über http://dnb.d-nb.de abrufbar. Springer Vieweg © Springer Fachmedien Wiesbaden GmbH, ein Teil von Springer Nature 2008, 2010, 2013, 2014, 2020 Das Werk einschließlich aller seiner Teile ist urheberrechtlich geschützt. Jede Verwertung, die nicht ausdrücklich vom Urheberrechtsgesetz zugelassen ist, bedarf der vorherigen Zustimmung des Verlags. Das gilt insbesondere für Vervielfältigungen, Bearbeitungen, Übersetzungen, Mikroverfilmungen und die Einspeicherung und Verar- beitung in elektronischen Systemen. Die Wiedergabe von allgemein beschreibenden Bezeichnungen, Marken, Unternehmensnamen etc. in diesem Werk bedeutet nicht, dass diese frei durch jedermann benutzt werden dürfen. Die Berechtigung zur Benutzung unterliegt, auch ohne gesonderten Hinweis hierzu, den Regeln des Markenrechts. Die Rechte des jeweiligen Zeicheninhabers sind zu beachten. Der Verlag, die Autoren
    [Show full text]
  • Types of Operating System Kernels
    TYPES OF OPERATING SYSTEM KERNELS Cristian ULMANU Universitatea Tehnică a Moldovei Abstract: A kernel is a central component of an operating system. It acts as an interface between the user applications (software) and the hardware. The sole aim of the kernel is to manage the communication between the software (user level applications) and the hardware components (CPU, disk memory, RAM, etc). Even if all the kernels have the same purpose, however they all have different architecture, each of them has its own features, advantages and disadvantages. So this article provides information about kernel functions and kernel architectures with their features, advantages and disadvantages. Keywords: kernel, Operating System, monolithic kernels, microkernels, hybrid kernels, nanokernel, exokernel. Introduction The kernel is a computer program that is the core of a computer's operating system, with complete control over everything in the system. It handles the rest of start-up as well as input/output requests from software, translating them into data-processing instructions for the central processing unit. It handles memory and peripherals like keyboards, monitors, printers, and speakers. The kernel performs its tasks, such as running processes, managing hardware devices such as the hard disk, and handling interrupts, in this protected kernel space. This separation prevents user data and kernel data from interfering with each other and causing instability and slowness, as well as preventing malfunctioning application programs from crashing the entire operating system. The kernel's interface is a low-level abstraction layer. When a process makes requests of the kernel, it is called a system call. Kernel designs differ in how they manage these system calls and resources.[1] 1.
    [Show full text]
  • Kernel Operating System
    International Journal of Advanced Technology in Engineering and Science www.ijates.com Volume No.02, Special Issue No. 01, September 2014 ISSN (online): 2348 – 7550 KERNEL OPERATING SYSTEM Manjeet Saini1, Abhishek Jain2, Ashish Chauhan3 Department Of Computer Science And Engineering, Dronacharya College Of Engineering Khentawas, Farrukh Nagar, Gurgaon, Haryana, (India) ABSTRACT The central module of an operating system (OS) is the Kernel. It is the part of the operating system that loads first, and it remains in main memory. It is necessary for the kernel to be very small while still providing all the essential services needed by other parts of the OS because it stays in the memory. To prevent kernel code from being overwritten by programs or other parts of the operating system it is loaded into a protected area of memory. The presence of an operating system kernel is not a necessity to run a computer. Directly loading and executing the programs on the "bare metal" machine is possible, provided that the program authors are willing to do without any OS support or hardware abstraction. Many video game consoles and embedded systems still constitute the “bare metal” approach. But in general, newer systems use kernels and operating systems. Keywords: Scalability, Multicore Processors, Message Passing I. INTRODUCTION In computing, the kernel is a computer program that manages input/output requests from software, and translates them into data processing instructions for the central processing unit and other electronic components of a computer. When a computer program (in this context called a process) makes requests of the kernel, the request is called a system call.
    [Show full text]
  • Eternal War in XNU Kernel Objects
    Eternal War in XNU Kernel Objects Min(Spark) Zheng, Xiaolong Bai, Hunter Alibaba Orion Security Lab whoami • SparkZheng @ Twitter,蒸米spark @ Weibo • Alibaba Security Expert • CUHK PhD, Blue-lotus and Insight-labs • Gave talks at RSA, BlackHat, DEFCON, HITB, ISC, etc • Xiaolong Bai (bxl1989 @ Twitter&Weibo) • Alibaba Security Engineer • Ph.D. graduated from Tsinghua University • Published papers on S&P, Usenix Security, CCS, NDSS Apple Devices & Jailbreaking • Jailbreaking in general means breaking the device out of its “jail”. • Apple devices (e.g., iPhone, iPad) are most famous “jail” devices among the world. • iOS, macOS, watchOS, and tvOS are operating systems developed by Apple Inc and used in Apple devices. XNU • All systems deploy a same hybrid kernel structure called XNU. • There are cases that kernel vulnerabilities have been used to escalate the privileges of attackers and get full control of the system (hence jailbreak the device). • Accordingly, Apple has deployed multiple security mechanisms that make the exploitation of the device harder. Mitigation - DEP/KASLR • Apple deployed Data Execution Prevention (DEP) and Kernel Address Space Layout Randomization (KASLR) from iOS 6 and macOS 10.8. • DEP enables the system to mark relevant pages of memory as non-executable to prevent code injection attack. To break the DEP protection, code-reuse attacks (e.g., ROP) were proposed. • To make these addresses hard to predict, KASLR memory protection randomizes the locations of various memory segments. To bypass KASLR, attackers usually need to leverage information leakage bugs. Mitigation - Freelist Randomization • In previous XNU, the freelist that contains all the freed kernel objects inside a zone uses the LIFO (last-in-first-out) policy.
    [Show full text]