In Different Operating Systems

Total Page:16

File Type:pdf, Size:1020Kb

In Different Operating Systems Asian Journal of Research in Computer Science 8(3): 16-31, 2021; Article no.AJRCOS.68517 ISSN: 2581-8260 A Comprehensive Study of Kernel (Issues and Concepts) in Different Operating Systems Hayfaa Subhi Malallah1*, Subhi R. M. Zeebaree1, Rizgar R. Zebari2, Mohammed A. M.Sadeeq1, Zainab Salih Ageed2, Ibrahim Mahmood Ibrahim1, Hajar Maseeh Yasin1 and Karwan Jameel Merceedi1 1Duhok Polytechnic University, Duhok, Kurdistan Region, Iraq. 2Nawroz University, Duhok, Kurdistan Region, Iraq. Authors’ contributions This work was carried out in collaboration among all authors. All authors read and approved the final manuscript. Article Information DOI: 10.9734/AJRCOS/2021/v8i330201 Editor(s): (1) Dr. Manish Mahajan, CGC College of Engineering, India. Reviewers: (1) Ramjeet Singh Yadav, Ashoka Institute of Technology and Management, India. (2) Guruprakash CD, Sri Siddhartha Academy of Higher Education, India. Complete Peer review History: http://www.sdiarticle4.com/review-history/68517 Received 01 March 2021 Review Article Accepted 08 May 2021 Published 08 May 2021 ABSTRACT Various operating systems (OS) with numerous functions and features have appeared over time. As a result, they know how each OS has been implemented guides users' decisions on configuring the OS on their machines. Consequently, a comparative study of different operating systems is needed to provide specifics on the same and variance in novel types of OS to address their flaws. This paper's center of attention is the visual operating system based on the OS features and their limitations and strengths by contrasting iOS, Android, Mac, Windows, and Linux operating systems. Linux, Android, and Windows 10 are more stable, more compatible, and more reliable operating systems. Linux, Android, and Windows are popular enough to become user-friendly, unlike other OSs, and make more application programs. The firewalls in Mac OS X and Windows 10 are built-in. The most popular platforms are Android and Windows, specifically the novelist versions. It is because they are low-cost, dependable, compatible, safe, and easy to use. Furthermore, modern developments in issues resulting from the advent of emerging technology and the growth of the cell phone introduced many features such as high-speed processors, massive memory, multitasking, high-resolution displays, functional telecommunication hardware, and so on. _____________________________________________________________________________________________________ *Corresponding author: E-mail: [email protected]; Malallah et al.; AJRCOS, 8(3): 16-31, 2021; Article no.AJRCOS.68517 Keywords: Operating system; microkernel; kernels issues and concept; android OS; open-source OS. 1. INTRODUCTION on the device and arbitrates access to protected hardware, as shown in Fig. 1. The kernel is the The OS is a bunch of specially developed component that allows a process on the system programs running on a computer system that to access files, the network, or display authorizes it to operate appropriately. The OS is configuration data. The Operating System has designed to obey two primary purposes: (1) It two primary functions: it essentially needs to be manages the allotment and usage of the used as an extension machine. As a computer computer system's resources among the system manager, it has to handle and administer different tasks and users. (2) imparts an interface all sorts of tools reasonably. Furthermore, between the computing hardware and the specific systems are responsible for protecting developer, making it easier and simplifying it for the computing system and offering application- application programs to be programmed, specific services like networking, graphical generated, and debugged [1]. interface, etc. [4-6]. Amongst the most challenging aspects of research are security As OS became more prominent and more monitoring and ensuring that no new bugs have complicated, interest in rational segmentation of been implemented. Until merging with the the program grew. Comprehensive OS functions mainline branch, kernel developers try to identify and user support will be built on top of this as many security problems as possible. Failure skeletal software base. The kernel provides all to identify vulnerabilities can result in insecure else on the machine with critical facilities and kernels and systems becoming distributed. defines many of the features of higher Multicore is one of the most critical trends to applications. Thus, as a synonym for "kernel," we improve the efficiency of processors. The current also use the word "operating system OS." [2]. leadership producers are therefore focused on becoming multicore processors (MCP) [7]. In a modern general-purpose machine, the Improvement of the computer capacity operating system kernel has the highest degree multitasking is one of the main benefits of MCP. of privilege [3]. The kernel governs how scarce These processors provide only a few full-running resources such as CPU running time and cores rather than one, each with a separate physical memory pages are used by processes front-side bus interface [8, 9]. Fig. 1. The abstract view of a kernel [6]. 17 Malallah et al.; AJRCOS, 8(3): 16-31, 2021; Article no.AJRCOS.68517 Different kernel structure designs exist. allocation tools, mass storage, printing, and other Monolithic kernels are running entirely within one services [16]. The operating system serves as an address space, cooperating with the CPU interface between programs and the computing operating, primarily for speed, in the supervisor hardware to use hardware such as input, output, mode. As user processes do, microkernels run and memory allocation [17]. At the same time, most of the time but not every service is used in the application code is generally run by the the user area, primarily for durability and hardware directly and sometimes calls to or modularity. Service providers are complicated interrupted by the operating system function. social and deliberate processes to do something. Many computer-containing products – mobile With Enterprise, we mean any business phones and consoles for video games, web company, company, organization, and any formal servers, and supercomputers – have operating or informal monarch. We mean a social body systems. with a purposeful undertaking [10, 11]. 1.2 Operating Systems Role on The kernel itself offers only basic functionality in Applications and Computations the microkernel address that enables the implementation of separate programs and An OS is the machine software that manages servers that take former kernel roles, for computer hardware and software resources and example, system drivers, GUI servers, etc. The allows various applications. These technologies mobile devices with operating systems, which can be linked with cloud computing, intelligent are among the most common user devices, device applications, deployment of company provide various communication interfaces systems, Web servers' performance, etc. [18, between the application layer software 19]. components and hardware devices [12]. Today, these devices provide us with a significant 1.2.1 Cloud computing influence on number of services, such: voice calls, operating systems messaging, cameras, internet browsers, games, video players, and many others[13]. However, A cloud is a category of the operating system each mobile phone must include some mobile designed to work in a cloud computing network operating system to execute these services [14]. and virtualization[20]. A cloud operating system controls the service, execution, and proceedings The problem statement of this review research, is of virtual computers, virtual servers, virtual presented through two distinct perspectives: infrastructure, hardware, and software backend detailing several concerns related to the types of [21]. Several systems are used in cloud kernels and merits used and evaluating how computing technology, and most of them are novel technologies are evaluated, and assessing implemented and used in particle physics, data underperformance. The primary purpose is to retrieval, etc. However, different approaches are study different papers related to kernel issues on used to improve cloud computing performance. various types of OS used in different types of The word "cloud" is common in some computers/smartphones and provide a brief organizations but not fully comprehensive and review of these studies. valuable [22]. The rest of the review paper is organized as The emphasis in the IT world has now been follows. Section 2 presents types of operating cloud computing. It provides individuals and systems; in section 3, kernel issues and concept. organizations with robust computing services In section 4 presents some literature reviews, through the Internet and gives them access to a and the discussion is summarized in Section 5. pool of standard tools, including storage servers Finally, Section 6 outlines the conclusion. and applications [23]. Businesses of all sizes are increasingly embracing cloud systems because 1.1 Operating Systems Controlling of they get to purchase hardware and software Processes Execution and Scheduling services at no expense but just pay for each use. This means that they are providing huge The OS software is a device software that advantages, including cost savings [24]. There controls the hardware, software, and services of are various levels of cloud architecture in which the computer program [15]. Timeshare system each level allows extra user power. In addition, a plans activities
Recommended publications
  • Distribution and Operating Systems
    Distributed Systems | Distribution and Operating Systems Allan Clark School of Informatics University of Edinburgh http://www.inf.ed.ac.uk/teaching/courses/ds Autumn Term 2012 Distribution and Operating Systems Overview I This part of the course will be chiefly concerned with the components of a modern operating system which allow for distributed systems I We will examine the design of an operating system within the context that we expect it to be used as part of a network of communicating peers, even if only as a client I In particular we will look at providing concurrency of individual processes all running on the same machine I Concurrency is important because messages take time to send and the machine can do useful work in between messages which may arrive at any time I An important point is that in general we hope to provide transparency of concurrency, that is each process believes that it has sole use of the machine I Recent client machines such as smartphones, have, to some extent, shunned this idea Distribution and Operating Systems Operating Systems I An Operating System is a single process which has direct access to the hardware of the machine upon which it is run I The operating system must therefore provide and manage access to: I The processor I System memory I Storage media I Networks I Other devices, printers, scanners, coffee machines etc http://fotis.home.cern.ch/fotis/Coffee.html Distribution and Operating Systems Operating Systems I As a provider of access to physical resources we are interested in the operating system providing: I Encapsulation: Not only should the operating system provide access to physical resources but also hide their low-level details behind a useful abstraction that applications can use to get work done I Concurrent Processing: Applications may access these physcial resources (including the processor) concurrently, and the process manager is responsible for achieving concurrency transparency I Protection: Physical resources should only be accessed by processes with the correct permissions and then only in safe ways.
    [Show full text]
  • Impact of Hybrid Kernel for the Performance of the Operating System
    ISSN (Online) 2278-1021 ISSN (Print) 2319-5940 International Journal of Advanced Research in Computer and Communication Engineering Vol. 4, Issue 3, March 2015 Impact of Hybrid Kernel for the Performance of the Operating System Miss Hema K Reddy1, Dr. M A Pund2 ME Student, CSE , Prof. Ram Meghe Institute of Technology Research, Badnera1 Professor, CSE, Prof. Ram Meghe Institute of Technology & Research, Badnera2 Abstract: Embedded system application is a hot topic in today’s date & Linux gradually becomes the most important operating system for embedded applications. Embedded real-time system must be able to response and deal with system events within the pre-defined time limitation. In real-time multi-tasking system, a lot of events and multiple concurrent tasks are running at the same time. Therefore, to meet the system response time requirement, we must ensure that each mission can be achieved within the required time frame. Current Operating Systems includes a graphical user interface that is widely used. Due to the absence of Real-Time ability, current Operating Systems has not been suitable for all industrial applications. On the other hand normal operating system has the advantage of having both widespread applications and broad user acceptance. Moreover lot many low priced user programs are available. This is an attempt to create a way to make operating system useful for industrial real-time applications eliminating its disadvantages without giving up its advantages of popular user applications. Keywords: Operating System Kernel, Hybrid Kernel, Performance arguments. I. INTRODUCTION The Hybrid Kernel combines the Desktop OS and RTOS operating system provides a powerful tool for real-time so that they can run concurrently on the same PC and the systems design and development because of its real-time user can get best of both worlds.
    [Show full text]
  • Introduction to Linux Operating System Table of Contents
    Introduction to Linux Operating System Table of contents • Operating system tasks • UNIX history, Linux history • Linux basic features • Linux distributions • Building OS kernels • Linux modules • eBPF • Linux structure and kernel functions • Basic concepts – process, user mode and kernel mode, context switch, system calls, user stack and kernel stack, process state transitions • Kernel reports – what is going on in the kernel • Additional reading 2 Operating system tasks Operating System is a program that mediates between user and computer hardware. • Hides hardware details of the computer system by creating abstractions (virtual machines). Examples: – a unified way to access external devices, – sets of disk blocks seen as files with symbolic names, – large, fast, dedicated operating memory, – concurrent program execution (as an abstraction of parallelism), – a container provides OS-level virtualization by abstracting the „user space”. • Manages resources: – resources are objects necessary to execute the program, e.g. memory, processor (CPU), input/output, communication ports, – strategies for allocation and deallocation of resources (memory management, processor management, file management, device management), – efficiency of resource management determines efficient operation of computer hardware. • Provides a friendly interface. 3 Computer system layers (source: Stallings, Operating Systems) 4 UNIX history • Created in 1969; authors: Ken Thompson, Denis Ritchie from Bell Laboratories, machine: PDP-7, which had many features of MULTICS.
    [Show full text]
  • Openafs Client for Macos
    OpenAFS client for macOS Marcio Barbosa 2021 OpenAFS Workshop AGENDA • A high-level view of XNU • Kernel Extensions • Securing Modular Architecture • System Extensions • Apple Silicon • Conclusion • References / Contact A HIGH-LEVEL VIEW OF XNU A HIGH-LEVEL VIEW OF XNU • The Mac OS X kernel is called XNU. • Stands for X is Not UNIX. • Microkernel architecture? No, XNU is a hybrid kernel. FreeBSD Mach MONOLITHIC KERNELS • "Classic" kernel architecture. • Predominant in the UNIX and Linux realms. • All kernel functionality in one address space. • If any service fails, the whole system crashes. • Hard to extend. MICROKERNELS • Consists of only the core kernel functionality. • The rest of the functionality exported to external servers. • There exists complete isolation between the individual servers. • Communication between them is carried out by message passing. • Failure is contained. • Monolithic kernel failures usually trigger a complete kernel panic. • Performance can be an issue. HYBRID KERNELS • Hybrid kernels attempt to synthesize the best of both worlds. • The innermost core of the kernel is self-contained. • All other services are outside this core, but in the same memory space. • XNU is a hybrid. • The kernel is modular and allows for pluggable Kernel Extensions. • Absence of isolation exposes the system to bugs introduced by KEXTs. MONOLITHIC, MICROKERNELS, AND HYBRID Golftheman, Public domain, via Wikimedia Commons https://commons.wikimedia.org/wiki/File:OS-structure2.svg KERNEL EXTENSIONS KERNEL EXTENSIONS • No kernel can completely accommodate all the hardware, peripheral devices, and services available. • KEXTs are kernel modules, which may be dynamically inserted or removed on demand. • Augments kernel functionality with entirely self-contained subsystems.
    [Show full text]
  • Cocoa Touch Framework
    Mobile OSs, Development Environments, iOS and Android Lesson 04 Apple iOS © Oxford University Press 2018. All rights reserved. 1 iPhone 6 • Multimedia and Internet-enabled mobile phone • Apple iPhone 6 uses A8 processor, a power-efficient processor for the mobiles • Three versions with 16 GB, 64 GB, and 128 GB flash memory • © Oxford University Press 2018. All rights reserved. 2 Devices and Sensors Support • Global positioning system (GPS), Accelerometer, Magnetometer, Picture camera, Camera controls with digital zoom, a scene mode, white balance controls, macro focus, and colour effects. • Video camera in camcorder mode supports video recording and playing. • . © Oxford University Press 2018. All rights reserved. 3 ApplE iPhone • FaceTime app for videoconferencing • Support to iCloud and iCloud Drive, Health and Home Kits © Oxford University Press 2018. All rights reserved. 4 Apple iPhone 6 • Uses Mac OS 8-based iOS 6, 7, and 8 • iOS 8 requires more than 500 MB and more than 5 GB for the apps • Actual memory requirement depends on the OS version • Mac OS very fast responding UIs, direct manipulation using multi-touch gestures. © Oxford University Press 2018. All rights reserved. 5 Apple iPhones • Mac OS X • Four abstract layers • First layer for basic services • Second for core services • Third the media layer • Fourth the touch layer called Cocoa Touch layer © Oxford University Press 2018. All rights reserved. 6 Cocoa Touch Framework • Include libraries, APIs, and run-times • Framework gives an abstraction layer to the iOS © Oxford University Press 2018. All rights reserved. 7 Four Layer iOS Architecture © Oxford University Press 2018. All rights reserved. 8 model-view-controller (MVC) architecture • Framework model-view-controller (MVC) architecture • The core services layer is above the iOS kernel/Core OS.
    [Show full text]
  • Are Central to Operating Systems As They Provide an Efficient Way for the Operating System to Interact and React to Its Environment
    1 www.onlineeducation.bharatsevaksamaj.net www.bssskillmission.in OPERATING SYSTEMS DESIGN Topic Objective: At the end of this topic student will be able to understand: Understand the operating system Understand the Program execution Understand the Interrupts Understand the Supervisor mode Understand the Memory management Understand the Virtual memory Understand the Multitasking Definition/Overview: An operating system: An operating system (commonly abbreviated to either OS or O/S) is an interface between hardware and applications; it is responsible for the management and coordination of activities and the sharing of the limited resources of the computer. The operating system acts as a host for applications that are run on the machine. Program execution: The operating system acts as an interface between an application and the hardware. Interrupts: InterruptsWWW.BSSVE.IN are central to operating systems as they provide an efficient way for the operating system to interact and react to its environment. Supervisor mode: Modern CPUs support something called dual mode operation. CPUs with this capability use two modes: protected mode and supervisor mode, which allow certain CPU functions to be controlled and affected only by the operating system kernel. Here, protected mode does not refer specifically to the 80286 (Intel's x86 16-bit microprocessor) CPU feature, although its protected mode is very similar to it. Memory management: Among other things, a multiprogramming operating system kernel must be responsible for managing all system memory which is currently in use by programs. www.bsscommunitycollege.in www.bssnewgeneration.in www.bsslifeskillscollege.in 2 www.onlineeducation.bharatsevaksamaj.net www.bssskillmission.in Key Points: 1.
    [Show full text]
  • An Operating System
    Page 1 of 7 What is an Operating System 2.1 Examples: An operating system (OS) is software that manages computer hardware and software resources and provides common services for computer programs. The operating system is an essential component of the system software in a computer system. Application programs usually require an operating system to function. Unix and Unix-like operating systems Unix was originally written in assembly language.[6] Ken Thompson wrote B, mainly based on BCPL, based on his experience in the MULTICS project. B was replaced by C, and Unix, rewritten in C, developed into a large, complex family of inter-related operating systems which have been influential in every modern operating system (see History). The Unix-like family is a diverse group of operating systems, with several major sub-categories including System V, BSD, and Linux. The name "UNIX" is a trademark of The Open Group which licenses it for use with any operating system that has been shown to conform to their definitions. "UNIX-like" is commonly used to refer to the large set of operating systems which resemble the original UNIX. Unix-like systems run on a wide variety of computer architectures. They are used heavily for servers in business, as well as workstations in academic and engineering environments. Free UNIX variants, such as Linux and BSD, are popular in these areas. Four operating systems are certified by The Open Group (holder of the Unix trademark) as Unix. HP's HP-UX and IBM's AIX are both descendants of the original System V Unix and are designed to run only on their respective vendor's hardware.
    [Show full text]
  • Microkernels: Mach and L4
    Microkernels: Mach and L4 Presented by Jason Wu With content borrowed from Dan Williams (2009) and Hakim Weatherspoon (2008) Outline • Introduction to Kernels • 1st Generation Microkernels – Mach • 2nd Generation Microkernels – L4 • Conclusions Introduction to Kernels • Different Types of Kernel Designs – Monolithic kernel – Microkernel – Hybrid Kernel – Exokernel – Virtual Machines? Monolithic Kernels • All OS services operate in kernel space • Good performance • Disadvantages – Dependencies between system component – Complex & huge (millions(!) of lines of code) – Larger size makes it hard to maintain • E.g. Multics, Unix, BSD, Linux Microkernels • Minimalist approach – IPC, virtual memory, thread scheduling • Put the rest into user space – Device drivers, networking, file system, user interface • More stable with less services in kernel space • Disadvantages – Lots of system calls and context switches • E.g. Mach, L4, AmigaOS, Minix, K42 Monolithic Kernels VS Microkernels Hybrid Kernels • Combine the best of both worlds – Speed and simple design of a monolithic kernel – Modularity and stability of a microkernel • Still similar to a monolithic kernel – Disadvantages still apply here • E.g. Windows NT, NetWare, BeOS Exokernels • Follows end-to-end principle – Extremely minimal – Fewest hardware abstractions as possible – Just allocates physical resources to apps • Disadvantages – More work for application developers • E.g. Nemesis, ExOS • Next Thursday! The Microkernel Debate • How big should it be? • Big debate during the 1980’s Summary:
    [Show full text]
  • Peter Mandl Grundkurs Betriebssysteme Architekturen, Betriebsmittelverwaltung, Synchronisation, Prozesskommunikation, Virtualisierung 5
    Peter Mandl Grundkurs Betriebssysteme Architekturen, Betriebsmittelverwaltung, Synchronisation, Prozesskommunikation, Virtualisierung 5. Auflage Grundkurs Betriebssysteme Peter Mandl Grundkurs Betriebssysteme Architekturen, Betriebsmittelverwaltung, Synchronisation, Prozesskommunikation, Virtualisierung 5., aktualisierte Auflage Prof. Dr. Peter Mandl Fakultät für Informatik und Mathematik Hochschule München München, Deutschland ISBN 978-3-658-30546-8 ISBN 978-3-658-30547-5 (eBook) https://doi.org/10.1007/978-3-658-30547-5 Die Deutsche Nationalbibliothek verzeichnet diese Publikation in der Deutschen Nationalbibliografie; detaillierte bibliografische Daten sind im Internet über http://dnb.d-nb.de abrufbar. Springer Vieweg © Springer Fachmedien Wiesbaden GmbH, ein Teil von Springer Nature 2008, 2010, 2013, 2014, 2020 Das Werk einschließlich aller seiner Teile ist urheberrechtlich geschützt. Jede Verwertung, die nicht ausdrücklich vom Urheberrechtsgesetz zugelassen ist, bedarf der vorherigen Zustimmung des Verlags. Das gilt insbesondere für Vervielfältigungen, Bearbeitungen, Übersetzungen, Mikroverfilmungen und die Einspeicherung und Verar- beitung in elektronischen Systemen. Die Wiedergabe von allgemein beschreibenden Bezeichnungen, Marken, Unternehmensnamen etc. in diesem Werk bedeutet nicht, dass diese frei durch jedermann benutzt werden dürfen. Die Berechtigung zur Benutzung unterliegt, auch ohne gesonderten Hinweis hierzu, den Regeln des Markenrechts. Die Rechte des jeweiligen Zeicheninhabers sind zu beachten. Der Verlag, die Autoren
    [Show full text]
  • Types of Operating System Kernels
    TYPES OF OPERATING SYSTEM KERNELS Cristian ULMANU Universitatea Tehnică a Moldovei Abstract: A kernel is a central component of an operating system. It acts as an interface between the user applications (software) and the hardware. The sole aim of the kernel is to manage the communication between the software (user level applications) and the hardware components (CPU, disk memory, RAM, etc). Even if all the kernels have the same purpose, however they all have different architecture, each of them has its own features, advantages and disadvantages. So this article provides information about kernel functions and kernel architectures with their features, advantages and disadvantages. Keywords: kernel, Operating System, monolithic kernels, microkernels, hybrid kernels, nanokernel, exokernel. Introduction The kernel is a computer program that is the core of a computer's operating system, with complete control over everything in the system. It handles the rest of start-up as well as input/output requests from software, translating them into data-processing instructions for the central processing unit. It handles memory and peripherals like keyboards, monitors, printers, and speakers. The kernel performs its tasks, such as running processes, managing hardware devices such as the hard disk, and handling interrupts, in this protected kernel space. This separation prevents user data and kernel data from interfering with each other and causing instability and slowness, as well as preventing malfunctioning application programs from crashing the entire operating system. The kernel's interface is a low-level abstraction layer. When a process makes requests of the kernel, it is called a system call. Kernel designs differ in how they manage these system calls and resources.[1] 1.
    [Show full text]
  • Kernel Operating System
    International Journal of Advanced Technology in Engineering and Science www.ijates.com Volume No.02, Special Issue No. 01, September 2014 ISSN (online): 2348 – 7550 KERNEL OPERATING SYSTEM Manjeet Saini1, Abhishek Jain2, Ashish Chauhan3 Department Of Computer Science And Engineering, Dronacharya College Of Engineering Khentawas, Farrukh Nagar, Gurgaon, Haryana, (India) ABSTRACT The central module of an operating system (OS) is the Kernel. It is the part of the operating system that loads first, and it remains in main memory. It is necessary for the kernel to be very small while still providing all the essential services needed by other parts of the OS because it stays in the memory. To prevent kernel code from being overwritten by programs or other parts of the operating system it is loaded into a protected area of memory. The presence of an operating system kernel is not a necessity to run a computer. Directly loading and executing the programs on the "bare metal" machine is possible, provided that the program authors are willing to do without any OS support or hardware abstraction. Many video game consoles and embedded systems still constitute the “bare metal” approach. But in general, newer systems use kernels and operating systems. Keywords: Scalability, Multicore Processors, Message Passing I. INTRODUCTION In computing, the kernel is a computer program that manages input/output requests from software, and translates them into data processing instructions for the central processing unit and other electronic components of a computer. When a computer program (in this context called a process) makes requests of the kernel, the request is called a system call.
    [Show full text]
  • Eternal War in XNU Kernel Objects
    Eternal War in XNU Kernel Objects Min(Spark) Zheng, Xiaolong Bai, Hunter Alibaba Orion Security Lab whoami • SparkZheng @ Twitter,蒸米spark @ Weibo • Alibaba Security Expert • CUHK PhD, Blue-lotus and Insight-labs • Gave talks at RSA, BlackHat, DEFCON, HITB, ISC, etc • Xiaolong Bai (bxl1989 @ Twitter&Weibo) • Alibaba Security Engineer • Ph.D. graduated from Tsinghua University • Published papers on S&P, Usenix Security, CCS, NDSS Apple Devices & Jailbreaking • Jailbreaking in general means breaking the device out of its “jail”. • Apple devices (e.g., iPhone, iPad) are most famous “jail” devices among the world. • iOS, macOS, watchOS, and tvOS are operating systems developed by Apple Inc and used in Apple devices. XNU • All systems deploy a same hybrid kernel structure called XNU. • There are cases that kernel vulnerabilities have been used to escalate the privileges of attackers and get full control of the system (hence jailbreak the device). • Accordingly, Apple has deployed multiple security mechanisms that make the exploitation of the device harder. Mitigation - DEP/KASLR • Apple deployed Data Execution Prevention (DEP) and Kernel Address Space Layout Randomization (KASLR) from iOS 6 and macOS 10.8. • DEP enables the system to mark relevant pages of memory as non-executable to prevent code injection attack. To break the DEP protection, code-reuse attacks (e.g., ROP) were proposed. • To make these addresses hard to predict, KASLR memory protection randomizes the locations of various memory segments. To bypass KASLR, attackers usually need to leverage information leakage bugs. Mitigation - Freelist Randomization • In previous XNU, the freelist that contains all the freed kernel objects inside a zone uses the LIFO (last-in-first-out) policy.
    [Show full text]