DOCSLIB.ORG

Introduction to Debugging the Freebsd Kernel

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

Introduction to Debugging the FreeBSD Kernel John H. Baldwin Yahoo!, Inc. Atlanta, GA 30327 [email protected], http://people.FreeBSD.org/˜jhb Abstract used either directly by the user or indirectly via other tools such as kgdb [3]. Just like every other piece of software, the The Kernel Debugging chapter of the FreeBSD kernel has bugs. Debugging a ker- FreeBSD Developer’s Handbook [4] covers nel is a bit different from debugging a user- several details already such as entering DDB, land program as there is nothing underneath configuring a system to save kernel crash the kernel to provide debugging facilities such dumps, and invoking kgdb on a crash dump. as ptrace() or procfs. This paper will give a This paper will not cover these topics. In- brief overview of some of the tools available stead, it will demonstrate some ways to use for investigating bugs in the FreeBSD kernel. FreeBSD’s kernel debugging tools to investi- It will cover the in-kernel debugger DDB and gate bugs. the external debugger kgdb which is used to perform post-mortem analysis on kernel crash dumps. 2 Kernel Crash Messages 1 Introduction The first debugging service the FreeBSD kernel provides is the messages the kernel prints on the console when the kernel crashes. When a userland application encounters a When the kernel encounters an invalid condi- bug the operating system provides services for tion (such as an assertion failure or a memory investigating the bug. For example, a kernel protection violation) it halts execution of the may save a copy of the a process’ memory current thread and enters a “panic” state also image on disk as a core dump. An operating known as a “crash”. The kernel will always system may also provide APIs for one process print a message on the console summarizing to analyze the state of another process. Using the reason for the crash. For many crashes these services, debugging tools such as gdb [1] this summary message is all the kernel out- can be written. puts. Figure 1 contains the crash message for a simple assertion violation. In this case the Operating system kernels have bugs just message indicates that a thread attempted to like userland applications. A key difference, sleep while sleeping is prohibited. however, is that operating system kernels are not always able to rely on a separate piece of Some crashes output more detailed mes- software to provide debugging services. As a sages to the console. Crashes caused by a result, kernels generally must provide their CPU exception generally output several de- own specialized support for debugging ser- tails. For example, if a thread in the ker- vices. The FreeBSD kernel provides several nel dereferences a pointer into unmapped services such as crash messages, crash dumps, memory (such as a NULL pointer) then the the /dev/kmem device, a remote GDB inter- crash messages will include the invalid ad- face, and a self-contained in-kernel debugger dress. Figure 2 contains the crash messages called DDB [2]. These services can then be for an amd64 page fault. This particular page panic: Trying sleep, but thread marked as sleeping prohibited Figure 1: Example Assertion Failure Crash fault was the result of a NULL pointer deref- system. The listing includes a summary of erence in the net.inet.tcp.pcblist sysctl the state of each thread including any lock handler. It was caused by a race condi- the thread is blocked on or a wait channel on tion where a struct tcpcb was freed in one which the thread is sleeping. More specific thread while another thread was in the sysctl details about individual processes may be ob- handler. tained via the show proc command. This command accepts a single argument that is The first key piece of data is the fault vir- either a direct pointer to a struct proc or a tual address. It is the invalid memory ad- process ID (PID). Similarly, the show thread dress that caused the fault. In this case command provides details about an individ- the fault address is indicative of a NULL ual thread and accepts either a direct pointer pointer derefence since its value is very small. to a struct thread or a thread ID (TID). The instruction pointer indicates the pro- Figure 3 shows a truncated list of processes gram counter value where the fault occurred. and threads in various states. Figure 4 shows This can be used either with gdb(1) or more detailed information about the first pro- addr2line(1) to determine the corresponding cess in the list and one of its threads. source line. The current process lists the com- mand name and PID of the process that was A very important part of a thread’s state is executing when the fault occurred. the stack trace. A stack trace provides a bit of history of where the thread has been in the past. It can also help explain how a thread arrived at its current state. DDB provides a 3 Live Debugging with DDB trace command to obtain the stack trace of single thread. With no aguments it will pro- vide a trace of the current thread. If an argu- Another debugging tool provided by the ment is specified then it may be either a TID FreeBSD kernel is the in-kernel debugger or a PID. If the argument is a PID, then the DDB. DDB is an interactive debugger that first thread from the indicated process will be allows the user to execute specific commands used. Figure 5 shows the stack trace for the to inspect various details of the running ker- thread blocked on the def lock. The trace in- nel. It is able to resolve global symbols to ad- dicates that the thread attempted to acquire dresses and control execution via breakpoints the lock in the aptly named mtx deadlock and single stepping. It is also extensible since function. new commands may be added at compile time. Details about several of the commonly used DDB commands may be found in the 3.2 Investigating Deadlocks ddb(4) manpage [2]. Debugging deadlocks requires determining 3.1 Inspecting Processes and which resources threads are waiting on and Threads then analyzing those dependencies to find a cycle. One source of deadlocks is mis- use of locking primitives such as mutexes. One of the best ways to get an overview DDB provides several commands for analyz- of a system’s state from DDB is to examine ing locking primitives and the dependency re- the current state of individual processes and lationships between threads and locks. threads. DDB provides several commands to do this. First, the ps command will display First, DDB provides commands to directly a list of all the processes and threads in the inspect the state of locks and the queues of Fatal trap 12: page fault while in kernel mode cpuid = 0; apic id = 00 fault virtual address = 0x4 fault code = supervisor read, page not present instruction pointer = 0x8:0xffffffff80359af8 stack pointer = 0x10:0xffffffffa3cbb550 frame pointer = 0x10:0xffffffffa3cbb570 code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, long 1, def32 0, gran 1 processor eflags = interrupt enabled, resume, IOPL = 0 current process = 31466 (netstat) trap number = 12 panic: page fault Figure 2: Example amd64 Page Fault db> ps pid ppid pgrp uid state wmesg wchan cmd 954 0 0 0 LL (threaded) crash2 100144 L *abc 0xffffff0001288dc0 [crash2: 3] 100143 L *jkl 0xffffff0001288c80 [crash2: 2] 100142 L *ghi 0xffffff0001288be0 [crash2: 1] 100055 L *def 0xffffff0001288d20 [crash2: 0] 812 0 0 0 SL - 0xffffffff80673a20 [nfsiod 0] 771 769 771 26840 Ss+ ttyin 0xffffff00011b9810 tcsh 769 767 767 26840 S select 0xffffff00018ca0d0 sshd 767 705 767 0 Ss sbwait 0xffffff00016ed94c sshd ... 10 0 0 0 RL (threaded) idle 100005 Run CPU 0 [idle: cpu0] 100004 Run CPU 1 [idle: cpu1] 100003 Run CPU 2 [idle: cpu2] 100002 Run CPU 3 [idle: cpu3] Figure 3: Example DDB ps Output db> show proc 954 Process 954 (crash2) at 0xffffff0001354000: state: NORMAL uid: 0 gids: 0 parent: pid 0 at 0xffffffff806538e0 ABI: null threads: 4 100144 L *abc 0xffffff0001288dc0 [crash2: 3] 100143 L *jkl 0xffffff0001288c80 [crash2: 2] 100142 L *ghi 0xffffff0001288be0 [crash2: 1] 100055 L *def 0xffffff0001288d20 [crash2: 0] db> show thread 100055 Thread 100055 at 0xffffff00013869c0: proc (pid 954): 0xffffff0001354000 name: crash2: 0 stack: 0xffffffffae213000-0xffffffffae216fff flags: 0x4 pflags: 0x200000 state: INHIBITED: {LOCK} lock: def turnstile: 0xffffff0001288d20 priority: 224 Figure 4: Inspecting a Process and Thread in DDB db> tr 100055 Tracing pid 954 tid 100055 td 0xffffff00013869c0 sched_switch() at sched_switch+0x15d mi_switch() at mi_switch+0x215 turnstile_wait() at turnstile_wait+0x24c _mtx_lock_sleep() at _mtx_lock_sleep+0xe0 _mtx_lock_flags() at _mtx_lock_flags+0x7a mtx_deadlock() at mtx_deadlock+0xb4 crash_thread() at crash_thread+0x138 fork_exit() at fork_exit+0x12a fork_trampoline() at fork_trampoline+0xe --- trap 0, rip = 0, rsp = 0xffffffffae23ed30, rbp = 0 --- Figure 5: Example DDB Stack Trace threads waiting for locks. The show lock for four threads locked in a cycle of lockmgr command takes the address of a lock (either a and sx locks. mutex [5], read-mostly lock [6], reader/writer lock [7], shared/exclusive (sx) lock [8], or lockmgr lock [9]) as its argument and displays 3.3 Adding New DDB Commands details about the lock including the current owner, if any. The show turnstile com- mand takes the address of a mutex, read- DDB commands are implemented by func- mostly lock or reader/writer wlock as its ar- tions in the kernel. Thus, new commands can gument. If there is a turnstile associated be added simply by writing new functions. with the lock, then it will display the lists Currently new commands cannot be added of threads waiting on the specified lock.
Recommended publications
  • Process and Memory Management Commands

    Process and Memory Management Commands

    Process and Memory Management Commands This chapter describes the Cisco IOS XR software commands used to manage processes and memory. For more information about using the process and memory management commands to perform troubleshooting tasks, see Cisco ASR 9000 Series Aggregation Services Router Getting Started Guide. • clear context, on page 2 • dumpcore, on page 3 • exception coresize, on page 6 • exception filepath, on page 8 • exception pakmem, on page 12 • exception sparse, on page 14 • exception sprsize, on page 16 • follow, on page 18 • monitor threads, on page 25 • process, on page 29 • process core, on page 32 • process mandatory, on page 34 • show context, on page 36 • show dll, on page 39 • show exception, on page 42 • show memory, on page 44 • show memory compare, on page 47 • show memory heap, on page 50 • show processes, on page 54 Process and Memory Management Commands 1 Process and Memory Management Commands clear context clear context To clear core dump context information, use the clear context command in the appropriate mode. clear context location {node-id | all} Syntax Description location{node-id | all} (Optional) Clears core dump context information for a specified node. The node-id argument is expressed in the rack/slot/module notation. Use the all keyword to indicate all nodes. Command Default No default behavior or values Command Modes Administration EXEC EXEC mode Command History Release Modification Release 3.7.2 This command was introduced. Release 3.9.0 No modification. Usage Guidelines To use this command, you must be in a user group associated with a task group that includes appropriate task IDs.
  • BSD UNIX Toolbox: 1000+ Commands for Freebsd, Openbsd and Netbsd Christopher Negus, Francois Caen

    BSD UNIX Toolbox: 1000+ Commands for Freebsd, Openbsd and Netbsd Christopher Negus, Francois Caen

    To purchase this product, please visit https://www.wiley.com/en-bo/9780470387252 BSD UNIX Toolbox: 1000+ Commands for FreeBSD, OpenBSD and NetBSD Christopher Negus, Francois Caen E-Book 978-0-470-38725-2 April 2008 $16.99 DESCRIPTION Learn how to use BSD UNIX systems from the command line with BSD UNIX Toolbox: 1000+ Commands for FreeBSD, OpenBSD and NetBSD. Learn to use BSD operation systems the way the experts do, by trying more than 1,000 commands to find and obtain software, monitor system health and security, and access network resources. Apply your newly developed skills to use and administer servers and desktops running FreeBSD, OpenBSD, NetBSD, or any other BSD variety. Become more proficient at creating file systems, troubleshooting networks, and locking down security. ABOUT THE AUTHOR Christopher Negus served for eight years on development teams for the UNIX operating system at the AT&T labs, where UNIX was created and developed. He also worked with Novell on UNIX and UnixWare development. Chris is the author of the bestselling Fedora and Red Hat Linux Bible series, Linux Toys II, Linux Troubleshooting Bible, and Linux Bible 2008 Edition. Francois Caen hosts and manages business application infrastructures through his company Turbosphere LLC. As an open- source advocate, he has lectured on OSS network management and Internet services, and served as president of the Tacoma Linux User Group. He is a Red Hat Certified Engineer (RHCE). To purchase this product, please visit https://www.wiley.com/en-bo/9780470387252.
  • Post Mortem Crash Analysis

    Post Mortem Crash Analysis

    Post Mortem Crash Analysis Johan Heander & Magnus Malmborn January 14, 2007 Abstract To improve the quality and reliability of embedded systems it is important to gather information about errors in units already sold and deployed. To achieve this, a system for transmitting error information from the customer back to the developers is needed, and the developers must also have a set of tools to analyze the error reports. The purpose of this master thesis was to develop a fully functioning demon- stration system for collection, transmission and interpretation of error reports from Axis network cameras using the Linux operating system. The system has been shown to handle both kernel and application errors and conducts automatic analysis of received data. It also uses standard HTTP protocol for all network transfers making it easy to use even on firewalled net- works. i ii Acknowledgement We would like to thank our LTH supervisor Jonas Skeppstedt for all he has taught us about computer science in general and operating systems and the C programming language in particular. We would also like to thank Mikael Starvik at Axis Communications for quickly providing us with all hardware and information we needed to complete this thesis, and for providing us with support during our implementation and writing. Finally we thank all the developers working at Axis Communications, many of whom have provided input and reflections on our work. iii iv Contents 1 Introduction 1 1.1 Problem description . 1 1.2 Problem analysis . 1 2 Background 3 2.1 Kernel crashes . 3 2.2 User space crashes .
  • The Dragonflybsd Operating System

    The Dragonflybsd Operating System

    1 The DragonFlyBSD Operating System Jeffrey M. Hsu, Member, FreeBSD and DragonFlyBSD directories with slightly over 8 million lines of code, 2 million Abstract— The DragonFlyBSD operating system is a fork of of which are in the kernel. the highly successful FreeBSD operating system. Its goals are to The project has a number of resources available to the maintain the high quality and performance of the FreeBSD 4 public, including an on-line CVS repository with mirror sites, branch, while exploiting new concepts to further improve accessible through the web as well as the cvsup service, performance and stability. In this paper, we discuss the motivation for a new BSD operating system, new concepts being mailing list forums, and a bug submission system. explored in the BSD context, the software infrastructure put in place to explore these concepts, and their application to the III. MOTIVATION network subsystem in particular. A. Technical Goals Index Terms— Message passing, Multiprocessing, Network The DragonFlyBSD operating system has several long- operating systems, Protocols, System software. range technical goals that it hopes to accomplish within the next few years. The first goal is to add lightweight threads to the BSD kernel. These threads are lightweight in the sense I. INTRODUCTION that, while user processes have an associated thread and a HE DragonFlyBSD operating system is a fork of the process context, kernel processes are pure threads with no T highly successful FreeBSD operating system. Its goals are process context. The threading model makes several to maintain the high quality and performance of the FreeBSD guarantees with respect to scheduling to ensure high 4 branch, while exploring new concepts to further improve performance and simplify reasoning about concurrency.
  • BSD UNIX Toolbox 1000+ Commands for Freebsd, Openbsd

    BSD UNIX Toolbox 1000+ Commands for Freebsd, Openbsd

    76034ffirs.qxd:Toolbox 4/2/08 12:50 PM Page iii BSD UNIX® TOOLBOX 1000+ Commands for FreeBSD®, OpenBSD, and NetBSD®Power Users Christopher Negus François Caen 76034ffirs.qxd:Toolbox 4/2/08 12:50 PM Page ii 76034ffirs.qxd:Toolbox 4/2/08 12:50 PM Page i BSD UNIX® TOOLBOX 76034ffirs.qxd:Toolbox 4/2/08 12:50 PM Page ii 76034ffirs.qxd:Toolbox 4/2/08 12:50 PM Page iii BSD UNIX® TOOLBOX 1000+ Commands for FreeBSD®, OpenBSD, and NetBSD®Power Users Christopher Negus François Caen 76034ffirs.qxd:Toolbox 4/2/08 12:50 PM Page iv BSD UNIX® Toolbox: 1000+ Commands for FreeBSD®, OpenBSD, and NetBSD® Power Users Published by Wiley Publishing, Inc. 10475 Crosspoint Boulevard Indianapolis, IN 46256 www.wiley.com Copyright © 2008 by Wiley Publishing, Inc., Indianapolis, Indiana Published simultaneously in Canada ISBN: 978-0-470-37603-4 Manufactured in the United States of America 10 9 8 7 6 5 4 3 2 1 Library of Congress Cataloging-in-Publication Data is available from the publisher. No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to the Publisher for permis- sion should be addressed to the Legal Department, Wiley Publishing, Inc., 10475 Crosspoint Blvd., Indianapolis, IN 46256, (317) 572-3447, fax (317) 572-4355, or online at http://www.wiley.com/go/permissions.
  • Linux Core Dumps

    Linux Core Dumps

    Linux Core Dumps Kevin Grigorenko [email protected] Many Interactions with Core Dumps systemd-coredump abrtd Process Crashes Ack! 4GB File! Most Interactions with Core Dumps Poof! Process Crashes systemd-coredump Nobody abrtd Looks core kdump not Poof! Kernel configured Crashes So what? ● Crashes are problems! – May be symptoms of security vulnerabilities – May be application bugs ● Data corruption ● Memory leaks – A hard crash kills outstanding work – Without automatic process restarts, crashes lead to service unavailability ● With restarts, a hacker may continue trying. ● We shouldn't be scared of core dumps. – When a dog poops inside the house, we don't just `rm -f $poo` or let it pile up, we try to figure out why or how to avoid it again. What is a core dump? ● It's just a file that contains virtual memory contents, register values, and other meta-data. – User land core dump: Represents state of a particular process (e.g. from crash) – Kernel core dump: Represents state of the kernel (e.g. from panic) and process data ● ELF-formatted file (like a program) User Land User Land Crash core Process 1 Process N Kernel Panic vmcore What is Virtual Memory? ● Virtual Memory is an abstraction over physical memory (RAM/swap) – Simplifies programming – User land: process isolation – Kernel/processor translate virtual address references to physical memory locations 64-bit Process Virtual 8GB RAM Address Space (16EB) (Example) 0 0 16 8 EB GB How much virtual memory is used? ● Use `ps` or similar tools to query user process virtual memory usage (in KB): – $ ps -o pid,vsz,rss -p 14062 PID VSZ RSS 14062 44648 42508 Process 1 Virtual 8GB RAM Memory Usage (VSZ) (Example) 0 0 Resident Page 1 Resident Page 2 16 8 EB GB Process 2 How much virtual memory is used? ● Virtual memory is broken up into virtual memory areas (VMAs), the sum of which equal VSZ and may be printed with: – $ cat /proc/${PID}/smaps 00400000-0040b000 r-xp 00000000 fd:02 22151273 /bin/cat Size: 44 kB Rss: 20 kB Pss: 12 kB..
  • Interesting Things You Didn't Know You Could Do With

    Interesting Things You Didn't Know You Could Do With

    Interesting Things You Didn’t Know You Could Do With ZFS Allan Jude -- ScaleEngine Inc. [email protected] twitter: @allanjude Introduction Allan Jude ● 13 Years as FreeBSD Server Admin ● FreeBSD src/doc committer (focus: ZFS, bhyve, ucl, xo) ● Co-Author of “FreeBSD Mastery: ZFS” and upcoming “FreeBSD Mastery: Advanced ZFS” with M. W. Lucas ● Architect of the ScaleEngine CDN (HTTP and Video) ● Host of BSDNow.tv & TechSNAP.tv Podcasts ● Use ZFS for large collections of videos, extremely large website caches, mirrors of PC-BSD pkgs and RaspBSD ● Single Handedly Manage Over 1000TB of ZFS Storage The Power of ZFS ● Integrated Redundancy (Mirroring, RAID-Z) ● Data Integrity Checking (Checksums, Scrub) ● Pooled Storage (Hot Add Disks) ● Multi-Level Cache (ARC, L2ARC, SLOG) ● Copy-on-Write (no fsck) ● Snapshots and Clones ● Quotas and Reservations ● Transparent Compression (LZ4, GZIP1-9) ● Incremental Replication (zfs send/recv) ● Datasets with Individual Inherited Properties ● Custom Properties ● Fine Grained Delegation Applying That Power ZFS has many features, but how can I use them to solve my problems? ZFS has a very well designed command line user interface, making it very easy for a sysadmin to perform common tasks (add more storage, create new datasets, change settings and properties), accomplish things that were not possible before, as well as extract a great deal more information from the storage system. ZFS Was Meant To Be Scripted # zfs list -Hp -r -o name,refer,logicalreferenced sestore5/mysql02 22001288628 24331078144 sestore5/omicron
  • The Complete Freebsd

    The Complete Freebsd

    The Complete FreeBSD® If you find errors in this book, please report them to Greg Lehey <grog@Free- BSD.org> for inclusion in the errata list. The Complete FreeBSD® Fourth Edition Tenth anniversary version, 24 February 2006 Greg Lehey The Complete FreeBSD® by Greg Lehey <[email protected]> Copyright © 1996, 1997, 1999, 2002, 2003, 2006 by Greg Lehey. This book is licensed under the Creative Commons “Attribution-NonCommercial-ShareAlike 2.5” license. The full text is located at http://creativecommons.org/licenses/by-nc-sa/2.5/legalcode. You are free: • to copy, distribute, display, and perform the work • to make derivative works under the following conditions: • Attribution. You must attribute the work in the manner specified by the author or licensor. • Noncommercial. You may not use this work for commercial purposes. This clause is modified from the original by the provision: You may use this book for commercial purposes if you pay me the sum of USD 20 per copy printed (whether sold or not). You must also agree to allow inspection of printing records and other material necessary to confirm the royalty sums. The purpose of this clause is to make it attractive to negotiate sensible royalties before printing. • Share Alike. If you alter, transform, or build upon this work, you may distribute the resulting work only under a license identical to this one. • For any reuse or distribution, you must make clear to others the license terms of this work. • Any of these conditions can be waived if you get permission from the copyright holder. Your fair use and other rights are in no way affected by the above.
  • Exniffer: Learning to Rank Crashes by Assessing the Exploitability from Memory Dump

    Exniffer: Learning to Rank Crashes by Assessing the Exploitability from Memory Dump

    Exniffer: Learning to Rank Crashes by Assessing the Exploitability from Memory Dump Thesis submitted in partial fulfillment of the requirements for the degree of MS in Computer Science & Engineering by Research by Shubham Tripathi 201407646 [email protected] International Institute of Information Technology Hyderabad - 500 032, INDIA March 2018 Copyright c Shubham Tripathi, March 2018 All Rights Reserved International Institute of Information Technology Hyderabad, India CERTIFICATE It is certified that the work contained in this thesis, titled “Exniffer: Learning to Rank Crashes by Assessing the Exploitability from Memory Dump” by Shubham Tripathi, has been carried out under my supervision and is not submitted elsewhere for a degree. Date Adviser: Prof. Sanjay Rawat “Contemplate and reflect upon knowledge, and you will become a benefactor to others.” To my parents Acknowledgments I would like to express my gratitude to my adviser, Dr. Sanjay Rawat. Sanjay sir helped me staying focused on problems and provided new directions to approach them. Working with him, I have devel- oped my problem solving skills, learnt about research, about life in general. I would be thankful to him for all my life, for providing me the guidance on various matters, always motivating and boosting me with confidence, which really helped me in shaping my life. I must also thank all my lab-mates who are working or have worked earlier in CSTAR - Vijayendra, Spandan, Satwik, Charu, Teja, Ishan and Lokesh. I really enjoyed working with them in the lab. I would like to thank all my friends in IIIT, for making my stay in the campus a memorable one.
  • Chapter 2: Operating-System Structures

    Chapter 2: Operating-System Structures

    Chapter 2: Operating-System Structures Operating System Concepts – 10th Edition Silberschatz, Galvin and Gagne ©2018 Chapter 2: Operating-System Structures Operating System Services User and Operating System-Interface System Calls System Services Linkers and Loaders Why Applications are Operating System Specific Operating-System Design and Implementation Operating System Structure Building and Booting an Operating System Operating System Debugging Operating System Concepts – 10th Edition 2.2 Silberschatz, Galvin and Gagne ©2018 Objectives Identify services provided by an operating system Illustrate how system calls are used to provide operating system services Compare and contrast monolithic, layered, microkernel, modular, and hybrid strategies for designing operating systems Illustrate the process for booting an operating system Apply tools for monitoring operating system performance Design and implement kernel modules for interacting with a Linux kernel Operating System Concepts – 10th Edition 2.3 Silberschatz, Galvin and Gagne ©2018 Operating System Services Operating systems provide an environment for execution of programs and services to programs and users One set of operating-system services provides functions that are helpful to the user: User interface - Almost all operating systems have a user interface (UI). Varies between Command-Line (CLI), Graphics User Interface (GUI), touch-screen, Batch Program execution - The system must be able to load a program into memory and to run that program, end execution, either normally or abnormally (indicating error) I/O operations - A running program may require I/O, which may involve a file or an I/O device Operating System Concepts – 10th Edition 2.4 Silberschatz, Galvin and Gagne ©2018 Operating System Services (Cont.) One set of operating-system services provides functions that are helpful to the user (Cont.): File-system manipulation - The file system is of particular interest.
  • Practical and Effective Sandboxing for Non-Root Users

    Practical and Effective Sandboxing for Non-Root Users

    Practical and effective sandboxing for non-root users Taesoo Kim and Nickolai Zeldovich MIT CSAIL Abstract special tools. More importantly, all use cases neither re- quire root privilege nor require modification to the OS MBOX is a lightweight sandboxing mechanism for non- kernel and applications. root users in commodity OSes. MBOX’s sandbox usage model executes a program in the sandbox and prevents Overview MBOX aims to make running a program in a the program from modifying the host filesystem by layer- sandbox as easy as running the program itself. For exam- ing the sandbox filesystem on top of the host filesystem. ple, one can sandbox a program (say wget) by running as At the end of program execution, the user can examine below: changes in the sandbox filesystem and selectively com- mit them back to the host filesystem. MBOX implements $ mbox -- wget google.com ... this by interposing on system calls and provides a variety Network Summary: of useful applications: installing system packages as a > [11279] -> 173.194.43.51:80 > [11279] Create socket(PF_INET,...) non-root user, running unknown binaries safely without > [11279] -> a00::2607:f8b0:4006:803:0 network accesses, checkpointing the host filesystem in- ... Sandbox Root: stantly, and setting up a virtual development environment > /tmp/sandbox-11275 without special tools. Our performance evaluation shows > N:/tmp/index.html [c]ommit, [i]gnore, [d]iff, [l]ist, [s]hell, [q]uit ?> that MBOX imposes CPU overheads of 0.1–45.2% for var- ious workloads. In this paper, we present MBOX’s design, wget is a utility to download files from the web.
  • Freebsd Smpng: Behind the Scenes

    Freebsd Smpng: Behind the Scenes

    FreeBSD SMPng: Behind the scenes GregLehey [email protected] [email protected] Sydney, 27September 2001 FreeBSD SMPng behind the scenes 1GregLehey, 27September 2001 Topics • Howwegot into this mess. FreeBSD SMPng behind the scenes 2GregLehey, 27September 2001 Topics • Howwegot into this mess. • Whythe UNIX kernel is not suited to multiple processors. FreeBSD SMPng behind the scenes 3GregLehey, 27September 2001 Topics • Howwegot into this mess. • Whythe UNIX kernel is not suited to multiple processors. • Solving the problem. FreeBSD SMPng behind the scenes 4GregLehey, 27September 2001 Topics • Howwegot into this mess. • Whythe UNIX kernel is not suited to multiple processors. • Solving the problem. • Team dynamics. FreeBSD SMPng behind the scenes 5GregLehey, 27September 2001 Topics • Howwegot into this mess. • Whythe UNIX kernel is not suited to multiple processors. • Solving the problem. • Team dynamics. • Current state of play. FreeBSD SMPng behind the scenes 6GregLehey, 27September 2001 Topics • Howwegot into this mess. • Whythe UNIX kernel is not suited to multiple processors. • Solving the problem. • Team dynamics. • Current state of play. • Looking forward. FreeBSD SMPng behind the scenes 7•GregLehey, 27September 2001 The Mindcraft benchmarks • Common knowledge: UNIX is faster than Microsoft. FreeBSD SMPng behind the scenes 8GregLehey, 27September 2001 The Mindcraft benchmarks • Common knowledge: UNIX is faster than Microsoft. • In 1999, Mindcraft published benchmarks showing NT much faster than Linux. FreeBSD SMPng behind the scenes 9GregLehey, 27September 2001 The Mindcraft benchmarks • Common knowledge: UNIX is faster than Microsoft. • In 1999, Mindcraft published benchmarks showing NT much faster than Linux. • Linux people first claimed the results were wrong. FreeBSD SMPng behind the scenes 10 GregLehey, 27September 2001 The Mindcraft benchmarks • Common knowledge: UNIX is faster than Microsoft.