Security-Enhanced Darwin: Porting Selinux to Mac OS X Christopher Vance Todd C

Total Page:16

File Type:pdf, Size:1020Kb

Security-Enhanced Darwin: Porting Selinux to Mac OS X Christopher Vance Todd C Security-Enhanced Darwin: Porting SELinux to Mac OS X Christopher Vance Todd C. Miller Robert Dekelbaum Andrew Reisse SPARTA, Inc. SPARTA, Inc. SPARTA, Inc. SPARTA, Inc. Abstract hide some of the system complexity, Apple has added a layer of simpler security APIs to manage Keychain Security-Enhanced Darwin (SEDarwin) is a port of Services, secure network communication, provide access control elements derived from the National Se- certificate and trust services, and manage Authorization curity Agency’s Security Enhanced Linux (SELinux) Services. Integral to this model, the Authorization to Darwin, the Open Source core of Apple’s Mac OS Services APIs communicate with a user space Security X operating system. Mac OS X combines both Open Server to determine whether operations and accesses Source and proprietary technologies into a widely-used, are permitted. production-quality UNIX-based workstation. Because Darwin is available under an Open Source license, it One of the shortcomings of Apple’s security architec- is possible to add mandatory access controls while still ture is the lack of consistent, centralized access control. maintaining compatibility with the large base of user While there are discretionary access control (DAC) space applications, proprietary graphical components, checks for BSD components, Mach port rights for the and programming frameworks. While it was straight- Mach subsystem, ACLs and Kauth controls for file forward to port many of the SELinux components, Dar- access, and Security Services for user space services, win’s unique architecture meant significant new engi- there is no overarching design or single configuration neering was necessary in order to provide SELinux-style point. Each component is configured and operates access controls consistently across the entire system. separately. The TrustedBSD Mandatory Access Control This paper describes the component technologies in Dar- (MAC) Framework was added to Darwin to address win, the areas of significant new development, and pro- this by adding access controls consistently throughout vides comparisons to SELinux. the kernel and by providing APIs for user space pol- 1 Introduction icy decisions. This Framework makes it possible to implement a single access control policy that provides Apple’s Mac OS X provides a number of security protection for login sessions, processes, files, pipes, mechanisms, comprising both user space and kernel network communication, System V and POSIX IPC, components[1]. The operating system kernel includes and Mach IPC. support for: • UNIX-style discretionary access control checks: With the addition of the TrustedBSD MAC Frame- based on user and group identifiers. work, a full suite of kernel security mechanisms • Mach port rights: besides controlling interprocess becomes available. Since the MAC Framework was communication (IPC) channels, Mach port rights designed to be orthogonal to existing security mecha- can protect tasks, threads, memory ranges, proces- nisms, it does not replace any vendor access controls or sors, and other devices. grant privilege beyond what the base system permits. By • Audit support: generated audit logs use Sun’s Basic design, the MAC Framework can only further restrict Security Module (BSM) token stream format. system access. The MAC Framework is similar in • BSD-style process accounting: records system ac- concept and construction to the Linux Security Modules counting information for all processes. (LSM) Framework. Each extends the base operating • Encrypted virtual memory: AES algorithm used to system security architecture by allowing pluggable encrypt virtual memory pages when stored on disk. security modules to further constrain applications. • Access Control Lists (ACLs): per-file fine-grained permission model implemented using extended at- With the addition of the MAC Framework, SELinux tributes. technologies can be incorporated to achieve consistent • Kauth: Apple’s own in-kernel flexible, extensible access control coverage. Apple’s Mac OS X operating security architecture for securing file access. system uses a unique blending of component technolo- In addition to the kernel security components, Mac gies that substantially distinguishes it from FreeBSD, OS X provides a flexible user space security model. To Linux, Solaris, and other UNIX-like operating systems. Draft: 2007/01/22 11:35 Page: 1 This architecture led to many challenges when porting Application Environments User the SELinux technologies. Environment Common Services This paper will discuss Apple’s architecture, the ap- plication of the TrustedBSD MAC Framework to this Darwin XNU Kernel BSD Subsystem Mach Subsystem Kernel architecture, the significant technical development that Environment File Systems Virtual Memory was necessary to secure the Mach IPC and IOKit sub- Networking Tasks/Threads Posix IPC Scheduling Processes Mach IPC systems of Apple’s operating system, and the adaptation Unix DAC/ACLs of the SELinux components for use on the Apple system. Firmware Open Firmware & BootX or EFI 2 Background Hardware PowerPC or x86 2.1 Mac OS X Figure 1: Apple’s OS X Architecture Apple’s Mac OS X is a commercially available operat- ing system providing a graphical user interface on top of 2.2 DTOS a UNIX core. Darwin, the Open Source core of Mac OS The Distributed Trusted Operating System (DTOS) X, is composed of a variety of technologies, including project was an enhanced version of the Mach 3.0 facilities derived from the Mach 3.0 microkernel[2], microkernel that included a Mach security server to operating system services based on FreeBSD 5, high secure process management, file objects, the network performance networking facilities, and multiple inte- stack and Mach IPC. The project was a joint effort grated file systems. Like most UNIX systems, the by the National Security Agency (NSA) and Secure Darwin kernel is engineered for stability, reliability, Computing Corporation. This work developed a pro- and performance[3, 4]. Layered on top of the UNIX totype secure Mach microkernel that provided strong, core are a collection of graphics routines, a windowing flexible security controls with good performance and system, a user interface, and an application object application compatibility[5, 6]. The DTOS microkernel model, as shown in Figure 1. Together, these are the made enhancements to the Mach 3.0 design, the same components that help make Mac OS X a commercially version of Mach upon which Darwin is based. DTOS viable desktop system. used the Lites[7] Mach server as its BSD subsystem. Unlike the BSD kernel code in Darwin, Lites runs as a Apple makes the Darwin source code available under user-level single server; it is not kernel-resident as it is the Apple Public Source License, permitting third party in Darwin. inspection, modification, and extension of the operating system. This makes Darwin an attractive platform The DTOS security server utilized a Type for operating system research, since researchers have Enforcement[8] policy that was a precursor to the the complete source code without the burden of non- Type Enforcement used by FLASK (described be- disclosure restrictions. Through careful modification low). While the DTOS code was not directly used in of the Darwin core, operating system behavior can be SEDarwin, it was examined to help understand the changed while still allowing the higher level application complexities of introducing security into a Mach-based interfaces (Aqua, Quartz, Carbon, etc.) to function, operating system. The goals of SEDarwin and DTOS thereby preserving the user experience. It was especially are quite similar: develop a prototype that can be used to important to maintain compatibility with commercially demonstrate that strong, useful security features can be developed and supported applications such as Microsoft introduced into an operating system without sacrificing Office, Adobe Digital Imaging Software, professional- desirable features such as performance or utility. grade audio and video processing software, and licensed (DRM-enabled) multimedia playback that help 2.3 FLASK and SELinux distinguish Mac OS X from other UNIX-based systems. The Flux Advanced Security Kernel (FLASK) is an operating system security architecture that provides a Darwin’s kernel uses a Mach 3.0-derived core to man- flexible and fine-grained MAC architecture[9] using age processor resources (CPU and memory), handle a generalized form of Type Enforcement. It was scheduling, enforce memory protection, and implement developed as a security-enhanced version of the Fluke interprocess communication. Mach provides most of the microkernel-based operating system[10]. core OS services, including memory protection, preemp- tive multitasking, and advanced virtual memory. NSA’s Security-Enhanced Linux[11] (SELinux) is a Draft: 2007/01/22 11:35 Page: 2 version of the Linux kernel that includes a version of per-object allocated memory, or reference-counted the FLASK security server. Policy enforcement logic is structures. implemented using the interfaces provided by the LSM framework[11]. A wide range of security models can Security labels follow the existing allocation and be implemented as security servers without requiring usage cycles that the kernel uses to manage objects. changes to any other component of the system. The For most kernel objects, this life cycle consists of FLASK architectural abstractions of the security server allocation, initialization, use, and deallocation. While and access control vector cache are preserved in the the
Recommended publications
  • Beyond BIOS Developing with the Unified Extensible Firmware Interface
    Digital Edition Digital Editions of selected Intel Press books are in addition to and complement the printed books. Click the icon to access information on other essential books for Developers and IT Professionals Visit our website at www.intel.com/intelpress Beyond BIOS Developing with the Unified Extensible Firmware Interface Second Edition Vincent Zimmer Michael Rothman Suresh Marisetty Copyright © 2010 Intel Corporation. All rights reserved. ISBN 13 978-1-934053-29-4 This publication is designed to provide accurate and authoritative information in regard to the subject matter covered. It is sold with the understanding that the publisher is not engaged in professional services. If professional advice or other expert assistance is required, the services of a competent professional person should be sought. Intel Corporation may have patents or pending patent applications, trademarks, copyrights, or other intellectual property rights that relate to the presented subject matter. The furnishing of documents and other materials and information does not provide any license, express or implied, by estoppel or otherwise, to any such patents, trademarks, copyrights, or other intellectual property rights. Intel may make changes to specifications, product descriptions, and plans at any time, without notice. Fictitious names of companies, products, people, characters, and/or data mentioned herein are not intended to represent any real individual, company, product, or event. Intel products are not intended for use in medical, life saving, life sustaining, critical control or safety systems, or in nuclear facility applications. Intel, the Intel logo, Celeron, Intel Centrino, Intel NetBurst, Intel Xeon, Itanium, Pentium, MMX, and VTune are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries.
    [Show full text]
  • (12) Patent Application Publication (10) Pub
    US 20140.095539A1 (19) United States (12) Patent Application Publication (10) Pub. No.: US 2014/0095539 A1 Smit et al. (43) Pub. Date: Apr. 3, 2014 (54) SYSTEMAND METHOD FOR tinuation of application No. 09/933,493, filed on Aug. ASYNCHRONOUS CLIENT SERVER SESSION 20, 2001, now Pat. No. 8,112,529. COMMUNICATION Publication Classification (71) Applicant: MasterObjects, Inc., Zeist (NL) (51) Int. Cl. (72) Inventors: Mark Hans Smit, Maarssen (NL); G06F 7/30 (2006.01) Stefan M. van den Oord, Best (NL) (52) U.S. Cl. CPC ................................ G06F 17/30696 (2013.01) (73) Assignee: MasterObjects, Inc., Zeist (NL) USPC .......................................................... 707/772 (57) ABSTRACT (21) Appl. No.: 14/027,645 The invention provides a session-based bi-directional multi tier client-server asynchronous information database search (22) Filed: Sep. 16, 2013 and retrieval system for sending a character-by-character string of data to an intelligent server that can be configured to Related U.S. Application Data immediately analyze the lengthening string character-by (63) Continuation of application No. 13/366,905, filed on character and return to the client increasingly appropriate Feb. 6, 2012, now Pat. No. 8,539,024, which is a con database information as the client sends the string. Arif ... is A i is Kerstriler listick: ersistent {}:s: Sters is: ritesic sig: liais: lagi Sistisic's Sife fertiei stees Mediate C3:::::::::::::::: issisi Eisik Patent Application Publication Apr. 3, 2014 Sheet 1 of 17 US 2014/0095539 A1 Questobjects {ssrt Ouest(bjecis Server its - {tiestfijects Series: FIG. Patent Application Publication Apr. 3, 2014 Sheet 2 of 17 US 2014/0095539 A1 iii.;; 'ersistent Q38: Store Freferencelas:g&f Sissistic'st Sisyre Sviciikai: -- - .
    [Show full text]
  • Role Based Access Control on MLS Systems Without Kernel Changes
    Role Based Access Control on For example, roles in a bank may include the role of teller or accountant. Each of these roles has a set of MLS Systems without Kernel privileges or transactions that they can p erform, includ- Changes ing some privileges that are available to b oth roles. Roles can b e hierarchical. For example, some roles in a hospital D. Richard Kuhn may b e health care provider, nurse, and do ctor. The do c- National Institute of Standards and Technology tor role may include all privileges available to the nurse Gaithersburg, Maryland 20899 role, which in turn includes all the privileges available to the health care provider role. Roles have b een used in a variety of forms for com- Abstract puter system security for at least 20 years, and several prop osals for incorp orating roles into existing access con- Role based access control (RBAC) is attracting increas- trol mechanisms have b een published [2], [3], [4]. More ing attention as a security mechanism for b oth commer- recently, formal defnitions for general-purp ose RBAC no- cial and many military systems. This pap er shows how tions have b een prop osed [5], [6], [7]. RBAC can b e implemented using the mechanisms avail- This pap er shows how RBAC can b e implemented able on traditional multi-level security systems that im- using the controls available on traditional lattice-based plement information fow p olicies. The construction from multi-level secure systems. This approach presents a MLS to RBAC systems is signifcant b ecause it shows that number of advantages: the enormous investment in MLS systems can b e lever- aged to pro duce RBAC systems.
    [Show full text]
  • Mac OS X Server Administrator's Guide
    034-9285.S4AdminPDF 6/27/02 2:07 PM Page 1 Mac OS X Server Administrator’s Guide K Apple Computer, Inc. © 2002 Apple Computer, Inc. All rights reserved. Under the copyright laws, this publication may not be copied, in whole or in part, without the written consent of Apple. The Apple logo is a trademark of Apple Computer, Inc., registered in the U.S. and other countries. Use of the “keyboard” Apple logo (Option-Shift-K) for commercial purposes without the prior written consent of Apple may constitute trademark infringement and unfair competition in violation of federal and state laws. Apple, the Apple logo, AppleScript, AppleShare, AppleTalk, ColorSync, FireWire, Keychain, Mac, Macintosh, Power Macintosh, QuickTime, Sherlock, and WebObjects are trademarks of Apple Computer, Inc., registered in the U.S. and other countries. AirPort, Extensions Manager, Finder, iMac, and Power Mac are trademarks of Apple Computer, Inc. Adobe and PostScript are trademarks of Adobe Systems Incorporated. Java and all Java-based trademarks and logos are trademarks or registered trademarks of Sun Microsystems, Inc. in the U.S. and other countries. Netscape Navigator is a trademark of Netscape Communications Corporation. RealAudio is a trademark of Progressive Networks, Inc. © 1995–2001 The Apache Group. All rights reserved. UNIX is a registered trademark in the United States and other countries, licensed exclusively through X/Open Company, Ltd. 062-9285/7-26-02 LL9285.Book Page 3 Tuesday, June 25, 2002 3:59 PM Contents Preface How to Use This Guide 39 What’s Included
    [Show full text]
  • Avionics Systems Development for Small Unmanned Aircraft Vladislav Gavrilets
    Avionics Systems Development for Small Unmanned Aircraft by Vladislav Gavrilets Submitted to the Department of Aeronautics and Astronautics in partial fulfillment of the requirements for the degree of Master of Science in Aeronautics and Astronautics at the R ,SSACHUSETTS INSTITUTE OF TECHNOLOGY June 1998 @ Massachusetts Institute of Technology 1998. All rights reserved. A uthor ................... .......... ............ Department of Aeronautics and Astronautics May 22, 1998 Certified by ......................... ... \ John J. Deyst Professor of Aeronautics and Astronautics Thesis Supervisor Accepted by ...................... S1 Jaime Peraire Chairman, Department Committee on Graduate Students JUL Os)81"8 LIBRARIES Avionics Systems Development for Small Unmanned Aircraft by Vladislav Gavrilets Submitted to the Department of Aeronautics and Astronautics on May 22, 1998, in partial fulfillment of the requirements for the degree of Master of Science in Aeronautics and Astronautics Abstract The avionics systems for two small unmanned aerial vehicles (UAVs) are considered from the point of view of hardware selection, navigation and control algorithm design, and software development. Some common challenges for many small UAV systems are addressed, including gust disturbance rejection at low speeds, control power, and systems integration. A rapid prototyping simulation framework which grew out of these efforts is described. A number of navigation, attitude determination and control algorithms are suggested for use in specific applications. Thesis Supervisor: John J. Deyst Title: Professor of Aeronautics and Astronautics Acknowledgments The work described in this thesis was a result of team effort. Here I would like to thank people who contributed to both projects described in the thesis, and otherwise provided support during my two years at MIT. I would like to thank my advisor Professor John J.
    [Show full text]
  • Designing PCI Cards and Drivers for Power Macintosh Computers
    Designing PCI Cards and Drivers for Power Macintosh Computers Revised Edition Revised 3/26/99 Technical Publications © Apple Computer, Inc. 1999 Apple Computer, Inc. Adobe, Acrobat, and PostScript are Even though Apple has reviewed this © 1995, 1996 , 1999 Apple Computer, trademarks of Adobe Systems manual, APPLE MAKES NO Inc. All rights reserved. Incorporated or its subsidiaries and WARRANTY OR REPRESENTATION, EITHER EXPRESS OR IMPLIED, WITH No part of this publication may be may be registered in certain RESPECT TO THIS MANUAL, ITS reproduced, stored in a retrieval jurisdictions. QUALITY, ACCURACY, system, or transmitted, in any form America Online is a service mark of MERCHANTABILITY, OR FITNESS or by any means, mechanical, Quantum Computer Services, Inc. FOR A PARTICULAR PURPOSE. AS A electronic, photocopying, recording, Code Warrior is a trademark of RESULT, THIS MANUAL IS SOLD “AS or otherwise, without prior written Metrowerks. IS,” AND YOU, THE PURCHASER, ARE permission of Apple Computer, Inc., CompuServe is a registered ASSUMING THE ENTIRE RISK AS TO except to make a backup copy of any trademark of CompuServe, Inc. ITS QUALITY AND ACCURACY. documentation provided on Ethernet is a registered trademark of CD-ROM. IN NO EVENT WILL APPLE BE LIABLE Xerox Corporation. The Apple logo is a trademark of FOR DIRECT, INDIRECT, SPECIAL, FrameMaker is a registered Apple Computer, Inc. INCIDENTAL, OR CONSEQUENTIAL trademark of Frame Technology Use of the “keyboard” Apple logo DAMAGES RESULTING FROM ANY Corporation. (Option-Shift-K) for commercial DEFECT OR INACCURACY IN THIS purposes without the prior written Helvetica and Palatino are registered MANUAL, even if advised of the consent of Apple may constitute trademarks of Linotype-Hell AG possibility of such damages.
    [Show full text]
  • Introduction Use Runit with Traditional Init (Sysvinit)
    2021/07/26 19:10 (UTC) 1/12 Runit Runit Introduction runit is a UNIX init scheme with service supervision. It is a cross-platform Unix init scheme with service supervision, a replacement for sysvinit, and other init schemes and supervision that are used with the traditional init. runit is compatible with djb's daemontools. In Unix-based computer operating systems, init (short for initialization) is the first process started during booting of the computer system. Init is a daemon process that continues running until the system is shut down. Slackware comes with its own legacy init (/sbin/init) from the sysvinit package, that used to be included in almost all other major Linux distributions. The init daemon (or its replacement) is characterised by Process ID 1 (PID 1). To read on the benefits of runit, see here: http://smarden.org/runit/benefits.html * Unless otherwise stated, all commands in this article are to be run by root. Use runit with traditional init (sysvinit) runit is not provided by Slackware, but a SlackBuild is maintained on https://slackbuilds.org/. It does not have any dependencies. As we do not want yet to replace init with runit, run the slackbuild with CONFIG=no: CONFIG=no ./runit.SlackBuild Then install the resulting package and proceed as follows: mkdir /etc/runit/ /service/ cp -a /usr/doc/runit-*/etc/2 /etc/runit/ /sbin/runsvdir-start & Starting via rc.local For a typical Slackware-stlyle service, you can edit /etc/rc.d/rc.local file if [ -x /sbin/runsvdir-start ]; then /sbin/runsvdir-start & fi and then edit write /etc/rc.d/rc.local_shutdown #!/bin/sh SlackDocs - https://docs.slackware.com/ Last update: 2020/05/06 08:08 (UTC) howtos:slackware_admin:runit https://docs.slackware.com/howtos:slackware_admin:runit RUNIT=x$( /sbin/pidof runsvdir ) if [ "$RUNIT" != x ]; then kill $RUNIT fi Then give rc.local_shutdown executive permission: chmod +x /etc/rc.d/rc.local_shutdown and reboot Starting via inittab (supervised) Remove the entries in /etc/rc.d/rc.local and /etc/rc.d/rc.local_shutdown described above.
    [Show full text]
  • Chapter 1. Origins of Mac OS X
    1 Chapter 1. Origins of Mac OS X "Most ideas come from previous ideas." Alan Curtis Kay The Mac OS X operating system represents a rather successful coming together of paradigms, ideologies, and technologies that have often resisted each other in the past. A good example is the cordial relationship that exists between the command-line and graphical interfaces in Mac OS X. The system is a result of the trials and tribulations of Apple and NeXT, as well as their user and developer communities. Mac OS X exemplifies how a capable system can result from the direct or indirect efforts of corporations, academic and research communities, the Open Source and Free Software movements, and, of course, individuals. Apple has been around since 1976, and many accounts of its history have been told. If the story of Apple as a company is fascinating, so is the technical history of Apple's operating systems. In this chapter,[1] we will trace the history of Mac OS X, discussing several technologies whose confluence eventually led to the modern-day Apple operating system. [1] This book's accompanying web site (www.osxbook.com) provides a more detailed technical history of all of Apple's operating systems. 1 2 2 1 1.1. Apple's Quest for the[2] Operating System [2] Whereas the word "the" is used here to designate prominence and desirability, it is an interesting coincidence that "THE" was the name of a multiprogramming system described by Edsger W. Dijkstra in a 1968 paper. It was March 1988. The Macintosh had been around for four years.
    [Show full text]
  • Mac OS X: an Introduction for Support Providers
    Mac OS X: An Introduction for Support Providers Course Information Purpose of Course Mac OS X is the next-generation Macintosh operating system, utilizing a highly robust UNIX core with a brand new simplified user experience. It is the first successful attempt to provide a fully-functional graphical user experience in such an implementation without requiring the user to know or understand UNIX. This course is designed to provide a theoretical foundation for support providers seeking to provide user support for Mac OS X. It assumes the student has performed this role for Mac OS 9, and seeks to ground the student in Mac OS X using Mac OS 9 terms and concepts. Author: Robert Dorsett, manager, AppleCare Product Training & Readiness. Module Length: 2 hours Audience: Phone support, Apple Solutions Experts, Service Providers. Prerequisites: Experience supporting Mac OS 9 Course map: Operating Systems 101 Mac OS 9 and Cooperative Multitasking Mac OS X: Pre-emptive Multitasking and Protected Memory. Mac OS X: Symmetric Multiprocessing Components of Mac OS X The Layered Approach Darwin Core Services Graphics Services Application Environments Aqua Useful Mac OS X Jargon Bundles Frameworks Umbrella Frameworks Mac OS X Installation Initialization Options Installation Options Version 1.0 Copyright © 2001 by Apple Computer, Inc. All Rights Reserved. 1 Startup Keys Mac OS X Setup Assistant Mac OS 9 and Classic Standard Directory Names Quick Answers: Where do my __________ go? More Directory Names A Word on Paths Security UNIX and security Multiple user implementation Root Old Stuff in New Terms INITs in Mac OS X Fonts FKEYs Printing from Mac OS X Disk First Aid and Drive Setup Startup Items Mac OS 9 Control Panels and Functionality mapped to Mac OS X New Stuff to Check Out Review Questions Review Answers Further Reading Change history: 3/19/01: Removed comment about UFS volumes not being selectable by Startup Disk.
    [Show full text]
  • Virtual Memory - Paging
    Virtual memory - Paging Johan Montelius KTH 2020 1 / 32 The process code heap (.text) data stack kernel 0x00000000 0xC0000000 0xffffffff Memory layout for a 32-bit Linux process 2 / 32 Segments - a could be solution Processes in virtual space Address translation by MMU (base and bounds) Physical memory 3 / 32 one problem Physical memory External fragmentation: free areas of free space that is hard to utilize. Solution: allocate larger segments ... internal fragmentation. 4 / 32 another problem virtual space used code We’re reserving physical memory that is not used. physical memory not used? 5 / 32 Let’s try again It’s easier to handle fixed size memory blocks. Can we map a process virtual space to a set of equal size blocks? An address is interpreted as a virtual page number (VPN) and an offset. 6 / 32 Remember the segmented MMU MMU exception no virtual addr. offset yes // < within bounds index + physical address segment table 7 / 32 The paging MMU MMU exception virtual addr. offset // VPN available ? + physical address page table 8 / 32 the MMU exception exception virtual address within bounds page available Segmentation Paging linear address physical address 9 / 32 a note on the x86 architecture The x86-32 architecture supports both segmentation and paging. A virtual address is translated to a linear address using a segmentation table. The linear address is then translated to a physical address by paging. Linux and Windows do not use use segmentation to separate code, data nor stack. The x86-64 (the 64-bit version of the x86 architecture) has dropped many features for segmentation.
    [Show full text]
  • Carbon Copy Cloner Documentation: English
    Carbon Copy Cloner Documentation: English Getting started with CCC System Requirements, Installing, Updating, and Uninstalling CCC CCC License, Registration, and Trial FAQs Trouble Applying Your Registration Information? Establishing an initial backup Preparing your backup disk for a backup of Mac OS X Restoring data from your backup What's new in CCC Features of CCC specific to Lion and greater Release History Carbon Copy Cloner's Transition to a Commercial Product: Frequently Asked Questions Credits Example backup scenarios I want to clone my entire hard drive to a new hard drive or a new machine I want to backup my important data to another Macintosh on my network I want to backup multiple machines or hard drives to the same hard drive I want my backup task to run automatically on a scheduled basis Backing up to/from network volumes and other non-HFS volumes I want to back up my whole Mac to a Time Capsule or other network volume I want to defragment my hard drive Backup and archiving settings Excluding files and folders from a backup task Protecting data that is already on your destination volume Managing previous versions of your files Automated maintenance of CCC archives Advanced Settings Some files and folders are automatically excluded from a backup task The Block-Level Copy Scheduling Backup Tasks Scheduling a task and basic settings Performing actions Before and After the backup task Deferring and skipping scheduled tasks Frequently asked questions about scheduled tasks Email and Growl notifications Backing Up to Disk Images
    [Show full text]
  • X86 Memory Protection and Translation
    2/5/20 COMP 790: OS Implementation COMP 790: OS Implementation Logical Diagram Binary Memory x86 Memory Protection and Threads Formats Allocators Translation User System Calls Kernel Don Porter RCU File System Networking Sync Memory Device CPU Today’s Management Drivers Scheduler Lecture Hardware Interrupts Disk Net Consistency 1 Today’s Lecture: Focus on Hardware ABI 2 1 2 COMP 790: OS Implementation COMP 790: OS Implementation Lecture Goal Undergrad Review • Understand the hardware tools available on a • What is: modern x86 processor for manipulating and – Virtual memory? protecting memory – Segmentation? • Lab 2: You will program this hardware – Paging? • Apologies: Material can be a bit dry, but important – Plus, slides will be good reference • But, cool tech tricks: – How does thread-local storage (TLS) work? – An actual (and tough) Microsoft interview question 3 4 3 4 COMP 790: OS Implementation COMP 790: OS Implementation Memory Mapping Two System Goals 1) Provide an abstraction of contiguous, isolated virtual Process 1 Process 2 memory to a program Virtual Memory Virtual Memory 2) Prevent illegal operations // Program expects (*x) – Prevent access to other application or OS memory 0x1000 Only one physical 0x1000 address 0x1000!! // to always be at – Detect failures early (e.g., segfault on address 0) // address 0x1000 – More recently, prevent exploits that try to execute int *x = 0x1000; program data 0x1000 Physical Memory 5 6 5 6 1 2/5/20 COMP 790: OS Implementation COMP 790: OS Implementation Outline x86 Processor Modes • x86
    [Show full text]