Brief history Early computer systems No OS Operating programmers aware of the underlying HW no multitasking System one job at a time IBM System 360 OS 360 (IBM) [1965] multitasking pagination assembly Brief history Brief history Multics (MIT/General Electrics/Bell Labs) [1965] Unix [1969] PDP-7 PDP-7 (PDP-11 initially) memory mapped files then widespread (sort of) virtual filesystem C process memory segments viewed as files preemptive multitasking dynamic linking pagination multitasking segmentation pagination segmentation interprocess calls dropped Brief history Features MS-DOS [1981] Abstraction no advanced features (lack of hw support) HW details Windows 3.1 [1992] pagination Management multitasking (no preemption) resources Windows NT 3.1 [1993] Linux [start: 1991 ver. 1.0 release: 1994] Protection Errors / attacks Several others VAX/VMS, MAC-OS, OS/2, QNX, Symbian OS, ... Features Elements Program execution management Scheduler Security Device drivers User mode vs Supervisor/Protected/Kernel mode Memory management routines Multitasking Cache (buffer) management Hardware management Abstraction Hardware driving Interrupt handling Memory management Operating System Interface between applications and hardware provides hardware abstraction (and protection) Resource manager Activity coordinator Applications User Level Operating System Kernel Level HARDWARE Protection Interface Kernel (or protected or supervisor) level OS functions called by applications Full system access Application Programming Interface (API) HW devices registers standard routine call “Critical” address space regions I/O mapping System data User level Restricted system access Application standard routine call Application standard routine call “Owned” address space regions Library Library library routine std call OS routine User level OS routine User level OS OS Kernel level Kernel level Protection issue Interface <parameters setting> OS functions called by applications call func_enter_address Application Programming Interface (API) User code standard routine call system calls (syscalls) OK func_enter_address: not a standard function call <parameters validation> is the “door” for the kernel level usually “wrapped” by library functions <user permissions check> <parameters setting> libraries provide a func_internal_address: Application standard routine call further abstraction call func_internal_address <critical work> Library open (library routine) (abstraction from OS) User code syscall User level NO OS Kernel level code open (OS routine) (protection bypassed) Kernel level System calls System calls Architecture dependent Architecture dependent software interrupt / trap software interrupt / trap ... ... /* parameters in registers */ /* parameters in registers */ Call # Routine address ... Call # Routine address ... mov r7, 2 /* syscall no. */ SVC 2 /* syscall */ SVC 0 /* syscall */ ... 2 ... 2 /* results managing */ /* results managing */ ... ... user code user code System routine syscall table can be modified System routine syscall table can be modified only at kernel level only at kernel level Example: ARM – Linux Example: ARM – Linux (old ABI).