I. Interrupt Mechanism A. Problem being Solved ------------------------------------------ WHY HAVE INTERRUPTS? How to share resources on a computer? A. Provide libraries to access resources trust users will not take advantage Is that practical? B. State policies about sharing humans penalized if violate policy Is that practical? C. Enforce polices about sharing at runtime, before harm is done Is that practical? ------------------------------------------ B. Needs for Interrupt Mechanisms ------------------------------------------ INTERRUPT MECHANISM Goal: enforce polices on sharing, privacy, etc. How could the OS enforce policies? a. OS and user have same permissions b. OS has more permissions c. OS has fewer permissions What would help OS enforce policies: 1. users cannot read some data 2. users cannot write some data 3. users cannot execute some instructions ------------------------------------------ C. How interrupts work ------------------------------------------ INTERRUPT MECHANISM Hardware: 1. Instructions added to signal interrupt events 2. At end of each fetch-execute cycle, the CPU checks for interrupt events ------------------------------------------ Should signaling an interrupt be a privileged instruction? 1. traps ------------------------------------------ TRAPS def: a *trap* is an interrupt that occurs due to Examples: What should be done for traps? ------------------------------------------ ------------------------------------------ INTERRUPT HANDLERS def: an *interrupt handler* is code that How? When an interrupt is noticed: jump to ------------------------------------------ 2. I/O interrupts ------------------------------------------ I/O INTERRUPTS When device completes an operation it sets a bit in the CPU and then the OS: - suspends the running process - calls an interrupt handler ------------------------------------------ What hardware is needed for this? Do I/O interrupts need to be handled quickly? 3. Timer interrupts ------------------------------------------ TIMER INTERRUPTS When a process uses up a time slice it sets a bit in the CPU and then the OS: - suspends the running process - calls an interrupt handler to schedule another waiting process Would it be better to wait for another running process? ------------------------------------------ Do timer interrupts need to suspend the running process? 4. multiple interrupts ------------------------------------------ MULTIPLE INTERRUPTS What if: - multiple interrupts happen at the same time? - if an interrupt happens when handling another interrupt? Possible problems: ------------------------------------------ D. maintaining OS control ------------------------------------------ LIMITED DIRECT EXECUTION Goals: a. Run programs efficiently b. Share resources c. Prevent bad behavior Approach: For efficiency: For sharing and enforcing good behavior: Execution modes: Hardware support: ------------------------------------------ What should be the mode when a computer is booted? What should the mode be when running a user program? How does this maintain control of user processes? 1. system calls ------------------------------------------ INTERRUPTS AND SYSTEM CALLS Interrupt (trap, int, or svc) instruction - not privileged but starts system (kernel) mode - runs some specified code based on a (trap) table Return-from-trap instruction: - like procedure return instruction that specifies location of the trap table - privileged System call: - is a normal library function call - saves state (registers, PC, etc.) - pushes arguments on stack - sets the system call number (in a register) - executes interrupt instruction (pushes PC, saves process state on a kernel stack -- one per process, starts kernel mode, indirect jump through trap table to specialized code) (return-from-trap restores process state from kernel stack, starts user mode, restores PC) - adjusts any results on runtime stack (or in a register) - returns to caller ------------------------------------------ What could happen if the instruction that specified the location of the trap table were not privileged? Why don't you need to use the trap instruction in your own code? Why is a stack needed in the kernel per process? Do libraries that run system calls need to be careful? Do system call library functions need to be fast? ------------------------------------------ INTERRUPT VECTOR OR TRAP TABLE def: an *interrupt vector* or *trap table* is an array of starting addresses for Why use a table? ------------------------------------------ How does the trap table get initialized? 2. Memory Protection ------------------------------------------ NEED FOR MEMORY PROTECTION On interrupt: hardware runs interrupt handler from What happens if a user program can write those locations? ------------------------------------------ ------------------------------------------ HOW TO PROTECT MEMORY How to prevent users from writing over code for interrupt handler(s)? Is hardware needed? Are changes to instructions needed? ------------------------------------------ What does "segmentation fault" mean for a C program? 3. Privileged (Supervisory) Mode ------------------------------------------ PRIVILEGED MODE Okay for a user process to change the fence register? Privileged mode: Hardware needed: ------------------------------------------ What should happen if a user process executes a privileged instruction? 4. Program Status Word Are we accumulating a lot of conditions for traps? ------------------------------------------ PROGRAM STATUS WORD Program status word is a (privileged) register containing: ------------------------------------------