COMP 3000
Operating Systems
Facilities for Users/Programmers
Lianying Zhao
Talking to the Computer
1. Connect to the computer
• Terminal
2. Log in
• Authentication
3. Send commands (run programs)
• Shell
4. Control programs
5. Feed data to programs
6. Programs work with OS services
COMP 3000 2
What is a Terminal?
• “An electronic or electromechanical hardware device that can be used for
entering data into, and transcribing data from, a computer or a computing
system”
• E.g., IBM 2741 (1960s)
• IBM 3270, VT102/100 (1970s-80s)
• Pseudo terminals
• /sbin/getty
COMP 3000 3
Source: Wikipedia Source: columbia.edu
Users and Access Control
• Largely coming down to file protection mechanisms
• Username -> UID, User group -> GID
• The login process: e.g., /usr/bin/login
• To establish a session
• The password file:
• /etc/passwd -> $HOME, $SHELL, $PATH, …
/etc/shadow
COMP 3000 4
What about GUI?
And, remote (e.g., SSH)?
Permissions (File Modes)
• Very basic, mostly file-based access control
• The idea is: I am who/what I am (subject identity). So, what is your decision?
• Each object has an owner (e.g., user)
• — and is assigned security attributes (e.g., file modes)
• In the form of running processes
• Because the username is just a label
• UID, EUID (“effective” UID), FSUID (file system UID)
• read, write, execute
• setuid, setgid, sticky bit
COMP 3000 5
The Shell
• Command interpreter
• Technically not part of the OS
• Many shells exist (bash, dash, ksh, csh, tcsh, etc.)
• Typical steps:
1. Initialize the environment (e.g., env variables)
2. Display a prompt
3. Parse user input, and perform the task in the case of internal commands
4. fork(), and wait in the parent process
5. Try to find the program (external command)
6. Manipulate fds as needed
7. exec()to attempt execution
8. Report errors (if any) and terminate child
COMP 3000 6
The GUI is also like a shell, but in a
complex form
Controlling Running Programs
• All processes have a parent process (except init)
• As a result of a fork()-like system call
• The PPID of a process
• Hence forming the process tree
• The wait() System Call
• A process must be waited on (or it enters a zombie state after it exits)
• A zombie process can’t be killed
• Where the return code (exit status) is passed
COMP 3000 7
Controlling Running Programs: Signals
• The user may want to notify one program of something
• The OS may …
• Another program may …
• Signals: a limited form of IPC (inter-process communication)
• Asynchronous
• Predefined: e.g., SIGINT (interrupt, Ctrl-C), SIGCHLD (child process terminates)
• No new one can be defined. Use SIGUSR1 and SIGUSR2 for custom purposes
• An OS artifact
• Signals are again a POSIX thing. MS Windows: Messages
• WM_CLOSE, WM_CREATE, etc.
COMP 3000 8
Signal Handling
• The OS interrupts the signalled process, and calls the handler function
• All processes are listening to all signals
• Signal handlers are defined by the process (except for a few signals)
• Just regular functions
• The C runtime (e.g., libc.so) registers default signal handlers
• Specified with sigaction() (or signal(), not recommended)
• Concurrency
• Can be invoked at any time by the OS kernel
• What if the handler function modifies shared data
• Do as little as possible
COMP 3000 9
Pipeline and redirections
• Pipe: unidirectional data channel
• Command-1 | Command-2 | …| Command-N
(shell pipeline)
• We will leave programming with pipes to later
discussions, e.g., pipe()
• | stdout -> stdin
• |& stdout+stderr -> stdin (shorthand for 2>&1 |)
• Redirecting: stdin, stdout or stderr
• >, <, >>
• All these are only possible with the separation of
exec() from fork()
COMP 3000 10
Ways to send input and receive
output from programs:
Computer <-> programs
vs.
Human <-> computer
1. Command line arguments
2. Standard I/O
3. Files
4. Network
5. Combination (cf. IPC)
The File Abstraction and File Systems
• Recap:
• File: A linear array of bytes, stored persistently*
Ways of organizing data
• File system: Ways of organizing files
• The user’s perspective of files:
• Identifier: filename
• Further identified by: path + filename
• Can be read from or written to
• Meaning of a filename
COMP 3000 11
More on Pathnames
• Paths are hierarchical, and there is a root (“/”)
• Absolute pathname
• E.g., /home/student/comp3000
• Relative pathname
• (Current) working directory (CWD): per process
• E.g., tut1/abc
COMP 3000 12
Operations on Files (POSIX)
• Create
• E.g., int fd = open(“/path/to/dir”,
O_CREAT|O_WRONLY|O_TRUNC, S_IRUSR | S_IWUSR);
• Open
• For existing files, still a file descriptor (fd) is needed for any operations
• Read/Write/Close
• Seek: there exists a current location
• E.g., lseek()
• There’s something “out-of-band”
• E.g., ioctl()
COMP 3000 13
File Systems (Implementation)
• File system types are determined by purposes
• Optical discs, Flash memory, Union/overlay, etc.
• Not just a choice: various implications
• exFAT
• E.g., FAT32 has a file size limit of 4GB
• Special file systems (thanks to VFS)
• devfs, udev
• configfs
• sysfs
• procfs
• tmpfs
COMP 3000 14
Mounting File Systems
• To be connected to the uniform file-system tree
• Mount point – an existing directory
• Pathnames become relative
• Flexibility
COMP 3000 15
COMP 3000 16
COMP 3000
Operating Systems
Misc.
Memory Allocation
• Ways to ask for memory at runtime
• From the OS: via system calls
• In-process memory management (already in address space)
• A C runtime library thing
• malloc() and free() – from the heap?
• Write a custom memory allocator, if interested
COMP 3000 17
The Program Break – brk()
• What is the break?
• The address of the first byte beyond the data segment — the location of the
end of the “heap”
• Actually reflecting the size of the data segment
• Two system calls:
• brk()
• sbrk()
COMP 3000 18
mmap()
• Very powerful
• Map files or devices into memory
• File mapping – access files like memory
• Device access, depending on the driver
• Anonymous mapping – allocate new space for the process
• Independent of the original heap, but can be treated as a heap by the
C runtime
COMP 3000 19
Address Space Layout Randomization (ASLR)
• A concept advanced from later security topics
• Memory corruption vulnerabilities?
• Now the process address space has been contained*
• What can an adversary do without direct manipulation?
• Return Oriented Programming (ROP)
• Jump Oriented Programming (JOP)
• Or simply buffer overflow
• All require predictable memory layout
• The idea is to apply a randomly generated offset to the bases of critical
segments, e.g., heap, stack, and loaded libraries.
COMP 3000 20
File Mode Notation (Permission Bits)
• Symbolic mode: e.g., rwx
• Octal (numeric) mode: e.g., 7 → 111
• Just conversion from octal to binary
• Counting in setuid and setgid
• Mask for setuid: 4000
• When there’s x for u: lower case s
• When there’s no x for u: upper case S
• Mask for setgid: 2000
• When there’s x for g: lower case s
• When there’s no x for g: upper case S
COMP 3000 21
- Phone+44 7868 815209
- Emailadmin@solvemyproject.com
- Open Hours24x7
- Phone+44 7868 815209
- Emailadmin@solvemyproject.com
- Open Hours24x7