160 likes | 304 Views
CS140 – Operating Systems Final Review. Mar. 13 th , 2009 Derrick Isaacson. Final Exam. Wed. Mar. 18 th 12:15 pm in Gates B01 Open book, open notes (closed laptop) Bring printouts You won’t have time to learn the material but they will likely help as a quick reference
E N D
CS140 – Operating SystemsFinal Review Mar. 13th, 2009 Derrick Isaacson
Final Exam • Wed. Mar. 18th • 12:15 pm in Gates B01 • Open book, open notes (closed laptop) • Bring printouts • You won’t have time to learn the material but they will likely help as a quick reference • Will cover all lectures
Outline • Virtual machines • Synchronization • Protection • Security • File systems • Network file systems • Networking
Virtual Machine Review Difference between VM and VMM Difference between Guest and Host OS • Virtual Machine • Guest OS • Host OS • Virtual Machine Monitor/ Hypervisor
More Virtual Machine Review • Virtual Memory – another layer of indirection • Virtual Address – address used by process inside of VM • Physical Address – virtualized hardware address of VM • Machine Address – true hardware address • Page Tables – Guest OS keeps its own page tables like always which now map from VA to PA • VMM keeps a logical mapping from a VM’s PA to MA • VMM combines Guest OS page tables with it’s own PA->MA mapping, into the “shadow page table”. • While running VM, the actual cr3 register points to the shadow page directory.
Synchronization Is there a cycle? Is there deadlock? Yes to cycle. Yes to deadlock. init(sema1, 1); init(sema2, 1); init(sema3, 2); init(sema4, 3); fun1 { down(sema3); down(sema1); … } fun2 { down(sema3); down(sema1); down(sema2); … } fun3 { down(sema2); down(sema3); … }
Synchronization 2Is there a cycle? Is there deadlock? Yes to cycle. No to deadlock. init(sema1, 2); init(sema2, 2); fun1 { down(sema2); down(sema1); … } fun2 { down(sema1); … } fun3 { down(sema1); down(sema2); … } fun4 { down(sema2); … }
Synchronization - Deadlock • Given limited resources A, B, C, D – can I have deadlock in the following situations? Why/why not? • I always acquire resources in alphabetical order • No - no circularity in request graph • An “older” thread can steal a resource from a “younger” one that holds it • Yes, if 2 threads can have same timestamp • No if timestamps unique – we have preemption • I request all resources at startup • No – no hold and wait
Protection • ACLs versus Capabilities • ACLs slice matrix by columns • Capabilities slice along rows • Security hole examples • TOCTTOU • Setuid • ptrace • Capability based systems never took off • perceived complexity • low performance because of more IPC
Security • Bell-La Padula model • Security level is (c, s) pair • c = classification, s = category-set • (c1, s1) dominates (c2, s2) iff c1 ≥ c2 and s2 ⊆ s1 • L1 dominates L2 sometimes written L1 ⊒ L2 or L2 ⊑ L1 • Examples - (S, O, A) for subject S, object O, and access mode A • If current-level(S) = {top-secret, {Nuclear}} and level(O) = {secret, {Crypto}}, can A include observation? • No – level(S) must dominate level(O) • If level(O1) = {secret, {Nuclear}} and level(O2) = {top-secret, {Nuclear}}, is it possible for S to observe O1 and modify O2? • Yes – level(O2) must dominate level(O1)
File systems 1 - FFS • Why was FFS “fast”? • Larger block size • Lessen internal fragmentation by placing pieces of files in fragments (for example ends of files) • Clustering • Place sequential blocks in adjacent sectors • Keep inode in same cylinder as file data • Keep inodes for a dir in same cylinder group • Keep extra free space to help allocate near existing things • Use bitmap for free blocks • Keep in memory • Easier to find contiguous blocks
File systems 2 – Ordered Updates • Performance vs. consistency • Must follow three rules in ordering updates: • Never write pointer before initializing structure it points to • Never reuse a resource before nullifying all pointers to it • Never clear last pointer to live resource before setting new one • Example - creating 1k file on FFS means you must: • write filename in directory block • write modification time in directory inode • initialize file inode • write file data block • write free map • Problem: • multiple inodes are stored in same disk block and multiple directory entries are stored in same directory block • develop cyclic dependencies • Solution: • soft updates • maintain enough info in fs to rollback changes temporarily
File systems 3 – Journaling • Also improvement over basic FFS • Keep a write-ahead log • writes are to a consecutive portion of disk • multiple updates are very fast • record a checkpoint when all log entries up to a point have been processed – allows you to truncate log • XFS – journaling file system for huge disks • break disk into a few GB allocation groups • use B+ trees for everything (directories, inodes, lookup tables)
Network File Systems • Main points to remember • Tradeoff between completely “stateless” systems (original NFS) and stateful ones (NFS 4, AFS) • Stateless servers require clients to poll server to find out about changes • Callbacks improve consistency and reduce server load, but complicate server requirements and failure modes • Leases are a hybrid of polling and callbacks • Server promises to let a client know about changes within a time period • Failure modes simplified if lease time is less than crash-reboot time
Networking • Key concepts: • IP – provides host to host communication • Unreliable (messages may get lost, reordered, or retransmitted) • No control over transmission rate (congestion control) • TCP/UDP – provide process to process communication • Layered on top of IP (IP gets message to the host, TCP/UDP gets it to the process) • UDP simple layer on IP so it inherits IP’s problems • TCP a more complex layer on IP that provides reliability and congestion control • Sockets abstraction for communication • The several layers used in common networking stacks could cause a lot of copying as data is handed from one layer to next. • mbuf libraries provide efficient, flexible data structures and utility functions to help avoid these problems