UNIT – V Operating

Systems

I/O Systems Overview:

The two main jobs of a computer are I/O and processing. In many cases, the main job is
I/O processing. The operating system designers must be concern about the control of
devices that are connected with the computer, because I/O devices vary in their function and
speed. Varieties of methods are needed to control them. These methods form the I/O sub
system of the kernel. It separates the rest of the kernel from the managing I/O devices.

To encapsulate the details and oddities (strange thing) of different devices, the kernel of
an operating system is structured to use device-driver modules.

Device driver: The device drivers present a uniform device-access interface to the I/O
subsystem, like a system calls provide a standard interface between the application and the
operating system.

I/O Hardware:

Computer operates much kind of devices. Most fit into the general categories of
storage devices (disk, tapes), transmission devices (network cards, modems) and human
interface devices (screen, keyboard, and mouse).Other devices are specialized for steering of
a military fighter jet or a space shuttle. In these cases human gives input to the flight
computer via a joystick. So joystick is different from these normal devices.

Port: A device communicates with a computer system by sending signals over a cable or
even through the air. The device communicates with the machine via a connection point is
called port.

Bus: A bus is a set of wires that can transfer the data from one part to another part of a
computer.

Daisy chain: When device A has a cable that plugs into device B, and device B has a cable
that plugs into device C, and device C plugs into a port on the computer, this arrangement is
called daisy chain. It usually operates as a bus.

PCI bus that connects the processor-memory subsystem to the fast devices, and an
expansion bus that connects relatively slow devices such as the keyboard, serial and parallel
ports. A controller is a collection of electronics that can operate a port, a bus or a device. A
serial-port controller is a simple device controller that controls the signals on the wires of a

MS Page 1
 UNIT – V Operating
Systems

serial port.

Memory mapped I/O: If I/O devices and memory share the common address space is called
memory mapped I/O. In this case the CPU executes I/O requests using the standard data
transfer instructions to read and write the device control registers.

An I/O port typically consists of four registers, called the status, control, data-in and
data-out registers.

1. The status register contains bits that can be read by the host. These bits indicate the
state such as whether the current command has been completed, whether byte is
available in data-in register, and whether device error occurred during the operation.

MS Page 2
 UNIT – V Operating
Systems

2. The control register can be written by the host to start a command or to change the
mode of a device.

3. The data-in register is read by the host to get input.

4. The data-out register is written by the host to send output.

The data registers are typically 1 to 4 bytes.

Polling:

We assume that two bits are used to co-ordinate between the controller and host
during the data transmission. The controller indicates its state through the busy bit in the
status register. The controller sets busy bit when it is busy working, and clears the busy bit
when it is ready to accept the next command. The host sets the command-ready bit when a
command is available for the controller to execute. The following are the steps of
handshaking.

1. The host repeatedly reads the busy bit until that bit becomes clear.

2. The host sets the write bit in the command register and writes a bite into data-out
register.

3. The host sets the command-ready bit.

4. When the controller notices that the command-ready bit is set, it sets the busy bit.

5. The controller reads the command register and sees the write command. It reads
the data-out register to get the byte.

6. The controller clears the command-ready bit, clears the error bit in the status
register to indicate that the device I/O succeeded, and clears the busy bit to indicate
that it is finished.

Interrupt:

We know that interrupt is just like a disturbance. Even it is a disturbance we can use
this for efficient data transfer operation.

MS Page 3
UNIT – V Operating
Systems

 The CPU hardware has a wire called the interrupt-request line that the CPU senses
after executing every instruction

 When the CPU detects a signal on the interrupt request line, the CPU saves a small
amount of state, such as the current value of the instruction pointer, and jumps to
interrupt handler routine.

MS Page 4
 UNIT – V Operating
Systems

 The interrupt hander performs the appropriate action for interrupt.

 After the execution of ISR the CPU resumes the previous execution.

Most CPUs have two interrupt request lines. One is the non-maskable interrupt, which
is reserved for events such as unrecoverable memory errors. The second interrupt line is
maskable, it can be turned off by the CPU before the execution of critical instruction
sequence. If the ISR has the default address is called Vector interrupt.

Direct Memory Access (DMA):

Many computers avoid burdening the main CPU with PIO by offloading some of this
work to a special-purpose processor called a direct memory access (DMA) controller.

 To initiate a DMA transfer, the host writes a DMA command block into memory.

 This block contains a pointer to the source of transfer, a pointer to the destination, and
the number of bytes to be transferred.

 The CPU writes the address of this command block to the DMA controller, and then
goes on with other work.

MS Page 5
 UNIT – V Operating
Systems

 The DMA controller now operates the memory buses directly, and performs the data
transfer.

 When the entire transfer is finished, the DMA controller interrupts the CPU.

 When the DMA controller seizes the memory bus, the CPU is temporarily prevented
from accessing main memory. Although it can still access data item in its primary and
secondary cache.

Application I/O interface:

I/O devices in a computer system are to be treated in a standard, uniform way. For
example an application can open a file on a disk without knowing what kind of disk it is. The
purpose of the device-driver layer is to hide the differences among device controllers from the
I/O subsystem of the kernel.

MS Page 6
 UNIT – V Operating
Systems

Devices vary in many dimensions as follows,

 Character-stream or block: a character-stream device transfers bytes one by one,

whereas a block device transfers a block of bytes as a unit.

 Sequential or random access: a sequential device transfers the data in a fixed order,
whereas random-access device can seek to any of the available data storage locations.

 Synchronous or asynchronous: a synchronous device is one that performs data

transfer with predictable response time. An asynchronous device exhibits irregular or
unpredictable response time.

 Sharable or dedicated: a sharable device can be used concurrently by several

processes or threads; a dedicated device cannot.

 Speed of operation: device speed range from a few bytes per second to a few gigabyte
per second.

 Read-write, read-only or write-only: some devices perform both input and output, but
others support only one data direction.

Types of Application I/O interfaces:

1. Block and character devices:

Disk is the best example for block device. The expectation of the device should
understands commands such as read () and write (), and if it is a random access
device, it has seek () command to specify which block to be transferred next. A
keyboard is an example of a device that is accessed through a character stream
interface. The basic system calls in this interface enables an application to get () or
put () one character.

2. Network devices:

The performance and addressing characteristics of network I/O differ significantly

from those of disk I/O. Most operating systems provide a network I/O interface that is
different from the read(), write(), seek() interface used for disks. One interface
available in many operating systems, including UNIX and Windows NT, is the network

MS Page 7
 UNIT – V Operating
Systems

socket interface.

3. Clock and Timers:

Most computers have hardware clocks and timers that provide three basic functions:

o Give current time

o Give the elapsed time

o Set a timer to trigger operation X at time T.

These functions are used heavily by the operating system, and also by time
sensitive applications.The hardware to measure elapsed time and to trigger the
operations is called a programmable interval timer. It can be set to wait a certain
amount of time and then to generate an interrupt.

4. Blocking and non-blocking I/O:

When an application issues a blocking system call, the execution of the

application is suspended. The application is moved from running state to waiting state.
After the system call completes, the application is moved from waiting state to ready
queue where it is eligible to resume execution.

Some user level processes need non-blocking I/O. For example a video
application that reads frames from a file on disk while simultaneously decompressing
and displaying the output on the display.

Kernel I/O subsystem:

Kernels provide many services related to I/O. These services are: scheduling, buffering,
caching, spooling, device reservation and error handling.

I/O Scheduling: to schedule a set of I/O request means to determine a good order to execute
them. Application issue system calls are rarely the best choice. Scheduling can improve
overall system performance, can share device access fairly among processes, and can reduce
the average waiting time for I/O to complete. Operating system developers implement
scheduling by maintaining a queue of requests for each device.

MS Page 8
 UNIT – V Operating
Systems

Buffering: A buffer is a memory area that stores data while they are transferred between two
devices.

Buffering is done for three reasons. One reason is to copy with a speed mismatch between
the produce and consumer of data stream. For example modem is thousands time slower
than hard disk. So a buffer is created in main memory to accumulate the bytes received from
the modem.

A second use of buffering is to adapt between devices that have different data-
transfer sizes. Such disparities are especially common in computer networking, whereas
buffers are used widely for fragmentation and reassembly of messages.

A third use of buffering is to support copy semantics for application I/O.For example
an application has a buffer of data that it wishes to write to disk. It calls the write () system
call, providing pointer to a buffer and specify the number of bytes to write. After the system
call returns, what happens if the application changes the content of the buffer? With copy
semantics, the content will be the same in the disk.

Caching: cache is a region of fast memory that holds the data during execution. Access to
the cached copy is more efficient than access to the original. The difference between cache
and buffer is that buffer may hold only existing copy of a data item, whereas a cache, just
holds a copy on faster storage of an item.

Spooling and device reservation: a Spool is a buffer that holds output for a device, such as
printer. Although a printer can serve only one job at a time, several applications may wish to
print their output concurrently, without having their output mixed together. The operating
system solves this problem by stop all output to the printer. Each application’s output is
spooled to a separate disk file. When an application finishes printing, the spooling system
queues the corresponding spool file for output to the printer.

Error handling: I/O kernel subsystem is responsible for error detection and correction during
the read and writes operation. Devices and I/O transfer can fail in many ways, either for
transient reasons, such as network becoming overloaded, or for permanent reasons, such as
a disk controller becoming defective. Operating system can often compensate effectively for
transient failure. For instance, a disk read () failure results in a read () retry, and a network
send () error results in a resend ().

MS Page 9
 UNIT – V Operating
Systems

Transforming I/O to Hardware Operation:

Transforming I/O to hardware operation requires many steps and tremendous number
of CPU cycles. Let us consider the example of reading a file from a disk. The application
refers to the data by a file name. Within the disk the file system maps the file name to obtain
the space allocated to that file. The following are the steps to perform this operation.

1. A process issue a blocking read () system calls to a file that has been opened
previously.

2. The system-call code in the kernel checks the parameters for correctness. If the data
are already available in the buffer cache, the data are returned from the cache to the
process and the I/O request is completed.

3. Otherwise, physical I/O needs to be performed, so the process is removed from the
running queue and is placed on the waiting queue for the device.

4. The device driver allocates kernel buffer space to receive the data.

5. The device controller operates the device hardware to perform the data transfer.

MS Page 10
UNIT – V Operating
Systems

MS Page 11
 UNIT – V Operating
Systems

6. The driver may poll for status and data, or it may set up a DMA transfer into kernel
memory.

7. The correct interrupt handler receives the interrupt via the interrupt-vector table, stores
any necessary data, signals the device driver, and returns from the interrupt.

8. The device driver receives the signal, determines which I/O request completed,
determine the request status, and signal the kernel I/O subsystem that the request has
been completed.

9. The kernel returns the data to the requesting process.

10. Now it is the time to move the process from waiting state to running state.

Performance:

I/O is a major factor in system performance. It places heavy demands on the CPU to
execute device-driver code and to schedule processes fairly and efficiently as they block and
unblock. The resulting context switches stress the CPU and its hardware cache.

Network traffic can also cause a high context-switch rate. Consider, for instance, a
remote login from one machine to another. Each character typed on the local machine must
be transported to the remote machine. On the local machine, the character is typed; a
keyboard interrupt is generated; and the character is passed through the interrupt handler to
the device driver, to the kernel, and then to the user process. The user process issues a
network I/O system call to send the character to the remote machine.

We can employ several principles to improve the efficiency of I/O:

 Reduce the number of context switches.

 Reduce the number of times that must be copied in memory while passing between
device and application.

 Reduce the frequency of interrupt by using large transfers, smart controllers, and
polling.

 Increase concurrency by using DMA-knowledgeable controller or channels to offload

simple data copying from the CPU.

MS Page 12
 UNIT – V Operating
Systems

 Balance CPU, memory subsystem, bus, and I/O performance, because an overload in
any one area will cause idleness in others.

Protection:

Protection refers to a mechanism for controlling the access of programs, processes, or

users to the resources defined by a computer system.
Goals of protection:

Protection was originally considered as an assistant to multiprogramming operating

systems, so that unreliable users might safely share a common logical name space, such as a
directory of files, or share a common physical name space, such as memory. We need to
provide protection for several reasons. The most obvious is the need to prevent mischievous,
intentional violation of an access restriction by a user.

Protection can improve reliability by detecting errors at the interfaces between

component subsystems. Early detection of interface errors can often prevent infection of a
healthy subsystem by a malfunctioning subsystem.

The role of protection in a computer system is to provide a mechanism for the

enforcement of the policies governing resource use. These policies can be established in a
variety of ways. Some are fixed in the design of the system; others are formulated by the
management of a system.

Policy is distinct from mechanism. Mechanisms determine how something will be

done; policies decide what will be done. The separation of policy and mechanism is important
for flexibility.

Domain:

A computer system is a collection of processes and objects. By objects, we mean both

hardware object( such as the CPU, memory, printers, disks and tape drives), and software
objects(such as files, programs, and semaphores). Each object has a unique name that
differentiates it from all other object in the system.

A domain can be realized in variety of ways:

 Each user may be domain. In this case, the set of objects that can be accessed

MS Page 13
 UNIT – V Operating
Systems

depends on the identity of the user. Domain switching occurs when the user is
changed.

 Each process may be a domain. In this case, the set of objects that can be accessed
depends on the identity of the process. Domain switching corresponds to one process
sending a message to another process.

 Each procedure may be a domain. In this case, the set of objects that can be accessed
corresponds to the local variables defined within the procedure. Domain switching
occurs when a procedure call is made.

Access Matrix:

Our model of protection can be viewed abstractly as a matrix, called an access matrix.
The row of the access matrix represents domains, and the columns represent objects. Each
entry in the matrix consists of a set of access rights. Because column defines objects
explicitly, we can omit the object name from the access right. The entry access (i,j) defines
the set of operations that a process, executing in domain Di, can invoke an object Oj.

The access matrix is clearly shown in the below diagram. There are four domains and
four objects, three files (F1,F2,F3) and one laser printer. When a process executes in domain
D1, it can read files F1 and F3. A process executing in domain D4 has the same privileges as
it does in domain D1, but in addition, it can also write onto file F1 and F3. Note that the laser
printer can be accessed only by a process executing in domain D2.

Object
F1 F2 F3 Printer
Domain

D1 read Read

D2 print

D3 rea Execut
d e

D4 Read Read

Writ Write
e

Process should be able to switch from one domain to another. Domain switching from

MS Page 14
 UNIT – V Operating
Systems

domain Di to domain Dj is allowed to occur if and only if the access right switch € access (i,j).
Thus in the below figure a process executing in domain D2 can switch to domain D3 or to
domain D4. A process in domain D4 can switch to D1, and one in domain D1 can switch to
domain D2.

Object Laser
F1 F2 F3 D1 D2 D3 D4
Domain Printer

D1 read read Switc

h

D2 Print switc Switc

h h

D3 Read Execute

D4 Read and Read and switc

write write h

The ability to copy an access right from one domain (or row) of the access matrix to
another is denoted by an asterisk (*) appended to the access right. The copy right allows the
copying of the access right only within the column for which the right is defined. For example
in the below diagram (a), a process executing in domain D2 can copy the read operation into
any entry associated with file F2. Hence the access matrix of figure (a) can be modified to the
access matrix shown in figure (b).

(a)

Object
F1 F2 F3
Domain

D1 Execut Write*
e

D2 Execut Read Execut

e * e

D3 Execut
e

(b)

Object
F1 F2 F3
Domain

D1 Execut Write*
e

MS Page 15
 UNIT – V Operating
Systems
D2 Execut Read Execut
e * e

D3 Execut Read
e

This scheme has two variants:

1. A right is copied from access (i,j) to access (k,j); it is then removed from access (i,j)
this action is a transfer of a right, rather than a copy.

2. Propagation (circulation) of the copy right may be limited. That is, when the right R* is
copied from access (i,j) to access (k,j), only the right R (not R*) is created. A process
executing in domain Dk cannot further copy the right R.

We also need a mechanism to allow addition of new rights and removal of some rights.
The owner right controls these operations. If access (i,j) includes the owner right, then a
process executing in domain Di can add and remove any right in any entry in column j. For
example in the below figure (a), domain D1 is the owner of F1, and thus can add and delete
any valid right in column F1. Similarly, domain D2 is the owner of F2 and F3, and thus can add
and remove any valid right within these two columns. Thus, the access matrix of figure (a)
can be modified to the access matrix shown in figure (b)

(a)

Object
F1 F2 F3
Domain

D1 Owner Write

Execut
e

D2 Read Read and

write
Owne
r owner

D3 Execut

MS Page 16
 UNIT – V Operating
Systems
e

(b)

Object
F1 F2 F3
Domain

D1 Owner

Execut
e

D2 Execut Read* Read*

e
Owne Owne
r r

Write* Write*

D3 Write Write

The security problem:

We say that a system is secure if its resources are used and accessed as intended
under all circumstances. Unfortunately, total security cannot be achieved. Security violation
of the system can be categorized as intentional or accidental. It is easier to protect against
accidental misuse than against intentional misuse. The following are the example of
intentional misuses

 Unauthorized reading of data.

 Unauthorized modification of data.

 Unauthorized destruction of data.

 Preventing legitimate use of the system.

To protect the system, we must take security measures at four levels:

1. Physical:the site or sites containing the computer system must be physically secured
against unreliable persons.

2. Human: users must be screened carefully to reduce the change of authorizing a user
who then gives access to an intruder (attacker).

MS Page 17
 UNIT – V Operating
Systems

3. Network: much computer data in modern systems travels over private leased lines,
shared lines like the Internet, or dial-up lines. The interception of this data could be just
as harmful as the break-in of a computer.

4. Operating system: the system must protect itself from accidental or purposeful
security breaches (gaps).

User authentication:

A major security problem for operating systems is authentication. The protection

system depends on an ability to identify the programs and processes currently executing.
This ability, in turn, rests on our power to identify each user of the system.

1. Passwords:

The most common approach to authenticating a user identity is the use of passwords.
When the user identifies herself by user ID or account name, she is asked for a password. If
the user-supplied password matches the password stored in the system, the system assumes
that the user is legitimate (valid or authentic).

2. Password vulnerabilities:

Passwords are extremely common because they are easy to understand and use.
Unfortunately, passwords can be often guessed, accidentally exposed, sniffed, or illegally
transferred from an authorized user to an unauthorized one.

There are two common ways to guess a password. Most of the users are too frequently
using the information (such as the names of their castor spouses) as their password. The
other way is to use brute force; trying enumeration, or all possible combinations of letters,
numbers, and punctuation, until the password is found. Short passwords do not leave enough
choice to prevent their being guessed by repeated trails.

An attacker can look over the shoulder of a user when the user is logging in, and can learn
the password easily by watching the keyboard.

The final method of password compromise, illegal transfer, is the result of human nature.
Most computer installations have a rule that forbids (prohibit) users to share accounts.

MS Page 18
 UNIT – V Operating
Systems

Password can be either generated by the system or selected by a user. System-generated

passwords may be difficult to remember, and thus users may write them down. User-selected
passwords, however, are often easy to guess.

3. Encrypted passwords:

One problem with all these approaches is the difficulty of keeping the password secret
within the computer. The UNIX system uses encryption to avoid the necessity of keeping its
password list secret. Each user has a password. The system contains a function that is
extremely difficult – the designer hope impossible – to invert, but is simple to compute. That
is, given a value x, it is easy to compute the function value f(x). Given a function value f(x),
however, it is impossible to compute x. This function is used to encode all passwords. Only
encoded passwords are stored. When a user presents a password, it is encoded and
compared against the stored encoded password.

4. One time password:

To avoid the problem of password sniffing and shoulder surfing, a system could use a set
of paired passwords. When a session begins, the system randomly selects and presents one
part of a password pair; the user must supply the other part. In this system, the user is
challenged and must respond with the correct answer to that challenge.

5. Biometrics:

There are many other variations on the use of password for authentication. Palm or hand-
readers are common to secure physical access, for example access to a data center. These
readers match stored parameters against what is being read from their hand-reader pad. The
parameters can include a temperature map, as well as finger length, finger width, and line
patterns. These devices are currently too large and expensive to be used for normal
computer authentication.

Finger print readers have become accurate and cost-effective, and should become more
common in the future. These devices read your finger’s ridge patterns and convert them into
a sequence of numbers.

Program threats:

MS Page 19
 UNIT – V Operating
Systems

When a program written by one user may be used by another user, misuse and
unexpected behavior may ensue (arise). Trojan horses, trap doors, stack and buffer overflow
are examples for program threats.

Trojan horse:

Many systems have mechanism for allowing programs written by users to be executed
by other users. If these programs are executed in a domain that provides the access rights of
the executing user, the other users may misuses these rights. A text-editor program, for
example, may include code to search the file to be edited for certain keywords. If any are
found, the entire file may be copied to a special area accessible to the creator of the text
editor. A code segment that misuses its environment is called a Trojan horse.

Trap door:

The designer of a program or system might leave a hole in the software that only she is
capable of using. This type of security breach (hole) was shown in the movie war games. A
clever trap door could be included in a compiler. The compiler could generate standard object
code as well as a trap door, regardless of the source code being compiled. This activity is
particularly nefarious, since a search of the source code of the program will not reveal any
problems. Only the source code o the compiler would contain the information. Trap door
poses a difficult problem because, to detect them, we have to analyze all the source code for
all components of a system. Given that software systems may consist of millions of lines of
code, this analysis is not done frequently.

Stack and buffer overflow:

The stack or buffer-overflow attack is the most common way for an attacker outside of
the system, on a network or dial-up connection, to gain unauthorized access to the target
system. An authorized user of the system may also use this exploit for privilege escalation,
to gain privilege beyond those allowed for that user.

In this case, the attacker sends more data than the program was expecting. Using trial
and error, or by examination of the source code of the attacked program if it is available, the
attacker determines the vulnerability and writes a program to do the following:

1. Overflow an input field, command-line argument, or input buffer, for example, on a

MS Page 20
 UNIT – V Operating
Systems

network daemon, until it writes into the stack.

2. Overwrite the current return address on the stack with the address of the exploit
code loaded in step 3.

3. Write a simple set of code for the next space in the stack that includes the
commands that the attacker wishes to execute.

System threats:

Most operating systems provide a means for processes to spawn (issue) other
processes. In such an environment, it is possible to create a situation where operating-
system resources and user files are misused.

Worms:

A worm is a process that uses the spawn mechanism to clobber system performance.
The worm spawns copies of itself, using up system resources and perhaps locking out
system use by all other processes. On computer networks, worms are particularly potent,
since they reproduce themselves among systems and thus shut down the entire network.

Viruses:

Another form of computer attack is a virus. Like worms, viruses are designed to
spread into other programs and can wreak havoc in a system, including modifying or
destroying files and causing system crashes and program malfunctions. Whereas a worm is
structured as a complete, standalone program, a virus is a fragment of code embedded in a
legitimate program. Viruses are a major problem for computer users, especially users of
microcomputer systems.

Viruses are usually spread by users downloading viral programs from public bulletin
boards or exchanging disks containing an infection. In recent years, a common form of virus
transmission has been via the exchange of Microsoft Office files, such as Microsoft Word
document. These documents can contain macro that programs in the office suite will
execute automatically. Because these programs run under the user’s own account, the
macros can run largely unconstrained.

The best protection against computer viruses is prevention, or the practice of safe

MS Page 21
 UNIT – V Operating
Systems

computing. Purchasing unopened software from vendors and avoiding free or pirated copies
from public sources or disk exchange is the safest route to preventing infection.

Encryption:

Encryption is a means for constraining the possible receivers of a message.

Encryption is thus complementary to authentication, and to emphasize this we will provide a
parallel treatment of it. An encryption algorithm enables the sender of a message to enforce
that only a computer processing a certain key can read the message. More preciously, an
encryption algorithm consists of the following components:

 A set K of keys.

 A set M of messages

 A set C of ciphertexts

 A function E: K→(M→C). That is, for each k € K, E(k) is a function for generating
ciphertexts from messages. Both E and E(k) for any k should be efficiently computable
functions.

 A function D: K→(C→M). That is, for each k € K, D(k) is a function for generating
messages from cipher texts. Both D and D(k) for any k should be efficiently
computable functions.

There are two main types of encryption algorithm. In the first type, called a symmetric
encryption algorithm, E(k) can be derived from D(k) and vice versa. Therefore, the secrecy of
E(k) must be protected to the same extent as D(k).

In an asymmetric encryption algorithm, it is computationally infeasible to derive D(k) from

E(k), and so E(k) need not be kept secret and can be widely disseminated; E(k) is the public
key, and D(k) is the private key.

MS Page 22
UNIT – V Operating
Systems

MS Page 23