Deadlock, Load balancing, Resource Mgt, Security & isolation

Every process needs some resources to complete its execution. However, the resource is
granted in a sequential order.

1. The process requests for some resource.

2. Use the resource.
3. Releases the resource on the completion.

A Deadlock is a situation where each of the computer process waits for a resource which is
being assigned to some another process. In this situation, none of the process gets executed
since the resource it needs, is held by some other process which is also waiting for some other
resource to be released. It can also be viewed as has a situation where a set of processes are
blocked because each process is holding a resource and waiting for another resource
acquired by some other process.

Scenario 1

Let us assume that there are three processes P1, P2 and P3. There are three different resources
R1, R2 and R3. R1 is assigned to P1, R2 is assigned to P2 and R3 is assigned to P3.

After some time, P1 demands for R1 which is being used by P2. P1 halts its execution since it
can't complete without R2. P2 also demands for R3 which is being used by P3. P2 also stops
its execution because it can't continue without R3. P3 also demands for R1 which is being
used by P1 therefore P3 also stops its execution.

In this scenario, a cycle is being formed among the three processes. None of the process is
progressing and they are all waiting. The computer becomes unresponsive since all the
processes got blocked.

Scenario 2

Consider an example when two trains are coming toward each other on the same track and
there is only one track, none of the trains can move once they are in front of each other. A
similar situation occurs in operating systems when there are two or more processes that
hold some resources and wait for resources held by other(s). For example, in the below
diagram, Process 1 is holding Resource 1 and waiting for resource 2 which is acquired by
process 2, and process 2 is waiting for resource 1.
Difference between Starvation and Deadlock

Sr. Deadlock Starvation

1 Deadlock is a situation where no process got Starvation is a situation where the low
blocked and no process proceeds priority process got blocked and the high
priority processes proceed.

2 Deadlock is an infinite waiting. Starvation is a long waiting but not infinite.

3 Every Deadlock is always a starvation. Every starvation need not be deadlock.

4 The requested resource is blocked by the other The requested resource is continuously be
process. used by the higher priority processes.

5 Deadlock happens when Mutual exclusion, hold It occurs due to the uncontrolled priority and
and wait, No preemption and circular wait occurs resource management.
simultaneously.

Necessary conditions for Deadlocks

1. Mutual Exclusion

A resource can only be shared in mutually exclusive manner. It implies, if two process
cannot use the same resource at the same time.

2. Hold and Wait

 A process waits for some resources while holding another resource at the same time.

3. No preemption

The process which once scheduled will be executed till the completion. No other
process can be scheduled by the scheduler meanwhile.

4. Circular Wait

All the processes must be waiting for the resources in a cyclic manner so that the last
process is waiting for the resource which is being held by the first process.

Strategies for handling Deadlock

1. Deadlock Ignorance

Deadlock Ignorance is the most widely used approach among all the mechanism. This is
being used by many operating systems mainly for end user uses. In this approach, the
Operating system assumes that deadlock never occurs. It simply ignores deadlock. This
approach is best suitable for a single end user system where User uses the system only for
browsing and all other normal stuff.

There is always a tradeoff between Correctness and performance. The operating systems like
Windows and Linux mainly focus upon performance. However, the performance of the
system decreases if it uses deadlock handling mechanism all the time if deadlock happens 1
out of 100 times then it is completely unnecessary to use the deadlock handling mechanism
all the time.

In these types of systems, the user has to simply restart the computer in the case of deadlock.
Windows and Linux are mainly using this approach.

2. Deadlock prevention

Deadlock happens only when Mutual Exclusion, hold and wait, No preemption and circular
wait holds simultaneously. If it is possible to violate one of the four conditions at any time
then the deadlock can never occur in the system.

The idea behind the approach is very simple that we have to fail one of the four conditions
but there can be a big argument on its physical implementation in the system.

3. Deadlock avoidance

In deadlock avoidance, the operating system checks whether the system is in safe state or in
unsafe state at every step which the operating system performs. The process continues until
the system is in safe state. Once the system moves to unsafe state, the OS has to backtrack
one step.

In simple words, The OS reviews each allocation so that the allocation doesn't cause the
deadlock in the system.
4. Deadlock detection and recovery

This approach let the processes fall in deadlock and then periodically check whether deadlock
occur in the system or not. If it occurs then it applies some of the recovery methods to the
system to get rid of deadlock.

Deadlock Prevention

If we simulate deadlock with a table which is standing on its four legs then we can also
simulate four legs with the four conditions which when occurs simultaneously, cause the
deadlock.

However, if we break one of the legs of the table then the table will fall definitely. The same
happens with deadlock, if we can be able to violate one of the four necessary conditions and
don't let them occur together then we can prevent the deadlock.

Let's see how we can prevent each of the conditions.

1. Mutual Exclusion

Mutual section from the resource point of view is the fact that a resource can never be used
by more than one process simultaneously which is fair enough but that is the main reason
behind the deadlock. If a resource could have been used by more than one process at the same
time then the process would have never been waiting for any resource.

However, if we can be able to violate resources behaving in the mutually exclusive manner
then the deadlock can be prevented.

Spooling

For a device like printer, spooling can work. There is a memory associated with the printer
which stores jobs from each of the process into it. Later, Printer collects all the jobs and print
each one of them according to FCFS. By using this mechanism, the process doesn't have to
wait for the printer and it can continue whatever it was doing. Later, it collects the output
when it is produced.
Although, Spooling can be an effective approach to violate mutual exclusion but it suffers
from two kinds of problems.

1. This cannot be applied to every resource.

2. After some point of time, there may arise a race condition between the processes to
get space in that spool.

We cannot force a resource to be used by more than one process at the same time since it will
not be fair enough and some serious problems may arise in the performance. Therefore, we
cannot violate mutual exclusion for a process practically.

2. Hold and Wait

Hold and wait condition lies when a process holds a resource and waiting for some other
resource to complete its task. Deadlock occurs because there can be more than one process
which are holding one resource and waiting for other in the cyclic order.

However, we have to find out some mechanism by which a process either doesn't hold any
resource or doesn't wait. That means, a process must be assigned all the necessary resources
before the execution starts. A process must not wait for any resource once the execution has
been started.

!(Hold and wait) = !hold or !wait (negation of hold and wait is, either you don't hold or
you don't wait)

This can be implemented practically if a process declares all the resources initially. However,
this sounds very practical but can't be done in the computer system because a process can't
determine necessary resources initially.

Process is the set of instructions which are executed by the CPU. Each of the instruction may
demand multiple resources at the multiple times. The need cannot be fixed by the OS.
The problem with the approach is:

1. Practically not possible.

2. Possibility of getting starved will be increases due to the fact that some process may
hold a resource for a very long time.

3. No Preemption

Deadlock arises due to the fact that a process can't be stopped once it starts. However, if we
take the resource away from the process which is causing deadlock then we can prevent
deadlock.

This is not a good approach at all since if we take a resource away which is being used by the
process then all the work which it has done till now can become inconsistent.

Consider a printer is being used by any process. If we take the printer away from that process
and assign it to some other process then all the data which has been printed can become
inconsistent and ineffective and also the fact that the process can't start printing again from
where it has left which causes performance inefficiency.

4. Circular Wait

To violate circular wait, we can assign a priority number to each of the resource. A process
can't request for a lesser priority resource. This ensures that not a single process can request a
resource which is being utilized by some other process and no cycle will be formed.

Among all the methods, violating Circular wait is the only approach that can be implemented
practically.
 Deadlock avoidance

In deadlock avoidance, the request for any resource will be granted if the resulting state of the
system doesn't cause deadlock in the system. The state of the system will continuously be
checked for safe and unsafe states.

In order to avoid deadlocks, the process must tell OS, the maximum number of resources a
process can request to complete its execution.

The simplest and most useful approach states that the process should declare the maximum
number of resources of each type it may ever need. The Deadlock avoidance algorithm
examines the resource allocations so that there can never be a circular wait condition.

Safe and Unsafe States

The resource allocation state of a system can be defined by the instances of available and
allocated resources, and the maximum instance of the resources demanded by the processes.

Resource Management in Operating Systems (OS)

An operating system (OS) plays a crucial role as a resource manager, due to the fact that the OS
efficiently allocate and control resources within the system, either in the form of hardware or software
resources for multiple programs and users. Below is an overview of its key aspects: Resources
managed by the OS include:

 CPU time – Processing power allocation

 Memory (RAM) – Temporary data storage

 Storage (disk space) – Long-term data retention

 I/O devices – Printers, keyboards, etc.

 Network bandwidth – Data transmission control

 Files & data – Storage and retrieval management

Objectives of Resource Management

 Efficiency – Optimize resource usage

 Fairness – Prevent resource monopolization

 Security & Protection – Isolate processes to avoid conflicts

 Responsiveness – Enhance system speed and user experience

Functions of Resource Management

1. CPU Scheduling: It determines process execution order, through scheduling. It uses

algorithms like Round Robin, FCFS, Shortest Job First
2. Memory Management: Monitors memory allocation and deallocation, and also
implements virtual memory to extend usable RAM.
3. Disk Management: It handles read/write operations that happens in the RAM, and also
manages file systems & disk scheduling
4. I/O Management: It Controls device communication and also, uses buffers, drivers, and interrupts.
5. Process Management: Handles process lifecycle (creation, execution, termination), and also assigns
resources to active processes
6. File Management: It organizes data storage and access, and also manages permissions, storage
allocation, and file operations

Load Balancing in Operating Systems

Load balancing in an OS ensures even distribution of workloads across system resources (CPUs,
cores, or networked machines) to maximize efficiency and prevent bottlenecks.

Objectives

 Optimize resource utilization

 Maximize throughput

 Minimize response time

 Prevent single-resource overload

 Ensure fairness among processes

Types of Load Balancing

 1. Static Load Balancing: In a Static Load Balance, decisions are made before execution (compile-
time), it makes use of predefined rules (e.g., round-robin). Example include assigning tasks evenly at
startup

2. Dynamic Load Balancing: In Dynamic Load Balancing, decisions are not made before execution
(compile-time), instead it is adjusted during runtime based on system state. It also adapts to changing
loads (e.g., CPU usage) and experience Higher overhead due to monitoring/migration of processes.
Example include, Moving tasks from overloaded to idle cores.

Key Components

 Scheduler – Assigns tasks to resources

 Process Migration – Shifts tasks dynamically

 Monitoring System – Tracks CPU, memory, and queue status

Advantages

Improved performance and efficiency

Prevents system overload
Faster response times
Optimal hardware usage

Operating System Security

OS Security encompasses the safeguards and protocols implemented by an operating system to defend
against unauthorized access, data breaches, and system threats while ensuring secure operations.

Objectives of OS Security

 Confidentiality – Protect sensitive data from exposure

 Integrity – Prevent unauthorized data alterations

 Availability – Maintain continuous access to system resources

  Authentication – Confirm user identities

 Authorization – Enforce permission-based resource access

Essential OS Security Mechanisms

1. User Authentication: It validates user identity through one of the following means:
Passwords, PINs, biometrics, Two-Factor Authentication (2FA)
2. Access Control: It Manages resource permissions via: Access Control Lists (ACLs), and
Role-Based Access Control (RBAC)
3. File Permissions: It Restricts file operations (read/write/execute), Example include
Linux rwx permissions for users/groups/others
4. Process Isolation: Prevents inter-process interference using through Virtual memory
segregation and User/Kernel mode separation.
5. Encryption: It secures stored/transmitted data through encryption. Example include
using Bitlocker (Windows), LUKS (Linus)
6. Firewall & Network Security: It Monitors/controls network traffic, and also Blocks
unauthorized remote access.
7. Auditing & Logging: It Tracks system activities for intrusion detection
8. Patch Management: Regular updates of the OS to address vulnerabilities. Examples
Include, Windows Update, Linux package managers (apt, yum)

Common OS Security Threats

 Malware (viruses, worms, trojans)

 Unauthorized access (hacking, privilege escalation)

 Denial-of-Service (DoS) attacks

 Rootkits/bootkits

 Data breaches

Security Models

 Bell-LaPadula – Confidentiality-focused

 Biba Model – Integrity-focused

 Clark-Wilson – Ensures transaction validity

 Process Isolation in Operating Systems

Isolation ensures processes, users, and system components operate independently to enhance
security, stability, and resource management.

Advantages
  Security – Prevents unauthorized data access

 Stability – Isolates app crashes from affecting the entire system

 Resource Fairness – Equitable CPU/memory allocation

 Fault Containment – Limits damage from bugs/failures

Isolation Types

1. Process Isolation: It dedicates memory spaces per process for efficient processing, this is
enforced through virtual memory and MMU
2. User Isolation: It Separates user environments/permissions through the use of UIDs, file
permissions, and access controls.
3. Kernel/User Mode Separation: It Restricts user programs from critical kernel operations
4. Container Isolation: It ensures lightweight isolation through namespaces and cgroups (e.g.,
Docker).

Isolation Techniques
Technique Function

Virtual Memory Separates process memory spaces

Access Control Lists Regulates file/device access

Capabilities Grants granular resource permissions

Namespaces (Linux) Isolates OS views (network, processes)

Security Modules Enforces policies (e.g., SELinux)