Linux structure
Linux separates user and kernel mode to provide protection and abstraction
Kernel modules - extensions to the kernel that can be dynamically loaded or
unloaded as needed: device drivers, file systems, network protocol, etc
3. Contiguous Allocation. Linked files. (Advantages, Disadvantages)
Keep a list of all the free sectors/blocks.
• In the file descriptor, keep a pointer to the first sector/block.
• In each sector, keep a pointer to the next sector.
With linked allocation, each directory entry has a pointer to the first disk block of the file. This pointer is initialized to nil (the end-of-list pointer value) to signify an empty file. A write to a file removes the first free block and writes to that block. This new block is then linked to the end of the file. To read a file, the pointers are just followed from block to block.
Disadvantages
Used only for sequential access of files. -Direct access is not supported -Memory space required for the pointers. - Reliability is compromised if the pointers are lost or damaged
Advantages
-Fragmentation
– File size changes
– Efficiently supports types of access
Экзаменационный билет № 31
Synchronization for Readers/Writers Problem
An object is shared among may threads, each belonging to one of
two classes:
– Readers: read data, never modify it
– Writers: read data and modify it
• Using a single lock on the data object is overly restrictive
=> Want many readers reading the object at once
– Allow only one writer at any point
– How do we control access to the object to permit this protocol?
• Correctness criteria:
– Each read or write of the shared data must happen within a critical section.
– Guarantee mutual exclusion for writers.
– Allow multiple readers to execute in the critical section at once.
OS WINDOWS: History and Structure
The history of Windows operating system began on November 10, 1983. This is when Microsoft announced Microsoft Windows, which was an extension of the MS DOS operating system. In the beginning, MS Windows was a mere extension of MS DOS, with DOS serving as the operating system. However, as the product grew in popularity, Microsoft made windows the operating system. By 1995, with the
introduction of Windows 95, windows could be found on the majority of home computers. With many versions introduced between 1983 and today, Microsoft has created a system that now acts as the OS for many computers.
Windows nt Structure
NT runs in two modes:
Kernel mode (Ring 0) - Executive which runs in protected memory mode with full privileges.
User mode (Ring 3) - Runs with privileges to access its own memory area. User applications and environmental subsystems execute in this mode.
Applications are allocated a virtual 4Gb of memory with 2 for the user and 2 for executive services.
NT is modular in nature allowing it to have cross platform portability due primarily to the HAL module described below. The NT Architecture has 5 layers.
Application - Runs in user mode.
Subsystems - Runs in user mode.
Executive Services - Runs in kernel mode.
Kernel - Runs in kernel mode.
HAL - Runs in kernel mode.
3. Indexed files . Multilevel indexed files. (Advantages, Disadvantages)
Indexed files!
• OS keeps an array of block pointers for each file.
• The user or OS must declare the maximum length of the file when
it is created.
• OS allocates an array to hold the pointers to all the blocks when it
creates the file, but allocates the blocks only on demand.
• OS fills in the pointers as it allocates blocks.
Advantages
– Not much wasted space.
– Both sequential and random accesses are easy.
• Disadvantages
– Sets a maximum file size.
– Lots of seeks because data is not contiguous.
• Examples: Nachos
Multilevel indexed files
Each file descriptor contains 14 block pointers.
• First 12 pointers point to data blocks.
• 13th pointer points to a block of 1024 pointers to 1024 more data blocks. (One
indirection)
• 14th pointer points to a block of pointers to indirect blocks. (Two indirections)
Advantages
– Simple to implement
– Supports incremental file growth
– Small files?
• Disadvantages
– Indirect access is inefficient for random access to very large files.
– Lots of seeks because data is not contiguous
Экзаменационный билет № 32
Secondary Storage Management : Typical Disk Parameters and Disk Head Scheduling
DISK HEAD SCHEDULING
Idea: Permute the order of disk requests from the order that they arrive from the users to an order that reduces the length and number of seeks.
1. First-come, first-served (FCFS)
2. Shortest seek time first (SSTF)
3. SCAN algorithm (0 to 100, 100 to 0, 0 to 100, ...). If there is no request between current position and the extreme (0 or N), we don't have to seek there.
4. C-SCAN circular scan algorithm (0 to 100, 0 to 100, ...)
SCAN Disk Head Scheduling
SCAN: head moves back and forth across the disk (0 to 100, 100 to 0, 0 to 100, ...), servicing requests as it passes them
– Order of seeks, assuming the head is currently moving to lower numbered blocks: 18, 40, 65, 78
– Distance of seeks: 12 + 22 + 25 + 13 = 72
– Requires a sorted list of requests.
– Simple optimization does not go all the way to the edge of the disk each time, but just as far as the last request.
.
OS LINUX: Policy Dependent & Security
Open Source vs дизассемблер
Удаленный доступ
Комплектность штатной поставки
Механизмы аутентификации
Повышение своих привилегий
Угроза переполнения буфера
Доступ к чужому адресному пространству
Межпроцессорные коммуникации
-
характеристика
NT
UNIX
качество и
полнота документирования
документирована поверхностно
документирована весьма обстоятельно
доступность исходных текстов
исходные
тексты недоступны
исходные
Тексты
доступны
Выявление вторжений
СКАНИРОВАНИЕ
короткие или легкие пароли;
неавторизованные set-uid программы;
неавторизованные программы в системных директориях;
долго выполняющиеся программы;
нелогичная защита как пользовательских, так и системных директорий и файлов;
потенциально опасные списки поиска файлов;
изменения в системных программах.
АУДИТ и МОНИТОРИНГ
вход или выход из системы;
операции с файлами (открыть, закрыть, переименовать, удалить);
обращение к удаленной системе;
смена привилегий или иных атрибутов безопасности.