310 likes | 510 Views
Outline (1/2). Kernel IntroductionOverviewBasic FacilitiesProcess ManagementMemory ManagementDevice ManagementSystem CallsKernel Design DecisionsProtectionProcess CooperationI/O Device ManagementKernel-Wide Design ApproachesMonolithic KernelsMicrokernelsMonolithic Kernels Versus Microk
E N D
1. LINUX KERNEL IMAGE LAB 7
2. Outline(1/2) Kernel Introduction
Overview
Basic Facilities
Process Management
Memory Management
Device Management
System Calls
Kernel Design Decisions
Protection
Process Cooperation
I/O Device Management
Kernel-Wide Design Approaches
Monolithic Kernels
Microkernels
Monolithic Kernels Versus Microkernels
Performances
Hybrid Kernels
Nanokernels
Exokernels
3. Outline(2/2) Linux vs. Other Unix-Like Kernels
Differences from User Application
Kernel Configuration
Lab
Make kernel image and download it to the target machine
Homework
Reference
4. Kernel IntroductionOverview Manage the system's resources
Hardware abstractions
Communication between H/W and S/W
The necessity for good performance
5. Kernel IntroductionBasic Facilities (1/5) Process Management
To run an application
Set up address space
Load the code into memory
Set up a stack
Branch to the location inside the program
Multi-tasking
Pre-emptive multitasking
Scheduling algorithms
Inter-process communication (IPC)
Shared memory
Message passing
Remote procedure calls (RPC)
Multiprocessing
SMP
Non-Uniform Memory Access (NUMA)
Must be designed to be re-entrant
6. Kernel IntroductionBasic Facilities (2/5) Memory Management (1/2)
Virtual addressing
Paging
Segmentation
Allow programs to use more memory than the system has physically available
Virtual address spaces may be different for different processes
Every program to behave as if it is the only one
Virtual partitions of memory? Protection
7. Kernel IntroductionBasic Facilities (3/5) Memory Management (2/2)
Demand paging
Advantages
Not load the pages that are never accessed? the degree of multiprogramming?
Less loading latency at the program startup
Less disk overhead
Pages will be shared by multiple programs? BY: Copy-On-Write
Ability to run large programs
Better than overlay method
Does not need extra hardware support
Disadvantages
Extra latency
Replacement algorithms ?more complex
Possible security risks, ex: timing attack
8. Kernel IntroductionBasic Facilities (4/5) Device Management
Very OS-specific topic
Device drivers
Maintain a list of available devices
Plug and play
9. Kernel IntroductionBasic Facilities(5/5) System Calls
Most provide a C library or an API
Methods
A software-simulated interrupt
A call gate
A special address
Without causing an access violation
A special system call instruction
Memory-based queue
Not need to wait for the result
kernel periodically scans to find requests
10. Kernel IntroductionKernel Design Decisions (1/6) Protection (1/5)
Criteria
Static or dynamic (compile-time or runtime)
Preemptive or post-detection
Hardware supported or language based
More an open mechanism or a binding policy
11. Kernel IntroductionKernel Design Decisions (2/6) Protection (2/5)
Fault tolerance
Hierarchical protection domains(ring architectures)
Hardware approach
Less flexible
Impossible to assign different privileges to the-same-privileged-level processes
Impossible to satisfyDenning's 4 principles:
Isolation
Resource control
Decision verification
Error recovery
12. Kernel IntroductionKernel Design Decisions (3/6) Protection (3/5)
Fault tolerance
Hierarchical protection domains(ring architectures)
Always requires message copying (transmission by value) for a data structure both in 'user mode' and 'supervisor mode'.
Hardware requirement
CPU modes
MMUcheck access-rights for every memory access
13. Kernel IntroductionKernel Design Decisions (4/6) Protection (4/5)
Fault tolerance
Capability-based addressing
Hardware approach
Satisfy Denning's fault tolerance principles
14. Kernel IntroductionKernel Design Decisions (5/6) Protection (5/5)
Security
Security policy for malicious behavior on top of firmware and kernel features
Delegate some responsibility to the compiler(language-based security)
Any security policy can be implemented in an application regardless of kernel support
15. Kernel IntroductionKernel Design Decisions(6/6) Process Cooperation
Atomic lock and unlock operations operating on binary semaphores
Message passing
Inter-Process Communication (IPC)
I/O Device Management
16. Kernel IntroductionKernel-Wide Design Approaches (1/8) The principle of separation of mechanism and policy
A mechanism
The support that allows to implement many different policies
A policy
A particular "mode of operation"
17. Kernel IntroductionKernel-Wide Design Approaches (2/8) Monolithic Kernels
Execute all of their code in the same address space (kernel space)
Rich and powerful hardware access
18. Kernel IntroductionKernel-Wide Design Approaches (3/8) Microkernels
Run most of their services in user space?improve maintainability and modularity
A simple abstraction over the hardware
A set of primitives or system calls
Memory management
Multitasking
IPC
Disadvantages
#(system calls) ?
#(context switches) ?
19. Kernel Introduction Kernel-Wide Design Approaches (4/8) Monolithic Kernels Versus Microkernels
Problem: memory footprint ?
Virtual Memory
Linux use a monolithic kernel
Tanenbaum-Torvalds debate
Tanenbaum, A. S. (May 2006). "Can We Make Operating Systems Reliable and Secure?". IEEE Computer Society 39(5): 4451. Retrieved on 2006-11-26
Torvalds, L. (May 2006). Hybrid kernel, not NT. Real World Technologies. Retrieved on November 30, 2006.
Jonathan Shapiro (2006). Debunking Linus's Latest. coyotos.org. Retrieved on May 14, 2007.
20. Kernel Introduction Kernel-Wide Design Approaches (5/8) Monolithic Kernels Versus Microkernels
Most of the field-proven reliable and secure computer systems use a more microkernel-like approach
Microkernels are often used in embedded robotic or medical computers where crash tolerance is important
Performances
Monolithic model is more efficient
IPC by: Shared kernel memory instead of message passing (Microkernel)
Careful tuning could reduce this overhead in microkernel dramatically ?
21. Kernel IntroductionKernel-Wide Design Approaches (6/8) Hybrid Kernels
monolithic kernel
Speed
Simpler design
microkernel
Modularity
Execution safety
Some services in kernel space, EX:
Network stack
Filesystem
kernel code as servers in user space, EX:
Device drivers
22. Kernel Introduction Kernel-Wide Design Approaches (7/8) Nanokernels
Delegate all services to device drivers
Kernel memory requirement is smaller than a traditional microkernel
23. Kernel IntroductionKernel-Wide Design Approaches(8/8) Exokernels
MIT Parallel and Distributed Operating Systems group
Force as few abstractions as possible on developers
Functionality is limited
Protection of resources
Multiplexing of resources
EX: Cheetah web server
Xen hypervisor
24. Linuxvs. Other Unix-Like Kernels Dynamic loading of kernel modules
Symmetrical multiprocessor
Preemptive
Do not separate thread and process
Thread = Light-Weight Process (LWP)
Fully customizable components
Very small and compact
Low-end, cheap hardware platforms
25. Differences from User Application No standard C library in kernel
GNU C and ISO C99
Inline function
Inline assembly
No memory protection mechanism
Destroying memory data occurs oops
Kernel memory could not be paged
Small and static stack
Only 8KB on 32 bit architecture
Floating point numbers
Access the floating point registers
Handle your operation by hand
26. Kernel Configuration Code maturity level options
Loadable module support
General setup
Memory technology devices
Block devices
Networking options
ATA/IDE/MFM/RLL support
SCSI support
Network device support
Input core support
Character devices
Filesystems
Console drivers
Sound
Kernel hacking
27. Lab(1/3) Make kernel image and download it to the target machine
28. Lab(2/3) Steps
Install giveio
Download Iboot
Install ToolChain
Uncompress linux.tgz
Edit Makefile
Make Kernel Image
make clean
make dep
make menuconfig
make zImage ? arch/arm/boot/zImage
29. Lab(3/3) Steps
Make sure the bootloader is Iboot
Download zImage to target machine
download xmodem 0xa0002000
flashverify 0x040c0000 0xa0002000 0x100000
Download ready-made ramdisk.gz
download xmodem 0xa0002000
Flashverify 0x041c0000 0xa0002000 0x500000
boot
30. Homework Why the console seems blocked after the console display following ?"Uncompressing Linuxdone, booting the kernel."
31. Reference The Linux Kernel Archiveshttp://www.kernel.org/
Linux Documentation Project -The Linux Kernelhttp://tldp.org/LDP/tlk/tlk.html
Understanding the Linux Kernel, 3rd EDITIONhttp://www.oreilly.com/catalog/understandlk/index.html