User Space and Kernel Space

User Space and Kernel Space
Slide Note
Embed
Share

The operating system serves as a critical software unit controlling computer hardware and system resources. It provides abstraction and isolation features for programmers to interact with system resources efficiently. Through a security policy and system call API, the OS manages access to resources in user-space and kernel-space, ensuring data integrity and preventing unauthorized access.

  • Operating System
  • Resource Management
  • Abstraction
  • Isolation
  • System Programming
raey749
raey749 Follow

Uploaded on Feb 18, 2025 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. User Space and Kernel Space Dr. Huma Javed

  2. The Operating System as a Resource The Operating System as a Resource operating system is a software unit that controls and manages the hardware and system resources of a computer. The operating systems provides two primary features for the programmer Abstraction The OS provides an abstract execution environment for the programmer to view their program running and using system resources through a unified interface, regardless of the underlying hardware. Isolation The OS ensures that the execution of one program doesn't interfere with the execution of other programs, and that actions of programs can occur concurrently. To achieve these components, the OS applies a security policy that controls and coordinates access to system resources so that programmers do not unintentionally break the abstraction and isolation requirements. The OS'es enforcement of the security policy is implemented through the system call API. Instead of having the programmer directly access resources, an API is used by which the programmer asks the OS to perform protected actions on its behalf. The separation between the actions that can be performed by the programmer and those that must be performed by the OS is divided between user-space and kernel-space. Understanding this boundary from a system programming and OS resource perspective is the theme of this lesson.

  3. OS System Resources OS System Resources The functions of the OS is to manage system resources. What are system resources? These are the hardware components of the computer that support the execution of a programmer or organization of information. Typically, we describe the set of system resources coordinated by the OS as: Device Management Hardware devices, such as keyboard, monitors, printers, hard drives, etc., are resources managed by the computer. When a programmer wishes to interact with these devices, a unified interface provided by the OS is used. Process Management The invocation and execution of a program, a process, is managed by the OS, including managing its current state, running or stopped, as well as the loading of code. Memory Management The access to physical and virtual memory is controlled by the OS, and a programs memory layout and current allocations is carefully managed. File System Management The OS is also responsible for ensuring that programs can read and write from the filesystem, but also that programs don't corrupt the file system or access files/directory that they do not have permission to.

  4. Kernel Space vs. User Space Kernel Space vs. User Space The kernel of the OS is a program that is trusted to perform all the protected system resource actions. The kernel is trusted software and executes in supervisory mode or privilege mode, and all the basic OS functionality is implemented from with the kernel software. The domain of the kernel is known as kernel-space. Actions that can be performed without privilege and do not require the kernel, are described as user-space or unprivileged mode. The distinction between these two domains is important For example, adding two numbers together, a process completed by an add instruction on the processor, is unprivileged and is performed in user- space. On the other hand, allocation of new memory, by adjusting the break point, for example, is a privileged process, and must be completed by the kernel.

  5. System Calls System Calls A system call is a function stub that is the entry point for requesting OS services. Using functions that are defined in the C standard library, stdlib.h, but supporting these operations are system calls, defined in unistd.h, the unix standard library. For example, managing memory allocation is the domain of the operating system, but so far we've just been using malloc() and calloc() to perform these tasks.

  6. Example of System Example of System C Call all The C memory allocation routine is about how to manage the memory that has already been allocated. As programs free and allocate new memory all the time, malloc() attempts to find contiguous memory to fulfill those new request. There are many ways to do this, for example, find the first region of unallocated space, even if it is too big, and use that (first fit), or the allocator can look a region of unallocated memory that is as close to the request size (best fit). Both strategies are fine, but the operating system is not involved in that process; however, when there is no more space in the heap, the break point needs to be adjusted, then the Operating System needs to get involved. The system call that moves the break point is called sbrk(), and it is a function from the unix system library. Whenever malloc() cannot fill an allocation request, it calls sbrk() which adjust the break point, effectively allocating more memory.

  7. context context- -switch switch When a privileged access is required, a context-switch between the user program and the kernel must be performed. A context switch occurs when the user program execution is stopped, the current state is saved and offloaded from the processor, and the kernel is swapped in to complete the protected task. Once the operating system completes the request, the kernel will stage any results to be returned to the user process, and the kernel is swapped out in favor of the user process. Execution continues from that point.

  8. Kernel Traps The invocation of the kernel to perform a context switch occurs through a trap. A trap is a special instruction to the processor that an operation is needed from the kernel. The processor interrupts current execution of program, saves the state, and invokes kernel with trap information. In the running example, this will be a trap for the kernel function sys_sbrk() which was invoked via the system call sbrk(). The kernel will then fulfill the request via the kernel function. Once that function returns, the kernel is context switched out, user process is context switched in, and execution continues.

  9. How to recognize a system calls using the man pages How to recognize a system calls using the man pages The man pages are divided into sections to better organize the plethora of manuals available. There is a total of 8 sections, and below are the relevant ones. Section 1: General commands, such as those found in the bash environment Section 2: System calls, such as sbrk() Section 3: Library functions, such as malloc() Section 8: System Administration, get to that later For example, type, man malloc, and inspect the header of the manual, we can learn a lot of information: MALLOC(3) Linux Programmer's Manual MALLOC(3) NAME malloc, free, calloc, realloc - Allocate and free dynamic memory SYNOPSIS #include <stdlib.h> void *malloc(size_t size); void free(void *ptr);

  10. manual for manual for sbrk sbrk() () BRK(2) Linux Programmer's Manual BRK(2) NAME brk, sbrk - change data segment size SYNOPSIS #include <unistd.h> int brk(void *addr); void *sbrk(intptr_t increment);

  11. Problem Problem commands with same commands with same name name One problem is there are that have. For example, there is read command for bash, which is a general command in section 1 of manual, and there is also the system call read(), which is in section 2 of manual. Preference for man command is to always retrieve lower numbered manuals. For example, man 2 read will display the bash read command and not the system call read(). To access the system call manual for read(), use #> man 2 read READ(2) Linux Programmer's Manual READ(2) NAME read - read from a file descriptor SYNOPSIS #include <unistd.h> ssize_t read(int fd, void *buf, size_t count);

Related


Linux User Capabilities and Namespace Management

Linux User Capabilities and Namespace Management

esa
AARCH64 Linux Kernel Memory Management

AARCH64 Linux Kernel Memory Management

ziva
Generalized Discriminant Analysis (GDA) in Pattern Recognition

Generalized Discriminant Analysis (GDA) in Pattern Recognition

macy
Optimizing User-Space Network Services with F-Stack and FreeBSD TCP/IP Stack

Optimizing User-Space Network Services with F-Stack and FreeBSD TCP/IP Stack

rooney
Kernel Tricks in Machine Learning

Kernel Tricks in Machine Learning

bria
Fundamentals of Operating Systems Explained

Fundamentals of Operating Systems Explained

federico
Improving the Reliability of Commodity Operating Systems

Improving the Reliability of Commodity Operating Systems

foll_zi
Raspberry Pi 2 Boot Process Overview

Raspberry Pi 2 Boot Process Overview

mell_4
Multi-phase System Call Filtering for Container Security Enhancement

Multi-phase System Call Filtering for Container Security Enhancement

schurman_s
User Mode, Kernel Mode, Interrupts, and System Calls in Computer Architecture

User Mode, Kernel Mode, Interrupts, and System Calls in Computer Architecture

nad_be
Tracing Network Packets in Linux Kernel with eBPF

Tracing Network Packets in Linux Kernel with eBPF

niom_8
Analyzing Multimodality in Density Distributions Using JMP Scripting

Analyzing Multimodality in Density Distributions Using JMP Scripting

cjol
Remote Procedure Call (RPC) in Different Kernel Environments

Remote Procedure Call (RPC) in Different Kernel Environments

kindell_a
Overview of the Pintos Instructional Operating System Kernel Project

Overview of the Pintos Instructional Operating System Kernel Project

vedhmc
Pipes in Process Communication

Pipes in Process Communication

ldesa
Personalized Celebrity Video Search: Cross-space Mining Approach

Personalized Celebrity Video Search: Cross-space Mining Approach

malo_2
User and Kernel Modes in Operating Systems

User and Kernel Modes in Operating Systems

maxilos
Administrator Deletes User - User Management System Storyboard

Administrator Deletes User - User Management System Storyboard

kish_2
Hyper-Parameter Tuning for Graph Kernels via Multiple Kernel Learning

Hyper-Parameter Tuning for Graph Kernels via Multiple Kernel Learning

ldorm
Overview of UNIX and Linux Operating Systems

Overview of UNIX and Linux Operating Systems

fael_809
Context Switching and User-Kernel Interaction in Operating Systems

Context Switching and User-Kernel Interaction in Operating Systems

lewi_ily
Linux Kernel Implementation of Pipes and FIFOs

Linux Kernel Implementation of Pipes and FIFOs

zmcgo

More Related Content