Index [] · anonymous access, 529 anonymous memory, 484 anonymous pipes, 143–145 APCs, see...

10BaseT Ethernet, 74850-percent rule, 363100BaseT Ethernet, 748

A

absolute code, 354absolute path names, 522abstract data type, 506access:

anonymous, 529controlled, 534file, see file access

access control, in Linux, 822–824access-control lists (ACLs), 534, 832access matrix, 632–636

and access control, 639–640defined, 632implementation of, 636–639and revocation of access rights, 640–641

access rights, 628, 640–641accounting (operating system service), 57accreditation, 699ACLs (access-control lists), 534, 832ACPI (advanced configuration and power

interface), 862Active Directory (Windows 7), 875acyclic graph, 523acyclic-graph directories, 523–525adaptive mutex, 235additional-reference-bits algorithm, 418additional sense code, 608additional sense-code qualifier, 608address(es):

defined, 593Internet, 752linear, 385logical, 355physical, 355virtual, 356

address binding, 354–355address resolution protocol (ARP), 760address space:

logical vs. physical, 356virtual, 398–399, 805–806

address-space identifiers (ASIDs), 374address space layout randomization

(ASLR), 832administrative complexity, 769admission-control algorithms, 286advanced configuration and power interface

(ACPI), 862advanced encryption standard (AES), 677advanced local procedure call (ALPC), 135,

854advanced technology attachment (ATA)

buses, 469advisory file-locking mechanisms, 509AES (advanced encryption standard), 677affinity, processor, 280aging, 271, 760–761allocation:

buddy-system, 436–437of disk space, 553–561

contiguous allocation, 553–555indexed allocation, 557–559linked allocation, 555–557and performance, 560–561

equal, 423as problem, 514proportional, 423slab, 437–439

ALPC (advanced local procedure call), 135,854

AMD64 architecture, 387Amdahl’s Law, 167AMD virtualization technology (AMD-V),

720analytic evaluation, 300Android operating system, 85–86anomaly detection, 692

911

Index

BMind.qxd 2/20/13 6:11 PM Page 911

anonymous access, 529anonymous memory, 484anonymous pipes, 143–145APCs, see asynchronous procedure callsAPI (application program interface), 63–64Apple Computers, 59Apple iPad, 60, 84Apple Macintosh computer, 901–902application containment, 713, 727–728application interface (I/O systems), 597–603

block and character devices, 600blocking and nonblocking I/O, 602–603clocks and timers, 601–602network devices, 600–601

application layer, 757application programs, 4, 6, 75

disinfection of, 694–696multistep processing of, 354–355processes vs., 24–25system utilities, 74–75

application program interface (API), 63–64application proxy firewalls, 697–698Aqua interface, 59, 84arbitrated loop (FC-AL), 471architecture(s), 12–18

clustered systems, 17–18multiprocessor systems, 14–16single-processor systems, 13–14of Windows 7, 838

argument vector, 793ARM architecture, 388armored viruses, 669ARP (address resolution protocol), 760arrays, 31, 398ASIDs (address-space identifiers), 374ASLR (address space layout

randomization), 832assembly language, 77assignment edge, 319asymmetric clustering, 17asymmetric encryption, 678asymmetric multiprocessing, 15, 278asynchronous devices, 598, 599asynchronous (nonblocking) message

passing, 129asynchronous procedure calls (APCs), 185,

841–842asynchronous thread cancellation, 185asynchronous threading, 172asynchronous writes, 567

ATA buses, 469Atlas operating system, 894–895atomic transactions, 210attacks, 658–659. See also denial-of-service

attacksman-in-the-middle, 659replay, 658zero-day, 693

attack surface, 669attributes, 865augmented-reality applications, 36authentication:

breaching of, 658and communication protocols, 758–759and encryption, 678–681in Linux, 822multifactor, 689two-factor, 688

automatic job sequencing, 890automatic variables, 664automatic working-set trimming, 446automount feature, 769autoprobes, 791auxiliary rights (Hydra), 641–642

B

back door, 599background processes, 74–75, 115, 274,

296backing store, 358backups, 570–571bad blocks, 480–482balanced binary search trees, 33banker’s algorithm, 330–331base file record, 865base register, 352basic file systems, 544batch files, 510batch interface, 56Bayes’ theorem, 693–694Belady’s anomaly, 414Beowulf clusters, 18best-fit strategy, 363binary search trees, 33binary semaphore, 214binary translation, 718–720binary trees, 33binding, 354

912 Index


biometrics, 689bit(s):

defined, 9mode, 22modify (dirty), 411reference, 418valid-invalid, 375

bit-interleaved parity organization, 488bit-level striping, 486bitmaps, 34bit vector (bit map), 561black-box transformations, 676blade servers, 16block(s), 65, 362, 512–513

bad, 480–482boot, 93, 480boot control, 546defined, 815–816direct, 559file-control, 545index, 557index to, 514–515indirect, 559logical, 470volume control, 546

block ciphers, 676block devices, 598, 600, 815–816block groups, 812blocking, indefinite, 271blocking I/O, 602–603blocking (synchronous) message

passing, 129block-interleaved distributed parity, 489block-interleaved parity organization, 489block-level striping, 486block number, relative, 514boot block, 93, 480, 546boot control block, 546boot disk (system disk), 93, 480booting, 92–93, 862–863boot partition, 480boot sector, 480bootstrap programs (bootstrap loaders),

7, 92–93, 480, 670boot viruses, 667bottlenecks, 86bottom half interrupt service routines, 799bounded-buffer problem, 219bounded capacity (of queue), 130bourne-Again shell (bash), 789

Bourne shell command interpreter, 59breach of availability, 658breach of confidentiality, 658breach of integrity, 658bridging, 732broadcasting, 760BSD UNIX, 46B1 tree (NTFS), 865buddy heap (Linux), 801–802buddy system (Linux), 801buddy-system allocation, 436–437buffer, 816

circular, 569defined, 605

buffer cache, 565buffering, 129–130, 605–606buffer-overflow attacks, 663–666bugs, 66bus, 469

defined, 588expansion, 588PCI, 588

bus architecture, 12bus-mastering I/O boards, 595busy waiting, 591byte, 9

C

cache, 565–566buffer, 565defined, 606–607in Linux, 802–803as memory buffer, 352nonvolatile RAM, 486page, 565and performance improvement, 565–568slabs in, 437unified buffer, 565–566in Windows 7, 856–858

cache coherency, 29cache management, 28caching, 27–29, 606–607

client-side, 874double, 566

Caldera, 785Cambridge CAP system, 643–644cancellation, thread, 185–186cancellation points, 186

Index 913


capability(-ies), 637, 643capability-based protection systems,

641–644Cambridge CAP system, 643–644Hydra, 641–643

capability lists, 637cascading termination, 121CAV (constant angular velocity), 471central processing unit, see under CPUcertificate authorities, 681certification, 699CFQ (Completely Fair Queueing), 817challenging (passwords), 688change journal (Windows 7), 870character devices (Linux), 817character-stream devices, 598–600checksums, 492–493, 761children, 33, 116chipsets, 836Chrome, 123CIFS (common internet file system), 531, 871cipher-block chaining, 676circuit switching, 755circular buffer, 569circularly linked lists, 32circular SCAN (C-SCAN) scheduling

algorithm, 476circular-wait condition (deadlocks), 325–327claim edge, 329classes (Java), 647CLI (command-line interface), 56C library, 69client(s):

defined, 766diskless, 768in SSL, 683thin, 35

client interface, 766client-server model, 529–530, 854–855client-side caching (CSC), 874client systems, 38clocks, 601–602clock algorithm, 418–419clones, 579, 715C-LOOK scheduling algorithm, 477closed-source operating systems, 44close() operation, 507cloud computing, 41–42, 716clusters, 17–18, 479, 764, 864clustered page tables, 380

clustered systems, 17–18clustering, 764

asymmetric, 17in Windows, 445–446

cluster remapping, 869CLV (constant linear velocity), 470coarse-grained multithreading, 282Cocoa Touch, 84code:

absolute, 354reentrant, 376

code books, 689code integrity module (Windows 7), 832collisions (of file names), 553COM (component object model), 873combined scheme index block, 559command interpreter, 58–59command-line interface (CLI), 56common internet file system (CIFS), 531, 871communication(s):

direct, 127in distributed operating systems, 743indirect, 128interprocess, see interprocess

communicationsystems programs for, 74–75

communications (operating system service), 57

communication links, 127communication processors, 749communications sessions, 755communication system calls, 72–73compaction, 364, 554–555compiler-based enforcement, 644–647compile time, 354Completely Fair Queueing (CFQ), 817complexity, administrative, 769component object model (COM), 873component units, 766–767compression, 869computational kernels, 835–836computation migration, 746computation speedup, 741compute clusters, 764computer environments, 35–43

client-server computing, 38cloud computing, 41–42distributed systems, 37–38mobile computing, 36–37peer-to-peer computing, 39–40

914 Index


real-time embedded systems, 43traditional, 35–36virtualization, 40–41

computer programs, see applicationprograms

computer system(s):architecture of:

clustered systems, 17–18multiprocessor systems, 14–16single-processor systems, 13–14

distributed systems, 37–38file-system management in, 26–27I/O structure in, 12memory management in, 25–26operating system viewed by, 5operation of, 7–9process management in, 24–25protection in, 29–31real-time embedded systems, 43secure, 658security in, 29–31storage in, 9–12storage management in, 26–30

caching, 27–29I/O systems, 29–30mass-storage management, 27

threats to, 669–674computing:

mobile, 36–37safe, 694

concurrency, 166Concurrency Runtime (ConcRT), 297,

880–881conditional-wait construct, 230condition variables, 879confidentiality, breach of, 658confinement problem, 635conflict phase (of dispatch latency), 285conflict resolution module (Linux), 791–792connectionless messages, 755connectionless (UDP) sockets, 137connection-oriented (TCP) sockets, 137consistency checker, 568consistency checking, 568–569consistency semantics, 532constant angular velocity (CAV), 471constant linear velocity (CLV), 470consumers (DTrace), 89containers, 728container objects (Windows 7), 701–702

contention scope, 277context (of process), 114context switches, 114, 615–616contiguous disk space allocation, 553–555contiguous memory allocation, 361control cards, 890control-card interpreter, 891controlled access, 534controller(s), 469, 588–589

defined, 588direct-memory-access, 595disk, 469host, 469

control partitions, 723control programs, 5control register, 590convenience, 3convoy effect, 267cooperating processes, 122cooperative scheduling, 264copylefting, 45copy-on-write technique, 408–409copy protection, 44copy semantics, 606core dump, 86core memory, 895cores, 15–16counting, 563counting-based page replacement

algorithm, 420counting semaphore, 214coupling, symmetric, 17covert channels, 662CP/M, 900–901CPU (central processing unit), 4, 351–354CPU-bound processes, 113CPU burst, 262CPU clock, 352CPU-I/O burst cycle, 262–263CPU scheduler, see short-term schedulerCPU scheduling, 20

about, 261–262algorithms for, 266–277

criteria, 265–266evaluation of, 300–304first-come, first-served scheduling of,

266–267implementation of, 303–304multilevel feedback-queue scheduling

of, 275–277

Index 915


CPU scheduling (contd.)multilevel queue scheduling of, 273–275priority scheduling of, 270–271round-robin scheduling of, 271–273shortest-job-first scheduling of, 267–270

dispatcher, role of, 265and I/O-CPU burst cycle, 262–263models for, 300–304

deterministic modeling, 300–301and implementation, 303–304queueing-network analysis, 302simulations, 302

multiprocessor scheduling, 278–283approaches to, 278–280and load balancing, 280–281and processor affinity, 280

preemptive scheduling, 263–264real-time, 283–290

earliest-deadline-first scheduling,288–289

and minimizing latency, 283–285POSIX real-time scheduling, 290priority-based scheduling, 285–287proportional share scheduling, 289–290rate-monotonic scheduling, 287–288

short-term scheduler, role of, 263virtual machines, 729

crackers, 658Craftworks, 785crashes, 86crash dumps, 86creation:

of files, 506process, 116–119

critical sections, 206critical-section problem, 206

and mutex locks, 212–213Peterson’s solution to, 207–209and semaphores, 213–218

deadlocks, 217implementation, 215–217priority inversion, 217–218starvation, 217usage, 214–215

and synchronization hardware, 209–212cryptography, 674–675

and encryption, 674–685implementation of, 681–683SSL example of, 683–685

CSC (client-side caching), 874

C-SCAN scheduling algorithm, 476CTSS operating system, 898current directory, 521current-file-position pointer, 506cycle stealing, 96cylinder groups, 812

D

d (page offset), 367–368daemon process, 630daisy chain, 588Dalvik virtual machine, 86data:

recovery of, 568–571thread-specific, 187

data capability, 643data-encryption standard (DES), 676–677data files, 504datagrams, 755data-in register, 590data-link layer, 757data loss, mean time to, 485data migration, 745–746data-out register, 590data parallelism, 168–169data section (of process), 106data striping, 486DCOM, 873DDOS attacks, 658deadline I/O scheduler, 817deadlock(s), 217

avoidance of, 322, 327–333with banker’s algorithm, 330–331with resource-allocation-graph

algorithm, 329–330with safe-state algorithm, 328–329

defined, 315detection of, 333–337

algorithm usage, 336–337several instances of a resource type,

334–336single instance of each resource type,

334methods for handling, 322–323with mutex locks, 317–318necessary conditions for, 318–319prevention of, 323–327

and circular-wait condition, 325–327

916 Index


and hold-and-wait condition, 323–324and mutual-exclusion condition, 323and no-preemption condition, 324

recovery from, 337–338by process termination, 337–338by resource preemption, 338

system model for, 315–317system resource-allocation graphs for

describing, 319–321Debian, 785debuggers, 66, 86debugging, 72, 86–91

defined, 86failure analysis, 86–87and performance tuning, 87using DTrace for, 87–91

dedicated devices, 598, 599default signal handlers, 184defense in depth, 689deferred procedure calls (DPCs), 840–842deferred thread cancellation, 185degree of multiprogramming, 113deletion, file, 506demand paging, 401–407

basic mechanism, 402–405defined, 401with inverted page tables, 442and I/O interlock, 444–445and page size, 440–441and performance, 405–406and prepaging, 439–440and program structure, 442–443pure, 404and restarting instructions, 404–405and TLB reach, 441–442

demand-zero memory, 805demilitarized zone (DMZ), 696–697denial-of-service (DOS) attacks, 658, 674dentry objects, 551, 809DES (data-encryption standard), 676–677design of operating systems:

distributed operating systems, 764–765goals, 75–76Linux, 786–788mechanisms and policies, 76Windows 7, 831–837

desktop, 59desktop window manager (DWM), 831deterministic modeling, 300–301development kernels (Linux), 783

device controllers, 7, 611–613. See also I/Odevice directory, 516. See also directoriesdevice drivers, 12, 544, 588, 611–613, 891device-management system calls, 71–72device objects, 855device queues, 111–112device reservation, 607DFSs, see distributed file systemsdigital certificates, 681Digital Equipment Corporation (DEC), 379Digital Rights Management (DRM), 44digital signatures, 680, 832digital-signature algorithm, 680dining-philosophers problem, 222–223,

227–229direct access (files), 513–514direct blocks, 559direct communication, 127DirectCompute, 835direct I/O, 600direct memory access (DMA), 12, 595–597direct-memory-access (DMA) controller,

595directories, 515–526

acyclic-graph, 523–525general graph, 525–526implementation of, 552–553recovery of, 568–571single-level, 518–519tree-structured, 521–522two-level, 519–521

direct virtual memory access (DVMA), 596

dirty bits (modify bits), 411discovery protocols, 39disinfection, program, 694disk(s), 467–469. See also mass-storage

structureallocation of space on, 553–561

contiguous allocation, 553–555indexed allocation, 557–559linked allocation, 555–557and performance, 560–561

bad blocks, 480–482boot, 93, 480boot block, 480efficient use of, 564–565electronic, 11floppy, 468formatting, 479–480

Index 917


918 Index

disk(s) (contd.)free-space management for, 561–564host-attached, 471low-level formatted, 470magnetic, 10mini-, 516network-attached, 471–472performance improvement for, 565–568raw, 421, 516, 549scheduling algorithms, 472–478

C-SCAN, 476FCFS, 473–474LOOK, 477SCAN, 475–476selecting, 477–478SSTF, 474–475

solid-state, 28, 469storage-area network, 472structure of, 470system, 480

disk arm, 468disk controller, 469diskless clients, 768disk striping, 868dispatched process, 112dispatcher, 265, 294dispatcher objects, 233, 841, 844dispatch latency, 265distributed denial-of-service (DDOS)

attacks, 658distributed file systems (DFSs), 529,

765–773defined, 765–766naming in, 767–770remote file access in, 770–773stateless, 531–532Windows 7, 874

distributed information systems(distributed naming services), 530

distributed lock manager (DLM), 18distributed operating systems, 745–747distributed systems, 37–38

benefits of, 741–743defined, 741distributed operating systems as,

745–747network operating systems as, 743–745

distributions (GNU/Linux), 45DLLs, see dynamic link librariesDLM (distributed lock manager), 18

DMA, see direct memory accessDMA controller, 595DMCA (U.S. Digital Millennium Copyright

Act), 44DMZ (demilitarized zone), 696–697domains, 531, 874domain-name system (DNS), 530, 751–752domain switching, 629DOS attacks, see denial-of-service attacksdouble buffering, 605double caching, 566double indirect blocks, 559doubly linked lists, 32downsizing, 743down time, 555DPCs (deferred procedure calls), 840–842DRAM (dynamic random-access memory), 9driver end (STREAM), 613–614driver objects, 855driver registration module (Linux), 790–791DRM (Digital Rights Management), 44DTrace, 87–91dual-booted systems, 549dual-core design, 16dumpster diving, 660DVMA (direct virtual memory access), 596DWM (desktop window manager), 831dynamic configurations, 837, 838dynamic linking, 808–809dynamic link libraries (DLLs), 357–358, 836dynamic loading, 357dynamic protection, 628dynamic random-access memory (DRAM), 9dynamic routing, 753–754dynamic storage-allocation problem, 362,

554

E

earliest-deadline-first (EDF) scheduling,288–289

ease of use, 5ease of use features, 830EC2, 41ECBs (enabling control blocks), 90ECC, see error-correcting codeEDF (earliest-deadline-first) scheduling,

288–289effective access time, 405


Index 919

effective memory-access time, 374effective UID, 31efficiency, 3, 564–565, 837EIDE buses, 469electronic disk, 11elevator algorithm, see SCAN scheduling

algorithmemulation, 40, 727emulators, 77, 713enabling control blocks (ECBs), 90encapsulation (Java), 649encrypted viruses, 668encryption, 675–676

asymmetric, 678authentication, 678–681key distribution, 681public-key, 678symmetric, 676–677

encryption, defined, 675–676energy efficiency, 837enhanced integrated drive electronics

(EIDE) buses, 469entry section, 206entry set, 232environmental subsystems, 836environment vector, 793EPROM (erasable programmable read-only

memory), 93equal allocation, 423erasable programmable read-only memory

(EPROM), 93Erlang language, 241–242error(s), 607–608

hard, 482soft, 479

error conditions, 398error-correcting code (ECC), 477–478, 488error detection, 57escalate privileges, 31escape (operating systems), 599events, 233event latency, 283–284event objects (Windows 7), 841event-pair objects, 855exception dispatcher, 842exceptions (with interrupts), 593exclusive locks, 508exec() system call, 183executable files, 106, 504execution of user programs, 807

execution time, 355exit section, 206exit() system call, 120, 121expansion bus, 588exponential average, 268export list, 574–575ext2 (second extended file system), 811ext3 (third extended file system), 811–813ext4 (fourth extended file system), 811extended file attributes, 505extended file system (extfs), 545, 811extensibility, 736extent (contiguous space), 555extents, 865external data representation (XDR), 140external fragmentation, 363–364, 554

F

failure:detection of, 762mean time to, 485recovery from, 763during writing of block, 494–496

failure analysis, 86–87failure modes (directories), 531–532false negatives, 693false positives, 693fast-user switching, 863–864FAT (file-allocation table), 557fault tolerance, 14, 763–764, 868–869fault-tolerant systems, 763–764FC (fiber channel), 471FC-AL (arbitrated loop), 471FCB (file-control block), 545FC buses, 469FCFS scheduling algorithm, see first-come,

first-served scheduling algorithmfeature migration, 887–888fibers, 879–880fiber channel (FC), 471fiber channel (FC) buses, 469FIFO, 32, 147FIFO page replacement algorithm, 413–41450-percent rule, 363file(s), 26–27, 503–504. See also directories

accessing information on, 513–515direct access, 513–514sequential access, 513

BMind.qxd 2/20/13 6:11 PM 19

920 Index

file(s) (contd.)attributes of, 504–505batch, 510defined, 504executable, 106internal structure of, 512–513locking open, 507–510operations on, 506–510protecting, 533–538

via file access, 533–538via passwords/permissions, 537–538

recovery of, 568–571storage structure for, 517–518

file access, 508, 533–538file-allocation table (FAT), 557file-control block (FCB), 545file descriptor, 548file extensions, 510–511file handle, 548file info window (Mac OS X), 505FileLock (Java), 508file management, 74file-management system calls, 71file mapping, 433file migration, 767file modification, 74file objects, 551, 809file-organization module, 545file pointers, 508file reference, 865file replication, 767file session, 532file sharing, 528–533

and consistency semantics, 532–533with multiple users, 528–529with networks, 530–532

and client-server model, 529–530and distributed information systems,

530–531and failure modes, 531–532

file systems, 503, 543–545basic, 544creation of, 518design problems with, 544distributed, see distributed file systemsextended, 544implementation of, 546–552

mounting, 549–550partitions, 549–550virtual systems, 550–552

levels of, 544Linux, 809–815log-based transaction-oriented,

569–570logical, 544mounting of, 526–528network, 571–577remote, 529WAFL, 577–580Windows 7, see Windows 7

File System Hierarchy Standard document,784

file-system management, 26–27file-system manipulation (operating system

service), 56file transfer, 744–745file transfer protocol (FTP), 529, 744–745file viruses, 667filter drivers, 856fine-grained multithreading, 282firewalls, 35, 696–698firewall chains, 821firewall management, 821firmware, 7, 93first-come, first-served (FCFS)

scheduling algorithm, 266–267,473–474

first-fit strategy, 363fixed-partition scheme, 362fixed routing, 753floppy disks, 468flow control, 613flushing, 374folders, 59foreground processes, 115, 274, 296fork() and exec() process model (Linux),

792–794fork-join strategy, 172fork() system call, 183formatting, 479–480forwarding, 481forward-mapped page tables, 379fourth extended file system (ext4), 811fragments, packet, 821fragmentation, 363–364

external, 363–364, 554internal, 363, 513

frame(s), 367, 755stack, 664–665victim, 411


Index 921

frame allocation, 421–425equal allocation, 423global vs. local, 424proportional allocation, 423–424

frame-allocation algorithm, 412frame pointers, 664–665free-behind technique, 567free objects, 438, 803Free Software Foundation (FSF), 45free-space list, 561free-space management (disks), 561–564

bit vector, 561–562counting, 563grouping, 563linked list, 562–563and space maps, 563–564

front-end processors, 616FSF (Free Software Foundation), 45FTP, see file transfer protocolfull backup, 570FUSE file-system, 545

G

Gantt chart, 267garbage collection, 526gates, 631gateways, 754GB (gigabyte), 9gcc (GNU C compiler), 784GCD (Grand Central Dispatch), 182–183GDT (global descriptor table), 384general graph directories, 525–526general trees, 33gestures, 60gigabyte (GB), 9global descriptor table (GDT), 384global positioning system (GPS), 36global replacement, 424GNOME desktop, 60GNU C compiler (gcc), 784GNU General Public License (GPL), 45GNU/Linux, 45GNU Portable Threads, 169GPL (GNU General Public License), 45GPS (global positioning system), 36graceful degradation, 14Grand Central Dispatch (GCD), 182–183granularity, minimum, 797

graphs, acyclic, 523graphical user interfaces (GUIs), 59–62graphics shaders, 835grappling hook, 670Green threads, 169group identifiers, 31grouping, 563group policies, 875group rights (Linux), 823guard pages, 847GUIs (graphical user interfaces), 59–62

H

Hadoop, 765Hadoop distributed file system (HDFS), 767HAL, see hardware-abstraction layerhandheld computers, 5handles, 844handle tables, 844handshaking, 591, 611handshaking procedure, 695hands-on computer systems, 20hard affinity, 280hard-coding techniques, 128hard errors, 482hard links, 525hardware, 4

I/O systems, 588–597direct memory access, 595–597interrupts, 592–595polling, 591

for storing page tables, 372–374synchronization, 209–212virtual machines, 720–721

hardware-abstraction layer (HAL), 836hardware objects, 627hash collisions, 471hashed page tables, 380hash functions, 33–34, 680hash maps, 471hash tables, 552–553hash value (message digest), 680HDFS (Hadoop distributed file system), 767heaps, 106, 883heavyweight processes, 163hibernation, 860–861hierarchical paging, 378–380high availability, 17


922 Index

high-availability clusters, 764high performance, 834high-performance computing, 17hijacking, session, 659hit ratio, 374, 441hive, 861hold-and-wait condition (deadlocks),

323–324holes, 362homogeneity, 278host adapter, 589host-attached storage, 471host controller, 469host-id, 751hot spare disks, 491hot-standby mode, 17human security, 660hybrid cloud, 42hybrid operating systems, 83–86

Android, 85–86iOS, 84–85Mac OS X, 84

Hydra, 641–643hypercalls, 726hyperspace, 846hypervisors, 712

type 0, 723–724type 1, 724–725type 2, 725

I

IA-32 architecture, 384–387paging in, 385–387segmentation in, 384–385

IA-64 architecture, 387IaaS (infrastructure as a service), 42IBM OS/360, 899–900identifiers:

file, 504group, 31user, 31

idle threads, 294, 840IDPSs (intrusion-prevention systems), 692IDSs (intrusion-detection systems), 691–694IKE protocol, 682immutable shared files, 533imperative languages, 241impersonation, 853

implementation:of CPU scheduling algorithms, 303–304of operating systems, 76–77of transparent naming techniques, 769–770

implicit threading, 177–183Grand Central Dispatch (GCD), 182–183OpenMP and, 181–182thread pools and, 179–181

incremental backup, 571indefinite blocking (starvation), 217, 271independence, location, 767independent disks, 485independent processes, 122index, 514index block, 557indexed disk space allocation, 557–559index root, 865indirect blocks, 559indirect communication, 128information-maintenance system calls, 72infrastructure as a service (IaaS), 42inode, 545inode objects, 551, 809input/output, see under I/Oinput queue, 354InServ storage array, 493instruction-execution cycle, 10, 351–352instruction register, 10integrity, breach of, 658intellimirror, 875Intel processors, 383–387

IA-32 architecture, 384–387IA-64 architecture, 387

interactive (hands-on) computer systems, 20interface(s):

batch, 56choice of, 61–62client, 766defined, 597intermachine, 766Windows 7 networking, 870–875

interlock, I/O, 444–445intermachine interface, 766internal fragmentation, 363, 513international use, 837Internet address, 752Internet Key Exchange (IKE), 682Internet Protocol (IP), 681–683interpretation, 40interpreted languages, 727


Index 923

interprocess communication (IPC), 122–130in client-server systems, 136–147

remote procedure calls, 138–142sockets, 136–138

in Linux, 783, 818–819Mach example of, 131–134in message-passing systems, 126–130POSIX shared-memory example of,

130–131in shared-memory systems, 124–126Windows example of, 135

interrupt(s), 8–9, 592–595defined, 592in Linux, 799–800

interrupt chaining, 593interrupt-controller hardware, 593interrupt-dispatch table (Windows 7),

843–844interrupt-driven data transfer, 436interrupt-driven operating systems, 21–24interrupt-handler routine, 592interrupt latency, 284–285interrupt priority levels, 593interrupt-request line, 592interrupt service routines (ISRs), 840interrupt vector, 8–9, 360, 593intruders, 658intrusion detection, 691–694intrusion-detection systems (IDSs),

691–694intrusion-prevention systems (IDPSs), 692inverted page tables, 381–383, 442I/O (input/output), 4, 12

memory-mapped, 435–436overlapped, 892–894programmed, 436virtual machines, 731–732

I/O-bound processes, 113I/O burst, 262I/O channel, 616I/O interlock, 444–445I/O manager, 855–856I/O operations (operating system service),

56–57I/O ports, 436I/O request packet (IRP), 855iOS operating system, 84–85I/O subsystem(s), 29–30

kernels in, 604–610procedures supervised by, 610

I/O system(s), 587–588application interface, 597–603

block and character devices, 600clocks and timers, 601–602network devices, 600–601nonblocking and asynchronous I/O,

602–603vectored I/O, 603–604

hardware, 588–597direct memory access, 595–597interrupts, 592–595polling, 591

kernels, 604–610buffering, 605–606caching, 606–607data structures, 608–609error handling, 607–608I/O scheduling, 604–605and I/O subsystems, 610protection, 608spooling and device reservation, 607

Linux, 815–817block devices, 816character devices, 817

STREAMS mechanism, 613–615and system performance, 615–618transformation of requests to hardware

operations, 611–612IP (Internet Protocol), 681–683iPad, see Apple iPadIPC, see interprocess communicationIPSec, 682IRP (I/O request packet), 855ISCSI, 472ISO Reference Model, 682ISRs (interrupt service routines), 840

J

Java:file locking in, 508–509language-based protection in, 647–649monitors in, 232

Java threads, 176–177Java Virtual Machine (JVM), 107, 726,

736–737jobs, processes vs., 106–107job objects, 852job pool, 20


924 Index

job queues, 111job scheduler, 112job scheduling, 20journaling, 813–814journaling file systems, 569–570just-in-time (JIT) compilers, 727JVM, see Java Virtual Machine

K

KB (kilobyte), 9K Desktop Environment (KDE), 60kernel(s), 6, 604–610

buffering, 605–606caching, 606–607computational, 835data structures, 608–609error handling, 607–608I/O scheduling, 604–605and I/O subsystems, 610Linux, 787–789nonpreemptive, 207preemptive, 207protection, 608spooling and device reservation, 607task synchronization (in Linux), 798–800Windows 7, 839–844, 875

kernel code, 96kernel data structures, 31–34

arrays, 31bitmaps, 34hash functions and maps, 33–34lists, 31–33queues, 32stacks, 32trees, 31–33

kernel environment, 84kernel extensions, 84kernel memory allocation, 436–439kernel mode, 22, 787Kernel-Mode Driver Framework (KMDF), 856kernel-mode threads (KT), 844kernel modules, 789–792

conflict resolution, 791–792driver registration, 790–791Linux, 96–101management of, 789–790

kernel threads, 169kernel transaction manager (KTM), 862

Kernighan’s Law, 87keys, 638, 641

private, 678public, 678

key distribution, 681key ring, 681keystreams, 677keystroke logger, 669kilobyte (KB), 9KMDF (Kernel-Mode Driver Framework),

856KT (kernel-mode threads), 844KTM (kernel transaction manager), 862

L

language-based protection systems, 644–649compiler-based enforcement, 644–647Java, 647–649

LANs, see local-area networkslatency:

in real-time systems, 283–285target, 797

layers (of network protocols), 681layered approach (operating system

structure), 79–81lazy swapper, 401LCNs (logical cluster numbers), 864LDAP, see lightweight directory-access

protocolLDT (local descriptor table), 384least-frequently used (LFU) page-

replacement algorithm, 420least privilege, principle of, 626–627least-recently-used (LRU) page-replacement

algorithm, 416–418left child, 33LFH design, 883–884LFU page-replacement algorithm, 420lgroups, 425libraries:

Linux system, 787–788shared, 358, 400

LIFO, 32lightweight directory-access protocol

(LDAP), 531, 875limit register, 352linear addresses, 385linear lists (files), 552


Index 925

line discipline, 817link(s):

communication, 127defined, 523–524hard, 525resolving, 524symbolic, 845

linked disk space allocation, 555–557linked lists, 562–563linked scheme index block, 559linking, dynamic vs. static, 357–358, 808–809Linux, 45, 781–824

design principles for, 786–788file systems, 809–815

ext3 file system, 811–813journaling, 813–814process, 814virtual, 809–811

history of, 781–786distributions, 785first kernel, 782–784licensing, 785–786system description, 784

interprocess communication, 818–819I/O system, 815–817

block devices, 816–817character devices, 817

kernel modules, 96–101, 789–792memory management, 800–809

execution and loading of userprograms, 807

physical memory, 801–804virtual memory, 804–807

network structure, 819–821process management, 792–795

fork() and exec() process model,792–794

processes and threads, 795process representation in, 110scheduling in, 795–800

example, 290–294kernel synchronization, 798–800process, 796–797symmetric multiprocessing, 800

security model, 821–824access control, 822–824authentication, 822

swap-space management in, 484synchronization in, 234–235threads example, 189–191

Linux distributions, 782, 785Linux kernel, 782–784Linux system(s):

components of, 782, 787–789obtaining page size on, 370

lists, 31–32, 398Little’s formula, 302LiveCD, 45LiveDVD, 45live migration (virtual machines), 716,

733–735load balancing, 280–281loader, 891loading:

dynamic, 357in Linux, 807–808

load sharing, 278, 742load time, 354local-area networks (LANs), 17, 37, 747–750local descriptor table (LDT), 384locality model, 427locality of reference, 404local procedure calls (LPCs), 834local replacement, 424local replacement algorithm (priority

replacement algorithm), 427location, file, 504location independence, 767location-independent file identifiers,

769–770location transparency, 767lock(s), 209, 638

acquire, 69advisory, 509exclusive, 508in Java API, 508–509mandatory, 509mutex, 212–214reader-writer, 220–222release, 69shared, 508

lock-key scheme, 638lock() operation, 508log-based transaction-oriented file systems,

569–570log files, 87log-file service, 866logging area, 867logical address, 355logical address space, 356


926 Index

logical blocks, 470logical cluster numbers (LCNs), 864logical file system, 545logical formatting, 479logical memory, 21, 398–399. See also virtual

memorylogical records, 513login, network, 531long-term scheduler (job scheduler), 112LOOK scheduling algorithm, 477loopback, 138loosely-coupled systems, 17love bug virus, 694low-fragmentation heap (LFH) design,

883–884low-level formatted disks, 470low-level formatting (disks), 479LPCs (local procedure calls), 834LRU-approximation page replacement

algorithm, 418–420

M

MAC (message-authentication code), 680MAC (medium access control) address, 760Mach operating system, 81–82, 131–134,

902–903Macintosh operating system, 901–902Mac OS X operating system, 84macro viruses, 667magic number (files), 511magnetic disk(s), 10, 467–469. See also disk(s)magnetic tapes, 469–470mailboxes, 128mailbox sets, 134mainframes, 5main memory, 9–10

and address binding, 354–355contiguous allocation of, 360–361

and fragmentation, 363–364mapping, 361methods, 362–363protection, 361

and dynamic linking, 357–358and dynamic loading, 357and hardware, 352–354Intel 32 and 64-bit architectures example:

paging, 385–387segmentation, 384–385

and logical vs. physical address space, 356paging for management of, 366–383

basic method, 367–372hardware, 372–374hashed page tables, 380hierarchical paging, 378–380Intel 32 and 64-bit architectures

example, 385–387inverted page tables, 381–383and Oracle SPARC Solaris, 383protection, 375–376and shared pages, 376–377

segmentation for management of, 364–366basic method, 364–366hardware, 365–366Intel 32 and 64-bit architectures

example, 384–385and swapping, 358–360

MANs (metropolitan-area networks), 37mandatory file-locking mechanisms, 509man-in-the-middle attack, 659many-to-many multithreading model,

170–171many-to-one multithreading model, 169marshalling, 872Mars Pathfinder, 218maskable interrupts, 593masquerading, 658mass-storage management, 27mass-storage structure, 467–470

disk attachment:host-attached, 471network-attached, 471–472storage-area network, 472

disk management:bad blocks, 480–482boot block, 480formatting of disks, 479–480

disk scheduling algorithms, 472–478C-SCAN, 476FCFS, 473–474LOOK, 477SCAN, 475–476selecting, 477–478SSTF, 474–475

disk structure, 470–471extensions, 492magnetic disks, 467–469magnetic tapes, 469–470RAID structure, 484–494


Index 927

performance improvement, 486problems with, 492–494RAID levels, 487–491reliability improvement, 485–486

stable-storage implementation, 494–496swap-space management, 482–484

master book record (MBR), 480master file directory (MFD), 519master file table, 546master key, 641master secret (SSL), 684matchmakers, 141MB (megabyte), 9MBR (master book record), 480MCP operating system, 902–903mean time to data loss, 485mean time to failure, 485mean time to repair, 485mechanisms, 76medium access control (MAC) address, 760medium-term scheduler, 113megabyte (MB), 9memory:

anonymous, 484core, 895direct memory access, 12direct virtual memory access, 596logical, 21, 398–399main, see main memoryover-allocation of, 409physical, 21secondary, 404semiconductor, 11shared, 122, 400transactional, 239–240unified virtual memory, 565virtual, see virtual memory

memory-address register, 355memory allocation, 362–363memory leaks, 101memory management, 25–26

in Linux, 800–809execution and loading of user

programs, 807–809physical memory, 801–804virtual memory, 804–807

with virtual machines, 730–731in Windows 7, 882–884

heaps, 883memory-mapping files, 882–883

thread-local storage, 884virtual memory, 882

memory-management unit (MMU), 356, 384,849–850

memory-mapped files, 847memory-mapped I/O, 435–436, 589memory mapping, 361, 430–436

basic mechanism, 430–432defined, 430I/O, memory-mapped, 435–436in Linux, 807–808in Win32 API, 433–435

memory-mapping files, 882–883memory protection, 361memory-resident pages, 402memory stall, 282memory-style error-correcting organization,

488messages:

connectionless, 755in distributed operating systems, 743

message-authentication code (MAC), 680message digest (hash value), 680message modification, 658message passing, 122message-passing model, 72, 126–130message queue, 897message switching, 755metadata, 531, 866metaslabs, 563methods (Java), 647metropolitan-area networks (MANs), 37MFD (master file directory), 519MFU page-replacement algorithm, 420microkernels, 81–82Microsoft Windows, see Windows operating

systemmicro TLBs, 388migration:

computation, 746data, 745–746file, 767process, 747with virtual machines, 733–735

minicomputers, 5minidisks, 516minimum granularity, 797miniport driver, 856mirroring, 485MMU, see memory-management unit


928 Index

mobile computing, 36–37mobile systems:

multitasking in, 115swapping on, 360, 407

mobility, user, 573mode bit, 22modify bits (dirty bits), 411modules, 82–83, 613–614module entry point, 97module exit point, 97monitors, 223–232

dining-philosophers solution using,227–229

implementation of, using semaphores,229–230

resumption of processes within, 230–232

usage of, 225–227monitor calls, see system callsmonoculture, 669Moore’s Law, 6, 835Morris, Robert, 670–672most-frequently used (MFU) page-

replacement algorithm, 420mounting, 549–550mount points, 526, 869–870mount protocol, 574mount table, 546, 611MS-DOS, 900–901multicore processors, 281–283multicore programming, 166–169multicore systems, 14, 16, 166MULTICS operating system, 630–632, 887,

888, 898–899multifactor authentication, 689multilevel feedback-queue scheduling

algorithm, 275–277multilevel index, 559multilevel queue scheduling algorithm,

273–275multinational use, 837multipartite viruses, 669multiple-partition method, 362multiple universal-naming-convention

provider (MUP), 873multiprocessing:

asymmetric, 15, 278memory access model for, 15symmetric, 15–16, 279, 800

multiprocessor scheduling, 278–283approaches to, 278–280examples of:

Linux, 290–294Solaris, 297–299Windows, 294–296

and load balancing, 280–281and multicore processors, 281–283and processor affinity, 280

multiprocessor systems (parallel systems,tightly coupled systems), 14–16, 166

multiprogramming, 19–20, 113multitasking, see time sharingmultithreading:

benefits of, 165–166cancellation, thread, 185–186coarse-grained, 282and exec() system call, 183fine-grained, 282and fork() system call, 183models of, 169–171and scheduler activations, 187–188and signal handling, 183–185and thread-specific data, 187

multi-touch hardware, 863MUP (multiple universal-naming-

convention provider), 873mutant (Windows 7), 841mutex:

adaptive, 235in Windows 7, 841

mutex locks, 212–214, 317–318mutual exclusion, 319mutual-exclusion condition (deadlocks),

323

N

names:resolution of, 751–753in Windows 7, 845

named pipes, 872name server, 752namespaces, 793naming, 127–129, 530–531

defined, 767domain name system, 530of files, 504


Index 929

lightweight directory-access protocol, 531and network communication, 751–753

NAT (network address translation), 732national-language-support (NLS) API, 837NDIS (network device interface

specification), 870nested page tables (NPTs), 720network(s). See also local-area networks

(LANs); wide-area networks(WANs)

communication protocols in, 756–760communication structure of, 751–756

and connection strategies, 755–756and naming/name resolution, 751–753and packet strategies, 755and routing strategies, 753–754

defined, 37design issues with, 764–765example, 760–761in Linux, 819–821metropolitan-area (MANs), 37robustness of, 762–764security in, 660small-area, 37threats to, 669–674types of, 747–748in Windows 7, 870–875

Active Directory, 875domains, 874interfaces, 870protocols, 871–874redirectors and servers, 873–874

wireless, 35network address translation (NAT), 732network-attached storage, 471–472network computers, 35network devices, 600–601, 816network device interface specification

(NDIS), 870network file systems (NFS), 571–577

mount protocol, 574NFS protocol, 574–575path-name translation, 574–575remote operations, 577

network information service (NIS), 530network layer, 757network-layer protocol, 681network login, 531network operating systems, 38, 743–745

new state, 107NFS, see network file systemsNFS protocol, 574–575NIS (network information service), 530NLS (national-language-support) API, 837nonblocking I/O, 602–603nonblocking (asynchronous) message

passing, 129noncontainer objects (Windows 7), 702nonmaskable interrupt, 593nonpreemptive kernels, 207nonpreemptive scheduling, 264nonrepudiation, 680–681nonresident attributes, 865nonsignaled state, 233non-uniform memory access (NUMA), 16,

425, 834nonvolatile RAM (NVRAM), 11nonvolatile RAM (NVRAM) cache, 486nonvolatile storage, 11–12no-preemption condition (deadlocks), 324NPTs (nested page tables), 720NTFS, 864–866NUMA, see non-uniform memory accessNVRAM (nonvolatile RAM), 11NVRAM (nonvolatile RAM) cache, 486

O

objects:access lists for, 36–37in cache, 437–438free, 438hardware vs. software, 627in Linux, 803used, 438in Windows 7, 844–846

object files, 504object linking and embedding (OLE), 873object types, 551, 845off-line compaction of space, 555OLE (object linking and embedding), 873OLPC (One Laptop per Child), 902One Laptop per Child (OLPC), 902one-time pad, 689one-time passwords, 688one-to-one multithreading model, 170on-line compaction of space, 555


930 Index

open-file table, 507, 546–547OpenMP, 181–182, 240–241open operating systems, 669open() operation, 507OpenSolaris, 46open-source operating systems, 43–48operating system(s):

closed-source, 44defined, 3, 6design goals for, 75–76early, 888–894

dedicated computer systems, 888–889overlapped I/O, 892–894shared computer systems, 890–892

feature migration with, 887–888features of, 3functioning of, 3–6hybrid systems, 83–86implementation of, 76–77interrupt-driven, 21–24mechanisms for, 76network, 38open-source, 43–47operations of:

modes, 21–23and timer, 24

policies for, 76portability of, 836–837real-time, 43as resource allocator, 5security in, 660services provided by, 55–58structure of, 19–21, 78–86

layered approach, 79–81microkernels, 81–82modules, 82–83simple structure, 78

study of, 48system’s view of, 5user interface with, 4–5, 53–55

optimal page replacement algorithm,414–415

Oracle SPARC Solaris, 383Orange Book, 832OS/2 operating system, 829–830OSI model, 757–758OSI protocol stack, 757–758OSI Reference Model, 682out-of-band key delivery, 681overallocation (of memory), 409

overcommitment, 729overlapped I/O, 892–894owner rights (Linux), 822–823

P

p (page number), 367PaaS (platform as a service), 42packets, 755, 821packet switching, 755–756packing, 512pages:

defined, 367shared, 376–377

page address extension (PAE), 396page allocator (Linux), 801page-buffering algorithms, 420–421page cache, 565, 804page directory, 847page-directory entries (PDEs), 847page directory pointer table, 386page fault, 403page-fault-frequency (PFF), 429–430page-fault rate, 407page frames, 847page-frame number (PFN) database, 850–851page number (p), 367page offset (d), 367–368pageout (Solaris), 446–447pageout policy (Linux), 806pager (term), 401page replacement, 409–421. See also frame

allocationand application performance, 421basic mechanism, 410–413counting-based page replacement, 420FIFO page replacement, 413–414global vs. local, 424LRU-approximation page replacement,

418–420LRU page replacement, 416–418optimal page replacement, 414–415and page-buffering algorithms, 420–421

page replacement algorithm, 412page size, 440–441page slots, 484page table(s), 367–372, 404, 847

clustered, 380forward-mapped, 379


Index 931

hardware for storing, 372–374hashed, 380inverted, 381–383, 442

page-table base register (PTBR), 372page-table entries (PTEs), 847page-table length register (PTLR), 376page-table self-map, 846paging, 366–383

basic method of, 367–372hardware support for, 372–374hashed page tables, 380hierarchical, 378–380Intel 32 and 64-bit architectures example,

385–387inverted, 381–383in Linux, 806and memory protection, 375–376and Oracle SPARC Solaris, 383priority, 447and shared pages, 376–377swapping vs., 482

paging mechanism (Linux), 806paired passwords, 688PAM (pluggable authentication modules),

822parallelism, 166, 168–169parallelization, 17parallel systems, see multiprocessor systemsparavirtualization, 713, 725–726parent process, 116partition(s), 362, 515, 516, 549–550

boot, 480control, 723raw, 483root, 549

partition boot sector, 546partitioning, disk, 479passwords, 685–689

one-time, 688–689securing, 687–688vulnerabilities of, 685–687

path name, 520path names:

absolute, 522relative, 522

path-name translation, 574–575PCBs, see process control blocksPCI bus, 588PCS (process-contention scope), 277PC systems, 3, 863

PDAs (personal digital assistants), 11PDEs (page-directory entries), 847peer-to-peer computing, 39–40penetration test, 690performance:

and allocation of disk space, 560–561and I/O system, 615–618of Windows 7, 834–836

performance improvement, 486, 565–568performance tuning, 87periodic processes, 286periodic task rate, 286permissions, 536per-process open-file table, 547personal computer (PC) systems, 3, 863personal digital assistants (PDAs), 11personal firewalls, 697personal identification number (PIN), 688personalities, 83Peterson’s solution, 207–209PFF (page-fault-frequency), 429–430PFN database, 850–851phishing, 660physical address, 355physical address space, 356physical formatting, 479physical layer, 757physical memory, 21, 397–398, 801–804physical security, 659PIC (position-independent code), 809pid (process identifier), 116PIN (personal identification number), 688pinning, 857PIO, see programmed I/Opipes, 142–147

anonymous, 143–145named, 145–147ordinary, 142–145use of, 148

pipe mechanism, 818platform as a service (PaaS), 42platter (disks), 467–468plug-and-play and (PnP) managers, 860pluggable authentication modules (PAM), 822point-to-point tunneling protocol (PPTP),

871policy(ies), 76

group, 875security, 689–690

policy algorithm (Linux), 806


932 Index

polling, 591polymorphic viruses, 668pools:

of free pages, 408of storage, 494

pop, 32pop-up browser windows, 662ports, 436, 588portability, 836–837portals, 35port driver, 856port scanning, 673position-independent code (PIC), 809positioning time (disks), 468POSIX, 829–830, 833–834

interprocess communication example,130–131

real-time scheduling, 290possession (of capability), 637POST (power-on self-test), 862power manager (Windows 7), 860–861power-of-2 allocator, 436power-on self-test (POST), 862PPTP (point-to-point tunneling protocol), 871P 1 Q redundancy scheme, 489–490preemptive kernels, 207preemptive scheduling, 263–264premaster secret (SSL), 684prepaging, 439–440presentation layer, 757primary thread, 876principle of least privilege, 626–627priority-based scheduling, 285–287priority-inheritance protocol, 218, 236priority inversion, 217–218, 236priority number, 230priority paging, 447priority replacement algorithm, 427priority scheduling algorithm, 270–271private cloud, 42private keys, 678privileged instructions, 22privileged mode, see kernel modeprivilege levels, 23probes (DTrace), 89procedural languages, 241process(es), 20

background, 74–75, 115, 274, 296communication between, see interprocess

communication

components of, 106–107context of, 114, 794and context switches, 114cooperating, 122defined, 105environment of, 793–794foreground, 115, 274, 296heavyweight, 163independent, 122I/O-bound vs. CPU-bound, 113job vs., 106in Linux, 795multithreaded, see multithreadingoperations on, 116–119

creation, 116–119termination, 120–121

programs vs., 24–25, 106–107scheduling of, 110–114single-threaded, 163state of, 107system, 8as term, 105–106threads performed by, 109in Windows 8, 876

process-contention scope (PCS), 277process control blocks (PCBs, task control

blocks), 107–108process-control system calls, 67–71process file systems (Linux), 814–815process identifier (pid), 116process identity (Linux), 792–793process management:

about, 24–25in Linux, 792–795

fork() and exec() process model,792–794

processes and threads, 795process manager (Windows 7),

852–853process mix, 113process objects (Windows 7), 841processor affinity, 280processor groups, 835processor sets, 280processor sharing, 273process representation (Linux), 110process scheduler, 111process scheduling:

in Linux, 796–797thread scheduling vs., 261


Index 933

process synchronization:about, 204–206alternative approaches to, 238–242

functional programming languages,241–242

OpenMP, 240–241transactional memory, 239–240

bounded-buffer problem, 219critical-section problem, 206–207

hardware solution to, 209–212Peterson’s solution to, 207–209software solution to, 212–213

dining-philosophers problem, 222–223,227–229

examples of:Java, 232Linux, 234–235Pthreads, 237–238Solaris, 235–237Windows, 233–234

monitors for, 223–232dining-philosophers solution, 227–229resumption of processes within, 230–232semaphores, implementation using,

229–230usage, 225–227

readers-writers problem, 220–222semaphores for, 213–218

process termination, deadlock recovery by,337–338

production kernels (Linux), 783profiling (DTrace), 88–89programs, processes vs., 106–107. See also

application programsprogram counters, 25, 106program execution (operating system

service), 56program files, 504program loading and execution, 74programmable interval timer, 601programmed I/O (PIO), 436, 595programming-environment virtualization,

713, 726–727programming-language support, 74program threats, 661–669

logic bombs, 663stack- or buffer overflow attacks, 663–666trap doors, 662Trojan horses, 661–662viruses, 666–667

projects, 299proportional allocation, 423proportional share scheduling, 289–290protection, 73, 625

access control for, 533–538access matrix as model of, 632–636

control, access, 639–640implementation, 636–639

capability-based systems, 641–644Cambridge CAP system, 643–644Hydra, 641–643

in computer systems, 29–31domain of, 627–628

MULTICS example, 630–632structure, 628–629UNIX example, 629–630

error handling, 607–608file, 504of file systems, 533–538goals of, 625–626I/O, 608language-based systems, 644–649

compiler-based enforcement, 644–647Java, 647–649

as operating system service, 57–58in paged environment, 375–376permissions, 536and principle of least privilege, 626–627and revocation of access rights, 640–641security vs., 657static vs. dynamic, 628from viruses, 694–696

protection domain, 628, 721protection mask (Linux), 823protection subsystems (Windows 7), 838protocols:

discovery, 39Windows 7 networking, 871–873

providers (DTrace), 89pseudo-device driver, 730–731PTBR (page-table base register), 372PTEs (page-table entries), 847PTE tables, 847Pthreads, 172–174

scheduling, 277–278synchronization in, 237–238thread cancellation in, 186–187

PTLR (page-table length register), 376public cloud, 41public domain, 785


934 Index

public keys, 678public-key encryption, 678pull migration, 281pure code, 376pure demand paging, 404push, 32push migration, 281, 769

Q

quantum, 839queue(s), 111–112

capacity of, 129–130input, 354message, 897ready, 111–112, 359

queueing diagram, 112queueing-network analysis, 302

R

race condition, 205RAID (redundant arrays of inexpensive

disks), 484–494levels of, 487–491performance improvement, 486problems with, 492–494reliability improvement, 485–486structuring, 485

RAID array, 485RAID levels, 487–491RAID sets, 868RAM (random-access memory), 9random-access devices, 598, 599, 893random-access memory (RAM), 9random-access time (disks), 468rate, periodic task, 286rate-monotonic scheduling, 287–288rate-monotonic scheduling algorithm,

287–288raw disk, 421, 516, 549raw I/O, 600raw partitions, 483RBAC (role-based access control), 639RC4, 677RC 4000 operating system, 897RDP, 717read-ahead technique, 567

read-end (of pipe), 142readers, 220reader-writer locks, 220–222readers-writers problem, 220–222reading files, 506read-modify-write cycle, 489read only devices, 599read-only memory (ROM), 93, 480read queue, 817read-write devices, 599ready queue, 111–112, 359ready state, 107ready thread state (Windows 7), 839real-time class, 294real-time CPU scheduling, 283–290

earliest-deadline-first scheduling,288–289

and minimizing latency, 283–285POSIX real-time scheduling, 290priority-based scheduling, 285–287proportional share scheduling, 289–290rate-monotonic scheduling, 287–288

real-time embedded systems, 43real-time operating systems, 43real-time range (Linux schedulers), 796real-time systems, 43reconfiguration, 762–763records:

logical, 513master boot, 480

recovery:backup and restore, 570–571and consistency checking, 568–569from deadlock, 337–338

by process termination, 337–338by resource preemption, 338

from failure, 763of files and directories, 568–571Windows 7, 866–867

red-black trees, 35Red Hat, 785redirectors, 873redundancy, 485. See also RAIDredundant arrays of inexpensive disks, see

RAIDReed-Solomon codes, 489–490reentrant code (pure code), 376reference bits, 418Reference Model, ISO, 682reference string, 412


Index 935

register(s), 65base, 352limit, 352memory-address, 355page-table base, 372page-table length, 376for page tables, 372relocation, 356

registry, 74, 861relative block number, 514–515relative path names, 522relative speed, 207release() operation, 508reliability, 755

of distributed operating systems, 742–743of Windows 7, 832–833

relocation register, 356remainder section, 206remote file systems, 529remote file transfer, 744–745remote login, 744remote operations, 577remote procedure calls (RPCs), 872remote-service mechanism, 770removable storage media:

magnetic disks, 467–469magnetic tapes, 469–470

rendezvous, 129repair, mean time to, 485replay attacks, 658replication, 491, 579–580repositioning (in files), 506request edge, 319request manager, 816resident attributes, 865resident monitor, 890resolution:

name, 751–753and page size, 441

resolving links, 524resource allocation (operating system

service), 57resource-allocation graph algorithm, 329–330resource allocator, operating system as, 5resource preemption, deadlock recovery by,

338resource-request algorithm, 332resource sharing, 165, 742resource utilization, 5response time, 20, 265–266

restart area, 867restore:

data, 570–571state, 114

resume, 715reverse engineering, 44revocation of access rights, 640–641rich text format (RTF), 694right child, 33rights amplification (Hydra), 642risk assessment, 690–691roaming profiles, 874robustness, 762–764roles, 639role-based access control (RBAC), 639roll out, roll in, 358ROM (read-only memory), 93, 480root partitions, 549root uid (Linux), 823rotational latency (disks), 468, 473round-robin (RR) scheduling algorithm,

271–273routers, 754routing:

and network communication, 753–754routing protocols, 754routing table, 753RPCs (remote procedure calls), 872RR scheduling algorithm, 271–273RTF (rich text format), 694running state, 107running system, 93running thread state (Windows 7), 839RW (read-write) format, 27

S

SaaS (software as a service), 42safe computing, 694safe sequence, 328safety algorithm, 331–332sandbox (Tripwire file system), 694SANs, see storage-area networksSATA buses, 469save, state, 114scalability, 166, 765Scala language, 241–242SCAN (elevator) scheduling algorithm,

475–476


936 Index

scheduler(s), 112–113long-term, 112medium-term, 113short-term, 113

scheduler activation, 187–188scheduling:

cooperative, 264CPU, see CPU schedulingdisk scheduling algorithms, 472–478

C-SCAN, 476FCFS, 473–474LOOK, 477SCAN, 475–476selecting, 477–478SSTF, 474–475

earliest-deadline-first, 288–289I/O, 604–605job, 20in Linux, 795–800

kernel synchronization, 798–800process, 796–797symmetric multiprocessing, 800

multiprocessor, see multiprocessorscheduling

nonpreemptive, 264preemptive, 263–264priority-based, 285–287proportional share, 289–290rate-monotonic, 287–288SSDs and, 478thread, 277–278in Windows 7, 839–841, 877–881

scheduling rules, 877SCM (Service Control Manager), 860SCOPE operating system, 904script kiddies, 666SCS (system-contention scope), 277SCSI (small computer-systems interface), 12SCSI buses, 469search path, 521secondary memory, 404secondary storage, 10, 543. See also disk(s)second-chance page-replacement algorithm

(clock algorithm), 418–419second extended file system (ext2), 811section objects, 135sectors, disk, 468sector slipping, 481–482sector sparing, 481, 869secure by default, 669

secure single sign-on, 531secure systems, 658security. See also file access; program threats;

protection; user authenticationclassifications of, 698–699in computer systems, 29–31and firewalling, 696–698implementation of, 689–696

and accounting, 696and auditing, 696and intrusion detection, 691–694and logging, 696and security policy, 689–690and virus protection, 694–696and vulnerability assessment, 690–691

levels of, 659–660in Linux, 821–824

access control, 822–824authentication, 822

as operating system service, 57–58as problem, 657–661protection vs., 657and system/network threats, 669–674

denial of service, 674port scanning, 673worms, 670–673

use of cryptography for, 674–685and encryption, 674–685implementation, 681–683SSL example, 683–685

via user authentication, 685–689biometrics, 689passwords, 685–689

in Windows 7, 699–702, 831–832, 867security access tokens (Windows 7), 699security context (Windows 7), 699–702security descriptor (Windows 7), 701security domains, 696security identity (SID), 853security policy, 689–690security reference monitor (SRM), 858–859security-through-obscurity approach, 691security tokens, 853seeds, 688–689seek, file, 506seek time (disks), 468, 473segmentation, 364–366

basic method, 364–366defined, 364hardware, 365–366


Index 937

Intel 32 and 64-bit architectures example,384–385

segment base, 366segment limit, 366segment tables, 366semantics:

consistency, 532–533copy, 606immutable-shared-files, 533session, 533

semaphore(s), 213–218binary, 214counting, 214and deadlocks, 217defined, 213implementation, 215–217implementation of monitors using, 229–230and priority inversion, 217–218and starvation, 217usage of, 214–215

semaphore objects (Windows 7), 841semiconductor memory, 11sense key, 608sequential access (files), 513sequential-access devices, 893sequential devices, 598, 599serial ATA (SATA) buses, 469server(s), 5

defined, 766in SSL, 683

server-message-block (SMB), 871server subject (Windows 7), 700Service Control Manager (SCM), 860services, operating system, 55–58, 115session hijacking, 659session layer, 757session manager subsystem (SMSS), 862session object, 847session semantics, 533session space, 846sharable devices, 598, 599shares, 299shared files, immutable, 533shared libraries, 358, 400shared lock, 508shared memory, 122, 400shared-memory model, 73, 124–126sharing:

load, 278, 742and paging, 376–377

resource, 742time, 20

shells, 58shell script, 511shortest-job-first (SJF) scheduling

algorithm, 267–270shortest-remaining-time-first scheduling, 269shortest-seek-time (SSTF) scheduling

algorithm, 474–475short-term scheduler (CPU scheduler), 113,

263shoulder surfing, 686SID (security identity), 853signals:

Linux, 818UNIX, 183–185

signaled state, 233signal handlers, 183–185signatures, 692–693signature-based detection, 692simple operating system structure, 78simple subject (Windows 7), 700simulation(s), 302single indirect blocks, 559single-level directories, 518–519single-processor systems, 13–14, 261single-threaded processes, 163singly linked lists, 32SJF scheduling algorithm, 267–270Skype, 40slab allocation, 437–439, 802–803Slackware, 785slices, 516slim reader-writer (SRW) locks, 879SLOB allocator, 439SLUB allocator, 439small-area networks, 37small computer-systems interface, see under

SCSISMB (server-message-block), 871SMP, see symmetric multiprocessingSMSS (session manager subsystem), 862snapshots, 570sniffing, 686social engineering, 660sockets, 136–138socket interface, 601soft affinity, 280soft error, 479software as a service (SaaS), 42


938 Index

software capability, 643software interrupts (traps), 593software objects, 627Solaris, 46

and processor affinity, 280scheduling example, 297–299swap-space management in, 483–484synchronization in, 235–237virtual memory in, 446–447

solid-state disks (SSDs), 11, 28, 469, 478sorted queue, 817source-code viruses, 667source files, 504space maps, 563–564SPARC, 383sparseness, 381, 400spawn, 670speed:

of operations (I/O devices), 599relative, 207

spoofed client identification, 530spoofing, 697spool, 607spooling, 607, 893–894spyware, 662SRM (security reference monitor),

858–859SRW (slim reader-writer) locks, 879SSDs, see solid-state disksSSL 3.0, 683–685SSTF scheduling algorithm, 474–475stable storage, 494–496stack, 65, 106stack algorithms, 417stack frame, 664–665stack inspection, 648stack-overflow attacks, 663–666stalling, 352standard swapping, 358–360standby thread state (Windows 7), 839starvation, see indefinite blockingstate (of process), 107stateless DFS, 532state restore, 114state save, 114static linking, 357–358, 809static protection, 628status information, 74status register, 590stealth viruses, 668

storage, 9–12. See also mass-storagestructure

definitions and notations, 9nonvolatile, 11–12secondary, 10, 543tertiary, 27thread-local, 187utility, 493volatile, 11

storage-area networks (SANs), 18, 471, 472storage array, 485storage management, 26–30

caching, 27–29I/O systems, 29–30mass-storage management, 27with virtual machines, 732–733

stored program computers, 888stream ciphers, 677stream head, 613stream modules, 613–614STREAMS mechanism, 613–615string, reference, 412stripe set, 868stubs, 357stub routines, 872subsystems, 135SunOS, 46superblock, 546superblock objects, 551, 809superuser, 688supervisor mode, see kernel modeSurface Computer, 863SuSE, 785suspended state, 715, 878swap map, 484swapper (term), 401swapping, 20, 113, 358–360, 401

in Linux, 806on mobile systems, 360, 407paging vs., 482standard, 358–360

swap space, 404swap-space management, 482–484switch architecture, 12switching:

circuit, 755domain, 629fast-user, 863–864message, 755packet, 755–756


Index 939

symbolic links, 845symbolic-link objects, 845symmetric coupling, 17symmetric encryption, 676–677symmetric encryption algorithm, 676symmetric mode, 17symmetric multiprocessing (SMP), 15–16,

279, 800synchronization, 129. See also process

synchronizationsynchronous devices, 598, 599synchronous message passing, 129synchronous threading, 172synchronous writes, 567SYSGEN, 91–92system boot, 92–93system calls (monitor calls), 8, 62–65

and API, 63–64for communication, 72–73for device management, 71–72for file management, 71functioning of, 62–65for information maintenance, 72for process control, 67–71

system-call firewalls, 698system-call interface, 64system-contention scope (SCS), 277system daemons, 8system-development time, 715system disk, see boot disksystem files, 520system generation (SYSGEN), 91–92system hive, 861system libraries (Linux), 787, 788system mode, see kernel modesystem processes, 8, 844–845system programs, 74–75systems programs, 6system resource-allocation graph, 319–321system restore point, 861system utilities, 74–75, 787, 788system-wide open-file table, 546

T

table(s), 398file-allocation, 557hash, 552–553master file, 546

mount, 549, 611open-file, 507page, 404, 847per-process open-file, 547routing, 753segment, 366system-wide open-file, 546

tags, 637tapes, magnetic, 469–470target latency, 797target thread, 185task control blocks, see process control

blockstask parallelism, 168–169TCB (trusted computer base), 698TCP/IP, see Transmission Control

Protocol/Internet ProtocolTCP sockets, 137TDI (transport driver interface), 870TEBs (thread environment blocks), 880telnet, 616, 744terminal applications, 96terminal concentrators, 616terminal server systems, 864terminated state, 107terminated thread state (Windows 7), 839termination:

cascading, 121process, 120–121, 337–338

tertiary storage devices, 27text files, 504text section (of process), 106theft of service, 658THE operating system, 896–897thin clients, 35third extended file system (ext3), 811–813thrashing, 425–430

cause of, 426–427defined, 426and page-fault-frequency strategy, 429–430and working-set model, 427–429

threads. See also multithreadingcancellation, thread, 185–186components of, 163functions of, 163–166idle, 294implicit threading, 177–183kernel, 169in Linux, 189–191, 795and multicore programming, 166–169


940 Index

threads. (contd.)and process model, 109scheduling of, 277–278target, 185user, 169in Windows 7, 188–189, 839–841, 876,

878–880thread attach, 853thread environment blocks (TEBs), 880thread libraries, 171–177

about, 171–172Java threads, 176–177Pthreads, 172–174Windows threads, 174–176

thread-local storage, 187thread pools, 179–181, 879thread scheduling, 261thread-specific data, 187threats, 658. See also program threatsthroughput, 265thunking, 834tightly coupled systems, see multiprocessor

systemstime:

compile, 354effective access, 405effective memory-access, 374execution, 355of file creation/use, 504load, 354response, 20, 265–266turnaround, 265waiting, 265

time-out schemes, 762time profiles, 72time quantum, 271timer:

programmable interval, 601variable, 24

timers, 601–602timer objects, 841time sharing (multitasking), 20, 115time slice, 796timestamp counters (TSCs), 840–841TLB, see translation lookaside bufferTLB miss, 373TLB reach, 441–442top half interrupt service routines, 799TOPS-20, 900Torvalds, Linus, 781

touch screen (touchscreen computing), 5, 60trace tapes, 303tracks, disk, 468traditional computing, 35–36transactions:

atomic, 210defined, 813in Linux, 813–814in log-structured file systems, 569–570

transactional memory, 239–240transfer rate (disks), 468, 470transition thread state (Windows 7), 839translation lookaside buffer (TLB), 373–375,

849–850transmission control protocol (TCP), 758Transmission Control Protocol/Internet

Protocol (TCP/IP), 758–761, 871transparency, 764, 766, 767transport driver interface (TDI), 870transport layer, 757transport-layer protocol (TCP), 681traps, 21, 403, 594trap-and-emulate method, 717–718trap doors, 662trees, 33, 35tree-structured directories, 521–522triple DES, 677triple indirect blocks, 559Tripwire file system, 695Trojan horses, 661–662trusted computer base (TCB), 698TSCs (timestamp counters), 840–841tunneling viruses, 668turnaround time, 265turnstiles, 236two-factor authentication, 688twofish algorithm, 677two-level directories, 519–521two tuple, 365type 0 hypervisors, 712, 723–724type 1 hypervisors, 712, 724–725type 2 hypervisors, 713, 725type safety (Java), 649

U

UAC (User Account Control), 701UDP (user datagram protocol), 758UDP sockets, 137


Index 941

UFD (user file directory), 519UFS (UNIX file system), 545UI (user interface), 52–55UMA (uniform memory access), 16UMDF (User-Mode Driver Framework),

856UMS, see user-mode schedulingunbounded capacity (of queue), 130UNC (uniform naming convention), 872UNICODE, 837unified buffer cache, 565unified virtual memory, 565Unifix, 785uniform memory access (UMA), 16uniform naming convention (UNC),

872universal serial buses (USBs), 469UNIX file system (UFS), 545UNIX operating system:

consistency semantics for, 532–533domain switching in, 629–630feature migration with, 887, 888and Linux, 781permissions in, 536signals in, 183–185swapping in, 360

unreliability, 755upcalls, 188upcall handler, 188U.S. Digital Millennium Copyright Act

(DMCA), 44USBs (universal serial buses), 469used objects, 438, 803users, 4–5, 528–529user accounts, 699User Account Control (UAC), 701user authentication, 685–689

with biometrics, 689with passwords, 685–689

user datagram protocol (UDP), 758user-defined signal handlers, 184user file directory (UFD), 519user identifiers (user IDs), 31

effective, 31for files, 504

user interface (UI), 52–55user mobility, 573user mode, 22, 787User-Mode Driver Framework (UMDF),

856

user-mode scheduling (UMS), 296–297, 835,880–881

user-mode threads (UT), 844user programs (user tasks), 105–106, 807user rights (Linux), 822–823user threads, 169UT (user-mode threads), 844utilities, 888utility storage, 493utilization, 889

V

VACB (virtual address control block), 857VADs (virtual address descriptors), 852valid-invalid bit, 375variables:

automatic, 664condition, 879

variable class, 294variable timer, 24VAX minicomputer, 379–380VCPU (virtual CPU), 717vectored I/O, 603–604vector programs, 670vfork() (virtual memory fork), 409VFS, see virtual file systemvictim frames, 411views, 847virtual address, 356virtual address control block (VACB), 857virtual address descriptors (VADs), 852virtual address space, 398–399, 805–806virtual CPU (VCPU), 717virtual file system (VFS), 550–552, 809–811virtualization, 40–41

advantages and disadvantages of,714–716

and application containment, 727–728and emulation, 727and operating-system components,

728–735CPU scheduling, 729I/O, 731–732live migration, 733–735memory management, 730–731storage management, 732–733

para-, 725–726programming-environment, 726–727


942 Index

virtual machines, 711–738. See alsovirtualization

advantages and disadvantages of, 714–716and binary translation, 718–720examples, 735–737features of, 715–717and hardware assistance, 720–721history of, 713–714Java Virtual Machine, 736–737life cycle of, 722–723trap-and-emulate systems, 717–718type 0 hypervisors, 723–724type 1 hypervisors, 724–725type 2 hypervisors, 725VMware, 735–736

virtual machine control structures(VMCSs), 721

virtual machine manager (VMM), 22–23, 41,712

virtual machine sprawl, 723virtual memory, 20–21, 397–400

and copy-on-write technique, 408–409demand paging for conserving, 401–407

basic mechanism, 402–405with inverted page tables, 442and I/O interlock, 444–445and page size, 440–441and performance, 405–406and prepaging, 439–440and program structure, 442–443pure demand paging, 404and restarting instructions, 404–405and TLB reach, 441–442

direct virtual memory access, 596and frame allocation, 421–425

equal allocation, 423global vs. local allocation, 424proportional allocation, 423–424

kernel, 806–807and kernel memory allocation, 436–439in Linux, 804–807and memory mapping, 430–436

basic mechanism, 430–432I/O, memory-mapped, 435–436in Win32 API, 433–435

page replacement for conserving, 409–421and application performance, 421basic mechanism, 410–413counting-based page replacement, 420

FIFO page replacement, 413–414LRU-approximation page replacement,

418–420LRU page replacement, 416–418optimal page replacement, 414–415and page-buffering algorithms, 420–421

separation of logical memory fromphysical memory by, 398–399

size of, 398in Solaris, 446–447and thrashing, 425–430

cause, 426–427page-fault-frequency strategy, 429–430working-set model, 427–429

unified, 565in Windows, 445–446

virtual memory fork, 409virtual memory (VM) manager, 846–852virtual memory regions, 805virtual private networks (VPNs), 682, 871virtual routing, 753–754viruses, 666–669, 694–696virus dropper, 667VMCSs (virtual machine control structures),

721VMM, see virtual machine managerVM manager, 846–852VMware, 714, 735–736vnode, 550volatile storage, 11volumes, 516volume control block, 546volume management (Windows 7), 868–869volume shadow copies, 870volume table of contents, 516von Neumann architecture, 10VPNs, see virtual private networksvulnerability scans, 690–691

W

WAFL file system, 570, 577–580waiting state, 107waiting thread state (Windows 7), 839waiting time, 265wait queue, 818wait() system call, 120–122WANs, see wide-area networks


Index 943

Web distributed authoring and versioning(WebDAV), 872

wide-area networks (WANs), 17, 37, 749–750WiFi networks, see wireless networksWin32 API, 433–435, 830–831, 875Windows operating system (generally), 360,

901–902interprocess communication example, 135scheduling example, 294–296threads example, 188–189virtual memory in, 445–446

Windows 7, 829–884application compatibility of, 833–834design principles for, 831–837desktop versions of, 830–831dynamic device support, 837, 838and energy efficiency, 837extensibility of, 836fast-user switching with, 863–864file system, 864–870

change journal, 870compression and encryption, 869mount points, 869–870NTFS B1 tree, 865NTFS internal layout, 864–866NTFS metadata, 866recovery, 866–867security, 867volume management and fault

tolerance, 868–869volume shadow copies, 870

history of, 829–831networking, 870–875

Active Directory, 875domains, 874interfaces, 870protocols, 871–873redirectors and servers, 873–874

performance of, 834portability of, 836programmer interface, 875–884

interprocess communication, 881–882kernel object access, 875memory management, 882–884process management, 876–879sharing objects between processes,

875–876reliability of, 832–833security in, 700–701, 831–832

synchronization in, 833–834, 878–879system components for, 838–863

executive, see Windows executivehardware-abstraction layer, 838–839kernel, 839–844

terminal services, 863–864user-mode scheduling in, 296–297

Windows 2000, 832, 833, 836Windows executive, 844–863

booting, 862–863cache manager, 856–858client-server computing, 854–855I/O manager, 855–856object manager, 844–846plug-and-play manager, 860power manager, 860–861process manager, 852–853registry, 861–862security reference monitor, 858–859virtual memory manager, 846–852

Windows group policy, 875Windows NT, 829–830Windows Task Manager, 87, 88Windows thread library, 174–176Windows Vista, 830

security in, 700symbolic links in, 869–870

Windows XP, 830Winsock, 881wireless (WiFi) networks, 35, 748–749Witness, 326word, 9WorkGroup Solutions, 785working sets, 427, 431working-set maximum, 446working-set minimum, 446working-set model, 427–429Workstation (VMWare), 735–736workstations, 5world rights (Linux), 823World Wide Web, 529worms, 670–673WORM (write-once, read-many) format, 27worst-fit strategy, 363write-end (of pipe), 142write only devices, 599write queue, 817writers, 220writing files, 506


944 Index

X

x86-64 architecture, 387XDR (external data representation), 140XDS-940 operating system, 895–896Xen, 714Xerox, 59XML firewalls, 698

Z

zero capacity (of queue), 130zero-day attacks, 693zero-fill-on-demand technique, 409ZFS file system, 563–564, 570zombie systems, 673zones, 728, 801


Index [] · anonymous access, 529 anonymous memory, 484 anonymous pipes, 143–145 APCs, see...

Documents

Transcript of Index [] · anonymous access, 529 anonymous memory, 484 anonymous pipes, 143–145 APCs, see...