Operating Systems: Segments 1 Segmentation Hardware Support single user program system: – wish...
-
Upload
bernadette-barnett -
Category
Documents
-
view
212 -
download
0
Transcript of Operating Systems: Segments 1 Segmentation Hardware Support single user program system: – wish...
Operating Systems: Segments
1
Segmentation
Hardware Support
•single user program system:
– wish somehow to relocate address 0 to after operating system in memory
– can then compile and run program as if from address 0
•automatic hardware relocation:
– a Relocation Base Register (RBR)
– contents added in to every address before use
»set to 0 when running operating system
»set to address after operating system when running user program
– program generates virtual addresses
– become physical addresses after adding in the RBR contents
operatingsystem
userprogram
address 0for op. sys.
address 0for user prog.
Operating Systems: Segments
2
–used on the English Electric KDF9»first ever mainframe in the University of Edinburgh - 1968»operating system very small and simple – called the Director»RBR cleared when system call to Director and restored when returning to
user»48-bit words, zero-addressing for pushdown/popup evaluation stack
–also used on the DEC System-10»36-bit words»first mainframe in Dept. of Computer Science - 1973»used for Computer Aided Design
RBR
100000
CPU +
memoryvirtual address 2345
physical address 102345
Operating Systems: Segments
3
•multiprogramming system:
–each program must be prevented from accessing another program’s area
•a Limit Register in addition to RBR:–all virtual addresses must be less than a limit – the partition size
–an exception generated into the operating system when limit violated
–each program has its own base and limit values
–limit value is a virtual limit»hence limit check and base address addition can operate
concurrently
Op. Sys. Partition 1 Partition 2 Partition 3
RBR
CPU +
memory
Limit
<virtual address yes
no
Operating Systems: Segments
4
•Multiple base and limit registers
–separate pairs for each module e.g. code, data:
code:
data:
–in effect Segment Registers
–CPU knows whether code or data access requested
»hence can relocate using the correct base and limit pair
RBRcode LRcode
RBRdata LRdata
code data
LRcode LRdata
RBRcode RBRcode
Operating Systems: Segments
5
•Example : Intel 8086 (and Pentium real-address mode)
–a 16-bit machine with 16-bit registers :
–appropriate segment registers are selected implicitly
»executing code addresses imply code segment register
»stack operations imply stack segment register
»others depend on the registers used in the instruction:
AX AH AL
DX DH DL
CX CH CL
BX BH BL
BP
SI
DI
SP
7 0 7 0
multiply, divide & I/O
loop, shift, repeat & count
base registers
index registers
stack pointer
CS
DS
SS
ES
code segment selector
data segment selector
stack segment selector
extra segment selector
F
IP
MSW
flags
instruction pointer
machine status word
15 0
15 0
SP
SS
BP
SS
BX
DS
SI
DS
DI
DS
BP+SI/DI
SS
BX+SI/DI
SS
Register
Implied Segment
ES for string operations
Operating Systems: Segments
6
»implicit segment register selection can be overridden with an instruction prefix
»new values can be loaded into segment registers at any time
–segments are all 64Kb in length
–physical address calculation:
»CPU addresses generated are 16-bits – regarded as within-segment offset
»segment register value shifted left 4 and added to within-segment offset:
–no variable size segments and no limit checking
–segments can overlap in memory
–no differential read/write/execute protection
19 18 17 16 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 0
0 0 0 0
19 18 17 16 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 0
0 0 0 0
20 19 18 17 16 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 0
base
offset
linear address
+
=64K segment
base
0
Operating Systems: Segments
7
•Segment Tables
–an indexed array of base & limit pairs:
–virtual address partitioned into two parts
»position of partition defines maximum number of segments and their size
–other information also present in each index entry
»presence bit – whether this segment exists and has a valid base and limit
»protection bits – to allow read/write/execute etc. for this segment
»cacheable bit – to allow data in this segment to be cached or not
0
1
2
3
base limit
segment number within-segment offsetvirtual address
Operating Systems: Segments
8
•Example – 1Mb segments :
virtual address space
0x000000
0x100000
0x200000
0x300000
0x400000
.
.
.
.
main program
library
data
stack
main program
data
library
stack
0x000000
0x0A0000
0x1C0000
0x300000
0x000000 0x0A00000
1
2
3
4
.
.
.
.
physical address space
0x1C0000 0x080000
- -
0x0A0000 0x0C0000
0x300000 0x100000
Operating Systems: Segments
9
•Shared segments:
process 1 virtual address space
0x000000
0x100000
main program 1
shared library
main program 1
shared library
main program 2
0x000000
0x1C0000
0x000000 0x0A00000
1
.
.
.
.
physical address space
0x1C0000 0x080000
- -
Process 1 process 1 segment table
0x0C0000
process 2 virtual address space
0x000000
0x100000
main program 2
shared library
0x0C0000 0x0B00000
1
2
.
.
.
.
0x1C0000 0x080000
Process 2 process 2 segment table
0x200000
- -
Operating Systems: Segments
10
•Example : the ARM processor MMU :
–12-bit section (segment) number, 20-bit offset
–Translation Table Base is a loadable processor register
»new value loaded whenever running process switched
–translation table (segment table) contains descriptors for sections
Operating Systems: Segments
11
–level-one descriptor formats :
»AP : access permission bits, read/write, no access etc. together with other processor register bits R and S
»Domain : level of access control, client/manager etc.
»C : cacheable bit
»B : bufferable bit – write-through write buffer enable bit
–paging also possible
»two page sizes available, 4Kb and 1Mb blocks
Operating Systems: Segments
12
–the full translation process for sections :
Operating Systems: Segments
13
•Example : Intel Pentium protected mode :–32-bit registers with 16 and 8 bit versions available for backwards compatibility
–implicit segment register selection as on 8086
–running program must ensure segment registers loaded with correct selectors»a selector is an index into a Descriptor Table»a descriptor table acts as a segment table but many other types of
descriptor also exist: e.g. call, interrupt, trap and task gates
AH AL
DH DL
CH CL
BH BL
15 7 0
CS
DS
SS
ES
code segment selector
data segment selector
stack segment selector
extra segment selectors
15 0
31 0
FS
GS
AX
DX
CX
BX
BP
SI
DI
31
SP
EAX
EDX
ECX
EBX
EBP
ESI
EDI
ESP EFLAGS
EIP
status and control registers
Operating Systems: Segments
14
–selector structure :
»TI : table indicator, 0 = Global Descriptor Table, 1 = Local Descriptor Table
»RPL : Requestor Privilege Level, 00 = most privileged, 11 = least privileged
15 3 2 1 0
TI RPLindex
Global Descriptor Table
base address limit
Global Descriptor Table Base Register
Local Descriptor Table
base address limit
Local Descriptor Table Base Register
Operating Systems: Segments
15
–two descriptor tables :
»one for kernel segments and gates same table used all the time
each process has its own local descriptor table
saves reloading base register each time kernel entered
»one for each process segments and gates local descriptor table base register changed as running process switched
–selector index (13 bits) + TI bit + within-segment offset (32 bits)
»effectively give a 46-bit virtual address :
selector offset
segment descriptor
descriptor table
+ linear address
15 3 31 0
baseaddress
31 0
36-bit linear address alsopossible on Pentium II up
Operating Systems: Segments
16
–descriptor table segment entry :
»base : segment base address
»G : granularity : 0 = segment limit expressed in bytes, from 1 byte to 1Mb
1 = segment limit expressed in 4Kb units, from 4Kb to 4Gb
»D : default operation size, 0 = 16-bit, 1 = 32-bit for backwards compatibility
»P : presence bit
»DPL : descriptor privilege level
»S : system/application descriptor type
»type : segment type for access control
31 30 29 28 27 26 25 24 23 22 21 20 19 18 17 16 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 0
base (31:24) G D P DPL S type base (23:16)
base address (15:0) segment limit (15:0)
seg lim(19:16)
Operating Systems: Segments
17
–A bit : set when selector has been loaded into a segment register
–expand-down for stacks etc.
»the limit check reversed
–conforming associated with changing privilege levels in new segments
Operating Systems: Segments
18
–when a program loads a selector into a segment register :
»hardware uses selector value to index into appropriate descriptor table and loads base and limit values into invisible part of the segment register:
–access permission to segment validated at time of loading segment register
»never needs to be done again whilst that segment is in use much more efficient
–checks involve:
»processes current privilege level (CPL)
»descriptor privilege level (DPL)
»requestor privilege level (RPL)
CS
DS
SS
ES
FS
GS
visible part invisible part
selector base address, limit etc.
Operating Systems: Segments
19
–CPL is held in the two lowest bits of the code segment (CS) register»normally is the same as the privilege level of the current code
segment except for conforming segments called from a less privileged level
»changes when control passes to a code segment with a different privilege level
–instructions may only load a segment register if CPL DPL»i.e. process has a greater or equal level of privilege as the segment»Rings of Protection
–RPL is in the segment selector»represents the privilege level of the
procedure which created the selector»when RPL CPL, this value overrides
the CPL for accesses using that selector»used to guard against a security violation
in which a less privileged program requests a more privileged program to access protected data
»data can be given a lower privilege RPL to protect it, even though the program doing the accessing might otherwise have sufficient privilege to do so
higherprivilege
lowerprivilege
0
1
2
3
Operating Systems: Segments
20
•Multitasking on Pentiums
–Task State Segment (TSS)
»for each process, holds volatile context (PCB) for that process
»a segment with a descriptor in the Global Descriptor Table
–Task Register (TR)
»identifies the current TSS
–Interrupt Descriptor Table Register (IDTR)
»a segment register for the segment which holds the Interrupt Descriptor Table
»when an interrupt occurs, this table is used as an interrupt vector