The Common Language Runtime (CLR)
description
Transcript of The Common Language Runtime (CLR)
The Common Language Runtime (CLR)
Mark Sapossnek
CS 594
Computer Science Department
Metropolitan College
Boston University
Prerequisites
Overview of .NET
Learning Objectives
Understand the breadth of services that the Common Language Runtime provides
Agenda
What Is the CLR? Assemblies Execution Model Interoperability Security
Web Form
.NET Framework
Windows
Web Service
CLR
What is the CLR?The .NET Platform
.NET FoundationWeb Services
Your InternalWeb Service
Third-PartyWeb Services
.NET EnterpriseServers
Clients Applications
Protocols: HTTP,HTML, XML, SOAP, UDDI
Tools:Visual Studio.NET,
Notepad
A set of technologies for developing and using components to create: Web Forms Web Services Windows applications
Supports the software lifecycle Development Debugging Deployment Maintenance
What Is the CLR?The .NET Framework
Common Language Specification
Common Language Runtime
VB C++ C#
ASP.NET: Web Servicesand Web Forms
JScript …
WindowsForms
Base Classes
ADO.NET: Data and XML
Visu
al Stu
dio
.NE
T
What Is the CLR?The .NET Framework
What Is the CLR?Overview
The CLR provides a run-time environment that manages the execution of code and provides services that improves development, deploy-ment, and run time.
Code that targets the CLR is called managed code.
What Is the CLR?Goals
Development services Deep cross-language interoperability Increased productivity
Deployment services Simple, reliable deployment Fewer versioning problems – NO MORE ‘DLL HELL’
Run-time services Performance Scalability Availability
What Is the CLR?Goal: Simpler Development
Plumbing disappears Metadata Transparent proxies Memory management Consistent exception handling
Great WYSIWYG tool support Designers and wizards Debuggers Profilers
Increased productivity
What Is the CLR?Goal: Simpler, Safer Deployment
No registration, zero-impact install XCOPY deployment, incremental download
Side-by-side versions of shared components Capture version at compile time Administrative policy at run time
Evidence-based security policy Based on code as well as user Code origin (location) Publisher (public key)
DLL Hell
What Is the CLR?Goal: Scalability
Smart device to Web Farm Automatic memory management
Self-configuring Dynamically tuning
Thread pool Asynchronous messaging
Object remoting Events
Smart device version Multiple RTOSes Same tools used for desktop
What Is the CLR?Goal: Rich Web Clients, Safe Hosting
WinForms on the client ASP.NET Web Forms on the server Code is granted permissions
Evidence is used by policy to grant permissions
Application that starts runtime Like Internet Explorer, IIS, SQL Server™, Shell
Provides some evidence Controls code loading Maps applications to processes
COM, ASP, VB, C++ All services available Many services redesigned
Ease of use Scalability Consistent API
Consistent framework raises the abstraction layer Gradual transition from simplicity to full power Less training, greater productivity
What Is the CLR?Goal: Converge Programming Models
What Is the CLR?Goal: Multiple Languages
Common Type System Object-oriented in flavor Procedural languages well supported Functional languages possible
CLS guides frameworks design Rules for wide reach All .NET Framework functionality available
Over 15 languages investigated Most are CLS consumers Many are CLS extenders
Choose the right language for a particular job
What Is the CLR?Highlights
Common Type System Mapping of data types: Programming language Framework
Just-in-time (JIT) compilers JIT compiles intermediate language (MSIL) into native code Highly optimized for platform or device
Garbage collectorPermission and policy-based securityExceptionsThreadingReflectionDiagnostics and profiling
What Is the CLR?Services
Code management Memory management
and isolation Verification of type safety Conversion of MSIL to
native code Loading and execution of
managed code Creation and
management of metadata Insertion and execution of
security checks
Handling cross-language exceptions
Interoperation between .NET Framework objects and COM objects and Win32 DLLs
Automation of object layout for late binding
Developer services (profiling, debugging, etc.)
What Is the CLR? Architecture
Class Loader
MSIL to NativeCompilers (JIT)
CodeManager
GarbageCollector (GC)
Security Engine Debug Engine
Type Checker Exception Manager
Thread Support COM Marshaler
Base Class Library (.NET Framework) Support
What Is the CLR? Soon To Be a Standard
Microsoft, with HP and Intel, submitted proposal to ECMA to standardize: C# Common Language Infrastructure
Includes the Common Language Runtime and a subset of the .NET Framework classes
http://msdn.microsoft.com/net/ecma/ http://www.ecma.ch
Agenda
What Is the CLR? Assemblies Execution Model Interoperability Security
AssembliesOverview
Contains code and metadata Assemblies function as:
Unit of deployment Type boundary Security boundary Reference scope boundary Version boundary Unit of side-by-side execution
AssembliesOverview
Assemblies can be: Static: DLL, EXE
Uses existing COFF binary format Via existing extension mechanism
Dynamic
Create assemblies with .NET Framework SDK Visual Studio.NET Your own code
Dynamic assemblies
Manifest Metadata about the assembly itself
Type metadata Completely describes all types defined in
an assembly
Managed code Microsoft Intermediate Language (MSIL)
Resources For example, .bmp, .jpg
AssembliesComponents of an Assembly
ManifestManifest
MSILMSIL
ResourcesResources
ParcelTracker.DLL
AssembliesComponents of an Assembly
Type MetadataType Metadata
AssembliesComponents of an Assembly
An assembly is a logical unit, not physical It can consist of multiple modules (.DLL, .JPG, etc.)
AssemblyModule
File
Type
In this figure, containment implies a 1:M relationship
AssembliesComponents of an Assembly
A single-file assembly A multi-file assembly
ManifestMetadata
MSIL
File1.dll
MetadataMSIL
File2.dll Graphic.jpg
Resource
Logo.gif
Resource
Manifest
File3.dll
AssembliesAssembly Generation Tool: al.exe
Takes one or more files (containing either MSIL or resource files) and produces a file with an assembly manifest.
When compiling a C# file, you can specify that it create a module instead of an assembly by using /target:module.
AssembliesManifest
Manifest contains: Identity information
Name, version number, culture, strong name List of files in the assembly Map of assembly types to files Dependencies
Other assemblies used by this assembly Exported types Security permissions needed to run
Type Descriptions
ClassesBase classesImplemented interfacesData membersMethods
ClassesBase classesImplemented interfacesData membersMethods
Assembly Description
NameVersionCulture
NameVersionCulture
Other assembliesSecurity PermissionsExported Types
Other assembliesSecurity PermissionsExported Types
AssembliesManifest and Metadata
Manifest
Metadata
AssembliesWhat’s In the Metadata
Description of types Name, visibility, base class, interfaces implemented Members
methods, fields, properties, events, nested types
Attributes User-defined Compiler-defined Framework-defined
AssembliesDemo: ILDASM.EXE
Allows you to inspect the metadata and disassembled IL code in an assembly
Great way to see what’s really going on Use ildasm /? to see the various options
AssembliesMetadata
Key to simpler programming model Generated automatically
Stored with code in executable file (.dll or .exe)
AssembliesMetadata: Creation and Use
Assembly(Manifest, metadataand code)
Debugger
Schema Generator
Profiler
OtherCompiler
Proxy Generator
Type Browser
Compiler
SourceCode
XML encoding(WSDL)
Serialization(e.g. SOAP)
Designers
Reflection
AssembliesCompilers Use Metadata
For cross-language data type import Emit metadata with output code
Describe types defined and used Record external assemblies referenced Record version information
Custom attributes can be used Obsolete CLS compliance Compiled for debugging Language-specific markers
AssembliesOther Tools Use Metadata
Designer behavior Controlled by user-supplied attributes
Category Description
Designer extensibility User-supplied attributes specify code to use
Type converters Editors
Web methods marked by custom attribute Type viewer
AssembliesGlobal Assembly Cache
A set of assemblies that can be referenced by any application on a machine
Should be used only when needed Private assemblies are preferred
Located at %SystemRoot%\assembly (c:\winnt\assembly)
Add assemblies by Installer program gacutil.exe Windows Explorer
Assembly Cache Viewer (shfusion.dll) is a shell extension for GAC that is installed with the .NET Framework SDK
.NET Framework Configuration Tool (mscorcfg.msc) Assembly must have a strong name
AssembliesStrong Names
Strong names identify an assembly Contains text name, version, culture, public key, and
digital signature Generated from an assembly using a private key Benefits
Guarantees name uniqueness Protect version lineage
No one else can create a new version of your assembly Provides strong integrity check
Guarantees that contents of an assembly didn’t change since it was built
AssembliesStrong Names
To sign an assembly with a strong name: Use Assembly Generation tool: al.exe Use assembly attributes
(AssemblyKeyFileAttribute or AssemblyKeyNameAttribute)
Requires a key pair (private and public) To generate a key pair use the Strong Name tool: sn.exe
AssembliesDemo: Installing an Assembly in GAC
Create assembly Sign assembly with key from sn.exe Install into GAC via gacutil.exe, Assembly Cache
Viewer and .NET Framework Configuration Tool
AssembliesSigncode
A strong name identifies an assembly but it does not authenticate an assembly Strong names do NOT imply a level of trust
Signcode allows the embedding of a certificate in an assembly Now your assembly can be authenticated
AssembliesSigncode
To use signcode: Obtain a Software Publisher Certificate (.spc) Use signcode.exe to sign the assembly
Signcode can only sign one file at a time For an assembly, you sign the file containing the
manifest
Purchase one from a well known Certificate Authority (such as Verisign)
Create your own For testing purposes only Use Makecert.exe to create a X.509 certificate Use cert2spc.exe to generate an SPC from a
X.509 certificate
AssembliesHow Do You Obtain a Certificate?
AssembliesStrong Names and Signcode
Strong names and signcode provide different, complimentary levels of protection
You can assign a strong name or assign a signcode signature to an assembly, or both
When using both, the strong name must be assigned first
AssembliesSigncode
Specify what permissions your assembly needs Only specify required permissions Handle optional permissions dynamically
Set security policy on run-time machine
Unit of deployment One or more files, independent of packaging Self-describing via manifest and metadata
Versioning Captured by compiler Policy per-application as well as per-machine
Security boundary Assemblies are granted permissions Methods can demand proof that a permission
has been granted to entire call chain Mediate type import and export
Types named relative to assembly
AssembliesDeployment
AssembliesDeployment
Applications are configurable units One or more assemblies Application-specific files or data
Assemblies are located based on: Their logical name and the application that loads them
Applications can have private versions of assemblies Private version preferred to shared version Version policy can be per application
AssembliesMSIL
Microsoft Intermediate Language
.assembly hello {}
.assembly extern mscorlib {}
.method static public void main() il managed { .entrypoint .maxstack 1 ldstr "Hello World from IL!" call void [mscorlib]System.Console::WriteLine(class System.String) ret}
AssembliesMSIL
Compiled with ilasm.exe MSIL was designed for the CLR
Object-oriented (primitives are not special) Designed for the Common Type System Does not embed type information
See documentation in \FrameworkSDK\Tool Developers Guide\docs
Agenda
What Is the CLR? Assemblies Execution Model Interoperability Security
Source CodeSource Code
C++, C#, VB or any .NET language
csc.exe or vbc.exe
Compiler
AssemblyAssembly
DLL or EXE
Execution ModelCreate Assembly
CLR
Execution Model
VBSource Code
Compiler
C++C#
Assembly AssemblyAssembly
Operating System Services
MSIL
Common Language Runtime JIT Compiler
Compiler Compiler
NativeCode
ManagedCode
ManagedCode
ManagedCode
UnmanagedCode
CLR Services
Ngen
Execution ModelCompiling IL to Native Code
JIT compiler Generates optimized native code Compiled when a method is first called Includes verification of IL code
Ngen.exe Install-time native code generation Used when assembly is installed on machine Reduces start-up time Native code has version checks and reverts
to run-time JIT if they fail
Execution ModelRun-Time Hosts
ASP.NET Internet Explorer Shell executables More in future
For example: SQL Server (Yukon)
Can create your own run-time hosts
Execution ModelBinding to Assemblies
An application consists of one or more assemblies.
How does one assembly bind to another? Based upon metadata and policy
Local (preferred) Assembly Global Cache
Multiple versions of an assembly may exist on the same machine. Easier software deployment, updates and removal Multiple versions of an assembly can even be used by
the same application
Execution ModelApplication Domains
Traditionally, processes were used to isolate applications running on the same computer Isolates failure of one application Isolates memory
Problems Uses more resources If needed, inter-process calls can be expensive
Execution ModelApplication Domains
.NET introduces Application Domains, which allow you to run multiple applications within the same process
Enabled by code verification No code will crash the process
Managed by the System.AppDomain class Common assemblies can be shared across
domains or can be specific to a domain
Execution ModelApplication Domains
Benefits: Application domains are isolated Faults are isolated Individual applications can be stopped without
stopping the process Can configure each application domain independently Can configure security for each domain Cross-domain calls can be done through proxies
More efficient than cross-process calls
Execution ModelApplication Domains
Process
Shared class dataand native code
App.Domain
(class dataand
native code)
App.Domain
Thread
Agenda
What Is the CLR? Assemblies Execution Model Interoperability Security
Common Type System (CTS) A superset of the data types used by most modern
programming languages Common Language Specification (CLS)
A subset of CTS that allows code written in different languages to interoperate
What languages? Microsoft: C++, Visual Basic, C#, JScript Third-Party: Cobol, Eiffel, Smalltalk, Scheme, Oberon,
Haskell, Python, Perl, Java, …
InteroperabilityCross Language
InteroperabilityCommon Type System
Value types Classes Arrays Interfaces Delegates Nested types Enumerations Pointers
Managed pointers, unmanaged pointers, unmanaged function pointers
InteroperabilityCommon Type System
Members: fields, properties, methods, events Abstract, virtual, final Literal, initialize-only Static, instance Public, private, family, assembly Newslot, override
InteroperabilityManaged/Unmanaged
.NET provides interoperability mechanism to permit managed code to call into unmanaged code and vice versa
Why? Existing code works, why rewrite it? Calling Microsoft functionality not yet available
as .NET assemblies For example, OLEDB server-side cursors
Calling 3rd party native code Migrate your code incrementally
InteroperabilityManaged/Unmanaged
C# VB
C++
MSVCRT
MFC/ATL
Managed Unmanaged
Delphi
VB
InteroperabilityManaged/Unmanaged
COM/DLL Binary standard Type libraries Immutable Type unsafe Interface based HResults Guids
.NET Framework Type standard Assemblies Resilient Type safe Object based Exceptions Strong names
InteroperabilityManaged/Unmanaged
.NET provides two mechanisms for interoperability between managed and unmanaged code: P/Invoke – Platform Invocation COM integration
InteroperabilityP/Invoke
Provides access to static entry points in unmanaged DLLs
Similar to: VB Declare statement C/C++ LoadLibrary / GetProcAddress
Requires method definition with custom attribute Marshalls data across the boundary
InteroperabilityP/Invoke
public class Win32API { [DllImport(“User32.dll”, EntryPoint=“MessageBox”)] public static extern Boolean MsgBox(…);}
InteroperabilityP/Invoke
[StructLayout(LayoutKind.Sequential)]Public struct OSInfo (
uint MajorVersion;uint MinorVersion;String VersionString;
}
public class Win32API { [DllImport(“User32.dll”)] public static extern Boolean GetVersionEx(OSInfo osi);}
InteroperabilityP/Invoke
Transitions have overhead Roughly 20-30 instructions per call
Data marshaling adds additional overhead Depending on type and size of data Isomorphic types (char, int, float, long, double, etc.) are cheap
Make transitions wisely Chunky calls as opposed to chatty
InteroperabilityCOM Integration
What is COM? What is the relationship between
the CLR and COM?
InteroperabilityWhat Is COM?
Application
Code and data structures
Before COM, applications were completely separate entities with little or no integration
COM provides a way for components to integrate. However, each component must provide the “plumbing” and objects cannot directly interact.
InteroperabilityWhat Is COM?
With the .NET Framework Common Language Runtime, components are built on a common substrate. No “plumbing” is needed and objects can directly interact.
InteroperabilityCOM Integration
InteroperabilityCOM Integration
Provides a bridge between .NET Framework and COM and vice versa
Maintains programming model consistency on both sides Abstracts the inconsistencies between the two models
Different data types Method signatures Exception/HRESULTs
Use COM interoperability for Backward compatibility COM+ services
InteroperabilityCOM Integration
Using COM components from .NET Use TlbImp.exe to generate an assembly (.DLL)
that is a wrapper for a COM component Then just reference it, instantiate with new, call it,
derive classes from it, catch exceptions, use reflection, etc.
Don’t have to know anything about COM The CLR creates a Runtime Callable Wrapper (RCW)
that implements all the COM plumbing Reference counting, marshalling data,
mapping HRESULTs to exceptions, etc.
InteroperabilityCOM Integration
Using .NET components from COM Use RegAsm.exe to register all public classes in an
assembly Can use TlbExp.exe to create a COM type library Use the component from COM just like any other
COM component The CLR creates a COM Callable Wrapper (CCW)
that implements the necessary COM interfaces (IUnknown, IDispatch, ITypeInfo, etc.) and marshalls data between managed and unmanaged code
Use RegSvcs.exe to register .NET classes in COM+ Will create COM+ Application or use an existing one
Agenda
What Is the CLR? Assemblies Execution Model Interoperability Security
SecurityWhy Care?
SecurityDesign Goals
Provide a robust security system for partially-trusted, mobile code
Make it easy to: Express fine-grained authorizations Extend and customize the system Perform security checks in user code
No end-user UI! Never ask a user to make a security decision
“on the fly”
SecurityCode Verification
Code can only perform legal operations Encapsulation boundary is preserved
Can only call the exposed methods
No buffer overruns
SecurityCode Access Security
Code may require permissions to run Security policy determines what code is allowed
to run By machine
Where did this code come from? Who authored it?
By user
If no permission then a SecurityException is thrown
SecurityCode Access Security
Can specify the permissions needed by code Declarative, with attributes Imperative
See permissions classes in the namespace: System.Security.Permissions
Create a permission object, then call Demand()
By default, the CLR will ensure that all code in call chain has the necessary permissions
SecurityCode Access Security
Security check Varying levels of trust Behavior constrained by least trustworthy
componentAssembly A1
Assembly A2
Assembly A3
Assembly A4
G1
G4
G3
G2
P
P
P
Call Chain
SecurityCode Access Security
Can override security checks Assert() lets you and the code you call perform
actions that you have permission to do, but your callers may not.
Deny() lets you prevent downstream code from performing certain actions
PermitOnly() is like Deny(), but you specify the only permissions the downstream code will have.
SecurityPermissions
Permission and permission set XML representation of permissions
Code access permissions Protect resources and operations
Identity permissions Characteristics of an assembly‘s identity
Role-based permissions Discover a user‘s role or identity
Custom permissions Design and implement your own classes
SecurityPolicy
Process of determining permissions to grant to code Permissions granted to code, not user Grants are on a per-assembly basis
Multiple levels of policy Machine-wide, user-specific by default Further restrictions allowed on a per application-
domain basis
SecurityPolicy
Each policy level is a collection of code groups Code has identity in the runtime, just like users have
identity in OS Permissions are associated with each code group
Evidence determines group membership In the group, get granted the related permissions
All Code
Publisher:Microsoft
Zone:Internet
Zone:Local Intranet
Site:XYZ.COM
Name:MS.Office
Name:MS.Money
Site:localweb
P
P
Publisher:Corp. Admin
P PP
PPP
P
SecurityPolicy
Policy levels: machine, user, application domain
machineuser
appdomainResulting
permission set
SecurityTools
Code access security tool caspol.exe
Managing certificates cert2spc.exe, certmgr.exe , makecert.exe , chktrust.exe
Managing assemblies Shared Name utility: Sn.exe Global Assembly Cache utility: gacutil.exe
permview.exe View permissons requested by an assembly
Conclusion
What Is the CLR? Assemblies Execution Model Interoperability Security
Resources
.NET Framework and the CLR by Jeffrey Richter http://msdn.microsoft.com/msdnmag/issues/0900/Framework
/Framework.asp http://msdn.microsoft.com/msdnmag/issues/1000/Framework2
/Framework2.asp Garbage Collection by Jeffrey Richter
http://msdn.microsoft.com/msdnmag/issues/1100/GCI/GCI.asp http://msdn.microsoft.com/msdnmag/issues/1200/GCI2/GCI2.asp
Building, Packaging, Deploying by Jeffrey Richter http://msdn.microsoft.com/msdnmag/issues/01/02/buildapps
/buildapps.asp http://msdn.microsoft.com/msdnmag/issues/01/03/buildapps2
/buildapps2.asp
Resources
Security article by Keith Brown http://msdn.microsoft.com/msdnmag/issues/01/02/CAS/CAS.asp
ECMA CLI Standardization http://msdn.microsoft.com/net/ecma/ http://www.ecma.ch