- •Preface
- •Contents
- •1.1 What Operating Systems Do
- •1.2 Computer-System Organization
- •1.4 Operating-System Structure
- •1.5 Operating-System Operations
- •1.6 Process Management
- •1.7 Memory Management
- •1.8 Storage Management
- •1.9 Protection and Security
- •1.10 Kernel Data Structures
- •1.11 Computing Environments
- •1.12 Open-Source Operating Systems
- •1.13 Summary
- •Practice Exercises
- •Bibliographical Notes
- •Bibliography
- •2.3 System Calls
- •2.4 Types of System Calls
- •2.5 System Programs
- •2.6 Operating-System Design and Implementation
- •2.9 Operating-System Generation
- •2.10 System Boot
- •2.11 Summary
- •Practice Exercises
- •Bibliographical Notes
- •Bibliography
- •3.1 Process Concept
- •3.2 Process Scheduling
- •3.3 Operations on Processes
- •3.4 Interprocess Communication
- •3.5 Examples of IPC Systems
- •3.7 Summary
- •Practice Exercises
- •Bibliographical Notes
- •Bibliography
- •4.1 Overview
- •4.2 Multicore Programming
- •4.3 Multithreading Models
- •4.4 Thread Libraries
- •4.5 Implicit Threading
- •4.6 Threading Issues
- •4.8 Summary
- •Practice Exercises
- •Bibliographical Notes
- •Bibliography
- •5.1 Background
- •5.3 Peterson’s Solution
- •5.4 Synchronization Hardware
- •5.5 Mutex Locks
- •5.6 Semaphores
- •5.7 Classic Problems of Synchronization
- •5.8 Monitors
- •5.9 Synchronization Examples
- •5.10 Alternative Approaches
- •5.11 Summary
- •Practice Exercises
- •Bibliographical Notes
- •Bibliography
- •6.1 Basic Concepts
- •6.2 Scheduling Criteria
- •6.3 Scheduling Algorithms
- •6.4 Thread Scheduling
- •6.5 Multiple-Processor Scheduling
- •6.6 Real-Time CPU Scheduling
- •6.8 Algorithm Evaluation
- •6.9 Summary
- •Practice Exercises
- •Bibliographical Notes
- •Bibliography
- •7.1 System Model
- •7.2 Deadlock Characterization
- •7.3 Methods for Handling Deadlocks
- •7.4 Deadlock Prevention
- •7.5 Deadlock Avoidance
- •7.6 Deadlock Detection
- •7.7 Recovery from Deadlock
- •7.8 Summary
- •Practice Exercises
- •Bibliography
- •8.1 Background
- •8.2 Swapping
- •8.3 Contiguous Memory Allocation
- •8.4 Segmentation
- •8.5 Paging
- •8.6 Structure of the Page Table
- •8.7 Example: Intel 32 and 64-bit Architectures
- •8.8 Example: ARM Architecture
- •8.9 Summary
- •Practice Exercises
- •Bibliographical Notes
- •Bibliography
- •9.1 Background
- •9.2 Demand Paging
- •9.3 Copy-on-Write
- •9.4 Page Replacement
- •9.5 Allocation of Frames
- •9.6 Thrashing
- •9.8 Allocating Kernel Memory
- •9.9 Other Considerations
- •9.10 Operating-System Examples
- •9.11 Summary
- •Practice Exercises
- •Bibliographical Notes
- •Bibliography
- •10.2 Disk Structure
- •10.3 Disk Attachment
- •10.4 Disk Scheduling
- •10.5 Disk Management
- •10.6 Swap-Space Management
- •10.7 RAID Structure
- •10.8 Stable-Storage Implementation
- •10.9 Summary
- •Practice Exercises
- •Bibliographical Notes
- •Bibliography
- •11.1 File Concept
- •11.2 Access Methods
- •11.3 Directory and Disk Structure
- •11.4 File-System Mounting
- •11.5 File Sharing
- •11.6 Protection
- •11.7 Summary
- •Practice Exercises
- •Bibliographical Notes
- •Bibliography
- •12.2 File-System Implementation
- •12.3 Directory Implementation
- •12.4 Allocation Methods
- •12.5 Free-Space Management
- •12.7 Recovery
- •12.9 Example: The WAFL File System
- •12.10 Summary
- •Practice Exercises
- •Bibliographical Notes
- •Bibliography
- •13.1 Overview
- •13.2 I/O Hardware
- •13.3 Application I/O Interface
- •13.4 Kernel I/O Subsystem
- •13.5 Transforming I/O Requests to Hardware Operations
- •13.6 STREAMS
- •13.7 Performance
- •13.8 Summary
- •Practice Exercises
- •Bibliographical Notes
- •Bibliography
- •14.1 Goals of Protection
- •14.2 Principles of Protection
- •14.3 Domain of Protection
- •14.4 Access Matrix
- •14.5 Implementation of the Access Matrix
- •14.6 Access Control
- •14.7 Revocation of Access Rights
- •14.8 Capability-Based Systems
- •14.9 Language-Based Protection
- •14.10 Summary
- •Practice Exercises
- •Bibliographical Notes
- •Bibliography
- •15.1 The Security Problem
- •15.2 Program Threats
- •15.3 System and Network Threats
- •15.4 Cryptography as a Security Tool
- •15.5 User Authentication
- •15.6 Implementing Security Defenses
- •15.7 Firewalling to Protect Systems and Networks
- •15.9 An Example: Windows 7
- •15.10 Summary
- •Exercises
- •Bibliographical Notes
- •Bibliography
- •16.1 Overview
- •16.2 History
- •16.4 Building Blocks
- •16.5 Types of Virtual Machines and Their Implementations
- •16.6 Virtualization and Operating-System Components
- •16.7 Examples
- •16.8 Summary
- •Exercises
- •Bibliographical Notes
- •Bibliography
- •17.1 Advantages of Distributed Systems
- •17.2 Types of Network-based Operating Systems
- •17.3 Network Structure
- •17.4 Communication Structure
- •17.5 Communication Protocols
- •17.6 An Example: TCP/IP
- •17.7 Robustness
- •17.8 Design Issues
- •17.9 Distributed File Systems
- •17.10 Summary
- •Practice Exercises
- •Bibliographical Notes
- •Bibliography
- •18.1 Linux History
- •18.2 Design Principles
- •18.3 Kernel Modules
- •18.4 Process Management
- •18.5 Scheduling
- •18.6 Memory Management
- •18.7 File Systems
- •18.8 Input and Output
- •18.9 Interprocess Communication
- •18.10 Network Structure
- •18.11 Security
- •18.12 Summary
- •Practice Exercises
- •Bibliographical Notes
- •Bibliography
- •19.1 History
- •19.2 Design Principles
- •19.3 System Components
- •19.4 Terminal Services and Fast User Switching
- •19.5 File System
- •19.6 Networking
- •19.7 Programmer Interface
- •19.8 Summary
- •Practice Exercises
- •Bibliographical Notes
- •Bibliography
- •20.1 Feature Migration
- •20.2 Early Systems
- •20.3 Atlas
- •20.7 CTSS
- •20.8 MULTICS
- •20.10 TOPS-20
- •20.12 Macintosh Operating System and Windows
- •20.13 Mach
- •20.14 Other Systems
- •Exercises
- •Bibliographical Notes
- •Bibliography
- •Credits
- •Index
Bibliography 653
control scheme can be incorporated in a programming language that supports abstract data types. The use of minimal operating-system support to enforce protection was advocated by the Exokernel Project ([Ganger et al. (2002)], [Kaashoek et al. (1997)]). Extensibility of system code through language-based protection mechanisms was discussed in [Bershad et al. (1995)]. Other techniques for enforcing protection include sandboxing ([Goldberg et al. (1996)]) and software fault isolation ([Wahbe et al. (1993)]). The issues of lowering the overhead associated with protection costs and enabling user-level access to networking devices were discussed in [McCanne and Jacobson (1993)] and [Basu et al. (1995)].
More detailed analyses of stack inspection, including comparisons with other approaches to Java security, can be found in [Wallach et al. (1997)] and [Gong et al. (1997)].
Bibliography
[Basu et al. (1995)] A. Basu, V. Buch, W. Vogels, and T. von Eicken, “U-Net: A User-Level Network Interface for Parallel and Distributed Computing”,
Proceedings of the ACM Symposium on Operating Systems Principles (1995).
[Bershad et al. (1995)] B. N. Bershad, S. Savage, P. Pardyak, E. G. Sirer, M. Fiuczynski, D. Becker, S. Eggers, and C. Chambers, “Extensibility, Safety and Performance in the SPIN Operating System”, Proceedings of the ACM Symposium on Operating Systems Principles (1995), pages 267–284.
[Cohen and Jefferson (1975)] E. S. Cohen and D. Jefferson, “Protection in the Hydra Operating System”, Proceedings of the ACM Symposium on Operating Systems Principles (1975), pages 141–160.
[Dennis and Horn (1966)] J. B. Dennis and E. C. V. Horn, “Programming Semantics for Multiprogrammed Computations”, Communications of the ACM, Volume 9, Number 3 (1966), pages 143–155.
[Ekanadham and Bernstein (1979)] K. Ekanadham and A. J. Bernstein, “Conditional Capabilities”, IEEE Transactions on Software Engineering, Volume SE-5, Number 5 (1979), pages 458–464.
[Ganger et al. (2002)] G. R. Ganger, D. R. Engler, M. F. Kaashoek, H. M. Briceno, R. Hunt, and T. Pinckney, “Fast and Flexible Application-Level Networking on Exokernel Systems”, ACM Transactions on Computer Systems, Volume 20, Number 1 (2002), pages 49–83.
[Goldberg et al. (1996)] I. Goldberg, D. Wagner, R. Thomas, and E. A. Brewer, “A Secure Environment for Untrusted Helper Applications”, Proceedings of the 6th Usenix Security Symposium (1996).
[Gong et al. (1997)] L. Gong, M. Mueller, H. Prafullchandra, and R. Schemers, “Going Beyond the Sandbox: An Overview of the New Security Architecture in the Java Development Kit 1.2”, Proceedings of the USENIX Symposium on Internet Technologies and Systems (1997).
654Chapter 14 Protection
[Harrison et al. (1976)] M. A. Harrison, W. L. Ruzzo, and J. D. Ullman, “Protection in Operating Systems”, Communications of the ACM, Volume 19, Number 8 (1976), pages 461–471.
[Iliffe and Jodeit (1962)] J. K. Iliffe and J. G. Jodeit, “A Dynamic Storage Allocation System”, Computer Journal, Volume 5, Number 3 (1962), pages 200–209.
[Jones and Liskov (1978)] A. K. Jones and B. H. Liskov, “A Language Extension for Expressing Constraints on Data Access”, Communications of the ACM, Volume 21, Number 5 (1978), pages 358–367.
[Kaashoek et al. (1997)] M. F. Kaashoek, D. R. Engler, G. R. Ganger, H. M.
Briceno, R. Hunt, D. Mazieres, T. Pinckney, R. Grimm, J. Jannotti, and K. Mackenzie, “Application Performance and Flexibility on Exokernel Systems”, Proceedings of the ACM Symposium on Operating Systems Principles (1997), pages 52–65.
[Kieburtz and Silberschatz (1978)] R. B. Kieburtz and A. Silberschatz, “Capability Managers”, IEEE Transactions on Software Engineering, Volume SE-4, Number 6 (1978), pages 467–477.
[Kieburtz and Silberschatz (1983)] R. B. Kieburtz and A. Silberschatz, “Access Right Expressions”, ACM Transactions on Programming Languages and Systems, Volume 5, Number 1 (1983), pages 78–96.
[Lampson (1969)] B. W. Lampson, “Dynamic Protection Structures”, Proceedings of the AFIPS Fall Joint Computer Conference (1969), pages 27–38.
[Lampson (1971)] B. W. Lampson, “Protection”, Proceedings of the Fifth Annual Princeton Conference on Information Systems Science (1971), pages 437–443.
[Lampson (1973)] B. W. Lampson, “A Note on the Confinement Problem”, Communications of the ACM, Volume 10, Number 16 (1973), pages 613–615.
[Levin et al. (1975)] R. Levin, E. S. Cohen, W. M. Corwin, F. J. Pollack, and W. A. Wulf, “Policy/Mechanism Separation in Hydra”, Proceedings of the ACM Symposium on Operating Systems Principles (1975), pages 132–140.
[Lipner (1975)] S. Lipner, “A Comment on the Confinement Problem”, Operating System Review, Volume 9, Number 5 (1975), pages 192–196.
[McCanne and Jacobson (1993)] S. McCanne and V. Jacobson, “The BSD Packet Filter: A New Architecture for User-level Packet Capture”, USENIX Winter (1993), pages 259–270.
[McGraw and Andrews (1979)] J. R. McGraw and G. R. Andrews, “Access Control in Parallel Programs”, IEEE Transactions on Software Engineering, Volume SE-5, Number 1 (1979), pages 1–9.
[Morris (1973)] J. H. Morris, “Protection in Programming Languages”, Communications of the ACM, Volume 16, Number 1 (1973), pages 15–21.
[Needham and Walker (1977)] R. M. Needham and R. D. H. Walker, “The Cambridge CAP Computer and Its Protection System”, Proceedings of the Sixth Symposium on Operating System Principles (1977), pages 1–10.
Bibliography 655
[Organick (1972)] E. I. Organick, The Multics System: An Examination of Its Structure, MIT Press (1972).
[Popek (1974)] G. J. Popek, “Protection Structures”, Computer, Volume 7, Number 6 (1974), pages 22–33.
[Redell and Fabry (1974)] D. D. Redell and R. S. Fabry, “Selective Revocation of Capabilities”, Proceedings of the IRIA International Workshop on Protection in Operating Systems (1974), pages 197–210.
[Saltzer and Schroeder (1975)] J. H. Saltzer and M. D. Schroeder, “The Protection of Information in Computer Systems”, Proceedings of the IEEE (1975), pages 1278–1308.
[Wahbe et al. (1993)] R. Wahbe, S. Lucco, T. E. Anderson, and S. L. Graham, “Efficient Software-Based Fault Isolation”, ACM SIGOPS Operating Systems Review, Volume 27, Number 5 (1993), pages 203–216.
[Wallach et al. (1997)] D. S. Wallach, D. Balfanz, D. Dean, and E. W. Felten, “Extensible Security Architectures for Java”, Proceedings of the ACM Symposium on Operating Systems Principles (1997), pages 116–128.
[Wulf et al. (1981)] W. A. Wulf, R. Levin, and S. P. Harbison, Hydra/C.mmp: An Experimental Computer System, McGraw-Hill (1981).