P1L3 Operating Systems

Question 1

Operating System

Answer 1

• -Makes it easier to use resources
• -Hardware controlled by OS
• -Provides isolation

Question 2

Trusted Computing Base (TCB)

Answer 2

• -OS has direct control of hardware resources

- -OS must determine authorized user(s) of resources

Question 3

TCB Requirements

Answer 3

1. Complete Mediation–OS is between HW resources and apps
2. OS must be tamper-proof
3. OS must be correct–Protected resources are used properly.

Question 4

OS and Resource Protection

Answer 4

• -Establish the source of the request (ie authenication)
• -Authorization or Access Control
• -OS follows policies for authorization and authentication

Question 5

System calls

Answer 5

A request to the operating system.

Question 6

Complete Mediation

Answer 6

Ensures that the OS cannot be bypassed when accessing a protected resource.

Question 7

How to meet the requirement for isolation

Answer 7

• -requires HW support for memory protection
• -The processor must keep track of what kind of code is being executed
• -Privileged instructions can only be executed in system mode

Question 8

Are system calls more expensive?

Answer 8

Yes. Because of the info that must be saved, the memory mapping that must be done, and the special instructions.

Question 9

Memory Protection

Answer 9

The HW determines if memory belongs to the OS and is therefore unwritable to users.

Question 10

Unit of isolation

Answer 10

Each process gets an address space for it to use

Question 11

Physical addresses

Answer 11

Point to actual RAM or physical memory

Question 12

Logical addresses

Answer 12

Point to the address space

Question 13

Address translation

Answer 13

The translation between the logical and physical memory.

Question 14

Logical addresses are stored on ____

Answer 14

pages

Question 15

Physical addresses are stored on _____

Answer 15

frames

Question 16

Page table

Answer 16

Table used to translate between pages and frames. It is built and protected by the OS

Question 17

T/F: Process A can access Process B’s memory if explicit sharing is desired.

Answer 17

True: This is the only way Process A can access Process B’s memory as long as the page table is managed by the OS.

Question 18

Memory Management Unit (MMU)

Answer 18

Handles the memory mapping. It uses page tables to resolve virtual addresses to physical addresses.

Question 19

TLB

Answer 19

Translation lookaside buffers store the translation tables

Question 20

RWX

Answer 20

Read, Write, Execute. Bits on the pages which determine the level of access to addressable memory.

Question 21

OS Isolation from Application Code

Answer 21

• -The OS (kernel) resides in a portion of each process’s address space.
• -Processes can only cross the fence in controlled and limited ways.
• -OS protects itself and the processes from each other

Question 22

Tasks that should be performed by the OS

Answer 22

• -Switching CPU from one process to another when the process blocks
• -Page fault handling
• -Changing who can access a protected resource

Question 23

This task should be performed by the user processes

Answer 23

Setting up a new stack frame when an application program calls one of its functions.

Question 24

Complete Mediation: The TCB

Answer 24

• -make sure no protected resource can be accessed w/o going through the TCB.
• -The TCB acts as a reference monitor that cannot be bypassed.

Question 25

Complete Mediation: User Code

Answer 25

• -User code cannot access the OS part of the address space w/o changing to system mode.
• -User code cannot access physical resources because they require privilege instructions that can only be executed in system mode.

Question 26

Complete Mediation: OS

Answer 26

• -OS virtualizes physical resources and provides an API for virtualized resources
• -File for storing persistent data on disk
• -Virtual resource must be translated to physical by the OS

Question 27

Virtualization helps with limiting the damage caused by a compromised OS by…

Answer 27

• -Using a hypervisor between OS and hardware

- -VMs on top of hypervisor have their own OS and apps (isolation)