4.4BSD Kernel Entry and Organization

Entering the Kernel:

In 4.4BSD one view of the kernel is that is provides services to user processes. Processes can directly access these services through system calls, though other actions such as division by 0 can also cause entry into the kernel via hardware trap. In total there are 3 main actions/events that cause entry into the kernel:

  1. Hardware Interrupt - asynchronous events that are not necessarily related to the context of the currently executing process. These might include I/O devices needing assistance.
  2. Hardware traps - asynchronous or synchronous events that are related to the currently executing process. One example would be invalid memory access.
  3. Software-Initiated Traps - an intentional software event that is used to ask for a specific kernel service to execute. Implementations vary, but the main idea the software explicitly reaches out to the kernel. System calls are one example, for instance the system call fork() will ask the kernel to create a child process.

A Note on Process Contexts:
Process context, or the state of a process, is all the necessary information about a process to resume its execution after a context switch. In 4.4BSD the context of a process is stored in two data structures, both of which live in kernel memory areas related to process-specific information:

Process Structure - contains information that is important even if a process has be swapped out, including but not limited to:
  • process identifiers
  • process rights and privileges
  • descriptors
  • memory map
  • pending external events and their actions
User Structure - contains information that is not important even if a process has be swapped out, including but not limited to:
  • hardware process control block (PCB)
  • process accounting and statistics
  • other minor details

Kernel Organization:

Logically, we can think of the kernel as having a top and bottom half as seen in Figure 1. The top half of the kernel provides services to user processes in response to system calls or traps. This part of the kernel is like a shared library available to all processes that enter the kernel. The top half of the kernel executes in privileged execution mode where it has access to kernel data structures, and the context of user level processes (process structure and user structure). The bottom half of the kernel is made up of routines to handle hardware interrupts. The bottom half activities are asynchronous with respect to the top half. This implies that if an interrupt occurs, any state information related to the process being serviced by the top half will be unavailable until the interrupt is handled by the bottom half. Communication between the bottom and top halves of the kernel is done through data structures organized around work queues.




Figure 1. Visualization of the logical division of the kernel (Bostic et al., 1996)


The top half of the kernel is never forced to give up the processor to run another process. Though it can if it has to wait and explicitly chooses to. The top half will be interrupted if the bottom half receives an interrupt. However both the top half and bottom half have priority levels, and it is possible for the top half to have a priority level higher than the bottom half, therefore blocking interrupts.

An example sequence of events involving the top and bottom half of the kernel is as follows:
  1. A process is serviced by the top half of the kernel which initiates an I/O operation
  2. The top half relinquishes the processor and the requesting process will sleep
  3. When the I/O has completed this will cause an interrupt, the bottom half of the kernel will begin execution, and notify the top half.


Conclusions:

While there are more details to both entering the kernel, exiting the kernel, and overall kernel organization, I hope this article was able to provide a glimpse into the basic functionality of entering the kernel as well as its basic organization. Thank you for reading!

Works Cited:

Bostic, K., McKusick, M. K., Karels, M. J., & Quaterman, J. S. (1996). The Design and Implementation of the 4.4Bsd Operating System (1st ed.). Addison-Wesley.

Comments

Post a Comment

Popular posts from this blog

Defending Attacks Part 1: Password Cracking With Hydra and John The Ripper

Image
    This is my first post in my series "Defending Attacks". In this series I will break down real world attacks, explaining how they occur, why they matter, and what you can do to protect yourself. Some initial thoughts     We like to think that we choose good passwords when we create new accounts. In some cases we choose passwords that are quite secure. In other cases we unfortunately do not. When it comes to password attacks the attacker has very little to lose, and a lot to gain. Poorly chosen passwords can lead to drastic outcomes such as an organization falling victim to ransomware, identity theft, and many other unpleasant situations. In this article I will cover what password attacks look like, distinguishing between a weak and strong password, as well as some additional defensive measures that can mitigate attacks.   What is a password attack?     A password attack is as simple as it sounds. For this article we will assume the attacke...
Read more

Rust: Eliminating Use After Free Issues by Default

Image
    std::string s = “frayed knot”; For those unfamiliar with C++ this is essentially assigning a string to the variable “s”. After the above line executes a snapshot of memory is as follows: ( Image Credit to : “ Programming Rust, Second Edition by Jim Blandy, Jason Orendorff, and Leonora F.S. Tindall (O’Reilly). Copyright 2021 Jim Blandy, Leonora F.S. TIndall, and Jason Oredorff,  978-1-492-05259-3.”) The actual variable “s” lives on the stack. It consists of 3 words: the pointer to its heap buffer, the capacity  of the string (its maximum size), and the length of the string (its current size). This is great, nothing wrong  with this at all. The problem is when a temporary pointer to this string is created and this temporary pointer outlives the  variable “s”. In C++ it is valid to create a pointer to a character on the string’s heap buffer. So suppose we have a variable “s_ptr” that points to the letter “f” on the heap buffer above: We could get thi...
Read more