운영체제 3 - Limited Direct Execution [CPU Virtualization]

༼ つ ◕_◕ ༽つ Process 배울 때

Virtualization of CPU = mechanism + policy란
사실을 우리는 배웠다.🤔
이제 그 중 mechanism에 대해 배운다. 상당히 혼미하다. 😣!

---

Mechanism: Limited Direct Execution

Introduction

• By time sharing the CPU, virtualization is achieved. THEN..
• Performance: how can we implement virtualization without adding excessive overhead to the system?
• Control: how can we run process efficiently while retaining control over the CPU?

❓ Obtaining high performance while maintaining control is thus one of the central challenges in building an operating system.

❤ Direct execution

• Just run the program directly on the CPU.
• Thus, when the OS wishes to start a program running, it creates a process entry for it in a process list, allocates some memory for it, loads the program code into memory, locates its entry point (i.e., the main() routine or something similar), jumps to it. and starts running the user's code.

But Direct execution gives rise to a few problems in our quest to virtualize the CPU.

🔆 Questions

1. Simple thing: if we just run a program, how can the OS make sure the program doesn't do anything that we don't want it to do while running it efficiently?
2. when we are running a process, how does the operating system stop it from running and switch to another process, thus implementing the time-sharing we require to virtualize the CPU?위에서부터 아래로 실행되니 위에서 아래로 읽어주자

   

   • 번역
   

---

💥Problem #1: restricted Operations

Direct execution has the obvious advantage of being fast; The program runs natively on the hardware CPU and thus executes as quickly as one would expect.
But running on the CPU introduces a problem:

1. what if the process wishes to perform some kind of restricted operation?

User Mode

Code that runs in user mode is restricted in what it can do.

Kernel mode

In which the operating system runs.
In this mode, code that runs can do what it likes, including privileged operations such as issuing I/O requests and executing all types of restricted instructions.

💥What should a program to when it wishes to perform some kind of privileged operation?

→ To enable this, virtually all modern hardware provides the ability for user programs to perform a system call.
System call: system calls allow the kernel to carefully expose certain key pieces of functionality to user programs.
(such as accessing the file system, creating and destroying processes, communicating with other process, and allocating more memory.)

🤩To execute a system call, a program must execute a special trap instruction.

This instruction jumps into the kernel and raises the privilege level to kernel mode; once in the kernel, the system can now perform whatever privileged operation are needed.

✔When finished, the OS calls a special return-from-trap instruction,

which returns into the calling user program while simultaneously reducing the privilege level back to user mode.

The hardware needs to be a bit careful when executing a trap, in that it must make sure to save enough of the caller's registers in order to be able to return correctly when the OS issues the return-from-trap instruction.

커널 스택(kernel stack) : 플래그와 레지스터들을 저장하는 자료구조(각 프로세스마다 있음)

커널 모드와 사용자 모드를 이동할 때 하드웨어에 의해 PC와 레지스터가 저장되고 복원되는 용도

---

Trap table

Q: How does the trap know which code to run inside the OS?

A: The kernel sets up a trap table at boot time.

OS가 하드웨어에게 예외 사건이 일어났을 때 어떤 코드를 실행해야 하는지 저장하는 자료구조

trap은 trap table을 사용하여 발생시킨다.

The OS informs the hardware of the locations of trap handlers.

Trap handlers = OS는 특정 명령어를 사용하여 하드웨에게 이 위치를 알려주고 하드웨어는 문제를 해결한다. OS는 하드웨어에게 trap handler의 위치를 알려주고 하드웨어는 이 위치를 기억했뒀다가 예외가 발생했을 때 문제를 해결한다.

Once the hardware is informed, it remembers the location of handlers and thus the hardware knows what to do (i.e., what code to jump to) when system calls and other exceptional events take place.

When the machine boots up, it does so in privileged mode, and thus is free to configure machine hardware as need be.
One of the first things the OS does is to tell the hardware what code to run when certain exceptional events occur.

System-call number: to specify the exact system call, a system call number is usually assigned to each system call.

---

The user code is thus responsible for placing the desired system-call number in a register or at a specified location on the stack→ the OS, when handling the system call inside the trap handler, examines this number, ensures it is valid, and, if it is, executes the corresponding code.

This level of indirection serves as a form of protection; user code cannot specify an exact address to jump to, but rather mus request a particular service via number.

---

• 번역
  • LDE 프로토콜 진행 과정
  (전반부, 부팅 시)
  1. 커널은 트랩 테이블을 초기화하고 CPU는 테이블의 위치를 기억한다.
  2. 커널은 커널 모드에서만 사용할 수 있는 명령어를 이용하여 수행한다.
  (후반부, return-from-trap을 이용하여 사용자 프로세스를 시작할 때)
  3. 새로운 프로세스를 위한 노드를 할당하여 프로세스 리스트에 삽입하고 메모리를 할당한다.
  4. return-from-trap 명령어로 CPU를 사용자 모드로 전환하고 프로세스 실행을 시작한다.
  5. 프로세스가 시스템콜을 호출하면 OS로 다시 트랩된다.
  6. OS는 시스템 콜을 처리하고 return-from-trap 명령어를 사용하여 다시 제어를 프로세스에게 넘긴다.
  7. 프로세스는 자신의 할 일을 다 하면 main()에서 리턴한다.
  8. 종료할 때 exit() 시스템을 호출하고 다시 OS체제로 트랩된다.

Two phases in the limited direct execution protocol.

First phase: the kernel initializes the trap table, and the CPU remembers its location.

Second phase: The kernel sets up a few things(e.g., allocating a node on the process list, allocating memory) before using a return-from-trap instruction to start the execution of the process; this switches the CPU to user mode and begins running the process.

When the process wishes to issue a system call, it traps back into the OS, which handles it and once again returns control via a return-from-trap to the process.

If a process is running on the CPU, this by definition means the OS is not running.

---

💥Problem #2: Switching Between Process

💥Q: How can the operating system regain control of the CPU so that it can switch between processes?

A: cooperative approach

cooperative approach → system Call 기다리기
In this style, the OS trusts the processes of the system to behave reasonably. Processes that run for too long are assumed to periodically give up the CPU so that the OS can decide to run some other task.

Most processes transfer control of the CPU to the OS by making system calls.

Systems like this often include an explicit yield system call, which des nothing except to transfer control to the OS so it can run other processes.

💥Thus, in cooperative scheduling system, the OS regains control of the CPU by waiting for a system call or an illegal operation of some kind to take place.💥

---

A Non-Cooperative Approach: The OS Takes Control

Q: How can the OS gain control of the CPU even if processes are not being cooperative? What can the OS do to ensure a rogue process does not take over the machine?

A: A timer interrupt

Interrupt

중단, 새치기. CPU가 프로그램을 실행하고 있을 때, 입출력 하드웨어 등의 장치나 예외상황이 발생하여 처리가 필요한 경우 CPU에게 알려 처리할 수 있도록 하는 것을 말한다.

종류:Hardware Interrupt(I/O), Software Interrupt(예외상황,system call)
자세한 내용은 아래 블로그에 제대로 정리되어 있다.

[OS기초] 인터럽트 제대로 이해하기

A timer device can be programmed to raise an interrupt every so many millisecond.
when the interrupt is raised, the currently running process is halted, and a pre-configured interrupt handler in the OS runs.

TIP: The addition of a timer interrupt gives the OS the ability to run again on a CPU even if processes act in a non-cooperative fashion. Thus, this hardware feature is essential in helping the OS maintain control of the machine.

---

Important decision

결정→Whether to continue running the currently-running process or switch to a different one.
↑This decision is made by a part of the operating system known as the scheduler.

Context switch

개념 : All the OS has to do is save a few register values for the currently-executing process (onto its kernel stack, for example) and restore a few for the soon-to-be-executing process(from its kernel stack).

By doing so, the OS thus ensures that when the return-from-trap instruction is finally executed, instead of returning to the process that was running, the system resumes execution of another process.

프로세스 전환을 위해서 운영체제는 저서준 어셈블리 코드를 사용하여 현재 실행 중인 프로세스의 A few registers(General purpose registers, PC, the kernel stack pointer)에 저장한다.

---

요약

CPU 가상화를 구현하기 위한 핵심적인 저수준 기법에 관해 설명한 챕터. 이 기법을 제한적 직접 실행이라고 한다.
아이어디는 간단: CPU에서 실행하고 싶은 프로그램을 실행시킨다. 그러나 OS는 운영체제가 CPU를 사용하지 못하더라도 프로세스의 작업을 제한할 수 있도록 하드웨어를 셋업해야한다.

일상 생활에서 이러한 방법이 있다. 아이가 있다면 방에 아기 보호 장치를 설치한다. 위험한 물건이 있다면 서랍에 넣어두고 잠그거나 하는 일들이다. 이러면 아이에게 위험한 물건들을 막아 놓아 아이는 자유롭게 방을 안전하게 돌아다니게 할 수 있다. 이렇듯 운영체제는 CPU에게 안전 장치를 준비해 놓는다.

우선 부팅할 때 트랩 핸들러 함수를 셋업하고 인터럽트 타이머를 시작 시키고 그런 후에 제한 모드에서만 프로세스가 실행 하도록 한다. 이러면 OS는 프로세스를 효율적으로 실행할 수 있다.

다음 챕터에서는 특정 시점에 어떤 프로세스를 실행시켜야할까란 질문에 스케쥴러가 답하는 질문에 배운다.

---

✨아이콘 제작자 Smashicons

Smashicons 디자인의 무료 벡터 아이콘