OPERATING SYSTEM 1. Windows: Microsoft's popular operating system for PCs and laptops.

2. macOS: Apple's operating system for Macintosh computers.

UNIT - I 3. Linux: A free and open-source operating system known for its customization and stability.
Chapter 1: Introduction: Views - Types of System - OS Structure – Operations 4. Android: Google's mobile operating system for smartphones and tablets.
Chapter 2: Services – Interface- System Calls- System Structure -System Design and Implementation.
Chapter 3: Process Management: Process - Process Scheduling - Inter-process Communication. Components of a computer system
Chapter 4: CPU Scheduling: CPU Schedulers - Scheduling Criteria - Scheduling Algorithms.
A computer system can be divided roughly into four components: the hardware, the operating system,
the application programs, and the users The hardware—the central processing unit (CPU), the
INTRODUCTION memory, and the input/output (I/O) devices—provides the basic computing resources for the
- An operating system (OS) is a software program that manages and controls the computer system.
hardware and provides an environment for the execution of applications. It acts as an The application programs—such as word processors, spreadsheets, compilers, and Web browsers—
intermediary between the user and the hardware, facilitating convenient and efficient use of define the ways in which the computing resources are used to solve users’ computing problems.
the computer system.
- Operating systems vary in internal structure and organization.

The primary functions/ types of management of an operating system include:/Various Components

of OS

1. Process management: The OS manages the execution of processes or programs. It allocates

system resources, such as CPU time, memory, and I/O devices, to different processes, and
ensures their proper execution and synchronization.
2. Memory management: The OS manages the computer's memory resources, including
allocating and deallocating memory space to processes, implementing virtual memory
techniques, and handling memory fragmentation to optimize memory usage.
3. File system management: The OS provides a hierarchical structure for organizing and storing
files on storage devices. It handles file creation, deletion, and manipulation, as well as
maintaining file security and access controls.
4. Device management: The OS manages I/O devices such as keyboards, monitors, printers, and
disk drives. It provides drivers to communicate with these devices, handles input and output TWO VIEWPOINTS OF OS
operations, and manages device access and sharing among processes.
5. User interface: The OS provides a user-friendly interface for users to interact with the
computer system. This can include command-line interfaces, graphical user interfaces (GUI), User View:
or other forms of user interaction.
The user's view of the computer varies depending on the interface being used.
6. Security and protection: The OS implement security measures to protect the system and its
resources from unauthorized access, viruses, and other threats. It enforces user authentication, Personal Computer (PC) Systems:
access control policies, and data encryption to ensure data privacy and system integrity.
7. Networking and communication: Many modern operating systems support networking ● Users interact with PCs consisting of a monitor, keyboard, mouse, and system unit.
capabilities, allowing computers to connect and communicate over networks. The OS manages ● Operating systems are designed for single-user experiences, focusing on
network protocols, handles data transmission, and facilitates network resource sharing. ● Resource utilization is not a priority as the goal is to maximize ease of use and individual
8. Error handling and fault tolerance: The OS detects and handles errors, exceptions, and productivity.
system failures. It provides mechanisms for error recovery, fault tolerance, and system
stability. Mainframe/Minicomputer Systems:

Commonly known operating systems are: ● Users connect to a mainframe or minicomputer through terminals, sharing resources and
exchanging information.

1
 ● The operating system prioritizes resource utilization to efficiently allocate CPU time, memory, ●The operating system is responsible for controlling and coordinating the operation of
and I/O among multiple users. I/O devices, ensuring proper communication between the devices and user programs.
Moore’s Law
Networked Workstations: Moore’s Law predicted that the number of transistors on an integrated circuit would double every
● Users work on dedicated workstations connected to networks of other workstations and eighteen months, and that prediction has held true.
servers, sharing resources such as networking and servers including file, compute, and print What is a kernel?
servers.
● Operating system balances individual usability and resource utilization. ● The kernel is the core component of an operating system.
● It acts as a bridge between hardware and software, managing system resources.
Mobile Computers (Smartphones and Tablets): ● It provides essential services such as memory management, process scheduling, and device
● Mobile computers like smartphones and tablets are standalone units primarily used by drivers.
individual users. ● The kernel is responsible for maintaining security and ensuring efficient communication
● The operating system prioritizes user-friendly interfaces, often featuring touch screens, for between software and hardware components.
email and web browsing. ● The kernel plays a crucial role in the operation and stability of the operating system.

Embedded Computers: Along with the kernel, there are two other types of programs in OS: system programs, which are
associated with the operating system but are not necessarily part of the kernel, and application
● Embedded computers are found in home devices and automobiles. programs, Application programs are all the software programs that are not directly involved in the
● They may have limited user interfaces, such as numeric keypads and indicator lights, and are operation of the system. These programs are designed to fulfil specific user tasks or provide certain
designed to run without much user intervention. functionalities
Middleware
System View
Middleware is a software layer that sits between the operating system and the application software.
1. Resource Allocation: It provides a set of services and tools that facilitate communication and integration between different
● The operating system acts as a resource allocator, managing and allocating various
software components and systems.
computer resources such as CPU time, memory space, file storage, and I/O devices.
● It makes decisions on how to efficiently and fairly allocate these resources to specific What are Device controllers?
programs and users.
● A device controller is a hardware component that manages a specific device in a computer
2. Efficient Operation: system such as a disk drive, keyboard, printer, or network adapter.
● The operating system's role is to ensure the efficient operation of the computer system. ● Each device controller interfaces with its corresponding device, handling data transfer,
● It handles numerous and potentially conflicting requests for resources, making decisions input/output operations, data formatting, error handling and device-specific functions.
on how to allocate them in a way that optimizes the overall performance and utilization ● Typically, operating systems have a device driver for each device controller.
of the system.
What are Device drivers?
3. Fair Resource Allocation: 1. A device driver is a software component that facilitates communication between a computer's
● In situations where multiple users access the same mainframe or minicomputer, the operating system and a specific hardware device.
operating system must allocate resources fairly among the users. 2. It acts as a translator, converting high-level commands from software applications into low-
● It aims to prevent any user from monopolizing resources and ensures that each user gets level instructions that the hardware device can understand.
their fair share. 3. Device drivers provide an interface for the operating system to control and access the
functionalities of the hardware device.
4. Control Program: 4. They handle device-specific operations, such as input/output (I/O) operations, device
● Another perspective of an operating system is as a control program. configuration, and error handling.
● It manages the execution of user programs, preventing errors and improper use of the 5. Device drivers play a crucial role in enabling the proper functioning and efficient utilization
computer. of hardware devices within a computer system.

2
Define: Race condition By adding more processors, the system can accomplish more work in less time, although the
speed-up ratio is typically less than the number of processors due to overhead and contention
● It occurs when multiple threads or processes access shared data or resources simultaneously for shared resources.
● It leads to unpredictable and undesired results as processes can interfere with each other's b. Economy of Scale:
execution and produce incorrect outputs. Multiprocessor systems can be cost-effective compared to multiple single-processor systems
● These conditions are challenging to debug and reproduce consistently as they are dependent as they can share peripherals, mass storage, and power supplies, reducing duplication and cost.
on the timing and execution order of processes. c. Increased Reliability:
● Proper synchronization mechanisms, such as locks or semaphores, are used to prevent race Proper distribution of functions among multiple processors ensures that a failure of one
conditions and ensure correct execution in multi-threaded or multi-process environments. processor does not halt the system completely but only slows it down. This increased reliability
allows for graceful degradation and fault tolerance.
1.3 TYPES OF SYSTEM Graceful degradation refers to the ability of a computer system or software to continue providing
There are two types of System: Single Processor system and Multiprocessor system service or functionality even when some components or resources are no longer available or
functioning at their optimal level.
1.3.1 Single Processor System
Fault tolerance is a system's ability to continue operating despite component failures by detecting,
• Most computer systems traditionally operated using a single processor. diagnosing, and correcting them. It employs mechanisms like duplication and redundancy to
• In a single-processor setup, a primary CPU executes a general-purpose instruction set, withstand single component failures.
including those from user processes.
• Additionally, specialized processors with specific functions are often present, such as disk,
Types of Multiple-Processor Systems
keyboard, and graphics controllers.
• Mainframes might feature more versatile processors like I/O processors, focused on rapid data a. Asymmetric multiprocessing
movement within the system. ● Each processor is assigned a specific task.
• Special-purpose processors operate on a limited instruction set and do not handle user ● A boss processor controls the system, allocating work to worker processors.
processes.
• They may be managed by the operating system, receiving task information and status b. Symmetric multiprocessing (SMP)
monitoring. ● Each processor performs all tasks within the operating system.
• For instance, a disk-controller microprocessor manages its own disk queue and scheduling ● No boss-worker relationship exists between processors.
based on requests from the main CPU, reducing the CPU's disk scheduling overhead. ● Processors share physical memory while having their own registers and caches.
● Examples: AIX, a commercial version of UNIX; modern operating systems like Windows,
• PCs incorporate a microprocessor in the keyboard to translate keystrokes into codes sent to the
Mac OS X, and Linux.
CPU.
• Some processors are integrated deeply into the hardware, functioning autonomously without
direct communication with the operating system.
1.3.2 Multiprocessor Systems
• In recent years, multiprocessor systems, also known as parallel or multicore systems, have
become prevalent in computing.
• These systems employ two or more processors closely communicating and sharing
resources like the computer bus, memory, and peripheral devices.
• Initially prominent in servers, multiprocessor systems have extended to desktops, laptops,
and even mobile devices.

Advantages of Multiprocessor Systems:

Benefits and challenges of symmetric multiprocessing
a. Increased Throughput:
Advantage:
3
 - Many processes can run simultaneously without significant performance ● Multicore CPUs appear as N standard processors to the operating system
deterioration
Disadvantage:
● Control of I/O to ensure data reaches the appropriate processor is important Blade servers
● since the CPUs are separate, one may be sitting idle while another is overloaded, ● Blade servers are a newer type of server architecture where multiple processor boards, I/O
resulting in inefficiencies. boards, and networking boards are housed in a single chassis.
● The key distinction between blade servers and traditional multiprocessor systems is that each
To overcome disadvantage: Sharing data structures among processors can reduce inefficiencies blade-processor board in a blade server boot independently and runs its own operating system.
Modern operating systems provide support for SMP FYI

Memory Access Model Distinction between multicore and other multiprocessor systems

● Adding CPUs increases computing power and memory addressability. Multicore Systems Multiprocessor Systems
● Multiprocessing can change the memory access model from uniform memory access (UMA)
Multiple processors (cores) on a single Multiple processors connected via interconnect
to non-uniform memory access (NUMA).
chip network
● UMA is defined as the situation in which access to any RAM from any CPU takes the same
amount of time. Single chip with multiple cores Multiple chips with individual processors
● With NUMA, some parts of memory may take longer to access than other parts, creating a
performance penalty but they can be minimized through resource management. Shared memory architecture within the
same chip Shared or distributed memory across multiple chips
Multicore Systems:
● Recent trend in CPU design to include multiple computing cores on a single chip.
● Multicore systems can be more efficient than multiple single-core chips.
● On-chip communication is faster than between-chip communication. 1.3.3 Clustered Systems
● Multicore CPUs use significantly less power than multiple single-core chips.
• Clustered systems are a type of multiprocessor system composed of two or more individual
systems or nodes, connected via a network.
• They are considered loosely coupled, and each node can be a single-processor system or a
multicore system.
• Clusters are defined by shared storage and close network connectivity.

Characteristics of Clustered Systems

• Clustered systems share storage and have close network connectivity through a LAN or a faster
interconnect like InfiniBand.
• Clustering is often used to ensure high availability, even if one or more systems fail.
• Redundancy is added to the system to achieve this level of reliability.
• Each node in the cluster runs cluster software, allowing them to monitor one another.
• If a node fails, another node can take ownership of its storage and restart the applications,
● Each core has its own register set and local cache. resulting in minimal service interruption.
● Cache memory is a small, high-speed memory component located between the CPU and main
memory. Symmetric and Asymmetric Clustering
o It stores frequently accessed data and instructions for faster retrieval.
o Cache memory helps reduce the CPU's access time to data, improving overall system • Asymmetric Clustering:
performance. • One machine is in hot-standby mode while the other runs applications.
o It operates on the principle of locality, where recently accessed data is likely to be • The hot-standby host monitors the active server and takes over if it fails.
accessed again. • Symmetric Clustering:
4
 • Two or more hosts run applications and monitor each other.
• This structure utilizes all available hardware efficiently, but requires multiple
applications to be available.

High-Performance Computing with Clusters

• Clusters can be used to create high-performance computing environments, offering

significantly greater computational power than single-processor or SMP systems.
• Applications need to be written specifically to utilize the cluster's parallel processing
capabilities through a technique known as parallelization.

Types of Clusters

• Parallel Clusters:
• Allow multiple hosts to access the same data on shared storage, necessitating special 2. Time sharing / Multitasking:
software and application versions. - Multiprogrammed systems provide an environment in which the various system
• Wide-Area Network (WAN) Clusters: resources (for example, CPU, memory, and peripheral devices) are utilized effectively,
• Extend clustering over a wide geographic area, often requiring advanced networking but they do not provide for user interaction with the computer system.
technologies. - Time sharing (or multitasking) is a logical extension of multiprogramming.
- Time-sharing systems allow multiple users to interact with the computer
Cluster Technology Advancements simultaneously.
- Each user is given the impression of dedicated use, even though resources are shared
• Impact of Storage-Area Networks (SANs): among many users.
• Storage-Area Networks play a crucial role in modern cluster technology, enabling
- Response time is short, typically less than one second.
multiple systems to connect to a shared pool of storage.
• Applications and data stored on the SAN can be dynamically assigned to different hosts,
3. Time-Shared Operating System
ensuring seamless continuity in case of a failure.
- Time-shared operating systems divide computer resources among multiple users.
• Database Clusters:
• In a database cluster, multiple hosts share the same database, enhancing both
- A time-shared operating system uses CPU scheduling and multiprogramming to provide
performance and reliability. each user with a small portion of a time-shared computer.
- Each user has their own programs called processes.
- Processes execute for a short time before either finishing or needing to perform
1.4 OPERATING-SYSTEM STRUCTURE input/output (I/O) operations.
- Interactive I/O takes longer as it involves user input and output.
- To ensure efficient resource utilization, The operating system rapidly switches the CPU
1. Multiprogramming:
between users' programs to avoid idle time.
- Operating systems enable the execution of multiple programs simultaneously by
- Time-shared systems enable multiple users to work on a computer simultaneously.
keeping them in memory and switching between them.
- This increases CPU utilization and ensures that the CPU is never idle.
- If main memory cannot accommodate all jobs, the excess ones are kept in a job pool on 4. Considerations in Time-Sharing Systems
disk. This pool consists of all processes residing on disk awaiting allocation of main - If several jobs are ready to be brought into memory, and if there is not enough room for
- Memory. The operating system handles the movement of jobs between the job pool and all of them, then the system must choose among them. Making this decision involves
main memory, considering scheduling algorithms and resource availability. Hence the job scheduling
CPU is never idle - The operating system selects a job from a pool and loads it into memory for execution.
Managing multiple programs in memory requires memory management.
- If multiple jobs are ready to run, the system decides which one will run first through
CPU scheduling.

5
 ● They wait for events signalled by interrupts or traps.
5. Ensuring Reasonable Response Time ● Interrupts are caused by hardware devices or external events, while traps (exceptions) are
- Swapping is a technique used to swap processes between main memory and the disk. software-generated interrupts caused by errors or specific requests from user programs.
o It is used when the available physical memory is insufficient to hold all the active ● Different code segments and interrupt service routines handle different types of interrupts or
processes. traps.
o Swapping frees up memory by transferring less frequently used or idle processes
to disk, allowing other processes to use that space in RAM. Dual-Mode and Multimode Operation
o When a swapped-out process needs to run again, it is swapped back into main
memory from the disk. The most common modes are user mode and kernel mode, indicated by a mode bit in the hardware.
- Virtual memory is a more common method that allows executing processes that are ● User mode: When the computer system executes a user application.
not fully in memory. ● Kernel mode: When the computer system executes tasks on behalf of the operating system.
o Virtual memory is a memory management technique that allows the operating Also known as supervisor mode, system mode, or privileged mode
system to use secondary storage (such as a hard disk) as an extension of the main - The mode bit is a single bit in the hardware of a computer.
physical memory (RAM) - It indicates the current mode of operation: kernel (0) or user (1).
o Virtual memory enables running larger programs than the physical memory - It distinguishes between tasks executed on behalf of the operating system and those executed
capacity. on behalf of the user.
o It abstracts main memory into a uniform storage array, separating logical memory
from physical memory. Transition between Modes:
o This arrangement frees programmers from worrying about memory limitations.
● User mode to kernel mode: When a user application requests a service from the operating
system through a system call.
6. Additional Features in Time-Sharing Systems
● Kernel mode to user mode: Before passing control to a user program.
- Time-sharing systems include a file system to manage and organize data stored on disks.
- Disk management is necessary to handle the storage and retrieval of data within the file
system.
- These systems implement mechanisms to protect resources from unauthorized or
inappropriate use.
- Job synchronization and communication mechanisms are provided to maintain order in
executing multiple tasks.
- The system ensures that jobs do not enter a deadlock state, where they are stuck waiting
for each other indefinitely.
What is an Interrupt?
- Interrupts are signals sent by hardware devices or software processes to the CPU. - At system boot time, the hardware starts in kernel mode.
- The operating system is then loaded and starts user applications in user mode.
- They temporarily pause the current execution of the CPU.
- Whenever a trap or interrupt occurs, the hardware switches from user mode to kernel mode
- Interrupts handle time-critical events like input/output operations or error conditions.
(that is, changes the state of the mode bit to 0).
- When an interrupt occurs, the CPU saves its state. - Thus, whenever the operating system gains control of the computer, it is in kernel mode.
- Control is transferred to an interrupt handler or ISR. - The system always switches to user mode (by setting the mode bit to 1) before passing
- The ISR performs necessary operations related to the interrupt. control to a user program.
- After the ISR completes, control is returned to the interrupted program.
- They enable efficient task handling and timely response to events. Protection and Privileged Instructions:

1.5 OPERATING-SYSTEM OPERATIONS ● The dual mode of operation provides us with the means for protecting the operating system
from errant users—and errant users from one another.
● Modern operating systems operate in an interrupt-driven manner. ● Privileged instructions are designated for executing in kernel mode only.

6
 ● Examples of privileged instructions include I/O control, timer management, and interrupt • Variable Timer: This is typically implemented using a fixed-rate clock and a counter. The
management. operating system sets the initial value of the counter. With each tick of the clock, the counter
● Attempting to execute a privileged instruction in user mode results in an illegal instruction is decremented. When it reaches zero, an interrupt is triggered. For example, a 10-bit counter
trap. with a 1-millisecond clock allows interrupts at intervals from 1 millisecond to 1,024
milliseconds, in 1-millisecond steps.
Extended Modes: • Before transferring control to a user program, the operating system ensures that the timer is
● CPUs that support virtualization may have additional modes to indicate when a virtual
properly configured to generate interrupts.
machine manager (VMM) is in control. In this mode, the VMM has more privileges than user
• The instructions that modify the timer's settings are considered privileged, meaning only the
processes but fewer than the kernel.
● It needs that level of privilege so it can create and manage virtual machines, changing the CPU operating system can execute them.
state to do so. • The timer can be utilized to enforce time limits on user programs. For instance, a program with
a 7-minute time limit would have its counter initialized to 420 (7 minutes * 60
System Calls seconds/minute).
life cycle of instruction execution in a computer system
• Initial control resides in the operating system, where instructions are executed in kernel mode. • At regular intervals (in this case, every second), the timer generates an interrupt, and the
When control is given to a user application, the mode is set to user mode. Eventually, control counter is decremented by 1. As long as the counter remains positive, control is returned to the
is switched back to the operating system via an interrupt, a trap, or a system call user program.
• System calls allow user programs to request services from the operating system. • When the counter eventually becomes negative, it signifies that the program has exceeded its
• They are invoked through traps or specific instructions depending on the processor allotted time limit. The operating system intervenes and terminates the program.
architecture.
• When a system call is executed, it is treated as a software interrupt, and control passes to a
service routine in the operating system. CHAPTER 2: OPERATING SYSTEM STRUCTURE

Error Handling 2.1 OPERATING SYSTEM SERVICES

• In the absence of hardware-supported dual mode, operating systems like MS-DOS faced Operating systems provide a range of services to facilitate program execution and user interactions.
vulnerabilities where user programs could potentially harm the operating system or interfere These services can be categorized into two main groups: those aimed at aiding users and their
with each other. programs, and those focused on system efficiency and resource management.
• Hardware protection mechanisms detect errors, such as illegal instructions or memory access
violations, that violate the defined modes. Services for User Convenience:
• When a program error occurs, the hardware traps to the operating system, which handles the
error. 1.User interface
• The operating system may terminate the faulty program, provide an error message, and
- Almost all operating systems have a user interface (UI).
generate a memory dump for analysis and debugging.
- User interfaces can take several forms, including:
o Command-line interface (CLI): Users enter text commands through a keyboard in a
1.5.2 Timer
specific format with options.
o Batch interface: Users enter commands and directives into files, which are then
• The timer is a crucial component in an operating system that ensures the operating system
executed.
maintains control over the CPU.
o Graphical user interface (GUI): Most commonly used, it employs a window system
• Its primary purpose is to prevent a user program from monopolizing the CPU's resources
with a pointing device (e.g., mouse) for I/O, menu selection, and making choices. It also
indefinitely, such as by getting stuck in an infinite loop or failing to return control to the
includes a keyboard for text input.
operating system.
• A timer can be set to generate an interrupt after a specified period, which can be either a fixed
2.Program execution.
or variable duration.
The system must be able to load a program into memory and to run that program. The program must
• Fixed Timer: It interrupts the computer after a constant period, such as 1/60 second.
be able to end its execution, either normally or abnormally (indicating error).
7
 - This information can be used for billing users or generating usage statistics for research
3.I/O operations. purposes.
- A running program may require I/O, which may involve a file or an I/O device.
3.Protection and Security
- For specific devices, special functions may be desired (such as recording to a CD or DVD
- The operating system ensures that concurrent processes cannot interfere with each other or the
drive or blanking a display screen).
operating system itself.
- For efficiency and protection, users usually cannot control I/O devices directly. Therefore, the
- Protection involves controlling access to system resources.
operating system must provide a means to do I/O.
- Security focuses on safeguarding the system from unauthorized access.
- Users must authenticate themselves with passwords to access system resources.
4.File-system manipulation.
- The operating system defends against invalid access attempts and records connections for
- Programs require the ability to read, write, create, and delete files and directories.
detecting break-ins.
- They also need to search for specific files and retrieve file information.
- Precautions must be implemented throughout the system to ensure security and protect against
- Permissions management is often included, allowing access control based on file ownership.
vulnerabilities.
5. Communication
- Processes often need to exchange information with each other.
- Communication can occur between processes running on the same computer or different
computers connected through a network.
- Communications can be implemented through shared memory, where processes read and write
to a shared section of memory.
- Message passing is another method where packets of information in predefined formats are
moved between processes by the operating system.

6.Error detection
- The operating system is responsible for constantly detecting and correcting errors.
- Errors can occur in CPU and memory hardware, I/O devices, and user programs.
- Examples of errors include memory errors, power failures, disk parity errors, network
connection failures, and program errors like arithmetic overflows or accessing illegal memory
locations.
- The operating system should take appropriate actions to ensure correct and consistent
computing.
2.2 USER AND OPERATING-SYSTEM INTERFACE
- Actions can include halting the system, terminating error-causing processes, or returning error
codes to processes for detection and possible correction. There are two fundamental approaches for users to interface with the operating system: command-
line interface (CLI) and graphical user interface (GUI).
Services for System Efficiency
2.2.1 CLI
1.Resource Allocation
- The operating system manages resource allocation for multiple users or jobs. Command Interpreter:
- It handles various resources like CPU, memory, storage, and I/O devices. - Some operating systems include the command interpreter in the kernel, while others treat it as
- Specific or general code is used to allocate different types of resources. a special program.
- CPU scheduling routines optimize CPU usage based on speed, job count, and available registers.
- Peripheral devices like printers and USB storage may also be allocated by the operating system.

2.Accounting
- The operating system keeps track of resource usage by users, including CPU time, memory
usage, and file storage.
8
 GUIs in UNIX Systems:
- Traditionally, UNIX systems were dominated by command-line interfaces.
- GUI options include the Common Desktop Environment (CDE), X-Windows, KDE, and
GNOME. CDE and X-Windows are common in commercial UNIX versions like Solaris
and IBM's AIX. KDE and GNOME are open-source GUI desktops available on Linux and
various UNIX systems.

2.2.3 Choice of Interface

- Systems with multiple command interpreters are known as shells. Examples include Bourne - The choice between a command-line interface (CLI) and a graphical user interface (GUI)
shell, C shell, Bourne-Again shell, and Korn shell in UNIX and Linux. is primarily based on personal preference.
- Shells provide similar functionality, and the choice of which shell to use is usually based on - The choice between CLI and GUI is a matter of personal preference and efficiency.
personal preference. - System administrators and power users often prefer CLI for its efficiency and scripting
- The main function of the command interpreter is to get and execute user-specified commands. capabilities.
Many commands manipulate files, such as creating, deleting, listing, printing, and copying. - Windows users tend to favor the GUI, while Mac OS X provides both GUI and CLI options.
- Commands can be implemented in two general ways:
- The command interpreter contains the code to execute the command. 2.3 SYSTEM CALLS
o In the first approach, the command interpreter executes the command directly by
making system calls. System calls provide a means for user programs to interact with the services offered by the operating
system. These calls are typically exposed as routines in C and C++, though low-level tasks may
- Most commands are implemented through separate system programs. require assembly-language instructions.
o In the second approach (used by UNIX), the command interpreter identifies the Example of Using System Calls:
command as a file to be loaded into memory and executed. Each command's
functionality is defined by the code in the corresponding file. To illustrate how system calls are utilized, consider a simple program that copies data from one file
o In the second approach, new commands can be easily added to the system by creating to another. The program requires input file and output file names. The approach for obtaining these
new files with the proper names. names can vary based on the operating system's design, such as user input in an interactive system or
o The command interpreter program does not need to be changed for new commands selection from a menu in a GUI environment.
to be added.
The program then proceeds through various steps, each of which may involve one or more system
2.2.2 GUI calls:
Graphical User Interfaces (GUI):
• Prompting the user for file names (system calls for writing to the screen and reading from the
- GUI provides a user-friendly interface for interacting with the operating system. keyboard).
- Users navigate through a mouse-based window-and-menu system on a graphical desktop. • Opening the input and output files (system calls for file operations).
• Handling possible error conditions during file operations (additional system calls).
- Icons represent programs, files, directories, and system functions, and clicking on them
• Reading from the input file and writing to the output file in a loop (system calls for I/O
performs actions or displays menus
operations).
- GUIs originated from research conducted at Xerox PARC in the 1970s.
• Handling potential errors during I/O operations (more system calls).
- The Xerox Alto computer introduced the first GUI in 1973. • Closing both files (system calls).
- Apple Macintosh computers popularized GUIs in the 1980s, with the Aqua interface being • Writing a completion message (additional system calls).
a significant development. • Terminating the program (final system call).
- Microsoft's Windows added GUI capabilities to MS-DOS, evolving in appearance and
functionality in later versions. Application Programming Interface (API):
- Mobile systems like smartphones and tablets use touchscreen interfaces instead of a mouse.
- Programs often rely heavily on the operating system, making frequent system calls to access
- Users interact by making gestures on the touchscreen, such as pressing and swiping fingers.
system resources and functionalities.
9
 - Application developers primarily interact with the operating system through an Application Parameter Passing:
Programming Interface (API).
There are three general methods used to pass parameters to the operating system:
- The API specifies a set of functions that are available to an application programmer, including
the parameters that are passed to each function and the return values the programmer can
1. Register method:
expect.
- Parameters are passed directly in registers.
- Three common APIs used by application programmers are the Windows API for Windows
- It allows for quick access to the parameters during system call execution.
systems, the POSIX API for POSIX-based systems (including UNIX, Linux, and Mac OS X),
- However, it has limitations when there are more parameters than available registers.
and the Java API for Java virtual machine-based programs.
- Programmers access APIs through libraries provided by the operating system
2. Memory block method:
- For instance, the Windows function CreateProcess() internally invokes the NTCreateProcess()
- Parameters are stored in a block or table in memory. The address of the memory block
system call in the Windows kernel.
containing the parameters is passed as a parameter in a register. This method allows for
handling a larger number of parameters by storing them in memory. Linux and Solaris
why application programmers prefer programming according to an API rather than directly
are examples of operating systems that employ this approach.
invoking system calls.
Programming with an API allows the program to be compiled and run on any system that supports 3. Stack method:
the same API. This offers a level of portability, although there may be architectural differences - Parameters also can be placed, or pushed, onto the stack by the program and popped off
between systems that need to be considered. the stack by the operating system. Some operating systems prefer the block or stack
method because those approaches do not limit the number or length of parameters being
System-Call Interface: passed
- The run-time support system in most programming languages provides a system-call interface
that links to system calls provided by the operating system.
- The system-call interface intercepts function calls in the API and invokes the corresponding
system calls in the operating system.
- System calls are identified by numbers, and the system-call interface maintains a table indexed
by these numbers.
- The system-call interface invokes the intended system call in the operating-system kernel and
returns the status and any return values.
- The caller, which is the application programmer, doesn't need to know the implementation
details of the system call or its execution process.
- The programmer only needs to follow the API and understand the expected behavior of the
operating system as a result of the system call execution.
- The relationship between an API, the system-call interface, and the operating system is
illustrated in Figure

2.4 TYPES OF SYSTEM CALLS

System calls can be categorized into six major groups: process control, file manipulation, device
manipulation, information maintenance, communications, and protection.

10
 • create_process()/submit_jobs(): This system call creates a new process, which is a new
instance of a running program.
• terminate_process(): This system call terminates a specific process, which may involve
freeing up resources associated with it.

get process attributes, set process attributes:

• get_process_attributes: Retrieves information about a process, such as its ID, status, or
other characteristics.
• Set_process_attributes: Allows modification of process properties like priority,
permissions, or other attributes.

wait for time:

• wait_time(): This system call allows a process to wait for a specified amount of time
before proceeding with further execution.

wait event, signal event:

• wait_event: Puts a process to sleep until a specific event occurs (like a signal from
another process or a hardware event).
• signal_event(): Sends a signal or notification to a process, waking it up if it was waiting
for a particular event.

allocate and free memory:

• allocate_memory(): Reserves a portion of memory for a process to use.
• free_memory(): Releases previously allocated memory back to the system for reuse

acquire and release lock

● Operating systems often provide system calls for processes to coordinate and lock

1. Process Control shared data.

● System calls like acquire lock() and release lock() allow a process to lock shared data,
end, abort: preventing other processes from accessing it until the lock is released.
• end(): This system call terminates the current process and frees up any resources it was
using. 2. File Management
• abort(): This system call abruptly terminates a process and returns control to the
operating system. • create(): Used to create a new file in the file system. It requires the name of the file and
• Abnormal termination may occur when the program encounters an error trap or makes possibly some of the file's attributes.
a system call to terminate abnormally. • delete(): Removes a file from the file system.
• In case of abnormal termination, a memory dump may be taken and an error message is • open(): Establishes a connection or link between a file and a process, allowing the process
generated, which can be examined using a debugger. to perform operations on the file.
• A debugger is a system program designed to aid the programmer in finding and
• Operations: After opening, processes may perform actions like read(), write(), or
correcting errors, or bugs—to determine the cause of the problem.
reposition() (which allows moving the file pointer within the file, e.g., to rewind or skip to
the end of the file).
load, execute:
• load(): Loads a program into memory from a file on disk so that it can be executed.
• close(): Terminates the connection between a file and a process, indicating that the process
• execute(): Begins the execution of a loaded program. is no longer using the file.
• File attributes include details like file name, file type, protection codes, accounting
create process, terminate process: information, etc.
• get_file_attributes(): Retrieves information about a file, such as its attributes.
11
 • set_file_attributes(): Allows modification of file attributes if necessary. Message-Passing Model:
• Similar operations may be performed on directories, including creating, deleting, and • Processes communicate by sending and receiving messages with each other. Messages can
manipulating them. Operations for directories may include create_dir(), delete_dir(), and be sent directly between processes or indirectly through a common mailbox.
others. • Before communication can occur, a connection must be opened, requiring knowledge of
• Some operating systems provide more advanced file operations like move() and copy(). the recipient's name or identifier.
• The operating system provides system calls like get_ hostid() and get_processid() to
• These may be available as separate system calls or may be implemented through APIs that
translate names into identifiers.
combine multiple system calls.
• The process identifiers are passed to system calls such as open() and close(), provided by
the file system, or specific open_connection() and close _connection() calls to establish
3. Device Management and terminate connections.
• Typically, the receiving process (server) uses an accept connection() call to allow
• request(): Requests access to a specific hardware device. communication. Special-purpose daemons, which are system programs designed for
• release(): Releases control of a device back to the system. receiving connections, often execute a wait for connection() call and are awakened when
• read(): Reads data from a device into a buffer in memory. a connection is made.
• write(): Writes data from a buffer in memory to a device. • Messages are exchanged between the client and server using read_message() and
• reposition(): Changes the current position within a device write_message() system calls.
• get_device_attributes(): Retrieves information about a hardware device, such as type, • Communication is terminated with the close_connection() call.
status, or capabilities.
• Set_device_attributes(): Allows modification of device properties like configuration Shared-Memory Model:
settings.
• Processes use the shared_memory_create() system call to create a shared memory region
• logically attach or detach devices: Attaches or detaches a device, making it available
that can be accessed by multiple processes. This region of memory is typically owned by a
or unavailable for use by a process.
specific process
• Processes use the shared_memory_attach() system call to gain access to the shared
4. Information Maintenance: memory region created by another process. This allows them to read from and write to the
shared memory.
• Shared memory allows processes to read from and write to shared areas of memory,
• get_time() or get_date(): Retrieves the current system time or date. enabling data exchange.
• set_time() or set_date: Allows modification of the system's current time or date. • The format of the data exchanged is determined by the processes and is not controlled by
• get_system_data(): Retrieves various system-level information, such as system the operating system.
configuration, statistics, etc. • Processes must ensure mutual exclusion and synchronization when accessing shared
• set_system data(): Allows modification of system-level parameters or settings.
memory to avoid conflicts.
● System calls for debugging purposes include memory dumping functions (dump()) to
assist in program debugging. Benefits and Considerations
● Program traces can be generated to list each executed system call, aiding in program 1. Message passing is useful for smaller data exchanges and is easier to implement for
analysis and debugging. intercomputer communication.
● Some microprocessors have a single-step mode that triggers a trap after each 2. Shared memory allows fast and convenient communication within a computer at
instruction, allowing for debugging with a debugger. memory transfer speeds.
● Time profiling measures the execution time of a program at specific locations or sets of
3. However, shared memory introduces challenges in areas such as protection and
locations. synchronization between processes.
● This can be achieved through tracing facilities or regular timer interrupts that record the
program counter's value.
6. Protection
5. Communication
● Protection is a mechanism that controls access to the resources provided by a computer system.
● System calls related to protection typically include set_permission() and get_permission(),
which allow manipulation of permission settings for resources such as files and disks.
There are two common models: the message-passing model and the shared-memory model.

12
 ● Additional system calls like allow_user() and deny_user() enable the specification of access • Major performance improvements in operating systems are more likely to be achieved
permissions for particular users, either granting or denying access to specific resources. through efficient data structures and algorithms rather than assembly-language code.
Critical Routines:
• Certain routines (e.g., interrupt handler, I/O manager, memory manager, CPU
2.6 Operating-System Design and Implementation scheduler) are critical for high performance and may benefit from assembly-language
Design Goals: optimizations.
• Design of an operating system is influenced by factors like choice of hardware and the
type of system (e.g., batch, time sharing, single/multi-user, real-time). 2.7 OPERATING-SYSTEM STRUCTURE
• Requirements can be divided into user goals and system goals.
User Goals: • Instead of a monolithic structure, systems are divided into small modules with clear
• Users expect a system to be convenient, easy to learn and use, reliable, safe, and fast.
functions.
• Achieving these goals is not always straightforward and may not have a universally
agreed upon solution. • These modules are interconnected and integrated into a kernel.
System Goals: • The kernel is responsible for key tasks like memory management, CPU scheduling, and file
• Designers, creators, maintainers, and operators of the system seek an OS that is easy to system management.
design, implement, maintain, flexible, reliable, error-free, and efficient. • Modular design improves manageability, maintainability, and adaptability of operating
• These goals can also be open to interpretation and may vary across environments. systems.
No Unique Solution:
• There's no one-size-fits-all solution for defining OS requirements, leading to a wide
2.7.1 Simple Structure
range of system designs based on specific needs. Many operating systems do not have well-defined structures.

Mechanisms and Policies: MS-DOS:

• Mechanisms determine how to do something, while policies determine what will be • MS-DOS started as a small, simple system and grew beyond its original scope.
done. • It was written to provide the most functionality in the least space, so it was not carefully
• This separation allows for flexibility, as policies are more likely to change than divided into modules.
mechanisms. • In MS-DOS, the interfaces and levels of functionality are not well separated.
• Microkernel-based systems emphasize separating mechanisms from policies to allow
• Application programs could directly access low-level routines, leading to system crashes
for dynamic customization through user-created kernel modules.
when programs failed.
Example: Priority Mechanism
• A mechanism for giving priority to certain program types over others. • MS-DOS was also limited by the hardware of its time, lacking dual mode and hardware
• When properly separated from policy, it can support different policies, such as protection.
prioritizing I/O-intensive programs or CPU-intensive ones.
Implementation:
• Early operating systems were written in assembly language, but modern OSes are often
written in higher-level languages like C or C++.
● Different parts of an OS can be written in different languages, based on requirements.
Operating systems can use multiple languages, with assembly for low-level kernel
components and higher-level languages for routines and system programs.

Advantages of Higher-Level Languages:

• Higher-level languages lead to faster development, more compact code, easier
debugging, and portability across hardware platforms.
• Compiler technology advancements benefit the entire OS through simple recompilation.
Disadvantages of Higher-Level Languages: Original UNIX:
• Potential drawbacks include reduced speed and increased storage requirements, but
modern compilers and hardware mitigate these concerns.
13
 ● Like MS-DOS, the original UNIX operating system had limited structuring due to
hardware limitations.
● It consisted of two main parts: the kernel and the system programs.
● The kernel had interfaces and device drivers, which were expanded over time.
● The traditional UNIX system had a layered structure, with the kernel providing file
system, CPU scheduling, memory management, and other operating-system functions
through system calls
● While the monolithic structure had performance advantages, it was difficult to
implement and maintain.

An operating-system layer is an implementation of an abstract object that contains data and operations
to manipulate that data. A typical operating-system layer—layer M—consists of data structures and
a set of routines that can be invoked by higher-level layers. Layer M, in turn, can invoke operations
on lower-level layers.

Advantages of the Layered Approach:

• Layered approach simplifies construction and debugging.
• Each layer uses functions and services from lower-level layers.
• Debugging can be done layer by layer without considering the entire system.
2.7.2 Layered Approach: • Errors in a layer indicate issues specific to that layer, assuming lower layers are functioning
correctly.
With suitable hardware support, operating systems can be divided into smaller, more controlled • Layers rely on operations from lower-level layers without knowing implementation details.
pieces, allowing greater control over the computer and applications. • Hiding of data structures, operations, and hardware is possible between layers.
Top-down approach is used to determine overall functionality and features, separating them into • System design and implementation are simplified with separate and independent layers.
components.
Information hiding allows programmers to implement low-level routines freely as long as the external Challenges with the Layered Approach:
interface remains unchanged. • The major difficulty with the layered approach involves appropriately defining the various
The layered approach is one method of achieving modularity, with the operating system divided into layers. Because a layer can use only lower-level layers, careful planning is necessary.
multiple layers. The bottom layer (layer 0) is the hardware; the highest (layer N) is the user interface.
• Layered implementations tend to be less efficient compared to other approaches. Each layer
adds overhead to system calls, resulting in longer execution times.
• The parameters and data may need to be modified and passed between layers, further
contributing to overhead.
In recent years, there has been a trend towards designing systems with fewer layers that provide more
functionality. This approach retains the benefits of modularized code while avoiding the challenges
associated with excessive layering.
2.7.3 Microkernels
This approach aimed to modularize the kernel by implementing nonessential components as system
and user-level programs. By doing so, the kernel became smaller and more manageable.
This results in a smaller kernel with minimal process and memory management capabilities, along
with a communication facility.

14
 ● Core services like CPU scheduling and memory management are built directly into the
kernel.
● The overall structure resembles a layered system, but modules can call each other freely.
● This approach is more efficient than a microkernel as modules can communicate
without message passing.
● Examples of operating systems that use loadable kernel modules include Solaris, Linux,
Mac OS X, and Windows.

The microkernel's primary function is to facilitate communication between client programs and
various services running in user space. This communication occurs through message passing,
allowing the client program to interact indirectly with services like file servers by exchanging
messages with the microkernel. 2.7.4 Hybrid Systems:

Benefits of Microkernels: ● Hybrid systems combine different operating system structures to address performance,
● Extending the operating system becomes easier with the microkernel approach, as new security, and usability concerns.
services can be added to user space without modifying the kernel extensively. ● Linux and Solaris are examples of hybrid systems that are primarily monolithic but also
● The microkernel approach facilitates portability and makes the operating system easier to adapt support dynamic addition of functionality through modules.
to different hardware designs. ● Windows is largely monolithic for performance reasons but retains some characteristics
● Security and reliability are enhanced with the microkernel approach, as most services run as of microkernel systems, such as separate subsystems running as user-mode processes
user processes rather than in the kernel. Failures in services do not affect the rest of the and support for dynamically loadable kernel modules.
operating system. ● Hybrid systems aim to achieve a balance between performance and flexibility while
● Examples of operating systems that have used the microkernel approach include Tru64 UNIX meeting specific requirements.
(Digital UNIX), Mac OS X (Darwin), and QNX Neutrino. ● hybrid systems, includes Apple Mac OS X, iOS, and Android

Performance Considerations: CHAPTER 3: PROCESS MANAGEMENT

● However, microkernels can suffer from increased system-function overhead, which can impact
performance. Some operating systems, like Windows NT, have partially addressed this by Definition of a Job
moving certain layers from user space to kernel space. ● A job is a unit of work or task submitted to the operating system for processing.
● Over time, some operating systems have transitioned from a microkernel architecture to a more ● It represents a specific work request or job batch.
monolithic design for improved performance. ● A job consists of instructions or a program, along with associated data and resources.
● Jobs are commonly used in batch processing systems.
2.7.3 Loadable Kernel Modules: ● Multiple jobs are submitted and processed sequentially by the operating system.
● Loadable kernel modules are a popular methodology for operating system design. 3.1.1 The Process
● The kernel provides core components, and additional services are linked dynamically
through modules.
● A process is a instance of a program in execution.
● This design allows for flexibility and easy addition of new features without recompiling
the kernel.
Components of a process

15
 ● Program code (text section)
● Current activity (program counter, processor registers)
● Process stack (temporary data, function parameters, return addresses, local variables)
● Data section (global variables)
● Heap (dynamically allocated memory)

3.1.3 Process Control block

A process control block (PCB), also known as a task control block, represents a specific process in
the operating system. The PCB, as shown in Figure below, contains various information associated
with the process.

Difference Between Program and Process:

● A program is a passive entity, like a file containing instructions.
● A process is an active entity with a program counter, associated resources, and
execution in memory.
● Loading an executable file into memory transforms a program into a process. Key Information in the PCB:
3.1.2 Process States • Process state. The state may be new, ready, running, waiting, halted, and so on.
• Program counter. The counter indicates the address of the next instruction to be executed
As a process executes, it transitions between different states. The state of a process is determined by for this process.
its current activity. The common process states include New, Running, Waiting, Ready, and
• CPU registers. The registers vary in number and type, depending on the computer
Terminated.
architecture. They include accumulators, index registers, stack pointers, and general-
purpose registers, plus any condition-code information. Along with the program counter,
Process States:
this state information must be saved when an interrupt occurs, to allow the process to be
a. New: The process is being created.
continued correctly afterward.
b. Running: Instructions are being executed.
• CPU-scheduling information. This information includes a process priority, pointers to
c. Waiting: The process is waiting for some event to occur (such as an I/O completion
scheduling queues, and any other scheduling parameters.
or reception of a signal).
d. Ready: The process is waiting to be assigned to a processor. • Memory-management information. This information may include such items as the
e. Terminated: The process has finished execution. value of the base and limit registers and the page tables, or the segment tables, depending
on the memory system used by the operating system.
Only one process can run on a processor at any given time. Multiple processes can be in the ready • Accounting information. This information includes the amount of CPU and real time
state, waiting for their turn to be assigned to a processor. A state diagram, such as the one shown in used, time limits, account numbers, job or process numbers, and so on.
Fig, represents the transitions between different process states. • I/O status information. This information includes the list of I/O devices allocated to the
process, a list of open files, and so on.

3.1.4 Threads
16
Single Threaded Process Model: • Each PCB includes a pointer field that points to the next PCB in the ready queue. The
system also includes other queues.
The traditional process model assumes that a process executes a single thread of execution. In this • When a process is allocated the CPU, it executes for a while and eventually quits, is
model, a process performs one task at a time, such as executing a word-processing program. interrupted, or waits for the occurrence of a particular event, such as the completion of an
I/O request.
Limitations of Single Threaded Processes: • Suppose the process makes an I/O request to a shared device, such as a disk. Since there
are many processes in the system, the disk may be busy with the I/O request of some other
Single-threaded processes restrict concurrent execution of multiple tasks within the same process. process. The process therefore may have to wait for the disk. The list of processes waiting
For example, a user cannot type characters and run the spell checker simultaneously within a single- for a particular I/O device is called a device queue. Each device has its own device queue
threaded process.
Queueing Diagram:
Most modern operating systems have extended the process concept to allow a process to have
multiple threads of execution and thus to perform more than one task at a time. This feature is ● A common representation of process scheduling is a queueing diagram.
especially beneficial on multicore systems, where multiple threads can run in parallel. On a system ● It consists of rectangular boxes representing different queues, such as the ready queue
that supports threads, the PCB is expanded to include information for each thread. Other changes and device queues.
throughout the system are also needed to support threads. ● Circles represent resources that serve the queues, and arrows indicate the flow of
processes in the system.

Process Execution and Transitions:

● A new process is initially put in the ready queue. It waits there until it is selected for
execution, or dispatched.
● Once the process is allocated the CPU and is executing, one of several events could
occur
1. The process could issue an I/O request and then be placed in an I/O queue.
2. The process could create a new child process and wait for the child’s termination.
3. The process could be removed forcibly from the CPU, as a result of an interrupt,
and be put back in the ready queue
3.2 PROCESS SCHEDULING
Processes cycle between the ready and waiting states until they terminate, at which point they are
The objective of multiprogramming is to have some process running at all times, to maximize CPU removed from all queues, and their resources and PCBs are deallocated.
utilization. The objective of time sharing is to switch the CPU among processes so frequently that
users can interact with each program while it is running.

To meet these objectives, the process scheduler selects an available process (possibly from a set of
several available processes) for program execution on the CPU. For a single-processor system, there
will never be more than one running process. If there are more processes, the rest will have to wait
until the CPU is free and can be rescheduled.

3.2.1 Scheduling Queues:

• As processes enter the system, they are put into a job queue, which consists of all processes
in the system.
• The processes that are residing in main memory and are ready and waiting to execute are
kept on a list called the ready queue. This queue is generally stored as a linked list.
• A ready-queue header contains pointers to the first and final PCBs in the list. 3.2.2 Schedulers

17
A process migrates among the various scheduling queues throughout its lifetime. The operating ● An I/O-bound process is one that spends more of its time doing I/O than it spends doing
system must select, for scheduling purposes, processes from these queues in some fashion. The computations. A CPU-bound process, in contrast, generates I/O requests infrequently,
selection process is carried out by the appropriate scheduler. using more of its time doing computations.

Types of Process Schedulers: Absence of Long-term Scheduler in Some Systems:

● Time-sharing systems like UNIX and Microsoft Windows may lack a dedicated long-term
In a batch system, processes that cannot be immediately executed are stored on a mass-storage device scheduler.
typically a disk where they are kept for later execution ● Every new process is placed directly into memory for the short-term scheduler.
● The stability of these systems relies on factors such as physical limitations (e.g., available
● Long-term Scheduler (AKA Job Scheduler): selects processes from storage and loads terminals) or the self-adjusting behavior of human users.
them into memory. The long-term scheduler controls the degree of multiprogramming (the
number of processes in memory). Medium-term Scheduler (Swapping):
● Short-term Scheduler (AKA CPU Scheduler): chooses from the ready processes and ● Some operating systems introduce an intermediate level of scheduling called the medium-
assigns the CPU to one of them for execution. term scheduler.
● It can remove a process from memory (temporarily swapping it out) to reduce the degree
of multiprogramming.
Scheduler Short-Term Scheduler Long-Term Scheduler ● Swapped-out processes can later be reintroduced into memory and continue execution from

Executes much less frequently, where they left off.

● Swapping may be necessary to improve the process mix or free up memory when
Executes frequently, often at least minutes may separate the creation of
overcommitted.
Frequency once every 100 milliseconds. new processes.
Selects a process from those ready to Selects processes from the storage
Purpose execute and allocates the CPU. pool and loads them into memory.
Must be fast due to short intervals Can take more time to decide which
Execution Time between executions. process to select.
Does not affect process mix (I/O- Important to select a good mix of I/O-
Process Mix bound or CPU-bound). bound and CPU-bound processes.
Can be absent or minimal in some
System Essential in most systems to manage systems, especially time-sharing
Dependence CPU allocation efficiently. systems. 3.2.2 Context Switch
May introduce a medium-term Interrupts cause the operating system to change a CPU from its current task and to run a kernel
Intermediate scheduler (swapping) to adjust routine. When an interrupt occurs, the system needs to save the current context of the process running
Level Does not have an intermediate level. memory usage and process mix. on the CPU so that it can restore that context when its processing is done, essentially suspending the
process and then resuming it.
Process Mix: The context is represented in the PCB of the process. It includes the
● value of the CPU registers
● Processes can be categorized as I/O bound (spends more time on I/O) or CPU bound ● the process state and
(spends more time on computations). ● memory-management information.
● The long-term scheduler should select a balanced mix of I/O-bound and CPU-bound
processes to optimize system performance. When a context switch occurs, the kernel saves the context of the old process in its PCB and loads
● Having a combination of both types of processes ensures efficient utilization of the ready the saved context of the new process scheduled to run. Context-switch time is pure overhead, because
queue and I/O waiting queue. the system does no useful work while switching.

18
Switching speed varies from machine to machine, depending on the memory speed, the number of ● Processes can read from and write to this shared region to exchange information.
registers that must be copied, and the existence of special instructions (such as a single instruction to ● Shared memory allows for efficient communication and is suitable for larger data
load or store all registers). exchanges.
● Once the shared memory region is established, processes can access it as routine
memory without kernel intervention.
3.3 Interprocess Communication ● Shared-memory systems can be faster than message-passing systems since they don't
Processes in an operating system can be classified as independent or cooperating. require frequent kernel intervention.
Independent Process: Cannot affect or be affected by other processes. Does not share data with any ● However, shared-memory systems may face cache coherency issues when multiple
other process. cores are involved.
Cooperating Process: Can affect or be affected by other processes. Shares data with other processes.
2. Message Passing Model:
● In the message-passing model, communication occurs through messages exchanged
Process cooperation is important for various reasons: between cooperating processes.
● Processes send messages to each other, and the operating system facilitates the routing
Sharing information: Multiple users may need to access the same information simultaneously, so
and delivery of these messages.
we need a way to allow them to do so.
● Message passing is typically used for smaller data exchanges and is easier to implement
Speeding up computations: Breaking tasks into smaller subtasks that can run in parallel can make
in distributed systems.
them faster, especially on systems with multiple processing cores.
● Message passing often involves system calls, which incur overhead due to kernel
Organizational modularity: Dividing system functions into separate processes or threads helps
intervention.
make the system more organized and easier to handle.
● In recent research, message passing has shown better performance than shared memory
User convenience: Individuals often work on multiple tasks at once, like editing, listening to music,
in systems with multiple processing cores.
and compiling simultaneously.
Both models have their advantages and are commonly implemented in operating systems. Message
passing is suitable for smaller data exchanges and is easier to implement in distributed systems.
Shared memory is efficient for larger data exchanges and can provide faster access once the shared
memory region is established. The choice between the two models depends on factors such as the
size of data being exchanged, system architecture, and performance considerations.

CHAPTER 6: CPU Scheduling

In a single-processor system, only one process can run at a time. Others must wait until the CPU is
free and can be rescheduled.

The objective of multiprogramming is to maximize CPU utilization. In a simple computer system,

when a process waits for I/O, the CPU remains idle. Multiprogramming keeps multiple processes in
memory simultaneously. When one process waits, the CPU is given to another process. This ensures
productive use of CPU time and avoids wasting idle time. Scheduling, including CPU scheduling, is
a crucial function of the operating system. It helps allocate computer resources effectively and
manage process execution.

Cooperating processes require an interprocess communication (IPC) mechanism that will allow them
to exchange data and information. There are two fundamental models of interprocess communication:
shared memory and message passing
● Shared Memory Model:In the shared-memory model, a region of memory is
established and shared among cooperating processes.
19
 ● The ready queue, where processes are waiting to execute, can be implemented using different
data structures such as FIFO queue, priority queue, tree, or unordered linked list.
● Regardless of the implementation, all processes in the ready queue are lined up, waiting for
their turn to run on the CPU.
● The records in the ready queue are typically process control blocks (PCBs) of the processes.

6.1.3 Preemptive Scheduling

CPU-scheduling decisions may take place under the following four circumstances:
1. When a process switches from the running state to the waiting state (for example, as the result
of an I/O request or an invocation of wait() for the termination of a child process)
2. When a process switches from the running state to the ready state (for example, when an
interrupt occurs)
3. When a process switches from the waiting state to the ready state (for example, at completion
of I/O)
4. When a process terminates

For situations 1 and 4, there is no choice in scheduling. A new process must be selected if one is
available in the ready queue. Situations 2 and 3 allow for a choice in scheduling.

Nonpreemptive: Scheduling only occurs in circumstances 1 and 4. Once a process gets the CPU, it
keeps it until it releases it (terminates or goes to waiting state).
Preemptive: Scheduling occurs in circumstances 1, 2, 3, and 4. Processes can be interrupted, allowing
the CPU to be allocated to another process.
6.1.1 CPU –I/O Burst Cycle
Preemptive vs. nonpreemptive scheduling:
1. Process Execution Cycle ● Nonpreemptive (cooperative) scheduling: Once the CPU is allocated to a process, it keeps
● Process execution consists of alternating CPU execution and I/O wait the CPU until it releases it by terminating or moving to the waiting state.
● CPU burst: Initial phase of process execution, where the process uses the CPU ● Preemptive scheduling: CPU can be preempted from a running process and allocated to
● I/O burst: Follows the CPU burst, during which the process waits for I/O completion another process based on certain conditions.
● Process execution begins with a CPU burst. That is followed by an I/O burst, which is
followed by another CPU burst, then anotherI/O burst, and so on. Challenges and considerations with preemptive scheduling:
● Eventually, the final CPU burst ends with a system request to terminate execution • Race Conditions: Preemptive scheduling can lead to race conditions when multiple processes
● Typically, CPU burst durations follow a frequency curve with many short bursts and a share data, potentially causing data inconsistency.
few long bursts. • Kernel Design: Preemption affects the design of the operating-system kernel. The kernel may
● I/O-bound programs have many short CPU bursts. be busy with a process's system call and could be preempted in the middle of critical kernel
● CPU-bound programs may have a few long CPU bursts. data structure changes, leading to potential chaos.
● The distribution of burst durations is important in selecting an appropriate CPU- • Real-time Computing: Preemption may not be suitable for real-time computing, where tasks
scheduling algorithm. must complete within specific timeframes.

6.1.2 CPU Scheduler Interrupt handling and concurrent access:

● Interrupts, which can occur at any time, need to be managed carefully to avoid conflicts when
● The CPU scheduler is responsible for selecting a process from the ready queue when the CPU accessing sections of code affected by interrupts.
becomes idle. ● To prevent concurrent access, sections of code that handle interrupts disable interrupts at entry
● The selection process is carried out by the short-term scheduler or CPU scheduler. and reenable them at exit.
● The CPU scheduler chooses a process from the ready processes in memory and assigns the ● It's important to note that disabling interrupts is not done frequently and typically involves
CPU to that process. only a few instructions.
20
 When a process enters the ready queue, its PCB is linked onto the tail of the queue. When the CPU
6.1.4 Dispatcher is free, it is allocated to the process at the head of the queue. The running process is then removed
Its main role is to transfer control of the CPU to the process selected by the short-term scheduler. The from the queue.
dispatcher performs the following functions:
Example
1. Switching Context
● Consider the following set of processes that arrive at time 0, with the length of the CPU burst
2. Switching to User Mod given in milliseconds:
3. Jumping to the proper location in the user program to restart that program
● The order of arrival and scheduling affects the waiting time. Gantt charts are used to visualize
the schedule and waiting times.
The dispatcher should be as fast as possible, since it is invoked during every process switch. The time
it takes for the dispatcher to stop one process and start another running is known as the dispatch
latency

6.2 Scheduling Criteria

The following criteria are commonly used for comparing CPU scheduling algorithms: If the processes arrive in the order P1, P2, P3, and are served in FCFS order,
1. CPU Utilization: It measures the percentage of time the CPU is busy executing processes.
Higher CPU utilization indicates that the CPU is being effectively utilized. In a real system,
CPU utilization typically ranges from 40% for lightly loaded systems to 90% for heavily
loaded systems.

2. Throughput: Throughput measures the number of processes completed per unit of time. It The waiting time is 0 milliseconds for process P1, 24 milliseconds for process P2, and 27 milliseconds
represents the amount of work done by the system. Throughput can vary based on the nature for process P3. Thus, the average waiting time is (0 + 24 + 27)/3 = 17 milliseconds.
of processes, ranging from slow processes (e.g., one process per hour) to fast transactions (e.g., If the processes arrive in the order P2, P3, P1, however, the results will be as shown in the following
ten processes per second). Gantt chart:
3. Turnaround Time: Turnaround time is the total time taken from the submission of a process
until its completion. It includes time spent waiting to enter memory, waiting in the ready queue,
executing on the CPU, and performing I/O. Minimizing turnaround time is desirable as it
reduces the overall time taken to complete a process.
The average waiting time is now (6 + 0 + 3)/3 = 3 milliseconds. This reduction is substantial. Thus,
4. Waiting Time: Waiting time is the total time a process spends waiting in the ready queue the average waiting time under an FCFS policy is generally not minimal and may vary substantially
before being assigned the CPU. Minimizing waiting time is desirable as it reduces the delay if the processes’ CPU burst times vary greatly.
experienced by processes in the system.
Advantages of FCFS:
5. Response Time: Response time is the time from the submission of a request until the system
The code for FCFS scheduling is simple to write and understand.
produces the first response. In interactive systems, it is important to have low response times,
allowing users to receive feedback quickly. Response time is different from turnaround time,
as it measures the time it takes to start responding rather than the time to output the complete Limitations of FCFS Scheduling:
response.
• The average waiting time under FCFS policy can be long.
6.3 Scheduling Algorithms • The waiting time can vary substantially if the CPU burst times of processes vary greatly.
• The convoy effect is a phenomenon that occurs particularly with scheduling algorithms
First-Come, First-Served Scheduling like First-Come-First-Serve (FCFS), where a single long-running task, often a CPU-bound
FCFS is the simplest CPU-scheduling algorithm. It allocates the CPU to the process that requests it process, holds onto a critical resource (such as the CPU) for an extended period. This causes
first. It is implemented using a FIFO queue.
21
 a queue of other processes, often with shorter execution times, to form behind it, waiting By comparison, if we were using the FCFS (First-Come-First-Served) scheduling scheme, the
for their turn to access the resource. average waiting time would be 10.25 milliseconds.
• FCFS algorithm is nonpreemptive. Once the CPU is allocated to a process, that process
keeps the CPU until it releases it. Preemption is only allowed when a process terminates or Advantages:
requests I/O. Nonpreemptive FCFS is problematic for time-sharing systems where each
user needs a regular share of the CPU. ● SJF (Shortest-Job-First) scheduling algorithm aims to minimize the average waiting time for
a set of processes.
6.3.2 Shortest Job First Algorithm
Disadvantages:
● Shortest-Job-First (SJF) scheduling is a CPU scheduling algorithm that assigns the CPU to the
● The main challenge of SJF is accurately knowing the length of the next CPU burst for each
process with the smallest next CPU burst. It aims to minimize the average waiting time for a
process.
given set of processes.
● In long-term scheduling, users can provide an estimated process time limit to help determine
● Each process is associated with the length of its next CPU burst.
the next CPU burst length.
● When the CPU is available, it is assigned to the process with the smallest next CPU burst. ● SJF scheduling is commonly used in long-term scheduling scenarios, such as batch systems.
● If two processes have the same next CPU burst, First-Come-First-Served (FCFS) scheduling ● An approach is to approximate SJF by predicting the length of the next CPU burst based on
is used to break the tie. past behavior.
● SJF scheduling focuses on the length of the next CPU burst of a process, rather than its total
length. Preemptive vs. Nonpreemptive SJF:

Example • SJF can be either preemptive or nonpreemptive.

• Preemptive SJF (shortest-remaining-time-first scheduling) allows a new process with a shorter
burst time to preempt the currently executing process.
• Nonpreemptive SJF lets the currently running process finish its CPU burst.

6.3.3 Priority scheduling

Using SJF scheduling, we would schedule these processes according to the following Gantt chart: • Priority scheduling is a scheduling algorithm where each process is assigned a priority, and
the CPU is allocated to the process with the highest priority. If there are multiple processes
with the same priority, they are scheduled in a First-Come-First-Served (FCFS) order.
• In the case of Shortest Job First (SJF) algorithm, it can be seen as a special case of priority
scheduling. In SJF, the priority of a process is determined by the inverse of its predicted
next CPU burst. A shorter CPU burst corresponds to a higher priority, and vice versa.
In the given example the waiting times for each process are:
The example given in the text involves a set of processes (P1, P2, P3, P4, P5) with their respective
Process P1: 3 milliseconds CPU burst times and priorities. Using priority scheduling, the processes are scheduled as follows:

Process P2: 16 milliseconds

Process P3: 9 milliseconds

Process P4: 0 milliseconds

To calculate the average waiting time, we sum up the waiting times of all processes and divide by the
total number of processes:

(3 + 16 + 9 + 0) / 4 = 7 milliseconds

22
 • If the process completes its CPU burst within 1 time quantum, it voluntarily releases the
CPU, and the scheduler moves to the next process in the queue.
• If the process's CPU burst exceeds 1 time quantum, an interrupt occurs when the timer
expires. This triggers a context switch, and the process is moved to the tail of the ready
queue. The scheduler then selects the next process to execute.
Example: Given with three processes and a time quantum of 4 milliseconds. The processes are
scheduled as follows:

Priorities can be defined either internally or externally.

● Internally defined priorities are based on measurable quantities like time limits, memory
requirements, or I/O burst-to-CPU burst ratios.
● External priorities, on the other hand, are set by factors outside the operating system,
such as the importance of the process or political considerations.
Priority scheduling can be preemptive or nonpreemptive.
● In preemptive priority scheduling, a newly arrived process with a higher priority can The average waiting time for this schedule is calculated as 17/3 = 5.66 milliseconds.
preempt the currently running process.
● In nonpreemptive priority scheduling, the new process is simply placed at the head of ● The performance of the RR algorithm is influenced by the size of the time quantum.
the ready queue. ● If the time quantum is too large, RR scheduling becomes similar to First-Come-First-Served
(FCFS) scheduling.
Disadvantage ● If the time quantum is too small, it can lead to increased context switches, resulting in
● One major issue with priority scheduling algorithms is the problem of indefinite blocking or overhead.
starvation. ● Typically, time quanta range from 10 to 100 milliseconds, striking a balance between a
● Low-priority processes may wait indefinitely if a continuous stream of higher-priority reasonable time quantum and efficient context switching.
processes keeps occupying the CPU. ● The choice of the time quantum impacts both the average turnaround time and context
● This can result in either delayed execution of low-priority processes or even system crashes. switching overhead.
● If most processes can complete their CPU burst within a single time quantum, the average
To address the problem of indefinite blocking, aging can be used. Aging involves gradually
turnaround time can improve.
increasing the priority of processes that have been waiting in the system for a long time. By increasing
● However, if the time quantum is too large, context switching overhead increases and may
their priority, even low-priority processes will eventually get a chance to execute. This prevents
negatively affect the average turnaround time.
indefinite blocking and ensures fairness in process scheduling.
● It's important to select a time quantum that minimizes context switching overhead while still
allowing for efficient scheduling.
6.3.4 Round Robin
The round-robin (RR) scheduling algorithm is designed for time-sharing systems and introduces 6.3.5 Multilevel Queue Scheduling
preemption to allow the system to switch between processes. It works by dividing the CPU time into
In multilevel queue scheduling, the ready queue is divided into several separate queues, each with its
small units called time quantum or time slices. The ready queue is treated as a circular queue. own scheduling algorithm. The processes are permanently assigned to one of these queues based on
The CPU scheduler traverses the ready queue and allocates the CPU to each process for a time interval certain criteria such as process priority, memory size, or process type. Each queue has a different
of up to 1 time quantum. To implement RR scheduling, the ready queue is treated as a FIFO queue, priority level, and processes in higher-priority queues are given preference over processes in lower-
and new processes are added to the tail of the queue. The scheduler selects the first process from the priority queues.
queue, sets a timer for 1 time quantum, and dispatches the process.
Example of a multilevel queue scheduling algorithm with five queues listed in order of priority:
There are two possibilities when a process is executing.
23
1. System processes: This queue has the highest priority and contains processes related to the In the multilevel feedback queue scheduling algorithm, processes are initially assigned to a specific
operating system. It is given absolute priority over all other queues. queue when they enter the system. Each queue has a different priority level, and processes in higher-
2. Interactive processes: This queue is for foreground or interactive processes that require quick priority queues are scheduled before processes in lower-priority queues.
response times. It is scheduled using a round-robin (RR) algorithm, where each process is
allocated a fixed time quantum. The algorithm operates as follows:
3. Interactive editing processes: This queue is for processes involved in interactive editing tasks. It
has a lower priority than the interactive processes queue but higher priority than the batch and 1. Process Placement: When a process enters the ready queue, it is initially placed in the highest-
student processes queues. priority queue (e.g., queue 0).
4. Batch processes: This queue is for background or batch processes that do not require immediate 2. Time Quantum: Each queue is assigned a specific time quantum, which determines the maximum
response times. It is scheduled using a first-come-first-served (FCFS) algorithm. amount of CPU time a process can use before it is preempted and moved to a lower-priority queue.
5. Student processes: This queue has the lowest priority and contains processes related to student The time quantum generally increases with each lower-priority queue to allow longer bursts for
activities or lower-priority tasks. lower-priority processes.
3. Queue Execution: The scheduler executes processes in the highest-priority non-empty queue. If a
The scheduling among the queues can be implemented using fixed-priority preemptive scheduling, process completes within its time quantum, it exits the system. If a process does not finish within
where each queue is assigned a specific priority level, and processes in higher-priority queues its time quantum, it is preempted and moved to the next lower-priority queue.
preempt processes in lower-priority queues. 4. Queue Transition: A process can transition between queues based on certain conditions. For
example, if a process consumes too much CPU time in a higher-priority queue, it may be demoted
Another possibility is to allocate a portion of the CPU time to each queue in a time-slicing manner. to a lower-priority queue. Conversely, if a process waits for a long time in a lower-priority queue,
For example, the foreground queue may be allocated 80 percent of the CPU time for round-robin it may be promoted to a higher-priority queue. These transitions help prevent starvation and
scheduling among its processes, while the background queue receives 20 percent of the CPU time to balance the execution of processes.
schedule its processes using the FCFS algorithm. 5. Lower-Priority Queue Execution: If all higher-priority queues are empty, the scheduler executes
processes from the next lower-priority queue. This process continues until all queues are empty.
This multilevel queue scheduling approach allows for efficient management of different types of
processes with varying response-time requirements and priorities.

The multilevel feedback queue scheduling algorithm provides flexibility in managing processes with
different CPU burst characteristics. Shorter processes are given higher priority and execute quickly,
while longer processes are gradually moved to lower-priority queues, allowing them to execute in a
fair FCFS manner without blocking higher-priority processes.

The parameters that define a multilevel feedback queue scheduler include the number of queues, the
scheduling algorithm for each queue, the criteria for upgrading or demoting a process between
queues, and the method for determining which queue a process will enter when it needs service. These
6.3.6 Multilevel Feedback Queue parameters can be customized to suit the specific requirements of a system.
The multilevel feedback queue scheduling algorithm is a variation of multilevel queue scheduling
that allows processes to move between queues dynamically. This flexibility enables better However, due to the complexity of configuring and selecting the appropriate values for these
responsiveness and prevents starvation. parameters, the multilevel feedback queue scheduling algorithm is considered the most general and
complex CPU scheduling algorithm. It requires careful consideration and tuning to achieve optimal
performance for a particular system design.
24
UNIT - II A solution to the critical-section problem must satisfy the three requirements:
Chapter 5: Process Synchronization: Critical- Section Problem - Synchronization Hardware 1. Mutual Exclusion: Only one process can be executing in its critical section at any given time.
Semaphores - Classical Problems of Synchronization - Monitors. This ensures that shared resources are accessed in an exclusive manner, preventing data
Chapter 7: Deadlocks: Characterization - Methods for Handling Deadlocks - Deadlock Prevention - inconsistencies and race conditions.
Avoidance - Detection - Recovery. 2. Progress: If no process is currently executing in its critical section and multiple processes
want to enter their critical sections, the selection of the next process to enter its critical section
5.1 Introduction must be made among those processes that are not in their remainder sections. This ensures that
processes waiting to enter the critical section do not get indefinitely postponed, and at least
Cooperating processes refer to processes that interact with each other by sharing resources or one of them will eventually be granted access.
information. These processes can either have direct access to each other's code and data (shared 3. Bounded Waiting: There is a limit on the number of times other processes are allowed to
memory) or can communicate through files or messages. However, concurrent access to shared data enter their critical sections after a process has made a request to enter its critical section but
can lead to data inconsistency. before that request is granted. This prevents a single process from being starved by repeatedly
A race condition occurs when two or more threads or processes access shared data or resources in an being bypassed by other processes.
unpredictable order. The outcome of the program depends on the relative timing of the thread
Operating systems handle critical sections using two general approaches: preemptive kernels and
executions, which can lead to unexpected and erroneous behavior. To avoid race conditions, nonpreemptive kernels.
synchronization mechanisms are required to ensure that only one process manipulates shared data at
a time. Process synchronization becomes crucial in operating systems and multithreaded applications ● A preemptive kernel allows a process to be preempted while it is running in kernel mode.
running on multicore systems.
● A nonpreemptive kernel does not allow a process running in kernel mode to be preempted; a
5.2 The Critical-Section Problem
kernel-mode process will run until it exits kernel mode, blocks, or voluntarily yields control
of the CPU.
● Consider a system consisting of n processes {P0, P1, ..., Pn−1}.
● Each process has a segment of code, called a critical section, in which the process may be
Obviously, a nonpreemptive kernel is essentially free from race conditions on kernel data structures,
changing common variables, updating a table, writing a file, and so on.
as only one process is active in the kernel at a time. We cannot say the same about preemptive kernels,
● The important feature of the system is that, when one process is executing in its critical section,
so they must be carefully designed to ensure that shared kernel data are free from race conditions.
no other process is allowed to execute in its critical section.
● That is, no two processes are executing in their critical sections at the same time.
The choice between preemptive and nonpreemptive kernels depends on the specific needs of the
● The critical-section problem is to design a protocol that the processes can use to cooperate.
operating system and the applications it supports. Preemptive kernels are suitable for environments
● Each process must request permission to enter its critical section.
that require responsiveness and real-time processing, while nonpreemptive kernels may be preferred
● The section of code implementing this request is the entry section.
for simplicity and avoidance of race conditions. Operating system designers need to make thoughtful
● The critical section may be followed by an exit section.
decisions based on the requirements of the system and its intended usage.
● The remaining code is the remainder section.
5.3 Synchronization Hardware
• The critical-section problem refers to the challenge of ensuring mutual exclusion among
processes attempting to access shared resources concurrently.
• Software-based solutions like Peterson's algorithm may not work reliably on modern computer
architectures.
• This discussion explores various solutions to the critical-section problem, emphasizing the use
of locks to protect critical regions.
• Hardware instructions and more sophisticated software-based approaches are covered.

Hardware Instructions for Critical-Section Problem

• In a single-processor environment, preventing interrupts during shared variable modification
could ensure ordered execution without preemption.

25
 • However, this approach is less feasible in multiprocessor environments due to the time-
consuming nature of disabling interrupts and its impact on system efficiency.
• Special hardware instructions that allow testing and modifying word content atomically can
simplify solving the critical-section problem.
• Two key instructions are discussed: test and set() and compare and swap().

Test and Set() Instruction

• The test and set() instruction is executed atomically, ensuring that simultaneous executions on
different CPUs occur sequentially.

Bounded-Waiting Mutual Exclusion

• Although the previous algorithms ensure mutual exclusion, they do not guarantee bounded
waiting.
• Mutual exclusion can be achieved by declaring a boolean variable lock, initialized to false. • An algorithm using the test and set() instruction that satisfies all critical-section requirements
is presented.
• Common data structures include a boolean array waiting[n] and a boolean lock, initialized to
false.
• Process structure for bounded-waiting mutual exclusion:

Compare and Swap() Instruction

• The compare and swap() instruction operates on three operands and sets the value to the new
value only if a certain condition holds.

• Regardless, it always returns the original value of the variable.

• Mutual exclusion using compare and swap():
• Mutual exclusion is ensured as process Pi can enter its critical section only if either waiting[i]
== false or key == false, and the value of key can become false only if the test and set() is
executed.
26
 • Progress requirement is met as a process exiting the critical section sets either lock to false or
waiting[j] to false, allowing a waiting process to proceed.
• Bounded-waiting requirement is met as a process scans the array waiting in cyclic ordering,
designating the next process to enter the critical section. Any waiting process will enter its
critical section within n - 1 turns.

5.4 Mutex Locks

• Hardware-based solutions to the critical-section problem can be complex and inaccessible to Release() Function:
application programmers.
• Operating systems provide software tools to address the critical-section problem, with one of • The release() function sets the available variable to true, indicating that the lock is now
the simplest tools being the mutex lock (short for mutual exclusion). available for other processes.
• Mutex locks are used to protect critical regions and prevent race conditions. Processes must • The release() function is defined as follows:
acquire the lock before entering the critical section and release it when exiting.

Mutex Lock Basics:

• A mutex lock has a boolean variable called available, indicating whether the lock is available
(true) or not (false).
• The acquire() function acquires the lock, and the release() function releases it.
• A process that attempts to acquire an unavailable lock is blocked until the lock becomes Usage of Mutex Locks:
available.
• Mutex lock operations must be atomic. • Mutex locks can be implemented using hardware mechanisms
• A significant drawback of this implementation is busy waiting - when a process is in its critical
section, other processes attempting to enter must continuously loop in the acquire() call.
• This type of mutex lock is often referred to as a spinlock, as processes "spin" while waiting
for the lock.
• Spinlocks are advantageous when locks are held for short times, as they avoid the overhead of
context switching.
• However, continuous looping in busy waiting is inefficient in multiprogramming systems
shared among many processes.

Benefits of Spinlocks:

• Spinlocks are advantageous in scenarios where locks are held briefly, as they prevent the need
for context switches, which can be time-consuming.
Acquire() Function: • They are commonly used in multiprocessor systems where one thread can "spin" on one
processor while another thread executes its critical section on another processor.
• The acquire() function waits in a busy loop until the lock becomes available.
• It sets available to false upon successful acquisition. 5.5 Semaphores
• The acquire() function is defined as follows:
● Semaphores are synchronization tools used in operating systems.
● They are accessed through two atomic operations: wait() and signal().
● The wait() operation is also known as P, and the signal() operation is known as V.

27
 ● Modifications to the semaphore value must be executed indivisibly. This means that ● They behave similarly to mutex locks and can be used for providing mutual exclusion,
when one process modifies the semaphore value, no other process can simultaneously ensuring that only one process can access a critical section at a time.
modify the same semaphore value. ● Binary semaphores are particularly useful in systems that do not provide native mutex
locks.
Semaphore Operations:
● wait(S): Semaphore Usage for Synchronization:
● The wait operation (commonly denoted as P or "proberen" in Dutch) decrements
the semaphore value by 1. ● Semaphores can solve synchronization problems between concurrent processes.
● Checks if the value of semaphore S is less than or equal to 0. ● Example scenario:
● If true, it enters a busy-wait loop until the condition is false. ● Two processes P1 and P2 with statements S1 and S2, respectively.
● Once the condition is false, it decrements the value of S. ● Requirement: S2 should execute only after S1 completes.
● Solution:
● P1 and P2 share a common semaphore synch initialized to 0.
● In P1, after S1, it executes signal(synch) to increment the semaphore.

● signal(S):
● Increments the value of semaphore S.
● In P2, it executes wait(synch) to decrement the semaphore before S2.

● The signal operation (commonly denoted as V or "verhogen" in Dutch) increments the

● P2 will execute S2 only after P1 has invoked signal(synch) (S1
semaphore value by 1.
● If there are processes blocked in wait() on this semaphore, one of them is awakened, allowing completion). Because synch is initialized to 0, P2 will execute S2 only
it to proceed. after P1 has invoked signal(synch), which is after statement S1 has been
executed.
Types of Semaphores/ Semaphore usage
Deadlocks and Starvation in Semaphore-Based Synchronization
Operating systems distinguish between counting and binary semaphores.
• Semaphore-based synchronization introduces the possibility of deadlocks and starvation
Counting Semaphores: when multiple processes are waiting for events that can only be triggered by each other.

● Counting semaphores have an unrestricted domain for their value, meaning the value Deadlocks:
can range over any positive integer.
● They are often used to control access to a finite number of instances of a shared resource. • Deadlock occurs when two or more processes are indefinitely waiting for an event that can
● When initialized, the counting semaphore is set to the number of available instances of only be initiated by one of the waiting processes.
the resource. • The event in question here is often the execution of a signal() operation on a semaphore.
● Each process that wants to use the resource performs a wait() operation on the • To illustrate, consider two processes, P0 and P1, with semaphores S and Q, both initialized to
semaphore, which decrements the count. 1:
● When a process releases the resource, it performs a signal() operation on the semaphore, • P0 executes wait(S), and P1 executes wait(Q).
which increments the count. • Then, P0 tries to execute wait(Q) and waits for P1 to execute signal(Q).
● If the count reaches 0, it means all instances of the resource are being used, and • Similarly, P1 tries to execute wait(S) and waits for P0 to execute signal(S).
processes wanting to use the resource will block until the count becomes greater than 0 • Both processes are now waiting for the other to release a semaphore, causing a deadlock.
again (indicating that resources are available).
Deadlocked State:
Binary Semaphores:
● Binary semaphores can only have two values: 0 and 1.
28
 • A set of processes is considered to be in a deadlocked state when every process in the set is
waiting for an event that can only be triggered by another process in the same set.
• The most common events leading to deadlocks are resource acquisition and release.
• Deadlocks may also arise from other types of events

Starvation:

• Starvation is another related issue where a process waits indefinitely within a semaphore.
• It can occur when processes are removed from the semaphore's waiting queue in a LIFO (last-
in, first-out) order.
• This means that newer processes get priority over older ones, which may lead to older
processes never getting access to the resource, resulting in indefinite waiting.

Handling Deadlocks:

• Deadlock handling is a critical issue in operating systems.

• Various mechanisms, such as deadlock detection, prevention, and recovery
• The goal is to ensure that deadlocks are avoided or resolved to keep the system functioning
correctly.

5.7 Classic Problems of Synchronization

The Bounded-Buffer Problem
• The bounded-buffer problem is a classic synchronization problem used to demonstrate the use
of synchronization primitives.
• In this problem, producer and consumer processes share data structures to manage a buffer
pool.
• The problem involves ensuring proper synchronization between producers and consumers to
prevent overfilling or underutilizing the buffer pool.
Explanation:
Data Structures and Semaphores:
• The producer process produces items to be added to the buffer pool.
• The producer and consumer processes use the following data structures: • The consumer process consumes items from the buffer pool.
• Integer n: The total number of buffers in the pool. • The empty semaphore ensures that the producer waits for an empty buffer before adding an
• Semaphore mutex: Provides mutual exclusion for accesses to the buffer pool. Initialized item.
to 1. • The full semaphore ensures that the consumer waits for a full buffer before consuming an item.
• Semaphore empty: Counts the number of empty buffers. Initialized to n. • The mutex semaphore provides mutual exclusion to ensure that only one process accesses the
• Semaphore full: Counts the number of full buffers. Initialized to 0. buffer pool at a time.
• The producer adds items to the buffer and signals that it's full.
• The consumer removes items from the buffer and signals that it's empty.
• The processes repeat indefinitely in a loop, maintaining synchronization.

5.7.2 Readers Writers Problem

Producer Process (Pseudo-code):
• Suppose that a database is to be shared among several concurrent processes. Some of these
processes may want only to read the database, whereas others may want to update (that is, to

29
 read and write) the database. We distinguish between these two types of processes by referring
to the former as readers and to the latter as writers. Obviously, if two readers access the shared
data simultaneously, no adverse effects will result.
• However, if a writer and some other process (either a reader or a writer) access the database
simultaneously, chaos may ensue. To ensure that these difficulties do not arise, we require that
the writers have exclusive access to the shared database while writing to the database.
• This synchronization problem is referred to as the readers–writers problem. Since it was
originally stated, it has been used to test nearly every new synchronization primitive. The
readers–writers problem has several variations, all involving priorities.
• The simplest one, referred to as the first readers–writers problem, requires that no reader be
kept waiting unless a writer has already obtained permission to use the shared object. In other
words, no reader should wait for other readers to finish simply because a writer is waiting.
• The second readers –writers problem requires that, once a writer is ready, that writer perform
its write as soon as possible. In other words, if a writer is waiting to access the object, no new
readers may start reading.
• A solution to either problem may result in starvation. In the first case, writers may starve; in
the second case, readers may starve. For this reason, other variants of the problem have been
proposed. Next, we present a solution to the first readers–writers problem.

Solution to the First Readers-Writers Problem: A solution to the first Readers-Writers problem
involves using the following data structures:

• semaphore rw_mutex = 1: A semaphore for mutual exclusion between readers and writers.
• semaphore mutex = 1: A semaphore to ensure mutual exclusion when updating the read_count.
• int read_count = 0: A variable to keep track of how many processes are currently reading the
object. • Note that, if a writer is in the critical section and n readers are waiting, then one reader is
queued on rw mutex, and n − 1 readers are queued on mutex.
The rw_mutex semaphore functions as mutual exclusion for both readers and writers. The mutex • Also observe that, when a writer executes signal(rw mutex), we may resume the execution of
semaphore ensures that only one process updates the read_count at a time. either the waiting readers or a single waiting writer. The selection is made by the scheduler.
• The readers–writers problem and its solutions have been generalized to provide reader–writer
• The mutex semaphore is used to ensure mutual exclusion when the variable read count is locks on some systems. Acquiring a reader–writer lock requires specifying the mode of the
updated. lock: either read or write access.
• The read count variable keeps track of how many processes are currently reading the object. • When a process wishes only to read shared data, it requests the reader–writer lock in read
The semaphore rw mutex functions as a mutual exclusion semaphore for the writers. It is also mode. A process wishing to modify the shared data must request the lock in write mode.
used by the first or last reader that enters or exits the critical section. • Multiple processes are permitted to concurrently acquire a reader–writer lock in read mode,
• It is not used by readers who enter or exit while other readers are in their critical sections. but only one process may acquire the lock for writing, as exclusive access is required for
• The code for a writer process is shown in Figure 5.11; the code for a reader process is shown writers.
in Figure 5.12.
Reader–writer locks are most useful in the following situations:

• In applications where it is easy to identify which processes only read shared data and which
processes only write shared data.
• In applications that have more readers than writers. This is because reader– writer locks
generally require more overhead to establish than semaphores or mutual-exclusion locks. The
increased concurrency of allowing multiple readers compensates for the overhead involved in
setting up the reader– writer lock.
30
5.7.3 The Dining-Philosophers Problem

Although this solution guarantees that no two neighbors are eating simultaneously, it nevertheless
must be rejected because it could create a deadlock. Suppose that all five philosophers become hungry
• Consider five philosophers who spend their lives thinking and eating. The philosophers share at the same time and each grabs her left chopstick. All the elements of chopstick will now be equal
a circular table surrounded by five chairs, each belonging to one philosopher. to 0. When each philosopher tries to grab her right chopstick, she will be delayed forever.
• In the center of the table is a bowl of rice, and the table is laid with five single chopsticks Several possible remedies to the deadlock problem are replaced by:
(Figure 5.13). When a philosopher thinks, she does not interact with her colleagues.
• From time to time, a philosopher gets hungry and tries to pick up the two chopsticks that are • Allow at most four philosophers to be sitting simultaneously at the table.
closest to her (the chopsticks that are between her and her left and right neighbors). • Allow a philosopher to pick up her chopsticks only if both chopsticks are available (to do this, she
• A philosopher may pick up only one chopstick at a time. must pick them up in a critical section).
• Obviously, she cannot pick up a chopstick that is already in the hand of a neighbor. When a
hungry philosopher has both her chopsticks at the same time, she eats without releasing the • Use an asymmetric solution—that is, an odd-numbered philosopher picks up first her left chopstick
chopsticks. and then her right chopstick, whereas an evennumbered philosopher picks up her right chopstick and
then her left chopstick.
• When she is finished eating, she puts down both chopsticks and starts thinking again.
• The dining-philosophers problem is considered a classic synchronization problem neither
because of its practical importance nor because computer scientists dislike philosophers but
5.8 Monitors
because it is an example of a large class of concurrency-control problems.
• It is a simple representation of the need to allocate several resources among several processes 1. Semaphores are a useful mechanism for process synchronization, but using them incorrectly
in a deadlock-free and starvation-free manner. can result in timing errors that are difficult to detect. These errors may occur only in specific
• One simple solution is to represent each chopstick with a semaphore. A philosopher tries to execution sequences, making them challenging to reproduce and debug.
grab a chopstick by executing a wait() operation on that semaphore. 2. Semaphores were introduced as a synchronization mechanism to address issues like the one in
the producer-consumer problem. However, even when using semaphores, timing errors can
• She releases her chopsticks by executing the signal() operation on the appropriate semaphores.
still occur.
Thus, the shared data are 3. Semaphore Solution to Critical-Section Problem: a scenario where multiple processes share
a semaphore variable called mutex, initialized to 1. Each process must execute wait(mutex)
before entering the critical section and signal(mutex) afterward. Incorrectly interchanging the
order or omitting these operations can lead to various synchronization problems:
where all the elements of chopstick are initialized to 1. The structure of philosopher i is shown in
• Interchanging signal(mutex) and wait(mutex) can result in multiple processes entering
Figure 5.14.
their critical sections simultaneously, violating mutual exclusion.
• Replacing signal(mutex) with wait(mutex) can lead to deadlock.
• Omitting wait(mutex) or signal(mutex) (or both) can either violate mutual exclusion or
lead to deadlock.

31
 4. To address these issues, the introduction of monitors as a high-level synchronization construct.
Monitors provide a structured way to define shared variables and functions that operate on
them while automatically ensuring mutual exclusion. They are designed to make
synchronization errors less likely and easier to handle.

5. Monitor Syntax:

5. wait() and signal() Operations: Condition variables support two primary operations: wait()
and signal().
• wait(): A process invoking wait() on a condition variable is suspended until another
process invokes signal() on the same condition variable.
• signal(): The signal() operation is used to notify waiting processes that a certain
condition has changed. It resumes exactly one suspended process from the queue
associated with the condition variable.
6. Signal and Continue vs. Signal and Wait: When a process signals on a condition variable
and there's a suspended process waiting, two options exist:
• Signal and Continue: The signaling process continues executing, and the resumed
process waits for another condition or completes its task.
• Signal and Wait: The signaling process waits until the resumed process leaves the
monitor. In this case, both processes can't be active simultaneously within the monitor.
5.8.1 Monitors usage
1. Abstract Data Type (ADT): An ADT is a data structure that encapsulates data along with a
set of functions (operations) to manipulate that data. These operations are independent of the
specific implementation of the ADT.
2. Monitor Type: A monitor type is a specific kind of ADT that includes programmer-defined
operations (functions) that can be called with mutual exclusion within the monitor. Monitors
also declare variables that define the state of instances of that type. Monitors ensure that only
one process at a time can be active within the monitor, simplifying synchronization.
3. Mutual Exclusion: Mutual exclusion means that only one process can access a shared
resource or execute a particular section of code at a time. Monitors provide this automatically,
so the programmer doesn't need to explicitly code synchronization constraints.
4. Condition Variables: Monitors may need to go beyond simple mutual exclusion and provide
more complex synchronization patterns. This is where condition variables come in. Condition
7. Concurrency Support in Programming Languages: The passage mentions that many
variables are used to coordinate processes within a monitor. They allow processes to wait until
programming languages have incorporated the monitor concept, including Java and C#. These
a certain condition is met and signal when that condition becomes true.
languages provide built-in support for creating and using monitors and condition variables to
facilitate concurrent programming

Chapter 7: DEADLOCKS
7.1 Introduction
32
In a multiprogramming environment, several processes may compete for a finite number of resources.
A process requests resources; if the resources are not available at that time, the process enters a
waiting state. Sometimes, a waiting process is never again able to change state, because the resources
it has requested are held by other waiting processes. This situation is called a deadlock.
7.2 Deadlock Characterization
7.2.1 Necessary Conditions
A deadlock situation can arise if the following four conditions hold simultaneously in a system:
1. Mutual Exclusion:
Resources must be non-shareable, allowing only one process at a time to use a resource. If a
process requests a resource that is currently held by another process, it must wait until the
resource is released.
2. Hold and Wait:
A process must be holding at least one resource and waiting to acquire additional resources
that are currently being held by other processes.
3. No Preemption:
Resources cannot be preempted; that is, a resource can be released only voluntarily by the
process holding it, after that process has completed its task.
4. Circular Wait:
A set {P0, P1, ..., Pn} of waiting processes must exist such that P0 is waiting for a resource
held by P1, P1 is waiting for a resource held by P2, ..., Pn−1 is waiting for a resource held by
Pn, and Pn is waiting for a resource held by P0.

7.2.2 Resource-Allocation Graph

A resource-allocation graph is a directed graph used to describe deadlocks in a system. The graph
consists of two sets of vertices: P (processes) and R (resource types) and a set of edges E.
● Processes: The set P represents all active processes in the system. Each process is denoted by
Pi (e.g., P1, P2, P3) represented by circles in the graph.
● Resource types: The set R represents the different types of resources in the system. Each
resource type is denoted by Ri (e.g., R1, R2, R3, R4). represented by rectangles in the graph.
e. Since resource type Rj may have more than one instance, we represent each such instance
as a dot within the rectangle.
● Request edges: Request edges are denoted by Pi → Rj, indicating that process Pi has requested
an instance of resource type Rj and is waiting for it. ● If the graph contains no cycles, then no process in the system is deadlocked. If the graph does
● Assignment edges: Assignment edges are denoted by Rj → Pi, indicating that an instance of contain a cycle, then a deadlock may exist.
resource type Rj has been allocated to process Pi. An assignment edge must designate one of ● If each resource type has exactly one instance, and there is a cycle in the graph, then a deadlock
the dots in the rectangle. has occurred.
● If each resource type has several instances, and there is a cycle in the graph, it does not
When process Pi requests an instance of resource type Rj, a request edge is inserted in the resource- necessarily imply a deadlock.
allocation graph. When this request can be fulfilled, the request edge is instantaneously transformed
to an assignment edge. When the process no longer needs access to the resource, it releases the A deadlock may occur when a cycle exists in the resource-allocation graph. However, the presence
of a cycle alone is not a sufficient condition for a deadlock to occur.
resource. As a result, the assignment edge is deleted.

33
Single instance resources: If each resource type has only one instance, a cycle in the graph indicates Three Methods for Handling Deadlocks:
a deadlock. Each process involved in the cycle is deadlocked.
1. Deadlock Prevention: This method ensures that the system never enters a deadlocked state by
Suppose that process P3 requests an instance of resource type R2. employing protocols that eliminate the necessary conditions for deadlocks

2. Deadlock Avoidance: In this approach, the operating system requires advance information
about the resource requests and usage of each process throughout its lifetime. Based on this
knowledge, the operating system can decide whether a process should wait for a resource
request to be granted. This decision involves considering the current resource allocation,
available resources, and future requests and releases by processes

3. Deadlock Detection and Recovery: If a system doesn't employ prevention or avoidance

algorithms, it may encounter a deadlock situation. In such cases, the system needs algorithms
to detect deadlock and methods to recover from it,

4. Combining Basic Approaches: Some researchers argue that none of the basic approaches alone
At this point, two minimal cycles exist in the system: is suitable for all resource-allocation problems in operating systems. Therefore, it's possible to
combine these approaches to select the optimal strategy for different classes of resources
within a system.

Challenges with Ignoring Deadlocks:

Processes P1, P2, and P3 are deadlocked. Process P2 is waiting for the resource R3, which is held by • In most operating systems, including Linux and Windows, the third approach, which involves
process P3. Process P3 is waiting for either process P1 or process P2 to release resource R2. In ignoring deadlocks, is commonly used.
addition, process P1 is waiting for process P2 to release resource R1 • Ignoring deadlocks is cost-effective compared to the other methods, especially when deadlocks
occur infrequently (e.g., once per year).
Multiple instance resources: If resource types have multiple instances, a cycle in the graph is a • However, the downside is that undetected deadlocks can degrade system performance over
necessary condition for a deadlock but not sufficient. A cycle may or may not lead to a deadlock, as time.
resource instances can be released and reallocated to break the cycle and resolve the deadlock. • Resources are held by processes that can't execute, and more processes become deadlocked as
they request resources.
• Eventually, the system may become unresponsive and require manual restart.
• In some cases, a system might appear frozen but not necessarily deadlocked (e.g., with a real-
time process running at the highest priority or a non-preemptive scheduler). In such situations,
manual recovery methods may be applied, which can also be used for deadlock recovery.

7.4 Deadlock Prevention

By ensuring that at least one of these conditions cannot hold, we can prevent the occurrence of a
deadlock.
7.4.1 Mutual Exclusion
However, there is no deadlock. Observe that process P4 may release its instance of resource type R2.
That resource can then be allocated to P3, breaking the cycle The mutual exclusion condition must hold. That is, at least one resource must be nonsharable.
Sharable resources, in contrast, do not require mutually exclusive access and thus cannot be involved
in a deadlock. Read-only files are a good example of a sharable resource. If several processes attempt
7.3 METHODS FOR HANDLING DEADLOCKS to open a read-only file at the same time, they can be granted simultaneous access to the file. A
process never needs to wait for a sharable resource. In general, however, we cannot prevent deadlocks

34
by denying the mutual-exclusion condition, because some resources are intrinsically nonsharable. continuously allocated to another process. This can lead to delays and inefficiencies in resource
For example, a mutex lock cannot be simultaneously shared by several processes. allocation.

7.4.2 Hold and Wait: 7.4.3 No Preemption

To ensure that the hold-and-wait condition never occurs in the system, we must guarantee that,
whenever a process requests a resource, it does not hold any other resources. The third necessary condition for deadlocks is that there be no preemption of resources that have
already been allocated. To ensure that this condition does not hold, a protocol can be used.
Protocol 1: Requesting All Resources at the Beginning
This protocol requires a process to request and acquire all necessary resources before starting The protocol operates as follows:
execution. By obtaining all resources upfront, the process avoids holding resources while making
additional requests, eliminating the hold-and-wait condition. However, it may lead to low resource 1. When a process is holding some resources and requests an additional resource that cannot be
utilization as allocated resources could remain unused for an extended period. immediately allocated, the resources currently held by the process are preempted or implicitly
released.
Example: 2. The preempted resources are added to the list of resources for which the process is waiting.
An example of a process that copies data from a DVD drive to a disk file, sorts the file, and then 3. The process can only be restarted when it can regain its old resources, along with the newly
prints the results to a printer. In this case, if all resources must be requested at the beginning of the requested ones.
process, the process will request the DVD drive, disk file, and printer initially. However, it will hold
the printer for its entire execution, even though it only needs it at the end. This protocol can lead to Alternatively:
low resource utilization since resources may remain allocated but unused for an extended period.
1. When a process requests some resources, it first checks if they are available.
2. If the resources are available, they are allocated to the requesting process.
Protocol 2: Releasing and Requesting Resources Dynamically 3. If the resources are not available, the protocol checks if they are allocated to another process
that is waiting for additional resources.
In Protocol 2, a process can only request resources when it has none. It begins by requesting a subset 4. In this case, the desired resources are preempted from the waiting process and allocated to the
of the needed resources and utilizing them. Before making additional requests, the process must requesting process.
release all currently held resources. This dynamic approach prevents holding resources while 5. If the resources are neither available nor held by a waiting process, the requesting process must
requesting new ones, effectively avoiding the hold-and-wait condition. wait. During its wait, some of its resources may be preempted only if another process requests
them.
Example:
6. The process can only be restarted when it is allocated the new resources it is requesting and
Using the example of copying data from a DVD drive to a disk file, the process initially requests only recovers any preempted resources from its waiting period.
the DVD drive and disk file, copies the data, releases the resources, and then requests the disk file
and printer for subsequent steps. This dynamic resource allocation minimizes unnecessary resource It's important to note that this protocol is typically applied to resources whose state can be easily
holding and reduces the risk of deadlocks. saved and restored, such as CPU registers and memory space. However, it cannot generally be applied
to resources like mutex locks and semaphores.
Disadvantages of these Protocols:
7.4.4 Circular Wait
1. Both protocols have the disadvantage of potentially low resource utilization. In Protocol 1,
resources may remain allocated but unused for a significant period since they are requested at The circular-wait condition is one of the four conditions for deadlocks. It occurs when a set of
the beginning, regardless of immediate need processes is waiting for resources held by each other in a circular manner, resulting in a deadlock.
This condition needs to be prevented to avoid deadlocks.
a. In Protocol 2, resource utilization can also be low. In the example given, resources like Protocol for Preventing the Circular-Wait Condition
the DVD drive and disk file can be released and requested again only if the process
ensures that the data remains on the disk file. If there is a possibility that the data may It involves imposing a total ordering of all resource types and requiring processes to request resources
be lost or modified, the process must request all resources at the beginning, which in an increasing order of enumeration. This ensures that resources are requested and released in a way
negates the benefits of dynamic allocation. that avoids circular dependencies.

2. Secondly, there is a risk of starvation. In both protocols, a process requiring multiple popular One-to-One Function F
resources may have to wait indefinitely because at least one of the required resources is
35
The protocol utilizes a one-to-one function F to assign a unique integer number to each resource type. • A deadlock-avoidance algorithm dynamically examines the resource-allocation state,
This function allows for the comparison of resources and determining their order in the ordering considering available resources, allocated resources, and maximum demands of processes, to
scheme. It helps establish the precedence of resource types to prevent circular dependencies. ensure that a circular-wait condition can never occur.
• The resource-allocation state is defined by the number of available resources and allocated
Formally, we define a one-to-one function F: R → N, where N is the set of natural numbers. For resources and the maximum demands of processes.
example, if the set of resource types R includes tape drives, disk drives, and printers, then the function • The following sections explore two deadlock-avoidance algorithms.
F might be defined as follows:
7.5.1 Safe State
• A state is safe if the system can allocate resources to each process (up to its maximum) in some
order and still avoid a deadlock.
Requesting Resources in Increasing Order • More formally, a system is in a safe state only if there exists a safe sequence.
• According to the protocol, processes can request instances of a resource type only if the • A sequence of processes is a safe sequence for the current allocation state if, for each Pi , the
resource requests that Pi can still make can be satisfied by the currently available resources
assigned number of that resource type is greater than the assigned number of any previously
plus the resources held by all Pj , with j < i.
requested resource types. This ensures that resources are requested in an increasing order
• In this situation, if the resources that Pi needs are not immediately available, then Pi can wait
according to the enumeration. until all Pj have finished.
• The protocol also requires that a process requesting an instance of a resource type must have • When they have finished, Pi can obtain all of its needed resources, complete its designated
released any resources of equal or higher precedence. This ensures that the order is maintained, task, return its allocated resources, and terminate.
and resources are released properly to avoid circular dependencies. • When Pi terminates, Pi+1 can obtain its needed resources, and so on. If no such sequence
• The protocol can be applied to synchronization objects in an application program. It involves exists, then the system state is said to be unsafe.
developing an ordering or hierarchy among the synchronization objects. All requests for • A safe state is not a deadlocked state. Conversely, a deadlocked state is an unsafe state. Not
synchronization objects must be made in increasing order according to the assigned numbers all unsafe states are deadlocks, however (Figure 7.6). An unsafe state may lead to a deadlock.
to the resource types. As long as the state is safe, the operating system can avoid unsafe (and deadlocked) states. In
• While the protocol helps prevent deadlocks, it is the responsibility of application developers an unsafe state, the operating system cannot prevent processes from requesting resources in
to ensure that programs adhere to the ordering scheme. Developers must write programs that such a way that a deadlock occurs. The behavior of the processes controls unsafe states.
follow the protocol by requesting and releasing resources in the correct order.
7.5 Deadlock Avoidance

Deadlock Prevention vs. Deadlock Avoidance

• Deadlock-prevention algorithms limit resource requests to prevent at least one necessary

condition for deadlock, but they may lead to low device utilization and reduced system
throughput.
• An alternative approach to avoid deadlocks is to require additional information about how
resources are to be requested and released.
• For example, processes could declare their complete sequence of resource requests and
releases. The system can then decide whether to grant each request based on the current
resource allocation, available resources, and future requests and releases.

Different Approaches to Deadlock Avoidance

• Algorithms that use this approach vary in the amount and type of information required.
• The simplest and most useful model requires each process to declare its maximum resource Example:
requirements for each resource type it may need.
• Illustration with a system of twelve magnetic tape drives and three processes (P0, P1, P2). P0,
P1, and P2. Process P0 requires ten tape drives, process P1 may need as many as four tape
36
 drives, and process P2 may need up to nine tape drives. Suppose that, at time t0, process P0 is
holding five tape drives, process P1 is holding two tape drives, and process P2 is holding two
tape drives. (Thus, there are three free tape drives.)

• At time t0, the system is in a safe state with the sequence <P1, P0, P2>.
• Granting P2 an additional tape drive at t1 leads to an unsafe state, and if not handled properly,
it can result in a deadlock.
• Mistakes in resource allocation decisions can lead to unsafe states and potential deadlocks. In this example, if P1 requests R2, and P2 requests R1, it would lead to a deadlock scenario, as shown
• Properly designed deadlock-avoidance algorithms aim to prevent the system from reaching in Figure 7.8.
unsafe states and, therefore, deadlock situations.

7.5.2 Resource-Allocation-Graph Algorithm

The Resource-Allocation-Graph Algorithm is a deadlock avoidance technique used in a resource-

allocation system with one instance of each resource type. In addition to the request and assignment
edges in the resource-allocation graph, a new type of edge, called a claim edge, is introduced.

A claim edge Pi → Rj represents that process Pi may request resource Rj in the future. When process
Pi actually requests resource Rj, the claim edge Pi → Rj is converted to a request edge. Similarly,
when resource Rj is released by process Pi, the assignment edge Rj → Pi is reconverted to a claim
edge Pi → Rj.

The resources need to be claimed a priori in the system, meaning that all claim edges must already
appear in the resource-allocation graph before the process starts executing. However, this condition
can be relaxed by allowing a claim edge Pi → Rj to be added to the graph only if all the edges 7.5.3 Banker’s Algorithm
associated with process Pi are claim edges.
The resource-allocation-graph algorithm is not applicable to a resourceallocation system with
To check for safety, the algorithm verifies if granting a resource request by converting the request multiple instances of each resource type. The Banker's Algorithm is a deadlock avoidance algorithm
edge Pi → Rj to an assignment edge Rj → Pi would create a cycle in the resource-allocation graph. applicable to resource-allocation systems with multiple instances of each resource type. It is less
A cycle-detection algorithm is used for this purpose, which typically requires O(n^2) operations, efficient than the resource-allocation graph algorithm but is suitable for systems with limited
where n is the number of processes in the system. resources. The name was chosen because the algorithm could be used in a banking system to ensure
that the bank never allocated its available cash in such a way that it could no longer satisfy the needs
If no cycle is detected, then granting the resource request will leave the system in a safe state. On the of all its customers
other hand, if a cycle is found, the allocation will put the system in an unsafe state, and the requesting
process must wait for its requests to be satisfied to avoid potential deadlock. When a new process enters the system, it must declare the maximum number of instances of each
resource type that it may need. This number may not exceed the total number of resources in the
Illustration: In the example resource-allocation graph shown in Figure 7.7, if process P2 requests system. When a user requests a set of resources, the system must determine whether the allocation of
resource R2, we cannot immediately allocate it to P2 because doing so would create a cycle in the these resources will leave the system in a safe state. If it will, the resources are allocated; otherwise,
graph, indicating an unsafe state. The system needs to perform a cycle-detection algorithm to the process must wait until some other process releases enough resources. Several data structures
determine whether it's safe to grant the request. must be maintained to implement the banker’s algorithm. These data structures encode the state of
the resource-allocation system. We need the following data structures, where n is the number of
processes in the system and m is the number of resource types:

37
 Let Requesti be the request vector for process Pi . If Requesti [j] == k, then process Pi wants k
1. Available: A vector of length m represents the number of available resources of each type. If instances of resource type Rj . When a request for resources is made by process Pi , the following
Available[j] equals k, it means k instances of resource type Rj are available. actions are taken:
2. Max: An n × m matrix defines the maximum demand of each process. If Max[i][j] equals k, it
means process Pi may request at most k instances of resource type Rj. 1. If Requesti ≤ Needi , go to step
3. Allocation: An n × m matrix defines the number of resources of each type currently allocated 2. Otherwise, raise an error condition, since the process has exceeded its maximum claim. 2. If
to each process. If Allocation[i][j] equals k, it means process Pi is currently allocated k Requesti ≤ Available, go to step 3. Otherwise, Pi must wait, since the resources are not available.
instances of resource type Rj.
4. Need: An n × m matrix indicates the remaining resource need of each process. If Need[i][j] 3. Have the system pretend to have allocated the requested resources to process Pi by modifying the
equals k, it means process Pi may need k more instances of resource type Rj to complete its state as follows:
task. Note that Need[i][j] equals Max[i][j] - Allocation[i][j].
Available = Available–Requesti ;
These data structures dynamically change over time in terms of size and values as processes request Allocationi = Allocationi + Requesti ;
and release resources. Needi = Needi –Requesti ;

In the Banker's Algorithm, the notation X ≤ Y is used to indicate that vector X is less than or equal If the resulting resource-allocation state is safe, the transaction is completed, and process Pi is
to vector Y, where X and Y are vectors of length n. The algorithm treats each row in the Allocation allocated its resources. However, if the new state is unsafe, then Pi must wait for Requesti , and the
and Need matrices as vectors, referred to as Allocationi and Needi, representing the resources old resource-allocation state is restored.
allocated and needed by process Pi, respectively.

The Banker's Algorithm ensures that resource requests are granted only if the resulting allocation will
7.6 Deadlock detection
not lead to an unsafe state. It uses the notions of safe states and safe sequences, similar to the concepts
discussed earlier. If a system does not employ either a deadlock-prevention or a deadlock avoidance algorithm, then a
deadlock situation may occur. In this environment, the system may provide:
By carefully managing resource allocation based on the maximum resource needs and the availability
of resources, the Banker's Algorithm aims to prevent deadlocks while efficiently utilizing the • An algorithm that examines the state of the system to determine whether a deadlock has occurred
available resources in the system. • An algorithm to recover from the deadlock

7.5.3.1 Safety Algorithm

7.6.1 Single Instance of Each Resource Type
1. Initialize two vectors, Work (of length m, representing available resources) and Finish (of
length n, representing processes). Set Work = Available (the available resources at the In a system where all resources have only a single instance, a deadlock detection algorithm can be
moment) and initialize Finish[i] = false for all processes i = 0, 1, ..., n-1. defined.
2. Search for a process (index i) that satisfies two conditions: a. Finish[i] == false (the process is
not finished). b. Need[i] <= Work (the process's resource needs can be satisfied with the Wait-For Graph:
available resources).
If no such process exists, go to step 4, indicating that the system is not in a safe state. • This algorithm uses a variant of the resource-allocation graph, called a "wait-for graph."
3. If a suitable process is found (i), simulate the allocation of resources to that process: • The wait-for graph is derived from the resource-allocation graph by removing the resource
• Add the allocated resources (Allocation[i]) to Work. nodes and collapsing specific edges.
• Mark the process as finished by setting Finish[i] = true.
• Go back to step 2 to continue searching for the next safe process. Implication of Edges in Wait-For Graph:
4. If Finish[i] == true for all processes i, then the system is in a safe state, indicating that the
current resource allocation won't lead to a deadlock. • In the wait-for graph, an edge from process Pi to process Pj implies that process Pi is waiting
This algorithm may require an order of m × n2 operations to determine whether a state is safe. for process Pj to release a resource that Pi needs.
• Specifically, an edge Pi → Pj exists in a wait-for graph if and only if the corresponding
resource-allocation graph contains two edges: Pi → Rq (indicating that Pi has allocated
7.5.3.2 Resource-Request Algorithm resource Rq) and Rq → Pj (indicating that resource Rq is requested by Pj).

38
 • Similar to other deadlock detection methods, a deadlock exists in the system if and only if the 1. Frequency of Deadlocks: If deadlocks are occurring frequently in the system, it's advisable
wait-for graph contains a cycle. to invoke the detection algorithm more often. This is because resources allocated to deadlocked
• To detect deadlocks, the system must maintain the wait-for graph. processes remain unused until the deadlock is resolved. Additionally, the number of processes
• Periodically, the system invokes an algorithm to search for cycles in the wait-for graph. involved in the deadlock cycle can increase over time.
• The algorithm used to detect a cycle in a graph has a time complexity of approximately O(n^2), 2. Impact of Deadlocks: Consider the number of processes that will be affected by a deadlock
where n is the number of vertices (nodes) in the graph. when it occurs. A higher number of processes involved in a deadlock can have a more
• This means that the time required to detect deadlocks using this algorithm is proportional to significant impact on the system's performance.
the square of the number of processes and resources in the system.
In cases where deadlocks are frequent, you can choose to invoke the deadlock detection algorithm
every time a resource allocation request cannot be granted immediately. This approach helps identify
7.6.2 Several Instances of a Resource Type both the set of deadlocked processes and the specific process that triggered the deadlock. However,
The wait-for graph scheme is not applicable to a resource-allocation system with multiple instances it's essential to note that this frequent invocation can lead to considerable computational overhead.
of each resource type. We turn now to a deadlock detection algorithm that is applicable to such a
system. The algorithm employs several time-varying data structures that are similar to those used in Alternatively, to reduce overhead, you can schedule the algorithm to run at defined intervals, such as
the banker's algorithm: once per hour or when CPU utilization drops below a certain threshold (e.g., 40 percent). These
trigger points are selected because a deadlock eventually harms system throughput and causes a
Data Structures: decrease in CPU utilization. However, if the detection algorithm is invoked arbitrarily, the resource
graph may contain multiple deadlock cycles, making it challenging to identify which process caused
1. Available: A vector of length 'm' indicates the number of available resources of each type. the deadlock.
2. Allocation: An 'n × m' matrix defines the number of resources of each type currently allocated
to each process.
3. Request: An 'n × m' matrix indicates the current request of each process. If Request[i][j] equals 7.7.1 Recovery from Deadlock
'k', then process Pi is requesting 'k' more instances of resource type Rj.
Deadlocks occur when two or more processes are unable to proceed because they are each waiting
for a resource that the other holds. There are two main approaches to handling deadlocks: process
Deadlock Detection Algorithm: termination and resource preemption.
1. Let Work and Finish be vectors of length 'm' and 'n', respectively. Initialize Work = Process Termination:
Available. For 'i = 0, 1, ..., n–1', if Allocationi ≠ 0, then Finish[i] = false. Otherwise, Finish[i]
= true. 1. Abort all deadlocked processes: This method is straightforward but costly. It involves
2. Find an index 'i' such that both: a. Finish[i] == false b. Requesti ≤ Work terminating all processes involved in the deadlock. However, it can lead to significant data loss
If no such 'i' exists, go to step 4. and additional work to redo computations.
3. Work = Work + Allocationi Finish[i] = true 2. Abort one process at a time: In this approach, processes are terminated one by one until the
Go to step 2. deadlock is broken. After each termination, a deadlock-detection algorithm is invoked to check
4. If Finish[i] == false for some 'i', '0 ≤ i < n', then the system is in a deadlocked state. Moreover, if more processes are still deadlocked. This method incurs overhead but is less disruptive than
if Finish[i] == false, then process Pi is deadlocked. aborting all processes.
This algorithm requires an order of 'm × n^2' operations to detect whether the system is in a The choice of which process to terminate in the partial termination method depends on various factors
deadlocked state. we reclaim the resources of process Pi (in step 3) as soon as we determine that like
Requesti ≤ Work (in step 2b). We know that Pi is currently not involved in a deadlock (since
Requesti ≤ Work). Thus, we take an optimistic attitude and assume that Pi will require no more 1. What the priority of the process is
resources to complete its task; it will thus soon return all currently allocated resources to the system. 2. How long the process has computed and how much longer the process
If our assumption is incorrect, a deadlock may occur later. That deadlock will be detected the next 3. will compute before completing its designated task
time the deadlock-detection algorithm is invoked. 4. How many and what types of resources the process has used (for example,
5. whether the resources are simple to preempt)
7.6.3 Detection-Algorithm Usage 6. How many more resources the process needs in order to complete
7. How many processes will need to be terminated
The decision of when to invoke the deadlock detection algorithm depends on two main factors: 8. Whether the process is interactive or batch

39
Resource Preemption: range. By comparing every address generated in user mode with these registers, the CPU
prevents unauthorized access to operating-system memory or other users' memory.
Resource preemption involves temporarily taking resources away from processes to resolve the
deadlock. This approach has its own set of challenges:

1. Selecting a victim: Deciding which process and resources to preempt is crucial. Factors such
as the number of resources held, the time spent by the process, and other cost-related
considerations should be taken into account.
2. Rollback: Once resources are preempted from a process, it cannot continue execution in its
current state. The process needs to be rolled back to a safe state and restarted. Total rollback
(aborting and restarting the process) is simpler but less efficient. Partial rollback, where the
process is rolled back only as far as necessary to break the deadlock, is more complex but
saves resources.
3. Starvation: To prevent a process from being repeatedly chosen as a victim (leading to
starvation), it's essential to limit the number of times a process can be preempted. This can be 7. The base and limit registers can only be loaded by the operating system using a special
achieved by considering the number of rollbacks in the cost factor. privileged instruction. Since privileged instructions can only be executed in kernel mode, only
the operating system, which operates in kernel mode, can perform this operation.
UNIT – III 8. The operating system, executing in kernel mode, has unrestricted access to both operating-
Memory Management: Hardware - Address Binding – Address Space - Dynamic Loading and system memory and users' memory. This access allows the operating system to perform critical
Linking – Swapping – Contiguous Allocation - Segmentation - Paging – Structure of the Page Table tasks, such as loading user programs, managing system calls, and executing context switches
in multiprocessing systems.
CHAPTER 8: MAIN MEMORY
8.1.1 Basic Hardware
1. The CPU can directly access main memory and registers within the processor. While machine
instructions can take memory addresses as arguments, they don't operate on disk addresses.
Therefore, instructions and data used by the CPU must reside in main memory or registers. If
data is not in memory, it must be moved there before the CPU can process it.
2. Registers within the CPU are highly accessible and can be operated on within a single cycle
of the CPU clock. Main memory, on the other hand, is accessed through the memory bus and
can take many cycles to complete a memory access. This speed difference can lead to stalls in
the processor if the required data is not readily available.
3. To mitigate the speed difference between the CPU and main memory, a fast memory cache is
added between the CPU and main memory. This cache, typically located on the CPU chip,
speeds up memory access without requiring intervention from the operating system.
4. Ensuring the correct operation of the system is crucial. This involves protecting the operating
system from access by user processes. On multiuser systems, it's also necessary to protect user
processes from each other. Hardware mechanisms are employed for this purpose, as the
operating system typically does not directly intervene in memory accesses due to the associated
performance penalty. 8.1.2 Address Binding
5. Each process needs its own separate memory space. This separation is essential for protecting Programs are typically stored on a disk as binary executable files. Before execution, a program must
processes from one another and allowing multiple processes to be loaded in memory for
be loaded into memory and placed within a process. Depending on the memory management scheme,
concurrent execution. Achieving this requires the ability to define legal address ranges for each
a process may be moved between disk and memory during its execution. Processes that are waiting
process and ensuring they can only access those addresses.
6. This protection is implemented using two registers: a base register that holds the smallest to be brought into memory for execution form the input queue. Processes that are waiting to be
legal physical memory address, and a limit register that specifies the size of the accessible brought into memory for execution form the input queue. When a process is in memory, it accesses
instructions and data from there. Eventually, the process terminates, and its memory space is marked
40
as available. Most systems allow a user process to reside in any part of the physical memory. This • Execution-time address-binding generates differing logical and physical addresses, with
means that the starting address of a user process in memory need not be 00000. Addresses go through the logical address referred to as a virtual address.
various representations before execution. Source program addresses are typically symbolic. A • The set of all logical addresses generated by a program is called a logical address space.
compiler translates these into relocatable addresses, and a linkage editor or loader further translates • The set of all physical addresses corresponding to these logical addresses is a physical
them into absolute addresses. address space.
• In execution-time binding, the logical and physical address spaces differ.
Classically, the binding of instructions and data to memory addresses can be done at any step along • The MMU is a hardware device responsible for mapping logical addresses to physical
the way: addresses during run time.
• Compile Time: If the process's memory location is known at compile time, absolute code can • The base register used in compile-time and load-time binding is called a relocation register
be generated. However, if the location changes later, recompilation is necessary. in execution-time binding.
• Load Time: If the process's memory location is not known at compile time, relocatable code • The value in the relocation register is added to every address generated by a user process
is generated. The final binding is done at load time, and if the starting address changes, only when sending it to memory. This effectively relocates the address.
the user code needs to be reloaded. o For example, if the base is at 14000, an attempt to access location 0 is dynamically
• Execution Time: If a process can be moved during its execution from one memory segment to relocated to location 14000.
another, binding must be delayed until run time. This requires special hardware.

8.1.4 Dynamic Loading:

• In conventional loading, the entire program and its data must be in physical memory for
execution.
• Dynamic loading allows routines to be loaded only when they are called. All routines are stored
on disk in a relocatable format.
• The main program is loaded into memory and executed. When a routine needs to call another
routine, the calling routine checks if the needed routine is loaded. If not, the relocatable linking
loader loads the routine into memory and updates the program's address tables.

Advantages of Dynamic Loading:

8.1.3 Logical Versus Physical Address Space
• Provides better memory-space utilization as routines are loaded only when needed.
• A logical address is one generated by the CPU, while a physical address or memory address • Especially useful for handling infrequently occurring cases, such as error routines, where only
register is what is actually seen and used by the memory unit. a portion of the program may be used and loaded.
• Compile-time and load-time address-binding methods result in identical logical and
physical addresses. 8.1.5 Dynamic Linking and Shared Libraries:

41
 • Dynamically linked libraries are system libraries linked to user programs at runtime. • The system maintains a ready queue of processes ready to run, whether in memory or on the
• Dynamic linking postpones linking until execution time, similar to dynamic loading. It is backing store.
commonly used with system libraries like language subroutine libraries. • When the CPU scheduler chooses a process to execute, the dispatcher checks if it is in memory.
• Without dynamic linking, each program must include a copy of its language library in the If not, it may swap out a process in memory to make space for the desired process
executable image, which wastes disk space and main memory. • Context-switch time in swapping is relatively high, mainly due to transfer time.
• With dynamic linking, a stub is included for each library routine reference. The stub locates • The total transfer time is directly proportional to the amount of memory being swapped.
or loads the routine and replaces itself with the routine's address for subsequent executions. • The actual transfer time can be significant, depending on the size of the process and the disk's
• Dynamic linking allows multiple processes to use a single copy of the library code, reducing transfer rate.
redundancy. • For effective memory management, processes with dynamic memory requirements need to
• Library updates (e.g., bug fixes) can be seamlessly integrated. Programs referencing the library inform the operating system of their changing needs using system calls (request memory() and
automatically use the new version. release memory()).
• Version information is included in both the program and the library. Programs are affected
only if compiled with the new library version. Constraints of Swapping:
• This system is also known as shared libraries.
• Swapping a process requires it to be completely idle, particularly regarding pending I/O
Operating System Support: operations.
• Solutions include never swapping a process with pending I/O or executing I/O operations only
• Dynamic linking and shared libraries generally require assistance from the operating system, into operating-system buffers.
especially if processes in memory are protected from one another.
• The operating system ensures that needed routines are available and manages access to shared Modern Use of Swapping:
memory addresses.
• Standard swapping is not used in modern operating systems due to its high swapping time and
8.2 Swapping limited execution time.
• Modified versions of swapping are found in some systems, often in conjunction with virtual
memory.
Swapping:
8.2.2 Swapping on Mobile Systems:
• Swapping involves temporarily moving a process out of memory to a backing store (often a
fast disk) and then bringing it back into memory for continued execution. • Mobile systems (e.g., iOS and Android) typically do not support swapping due to constraints
• It allows the total physical address space of all processes to exceed the real physical memory like limited storage space, flash memory's write limitations, and throughput issues between
of the system, increasing the degree of multiprogramming. main memory and flash memory.
• Instead, they rely on strategies like voluntarily relinquishing allocated memory or terminating
processes with insufficient free memory.
• Developers for mobile systems must carefully manage memory allocation and release to avoid
using too much memory or encountering memory leaks.

8.3 Contiguous Memory Allocation

• The memory is usually divided into two partitions: one for the resident operating system and
one for the user processes.
• We can place the operating system in either low memory or high memory.
• The major factor affecting this decision is the location of the interrupt vector. Since the
interrupt vector is often in low memory, programmers usually place the operating system in
low memory as well.
Standard Swapping: • In contiguous memory allocation, each process is contained in a single section of memory that
is contiguous to the section containing the next process.
• Processes are moved between main memory and a backing store (e.g., a disk).
8.3.1 Memory Protection
42
 When a process terminates, it releases its memory, which can be allocated to another process
1. Memory protection is crucial for preventing a process from accessing memory it does not own. from the input queue.
2. This register holds the value of the smallest physical address. 4. The system maintains a list of available block sizes and an input queue. The OS orders the
3. This register defines the range of logical addresses. For example, if the relocation register is input queue using a scheduling algorithm and allocates memory to processes until the memory
set to 100040 and the limit register is set to 74600, then each logical address generated by a requirements of the next process cannot be met due to insufficiently large holes. The OS can
process must fall within this range. wait for a larger hole to become available or check if smaller holes can satisfy the needs of
4. The MMU is responsible for dynamically mapping the logical address by adding the value in other processes.
the relocation register. This mapped address is then sent to memory. 5. Memory blocks consist of holes of various sizes scattered throughout memory. When a process
5. When the CPU scheduler selects a process for execution, the dispatcher performs a context arrives and needs memory, the system searches for a hole large enough. If a hole is too large,
switch. As part of this switch, it loads the relocation and limit registers with the correct values it is split into two parts, one for the arriving process and the other returned to the set of holes.
for the selected process. When a process terminates, its memory block is placed back in the set of holes. Adjacent holes
6. Since every address generated by the CPU is checked against these registers, this scheme can be merged to form larger holes.
ensures that the running process cannot modify memory belonging to the operating system or 6. The procedure for allocating memory is a specific instance of the general dynamic storage
other users' programs and data. allocation problem, which deals with satisfying requests of different sizes from a list of free
7. The relocation-register scheme allows the size of the operating system to change dynamically. holes.
This is desirable in situations where the operating system may need to load and unload code
and data for device drivers or other services as needed. This code is sometimes referred to as Common strategies for selecting a free hole from available holes include:
transient operating-system code.
• First fit. Allocate the first hole that is big enough. Searching can start either at the beginning
of the set of holes or at the location where the previous first-fit search ended. We can stop
searching as soon as we find a free hole that is large enough.
• Best fit. Allocate the smallest hole that is big enough. We must search the entire list, unless
the list is ordered by size. This strategy produces the smallest leftover hole.
• Worst fit. Allocate the largest hole. Again, we must search the entire list, unless it is sorted by
size. This strategy produces the largest leftover hole, which may be more useful than the
smaller leftover hole from a best-fit approach

Comparison of Strategies: Simulations have shown that both first fit and best fit are generally better
than worst fit in terms of time and storage utilization. First fit is often faster, but neither first fit nor
best fit is definitively better in terms of storage utilization.

8.3.3 Fragmentation

8.3.2 Memory Allocation • Both the first-fit and best-fit strategies for memory allocation suffer from external
fragmentation. As processes are loaded and removed from memory, the free memory space is
1. One simple method of memory allocation is dividing memory into fixed-sized partitions. broken into little pieces.
Each partition can contain exactly one process, limiting the degree of multiprogramming to • External fragmentation exists when there is enough total memory space to satisfy a request
the number of partitions. In this multiple-partition method, when a partition is free, a process but the available spaces are not contiguous: storage is fragmented into a large number of small
from the input queue is loaded into it, and when the process terminates, the partition becomes holes. This fragmentation problem can be severe.
available for another process. • In the worst case, we could have a block of free (or wasted) memory between every two
2. A generalization of the fixed-partition scheme is the variable-partition scheme (MVT). In processes. If all these small pieces of memory were in one big free block instead, we might be
this scheme, the operating system keeps track of available and occupied memory blocks. able to run several more processes.
Initially, all memory is considered a single large available block (hole), but over time, memory • Whether we are using the first-fit or best-fit strategy can affect the amount of fragmentation.
becomes fragmented into various-sized holes. (First fit is better for some systems, whereas best fit is better for others.)
3. When processes enter the system, they are placed in an input queue. The OS considers both • Another factor is which end of a free block is allocated. (Which is the leftover piece—the one
the memory requirements of each process and the available memory space to allocate memory. on the top or the one on the bottom?) No matter which algorithm is used, however, external
When a process is allocated memory, it is loaded into memory and can compete for CPU time. fragmentation will be a problem.
43
 • Depending on the total amount of memory storage and the average process size, external A logical address in segmentation is represented as a two-tuple: <segment-number, offset>. The
fragmentation may be a minor or a major problem. segment number identifies the segment, and the offset specifies the location within that segment.
• Statistical analysis shows that even with optimization, around half of the allocated blocks may
be lost to fragmentation, resulting in one-third of memory becoming unusable. This is known During compilation, a C compiler might create separate segments for various parts of the program,
as the 50-percent rule. such as
• Memory fragmentation can be internal as well as external. Internal fragmentation occurs • Code
when allocated memory is slightly larger than the requested memory, leading to unused • global variables
memory within a partition. • heap (for dynamic memory allocation)
• thread
Compaction • stacks, and the
• standard C library.
• One solution to the problem of external fragmentation is compaction. The goal is to shuffle
the memory contents so as to place all free memory together in one large block. Compaction Additionally, libraries linked during compile time may be assigned their own segments. The loader
is not always possible, however. If relocation is static and is done at assembly or load time, would take all these segments and assign them segment numbers.
compaction cannot be done. It is possible only if relocation is dynamic and is done at execution
time. 8.4.2 Segmentation Hardware
• If addresses are relocated dynamically, relocation requires only moving the program and data
and then changing the base register to reflect the new base address. In a segmented memory model, the logical address is divided into two parts: the segment number (s)
• When compaction is possible, we must determine its cost. The simplest compaction algorithm and the offset within that segment (d). The segment number is used as an index to the segment table,
is to move all processes toward one end of memory; all holes move in the other direction, which contains entries for each segment. Each entry includes a segment base (the starting physical
producing one large hole of available memory. address of the segment) and a segment limit (the length of the segment).
• This scheme can be expensive.

Another possible solution to the external-fragmentation problem is to permit the logical address space
of the processes to be noncontiguous, thus allowing a process to be allocated physical memory
wherever such memory is available. Two complementary techniques achieve this solution:
segmentation and paging. These techniques can also be combined.

8.4 Segmentation

Segmentation is a memory-management scheme that aligns with a programmer's view of memory. In

this scheme, a logical address space is viewed as a collection of segments, each having a name and a
length.

To translate a logical address into a physical address, the segment number is used to look up the
corresponding entry in the segment table. If the offset (d) is within the segment limit, it is added to
the segment base to produce the physical address of the desired byte.

If the offset is not within the segment limit (i.e., it exceeds the length of the segment), it indicates an
addressing error, and the system traps to the operating system.

44
In the provided example, there are five segments numbered from 0 through 4, each with its own base Every address generated by the CPU is divided into two parts: a page number (p) and a pageoffset
address and limit. For instance, segment 2 starts at physical address 4300 and has a length of 400 (d). The page number is used as an index into a page table.
bytes. Therefore, a reference to byte 53 in segment 2 is mapped to address 4353.
Page Table: The page table contains the base address of each page in physical memory. When a
process is executed, its pages are loaded into available memory frames. The page number in the
logical address serves as an index into the page table.

Similarly, segment 3 starts at address 3200, and a reference to byte 852 is mapped to address 4052.

However, if there's an attempt to access a byte beyond the limit of a segment (e.g., byte 1222 in
segment 0, which only has a length of 1000 bytes), it would result in a trap to the operating system,
indicating an addressing error.
Page Size: The size of a page is a power of 2, typically ranging from 512 bytes to 1 GB, depending
This memory management scheme allows for more flexible memory allocation and efficient use of on the computer architecture. The choice of a power of 2 simplifies the translation of logical
physical memory, as segments can vary in size and are allocated dynamically. addresses.

8.5 Paging

Segmentation vs. Paging:

Segmentation and paging are both memory management schemes that allow the physical Internal Fragmentation: Paging can lead to internal fragmentation because frames are allocated as
address space of a process to be non-contiguous. However, paging has the advantage of units. If a process's memory requirements do not align with page boundaries, the last frame may not
avoiding external fragmentation and the need for compaction. be fully utilized.
Segmentation: In segmentation, a segment table is used to map two-dimensional user-defined Dynamic Relocation: Paging dynamically relocates every logical address to a specific physical
addresses into one-dimensional physical addresses. Each entry in the segment table contains a address, similar to using base registers.
segment base (starting physical address) and a segment limit (length of the segment).
Memory Requirements: When a process arrives for execution, its size in pages is determined. Each
Paging: Paging involves dividing both physical and logical memory into fixed-sized blocks called page requires a frame, so at least as many frames as pages must be available.
frames and pages, respectively. The translation of a logical address to a physical address is done using
a page table.

45
Programmer's View vs. Physical Memory: Paging creates a clear separation between the
programmer's view of memory (a contiguous space) and the actual physical memory, which may be
scattered.

Operating System Management: The operating system keeps track of the allocation status of
physical memory using a frame table. It also maintains a copy of the page table for each process to
facilitate address translation.

Context Switching: Paging increases context-switching time due to the need to manage and update
page tables.

8.5.2 Hardware Support

Hardware Support for Page Tables:

• Dedicated Registers: In some systems, the page table is implemented using a set of dedicated
registers. These registers are designed for high-speed access to efficiently handle paging-
address translation.
1. TLB Hit Ratio: The percentage of times the desired page number is found in the TLB is called
• Page-Table Base Register (PTBR): In systems with large page tables (potentially millions of the hit ratio. A higher hit ratio results in more efficient memory access.
entries), the page table is kept in main memory, and a PTBR points to it. Changing page tables 2. Multiple Levels of TLBs: Modern CPUs may have multiple levels of TLBs, further impacting
only requires modifying this one register, reducing context-switch time. memory access times.

• Translation Look-Aside Buffer (TLB): The TLB is a hardware cache that stores a subset of 3. Protection Mechanisms:
page-table entries. It provides fast lookups for frequently accessed pages. TLB entries contain
page numbers and corresponding frame numbers. • Protection Bits: Each frame has associated protection bits stored in the page table. These bits
define the access permissions for the page (e.g., read-only or read-write). Attempts to violate
• TLB Operation: When a logical address is generated, its page number is checked against the these permissions result in a hardware trap.
TLB. If found, the associated frame number is immediately available for memory access. TLB
lookups are typically part of the instruction pipeline, incurring minimal performance overhead. • Valid-Invalid Bit: Each page table entry also contains a valid-invalid bit. It indicates whether
the page is part of the process's logical address space (valid) or not (invalid). Access attempts
• TLB Miss: If the page number is not in the TLB (a TLB miss), a memory reference to the page to invalid pages lead to a trap.
table is made. This may be done automatically in hardware or through an interrupt to the
operating system. • Page-Table Length Register (PTLR): Some systems use a PTLR to specify the size of the
page table. This helps prevent unnecessary entries in the page table.

46
 Paging

• Memory management in computer systems is crucial for efficient resource utilization.

• One memory-management scheme is "paging," which offers advantages like non-contiguous
address space and avoidance of external fragmentation.

Segmentation vs. Paging

• Segmentation allows non-contiguous physical address space but doesn't address external
fragmentation or compaction.
• Paging, on the other hand, solves external fragmentation and compaction issues, making it
widely used in various operating systems.

Basic Method of Paging

• Paging involves dividing physical memory into fixed-sized blocks (frames) and logical
Shared Pages:
memory into the same-sized blocks (pages).
• When a process is executed, its pages are loaded into available memory frames from their
1. Reentrant Code for Sharing: Reentrant (non-self-modifying) code can be shared among
source (file system or backing store).
multiple processes. This is particularly useful in time-sharing environments to save memory
• Paging separates logical and physical address spaces, allowing a process to have a logical 64-
space.
bit address space even with less physical memory.
2. Shared Code Implementation: Processes share the same code, but each has its own data
space. This allows for significant memory savings, as only one copy of the code needs to be
Hardware Support for Paging
kept in physical memory.
• CPUs generate addresses divided into page number (p) and page offset (d).
• The page number serves as an index into a page table containing base addresses for each page
in physical memory.
• The base address and page offset define the physical memory address sent to the memory unit.
• A Translation Look-Aside Buffer (TLB) is used to speed up address translation, reducing
memory access time.
• TLBs contain key-value pairs for page numbers and frame numbers, and TLB misses trigger
memory accesses to find page table entries.
• Memory protection is achieved through protection bits in the page table, specifying read-only,
read-write, or execute-only access.
• A valid-invalid bit in page table entries indicates whether a page is in the process's logical
address space.
• Protection mechanisms prevent unauthorized access and provide finer-grained control over
memory access permissions.

Shared Pages

• Paging enables sharing of common code among processes, such as code for text editors,
compilers, libraries, etc.
• Reentrant (non-self-modifying) code can be shared among processes, reducing memory usage.
• Each process has its own data pages but shares a single copy of the code.
Alternative notes(10 m) • Sharing code and data pages saves memory and allows multiple processes to use the same
program simultaneously.
47
 • Hashed page tables are an effective method for handling large address spaces, especially those
exceeding 32 bits.
8.6 Structure of Page Table • This approach utilizes a hash function to map virtual page numbers to entries in a hash table.
• Each entry in the hash table contains a linked list of elements, allowing for collision resolution.
Page tables are essential data structures used in memory management. They facilitate the translation • Elements consist of:
of logical addresses to physical addresses. The various techniques for structuring page tables: • Virtual page number
• Hierarchical Paging • Mapped page frame value
• Hashed Page Tables • Pointer to the next element in the linked list.
• Inverted Page Tables
Hashing Process
8.6.1 Hierarchical Paging
• Step 1: The virtual page number in the virtual address is passed through the hash function to
• Modern computer systems support large logical address spaces, ranging from 2^32 to 2^64. determine the corresponding location in the hash table.
• With such large address spaces, the page table can become excessively large, leading to • Step 2: Compare the virtual page number with the field 1 of the first element in the linked list
potential memory inefficiencies. at that location.
• Hierarchical paging is a technique used to address this issue. • If there's a match, use the corresponding page frame (field 2) to generate the desired
physical address.
Two-Level Paging • If there's no match, continue searching subsequent entries in the linked list for a
matching virtual page number.
• Concept: Divide the page table into smaller pieces using a two-level paging algorithm. • This process allows for efficient retrieval of physical addresses.

• The logical address is processed by the hash function to determine the physical address.
• The hash function plays a crucial role in mapping virtual page numbers to entries in the hash
table.

Dividing the Outer Page Table Clustered Page Tables for 64-bit Address Spaces

• A variation of hashed page tables, known as clustered page tables, is beneficial for 64-bit
• To handle large page tables, the outer page table can be divided in various ways.
• Example: Paging the outer page table to create a three-level paging scheme. address spaces.
• In clustered page tables, each entry in the hash table refers to multiple pages (e.g., 16) instead
• Each approach has implications for memory usage and efficiency.
of a single page.
• This allows a single page-table entry to store mappings for multiple physical-page frames.
8.6.2 Hashed Page Tables

48
 • Clustered page tables are particularly effective for sparse address spaces with noncontiguous Performance Considerations
memory references.
• Decreases memory needed for page tables but increases search time for page references.
8.6.2 Inverted Page Tables • Inverted page table is sorted by physical address, while lookups occur based on virtual
addresses.
• Page tables are crucial for translating logical addresses to physical addresses. • To expedite searches, a hash table is often used in conjunction with the inverted page table.
• Traditional page tables have an entry for each page used by a process, which can lead to • Each access to the hash table introduces a memory reference, adding to the process time.
memory inefficiencies.
• Inverted page tables offer a solution by having one entry for each real page of memory. Challenges with Shared Memory

Traditional Page Tables • Traditional methods of implementing shared memory are not directly compatible with inverted
page tables.
• Each process has an associated page table. • Standard approach involves multiple virtual addresses mapped to one physical address, which
• Entry for each page used by the process, regardless of the virtual address's validity. is problematic with inverted page tables.
• The table is sorted by virtual address, allowing the OS to find the associated physical address • Solution: Allow only one mapping of a virtual address to the shared physical address.
directly. Unmapped addresses result in page faults.
• Drawback: Large page tables may consume substantial physical memory.

Inverted Page Tables: Concept UNIT 4

• One entry for each real page (or frame) of memory. Virtual Memory Management: Demand Paging - Page Replacement Algorithms - Thrashing.
• Each entry contains: File System: File Concept -Access Methods - Directory and Disk Structure - Protection - File
• Virtual address of the page stored in that real memory location. System Structures - Allocation Methods - Free Space Management.
• Information about the process that owns the page.
• This reduces the total number of entries in the page table.
CHAPTER 9: VIRTUAL MEMORY
Inverted Page Table Operation
Limitations of having the entire logical address space of a program in physical memory
• Illustration: Figure 8.20 (Inverted page table operation).
• Comparison with a standard page table operation (Figure 8.10). Requirement for Instructions in Physical Memory: The fundamental requirement for executing
• Address-space identifier is often stored in each entry to differentiate between different address instructions is that they must reside in physical memory (RAM). This means that the entire program’s
spaces mapping physical memory. logical address space needs to be loaded into physical memory for it to run.
Dynamic loading is a technique that can help mitigate the requirement of loading the entire logical
address space into memory. With dynamic loading, parts of a program can be loaded into memory as
needed during execution. However, this approach often necessitates additional precautions and effort
from programmers.

Limitation of Program Size: The requirement that a program’s entire logical address space must fit
in physical memory limits the size of programs to the available physical memory size. This limitation
can be problematic for larger and more complex applications.

Unused Code and Memory: Real programs often contain code for handling rare or unusual error
conditions, allocate more memory than needed for data structures, and include options or features
that are rarely used. This results in inefficient use of memory resources.

Benefits of Partially In-Memory

49
Large Virtual Address Space: Programs could be designed for a much larger virtual address space, • The virtual address space of a process is the logical view of how that process is stored in
simplifying programming. memory. Typically, it is perceived as starting at a certain logical address, like address 0, and
Increased Concurrent Execution: Since each program would require less physical memory, more existing as a contiguous block of memory. However, the physical memory may not be
programs could run simultaneously, leading to better CPU utilization and throughput without organized in this way, as it might be organized into page frames. The Memory Management
increasing response time or turnaround time. Unit (MMU) is responsible for mapping logical pages to physical page frames.
Faster Program Startup: Loading or swapping user programs into memory would require less I/O,
resulting in faster program startup times.
Beneficial for Both System and User: Executing programs that are partially in memory would
benefit both the computer system and the users of those systems. It would lead to more efficient
resource utilization, improved program execution speed, and greater flexibility for developers.

Advantages of Virtual Memory:

Larger Program Size: Virtual memory allows programs to be larger than the physical memory
available, which is beneficial for running larger and more complex applications.
Abstraction of Memory: It abstracts the physical memory, freeing programmers from having to
manage memory limitations explicitly.
Sharing Files: Virtual memory facilitates easy sharing of files among processes.
Shared Memory: It can be used to implement shared memory for communication between processes.
Efficient Process Creation: Virtual memory provides an efficient mechanism for creating new
processes.
Complexity and Cost: While virtual memory offers significant advantages, it is not easy to
implement. Careless use of virtual memory can lead to a substantial decrease in system performance. • The heap (used for dynamic memory allocation) can grow upward in memory as needed, while
This complexity and potential performance impact are often associated with demand paging. the stack (used for function call management) can grow downward in memory through
successive function calls. The blank space, or “hole,” between the heap and stack is part of the
9.1 Virtual memory virtual address space but will only require physical pages if the heap or stack actually grows.
• Virtual address spaces that include holes (unused regions) are referred to as sparse address
• Virtual memory involves the separation of logical memory, which is how a process perceives spaces. Using sparse address spaces is advantageous because it allows for efficient memory
memory, from physical memory, which is the actual physical RAM available in the system. allocation and dynamic linking of libraries or shared objects during program execution.
This separation allows for the provision of a large virtual memory space to programmers, even Physical memory is allocated to these holes only when needed, optimizing memory usage.
when the physical memory is limited.
• Virtual memory simplifies the task of programming by removing the need for the programmer Sharing System Libraries:
to worry about the amount of physical memory available. Instead, the programmer can focus
on solving the programming problem without being constrained by physical memory
limitations.

• Virtual memory allows system libraries (shared objects or dynamic link libraries) to be shared
by multiple processes through mapping. Each process can map the shared library into its virtual
address space.
50
 • Typically, these shared libraries are mapped in a read-only mode for each process that links Disadvantages/Considerations:
with them. • Demand paging may introduce performance overhead due to disk I/O for page swapping.
• The actual physical pages where these shared libraries reside in memory are shared by all the • Efficient algorithms for page replacement are vital to minimize this overhead.
processes. This means that the same physical memory pages can be used by multiple processes,
reducing memory consumption and improving efficiency.
• Shared Memory Regions: Virtual memory enables processes to share memory regions. One
process can create a region of memory that it shares with another process. Each process sharing
this region considers it part of its virtual address space, even though the physical pages of
memory are shared.
• Shared memory is a powerful mechanism for interprocess communication, allowing processes
to exchange data efficiently
• Virtual memory facilitates the sharing of pages during process creation with the fork() system
call.

9.2 Demand Paging

• Loading entire programs into physical memory at execution time is an option, but it's not
always efficient. Loading the entire program consumes memory and resources unnecessarily.
A solution: Demand Paging, commonly used in virtual memory systems.
• Demand paging is a memory management scheme used in virtual memory systems to
efficiently use physical memory. Hardware Support for Demand Paging:
• Demand paging loads pages into memory only when they are needed during program
execution. Pages that are never accessed remain on secondary storage (usually a disk) and are • To implement demand paging, we require hardware support to distinguish between pages in
not loaded into physical memory. It allows a computer to execute programs larger than the memory and pages on the disk.
available physical memory by swapping data in and out of the disk as needed. • The valid–invalid bit scheme, is used for this purpose.
• When the bit is set to "valid," the page is both legal and in memory.
• If set to "invalid," the page is either not valid in the logical address space or is valid but
Demand Paging vs. Loading Everything: currently on the disk.
• Loading everything upfront wastes memory and resources.
• In demand paging, only essential pages are initially loaded, optimizing memory usage.
• It's a more efficient approach for programs with variable resource needs.
• In demand paging, we use a component known as a pager, which handles individual pages of
a process.
• A pager ensures that only necessary pages are brought into physical memory.

Lazy Swapper vs. Traditional Swapper:

• A swapper traditionally deals with entire processes, swapping them in and out of memory.
• In a demand-paging system, we use a lazy swapper.
• A lazy swapper only swaps a page into memory if that page will be needed.
• This minimizes unnecessary data transfers between secondary storage and memory.

Advantages of Demand Paging:

1. Only essential pages are loaded, conserving physical memory. Handling Page Faults:
2. Programs can exceed physical memory size, as only needed parts are loaded.
3. Initial loading of essential pages enables quicker program initiation. • Accessing a page marked as invalid triggers a page fault. The paging hardware notifies the
4. Efficient use of both physical memory and disk space. operating system through a trap.
• The procedure for handling a page fault includes the following steps:
51
 1. Check an internal table for the process to determine if the reference was valid or invalid.
2. If the reference was invalid, terminate the process. If it was valid but the page isn't in • In reality, processes may not use all allocated pages, leading to potential memory savings.
memory, bring it in. • Demand paging allows for over-allocation of memory.
3. Allocate a free frame and schedule a disk operation to read the desired page into the o Example: A process of ten pages may only use half of them, leading to potential benefits
frame. like increased multiprogramming
4. After the disk read, update the internal table and page table to indicate the page is now o Memory allocation is not solely for program pages; I/O buffers also consume memory.
in memory. • Balancing allocation between program pages and I/O buffers poses a significant challenge.
5. Restart the interrupted instruction. • In cases of over-allocation, a page fault occurs, but there are no free frames available.
• The operating system has several options:
• Terminating the user process is not the best choice, as paging should be transparent to
the user.
• Swapping out a process to free frames is a viable option in specific circumstances.

Page replacement is a common solution for handling over-allocation.

• When a page fault occurs and there are no free frames, the operating system selects a page to
be replaced.

Pure Demand Paging:

• In pure demand paging, pages are never brought into memory until they are required by the
executing process.
• When a process attempts to access a non-memory-resident page, a page fault occurs. The page
is then brought into memory.
Algorithms
Hardware Requirements:
• Demand paging utilizes the same hardware as paging and swapping, including:
9.4.1 First In First Out Page replacement
• Page table with the ability to mark entries as invalid.
• The simplest page-replacement algorithm is First-In, First-Out (FIFO).
• Secondary memory (typically a high-speed disk) for holding pages not present in main
• It associates with each page the time it was brought into memory.
memory
• When a page must be replaced, the oldest page (first-in) is chosen.
• This algorithm is straightforward but may not always provide optimal performance.
Restarting Instructions after Page Faults:
• A crucial requirement for demand paging is the ability to restart any instruction after a page
fault. FIFO Algorithm Operation
• A FIFO queue holds all pages in memory.
• The state of the interrupted process (registers, condition code, instruction counter) is saved,
• When a page is brought into memory, it's inserted at the tail of the queue.
allowing the process to resume from the exact point with the desired page now in memory.
• When replacement is needed, the page at the head of the queue is replaced (the oldest page).

9.4 Page Replacement

52
Example with a Reference String

• Consider a reference string: 7, 0, 1, 2, 0, 3, 0, 4, 2, 3, 0, 3, 2, 1, 2, 0, 1, 7, 0, 1

• With three initially empty frames:
• First three references (7, 0, 1) cause page faults and fill frames.
• Reference 2 replaces page 7 (the oldest).
• No fault for reference 0 since it's already in memory.
• Reference 3 replaces page 0.
• This process continues, resulting in 15 faults in total.

• LRU replacement produces 12 page faults in this example.

• When page 4 is referenced, LRU replaces page 2
• LRU replacement is more efficient than FIFO.

Implementing LRU
Performance of FIFO Algorithm
• Two feasible implementations:
• FIFO is easy to understand and implement.
• However, its performance is not always ideal. 1. Counters: Associate a time-of-use field with each page-table entry.
• It may replace pages that are still actively used, leading to an increased page-fault rate. • Add a logical clock or counter to the CPU.
• A bad replacement choice slows down process execution but doesn't cause incorrect results. • Increment the clock for every memory reference.
• On a page reference, copy the clock value to the time-of-use field.
Belady's Anomaly • Replace the page with the smallest time value.
• Belady's Anomaly is a phenomenon where increasing the number of allocated frames may • This approach requires page-table searches and writes for each memory access.
lead to a higher page-fault rate. • Considerations include clock overflow and updates during page table changes.
• This is counterintuitive as more memory is typically expected to improve performance.
• Belady's Anomaly highlights the limitations of FIFO and similar algorithms. 2. Stack: Maintain a stack of page numbers.
• When a page is referenced, remove it from the stack and place it on top.
Illustration with a Reference String • The most recently used page is always at the top, and the least recently used is at
• Consider the reference string: 1, 2, 3, 4, 1, 2, 5, 1, 2, 3, 4, 5 the bottom.
• Figure 9.13 shows the page-fault curve for different numbers of frames. • Implement with a doubly linked list (head and tail pointers) for efficiency.
• Surprisingly, the page faults for four frames (ten) are greater than for three frames (nine). • Updating the stack requires changing pointers, but no search for replacement is
• This anomaly challenges the assumption that more memory always improves performance. needed.
• Suitable for software or microcode implementations of LRU replacement.

9.4.2 Least Recently Used

• LRU (Least Recently Used) is a widely used approximation of the optimal algorithm.
• LRU replacement selects the page that has not been used for the longest period of time.
• LRU associates with each page the time of its last use.
• When a page needs replacement, LRU selects the page with the oldest last use time.
• It can be viewed as the optimal algorithm looking backward in time.

53
 • Page 3 replaces page 1, as page 1 will be the last of the three pages in memory to be referenced
again.
• With only nine page faults, OPT is significantly better than FIFO, which results in fifteen
faults.
• OPT is optimal in this context.

LRU and Belady's Anomaly Challenges in Implementing OPT

• OPT is difficult to implement because it requires knowledge of the future reference string.
• This is similar to the challenges encountered with the Shortest Job First (SJF) CPU-scheduling
• LRU replacement, like optimal replacement, does not exhibit Belady's anomaly.
• Both belong to a class of page-replacement algorithms called stack algorithms, which do not algorithm.
• In practice, OPT is mainly used for comparison studies.
suffer from this anomaly.
• It provides a benchmark for evaluating other page-replacement algorithms.
• Knowing how close a new algorithm is to OPT can be useful, even if it's not optimal.
Hardware Assistance

• LRU implementations require additional hardware beyond standard TLB registers. 9.6 Thrashing
• Regular updating of clock fields or stacks must be done for every memory reference.
• Thrashing is a critical issue in virtual memory systems.
• Using interrupts for software updates would significantly slow down memory references and
• It occurs when the number of frames allocated to a process falls below the minimum required,
user processes.
causing the process to spend more time paging than executing.
• Thrashing introduces a swap-in, swap-out level of intermediate CPU scheduling.
9.4.3 Optimal page-replacement algorithm

• Belady's anomaly highlighted the need for an optimal page-replacement algorithm, one that
guarantees the lowest page-fault rate and avoids the anomaly.
• The optimal page-replacement algorithm is known as OPT or MIN.
• It replaces the page that will not be used for the longest period, ensuring the lowest possible
page-fault rate for a fixed number of frames.

OPT (Optimal) Page Replacement Algorithm

• OPT replaces the page that will not be used for the longest time.
• It aims to minimize page faults by selecting the page that has the farthest future reference.
• OPT guarantees the lowest page-fault rate but is challenging to implement as it requires
knowledge of the entire future reference string.
Causes of Thrashing
Example of OPT Replacement
• Consider an example reference string. • Thrashing results in severe performance problems and a significant drop in system throughput.
• The OPT algorithm, shown in Figure 9.14, would yield nine page faults in this example. • It occurs when a process does not have enough frames to support its actively used pages,
• The first three references fill the three empty frames. leading to frequent page faults.
• When page 2 is referenced, OPT replaces page 7 because page 7 won't be used until reference • Frequent page faults cause the process to repeatedly replace pages that are immediately
18, whereas page 0 will be used at 5, and page 1 at 14. needed, leading to a cycle of page faults and replacements.

54
 • As a result, the process and the system as a whole spend more time paging than performing • The file's name is usually a string of characters (e.g., "example.c"), and some systems may
useful work. differentiate between uppercase and lowercase characters in file names.
• CPU utilization decreases, and system throughput plunges. • When a file is named, it becomes independent of the process, user, and system that created it.
• Different users can interact with the same file, even across different systems, by using its name.
Example Scenario
• The operating system monitors CPU utilization. • File attributes may vary between different operating systems, but they typically include the
• If CPU utilization is too low, the system increases the degree of multiprogramming by following:
introducing new processes. • Name: The symbolic file name is a human-readable identifier.
• A global page-replacement algorithm is used, replacing pages without considering the process • Identifier: A unique tag or number that identifies the file within the file system. It
to which they belong. serves as a non-human-readable name for the file.
• When a process enters a new phase and needs more frames, it starts faulting and takes frames • Type: Information about the type of file (e.g., text, binary, executable). This is essential
from other processes. for systems supporting various file types.
• These processes also need those pages and start faulting, leading to a queue for the paging • Location: A pointer to the device and the specific location of the file on that device.
device. • Size: The current size of the file, typically measured in bytes, words, or blocks. This
• As processes wait for the paging device, CPU utilization decreases. attribute may also specify the maximum allowed file size.
• The CPU scheduler increases the degree of multiprogramming, and the cycle repeats, leading • Protection: Access-control information that determines who can perform actions like
to thrashing. reading, writing, and executing the file.
• Thrashing significantly impacts system performance and productivity. • Time, Date, and User Identification: Information about the file's creation, last
modification, and last use. These attributes are valuable for protection, security, and
Addressing Thrashing usage monitoring.

• Thrashing can be limited by using a local replacement algorithm, which prevents one process Some modern file systems support extended file attributes, which can include character encoding of
from stealing frames from another. the file and security features like file checksums.
• However, the problem is not entirely solved, as the average service time for a page fault
increases due to longer paging queues. Directory Structure
• The effective access time also increases for non-thrashing processes. • Information about all files is stored in the directory structure, which is also located on
• To prevent thrashing, processes should be provided with as many frames as they need. secondary storage.
• A typical directory entry consists of the file's name and its unique identifier.
• The identifier serves to locate the other attributes of the file.
CHAPTER 11 FILE SYSTEM INTERFACE • Storing information about all files in a system can be space-intensive, potentially requiring
more than a kilobyte of storage per file.
File Definition • In systems with many files, the size of the directory structure itself can become substantial,
possibly reaching megabytes.
• A file is a named collection of related information stored on secondary storage. • Both files and directories must be nonvolatile, so they are stored on storage devices and
• Files can store a wide range of information, such as source code, executable programs, numeric brought into memory as needed.
data, text data, photos, music, videos, and more.
• The structure of a file depends on its type.
11.1.2 File Operations
• A text file consists of characters organized into lines and possibly pages.
• A source file comprises functions, each organized as declarations followed by executable File Operations File operations are essential for managing and manipulating files within an operating
statements. system. The six fundamental file operations include:
• An executable file is a series of code sections that can be loaded into memory and executed
1. Creating a File:
by a loader.
• Space for the file must be allocated in the file system.
• An entry for the new file must be added to the directory.
11.1.1 File Attributes
2. Writing to a File:
• A file is primarily identified by its name. • A system call specifies the file name and data to be written.
• The system locates the file in the directory.
55
 • A write pointer, indicating the position for the next write, must be maintained and • Not all operating systems provide both shared and exclusive locks; some systems only offer
updated. exclusive file locking.
3. Reading from a File:
• A system call specifies the file name and where to place the next block of data in 11.2 Access Methods
memory.
• The system locates the file in the directory. File Access Methods File systems provide various methods to access and manipulate data stored in
• A read pointer, indicating the position for the next read, must be maintained and files. The two main access methods are:
updated. 1. Sequential Access:
• Both read and write operations use the same current-file-position pointer. • In sequential access, data in the file is processed in order, one record at a time.
• This pointer can be managed as a per-process current-file-position pointer. • Read and write operations are the primary operations on the file.
4. Repositioning within a File: • A read operation automatically advances a file pointer to the next portion of the file.
• A system call specifies the desired position within the file (file seek). • Similarly, the write operation appends data to the end of the file and advances the file
• The directory is searched for the appropriate entry. pointer to the new end of the material.
• The current-file-position pointer is updated to the specified position. • Sequential access is suitable for tasks that process data in a linear manner, such as text
5. Deleting a File: editors and compilers.
• The directory is searched for the named file. • It is based on a tape model of a file and works on both sequential-access and random-
• The associated directory entry is removed. access devices.
• The file space is released for reuse by other files.
6. Truncating a File: 2. Direct Access (Relative Access):
• Erases the contents of a file while keeping its attributes. • In direct access, files are composed of fixed-length logical records or blocks, allowing
• The file length is set to zero, and the file space is released. rapid reading and writing of records in no particular order.
These fundamental operations are used as building blocks to perform more complex file operations, • Direct access is suitable for immediate access to large amounts of data, such as
such as copying, appending, and renaming files. databases.
• Each block or record in the file is assigned a unique block number for random access.
Open-File Table • Users specify block numbers in read(n) and write(n) operations to access data at a
• Some systems require an explicit open() system call to be made before using a file. Others particular block number.
implicitly open a file when the first reference to it is made. • The system maps these block numbers to their corresponding disk locations.
• The open() system call typically accepts a file name, searches the directory, and copies the • Direct access is based on a disk model of a file and does not impose restrictions on the
directory entry into an open-file table. order of reading or writing.
• Access mode information (e.g., read-only, read-write, create) can also be specified, and it is
checked against the file's permissions. Implementation of Direct Access:
• The open-file table entry for a file is identified by a pointer, which is used in all I/O operations.
• The implementation of open() and close() operations can be more complex when multiple • The operating system introduces the concept of relative block numbers, which are indexes
processes may open the same file simultaneously. relative to the beginning of the file.
• The first block in the file is assigned relative block number 0, the next is 1, and so on.
File Locking • The user's request for a specific record is translated into an I/O request for a specific number
of bytes, starting from L * (N), where L is the logical record length and N is the relative block
• File locking provides a mechanism to control access to shared files.
number.
• Two common types of locks are shared and exclusive locks.
• The relative block numbers help the operating system decide where to place the file in the
• A shared lock allows multiple processes to access the file concurrently for reading, similar to
storage and prevent users from accessing parts of the file system not related to their file.
a reader lock.
• An exclusive lock permits only one process to access the file at a time for writing, similar to a
Limitations:
writer lock.
• Not all operating systems support both sequential and direct access; some support only one of
these methods.
56
 • Some systems require files to be declared as sequential or direct when created, and they can 1. Types of File Systems: Computer systems can host various types of file systems, both special-
only be accessed in a manner consistent with their declaration. purpose and general-purpose. Some examples of file systems include:
• tmpfs: A temporary file system that exists in volatile main memory. Its contents are
11.3 Directory and Disk Structure erased if the system reboots or crashes.
• objfs: A virtual file system that provides an interface for debuggers to access kernel
symbols.
1. Storage Devices: Computers use various storage devices like hard disks, optical disks, and • ctfs: A virtual file system that manages "contract" information related to processes that
solid-state drives to store files and data. These devices provide random access to data, allowing start when the system boots and must continue to run.
quick retrieval and modification of information. • lofs: A "loop back" file system that allows one file system to be accessed in place of
another.
2. File System on Storage Devices: Each storage device can be dedicated entirely to a file • procfs: A virtual file system that presents information on all processes as if they were
system, or it can be divided into partitions to provide finer-grained control over file part of a file system.
organization. Partitions can hold separate file systems, allowing for different types of data • ufs and zfs: General-purpose file systems that are widely used for data storage.
storage on a single device. 2. Extensive File Systems: Computer systems can have extensive file systems, and they may
contain multiple file systems of different types. These file systems can be created for various
3. RAID Sets: Storage devices can be grouped together into RAID (Redundant Array of
purposes, and each serves specific needs.
Independent Disks) sets to improve data reliability and availability. RAID configurations 3. File Segregation: To effectively manage files within a file system, it's important to segregate
provide protection against disk failures and data loss. files into groups and use directories to organize and act on those groups. Directories provide a
4. Partitioning and RAID Sets: Partitioning is useful for various purposes, including limiting structured way to manage and access files within the file system.
the size of individual file systems, accommodating multiple file system types on a single
device, and reserving space for tasks like swap space or raw data storage. 11.3.2 Directory Overview

5. Volume: A volume is an entity that contains a file system. It can be a portion of a device, an
entire device, or multiple devices organized into a RAID set. Volumes are treated as virtual
• Directories in a file system serve as organizational tools for file storage.
disks, and they can host multiple operating systems, enabling a system to boot and run multiple • A directory can be viewed as a symbol table that maps file names to their corresponding
OSs. directory entries.
6. Directory Structure: Each volume containing a file system must maintain information about • The organization of directories plays a crucial role in file system management as it must
the files within it. This information is typically stored in a device directory or volume table of facilitate common directory operations.
contents, often referred to simply as the directory. The directory contains details about each
Directory Operations
file on that volume, including its name, location, size, and type.
When designing a directory structure, it is essential to consider the operations that will be performed
on directories:
1. Search for a File:
• The directory structure must support efficient searching for a particular file by its name.
• It should allow users to find files with similar names or patterns, aiding in file discovery.
2. Create a File:
• The system must enable users to create new files and add them to the appropriate
directory.
3. Delete a File:
• Files that are no longer needed should be removable from the directory, freeing up
storage space.
4. List a Directory:
• Users must be able to list the files within a directory.
• The directory listing should include detailed information about each file, such as its
11.3.1 Storage Structure
attributes and contents.
5. Rename a File:
57
 •File names are vital for user identification and representation of file contents. • Users can define subdirectories for different projects or categories.
• The directory structure should allow for file renaming, which may also result in • Deletion of directories can be done when they are empty or with an option to delete contents
changing the file's position within the directory. simultaneously.
6. Traverse the File System:
• Accessing every directory and file within a directory structure may be necessary for
tasks like backups and maintenance.
• Periodic backups of the entire file system are essential for data preservation in case of
system failures.

Logical structure of a directory.

11.3.3 Single-Level Directory

• Single-level directory is the simplest structure, where all files are in the same directory.
• Each file must have a unique name, which can be challenging as the number of files increases.
• Users may struggle to remember the names of numerous files.

11.3.6 Acyclic-Graph Directories

• Acyclic-graph directories enable files and directories to be shared in multiple places.
• Sharing is important for collaboration and managing files that need to appear in different user
11.3.4 Two-Level Directory
• Introduces the two-level directory structure, where each user has a user file directory (UFD).
directories.
• Shared files may be implemented using links (pointers) or by duplicating directory entries.
• MFD (Master File Directory) is indexed by user name or account number and points to the
• Link-based systems allow for resolving links to locate the actual file.
respective UFD.
• Problems with deletion of shared files exist and may require managing references.
• Users can have files with the same name as long as they are in different UFDs.
• Cycles in directory structures can introduce challenges and issues with garbage collection.
• Collaboration among users may be limited, and access to other users' files is possible but
complex.
• Unique file names are still important.
• Path names are used to specify user names and file names, creating a path in the directory tree.
• System-specific syntax is used for naming files in different directories and volumes.

11.3.5 Tree-Structured Directories

• Tree-structured directory systems allow for a hierarchical organization of files.
• Each directory can contain files and subdirectories.
• Users have a current directory, and references are searched within it. 11.3.7 General Graph Directory
• Path names can be absolute or relative, and they help organize files based on topics or types. • General graph directories provide more flexibility but are complex to manage.
58
 • Preventing cycles in the directory structure is crucial to avoid infinite loops and maintain Protection of files in a computer system is crucial to prevent unauthorized access and maintain data
consistency. security.
• Efficient traversal and determining when files can be deleted are challenges.
• Garbage collection is needed when cycles exist in the structure. The Need for Controlled Access
• Some systems may choose not to allow shared directories or links to avoid complications. • The need for protecting files arises from the ability to access them.
• Systems that don't allow access to other users' files may not require additional protection.
• Two extreme approaches are complete prohibition of access and providing free, unrestricted
access. However, neither is practical for general use.
• What's needed is controlled access, which means allowing access while imposing restrictions
to ensure security.

Types of File Access Control

• Protection mechanisms provide controlled access by limiting the types of file access that can
be performed.
• Access can be permitted or denied based on various factors, one of which is the type of access
requested.
• Several different types of operations may be controlled, including:
• Read: Permission to read from the file.
• Write: Permission to write or rewrite the file.
• Execute: Permission to load the file into memory and execute it.
• Append: Permission to add new information at the end of the file.
• Delete: Permission to delete the file and free its space for potential reuse.
11.6 Protection • List: Permission to list the name and attributes of the file.
• Other higher-level operations, such as renaming, copying, and editing the file, may also be
• When managing information in a computer system, two critical aspects come to the forefront: controlled.
reliability and protection. • In many systems, these higher-level functions are implemented by system programs that make
• Reliability ensures that data is safe from physical damage and data loss. lower-level system calls. Protection is primarily provided at the lower level.
• Protection focuses on controlling access to prevent unauthorized or improper use of data.
Varying Levels of Protection
Reliability • The appropriate level of protection depends on the specific application and system.
• Reliability is achieved by creating duplicate copies of files, serving as backups in case of data
• A small, single-user computer used within a research group may have different protection
loss. requirements compared to a large corporate computer used for various operations.
• Systems often employ programs to automate the creation of duplicate copies.
• Protection mechanisms should be tailored to the intended application.
• Backups are typically stored on different media (e.g., tapes) and updated at regular intervals
(daily, weekly, or monthly). 11.6.2 Access Control
• Common causes of unreliability include hardware problems (e.g., read/write errors), power
issues (surges or failures), head crashes, contaminants, extreme temperatures, vandalism, Access control is a fundamental aspect of file protection in computer systems. It determines who can
accidental file deletions, and software bugs. access files and what actions they can perform.
Protection Mechanisms Identity-Dependent Access
• Protection ensures that data is safe from improper access, making it essential for data security.
• The most common approach to file protection is making access dependent on the identity of
• The choice of protection mechanisms depends on the specific system and its users.
the user.
• In a single-user laptop system, simple physical measures like locking the device in a desk
• Different users may require different levels of access to a file or directory.
drawer or file cabinet may suffice. • Identity-dependent access is typically implemented using an Access Control List (ACL)
• In larger multiuser systems, more sophisticated access control mechanisms are needed.
associated with each file and directory.

Access Control Lists (ACLs)

11.6.1 Access Types
59
 • An ACL is a list specifying user names and the types of access allowed for each user. UNIT V
• When a user requests access to a file, the operating system checks the ACL associated with
that file to determine if the requested access is allowed. I/O Systems: Overview - I/O Hardware - Application I/O Interface - Kernel I/O Subsystem -
• If the user is listed in the ACL for the requested access, access is granted; otherwise, a Transforming 1/0 Requests to Hardware Operations - Performance. System Protection: Goals -
protection violation occurs, and access is denied. Domain - Access matrix. System Security: The Security Problem - Threats – Encryption- User
Authentication.
Advantages and Challenges of ACLs
• The advantages of ACLs include enabling complex access methodologies, allowing fine- CHAPTER 13:
grained access control, and making it easy to manage access for individual users.
13.2 I/O HARDWARE
Challenges with ACLs
• One major challenge is the potential length of ACLs. If, for example, we want to grant read • I/O Hardware refers to the devices and mechanisms that allow a computer to communicate
access to everyone, we'd need to list all users with read access. This can be tedious and lead to with the external world.
lengthy lists. • These devices can be broadly categorized into storage devices (like disks and tapes),
• Another challenge is the impact on directory entries. As ACLs grow, directory entries, which transmission devices (such as network connections and Bluetooth), and human-interface
were previously of fixed size, must become variable in size, resulting in more complex space devices (like screens, keyboards, and mice).
management.
Device Communication:
Combining ACLs with Owner-Group-Universe Access Control
• Devices communicate with a computer system by sending signals, typically over cables or
• To address the challenges of lengthy ACLs and complex space management, many systems
recognize three user classifications concerning each file: through wireless connections.
• Owner: The user who created the file is the owner. • These signals are transmitted through connection points or ports, for example, serial ports.
• Group: A set of users who share the file and have similar access needs are considered • When devices share a common set of wires, it forms a bus, which is a set of wires and a
a group (work group). defined protocol for message communication.
• Universe: All other users in the system belong to the universe.
Buses in Computer Architecture:
Recent Approaches • Buses are an integral part of computer architecture, and they vary in terms of signaling
• A common recent approach combines ACLs with the owner-group-universe access control methods, speed, throughput, and connection methods.
scheme. For example, Solaris uses the three categories of access by default but allows ACLs • Common buses include the PCI bus, expansion bus, SCSI bus, PCI Express (PCIe), and
to be added to specific files and directories when more fine-grained access control is needed. HyperTransport.

Controllers:
• A controller is a collection of electronics responsible for operating a port, a bus, or a device.
• Simple controllers like serial-port controllers are usually single chips or parts of chips that
control signals on the wires of a port.
• More complex controllers, such as SCSI bus controllers, may be implemented on separate
circuit boards or host adapters, often containing processors and memory.

Processor-Controller Communication:
• Processors communicate with controllers to initiate I/O transfers.
• This communication typically involves registers for data and control signals. Processors read
and write these registers using special I/O instructions or memory-mapped I/O.
• Some systems use a combination of both techniques for controlling devices.

60
An I/O port typically consists of four registers, called the status, control, data-in, and data-out 13.2.1 Polling
registers.
• Interaction between the host (CPU) and a controller for I/O operations can be intricate, but
• The data-in register is read by the host to get input. the basic concept is simple.
• The data-out register is written by the host to send output. • In this lecture, we will explore the concepts of polling and interrupts in the context of I/O
• The status register contains bits that can be read by the host. These bits indicate states, such as operations.
whether the current command has completed, whether a byte is available to be read from the • Polling involves the host repeatedly checking the status of a device until it's ready, while
data-in register, and whether a device error has occurred. interrupts allow the device to notify the host when it's ready.
• The control register can be written by the host to start a command or to change the mode of a
device. For instance, a certain bit in the control register of a serial port chooses between full- Polling:
duplex and half-duplex communication, another bit enables parity checking, a third bit sets the 1. Basic Handshaking:
word length to 7 or 8 bits, and other bits select one of the speeds supported by the serial port. • Example scenario: Coordinating between the host and a controller using 2 bits for
Data Registers and FIFO: producer-consumer relationship.
• The controller indicates its state with the "busy" bit in the status register.
• Data registers are usually 1 to 4 bytes in size. • The host uses the "command-ready" bit in the command register to signal its wishes.
• Some controllers use FIFO (First-In, First-Out) chips to store bursts of data until they can be 2. Steps in Polling:
processed. This helps expand the capacity of the controller. • The host repeatedly reads the "busy" bit until it becomes clear.
• The host sets the "write" bit in the command register and writes data to the data-out
Examples of Devices and Ports:
register.
• For example, a serial-port controller has registers for input and output, a status register to • The host sets the "command-ready" bit.
indicate device state, and a control register for configuring the port. • When the controller sees the "command-ready" bit, it sets the "busy" bit.
• The controller reads the command register, processes the command, and clears
• On the other hand, a graphics controller often uses memory-mapped I/O, where the
relevant bits.
controller's memory holds screen contents, and the processor writes data to this memory to
• This loop repeats for each byte.
display information on the screen.
3. Efficiency:
• Polling can be efficient if the controller and device are fast.
• However, if waiting may be long, the host should consider switching to other tasks.
• The host might not know when the controller becomes idle, which is problematic for
devices that require quick servicing to prevent data loss (e.g., serial ports or
keyboards).

4. Polling Efficiency:
• In many architectures, polling can be done efficiently with just three CPU instruction
cycles.
• Read a device register, extract a status bit using logical operations, and branch if the
status bit is not zero.
• However, repeated polling, especially when the device is rarely ready, can waste CPU
processing time.

13.2.2 Interrupts

• Interrupts are a crucial mechanism in computer systems for handling asynchronous events
and performing time-sensitive operations.

61
 Operating System and Interrupts:
• The operating system interacts with the interrupt mechanism in various ways, including:
Basic Interrupt Mechanism:
• Installing interrupt handlers for devices during system initialization.
• Handling device-generated interrupts during I/O operations.
1. Interrupt Request Line:
• Managing exceptions such as page faults and system calls.
• CPU hardware has an "interrupt-request line" that it checks after executing every
• Using interrupts for efficient flow control within the kernel.
instruction.
• Examples include virtual memory paging, system call execution, and disk read completion.
• When a device controller asserts a signal on the interrupt-request line, the CPU detects
it.
Threaded Kernel Architecture:
• A threaded kernel is well-suited for implementing multiple interrupt priorities and ensuring
2. Interrupt Handling:
the precedence of interrupt handling.
• The CPU performs a state save of the current process and jumps to the interrupt-
• High-priority interrupt handlers are executed as kernel threads, allowing for efficient
handler routine at a fixed memory address.
multitasking and prioritization.
• The interrupt handler determines the cause of the interrupt, processes it, restores the
state, and returns to the previous execution state.
• This mechanism allows the device controller to raise an interrupt, the CPU to catch it,
and the handler to clear the interrupt by servicing the device.

3. Interrupt Management:
• Interrupt management is crucial because modern systems handle numerous interrupts
per second.
• It enables the CPU to respond to asynchronous events and perform urgent tasks
efficiently.

Interrupt Features:

• It's essential to defer interrupt handling during critical processing.

• An efficient way to dispatch to the proper interrupt handler is needed without polling all
devices.
• Support for distinguishing between high- and low-priority interrupts and responding with the
appropriate urgency.
• Most CPUs have two interrupt request lines:
o Nonmaskable Interrupt: Reserved for critical, unrecoverable events like memory
errors. 13.2.3 Direct Memory Access:
o Maskable Interrupt: Used by device controllers to request service.
• When dealing with devices that perform large data transfers (e.g., disk drives), it's inefficient
Interrupt Vector Mechanism: to involve the main CPU in managing these transfers one byte at a time (programmed I/O).
• An address (vector) selects a specific interrupt-handling routine from an interrupt vector • Direct Memory Access (DMA) offers a more efficient approach to offload data transfer tasks
table. from the CPU and allow specialized DMA controllers to manage the process.
• The vectored interrupt mechanism reduces the need for a single handler to search for the • This lecture discusses how DMA works and its benefits in I/O systems.
source of interrupts. Basic DMA Operation:
• Interrupt chaining is used when there are more devices than available addresses in the • DMA controllers are special-purpose processors found in modern computers.
interrupt vector. • They are responsible for managing large data transfers between devices and memory without
the continuous intervention of the main CPU.
Interrupt Priority Levels: DMA Command Block:
• Modern CPUs support a system of interrupt priority levels. • To initiate a DMA transfer, the host writes a DMA command block into memory.
• This allows the CPU to defer low-priority interrupts without blocking all interrupts. • This block contains:
• High-priority interrupts can preempt the execution of low-priority ones. • Source and destination pointers (memory addresses).
62
 • The count of the number of bytes to be transferred.

DMA Operation Workflow:

1. The CPU writes the address of the DMA command block to the DMA controller.
2. The CPU continues with other tasks while the DMA controller takes over data transfer.
3. The DMA controller operates the memory bus directly, initiating data transfers.

Handshaking with Device Controllers:

• DMA controller and device controllers communicate through a pair of wires: DMA-request
and DMA-acknowledge.
• When data is available for transfer, the device controller signals on the DMA-request wire.
• The DMA controller then takes control of the memory bus, sets memory addresses, and
signals DMA-acknowledge.
• When the device controller receives DMA-acknowledge, it transfers the data to memory and
removes the DMA-request signal.

Transfer Completion and CPU Interrupt:

• When the entire transfer is completed, the DMA controller interrupts the CPU to notify
13.3 Application I/O Interface
transfer completion.
• The CPU briefly loses access to main memory when the DMA controller seizes the memory
The approach to handling I/O devices involves core software engineering principles:
bus, but it can still access data in caches. • Abstraction: Hiding complex device details and categorizing them.
• While this "cycle stealing" might slow down the CPU slightly, overall system performance • Encapsulation: Containing differences within kernel modules called device drivers.
improves due to offloading data-transfer work. • Software Layering: Structuring the I/O subsystem in layers.

Address Modes for DMA: Device Driver Layer

• Some architectures use physical memory addresses for DMA. • Device drivers are essential components that bridge the gap between I/O devices and the operating system.
• Others use direct virtual memory access (DVMA) with virtual addresses that undergo • Their primary role is to hide the differences among various device controllers from the I/O subsystem.
translation to physical addresses. • Similar to how system calls encapsulate device behavior for applications, device drivers export standardized
• DVMA can perform transfers between memory-mapped devices without CPU intervention. interfaces.
• This approach simplifies the work of OS developers and makes it easier for hardware manufacturers to design
Operating System and DMA: new devices.
• In protected-mode kernels, processes are generally prevented from issuing device commands
Device Variations
directly.
• I/O devices vary across multiple dimensions:
• The OS exports functions that privileged processes can use to access low-level hardware
• Character-stream or block.
operations. • Sequential or random access.
• Direct access to device controllers without OS protection can compromise system security • Synchronous or asynchronous.
and stability. • Sharable or dedicated.
• Modern operating systems aim to protect memory and devices from direct access to guard • Speed of operation.
against errors and malicious applications. • Read-write, read-only, or write-only.
• For application access, these differences are hidden by the OS, and devices are grouped into conventional types.

Access Conventions
• Major access conventions include:
• Block I/O
• Character-stream I/O
• Memory-mapped file access
• Network sockets
• Specific system calls and interfaces provide access to various device categories.

63
 Timer Resolution
ioctl() System Call • Hardware clocks often generate interrupts at a rate between 18 and 60 ticks per second.
• The ioctl() system call serves as an escape route for applications to access device functionality not covered by • While modern computers can execute millions of instructions per second, this resolution is
standard system calls. relatively coarse.
• It allows applications to communicate with device drivers using custom commands.
• The precision of timer triggers is constrained by the timer's resolution and the overhead of
• The ioctl() system call takes three arguments: a file descriptor, an integer command, and a pointer to data
managing virtual clocks.
structures for communication.
• Using timer ticks to maintain the system time-of-day clock can lead to clock drift.

13.3.1 Block and Character Devices

Block-device interface is used for disk drives, providing commands like read(), write(), and seek(). High-Resolution Clocks
• Raw I/O or direct I/O allows applications to bypass OS buffering and locking, providing direct device control. • Some computers have high-resolution clocks, based on a high-frequency counter.
• Memory-mapped file access simplifies access to storage by mapping files into memory. • These high-resolution clocks provide precise time interval measurements.
• Although they do not generate interrupts, they offer accurate time measurements.
13.3.2 Network Devices
• Network I/O requires different interfaces compared to disk I/O. 13.3.4: Nonblocking and Asynchronous I/O
• The network socket interface (common in UNIX and Windows) is analogous to electrical sockets, enabling
applications to create, connect, and manage network connections. Blocking and Nonblocking I/O
• The select() function simplifies network I/O management by avoiding polling and busy waiting. • System-call interfaces offer a choice between blocking and nonblocking I/O.
• Blocking system calls suspend the application's execution during I/O operations. The
13.3.3: Clocks and Timers application is moved to a wait queue and then back to the run queue upon completion.
• I/O devices operate asynchronously, with variable and unpredictable durations.
• Most computers are equipped with hardware clocks and timers that serve three essential • Blocking system calls are preferred as they make application code more understandable.
functions:
1. Provide the current time. Use Cases for Nonblocking I/O
2. Offer information about elapsed time. • Some user-level processes require nonblocking I/O to maintain responsiveness:
3. Set timers to trigger specific operations at designated times. • User interfaces processing keyboard and mouse input while handling screen data.
• These functions are fundamental to both the operating system and time-sensitive applications. • Video applications reading frames from disk while simultaneously decompressing and
• The actual system calls implementing these functions are not standardized across different displaying content.
operating systems.
Overlapping Execution and I/O
Programmable Interval Timer • Multithreaded applications can overlap execution and I/O operations.
• The hardware responsible for measuring elapsed time and triggering operations is known as a • Certain threads can perform blocking system calls while others continue executing.
programmable interval timer. • Some operating systems provide nonblocking I/O system calls, which do not halt application
• It can be configured to wait for a specific duration and then generate an interrupt. execution for an extended period.
• This timer can function as a one-time trigger or be set to repeat, generating periodic interrupts.
Asynchronous System Calls
Usage of Timers • Asynchronous system calls return immediately without waiting for I/O completion.
• Operating systems use timers for various purposes: • The application can continue executing while the I/O operation proceeds.
• The scheduler employs timers to preempt processes at the end of their time slices. • Completion is communicated through variables, signals, software interrupts, or callback
• Disk I/O subsystems use timers to schedule periodic flushing of dirty cache buffers to routines executed outside the application's linear control flow.
disk.
• Network subsystems use timers to manage operations affected by network congestion 13.3.5 Vectored I/O
or failures.
• Operating systems may provide user processes with timer interfaces, allowing applications to • Some operating systems offer vectored I/O as a major variation in their application interfaces.
use timers effectively. • Vectored I/O enables one system call to perform multiple I/O operations, involving multiple
• To support more timer requests than the number of available hardware timer channels, data locations.
operating systems simulate virtual clocks. This involves maintaining a list of interrupts sorted • For instance, the UNIX readv system call accepts a vector of multiple buffers and performs
by time and setting the timer to trigger at the earliest event. read or write operations using this vector.

64
 device is idle or busy, and they store information related to the device's current operations,
Advantages of Vectored I/O such as requests, addresses, and lengths.
• I/O scheduling is one way to enhance the efficiency of a computer system. By optimizing the
1. Efficiency: Vectored I/O allows the transfer of data from multiple separate buffers using a order of I/O requests, the system can reduce access times and minimize the mechanical
single system call. This approach minimizes context-switching and reduces system-call movement of devices like disk arms.
overhead.
2. Data Integrity: Vectored I/O can provide atomicity, ensuring that all I/O operations occur 13.4.2 Buffering:
without interruption. This is crucial in multi-threaded environments to prevent data corruption
when multiple threads are involved in I/O operations with shared buffers. • A buffer is a memory area that is used to temporarily store data during transfer between devices
3. Throughput: By minimizing intermediate data transfers and using scatter-gather methods, or between a device and an application.
vectored I/O enhances overall I/O throughput. • One of the primary reasons for using buffers is to cope with speed mismatches between the
4. Reduced System Overhead: Performing multiple data transfers with a single system call producer and consumer of data. For example, when data is being received from a slower
reduces the overhead of frequent context switches. device, like a modem, and needs to be stored on a faster device, such as a hard disk, buffering
is employed.
• In cases of significant speed disparities between devices, like a modem and a hard disk, double
buffering is used. This involves having two buffers in memory. When the first buffer is filled
with data from the slower device, it is written to the faster device. Meanwhile, the second
13.4 Kernel I/O Subsystem buffer continues to accumulate incoming data. This approach decouples the producer and
consumer, reducing timing requirements and optimizing data transfer.
Kernel I/O Subsystem Kernels provide many services related to I/O. Several services—scheduling, • Buffers are also used to adapt to devices with varying data-transfer sizes. In computer
buffering, caching, spooling, device reservation, and error handling—are provided by the kernel’s networking, buffers play a crucial role in fragmenting and reassembling messages. Large
I/O subsystem and build on the hardware and device driver infrastructure. The I/O subsystem is also messages are broken into smaller network packets for transmission, and the receiving side uses
responsible for protecting itself from errant processes and malicious users. buffers to reassemble these packets to reconstruct the original data.
• Buffers can support "copy semantics" for application I/O. For example, when an application
13.4.1 I/O Scheduling intends to write data to disk, the write() system call can copy the application's data into a kernel
buffer before returning control to the application. This ensures that the version of data written
• The primary purpose of I/O scheduling is to determine the most efficient order in which to to disk remains consistent with what was originally requested, regardless of subsequent
execute a set of I/O requests. The order in which applications issue system calls for I/O changes to the application's buffer. Copying data between kernel buffers and application data
operations may not be the most efficient. space helps maintain clean semantics.
• An example is provided where three applications issue blocking read calls to a disk.
Application 1 requests a block near the end of the disk, application 2 requests one near the 13.4.3 Caching:
beginning, and application 3 requests one in the middle of the disk. By rearranging the order
of service, the operating system can reduce the distance the disk arm travels, which is the 1. A cache is a region of fast memory that holds copies of data, and access to the cached copy is
essence of I/O scheduling. faster than accessing the original data source.
• Operating system developers implement I/O scheduling by maintaining a wait queue of 2. While a buffer holds data for transfer and may be the only existing copy, a cache specifically
requests for each I/O device. When an application issues a blocking I/O system call, the request stores copies of data that already reside elsewhere. Caches are designed for fast access.
is placed in the queue for that specific device. 3. In some cases, memory regions can serve as both buffers and caches. For instance, to optimize
• The I/O scheduler actively rearranges the order of the queue based on various scheduling disk I/O, operating systems use buffers in main memory to hold disk data. These buffers also
algorithms to improve system efficiency and reduce the average response time for applications. function as a cache to improve I/O efficiency for shared files or frequently accessed data.
It may also aim to provide fair access to devices among processes. 4. Caching can improve system performance by reducing the need to access slower storage
• When a kernel supports asynchronous I/O, it needs to manage multiple I/O requests devices, such as disks. Instead, frequently used data is fetched from the cache, resulting in
simultaneously. In this case, the wait queue may be attached to a device-status table. Each faster access times.
entry in the table corresponds to an I/O device and includes information about the device's 5. Caches are not only used for reading data but also for write operations. Disk writes can be
type, address, and state (e.g., idle or busy). accumulated in the buffer cache for a period before they are actually written to the disk. This
• The device-status table is a key data structure in the I/O subsystem, which helps the kernel approach, known as delayed writes, allows for more efficient scheduling of write operations
keep track of the status of various devices. Entries in the table are used to monitor whether a and minimizes the number of individual disk writes.

65
13.4.4 Spooling and Device Reservation • When an I/O system call fails, it typically returns a status bit indicating success or failure. In
UNIX, an additional integer variable called "errno" is used to return an error code, which
• Spooling, which stands for "Simultaneous Peripheral Operation On-Line," refers to a process provides information about the nature of the failure (e.g., argument out of range, bad pointer,
in which data intended for a device (e.g., a printer) is temporarily stored in a buffer or disk file not open). While the hardware can provide detailed error information, many operating
file before being sent to the device. It is commonly used when multiple applications wish to systems may not convey this detailed information to the application.
send their output to the same device concurrently, preventing their output from getting mixed • Some hardware systems provide detailed error information, particularly in cases of device
together. failures. For example, SCSI devices may report errors in three levels of detail, including a
sense key indicating the general nature of the failure, an additional sense code specifying the
• How Spooling Works: When applications generate output that is meant for a device, such as category of failure, and a sense-code qualifier providing further details.
a printer, the operating system intercepts this output. Instead of sending it directly to the • Additionally, some SCSI devices maintain internal pages of error-log information that can be
device, the output is spooled to separate disk files for each application. Once an application requested by the host, although this information is not always utilized.
has finished printing, its corresponding spool file is queued for output to the device. The
spooling system then copies these spool files to the device one at a time, ensuring that each 13.4.6 I/O Protection
application's output is processed in an orderly manner.
• To prevent users from directly issuing illegal I/O instructions, all I/O instructions are defined
• In some operating systems, spooling is managed by a system daemon process, while in as privileged instructions.
others, it is handled by an in-kernel thread. The operating system provides a control interface • Users must request I/O operations by executing system calls through the operating system.
that allows users and system administrators to monitor and manage the print queue. • The operating system, running in monitor mode, checks the validity of the request. If the
Functions like viewing the queue, removing unwanted jobs, suspending printing during request is valid, the operating system performs the I/O operation and then returns control to
device servicing, and more can be performed through this interface. the user.

Device Reservation: Memory Protection:

• Memory-mapped and I/O port memory locations need protection from unauthorized user
• Some devices, such as tape drives and printers, may not be able to effectively process I/O access through the memory-protection system.
requests from multiple concurrent applications simultaneously. In such cases, operating • In cases where direct memory access is required for performance reasons, such as in graphics
systems need to coordinate access to the device. One approach is to provide support for applications, the kernel may provide a locking mechanism to allocate specific memory regions
exclusive device access. to one process at a time.
• This involves enabling a process to allocate an idle device exclusively for its use. When the
process is done, it can deallocate the device to make it available for other applications.
13.4.7 Kernel Data Structures
• Another approach is to restrict the number of open file handles to such a device to one. This
enforces exclusive access and ensures that only one application can access the device at a
• The kernel relies on various in-kernel data structures to maintain state information about the
time. usage of I/O components.
• Many operating systems provide functions that allow processes to coordinate exclusive • These data structures include tables to manage file access, network connections, character-
access among themselves. For instance, Windows offers system calls to wait until a device device communications, and other I/O activities.
becomes available, and it includes parameters in the OpenFile() system call to declare the
types of access permitted to other concurrent threads. In these systems, it's up to the Uniform Structure and Object-Oriented Techniques:
applications to avoid deadlock and properly manage device access. • In UNIX, despite differences in the semantics of read() operations for various entities like user
files, raw devices, and process address spaces, a uniform structure is maintained.
• Object-oriented techniques are used to encapsulate these differences. The open-file record
13.4.5 Error Handling contains a dispatch table with pointers to the appropriate routines based on the type of file,
• Error Types: Operating systems need to handle errors effectively, both from hardware and ensuring a uniform interface.
applications. Errors can result from various causes, including transient issues (e.g., network
overload) and permanent problems (e.g., defective hardware components). Message-Passing in Windows:
• Error Compensation: Operating systems can often compensate for transient errors. For • Some operating systems, like Windows, utilize extensive object-oriented methods.
example, if a disk read() operation fails, a retry may be attempted, and a network send() error
may trigger a resend if the protocol allows for it.
66
 • Windows employs a message-passing approach for I/O. Each I/O request is converted into a 3. If not in the cache, the process is placed on the wait queue, and the I/O request is scheduled.
message, sent through the kernel to the I/O manager and device driver. The message may It is then sent to the device driver.
undergo changes at each stage. 4. The device driver allocates kernel buffer space and sends commands to the device controller.
• While message-passing can introduce some overhead compared to procedural techniques, it 5. The device controller performs the data transfer.
simplifies the structure and design of the I/O system and enhances flexibility. 6. A DMA controller may be used, generating an interrupt when the transfer completes.
7. The correct interrupt handler is called, storing necessary data and signaling the device driver.
13.5 Transforming I/O Requests to Hardware Operations
8. The device driver processes the signal, determines the request's status, and signals the kernel
I/O subsystem.
• When an application needs to perform I/O operations, the operating system must transform
9. The kernel transfers data or return codes to the requesting process's address space and moves
the application's request into hardware operations.
the process from the wait queue back to the ready queue.
• This lecture explains how this transformation occurs and the steps involved in this process.
10. The process is unblocked, and when scheduled by the scheduler, it resumes execution at the
completion of the system call.
Mapping Application Request to Hardware:
• Consider the example of reading a file from disk. The application refers to the data by a file
name.
• The operating system needs to map the file name to a specific device controller (hardware
port address or memory-mapped controller registers).
• How this connection is made varies between operating systems.

Method Used by MS-DOS:

• MS-DOS uses a simple method where the first part of a file name (before the colon)
identifies a specific hardware device (e.g., C: represents the primary hard disk).
• The device is mapped to a specific port address through a device table.
• This separation of the device name space from the file-system name space allows additional
functionality to be associated with each device.

Method Used by UNIX:

• UNIX incorporates device names in the regular file-system name space.
• The OS has a mount table that associates prefixes of path names with specific device names.
• To resolve a path name, UNIX looks up the mount table to find the longest matching prefix,
and this gives the device name.
• This device name leads to a <major, minor> device number, where the major device number
identifies a device driver, and the minor device number is used to index a device table that
provides the port or memory-mapped controller address.

Flexibility and Multiple Lookup Stages:

• Modern operating systems use multiple lookup stages between a request and the physical
device controller.
• This flexibility allows for the introduction of new devices and drivers without recompiling
the kernel.
• Some OSs can load device drivers on demand, making it more adaptable.

Life Cycle of a Blocking Read Request:

1. A process issues a blocking read() system call to a file descriptor of a previously opened file. CHAPTER 14 PROTECTION
2. The kernel checks the parameters and returns data from the buffer cache if available.
67
 • Protection, in this context, refers to a mechanism for controlling access to system resources.
• It is a way to specify the controls that should be imposed on processes, users, or programs, and
a means to enforce those controls. 14.2 Principles of Protection
• Protection mechanisms are used to prevent unauthorized or unintended access to resources, • The principle of least privilege is a guiding principle used in designing operating systems
which is crucial for maintaining the stability and security and protection mechanisms.
• of a computer system. • It suggests that programs, users, and systems should be granted only the minimum privileges
necessary to perform their tasks effectively.
14.1 Goals of Protection

1. Protection in Computer Systems: Analogy of a Security Guard and a Passkey:

• An analogy of a security guard with a passkey is used to explain the concept.
• Protection mechanisms in computer systems are designed to safeguard the integrity and
• If a passkey allows access only to the specific areas guarded by the security guard, then the
reliability of the system.
• These mechanisms were initially developed as part of multiprogramming operating systems,
potential damage resulting from the misuse of that key is minimal.
• However, if the passkey grants access to all areas, the potential damage due to its loss, theft,
allowing untrustworthy users to safely share logical and physical resources, such as files and
memory. misuse, or compromise is much greater.

2. Need for Protection: Implementation in an Operating System:

• An operating system following the principle of least privilege designs its features, programs,
• Protection serves several critical purposes, including preventing intentional misuse or
violations of access restrictions by users. system calls, and data structures to minimize the damage in case of component failure or
• An equally important role of protection is to ensure that each program component in a
compromise.
• For example, a buffer overflow in a system daemon might cause the daemon to fail but
system uses system resources in a manner consistent with stated policies.
• Detecting errors at the interfaces between subsystems can help prevent healthy subsystems
should not allow an attacker to gain maximum privileges and access to the entire system.
• Such an operating system provides fine-grained access controls for system calls and services,
from being affected by malfunctioning ones.
allowing applications to define access privileges at a detailed level.
• It allows privileges to be enabled when needed and disabled when not needed.
3. Distinguishing Authorized and Unauthorized Usage:
• Additionally, it creates audit trails for all privileged function access to track protection and
• Protection mechanisms help distinguish between authorized and unauthorized usage of
system resources. security activities.
• Unprotected resources can be misused by unauthorized or incompetent users, which can lead
to system instability. Managing Users with Least Privilege:
• Managing users according to the principle of least privilege involves creating separate user

4. Enforcement of Resource Use Policies: accounts, each with only the privileges required for the specific user's tasks.
• Operators or users are granted access to commands and files essential for their roles.
• The primary role of protection mechanisms in a computer system is to enforce the policies
• Some systems use role-based access control (RBAC) to implement the principle of least
governing resource use.
• These policies can be fixed in the system's design, formulated by system management, or
privilege effectively.
defined by individual users.
• Protection systems must be flexible enough to accommodate a variety of policies, which may
Application to Computer Facilities:
• In a computing facility, the principle of least privilege can restrict computers to specific
vary by application and evolve over time.
tasks, services, remote hosts, and time frames.
• Access control lists and enabling/disabling services are commonly used to enforce these
5. Involvement of Application Designers:
• Protection is no longer solely the concern of the operating system designer. Application
restrictions.
• While the principle of least privilege can contribute to a more secure computing
designers also need to utilize protection mechanisms to safeguard resources created and
managed by application subsystems. environment, it may not guarantee security on its own.
• Factors like the complexity of the system, the protection scheme's completeness, and the
• This separation of policy (what will be done) and mechanism (how it will be done) is
essential for flexibility and adaptability to changing policies without altering the underlying architecture of the operating system also play critical roles in overall security.
mechanisms.
68
14.3 Domain of Protection • Each process as a domain: Each process operates within its domain, and
domain switching occurs when processes communicate and wait for responses.
• A computer system comprises processes and objects, including hardware components (CPU, • Each procedure as a domain: Protection domains are associated with
memory, printers, disks, tape drives) and software objects (files, programs, semaphores). procedures, and switching occurs during procedure calls.
• Each object in the system is uniquely named, enabling distinction from other objects. This
unique naming is crucial for precise access control and resource management.
• Objects are operated upon through specific and meaningful operations. The operations
permitted may vary based on the type of object. For instance, CPUs only allow execution,
while memory segments support read and write operations.
• A fundamental principle is that processes should only access resources for which they possess
proper authorization. This authorization ensures controlled and secure access to resources.
• The "need-to-know" principle is an essential concept in access control. It dictates that a process
should only have access to the resources required for its current task. This principle minimizes
potential damage caused by malfunctioning or malicious processes. Dual-Mode Execution Model:
• The text provides practical examples of how the need-to-know principle can be applied. For • The dual-mode execution model, which includes monitor (kernel) mode and user
instance, when a process calls a procedure, it should only access its own variables and passed mode, is used in operating systems.
parameters. Similarly, a compiler should have access to a specific set of files relevant to the • In monitor mode, processes can execute privileged instructions and have complete
compilation task and not unrestricted access. control over the system.
• The need-to-know principle aligns with the principle of least privilege, which was discussed • In user mode, only nonprivileged instructions are allowed, and processes have limited
in a previous section. Both principles share the goal of minimizing security risks and restricting access to memory space.
access to only the necessary resources. • This model helps protect the operating system from user processes.

14.3.1 Domain Structure Complex Protection Schemes:

• In multiprogrammed operating systems, more elaborate protection schemes are needed
Processes operate within protection domains, which define the resources and operations they can
to protect users from each other.
access. Each domain is defined by a set of objects and the types of operations allowed on each
• The text hints at the example of UNIX and MULTICS as influential operating systems
object. Access rights are associated with each domain, specifying what a process can do with the
that implement these protection concepts.
objects.

Static and Dynamic Domains: 14.4 Access Matrix

• The association between processes and domains can be either static or dynamic.
• In a static domain, the set of resources available to a process remains fixed throughout The access matrix is an abstract model used to define and control access to various resources or
the process's lifetime. objects within a computer system. It plays a critical role in ensuring that resources are accessed
• Dynamic domains allow changes in access rights during a process's execution. only by authorized users or processes.
Structure of the Access Matrix
Need-to-Know Principle:
• Rows: Represent "domains" (e.g., users, processes, security contexts).
• The need-to-know principle suggests that a process should have access only to the
• Columns: Represent "objects" (e.g., files, resources, devices).
resources required for its current task.
• Entries: Each entry in the matrix contains a set of access rights or permissions that specify
• To adhere to this principle, domain content should be modifiable, allowing a process
to switch between read and write access as needed. what operations a process in a particular domain can perform on an object.

Domain Realization: Example Access Matrix

• A sample access matrix with four domains (D1, D2, D3, D4) and four objects (F1, F2, F3, a
• Protection domains can be implemented in different ways:
• Each user as a domain: Users are associated with domains, and domain
laser printer).
• Access Rights: Entries in the matrix specify access rights for each domain-object pair,
switching occurs when users change (e.g., login and logout).
illustrating different access permissions.
69
 • Individual Entry Protection: Each entry in the access matrix can be considered an object that
needs protection.
• Fine-Grained Control: This enables fine-grained control over access rights, allowing each
entry to be modified individually.

Operations on New Objects

• Managing New Objects: To maintain security, it is essential to determine which operations
can be performed on new objects, which may include domains and the access matrix itself.
• Additional Operations: The passage introduces three additional operations for controlling
changes in access-matrix entries: copy, owner, and control.
Policy Specification
Domain Switching
• Access matrices provide a powerful mechanism for specifying and enforcing security • Controlled Switching: Processes should be allowed to switch from one domain to another,
policies. and this operation is controlled by access rights, such as the access right "switch" in access(i,
• These policies define who can access what objects and under what conditions. j).
• Ensuring the access matrix is correctly implemented and that the specified policies are • Example: Figure 14.4 illustrates processes switching between certain domains based on their
adhered to is crucial. access rights.

Policy Decisions
• Access matrix serves as a tool to make policy decisions regarding protection and access
control.
• Decisions involve determining which access rights should be included in the (i, j)th entry of
the matrix.
• It also involves deciding in which domain each process will execute, with the operating
system typically responsible for making this decision.

User-Defined Access Rights

• Users are responsible for specifying the contents of the access matrix entries. Controlled Changes
• When users create new objects (Oj), they add a column for that object in the access matrix • Managing Access Matrix Entries: Controlled changes to the contents of access-matrix entries
with appropriate initialization entries based on their preferences. are facilitated by three additional operations:
• Users can specify different access rights for different entries within the column, tailoring • Copy: Allows copying access rights from one entry to another within the same
access control to the specific needs of the object. column.
• Owner: Determines the owner of an object and who can control its access rights.
• Control: Specifies who can control the access rights for a particular object.
Static and Dynamic Association
• Control Mechanism: The access matrix provides a robust mechanism for defining and
Copy Rights
enforcing strict control over the association between processes and domains, both statically • Introduction of "Copy Rights": Denoted by an asterisk (*) appended to an access right,
and dynamically. allowing a process in one domain to copy an access right from one entry to another within
• Domain Switching: Operations such as domain switching are considered as operations on the
the same column for the same object.
domain itself and can be controlled through the access matrix, including domains as objects. • Example: A process in domain D2 can copy the "read" operation from one entry to another
within the column for file F2.
Access Matrix as an Object

70
Variants of Copy Rights
• Diverse Copy Rights Mechanisms:
• Move Rights: A right can be moved from one entry to another within the same Control Rights
column, effectively removing the right from the original entry. • Applicability: The "Control" right applies only to domain objects.
• Limited Copy: Copying can be limited so that only the original right is created, not • Control Over Entire Rows: If a process in a domain has the control right for another domain,
the copy right (R, not R*). This limits further copying of the right, providing they can remove any access right from the entire row corresponding to that domain.
additional control over the propagation of rights.
• Flexibility: The system can choose from these mechanisms as needed. Confinement Problem
• Challenge: The confinement problem is the challenge of preventing information from
Owner Rights migrating outside of its execution environment.
• The "Owner" Right: This right controls the addition of new rights and the removal of • Unsolvability: It is generally considered unsolvable, primarily due to the difficulty of
existing rights within a column of the access matrix. ensuring that no information initially held in an object can leak to unauthorized parties.
• Control Over Access: If a process in a domain has the owner right for a specific object, they
can add or remove any valid right within that object's column.

Dynamic Protection
• Capability of Access Matrix Model: The mechanisms and operations discussed in the notes
illustrate the capability of the access-matrix model to implement and control dynamic
protection requirements in computer systems.
71
 • Adaptation: New objects and domains can be created dynamically and included in the • This violation involves unauthorized destruction of data. Some attackers may not be
access-matrix model, but policy decisions on access rights and restrictions remain crucial for after financial gains; instead, they aim to create chaos or gain status within the hacking
maintaining security. community.
• A common example is website defacement, where an attacker alters the appearance or
content of a website to make a statement or disrupt operations.
CHAPTER 15
4. Theft of Service:
15.1 THE SECURITY • This violation pertains to the unauthorized use of resources. For instance, an intruder or
intrusion program might install a daemon (a background service) on a system to act as
Introduction to Security and Its Importance a file server.
• Attackers exploit these unauthorized resources for their own purposes, potentially
• In many computer applications, ensuring the security of a computer system is crucial. Large causing harm to the legitimate users of the system.
commercial systems holding financial data or corporate operational information are attractive
targets for thieves and unscrupulous competitors. The loss of such data, whether through 5. Denial of Service (DOS):
accidents or fraud, can severely impact a corporation's ability to function. • In a DOS attack, the goal is to prevent legitimate users from accessing and using the
• Security is achieved ie a system is secure when a system's resources are used as intended system. These attacks can be intentional or accidental.
under all circumstances. However, total security is unattainable, and we aim to make security • The original Internet worm, for example, unintentionally transformed into a DOS attack
breaches rare rather than the norm. when a programming bug failed to delay its rapid spread.
• DOS attacks can have severe consequences, affecting the availability and functionality
Types of Security Violations of systems.

• Security violations can be intentional (malicious) or accidental. Protecting against accidental Common Attack Methods
misuse is usually more straightforward than defending against malicious misuse. Protection
mechanisms primarily address accidental violations. 1. Masquerading:
• Intruder and cracker are those attempting to breach security. • Masquerading involves an attacker impersonating someone else in a communication
• A threat is the potential for a security violation, such as the discovery of a vulnerability scenario. This could be pretending to be another host or an individual.
• An attack is the attempt to break security. • By masquerading, attackers undermine the authentication process, which is all about
• Several types of security violations include: verifying the correctness of identification. They may then gain access they would not
typically have or escalate their privileges, obtaining more access than they should.
1. Breach of Confidentiality: 2. Replay Attacks:
• This violation involves unauthorized access to data or information. It's often the primary • A replay attack occurs when an attacker maliciously or fraudulently repeats a valid data
goal of an intruder, seeking to steal sensitive information. transmission. Essentially, they capture a legitimate communication and replay it.
• The information targeted could range from credit card data to personal identity • In some cases, the replay itself constitutes the entire attack, such as when retransmitting
information, which can be exploited for financial gain. a request to transfer money. However, replay attacks often accompany message
• In essence, a breach of confidentiality can lead to the theft of valuable information, often modifications to further their goals and potentially escalate their privileges.
resulting in financial losses for victims. 3. Man-in-the-middle attack
• In which an attacker sits in the data flow of a communication, masquerading as the
2. Breach of Integrity: sender to the receiver, and vice versa. In a network communication, a man-in-the-
• In this type of violation, unauthorized modification of data occurs. Attackers tamper middle attack may be preceded by a session hijacking, in which an active
with data, often with malicious intent. communication session is intercepted.
• Such attacks can lead to various consequences, including passing liability to an innocent
party. For example, altering financial records could lead to legal problems for an
innocent party.
• Another concern is the modification of source code in critical applications, which can
have widespread consequences for an organization.

3. Breach of Availability:

72
 15.2 Program threats

Attackers often aim to create programs or manipulate existing ones to compromise the security of a
system. This is a common objective of malicious actors, often referred to as "crackers." A
"backdoor" is a hidden or unauthorized access point in a computer system or software application
that allows someone to bypass typical authentication and gain access to the system or data. Backdoors
are typically created intentionally by system administrators or developers for legitimate reasons, such
as for system maintenance or troubleshooting. However, when backdoors are used by unauthorized
individuals or entities, they become a significant security risk.

15.2.1 Trojan Horse:

• A significant security concern is the existence of Trojan horses. A Trojan horse is a segment
of code within a program that misuses its environment to create a security breach.
Levels of Security Measures • An example of a Trojan horse could be a text-editor program that secretly searches the file
you're editing for specific keywords. If found, the entire file may be copied to an area
1. Physical Security: accessible only to the creator of the text editor.
• This means securing the actual physical locations where the computer systems are stored. It
• A significant challenge with Trojan horses, especially on UNIX systems, is the existence of
includes data centers, machine rooms, and even terminals or workstations that have access to long search paths. These paths define the directories to search when an ambiguous program
these systems. name is given. If any directory in this search path is insecure, a Trojan horse could be
• The goal here is to protect against unauthorized entry by intruders. This may involve armed
introduced and accidentally executed.
security, surveillance, and secure access control to these areas. • For example, consider the use of the "." character in a search path, indicating the current
directory. If a user includes "." in their search path, and their current directory is compromised,
2. Human Security: they could unknowingly execute a program from the compromised directory. The program
• Authorization is a key element here. It's essential to carefully control and manage who has
would then run with the user's privileges, potentially leading to unauthorized actions like file
access to the system. deletion.
• However, even authorized users can sometimes be tempted or coerced into letting others use
their access. This could be due to bribes or other means. Additionally, users can be tricked into Variations and Defenses:
providing access through social engineering tactics. • Variations of the Trojan horse include emulating login programs to steal authentication keys
• Social engineering attacks like phishing involve deceiving users with legitimate-looking
and passwords, or spyware, which is often bundled with other programs to capture user
emails or web pages to trick them into revealing confidential information. Another tactic is information and communicate with central servers.
"dumpster diving," where attackers gather information from discarded materials, like trash, • Spyware can lead to unauthorized data transfer and even spam distribution from the user's
phone books, or notes containing passwords. machine.
3. Operating System Security: Principle of Least Privilege:
• The system must be able to protect itself from both accidental and purposeful security
• A fundamental security principle is the "principle of least privilege." This principle advocates
breaches. for users and programs to have the minimum privileges necessary to perform their tasks.
• Accidental breaches could include situations like a runaway process causing an unintentional
• Violations of this principle often occur due to human error, where users operate with more
denial-of-service attack. A query to a service might accidentally reveal passwords, or a stack privileges than necessary, or due to poor operating system design, which grants excessive
overflow could enable the launch of an unauthorized process. privileges by default.
• To address this, it's crucial for operating systems and software to offer fine-grained control of
4. Network Security: access and security while maintaining ease of management and understanding.
• Its about protecting data that flows over various network types, including private leased lines,
the internet, wireless connections, or dial-up lines. 15.2.2 Trap Door:
• Intercepting this data can be just as harmful as breaking into a computer system.
• Interruption of communications can constitute a remote denial-of-service attack, which can
significantly impact users' trust and their ability to use the system effectively.
73
 • A trap door, also known as a backdoor, is a security vulnerability intentionally left in software • Common vectors for virus transmission include email attachments (spam), downloading
or systems by its designer. This vulnerability allows only the designer, who knows the "key" infected programs from the internet, and exchanging infected disks.
or trigger, to exploit it.
• An example could involve the code checking for a specific user ID or password, allowing the Types of Viruses:
designer to bypass normal security procedures. This concept was depicted in the movie "War
Games." 1. File Viruses:
• These viruses infect a system by appending themselves to files. They change the start
Compiler-Based Trap Doors: of the program so that it jumps to the virus's code, executing it. Afterward, control
• An especially devious trap door could be included in a compiler. This compiler would generate returns to the original program, making the infection less noticeable.
standard object code along with a hidden backdoor, regardless of the source code being 2. Boot Viruses:
compiled. • Boot viruses infect the boot sector of a system and execute every time the system is
• This is particularly insidious because searching the source code of the program wouldn't reveal booted, before the operating system loads. They watch for other bootable media and
any issues. Only the source code of the compiler would contain the hidden information. infect them as well.
• Detecting such trap doors is challenging because it requires analyzing all source code
components of a system, which can be a monumental task for large software systems.

15.2.3 Logic Bomb:

• A logic bomb is a piece of code that initiates a security breach only under specific conditions.
It is challenging to detect because it doesn't create a security hole under normal circumstances.
• For instance, a programmer could write code to check if they are still employed. If this check
fails, a logic bomb could be triggered, leading to actions like spawning a remote access daemon
or causing damage to the system.

15.2.4 Stack and Buffer Overflow:

• Stack or buffer overflow attacks are one of the most common methods for an attacker to gain
unauthorized access to a system. It can be executed by someone outside the system, such as
over a network connection, or even by an authorized user for privilege escalation.
• This type of attack exploits a bug in a program, often arising from poor programming practices
like neglecting to code bounds checking on an input field.
• The attacker sends more data than the program expects, causing a buffer overflow. By
overwriting the return address on the stack with the address of the exploit code, they can
execute unauthorized commands.
• For example, if a web page form expects a username to be entered, an attacker could send the
3. Macro Viruses:
username along with extra characters to overflow the buffer, manipulate the return address on
• These viruses are written in high-level languages like Visual Basic and are triggered
the stack, and execute their own code.
when a program capable of executing macros runs.
• Microsoft Office files, like Word documents, can contain macros. Macros can run with
15.2.5 Viruses
few constraints under the user's account, potentially causing harm.
4. Source Code Viruses:
• A virus is a fragment of code embedded in a legitimate program. Viruses are self-replicating
• These viruses look for source code and modify it to include the virus, aiding in its
and designed to infect other programs, leading to various detrimental effects on a system.
propagation.
• The harm caused by viruses includes modifying or destroying files, system crashes, and
5. Polymorphic Viruses:
program malfunctions.
• Polymorphic viruses change each time they're installed to avoid detection by antivirus
• Unlike many other attacks, viruses are highly specific to architectures, operating systems, and
software. They change their signature, making detection challenging.
applications. This specificity means that a virus for one platform may not work on another.
6. Encrypted Viruses:
• PC users are particularly susceptible to viruses, while UNIX and other multiuser operating
• These viruses include decryption code along with the encrypted virus to avoid detection.
systems are generally more resilient due to the protection of executable programs from writing
They first decrypt and then execute.
by the operating system.
7. Stealth Viruses:
74
 •Stealth viruses modify parts of the system that could be used to detect them. For • Symmetric Encryption
example, they might alter the read system call to return the original code, not the • Asymmetric Encryption
infected one.
8. Tunneling Viruses: 15.4.1.1 Symmetric Encryption
• These viruses try to bypass antivirus scanning by installing themselves in the interrupt-
handler chain or device drivers. • Symmetric encryption is a foundational concept in modern cryptography.
9. Multipartite Viruses: • In symmetric encryption, the same key is used for both encryption and decryption,
• Multipartite viruses infect multiple parts of a system, making detection and containment necessitating the protection of key secrecy.
difficult. • This section delves into the principles and applications of symmetric encryption, using the
10. Armored Viruses: example of the Data Encryption Standard (DES) and the Advanced Encryption Standard
• Armored viruses are coded to be challenging to understand and can be compressed to (AES).
avoid detection and disinfection. The virus droppers and associated files are frequently
hidden using various techniques. Key Exchange in Symmetric Encryption
• Secure communication over an insecure channel involves key exchange.
The browser virus installed several back-door programs, including a keystroke logger, which records • Key exchange can occur directly between communicating parties or through a trusted third
everything entered on the keyboard (including passwords and credit-card numbers). It also installed party, like a certificate authority.
a daemon to allow unlimited remote access by an intruder and another that allowed an intruder to • The importance of safeguarding the key's secrecy is emphasized.
route spam through the infected desktop compute
Data Encryption Standard (DES)
15.4.1 Encryption • For several decades, DES was a widely used symmetric encryption algorithm in the United
States.
• Encryption is a fundamental concept in modern computing, serving various purposes in • DES operates by processing a 64-bit value with a 56-bit key through substitution and
communication security. permutation transformations.
• It secures messages, protects databases, files, and even entire disks from unauthorized access. • However, DES became insecure due to vulnerability to exhaustive key searches.
• DES remains in use, but a more secure variant, Triple DES, was introduced. Triple DES applies
Components of an Encryption Algorithm DES three times with two or three keys, resulting in a 168-bit effective key length.
• An encryption algorithm includes the following components:
• A set of keys (K).
Advanced Encryption Standard (AES)
• In 2001, the National Institute of Standards and Technology (NIST) introduced AES as a
• A set of messages (M).
replacement for DES.
• A set of ciphertexts (C).
• AES is a block cipher with key lengths of 128, 192, or 256 bits and operates on 128-bit blocks.
• Encrypting function (E: K → (M → C)): Generates ciphertexts from messages. E and
• AES is compact, efficient, and widely adopted.
Ek (for any k) should be computationally efficient. Ek often includes randomized
mappings. Securing Longer Messages
• Decrypting function (D: K → (C → M)): Produces messages from ciphertexts. D and • Block ciphers have a limitation in handling messages longer than their block size.
Dk (for any k) should be efficient. • Stream ciphers, like RC4, address this limitation by encrypting and decrypting streams of bytes
or bits.
Essential Property of Encryption • Stream ciphers employ pseudo-random bit generators (PRBGs) to produce a keystream, which
• A crucial property of encryption is that a computer can compute the original message from a is XORed with plaintext.
ciphertext (Ek(m) = c) only if it possesses the appropriate key (k). • RC4, a common stream cipher, has been used in various applications, including the WEP

• The key holder can decrypt ciphertexts, while others without the key cannot derive the
protocol for wireless LANs.
• However, RC4 has vulnerabilities and is considered breakable.
plaintext from ciphertext.
• This is vital for securing exposed ciphertext, such as messages sent over a network.
15.4.1.2 Asymmetric Encryption
Types of Encryption Algorithms Asymmetric encryption offers secure communication and enables anyone to send encrypted messages
• Two primary types of encryption algorithms are: to a recipient without the need for a secure key
75
Public Key Encryption: Asymmetric encryption is computationally expensive compared to symmetric encryption. It is not
In asymmetric encryption, also known as public-key encryption, two keys are used – a public key typically used for general-purpose encryption of large amounts of data. Instead, asymmetric
and a private key. The public key is made widely available for anyone to use, while the private key encryption is employed for encryption of small data sets, as well as for authentication, confidentiality,
is kept secret. With this approach, anyone can encrypt a message, but only the recipient with the and key distribution.
private key can decrypt it.
15.4.1.3 Authentication
RSA Algorithm:
• Authentication is the process of verifying the identity of a sender or ensuring that a message
The RSA algorithm, named after its inventors Rivest, Shamir, and Adleman, is the most widely used has not been modified. It complements encryption, which is primarily used to constrain the set
asymmetric encryption algorithm. It relies on the mathematical properties of large prime numbers. of potential receivers of a message.

RSA Keys: Components of an Authentication Algorithm

• Public Key (ke): Shared with the world • A set of keys, denoted as K.
• Private Key (kd): Kept secret • A set of messages, denoted as M.
• N: The product of two large prime numbers (e.g., 512-bit primes) • A set of authenticators, denoted as A.
• A function S: K → (M → A): For each key k in K, S(k) is a function that generates
Encryption (Eke,N): authenticators from messages(M). Both S and S(k) should be efficiently computable
functions.
The encryption algorithm in RSA is defined as follows: Eke,N(m) = m^ke mod N • A function V: K → (M × A → {true, false}): For each key k in K, V(k) is a function
for verifying authenticators on messages. Both V and V(k) for any k should also be
The ke value must satisfy: ke * kd mod (p-1)(q-1) = 1 efficiently computable functions.

Decryption (Dkd,N): Key Properties of authentication algorithms

The decryption algorithm is defined as follows: Dkd,N(c) = c^kd mod N • for a given message m, a computer can generate an authenticator a (from set A) such that V(k,
m, a) returns true only if the computer possesses the key k ie Vk (m, a)=true
Example: The key must be kept secret, and it should not be feasible to derive the key from the
authenticators.
We choose p = 7 and q = 13, resulting in N = 91 and (p-1)(q-1) = 72. We select ke (the public key) • Authentication can provide assurance that a message has not been modified and that the sender
as 5 and calculate kd (the private key) such that ke * kd mod 72 = 1, resulting in kd = 29. Now we possesses the key.
have our keys:
• Public key (ke, N): (5, 91) Hash Function
• Private key (kd, N): (29, 91)
A hash function (denoted as H(m)) is a mathematical function that takes an input message (m) and
Using these keys, we encrypt the message 69, resulting in the ciphertext 62. The recipient can then produces a fixed-sized block of data, which is commonly referred to as a message digest or hash
use the private key to decrypt the message. value. Hash functions are designed to work by splitting the input message into blocks and then
processing these blocks to generate an n-bit hash. H must be collision resistant
Publication of Public Keys:
Types of authentication algorithms
The process of utilizing asymmetric encryption begins with the publication of the recipient's public
key. For bidirectional communication, the sender must also publish its public key. This publication 1. Symmetric Key Authentication: This approach involves using a cryptographic checksum,
can be done electronically, and it's crucial to safeguard the private key as it can decrypt messages often known as a Message-Authentication Code (MAC), generated from the message using
encrypted with the matching public key. a shared secret key. MACs provide a way to securely authenticate short values. It can be used
to authenticate long messages by first hashing the message, generating the MAC, and then
Performance Considerations: verifying it. The same key k is used to compute both S(k) and V(k), making it important to
protect the secrecy of this key.

76
 2. Digital Signature Algorithm: Digital signatures, generated by a digital signature algorithm, on which a computer resides can seamlessly add a network monitor, allowing him to sniff, or
enable anyone to verify the authenticity of a message. The private key, often denoted as ks, is watch, all data being transferred on the network, including user IDs and passwords
used to sign the message, creating a digital signature. To verify the message, the public key • If passwords are difficult to remember or frequently changed, users may write them down,
(kv) is used. It should be computationally infeasible to derive the private key from the public reducing security.
key. • Sharing accounts is often prohibited for security reasons. Sharing makes it difficult to track
who was using an account during a security breach.
Authentication is a crucial component of security and has applications in ensuring non-repudiation,
• Passwords can be generated by the system or selected by users. System-generated passwords
where entities cannot deny their actions, and data integrity in various contexts, including electronic
may be hard to remember. User-selected passwords may be easy to guess.
forms and digital contracts.
• Some systems force users to change their passwords at regular intervals. However, this is not
15.5 User Authentication foolproof as users may switch between a small set of passwords. Some systems maintain a
password history to prevent reuse.
It involves verifying the identity of users attempting to access a system. Without effective user • In extreme cases, passwords are changed from session to session, making unauthorized access
authentication, verifying the source of messages or sessions is meaningless. more difficult to sustain.
• Frequent password changes can help detect unauthorized access as users will notice invalid
15.5.1 Passwords
passwords when they log in for the next session.
• The most common approach to authenticating a user's identity is through passwords.
• When a user identifies themselves with a user ID or account name, they are prompted for a 15.5.3 Securing Passwords
password.
• If the user-provided password matches the stored one, the system assumes it's the account • The difficulty of keeping passwords secret within a computer system is discussed.
owner. • The UNIX system uses secure hashing instead of encryption for password storage, making it
• Passwords are often used to protect computer system objects when more comprehensive
impossible to decrypt the stored value to determine the original password.
security measures are not in place.
• They can be thought of as a type of keys or capabilities, associated with specific resources like • Each user has a password, and the system employs a complex, non-invertible hash function
files. that encodes all passwords. Only encoded passwords are stored, ensuring that even if the
• Access to a resource is granted if the correct password is provided. encoded password is exposed, it cannot be decoded.
• Different passwords can be assigned for different access rights, such as reading, appending, or • The limitation of this method is that it loses control over passwords. Anyone with access to
updating files. the password file can run fast hash routines against it, potentially cracking passwords,
• In practice, most systems require only one password for full access, despite the theoretical especially if users choose easily guessable passwords.
benefits of multiple passwords. • To address this flaw, a "salt" (a recorded random number) is added to the hashing algorithm.
• The classic trade-off between security and convenience often leads to the use of a single The salt value prevents identical plaintext passwords from producing the same hash values,
password, as overly inconvenient security measures can be bypassed. making dictionary attacks less effective.
• Newer versions of UNIX store hashed password entries in a file accessible only by the
15.5.2 Password Vulnerabilities superuser. Programs that compare the hash to the stored value run with elevated privileges
(setuid to root), preventing other users from accessing this file.
• Passwords are widely used for user authentication because they are easy to understand and
• Many UNIX systems consider only the first eight characters of a password as
use. However, they are susceptible to various vulnerabilities.
significant. This highlights the importance for users to make the most of available
• There are two common ways to guess a password. One is using knowledge about the user,
password space.
such as using easily guessable information (like names of pets or spouses). The other is using
brute force, trying all possible combinations of valid password characters. Short passwords are • Users are advised to create strong passwords using a combination of upper and lower
particularly vulnerable to brute force attacks. characters, numbers, and punctuation marks. A recommended technique is to generate
• For example, a four-character password provides only 10,000 variations, making it relatively passwords from an easily remembered phrase, combining the first letters of each word.
easy to guess. Longer passwords with a mix of characters are more secure. • A more secure system would allow more characters in its passwords. Indeed, a system
• passwords can be exposed as a result of visual or electronic monitoring. An intruder can look might also allow passwords to include the space character, so that a user could create a
over the shoulder of a user (shoulder surfing) when the user is logging in and can learn the passphrase.
password easily by watching the keyboard. Alternatively, anyone with access to the network
77
15.5.4 One-Time Passwords

Paired Passwords:
• A system can use paired passwords to mitigate problems like password sniffing and shoulder
surfing.
• At the beginning of a session, the system randomly presents one part of a password pair, and
the user must provide the other part in response to the challenge.

Algorithmic Passwords:
• Algorithmic passwords are introduced as a means of preventing password reuse.
• In this system, the user and the system share a symmetric password (pw) that is never
transmitted but used as input to a function along with a challenge (ch).
• The user computes the function H(pw, ch), and the result is transmitted as the authenticator to
the system for authentication.
• This one-time password system enhances security and prevents improper authentication due
to password exposure.

One-Time Password Systems:

• Various implementations of one-time password systems exist.
• Commercial implementations often use hardware calculators with displays or numeric
keypads, which can resemble credit cards, key-chain dongles, or USB devices.
• Software running on computers or smartphones can provide users with the one-time password.
• A one-time password generator can involve two-factor authentication, combining "something
you have" (e.g., a hardware calculator) with "something you know" (e.g., a PIN).
Code Book or One-Time Pad:
• Another variation on one-time passwords involves using a code book or one-time pad, which
contains a list of single-use passwords.
• Each password on the list is used once and then marked as unusable.
• This method enhances security but requires careful protection of the code book.

Biometrics:
• Biometric measures, such as palm- or hand-readers, are used for physical access security, like
accessing data centers.
• Biometric readers match stored parameters against readings from hand-reader pads,
considering factors like temperature maps, finger length, width, and line patterns.
• Fingerprint readers have become more accurate and cost-effective and are likely to become
more common.
• Fingerprint readers convert finger ridge patterns into numeric sequences and compare them
with stored profiles.

Multifactor Authentication:
• Multifactor authentication can significantly enhance security.
• Strong authentication can be achieved by combining factors like a USB device, a PIN, and a
fingerprint scan.
• It is crucial to encrypt this information in transit to resist spoofing or replay attacks effectively.

78