Kernel 1: Processes, isolation, robustness

Overview

We clean up some assembly topics not reached yet. Then, in this first lecture in the kernel unit, we introduce the goals of operating systems and introduce our tiny operating system.

Full lecture notes on kernelTextbook readings

The price of passing arguments

No-ops

Calling convention and red zone

Typical stack frame layout

Stack frame with base pointer

System instructions: Debugger

System instructions: System call

System instructions: The ultimate attack

What is behind these mysteries?

The kernel

Goal: Process isolation

Goal: Kernel isolation

Process isolation’s consequences for hardware design

Exception: Some experimental systems have fully-trusted source code chains, where, for example, the compiler has been proven correct, and all code running on the machine passes through the trusted compiler. In these systems, it’s theoretically possible to implement process isolation without hardware support.

Some processor features we’ll investigate

Why learn about kernels?

Alice and Eve in WeensyOS

WeensyOS commands

Emulation

Eve attacks

        if (n % 1024 == 0) {
            console_printf(CS_YELLOW "Hi, I'm Eve! #%u\n", n);
            while (true) {}
        }
obj/p-eve.asm
  140046: 89 de                 mov    %ebx,%esi
  140048: be 6d 0c 14 00        mov    $0x141171,%edi
  14004d: b8 00 00 00 00        mov    $0x0,%eax
  140052: e8 10 10 00 00        callq  141067 <console_printf(char const*, ...)>
  140057: 90                    nop
  140058: eb fe                 jmp    140058 <process_main()+0x58>    ; ****

Defending against processor time attack

Voluntary vs. involuntary privileged control transfer

Booting: How a computer starts up

  1. Computer turns on
  2. Built-in hardware initializes the system
  3. Built-in hardware loads a small, extremely constrained program called the boot loader from a fixed location on attached storage (Flash memory, disk)
  4. Boot loader initializes the processor and loads the kernel