Input and Output

Introduction
• 4 main parts that make up computer
1. Processor
2. Memory
3. File system
4. Input and Output
• I/O device and actions are slow compared to
the other 3 parts
• Wide variation in nature of I/O devices.
Operating System must find way of dealing
with this.
 Simple Computer

The organization of a simple computer with

one CPU and two I/O devices
 I/O Characteristics
Characteristic Examples

Data Rate Disk: 2Mb/s

Keyboard: 10 – 15 bytes/s
Unit of Transfer Disk: blocks of 512, 1024 bytes
Screen: single characters
Operations Disk: read, write, seek etc
Printer: write, move paper
Error Conditions Disk: Read errors
Printer: paper out
 Objectives of I/O System
• Efficiency – maintain devices operating at the
highest possible rate doing useful work

• Device independence – we don’t care how

system works so long as it does it’s job.
Example we don’t care how printer is designed
or what rollers cogs etc it has. When we go to
file and print we want it to produce a printer
page.
 Structure of I/O System
Operating System

Input-
Device
Application Output Device Device
Controller
Program Control Driver (hardware)
(hardware)
System

System
I/O Bus
Calls

Structure of I/O System

I/O Control
NIC Driver
System Device
Controller
(hardware)
Windows/Unix Operating System

Practical Example
 Block and Character devices
• Two main types of I/O devices
– Block devices are complicated, character are
relatively simple.
– Block: Hard Disk, Floppy Disk
– Character: Printer, Network Card

– Block: transfers blocks of data at a time

– Character: transfer single character at a time
 Device Driver

• Defination :- Device driver or software driver is a

computer program allowing higher-level computer
programs to interact with a hardware device.

• A driver typically communicates with the device

through the computer bus or communications
subsystem to which the hardware connects.

• Drivers are hardware-dependent and operating-

system-specific. They usually provide the interrupt
handling required for any necessary asynchronous
time-dependent hardware interface.
 Why a Device Driver?

• A device driver is usually part of the OS kernel

– Compiled with the OS
– Dynamically loaded into the OS during execution.

• Each device driver handles

– one device type (e.g., mouse)
– one class of closely related devices (e.g., SCSI disk driver to handle multiple disks of
different sizes and different speeds.).

• A device driver simplifies programming by acting

as translator between a hardware device and the
applications or operating systems that use it.

• Programmers can write the higher-level

application code independently of whatever
specific hardware device.
 Functions in Device Drivers
• Accept abstract read and write requests from the device-
independent layer above.
• Initialize the device.
• Manage power requirements and log events.
• Check input parameters if they are valid.
• Translate valid input from abstract to concrete terms
– e.g., convert linear block number into the head, track,
sector and cylinder number for disk access.
• Check the device if it is in use (i.e., check the status bit).
• Control the device by issuing a sequence of commands.
The driver determines what commands will be issued.
 Device Controllers
• Device controller is hardware unit which is attached to
the I/O bus of the computer and provides a hardware
interface between the computer and the I/O device itself.
• Example ISA or PCI slot in PC, keyboard or mouse port.
 Device Controllers
• Each device controller maintains a set of device registers:
– command registers (write-only);
– status registers (read-only);
– data registers (read/write).
• The CPU can access those registers through special I/O instructions
(in/out in Intel assembler) or via memory mapping.
• Memory mapping is handled by the memory controller and is usually
faster than explicit I/O instructions.
• When interacting with a device controller, the CPU can wait for a
response by polling the status register(s), i.e., by periodically
checking whether the status of the device has changed.
• Problem with polling: The CPU is busy waiting for some
event to happen.
• CPU utilization will be low.
• Solution: Interrupts. Used by devices for asynchronous
event notification. When an interrupt is fired, the CPU
jumps to a predefined position in the kernel's address
space and executes an interrupt handler.
• When an interrupt occurs, the CPU can start reading
data from the device controller's data registers
 Interrupts Continued

How interrupts happens. Connections between devices and

interrupt controller actually use interrupt lines on the bus
rather than dedicated wires
 Direct Memory Access (DMA)
• CPU utilization can be improved even further by
allowing a device controller to transfer data
from/to main memory without any involvement of
the CPU.
• This is called direct memory access and is used
by all modern hard drives (but also sound
controllers, network cards, ...).
• The CPU initiates the data transfer, but can do
other things while the transfer is taking place.
CPU utilization is increased.
 Direct Memory Access (DMA)
• Most computer systems use DMA
• This enables much faster data rates
• The I/O device can access memory
directly
• Processor only involvement is in initiating
the transfer after that device accesses
memory directly
 Direct Memory Access (DMA)
• Figure 3-4. Operation of a DMA transfer.

Operation of a DMA transfer

 Chapter 14: Protection
• Goals of Protection
• Principles of Protection
• Domain of Protection
• Access Matrix
• Implementation of Access Matrix
• Access Control
 Goals of Protection
• Operating system consists of a collection of
objects, hardware or software
• Each object has a unique name and can be
accessed through a well-defined set of
operations
• Protection problem - ensure that each object is
accessed correctly and only by those
processes that are allowed to do so
 Principles of Protection
• Guiding principle – principle of least privilege
– Programs, users and systems should be
given just enough privileges to perform their
tasks
 Access Matrix
• View protection as a matrix (access matrix)
• Rows represent domains
• Columns represent objects
• Access(i, j) is the set of operations that a
process executing in Domaini can invoke on
Objectj
Access Matrix
 Use of Access Matrix (Cont)
• Access matrix design separates mechanism from policy
– Mechanism
• Operating system provides access-matrix + rules
• If ensures that the matrix is only manipulated by
authorized agents and that rules are strictly
enforced
– Policy
• User dictates policy
• Who can access what object and in what mode
 Access Control
• Protection can be applied to non-file resources
• Solaris 10 provides role-based access control (RBAC) to
implement least privilege
– Privilege is right to execute system call or use an
option within a system call
– Can be assigned to processes
– Users assigned roles granting access to privileges
and programs
 The Security Problem
• Security must consider external environment of the
system, and protect the system resources
• Intruders (crackers) attempt to breach security
• Threat is potential security violation
• Attack is attempt to breach security
• Attack can be accidental or malicious
• Easier to protect against accidental than malicious
misuse
 Security Violations
• Categories
– Breach of confidentiality
– Breach of integrity
– Breach of availability
– Theft of service
– Denial of service
• Methods
– Masquerading (breach authentication)
– Replay attack
• Message modification
Standard Security Attacks
 Security Measure Levels
• Security must occur at four levels to be effective:
– Physical
– Human
• Avoid social engineering, phishing, dumpster
diving
– Operating System
– Network
• Security is as weak as the weakest link in the
chain
 Program Threats
• Trojan Horse
– Code segment that misuses its environment
– Exploits mechanisms for allowing programs written by users to be executed by
other users
– Spyware, pop-up browser windows, covert channels
• Trap Door
– Specific user identifier or password that circumvents normal security
procedures
– Could be included in a compiler
• Logic Bomb
– Program that initiates a security incident under certain circumstances
• Stack and Buffer Overflow
– Exploits a bug in a program (overflow either the stack or memory buffers)