Hardware Protection

Dual-Mode Operation

I/O Protection

Memory Protection

CPU Protection

 

Dual-Mode Operation

 

Sharing system resources requires operating system to ensure that an incorrect program cannot cause

other programs to execute incorrectly. Provide hardware support to differentiate between at least two

modes of operations.

 

   1. User mode – execution done on behalf of a user.

   2. Monitor mode (also kernel mode or system mode) – execution done on behalf of operating system.

 

Mode bit added to computer hardware to indicate the current mode: monitor (0) or user (1).

When an interrupt or fault occurs hardware switches to monitor mode.

Privileged instructions can be issued only in monitor mode.

 

 

            

 

I/O Protection

 

All I/O instructions are privileged instructions. Must ensure that a user program could never gain control

of the computer in monitor mode (I.e., a user program that, as part of its execution, stores a new address in the interrupt vector).

 

Use of A System Call to Perform I/O

 

            

Memory Protection

 

Must provide memory protection at least for the interrupt vector and the interrupt service routines. In order to have memory protection, add two registers that determine the range of legal addresses a program may access:

Base register – holds the smallest legal physical memory address.

Limit register – contains the size of the range Memory outside the defined range is protected.

 

Use of A Base and Limit Register

 

             

 

Hardware Address Protection

 

      

 

Hardware Protection

When executing in monitor mode, the operating system has unrestricted access to both monitor and user’s memory. The load instructions for the base and limit registers are privileged instructions.

  

CPU Protection

 1.Timer – interrupts computer after specified period to ensure operating system maintains control.

 2.Timer is decremented every clock tick.

 3.When timer reaches the value 0, an interrupt occurs.

Timer commonly used to implement time sharing.

Time also used to compute the current time.

Load-timer is a privileged instruction.

 

Network Structure

Local Area Networks (LAN)

Wide Area Networks (WAN)

 

Local Area Network Structure

 

        

    

Wide Area Network Structure

 

           

 

                                                                                                                                                                                                                  BACK