The OS Structure, User & Kernel Mode, Interrupts

Operating System Structure

OS Hierarchy

Kernel: Minimal set of functions necessary to manage system resources safely and efficiently.

The OS Hierarchy:

Applications and System Software
General Libraries
System Call Libraries
OS Kernel

Remember: Applications and System Software can use abstractions like library functions or just invoke kernel functions directly via supervisor calls.

System Programs

System Programs: Provide convenient environment for program development and execution.

Ranges in complexity (anything from simple interfaces, system calls, or complex programs like a compiler)

Common Operating System Structures

The following are some different operating system structures.

In the modern day, operating systems do a hybrid of these techniques.

MS-DOS (Simple)

Written to provide the most functionality in the least space.

Interfaces and levels of functionality not well-separated, structured, or defined.

Problems with MS-DOS — Application programs have direct access to device drivers.
Poor security due to unprotected layers.
Results in errors and crashes that can’t be caught by the OS.

UNIX (Monolithic)

Two separable parts, created by limited hardware.

System Programs
The Kernel (everything below system-call interface and above physical hardware)
- Monolithic kernel.

Problems with UNIX — In a monolithic kernel, one breakage could break everything.
Also, maintenance and debugging cost increases.

Layered Approach

Operating system divided into layers.

Layer N is user interface, layer 0 is hardware.
Each layer only uses services of lower-level layers.

Examples — Windows NT, XP, Vista

Problems with Layered — How do you order layers?
Does memory management layer go above or below security? What about I/O? Why?
Functions can invoke multiple services (e.g., reading a file invokes I/O layer and then memory layer; but writing a file would invoke memory layer and then I/O layer; making optimal layer ordering challenging)

Microkernel (Small)

Implements only the essential functions (e.g., communication, memory management, CPU scheduling) rather than monolithically.

Other services (e.g., application programs, file system, device drivers) are implemented in user mode.

Examples — macOS mach

Problems with Microkernel — Efficiency issues from constantly dipping into the kernel for essential functions
Flipping mode bit over-and-over introduces efficiency issues.

Modules

Modules: Many operating systems implement loadable kernel modules.

Closest similarity is layered, but it’s more flexible.

Examples — Linux, Solaris

CPU Modes and Protection

User v.s. Kernel Mode

We divide the CPU instruction set into two sets:

Privileged
Non-Privileged

The CPU can operate in two modes (mode bit):

Kernel Mode: Privileged and non-privilege instructions allowed.
User Mode: Only non-privileged instructions allowed.

Why? — Accessing I/O devices, control registers, etc. is risky for security, so we only let the kernel do it.

Example: Transitioning from user mode to kernel mode

User Process:

User Process Executing
Call System Call

trap mode bit = 0

Kernel:

Execute System Call

return mode bit = 1

User Process:

Return from system call

Remember — User space and kernel space are separate and protected, but a single user process can operate in both.

Mode Transition: System Calls

System Calls and Supervisor Calls

System Call: A higher-level library function.

Eventually makes a supervisor call.

Supervisor Call: Lower-level privileged instruction that automatically transfers execution control to a well-defined location in the kernel.

Definitions:
Privileged: The call switches the CPU to kernel mode via the mode bit, and
Well-Defined Location: The function isn’t specified by an address, but indirectly via an index into a branch vector.
This prevents a call from branching to arbitrary locations within the kernel.

Remember: Changing the mode bit of the CPU from user \to kernel mode can only be done by a privileged instruction.
Going the other way is not restricted.

System Call Implementation

System calls can be:

Defined in the main body of the kernel, or
Loaded in main memory

Typically a system call number is associated with each system call.

The indexing is maintained by the system-call interface.
Used to look up the address of the corresponding kernel function in a system call table (branch vector).

Why a System Call Number? — This enforces the “well-defined location” rule. The user process provides the index and can’t jump to arbitrary addresses in the kernel.

System-Call Interface:

Invokes intended system call in kernel and returns status and any return values.
Caller know nothing about implementation. Details are hidden.
Caller only needs to obey API.

More on Branch Vector:

Branch Vector: A data structure that contains a list of function addresses pointing to specific kernel routines.

e.g., index 0 might point to sys_read(), index 1 to sys_write()
User programs can only make system calls with the index, which controls entry points.

Analogy: Restaurant Menu
The system call can only order item #1, #2, #2, etc. off the menu, and cannot reach into the kitchen and give dangerous orders like “give me whatever is in pot #7”.

Passing Parameters to the Kernel

Three methods to pass parameters to system calls:

Registers: Put data right into registers.
- Simplest.
Block/Table in Memory: Put address of table/array/list in register.
- Most-common.
Stack in Memory: Push parameters to stack, let kernel pop them off.

Why? — Storing in memory (block or stack) allows us to avoid limits like having limited registers.

Types of System Calls

Six major categories of system calls:

Process Control
File Manipulation
Device Manipulation
Information Maintenance
Communication
Protection

Interrupts and Traps

Interrupt: Event that diverts current execution of a program to respond to an event.

Triggered by a hardware signal sent to the CPU from an external device.
aka: external interrupt

Trap: An interrupt triggered by the currently-executing instruction.

aka: internal interrupt

Remember — Interrupts (internal and external) stop the execution of the current process, save the state of computation, and transfer control to the kernel.

Example: Interrupts and Traps Overview

Two Most-Common Uses of Interrupts:

An I/O device signals to the OS the completion of an I/O operation.
Implementation of time-sharing CPU among multiple concurrent computations (interrupt generated by countdown timer).

Examples of Traps:

Dividing by zero, executing an invalid opcode, causing arithmetic overflow.
Executing a supervisor call, not because it’s an error, but in order to transfer control to the kernel.

Example: System Call with Multiprogramming without Timesharing

Suppose two applications, Application 1 and Application 2

Application 1 wants to call system call S(), which triggers an I/O operation.
Application 2 only want to do some simple arithmetic.

The first trap occurs when switching the CPU from user mode to kernel mode.

Why? — Application 1 wants to call S() \to Supervisor Call \to TRAP

Now in the kernel, the kernel will:

Start slow I/O, and
Block app

This is so that the CPU can move onto application 2 while the I/O device works.

An interrupt is generated by the I/O device once it is finished.

At this point, the kernel can wake up Application 1 and the CPU can go back.

Interrupt Handler

Interrupt Handler: Kernel function invoked whenever an interrupt occurs.

Determines cause of interrupt and invokes appropriate kernel function to respond.
Once finished, state of interrupted computation is restored and control is returned