- Single Tasking System
- Only one program can perform at a time
- Simple to implement, Only one process attattempting use resources
- Few security risks
- Poor utilization of the CPU and other resources
- i.e., MS-DOS
- Multi Tasking System
- Very complex
- Serious security issues, how to protect one program from another sharing the same memory
- Much higher utilization of system resources
- i.e., Unix, Windows NT
- OS must protect itself from users -reserved memory only accessible by OS. The operating system is responsible for allocating access to memory space and CPU time and peripherals etc., and it will control dedicated hardware facilities to help it enforce whatever resource allocation policies are in force:
- The memory controller, unremarked when it appeared in the basic computer ororganizationis under operating system control to detect and prevent ununauthorizedccess
- A timer will also be under operating system control to manage CPU time allocation to programs competing for resources
- OS may protect users from another user. A fundamental requirement of multiple users of a shared computer system is that they do not interfere with each other. This gives rise to the need for separation of the programs in terms of their resource use and access;
- If one program attempts to access main memory allocated to some other program, the access should be denied and an exception raised
- If one program attempts to gain a larger proportion of the shared CPU time, this should be prevented
- One approach to implementing resource allocation is to have at least two modes of CPU operation, where one mode called the supervisory mode has its code kept in a reserved memory region, and to limit execution of special resource allocation instructions to only the program executing in the supervisory mode.
- Modes of operation
- supervisor (protected, kernel) mode: all (basic and privileged) instructions available.
- all hardware and memory available
- mode the OS runs in
- never let the user run in supervisory mode
- user mode: a subset (basic only) of instructions.
- limited set of hardware and memory available
- mode all user programs run in
- I/O protection, all I/O operations are privileged
- Memory protection, base/limit registers (in early systems), memory management unit, MMU (in modern systems)
- CPU control, timer (alarm clock), context switch
- All I/O instructions are restricted to supervisory mode - so user programs can only access I/O by sending a request to the (controlling) operating system
- All instructions controlling the memory management unit are restricted to supervisory mode - so user programs can only access the memory that the operating system has allocated
- All instructions controlling the timer (or real-time clock) are restricted to supervisory mode - so user programs can only read the time of day, and can only have as much CPU time as the operating system allocates
- All interrupt vector table entries, which are specific to each task or program that can run, must be configured (initially at least) by the (controlling) operating system
- One of the early advantages of UNIX operating systems was that a well defined set of system calls was developed to allow a programmer to request access to system resources.
Cem Ozdogan
2004-03-06