Embed Size (px)
Citation preview
http://codeschool.org/This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.
Unix system calls (part 1)
• history and usage of Python• basic data types and the type hierarchy• syntax• modules and variable scopes
http://codeschool.org/This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.
Unix system calls(part 1)
http://codeschool.org/This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.
This is one part of a larger series. You may need to view previous parts to understand this material.
It’s a Unix system!
System V BSD
1980’s
Linux Mac OS X
FreeBSD, OpenBSD
today
POSIX (Portable Operating System Interface for Unix)
SUS (Single Unix Specification)
Process C
Process B
kernel
Process A
jump to system call code via special instruction
RAM
0x76 00 00 00system call 0
0x20 15 10 00system call 1
0x82 87 95 94system call 2
0xA2 22 00 10system call 3
0xFF 31 21 14system call 4
0xFF 31 01 11system call 5
0xFF 90 44 44system call 6
0xFF 31 01 11system call 7
… …
stack
code
heap
heap
heap
kernel code pages only accessible in system calls
jump to system call code via
special instruction
frame of main
frame of cat
frame of dog
frame of fishstack space
frame of syscall
created
waiting running
blocked
terminated
• processes• files• networking sockets• signals• inter-process communication• terminals• threads• I/O devices
ssize_t read(int fd, void *buf, size_t count);
ssize_t read(int fd, void *buf, size_t count);
read(fd)
process:address spaceuser idsfile descriptorsenvironmentcurrent and root directory
stack
heap
code
heap
stack
code
initialized data
heap
heap
kernel code
uninitialized data
global variables with initial values
global variables without initial values
stack
code
initialized data
heap
heap
kernel code
uninitialized data
a.k.a. the “text”
global variables with initial values
global variables without initial values
starts empty, grows automatically
explicitly allocated during execution
mmap(‘memory map’ pages to the process address space)
munmap(‘memory unmap’ pages from the process address space)
mmap(‘memory map’ pages to the process address space)
munmap(‘memory unmap’ pages from the process address space)
address = mmap(5000)… # do stuff with memory at addressmunmap(address)
stack
code
initialized data
heap
heap
kernel code
uninitialized data
heap
heap
mmap fails when not enough space
garbage collection
if fork() == 0: … // new (child) processelse: … // original (parent) process
RAM
byte 0
byte n
HD
stack
heap
code
heap
fork
stack
heap
code
heap
RAM
byte 0
byte n
HD
stack
heap
code
heap
fork
stack
heap
code
heap
RAM
byte 0
byte n
HD
stack
heap
code
heap
fork
stack
heap
code
heap
RAM
byte 0
byte n
HD
stack
heap
code
heap
write
fork
stack
heap
code
heap
RAM
byte 0
byte n
HD
stack
heap
code
heap
copy
write
fork
stack
heap
code
heap
exec
code
exec
(executable)
if fork() == 0: // new (child) process exec(‘/games/pong’)else: … // original (parent) process
pid 1 (init)
pid 85 pid 17
pid 24pid 230
pid 104
pid 34
pid 50
_exit(terminate the process)
_exit(0)
wait(block the process until child process terminates)
pid = fork()if pid == 0: // new (child) process exec(‘/games/pong’)else: // original (parent) process code = wait(pid)
TERM=xtermSHELL=/bin/bashUSER=greysMAIL=/var/mail/ted PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/binPWD=/home/tedEDITOR=vim
name=value
pid 1 (init), user 0
pid 85, user 8 pid 17, user 4
pid 24, user 33pid 230, user 8
pid 104, user 33
pid 34, user 4
pid 50, user 4
user accounts:
/etc/passwd
user accounts:
/etc/passwd
superuser/root = user id 0
privileged to do anything it wants
each process has three user ids:
each file and directory is owned by a single user
“real” id:the owning user
“effective” id:determines privileges
“saved” id:set by exec to match the effective id
exec (sets effective and saved ids when binary file has setuid bit)
exec (sets effective and saved ids when binary file has setuid bit)
seteuid (sets effective user id)
setuid (sets real, effective, and saved user ids)
exec (sets effective and saved ids when binary file has setuid bit)
seteuid (sets effective user id)
setuid (sets real, effective, and saved user ids)
non-superuser can only directly set effective id to match the real or saved id
pid 1 (init), user 0
pid 3 (shell), user 1780
pid 2 (login), user 0
pid 1 (init), user 0
pid 3 (shell), user 1780
pid 2 (login), user 0
fork, exec
pid 1 (init), user 0
pid 3 (shell), user 1780
pid 2 (login), user 0
fork, exec
fork, setuid, exec
user groups:
/etc/group
• user may belong to multiple groups but has one “primary” group• each file and directory is owned by one group• each process has a real, effective, and saved group id• binary files have setgid bit• setegid and setgid
rwx rwx rwxuser group other
rwx rwx rwxuser group other
if file_user_id == effective_user_id:user class
else if file_group_id == effective_group_id:group class
else:other
file permissions:read: can read bytes of filewrite: can modify bytes of fileexecute: can exec file
directory permissions:read: can get names of fileswrite: can add/remove/rename filesexecute: can use in file paths
directory permissions:read: can get names of fileswrite: can add/remove/rename filesexecute: can use in file paths
/adams/taft/garfield/eisenhower
directory permissions:read: can get names of fileswrite: can add/remove/rename filesexecute: can use in file paths
/adams/taft/garfield/eisenhower/adams/taft/ (OK)
r-xr-xr-xrw-r-----r-x--x--xrwx------
/adams/lincoln/adams/cleveland/roosevelt/fillmore
rwx rwx rwxuser group other
dr-xrw-r-x /adams/
rwx rwx rwxuser group other
http://codeschool.org/
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.
