OS, CPU, Memory, Buffer Overflow... oh my! Flashcards
Give a basic overview of how OS system works.
BASIC: OS kernel is intermediary between hardware and user. It “talks” to CPU, memory, disk storage, display, network.
Process Management: It also manages the processes (allocates CPU time to each process so multiple processes can run at once).
Memory Management: Ensures each process’s memory doesn’t inerfere with each other (virtual and physical- RAM).
File System Management: Organizes data, manages disk space, controlls access to files.
AKA: The master communicator/intermediator between all of these processes/components on a computer. High potential for security vulnerabilities.
Give a high-level overview of how the CPU works.
Comparable to the “brain” of the computer to execute program instructions + perform tasks. CPU contains registers that store important memory addresses during the runtime of a program.
EIP Register
Very important register that contains the memory address for what code to execute next. Repeated: 1) fetch instruction in EIP, 2) execute that instruction, 3) increment or update EIP
What does the MMU do? Why is it important?
Each memory access a program wants to make goes through the MMU. It translates virtual->physical memory addresses and ensures each process has its own individual memory space
What is the CPL?
= Current Privilege Level on a scale of 0-3. 0 = kernel, will execute any instructions, 3 = will only execute a subset of instructions.
Permissions: Kernel vs Non-Kernel
CPL=0=kernel permissions allows: direct access to any addresses, changes to any register, changes to any MMU, can also change CPL level
CPL=3 permissions : no direct access to MMU, nor changes to many registers, nor changes to internal state of MMU, nor changing CPL level
What is a process?
Data structure managed by the kernel (its own space in MMU, own registers). When begins, kernel loads values, sets CPL=3, and loads EIP addr to turn over CPU control to this process.
Explain how the memory, Kernel and MMU interact
A few key points:
- Kernel will allocate virtual address space to each proces
- Kernel marks virtual addresses as “read only”/”do not execute” aka, the EIP is not allowed to point here
- When the CPU tries to read one of these non-allowed access addresses = segfault
- Kernel configures memory permissions: R/W/E memory to process 1, R/E to libc
How does a process with CPL=3 permissions execute certain priviliged actions?
Via syscalls! They are specific instructions that will switch CPL=0 and then execute certain actions, then switch CPL=3 after.
What is an Access Control System?
This is a type of policy created. It defines subjects, objects, verbs and then creates corresonding yes/no to these SOV combos
Access Control Matrix, Access Control List (ACL), Capability
Objects x Subjects, at each point in the matrix exists the set of actions they can do. ACL is a row in this matrix. Quickly defines “who can access this object”. Capability is the other row of the matrix. It answers “what objects can this subject access”
What is a reference monitor? What is the flow of using a reference monitor
1) subject requests permissions of an object
2) reference monitor checks if correct permissions based on the list of policies
3) Subject either is permitted or not permitted access
What are the 3 main requirements of a reference monitor? Are they all feasible?
1) tamper-proof
2) always invoked (also not circumventable)
3) verifiable- aka the system should be as simple and small as possible in order to be easily analyzed and prove correctness
These are very difficult to meet all of them in practice
What is UNIX system known for? When was it created?
An OS system created in 1970s. Designed to be SIMPLE!! (small programs)
How is SOV defined in Unix?
Subjects: Users (UID), Processes (PID)
Objects: Files, directories, memory segments (also: Access control information, processes, users?)
Verbs: For files- Read, write, execute; for processes- kill, debug; for users- delete, change groups
How are users defined in UNIX?
Identified by UID, each user belongs to groups = GID
How do you change user/group owner of a file in UNIX?
chown = change owner, chgrp = change group
Explain the UGO Model
This is a simple set of 12 bits to represent file permissions in unix. 3 bits per user/group/other for read, write, execute permissions. 1 bit to set if directory, 3 special bits (setuid, setgetid, t-bit)
What does the heierarchy look like when a user u tries to access a file?
1) if the u is the owner, use owner permissions
2) If the u is not the owner but in the same group, use group permissions
3) else, use “other” permissions
What is the “root” user?
- they are the administrator account, UID = 0
- Allowed to have all permissions for all files, processes, etc
How do you access the root powers? What design principle(s) does this follow?
Root is not initially set to be logged in. USE sudo to access root permisisons. This follows the least permissions and isolated compartments design principles
How do process owership and permissions work in UNIX? (3 UIDS) and how do you change these permissions?
- Real UID = real UID of process
- Effective UID = permissions-granting changes to display permissions
- Saved UID = similar to “temp” variable to store the UID when switching from real-> effective
Use setuid from syscall to change the UID.
What is the basic overview of memory layout for a process in Linux? (6 main components)
Stack and heap are most important here. Others not super important but be familiar with them
.text: the machine executable code
.data: global initialized static variables
.bss: global UNinitialized variables
heap: dynamically allocated memory (home to syscall)
stack: stores all local variables + function call info
env: environment variables
What does the EIP register do?
the instruction pointer; contains address in memory for what code will be executed next
