Week 12 Flashcards
To be useful, CPU needs access to memeory and I/O devices. What are some of these devices?
Storage (SSD, Hard Drive)
GPU
Network Interface
Generally speaking, the more data needs to be transferred, the ____ device to the CPU and the faster the bus.
“closer”
What are the relative speeds of these?
Memory Bus (Proprietary)
General I/O Bus
Perpheral I/O Bus
Memory Bus (Proprietary): very fast
General I/O Bus: fairly fast
Perpheral I/O Bus: somewhat slow
Where do you usually place USB?
You place it in the peripheral I/O Bus. Since it is slower we can place it farther away.
Based on the modern view of architecture, how are CPUs and GPUs connected? How is memory shared?
CPUs/GPUs/coprocessors all connected to the same interconnection fabric.
All these computing units share access to the same memory.
What happens inside the OS/driver?
Typically, there is some form of communication protocol.
Simplest approach: polling
More efficient: Interrupt-based I/O
Even more efficient: Direct Memory Access (DMA)
What are the steps of Polling?
It’s the most basic approach.
Check device repeatedly until ready
Write data/commands to HW registers
Execute the command
Wait until the device is done
Simple but slow (and CPU heavy)
What are some key ideas of interrupt based I/O?
Hardware peripheral signals events with interrupt (new data received; command completed; etc).
CPU does not have to wait and can schedule other tasks (asynchronous I/O)
Better for long lasting I/O operations and/or slow devices
Short I/O works better with ______
polling
Completes almost immediately. No need for context switch overhead
very intensive I/O works better with polling. Why?
High frequency requests can overwhelm the CPU. Better to let data accumulate and poll infrequently.
What are some key idas behind Direct Memory Access (DMA)?
Requires an extra DMA controller.
Main CPU provides details of data movements.
The DMA controller takes care of copying data while the CPU does other stuff.
How does the OS talk to devices.
Historically, the 1st approach is to use dedicated hardware instructions.
More popular these days is memory mapped IO. Writing/reading from certain ranges of memory locations causes messages to be exchanged with certain peripherals.
There are many possible devices. Does the OS need to know how to talk to all of them.
No. In general the OS will support generic interfaces/standards for communicating with a class of devices.
A specialized component will provide translation between the generic interface and the actual protocol used by the device.
That component is called the driver.
What is a threat model?
A description of the threat that affects a system, and the requirements in regards to those threats.
In regards to OS security, we worry about an attacker that may want to do 3 things.
- Gain access to sensitive/protected data and resources
- Modify protected data/resources
- Prevent the system from functioning correctly.
Explain the following properties.
Confidentiality
Integrity
Availability
Confidentiality: preventing information from being accessed by unauthorized parties.
Integrity: preventing unauthorized parties from modifying protected data or faking the provenance of data.
Availability: preventing unauthorized parties from disrupting the functioning of the system and making it unavaliable.
What do these guiding mechanisms do?
Keep it simple
Principle of least privilege
Keep it simple: it is a good idea to prefer simple solutions (as long as they work.) as they are easier to get and keep right.
Follow the principle of least privilege: give any entity (users, processes mostly) the smallest amount of privleges (capabilities) necessary to perform a task.
* Minimizes the risk that malicious actors will abuse privileges
* Minimizes the risk of accidental mistakes (a user copying files while holding admin rights may destroy the disk’s content).
What do these mechanism do?
virtual memory
access control
virtual memory also prevents processes from accessing and modifying other processes’ memory or crashing them by corrupting their in memory data.
Access control: systems are used to determine if processes/users have the right to access certain resources and how they are allowed to use them.
What is a security policy?
In general it is a precise, actionable definition of the actions that various entities are allowed to take on resources.
What is authentication?
The process necessary to acquire credentials to perform actions on objects.
What are these terms?
Principal:
Agent:
Object:
Credential:
Principal: the entity requesting an operation.
Agent: entity carrying the operation on behalf of a principal
Object: resource to which access is being requested
Credential: state describing whether access should be given (e.g., file permissions)
Authentication can be seen as the process necessary to acquire credentials to perform actions on objects.
What is an identity?
Sometimes identity can be associated to other notions such as groups of users.
Apps can also represent identities.
Modern OS’es associate an identity to a user (principal), and then associate that identity to all agents (processes) acting on behalf of that user.
How is a user identified.
They are identified by a UID.
Each process is associated with the UID
What is the false positive/flase negative tradeoff?
The more an authenticator is likely to accept the right user, the more i is likely to accept other users too.
(false positive, or type-1 error)
The more an authenticator is likely to reject the wrong user, the more likely it is to reject the right user too.
