index [] · anonymous access, 529 anonymous memory, 484 anonymous pipes, 143–145 apcs, see...
TRANSCRIPT
10BaseT Ethernet, 74850-percent rule, 363100BaseT Ethernet, 748
A
absolute code, 354absolute path names, 522abstract data type, 506access:
anonymous, 529controlled, 534file, see file access
access control, in Linux, 822–824access-control lists (ACLs), 534, 832access matrix, 632–636
and access control, 639–640defined, 632implementation of, 636–639and revocation of access rights, 640–641
access rights, 628, 640–641accounting (operating system service), 57accreditation, 699ACLs (access-control lists), 534, 832ACPI (advanced configuration and power
interface), 862Active Directory (Windows 7), 875acyclic graph, 523acyclic-graph directories, 523–525adaptive mutex, 235additional-reference-bits algorithm, 418additional sense code, 608additional sense-code qualifier, 608address(es):
defined, 593Internet, 752linear, 385logical, 355physical, 355virtual, 356
address binding, 354–355address resolution protocol (ARP), 760address space:
logical vs. physical, 356virtual, 398–399, 805–806
address-space identifiers (ASIDs), 374address space layout randomization
(ASLR), 832administrative complexity, 769admission-control algorithms, 286advanced configuration and power interface
(ACPI), 862advanced encryption standard (AES), 677advanced local procedure call (ALPC), 135,
854advanced technology attachment (ATA)
buses, 469advisory file-locking mechanisms, 509AES (advanced encryption standard), 677affinity, processor, 280aging, 271, 760–761allocation:
buddy-system, 436–437of disk space, 553–561
contiguous allocation, 553–555indexed allocation, 557–559linked allocation, 555–557and performance, 560–561
equal, 423as problem, 514proportional, 423slab, 437–439
ALPC (advanced local procedure call), 135,854
AMD64 architecture, 387Amdahl’s Law, 167AMD virtualization technology (AMD-V),
720analytic evaluation, 300Android operating system, 85–86anomaly detection, 692
911
Index
BMind.qxd 2/20/13 6:11 PM Page 911
anonymous access, 529anonymous memory, 484anonymous pipes, 143–145APCs, see asynchronous procedure callsAPI (application program interface), 63–64Apple Computers, 59Apple iPad, 60, 84Apple Macintosh computer, 901–902application containment, 713, 727–728application interface (I/O systems), 597–603
block and character devices, 600blocking and nonblocking I/O, 602–603clocks and timers, 601–602network devices, 600–601
application layer, 757application programs, 4, 6, 75
disinfection of, 694–696multistep processing of, 354–355processes vs., 24–25system utilities, 74–75
application program interface (API), 63–64application proxy firewalls, 697–698Aqua interface, 59, 84arbitrated loop (FC-AL), 471architecture(s), 12–18
clustered systems, 17–18multiprocessor systems, 14–16single-processor systems, 13–14of Windows 7, 838
argument vector, 793ARM architecture, 388armored viruses, 669ARP (address resolution protocol), 760arrays, 31, 398ASIDs (address-space identifiers), 374ASLR (address space layout
randomization), 832assembly language, 77assignment edge, 319asymmetric clustering, 17asymmetric encryption, 678asymmetric multiprocessing, 15, 278asynchronous devices, 598, 599asynchronous (nonblocking) message
passing, 129asynchronous procedure calls (APCs), 185,
841–842asynchronous thread cancellation, 185asynchronous threading, 172asynchronous writes, 567
ATA buses, 469Atlas operating system, 894–895atomic transactions, 210attacks, 658–659. See also denial-of-service
attacksman-in-the-middle, 659replay, 658zero-day, 693
attack surface, 669attributes, 865augmented-reality applications, 36authentication:
breaching of, 658and communication protocols, 758–759and encryption, 678–681in Linux, 822multifactor, 689two-factor, 688
automatic job sequencing, 890automatic variables, 664automatic working-set trimming, 446automount feature, 769autoprobes, 791auxiliary rights (Hydra), 641–642
B
back door, 599background processes, 74–75, 115, 274,
296backing store, 358backups, 570–571bad blocks, 480–482balanced binary search trees, 33banker’s algorithm, 330–331base file record, 865base register, 352basic file systems, 544batch files, 510batch interface, 56Bayes’ theorem, 693–694Belady’s anomaly, 414Beowulf clusters, 18best-fit strategy, 363binary search trees, 33binary semaphore, 214binary translation, 718–720binary trees, 33binding, 354
912 Index
BMind.qxd 2/20/13 6:11 PM Page 912
biometrics, 689bit(s):
defined, 9mode, 22modify (dirty), 411reference, 418valid-invalid, 375
bit-interleaved parity organization, 488bit-level striping, 486bitmaps, 34bit vector (bit map), 561black-box transformations, 676blade servers, 16block(s), 65, 362, 512–513
bad, 480–482boot, 93, 480boot control, 546defined, 815–816direct, 559file-control, 545index, 557index to, 514–515indirect, 559logical, 470volume control, 546
block ciphers, 676block devices, 598, 600, 815–816block groups, 812blocking, indefinite, 271blocking I/O, 602–603blocking (synchronous) message
passing, 129block-interleaved distributed parity, 489block-interleaved parity organization, 489block-level striping, 486block number, relative, 514boot block, 93, 480, 546boot control block, 546boot disk (system disk), 93, 480booting, 92–93, 862–863boot partition, 480boot sector, 480bootstrap programs (bootstrap loaders),
7, 92–93, 480, 670boot viruses, 667bottlenecks, 86bottom half interrupt service routines, 799bounded-buffer problem, 219bounded capacity (of queue), 130bourne-Again shell (bash), 789
Bourne shell command interpreter, 59breach of availability, 658breach of confidentiality, 658breach of integrity, 658bridging, 732broadcasting, 760BSD UNIX, 46B1 tree (NTFS), 865buddy heap (Linux), 801–802buddy system (Linux), 801buddy-system allocation, 436–437buffer, 816
circular, 569defined, 605
buffer cache, 565buffering, 129–130, 605–606buffer-overflow attacks, 663–666bugs, 66bus, 469
defined, 588expansion, 588PCI, 588
bus architecture, 12bus-mastering I/O boards, 595busy waiting, 591byte, 9
C
cache, 565–566buffer, 565defined, 606–607in Linux, 802–803as memory buffer, 352nonvolatile RAM, 486page, 565and performance improvement, 565–568slabs in, 437unified buffer, 565–566in Windows 7, 856–858
cache coherency, 29cache management, 28caching, 27–29, 606–607
client-side, 874double, 566
Caldera, 785Cambridge CAP system, 643–644cancellation, thread, 185–186cancellation points, 186
Index 913
BMind.qxd 2/20/13 6:11 PM Page 913
capability(-ies), 637, 643capability-based protection systems,
641–644Cambridge CAP system, 643–644Hydra, 641–643
capability lists, 637cascading termination, 121CAV (constant angular velocity), 471central processing unit, see under CPUcertificate authorities, 681certification, 699CFQ (Completely Fair Queueing), 817challenging (passwords), 688change journal (Windows 7), 870character devices (Linux), 817character-stream devices, 598–600checksums, 492–493, 761children, 33, 116chipsets, 836Chrome, 123CIFS (common internet file system), 531, 871cipher-block chaining, 676circuit switching, 755circular buffer, 569circularly linked lists, 32circular SCAN (C-SCAN) scheduling
algorithm, 476circular-wait condition (deadlocks), 325–327claim edge, 329classes (Java), 647CLI (command-line interface), 56C library, 69client(s):
defined, 766diskless, 768in SSL, 683thin, 35
client interface, 766client-server model, 529–530, 854–855client-side caching (CSC), 874client systems, 38clocks, 601–602clock algorithm, 418–419clones, 579, 715C-LOOK scheduling algorithm, 477closed-source operating systems, 44close() operation, 507cloud computing, 41–42, 716clusters, 17–18, 479, 764, 864clustered page tables, 380
clustered systems, 17–18clustering, 764
asymmetric, 17in Windows, 445–446
cluster remapping, 869CLV (constant linear velocity), 470coarse-grained multithreading, 282Cocoa Touch, 84code:
absolute, 354reentrant, 376
code books, 689code integrity module (Windows 7), 832collisions (of file names), 553COM (component object model), 873combined scheme index block, 559command interpreter, 58–59command-line interface (CLI), 56common internet file system (CIFS), 531, 871communication(s):
direct, 127in distributed operating systems, 743indirect, 128interprocess, see interprocess
communicationsystems programs for, 74–75
communications (operating system service), 57
communication links, 127communication processors, 749communications sessions, 755communication system calls, 72–73compaction, 364, 554–555compiler-based enforcement, 644–647compile time, 354Completely Fair Queueing (CFQ), 817complexity, administrative, 769component object model (COM), 873component units, 766–767compression, 869computational kernels, 835–836computation migration, 746computation speedup, 741compute clusters, 764computer environments, 35–43
client-server computing, 38cloud computing, 41–42distributed systems, 37–38mobile computing, 36–37peer-to-peer computing, 39–40
914 Index
BMind.qxd 2/20/13 6:11 PM Page 914
real-time embedded systems, 43traditional, 35–36virtualization, 40–41
computer programs, see applicationprograms
computer system(s):architecture of:
clustered systems, 17–18multiprocessor systems, 14–16single-processor systems, 13–14
distributed systems, 37–38file-system management in, 26–27I/O structure in, 12memory management in, 25–26operating system viewed by, 5operation of, 7–9process management in, 24–25protection in, 29–31real-time embedded systems, 43secure, 658security in, 29–31storage in, 9–12storage management in, 26–30
caching, 27–29I/O systems, 29–30mass-storage management, 27
threats to, 669–674computing:
mobile, 36–37safe, 694
concurrency, 166Concurrency Runtime (ConcRT), 297,
880–881conditional-wait construct, 230condition variables, 879confidentiality, breach of, 658confinement problem, 635conflict phase (of dispatch latency), 285conflict resolution module (Linux), 791–792connectionless messages, 755connectionless (UDP) sockets, 137connection-oriented (TCP) sockets, 137consistency checker, 568consistency checking, 568–569consistency semantics, 532constant angular velocity (CAV), 471constant linear velocity (CLV), 470consumers (DTrace), 89containers, 728container objects (Windows 7), 701–702
contention scope, 277context (of process), 114context switches, 114, 615–616contiguous disk space allocation, 553–555contiguous memory allocation, 361control cards, 890control-card interpreter, 891controlled access, 534controller(s), 469, 588–589
defined, 588direct-memory-access, 595disk, 469host, 469
control partitions, 723control programs, 5control register, 590convenience, 3convoy effect, 267cooperating processes, 122cooperative scheduling, 264copylefting, 45copy-on-write technique, 408–409copy protection, 44copy semantics, 606core dump, 86core memory, 895cores, 15–16counting, 563counting-based page replacement
algorithm, 420counting semaphore, 214coupling, symmetric, 17covert channels, 662CP/M, 900–901CPU (central processing unit), 4, 351–354CPU-bound processes, 113CPU burst, 262CPU clock, 352CPU-I/O burst cycle, 262–263CPU scheduler, see short-term schedulerCPU scheduling, 20
about, 261–262algorithms for, 266–277
criteria, 265–266evaluation of, 300–304first-come, first-served scheduling of,
266–267implementation of, 303–304multilevel feedback-queue scheduling
of, 275–277
Index 915
BMind.qxd 2/20/13 6:11 PM Page 915
CPU scheduling (contd.)multilevel queue scheduling of, 273–275priority scheduling of, 270–271round-robin scheduling of, 271–273shortest-job-first scheduling of, 267–270
dispatcher, role of, 265and I/O-CPU burst cycle, 262–263models for, 300–304
deterministic modeling, 300–301and implementation, 303–304queueing-network analysis, 302simulations, 302
multiprocessor scheduling, 278–283approaches to, 278–280and load balancing, 280–281and processor affinity, 280
preemptive scheduling, 263–264real-time, 283–290
earliest-deadline-first scheduling,288–289
and minimizing latency, 283–285POSIX real-time scheduling, 290priority-based scheduling, 285–287proportional share scheduling, 289–290rate-monotonic scheduling, 287–288
short-term scheduler, role of, 263virtual machines, 729
crackers, 658Craftworks, 785crashes, 86crash dumps, 86creation:
of files, 506process, 116–119
critical sections, 206critical-section problem, 206
and mutex locks, 212–213Peterson’s solution to, 207–209and semaphores, 213–218
deadlocks, 217implementation, 215–217priority inversion, 217–218starvation, 217usage, 214–215
and synchronization hardware, 209–212cryptography, 674–675
and encryption, 674–685implementation of, 681–683SSL example of, 683–685
CSC (client-side caching), 874
C-SCAN scheduling algorithm, 476CTSS operating system, 898current directory, 521current-file-position pointer, 506cycle stealing, 96cylinder groups, 812
D
d (page offset), 367–368daemon process, 630daisy chain, 588Dalvik virtual machine, 86data:
recovery of, 568–571thread-specific, 187
data capability, 643data-encryption standard (DES), 676–677data files, 504datagrams, 755data-in register, 590data-link layer, 757data loss, mean time to, 485data migration, 745–746data-out register, 590data parallelism, 168–169data section (of process), 106data striping, 486DCOM, 873DDOS attacks, 658deadline I/O scheduler, 817deadlock(s), 217
avoidance of, 322, 327–333with banker’s algorithm, 330–331with resource-allocation-graph
algorithm, 329–330with safe-state algorithm, 328–329
defined, 315detection of, 333–337
algorithm usage, 336–337several instances of a resource type,
334–336single instance of each resource type,
334methods for handling, 322–323with mutex locks, 317–318necessary conditions for, 318–319prevention of, 323–327
and circular-wait condition, 325–327
916 Index
BMind.qxd 2/20/13 6:11 PM Page 916
and hold-and-wait condition, 323–324and mutual-exclusion condition, 323and no-preemption condition, 324
recovery from, 337–338by process termination, 337–338by resource preemption, 338
system model for, 315–317system resource-allocation graphs for
describing, 319–321Debian, 785debuggers, 66, 86debugging, 72, 86–91
defined, 86failure analysis, 86–87and performance tuning, 87using DTrace for, 87–91
dedicated devices, 598, 599default signal handlers, 184defense in depth, 689deferred procedure calls (DPCs), 840–842deferred thread cancellation, 185degree of multiprogramming, 113deletion, file, 506demand paging, 401–407
basic mechanism, 402–405defined, 401with inverted page tables, 442and I/O interlock, 444–445and page size, 440–441and performance, 405–406and prepaging, 439–440and program structure, 442–443pure, 404and restarting instructions, 404–405and TLB reach, 441–442
demand-zero memory, 805demilitarized zone (DMZ), 696–697denial-of-service (DOS) attacks, 658, 674dentry objects, 551, 809DES (data-encryption standard), 676–677design of operating systems:
distributed operating systems, 764–765goals, 75–76Linux, 786–788mechanisms and policies, 76Windows 7, 831–837
desktop, 59desktop window manager (DWM), 831deterministic modeling, 300–301development kernels (Linux), 783
device controllers, 7, 611–613. See also I/Odevice directory, 516. See also directoriesdevice drivers, 12, 544, 588, 611–613, 891device-management system calls, 71–72device objects, 855device queues, 111–112device reservation, 607DFSs, see distributed file systemsdigital certificates, 681Digital Equipment Corporation (DEC), 379Digital Rights Management (DRM), 44digital signatures, 680, 832digital-signature algorithm, 680dining-philosophers problem, 222–223,
227–229direct access (files), 513–514direct blocks, 559direct communication, 127DirectCompute, 835direct I/O, 600direct memory access (DMA), 12, 595–597direct-memory-access (DMA) controller,
595directories, 515–526
acyclic-graph, 523–525general graph, 525–526implementation of, 552–553recovery of, 568–571single-level, 518–519tree-structured, 521–522two-level, 519–521
direct virtual memory access (DVMA), 596
dirty bits (modify bits), 411discovery protocols, 39disinfection, program, 694disk(s), 467–469. See also mass-storage
structureallocation of space on, 553–561
contiguous allocation, 553–555indexed allocation, 557–559linked allocation, 555–557and performance, 560–561
bad blocks, 480–482boot, 93, 480boot block, 480efficient use of, 564–565electronic, 11floppy, 468formatting, 479–480
Index 917
BMind.qxd 2/20/13 6:11 PM Page 917
918 Index
disk(s) (contd.)free-space management for, 561–564host-attached, 471low-level formatted, 470magnetic, 10mini-, 516network-attached, 471–472performance improvement for, 565–568raw, 421, 516, 549scheduling algorithms, 472–478
C-SCAN, 476FCFS, 473–474LOOK, 477SCAN, 475–476selecting, 477–478SSTF, 474–475
solid-state, 28, 469storage-area network, 472structure of, 470system, 480
disk arm, 468disk controller, 469diskless clients, 768disk striping, 868dispatched process, 112dispatcher, 265, 294dispatcher objects, 233, 841, 844dispatch latency, 265distributed denial-of-service (DDOS)
attacks, 658distributed file systems (DFSs), 529,
765–773defined, 765–766naming in, 767–770remote file access in, 770–773stateless, 531–532Windows 7, 874
distributed information systems(distributed naming services), 530
distributed lock manager (DLM), 18distributed operating systems, 745–747distributed systems, 37–38
benefits of, 741–743defined, 741distributed operating systems as,
745–747network operating systems as, 743–745
distributions (GNU/Linux), 45DLLs, see dynamic link librariesDLM (distributed lock manager), 18
DMA, see direct memory accessDMA controller, 595DMCA (U.S. Digital Millennium Copyright
Act), 44DMZ (demilitarized zone), 696–697domains, 531, 874domain-name system (DNS), 530, 751–752domain switching, 629DOS attacks, see denial-of-service attacksdouble buffering, 605double caching, 566double indirect blocks, 559doubly linked lists, 32downsizing, 743down time, 555DPCs (deferred procedure calls), 840–842DRAM (dynamic random-access memory), 9driver end (STREAM), 613–614driver objects, 855driver registration module (Linux), 790–791DRM (Digital Rights Management), 44DTrace, 87–91dual-booted systems, 549dual-core design, 16dumpster diving, 660DVMA (direct virtual memory access), 596DWM (desktop window manager), 831dynamic configurations, 837, 838dynamic linking, 808–809dynamic link libraries (DLLs), 357–358, 836dynamic loading, 357dynamic protection, 628dynamic random-access memory (DRAM), 9dynamic routing, 753–754dynamic storage-allocation problem, 362,
554
E
earliest-deadline-first (EDF) scheduling,288–289
ease of use, 5ease of use features, 830EC2, 41ECBs (enabling control blocks), 90ECC, see error-correcting codeEDF (earliest-deadline-first) scheduling,
288–289effective access time, 405
BMind.qxd 2/20/13 6:11 PM Page 918
Index 919
effective memory-access time, 374effective UID, 31efficiency, 3, 564–565, 837EIDE buses, 469electronic disk, 11elevator algorithm, see SCAN scheduling
algorithmemulation, 40, 727emulators, 77, 713enabling control blocks (ECBs), 90encapsulation (Java), 649encrypted viruses, 668encryption, 675–676
asymmetric, 678authentication, 678–681key distribution, 681public-key, 678symmetric, 676–677
encryption, defined, 675–676energy efficiency, 837enhanced integrated drive electronics
(EIDE) buses, 469entry section, 206entry set, 232environmental subsystems, 836environment vector, 793EPROM (erasable programmable read-only
memory), 93equal allocation, 423erasable programmable read-only memory
(EPROM), 93Erlang language, 241–242error(s), 607–608
hard, 482soft, 479
error conditions, 398error-correcting code (ECC), 477–478, 488error detection, 57escalate privileges, 31escape (operating systems), 599events, 233event latency, 283–284event objects (Windows 7), 841event-pair objects, 855exception dispatcher, 842exceptions (with interrupts), 593exclusive locks, 508exec() system call, 183executable files, 106, 504execution of user programs, 807
execution time, 355exit section, 206exit() system call, 120, 121expansion bus, 588exponential average, 268export list, 574–575ext2 (second extended file system), 811ext3 (third extended file system), 811–813ext4 (fourth extended file system), 811extended file attributes, 505extended file system (extfs), 545, 811extensibility, 736extent (contiguous space), 555extents, 865external data representation (XDR), 140external fragmentation, 363–364, 554
F
failure:detection of, 762mean time to, 485recovery from, 763during writing of block, 494–496
failure analysis, 86–87failure modes (directories), 531–532false negatives, 693false positives, 693fast-user switching, 863–864FAT (file-allocation table), 557fault tolerance, 14, 763–764, 868–869fault-tolerant systems, 763–764FC (fiber channel), 471FC-AL (arbitrated loop), 471FCB (file-control block), 545FC buses, 469FCFS scheduling algorithm, see first-come,
first-served scheduling algorithmfeature migration, 887–888fibers, 879–880fiber channel (FC), 471fiber channel (FC) buses, 469FIFO, 32, 147FIFO page replacement algorithm, 413–41450-percent rule, 363file(s), 26–27, 503–504. See also directories
accessing information on, 513–515direct access, 513–514sequential access, 513
BMind.qxd 2/20/13 6:11 PM Page 919
920 Index
file(s) (contd.)attributes of, 504–505batch, 510defined, 504executable, 106internal structure of, 512–513locking open, 507–510operations on, 506–510protecting, 533–538
via file access, 533–538via passwords/permissions, 537–538
recovery of, 568–571storage structure for, 517–518
file access, 508, 533–538file-allocation table (FAT), 557file-control block (FCB), 545file descriptor, 548file extensions, 510–511file handle, 548file info window (Mac OS X), 505FileLock (Java), 508file management, 74file-management system calls, 71file mapping, 433file migration, 767file modification, 74file objects, 551, 809file-organization module, 545file pointers, 508file reference, 865file replication, 767file session, 532file sharing, 528–533
and consistency semantics, 532–533with multiple users, 528–529with networks, 530–532
and client-server model, 529–530and distributed information systems,
530–531and failure modes, 531–532
file systems, 503, 543–545basic, 544creation of, 518design problems with, 544distributed, see distributed file systemsextended, 544implementation of, 546–552
mounting, 549–550partitions, 549–550virtual systems, 550–552
levels of, 544Linux, 809–815log-based transaction-oriented,
569–570logical, 544mounting of, 526–528network, 571–577remote, 529WAFL, 577–580Windows 7, see Windows 7
File System Hierarchy Standard document,784
file-system management, 26–27file-system manipulation (operating system
service), 56file transfer, 744–745file transfer protocol (FTP), 529, 744–745file viruses, 667filter drivers, 856fine-grained multithreading, 282firewalls, 35, 696–698firewall chains, 821firewall management, 821firmware, 7, 93first-come, first-served (FCFS)
scheduling algorithm, 266–267,473–474
first-fit strategy, 363fixed-partition scheme, 362fixed routing, 753floppy disks, 468flow control, 613flushing, 374folders, 59foreground processes, 115, 274, 296fork() and exec() process model (Linux),
792–794fork-join strategy, 172fork() system call, 183formatting, 479–480forwarding, 481forward-mapped page tables, 379fourth extended file system (ext4), 811fragments, packet, 821fragmentation, 363–364
external, 363–364, 554internal, 363, 513
frame(s), 367, 755stack, 664–665victim, 411
BMind.qxd 2/20/13 6:11 PM Page 920
Index 921
frame allocation, 421–425equal allocation, 423global vs. local, 424proportional allocation, 423–424
frame-allocation algorithm, 412frame pointers, 664–665free-behind technique, 567free objects, 438, 803Free Software Foundation (FSF), 45free-space list, 561free-space management (disks), 561–564
bit vector, 561–562counting, 563grouping, 563linked list, 562–563and space maps, 563–564
front-end processors, 616FSF (Free Software Foundation), 45FTP, see file transfer protocolfull backup, 570FUSE file-system, 545
G
Gantt chart, 267garbage collection, 526gates, 631gateways, 754GB (gigabyte), 9gcc (GNU C compiler), 784GCD (Grand Central Dispatch), 182–183GDT (global descriptor table), 384general graph directories, 525–526general trees, 33gestures, 60gigabyte (GB), 9global descriptor table (GDT), 384global positioning system (GPS), 36global replacement, 424GNOME desktop, 60GNU C compiler (gcc), 784GNU General Public License (GPL), 45GNU/Linux, 45GNU Portable Threads, 169GPL (GNU General Public License), 45GPS (global positioning system), 36graceful degradation, 14Grand Central Dispatch (GCD), 182–183granularity, minimum, 797
graphs, acyclic, 523graphical user interfaces (GUIs), 59–62graphics shaders, 835grappling hook, 670Green threads, 169group identifiers, 31grouping, 563group policies, 875group rights (Linux), 823guard pages, 847GUIs (graphical user interfaces), 59–62
H
Hadoop, 765Hadoop distributed file system (HDFS), 767HAL, see hardware-abstraction layerhandheld computers, 5handles, 844handle tables, 844handshaking, 591, 611handshaking procedure, 695hands-on computer systems, 20hard affinity, 280hard-coding techniques, 128hard errors, 482hard links, 525hardware, 4
I/O systems, 588–597direct memory access, 595–597interrupts, 592–595polling, 591
for storing page tables, 372–374synchronization, 209–212virtual machines, 720–721
hardware-abstraction layer (HAL), 836hardware objects, 627hash collisions, 471hashed page tables, 380hash functions, 33–34, 680hash maps, 471hash tables, 552–553hash value (message digest), 680HDFS (Hadoop distributed file system), 767heaps, 106, 883heavyweight processes, 163hibernation, 860–861hierarchical paging, 378–380high availability, 17
BMind.qxd 2/20/13 6:11 PM Page 921
922 Index
high-availability clusters, 764high performance, 834high-performance computing, 17hijacking, session, 659hit ratio, 374, 441hive, 861hold-and-wait condition (deadlocks),
323–324holes, 362homogeneity, 278host adapter, 589host-attached storage, 471host controller, 469host-id, 751hot spare disks, 491hot-standby mode, 17human security, 660hybrid cloud, 42hybrid operating systems, 83–86
Android, 85–86iOS, 84–85Mac OS X, 84
Hydra, 641–643hypercalls, 726hyperspace, 846hypervisors, 712
type 0, 723–724type 1, 724–725type 2, 725
I
IA-32 architecture, 384–387paging in, 385–387segmentation in, 384–385
IA-64 architecture, 387IaaS (infrastructure as a service), 42IBM OS/360, 899–900identifiers:
file, 504group, 31user, 31
idle threads, 294, 840IDPSs (intrusion-prevention systems), 692IDSs (intrusion-detection systems), 691–694IKE protocol, 682immutable shared files, 533imperative languages, 241impersonation, 853
implementation:of CPU scheduling algorithms, 303–304of operating systems, 76–77of transparent naming techniques, 769–770
implicit threading, 177–183Grand Central Dispatch (GCD), 182–183OpenMP and, 181–182thread pools and, 179–181
incremental backup, 571indefinite blocking (starvation), 217, 271independence, location, 767independent disks, 485independent processes, 122index, 514index block, 557indexed disk space allocation, 557–559index root, 865indirect blocks, 559indirect communication, 128information-maintenance system calls, 72infrastructure as a service (IaaS), 42inode, 545inode objects, 551, 809input/output, see under I/Oinput queue, 354InServ storage array, 493instruction-execution cycle, 10, 351–352instruction register, 10integrity, breach of, 658intellimirror, 875Intel processors, 383–387
IA-32 architecture, 384–387IA-64 architecture, 387
interactive (hands-on) computer systems, 20interface(s):
batch, 56choice of, 61–62client, 766defined, 597intermachine, 766Windows 7 networking, 870–875
interlock, I/O, 444–445intermachine interface, 766internal fragmentation, 363, 513international use, 837Internet address, 752Internet Key Exchange (IKE), 682Internet Protocol (IP), 681–683interpretation, 40interpreted languages, 727
BMind.qxd 2/20/13 6:11 PM Page 922
Index 923
interprocess communication (IPC), 122–130in client-server systems, 136–147
remote procedure calls, 138–142sockets, 136–138
in Linux, 783, 818–819Mach example of, 131–134in message-passing systems, 126–130POSIX shared-memory example of,
130–131in shared-memory systems, 124–126Windows example of, 135
interrupt(s), 8–9, 592–595defined, 592in Linux, 799–800
interrupt chaining, 593interrupt-controller hardware, 593interrupt-dispatch table (Windows 7),
843–844interrupt-driven data transfer, 436interrupt-driven operating systems, 21–24interrupt-handler routine, 592interrupt latency, 284–285interrupt priority levels, 593interrupt-request line, 592interrupt service routines (ISRs), 840interrupt vector, 8–9, 360, 593intruders, 658intrusion detection, 691–694intrusion-detection systems (IDSs),
691–694intrusion-prevention systems (IDPSs), 692inverted page tables, 381–383, 442I/O (input/output), 4, 12
memory-mapped, 435–436overlapped, 892–894programmed, 436virtual machines, 731–732
I/O-bound processes, 113I/O burst, 262I/O channel, 616I/O interlock, 444–445I/O manager, 855–856I/O operations (operating system service),
56–57I/O ports, 436I/O request packet (IRP), 855iOS operating system, 84–85I/O subsystem(s), 29–30
kernels in, 604–610procedures supervised by, 610
I/O system(s), 587–588application interface, 597–603
block and character devices, 600clocks and timers, 601–602network devices, 600–601nonblocking and asynchronous I/O,
602–603vectored I/O, 603–604
hardware, 588–597direct memory access, 595–597interrupts, 592–595polling, 591
kernels, 604–610buffering, 605–606caching, 606–607data structures, 608–609error handling, 607–608I/O scheduling, 604–605and I/O subsystems, 610protection, 608spooling and device reservation, 607
Linux, 815–817block devices, 816character devices, 817
STREAMS mechanism, 613–615and system performance, 615–618transformation of requests to hardware
operations, 611–612IP (Internet Protocol), 681–683iPad, see Apple iPadIPC, see interprocess communicationIPSec, 682IRP (I/O request packet), 855ISCSI, 472ISO Reference Model, 682ISRs (interrupt service routines), 840
J
Java:file locking in, 508–509language-based protection in, 647–649monitors in, 232
Java threads, 176–177Java Virtual Machine (JVM), 107, 726,
736–737jobs, processes vs., 106–107job objects, 852job pool, 20
BMind.qxd 2/20/13 6:11 PM Page 923
924 Index
job queues, 111job scheduler, 112job scheduling, 20journaling, 813–814journaling file systems, 569–570just-in-time (JIT) compilers, 727JVM, see Java Virtual Machine
K
KB (kilobyte), 9K Desktop Environment (KDE), 60kernel(s), 6, 604–610
buffering, 605–606caching, 606–607computational, 835data structures, 608–609error handling, 607–608I/O scheduling, 604–605and I/O subsystems, 610Linux, 787–789nonpreemptive, 207preemptive, 207protection, 608spooling and device reservation, 607task synchronization (in Linux), 798–800Windows 7, 839–844, 875
kernel code, 96kernel data structures, 31–34
arrays, 31bitmaps, 34hash functions and maps, 33–34lists, 31–33queues, 32stacks, 32trees, 31–33
kernel environment, 84kernel extensions, 84kernel memory allocation, 436–439kernel mode, 22, 787Kernel-Mode Driver Framework (KMDF), 856kernel-mode threads (KT), 844kernel modules, 789–792
conflict resolution, 791–792driver registration, 790–791Linux, 96–101management of, 789–790
kernel threads, 169kernel transaction manager (KTM), 862
Kernighan’s Law, 87keys, 638, 641
private, 678public, 678
key distribution, 681key ring, 681keystreams, 677keystroke logger, 669kilobyte (KB), 9KMDF (Kernel-Mode Driver Framework),
856KT (kernel-mode threads), 844KTM (kernel transaction manager), 862
L
language-based protection systems, 644–649compiler-based enforcement, 644–647Java, 647–649
LANs, see local-area networkslatency:
in real-time systems, 283–285target, 797
layers (of network protocols), 681layered approach (operating system
structure), 79–81lazy swapper, 401LCNs (logical cluster numbers), 864LDAP, see lightweight directory-access
protocolLDT (local descriptor table), 384least-frequently used (LFU) page-
replacement algorithm, 420least privilege, principle of, 626–627least-recently-used (LRU) page-replacement
algorithm, 416–418left child, 33LFH design, 883–884LFU page-replacement algorithm, 420lgroups, 425libraries:
Linux system, 787–788shared, 358, 400
LIFO, 32lightweight directory-access protocol
(LDAP), 531, 875limit register, 352linear addresses, 385linear lists (files), 552
BMind.qxd 2/20/13 6:11 PM Page 924
Index 925
line discipline, 817link(s):
communication, 127defined, 523–524hard, 525resolving, 524symbolic, 845
linked disk space allocation, 555–557linked lists, 562–563linked scheme index block, 559linking, dynamic vs. static, 357–358, 808–809Linux, 45, 781–824
design principles for, 786–788file systems, 809–815
ext3 file system, 811–813journaling, 813–814process, 814virtual, 809–811
history of, 781–786distributions, 785first kernel, 782–784licensing, 785–786system description, 784
interprocess communication, 818–819I/O system, 815–817
block devices, 816–817character devices, 817
kernel modules, 96–101, 789–792memory management, 800–809
execution and loading of userprograms, 807
physical memory, 801–804virtual memory, 804–807
network structure, 819–821process management, 792–795
fork() and exec() process model,792–794
processes and threads, 795process representation in, 110scheduling in, 795–800
example, 290–294kernel synchronization, 798–800process, 796–797symmetric multiprocessing, 800
security model, 821–824access control, 822–824authentication, 822
swap-space management in, 484synchronization in, 234–235threads example, 189–191
Linux distributions, 782, 785Linux kernel, 782–784Linux system(s):
components of, 782, 787–789obtaining page size on, 370
lists, 31–32, 398Little’s formula, 302LiveCD, 45LiveDVD, 45live migration (virtual machines), 716,
733–735load balancing, 280–281loader, 891loading:
dynamic, 357in Linux, 807–808
load sharing, 278, 742load time, 354local-area networks (LANs), 17, 37, 747–750local descriptor table (LDT), 384locality model, 427locality of reference, 404local procedure calls (LPCs), 834local replacement, 424local replacement algorithm (priority
replacement algorithm), 427location, file, 504location independence, 767location-independent file identifiers,
769–770location transparency, 767lock(s), 209, 638
acquire, 69advisory, 509exclusive, 508in Java API, 508–509mandatory, 509mutex, 212–214reader-writer, 220–222release, 69shared, 508
lock-key scheme, 638lock() operation, 508log-based transaction-oriented file systems,
569–570log files, 87log-file service, 866logging area, 867logical address, 355logical address space, 356
BMind.qxd 2/20/13 6:11 PM Page 925
926 Index
logical blocks, 470logical cluster numbers (LCNs), 864logical file system, 545logical formatting, 479logical memory, 21, 398–399. See also virtual
memorylogical records, 513login, network, 531long-term scheduler (job scheduler), 112LOOK scheduling algorithm, 477loopback, 138loosely-coupled systems, 17love bug virus, 694low-fragmentation heap (LFH) design,
883–884low-level formatted disks, 470low-level formatting (disks), 479LPCs (local procedure calls), 834LRU-approximation page replacement
algorithm, 418–420
M
MAC (message-authentication code), 680MAC (medium access control) address, 760Mach operating system, 81–82, 131–134,
902–903Macintosh operating system, 901–902Mac OS X operating system, 84macro viruses, 667magic number (files), 511magnetic disk(s), 10, 467–469. See also disk(s)magnetic tapes, 469–470mailboxes, 128mailbox sets, 134mainframes, 5main memory, 9–10
and address binding, 354–355contiguous allocation of, 360–361
and fragmentation, 363–364mapping, 361methods, 362–363protection, 361
and dynamic linking, 357–358and dynamic loading, 357and hardware, 352–354Intel 32 and 64-bit architectures example:
paging, 385–387segmentation, 384–385
and logical vs. physical address space, 356paging for management of, 366–383
basic method, 367–372hardware, 372–374hashed page tables, 380hierarchical paging, 378–380Intel 32 and 64-bit architectures
example, 385–387inverted page tables, 381–383and Oracle SPARC Solaris, 383protection, 375–376and shared pages, 376–377
segmentation for management of, 364–366basic method, 364–366hardware, 365–366Intel 32 and 64-bit architectures
example, 384–385and swapping, 358–360
MANs (metropolitan-area networks), 37mandatory file-locking mechanisms, 509man-in-the-middle attack, 659many-to-many multithreading model,
170–171many-to-one multithreading model, 169marshalling, 872Mars Pathfinder, 218maskable interrupts, 593masquerading, 658mass-storage management, 27mass-storage structure, 467–470
disk attachment:host-attached, 471network-attached, 471–472storage-area network, 472
disk management:bad blocks, 480–482boot block, 480formatting of disks, 479–480
disk scheduling algorithms, 472–478C-SCAN, 476FCFS, 473–474LOOK, 477SCAN, 475–476selecting, 477–478SSTF, 474–475
disk structure, 470–471extensions, 492magnetic disks, 467–469magnetic tapes, 469–470RAID structure, 484–494
BMind.qxd 2/20/13 6:11 PM Page 926
Index 927
performance improvement, 486problems with, 492–494RAID levels, 487–491reliability improvement, 485–486
stable-storage implementation, 494–496swap-space management, 482–484
master book record (MBR), 480master file directory (MFD), 519master file table, 546master key, 641master secret (SSL), 684matchmakers, 141MB (megabyte), 9MBR (master book record), 480MCP operating system, 902–903mean time to data loss, 485mean time to failure, 485mean time to repair, 485mechanisms, 76medium access control (MAC) address, 760medium-term scheduler, 113megabyte (MB), 9memory:
anonymous, 484core, 895direct memory access, 12direct virtual memory access, 596logical, 21, 398–399main, see main memoryover-allocation of, 409physical, 21secondary, 404semiconductor, 11shared, 122, 400transactional, 239–240unified virtual memory, 565virtual, see virtual memory
memory-address register, 355memory allocation, 362–363memory leaks, 101memory management, 25–26
in Linux, 800–809execution and loading of user
programs, 807–809physical memory, 801–804virtual memory, 804–807
with virtual machines, 730–731in Windows 7, 882–884
heaps, 883memory-mapping files, 882–883
thread-local storage, 884virtual memory, 882
memory-management unit (MMU), 356, 384,849–850
memory-mapped files, 847memory-mapped I/O, 435–436, 589memory mapping, 361, 430–436
basic mechanism, 430–432defined, 430I/O, memory-mapped, 435–436in Linux, 807–808in Win32 API, 433–435
memory-mapping files, 882–883memory protection, 361memory-resident pages, 402memory stall, 282memory-style error-correcting organization,
488messages:
connectionless, 755in distributed operating systems, 743
message-authentication code (MAC), 680message digest (hash value), 680message modification, 658message passing, 122message-passing model, 72, 126–130message queue, 897message switching, 755metadata, 531, 866metaslabs, 563methods (Java), 647metropolitan-area networks (MANs), 37MFD (master file directory), 519MFU page-replacement algorithm, 420microkernels, 81–82Microsoft Windows, see Windows operating
systemmicro TLBs, 388migration:
computation, 746data, 745–746file, 767process, 747with virtual machines, 733–735
minicomputers, 5minidisks, 516minimum granularity, 797miniport driver, 856mirroring, 485MMU, see memory-management unit
BMind.qxd 2/20/13 6:11 PM Page 927
928 Index
mobile computing, 36–37mobile systems:
multitasking in, 115swapping on, 360, 407
mobility, user, 573mode bit, 22modify bits (dirty bits), 411modules, 82–83, 613–614module entry point, 97module exit point, 97monitors, 223–232
dining-philosophers solution using,227–229
implementation of, using semaphores,229–230
resumption of processes within, 230–232
usage of, 225–227monitor calls, see system callsmonoculture, 669Moore’s Law, 6, 835Morris, Robert, 670–672most-frequently used (MFU) page-
replacement algorithm, 420mounting, 549–550mount points, 526, 869–870mount protocol, 574mount table, 546, 611MS-DOS, 900–901multicore processors, 281–283multicore programming, 166–169multicore systems, 14, 16, 166MULTICS operating system, 630–632, 887,
888, 898–899multifactor authentication, 689multilevel feedback-queue scheduling
algorithm, 275–277multilevel index, 559multilevel queue scheduling algorithm,
273–275multinational use, 837multipartite viruses, 669multiple-partition method, 362multiple universal-naming-convention
provider (MUP), 873multiprocessing:
asymmetric, 15, 278memory access model for, 15symmetric, 15–16, 279, 800
multiprocessor scheduling, 278–283approaches to, 278–280examples of:
Linux, 290–294Solaris, 297–299Windows, 294–296
and load balancing, 280–281and multicore processors, 281–283and processor affinity, 280
multiprocessor systems (parallel systems,tightly coupled systems), 14–16, 166
multiprogramming, 19–20, 113multitasking, see time sharingmultithreading:
benefits of, 165–166cancellation, thread, 185–186coarse-grained, 282and exec() system call, 183fine-grained, 282and fork() system call, 183models of, 169–171and scheduler activations, 187–188and signal handling, 183–185and thread-specific data, 187
multi-touch hardware, 863MUP (multiple universal-naming-
convention provider), 873mutant (Windows 7), 841mutex:
adaptive, 235in Windows 7, 841
mutex locks, 212–214, 317–318mutual exclusion, 319mutual-exclusion condition (deadlocks),
323
N
names:resolution of, 751–753in Windows 7, 845
named pipes, 872name server, 752namespaces, 793naming, 127–129, 530–531
defined, 767domain name system, 530of files, 504
BMind.qxd 2/20/13 6:11 PM Page 928
Index 929
lightweight directory-access protocol, 531and network communication, 751–753
NAT (network address translation), 732national-language-support (NLS) API, 837NDIS (network device interface
specification), 870nested page tables (NPTs), 720network(s). See also local-area networks
(LANs); wide-area networks(WANs)
communication protocols in, 756–760communication structure of, 751–756
and connection strategies, 755–756and naming/name resolution, 751–753and packet strategies, 755and routing strategies, 753–754
defined, 37design issues with, 764–765example, 760–761in Linux, 819–821metropolitan-area (MANs), 37robustness of, 762–764security in, 660small-area, 37threats to, 669–674types of, 747–748in Windows 7, 870–875
Active Directory, 875domains, 874interfaces, 870protocols, 871–874redirectors and servers, 873–874
wireless, 35network address translation (NAT), 732network-attached storage, 471–472network computers, 35network devices, 600–601, 816network device interface specification
(NDIS), 870network file systems (NFS), 571–577
mount protocol, 574NFS protocol, 574–575path-name translation, 574–575remote operations, 577
network information service (NIS), 530network layer, 757network-layer protocol, 681network login, 531network operating systems, 38, 743–745
new state, 107NFS, see network file systemsNFS protocol, 574–575NIS (network information service), 530NLS (national-language-support) API, 837nonblocking I/O, 602–603nonblocking (asynchronous) message
passing, 129noncontainer objects (Windows 7), 702nonmaskable interrupt, 593nonpreemptive kernels, 207nonpreemptive scheduling, 264nonrepudiation, 680–681nonresident attributes, 865nonsignaled state, 233non-uniform memory access (NUMA), 16,
425, 834nonvolatile RAM (NVRAM), 11nonvolatile RAM (NVRAM) cache, 486nonvolatile storage, 11–12no-preemption condition (deadlocks), 324NPTs (nested page tables), 720NTFS, 864–866NUMA, see non-uniform memory accessNVRAM (nonvolatile RAM), 11NVRAM (nonvolatile RAM) cache, 486
O
objects:access lists for, 36–37in cache, 437–438free, 438hardware vs. software, 627in Linux, 803used, 438in Windows 7, 844–846
object files, 504object linking and embedding (OLE), 873object types, 551, 845off-line compaction of space, 555OLE (object linking and embedding), 873OLPC (One Laptop per Child), 902One Laptop per Child (OLPC), 902one-time pad, 689one-time passwords, 688one-to-one multithreading model, 170on-line compaction of space, 555
BMind.qxd 2/20/13 6:11 PM Page 929
930 Index
open-file table, 507, 546–547OpenMP, 181–182, 240–241open operating systems, 669open() operation, 507OpenSolaris, 46open-source operating systems, 43–48operating system(s):
closed-source, 44defined, 3, 6design goals for, 75–76early, 888–894
dedicated computer systems, 888–889overlapped I/O, 892–894shared computer systems, 890–892
feature migration with, 887–888features of, 3functioning of, 3–6hybrid systems, 83–86implementation of, 76–77interrupt-driven, 21–24mechanisms for, 76network, 38open-source, 43–47operations of:
modes, 21–23and timer, 24
policies for, 76portability of, 836–837real-time, 43as resource allocator, 5security in, 660services provided by, 55–58structure of, 19–21, 78–86
layered approach, 79–81microkernels, 81–82modules, 82–83simple structure, 78
study of, 48system’s view of, 5user interface with, 4–5, 53–55
optimal page replacement algorithm,414–415
Oracle SPARC Solaris, 383Orange Book, 832OS/2 operating system, 829–830OSI model, 757–758OSI protocol stack, 757–758OSI Reference Model, 682out-of-band key delivery, 681overallocation (of memory), 409
overcommitment, 729overlapped I/O, 892–894owner rights (Linux), 822–823
P
p (page number), 367PaaS (platform as a service), 42packets, 755, 821packet switching, 755–756packing, 512pages:
defined, 367shared, 376–377
page address extension (PAE), 396page allocator (Linux), 801page-buffering algorithms, 420–421page cache, 565, 804page directory, 847page-directory entries (PDEs), 847page directory pointer table, 386page fault, 403page-fault-frequency (PFF), 429–430page-fault rate, 407page frames, 847page-frame number (PFN) database, 850–851page number (p), 367page offset (d), 367–368pageout (Solaris), 446–447pageout policy (Linux), 806pager (term), 401page replacement, 409–421. See also frame
allocationand application performance, 421basic mechanism, 410–413counting-based page replacement, 420FIFO page replacement, 413–414global vs. local, 424LRU-approximation page replacement,
418–420LRU page replacement, 416–418optimal page replacement, 414–415and page-buffering algorithms, 420–421
page replacement algorithm, 412page size, 440–441page slots, 484page table(s), 367–372, 404, 847
clustered, 380forward-mapped, 379
BMind.qxd 2/20/13 6:11 PM Page 930
Index 931
hardware for storing, 372–374hashed, 380inverted, 381–383, 442
page-table base register (PTBR), 372page-table entries (PTEs), 847page-table length register (PTLR), 376page-table self-map, 846paging, 366–383
basic method of, 367–372hardware support for, 372–374hashed page tables, 380hierarchical, 378–380Intel 32 and 64-bit architectures example,
385–387inverted, 381–383in Linux, 806and memory protection, 375–376and Oracle SPARC Solaris, 383priority, 447and shared pages, 376–377swapping vs., 482
paging mechanism (Linux), 806paired passwords, 688PAM (pluggable authentication modules),
822parallelism, 166, 168–169parallelization, 17parallel systems, see multiprocessor systemsparavirtualization, 713, 725–726parent process, 116partition(s), 362, 515, 516, 549–550
boot, 480control, 723raw, 483root, 549
partition boot sector, 546partitioning, disk, 479passwords, 685–689
one-time, 688–689securing, 687–688vulnerabilities of, 685–687
path name, 520path names:
absolute, 522relative, 522
path-name translation, 574–575PCBs, see process control blocksPCI bus, 588PCS (process-contention scope), 277PC systems, 3, 863
PDAs (personal digital assistants), 11PDEs (page-directory entries), 847peer-to-peer computing, 39–40penetration test, 690performance:
and allocation of disk space, 560–561and I/O system, 615–618of Windows 7, 834–836
performance improvement, 486, 565–568performance tuning, 87periodic processes, 286periodic task rate, 286permissions, 536per-process open-file table, 547personal computer (PC) systems, 3, 863personal digital assistants (PDAs), 11personal firewalls, 697personal identification number (PIN), 688personalities, 83Peterson’s solution, 207–209PFF (page-fault-frequency), 429–430PFN database, 850–851phishing, 660physical address, 355physical address space, 356physical formatting, 479physical layer, 757physical memory, 21, 397–398, 801–804physical security, 659PIC (position-independent code), 809pid (process identifier), 116PIN (personal identification number), 688pinning, 857PIO, see programmed I/Opipes, 142–147
anonymous, 143–145named, 145–147ordinary, 142–145use of, 148
pipe mechanism, 818platform as a service (PaaS), 42platter (disks), 467–468plug-and-play and (PnP) managers, 860pluggable authentication modules (PAM), 822point-to-point tunneling protocol (PPTP),
871policy(ies), 76
group, 875security, 689–690
policy algorithm (Linux), 806
BMind.qxd 2/20/13 6:11 PM Page 931
932 Index
polling, 591polymorphic viruses, 668pools:
of free pages, 408of storage, 494
pop, 32pop-up browser windows, 662ports, 436, 588portability, 836–837portals, 35port driver, 856port scanning, 673position-independent code (PIC), 809positioning time (disks), 468POSIX, 829–830, 833–834
interprocess communication example,130–131
real-time scheduling, 290possession (of capability), 637POST (power-on self-test), 862power manager (Windows 7), 860–861power-of-2 allocator, 436power-on self-test (POST), 862PPTP (point-to-point tunneling protocol), 871P 1 Q redundancy scheme, 489–490preemptive kernels, 207preemptive scheduling, 263–264premaster secret (SSL), 684prepaging, 439–440presentation layer, 757primary thread, 876principle of least privilege, 626–627priority-based scheduling, 285–287priority-inheritance protocol, 218, 236priority inversion, 217–218, 236priority number, 230priority paging, 447priority replacement algorithm, 427priority scheduling algorithm, 270–271private cloud, 42private keys, 678privileged instructions, 22privileged mode, see kernel modeprivilege levels, 23probes (DTrace), 89procedural languages, 241process(es), 20
background, 74–75, 115, 274, 296communication between, see interprocess
communication
components of, 106–107context of, 114, 794and context switches, 114cooperating, 122defined, 105environment of, 793–794foreground, 115, 274, 296heavyweight, 163independent, 122I/O-bound vs. CPU-bound, 113job vs., 106in Linux, 795multithreaded, see multithreadingoperations on, 116–119
creation, 116–119termination, 120–121
programs vs., 24–25, 106–107scheduling of, 110–114single-threaded, 163state of, 107system, 8as term, 105–106threads performed by, 109in Windows 8, 876
process-contention scope (PCS), 277process control blocks (PCBs, task control
blocks), 107–108process-control system calls, 67–71process file systems (Linux), 814–815process identifier (pid), 116process identity (Linux), 792–793process management:
about, 24–25in Linux, 792–795
fork() and exec() process model,792–794
processes and threads, 795process manager (Windows 7),
852–853process mix, 113process objects (Windows 7), 841processor affinity, 280processor groups, 835processor sets, 280processor sharing, 273process representation (Linux), 110process scheduler, 111process scheduling:
in Linux, 796–797thread scheduling vs., 261
BMind.qxd 2/20/13 6:11 PM Page 932
Index 933
process synchronization:about, 204–206alternative approaches to, 238–242
functional programming languages,241–242
OpenMP, 240–241transactional memory, 239–240
bounded-buffer problem, 219critical-section problem, 206–207
hardware solution to, 209–212Peterson’s solution to, 207–209software solution to, 212–213
dining-philosophers problem, 222–223,227–229
examples of:Java, 232Linux, 234–235Pthreads, 237–238Solaris, 235–237Windows, 233–234
monitors for, 223–232dining-philosophers solution, 227–229resumption of processes within, 230–232semaphores, implementation using,
229–230usage, 225–227
readers-writers problem, 220–222semaphores for, 213–218
process termination, deadlock recovery by,337–338
production kernels (Linux), 783profiling (DTrace), 88–89programs, processes vs., 106–107. See also
application programsprogram counters, 25, 106program execution (operating system
service), 56program files, 504program loading and execution, 74programmable interval timer, 601programmed I/O (PIO), 436, 595programming-environment virtualization,
713, 726–727programming-language support, 74program threats, 661–669
logic bombs, 663stack- or buffer overflow attacks, 663–666trap doors, 662Trojan horses, 661–662viruses, 666–667
projects, 299proportional allocation, 423proportional share scheduling, 289–290protection, 73, 625
access control for, 533–538access matrix as model of, 632–636
control, access, 639–640implementation, 636–639
capability-based systems, 641–644Cambridge CAP system, 643–644Hydra, 641–643
in computer systems, 29–31domain of, 627–628
MULTICS example, 630–632structure, 628–629UNIX example, 629–630
error handling, 607–608file, 504of file systems, 533–538goals of, 625–626I/O, 608language-based systems, 644–649
compiler-based enforcement, 644–647Java, 647–649
as operating system service, 57–58in paged environment, 375–376permissions, 536and principle of least privilege, 626–627and revocation of access rights, 640–641security vs., 657static vs. dynamic, 628from viruses, 694–696
protection domain, 628, 721protection mask (Linux), 823protection subsystems (Windows 7), 838protocols:
discovery, 39Windows 7 networking, 871–873
providers (DTrace), 89pseudo-device driver, 730–731PTBR (page-table base register), 372PTEs (page-table entries), 847PTE tables, 847Pthreads, 172–174
scheduling, 277–278synchronization in, 237–238thread cancellation in, 186–187
PTLR (page-table length register), 376public cloud, 41public domain, 785
BMind.qxd 2/20/13 6:11 PM Page 933
934 Index
public keys, 678public-key encryption, 678pull migration, 281pure code, 376pure demand paging, 404push, 32push migration, 281, 769
Q
quantum, 839queue(s), 111–112
capacity of, 129–130input, 354message, 897ready, 111–112, 359
queueing diagram, 112queueing-network analysis, 302
R
race condition, 205RAID (redundant arrays of inexpensive
disks), 484–494levels of, 487–491performance improvement, 486problems with, 492–494reliability improvement, 485–486structuring, 485
RAID array, 485RAID levels, 487–491RAID sets, 868RAM (random-access memory), 9random-access devices, 598, 599, 893random-access memory (RAM), 9random-access time (disks), 468rate, periodic task, 286rate-monotonic scheduling, 287–288rate-monotonic scheduling algorithm,
287–288raw disk, 421, 516, 549raw I/O, 600raw partitions, 483RBAC (role-based access control), 639RC4, 677RC 4000 operating system, 897RDP, 717read-ahead technique, 567
read-end (of pipe), 142readers, 220reader-writer locks, 220–222readers-writers problem, 220–222reading files, 506read-modify-write cycle, 489read only devices, 599read-only memory (ROM), 93, 480read queue, 817read-write devices, 599ready queue, 111–112, 359ready state, 107ready thread state (Windows 7), 839real-time class, 294real-time CPU scheduling, 283–290
earliest-deadline-first scheduling,288–289
and minimizing latency, 283–285POSIX real-time scheduling, 290priority-based scheduling, 285–287proportional share scheduling, 289–290rate-monotonic scheduling, 287–288
real-time embedded systems, 43real-time operating systems, 43real-time range (Linux schedulers), 796real-time systems, 43reconfiguration, 762–763records:
logical, 513master boot, 480
recovery:backup and restore, 570–571and consistency checking, 568–569from deadlock, 337–338
by process termination, 337–338by resource preemption, 338
from failure, 763of files and directories, 568–571Windows 7, 866–867
red-black trees, 35Red Hat, 785redirectors, 873redundancy, 485. See also RAIDredundant arrays of inexpensive disks, see
RAIDReed-Solomon codes, 489–490reentrant code (pure code), 376reference bits, 418Reference Model, ISO, 682reference string, 412
BMind.qxd 2/20/13 6:11 PM Page 934
Index 935
register(s), 65base, 352limit, 352memory-address, 355page-table base, 372page-table length, 376for page tables, 372relocation, 356
registry, 74, 861relative block number, 514–515relative path names, 522relative speed, 207release() operation, 508reliability, 755
of distributed operating systems, 742–743of Windows 7, 832–833
relocation register, 356remainder section, 206remote file systems, 529remote file transfer, 744–745remote login, 744remote operations, 577remote procedure calls (RPCs), 872remote-service mechanism, 770removable storage media:
magnetic disks, 467–469magnetic tapes, 469–470
rendezvous, 129repair, mean time to, 485replay attacks, 658replication, 491, 579–580repositioning (in files), 506request edge, 319request manager, 816resident attributes, 865resident monitor, 890resolution:
name, 751–753and page size, 441
resolving links, 524resource allocation (operating system
service), 57resource-allocation graph algorithm, 329–330resource allocator, operating system as, 5resource preemption, deadlock recovery by,
338resource-request algorithm, 332resource sharing, 165, 742resource utilization, 5response time, 20, 265–266
restart area, 867restore:
data, 570–571state, 114
resume, 715reverse engineering, 44revocation of access rights, 640–641rich text format (RTF), 694right child, 33rights amplification (Hydra), 642risk assessment, 690–691roaming profiles, 874robustness, 762–764roles, 639role-based access control (RBAC), 639roll out, roll in, 358ROM (read-only memory), 93, 480root partitions, 549root uid (Linux), 823rotational latency (disks), 468, 473round-robin (RR) scheduling algorithm,
271–273routers, 754routing:
and network communication, 753–754routing protocols, 754routing table, 753RPCs (remote procedure calls), 872RR scheduling algorithm, 271–273RTF (rich text format), 694running state, 107running system, 93running thread state (Windows 7), 839RW (read-write) format, 27
S
SaaS (software as a service), 42safe computing, 694safe sequence, 328safety algorithm, 331–332sandbox (Tripwire file system), 694SANs, see storage-area networksSATA buses, 469save, state, 114scalability, 166, 765Scala language, 241–242SCAN (elevator) scheduling algorithm,
475–476
BMind.qxd 2/20/13 6:11 PM Page 935
936 Index
scheduler(s), 112–113long-term, 112medium-term, 113short-term, 113
scheduler activation, 187–188scheduling:
cooperative, 264CPU, see CPU schedulingdisk scheduling algorithms, 472–478
C-SCAN, 476FCFS, 473–474LOOK, 477SCAN, 475–476selecting, 477–478SSTF, 474–475
earliest-deadline-first, 288–289I/O, 604–605job, 20in Linux, 795–800
kernel synchronization, 798–800process, 796–797symmetric multiprocessing, 800
multiprocessor, see multiprocessorscheduling
nonpreemptive, 264preemptive, 263–264priority-based, 285–287proportional share, 289–290rate-monotonic, 287–288SSDs and, 478thread, 277–278in Windows 7, 839–841, 877–881
scheduling rules, 877SCM (Service Control Manager), 860SCOPE operating system, 904script kiddies, 666SCS (system-contention scope), 277SCSI (small computer-systems interface), 12SCSI buses, 469search path, 521secondary memory, 404secondary storage, 10, 543. See also disk(s)second-chance page-replacement algorithm
(clock algorithm), 418–419second extended file system (ext2), 811section objects, 135sectors, disk, 468sector slipping, 481–482sector sparing, 481, 869secure by default, 669
secure single sign-on, 531secure systems, 658security. See also file access; program threats;
protection; user authenticationclassifications of, 698–699in computer systems, 29–31and firewalling, 696–698implementation of, 689–696
and accounting, 696and auditing, 696and intrusion detection, 691–694and logging, 696and security policy, 689–690and virus protection, 694–696and vulnerability assessment, 690–691
levels of, 659–660in Linux, 821–824
access control, 822–824authentication, 822
as operating system service, 57–58as problem, 657–661protection vs., 657and system/network threats, 669–674
denial of service, 674port scanning, 673worms, 670–673
use of cryptography for, 674–685and encryption, 674–685implementation, 681–683SSL example, 683–685
via user authentication, 685–689biometrics, 689passwords, 685–689
in Windows 7, 699–702, 831–832, 867security access tokens (Windows 7), 699security context (Windows 7), 699–702security descriptor (Windows 7), 701security domains, 696security identity (SID), 853security policy, 689–690security reference monitor (SRM), 858–859security-through-obscurity approach, 691security tokens, 853seeds, 688–689seek, file, 506seek time (disks), 468, 473segmentation, 364–366
basic method, 364–366defined, 364hardware, 365–366
BMind.qxd 2/20/13 6:11 PM Page 936
Index 937
Intel 32 and 64-bit architectures example,384–385
segment base, 366segment limit, 366segment tables, 366semantics:
consistency, 532–533copy, 606immutable-shared-files, 533session, 533
semaphore(s), 213–218binary, 214counting, 214and deadlocks, 217defined, 213implementation, 215–217implementation of monitors using, 229–230and priority inversion, 217–218and starvation, 217usage of, 214–215
semaphore objects (Windows 7), 841semiconductor memory, 11sense key, 608sequential access (files), 513sequential-access devices, 893sequential devices, 598, 599serial ATA (SATA) buses, 469server(s), 5
defined, 766in SSL, 683
server-message-block (SMB), 871server subject (Windows 7), 700Service Control Manager (SCM), 860services, operating system, 55–58, 115session hijacking, 659session layer, 757session manager subsystem (SMSS), 862session object, 847session semantics, 533session space, 846sharable devices, 598, 599shares, 299shared files, immutable, 533shared libraries, 358, 400shared lock, 508shared memory, 122, 400shared-memory model, 73, 124–126sharing:
load, 278, 742and paging, 376–377
resource, 742time, 20
shells, 58shell script, 511shortest-job-first (SJF) scheduling
algorithm, 267–270shortest-remaining-time-first scheduling, 269shortest-seek-time (SSTF) scheduling
algorithm, 474–475short-term scheduler (CPU scheduler), 113,
263shoulder surfing, 686SID (security identity), 853signals:
Linux, 818UNIX, 183–185
signaled state, 233signal handlers, 183–185signatures, 692–693signature-based detection, 692simple operating system structure, 78simple subject (Windows 7), 700simulation(s), 302single indirect blocks, 559single-level directories, 518–519single-processor systems, 13–14, 261single-threaded processes, 163singly linked lists, 32SJF scheduling algorithm, 267–270Skype, 40slab allocation, 437–439, 802–803Slackware, 785slices, 516slim reader-writer (SRW) locks, 879SLOB allocator, 439SLUB allocator, 439small-area networks, 37small computer-systems interface, see under
SCSISMB (server-message-block), 871SMP, see symmetric multiprocessingSMSS (session manager subsystem), 862snapshots, 570sniffing, 686social engineering, 660sockets, 136–138socket interface, 601soft affinity, 280soft error, 479software as a service (SaaS), 42
BMind.qxd 2/20/13 6:11 PM Page 937
938 Index
software capability, 643software interrupts (traps), 593software objects, 627Solaris, 46
and processor affinity, 280scheduling example, 297–299swap-space management in, 483–484synchronization in, 235–237virtual memory in, 446–447
solid-state disks (SSDs), 11, 28, 469, 478sorted queue, 817source-code viruses, 667source files, 504space maps, 563–564SPARC, 383sparseness, 381, 400spawn, 670speed:
of operations (I/O devices), 599relative, 207
spoofed client identification, 530spoofing, 697spool, 607spooling, 607, 893–894spyware, 662SRM (security reference monitor),
858–859SRW (slim reader-writer) locks, 879SSDs, see solid-state disksSSL 3.0, 683–685SSTF scheduling algorithm, 474–475stable storage, 494–496stack, 65, 106stack algorithms, 417stack frame, 664–665stack inspection, 648stack-overflow attacks, 663–666stalling, 352standard swapping, 358–360standby thread state (Windows 7), 839starvation, see indefinite blockingstate (of process), 107stateless DFS, 532state restore, 114state save, 114static linking, 357–358, 809static protection, 628status information, 74status register, 590stealth viruses, 668
storage, 9–12. See also mass-storagestructure
definitions and notations, 9nonvolatile, 11–12secondary, 10, 543tertiary, 27thread-local, 187utility, 493volatile, 11
storage-area networks (SANs), 18, 471, 472storage array, 485storage management, 26–30
caching, 27–29I/O systems, 29–30mass-storage management, 27with virtual machines, 732–733
stored program computers, 888stream ciphers, 677stream head, 613stream modules, 613–614STREAMS mechanism, 613–615string, reference, 412stripe set, 868stubs, 357stub routines, 872subsystems, 135SunOS, 46superblock, 546superblock objects, 551, 809superuser, 688supervisor mode, see kernel modeSurface Computer, 863SuSE, 785suspended state, 715, 878swap map, 484swapper (term), 401swapping, 20, 113, 358–360, 401
in Linux, 806on mobile systems, 360, 407paging vs., 482standard, 358–360
swap space, 404swap-space management, 482–484switch architecture, 12switching:
circuit, 755domain, 629fast-user, 863–864message, 755packet, 755–756
BMind.qxd 2/20/13 6:11 PM Page 938
Index 939
symbolic links, 845symbolic-link objects, 845symmetric coupling, 17symmetric encryption, 676–677symmetric encryption algorithm, 676symmetric mode, 17symmetric multiprocessing (SMP), 15–16,
279, 800synchronization, 129. See also process
synchronizationsynchronous devices, 598, 599synchronous message passing, 129synchronous threading, 172synchronous writes, 567SYSGEN, 91–92system boot, 92–93system calls (monitor calls), 8, 62–65
and API, 63–64for communication, 72–73for device management, 71–72for file management, 71functioning of, 62–65for information maintenance, 72for process control, 67–71
system-call firewalls, 698system-call interface, 64system-contention scope (SCS), 277system daemons, 8system-development time, 715system disk, see boot disksystem files, 520system generation (SYSGEN), 91–92system hive, 861system libraries (Linux), 787, 788system mode, see kernel modesystem processes, 8, 844–845system programs, 74–75systems programs, 6system resource-allocation graph, 319–321system restore point, 861system utilities, 74–75, 787, 788system-wide open-file table, 546
T
table(s), 398file-allocation, 557hash, 552–553master file, 546
mount, 549, 611open-file, 507page, 404, 847per-process open-file, 547routing, 753segment, 366system-wide open-file, 546
tags, 637tapes, magnetic, 469–470target latency, 797target thread, 185task control blocks, see process control
blockstask parallelism, 168–169TCB (trusted computer base), 698TCP/IP, see Transmission Control
Protocol/Internet ProtocolTCP sockets, 137TDI (transport driver interface), 870TEBs (thread environment blocks), 880telnet, 616, 744terminal applications, 96terminal concentrators, 616terminal server systems, 864terminated state, 107terminated thread state (Windows 7), 839termination:
cascading, 121process, 120–121, 337–338
tertiary storage devices, 27text files, 504text section (of process), 106theft of service, 658THE operating system, 896–897thin clients, 35third extended file system (ext3), 811–813thrashing, 425–430
cause of, 426–427defined, 426and page-fault-frequency strategy, 429–430and working-set model, 427–429
threads. See also multithreadingcancellation, thread, 185–186components of, 163functions of, 163–166idle, 294implicit threading, 177–183kernel, 169in Linux, 189–191, 795and multicore programming, 166–169
BMind.qxd 2/20/13 6:11 PM Page 939
940 Index
threads. (contd.)and process model, 109scheduling of, 277–278target, 185user, 169in Windows 7, 188–189, 839–841, 876,
878–880thread attach, 853thread environment blocks (TEBs), 880thread libraries, 171–177
about, 171–172Java threads, 176–177Pthreads, 172–174Windows threads, 174–176
thread-local storage, 187thread pools, 179–181, 879thread scheduling, 261thread-specific data, 187threats, 658. See also program threatsthroughput, 265thunking, 834tightly coupled systems, see multiprocessor
systemstime:
compile, 354effective access, 405effective memory-access, 374execution, 355of file creation/use, 504load, 354response, 20, 265–266turnaround, 265waiting, 265
time-out schemes, 762time profiles, 72time quantum, 271timer:
programmable interval, 601variable, 24
timers, 601–602timer objects, 841time sharing (multitasking), 20, 115time slice, 796timestamp counters (TSCs), 840–841TLB, see translation lookaside bufferTLB miss, 373TLB reach, 441–442top half interrupt service routines, 799TOPS-20, 900Torvalds, Linus, 781
touch screen (touchscreen computing), 5, 60trace tapes, 303tracks, disk, 468traditional computing, 35–36transactions:
atomic, 210defined, 813in Linux, 813–814in log-structured file systems, 569–570
transactional memory, 239–240transfer rate (disks), 468, 470transition thread state (Windows 7), 839translation lookaside buffer (TLB), 373–375,
849–850transmission control protocol (TCP), 758Transmission Control Protocol/Internet
Protocol (TCP/IP), 758–761, 871transparency, 764, 766, 767transport driver interface (TDI), 870transport layer, 757transport-layer protocol (TCP), 681traps, 21, 403, 594trap-and-emulate method, 717–718trap doors, 662trees, 33, 35tree-structured directories, 521–522triple DES, 677triple indirect blocks, 559Tripwire file system, 695Trojan horses, 661–662trusted computer base (TCB), 698TSCs (timestamp counters), 840–841tunneling viruses, 668turnaround time, 265turnstiles, 236two-factor authentication, 688twofish algorithm, 677two-level directories, 519–521two tuple, 365type 0 hypervisors, 712, 723–724type 1 hypervisors, 712, 724–725type 2 hypervisors, 713, 725type safety (Java), 649
U
UAC (User Account Control), 701UDP (user datagram protocol), 758UDP sockets, 137
BMind.qxd 2/20/13 6:11 PM Page 940
Index 941
UFD (user file directory), 519UFS (UNIX file system), 545UI (user interface), 52–55UMA (uniform memory access), 16UMDF (User-Mode Driver Framework),
856UMS, see user-mode schedulingunbounded capacity (of queue), 130UNC (uniform naming convention), 872UNICODE, 837unified buffer cache, 565unified virtual memory, 565Unifix, 785uniform memory access (UMA), 16uniform naming convention (UNC),
872universal serial buses (USBs), 469UNIX file system (UFS), 545UNIX operating system:
consistency semantics for, 532–533domain switching in, 629–630feature migration with, 887, 888and Linux, 781permissions in, 536signals in, 183–185swapping in, 360
unreliability, 755upcalls, 188upcall handler, 188U.S. Digital Millennium Copyright Act
(DMCA), 44USBs (universal serial buses), 469used objects, 438, 803users, 4–5, 528–529user accounts, 699User Account Control (UAC), 701user authentication, 685–689
with biometrics, 689with passwords, 685–689
user datagram protocol (UDP), 758user-defined signal handlers, 184user file directory (UFD), 519user identifiers (user IDs), 31
effective, 31for files, 504
user interface (UI), 52–55user mobility, 573user mode, 22, 787User-Mode Driver Framework (UMDF),
856
user-mode scheduling (UMS), 296–297, 835,880–881
user-mode threads (UT), 844user programs (user tasks), 105–106, 807user rights (Linux), 822–823user threads, 169UT (user-mode threads), 844utilities, 888utility storage, 493utilization, 889
V
VACB (virtual address control block), 857VADs (virtual address descriptors), 852valid-invalid bit, 375variables:
automatic, 664condition, 879
variable class, 294variable timer, 24VAX minicomputer, 379–380VCPU (virtual CPU), 717vectored I/O, 603–604vector programs, 670vfork() (virtual memory fork), 409VFS, see virtual file systemvictim frames, 411views, 847virtual address, 356virtual address control block (VACB), 857virtual address descriptors (VADs), 852virtual address space, 398–399, 805–806virtual CPU (VCPU), 717virtual file system (VFS), 550–552, 809–811virtualization, 40–41
advantages and disadvantages of,714–716
and application containment, 727–728and emulation, 727and operating-system components,
728–735CPU scheduling, 729I/O, 731–732live migration, 733–735memory management, 730–731storage management, 732–733
para-, 725–726programming-environment, 726–727
BMind.qxd 2/20/13 6:11 PM Page 941
942 Index
virtual machines, 711–738. See alsovirtualization
advantages and disadvantages of, 714–716and binary translation, 718–720examples, 735–737features of, 715–717and hardware assistance, 720–721history of, 713–714Java Virtual Machine, 736–737life cycle of, 722–723trap-and-emulate systems, 717–718type 0 hypervisors, 723–724type 1 hypervisors, 724–725type 2 hypervisors, 725VMware, 735–736
virtual machine control structures(VMCSs), 721
virtual machine manager (VMM), 22–23, 41,712
virtual machine sprawl, 723virtual memory, 20–21, 397–400
and copy-on-write technique, 408–409demand paging for conserving, 401–407
basic mechanism, 402–405with inverted page tables, 442and I/O interlock, 444–445and page size, 440–441and performance, 405–406and prepaging, 439–440and program structure, 442–443pure demand paging, 404and restarting instructions, 404–405and TLB reach, 441–442
direct virtual memory access, 596and frame allocation, 421–425
equal allocation, 423global vs. local allocation, 424proportional allocation, 423–424
kernel, 806–807and kernel memory allocation, 436–439in Linux, 804–807and memory mapping, 430–436
basic mechanism, 430–432I/O, memory-mapped, 435–436in Win32 API, 433–435
page replacement for conserving, 409–421and application performance, 421basic mechanism, 410–413counting-based page replacement, 420
FIFO page replacement, 413–414LRU-approximation page replacement,
418–420LRU page replacement, 416–418optimal page replacement, 414–415and page-buffering algorithms, 420–421
separation of logical memory fromphysical memory by, 398–399
size of, 398in Solaris, 446–447and thrashing, 425–430
cause, 426–427page-fault-frequency strategy, 429–430working-set model, 427–429
unified, 565in Windows, 445–446
virtual memory fork, 409virtual memory (VM) manager, 846–852virtual memory regions, 805virtual private networks (VPNs), 682, 871virtual routing, 753–754viruses, 666–669, 694–696virus dropper, 667VMCSs (virtual machine control structures),
721VMM, see virtual machine managerVM manager, 846–852VMware, 714, 735–736vnode, 550volatile storage, 11volumes, 516volume control block, 546volume management (Windows 7), 868–869volume shadow copies, 870volume table of contents, 516von Neumann architecture, 10VPNs, see virtual private networksvulnerability scans, 690–691
W
WAFL file system, 570, 577–580waiting state, 107waiting thread state (Windows 7), 839waiting time, 265wait queue, 818wait() system call, 120–122WANs, see wide-area networks
BMind.qxd 2/20/13 6:11 PM Page 942
Index 943
Web distributed authoring and versioning(WebDAV), 872
wide-area networks (WANs), 17, 37, 749–750WiFi networks, see wireless networksWin32 API, 433–435, 830–831, 875Windows operating system (generally), 360,
901–902interprocess communication example, 135scheduling example, 294–296threads example, 188–189virtual memory in, 445–446
Windows 7, 829–884application compatibility of, 833–834design principles for, 831–837desktop versions of, 830–831dynamic device support, 837, 838and energy efficiency, 837extensibility of, 836fast-user switching with, 863–864file system, 864–870
change journal, 870compression and encryption, 869mount points, 869–870NTFS B1 tree, 865NTFS internal layout, 864–866NTFS metadata, 866recovery, 866–867security, 867volume management and fault
tolerance, 868–869volume shadow copies, 870
history of, 829–831networking, 870–875
Active Directory, 875domains, 874interfaces, 870protocols, 871–873redirectors and servers, 873–874
performance of, 834portability of, 836programmer interface, 875–884
interprocess communication, 881–882kernel object access, 875memory management, 882–884process management, 876–879sharing objects between processes,
875–876reliability of, 832–833security in, 700–701, 831–832
synchronization in, 833–834, 878–879system components for, 838–863
executive, see Windows executivehardware-abstraction layer, 838–839kernel, 839–844
terminal services, 863–864user-mode scheduling in, 296–297
Windows 2000, 832, 833, 836Windows executive, 844–863
booting, 862–863cache manager, 856–858client-server computing, 854–855I/O manager, 855–856object manager, 844–846plug-and-play manager, 860power manager, 860–861process manager, 852–853registry, 861–862security reference monitor, 858–859virtual memory manager, 846–852
Windows group policy, 875Windows NT, 829–830Windows Task Manager, 87, 88Windows thread library, 174–176Windows Vista, 830
security in, 700symbolic links in, 869–870
Windows XP, 830Winsock, 881wireless (WiFi) networks, 35, 748–749Witness, 326word, 9WorkGroup Solutions, 785working sets, 427, 431working-set maximum, 446working-set minimum, 446working-set model, 427–429Workstation (VMWare), 735–736workstations, 5world rights (Linux), 823World Wide Web, 529worms, 670–673WORM (write-once, read-many) format, 27worst-fit strategy, 363write-end (of pipe), 142write only devices, 599write queue, 817writers, 220writing files, 506
BMind.qxd 2/20/13 6:11 PM Page 943
944 Index
X
x86-64 architecture, 387XDR (external data representation), 140XDS-940 operating system, 895–896Xen, 714Xerox, 59XML firewalls, 698
Z
zero capacity (of queue), 130zero-day attacks, 693zero-fill-on-demand technique, 409ZFS file system, 563–564, 570zombie systems, 673zones, 728, 801
BMind.qxd 2/20/13 6:11 PM Page 944