SlideShare a Scribd company logo
1 of 68
Operating Systems - A Primer
Introduction
# who am i Saumil Shah CEO Net-square. Hacker, Speaker, Trainer, Author. M.S. Computer Science Purdue University. Google: "saumil" LinkedIn: saumilshah
Preview
CPU and Registers
The CPU We shall discuss the Intel x86 32-bit CPU.
The CPU We shall discuss the Intel x86 32-bit CPU. The CPU has REGISTERS.
The CPU We shall discuss the Intel x86 32-bit CPU. The CPU has REGISTERS. "Variables" on the CPU, hard-wired. Size is equal to the "machine word". (32 bits)
What do Registers do?
What do Registers do? Registers hold data.
What do Registers do? Registers hold data. They may be numbers... ...or memory addresses (pointers)
What do Registers do? Registers hold data. They may be numbers... ...or memory addresses (pointers) Using registers, the CPU can perform computations, read and write memory, and execute instructions.
x86 Registers - the basics EAX ESI EBX EDI ECX ESP EDX EBP EIP EFLAGS there are more, but this is good enough for now.
x86 Registers - General Purpose EAX Accumulator EBX Base ECX Count EDX Data
x86 Registers - General Purpose EAX Accumulator EBX Base ECX Count EDX Data Used for Integer operations (arithmetic), returning values (EAX), loops (ECX), or anything the compiler wishes to use them for.
x86 Registers - Pointers ESI Source Index EDI Destination Index
x86 Registers - Pointers ESI Source Index EDI Destination Index These are POINTERS, used for block copy operations. ESI = address of source, EDI = address of destination, ECX = count of bytes/words to be copied.
x86 Registers - Stack Related Stack Pointer ESP Frame Pointer (Base Pointer) EBP
x86 Registers - Stack Related Stack Pointer points to the top of the process stack. Stack Pointer ESP Frame Pointer (Base Pointer) EBP
x86 Registers - Stack Related Stack Pointer points to the top of the process stack. Stack Pointer ESP Frame Pointer (Base Pointer) EBP Frame pointer points to FRAMES within the stack. Frames store data for functions.
x86 Registers - EIP EIP Instruction Pointer (program counter)
x86 Registers - EIP A very important register. Points to a memory address from where the CPU fetches and executes the next instruction. EIP autoincrements after every instruction. EIP Instruction Pointer (program counter)
x86 Registers - Flags EFLAGS Bit Flags
x86 Registers - Flags Individual bits indicate status of operations. Boolean values. Never treated as a full register, just individual bit flags. EFLAGS Bit Flags
Operating System Basics
The Operating System Modern Operating Systems are very complex and do many things. We shall discuss only the basic concepts and functions of an OS.
The Operating System Modern Operating Systems are very complex and do many things. We shall discuss only the basic concepts and functions of an OS. Multitasking and Multiprogramming Processes The Virtual Machine
What is Multiprogramming?
What is Multiprogramming? The ability to store and execute multiple programs in the memory
What is Multiprogramming? The ability to store and execute multiple programs in the memory ...and what is Multitasking?
What is Multiprogramming? The ability to store and execute multiple programs in the memory ...and what is Multitasking? Running multiple PROCESSES at the SAME TIME.
So what is a "Process"?
So what is a "Process"? A PROCESS is termed as a program that is EXECUTING. A running program.
So what is a "Process"? A PROCESS is termed as a program that is EXECUTING. A running program. A process is an instance of a program. Processes "live" in memory. Programs live on disk. (secondary storage) A program may have multiple processes of its own self.
How do multiple processes run simultaneously?
How do multiple processes run simultaneously? By TIME SLICING and CONTEXT-SWITCHING
How do multiple processes run simultaneously? By TIME SLICING and CONTEXT-SWITCHING Each process runs for a short time and is then PRE-EMPTED to let another process run. This happens so fast, it appears as if all processes are running simultaneously. This is called MULTITASKING
Processes and Multitasking
Multitasking Process Queue P2 P3 P4 P1 CPU Process P1 is running. It shall continue to run for a small period of time, called a QUANTUM.
Multitasking P2 P3 P4 P1 Time Slice Interrupt CPU An INTERRUPT is triggered at the end of the quantum. A snapshot of P1's registers (P1's CONTEXT) is saved.
Multitasking P2 P3 P4 P1 CPU P1 is then PRE-EMPTED. It is brought back into the process queue.
Multitasking P2 P3 P4 P1 CPU It is P2's turn now. P2's context is loaded into the CPU's registers. This is called CONTEXT SWITCHING.
Multitasking P1 P3 P4 P2 CPU P2 is scheduled to execute on the CPU.
Multitasking P1 P3 P4 P2 CPU P2 runs for the next quantum.
Multitasking P1 P3 P4 P2 Time Slice Interrupt CPU P2's context is now saved.
Multitasking P1 P3 P4 P2 CPU P2 is PRE-EMPTED. It is brought back into the process queue. Next it will be P3's turn, and so on.
Virtual Machines and Process Memory Maps
What is a Virtual Machine?
What is a Virtual Machine? A view of ABSTRACTED HARDWARE as presented to a PROCESS by the OS.
What is a Virtual Machine? A view of ABSTRACTED HARDWARE as presented to a PROCESS by the OS. A process sees its OWN view of the CPU, Memory, Storage, and other devices. Every process runs in its own "virtual" machine. This is how the OS ensures process memory and resource segregation.
Do processes have their OWN view of the memory? Yes. Processes see "Virtual Memory"
Do processes have their OWN view of the memory? Yes. Processes see "Virtual Memory" Physical memory is divided into PAGES. A process is assigned pages as needed. This is done by the Memory Management Unit (MMU) From the process' point of view, it seems to have all the memory to itself.
Pages from P1's memory are mapped from physical memory. P1 sees a "virtual address space". Physical Memory P1's memory Physical and Virtual Memory
Physical and Virtual Memory Similarly for P2. Physical Memory P1's memory P2's memory
Can one process access another's memory? No. A process can only access its own virtual memory space.
Can one process access another's memory? No. A process can only access its own virtual memory space. A process CANNOT access physical memory.
The Process' view of memory Process Memory has its own VIRTUAL ADDRESS SPACE. Typically 2 to 3 GB. Binary Heap It is called a PROCESS MEMORY MAP. Lib 3GB (Linux) 2GB (Win32) Lib Lower addresses represented at the top of the map. Higher addresses at the bottom. Lib Stack Process' Virtual Memory
Linux Process Memory Map 0x08000000 Binary Heap Lib 3GB Lib Lib Stack 0xbfffffff Linux Process Memory Map
An example Here's how to view a process' memory map in Linux. The process here is PID 1110. saumil@localhost:$ pmap 1110 1110:   /home/nweb/nweb 8181 /home/nweb  08048000      8K read/exec         /home/nweb/nweb 0804a000      4K read/write        /home/nweb/nweb 0804b000      8K read/write/exec     [ anon ] 40000000     72K read/exec         /lib/ld-2.3.1.so 40012000      4K read/write        /lib/ld-2.3.1.so 40013000      4K read/write          [ anon ] 40019000   1204K read/exec         /lib/i686/libc-2.3.1.so 40146000     16K read/write        /lib/i686/libc-2.3.1.so 4014a000      8K read/write          [ anon ] bfffe000      8K read/write/exec     [ anon ]  total     1336K
The Big Picture
CPU NIC Storage Physical Memory
File System Network Stack Scheduler MMU Driver Driver CPU NIC Storage Physical Memory
kernel space System Calls File System Network Stack Loader Scheduler MMU Driver Driver CPU NIC Storage Physical Memory
user space Virtual Memory PROCESS Virtual Memory PROCESS Virtual Memory PROCESS CPU FS N/W CPU FS N/W CPU FS N/W kernel space System Calls File System Network Stack Loader Scheduler MMU Driver Driver CPU NIC Storage Physical Memory
user space Virtual Memory PROCESS Virtual Memory PROCESS Virtual Memory PROCESS CPU FS N/W CPU FS N/W CPU FS N/W kernel space System Calls File System Network Stack Loader Scheduler MMU Driver Driver CPU NIC Storage Physical Memory
Key Concepts
Review
END

More Related Content

What's hot

Windows 10 Nt Heap Exploitation (English version)
Windows 10 Nt Heap Exploitation (English version)Windows 10 Nt Heap Exploitation (English version)
Windows 10 Nt Heap Exploitation (English version)Angel Boy
 
twlkh-linux-vsyscall-and-vdso
twlkh-linux-vsyscall-and-vdsotwlkh-linux-vsyscall-and-vdso
twlkh-linux-vsyscall-and-vdsoViller Hsiao
 
Binary exploitation - AIS3
Binary exploitation - AIS3Binary exploitation - AIS3
Binary exploitation - AIS3Angel Boy
 
Android Services Black Magic by Aleksandar Gargenta
Android Services Black Magic by Aleksandar GargentaAndroid Services Black Magic by Aleksandar Gargenta
Android Services Black Magic by Aleksandar GargentaMarakana Inc.
 
Introducing ARM-X
Introducing ARM-XIntroducing ARM-X
Introducing ARM-XSaumil Shah
 
Play with FILE Structure - Yet Another Binary Exploit Technique
Play with FILE Structure - Yet Another Binary Exploit TechniquePlay with FILE Structure - Yet Another Binary Exploit Technique
Play with FILE Structure - Yet Another Binary Exploit TechniqueAngel Boy
 
Kernel Recipes 2019 - ftrace: Where modifying a running kernel all started
Kernel Recipes 2019 - ftrace: Where modifying a running kernel all startedKernel Recipes 2019 - ftrace: Where modifying a running kernel all started
Kernel Recipes 2019 - ftrace: Where modifying a running kernel all startedAnne Nicolas
 
Embedded_Linux_Booting
Embedded_Linux_BootingEmbedded_Linux_Booting
Embedded_Linux_BootingRashila Rr
 
Find your own iOS kernel bug
Find your own iOS kernel bugFind your own iOS kernel bug
Find your own iOS kernel bugGustavo Martinez
 
Linux MMAP & Ioremap introduction
Linux MMAP & Ioremap introductionLinux MMAP & Ioremap introduction
Linux MMAP & Ioremap introductionGene Chang
 
/proc/irq/<irq>/smp_affinity
/proc/irq/<irq>/smp_affinity/proc/irq/<irq>/smp_affinity
/proc/irq/<irq>/smp_affinityTakuya ASADA
 
Decompressed vmlinux: linux kernel initialization from page table configurati...
Decompressed vmlinux: linux kernel initialization from page table configurati...Decompressed vmlinux: linux kernel initialization from page table configurati...
Decompressed vmlinux: linux kernel initialization from page table configurati...Adrian Huang
 
Debugging linux kernel tools and techniques
Debugging linux kernel tools and  techniquesDebugging linux kernel tools and  techniques
Debugging linux kernel tools and techniquesSatpal Parmar
 

What's hot (20)

Interrupts on xv6
Interrupts on xv6Interrupts on xv6
Interrupts on xv6
 
Windows 10 Nt Heap Exploitation (English version)
Windows 10 Nt Heap Exploitation (English version)Windows 10 Nt Heap Exploitation (English version)
Windows 10 Nt Heap Exploitation (English version)
 
twlkh-linux-vsyscall-and-vdso
twlkh-linux-vsyscall-and-vdsotwlkh-linux-vsyscall-and-vdso
twlkh-linux-vsyscall-and-vdso
 
Binary exploitation - AIS3
Binary exploitation - AIS3Binary exploitation - AIS3
Binary exploitation - AIS3
 
淺談探索 Linux 系統設計之道
淺談探索 Linux 系統設計之道 淺談探索 Linux 系統設計之道
淺談探索 Linux 系統設計之道
 
Android Services Black Magic by Aleksandar Gargenta
Android Services Black Magic by Aleksandar GargentaAndroid Services Black Magic by Aleksandar Gargenta
Android Services Black Magic by Aleksandar Gargenta
 
Memory model
Memory modelMemory model
Memory model
 
Introducing ARM-X
Introducing ARM-XIntroducing ARM-X
Introducing ARM-X
 
Virtual Machine Constructions for Dummies
Virtual Machine Constructions for DummiesVirtual Machine Constructions for Dummies
Virtual Machine Constructions for Dummies
 
Play with FILE Structure - Yet Another Binary Exploit Technique
Play with FILE Structure - Yet Another Binary Exploit TechniquePlay with FILE Structure - Yet Another Binary Exploit Technique
Play with FILE Structure - Yet Another Binary Exploit Technique
 
Kernel Recipes 2019 - ftrace: Where modifying a running kernel all started
Kernel Recipes 2019 - ftrace: Where modifying a running kernel all startedKernel Recipes 2019 - ftrace: Where modifying a running kernel all started
Kernel Recipes 2019 - ftrace: Where modifying a running kernel all started
 
Embedded_Linux_Booting
Embedded_Linux_BootingEmbedded_Linux_Booting
Embedded_Linux_Booting
 
Find your own iOS kernel bug
Find your own iOS kernel bugFind your own iOS kernel bug
Find your own iOS kernel bug
 
SPI Drivers
SPI DriversSPI Drivers
SPI Drivers
 
Learn C Programming Language by Using GDB
Learn C Programming Language by Using GDBLearn C Programming Language by Using GDB
Learn C Programming Language by Using GDB
 
Linux MMAP & Ioremap introduction
Linux MMAP & Ioremap introductionLinux MMAP & Ioremap introduction
Linux MMAP & Ioremap introduction
 
/proc/irq/<irq>/smp_affinity
/proc/irq/<irq>/smp_affinity/proc/irq/<irq>/smp_affinity
/proc/irq/<irq>/smp_affinity
 
Qemu JIT Code Generator and System Emulation
Qemu JIT Code Generator and System EmulationQemu JIT Code Generator and System Emulation
Qemu JIT Code Generator and System Emulation
 
Decompressed vmlinux: linux kernel initialization from page table configurati...
Decompressed vmlinux: linux kernel initialization from page table configurati...Decompressed vmlinux: linux kernel initialization from page table configurati...
Decompressed vmlinux: linux kernel initialization from page table configurati...
 
Debugging linux kernel tools and techniques
Debugging linux kernel tools and  techniquesDebugging linux kernel tools and  techniques
Debugging linux kernel tools and techniques
 

Similar to Operating Systems - A Primer

Guide to alfresco monitoring
Guide to alfresco monitoringGuide to alfresco monitoring
Guide to alfresco monitoringMiguel Rodriguez
 
5.6 Basic computer structure microprocessors
5.6 Basic computer structure   microprocessors5.6 Basic computer structure   microprocessors
5.6 Basic computer structure microprocessorslpapadop
 
Linux Server Deep Dives (DrupalCon Amsterdam)
Linux Server Deep Dives (DrupalCon Amsterdam)Linux Server Deep Dives (DrupalCon Amsterdam)
Linux Server Deep Dives (DrupalCon Amsterdam)Amin Astaneh
 
Computer System.ppt
Computer System.pptComputer System.ppt
Computer System.pptjguuhxxxfp
 
Computer System Architecture - Computer System Architecture
Computer System Architecture - Computer System ArchitectureComputer System Architecture - Computer System Architecture
Computer System Architecture - Computer System Architecturessusera1e32a1
 
lec5 - The processor.pptx
lec5 - The processor.pptxlec5 - The processor.pptx
lec5 - The processor.pptxMahadevaAH
 
Unix operating system basics
Unix operating system basicsUnix operating system basics
Unix operating system basicsSankar Suriya
 
linux monitoring and performance tunning
linux monitoring and performance tunning linux monitoring and performance tunning
linux monitoring and performance tunning iman darabi
 
Bios, processorand motherboard
Bios, processorand  motherboardBios, processorand  motherboard
Bios, processorand motherboardImranulHasan6
 
Instruction Set Architecture
Instruction Set ArchitectureInstruction Set Architecture
Instruction Set ArchitectureJaffer Haadi
 
Linux System Monitoring
Linux System Monitoring Linux System Monitoring
Linux System Monitoring PriyaTeli
 
Ayw computer working
Ayw computer workingAyw computer working
Ayw computer workingpbeerak
 
OSDC 2017 | Open POWER for the data center by Werner Fischer
OSDC 2017 | Open POWER for the data center by Werner FischerOSDC 2017 | Open POWER for the data center by Werner Fischer
OSDC 2017 | Open POWER for the data center by Werner FischerNETWAYS
 
OSDC 2017 - Werner Fischer - Open power for the data center
OSDC 2017 - Werner Fischer - Open power for the data centerOSDC 2017 - Werner Fischer - Open power for the data center
OSDC 2017 - Werner Fischer - Open power for the data centerNETWAYS
 
OSDC 2017 | Linux Performance Profiling and Monitoring by Werner Fischer
OSDC 2017 | Linux Performance Profiling and Monitoring by Werner FischerOSDC 2017 | Linux Performance Profiling and Monitoring by Werner Fischer
OSDC 2017 | Linux Performance Profiling and Monitoring by Werner FischerNETWAYS
 
Assembly Language for x86 Processors 7th Edition Chapter 2 : x86 Processor Ar...
Assembly Language for x86 Processors 7th Edition Chapter 2 : x86 Processor Ar...Assembly Language for x86 Processors 7th Edition Chapter 2 : x86 Processor Ar...
Assembly Language for x86 Processors 7th Edition Chapter 2 : x86 Processor Ar...ssuser65bfce
 

Similar to Operating Systems - A Primer (20)

Guide to alfresco monitoring
Guide to alfresco monitoringGuide to alfresco monitoring
Guide to alfresco monitoring
 
5.6 Basic computer structure microprocessors
5.6 Basic computer structure   microprocessors5.6 Basic computer structure   microprocessors
5.6 Basic computer structure microprocessors
 
Linux Server Deep Dives (DrupalCon Amsterdam)
Linux Server Deep Dives (DrupalCon Amsterdam)Linux Server Deep Dives (DrupalCon Amsterdam)
Linux Server Deep Dives (DrupalCon Amsterdam)
 
Computer System.ppt
Computer System.pptComputer System.ppt
Computer System.ppt
 
Computer System Architecture - Computer System Architecture
Computer System Architecture - Computer System ArchitectureComputer System Architecture - Computer System Architecture
Computer System Architecture - Computer System Architecture
 
Presentation1.pptx
Presentation1.pptxPresentation1.pptx
Presentation1.pptx
 
Os
OsOs
Os
 
Os
OsOs
Os
 
lec5 - The processor.pptx
lec5 - The processor.pptxlec5 - The processor.pptx
lec5 - The processor.pptx
 
Unix operating system basics
Unix operating system basicsUnix operating system basics
Unix operating system basics
 
linux monitoring and performance tunning
linux monitoring and performance tunning linux monitoring and performance tunning
linux monitoring and performance tunning
 
Bios, processorand motherboard
Bios, processorand  motherboardBios, processorand  motherboard
Bios, processorand motherboard
 
Cpu
CpuCpu
Cpu
 
Instruction Set Architecture
Instruction Set ArchitectureInstruction Set Architecture
Instruction Set Architecture
 
Linux System Monitoring
Linux System Monitoring Linux System Monitoring
Linux System Monitoring
 
Ayw computer working
Ayw computer workingAyw computer working
Ayw computer working
 
OSDC 2017 | Open POWER for the data center by Werner Fischer
OSDC 2017 | Open POWER for the data center by Werner FischerOSDC 2017 | Open POWER for the data center by Werner Fischer
OSDC 2017 | Open POWER for the data center by Werner Fischer
 
OSDC 2017 - Werner Fischer - Open power for the data center
OSDC 2017 - Werner Fischer - Open power for the data centerOSDC 2017 - Werner Fischer - Open power for the data center
OSDC 2017 - Werner Fischer - Open power for the data center
 
OSDC 2017 | Linux Performance Profiling and Monitoring by Werner Fischer
OSDC 2017 | Linux Performance Profiling and Monitoring by Werner FischerOSDC 2017 | Linux Performance Profiling and Monitoring by Werner Fischer
OSDC 2017 | Linux Performance Profiling and Monitoring by Werner Fischer
 
Assembly Language for x86 Processors 7th Edition Chapter 2 : x86 Processor Ar...
Assembly Language for x86 Processors 7th Edition Chapter 2 : x86 Processor Ar...Assembly Language for x86 Processors 7th Edition Chapter 2 : x86 Processor Ar...
Assembly Language for x86 Processors 7th Edition Chapter 2 : x86 Processor Ar...
 

More from Saumil Shah

The Hand That Strikes, Also Blocks
The Hand That Strikes, Also BlocksThe Hand That Strikes, Also Blocks
The Hand That Strikes, Also BlocksSaumil Shah
 
Debugging with EMUX - RIngzer0 BACK2WORKSHOPS
Debugging with EMUX - RIngzer0 BACK2WORKSHOPSDebugging with EMUX - RIngzer0 BACK2WORKSHOPS
Debugging with EMUX - RIngzer0 BACK2WORKSHOPSSaumil Shah
 
Unveiling EMUX - ARM and MIPS IoT Emulation Framework
Unveiling EMUX - ARM and MIPS IoT Emulation FrameworkUnveiling EMUX - ARM and MIPS IoT Emulation Framework
Unveiling EMUX - ARM and MIPS IoT Emulation FrameworkSaumil Shah
 
Announcing ARMX Docker - DC11332
Announcing ARMX Docker - DC11332Announcing ARMX Docker - DC11332
Announcing ARMX Docker - DC11332Saumil Shah
 
Precise Presentations
Precise PresentationsPrecise Presentations
Precise PresentationsSaumil Shah
 
Effective Webinars: Presentation Skills for a Virtual Audience
Effective Webinars: Presentation Skills for a Virtual AudienceEffective Webinars: Presentation Skills for a Virtual Audience
Effective Webinars: Presentation Skills for a Virtual AudienceSaumil Shah
 
INSIDE ARM-X Cansecwest 2020
INSIDE ARM-X Cansecwest 2020INSIDE ARM-X Cansecwest 2020
INSIDE ARM-X Cansecwest 2020Saumil Shah
 
Cyberspace And Security - India's Decade Ahead
Cyberspace And Security - India's Decade AheadCyberspace And Security - India's Decade Ahead
Cyberspace And Security - India's Decade AheadSaumil Shah
 
Cybersecurity And Sovereignty - A Look At Society's Transformation In Cyberspace
Cybersecurity And Sovereignty - A Look At Society's Transformation In CyberspaceCybersecurity And Sovereignty - A Look At Society's Transformation In Cyberspace
Cybersecurity And Sovereignty - A Look At Society's Transformation In CyberspaceSaumil Shah
 
NSConclave2020 The Decade Behind And The Decade Ahead
NSConclave2020 The Decade Behind And The Decade AheadNSConclave2020 The Decade Behind And The Decade Ahead
NSConclave2020 The Decade Behind And The Decade AheadSaumil Shah
 
Cybersecurity In India - The Decade Ahead
Cybersecurity In India - The Decade AheadCybersecurity In India - The Decade Ahead
Cybersecurity In India - The Decade AheadSaumil Shah
 
INSIDE ARM-X - Countermeasure 2019
INSIDE ARM-X - Countermeasure 2019INSIDE ARM-X - Countermeasure 2019
INSIDE ARM-X - Countermeasure 2019Saumil Shah
 
The Road To Defendable Systems - Emirates NBD
The Road To Defendable Systems - Emirates NBDThe Road To Defendable Systems - Emirates NBD
The Road To Defendable Systems - Emirates NBDSaumil Shah
 
The CISO's Dilemma 44CON 2019
The CISO's Dilemma 44CON 2019The CISO's Dilemma 44CON 2019
The CISO's Dilemma 44CON 2019Saumil Shah
 
The CISO's Dilemma HITBGSEC2019
The CISO's Dilemma HITBGSEC2019The CISO's Dilemma HITBGSEC2019
The CISO's Dilemma HITBGSEC2019Saumil Shah
 
Schrödinger's ARM Assembly
Schrödinger's ARM AssemblySchrödinger's ARM Assembly
Schrödinger's ARM AssemblySaumil Shah
 
ARM Polyglot Shellcode - HITB2019AMS
ARM Polyglot Shellcode - HITB2019AMSARM Polyglot Shellcode - HITB2019AMS
ARM Polyglot Shellcode - HITB2019AMSSaumil Shah
 
What Makes a Compelling Photograph
What Makes a Compelling PhotographWhat Makes a Compelling Photograph
What Makes a Compelling PhotographSaumil Shah
 
Make ARM Shellcode Great Again - HITB2018PEK
Make ARM Shellcode Great Again - HITB2018PEKMake ARM Shellcode Great Again - HITB2018PEK
Make ARM Shellcode Great Again - HITB2018PEKSaumil Shah
 
HackLU 2018 Make ARM Shellcode Great Again
HackLU 2018 Make ARM Shellcode Great AgainHackLU 2018 Make ARM Shellcode Great Again
HackLU 2018 Make ARM Shellcode Great AgainSaumil Shah
 

More from Saumil Shah (20)

The Hand That Strikes, Also Blocks
The Hand That Strikes, Also BlocksThe Hand That Strikes, Also Blocks
The Hand That Strikes, Also Blocks
 
Debugging with EMUX - RIngzer0 BACK2WORKSHOPS
Debugging with EMUX - RIngzer0 BACK2WORKSHOPSDebugging with EMUX - RIngzer0 BACK2WORKSHOPS
Debugging with EMUX - RIngzer0 BACK2WORKSHOPS
 
Unveiling EMUX - ARM and MIPS IoT Emulation Framework
Unveiling EMUX - ARM and MIPS IoT Emulation FrameworkUnveiling EMUX - ARM and MIPS IoT Emulation Framework
Unveiling EMUX - ARM and MIPS IoT Emulation Framework
 
Announcing ARMX Docker - DC11332
Announcing ARMX Docker - DC11332Announcing ARMX Docker - DC11332
Announcing ARMX Docker - DC11332
 
Precise Presentations
Precise PresentationsPrecise Presentations
Precise Presentations
 
Effective Webinars: Presentation Skills for a Virtual Audience
Effective Webinars: Presentation Skills for a Virtual AudienceEffective Webinars: Presentation Skills for a Virtual Audience
Effective Webinars: Presentation Skills for a Virtual Audience
 
INSIDE ARM-X Cansecwest 2020
INSIDE ARM-X Cansecwest 2020INSIDE ARM-X Cansecwest 2020
INSIDE ARM-X Cansecwest 2020
 
Cyberspace And Security - India's Decade Ahead
Cyberspace And Security - India's Decade AheadCyberspace And Security - India's Decade Ahead
Cyberspace And Security - India's Decade Ahead
 
Cybersecurity And Sovereignty - A Look At Society's Transformation In Cyberspace
Cybersecurity And Sovereignty - A Look At Society's Transformation In CyberspaceCybersecurity And Sovereignty - A Look At Society's Transformation In Cyberspace
Cybersecurity And Sovereignty - A Look At Society's Transformation In Cyberspace
 
NSConclave2020 The Decade Behind And The Decade Ahead
NSConclave2020 The Decade Behind And The Decade AheadNSConclave2020 The Decade Behind And The Decade Ahead
NSConclave2020 The Decade Behind And The Decade Ahead
 
Cybersecurity In India - The Decade Ahead
Cybersecurity In India - The Decade AheadCybersecurity In India - The Decade Ahead
Cybersecurity In India - The Decade Ahead
 
INSIDE ARM-X - Countermeasure 2019
INSIDE ARM-X - Countermeasure 2019INSIDE ARM-X - Countermeasure 2019
INSIDE ARM-X - Countermeasure 2019
 
The Road To Defendable Systems - Emirates NBD
The Road To Defendable Systems - Emirates NBDThe Road To Defendable Systems - Emirates NBD
The Road To Defendable Systems - Emirates NBD
 
The CISO's Dilemma 44CON 2019
The CISO's Dilemma 44CON 2019The CISO's Dilemma 44CON 2019
The CISO's Dilemma 44CON 2019
 
The CISO's Dilemma HITBGSEC2019
The CISO's Dilemma HITBGSEC2019The CISO's Dilemma HITBGSEC2019
The CISO's Dilemma HITBGSEC2019
 
Schrödinger's ARM Assembly
Schrödinger's ARM AssemblySchrödinger's ARM Assembly
Schrödinger's ARM Assembly
 
ARM Polyglot Shellcode - HITB2019AMS
ARM Polyglot Shellcode - HITB2019AMSARM Polyglot Shellcode - HITB2019AMS
ARM Polyglot Shellcode - HITB2019AMS
 
What Makes a Compelling Photograph
What Makes a Compelling PhotographWhat Makes a Compelling Photograph
What Makes a Compelling Photograph
 
Make ARM Shellcode Great Again - HITB2018PEK
Make ARM Shellcode Great Again - HITB2018PEKMake ARM Shellcode Great Again - HITB2018PEK
Make ARM Shellcode Great Again - HITB2018PEK
 
HackLU 2018 Make ARM Shellcode Great Again
HackLU 2018 Make ARM Shellcode Great AgainHackLU 2018 Make ARM Shellcode Great Again
HackLU 2018 Make ARM Shellcode Great Again
 

Recently uploaded

React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...Karmanjay Verma
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...Nikki Chapple
 
All These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFAll These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFMichael Gough
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS:  6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS:  6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integrationmarketing932765
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
Digital Tools & AI in Career Development
Digital Tools & AI in Career DevelopmentDigital Tools & AI in Career Development
Digital Tools & AI in Career DevelopmentMahmoud Rabie
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...panagenda
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructureitnewsafrica
 
Kuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialKuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialJoão Esperancinha
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...BookNet Canada
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...itnewsafrica
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Nikki Chapple
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observabilityitnewsafrica
 

Recently uploaded (20)

React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
 
All These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFAll These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDF
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS:  6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS:  6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
Digital Tools & AI in Career Development
Digital Tools & AI in Career DevelopmentDigital Tools & AI in Career Development
Digital Tools & AI in Career Development
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
 
Kuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialKuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorial
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
 

Operating Systems - A Primer

  • 3. # who am i Saumil Shah CEO Net-square. Hacker, Speaker, Trainer, Author. M.S. Computer Science Purdue University. Google: "saumil" LinkedIn: saumilshah
  • 6. The CPU We shall discuss the Intel x86 32-bit CPU.
  • 7. The CPU We shall discuss the Intel x86 32-bit CPU. The CPU has REGISTERS.
  • 8. The CPU We shall discuss the Intel x86 32-bit CPU. The CPU has REGISTERS. "Variables" on the CPU, hard-wired. Size is equal to the "machine word". (32 bits)
  • 10. What do Registers do? Registers hold data.
  • 11. What do Registers do? Registers hold data. They may be numbers... ...or memory addresses (pointers)
  • 12. What do Registers do? Registers hold data. They may be numbers... ...or memory addresses (pointers) Using registers, the CPU can perform computations, read and write memory, and execute instructions.
  • 13. x86 Registers - the basics EAX ESI EBX EDI ECX ESP EDX EBP EIP EFLAGS there are more, but this is good enough for now.
  • 14. x86 Registers - General Purpose EAX Accumulator EBX Base ECX Count EDX Data
  • 15. x86 Registers - General Purpose EAX Accumulator EBX Base ECX Count EDX Data Used for Integer operations (arithmetic), returning values (EAX), loops (ECX), or anything the compiler wishes to use them for.
  • 16. x86 Registers - Pointers ESI Source Index EDI Destination Index
  • 17. x86 Registers - Pointers ESI Source Index EDI Destination Index These are POINTERS, used for block copy operations. ESI = address of source, EDI = address of destination, ECX = count of bytes/words to be copied.
  • 18. x86 Registers - Stack Related Stack Pointer ESP Frame Pointer (Base Pointer) EBP
  • 19. x86 Registers - Stack Related Stack Pointer points to the top of the process stack. Stack Pointer ESP Frame Pointer (Base Pointer) EBP
  • 20. x86 Registers - Stack Related Stack Pointer points to the top of the process stack. Stack Pointer ESP Frame Pointer (Base Pointer) EBP Frame pointer points to FRAMES within the stack. Frames store data for functions.
  • 21. x86 Registers - EIP EIP Instruction Pointer (program counter)
  • 22. x86 Registers - EIP A very important register. Points to a memory address from where the CPU fetches and executes the next instruction. EIP autoincrements after every instruction. EIP Instruction Pointer (program counter)
  • 23. x86 Registers - Flags EFLAGS Bit Flags
  • 24. x86 Registers - Flags Individual bits indicate status of operations. Boolean values. Never treated as a full register, just individual bit flags. EFLAGS Bit Flags
  • 26. The Operating System Modern Operating Systems are very complex and do many things. We shall discuss only the basic concepts and functions of an OS.
  • 27. The Operating System Modern Operating Systems are very complex and do many things. We shall discuss only the basic concepts and functions of an OS. Multitasking and Multiprogramming Processes The Virtual Machine
  • 29. What is Multiprogramming? The ability to store and execute multiple programs in the memory
  • 30. What is Multiprogramming? The ability to store and execute multiple programs in the memory ...and what is Multitasking?
  • 31. What is Multiprogramming? The ability to store and execute multiple programs in the memory ...and what is Multitasking? Running multiple PROCESSES at the SAME TIME.
  • 32. So what is a "Process"?
  • 33. So what is a "Process"? A PROCESS is termed as a program that is EXECUTING. A running program.
  • 34. So what is a "Process"? A PROCESS is termed as a program that is EXECUTING. A running program. A process is an instance of a program. Processes "live" in memory. Programs live on disk. (secondary storage) A program may have multiple processes of its own self.
  • 35. How do multiple processes run simultaneously?
  • 36. How do multiple processes run simultaneously? By TIME SLICING and CONTEXT-SWITCHING
  • 37. How do multiple processes run simultaneously? By TIME SLICING and CONTEXT-SWITCHING Each process runs for a short time and is then PRE-EMPTED to let another process run. This happens so fast, it appears as if all processes are running simultaneously. This is called MULTITASKING
  • 39. Multitasking Process Queue P2 P3 P4 P1 CPU Process P1 is running. It shall continue to run for a small period of time, called a QUANTUM.
  • 40. Multitasking P2 P3 P4 P1 Time Slice Interrupt CPU An INTERRUPT is triggered at the end of the quantum. A snapshot of P1's registers (P1's CONTEXT) is saved.
  • 41. Multitasking P2 P3 P4 P1 CPU P1 is then PRE-EMPTED. It is brought back into the process queue.
  • 42. Multitasking P2 P3 P4 P1 CPU It is P2's turn now. P2's context is loaded into the CPU's registers. This is called CONTEXT SWITCHING.
  • 43. Multitasking P1 P3 P4 P2 CPU P2 is scheduled to execute on the CPU.
  • 44. Multitasking P1 P3 P4 P2 CPU P2 runs for the next quantum.
  • 45. Multitasking P1 P3 P4 P2 Time Slice Interrupt CPU P2's context is now saved.
  • 46. Multitasking P1 P3 P4 P2 CPU P2 is PRE-EMPTED. It is brought back into the process queue. Next it will be P3's turn, and so on.
  • 47. Virtual Machines and Process Memory Maps
  • 48. What is a Virtual Machine?
  • 49. What is a Virtual Machine? A view of ABSTRACTED HARDWARE as presented to a PROCESS by the OS.
  • 50. What is a Virtual Machine? A view of ABSTRACTED HARDWARE as presented to a PROCESS by the OS. A process sees its OWN view of the CPU, Memory, Storage, and other devices. Every process runs in its own "virtual" machine. This is how the OS ensures process memory and resource segregation.
  • 51. Do processes have their OWN view of the memory? Yes. Processes see "Virtual Memory"
  • 52. Do processes have their OWN view of the memory? Yes. Processes see "Virtual Memory" Physical memory is divided into PAGES. A process is assigned pages as needed. This is done by the Memory Management Unit (MMU) From the process' point of view, it seems to have all the memory to itself.
  • 53. Pages from P1's memory are mapped from physical memory. P1 sees a "virtual address space". Physical Memory P1's memory Physical and Virtual Memory
  • 54. Physical and Virtual Memory Similarly for P2. Physical Memory P1's memory P2's memory
  • 55. Can one process access another's memory? No. A process can only access its own virtual memory space.
  • 56. Can one process access another's memory? No. A process can only access its own virtual memory space. A process CANNOT access physical memory.
  • 57. The Process' view of memory Process Memory has its own VIRTUAL ADDRESS SPACE. Typically 2 to 3 GB. Binary Heap It is called a PROCESS MEMORY MAP. Lib 3GB (Linux) 2GB (Win32) Lib Lower addresses represented at the top of the map. Higher addresses at the bottom. Lib Stack Process' Virtual Memory
  • 58. Linux Process Memory Map 0x08000000 Binary Heap Lib 3GB Lib Lib Stack 0xbfffffff Linux Process Memory Map
  • 59. An example Here's how to view a process' memory map in Linux. The process here is PID 1110. saumil@localhost:$ pmap 1110 1110: /home/nweb/nweb 8181 /home/nweb 08048000 8K read/exec /home/nweb/nweb 0804a000 4K read/write /home/nweb/nweb 0804b000 8K read/write/exec [ anon ] 40000000 72K read/exec /lib/ld-2.3.1.so 40012000 4K read/write /lib/ld-2.3.1.so 40013000 4K read/write [ anon ] 40019000 1204K read/exec /lib/i686/libc-2.3.1.so 40146000 16K read/write /lib/i686/libc-2.3.1.so 4014a000 8K read/write [ anon ] bfffe000 8K read/write/exec [ anon ] total 1336K
  • 61. CPU NIC Storage Physical Memory
  • 62. File System Network Stack Scheduler MMU Driver Driver CPU NIC Storage Physical Memory
  • 63. kernel space System Calls File System Network Stack Loader Scheduler MMU Driver Driver CPU NIC Storage Physical Memory
  • 64. user space Virtual Memory PROCESS Virtual Memory PROCESS Virtual Memory PROCESS CPU FS N/W CPU FS N/W CPU FS N/W kernel space System Calls File System Network Stack Loader Scheduler MMU Driver Driver CPU NIC Storage Physical Memory
  • 65. user space Virtual Memory PROCESS Virtual Memory PROCESS Virtual Memory PROCESS CPU FS N/W CPU FS N/W CPU FS N/W kernel space System Calls File System Network Stack Loader Scheduler MMU Driver Driver CPU NIC Storage Physical Memory
  • 68. END