1. The Process is a unit of organization on a coputer. Each process is a distinct actively running embodiment of a program.
  2. Made up of program code, data, and properties.
  3. These properties are:
    1. Identifier- id number
    2. State - running or not, see below
    3. Priority
    4. Program Counter
    5. Memory Pointers - pointers to program and data, and shared memory.
    6. Context data - what's in the registers.
    7. I/O status
    8. Accounting information - time on processor, etc.
  4. These properties are explicitly stored in the OS and together are called the Process control block.
  5. Running States
    1. Processes can be in a number of "states". The two most obvious are running, and not running.
    2. When is a process not running? When some other process is running.
    3. When does a process get to run? When the running process is done, or when the running process's time has expired. (This is how we simulate parallelism in a single processor- change the running process frequently)
    4. How does the CPU switch to the new process? That's the job for the dispatcher
  6. Dispatcher
    1. Dispatcher starts with a clock or timer interrupt.
    2. On PCs these are generated by programmable timers that write to a special register (instead of by the system clock, which really happen too frequently).
    3. with each "tick" of the timer, it increments the value until it reaches some programmed value, and then the interrupt is signalled.
    4. The interrupt handler must first reset the timer, then save the registers (including the PC) of the currently running process to the PCB, load up the registers of next processes, and finally, set the PC.
  7. Example.


    (note that processes can be switch for timeout, where they go back on the ready queue, or by I/O blocking, where they go on the blocked queue)
  8. So how does the dispatcher know what process to run next? Well, typically, it will have a queue of all processes that are ready to run but not running. This is called the ready queue. The dispatcher enqueues the old process, and dequeues the new one from the head.
  9. Process creation and termination.
    1. Processes are created (spawned) by other processes. In unix this is called a fork().
    2. the new process is called the child process, and the old is the parent.
    3. How does this work? Well...
      1. the call to fork() is a system call. The first part of it is just a function call to a library. The parent process is still running.
      2. The function does a little set up and then it generates a software interrupt.
      3. The CPU is set to kernel mode.
      4. The handler sees that it was a fork, and starts to process it. (calls do_fork()).
      5. the function makes a copy of the parent: allocate the memory, copy program and data, create new PCB, copy the PCB, add the child to the ready queue, reseut CPU to user mode, and return.
      6. Recall that exec() is what makes the process a new program.
    4. Processes end because they ask to (exit()), there was an error, or they get a signal.
    5. depending on how it is initiated, the beginning of termination can be different, but eventually, like fork, the system will run do_exit(), which frees all the memory, deletes the PCB, and calls the dispatcher to see who runs next.
  10. Five state model.
  11. Multiple blocked queues.
  12. Suspended processes, swapping.
    1. Sometimes we will want to have more processes going than we have room for in main memory.
    2. One thing we can do is use virtual memory, where some processes are not in RAM but on disk.
    3. When the system goes to add a new process that doesn't fit in RAM, the memory is allocated, but on disk, not RAM. It is still added to the ready queue.
    4. If the dispatcher ever tries to run a process that is on disk, it swaps that process with one that is already in RAM. Copy the one process to disk, deallocate its memory, and copy the one from disk into RAM
    5. There are many strategy on what to pick, but one obvious one is to select a process that is blocked.
    6. This gives us more states a process can be in.
    7. Note we can also suspend a process directly, either from another process or from the user.
  13. Organization of the kernel.
    1. Three basic models:
    2. The first is the easiest to conceptualize, everything happens in the kernel. Very hard to debug because modularity breaks down.
    3. Next model, we link SOME OS functions into the processes themselves. That way, some OS functions don't require a switch to the kernel. (even keep the PCB in the process itself).
    4. 3- clean and modular. Slower.
  14. Security.
    1. For security in OS, we will look at many issues. With respect to processes, it has mostly to do with obtaining a process that executes with root access.
    2. Intruders.
      1. Masquerader - uses a legitimate users account
      2. Misfeasor - legitimate user who accesses data they shouldn't
      3. Clandestine - escalates to root privileges.
    3. Software/malware
      1. trojans and viruses.
      2. backdoors and logic bombs.
    4. Countermeasures
      1. Intrusion Detection Systems
        1. Host-based, monitor system activity
        2. Network-based, monitor network packets.
      2. Authentication
        1. Something the person knows
        2. Something the person possesses
        3. Something the person is
        4. Something the person does (dynamic biometrics)
      3. Access Control
      4. Firewalls