20135205 Information Security System Design Foundation 11th Week study Summary

Eighth. Abnormal control Flow

Exceptions and their types

Exception: A mutation in the control flow that responds to certain changes in the processor state.

In the processor, the state is encoded as a different bit and signal. A state change is called an event. The event may not be related to the execution of the current instruction.

In any case, when the processor detects that an event occurs, it passes an indirect call exception through a jump table called the exception table, to an operating subroutine specifically designed to handle such events (exception handlers)

When the exception handler finishes processing, one of the following three scenarios occurs depending on the type of event that caused the exception:

1) The handler returns control to the current instruction, which is the instruction being executed when the event occurs.

2) The handler returns control to Inext, which is the next instruction that will be executed if no exception occurs.

3) The handler terminates the interrupted program.

Exception number: Each of the possible types of exceptions in the system is assigned an exception number that is a unique nonnegative integer.

Exception Table Base Register: The exception number is the index to the exception table, and the starting address of the exception table is placed in a special CPU register called the exception table base register.

Exception categories: Interrupts, traps, failures, and terminations.

1, Interrupt: Asynchronous occurs, is the result of the signal from the I/O device outside the processor. A hardware interrupt is not caused by any particular instruction, and in this sense it is asynchronous. The exception handlers for hardware interrupts are often referred to as interrupt handlers.

2, traps: Traps are intentional exceptions, is the result of executing an instruction. Just like an interrupt handler, the trap handler returns control to the next instruction. The most important use of traps is to provide a process-like interface between the user program and the kernel, called a system call.

3, fault: caused by the error condition, it may be able to be corrected by the fault handling program. When a failure occurs, the processor transfers control to the fault handler. If the handler is able to fix the error condition, it will control the return to the command that caused the failure and re-execute it. Otherwise, the handler returns to the abort routine in the kernel, and the abort routine terminates the application that caused the failure.

4. Termination: The result of a fatal error that is not recoverable at the time of termination, usually a hardware error. The terminating handler never returns control to the application.

Processes and concurrency

A separate logical control flow that provides an illusion as if our program exclusively uses the processor.

A private address space that provides an illusion as if our program exclusively uses the memory system

Concurrent flow: The execution of one logical stream overlaps another stream in time, which is known as running concurrently.

Concurrency: A common phenomenon that occurs concurrently with multiple streams is called concurrency. The concept of a process and other processes running in turn is called multi-tasking. Each time period that a process executes as part of its control flow is called a time slice. So multitasking is also called time slicing.

A processor typically provides this functionality with a pattern bit in a control register that describes the privileges currently enjoyed by the process. When a pattern bit is set, the process runs in kernel mode (sometimes called Super User mode).

When no mode bit is set, the process runs in user mode. A process in user mode does not allow the execution of privileged directives. It also does not allow processes in user mode to directly reference code and data within the kernel area of the address space. Any such attempt can lead to a fatal protection failure. The user program must have access to the kernel code and data indirectly through the system call interface.

Linux provides a clever mechanism called the/proc file system, which allows the user-mode process to access the contents of the kernel data structure.

Process Control

PID: Each program has a unique positive (not 0) process ID.

The Getpid function returns the PID of the calling process. The Getppid function returns the PID of its parent process (the process that created the calling process). All two functions return an integer value of type pid_t.

20135205 Information Security System Design Foundation 11th Week study Summary