Information Security system design basics Eighth Cycle Summary (2)

Learning Goals: Review the previous Linux commands,the basics ofLinux Programming, the contents of the first seven chapters of the textbook

Learning Resources: Books

Learning tasks: 1. Review Linux command, especially man-k, cheat, grep-nr xxx/usr/include 2. Review the use of VI, GCC, gdb,make 3. Review the contents of the textbook ch01 ch02 ch03 ch04 ch06 ch07 4. Review the previous questions (answer http://group.cnblogs.com/topic/73060.html) , the next test exam every time the most wrong question 5. Interim Summary Post a blog: Summary of Knowledge points own Harvest (do not impracticality) own deficiencies (to be specific, there are improvement measures) Course suggestions and comments (to justify)

Learning process:

1. ReviewLinuxcommand, especiallyman-k, cheat, grep-nr xxx/usr/include

(1) Man is a system call, such as open,write

Use the man command with the-K option to search online help based on keywords. For example, to find the "sysctl" information, enter the following command in the command:

(1) cheat is an interactive cheat sheet application issued for Linux command line users under the GNU General Public License. It provides a display of Linux command use cases, including all of the options and short but understandable features of the command. Provides simple command options.

(1) The grep command in the Linux system is a powerful text search tool that can use regular expressions to search for text and print matching lines. The grep full name is global Regular expression Print, which represents the globally regular expression version, and its use rights are for all users. [Options] Main parameters:
-C: Outputs only the count of matching rows.
-I: Case insensitive (only for single-character).
-H: The file name is not displayed when querying multiple files.
-L: Only file names that contain matching characters are output when querying multiple files.
-N: Displays matching lines and line numbers.
-S: does not display error messages that do not exist or have no matching text.
-V: Displays all lines that do not contain matching text.
Pattern Regular Expression Main parameters:
\: Ignores the original meaning of special characters in regular expressions.
^: matches the start line of the regular expression.
$: Matches the end line of the regular expression.
\<: Starts from the line that matches the regular expression.
\>: End of line to match regular expression.
[]: A single character, such as [a], a meets the requirements.
[-]: range, such as [A-z], i.e. A, B, C to Z all meet the requirements.
。 : all the individual characters.
*: There are characters, the length can be 0.

N: Display line number

R: Recursive lookup

XXX: The macro you are looking for

2. ReviewVI, GCC, gdb,makethe Use

(1) VI is the most commonly used text editing tool on Unix

command to enter VI
VI FileName: Opens or creates a new file and places the cursor at the beginning of the first
VI +n FileName: Opens the file and places the cursor at the beginning of nth
VI + FileName: Opens the file and places the cursor at the beginning of the last line
VI +/pattern FileName: Opens the file and places the cursor at the first string that matches the pattern
Vi-r FileName: The last time you were editing with VI, a system crash occurred, restoring filename
VI filename....filename: Open multiple files, edit them sequentially

Move Cursor Class command
H: Move the cursor one character to the left
L: Move the cursor right one character
Space: Move the cursor right one character
Backspace: Cursor moves left one character
K or ctrl+p: Move the cursor up one line
J or CTRL + N: Move the cursor down one line
Enter: Move the cursor down one line
W or W: Move the cursor right one word to the beginning of the word
B or B: The cursor moves left one word to the beginning of the word
E or E: Move the cursor right one word j to the end of the word
): Move the cursor to the end of the sentence
(: The cursor moves to the beginning of the sentence
}: Move the cursor to the beginning of the paragraph
{: Cursor moves to end of paragraph
NG: Cursor moves to the beginning of nth
n+: The cursor moves down n rows
N: Move the cursor up n rows
n$: Cursor moves to end of Nth line
H: Move the cursor to the top row of the screen
M: Move the cursor to the middle line of the screen
L: The cursor moves to the last line of the screen
0: (note is the number 0) cursor moves to the beginning of the current line
$: Cursor moves to the end of the current line

Screen Tumbling Class command
Ctrl+u: First half screen to file
Ctrl+d: Half-screen to the end of the file
CTRL+F: Flip a screen to the end of a file
ctrl+b; Turn one screen to the top of the file
NZ: Rolls line N to the top of the screen and scrolls the current line to the top of the screen when n is not specified.

Insert Text Class command
I: Before the cursor
I: At the beginning of the current
A: After the cursor
A: At the end of the current line
O: A new line below the current line
O: New row above the current line
R: Replace the current character
R: Replaces the current character and its characters until the ESC key is pressed
S: replaces the specified number of characters with the input text starting at the current cursor position
S: Deletes the specified number of rows and replaces them with the input text
NCW or NCW: Modifies a specified number of words
NCC: Modifying a specified number of rows

Delete command
NDW or NDW: Delete the n-1 characters at the beginning and after the cursor
Do: Delete to the beginning of the line
d$: Delete to end of line
NDD: Deletes the current line and its subsequent n-1 rows
X or x: Deletes a character, x deletes the cursor, and x deletes the cursor before the
Ctrl+u: Delete text entered under input mode

Search and Replace commands:
/pattern: Searches for pattern at the end of the file from the beginning of the cursor
? pattern: Searches for pattern from the beginning of the cursor to the top of the file
N: Repeat the last search command in the same direction
N: Repeats the last search command in the opposite direction
: s/p1/p2/g: Replaces all P1 in the current row with P2
: n1,n2s/p1/p2/g: All P1 in line N1 to N2 are replaced with P2
: g/p1/s//p2/g: Replace all P1 in the file with P2

Option settings
All: List all option settings
Term: Set terminal type
Ignorance: ignoring case in search
List: Display tab stops (CTRL+I) and end-of-line flags ($)
Number: Show line numbers
Report: Displays the number modified by the line-oriented command
Terse: Displays a short warning message
Warn: Displays no write message if the current file is not saved when you go to another file
Nomagic: Allows the use of special characters that are not preceded by "\" In search mode
Nowrapscan: Prohibit VI from the other end when the search reaches the end of the file
MESG: Allow VI to display information that other users write to their terminal using write

Last line mode command
: N1,N2 CO N3: Copy the contents of the N1 line to the N2 row below the N3 line
: n1,n2 m N3: Move the contents of the N1 line to the N2 line below the N3 line
: n1,n2 d: Delete the contents of N1 rows to N2 rows
: w: Save current file
: E filename: Open file filename for editing
: x: Save current file and exit
: Q: Exit VI
: q!: Do not save file and Exit VI
:!command: Execute shell command
: n1,n2 W!command: The contents of the N1 line to the N2 line in the file as input and execution of the command, if not referred to
N1,N2, the input of the entire file content as the command
: R!command: The output of command commands is placed in the current line

(2) GCC use
When using GCC to compile a program, the compilation process can be subdivided into four phases:
Pretreatment (pre-processing)
Compilation (compiling) compilation (assembling)
Link (linking). For example:
#include
int main (void)
{

printf ("Hello World, Linux programming!\n");

return 0;
}
Then execute the following command to compile and run the program:
# gcc Hello.c-o Hello
#
./hello
Hello World, Linux programming!

GCC needs to invoke the preprocessor CPP, which is responsible for expanding the macros defined in the source file and inserting the contents of the "#include" statement into it, and then GCC will call CCL and as to compile the processed source code into the target, and finally, GCC invokes the linker LD, Link the generated target code into an executable program.

(3)

GDB is a powerful Under-Unix debugger tool released by the GNU Open source organization. Perhaps you prefer the graphical interface, such as VC,BCB and other IDE debugging, but if you are on the UNIX platform under the software, you will find GDB this debugging tool is more powerful than the VC,BCB graphical debugger features. The so-called "inch, the ruler is short" is this truth.

In general, GDB mainly helps you to accomplish the following four functions:

1, start your program, you can follow your custom requirements to run the program at will.

2. You can have the debugger stop at the breakpoint at the location you specify.

3. When the program stops, you can check what happens in your program at this time.

4. Dynamically change the execution environment of your program.

From the above, GDB and the General debugging tool is not the same, basically is to complete these functions, but in detail, you will find that GDB is a powerful debugging tool, you may be accustomed to the graphical debugging tools, but sometimes, the command line debugging tools can not be done by the graphical tool function.

In general, GDB is mainly debugging C + + programs. In order to debug C + + programs, we must first compile the debugging information into the executable file. This can be done using the-g parameter of the compiler (cc/gcc/g++), such as:

$ cc–g Hello.c–o Hello

$ g++-G Hello.cpp–o Hello

Without-G, you will not see the function name of the program, the name of the variable, instead of the memory address that is all running. When you use the-G to debug the information, and after you have successfully compiled the target code, let's take a look at debugging it with GDB.

There are several ways to start gdb:

1. GDB <program>

Program is your execution file, typically in the current directory.

2. GDB <program> Core

Using GDB to debug a running program and core file at the same time, the core is the file generated after core dump is executed illegally.

3. GDB <program> <PID>

If your program is a service program, you can specify the process ID at which the service program runs. GDB will automatically attach up and debug it. The program should be searched in the PATH environment variable.

GDB start, you can add some gdb start switch, the detailed switch can be viewed with gdb–help. Here are just a few of the more commonly used parameters:

-symbols <file>

-S <file>

Reads the symbol table from the specified file.

-se file

Reads the symbol table information from the specified file and uses it in the executable file.

-core <file>

-C <file>

Debug core Dump's core file.

-directory <directory>

-D <directory>

Add a search path to a source file. The default search path is the path defined by path in the environment variable.

(4) Using the GNU make tool in a Linux environment makes it easier to build a project of your own, and the entire project's compilation requires only one command to compile, connect, and ultimately execute. But it will take us some time to complete one or more of the writing called Makefile files. This file is the basis for the normal work of make.

Make is a command tool that interprets the instructions in Makefile (which should be said to be rules). In the Makefile file, the compilation order and compilation rules of all the files in the project are described.

Interim summary

3.Review the contents of the textbookch01 ch02 ch03 ch04 ch06 ch07

Chapter I.

Computer systems are made up of hardware and system software that work together to run applications. Information inside the computer is represented as a bit of a group of groups. They are interpreted differently depending on the context. Programs are translated into different forms by other programs and are initially ASCII text. It is then translated into binary executables by the compiler and linker.
The processor reads and interprets the binary instructions stored in main memory, because the computer can use a large amount of time to replicate data between the memory, I/O devices, and the CPU registers, so the storage devices in the system are divided into hierarchies--cpu registers at the top, then multilayer hardware cache memory, DRAM memory and disk memory in a hierarchical model, higher-level storage devices are faster and have higher unit-bit overhead than storage devices at the lower levels. A higher-level storage device in the hierarchy can be cached as a lower-level device.
The operating system kernel is the medium between the application and the hardware.
It provides three basic abstractions: 1) The file is an abstraction of I/O; 2) virtual memory is an abstraction of main memory and disk: 3) The process is a device to the processor, main memory abstraction, and I/O devices Finally, the network provides a means of communication between computer systems. From a special system point of view, the network is an I/O device.

Chapter II

Computers encode information in bits, which are usually organized into byte sequences. Integers, real numbers, and strings are represented in different encodings. Different computer models use different conventions when sorting bytes in coded numbers and multibyte data.
C language design can accommodate a variety of different word lengths and digital coding implementations. While high-end machines are starting to use 64-bit word lengths, most machines still use 32-bit word lengths. Most machines use complementary codes for integers, while IEEE floating-point encoding is used for floating-point numbers. Understanding these encodings at the bit level, and understanding the mathematical characteristics of arithmetic operations, is important for programmers who want to make programs that are programmed to operate correctly on the full range of values.
When forcing type conversions between unsigned and signed integers of the same length, most C language implementations follow the principle that the underlying bit patterns are unchanged. On the complement machine, for a W-bit value, this behavior is described by the functions T2uw and U2TW.

Chapter III

In this chapter, we peep at the level of abstraction provided by the C language to understand machine-level programming. By having the compiler produce assembly code representations of machine-level programs, we understand the compiler and its optimization capabilities, as well as machines, data types, and instruction sets. In the 5th chapter, we will see that it is helpful to understand the compiler's features when writing programs that can be effectively mapped to a machine. We also have a more complete understanding of how programs store data in different memory regions. In the 12th chapter you will see many examples where we need to know if a program variable is in the runtime stack, in a dynamically allocated data structure, in a global storage location. Understanding how the program maps to the machine makes it easier to understand the differences between these stores.
Machine-level programs and their assembly codes represent a significant difference from C programs. In assembly language programs, the differences between the various data types are small. The program is represented by a sequence of instructions, and each instruction completes a separate operation. Some program states, such as registers and runtime stacks, are directly visible to programmers. This book provides only low-level operations to support data processing and program control. The compiler must use multiple instructions to produce and manipulate various data structures to implement control structures such as conditions, loops, and processes. We talked about the C language and how to compile it in many different ways. We see a lack of bounds checking in C, which makes many programs prone to buffer overflows. Although the most recent runtime system provides security, and the compiler helps make the program more secure, it has made many systems vulnerable to malicious attacks by intruders.

Fourth Chapter

We have seen that the instruction set architecture, ISA, provides a layer of abstraction between processing behavior and how to implement the processor. ISA provides a sequential description of the behavior of the program executor, that is, when an instruction is executed, the next instruction will begin. Starting with the IA32 instruction, which greatly simplifies the data type, address pattern, and instruction encoding, we define the Y86 instruction set. The resulting ISA has both the properties of the RISC instruction set and the properties of the CISC instruction set. The different instruction organizations are then processed in five phases, where the actions in each phase are different depending on the instruction being executed. Accordingly, we construct the SEQ processor, where each clock cycle executes an instruction that passes through all five stages.
Pipelining improves the throughput performance of the system by allowing different stages to operate in parallel. At any given moment: Multiple instructions are processed at different stages. In the process of introducing this parallelism, we must be very careful to provide the same program-level behavior as the program's order. By re-adjusting the sequence of the various parts of the SEQ, we get the seq+, then add the pipeline register and create the Piie― pipeline. Then, the forwarding logic is added, speeding up the delivery of the result from one instruction to another, thus improving the performance of the pipeline. There are several special cases where additional pipelining logic is required to suspend or cancel some pipeline stages.
In this chapter, we have learned several important lessons about processor design:
1. Managing complexity is a top priority, and you want to optimize the use of hardware resources for maximum performance at minimal cost. To achieve this, we created a very simple and consistent framework to handle all the different instruction types. With this framework, you can share hardware units in logic that handles different types of instructions.
2. We do not need to implement ISA directly. Its direct implementation implies a sequential design. In order to achieve higher performance we want to use hardware capabilities to perform many operations at the same time, which results in a pipelined design. By careful design and analysis, we are able to handle a variety of pipeline adventures, so the overall effect of running a program is exactly the same as the one obtained with the ISA model.
3. Hardware designers must be very careful. Once the chip is made, it is almost impossible to correct any mistakes. It is important to start by making the design right. This means careful analysis of the various instruction types and combinations, even those that do not seem to make sense, such as pop-up values to stack pointers. The design must be thoroughly tested using the system's simulation test program. In the development of the pipe control logic, our design has a slight error, only by careful and systematic analysis of the control combination can be found.

Sixth chapter

Basic storage technologies include random memory (RAM), nonvolatile memory (OM), and disk. There are two basic types of RAM. Static RAM (SRAM) is faster, but more expensive, it can be used either as a cache on the CPU chip or as a cache under the chip. Dynamic RAM (DRAM) is slower and cheaper, using the master memory and graphics framebuffer. Nonvolatile memory, also known as read-only memory (ROM), even when powered off, maintains their information, which is used to store the firmware. Rotating disks are mechanically non-volatile storage devices that retain large amounts of data at a low cost per bit, but with longer access times than DRAM. Solid-state drives (SSDs based on nonvolatile flash memory are increasingly becoming an attractive alternative to rotating disks for some applications.)
In general, faster storage technology has a higher price per bit and smaller capacity. The price and performance attributes of these technologies are changing at a significantly different speed. In particular, DRAM and disk access times are much larger than CPU cycle time. The system compensates for these differences by organizing the memory into a hierarchical structure of storage devices, where smaller, faster devices are at the top, with larger, slower devices at the bottom. Because the well-written program has good locality, most of the data can be served from the higher layer, and the result is that the storage system can run at a higher level, but it has lower cost and capacity.
Programmers can significantly improve the running time of a program by writing programs that have good spatial and temporal locality. Using SRAM-based cache memory is particularly important.

Seventh link does not seem to learn

Your own harvest.

In fact, this is the most serious one. Probably because before always fooled, suddenly feel like this is still a waste of time, it is better to learn something. In the course of learning, I found it was actually quite interesting. gave a certain degree of confidence. The previous command, turn the book, in the virtual machine find, Baidu find, feel on some, should still need to do more questions.

Their own lack of

The Foundation is too poor

Because before oneself with oneself stroppy and drop a lot of things, learning is very difficult, or the contents of the preceding chapters will probably need some time. Starting from the beginning, re-reading carefully, using the previous task to start again, I think it should be better before the end of the term. Anyway, I don't want to fool you.

Course Suggestions and comments

I will catch up slowly, at least the teacher has already said so, I also have to try to like and work hard.

I edited it first in office and it became very strange when I pasted it. Therefore, the original format is not retained directly.

Information Security system design basics Eighth Cycle Summary (2)