Summary of the foundation of Information security system design

Summary of Knowledge points

First week

L man command : man is the abbreviation of Manul, we can see the help through man man, man such as: man there is an option to -k use very good, this option lets you learn commands, programming with a search engine , can be extrapolate. We illustrate through an example, such as the data structure in the middle of the sorting (sort), I do not know the C language has not done this function, can be "man-k sort" to search, because is to find C library function, we focus on Band 3, Qsort seems to be a good option.

L Cheat command : Cheat is cheating, small copy of the meaning. The Cheat command is an interactive cheat sheet application that is distributed to Linux command line users under the GNU General Public License. It provides a display of Linux command use cases, including all of the options and short but understandable features of the command.

L Find where a file is located in the system, locate is a quick version of Find (Windows has a everything tool similar to locate). grep can retrieve full-text files, support regular expressions, Regular expressions are also an important meta-knowledge Whereis,which tells you where to use the command tool to install.

Linux Base:1) Important shortcut keys:

l [Tab] Complete command, complete directory, fill command parameters, etc.

l [Ctrl + C] forcibly terminates the current program without exiting the terminal

l [ctrl+d] keyboard input end or exit terminal

l [Ctrl+s] Tentative current program, pause and press any key to resume operation

l [Ctrl + Z] put the current program in the background to run, restore to the foreground for command FG

l [Ctrl + A] move the cursor to the input wardrobe equivalent to the home button

l [Ctrl+e] moves the cursor to the end of the input line, equivalent to the END key

l [Ctrl+k] Delete from the cursor position to the end of the line

l [Alt+backspace] Delete a word forward

l [Shift+pgup] scrolls the terminal display up

l [SHIFT+PGDN] scrolls the terminal display down

2) Historical Input command

L↑ can restore the instructions you've entered.

3) wildcard characters

The L wildcard is a special statement that has an asterisk (*) and a question mark (?), which is used to make a fuzzy match to a string (such as a file name, parameter name). When you look for a folder, you can use it instead of one or more real characters, and you often use wildcards instead of one or more real characters when you don't know the real characters or are too lazy to enter the full name.

L Common parameters of the grep command:

Parameter description

-B match binary files as text

-C statistics in number of pattern matches

-I ignores case

-N Displays the line number of the line containing the matched text

-V inverse to output the contents of mismatched rows

-R Recursive matching lookup

-A n n is a positive integer that indicates the meaning of after, and the following n rows are listed in addition to the matching rows

-B n N is a positive integer that represents the meaning of the Before and lists the preceding n rows in addition to the matching rows.

--color=auto setting matches in output to auto-color display

Second week

L Vim editor :

1. Normal Mode

Vim's Normal mode uses editor commands, such as moving the cursor, deleting text, and so on. This is also the default mode after Vim is started, not the insert mode of most editors.

Normal mode commands often require an operator end.

Normal mode into the insertion mode: A key (append/append) key or I (insert/insert) key.

2. Insert mode

In this mode, most keystrokes insert text into the text buffer. Most new users want this mode to persist throughout the text editor editing process.

In insert mode, return to normal mode: ESC key.

3. Visual Mode

Similar to normal mode, but the move command expands the highlighted text area. The highlighted area can be a character, a line, or a piece of text. When a non-moving command is executed, the command is executed to the highlighted area.

4. Select the mode

This mode, you can use the mouse or cursor keys to highlight the selection of text.

If any characters are entered, Vim replaces the selected highlighted text block with this character and automatically enters insert mode.

5. Command- line mode

In command-line mode, you can enter text that will be interpreted and executed. For example, execute commands (: keys), search (/and keys) or filter commands (! Key).

After the command is executed, VIM returns to the pattern before the command-line mode, usually in normal mode.

6.Ex mode (Ex mode)

This is similar to command-line mode, where you can execute multiple commands at one time before using the: Visual command to leave the ex mode.

L compiler GCC

1. Installing GCC header files, library files

sudo apt-Get install build-essential

Install into Usr/lib, to Usr/bin (executable file), to Usr/include (header file)

2.GCC Options list (1) Common options

-C Compile the non-link only, generate the target file. O

-S compile-only assembler, generate assembly code

-E only precompiled, no other processing

-G includes standard debug information in an executable program

-o file specify file as output

-V Prints the command line information and compiler version of the compiler's internal compilation process

-I dir add dir directory to the search path list of the header file

(2) Library options

-Static compilation, that is, linking static libraries, and preventing the use of dynamic libraries

-Shared 1. Can generate dynamic library files

                 2.进行动态编译，尽可能的链接动态库，没有动态库时才会链接同名静态库

-Dir add dir directory to the list of search paths in the library file

-LName links are called libname.a or libname.so library files.

如果两个库文件都存在，根据编译方式是static还是shared进行链接

-FPIC generates a location-independent target code that uses a relative address,

然后通常使用gcc的-static选项从该pic目标文件生成动态库文件。

3. Compilation process

预处理：gcc –E  hello. c  –o hello.i;      gcc – E调用cpp  生成中间文件

编 译：gcc –s  hello.i –o hello.s;       gcc – s调用ccl  翻译成汇编文件

汇 编：gcc –C  hello.s –o hello.o;       gcc - C as  调用翻译成可重定位目标文件

链 接：gcc hello.o –o hello ;            gcc -o 调用ld** 创建可执行目标文件

- o followed by the name you specified for the generated file, and if not specified, the default is A.out

To run this executable target file on the command line, you need to enter its name:

 ./A.out

Why?

Window , search for a thing from the current directory, can not find to go to the PATH environment variable to find, Linux only from the PATH environment variable, so even if the current directory has, also want to point out; Represents the current directory, "./libvector.a" represents the LIBVECTOR.A library file under the current directory. Anything without a prefix is a path, but it is not secure.

So actually this line of code just enters its name,./indicates the current directory

The shell invokes a function called the loader in the operating system, copies the code and data from the executable p to the memory, and then transfers the control to the beginning of the program.

Tip: The first three steps, the GCC parameter is "ESc", the corresponding input file suffix is "ISO"

L Debug Tool gdb

Use GCC to compile with "-G" parameter

GDB The most basic commands are:

Programm (Start gdb)

查看所载入的文件

B设断点

B查看断点情况

开始运行程序

打印函数调用堆栈

P查看变量值

从当前断点继续运行到下一个断点

单步运行（不进入）

单步运行（进入）

退出GDB

Four types of breakpoints:

1. Line Breakpoint

B [行数或函数名] <条件表达式>

2. Function breakpoints

B [函数名] <条件表达式>

3. Conditional breakpoints

b  [ 行数或函数名] < If表达式>

4. Temporary Breakpoint

tbreak [< conditional expressions >

 Make and Makefile

The most important and basic function of make tools is to automate compiling and maintaining multiple source files according to the relationship between source programs described in the Makefile file .

While the makefile file needs to be written in a certain syntax, the file needs to explain how to compile the individual source files and link them to the executable file, which requires defining the dependencies between the source files.

Final implementation-- automated compilation

Into makefile?

Makefile

1.Makefile Basic Rules

Makefile the general wording of:

A makefile file mainly contains a series of rules, each of which contains the following:

• Target bodies that need to be created by the make tool, usually executables and target files, or actions to perform, such as ' clean ';
• The files that are dependent on the target body to be created are usually the other files needed to compile the target file.
• The command to run when creating each target body, which must start with tab tab

Third week

Chapter II Representation and processing of information

Word

The word length determines the maximum size of the virtual address space.

The word length is w and the virtual address range is (2^w-1)

W=32 or 64: That is, what we usually call a computer is 32 or 64 bits. It can also be understood as the number of bits that the CPU processes data at a time.

Boolean algebra

Common Operation Symbols:

With: &

Or: |

Non: ~

XOR: ^

Logical operations

logical operators

and:&&

Or: | |

Non -:!

Move left <<

X<>
Right shift is divided into logical right shift and arithmetic right shift.

Logical right Shift:

Fill k 0at left, more for unsigned number shift operations

• Arithmetic Right Shift:

At the left, the value of the most significant digits is used for the symbolic number shift operation.

Week Four

Chapter III Machine-level representation of the program

Two abstractions of machine-level programming (1) instruction set architecture Isa

is the format and behavior of a machine-level program that defines the processor state, the format of the instruction, and the effect of each instruction on the state.

(2) The memory address used by the machine-level program is the virtual address

It looks like a very large byte array, which is actually a combination of multiple hardware storage and operating system software.

Three types of operands

1. Immediate number
2. Register
3. Memory

2. Two possible results of storage

1. In registers
2. In memory

3. Addressing Method

( 1 ) Immediate number addressing method

Format: $ post plus an integer represented by standard C notation, such as $0xaff

( 2 ) Register addressing mode

Like%eax, an analogy to the AX register that the assembler has learned.

( 3 ) memory addressing mode

• · Direct Addressing method
• · Register Indirect Addressing method
• · Register relative Addressing method
• · Address Changing Address method
• · Relative base address variable addressing mode

1.do-while Cycle

General form:

Do

        body-statement

While ( test-expr);

The loop body body-statement is executed at least once.

Can be translated into:

Loop：

        body-statement

        t = test-expr;

If(t)

Goto  Loop;

That is, the loop body statement is executed before the judgment is executed.

2.while Cycle

General form:

While  ( test-expr)

        body-statement

The method of GCC is to use conditional branching, which represents the first execution of omitting the loop body:

If ( ！ test-expr）

Done;

Do

                 body-statement

While ( test-expr);

Done:

Next:

Test-expr;

If(!t)

Done:

loop：

        body-statement

Test-expr;

If(t)

                 goto loop;

Done:

After all, change the cycle to do-while, then translate it with Goto.

Stack frame structure

Stacks are used to pass parameters, store return information, save registers, and local storage.

1. Stack frame

The portion of the stack allocated for a single process is called a stack frame, and the general structure is shown on page 149

So the stack frame is essentially a stack .

2. Two pointers

The topmost stack frame is defined with two pointers:

Register Device %ebp- Frame Pointer

Register Device %esp- stack Pointer

The stack pointer is movable, so the information accesses the multi-phase for the frame pointer.

3. The process of the call

Textbook 150 page procedure p calls the example of the procedure Q.

The caller's frame should be below the callee, and the caller's return address is the end of its stack frame, which ensures that the caller executes the stack and the program continues to execute down.

about called by Q several uses of stacks:

1. Save local variables that cannot be stored in the register.

When you want to use the address operator & for a local variable, you have to generate an address for it, so you want to go into the stack. This usage! Never seen it before!

2. Hold the parameters of other procedures it calls.

Week Five

Fourth Chapter Processor Architecture

Y86 directive

The Y86 instruction set is basically a subset of the IA32 instruction set, including only four-byte integer operations, with less addressing and fewer operations.

Refer to the 232 page of the textbook for the reference and byte encoding of sinks.

byte-level encoding of the instruction

Each instruction requires a range of 1-6 bytes, and the first byte of each instruction indicates the type of instruction .

1. First byte

This byte is divided into two parts, each part 4 bits:

• High four-bit: Code section, domain value is 0~0xb
• Fourth bit: Functional part, function value is only useful if a set of related instructions is shared with one code.

Y86 exception 1. Possible value of status code stat

Stat describes the overall state of the program execution

正常操作

处理器执行halt指令

遇到非法地址

遇到非法指令

2. When an exception occurs?

The y86--processor stops running instructions.

. The difference between Y86 and IA32

1.Y86有时需要两条指令来完成IA32一条指令就能完成的事

2.Y86没有伸缩寻址模式

The process is organized into phase (i) six basic stages:

• Take a finger
• Decoding
• Perform
• Visit
• Write back
• Update pc

Week Six

Sixth Chapter Memory Hierarchy

Random access memory ( RAM )

RAM Category:

• of Static sram-faster, more expensive, as cache memory, CPU on-chip or on-chip
• of Dynamic darm-as a frame buffer for main memory and graphics system

1. The traditional DRAM

( 1 ) Super Unit

• The cell bits in the chip are divided into D-units, each with a W DRAM unit, and a dxw dram that stores the DW bit information in total.
• The cells are organized into a rectangle of row C of R, i.e. Rc=d.
• Each element is tangible such as the address of (I, j), I represents the row, and J represents the column.

( 2 ) inflow and outflow of information

The information flows through the pins to the outflow chip, each pin carrying a 1 -bit signal.

( 3 ) Storage Controller

This circuit can pass in or out W bit at a time.

of Enhanced DRAM

• Fast page Mode -fpm DRAM : allowing contiguous access to the same row can be serviced directly from the row buffer. (the original DRAM on the same line of four instructions, after each instruction is discarded, and then re-read.) ）
• Extended Data Output -edo DRAM : allows individual CAS signals to be tighter on time.
• Sync -sdram : Replacing many of these control signals with the rising edge of the same external clock signal as the drive storage controller-faster than asynchronous.
• Double Data rate synchronization -ddr SDRAM : doubles the speed of the DRAM by using two clock edges as the control signal. Category: DDR (2-bit), DDR2 (4-bit), DDR3 (8-bit)
• RDRAM
• Video -vram : used in the frame buffer of the graphics system, thinking similar to FPM DRAM

• non-volatile memory --rom

Ram Power loss data, is volatile ;

ROM is non- volatile, collectively referred to as read-only memory

( 1 ) Classification

• prom-programmable ROM, can only be programmed once
• eprom-erasable programmable ROM, the number of times that can be erased and written is approximately 1000 times
• EEPROM, Electronic

Can erase prom, the number of times that can be programmed is in the order of 10 of five.

• ( 2 ) Flash FLASH

Based on EEPROM, it provides fast and durable nonvolatile storage for a large number of electronic devices.

Stored in: Digital camera, mobile phone, music player, PDA, notebook, desktop, server computer system

( 3 ) Firmware

Programs stored in ROM devices are often referred to as firmware, and when a computer system is powered on, he runs the firmware stored in the ROM.

5. Accessing main memory

( 1 ) Bus

A bus is a set of parallel conductors that can carry addresses, data, and control signals.

Bus classification:

A. system bus -- Connection CPU and the I/O Bridge

B. Memory Bus -- Connection I/O Bridge and main memory

c.i/o bus (see specific 6.1.2.4 )

The I/O bridge translates the electronic signal of the system bus into the electronic signal of the memory bus and also connects the system bus and the memory bus to the I/O bus.

. Disk Capacity -- the maximum number of digits that can be recorded on a disk

( 1 ) Impact factors:

• Recording density-bits per inch
• Track density-road/inch
• Surface density-bits per square inch

Increased surface density increases capacity.

Calculation formula:

3. disk Operation

The disk reads and writes data as a block of sector size.

Access time by Category:

( 1 ) Seek Time

2 ) Rotation Time

3 ) Transfer Time

Principle of locality:

A well-written computer program often tends to refer to data items that are adjacent to other recently referenced data items, or to the data item itself that has recently been referenced.

Classification:

• Time locality
• Spatial locality

Cache

Cache: is a small and fast storage device that acts as a buffer area for data objects stored in larger, slower devices.

Caching: The process of using a cache is called caching.

Data is always copied back and forth between the level K and the k+1 layer with the block size as the transmission unit. The block size is fixed between any pair of adjacent layers, but the other hierarchy pairs can have different block sizes.

Generally speaking: the lower the layer, the larger the block.

Cache Hit

Cache not hit

. types of Cache misses

( 1 ) Mandatory no hit / Cold not hit

2

) Conflict not hit

3 ) capacity not hit

Write Cache-Friendly code

1. Basic methods:

• Let the most common situation run fast
• Minimum number of cache misses within each loop

2. Important issues:

• Repeated references to local variables are good (temporal locality)
• The reference pattern of step 1 is good (spatial locality)

Harvest Summary

Half a semester of study, the biggest harvest should be considered a change in mentality. Think about the past two years, the study really is mixed up, each final exam before the assault, and then take a pass points contented, nothing learned. This semester just want to continue before the state, usually basically do not spend time on the study, but also to complete the tasks assigned by the teacher, every weekend will be a lot of pressure. Then try to keep up with the requirements of the teacher, take a little time to study every day, this has been done for some time, found that every day will not be very empty, nor pressure is very big. Now I think it is really time to put the study in the first place every day.

When it comes to harvesting knowledge, the beginning of a few weeks or not to complete the study of the task, after the study is not particularly clear, the knowledge of the summary is basically the Shang students of the blog to learn it again. After that will not be done in front of the experiment to fill up, but also a lot of knowledge before reviewing.

Their own lack of

I feel that my lack or lazy, too lazy to read, lazy hands, lazy brain. As the teacher said, I don't have the words to look up the dictionary, because I do not bother to check. But this kind of mentality treats the study, that is equal to cannot learn the thing. In the study really paid a lot, get how much. Speaking of improvement, has now been able to use more and more thoughts on learning, after a few weeks of study, found that if the quiet heart, or can be read into the book, if you study more, the experiment can be done. Usually do not study, but also just to waste time in other places, to avoid learning, such an escape without any benefit, rather than the time spent in learning.

Course Suggestions and comments

My favorite mechanism in the course is the publication of weekly results, so that I can know my learning situation and help improve the quality of teaching.

Summary of the foundation of Information security system design