I am Liyuan Breeze. As a veteran in the IT industry for 25 years, today we will re-examine Windows, a system we are familiar with and can no longer be familiar with.
We use the Windows operating system every day, but what we deal with directly every day is not the kernel of the Windows operating system, but the human-computer interaction interface of the Windows operating system. This interface is actually just a component of the Windows operating system. , the interface we use when using the Linux system is just a program on the Linux system. So, we are not exposed to the kernel of these systems. Over time, we will gradually mistake the intuitive things displayed in the interface for the Windows operating system itself, which is actually wrong.
Let's re-examine the Windows operating system and look at the typical features and main functions of the Windows operating system itself. From the functions of the Windows operating system, we can know that the services provided by the Windows operating system are as follows: an environment for executing programs is provided, and the services provided include program execution, I/O operations, file operations, resource allocation and protection, and error detection and exclusion etc.
The Windows operating system borrows the concept of multiprogramming. The so-called multiprogramming technology refers to storing two or more jobs in memory at the same time. These jobs are running at the same time, and they are under the control of the management program. Run interspersed. These jobs share processors, peripherals, and other resources.
The interrupt handler of the Windows operating system can only be an operating system program, not an application program. Interrupt processing is an action in the system that will have a significant impact on the system, so only kernel mode programs are allowed to execute. The application program usually refers to the user program, which runs in the user state and cannot perform these operations.
virtual
When it comes to the virtualization of the operating system, how do you understand it? There are basically three descriptions:
①Because a computer is equipped with an operating system and other software, it is more powerful than a bare metal and more convenient to use. It is called a virtual machine. Since the operating system itself contains several layers of software, the computer system can also be called a multi-layer virtual machine.
②For example, in a multi-channel time-sharing system, using multi-programming technology can virtualize one physical CPU into multiple logical CPUs for use by multiple end users.
③Virtual memory, only a part of the job can be loaded into the memory to run the job, logically expanding the memory capacity. Another example is the use of virtual device technology in device management, which can transform one physical device into several logical counterparts.
control
In a time-sharing operating system such as Windows, there is a program with the following functions:
(1) Read text data from a file.
(2) Sorting
(3) Write the sorted data to the file.
Next, from the perspective of time-sharing operating system on resource management and the life cycle of the process, we discuss the whole process of the program from the beginning to the end, and the operating system provides service and control for it.
When reading data from a file, it is done through the read system call. It first creates a message, which contains parameters such as fd (file descriptor), buffer (buffer), nbytes (size), and a message code indicating the READ type. Then send this message to the file system, and block the process to wait for the response of the file system. After receiving the message, the file system searches the process table with the message type as the subscript, and calls the corresponding process to process the read request. After the data input is completed, the operating system switches to the sorting process and starts the sorting work. After the sorting work is completed, the operating system calls the write system call to complete, and the write system call writes the data in the process buffer to the file associated with the file descriptor. Very similar to the read system call, it also requires 3 parameters: fd, buffer, nbytes. Both system calls return the number of bytes successfully transferred, or signal an error condition and return -1.
The relationship between the operating system and hardware: The operating system is the first layer of software covering the hardware, which manages the hardware resources of the computer. The operating system completes all hardware-related operations for the user, which greatly facilitates the use of hardware resources by the user and improves the utilization rate of the hardware resources. The relationship between the operating system and other system software: the operating system is a special system software, other system software runs on the basis of the operating system, and can obtain a large number of services provided by the operating system, that is to say, the operating system is other system software interface with the hardware.
Protect
For a properly functioning computer system, protecting the operating system is very important. However, in order to provide greater flexibility to the user, the user should be restricted as little as possible. The operations listed below are generally protected. May I ask at least which instructions need to be protected?
(1) Change to user mode.
(2) Change to system mode.
(3) Read data from the storage area where the operating system is stored.
(4) Write data to the storage area storing the operating system
(5) Fetch instructions from the storage area storing the operating system.
(6) Turn on the timer.
(7) Turn off the timer.
Operations 2 and 4 should be protected. Because these two operations are to modify the content of the operating system itself. If left to the user's arbitrary operation, it will cause damage to the operating system and eventually cause the system to run incorrectly or crash, so it should be protected under any circumstances. Several other operations should also be protected in general, but even if these operations are left to the user, they are not as destructive as the above two operations.
function
Let's talk about the difference and connection between library functions and system calls.
Difference: library functions are part of the language or application and can run in user space. The system call is a part of the operating system, a program interface provided by the kernel to the user, and runs in the kernel space.
Connection: Many library functions use system calls to implement functionality. The execution efficiency of library functions that do not use system calls is usually higher than that of system calls, because when using system calls, context switching and state conversion (from user mode to core mode) are required.
scheduling
The Windows operating system has the function of time-sharing and batch processing, so can we design a reasonable queue scheduling strategy so that time-sharing jobs can respond quickly, and batch jobs can also get timely responses.
I think we can. In the batch processing system, the jobs are sequentially input to the tape in an offline input mode, and the supervisory program executes the jobs on the tape in sequence, and the user cannot intervene in its operation when the job is executed. Batch processing system can be divided into single-channel batch processing system and multi-channel batch processing system according to the development history, the main difference is that there are single or multiple jobs in the memory at the same time. When a program in a multi-channel batch processing system is suspended due to an I/O request, the CPU turns to run another program with the help of interrupt technology.
We can design two priority queues. Time-sharing jobs enter the high-priority queue and are scheduled using the time round-robin method of short time slices. When the high-priority queue is empty, schedule low-priority batch jobs with longer time slices.
instruction
Then, let's look at the operating system from the perspective of instructions. Assuming that the instructions under the Windows operating system have been loaded into the instruction register, what are the instructions that will not cause the CPU to change from user mode to kernel mode when executed?
The first command DIV R0,R1;(R0)/(R1)->R0
The second command INT n; generates a soft interrupt
The third command NOT R0; the content of register R0 is negated
The fourth command MOV R0,addr; Put the memory data at address addr into register R0
In the first command, if the content in R1 is 0, an internal interrupt will occur, changing from user mode to kernel mode; the second command soft interrupt is executed in kernel mode; the third command register negation will not generate an interrupt, And it does not belong to other operating system kernels, so it will not change to the kernel state; the fourth addr is the address of the main memory, and memory access needs to enter the kernel state.
About the author: Li Yuan Weifeng, born in 1981, senior engineer, master of engineering from Zhejiang University, software engineering project supervisor, has worked as a programmer, software designer, system architect, early Windows programmer, loyal Visual Studio user, C/C++ user The author is a veteran who has studied, worked hard, and struggled in the computer industry for 25 years. He has experienced the UNIX era, the desktop WIN32 era, the Web application era, the cloud computing era, the mobile phone Android era, the big data era, the ICT era, and AI deep learning Era, the age of intelligent machines, I don't know what era there will be in the future, I just remember that this journey is full of hardships and gains, and I am willing to go on with you, full of hope.