Скачать презентацию 系統程式 朱浩華教授 施吉昇教 授 臺灣大學資訊 程系 Tei-Wei Kuo Скачать презентацию 系統程式 朱浩華教授 施吉昇教 授 臺灣大學資訊 程系 Tei-Wei Kuo

cc8c3bafce455f82202ca95d7713c507.ppt

  • Количество слайдов: 61

系統程式 朱浩華教授 /施吉昇教 授 臺灣大學資訊 程系 Tei-Wei Kuo, Chi-Sheng Shih, and Hao-Hua Chu© 2006 系統程式 朱浩華教授 /施吉昇教 授 臺灣大學資訊 程系 Tei-Wei Kuo, Chi-Sheng Shih, and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

Contents 1. Preface/Introduction 2. Standardization and Implementation 3. File I/O 4. Standard I/O Library Contents 1. Preface/Introduction 2. Standardization and Implementation 3. File I/O 4. Standard I/O Library 5. Files and Directories 6. System Data Files and Information 7. Environment of a Unix Process 8. Process Control 9. Signals 10. Inter-process Communication Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

Multi-processes in modern systems Image that you are now a system architect to design Multi-processes in modern systems Image that you are now a system architect to design a new multi-process systems. Q 1: How does the systems create a new process and terminate a process? Q 2: What processes you need when the system starts? Q 2: Should you impose a communist or democratic system on your system? Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

Process Control Special Processes PID 0 – Swapper (I. e. , the scheduler) Kernel Process Control Special Processes PID 0 – Swapper (I. e. , the scheduler) Kernel process No program on disks correspond to this process PID 1 – init responsible for bringing up a Unix system after the kernel has been bootstrapped. (/etc/rc* & init or /sbin/rc* & init) User process with superuser privileges PID 2 - pagedaemon responsible for paging Kernel process Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

Memory Management Virtual Memory – Demand paging Logical Memory Map (Page Table) Physical Memory Memory Management Virtual Memory – Demand paging Logical Memory Map (Page Table) Physical Memory File System Run CPU Swap-Out/In Swap Space Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

Memory Management Virtual Memory – Demand paging Memory TLB Run CPU Logical Address MMU Memory Management Virtual Memory – Demand paging Memory TLB Run CPU Logical Address MMU File System Physical Address Swap-Out Swap Space Page Table Swap-In Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

Memory Management Demand Paging Page fault -> disk I/O -> modify the page table Memory Management Demand Paging Page fault -> disk I/O -> modify the page table -> rerun the instruction! Logical Address P Physical Address D F P Memory D F Page Table page fault disk I/O File System / Swap Space Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

Process Control #include <sys/types. h> #include <unistd. h> pid_t getpid(void); pid_t getppid(void); uid_t getuid(void); Process Control #include #include pid_t getpid(void); pid_t getppid(void); uid_t getuid(void); uid_t geteuid(void); gid_t getgid(void); gid_t getegid(void); None of them has an error return. Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

Discussion How can your systems have multiple processes? Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Discussion How can your systems have multiple processes? Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

What’s a Fork() Parent If ((pid=fork()) == 0){ { … } else { } What’s a Fork() Parent If ((pid=fork()) == 0){ { … } else { } exit(0); Child fork() if ((pid=fork() == 0){ { … } else { } exit(0); Child is an exact copy of the parent process. They have their own memory space. Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

fork #include <sys/types. h> #include <unistd. h> pid_t fork(void); The only way beside the fork #include #include pid_t fork(void); The only way beside the bootstrap process to create a new process. Call once but return twice 0 for the child process (getppid) Child pid for the parent (1: n) Copies of almost everything but no sharing of memory, except text Copy-on-write (fork() – exec()) Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

fork Program 8. 1 – Page 212 fork(), race conditions, write vs standard I/O fork Program 8. 1 – Page 212 fork(), race conditions, write vs standard I/O functions File sharing Sharing of file offesets (including stdin, stdout, stderr) Tables of Opened Files (per process) System Open File Table In-core i-node list Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

fork Normal cases in fork: The parent waits for the child to complete. The fork Normal cases in fork: The parent waits for the child to complete. The parent and child each go their own way (e. g. , network servers). Inherited properties: Real/effective [ug]id, supplementary gid, process group ID, session ID, controlling terminal, set[ug]id flag, current working dir, root dir, file-mode creation mask, signal mask & dispositions, FD_CLOEXEC flags, environment, attached shared memory segments, resource limits Differences on properties: Returned value from fork, process ID, parent pid, tms_[us]time, tms_c[us]time, file locks, pending alarms, pending signals Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

fork Reasons fork to fail Too many processes in the system The total number fork Reasons fork to fail Too many processes in the system The total number of processes for the real uid exceeds the limit CHILD_MAX Usages of fork Duplicate a process to run different sections of code Network servers Want to run a different program shells (spawn = fork+exec) Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

vfork Design Objective An optimization on performance Execute exec right after returns from fork. vfork Design Objective An optimization on performance Execute exec right after returns from fork. Mechanism – SVR 4 & 4. 3+BSD Since 4 BSD in some systems No fully copying of the parent’s address space into the child. Sharing of address space Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

vfork() is as the same as fork() except The child runs in the address vfork() is as the same as fork() except The child runs in the address space of its parent. The parent waits until the child calls exit or exec. Child process always executes first. A possibility of deadlock if the child waits for the parent to do something before calling exec(). Program 8. 2 – Page 217 vfork, _exit vs exit (flushing/closing of stdout) exit() may close the file descriptors, causing printf() to fail. Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

Deadlock – One Example Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Deadlock – One Example Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

Process Termination Eight ways to terminate: Normal termination Return from main() exit(main(argc, argv)); Call Process Termination Eight ways to terminate: Normal termination Return from main() exit(main(argc, argv)); Call exit() Call _exit() or _Exit() Return of the last thread from its start routine Calling pthread_exit from the last thread. Abnormal termination (Chapter 10) Call abort() Be terminated by a signal Response of the last thread to a cancellation request. Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

exit Termination The same code in the kernel is finally executed. Close all open exit Termination The same code in the kernel is finally executed. Close all open descriptors, release memory, and the like. Exit status vs. termination status Exit status (arg from exit, _exit, or return) termination status In abnormal case, the kernel generates it. wait & waitpid to retrieve the termination status. Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

Restarting point Tei-Wei Kuo, Chi-Sheng Shih, and Hao-Hua Chu© 2006 Department of Computer Science Restarting point Tei-Wei Kuo, Chi-Sheng Shih, and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

Annoucements Midterm exam scores are out Average: 68. 1 Std. Dev: 20. 35 MP Annoucements Midterm exam scores are out Average: 68. 1 Std. Dev: 20. 35 MP 3 is out today Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

Fun project #1 Hyperdragging (1999) Dragging into the physical space Tei-Wei Kuo, Chi-Sheng Shih Fun project #1 Hyperdragging (1999) Dragging into the physical space Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

Fun project #2 Diamond touch (2005) Lay display flat on the table, and interactions Fun project #2 Diamond touch (2005) Lay display flat on the table, and interactions get interesting … Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

Discussion wait() and waitpid() are called by the parent process to retrieve the termination Discussion wait() and waitpid() are called by the parent process to retrieve the termination status of its child process. Questions: How to use these functions? What if the child processes terminate before wait() and waitpid() are called? Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

wait & waitpid #include <sys/types. h> #include <sys/wait. h> pid_t wait(int *statloc); pid_t waitpid(pid_t wait & waitpid #include #include pid_t wait(int *statloc); pid_t waitpid(pid_t pid, int *statloc, int op); wait will block until one child terminates or an error could be returned. waitpid could wait for a specific one and has an option not to be blocked. SIGCHILD from the kernel if a child terminates Default action is ignoring. Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

wait & waitpid Three situations in calling wait/waitpid Block Return with the termination status wait & waitpid Three situations in calling wait/waitpid Block Return with the termination status of a child Return with an error. Termination Status – Figure 8. 4 Access termination status through the following MACROs Exit status (WIFEXITED, WEXITSTATUS) WIFEXITED(status): if successfully exited (true/false) WEXITSTATUS(status): exit code Signal # (WIFSIGNALED, WTERMSIG) Core dump (WCOREDUMP) Others (WIFSTOPPED, WSTOPSIG) Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

Program 8. 5 – Page 222 void pr_exit(int status) { if (WIFEXITED(status)) printf( Program 8. 5 – Page 222 void pr_exit(int status) { if (WIFEXITED(status)) printf("normal termination, exit status = %dn", WEXITSTATUS(status)); else if (WIFSIGNALED(status)) printf("abnormal termination, signal number = %d%sn", WTERMSIG(status), #ifdef WCOREDUMP(status) ? " (core file generated)" : ""); #else ""); #endif else if (WIFSTOPPED(status)) printf("child stopped, signal number = %dn", WSTOPSIG(status)); } linux 1: ~/sys_prog_06/test> fig. 8. 6. exe normal termination, exit status = 7 abnormal termination, signal number = 6 abnormal termination, signal number = 8 if ((pid = fork()) < 0) ((pid err_sys("fork error"); else if (pid == 0) (pid exit(7); if (wait(&status) != pid) (wait(&status) pid) err_sys("wait error"); pr_exit(status); if ((pid = fork()) < 0) ((pid err_sys("fork error"); else if (pid == 0) (pid abort(); */ if (wait(&status) != pid) (wait(&status) pid) err_sys("wait error"); pr_exit(status); if ((pid = fork()) < 0) ((pid err_sys("fork error"); else if (pid == 0) (pid status /= 0; SIGFPE */ if (wait(&status) != pid) (wait(&status) pid) err_sys("wait error"); pr_exit(status); /* child */ /* wait for child */ /* and print its status */ /* child */ /* generates SIGABRT /* wait for child */ /* and print its status */ /* child */ /* divide by 0 generates /* wait for child */ /* and print its status */ Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

Zombie process zombie The process has terminated, but its parent has not yet waited Zombie process zombie The process has terminated, but its parent has not yet waited for it. It keeps the minimal information for the parent process. Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

How is a Zombie process created? Parent If (pid=fork() == 0){ { … exit(0); How is a Zombie process created? Parent If (pid=fork() == 0){ { … exit(0); Child fork() If (pid=fork() == 0){ { … exit(0); } else { // parent’s code } } We get a zombie!! Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

Cleaning up Zombies What if the parent process terminates before the child process? Inherited Cleaning up Zombies What if the parent process terminates before the child process? Inherited by init When a parent terminates, it is done by the kernel. Clean up of the zombies by the init – wait whenever needed! Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

Discussion: why do we need zombie? A parent process can end up with two Discussion: why do we need zombie? A parent process can end up with two different children that share the same PID. A parent process can end up trying to wait for the return code of another process’s child. If child process completely disappear, its parent process won’t be able to wait on & fetch its termination status. Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

wait & waitpid pid_t waitpid(pid_t pid, int *statloc, int op); pid == -1 wait wait & waitpid pid_t waitpid(pid_t pid, int *statloc, int op); pid == -1 wait for any child pid > 0 wait for the child with pid == 0 wait for any child with the same group id pid < -1 wait for any child with the group ID = |pid| return pid of the child 0 if WNOHANG flag is set & the specified pid does not exit -1 an error is returned -> how can an error occur? Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

wait & waitpid Errors No such child or wrong parent Option for waitpid WNOHANG, wait & waitpid Errors No such child or wrong parent Option for waitpid WNOHANG, WUNTRACED WNOWAIT, WCONTINUED (SVR 4) Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

Troubles from Zombie Although Zombie processes do not occupy any memory space in the Troubles from Zombie Although Zombie processes do not occupy any memory space in the system, it consumes process IDs, which are limited resources too. You may not be able to fork new child processes when there are too many zombie processes in the systems. CHILD_MAX: max number of simultaneous processes per real user ID How to fork a new child process but not asking the parent process to wait for the child AND not generating zombie process? Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

How to create a background process without making a zombie? Parent if (pid 1=fork() How to create a background process without making a zombie? Parent if (pid 1=fork() == 0){ { if (pid 2=fork() == 0) { } else exit(0); } else waitpid(pid 1, NULL, 0) exit(0); Child if (pid 1=fork() == 0){ { if (pid 2=fork() == 0) { } else exit(0); Grandchild if (pid 1=fork() == 0){ { if (pid 2=fork() == 0) { sleep(2); // grandchild exec } else exit(0); Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

waitid #include <sys/wait. h> pid_t waitid(idtype_t idtype, id_t id, siginfo_t *infop, int options); Defined waitid #include pid_t waitid(idtype_t idtype, id_t id, siginfo_t *infop, int options); Defined in XSI extension Similar to waitpid() but provide extra info. idtype: P_PID: wait for a particular process P_PGID: wait for a group of process P_ALL: wait for any child process options: WCONTINUED WNOHANG WSTOPPED WNOWAIT: the exit status will be kept for other wait() functions. WEXITED Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

wait 3 & wait 4 – resource usage info #include <sys/types. h> #include <sys/wait. wait 3 & wait 4 – resource usage info #include #include #include #include pid_t wait 3(int *statloc, int op, struct rusage *rusage); pid_t wait 4(pid_t pid, int *statloc, int op, struct rusage *rusage); 4. 3+BSD – Figure 8. 4, Page 203 User/system CPU time, # of page faults, # of signals received, the like. Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

Race Conditions Def: When multiple processes are trying to do something with shared data, Race Conditions Def: When multiple processes are trying to do something with shared data, the final outcome depends on the order in which the processes run. Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

Race condition example A is the number of available copies of a book = Race condition example A is the number of available copies of a book = 1. Two processes (transactions) running concurrently. Race between T 1 & T 2! T 1 wants to buy one copy. T 2 wants to buy one copy. T 1 gets an error. T 1 R(A=1) Check if (A>0) The result is different from any serial schedule T 1, T 2 or T 2, T 1 W(A=0) Error! How to solve this? T 2 R(A=1) Check if (A>0) W(A=0) Locking mechanism Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

Another race condition example Situation: T 2 reads an object that has been modified Another race condition example Situation: T 2 reads an object that has been modified by T 1, but T 1 has not committed. T 1 transfers $100 from A to B. T 2 adds 6% interests to A and B. A nonserializable schedule is: T 1 R(A) W(A 100) R(A) Step 1: deduct $100 from A. Step 2: add 6% interest to A & B. Step 3: credit $100 in B. W(A+6% ) R(B) Why is the problem? The result differs based on different order of execution The result differs from any serial schedule -> Bank adds $6 less interest. T 2 W(B+6% ) Commit R(B) W(B+10 0) Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

Race Conditions Example: Program 8. 8 – Page 225 Who is the parent of Race Conditions Example: Program 8. 8 – Page 225 Who is the parent of the 2 nd child? Program 8. 12 – Page 229 Mixture of output by putc + setting of unbuffering for stdout Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

Can you spot the potential race condition? (avoid zombie processes by calling fork twice) Can you spot the potential race condition? (avoid zombie processes by calling fork twice) if (waitpid(pid, NULL, 0) != pid) /* wait for first child */ err_sys("waitpid error"); int main(void) { pid_t pid; if ((pid = fork()) < 0) { ((pid err_sys("fork error"); } else if (pid == 0) { /* first child */ (pid if (( pid = fork()) < 0) err_sys("fork error"); else if ( pid > 0) exit(0); /* parent from second fork == first child */ /* * We're the second child; our parent becomes init as soon * as our real parent calls exit() in the statement above. * Here's where we'd continue executing, knowing that when * we're done, init will reap our status. */ sleep(2); printf("second child, parent pid = %dn", getppid()); exit(0); } /* * We're the parent (the original process); we continue executing, * knowing that we're not the parent of the second child. */ exit(0); } What if the 2 nd child exit before the 1 st child called exit(0)? - parent of 2 nd child is not init by the 1 st child. Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

Race Conditions How to synchronize parent and child processes? Busy wait? while (getppid() != Race Conditions How to synchronize parent and child processes? Busy wait? while (getppid() != 1) sleep(1); Waste CPU time, other means possible: Inter. Process Communication facility, such as pipe fifo, semaphore, shared memory, etc. Program 8. 13 on Page 206 WAIT_PARENT(), TELL_CHILD(), WAIT_CHILD(), TELL_PARENT() Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

Can you spot the potential race condition? (avoid zombie processes by calling fork twice) Can you spot the potential race condition? (avoid zombie processes by calling fork twice) if (waitpid(pid, NULL, 0) != pid) /* wait for first child */ err_sys("waitpid error"); int main(void) { pid_t pid; if ((pid = fork()) < 0) { ((pid err_sys("fork error"); } else if (pid == 0) { /* first child */ (pid if (( pid = fork()) < 0) err_sys("fork error"); else if ( pid > 0) exit(0); /* parent from second fork == first child */ /* * We're the second child; our parent becomes init as soon * as our real parent calls exit() in the statement above. * Here's where we'd continue executing, knowing that when * we're done, init will reap our status. */ sleep(2); printf("second child, parent pid = %dn", getppid()); while (getppid() != 1) sleep(1); exit(0); /* * We're the parent (the original process); we continue executing, * knowing that we're not the parent of the second child. */ exit(0); } What if the 2 nd child exit before the 1 st child called exit(0)? - parent of 2 nd child is not init by the 1 st child. } Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

Can you spot the potential race condition? Program 8. 12 on page 229 $. Can you spot the potential race condition? Program 8. 12 on page 229 $. /a. out ooutput from child utput from parent static void charatatime(char *); int main(void) { pid_t pid; if ((pid = fork()) < 0) { ((pid err_sys("fork error"); } else if (pid == 0) { (pid charatatime("output from childn"); } else { charatatime("output from parentn"); } exit(0); $. /a. output from child output from parent } static void charatatime(char *str) { char *ptr; int c; setbuf(stdout, NULL); /* set unbuffered */ setbuf(stdout, for (ptr = str; (c = *ptr++) != 0; ) (ptr str; *ptr++) putc(c, stdout); } Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

Avoid race condition #include <sys/types. h> #include Avoid race condition #include #include "ourhdr. h" static void charatatime(char *); int main(void) { pid_t pid; TELL_WAIT(); if ( (pid = fork()) < 0) err_sys("fork error"); else if (pid == 0) { WAIT_PARENT(); // parent goes first charatatime("output from childn"); } else { charatatime("output from parentn"); TELL_CHILD(pid); } exit(0); } static void charatatime(char *str) { … … Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering } Graduate institute of Multimedia and Networking, National Taiwan University

exec (6 variations) Replace the text, data, heap, and stack segments of a process exec (6 variations) Replace the text, data, heap, and stack segments of a process with a program! Specify: new program, command line args, environment #include int execl(const char *pathname, const char *arg 0, … /* (char *) 0 */); int execv(const char *pathname, char *const argv[]); int execle(const char *pathname, const char *arg 0, … /* (char *) 0, char *const envp[] */); int execve(const char *pathname, char *const argv[], char *const envp[]); int execlp(const char *filename, const char *arg 0, … /* (char *) 0 */); int execvp(const char *filename, char *const argv[]); What do l, v, e, and p stand for? What one is the most general one? Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

exec l, v, and e stands for list, vector, and environment, respectively. command-line arg exec l, v, and e stands for list, vector, and environment, respectively. command-line arg must end with null pointer Limit on # of command line args: ARG_MAX With p, a filename is specified unless it contains ‘/’. PATH=/bin: /usr/bin: . /bin/sh is invoked with “filename” if the file is not a machine executable. When do you want to change environ parameters? login process Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

exec Inherited from the calling process: pid, ppid, real [ug]id, supplementary gid, proc gid, exec Inherited from the calling process: pid, ppid, real [ug]id, supplementary gid, proc gid, session id, controlling terminal, time left until alarm clock, current working dir, root dir, file mode creation mask, file locks, proc signal mask, pending signals, resource limits, tms_[us]time, tms_cutime, tms_ustime FD_CLOEXEC flag Requirement Closing of open dir streams May change: effective user/group ID if new program has set-uid. ID bit set Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

execlp execl build argv execvp execle try each PATH prefix execv use environ build execlp execl build argv execvp execle try each PATH prefix execv use environ build argv execve In many Unix implementations, execve() is a system call, other exec are library functions calling execve(). Program 8. 8 – Page 235 Program 8. 9 – Page 236 The prompt bet the printing of argv[0] and argv[1]. Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

exec example char *env_init[] = { exec example char *env_init[] = { "USER=unknown", "PATH=/tmp", NULL }; int main(void) { pid_t pid; if ((pid = fork()) < 0) { ((pid err_sys("fork error"); } else if (pid == 0) { /* specify pathname, specify environment */ (pid if (execle("/mnt/professor/hchu/sys_p rog_06/test/fig 8. 17. exe", "echoall", "myarg 1", "MY ARG 2", (char *)0, env_init) < 0) err_sys("execle error"); } if (waitpid(pid, NULL, 0) < 0) (waitpid(pid, err_sys("wait error"); if ((pid = fork()) < 0) { ((pid err_sys("fork error"); } else if (pid == 0) { /* specify filename, inherit environment */ (pid if (execlp("fig 8. 17. exe", "echoall", "only 1 arg", (char *)0) < 0) err_sys("execlp error"); linux 1: ~/sys_prog_06/test> fig 8. 16. exe argv[0]: echoall argv[1]: myarg 1 argv[2]: MY ARG 2 USER=unknown PATH=/tmp linux 1: ~/sys_prog_06/test> argv[0]: echoall argv[1]: only 1 arg USER=hchu LOGNAME=hchu HOME=/home/professor/hchu PATH=/usr/bin: /usr/X 11 R 6/bin: /opt/kde/bin: . MAIL=/var/mail/hchu SHELL=/bin/tcsh SSH_CLIENT=140. 112. 30. 82 46314 22 SSH_CONNECTION=140. 112. 30. 82 46314 140. 112. 30. 32 22 SSH_TTY=/dev/pts/5 TERM=xterm DISPLAY=localhost: 10. 0 LANG=zh_TW. Big 5 HOSTTYPE=i 486 -linux VENDOR=intel OSTYPE=linux MACHTYPE=i 486 SHLVL=1 PWD=/home/professor/hchu/sys_prog_06/test GROUP=users HOST=linux 1 REMOTEHOST=dhcp 1. csie. ntu. edu. tw LC_ALL=zh_TW. Big 5 } exit(0); } Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

program 8. 17 #include program 8. 17 #include "apue. h" int main(int argc, char *argv[]) { int i; char **ptr; extern char **environ; for (i = 0; i < argc; i++) /* echo all command-line args */ printf("argv[%d]: %sn", i, argv[i]); for (ptr = environ; *ptr != 0; ptr++) /* and all env strings */ printf("%sn", *ptr); exit(0); } Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

Changing User/Group ID’s This part is confusing … (when I read it) Why changes Changing User/Group ID’s This part is confusing … (when I read it) Why changes user id in the middle of a program execution? Least-privilege model: a program should use the least privilege necessary to accomplish any task. Reduce window of security vulnerability Example: a process needs to gain a privilege to access a privileged file Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

Recall … A process can have more than one ID. Real user/group ID: who Recall … A process can have more than one ID. Real user/group ID: who you really are Effective user/group ID: determine file access permission Supplementary group IDs Saved set-user/group-ID = owner of the program with set-user-id bit set Why do you need saved set-user-id? cannot give up privilege temporarily (and get it back) Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

Recall … #include <sys/types. h> #include <unistd. h> int setuid(uid_t uid); The process == Recall … #include #include int setuid(uid_t uid); The process == superuser set real/effective/saved-suid = uid Otherwise, euid=uid if uid == ruid or uid == saved-suid (suid = set -uid) Return 0 upon success Return -1 otherwise, errno=EPERM (_POSIX_SAVED_IDS) int setgid(gid_t gid); The same as setuid Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

User/Group ID’s Only superuser process can change the real uid – normally done by User/Group ID’s Only superuser process can change the real uid – normally done by the login program. The euid is set by exec only if the setuid bit is set for the program file. euid can only be set as its saved-suid or ruid. exec copies the euid to the saved-suid (after the setting of euid if setuid bit is on). Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

User/Group ID’s Example man program man is used for displaying manual pages The setuid User/Group ID’s Example man program man is used for displaying manual pages The setuid bit is on for man (owner=man). For file locking man calls setuid(ruid) for privileged file access on some configuration file Correct uid Switch the euid back to man after it is done with them Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

Example of using setuid() Step 1: exec tip program: Real user ID = Our Example of using setuid() Step 1: exec tip program: Real user ID = Our user ID Effective user ID = man Saved-set-user ID = man Step 2: access the required locks Step 3: setuid(getuid()) to return to normal permission Step 4: calling setuid(uucpuid) to change the effective user ID Real user ID = Our user ID Effective user ID = Our user ID Saved-set-user ID = man Real user ID = Our user ID Effective user ID = Man Saved-set-user ID = man Step 5: release the lock. Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

User/Group ID’s #include <sys/types. h> #include <unistd. h> int setreuid(uid_t ruid, uid_t euid); int User/Group ID’s #include #include int setreuid(uid_t ruid, uid_t euid); int setregid(uid_t rgid, uid_t egid); Change both ruid/rgid and euid/egid. Swapping of real and effective uids. Good for even unprivileged users. BSD only or BSD-compatibility library Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

User/Group ID’s #include <sys/types. h> #include <unistd. h> int seteuid(uid_t uid); int setegid(uid_t gid); User/Group ID’s #include #include int seteuid(uid_t uid); int setegid(uid_t gid); Change only euid/egid. Non-superusers can only set euid=ruid or savedsetuid. A privileged user only sets euid = uid. It is different from setuid(uid) Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University

User/Group ID’s superuser setreuid(ruid, euid) superuser setuid(uid) euid ruid real uid nonsuperuser setreuid nonsuperuser User/Group ID’s superuser setreuid(ruid, euid) superuser setuid(uid) euid ruid real uid nonsuperuser setreuid nonsuperuser setuid or seteuid superuser seteuid(uid) uid effective uid nonsuperuser setreuid saved suid exec of suid nonsuperuser setuid or seteuid The supplementary guid’s are not affected by the setgid function. Tei-Wei Kuo, Chi-Sheng Shih and Hao-Hua Chu© 2006 Department of Computer Science and Information Engineering Graduate institute of Multimedia and Networking, National Taiwan University