Review

Memory hierarchy arranges memory such that small, fast memory is near the CPU
and slow, high capacity memory is far away. This arrangement uses layers of
caching so that memory lookups for frequently used memory can be fast.

Cloud storage, USB, SATA Disk

registers, RAM, on-board cpu caches

Primary storage is volatile, fast, expensive, and low capacity; secondary
storage is non-volatile, high capacity, slow, cheap

Fewer processes can be loaded at once because gaps may not be large enough
Entire processes must be swapped in and out of memory (slow)
Memory utilisation is lower than it could be due to external fragmentation

Virtual memory is an abstraction for physical memory used by processes. VM
can be much larger than physical memory and allows processes to be split
into pages that can be placed arbitrarily in memory.

No need to remap addresses in assembly code;
Process's address space need not be contiguous in memory;
Easy to protect processes from accessing other process's memory

2^30/2^12 blocks -> divide by 8 to get the number of bytes

// The memory mapping unit translates virtual addresses to physical addresses.

// A page is a fixed-size, contiguous chunk of virtual memory
// A page frame is a fixed-size, contiguous chunk of physical memory

// Paging is the process of swapping pages into/out of memory

// A page fault occurs when we try to access a page that is not loaded into memory.
// In this case, we must fetch the missing page (and possibly swap an existing page out)

// A page table stores the relationships between virtual and physical pages

// 0 to pow(2, 16)-1
// 2^(16) / 2^(12) = 2^4 = 16 pages
// 2^(5) * 2 ^(10) / 2^(12) = 2^3 = 8 page frames

// 0xc004

The translation lookaside buffer (TLB) is a small hardware device for
mapping virtual addresses to physical addresses without going through page table.

// 0b 0000 0000 01 00 0000 0011   0000 0000 0100
// First page table index: 1
// Second page table index: 3
// Within page index: 4

// Reduces the size of the page table
// An inverted page table stores index based on page frames, not virtual pages

// To replace the page that will be used the least in the future

// Not referenced, not modified
// Not references, modified
// Referenced, not modified
// References, modified

// Must go through the entire page table
// Rough approximation of whether a page is likely to be accessed again

// FIFO removes the page at the beginning of the list
// the first page, e.g. the one that has been in memory the longest,
   might be a frequently used page

NFU stores a count for each page, but the count doesn't take into account recency

// NFU stores a count for each page. LFU reduces the count over time

// demand paging means only loading pages as they are needed

If memory is too small to hold the entire working set, many instructions
will lead to page faults. This is called thrashing

// The working set is the set of pages that are in use at a given time.

Pages accessed after 1704 are in the working set. => Pages 0, 2, 3

0x4c568004

0x4c567ffe

// A file is a logical collection of information

A file system is the software responsible for creating, destroying, organizing,
reading, writing, modifying, moving, and controlling access to files

// With inodes or in directories

// bitmaps or linked lists

// too big and we waste space within each block.

A sym link shares a file in multiple directories without copying the
contents to multiple places

BIOS executes the master boot record (MBR)
The MBR locates the active partition, reads the first block (called the boot block)
and executes the code stored there

// The MBR is executed first when you boot your computer

// Disks can be split into partitions, or big chunks of contiguous memory.
// Each partition can have its own file system

//Fast sequential access
//Fast random access
//Ability to dynamically grow
//Minimum fragmentation

// update the inode list
// Update the free list
// update the directory

In a journaling system, we keep track of all sub-tasks needed to complete
a task. If not all sub-tasks complete, we retry until successful.

// An indompotent action can be repeated multiple times to produce the same result
// Because the actions will be repeated until the task successfully repeats.

//Copying files is time consuming
//Need to make it easy to recover from common mistakes
//Need to make it possible to restore to different points in the past

// Only save files/directories that have changed

// compression
// snapshots

// physical saves all of memory sequentially from start to end
// logical only saves files/directories that have changed

// saves unused blocks, unchanged files
// might save “bad blocks” or blocks that should be ignored, such as system files
// Difficult/slow to restore a single file on request

// Identify all files and directories that have changed
// Identity all directories containing changed files/directories
// Save identified files/directories out

// Restore all diretories
// Restore all files

// Count references to blocks in freelist/bitmap
// Count references to blocks from inodes

// Count references to inodes from directories
// Check number of links in each inode

// caching
// block read-ahead
// reducing arm read motion

// A cache that writes modified data back to persistent storage

// If the system crashes, the data in the cache is lost

// If the system crashes, the file is corrupted

16/4 = 4 IDS

// Disks, USBs, etc

// E.g. Printers, Terminals, Network interfaces, Mice (pointing devices), Keyboard

// operates on a stream of characters, is not addressable and does not have seek operations

// stores information in fixed-sized blocks, each with its own address

// User-level
// Device-independent
// Device drivers
// Interrupt handlers
// Hardware

// Different devices can be handled in the same way by the user
// Common interfaces make it easier to add new devices
// The details of using each device is abstracted
// Errors can be handled without the user needing to be aware of them

// electrical component (controller)
// mechanical components

// Separate I/O space and memory spaces
// Memory-mapped I/O

// control register for a device, labeled with an integer.

//Can be written without assembly (easier)
//No special protection mechanisms are needed
//No special instructions need to be supported

// Makes caching more complicated
// Bus optimizations are more complicated

// control registers and data buffer, using special assembly instructions

// through special memory addresses that are assigned to device IO ports

The OS offloads reading and writing data to a controller so it can
work on other tasks in the meantime

// Interrupt number is used to lookup a handler
// Current process is stopped and their state saved
// Run the handler
// Acknowledge the interrupt
// Resume the stopped process

// programmed i/o (polling)
// interrupt-driven i/o (cpu handles many interrupts)
// i/o with direct memory access (cpu received one interrupt when DMA is done)

//A device driver is software that implements device-specific code for an operating system

// Provide a uniform interface for working with devices

// API specifications for drivers
// Naming conventions (/dev/disk0, /dev/tty)
// Shared error reporting interface

// Buffering refers to the practice of accumulating data in an array for reading or writing.

Spooling refers to saving requests in files.
Printers use spooling.

// make IO calls; format IO, spooling
// naming, protection, blocking, buffering, allocation
// setup device registers; check status
// wake of driver when io complete
// perform io operation

Programs can access any I/O device without needed to know the specifics
of how that device works.

If an error can be gracefully resolved without notifying the user,
the user doesn't need to know

// file names are used in UNIX to refer to devices /dev/lp, /dev/tty, /dev/disk0 etc

A shareable device can be used simultaneously by different processes (memory);
A dedicated devcie can only be used by one process at a time (printer)

// mouse press, keyboard press, resize window, etc

// button, labels, scroll bars, dropdown list etc

// A simulated computer

// Run a program in a safe, sandboxed environment
// Test on multiple platforms using a single machine
// Store a program with its running environment so it can always be run
// Prototype new systems on an existing system
// Multiple clients can share the same hardware

// Safety: hypervisor should have full control of virtualized resources.
// Fidelity: virtual machine should behave identically ro running on bare hardware.
// Efficiency: VM should mostly run without intervention by hypervisor.

// A sensitive instruction behaves differently in user vs kernel mode
// A privileged instruction causes a trap in user mode

// Anything sensitive that needs kernel mode should generate a trap

// Layer that mediates between the VM and hwardware
//   (aka Virtual Machine Monitor)

// type 1: Directly accesses hardware like a real OS (ex. WSL2)
// type 2: Accesses hardware through the host OS (ex. Virtual Box)

// The cloud is a collection of many servers, typically managed in a data center
// Users share a server through independent VMs, each with limited CPU/memory

// A vulnerability is a bug that impacts security of a system
// Inputs that trigger a security bug are called an exploit
// Malware is malicious software that is installed on a user's machine without their consent

// noop sled
// stack randomization
// buffer canaries
// stack corruption detection
// strict code/intruction regions

// confidentiality
// integrity
// availability

News, wikipedia, maps

// Shuffling data so it can only be read by someone with a key
// Study of techniques for keeping data secret

Protection features that make it hard for attackers to make a system
behave in ways that are not intended.
Exs: remove unneeded services, applying security fixes, etc

// Each domain should have the least amount of privileges necessary to do its work.

// A set of (object, right) pairs

// domain = user, object = file, right = read/write/execute

// verifying the identity of an individual or message

// The strength of the encryption should be due to the key and not the algorithm

Both parties need to have the same key -- how can we share keys safely?
Public-key cryptography using distinct keys, one of which is safe to share publicly.

// given the encryption key, it is easy to find the description key

// given the encrypt key, the decrypt key is very hard to crack

// Given encrypted data, the original message is impossible to guess
// Computing y = f(x) is easy but x = fInverse(y) is hard

// one-way

We check the SHA (Secure Hash Algorithm) of the document against the
un-decrypted digital signature. If they match the document is untampered with.

// how to share public keys with users who we don't interact with directly

// Something the user knows, has, or is

// passwords shoudl be encrypted with system-specific salt

// logic bombs
// login spoofing
// back door

// malware that replicates itself

// set of computers working together via malware

// embedding malware inside a useful application

// visiting a website installs malware

// malware that locks your machine until you pay a ransom

// a virus is malware that can reproduce itself by attaching its code to another program

// companion
// overwrite
// parasitic
// memory
// boot sector virus
// device driver
// macro virus

// It continually installed multiple copies of itself on the same machine

A rootkit is a program that attempts to conceal its existence by hiding in
places where it cannot be scanned

Spyware is software that surreptitiously runs in the background,
doing other work, such as marketing telemetry

// Change your browser
// Add shortcuts
// Place ads in standard windows dialogs

// firewall
// virus scanner
// code signing
// jail/sandboxes