Cover Sheet for Examination Paper to be sat in May 2009

Department of Computer Science
University College London
Cover Sheet for Examination Paper to be sat in
May 2009
COMP3005 Operating Systems
Time allowed 2.5 hours
Calculators are allowed
Answer any THREE questions
Checked by First Examiner:
Date:
Approved by External Examiner:
Date:
COMP3005
1
Turn Over
COMP3005: Operating Systems, 2009
Answer any THREE questions
Marks for each part of each question are indicated in square brackets.
Calculators are permitted
COMP3005
2
Question 1
On Linux ext3 filesystem, when a user types :
mv /tmp/myfile /home/joe/myfile
then this moves “myfile” from the directory /tmp to the directory /home/joe.
a) If the directories /tmp and /home/joe are not on the same disk partition, then
the operating system must copy the contents of the file from one disk to the other,
but if the directories are on the same disk partition there is no need to copy the
file. Explain why this is.
[4 marks]
b) Assume the directories are on the same disk. With reference to inodes,
directories, permissions, etc, list the operations the operating system must perform
to find and move this file.
[11 marks]
c) If a program has opened /tmp/myfile for reading before the user issued the
mv command and the program tries to continue reading from the same file
descriptor after the file has been moved, what happens? Explain your reasoning,
and again assume the directories are on the same disk.
[6 marks]
d) If the power failed half way through the sequence of operations described in your
answer to (b) an Ext2 filesystem (which does not do journaling) might end up in
an inconsistent state. Pick one point in the sequence of operations where the state
would end up inconsistent and describe the inconsistencies that could arise.
[5 marks]
e) Ext3 is a journaling filesystem. What is meant by this?
[2 marks]
f) Explain how the Ext3 filesystem would repair the inconsistent state from (d) using
the journal when the power is restored. What is the eventual state of the
filesystem?
[5 marks]
[Total 33 Marks]
COMP3005
3
Turn Over
Question 2
a) The picture above shows a two-level page table. With reference to this diagram:
i.
Explain how a virtual memory address is mapped to a physical
memory address.
[ 5 marks]
ii.
If this is a 32-bit CPU and each top and second level page table can
contain 1024 entries, how large are the pages?
[4 marks]
iii.
At some point in time, a process has 3,500,000 bytes of program text,
800,000 bytes of heap and 120,000 bytes of stack. Assume each of
these starts on a new page, and is then contiguous in virtual memory,
with the heap growing up from the top of the program text and the
stack growing downwards from the top of virtual memory. If each
page table entry requires 32 bits, how much kernel memory is
occupied by the program’s page table?
[10 marks]
b) In the context of paged virtual memory, what is meant by copy-on-write?
[2 marks]
c) The Apache 1.3 web server uses uses a separate process for each network
connection to handle web requests. Explain why Apache’s performance is quite
acceptable on Unix which uses copy-on-write pages to implement the fork()
COMP3005
4
system call, but performance is much less good on Windows XP which lacks a
fork() system call.
[5 marks]
d) Windows XP does however implement shared libraries (also known as Dynamic
Load Libraries or DLLs).
i.
What is the main advantages of shared libraries?
[2 marks]
ii.
With reference to the diagram above, explain how the virtual memory
paging system can be used to implement shared libraries.
[5 marks]
[Total 33 Marks]
COMP3005
5
Turn Over
Question 3
The diagram above shows TCP being used to transfer data between an application on
one machine and an application on another machine. Recall that the TCP network
protocol reliably transmits data across the Internet. To do this a TCP receiver sends
acknowledgment packets to indicate that data packets have been received.
a) TCP is ack-clocked and uses a congestion window to control the rate of
transmission of packets into the network.
iii. What do these two terms mean?
[4 marks]
iv.
Suppose instead of using an ack-clocked window, the OS attempted to
calculate a data rate in bytes per second, and to transmit at precisely
this rate. Why might this be harder for the OS than the existing TCP
design?
[5 marks]
b) Sometimes the application on the receiving machine is not able to consume data
as fast as the application on the sending machine is able to generate data. With
reference to the OS buffers and OS mechanisms on both machines, explain the
process by which the sending application is slowed down to almost exactly the
rate that the receiving application can process. Assume the network itself is
uncongested.
[10 marks]
c) The Network Interface Card (NIC) uses DMA to transfer data received from the
network into kernel memory.
i.
What is DMA and why does the NIC use it?
[3 marks]
ii.
COMP3005
How are interrupts normally used with DMA?
6
[3 marks]
iii.
Suppose the NIC is an Ethernet interface running at 10Gbit/s. If the
machine attempts to receive full-size (1500byte) packets at line rate
using DMA in the normal way, what will happen?
[4 marks]
iv.
What can be done to improve performance in this case? Why do your
suggested improvements work?
[4 marks]
[Total 33 Marks]
COMP3005
7
Turn Over
Question 4
a) A few years ago stack-based buffer overflow attacks were the most common form
of software vulnerability. Write a very short C function that is vulnerable to a
stack-based buffer overflow attack, and explain how the buffer might be exploited
to cause arbitrary code to be executed. (Minor syntax errors in your C will not be
penalized, so long as the intent is clear).
[10 marks]
b) Explain how the following operating system mechanisms help prevent such
exploits:
i.
Non-executable stack.
[3 marks]
ii.
Write XOR execute.
[3 marks]
iii.
Address Space Layout Randomization (ASLR).
[3 marks]
c) On Linux, the fork() system call does not re-randomize the address space layout.
Consider the Apache 1.3 web server, which uses fork() to start a new process for
each new network connection it receives. How might an attacker exploit a
vulnerability in such a web server running on Linux, even though Linux
implements all three of the mechanisms from (b).
[6 marks]
d) Traditional security mechanisms on Unix that can be used to limit the damage
caused by exploits include chroot() and setuid() .
i.
How might you these protection mechanisms to contain exploits in the
Apache 1.3 web server?
[4 marks]
ii.
How might they be used to contain exploits in the Samba Network File
System server process, which normally uses a single process running
as root to serve all requests from all users?
[4 marks]
[Total 33 Marks]
COMP3005
8
Question 5
a) Shortest Seek Time First (SSTF) is a disk scheduling algorithm that attempts to
minimize the amount of time a disk spends seeking between cylinders. To do this
it maintains a queue of requests, and always services the request from the queue
that requires the smallest seek distance. Devise an example to show why this
algorithm is not commonly used in real operating system disk schedulers.
[5 marks]
b) Write down pseudocode for a better disk scheduling algorithm, and show why it
solves the problem you described with SSTF.
[6 marks]
c) How does the operating system’s thread scheduler get to be run if an application
does not voluntarily give up the CPU?
[2 marks]
d) A Windows XP system is simultaneously running a DVD player application in
one window, a word processor that the user is typing into in another window, and
in a third window it is running SETI@Home which does complex mathematical
analysis of recorded traces from a radio telescope. Explain how the Windows
thread scheduler schedules these applications in such a way they share the singlecore CPU in a way that is acceptable to the user.
[12 marks]
e) The diagram above shows the three states that a process can be in. For each
numbered arrow, give an example of an event that would cause the transition.
[8 marks]
[Total 33 Marks]
END OF PAPER
COMP3005
9
Turn Over