|
1 Introduction 2 Ground Rules Building a File System 3 File Systems 4 File Content Data Structure 5 Allocation Cluster Manager 6 Exceptions and Emancipation 7 Base Classes, Testing, and More 8 File Meta Data 9 Native File Class 10 Our File System 11 Allocation Table 12 File System Support Code 13 Initializing the File System 14 Contiguous Files 15 Rebuilding the File System 16 Native File System Support Methods 17 Lookups, Wildcards, and Unicode, Oh My 18 Finishing the File System Class The Init Program 19 Hardware Abstraction and UOS Architecture 20 Init Command Mode 21 Using Our File System 22 Hardware and Device Lists 23 Fun with Stores: Partitions 24 Fun with Stores: RAID 25 Fun with Stores: RAM Disks 26 Init wrap-up The Executive 27 Overview of The Executive 28 Starting the Kernel 29 The Kernel 30 Making a Store Bootable 31 The MMC 32 The HMC 33 Loading the components 34 Using the File Processor 35 Symbols and the SSC 36 The File Processor and Device Management 37 The File Processor and File System Management 38 Finishing Executive Startup Users and Security 39 Introduction to Users and Security 40 More Fun With Stores: File Heaps 41 File Heaps, part 2 42 SysUAF 43 TUser 44 SysUAF API Terminal I/O 45 Shells and UCL 46 UOS API, the Application Side 47 UOS API, the Executive Side 48 I/O Devices 49 Streams 50 Terminal Output Filters 51 The TTerminal Class 52 Handles 53 Putting it All Together 54 Getting Terminal Input 55 QIO 56 Cooking Terminal Input 57 Putting it all together, part 2 58 Quotas and I/O UCL 59 UCL Basics 60 Symbol Substitution 61 Command execution 62 Command execution, part 2 63 Command Abbreviation 64 ASTs 65 Expressions, Part 1 66 Expressions, Part 2: Support code 67 Expressions, part 3: Parsing 68 SYS_GETJPIW and SYS_TRNLNM 69 Expressions, part 4: Evaluation UCL Lexical Functions 70 PROCESS_SCAN 71 PROCESS_SCAN, Part 2 72 TProcess updates 73 Unicode revisted 74 Lexical functions: F$CONTEXT 75 Lexical functions: F$PID 76 Lexical Functions: F$CUNITS 77 Lexical Functions: F$CVSI and F$CVUI 78 UOS Date and Time Formatting 79 Lexical Functions: F$CVTIME 80 LIB_CVTIME 81 Date/Time Contexts 82 SYS_GETTIM, LIB_Get_Timestamp, SYS_ASCTIM, and LIB_SYS_ASCTIM 83 Lexical Functions: F$DELTA_TIME 84 Lexical functions: F$DEVICE 85 SYS_DEVICE_SCAN 86 Lexical functions: F$DIRECTORY 87 Lexical functions: F$EDIT and F$ELEMENT 88 Lexical functions: F$ENVIRONMENT 89 SYS_GETUAI 90 Lexical functions: F$EXTRACT and F$IDENTIFIER 91 LIB_FAO and LIB_FAOL 92 LIB_FAO and LIB_FAOL, part 2 93 Lexical functions: F$FAO 94 File Processing Structures 95 Lexical functions: F$FILE_ATTRIBUTES 96 SYS_DISPLAY 97 Lexical functions: F$GETDVI 98 Parse_GetDVI 99 GetDVI 100 GetDVI, part 2 101 GetDVI, part 3 102 Lexical functions: F$GETJPI 103 GETJPI 104 Lexical functions: F$GETSYI 105 GETSYI 106 Lexical functions: F$INTEGER, F$LENGTH, F$LOCATE, and F$MATCH_WILD 107 Lexical function: F$PARSE 108 FILESCAN 109 SYS_PARSE 110 Lexical Functions: F$MODE, F$PRIVILEGE, and F$PROCESS 111 File Lookup Service 112 Lexical Functions: F$SEARCH 113 SYS_SEARCH 114 F$SETPRV and SYS_SETPRV 115 Lexical Functions: F$STRING, F$TIME, and F$TYPE 116 More on symbols 117 Lexical Functions: F$TRNLNM 118 SYS_TRNLNM, Part 2 119 Lexical functions: F$UNIQUE, F$USER, and F$VERIFY 120 Lexical functions: F$MESSAGE 121 TUOS_File_Wrapper 122 OPEN, CLOSE, and READ system services UCL Commands 123 WRITE 124 Symbol assignment 125 The @ command 126 @ and EXIT 127 CRELNT system service 128 DELLNT system service 129 IF...THEN...ELSE 130 Comments, labels, and GOTO 131 GOSUB and RETURN 132 CALL, SUBROUTINE, and ENDSUBROUTINE 133 ON, SET {NO}ON, and error handling 134 INQUIRE 135 SYS_WRITE Service 136 OPEN 137 CLOSE 138 DELLNM system service 139 READ 140 Command Recall 141 RECALL 142 RUN 143 LIB_RUN 144 The Data Stream Interface 145 Preparing for execution 146 EOJ and LOGOUT 147 SYS_DELPROC and LIB_GET_FOREIGN CUSPs and utilities 148 The I/O Queue 149 Timers 150 Logging in, part one 151 Logging in, part 2 152 System configuration 153 SET NODE utility 154 UUI 155 SETTERM utility 156 SETTERM utility, part 2 157 SETTERM utility, part 3 158 AUTHORIZE utility 159 AUTHORIZE utility, UI 160 AUTHORIZE utility, Access Restrictions 161 AUTHORIZE utility, Part 4 162 AUTHORIZE utility, Reporting 163 AUTHORIZE utility, Part 6 164 Authentication 165 Hashlib 166 Authenticate, Part 7 167 Logging in, part 3 168 DAY_OF_WEEK, CVT_FROM_INTERNAL_TIME, and SPAWN 169 DAY_OF_WEEK and CVT_FROM_INTERNAL_TIME 170 LIB_SPAWN 171 CREPRC 172 CREPRC, Part 2 173 COPY 174 COPY, part 2 175 COPY, part 3 176 COPY, part 4 177 LIB_Get_Default_File_Protection and LIB_Substitute_Wildcards 178 CREATESTREAM, STREAMNAME, and Set_Contiguous 179 Help Files 180 LBR Services 181 LBR Services, Part 2 182 LIBRARY utility 183 LIBRARY utility, Part 2 184 FS Services 185 FS Services, Part 2 186 Implementing Help 187 HELP 188 HELP, Part 2 189 DMG_Get_Key and LIB_Put_Formatted_Output 190 LIBRARY utility, Part 3 191 Shutting Down UOS 192 SHUTDOWN 193 WAIT 194 SETIMR 195 WAITFR and Scheduling 196 REPLY, OPCOM, and Mailboxes 197 REPLY utility 198 Mailboxes 199 BRKTHRU 200 OPCOM 201 Mailbox Services 202 Mailboxes, Part 2 203 DEFINE 204 CRELNM 205 DISABLE 206 STOP 207 OPCCRASH and SHUTDOWN 208 APPEND Glossary/Index Downloads |
Preparing for execution There are several things to take into consideration when it comes to executing a program on any operating system. On older OSes, only a single program could run at a time so running a program was nothing more than loading the file into memory and starting execution. Modern operating systems can run multiple programs simultaneously. If the CPU has multiple cores, the programs can literally run simultaneously. But if the CPU has only a single core (or simply has more programs to run than it has cores), then the operating system has to switch between the programs. We will discuss task switching in a future article. Right now, what concerns us is how loading a program in a multi-tasking environment affects memory management. Obviously, simultaneously running programs cannot occupy the same memory, so we need to keep track of where the program image is loaded into memory, and how much memory it requires. A more subtle issue has to do with the shell (UCL being the default shell). The shell is nothing more than a program itself, but it can run other programs. But since a process only runs a single program at a time, how do we run both the shell and the program selected with the RUN command? There are any number of solutions, and we will cover a few of them here before we choose our approach. 1) We could terminate the shell, run the program, and then rerun the shell when the shell when the program terminates. This is a simple and straightforward approach, but there are consequences. UCL can execute programs at any point, including within loops and if/then blocks, these require context. Also recall that UCL has context in terms of open files, and multiple levels of command files. Thus, we would have to save that context before terminating the shell, then restore it all when we reopened the shell. Further, if a program has an exception, a UOS shell can provide an interactive environment where the user could fix the problem behind the exception and then continue the program, which means the program context has to be kept in these situations. Suddenly, this doesn't seem so simple. But it would work. 2) We could create a subprocess to run the program so that it runs in a process different than the the process running the shell. This is actually an elegant way to handle the situation. However, there are drawbacks to this approach as well. First, process creation is a relatively expensive operation and if being done in a loop in a command file, could significantly slow down a script, not to mention the system (due to the additional resources of new symbol tables, etc). Second, it counts additionally against user quotas since the subprocess quotas are counted in addition to the shell's process quotas. It is conceivable that a user could be unable to simply run a program if he used up his process quota. Third, because a subprocess has a different process ID, every time the user ran a program, it would run under a different PID - all of which are different than the shell's PID. If the user requested to see his PID, and then later tries to use it (for instance, to kill the process from another terminal), the PID he originally saw would not match the PID currently running the program that the user wishes to reference. This is both non-intuitive and unhelpful. 3) We could share the process ID for both the shell and the running program while saving the process contexts for both so that we could swap between them. Essentially, this is like the subprocess approach above, but we have two processes that take turns using the same PID. But just because we use the same PID as far as the user is concerned, we'd still have to have two processes internally that we'd have to keep track of somehow, so we're dealing with two processes for each process ID. This sounds needlessly complicated to me. 4) We could share the same memory for both the shell and the program images, they would simply be in different parts of the process address space. In fact, this is how some operating systems worked in the past. The drawback here is that a malicious - or merely buggy - program would have access to the image of the shell allowing it to modify it or run it at arbitrary addresses, which could corrupt the shell context or make it completely fail. Needless to say, we don't want errant programs being able to blow up the shell. So how does VMS handle the situation? Honestly, I have no idea. This is an internal implementation detail that I don't know has been publically documented anywhere. Not that UOS has to operate like VMS under the hood. We are using the VMS specification as a way of determining the way it appears to the programmer/user. We aren't slavishly following in their algorithmic path. As mentioned more than once before, some of the ways they did things are problmatic and we intentionally don't follow those VMS examples. So, in this case we will make a choice based on what makes most sense for UOS. We will go with something close to approach 3. But didn't I say that was needlessly complex? Fortunately, there is a feature of UOS that helps simplify the situation. Remember that UOS segregates itsself into multiple rings. Ring 0 is for the executive. Ring 1 is for drivers. Ring 3 is for user programs. What about ring 2? As it turns out, ring 2 (also referred to as the Supervisor ring, or Supervisor Mode) works very well as a place to run shells. Rings 0 and 1 run in the context of the executive and do not execute in the context of a process, although they perform services on behalf of processes. Rings 2 and 3 are reserved for use by the user. Processes can run program in both rings, although ring 2 is reserved for shells and utility code. Because the memory and resources are separated between the rings, we essentially have two processes that can operate within the context of a single PID. There is no need to do context switching other than what is normally done to switch between rings. Because the rings are separated by the hardware, we don't have to worry about a user program corrupting the shell. Granted, on a CPU without hardware support for rings, the program could still corrupt the shell, but it could also corrupt the executive. Obviously, we can't help in that situation. As a reminder, although there are similarities between UOS and VMS in terms of rings, we are not following VMS in this area. For instance, VMS drivers are part of ring 0. Likewise, use of Supervisor mode in VMS differs from UOS.
API routine. This resembles other
code in the routine such that I won't go into detail about it.
Run
method of the USC.
Run method in the past, but we've changed the routine
so much that it bears a complete review including the updated code. We start by obtaining
the process and exiting if there is an error. The privileges parameter indicates
the privileges to assign to the image while it executes. This is typically taken
from the privilege field of the file. The optional Supervisor parameter indicates
if the image should execute within ring 2 (supervisor). If false, the image executes
in ring 3 (user).
Shell should only be null if the
the user associated with this process has no shell defined for it. Next we trim
all but the file name from the executable string and assign it to the process' image
name.
Note that we make a couple calls to
BTMemoryLoadLibrary routine loads the image. This means that we
cannot load a program that is larger than half of the available memory on non-paged
systems. After the image is
loaded, we release the mapped file. If the loading fails, we exit with an error.
In any case, we close the file.
SCH_C_COM)
so the program will begin executing as soon as the scheduler is ready to run it, and
then get an execution context from the HAL. This context is used to manage task
switching. The address we pass to the HAL is the starting execution address as
determined by BTMemoryLoadLibrary from the executable file.
SCH_C_LOAD)
which tells the scheduler that the process is not yet ready to run. We determine
which ring to affect, given the Supervisor parameter.
In the next article, we'll look at the next UCL command and the CUSP that it runs.
Copyright © 2021 by Alan Conroy. This article may be copied in whole or in part as long as this copyright is included. |