cs4414: Operating Systems

Class 5: Gash Has No Privileges

Posted: Thu 30 January 2014

Problem Set 2 is now posted, and is due Sunday, 9 February. You should be making good progress on it by now.

Part 3 and Part 4 of the Rust tutorial should be helpful in understanding some of the things for PS2.

Slides


Videos

Kernels and Privileges

What can kernel code do that user-level programs cannot?

What instructions need to be privileged and why?

Virtualization

How is it possible to run and OS as a user-level program?

Building a Better Broswer

Should a browser be creating 1, 2, 43 or 153 processes on your machine?

The way engineers should answer questions like this is to think about tradeoffs: do the benefits outweigh the costs?

For most problems in computing, the answer changes about every 10 years. (Why every 10 years? If computing power increases according to Moore's Observation, 10 years is enough time for a 50x improvement. It would be really surprising if the relative costs and benefits of things don't change dramatically when the underlying technology cost changes by 50x.)

In the 1990s, memory was very expensive (relative to today), and unnecessary processes waste lots of memory. Using one process for the browser was the right answer. By the 2000s, memory was getting cheap enough that it was worth using lots of memory to build a more robust and secure browser. When Google introduced the Chrome browser in 2008, they did it using a really fantastic comic book! This book covers essentially all of the topics we will cover in this class, and has the added benefits of having funny pictures.

If one process per tab was the correct answer in 2008, surely the answer should have changed by now?

Humans shouldn't waste their precious time and get grumpy waiting for JavaScript programs to finish running in their web browser while useful computing resources sitting idle because your browser is too stupid to be able to use more than one process for the active page!

There's one big problem: browsers are big, complicated programs and changing how they use processes is not something to be done lightly. Its even worse (and effectively impossible) if you are using programming tools that dropped the useful features of pre-1960s languages in order to fit into the limited memory of machines available to researchers at Bell Labs in the late 1960s.

If you want to robustly and securely divide the work of rendering a web page across multiple cores, you want it to run in multiple threads (not separate processes since they do need to communicate frequently). For this, we need programming tools that make safe concurrency (relatively) easy. This is the main reason Rust is being developed: Mozilla wants to build a better browser that can use modern computers more efficiently, but didn't think this was possible using C++.

For more on Servo: Samsung teams up with Mozilla to build browser engine for multicore machines, arstechnica, 3 April 2013.

Gash Demo

What happened when I killed gash?

In which x86 ring does gash run?

comments powered by Disqus