Operating system security, memory protection

Security in Computing (3rd Edition)

Info icon This preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon
CS 161 Computer Security Fall 2005 Joseph/Tygar/Vazirani/Wagner Notes 29 1 Operating System Security Goals: • Protecting different applications running on the same machine at the same time from each other Keep malicious/buggy user programs from crashing OS Keep malicious/buggy user programs from crashing each other • Control over what applications run on a platform Need a secure environment from HW to OS levels Today’s topics: • Hardware support for protection • Creating secure systems 2 Hardware support for protection Hardware provides two things to help isolate a program’s effects to within just that program : • Address translation Non-executable regions • Dual mode operation 2.1 Address translation What is an Address Space? • Literally, all the memory addresses a program can touch. • All the state that a program can affect or be affected by. Achieve protection by restricting what a program can touch! Hardware translates every memory reference from virtual addresses to physical addresses; software sets up and manages the mapping in the translation box (see Figure 1). CS 161, Fall 2005, Notes 29 1
Image of page 1

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
CPU Translation Box (MMU) Physical Memory Virtual Address Physical Address Data read or write (untranslated) Figure 1: Address Translation in Modern Architectures. Two views of memory: • View from the CPU — what program sees, virtual memory • View from memory — physical memory Translation box (also called a memory management unit ) converts between the two views. Translation helps implement protection because there is no way for a program to even talk about other program’s addresses; no way for it to touch operating system code or data (see Figure 2). Translation also helps with the issue of how to stuff multiple programs into memory. Translation is implemented using some form of table lookup. Separate table for each user address space. 2.2 Dual mode operation Can an application modify its own translation tables? If it could, then it could get access to all of physical memory. Has to be restricted somehow. Dual-mode operation • When in the OS, can do anything (called “kernel mode”, “supervisor mode”, or “protected mode”) • When in a user program, restricted to only touching that program’s memory (user-mode) Implemented by setting a hardware-provided bit. Restricted operations can only be performed when the
Image of page 2
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern