









- 1. "The user is able to program in a two-dimensional virtual memory system. Thus, any single segment can grow (or shrink) during execution.
- 2. The user can, by merely specifying a starting point in a segment, operate a program implicitly without prior planning of the segments needed or of the storage requirements. For example, if an error diagnostic segment is unexpectedly called for, it is brought in automatically by the supervisor; it is never brought in unless needed.
- 3. The largest amount of code which must be bound (loaded) together as a solid block is a single segment.
- 4. Program segments appear to be the only reasonable way to permit pure procedures and data bases to be shared among several users simultaneously. Pure procedure programs, by definition, do not modify themselves."
- 5. Per-segment privileges, e.g. "execute-only" bit (!?)





- Any segment has to know another segment only by symbolic name. Intersegment binding occurs dynamically as needed during program execution. The mechanism operates at high efficiency after the first binding occurs.
- A segment is able to reference symbolically a location within another segment; dynamically and automatically; after binding occurs the first time, program execution is at full speed.
- It is straightforward for procedures to be **pure procedures**, capable of being shared by several users.
- Similarly, it is straightforward to write recursive procedures.
- The general conventions are such that the call, save, and return macros used to link one independently compiled procedure to another do not depend on whether or not the two procedures are in the same segment.
- Each user is provided with a private software "stack" for temporary storage within each subroutine.





- File System as "memory system which gives the users and the supervisors alike the illusion of maintaining a private set of segments or files of information for an indefinite period of time."
- All files of information are referred to by symbolic name and not by address.
- "This retention is independent of the complex of secondary storage devices of different capacity and access."
- Issues of privacy and security, addressed through access privileges.
- Synchronization of data access (shared reads vs. exclusive writes).
- Automatic backup to recover from mishaps.





















































- Why are Operating Systems so slow?!
- System call overhead
  - Kernel-User Context Switch Overhead
  - Address Space Switch Overhead
- Memory

| Hardware        | Abbreviation     | RISC/CISC   | MIPS                             |                |                                |
|-----------------|------------------|-------------|----------------------------------|----------------|--------------------------------|
| MIPS M2000      | M2000            | RISC        | 20                               |                |                                |
| DECstation 3100 | DS3100           | RISC        | 13                               |                |                                |
| Sun-4/280       | Sun4             | RISC        | 9                                |                |                                |
| VAX 8800        | 8800             | CISC        | 6                                |                |                                |
| Sun-3/75        | Sun3             | CISC        | 1.8                              |                |                                |
| Microvax II     | MVAX2            | CISC        | 0.9                              |                |                                |
|                 | Table 1: Hardwar | e Platforms | Configuration<br>M2000 RISC/os 4 | (microseconds) | MIPS-Relative<br>Speed<br>0.54 |
|                 |                  |             | DS3100 Sprite                    | 26             | 0.34                           |
|                 |                  |             | DS3100 Ultrix 3.1                |                | 0.60                           |
|                 |                  |             | 8800 Ultrix 3.0                  | 28             | 1.15                           |
|                 |                  |             | Sun4 SunOS 4.0                   | 32             | 0.68                           |
|                 |                  |             | Sun4 Sprite                      | 32             | 0.58                           |
|                 |                  |             | Sun3 Sprite                      | 92             | 1.0                            |
|                 |                  |             | Sun3 SunOS 3.5                   | 108            | 1.0                            |
|                 |                  |             | MVAX2 Ultrix 3.                  | 0 207          | 0.9                            |

| Hardware        | Abbreviation                        | RISC/CISC | MIPS              |              |                        |
|-----------------|-------------------------------------|-----------|-------------------|--------------|------------------------|
| MIPS M2000      | M2000                               | RISC      | 20                |              |                        |
| DECstation 3100 | DS3100                              | RISC      | 13                |              |                        |
| Sun-4/280       | Sun4                                | RISC      | 9                 |              |                        |
| VAX 8800        | 8800                                | CISC      | 6                 |              |                        |
| Sun-3/75        | Sun3                                | CISC      | 1.8               |              |                        |
| Microvax II     | MVAX2                               | CISC      | 0.9               |              |                        |
|                 | Table 1:         Hardware Platforms |           | Configuration     | Time<br>(ms) | MIPS-Relative<br>Speed |
|                 |                                     |           | M2000 RISC/os 4.0 | 0.30         | 0.71                   |
|                 |                                     |           | DS3100 Ultrix 3.1 | 0.34         | 0.96                   |
|                 |                                     |           | DS3100 Sprite     | 0.51         | 0.65                   |
|                 |                                     |           | 8800 Ultrix 3.0   | 0.70         | 1.0                    |
|                 |                                     |           | Sun4 SunOS 4.0    | 1.02         | 0.47                   |
|                 |                                     |           | Sun4 Sprite       | 1.17         | 0.41                   |
|                 |                                     |           | Sun3 SunOS 3.5    | 2.36         | 1.0                    |
|                 |                                     |           | Sun3 Sprite       | 2.41         | 1.0                    |
|                 |                                     |           | MVAX2 Ultrix 3.0  | 3.66         | 1.3                    |





| • | What happens during an address space switch?                            |
|---|-------------------------------------------------------------------------|
|   | - Switching the cache (?)                                               |
|   | - Switching the page table: 1 to 10 cycles                              |
|   | - TLB (!)                                                               |
| • | Tagged TLBs (e.g. MIPS)                                                 |
|   | - TLB entry contains address space id (ASID)                            |
|   | - Switching therefore transparent                                       |
| • | Untagged TLBs (Pentium, PowerPC, Alpha)                                 |
|   | - Address switch requires TLB flush                                     |
|   | - Cost is in TLB loads after the flush (e.g. 900 cycles on Pentium)     |
| • | Solutions:                                                              |
|   | <ul> <li>On PowerPC, use segments instead of address spaces.</li> </ul> |
|   | - On Pentium, the same, with some dynamic management                    |
|   | - Large address spaces: Use address spaces, makes no difference. (TLB   |
|   | needs to be reloaded anyway to accommodate large working sets.)         |















- A secure binding is a protection mechanism that decouples authorization from the actual use of a resource.
- · Secure bindings improve performance in two ways.
  - 1. The protection checks involved in enforcing a secure binding are expressed in terms of simple operations that the kernel (or hardware) can implement quickly.
  - 2. A secure binding performs authorization only at bind time, which allows management to be decoupled from protection.
- "Simply put, a secure binding allows the kernel to protect resources without understanding them."
- Basic techniques for secure bindings:
  - 1. HW support: ownership checks may be done in HW
  - 2. SW caching: e.g. software TLBs
  - 3. Downloading of code into kernel: allow an application thread of control to be immediately executed on kernel events.





