Enforcing Modularity with Domains in Thread Management

Slide Note
Embed
Share

Exploring the concept of domains in thread management to enforce modularity and prevent threads from accessing memory outside their designated ranges. By allocating threads to specific domains and using memory managers, we can enhance security and stability in software systems, particularly in scenarios like implementing bounded buffers.

mann_ere
mann_ere Follow

Uploaded on Oct 09, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript

  1. How to enforcing modularity with domains? Prof. Zhang Gang The Department of Computer Science & Technology TJRAC, China gzhang@tju.edu.cn 2016.10

  2. Contents Review Some conceptions about domain Allocate and map a new domain How to control thread to access the domain? How to check permission by memory manager? More enforced modularity with kernel and user mode Enforcing modularity for bounded buffers

  3. Review The implementation of bounded buffers took advantage that all threads share the same physical memory, but sharing memory does not enforce modularity well. A program may calculate a shared address incorrectly and write to a memory location that logically belongs to another module. To enforce modularity we must ensure that the threads of one module cannot overwrite the data of another module.

  4. Some conceptions about domain 1. Domain A thread s references is restricted in a contiguous range of memory addresses. The contiguous range of memory addresses is called domain. When a programmer calls ALLOCATE_THREAD, the programmer specifies a domain in which the thread is to run. The thread manager records a thread s domain.

  5. Some conceptions about domain 2. Domain register A thread should refer to memory within its domain only A domain register contains the address ranges that the currently running thread is allowed to use the lowest address and highest address Each processor there is a domain register

  6. Some conceptions about domain 3. Memory manager A memory manager is a special interpreter. A memory manager is typically implemented in hardware and placed between a processor and the bus. ALLOCATE_THREAD loads the processor s domain register with the thread s domain.

  7. Some conceptions about domain The memory manager checks for each memory reference that the address is equal or higher than low and smaller than high. If it is, the memory manager issues the corresponding bus request. If not, it interrupts the processor, signaling a memory reference exception. The exception handler can then decide what to do. One option is to deliver an error message and destroy the thread.

  8. Some conceptions about domain This design ensures that a thread can make references only to addresses that are in its domain. Threads cannot overwrite or jump to memory locations of other threads.

  9. Some conceptions about domain 4. Share domains To allow for sharing, each thread is allowed to have several domains, as many as a thread needs. Each processor is given several domain registers. Now a designer can partition the memory of the programs and control sharing.

  10. Some conceptions about domain For example, a client may be split into four separate domains one domain containing the program text one domain containing the data one domain containing the stack one domain containing the bounded message buffer A service may be split in the same way.

  11. Allocate and map a new domain base_address ALLOCATE_DOMAIN (size): allocate a new domain of size bytes and return the base address of the domain. ALLOCATE_DOMAIN request to allocate size bytes of memory MAP_DOMAIN (base_address): Add the domain starting at address base_address to the calling thread s domains If two or more threads map a domain, then that domain is shared among those threads.

  12. How to control thread to access the domain? Memory regions list record the regions not in use Domain table record the base_address and size MAP_DOMAIN loads the domain s bounds from the domain table into a domain register of the thread s processor. If two or more threads map a domain, then that domain is shared among those threads.

  13. How to control thread to access the domain? Domain register can be extended to record access permissions for improving the control mechanism A domain register might include three bits READ, WRITE, or EXECUTE which separately control permission to READ, WRITE, or EXECUTE any of the bytes in the associated domain MAP_DOMAIN will be modified as follows MAP_DOMAIN (base_address, permission)

  14. How to control thread to access the domain? A LOAD instruction requires READ permission for its address memory manager must check that the address is in a domain with READ access A STORE instruction requires WRITE permission for its address memory manager must check that the address is in a domain with WRITE access To execute an instruction at the address in the PC requires EXECUTE permission.

  15. How to check permission by memory manager? The pseudocode details the check performed by the memory manager. in practice the memory manager is implemented in hardware integrated with the processor

  16. How to check permission by memory manager? The memory manager can implement security policies, because it controls which threads have access to which parts of memory. It can deny or grant a thread s request for allocating a new domain or for sharing an existing domain. In the same way, it can control which threads have access to which devices.

  17. More enforced modularity with kernel and user mode Domain registers restrict the addresses to which a thread can make reference But a thread can change its domains Because domain table can be referenced by a thread So we must also ensure that a thread cannot change its domains We need a mechanism to control changes to the low, high, and permission fields of a domain register.

  18. More enforced modularity with kernel and user mode Add one bit to the processor indicating whether the processor is in kernel mode or user mode Extend the set of permissions for a domain to include KERNEL-ONLY Instructions can change the value of the processor s domain registers only in kernel mode. Similarly, instructions can change the mode bit only in kernel mode.

  19. More enforced modularity with kernel and user mode Using the kernel and user mechanisms, each thread has two additional domains, memory manager and domain table, marked K for KERNEL-ONLY. So a thread in user mode cannot change its domain information.

  20. Enforcing modularity for bounded buffers There is a problem in this case. A thread can modify the shared buffer accidently. Thus, an error in one thread could indirectly affect the other thread.

  21. Enforcing modularity for bounded buffers The shared bounded buffer can be protected by putting the buffer in a shared kernel domain The threads cannot directly write the shared buffer in user mode.

  22. Enforcing modularity for bounded buffers The threads must transition to kernel mode to copy messages into/from the shared buffer. When a thread invokes SEND/RECEIVE, it changes to kernel mode SEND and RECEIVE are supervisor calls

  23. Enforcing modularity for bounded buffers Why putting shared bounded buffer in a shared kernel domain can enforced modularity? The threads in user mode have no direct access to a bounded buffer s messages The program running in kernel mode is written more carefully So this design provides stronger enforced modularity

  24. Reference PRINCIPLES OF COMPUTER SYSTEM DESIGN: AN INTRODUCTION Jerome H. Saltzer M. Frans Kaashoek Department of Electrical Engineering and Computer Science Massachusetts Institute of Technology 24

  25. CHAPTER 5 ENFORCING MODULARITY WITH VIRTUALIZATION 5.1. Client/server organization within a computer using virtualization 5.2. Virtual links using SEND, RECEIVE, and a bounded buffer 5.3. Enforcing modularity with domains 5.4. Virtualizing memory 5.5. Virtualizing processors using threads 5.6. Thread primitives for sequence coordination 25

  26. Thank you! 26

Related


Understanding Protein Domains and Databases

Understanding Protein Domains and Databases

wzeil
Understanding DNS Firewall Architecture at Virginia Tech

Understanding DNS Firewall Architecture at Virginia Tech

lathyndi
The Sacred Thread Ceremony (Upanayana) in Hindu Tradition

The Sacred Thread Ceremony (Upanayana) in Hindu Tradition

kobi
Hybrid Tracking of Cross-Thread Dependences in Parallel Programs

Hybrid Tracking of Cross-Thread Dependences in Parallel Programs

brookly
Mastering C++ Functions and Modularity with Example Programs

Mastering C++ Functions and Modularity with Example Programs

troester_l
Optimized Algorithm for Minimum Link Rectilinear Paths in Triangulated Domains

Optimized Algorithm for Minimum Link Rectilinear Paths in Triangulated Domains

phelan
Hierarchical Attention Transfer Network for Cross-domain Sentiment Classification

Hierarchical Attention Transfer Network for Cross-domain Sentiment Classification

mccleary_m
Regulation of Axon Pathfinding in Zebrafish CoPA Neurons by PTK7 Protein Domains

Regulation of Axon Pathfinding in Zebrafish CoPA Neurons by PTK7 Protein Domains

serenite
Effective Strategies for Writing TCM Service Notes

Effective Strategies for Writing TCM Service Notes

georgina
Hindu Upanayana Ceremony Explained

Hindu Upanayana Ceremony Explained

koryl
Advanced Multi-Threaded Development Overview

Advanced Multi-Threaded Development Overview

dem_cru
Threaded Construction and Fill of Tpetra Sparse Linear System Using Kokkos

Threaded Construction and Fill of Tpetra Sparse Linear System Using Kokkos

begg_a
Understanding the Concept of Volatile Variables in Multithreading

Understanding the Concept of Volatile Variables in Multithreading

tutt_die
Understanding Multithreading in Computing

Understanding Multithreading in Computing

cmutt
Understanding OpenMP Programming on NUMA Architectures

Understanding OpenMP Programming on NUMA Architectures

keleher_t
Enforcing EEA Competition Law in Iceland: Fines and Actions

Enforcing EEA Competition Law in Iceland: Fines and Actions

ibail
FlowTags: Enforcing Network-Wide Policies with Dynamic Middlebox Actions

FlowTags: Enforcing Network-Wide Policies with Dynamic Middlebox Actions

hsto
Understanding Property Manager and Strata Council Duties in Enforcing Nuisance and Noise Bylaws

Understanding Property Manager and Strata Council Duties in Enforcing Nuisance and Noise Bylaws

eliyahu
Understanding Computer System Protection and Security

Understanding Computer System Protection and Security

gmar
Desired Features of a Software Build System for DUNE DAQ

Desired Features of a Software Build System for DUNE DAQ

gullett_l
Domain-Agnostic Information Model for Vehicle Data Transformation

Domain-Agnostic Information Model for Vehicle Data Transformation

danger
Understanding BCube Network Architecture for Data Centers

Understanding BCube Network Architecture for Data Centers

micge
Comprehensive ABO Clinical Exam Domains Assessment for School Case

Comprehensive ABO Clinical Exam Domains Assessment for School Case

baylor
Comprehensive Overview of the Intelligence and Development Scales - Second Edition (IDS-2)

Comprehensive Overview of the Intelligence and Development Scales - Second Edition (IDS-2)

amarantha

More Related Content

Evolution of Internet Technology in Tourism: A Comprehensive Study
Evolution of Internet Technology in Tourism: A Comprehensive Study
Understanding Operating System Protection Principles
Understanding Operating System Protection Principles
Strategies for Enhanced Verification Success and Longevity
Strategies for Enhanced Verification Success and Longevity
Comprehensive Framework for Teacher Growth in Yukon
Comprehensive Framework for Teacher Growth in Yukon
Understanding Protein Tertiary Structure and Motifs
Understanding Protein Tertiary Structure and Motifs
Applications of Time-Frequency Analysis for Filter Design
Applications of Time-Frequency Analysis for Filter Design
Early Childhood Learning Domains: A Comprehensive Overview
Early Childhood Learning Domains: A Comprehensive Overview
Country Names in the Domain Name System (DNS)
Country Names in the Domain Name System (DNS)
Exploring Paired Comparisons Testing Dimensions in Cultural Domains
Exploring Paired Comparisons Testing Dimensions in Cultural Domains
Understanding Cultural Consensus Analysis in Psychological Anthropology
Understanding Cultural Consensus Analysis in Psychological Anthropology
Understanding DNS Flag Day and EDNS: A Comprehensive Overview
Understanding DNS Flag Day and EDNS: A Comprehensive Overview
Advancements in NOAA's Next-Generation NWP System
Advancements in NOAA's Next-Generation NWP System
Understanding Advanced Analog IC Design and Filtering Techniques
Understanding Advanced Analog IC Design and Filtering Techniques
UNN Website Development and Maintenance Progress Report
UNN Website Development and Maintenance Progress Report
Divide-and-Conquer Algorithm for Two-Point Shortest Path Queries in Polygonal Domains
Divide-and-Conquer Algorithm for Two-Point Shortest Path Queries in Polygonal Domains
Exploring the Diversity of Life: A Journey through Different Domains and Kingdoms
Exploring the Diversity of Life: A Journey through Different Domains and Kingdoms
Understanding Functions and Data Types in Programming
Understanding Functions and Data Types in Programming
Understanding Health Education: Domains of Learning and Stages of Behavior Change
Understanding Health Education: Domains of Learning and Stages of Behavior Change
Veteran Well-being Framework: A Comprehensive Approach for Veterans' Welfare
Veteran Well-being Framework: A Comprehensive Approach for Veterans' Welfare
Understanding Declarative Programming and Regular Expressions
Understanding Declarative Programming and Regular Expressions
Understanding Child Development Domains
Understanding Child Development Domains
Bridging AMIR and CEFR Scales in Language Testing
Bridging AMIR and CEFR Scales in Language Testing
Understanding Bloom's Taxonomy of Learning Domains
Understanding Bloom's Taxonomy of Learning Domains
Current Policy Issues Regarding Three-Character Country Codes as Top-Level Domains
Current Policy Issues Regarding Three-Character Country Codes as Top-Level Domains