Information Technology Reference
In-Depth Information
is a hash function of the bytes in a file, such that it is computationally intractable
for an attacker to create a different file that matches the signature of the true
file. The BIOS checks the signature before jumping to the code, verifying its
authenticity.
The bootloader in turn loads the actual operating system kernel into mem-
ory, and jumps to it. Again, the bootloader can check the cryptographic sig-
nature of the operating system to verify that it has not been corrupted by a
virus. The operating system kernel executable image is usually stored in the file
system. Thus, to find the bootloader, the BIOS needs to know how to read a
block of raw bytes from disk. The bootloader needs to know how to read bytes
from the file system to find and read the operating system image.
When the operating system kernel starts running, it can initialize its data
structures, including setting up the interrupt table to point to the various in-
terrupt, exception and system call handlers. The kernel then starts the first
process, typically the user login page. To run this process, the operating sys-
tem reads the code for the login program from where it is stored on disk, and
jumps to the first instruction in the program, using the start process procedure
described above to safely transition control to user-level. The login process in
turn can trap into the kernel using a system call whenever it needs the kernel's
services, e.g., to render the login prompt on the screen. We will discuss what
system calls are needed for processes to do useful work in the next chapter.
2.5
Case Study: Virtual machines
Some operating system kernels provide the abstraction of a entire virtual ma-
chine at user-level. How do interrupts, exceptions, and system calls work in
this context? To avoid confusion when discussing virtual machines, we need to
remind you of some terminology we introduced in Chapter 1. The operating
system providing the virtual machine abstraction is called the host operating
system. The operating system running inside the virtual machine is called the
Definition: host operating
system
guest operating system.
Definition: guest
operating system
The guest operating system needs to be able to do everything a real operating
system would do. For example, to provide a guest disk, the host operating
system simulates a virtual disk as a file on the physical disk. To provide network
access to the guest operating system, the host operating system simulates a
virtual network using physical network packets. Likewise, the host operating
system needs to manage memory to provide the illusion that the guest operating
system is managing its own memory protection, even though it is running with
virtual addresses. We will discuss address translation for virtual machines in
more detail in a later chapter.
Here we focus on how the host operating system manages the control transfer
between processes running on the guest operating system and the guest OS itself.
