LIBRARY TECHNICAL REPORT DECTION NAVAL POSTGRADUATE SCHOOL MONIELEY, CM. JONIA 93940



NPS52-81-001

# NAVAL POSTGRADUATE SCHOOL Monterey, California





The Naval Postgraduate School SECURE ARCHIVAL STORAGE SYSTEM

Part II

- Segment and Process Management Implementation -

Lyle A. Cox, Roger R. Schell, and Sonja L. Perdue

March 1981

Approved for public release; distribution unlimited red for:



FEDDOCS D 208.14/2:NPS-52-81-001 of Naval Research gton, Virginia 22217

# NAVAL POSTGRADUATE SCHOOL Monterey, California

Rear Admiral J. J. Ekelund Superintendent

D. A. Schrady Acting Provost

This research was partially supported by grants from the Office of Naval Research, Project No. 427-001, monitored by Mr. Joel Trimble, and the Naval Postgraduate School Research Foundation.

Reproduction of all or part of this report is authorized.

This report was prepared by:

Unclassified SECURITY CLASSIFICATION OF THIS PAGE (When Date Entered

t

| DEDORT DOCUMENTATION                                                                                                                                                                                                                                        |                                                                                                | READ INSTRUCTIONS                                                                                                                         |  |  |  |  |
|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------|--|--|--|--|
|                                                                                                                                                                                                                                                             | BEFORE COMPLETING FORM                                                                         |                                                                                                                                           |  |  |  |  |
| NPS52-81-001                                                                                                                                                                                                                                                | 2. GOVT ACCESSION NO.                                                                          | 3. RECIPIENT'S CATALOG NUMBER                                                                                                             |  |  |  |  |
| 4. TITLE (and Subtitle)                                                                                                                                                                                                                                     | · · ·                                                                                          | 5. TYPE OF REPORT & PERIOD COVERED                                                                                                        |  |  |  |  |
| The Naval Postgraduate School                                                                                                                                                                                                                               | Technical Report                                                                               |                                                                                                                                           |  |  |  |  |
| SECURE ARCHIVAL STORAGE SYSTEM<br>Part II - Segment and Process Man                                                                                                                                                                                         |                                                                                                |                                                                                                                                           |  |  |  |  |
| Implementation                                                                                                                                                                                                                                              | 6. PERFORMING ORG. REPORT NUMBER                                                               |                                                                                                                                           |  |  |  |  |
| 7. AUTHOR(s)                                                                                                                                                                                                                                                | 8. CONTRACT OR GRANT NUMBER(0)                                                                 |                                                                                                                                           |  |  |  |  |
| Lyle A. Cox, Roger R. Schell, and Sonja L. Perdue                                                                                                                                                                                                           | •                                                                                              |                                                                                                                                           |  |  |  |  |
| 9. PERFORMING ORGANIZATION NAME AND ADDRESS                                                                                                                                                                                                                 |                                                                                                | 10. PROGRAM ELEMENT, PROJECT, TASK<br>AREA & WORK UNIT NUMBERS                                                                            |  |  |  |  |
| Naval Postgraduate School                                                                                                                                                                                                                                   |                                                                                                | 61152N; RR000-01-10                                                                                                                       |  |  |  |  |
| Monterey, CA 93940                                                                                                                                                                                                                                          |                                                                                                | N <b>000</b> 1481WR10034                                                                                                                  |  |  |  |  |
| 11. CONTROLLING OFFICE NAME AND ADDRESS                                                                                                                                                                                                                     |                                                                                                | 12. REPORT DATE                                                                                                                           |  |  |  |  |
| Naval Postgraduate School                                                                                                                                                                                                                                   |                                                                                                | March 1981                                                                                                                                |  |  |  |  |
| Monterey, CA 93940                                                                                                                                                                                                                                          |                                                                                                | 451                                                                                                                                       |  |  |  |  |
| 14. MONITORING AGENCY NAME & ADDRESS(II different                                                                                                                                                                                                           | from Controlling Office)                                                                       | 15. SECURITY CLASS. (of this report)                                                                                                      |  |  |  |  |
| Chief of Naval Research                                                                                                                                                                                                                                     |                                                                                                | Unclassified                                                                                                                              |  |  |  |  |
| Arlington, Virginia 22217                                                                                                                                                                                                                                   |                                                                                                | 15. DECLASSIFICATION/DOWNGRADING<br>SCHEDULE                                                                                              |  |  |  |  |
| 16. DISTRIBUTION STATEMENT (of this Report)                                                                                                                                                                                                                 |                                                                                                |                                                                                                                                           |  |  |  |  |
| 17. DISTRIBUTION STATEMENT (of the abetract entered to                                                                                                                                                                                                      | n Block 20, il dillerent fro                                                                   | m Report)                                                                                                                                 |  |  |  |  |
| 18. SUPFLEMENTARY NOTES                                                                                                                                                                                                                                     |                                                                                                |                                                                                                                                           |  |  |  |  |
|                                                                                                                                                                                                                                                             |                                                                                                |                                                                                                                                           |  |  |  |  |
| 19. KEY WORDS (Continue on reverse elde if necessary and                                                                                                                                                                                                    | identify by block number)                                                                      |                                                                                                                                           |  |  |  |  |
| Security Kernel, Microcomputers, A<br>Operating Systems, Computer Secur                                                                                                                                                                                     | Archival Storage<br>ity                                                                        | , Computer Networks,                                                                                                                      |  |  |  |  |
| 20. ABSTRACT (Continue on reverse side if necessary and                                                                                                                                                                                                     | identify by block number)                                                                      |                                                                                                                                           |  |  |  |  |
| The security kernel technolog<br>for highly reliable protection of<br>operating system implementations<br>(1) adequate computational resour-<br>clean, straightforward structure<br>This paper presents the experience<br>ation using the Advanced Micro De | computerized in<br>face two signifi<br>ces for applicat<br>whose correctnes<br>e on an ongoing | formation. However, the<br>cant challenges: providing<br>ions tasks, and (2) a<br>s can be easily reviewed.<br>security kernel implement- |  |  |  |  |

# 20.

the Z8002 microprocessor. The performance issues of process switching domain changing, and multiprocessor bus contention are explicitly addressed. The strictly hierarchical (i.e., loop-free) structure prov a series of increasingly capable, separately usable operating system subsets. Security enforcement is structured in two layers: the basic kernel rigorously enforces a non-discretionary (viz., lattice model) policy, while an upper layer provides the access refinements for a discretionary policy.

# The Naval Postgraduate School

# SECURE ARCHIVAL STORAGE SYSTEM

# Part II

-Segment and Process Management Implementation-

by

Roger R. Schell, Lyle A. Cox, and Sonja L. Perdue March 1981

Report number: NPS52-81-001

# THE STRUCTURE OF A SECURITY KERNEL FOR A Z8000 MULTIPROCESSOR

LYLE A. COX, Jr., and ROGER R. SCHELL, Col., USAF

Department of Computer Science Naval Postgraduate School Monterey, California

# ABSTRACT

The security kernel technology has provided the technical foundation for highly reliable protection of computerized information. However, the operating system implementations face two significant challenges: providing (1) adequate computational resources for applications tasks, and (2) a clean, straightforward structure whose correctness can be easily reviewed. This paper presents the experience of an ongoing security kernel implementation using the Advanced Micro Devices 4116 single-board computer based on the Z8002 microprocessor. The performance issues of process switching, domain changing, and multiprocessor bus contention are explicitly addressed. The strictly hierarchical (i.e., loop-free) structure provides a series of increasingly capable, separately usable operating system subsets. Security enforcement is structured in two layers: the basic kernel rigorously enforces a non-discretionary (viz., lattice model) policy, while an upper layer provides the access refinements for a discretionary policy.

#### BACKGROUND

For the last two and a half years the Naval Postgraduate School has been conducting a research and development project involving security kernel based operating systems designed for multiple processor implementations. As this work continues we feel that it is important to report on our progress and experiences, especially in the area of microprocessor implementations.

This effort has come to be known as the "SASS" or Secure Archival Storage System project [1]. In fact, this is a misnomer, as SASS is but a single instance of a more general family of secure operating systems designed early in the project [2]. While SASS has been the object of the majority of the research reported it is not the only implementation. Another operating system of this family has also been written to support a signal processing system that uses multiple Intel 8086 processors [3].

- iii -

SASS has been our principal testbed for exploring the implementation and performance issues related to these types of operating systems. SASS itself was designed to be a comprehensive multiuser, multilevel secure file storage system. As designed, it will consist of a small number of Z8000-based [4] single board computers sharing a single Multibus with storage devices and input/output devices. SASS will interface via bidirectional lines to a number of "host" systems, as illustrated in Figure 1. SASS will provide each host with a hierarchical file system. This system can be used to store and retrieve files, and share files with other hosts. This design will allow SASS to serve as a central hub of a data secure network of computers with diverse security authorization for sensitive information. SASS provides archival, shared storage while insuring that each interfaced host processor can access only that information appropriate to its security authorizations.

- iv -



# Figure 1: SASS System Interfaces

- v -

#### STRUCTURE

For this family of operating systems the security kernel technology has been used not only to effect security but also to provide the underlying organizational framework for the operating system. The SASS, one member of this family, is in the final stages of implementation. This development experience has highlighted the importance of several features that are key to this family:

- The pervasive, yet systematizing impact of the security kernel methodology [5].

- The design simplicity that accompanies a loop-free modularization that is highly compatible with the resource sharing and multiprogramming functions.

- The significance of a high degree of configuration independence, particularly for the ability to use the latest microprocessors for testbed implementation.

Independent of security, this particular kernel structure is attractive as a canonical operating system interface. It appears adequate for a wide range of functionality and capacity, and it evidences a high degree of independence from hardware idiosyncrasies. These operating system features will be discussed further below.

- vi -

# Security Kernel Approach

Members of this operating system family are organized with three distinct extended machine layers: (1) the security kernel, (2) the supervisor, and (3) the applications. This is illustrated in Figure 2. The concept of a hierarchy of extended machines is, to be sure, not new; however, the security kernel significantly constrains the organization. In particular, for reason of security all the management of physical resources must be within the kernel itself. Furthermore, confidence is increased by keeping the kernel as small and simple as possible. This means that much of what is commonly thought of as the operating system is provided outside the kernel in the supervisor layer. For this particular family member there is no major applications layer (viz., within SASS itself), since the applications are contained in the individual hosts.

The basic family of operating systems requires the kernels to provide extended virtual machines that specifically support both asynchronous processes and segmented address spaces. Within SASS, the kernel virtualizes processors, all levels of storage, and input/output. The kernel creates virtualized objects -- processes, segments, and devices. It is this "pure" virtual interface that is attractive as the

- vii -



Figure 2: Extended Machine Layers

- viii -

basis for canonical operating system features. The SASS supervisor is in turn built upon the kernel, using these virtualized objects to construct the file system.

Both the kernel and the supervisor have certain responsibilities for system security. The kernel manages all physical resources, and the kernel is distributed (i.e., included) in the address space of every process. At this level, isolation of the kernel -- protection from users and the supervisor -- must be provided by hardware enforced domains. The design of the system is strictly hierarchical (viz., the kernel is more privileged than the supervisor) so protection rings, as defined for Multics [6], are a satisfactory domain implementation.

The kernel has the responsibility for the enforcement of access limitations: that is, the kernel provides the mechanism for supporting non-discretionary security policy. The SASS kernel can support any such policy which can be expressed by a lattice of access classes [7]. Every object -process, segment, or device -- has a non-forgable label that denotes its access class. This non-discretionary security has been parameterized in SASS such that exactly one module has knowledge of the interpretation of this label in terms of a specific policy. Thus, only this single module need be tailored to support a particular policy.

- ix -

SASS provides discretionary security (shared access within the bounds of non-discretionary policy based on individual user identification) via the supervisor and the file structure. This discretionary security is completely outside of the kernel (in contrast with the KSOS [8] approach).

The supervisor handles the "Secure Reader-Writer Problem" with a non-exclusionary approach (one writer, retry on read) to provide synchronization between processes of different access classes. This control of interprocess communication is implemented via kernel primitives using Reed's eventcounts and sequencers [9].

The SASS supervisor capabilities are achieved by associating two processes with each host link. These processes access that portion of the SASS file structure associated with that host. One of these processes provides I/O transmission and link management, while the other, a file manager, is responsible for the file system structure of its associated host. Communication between these processes (as is communication between all processes) is achieved using shared segments -- a mailbox. Synchronization is provided by the kernel (with eventcounts and sequencers).

The complementary kernel/supervisor approach to security has several advantages for SASS: the size and the complexi-

- x -

ty of the kernel can be minimized, and, given reliable host authentication, any host weaknesses will not impact the reliable enforcement of the non-discretionary security policy.

The security kernel approach constrains not only the interface but also the detailed design and implementation of internal state variables. The problem is to prevent indirect information paths between processes with different access classes. We address this problem using essentially the approach detailed by Millen [10], although without the rigor of a proof. Internal state variables, e.g., shared resource tables, are assigned an access class, and it is confirmed that its values will not be reflected to processes of an inconsistent access class. The most apparent result is that the "success code" (returned in response to the invocation of kernel primitives) primarily reflects the state of the per-process virtual resources, not the shared physical resources.

- xi -

Loop Free Organization

Another aspect of the design that has helped to keep the security kernel simple and understandable is the loop-free structure of SASS. The loop-free design supports the software engineering concept of "information hiding" [11], as there are really no global data structures within SASS. The kernel is internally organized into four distinct layers, as illustrated in Figure 3: these layers, that will be described below, are termed (1) segment and event managers, (2) traffic controller, (3) memory manager, and (4) inner traffic controller.

In practice we have been quite doctrinaire in enforcement of the loop-free structure for this organization. While many operating systems claim to be modular or well-structured, we empirically validate this claim. We "peel-off" the upper layers one at a time by literally removing the code and data, and then demonstrate that the remainder can be loaded and run as a functionally intact, but obviously limited, operating system subset. The function of each layer will now be described, proceeding from the bottom upward.

- xii -



Figure 3: Internal Kernel Organization

- xiii -

Inner Traffic Controller. Processor multiplexing has two layers, similar to those proposed for Multics [12]. Each physical processor has a fixed number of "virtual processors" that are multiplexed onto it. Iwo of these virtual processors are dedicated to system services: an idle virtual processor and a memory manager process to manage the asynchronous access to secondary storage devices. The remaining virtual processors (currently two per physical processor) are available to the (upper level) traffic controller. The inner traffic controller provides signal and wait synchronization primitives that include a message that is passed between virtual processors. In terms of traditional jargon, the inner traffic controller provides multiprogramming by scheduling virtual processors to run on the CPU they are (permanently) associated with. Note that this structure implies that the security kernel is interruptible, viz., is not a critical section; however, the inner traffic controller itself is not interruptible. In addition, this layer provides all the multiprocessing interactions between individual physical processors, using a hardware "preempt" interrupt.

<u>Memory Manager</u>. This layer manages the multiplexing of the physical storage resources, viz., "disk" and "core". This layer also manages the segment descriptors in the memory management unit (MMU) image for each process. Most of the functions of this layer are executed by the per-CPU memory

- xiv -

manager processes, with synchronization provided by inner traffic controller signal and wait primitives. The single board computers have per-processor, local memory; there is also additional global memory that is addressable by all processes. The memory manager insures that (only) shared segments are in global memory.

This policy can require some transfers between local and global memory; however, the low transaction rate of the archival storage system is not demanding, and this structure minimizes bus transfer requirements under expected operating conditions.

<u>Traffic Controller</u>. The variable number of processes (two per host) are multiplexed onto virtual processors defined by the inner traffic controller. Each process has an affinity to the physical processor whose local memory contains a portion of its address space at the time of the process scheduling decision. As indicated earlier, the traffic controller layer uses Reed's advance and await mechanism [9] to provide interprocess communication.

Segment and Event Managers. All entries into the kernel pass through the segment/event manager layer. The explicit non-discretionary security checks are made at this level by comparing the access class labels of subjects and objects. This layer uses a per-process known segment table to convert

- xv -

process local names (viz., segment number) for objects into system-wide names. Each segment has associated with it two eventcounts and a sequencer; thus, segment numbers also serve as their names. The segment manager provides for the creation and deletion of segments and their entry into and removal from a process address space.

<u>Gate Keeper</u>. A process invokes a security kernel function using the traditional trap mechanism. The Z8000 "system call" instruction causes a trap, and the gate keeper is merely the trap handler. All parameters and return values are "passed by value" in CPU registers; this simplifies security validation. The gate keeper merely calls the particular procedure that corresponds to the requested function. <u>Microprocessor Testbed</u>

One important aspect of this research has been the actual implementation and testing of the concepts developed. Traditionally the implementation of multiple processor structures has been an expensive undertaking. Recently the development of sophisticated microprocessors that feature multiple operating modes, advanced addressing, support of multiple processor configurations, and a standard bus configuration with peripheral support have all made the implementation of advanced operating systems on microprocessor devices possible, and economically feasible.

- xvi -

The processors of SASS all share the same bus; each processor is a commercial single board computer with onboard random access memory. These processors also share a global memory, and certain peripheral devices. This configuration is illustrated in Figure 4.

In general, security kernel based operating systems find three processor-supported execution domains (operating states) highly desirable: for the kernel, supervisor, and applications. This is true of the operating system family discussed here. Currently there are no single chip processors that support three states. This is not a significant problem for SASS, since it is the hosts rather than the SASS system processors that execute user application programs. Under these circumstances a two mode (kernel and supervisor) machine is sufficient. Such architectures are currently available as microprocessors, in particular the Z8000.

Accordingly, we are implementing a multiple microprocessor system to test the SASS concept. The current hardware in use is the AMD 4116 single board computer [13] in a standard Multibus backplane. This configuration has a significant limitation: it does not include the hardware Memory Manager Unit, as described in [2].

- xvii -



Figure 4: Multiprocessor Configuration

----

Currently we simulate in software the memory management unit, so the kernel is not protected from the supervisor as the original design specified. Hardware protection in the form of addressing limitations is available, and has been used in some of the experiments to assure the integrity of the kernel. In this configuration, the hardware protects one half of the local memory from any access when the CPU is operating in the normal mode. Any attempt to access memory which is thus protected generates an interrupt and the fault detection software traps the access. This is adequate for current tests, but a complete memory management system is clearly more desirable. Our experiences on this testbed in terms of performance and software development are discussed further below.

#### THE SASS EXPERIENCE

The lessons learned to this point fall into two broad categories: programming (software engineering) experiences, and performance experiences. We will discuss both of these issues below.

# Programming Experiences

The nature of this research effort has been highly structured, emphasizing modularity at every opportunity. The software design is strictly "top-down". This has been a

- xix -

matter of good design practice, and of necessity. Since the majority of the work has been performed by a succession of Master's degree students [14,15,16,17,18,19] during their brief six to nine months of research each, the clear definition of software modules has been key to the success of the effort. We have found that the high degree of modularity has allowed the students to work on the project with a minimum of "start-up" time, and a maximum of productive effort and learning.

The actual implementation is proceeding in an essentially bottom up manner, with test harnesses and stubs being written as necessary for testing. The SASS modules were specified in a pseudo-language resembling current higher level languages. The SASS modules as implemented were coded in PLZ-ASM [20], the Z8000 structured assembly language. We found that the pseudo-code specifications of modules were adequate, and that the translation from this code to the structured assembly language was straightforward.

The structured assembly language of the Zilog Z8000 supported many of the constructs usually thought to be unique to higher level languages, including typed record structures, DO-loops, IF-THEN-ELSE, and CASE. In fact, our programmers think of this assembly language as a higher level language. Approximately 40 percent of the statements written in SASS are equivalent to statements in modern programming languages.

Despite the qualities of the structured assembler, it was selected by default. When the decision was made, the prototype hardware boards were just becoming available. There was virtually no software support available. In particular, no higher level language was available. The software environment was (by modern standards) very primitive, with no tools for operating system development available. Nevertheless, the progression from microprocessor development system to commercial single board computer system has been surprisingly smooth (an opinion that some students might dispute). The software development environment has grown slowly. Yet, this has not proved to be a handicap.

-xxi -

# Performance Issues

In the programming for the SASS, we have generally treated performance as a secondary issue, in deference to more basic concerns such as security and modularity. However, we have addressed performance on a design level where performance is strongly related to architectural choices.

Obviously, one basic design choice is the use of multiprocessing as a way to increase processing capacity. However, bus contention is a major performance concern in the multiprocessor configurations, since all processors share a single Multibus. If, for example, all code and data were located in global memory, then even two or three processors would saturate the bus. However, in reality only shared, writable segments need be in global memory. Our use of a purely virtual, segmented memory permits the kernel to determine exactly which are the shared, writable segments. As noted before, the memory manager layer totally controls the allocation to global memory, and thus markedly controls bus contention.

In the current SASS implementation we use the "Normal" and "System" modes of the Z8000 hardware, with the system mode dedicated to the security kernel. The domain changes automatically generate a switch of the stack within the

- xxii -

hardware. This is particularly important to the efficiency with which we can switch domains while maintaining the integrity of the kernel.

In SASS a process switch is achieved by switching the stack. SASS saves the process history in the stack, so a switch requires only the stack exchange. Preempt hardware interrupts can initiate scheduler changes, and associated virtual interrupts to the virtual processors. This sequence is relatively efficient given the Zilog architecture. The process switching performance question is more interesting in the context of processor multiplexing.

The multiprogramming time is the interval from the time the inner traffic controller signal primitive is invoked in one virtual processor until there is a return from a (pending) wait invocation in a different virtual processor. This includes both process switching and message passing operations.

For interprocess communication, the read and ticket calls (from the normal mode) include a system call though the gate keeper to the kernel, the non-discretionary security checks, and access to the eventcount or sequencer value; however, no process switch is involved. The synchronization time includes the interval from the invocation of the system call

- xxiii -

(in normal mode) for advance in one process until the return from a (blocking) await invocation in a different process. This includes the security checks and scheduling of both a virtual and a physical processor.

A set of measurements on the current implementation are summarized in Table 1. There has been no effort to "tune" the system to improve performance. We find these results within our range of expectations for a single chip microprocessor.

| Function                              | <u>Time</u> | ( <u>milliseconds</u> ) |
|---------------------------------------|-------------|-------------------------|
| Multiprogramming<br>signal/wait pair  |             | 0.5                     |
| Synchronization<br>advance/await pair |             | 2.3                     |
| Read (Eventcount)                     |             | 0.6                     |
| Ticket (Sequencer)                    |             | 0.5                     |

Table 1. Performance Measurements

- xxiv -

#### SUMMARY

A modern operating system featuring kernel based security, segmented memory and multiple processors has been designed and is being implemented using modern microprocessors. To date our focus on methodical design has paid off: the implementation of a carefully designed, simple structure using elementary software development tools has proceeded well.

The initial testbed implementation is running and preliminary data is now available regarding the operating performance of such systems implemented on microprocessors of advanced architectures. Data gathered suggests that the security kernel is indeed an attractive structure for a modern operating system. There is a wide range of applications where sophisticated operating systems can be implemented upon microprocessors, and attractive performance can be achieved, particularly through the use of multiple processors.

- xxv -

# ACKNOWLEDGMENTS

The authors would like to acknowledge the many long hours of work and dedicated effort contributed by E. E. Moore, A. V. Gary, S. L. Reitz, J. T. Wells, and A. R. Strickler, the students of the SASS project. Without their dedication, ideas and effort, this project would never have been able to progress. Specifically, we would like to acknowledge the contributions of Ms. C. Yamanaka and Ms. N. Seydel, whose typing and assistance were invaluable. This research was partially supported by grants from the Office of Naval Research, Project No. 427-001, monitored by Mr. Joel Trimble, and the Naval Postgraduate School Research Foundation.

- xxvi -

#### REFERENCES

- [1] Schell, R. R. and Cox, L. A. "A Secure Archival Storage System," PROCEEDINGS OF COMPCON FALL, September 1980.
- [2] O'Connell, J. S. and Richardson, L. D., <u>Distributed</u>, <u>Secure Design for a Multi-microprocessor Operating Sys-</u> <u>tem</u>, Master of Science Thesis, Naval Postgraduate School, June 1979.
- [3] Schell R. R., Kodres, U. R., Amir, H., Wasson, J., and Tao, T. F., "Processing of Infrared Images by Multiple Microcomputer System, Proceedings SPIE Symposium, "Real-Time Signal Processing III," Vol. 241, (1980), pp. 267-278.
- [4] Peuto, B. L., "Architecture of a New Microprocessor," <u>Computer</u>, Vol. 12, No. 2, February 1979, p. 10.
- [5] Schell, R. R., "Security Kernels: A Methodical Design of System Security," USE Technical Papers (Spring Conference, 1979), March, 1979, pp. 245-250.
- [6] Schroeder, M. D. and Saltzer, J. H., "A Hardware Architecture for Implementing Protection Rings," <u>Communications of the ACM</u>, Vol. 15, No. 3, March 1972, pp. 157-170.
- [7] Denning, D. F., "A Lattice Model of Secure Information Flow," <u>Communications of The ACM</u>, Vol. 19, May 1976, pp. 236-242.

- [8] McCauley E. J. and Drongowski, P. J., "KSOS The Design of a Secure Operating System," Proceedings of the National Computer Conference, 1979, pp. 345-371.
- [9] Reed, P. D. and Kanodia, R. K., "Synchronization with Eventcounts and Sequencers," <u>Communications of the ACM</u>, Vol. 22, No. 2, February, 1979, pp. 115-124.
- [10] Millen, J. K., "Security Kernel Validation in Practice," <u>Communications of the ACM</u>, Vol. 19, No. 5, May 1976, pp. 243-250.
- [11] Parnas, D. L., "On the Criteria to be Used in Decomposing Systems into Modules," <u>Communications of the ACM</u>, Vol. 15, No. 12, December 1972, pp. 1053-1058.
- [12] Schroeder, M. D. et. al., "The Multics Kernel Design Project," Proc. Sixth ACM Symposium on Operating Systems Principles, November 1977, pp. 43-56.
- [13] Advanced Micro Devices, Am 96/4116, Am Z8000 16-Bit MonoBoard Computer User's Manual, 1980.
- [14] Parks, E. J., <u>The Design of a Secure File Storage System</u>, Master of Science Thesis, Naval Postgraduate School, December 1979.
- [15] Coleman, A. R., <u>Security Kernel Design for a Micropro-</u> cessor-Based, <u>Multilevel Archival Storage System</u>, Mas-

- xxviii -

ter of Science Thesis, Naval Postgraduate School, December 1979.

- [16] Moore, E. E. and Gary, A. V., <u>The Design and Implemen-</u> <u>tation of the Memory Manager for a Secure Archival Sto-</u> <u>rage Systems</u>, Master of Science Thesis, Naval Postgraduate School, June 1980.
- [17] Reitz, S. L., An Implementation of Multiprogramming and Process Management for a Security Kernel Operating System, Master of Science Thesis, Naval Postgraduate School, June 1980.
- [18] Wells, J. T., <u>Implementation of Segment Management for</u> <u>a Secure Archival Storage System</u>, Master of Science Thesis, Naval Postgraduate School, September 1980.
- [19] Strickler, A. R., <u>Implementation of Process Management</u> <u>for a Secure Archival Storage System</u>, Master of Science Thesis, Naval Postgraduate School, March 1981.
- [20] ZILOG, Inc, <u>Z8000 PLZ/ASM Assembly Language Programming</u> <u>Manual</u>, April 1979.

#### FOREWORD

This technical report contains edited segments of four masters' theses:

The Design and Implementation of the Memory Manager for a Secure Archival Storage System by E. E. Moore and A. V. Gary

An Implementation of Multiprogramming and Process Management for a Security Kernel Operating System by S. L. Reitz

Implementation of Segment Management for a Secure Archival Storage System by J. T. Wells

Implementation of Process Management for a Secure archival Storage System by A. R. Strickler

which describe the development and implementation of the Naval Postgraduate School Secure Archival Storage System (SASS). These theses are based upon the design outlined in the Naval Postgraduate School SECURE ARCHIVAL STORAGE SYSTEM Part I - Design - by R. R. Schell and L. A. Cox [17]. This design is updated and presented in detail.

Some sections of each thesis have been excluded in order to eliminate repetition and bulk. Similarly, the program listings in this report represent the current state of the project and do not pertain to any one thesis. An attempt has been made to footnote some discrepancies between the system described by these theses and the current state. However, there may be some details described herein which do not correspond to the current SASS system. Consequently, the reader is advised to consult the individual thesis if more detail on a particular phase of the development is required. A program description document, providing greater clarification of SASS organization and listings, is also available.

- xxxi -

# CONTENTS

| THE               | 5  | STRU        | JCT                                                |                                              |                                           | 0<br>LT                                         |                                 |                                                |                                              |               |                                 |                |                              |                |             | ER I | NE)     | ւ ։<br>•  | F01 | R 1     | A. :  | <b>z</b> 80       | • •                                   | )           | •                                       | •                   | •                 | •               | •                                | ii                                                       |
|-------------------|----|-------------|----------------------------------------------------|----------------------------------------------|-------------------------------------------|-------------------------------------------------|---------------------------------|------------------------------------------------|----------------------------------------------|---------------|---------------------------------|----------------|------------------------------|----------------|-------------|------|---------|-----------|-----|---------|-------|-------------------|---------------------------------------|-------------|-----------------------------------------|---------------------|-------------------|-----------------|----------------------------------|----------------------------------------------------------|
| FOR               | EV | IORE        | )                                                  | •                                            | •                                         | •                                               | •                               | •                                              | •                                            | •             |                                 | •              | •                            | •              | •           | •    | •       | •         | •   | •       | •     | •                 | •                                     | •           | •                                       | •                   | •                 | •               | Х                                | xx                                                       |
|                   |    |             |                                                    |                                              |                                           |                                                 |                                 |                                                | PA                                           | R             | T                               | A              |                              | -              | -           | I    | T       | ROI       | DUC | CTI     | EO I  | N                 |                                       |             |                                         |                     |                   |                 |                                  |                                                          |
| <u>Cha</u>        | pt | er          |                                                    |                                              |                                           |                                                 |                                 |                                                |                                              |               |                                 |                |                              |                |             |      |         |           |     |         |       |                   |                                       |             |                                         |                     |                   |                 | pa                               | ge                                                       |
| I.                | Bł | CKG         | RO                                                 | מ ט                                          | D                                         | •                                               | •                               | ,                                              | •                                            | •             | •                               | ,              | •                            | •              | •           | •    | •       | •         | •   | •       | •     | •                 | •                                     | •           | •                                       | •                   | •                 | •               | •                                | 2                                                        |
| II.               | E  | BASI        | С                                                  | co                                           | N                                         | CE                                              | PI                              | !S                                             | /D                                           | ) E           | F1                              | C N            | II                           | <b>!</b> I(    | S N C       | 5    | •       | •         | •   | •       | •     | •                 | •                                     | •           | •                                       | •                   | •                 | •               | •                                | 6                                                        |
|                   |    |             | PR                                                 |                                              | _                                         |                                                 | -                               |                                                | •                                            | •             |                                 | •              | •                            | •              | •           | •    | •       | •         | •   | •       | •     | •                 | •                                     | •           | •                                       | ٠                   | •                 | •               | •                                | 6                                                        |
|                   |    |             | IN                                                 |                                              |                                           |                                                 |                                 |                                                |                                              |               | EC                              | : U            | RI                           | T              | Y           | •    | ٠       | ٠         | •   | ٠       | •     | ٠                 | •                                     | •           | ٠                                       | •                   | ٠                 | ٠               | •                                | 8                                                        |
|                   |    |             | SE                                                 |                                              |                                           |                                                 |                                 |                                                |                                              |               | •                               | _              | •                            | •              | •           | •    | ٠       | ٠         | •   | ٠       | •     | ٠                 | •                                     | •           | •                                       | •                   | •                 | •               | •                                | 13                                                       |
|                   |    |             | PR                                                 |                                              |                                           |                                                 |                                 |                                                |                                              |               | MA                              | II             | NS                           | ;              | •           | ٠    | ٠       | ٠         | •   | ٠       | ٠     | ٠                 | ٠                                     | •           | •                                       | ٠                   | ٠                 | •               | •                                | 15                                                       |
|                   |    |             | AB                                                 | ST                                           | R                                         | AC                                              | TI                              | 0                                              | N                                            | •             | •                               |                | •                            | ٠              | •           | ٠    | ٠       | ٠         | ٠   | ٠       | ٠     | ٠                 | ٠                                     | ٠           | ٠                                       | ٠                   | •                 | ٠               | ٠                                | 16                                                       |
|                   |    | PAR         | T                                                  | В                                            |                                           |                                                 |                                 | S                                              | EC                                           | : U           | RI                              | 3              | AB                           | C              | II V        | AI   | 2       | ST (      | DR  | G       | 23    | S¥S               | 5TI                                   | em          | DE                                      | 2SI                 | GN                | ī               |                                  |                                                          |
|                   |    |             |                                                    |                                              |                                           |                                                 |                                 |                                                |                                              |               |                                 |                |                              |                |             |      |         |           |     |         |       |                   |                                       |             |                                         |                     |                   |                 |                                  |                                                          |
| <u>Cha</u>        | pt | er          |                                                    |                                              |                                           |                                                 |                                 |                                                |                                              |               |                                 |                |                              |                |             |      |         |           |     |         |       |                   |                                       |             |                                         |                     |                   |                 | pa                               | lde                                                      |
| <u>Cha</u><br>III |    |             | SIC                                                | s                                            | A                                         | SS                                              | C                               | ) ₩                                            | EF                                           | <b>₹ V</b>    | II                              | 2 W 2          |                              | •              | •           | •    | •       | •         | •   | •       | •     | •                 | •                                     | •           | •                                       | •                   | •                 | •               | <u>p</u> a                       | <u>पु</u><br>18                                          |
|                   | •  | BAS         |                                                    |                                              |                                           |                                                 | C<br>•                          | • ₩                                            | EF                                           | ₹ <b>V</b>    | IF.                             | S W            | •                            | •              | •           | •    | •       | •         | •   | •       | •     | •                 | •                                     | •           | •                                       | •                   | •                 | •               | <u>pa</u><br>•                   |                                                          |
| III               | •  | BAS         | RV                                                 | IS                                           | 0                                         | R                                               | •                               | ,                                              | •                                            | •             | •                               | ,              | •                            | •              | •           | •    | •       | •         | •   | •       | •     | •                 | •                                     | •           | •                                       | •                   | •                 | •               | <u>p</u> <u>e</u>                | 18<br>23                                                 |
| III               | •  | BAS         | RV                                                 | IS<br>Le                                     | 0                                         | R<br>MA                                         | N A                             | G                                              | •<br>EB                                      | •             | PF                              | ,<br>20        | •<br>CE                      |                |             | •    | •       | •         | •   | •       | •     | •                 | •                                     | •           | •                                       | •                   | •                 | •               | <u>p</u> a<br>•<br>•             | 18<br>23<br>24                                           |
| III               | •  | BAS         | RV                                                 | IS<br>Le                                     | 0                                         | R<br>MA                                         | N A                             | G                                              | •<br>EB                                      | •             | PF                              | ,<br>20        | •<br>CE                      |                |             | •    | •       | •         | •   | •       | •     | •                 | •                                     | •           | •                                       | •                   | •                 | •               | <u>P</u> đ<br>•<br>•             | 18<br>23                                                 |
| III               | •  | BAS<br>SUPE | RV.<br>FI<br>IN                                    | IS<br>Le<br>PU                               | C:<br>T                                   | R<br>MA<br>⁄O                                   | N A                             | G                                              | •<br>EB                                      | •             | PF                              | ,<br>20        | •<br>CE                      |                |             | •    | • • •   | •         | •   | • • •   | •     | •                 | • • •                                 | •           | •                                       | •                   | •                 | •               | 2 d                              | 18<br>23<br>24                                           |
| III<br>IV.        | GA | BAS<br>SUPE | RV<br>FI<br>IN<br>KE                               | IS<br>LE<br>PU<br>EP                         | O<br>T<br>E                               | R<br>MA<br>⁄O<br>R                              | N A<br>UI                       | G                                              | •<br>EB<br>UT                                | •             | PF                              | ,<br>20        | •<br>CE                      |                |             | •    | • • • • | •         | •   | • • • • | •     | • • • •           | •                                     | •           | •                                       | •                   | •                 | •               | <u>p</u> e<br>•<br>•             | 18<br>23<br>24<br>25                                     |
| III<br>IV.<br>V.  | GA | BAS<br>SUPE | RV<br>FI<br>IN<br>KE<br>RI                         | IS<br>LE<br>PU<br>EP<br>BU                   | C<br>T<br>E<br>T                          | R<br>MA<br>⁄O<br>R<br>ED                        | N A<br>UI<br>K                  | G<br>P<br>(E                                   | ER<br>UT                                     |               | PF<br>PF                        | 20<br>20       | •<br>CE                      |                |             | •    | •       | •         | •   | •       | •     | •                 | •                                     | •           | •                                       | •                   | •                 | •               | <u>p</u> e<br>•<br>•             | 18<br>23<br>24<br>25<br>26<br>28                         |
| III<br>IV.<br>V.  | GA | BAS<br>SUPE | RV<br>FI<br>IN<br>KE<br>RI<br>SE                   | IS<br>Le<br>Pu<br>EP<br>Bu<br>GM             | C<br>T<br>E<br>T                          | R<br>MA<br>⁄O<br>R<br>ED                        | N A<br>UI<br>K                  | IG<br>P<br>IA                                  | EFUT<br>UT<br>RN                             |               | PF<br>PF<br>L                   | 20<br>20<br>20 | •<br>CE                      |                |             | •    | • • • • | • • • • • | •   | • • • • | •     | • • • • •         | •                                     | •           | •                                       | • • • •             | •                 | •               | <u>p</u> a<br>•<br>•<br>•        | 18<br>23<br>24<br>25<br>26<br>28<br>29                   |
| III<br>IV.<br>V.  | GA | BAS<br>SUPE | RV<br>FI<br>IN<br>KE<br>RI<br>SE<br>EV             | IS<br>LE<br>PU<br>EP<br>BU<br>GM             | C<br>T<br>E<br>T<br>E<br>T                | R<br>MA<br>⁄O<br>R<br>ED<br>NT<br>M             | N A<br>UI<br>K<br>A N           | IG<br>P<br>IA                                  | EB<br>UT<br>RN<br>NA<br>GE                   | IE<br>IG<br>R | PF<br>PF<br>L<br>EF             | ,<br>20<br>20  | CF<br>CF                     | •              | 5<br>•<br>• | •    | •       | •         | •   | •       | • • • | •<br>•<br>•<br>•  | •<br>•<br>•<br>•                      | •           | •                                       | • • • • •           | •                 | • • • • • •     | 2 de                             | 18<br>23<br>24<br>25<br>26<br>28<br>29<br>32             |
| III<br>IV.<br>V.  | GA | BAS<br>SUPE | PI<br>IN<br>KE<br>CRI<br>SE<br>EV<br>NO            | IS<br>LE<br>PU<br>EP<br>BU<br>GM             | C<br>T<br>E<br>T<br>D                     | R<br>MA<br>/O<br>R<br>ED<br>NT<br>IS            | N A<br>UI<br>K<br>A N<br>C B    | G<br>P<br>I<br>A<br>I<br>A<br>I<br>A<br>I<br>A | EB<br>UT<br>RN<br>NA<br>GE<br>TI             |               | PF<br>PF<br>L<br>EF             |                | CE<br>CE<br>·                | s:             | 5<br>•<br>• | •    | •       | •         |     |         |       |                   | • • • • • • •                         | •           | • • • •                                 | • • • • • •         | • • • •           | • • • • • • • • | ра<br>•<br>•<br>•<br>•           | 18<br>23<br>24<br>25<br>26<br>28<br>29<br>32<br>33       |
| III<br>IV.<br>V.  | GA | BAS<br>SUPE | RV<br>FI<br>IN<br>KE<br>RI<br>SE<br>EV<br>NO<br>TR | IS<br>LE<br>PU<br>EP<br>BU<br>GM<br>EN<br>AF | C<br>T<br>E<br>T<br>D<br>F                | R<br>MA<br>/O<br>R<br>ED<br>NT<br>IS<br>IC      | NA<br>UI<br>K<br>AN<br>CE       | G<br>P<br>C<br>E<br>I<br>A<br>E<br>C<br>C      | EB<br>UT<br>RN<br>NA<br>GE<br>TI             |               | PF<br>PF<br>L<br>EF<br>NA       |                |                              |                |             | •    | •       |           |     |         |       | • • • • • • • • • | • • • • • • • •                       | ·<br>·<br>· | • • • • • • • • • • • • • • • • • • • • | • • • • • • • • •   | • • • • • • • • • | • • • • • • • • | <u>p</u> <u>e</u><br>•<br>•<br>• | 18<br>23<br>24<br>25<br>26<br>28<br>29<br>32<br>33<br>33 |
| III<br>IV.<br>V.  | GA | BAS<br>SUPE | PI<br>IN<br>KE<br>CRI<br>SE<br>EV<br>NO            | IS<br>LEPU<br>EPU<br>BU<br>GM<br>NE          | C<br>T<br>E<br>T<br>E<br>T<br>D<br>F<br>R | R<br>MA<br>/O<br>R<br>ED<br>NT<br>IS<br>IC<br>T | NA<br>UI<br>K<br>AN<br>CE<br>CE |                                                | EB<br>UT<br>RN<br>NA<br>GE<br>TI<br>NT<br>FI |               | PF<br>PF<br>L<br>EF<br>NA<br>OI |                | CF<br>CF<br>·<br>·<br>·<br>· | SI<br>SI<br>SI |             | Ē    |         | •         |     |         |       |                   | · · · · · · · · · · · · · · · · · · · | ·<br>·<br>· | • • • • • • • • •                       | • • • • • • • • • • | • • • • • • • • • | ·<br>·<br>·     | <u>p</u>                         | 18<br>23<br>24<br>25<br>26<br>28<br>29<br>32<br>33       |

- xxxii -

| VII        | •         | 101         | 1-D1     | :51      | RI        | BŪ             | ΤE         | D        | ΚE       | RN  | E   | L               | •   | •          | •   | •        | •       | •      | •   | • | ٠   | •  | •   | • | • | •   | •  | 43         |
|------------|-----------|-------------|----------|----------|-----------|----------------|------------|----------|----------|-----|-----|-----------------|-----|------------|-----|----------|---------|--------|-----|---|-----|----|-----|---|---|-----|----|------------|
|            |           |             | MEN      | IOF      | Y         | MA             | NAC        | GΕ       | R        | PR  | 00  | CES             | 5 S |            | •   | •        | •       | •      | •   | • | •   | •  | •   | • | • | •   | •  | 43         |
| VII        | I.        | S١          | STE      | M        | HA        | RD             | WAI        | RE       | •        | •   |     | •               | •   | •          | •   | •        | •       | •      | •   | • | •   | •  | •   | • | • | •   | •  | 48         |
| IX.        | SI        | UMI         | 1AR Y    | •        | •         | •              | •          | •        | •        | •   | •   | •               | •   | •          | •   | •        | •       | •      | •   | • | •   | •  | •   | • | • | •   | •  | 52         |
| P          | AR        | r (         | -<br>MAN |          |           |                |            |          |          |     |     |                 |     |            |     |          |         |        |     |   |     |    |     |   |   | 101 | RY |            |
|            |           |             | CAN      | AG       | ER        | . r            | UR         | A        | Э        | EL  | UI  | a E             | A   | RC         | -1  | ΤV       | AL      | 2      | TU  |   | 3 1 | 21 | 121 |   | 1 |     |    |            |
| <u>Cha</u> | <u>pt</u> | er          |          |          |           |                |            |          |          |     |     |                 |     |            |     |          |         |        |     |   |     |    |     |   |   |     | pa | lde        |
| х. :       | IN        | <b>r</b> rc | DUC      | TI       | ON        | •              | •          | •        | •        | •   | •   | •               | •   | •          | •   | •        | •       | ٠      | ٠   | • | •   | •  | •   | • | • | •   | •  | 54         |
| XI.        | M         | EMC         | RY       | MA       | NA        | GE             | R J        | P R      | oc       | ES  | S   | DI              | ET  | A J        | [L  | ED       | D       | ES     | IGI | N | •   | •  | ٠   | • | • | •   | •  | 5 <b>7</b> |
|            |           |             | INT      | RO       | DU        | CT             | IOI        | 1        |          |     |     |                 |     |            | •   | •        | •       | •      | •   | • | •   |    | •   |   | • | •   | •  | 57         |
|            |           |             | DES      | IG       | N         | PA             | RAI        | 1 E      | TE       | RS  | 1   | ANE             | )   | DE         | EC. | IS       | 10      | NS     | •   |   | •   | •  | •   | • | • | •   | •  | 60         |
|            |           |             | DAT      | A        | BA        | SE             | S          | •        | •        |     |     |                 |     | •          | •   | •        |         | •      | •   | • |     | •  | •   | • | • | •   | •  | 63         |
|            |           |             |          |          |           |                |            |          |          |     |     |                 |     |            |     |          |         |        |     |   |     |    | •   |   |   |     |    |            |
|            |           |             |          | Lo       | ca        | 1              | ACI        | ti       | ve       | S   | eġ  | ] m e           | en  | t          | T   | ab       | le      | •      | •   | ٠ | •   | •  | ٠   | • | • | ٠   | •  | 68         |
|            |           |             |          |          |           |                |            |          |          |     |     |                 |     |            |     |          |         |        |     |   |     |    |     |   |   |     |    | 69         |
|            |           |             |          |          |           |                |            |          |          |     |     |                 |     |            |     |          |         |        |     |   |     |    |     |   |   |     |    | 71         |
|            |           |             |          |          |           |                |            |          |          |     |     |                 |     |            |     |          |         |        |     |   |     |    |     |   |   |     |    | 74         |
|            |           |             | BAS      |          | : r       | UN             | CTI        | LO       | NS       | •   | _ ' |                 | •   | •          | •   | •        | •       | •      | •   | • | •   | •  | •   | ٠ | • | •   | •  | 75         |
|            |           |             |          |          | ea        | τe<br>+ ο      | ai         | 1        | AL<br>Al | ia  | S   | 10              |     | 16         | 3   | En<br>En | τΓ<br>+ | Y<br>v | •   | • | •   | •  | •   | • | • | •   | •  | 78<br>80   |
|            |           |             |          | De<br>No | :10<br>+i | 112<br>172     | ىە<br>+ م  | 1        | ат<br>с  | + a | 3   | o<br>≜ar        |     | <b>T</b> 4 | -   | сп       | 61      | X      | •   | • | •   | •  | •   | • | • | •   | •  | 83         |
|            |           |             |          | De       | ac        | • 4 4<br>1 + 1 | vai<br>vai | a<br>F P | Э        | ey  | 00  | 2 41 V<br>7 M A | תב  | +          | •   | •        | •       | •      | •   | • | •   | •  | •   | • | • | •   | •  | 87         |
|            |           |             |          | SW       | ap        | a              | Se         | e c      | me       | nt  |     | [n              |     |            |     |          |         |        |     |   | •   |    | •   | • | • |     | •  | 91         |
|            |           |             |          | Sw       | ap        | a              | Se         | 50       | me       | nt  | . ( | <br>Du1         | 2   |            | Ţ   |          |         |        |     |   |     |    |     |   |   |     |    | 91<br>95   |
|            |           |             |          | De       | ac        | ti             | val        | te       | A        | 11  |     | Sec             | IM  | er         | it. | s        |         |        |     | • | •   |    | •   |   |   |     |    | 98         |
|            |           |             |          | Mo       | ve        | a              | Se         | εq       | me       | nt  | ť   | :0              | G   | 10         | b   | al       | M       | em     | ory | 7 | •   | •  | •   | • | • | •   | •  | 99         |
|            |           |             |          | Mo       | ve        | a              | Se         | эģ       | me       | nt  | 1   | to              | L   | 00         | a.  | 1        | Me      | mo     | гу́ | • | •   | •  | •   | • |   |     | 1  | 01         |
|            |           |             |          | Up       | da        | te             | t          | ıe       | M        | MU  | 3   | Ema             | aq  | е          |     |          |         |        | •   |   |     |    |     |   | • |     | 1  | 02         |
|            |           |             | SUM      | MA       | RY        | •              | •          | •        | •        | •   | •   | •               | •   | •          | •   | •        | •       | •      | •   | • | •   | •  | •   | • | • | ٠   | 1  | 103        |
| XII        |           | STA         | TUS      | 0        | F         | RE             | SE         | A R      | СН       | •   | •   | • •             | •   | •          | ٠   | •        | •       | •      | •   | • | •   | •  | •   | • | • | •   | 1  | 05         |
|            |           |             | CON      | CI       | us        | το             | NS         |          |          |     |     |                 |     |            |     |          |         | -      |     |   |     |    |     |   |   |     | 1  | 105        |
|            |           |             | FOL      |          |           |                |            |          |          |     |     |                 |     |            |     |          |         |        |     |   |     |    |     |   |   |     |    | 07         |
|            |           |             |          |          |           |                |            |          |          |     |     |                 |     |            | _   |          |         |        |     |   |     |    |     |   |   |     |    |            |

PART D -- AN IMPLEMENTATION OF MULTIPROGRAMMING AND PROCESS MANAGEMENT FOR A SECURITY KERNEL OPERATING SYSTEM

#### Chapter page 112 . 114 Virtual Processor Table (VPT) ... 114 118 Getwork . . . . . 119 . . . . . . Virtual Processor Instruction Set 126 Wait . . . . . . . . 127 . Signal . . . . 130 SWAP VDBR . . . 131 . . . . . IDLE . . . . . . 133 . . . SET VPREEMPT .... 134 TEST VPREEMPT . . . . . 135 TRAFFIC CONTROLLER . . 138 . . . • • • • • Active Process Table (APT) . . 138 . . . Level-2 Scheduling . . . . 141 . . . TC\_GETWORK . . . 141 • . . . . . TC\_PREEMPT\_HANDLER . 143 . . . . . . . . . Eventcounts . . . . . 145 . . . . . . Advance . 145 . . . . . • . . . . Await . . 146 Read 146 Ticket . . . . . . . 146 • • • . . . SYSTEM INITIALIZATION . . . . . . . 147 151 151 . . . . . . FOLLOW ON WORK 152 . . . . . . . . . . . . PART E --IMPLEMENTATION OF SEGMENT MANAGEMENT FOR A SECURE ARCHIVAL STORAGE SYSTEM Chapter page XVII. SEGMENT MANAGEMENT FUNCTIONS . . . . . . . . . . . 155 155 SEGMENT MANAGER . . . . . . Function . . . . . 155 . . 156 . . NON-DISCRETIONARY SECURITY MODULE . 160 MEMORY MANAGER . . . 161 . . . . • • • • . . .

- xxxiv -

. . . . . . . . .

161

162

. . . . . . . . . . . .

. . . . . . .

Function . . . . .

Databases

|                          |            |                                      | SUM                                         | 1 M A                                                            | RY                                                   | •                                              |     | •                   | •                                               | •                                             | •                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                | •                                            | •                                       | •                                                                                                                                                                                                                                                                                                                                                                                                   | ٠                                         | •                                                 | •                             | •                     |                     | •        | •                            | •                                     | •                 | •        | •        | •   | •                                     | 166                                                                      |
|--------------------------|------------|--------------------------------------|---------------------------------------------|------------------------------------------------------------------|------------------------------------------------------|------------------------------------------------|-----|---------------------|-------------------------------------------------|-----------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------|-----------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------|---------------------------------------------------|-------------------------------|-----------------------|---------------------|----------|------------------------------|---------------------------------------|-------------------|----------|----------|-----|---------------------------------------|--------------------------------------------------------------------------|
| XVI                      | II         | . :                                  | SEGM                                        | IEN                                                              | T                                                    | MA                                             | N   | AG                  | EN                                              | 1E)                                           | NT                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               | I                                            | MP                                      | LE                                                                                                                                                                                                                                                                                                                                                                                                  | ME                                        | NT                                                | A 1                           | IO.                   | N                   |          | •                            | •                                     | •                 | •        | •        | •   | ٠                                     | 167                                                                      |
|                          |            |                                      | IME                                         | LE                                                               | ME                                                   | NI                                             | A:  | ΓI                  | 01                                              | 1                                             | ISS                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              | 5 IJ                                         | ES                                      |                                                                                                                                                                                                                                                                                                                                                                                                     | •                                         | •                                                 |                               | •                     |                     | •        |                              | •                                     | •                 | •        |          | •   | •                                     | 167                                                                      |
|                          |            |                                      |                                             | In                                                               | te                                                   | IT                                             |     | oc                  | es                                              | 55                                            | Me                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               | es                                           | sa                                      | qe                                                                                                                                                                                                                                                                                                                                                                                                  | s                                         |                                                   |                               |                       |                     | •        |                              |                                       | •                 |          |          | •   |                                       | 168                                                                      |
|                          |            |                                      |                                             | St                                                               | ru                                                   | ict                                            | u   | re                  | S                                               | a                                             | s i                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              | Ar                                           | qu                                      | ne                                                                                                                                                                                                                                                                                                                                                                                                  | nt                                        | s                                                 |                               |                       |                     | •        | •                            |                                       |                   |          |          |     |                                       | 170                                                                      |
|                          |            |                                      |                                             | Re                                                               | en                                                   | tr                                             | a   | nt                  | 0                                               | 20                                            | de                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               |                                              |                                         |                                                                                                                                                                                                                                                                                                                                                                                                     |                                           |                                                   |                               |                       |                     |          |                              |                                       |                   |          |          |     |                                       | 170                                                                      |
|                          |            |                                      |                                             | Pr                                                               | oc                                                   | es                                             | ss  | S                   | tı                                              | zu (                                          | cti                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              | 11                                           | e                                       | of                                                                                                                                                                                                                                                                                                                                                                                                  | t                                         | he                                                | Ľ                             | lem                   | 01                  | c y      | M                            | a                                     | nac               | lei      | C        |     |                                       | 171                                                                      |
|                          |            |                                      |                                             | Pe                                                               | I-                                                   | PI                                             | :00 | ce                  | SS                                              | 5                                             | Kno                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              | D ₩                                          | n                                       | Se                                                                                                                                                                                                                                                                                                                                                                                                  | qm                                        | en                                                | t                             | Ta                    | b]                  | Le       |                              | •                                     |                   |          |          |     |                                       | 172                                                                      |
|                          |            |                                      |                                             | DB                                                               | R                                                    | На                                             | n   | <b>d</b> 1          | е                                               |                                               |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  |                                              |                                         |                                                                                                                                                                                                                                                                                                                                                                                                     | ٠.                                        |                                                   |                               |                       |                     |          |                              |                                       |                   |          |          |     |                                       | 172                                                                      |
|                          |            |                                      | SEG                                         | ME                                                               | NT                                                   | N                                              | A   | NA                  | GI                                              | ER                                            | MO                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               | D C                                          | UL                                      | E                                                                                                                                                                                                                                                                                                                                                                                                   |                                           |                                                   |                               |                       |                     | -        |                              |                                       |                   |          |          |     | Ĩ                                     | 173                                                                      |
|                          |            |                                      |                                             | CT                                                               | ea                                                   | te                                             |     | а.<br>Э             | Se                                              | a                                             | met                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              | n +                                          |                                         | -                                                                                                                                                                                                                                                                                                                                                                                                   |                                           |                                                   |                               |                       |                     |          | -                            |                                       |                   |          | Ţ        | Ĩ   | Ĩ                                     | 174                                                                      |
|                          |            |                                      |                                             | De                                                               | 10                                                   | + -                                            |     |                     | Se                                              | - 3.                                          | mor                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |                                              |                                         |                                                                                                                                                                                                                                                                                                                                                                                                     | •                                         |                                                   |                               |                       |                     | •        | •                            | •                                     | •                 | •        |          | •   | •                                     | 177                                                                      |
|                          |            |                                      |                                             | Ma                                                               | ko                                                   |                                                |     | -<br>               | a.                                              | - 91                                          |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  | r c<br>R                                     | no.                                     | י<br>איז א                                                                                                                                                                                                                                                                                                                                                                                          | •                                         | •                                                 | •                             | •                     | •                   | •        | •                            | •                                     | •                 | •        | •        | •   | •                                     | 178                                                                      |
|                          |            |                                      |                                             | Ma                                                               | ko                                                   |                                                |     | 20                  | 9                                               |                                               | nt.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              | - 71                                         | in k                                    | n 0                                                                                                                                                                                                                                                                                                                                                                                                 | •<br>4 n                                  |                                                   | •<br>ጥ c                      | •                     |                     | •        | •                            |                                       | •                 | •        | •        | •   | •                                     | 181                                                                      |
|                          |            |                                      |                                             | Cu                                                               | 20                                                   |                                                |     | 50                  | 94                                              |                                               | ць.<br>n+                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        | T                                            | ш <b>л</b>                              | 10                                                                                                                                                                                                                                                                                                                                                                                                  | W 11                                      | l                                                 | Te                            | а <b>т</b> . Ш        | -                   | a        | LE                           | :)                                    | •                 | ٠        | ٠        | •   | •                                     | 182                                                                      |
|                          |            |                                      |                                             | 3 W<br>C 11                                                      | ap                                                   | a<br>                                          |     | 50                  | 94                                              |                                               |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  | 1                                            | . 44<br>                                | •                                                                                                                                                                                                                                                                                                                                                                                                   | •                                         | •                                                 | ٠                             | •                     | •                   | •        | •                            | •                                     | •                 | •        | ٠        | •   | •                                     | 183                                                                      |
|                          |            |                                      | NON                                         |                                                                  |                                                      |                                                |     |                     |                                                 |                                               |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  |                                              |                                         |                                                                                                                                                                                                                                                                                                                                                                                                     |                                           |                                                   |                               |                       |                     |          |                              |                                       |                   |          |          |     |                                       | 183                                                                      |
|                          |            |                                      | non                                         |                                                                  |                                                      |                                                |     |                     |                                                 |                                               |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  |                                              |                                         |                                                                                                                                                                                                                                                                                                                                                                                                     |                                           |                                                   |                               |                       |                     |          |                              |                                       |                   |          |          |     |                                       |                                                                          |
|                          |            |                                      |                                             |                                                                  |                                                      |                                                |     |                     |                                                 |                                               |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  |                                              |                                         |                                                                                                                                                                                                                                                                                                                                                                                                     |                                           |                                                   |                               |                       |                     |          |                              |                                       |                   |          |          |     |                                       | 186                                                                      |
|                          |            |                                      |                                             |                                                                  |                                                      |                                                |     |                     |                                                 |                                               |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  |                                              |                                         |                                                                                                                                                                                                                                                                                                                                                                                                     |                                           |                                                   |                               |                       |                     |          |                              |                                       |                   |          |          |     |                                       | 186                                                                      |
|                          |            |                                      | DIS                                         |                                                                  |                                                      |                                                |     |                     |                                                 |                                               |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  |                                              |                                         |                                                                                                                                                                                                                                                                                                                                                                                                     |                                           |                                                   |                               |                       |                     |          |                              |                                       |                   |          |          |     |                                       | 187                                                                      |
|                          |            |                                      |                                             |                                                                  |                                                      |                                                |     |                     |                                                 |                                               |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  |                                              |                                         |                                                                                                                                                                                                                                                                                                                                                                                                     |                                           |                                                   |                               |                       |                     |          |                              |                                       |                   |          |          |     |                                       | 188                                                                      |
|                          |            |                                      |                                             |                                                                  |                                                      |                                                |     |                     |                                                 |                                               |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  |                                              |                                         |                                                                                                                                                                                                                                                                                                                                                                                                     |                                           |                                                   |                               |                       |                     |          |                              |                                       |                   |          |          |     |                                       | 190                                                                      |
|                          |            |                                      | SUM                                         | IMA                                                              | RY                                                   | •                                              |     | •                   | •                                               | •                                             | •                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                | •                                            | •                                       | •                                                                                                                                                                                                                                                                                                                                                                                                   | •                                         | •                                                 | •                             | •                     | •                   | •        | •                            | •                                     | •                 | •        | •        | •   | •                                     | 192                                                                      |
|                          |            |                                      | _                                           |                                                                  |                                                      |                                                |     |                     |                                                 | _                                             |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  |                                              |                                         |                                                                                                                                                                                                                                                                                                                                                                                                     |                                           |                                                   |                               |                       |                     |          |                              |                                       |                   |          |          |     |                                       |                                                                          |
| XIX                      | • (        | CON                                  | ICLU                                        | SI                                                               | ON                                                   | S                                              | A   | ND                  | I                                               | 201                                           | L                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                | ) M                                          | 0                                       | N                                                                                                                                                                                                                                                                                                                                                                                                   | WO                                        | RK                                                | •                             | ٠                     | •                   | •        | •                            | •                                     | •                 | •        | ٠        | •   | ٠                                     | 193                                                                      |
|                          |            |                                      |                                             | SI                                                               |                                                      |                                                |     |                     |                                                 |                                               |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  |                                              |                                         |                                                                                                                                                                                                                                                                                                                                                                                                     |                                           |                                                   |                               |                       |                     |          |                              |                                       |                   |          |          |     |                                       |                                                                          |
|                          |            | CON<br>RT                            |                                             | SI<br>                                                           |                                                      | IN                                             | IPI | LE                  | ME                                              | ENC                                           | FAT                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              | CI.                                          | ดพ                                      | 0                                                                                                                                                                                                                                                                                                                                                                                                   | P                                         | PR                                                | 00                            | ES                    | S                   | M        | a n                          | A                                     | GEN               |          |          |     |                                       |                                                                          |
|                          |            |                                      |                                             | SI<br>                                                           |                                                      | IN                                             | IPI | LE                  | ME                                              | ENC                                           |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  | CI.                                          | ดพ                                      | 0                                                                                                                                                                                                                                                                                                                                                                                                   | P                                         | PR                                                | 00                            | ES                    | S                   | M        | a n                          | A                                     |                   |          |          |     |                                       |                                                                          |
|                          |            |                                      |                                             |                                                                  |                                                      | IN                                             | IPI | LE                  | ME                                              | ENC                                           | FAT                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              | CI.                                          | ดพ                                      | 0                                                                                                                                                                                                                                                                                                                                                                                                   | P                                         | PR                                                | 00                            | ES                    | S                   | M        | a n                          | A                                     |                   |          |          |     |                                       |                                                                          |
|                          | PA         | RT                                   |                                             |                                                                  |                                                      | IN                                             | IPI | LE                  | ME                                              | ENC                                           | FAT                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              | CI.                                          | ดพ                                      | 0                                                                                                                                                                                                                                                                                                                                                                                                   | P                                         | PR                                                | 00                            | ES                    | S                   | M        | a n                          | A                                     |                   |          |          |     |                                       |                                                                          |
|                          | PA:        | RT<br><u>et</u>                      | P                                           |                                                                  |                                                      | IM<br>SE                                       | IP1 | LE<br>JR            | n e                                             | AI                                            | RCE                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              | II<br>II                                     | ON<br>VA                                | 0<br>L                                                                                                                                                                                                                                                                                                                                                                                              | P<br>St                                   | PR<br>OR                                          | OC<br>≩G                      | ES<br>E               | <b>S</b><br>51      | M<br>IS  | A N<br>T E                   | A (                                   | GEM               | IEI      | TR       | PC  | R                                     | A                                                                        |
| <u>Cha</u>               |            | RT<br><u>et</u><br>NTR               | F                                           |                                                                  | 10                                                   | IM<br>SE<br>N                                  |     | LE<br>JR            | 1 E                                             | A I                                           | rat<br>RCB                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       |                                              | ON<br>VA                                | 0<br>L                                                                                                                                                                                                                                                                                                                                                                                              | P<br>St                                   | PR<br>OR                                          | OC<br>≩G                      | ES<br>E               | <b>S</b><br>51      | M<br>IS  | A N<br>T E                   | A (                                   | GEM               | IEI      | TR       | PC  | R                                     | A<br>page                                                                |
| <u>Cha</u><br>XX.        |            | RT<br><u>et</u><br>NTR               | F                                           | <br>ICT<br>IEN                                                   | IO<br>TA                                             | IM<br>SE<br>N<br>TI                            |     | LE<br>JR            | NF<br>E                                         | AI                                            | rat<br>RCE                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       |                                              | ON<br>VA                                | 0<br>L                                                                                                                                                                                                                                                                                                                                                                                              | F<br>ST                                   | PR<br>OR                                          | OC<br>AG                      | ES<br>E               | 5<br>51             |          | AN<br>TE                     | A (                                   | GE M              | IE1<br>• | T K<br>- | P ( | • •                                   | A<br><u>page</u><br>196<br>198                                           |
| <u>Cha</u><br>XX.        |            | RT<br><u>et</u><br>NTR               | F                                           |                                                                  | IO<br>TA<br>AS                                       | IM<br>SE<br>N<br>TI<br>E                       |     |                     | NH<br>E<br>IS<br>TI                             |                                               | TAT<br>RCE                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       |                                              | ON<br>VA<br>TI                          | 0<br>L                                                                                                                                                                                                                                                                                                                                                                                              | P<br>ST                                   | PR<br>OR                                          | OC<br>AG                      | ES<br>E               | s<br>51             | M.<br>CS | 4 N<br>T E                   | · A (                                 | GEM               | IE 1     | TN       | PC  | • •                                   | A <u>page</u> 196 198 198                                                |
| <u>Cha</u><br>XX.        |            | RT<br><u>et</u><br>NTR               | F                                           | <br>ICT<br>IEN<br>AB<br>In                                       | IO<br>TA<br>AS<br>ne                                 | IM<br>SE<br>N<br>TI<br>E                       |     | LE<br>JR<br>N<br>NI | NH<br>E<br>IS<br>TI                             |                                               | LI2                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |                                              | ON<br>VA<br>TI                          | 0<br>L                                                                                                                                                                                                                                                                                                                                                                                              | P<br>ST                                   | PR<br>OR                                          | OC<br>AG                      | ES                    | S<br>S<br>ti        |          | AN<br>TE                     | A (                                   | GEN               |          | TR       | PC  | • •                                   | A <u>page</u> 196 198 198 198 199                                        |
| <u>Cha</u><br>XX.        |            | RT<br><u>et</u><br>NTR               | F                                           | <br>ICT<br>IEN<br>AB<br>In                                       | IO<br>TA<br>AS<br>ne                                 | IM<br>SE<br>N<br>TI<br>E                       |     | LE<br>JR<br>N<br>NI | NH<br>E<br>IS<br>TI                             |                                               | LI2                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |                                              | ON<br>VA<br>TI                          | 0<br>L                                                                                                                                                                                                                                                                                                                                                                                              | P<br>ST                                   | PR<br>OR                                          | OC<br>AG                      | ES                    | S<br>S<br>ti        |          | AN<br>TE                     | A (                                   | GEN               |          | TR       | PC  | • •                                   | A <u>page</u> 196 198 198 198 199                                        |
| <u>Cha</u><br>XX.        |            | RT<br><u>et</u><br>NTR               | F<br>ODU<br>LEM<br>DAT                      | ICT<br>IEN<br>PAB<br>In<br>Tr<br>Ad                              | IO<br>TA<br>AS<br>ne<br>af                           | IM<br>SE<br>N<br>TI<br>E<br>rii<br>ti          |     |                     | MH<br>E<br>IS<br>TI<br>ff<br>or                 |                                               | LI2<br>COl                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       |                                              | ON<br>VA                                | OL<br>ON<br>IO<br>Iz                                                                                                                                                                                                                                                                                                                                                                                | F<br>ST<br>·<br>·<br>·                    | PR<br>OR<br>• • • • • • • • • • • • • • • • • • • | OC<br>AG<br>·<br>·<br>I<br>al | ES<br>E               | S<br>SI<br>ti<br>at |          | AN<br>TE<br>·<br>·           |                                       | GEM               |          | TK       | P ( | • • • • •                             | A <u>page</u> 196 198 198 199 202 205                                    |
| <u>Cha</u><br>XX.        |            | RT<br><u>et</u><br>NTR               | F<br>ODU<br>LEM<br>DAT                      | ICT<br>IEN<br>IN<br>TT<br>Ad                                     | IO<br>TA<br>AS<br>ne<br>af<br>di<br>PT               | IM<br>SE<br>N<br>TI<br>E<br>r<br>fi<br>ti<br>I |     |                     | MH<br>E<br>·<br>IS<br>TI<br>ff<br>or<br>I<br>RF |                                               | LI2<br>COL                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       |                                              | ON<br>VA<br>TII<br>nt<br>er<br>al       | O<br>L<br>·<br>·<br>·<br>·<br>·<br>·<br>·<br>·<br>·<br>·<br>·<br>·<br>·<br>·<br>·<br>·<br>·<br>·                                                                                                                                                                                                                                                                                                    | F<br>ST                                   | PR<br>OR<br>•<br>•<br>•<br>•<br>•                 | OC<br>AG                      | ES<br>E               | S<br>S<br>ti<br>at  |          | AN<br>TE<br>li<br>on<br>re   | A (                                   | GEE               |          | T k      |     | ) R                                   | A <u>page</u> 196 198 198 199 202 205 206                                |
| <u>Cha</u><br>XX.        |            | RT<br><u>et</u><br>NTR               | F<br>ODU<br>LEM<br>DAT                      | ICT<br>IEN<br>AB<br>In<br>Tr<br>Ad<br>EM                         | IO<br>TA<br>AS<br>nef<br>di<br>PT<br>ys              | IM<br>SE<br>N TI<br>E rfii<br>ic               |     |                     | NHE<br>· IS<br>TI<br>for<br>IFF                 |                                               | JES<br>LIZ<br>COJ<br>hit<br>PTS<br>emp                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           |                                              | ON<br>VA<br>TII<br>nt<br>er<br>al       | ON<br>L<br>ON<br>TO<br>I<br>I<br>Z<br>an                                                                                                                                                                                                                                                                                                                                                            | F<br>ST<br>·<br>·<br>·<br>·<br>·          | PR<br>OR<br>ertio.er                              | OC<br>AG                      | ES<br>E               | ti<br>ati           |          | AN<br>TE<br>li<br>n<br>re    | · · · · · · · · · · · · · · · · · · · | GEE<br>ati<br>ent |          | TK       | P ( | ) R<br>•<br>•                         | A<br><u>page</u><br>196<br>198<br>198<br>199<br>202<br>205<br>206<br>207 |
| <u>Cha</u><br>XX.        |            | RT<br><u>et</u><br>NTR               | F<br>CODU<br>PLEM<br>DAT<br>PRE             | ICT<br>IEN<br>AB<br>IN<br>TT<br>Ad<br>Ph<br>Vi                   | IO<br>TA<br>AS<br>affi<br>PT<br>st                   | IM<br>SE<br>N TI<br>E riii<br>ua               |     |                     | NHE<br>· IS<br>TITITI                           |                                               | JES<br>LIZ<br>COL<br>Dit<br>PTS                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  | A Coli                                       | ON<br>VA<br>TI<br>ntral<br>Ha           | ON<br>I<br>I<br>I<br>I<br>I<br>I<br>I<br>I<br>I<br>I<br>I<br>I<br>I<br>I<br>I<br>I<br>I<br>I<br>I                                                                                                                                                                                                                                                                                                   | P ST                                      | PR<br>OR<br>· · · · · · · · · · · · · · · · · · · | OC<br>AG                      | ES<br>E               | tiatu               |          | AN<br>TE                     |                                       | GEM<br>ati<br>ent |          | TK       | P ( | • • • • • • • • • • • • • • • • • • • | A <u>page</u> 196 198 198 198 202 205 206 207 209                        |
| <u>Cha</u><br>XX.        |            | RT<br><u>et</u><br>NTR               | F<br>CODU<br>PLEM<br>DAT<br>PRE<br>IDL      | ICT<br>IEN<br>AB<br>In<br>Tr<br>Ad<br>Ph<br>Vi                   | IO<br>TA<br>AS<br>adi<br>PT<br>St<br>PR              | IM<br>SE<br>N TI<br>E riii<br>uac              |     |                     | ME<br>· IS II<br>fol RPIES                      |                                               | JES<br>LIZ<br>COJ<br>Dit<br>PTS<br>Enpt                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          | A Clist                                      | ON<br>VA<br>TII<br>nt<br>er<br>al<br>Ha | ON<br>I<br>I<br>I<br>I<br>I<br>I<br>I<br>I<br>I<br>I<br>I<br>I<br>I<br>I<br>I<br>I<br>I<br>I<br>I                                                                                                                                                                                                                                                                                                   | PST.                                      | PR<br>OR<br>ertio<br>er                           | OC<br>AG                      | ES<br>E               |                     |          | AN<br>TE                     |                                       | GEM<br>ati        |          | TK       | P ( | • • • • • • • • • • • • • • • • • • • | A <u>page</u> 196 198 198 198 202 205 206 207 209 213                    |
| <u>Cha</u><br>XX.        |            | RT<br><u>et</u><br>NTR               | F<br>CODU<br>PLEM<br>DAT<br>PRE<br>IDL      | ICT<br>IEN<br>AB<br>In<br>Tr<br>Ad<br>Ph<br>Vi                   | IO<br>TA<br>AS<br>adi<br>PT<br>St<br>PR              | IM<br>N TI E riii<br>uac                       |     |                     | ME<br>· IS II<br>fol RPIES                      |                                               | JES<br>LIZ<br>COJ<br>Dit<br>PTS<br>Enpt                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          | A Clist                                      | ON<br>VA<br>TII<br>nt<br>er<br>al<br>Ha | ON<br>I<br>I<br>I<br>I<br>I<br>I<br>I<br>I<br>I<br>I<br>I<br>I<br>I<br>I<br>I<br>I<br>I<br>I<br>I                                                                                                                                                                                                                                                                                                   | PST.                                      | PR<br>OR<br>ertio<br>er                           | OC<br>AG                      | ES<br>E               |                     |          | AN<br>TE<br>·<br>·<br>·      |                                       | GEM<br>ati        |          | TK       | P ( | • • • • • • • • • • • • • • • • • • • | A <u>page</u> 196 198 198 198 202 205 206 207 209                        |
| <u>Cha</u><br>XX.        |            | RT<br><u>et</u><br>NTR               | F<br>CODU<br>PLEM<br>DAT<br>PRE<br>IDL      | ICT<br>IEN<br>AB<br>INT<br>AB<br>INT<br>AD<br>INT<br>AD          | IO<br>TA<br>AS<br>afi<br>PT<br>PR<br>IO              | IM<br>SE<br>N TI<br>E riii<br>uonA             |     |                     | ME · S Ifriese                                  | All<br>SSU<br>IAL<br>III<br>SUI<br>SEE<br>SEE | JES<br>LIZ<br>Colt<br>PTS<br>PAT                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 | A OLI R                                      | ON<br>VA<br>TI<br>ntral<br>Ha<br>EF     | ON<br>I<br>ON<br>I<br>I<br>I<br>N                                                                                                                                                                                                                                                                                                                                                                   | FST                                       | PR<br>OR<br>ertio<br>er<br>EN                     | OCAG                          | ES<br>E               |                     |          | AN<br>TE<br>·<br>·<br>·<br>· |                                       | GEM<br>ati<br>ent |          | TK       | P ( | • • • • • • • • • • • • • • • • • • • | A <u>page</u> 196 198 198 198 202 205 206 207 209 213                    |
| <u>Cha</u><br>XX.<br>XXI | PA:<br>Dt. | RT<br><u>e</u> <u></u><br>NTR<br>IMP | F<br>ODU<br>DAT<br>PRE<br>IDL<br>ADD<br>SUM | ICT<br>IEN<br>AB<br>IN<br>TT<br>Ad<br>Ph<br>Vi<br>E<br>IT        | IO<br>TA<br>AS<br>efi<br>PS<br>TPRO<br>RY            | ISE<br>N I E fii I CaCA.                       |     |                     | ME · S IfriesF ·                                |                                               | JES<br>LIZ<br>Colt<br>PTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>PARTS<br>P | A OLI R .                                    | ON<br>VA<br>TII<br>ntral<br>Ha<br>EF    | ON<br>I<br>I<br>I<br>I<br>N<br>O<br>N<br>I<br>O<br>N<br>I<br>O<br>N<br>I<br>O<br>N<br>I<br>O<br>N<br>I<br>O<br>N<br>I<br>O<br>N<br>I<br>O<br>N<br>I<br>O<br>N<br>I<br>O<br>N<br>I<br>O<br>N<br>I<br>O<br>N<br>I<br>O<br>N<br>I<br>O<br>N<br>I<br>O<br>N<br>I<br>O<br>N<br>O<br>I<br>O<br>N<br>O<br>I<br>O<br>N<br>O<br>I<br>O<br>N<br>I<br>O<br>N<br>O<br>I<br>O<br>N<br>O<br>I<br>O<br>N<br>O<br>N | PST                                       | PROR<br>erio.er<br>EN.                            | OC<br>AG<br>II<br>n           | ES<br>E<br>iniz<br>Re |                     |          | AN<br>TE<br>·<br>·<br>·<br>· |                                       | GEM<br>ati<br>ent |          | Tk       | P ( | • • • • • • • • • • • • • • • • • • • | A <u>page</u> 196 198 198 199 202 205 206 207 209 213 215 217            |
| <u>Cha</u><br>XX.        | PA:<br>Dt. | RT<br><u>e</u> <u></u><br>NTR<br>IMP | F<br>ODU<br>DAT<br>PRE<br>IDL<br>ADD<br>SUM | ICT<br>IEN<br>AB<br>IN<br>TT<br>Ad<br>Ph<br>Vi<br>ET<br>MA<br>SS | IO<br>TA<br>AS<br>efi<br>Protection<br>IO<br>RY<br>M | IN TI E riiuona AN                             |     |                     | ME · S Iffol Frest · ME                         |                                               | FAT<br>RCE<br>JES<br>LIZ<br>COLLIZ<br>COLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ<br>SOLLIZ                                                                                                                                                     | CII<br>· · · · · · · · · · · · · · · · · · · | ON<br>VA<br>TIIntreal<br>Ha<br>EF       | ON<br>I<br>I<br>I<br>I<br>N<br>E<br>M                                                                                                                                                                                                                                                                                                                                                               | PST · · · · · · · · · · · · · · · · · · · | PRR<br>• • • • • • • • • • • • • • • • • • •      | OC<br>AG<br>II<br>n           | ES<br>E<br>Iniz<br>Re |                     |          |                              |                                       | GEE               |          | T K      | P 0 |                                       | A <u>page</u> 196 198 198 199 202 205 206 207 209 213 215 217            |

- xxxv -

|            |              |             | Sι        | ıpp        | or          | t          | P        | r           | c        | ed  | u        | re              | s          | •           | •        |            | •   | •      | •         | •      | • | • | • | • | • | • | • | 221                                                         |
|------------|--------------|-------------|-----------|------------|-------------|------------|----------|-------------|----------|-----|----------|-----------------|------------|-------------|----------|------------|-----|--------|-----------|--------|---|---|---|---|---|---|---|-------------------------------------------------------------|
|            |              |             | Re        | ead        | L.          |            | •        | •           |          | •   |          | •               | •          | •           | •        |            | •   | •      | •         | •      | • | • |   | • | • | • | • | 223<br>223                                                  |
|            |              |             | Ti        | LCk        | et          |            | •        | •           | •        | •   |          | •               | •          | •           | •        |            | •   | •      | •         | •      | • | ٠ | • | • | • | • | • | 223                                                         |
|            |              |             | Av        | rai        | .t          |            | •        | •           |          |     |          | •               | •          | •           |          |            | •   |        |           |        |   |   |   |   |   | • | • | 224                                                         |
|            |              |             | Ac        | lva        | nc          | e          |          | •           | •        | •   | _        | •               | •          | ٠           | ٠        |            | •   | ٠      | ٠         | ٠      | • | • | • | ٠ | ٠ | • | • | 225<br>225                                                  |
|            |              | TRA         | AFI       | ?IC        |             | :0         | NT       | R           | JC       | LE  | R        | M               | 00         | 001         | LE       |            | •   | ٠      | ٠         | ٠      | • | • | • | ٠ | ٠ | ٠ | ٠ | 225                                                         |
|            |              |             | TO        | <u>_</u> G | iet         | W          | or       | ĸ           | ٠        | •   |          | •               | •          | •           | •        |            | •   | •      | ٠         | ٠      | ٠ | ٠ | ٠ | • | ٠ | • | • | 226                                                         |
|            |              |             | TO        | A          | wa          | 1          | t<br>    | •           | •        | •   |          | •               | •          | •           | •        |            | •   | ٠      | ٠         | ٠      | ٠ | ٠ | • | ٠ | ٠ | • | • | 220<br>227<br>228<br>233<br>234<br>235<br>235<br>235<br>236 |
|            |              |             | TC        | )_A        |             | a:<br>.1   | nc<br>a  | e           | •        | •   | -        | •<br>17         | •          | •<br>       | •        | _          | •   | ٠      | ٠         | •      | ٠ | • | • | ٠ | • | ٠ | • | 220                                                         |
|            |              |             | 2 G       |            | .ua         | ц.<br>Ц    | - 2      | 1           | 59<br>D7 | шħ  |          | $\frac{\pi}{3}$ | au         |             | re       | Γ          |     | •      | ٠         | •      | • | • | • | • | • | ٠ | • | 233                                                         |
|            |              | ידת         | ግር<br>የጥና | 2 T R      | 111<br>1111 | Ē          | ny.<br>n | MI          | E M.     |     | v        | M               | T C<br>V V | :5<br>  ] ( | •<br>2 E | P          | • м | •<br>• | י<br>דוור | •<br>F | • | • | • | • | • | ٠ | • | 233                                                         |
|            |              | <i>D</i> 1. | MM        | 4 R        | 01          | . a        | Ē        |             | on<br>Sn | +0  |          | ם<br>חוו        | д ц<br>+   |             | 314      | , TT       |     | .01    |           | نيا ه  | • | • | • | • | • | • | • | 234                                                         |
|            |              |             | MN        | 1 A        | dv          | a          |          | e           |          |     |          |                 |            |             |          |            |     |        |           |        |   |   |   |   |   |   |   | 235                                                         |
|            |              |             | MN        | 1 T        | ic          | :k         | et       | -           |          |     |          | •               |            |             |          |            |     |        |           |        |   |   |   |   |   |   |   | 236                                                         |
|            |              |             | - 11 1    | 1 8        | 77          | . 01       | Ca       | 2.6         | 2        |     |          | •               | •          |             | •        |            |     |        |           |        |   |   |   |   |   |   |   | 230                                                         |
|            |              | GAC         | CE.       | KE         | EP          | E)         | R        | MO          | DD       | UL  | E        | S               | •          |             |          |            | •   |        |           |        |   |   |   |   |   |   |   | 238                                                         |
|            |              |             | Us        | ser        | G           | a          | te       | 1           | 10       | du  | 1        | e               | •          | •           |          |            | •   | •      |           |        |   |   |   |   |   |   |   | 239                                                         |
|            |              |             | Ke        | ern        | el          | (          | Ga       | te          | e        | Ke  | е        | pe              | Ľ          | М¢          | bc       | . <b>u</b> | le  |        | •         | •      | • |   |   |   |   | • |   | 242                                                         |
|            |              | SUI         | 1 M A     | RY         | •           |            | •        | •           | •        | •   |          | •               | •          | •           | •        |            | •   | •      | •         | •      | • | • | • | • | • | • | • | 243                                                         |
| XXIII      | . c          | ONC         | L         | IST        | ON          |            |          |             |          |     |          |                 |            |             |          |            |     |        |           |        |   |   |   |   |   |   |   | 244                                                         |
|            |              |             |           |            |             |            |          |             |          |     |          |                 |            |             |          |            |     |        |           |        |   |   |   |   |   |   |   |                                                             |
|            |              | FOI         | LC        | W          | ON          | 1          | WO       | RI          | K        | •   |          | •               | •          | •           | ٠        |            | •   | •      | ٠         | •      | • | • | • | • | • | ٠ | ٠ | 245                                                         |
| Apper      | <u>ndix</u>  | <u>[</u>    |           |            |             |            |          |             |          |     |          |                 |            |             |          |            |     |        |           |        |   |   |   |   |   |   |   | page                                                        |
|            | _            |             |           |            |             | _          | _        | _           |          |     |          |                 |            |             |          |            |     |        |           |        |   |   |   |   |   |   |   |                                                             |
| Α.         | EVE          | NT          | MI        | ANA        | GE          | R          | L        | IS          | ST       | IN  | G        | S               | •          | ٠           | •        |            | •   | •      | •         | ٠      | ٠ | • | • | ٠ | ٠ | ٠ | ٠ | 247                                                         |
| в.         | TRA          | PPI         | rc        | co         | יד א ו      | R          | OT.      | <b>T. T</b> | R        | Ţ   | T        | ናጥ              | τN         | G           | 5        |            |     |        |           |        |   |   |   |   |   |   |   | 258                                                         |
| 5.         | <b>- M D</b> |             |           |            |             | 10         |          |             |          |     |          |                 |            |             |          |            | •   | •      | •         | •      | • | • | • | • | • | • | • | 200                                                         |
| c.         | DIS          | TRI         | ЕΒЦ       | JTE        | D           | M          | EM       | 01          | R¥       | М   | A        | N A             | GE         | R           | L        | I          | ST  | 11     | NGS       | ;      | • | • | • | • | • | • | • | 28 <b>7</b>                                                 |
|            |              |             |           |            |             |            |          |             |          |     |          |                 |            |             |          |            |     |        |           |        |   |   |   |   |   |   |   |                                                             |
| D.         | GAI          | E_F         | (EI       | EPE        | R           | L.         | IS       | T]          | [ N      | GS  |          | •               | •          | ٠           | ٠        |            | •   | ٠      | •         | ٠      | ٠ | • | ٠ | ٠ | ٠ | ٠ | ٠ | 308                                                         |
|            | вос          |             |           |            |             |            |          | 2           |          | + - | <b>—</b> | <b>.</b>        | ~ ~        |             |          |            |     |        |           |        |   |   |   |   |   |   |   | <b>7 4 7</b>                                                |
| E.         | BOC          | TSI         | KE        | IP_        | , LO        | AI         | DE       | R           | ملا      | TS  | T.       | TU              | 65         |             | •        |            | •   | •      | •         | •      | • | ٠ | • | • | • | • | • | 317                                                         |
| F.         | TTE          | RAF         | v         | 211        | NC          | - 17       | ۳A       | м           | т        | TC  | m.       | TN              | <u> </u>   |             |          |            |     |        | •         |        |   |   |   |   |   |   |   | 330                                                         |
| £ •        |              | A           | X I       | ru         | II C        | ±.         | 10       | T.          | • ا      | тэ  | ±.       | T 18,           | 9.3        | •           | •        |            | •   | •      | •         | •      | • | • | • | • | • | • | • | 230                                                         |
| G.         | INN          | ER          | ΤF        | AF         | FT          | С          | С        | 01          | T        | RO  | L        | LE              | R          | LI          | IS       | T          | ΤN  | GS     | 5         |        |   |   |   |   |   |   |   | 335                                                         |
|            |              |             |           |            |             | Ŭ          | •        |             |          |     |          |                 |            |             |          | -          | -   |        | -         | •      | • | • | • | • | • | • | • |                                                             |
| Н.         | SEG          | MEN         | IT        | MA         | NA          | GI         | ER       | 1           | LI       | ST  | I        | NG:             | S          | •           | •        |            | •   | •      | •         | •      | • | • | • | • | • | • | • | 364                                                         |
| -          |              |             |           |            |             |            | _        |             | _        | _   | _        |                 |            |             | _        | _          |     |        |           |        |   |   |   |   |   |   |   | 2.05                                                        |
| I.         | NON          | - D ]       | SC        | RE         | TI          | 01         | NA       | RY          | [        | SE  | CI       | UR:             | ſΤ         | Y           | L        | I          | ST  | IV     | 1GS       |        | ٠ | ٠ | ٠ | • | ٠ | • | • | 385                                                         |
| J.         | MEM          | 001         | r N       | 4 A M      | 20          | <b>P</b> 1 | b        | 7 1         | - 0      | ጥተ  | N /      | cc              |            |             |          |            |     |        |           |        |   |   |   |   |   |   |   | 387                                                         |
| <b>U</b> • |              |             |           | 1.57.14    | до          | ا بله      |          | ر مد        |          | ± ± | 74 (     | 33              |            | •           | •        |            | •   | •      | •         | •      | • | • | • | • | • | • | • | 507                                                         |
| LIST       | 10           | REE         | ?EF       | R EN       | CE          | S          |          |             |          |     |          | •               | •          |             |          |            | •   |        | •         | •      |   | • |   | • |   |   |   | 404                                                         |

| INITIAL | DISTRIBUTION | LIST | • | • | • | • | • | • | • |  |  |  |  |  |  | • | • | 406 |
|---------|--------------|------|---|---|---|---|---|---|---|--|--|--|--|--|--|---|---|-----|
|---------|--------------|------|---|---|---|---|---|---|---|--|--|--|--|--|--|---|---|-----|

- xxxvii -

# LIST OF FIGURES

| Figu |                                    |
|------|------------------------------------|
| 1.   | SASS System Interfaces             |
| 2.   | Extended Machine Layers            |
| 3.   | Internal Kernel Organization       |
| 4.   | Multiprocessor Configuration       |
| 5.   | SASS System                        |
| 6.   | System Overview (Dual Host)        |
| 7.   | Known Segment Table (KST)          |
| 8.   | Active Process Table (APT)         |
| 9.   | Virtual Processor Table (VPT)      |
| 10.  | Extended Instruction Set           |
| 11.  | Kernel Databases                   |
| 12.  | Memory Management Unit (MMU) Image |
| 13.  | SASS H/W System Overview           |
| 14.  | Global Active Segment Table        |
| 15.  | Alias Table Creation               |
| 16.  | Local Active Segment Table         |
| 17.  | Alias Table                        |
| 18.  | Memory Management Unit Image       |
| 19.  | Memory Allocation/Deallocation Map |
| 20.  | Memory Manager Mainline Code       |
| 21.  | Create Entry Pseudo-code           |
|      | anna i i i                         |

- xxxviii -

| 22. | Delete Entry Pseudo-code         |
|-----|----------------------------------|
| 23. | Activate Pseudo-code             |
| 24. | Deactivate Pseudo-code           |
| 25. | Swap_In Pseudo-code              |
| 26. | Swap_Out Pseudo-code             |
| 27. | Deactivate All Pseudo-code       |
| 28. | Move To Global Pseudo-code       |
| 29. | Move To Local Pseudo-code        |
| 30. | Update Pseudo-code               |
| 31. | Success Codes 104                |
| 32. | SASS SYSTEM                      |
| 33. | MMU_INAGE                        |
| 34. | Virtual Processor Table          |
| 35. | Virtual Processor States         |
| 36. | SWAP_DBR                         |
| 37. | Kernel Stack Segments 124        |
| 38. | <b>GETWORK</b>                   |
| 39. | Active Process Table             |
| 40. | Initialized Stack                |
| 41. | Known Segment Table              |
| 42. | Memory Management Unit Image 165 |
| 43. | Memory Manager-CPU Table         |
| 44. | Initial Process Stack            |
| 45. | Implementation Module Structure  |
| 46. | TC_ADVANCE Algorithm             |
| 47. | Program Status Area              |

PART A

INTRODUCTION

#### Chapter I

#### BACKGROUND

# This chapter is an updated excerpt from <u>Implemen-</u> tation of <u>Segment Management</u> for a <u>Secure Archival</u> <u>Storage System</u> by J. T. Wells [20].

O'Connell and Richardson provided the design for a family of secure, distributed, multi-microprocessor operating systems from which the subset, SASS, was later derived [7]. In their work, two of the primary motivations were to provide a system that (1) effectively coordinated the processing power of microprocessors and (2) provided information security.

The basis for emphasis on utilization of microprocessors is not purely that of replacing software with more powerful (and faster) hardware (microprocessors) but is also an economic issue. Software development and computing operations are becoming more and more expensive, putting further pressure on system designers to increasingly utilize people solely for system functions that computers cannot perform in a cost effective manner. Microcomputers, on the other hand, are becoming less and less expensive and are, therefore, increasingly being used for more functions.

The need for information security has been gradually recognized as the uses of computers have expanded. As security

- 2 -

needs for specific computer systems have been recognized, attempts have been made to modify the existing systems to provide the desired security. The results have been systems that could not be certified as secure and/or which have failed to resist penetration efforts, i.e. systems which, in effect, did not provide adequate information security. It has become clear that, in order to be certifiably secure, a computer system must have security designed in from first principles [10,11]. Such is the case with SASS. Information security was and continues to be a chief design feature. Integral to the design goal of information security were two related goals. One of these goals was to provide multilevel controlled access to a consolidated warehouse of data for a network of multiple host computers. The other key goal was to provide for controlled sharing among the computer hosts.

A brief background of prior work relative to SASS follows. O'Connell and Richardson originated the design of a secure family of operating systems. Their design provided two basic parts for their system -- the supervisor (to provide operating system services) and the kernel (to provide for physical resource management). The design of the SASS supervisor was completed by Parks [9]. No implementation or further design effort on the supervior has followed, to date. The initial design of the kernel was completed by Coleman [2]. That design described the kernel in terms of seven modules:

- 3 -

- Gate Keeper Module -- provided for ring-crossing mechanism and thus isolation of the kernel.
- Segment Manager Module -- provided for management of segmented virtual memory.
- 3. Traffic Controller Module -- multiplexed processes onto virtual processors and supports the inter- process communication primitives Block and Wakeup.
- Non-Discretionary Security Module -- mediated nondiscretionary security access attempts.
- 5. Inner Traffic Controller Module -- multiplexed virtual processors onto real processors and provided the Kernel synchronization primitives Signal and Wait.
- Memory Manager Module -- managed main memory and secondary storage.
- Input-Output Manager -- managed the moving of information to external devices outside the boundaries of the SASS.

Refinement of the kernel design and partial implementation was completed by Gary and Moore [5] in conjunction with Reitz [12]. The resultant description of the kernel as a result of their work was:

- 1. Gate Keeper Module
- 2. Segment Manager Module
- 3. Event Manager Module -- worked with the Traffic Controller to manage the event data associated with the IPC mechanism of eventcounts and sequencers.
- 4. Non-Discretionary Security Module
- Traffic Controller Module -- replaced Block and Wakeup with Advance and Await (to implement Supervisor IPC mechanism of eventcounts and sequencers).
- 6. Memory Manager Module
- 7. Inner Traffic Controller Module

Reitz implemented the Traffic Controller Module and Inner Traffic Controller Module. Gary and Moore completed a detailed design of the Memory Manager, originated the Memory Manager code (written predominantly in PLZ/SYS), selected a thread of the code, hand compiled it into PLZ/ASM and ran it on the Z8000 developmental module. Wells provided the implementation of the Segment Manager and Non-Discretionary Security Modules as well as partial implementation of Distributed Memory Manager functions. Strickler refined and implemented the process management functions for the SASS (written in PLZ/ASM).

- 5 -

#### Chapter II

#### BASIC CONCEPTS/DEFINITIONS

This chapter is an excerpt from <u>Implementation of</u> <u>Process Management</u> for a <u>Secure Archival Storage</u> <u>System</u> by A. R. Strickler [19]. Minor changes have been made for integration into report.

This section provides an overview of several concepts essential to the SASS design. Readers familiar with SASS or with secure operating system principles may wish to skip to the next section.

## A. <u>PROCESS</u>

The notion of a process has been viewed in many ways in computer science literature. Organick [8] defines a process as a set of related procedures and data undergoing execution and manipulation, respectively, by one of possibly several processors of a computer. Madnick and Donovan [6] view a process as the locus of points of a processor executing a Reed [ 10 ] describes a collection of programs. process as the sequence of actions taken by some processor. In other words, it is the past, present, and future "history" of the In the SASS design, a process is states of the processor. viewed as a logical entity entirely characterized by an address space and an execution point. A process<sup>•</sup> address space consists of the set of all memory locations accessible

- 6 -

by the process during its execution. This may be viewed as a set of procedures and data related to the process. The execution point is defined by the state of the processor at any given instant of process execution.

As a logical entity, a process may have logical attributes associated with it, such as a security access class, a unique identifier, and an execution state. This notion of logical attributes should not be confused with the more typical notion of physical attributes, such as location in memory, page size, etc. In SASS, a process is given a security access class, at the time of its creation, to specify what authorization it possesses in terms of information access (to be discussed in the next section). It is also given a unique identifier that provides for its identification by the system and is utilized for interaction among processes. A process may exist in one of three execution states: 1) running, 2) ready, and 3) blocked. In order to execute, a process must be mapped onto (bound to) a physical processor in the system. Such a process is said to be in the "running" state. A process that is not mapped onto a physical processor, but is otherwise ready to execute, is in the "ready" state. A process in the "blocked" state is waiting for some event to occur in the system and cannot continue execution until the event occurs. At that time, the process is placed into the ready state.

- 7 -

# B. INFORMATION SECURITY

There is an ever increasing demand for computer systems that can provide controlled access to the data it stores. In this thesis, "information security" is defined as the process of controlling access to information based upon proper authorization. The critical need for information security should be clear. Banks and other commercial enterprises risk the theft or loss of funds. Insurance and credit companies are bound by law to protect the private or otherwise personal information they maintain on their cus-Universities and scientific institutions must pretomers. vent the unauthorized use of their often over-burdened sys-The Department of Defense and other government tems. agencies must face the very real possibility that classified information is being compromised or that weapon systems are being tampered with. In fact, security related problems can be found at virtually every level of computer usage.

The security of computer systems processing sensitive information can be achieved by two means: external security controls and internal security controls. In the first case, security is achieved by encapsulating the computer and all its trusted users within a single security perimeter establishe by physical means (e.g., armed guards, fences, etc.) This means of security is often undesirable due to its added cost of implementation, the inherent risk of error-prone manual procedures, and the problem of trustworthy but error-

- 8 -

prone users. Also, since all security controls are external to the computer system, the computer is incapable of securely handling data at differing security levels or users with differing degrees of authorization. This restriction greatly limits the utility of modern computers. Internal security controls rely upon the computer system to internally dismultiple levels tinguish between of information classification and user authorization. This is clearly a more desirable and flexible approach to information security. This does not mean, however, that external security is not needed. The optimal approach would be to utilize internal security controls to maintain information security and external security controls to provide physical protection of our system against sabotage, theft, or destruction. The primary concern of this thesis is information security and will therefore center its discussion on the achievement of information security through implementation of the security kernel concept.

One might argue that a "totally secure" computer system is one that allows no access to its classified or otherwise sensitive information. Such a system would not be of much value to its users. Therefore, when we say that a system provides information security, it is only secure with respect to some specific external security policy established by laws, directives, or regulations. There are two distinct aspects of security policy: non-discretionary and discre-

- 9 -

tionary. Each user (subject) of the system is given a label denoting what classification or level of access the user is authorized. Likewise, all information or segments (objects) within the system are labelled with their classification or level of sensitivity. The non-discretionary security mechanism is responsible for comparing the authorization of a subject with the classification of an object and determining what access, if any, should be granted. The DOD security classification system provides an example of the non-discretionary security policy and is the policy implemented in The discretionary security policy is a refinement of SASS. the non-discretionary policy. As such, it adds a higher degree of restriction by allowing a subject to specify or restrict who may have access to his files. It must be emphasized that the discretionary policy is contained within the non-discretionary policy and in no way undermines or substitutes for it. This prevents a subject from granting access that would violate the non-discretionary policy. An example of discretionary security is provided by the DOD "need to know" policy. In SASS, the discretionary policy is implemented within the supervisor [9] by means of an Access Control List (ACL). There is an ACL maintained for every file in the system, which provides a list of all users authorized access to that file. Every attempt by a user to access a file is first checked against the ACL and then checked against the non-discretionary security policy. The "least"

- 10 -

or "most restrictive" access found in these checks is then granted to the user.

The relationship between the labels associated with the subject's access class (sac) and the object's access class (oac) is defined by a lattice model of secure information flow [12] as follows ("|" denotes "no relationship"):

1. sac = oac, read and write access permitted

sac > oac, read access permitted

3. sac < oac, write access permitted

4. sac | oac, no access permitted

In order to understand how these access levels are determined, it is necessary to gain an awareness of and consideration for several basic security properties.

The "Simple Security Property" deals with "read" access. It states that a subject may have read access only to those object's whose classification is less than or equal to the classification of the subject. This prevents a subject from reading any object possessing a classification higher than his own.

The "Confinement Property" (also known as "\*-property") governs "write" access. It states that a user may be granted write access only to those objects whose classification is greater than or equal to the classification of the subject. This prevents a user from writing information of a higher classification (e.g., Secret) into a file of a lower classification (e.g., Unclassified). It is noted that while

- 11 -

this property allows a user to write into a file possessing a classification higher than his own, it does not allow him access to any of the data in that file. The SASS design does not allow a user to "write up" to higher classified files. Therefore, in SASS, "sac < oac" denotes "no access permitted."

The "Compatibility Property" deals with the creation of objects in a hierarchical structure. In SASS, objects (segments) are hierarchically organized in a tree structure. This structure consists of nodes with a root node from which the tree eminates. The Compatibility Property states that the classification of objects must be non-decreasing as we move down the hierarchical structure. This prevents a parent node from creating a child node of a lower classification.

Several prerequisites must be met in order to insure that the security kernel design provides a secure environment. Firstly, every attempt to access data must invoke the Kernel. In addition, the Kernel must be isolated and tamperproof. Finally, the Kernel design must be verifiable. This implies that the mathematical model, upon which the Kernel is based, must be proved secure and that the Kernel is shown is to correctly implement this model.

- 12 -

# C. <u>SEGMENTATION</u>

Segmentation is a key element of a security Kernel based system. A segment can be defined as a logical grouping of information, such as a procedure, file or data area [6]. Therefore, we can redefine a process' address space as the collection of all segments addressable by that process. Segmentation is the technique applied to effect management of those segments within an address space. In a segmented environment, all references within an address space require two components: 1) a segment specifier (number) and 2) the location (offset) within the segment.

A segment may have several logical and physical attributes associated with it. The logical attributes may include the segment's classification, size, or permissable access (read, write, or execute). These logical attributes allow a segment to nicely fit the definition of an object within the security kernel concept, and thus provide a means for the enforcement of information security. A segment's physical attributes include the current location of the segment, whether or not the segment resides in main memory or secondary storage, and where the segment's attributes are maintained by a segment descriptor. The segment descriptors for each segment in a process' address space are contained within a Descriptor Segment (viz., the MMU Image in SASS) to facilitate the memory management of that address space.

- 13 -

Segmentation supports information sharing by allowing a single segment to exist in the address spaces of multiple processes. This allows us to forego the maintenance of multiple copies of the same segment and eliminates the possibility of conflicting data. Controlled access to a segment is also enforced, since each process can have different attributes (read/write) specified in its segment descriptor. In the implementation of SASS, any segment which is shared, but has "read only" access by every process sharing it, is placed in the processor local memory supporting each of these processes rather than in the global memory. This implies the maintenance of multiple copies of some shared seg-It is noted that the problem of "conflicting data" ments. is avoided since this only applies to read only segments. This apparent waste of memory and nonuse of existing sharing facilities is justified by a design decision to provide maximum reduction of bus contention among processors accessing global memory. This reduction in bus contention is considered to be of more importance than the saving of memory space provided by single copy sharing of read only segments. This decision is also well supported by the occurrence of decreasing memory costs, which we have experienced in terms of high speed bus costs.

# D. PROTECTION DOMAINS

The requirement for isolating the Kernel from the remainder of the system is achieved by dividing the address space of each process into a set of hierarchical domains or protection rings [18]. O'Connell and Richardson [7] defined three domains in the family of secure operating systems: the user, the supervisor, and the kernel. Only two domains are actually necessary in the SASS design since it does not provide extended user applications. The Kernel resides in the inner or most privileged domain and has access to all segments in an address space. System wide data bases are also maintained within the Kernel domain to insure their accessibility is only through the Kernel. The Supervisor exists in the outer or least privileged domain where its access to data or segments within an address space is restricted.

While protection domains may be created through either hardware or software mechanisms, a hardware implementation provides much greater efficiency. Current microprocessor technology only provides for the implementation of two domains. This two domain restriction does not support O'Connell and Richardson's complete family design, but it is sufficient to allow hardware implementation of the ring structure required by the SASS subset.

- 15 -

## E. ABSTRACTION

Dijkstra [4] has shown that the notion of abstraction can be used to reduce the complexity of a problem by applying a general solution to a number of specific cases. A structure of increasing levels of abstraction provides a powerful tool for the design of complex systems and generally leads to a better design with greater clarity and fewer errors.

Each level of abstraction creates a virtual hierarchical machine [6] which provides a set of "extended instructions" to the system. A virtual machine cannot make calls to another virtual machine at a higher level of abstraction and in fact is unaware of its existence. This implies that a level of abstraction is independent of any higher levels. This independence provides for a loop-free design. Additionally, a higher level may only make use of the resources of a lower level by applying the extended instruction set of the lower level virtual machine. Therefore, once a level of abstraction is created, any higher level is only interested in the extended instruction set it provides and is not concerned with the details of its implementation. In SASS, once a level of abstraction is created for the physical resources of the system, these resources become "virtualized" making the higher levels of the design independent of the physical configuration of the system.

#### PART B

# SECURE ARCHIVAL STORAGE SYSTEM DESIGN

This section is an excerpt from <u>Implementation</u> of <u>Process</u> <u>Management for a Secure Archival</u> <u>Storage System</u> by A. R. Strickler [19]. Minor changes have been made for integration into this report.

## Chapter III

## BASIC SASS OVERVIEW

The purpose of the Secure Archival Storage System is to provide a secure "data warehouse" or information pool which can be accessed and shared by a variable set of host computer systems possessing differing security classifications. The primary goals of the SASS design are to provide information security and controlled sharing of data among system users.

Figure 5 provides an example of a possible SASS usage. The system is used exclusively for managing an archival storage system and does not provide any programming services to Thus the users of the SASS may only create, its users. store, retrieve, or modify files within the SASS. The host computers are hardwired to the system via the I/O ports of the Z8001 with each connection having a fixed security classification. Each host must have a separate connection for each security level it wishes to work on (It is important to note that Figure 5 only represents the logical interfacing of the system. Specifically, the actual connection with the host system must be interfaced with the Kernel as the I/O instructions for the port are privileged). In our example, Host #1 can create and modify only Top Secret files, but it

can read files which are Top Secret, Secret, Confidential, or Unclassified. Likewise, Host #2 can create or modify secret files, using its secret connection or confidential files, using its confidential connection. Host #2 cannot create or modify Top Secret or Unclassified files.

In order to provide information security and controlled sharing of files, the SASS operates in two domains: (1) the Supervisor domain and (2) the Kernel domain. The SASS achieves this desired environment through a distributed operating system design which consists of two primary modules: the Supervisor and the Security Kernel. Each host system connected to the SASS has associated with it two processes within the SASS which perform the data transfer and file management on behalf of that host. The host computer communicates directly with its own I/O process and File Manager process within the SASS.

We can use our notion of abstraction to present a system overview of the SASS. The SASS consists of four primary levels of abstraction:

Level 3-The Host Computer Systems

Level 2-The Supervisor

Level 1-The Security Kernel

Level 0-The SASS Hardware

A pictorial representation of this abstract system overview is presented in Figure 6. This representation is limited to a dual host system for clarity and space restrictions. Note



Figure 5: SASS System

that the Gate Keeper module is in actuality the logical boundary between levels one and two and as such will be described separately.

Level 3, the host computer systems, of SASS has already been addressed. It should be noted that the SASS design makes no assumptions about the host computer systems. Therefore each host may be of a different type or size (i.e.- micro, mini, or maxi-computer system). Furthermore, the necessary physical security of the host systems and their respective data links with the SASS is assumed.

- 21 -



Figure 6: System Overview (Dual Host)

- 22 -

## Chapter IV

#### SUPERVISOR

Level 2 of the SASS system is composed of the Supervisor domain. As already stated, the SASS consists of two domains. The actual implementation of these domains was greatly simplified since the Z8001 microprocessor provides two modes of execution. The system mode, with which the Kernel was implemented, provides access to all machine instructions and all segments within the system. The normal mode, with which the Supervisor was implemented, only provides access to a limited subset of machine instructions and segments within the system. Therefore, the Supervisor operates in an outer or less privileged domain than the Kernel.

The purpose of the Supervisor is to manage the data link between the host computer systems and the SASS by means of Input/Output control, and to create and manage the file hierarchy of each host within the SASS. These functions are accomplished via an Input/Output (I/O) process and a File Manager (FM) process within the Supervisor. A separate FM and I/O process are created and dedicated to each host at the time of system initialization.

- 23 -

# A. FILE MANAGER PROCESS

The PM process directs the interaction between the host computer systems and the SASS. It interprets all commands received from the Host computer and performs the necessary action upon them through appropriate calls to the Kernel. The primary functions of the FM process are the management of the Host's virtual file system and the enforcement of the discretionary security policy.

The virtual file system of the Host is viewed as a hierarchy of files which are implemented in a tree structure. The five basic actions which may be initiated upon a file at this level are: 1) to create a file, 2) to delete a file, 3) to read a file, 4) to store a file, and 5) to modify a file. The FM process utilizes a FM Known Segment Table (FM\_KST) as the primary database to aid in this management.

The FM process maintains an Access Control List (ACL) through which it enforces the discretionary security in SASS. The FM process initializes an ACL for every file in its Host's file system. The ACL is merely a list of all users that are authorized to access that file. The ACL is checked upon every attempt to access a file to determine its authorization. The user (host computer) directs the FM process as to what entries or deletions should be made in the ACL, and as such, specifies who he wishes to have access to his file. As noted earlier, discretionary security is a refinement to the Non-Discretionary Security Policy and there-

- 24 -

fore can only be utilized to add further access restrictions to those provided by the Non-Discretionary Security. This prevents a user from granting access to a file to someone who otherwise would not be authorized access.

# B. INPUT/OUTPUT PROCESS

The I/O process is responsible for managing the input and output of all data between the host computer systems and the SASS. The I/O process is subservient to the FM process and receives all of its commands from it. Data is transferred between the SASS and Host Computer systems in fixed size "packets". These packets are broken up into three basic types: 1) a synchronization packet, 2) a command packet, and 3) a data packet. In order to insure reliable transmission and receipt of packets between the Host computer and the SASS, there must exist a protocol between them. Parks [9] provides a more detailed description of these packets, and a possible multi-packet protocol.

# Chapter V

## GATE KEEPER

The primary objective of the gate keeper is to isolate the Kernel and make it tamperproof. This goal is accomplished by reason of a software ring crossing mechanism provided by the gate keeper. In terms of SASS, this notion of "ring-crossing" is merely the transition from the Supervisor domain to the Kernel domain. As noted earlier, the gate keeper establishes the logical boundary between the Supervisor and the Kernel, and as a matter of course, it provides a single software entry point (enforced by hardware) into the Kernel. Therefore, any call to the Kernel must first pass through the gate keeper.

The gate keeper acts as a trap handler. Once it is invoked by a user (Supervisor) process, the hardware preempt interrupts are masked, and the user process' registers and stack pointer are saved (within the kernel domain). It then takes the argument list provided by the caller and validates these passed parameters to insure their correctness. To aid in the validation of these parameters, the gate keeper utilizes the Parameter Table as a database. The Parameter table contains all of the permitted functions provided by the Kernel. These relate directly to the extended instruction

- 26 -

set (viz., Supervisor calls) provided by the Kernel (these extended instructions will be described in the next section). If an invalid call is encountered by the gate keeper, an error code is returned, and the Kernel is not invoked. If a valid call is encountered by the gate keeper, the arguments and control are passed to the appropriate Kernel module.

Once the Kernel has completed its action on the user request, it passes the necessary parameters and control back to the gate keeper. At this point, the gate keeper determines if any software virtual preempt interrupts have occurred. If they have, then the virtual preempt handler is invoked vice the Kernel being exited (virtual interrupt structure is discussed by Strickler [19]. Correspondingly, if a software virtual preempt has not occurred, then the return arguments are passed to the user process. The user process' registers and stack pointer (viz., its execution point) are restored and control returned to the Supervisor domain. A detailed description of the Gate Keeper interface and implementation is provided by Strickler [19].

- 27 -

#### Chapter VI

## DISTRIBUTED KERNEL

Level 1 of our abstract view of SASS consists of two components: the distributed Kernel and the non-distributed Kernel. These two elements comprise the Security Kernel of the SASS. The Security Kernel has two primary objectives: 1) the management of the system's hardware resources, and 2) the enforcement of the non-discretionary security policy. It executes in the most privileged domain (viz., the system mode of the Z8001) and has access to all machine instructions. The following section will provide a brief description of the distributed Kernel, its components, and the extended instruction set it provides. A discussion of the non-distributed Kernel will be given in the next section.

The distributed Kernel consists of those Kernel modules whose segments are contained (distributed) in the address space of every user (Supervisor) process. Thus, in effect, the distributed Kernel is shared by all user processes in the SASS. The distributed Kernel is composed of the Segment Manager, the Event Manager, the Non-Discretionary Security Module, the Traffic Controller, the Inner Traffic Controller, and the Distributed Memory Manager Module. The Segment Manager and the Event Manager are the only "user visible"

- 28 -

modules in the distributed Kernel. In other words, the set of extended instructions available to user processes invokes either the Segment Manager or the Event Manager.

# A. SEGMENT MANAGER

The objective of the Segment Manager is the management of a process' segmented virtual storage. The Segment Manager is invoked by calls from the Supervisor domain via the gate keeper. Calls to the Segment Manager are made by means of six extended instructions provided by the segment manag-These extended instructions (viz., entry points) are: er. 1) CREATE\_SEGMENT, 2) DELETE\_SEGMENT, 3) MAKE\_KNOWN, 4) TERMINATE, 5) SM\_SWAP\_IN, and 6) SM\_SWAP\_OUT. The extended instructions CREATE\_SEGMENT and DELETE\_SEGMENT add and remove segments from the SASS. MAKE KNOWN and TERMINATE add and remove segments from the address space of a process. Finally, SM\_SWAP\_IN and SM\_SWAP\_OUT move segments from secondary storage to main storage and vice versa.

The primary database utilized by the Segment Manager is the Known Segment Table (KST). A representation of the structure of the KST is provided in Figure 7. The KST is a process local database that contains an entry for every segment in the address space of that process. The KST is indexed by segment number with each record of the KST containing descriptive information for a particular segment. The KST provides a mapping mechanism by which the segment number

- 29 -

of a particular segment can be converted into a unique handle for use by the Memory Manager. The Memory Manager will be discussed in the next chapter.

- 30 -

|   | Segment # |      |      |      |                  | 1 1                                   |
|---|-----------|------|------|------|------------------|---------------------------------------|
|   | MM Handle | Size |      |      | Mentor<br>Seg No |                                       |
|   |           |      | <br> |      |                  |                                       |
| l |           |      | <br> |      |                  | · · · · · · · · · · · · · · · · · · · |
| · |           |      | <br> |      |                  |                                       |
|   | <br>      |      | <br> |      | <br>             |                                       |
|   | <br>      |      | <br> |      | [<br>;           |                                       |
|   | <br>      |      | <br> | <br> |                  | <br>                                  |

Figure 7: Known Segment Table (KST)

- 31 -

# B. EVENT MANAGER

The purpose of the Event Manager is the management of event data which is associated with interprocess communications within the SASS. This event data is implemented by means of eventcounts (a synchronization primitive discussed by Reed [11]). The Event Manager is invoked, via the Gate Keeper, by user processes residing in the Supervisor domain. There are two eventcounts associated with every segment existing in the Supervisor domain. These eventcounts (viz., Instance 1 and Instance 2) are maintained in a database residing in the Memory Manager. The Event Manager provides its management functions through its extended instruction TICKET, ADVANCE, and AWAIT, and in conjunction set READ, with the extended instructions TC\_ADVANCE and TC\_AWAIT provided by the Traffic Controller (to be discussed next). These extended instructions are based on the mechanism of eventcounts and sequencers [11]. The Event Manager verifies the access permission of every interprocess communication request through the Non-Discretionary Security Module. The extended instruction READ provides the current value of the eventcount requested by the caller. IICKET provides a complete time ordering of possibly concurrent events through the mechanism of sequencers. The Event Manager will be discussed in more detail by Strickler [19].

- 32 -

# C. NON-DISCRETIONARY SECURITY MODULE

The purpose of the Non-Discretionary Security Module (NDS) is the enforcement of the non-discretionary security policy of the SASS. While the current implementation of SASS represents the Department of Defense security policy, any security policy which may be represented through a lattice structure [3] may also be implemented. The NDS is invoked via its extended instruction set: CLASS EQ and CLASS GE. The NDS is passed two classifications which it compares and then analyzes their relationship. CLASS\_EQ will return a true value to the calling procedure only if the two classifications passed were equal. The CLASS GE instruction will return true if a given classification is analyzed to be either greater than or equal to another given classification. The NDS does not utilize a data base as it works only with the parameters it is passed.

# D. TRAFFIC CONTROLLER

The task of processor scheduling is performed by the traffic controller. Saltzer [14] defines traffic controller as the processor multiplexing and control communication section of an operating system. The current SASS design utilizes Reed's [10] notion of a two level traffic controller, consisting of: 1) a Traffic Controller (TC) and 2) an Inner Traffic Controller (ITC).

- 33 -

The primary function of the Traffic Controller is the scheduling (binding) of user processes onto virtual proces-A virtual processor (VP) is an abstract data struc-SOTS. ture that simulates a physical processor through the preservation of an executing process' attributes (viz., the execution point and address space). Multiple VP's may exist for every physical processor in the system. Two VP's are permanently bound to Kernel processes (viz., Memory Manager and Idle) and as such are not in contention for process scheduling. These processes and their corresponding virtual processors are invisible to the TC. The remaining virtual processors are either idle or are temporarily bound to user processes as scheduled by the TC. The database utilized by the TC in process scheduling is the Active Process Table (APT). Figure 8 provides the structure of the APT.

The APT is a system-wide Kernel database containing an entry for every user process in the system. Since the current SASS design does not provide for dynamic process creation/deletion, a user process is active for the life of the system. Therefore, the size of the APT is fixed at the time of system generation. The APT is logically composed of three parts: 1) an APT header, 2) the main body of the APT, and 3) a VP table. The APT header includes: 1) a Lock to provide for a mutual exclusion mechanism, 2) a Running List indexed by VP ID to identify the current process running on each VP, 3) a Ready List, which points to the linked list of

- 34 -

------Lock -----Running List | APT Entry #| |----| VP ID----|---1 |----• 1 V |--------| -- APT ----| Ready List Head| APT Entry #| HEADER I. |----| Log\_CPU\_No--| |-----1 |----V |----| -----| Blocked List Head -------- APT Entry # Awaited Event 1 1 1 1 1 | AP | DBR |Access|Priority|State|Affi-|VP|Handle |nity |ID| Instance |Link|Handle|Class | | Count | 1 1 ---|---| 1 1 1 --- | V 1 1 |----|-----|-----|+-----|----|---|--|---|---|---Log\_CPU\_No----> |----|----|----|-----|-----| INR\_OF\_VP'SI I TC 
 PIRST\_VP (
 I
 I
 I
 I
 I
 | TABLE 

Figure 8: Active Process Table (APT)

- 35 -

processes which are ready for scheduling, and 4) a Blocked List, which points to the linked list of processes which are in the blocked state awaiting the occurrence of some event.

A design decision was made to incorporate a single list of blocked processes instead of the more traditional notion of separate lists per eventcount because of its simplicity and its ease of implementation. This decision does not appreciably affect system performance or efficiency as the "blocked" list will never be very long. The VP table is indexed by logical CPU number and specifies the number of VP's associated with the logical CPU and its first VP in the Running List. The logical CPU number, obtained during system initialization, provides a simple means of uniquely identifying each physical CPU in the system. The main body of the APT contains the user process data required for its efficient control and scheduling. NEXT\_AP provides the linked list threading mechanism for process entries. The DBR entry is a handle identifying the process' Descriptor Segment which is employed in process switching and memory manage-The ACCESS\_CLASS entry provides every process with a ment. security label that is utilized by the Event Manager and the Segment Manager in the enforcement of the Non-Discretionary Security Policy. The PRIORITY and STATE entries are the primary data used by the Traffic Controller to effect process scheduling. AFFINITY identifies the logical CPU which is associated with the process. VP ID is utilized to identify the virtual processor that is currently bound to the process. Finally, the EVENTCOUNT entries are utilized by the TC to manage processes which are blocked and awaiting the occurrence of some event. HANDLE identifies the segment associated with the event, INSTANCE specifies the event, and COUNT determines which occurrence of the event is needed.

The Traffic Controller determines the scheduling order by process priority. Every process is assigned a priority at the time of its creation. Once scheduled, a process will run on its VP until it either blocks itself or it is preempted by a higher priority process. To insure that the TC will always have a process available for scheduling, there logically exists an "idle" process for every VP visible to the TC. These "idle" processes exist at the lowest process priority and, consequently, are scheduled only if there exists no useful work to be performed.

The Traffic Controller is invoked by the occurrence of a virtual preempt interrupt or through its extended instruction set: ADVANCE, AWAIT, PROCESS\_CLASS, and GET\_DBE\_NUMBER. ADVANCE and AWAIT are used to implement the IPC mechanism envoked by the Supervisor. PROCESS\_CLASS and GET\_DBR\_NUMBER are called by the Segment Manager to ascertain the security label and DBR handle, respectively, of a named process. A more detailed discussion of the TC is provided by Strickler [19].

- 37 -

# E. INNER TRAFFIC CONTROLLER

The Inner Traffic Controller is the second part of our two-level traffic controller. Basically, the ITC performs two functions. It multiplexes virtual processors onto the actual physical processors, and it provides the primitives for which inter-VP communication within the Kernel is implemented. A design choice was made to provide each physical processor in the system with a small fixed set of virtual processors. Two of these VP's are permanently bound to the Kernel processes. The Memory Manager is bound to the highest priority VP. Conversely, the Idle Process is bound to the lowest priority VP and, as a result, will only be scheduled if there exists no useful work for the CPU to perform. The primary database utilized by the ITC is the Virtual Processor Table (VPT). Figure 9 illustrates the VPT.

The VPT is a system wide Kernel database containing entries for every CPU in the system. The VPT is logically composed of four parts: 1) a header, 2) a VP data table, 3) a message table, and 4) an external VP list. The header includes a LOCK (spin lock) that provides a mutual exclusion mechanism for table access, a RUNNING LIST (indexed by logical CPU #) that identifies the VP currently running on the corresponding physical CPU, a BEADY LIST (indexed by logical CPU #) which points to the linked list of VP's which are in the "ready" state and awaiting scheduling on that CPU, and a PREE LIST which points to the linked list of unused entries

- 38 -

|     |              |                         | Lock       |        |      |          |        |               |       |          |       |
|-----|--------------|-------------------------|------------|--------|------|----------|--------|---------------|-------|----------|-------|
|     |              |                         | Lock       |        |      | <br>     |        | 4<br>• 1      |       | 1<br>1   |       |
|     |              |                         | Runni      | ing_L: | ist  | VPT      | Entry  | #1            |       | 1        |       |
|     |              |                         | 1          |        |      |          |        | -             |       |          |       |
|     |              |                         | CPU_1      | 108    |      |          |        | -1            |       |          |       |
|     |              |                         | I –        | I.     |      |          |        |               |       | l        |       |
|     |              |                         | 1          | V      | 1    |          |        | -             | l     | 1        |       |
|     |              |                         |            |        |      |          |        | - 1           |       |          | VPT   |
|     |              |                         | Ready_List |        |      | VPT      | Entry  | ₹.            |       | [ Н(<br> | eader |
|     |              |                         | CPU_No     |        |      |          |        | -             | 1     | 1        |       |
|     |              |                         | <u> </u>   |        |      | '<br>    |        |               |       | •        |       |
|     |              |                         |            | ÿ      | ĺ    |          |        | - i           |       | I        |       |
|     |              | i                       |            |        |      |          |        | -1            | 1     |          |       |
|     |              | I                       | Free       | List   | l    |          |        |               | l     | 1        |       |
|     |              |                         |            |        |      |          |        | -1            |       |          |       |
| 1   |              | r D                     |            |        |      |          |        |               |       |          |       |
|     | VP_1         | L <i>U</i><br>  = = = i |            | i      |      |          |        |               | i     | i        |       |
|     | NEXT         |                         |            |        |      |          |        |               |       | EXT      | 11    |
| i i |              | DBR                     | STATE      | IDLE   | VIRC | TUAL     | PHYSIC | AL            |       | •        | MSG   |
| i   | I AB         |                         |            |        |      |          | PROCES |               |       | ID       | LIST  |
| 1   |              |                         |            |        |      |          |        |               |       |          |       |
| 1   | 1            |                         |            |        |      | l        | l      | 1             |       | 1        |       |
| 1   |              |                         |            |        |      |          |        |               |       |          |       |
| v   | 1            |                         |            |        | <br> |          |        |               |       |          |       |
|     |              |                         |            |        |      |          |        |               |       |          | 1 1   |
|     |              |                         |            |        | <br> |          | <br>   |               |       |          |       |
|     | i            |                         |            |        | I    | Ì        |        |               |       | l        | 1     |
|     |              |                         |            |        |      |          |        |               |       |          | []    |
|     |              |                         |            |        |      |          |        |               |       |          |       |
| 1   | MSG          | G_INI                   | DEX        |        |      |          |        |               |       |          |       |
|     | NEXT         | MSC                     | SENI       | 125 1  | MSG  | •        | EXT_V  | P_11          |       |          |       |
|     | 1 01541      |                         |            |        |      | - 1      | VPT    | 1             | 1     | 1        | 1 1   |
| i i |              |                         | ì          | 1      |      | i        | Entry  |               | i     | i        | i i   |
| i   |              |                         | -          | i·     |      | -i       | NO     | i             | i     | i        | i i   |
| 1   | I            |                         | 1          | 1      |      | 1        |        |               |       |          |       |
| V   |              |                         | -          |        |      | -1       |        |               |       |          |       |
|     | !            |                         |            |        |      |          |        |               |       |          | !     |
|     |              |                         |            |        | - 1  | External |        |               |       |          |       |
|     |              |                         |            |        | - 1  |          |        |               |       |          |       |
|     | Message List |                         |            |        | 1    | List     |        |               |       |          |       |
|     |              |                         |            |        |      |          |        |               |       |          |       |
|     |              |                         | -          |        |      |          |        |               |       |          |       |
|     |              |                         |            |        |      |          |        |               |       |          |       |
|     |              | rigu                    | 1re 9:     | Virt   | cual | PLOC     | cessor | ra <b>p</b> . | Le () | (FI)     |       |

- 39 -

in the message table. The VP data table contains the descriptive data required by the ITC to effectively manage the virtual processors. The DBR entry points within the MMU Inage to the descriptor segment for the process currently running on the VP. PRI (Priority), STATE, IDLE\_FLAG, and PREEMPT are the primary data used by the ITC for VP scheduling. PREEMPT indicates whether or not a virtual preempt is pending for the VP. The IDLE\_FLAG is set whenever the TC has bound an "idle" process to the VP. Normally, a VP with the IDLE\_FLAG set will not be scheduled by the ITC as it has no useful work to perform. In fact, such a VP will only be scheduled if the PREEMPT flag is set. This scheduling will allow the VP to be given (bound) to another process. PHYSICAL PROCESSOR contains an entry from the Processor Data Seqment (PRDS) that identifies the physical processor that the VP is executing on. EXT\_VP\_ID is the identifier by which the VP is known by the Traffic Controller. A design choice was made to have the EXT\_VP\_ID equate to an offset into the External VP List. The External VP List specifies the actual VP ID (viz., VPT entry number) for each external VP identifier. This precluded the necessity for run time calculation of offsets for the EXT\_VP\_ID. NEXT\_READY\_VP provides the threading mechanism for the "Ready" linked list, and MSG\_LIST points to the first entry in the Message Table containing a message for that VP. The Message Table provides storage for the messages generated in the course of

- 40 -

Inter-Virtual Processor communications. MSG contains the actual communication being passed, while SENDER identifies the VP which initiated the communication. NEXT\_MSG provides a threading mechanism for multiple messages pending for a single VP.

The ITC is invoked by means of its extended instruction WAIT, SIGNAL, SWAP\_VDBE, IDLE, SET PREEMPT, and set: RUNNING\_VP. WAIT and SIGNAL are the primitives employed in implementing the Inter-VP communication. SWAP VDBR, IDLE, SET PREEMPT, and RUNNING\_VP are all invoked by the Traffic Controller. SWAP VDBR provides the means by which a user process is temporarily bound to a virtual processor. IDLE binds the "Idle" process to a VP (the implication of this instruction will be discussed later). SET\_PREEMPT provides the means of indicating that a virtual preempt interrupt is pending on a VP (specified by the TC) by setting the PREEMPT flag for that VP in the VPT. RUNNING\_VP provides the TC with the external VP ID of the virtual processor currently running on the physical processor.

# F. DISTRIBUTED MEMORY MANAGER

The Distributed Memory Manager provides an interface structure between the Segment Manager and the Memory Manager Process. This interfacing is necessitated by the fact that the Memory Manager Process does not reside in the Distributed Kernel and consequently is not included in the user pro-

- 41 -

cess' address space. The primary functions performed in this module are the establishment of Inter-VP Communication between the VP bound to its user process and the VP permanently bound to the Memory Manager Process, the manipulation of event data, and the dynamic allocation of available memory. The Distributed Memory Manager Module is invoked by the Manager through its extended instruction set: Seqment MM CREATE ENTRY. MM DELETE ENTRY, MM ACTIVATE, MM\_DEACTIVATE, MM\_SWAP\_IN, and MM\_SWAP\_OUT. These extended instructions are utilized on a one to one basis by the extended instruction set of the Segment Manager (e.g., SM\_SWAP\_IN utilizes (calls) MM\_SWAP\_IN). Wells [20] provides a more detailed description of this portion of the Distributed Memory Manager and the extended instruction set associated with it.

The Distributed Memory Manager is also invoked through its remaining extended instructions: MM\_READ\_EVENTCOUNT, MM\_TICKET, MM\_ADVANCE, and MM\_ALLOCATE. These Distributed Memory Manager functions are discussed in detail by Strickler [19].

- 42 -

#### Chapter VII

### NON-DISTRIBUTED KERNEL

The Non-Distributed Kernel is the second element residing in Level 1 of our abstract system view of the SASS. The sole component of the Non-Distributed Kernel is the Memory Manager Process.

### A. MENORY MANAGER PROCESS

The primary purpose of the Memory Manager Process is the management of all memory resources within the SASS. These include the local and global main memories, as well as the hard-disk based secondary storage. A dedicated Memory Manager Process exists for every CPU in the system. Each CPU possesses a local memory where process local segments and shared, non-writeable segments are stored. There is also a global memory, to which every CPU has access, where the shared, writeable segments are stored. It is necessary to store these shared, writeable segments in the global memory to ensure that a current copy exists for every access.

The Memory Manager Process is tasked by other processes within the Kernel domain (via Signal and Wait) to perform memory management functions. These basic functions include the allocation/deallocation of local and global memory and

- 43 -

of secondary storage, and the transfer of segments between the local and global memory and between secondary storage and the main memories. The extended instruction set provided by the Memory Manager Process includes: CREATE\_ENTRY, DELETE\_ENTRY, ACTIVATE, DEACTIVATE, SWAP\_IN, and SWAP\_OUT. These instructions correspond one to one with those of the Distributed Memory Manager Module. The system wide data bases utilized by all Memory Manager Processes are the Global Active Segment Table (G\_AST), the Alias Table, the Disk Bit Map, and the Global Memory Bit Map. The processor local databases used by each Memory Manager Process are the Local Active Segment Table (L\_AST), and the Local Memory Bit Map. Gary and Moore [5] provide a detailed description of the Memory Manager, its extended instruction set, and its databases.

A summary of the extended instruction set created by the components of the Security Kernel is provided by Figure 10. One might question the prudence of omitting PHYS\_PREEMPT\_HANDLER and VIRT\_PREEMPT\_HANDLER (viz., the handler routines for physical and virtual interrupts) from the extended instruction set as both of these interrupts may be raised (viz., initiated) from within the Kernel. A decision was made to not classify these handlers as "extended instructions" since they are only executed as the result of a physical or virtual interrupt and as such cannot be directly invoked (viz., "called") by any module in the system.

- 44 -

A summary of the databases utilized by Kernel modules is presented in Figure 11.

- 45 -

| MODULE                        | INSTRUCTION SET              |                 |  |  |
|-------------------------------|------------------------------|-----------------|--|--|
| Segment Manager               | Create_Segment* Delete_Segme |                 |  |  |
|                               | Make_Known*                  | Terminate*      |  |  |
|                               | SM_Swap_In*                  | SM_Swap_Out*    |  |  |
| Event Manager                 | Read*                        | Ticket*         |  |  |
|                               | Advance*                     | Await*          |  |  |
| Non-Discretionary<br>Security | Class_EQ                     | Class_GE        |  |  |
| Traffic Controller            | TC_Advance                   | TC_Await        |  |  |
|                               | Process_Class                |                 |  |  |
| Inner Traffic                 | Signal                       | Wait            |  |  |
| Controller                    | Swap_VDBR                    | Idle            |  |  |
|                               | Set_Preempt                  | Test_Preempt    |  |  |
|                               | Running_VP                   |                 |  |  |
| Distributed                   | MM_Create_Entry              | MM_Delete_Entry |  |  |
| Memory Manager                | MM_Activate                  | MM_Deactivate   |  |  |
|                               | MM_Swap_In                   | MM_Swap_Out     |  |  |
| Non-Distributed               | Create_Entry                 | Delete_Entry    |  |  |
| Memory Manager                | Activate                     | Deactivate      |  |  |
|                               | Swap_In                      | Swap_Out        |  |  |

\* Denotes user visible instructions

Figure 10: Extended Instruction Set

- 46 -

| MODULE                      | DATABASE                              |
|-----------------------------|---------------------------------------|
| Gate Keeper                 | Parameter Table                       |
| Segment Manager             | Known_Segment_Table (KST)             |
| Traffic Controller          | Active_Process_Table (APT)            |
| Inner Traffic<br>Controller | Virtual_Processor_Table (VPT)         |
| Concrotter                  | Memory_Management_Unit Image<br>(MMU) |
| Memory Manager              | Global_Active_Segment_Table (G_AST)   |
|                             | Local_Active_Segment_Table (L_AST)    |
|                             | Disk_Bit_Map                          |
|                             | Global_Memory_Bit_Map                 |
|                             | Local_Memory_Bit_Map                  |

Figure 11: Kernel Databases

- 47 -

#### Chapter VIII

### SYSTEM HARDWARE

Level 0 of the SASS consists of the system hardware. This hardware includes: 1) the CPU, 2) the local memory, 3) the secondary storage (viz. hard the global memory, 4) disk), and 5) the I/O ports connecting the Host computer systems to the SASS. Since the SASS design allows for a multiprocessor environment, there may exist multiple CPU's and local memories. The target machine selected for the initial implementation of the system is the Zilog Z8001 microprocessor [22]. The Z8001 is a general purpose 16-bit, register oriented machine that has sixteen 16-bit general purpose registers. It can directly address 8M bytes of memory, extensible to 48M bytes. The Z8001 architecture supports memory segmentation and two-domain operations. The memory segmentation capability is provided externally by the The Z8010 MMU Zilog Z8010 Memory Management Unit (MMU). [23] provides management of the Z8001 addressable memory, dynamic segment relocation, and memory protection. Memory segments are variable in size from 256 bytes to 64K bytes and are identified by a set of 64 Segment Descriptor Registers, which supply the information needed to map logical memory addresses to physcal memory addresses. Each of the 64

- 48 -

Descriptor Registers contains a 16-bit base address field, an 8-bit limit field, and an 8-bit attribute field. Unfortunately, the 28001 hardware was not available for use during system development. Therefore, all work to date has been completed through utilization of the Z8002 non-segmented version of the 28000 microprocessor family [22]. The actual hardware used in this implementation is the Advanced Micro Computers Am96/4116 MonoBoard Computer [1] containing the AmZ8002 sixteen bit non-segmented microprocessor. This computer provides 32K bytes of on-board RAM, 8k bytes of PROM/ROM space, two RS232 serial I/O ports, 24 parallel I/O lines, and a standard INTEL Multibus interface. The general structure of the design has been preserved by simulation of the segmentation hardware in software. This software MMU Image (see Figure 12) is created as a database within the Inner Traffic Controller.

The MMU Image is a processor-local database indexed by DBR\_NO. Each DBR\_NO represents one record within the MMU Image. Each record is an exact software copy of the Segment Descriptor Register set in the hardware MMU. Each element of this software MMU Image is in the same form utilized by the special I/O instructions to load the hardware MMU. Each DBR record is indexed by segment number (Segment\_NO). Each Segment\_NO entry is composed of three fields: Base\_Addr, Limit, and Attributes. Base\_Addr is a 16-bit field which contains the base address of the segment in physcal memory.

- 49 -



Figure 12: Memory Management Unit (MMU) Image

- 50 -

Limit is an 8-bit field that specifies the number of contiguous blocks of memory occupied by the segment. Attributes is an 8-bit field representing the eight flags which specify the segment's attributes (e.g., "read", "execute", "write", etc.).

- 51 -

# Chapter IX

# SUMMARY

An extended overview of the current SASS design has been presented. The four major levels of abstraction comprising the SASS system have been identified, and the major components of each level have been discussed. The extended instruction set provided by the SASS Kernel was also defined. The actual details of this implementation are described by Strickler [19].

- 52 -

### PART C

# THE DESIGN AND IMPLEMENTATION OF THE MEMORY MANAGER FOR A SECURE ARCHIVAL STORAGE SYSTEM

This section contains updated excerpts from a Naval Postgraduaduate School MS Thesis by E. E. Moore and A. V. Gary [5]. The origins of these excerpts are:

INTRODUCTION from Chapter I MEMORY MANAGER PROCESS DETAILED DESIGN from Chapter III STATUS OF RESEARCH from Chapter IV

Minor changes have been made for integration into this report.

#### Chapter X

### INTRODUCTION

This thesis addresses the design and partial implementation of a memory manager for a member of the family of secure, distributed, multi-microprocessor operating systems designed by Richardson and O'Connell [7]. The memory manager is responsible for the secure management of the main memory and secondary storage. The memory manager design was approached and conducted with distributed processing, multiprocessing, configuration independence, ease of change, and internal computer security as primary goals. The problems faced in the design were:

1) Developing a process which would securely manage files in a multi-processor environment.

2) Ensuring that if secondary storage was inadvertantly damaged, it could usually be recreated.

3) Minimizing secondary storage accesses.

4) Proper parameter passing during interprocess communication.

5) Developing a process with a loop-free structure which is configuration independent.

- 54 -

 Designing databases which optimize the memory management functions.

The proper design and implementation of a memory management process is vital because it serves as the interface between the physical storage of files in a storage system and the logical hierarchical file structure as viewed by the user (viz., the file system supervisor design by Parks [9]. If the memory manager process does not function properly, the security of that system cannot be guaranteed.

The secure family of operating systems designed by Richardson and O'Connell is composed of two primary modules, the supervisor and the security kernel. A subset of that system was utilized in the design of the Secure Archival Storage System (SASS). The design of the SASS supervisor was addressed by Parks [9], while the security kernel was addressed concurrently by Coleman [2]. The SASS security kernel design is composed of two parts, the distributed kernel and the non-distributed kernel. The design of the distributed kernel was conducted by Coleman [2], and processor management was implemented by Reitz [12]. This thesis presents the design and implementation of the non-distributed kernel. In the SASS design, the non-distributed kernel consists solely of the memory manager.

The design of the memory manager and its data bases was completed. The initial code was written in PLZ/SYS, but could not be compiled due to the lack of a PLZ/SYS compiler. A thread of the high level code was selected, hand compiled into PLZ/ASM, and run on the Z8000 developmental module.

- 56 -

#### Chapter XI

### MEMORY MANAGER PROCESS DETAILED DESIGN

### A. INTRODUCTION

The memory manager is responsible for the management of both main memory (local and global) and secondary storage. It is a non-distributed portion of the kernel with one memory manager process existing per physical processor. The memory manager is tasked (via signal and wait) to perform memory management functions on behalf of other processes in the system. The major tasks of the memory manager are : 1) the allocation and deallocation of secondary storage, 2) the allocation and deallocation of global and local memory, 3) segment transfer from local to global memory (and vice versa), and 4) segment transfer from secondary storage to main memory (and vice versa). There are ten service calls (via signal) which task the memory manager Process to perform these functions. The ten service calls are:

```
CREATE_ENTRY
DELETE_ENTRY
ACTIVATE
DEACTIVATE
SWAP_IN
SWAP_OUT
DEACTIVATE_ALL*
MOVE_TO_GLOBAL*
MOVE_TO_LOCAL*
UPDATE*
```

- 57 -

Upon completion of the service request, the memory manager returns The results of the operation to the waiting process (via signal). It then blocks itself until it is tasked to perform another service. The hardware configuration managed by the memory manager process is depicted in Figure 13. The shared data bases used by all memory manager processes are the Global Active Segment Table (G\_AST), the Alias Table, the Disk Bit Map, and the Global Memory Bit Map. The processor local data bases used by each process are the Local Active Segment Table (L\_AST), the Memory Management Unit Images and the Local Memory Bit Map.

- 58 -

<sup>\*</sup> In the current state these service calls are not implemented therefore, there are currently six service calls.



Figure 13: SASS H/W System Overview

## B. DESIGN PARAMETERS AND DECISIONS

Several factors were identified during the design of the memory manager process that refined the initial kernel design of Coleman [2]. The two areas that were modified, were the management of the MMU images and the management of core memory. Both of these functions were managed outside of the memory manager in the initial design. The inclusion of these functions in the memory manager process significantly improved the logical structure of the overall system design. Additional design parameters were established to facilitate the initial implementation. These design parameters need to be addressed before the detailed design of the memory manager process is presented.

It was decided to make the block/page size of both main memory and secondary storage equal in size. This was to simplify the mapping algorithm from secondary storage to main memory (and vice versa). In the initial design the block/ page size was set to 512 bytes.

The size of the page table for a segment was set at one page (non-paged page table). This was to simplify implementation, and had a direct bearing on the maximum segment size supported in the memory manager. For example, a page size of 256 bytes will address a maximum segment size of 32,768 bytes, while a page size of 512 bytes will address a segment size of 131,072 bytes.

- 60 -

The size of the alias table was set to one page (non-paged alias table). The number of entries that the alias table will support is limited by the size of the page table (viz., a page size of 512 bytes will support up to 42 entries in the Alias Table).

In the original design, the main memory allocation was external to the memory manager. This was due to the partitioned memory management scheme outlined by Parks [9] and Coleman [2]. In the current design, all address assignment and segment transfer are managed by the memory manager. This design choice enhanced the generality of the design, and provided support for any memory management scheme (either in the memory manager or at a higher level of abstraction). However, the current design still has a maximum core constraint for each process.

Dynamic memory management is not implemented in this design. Each process is allocated a fixed size of physical core. However, it is not a linear allocation of physical memory. The design supports the maximum sharing of segments in local and global memory. All segments that are not shared, or shared and do not viclate the readers/writers problem will reside in local memory to eliminate the global bus contention. The need to compact the memory (because of fragmentation) should be minimal in this design due to the maximum sharing of segments. If contiguous memory is not available, the memory manager will compact main memory. After compaction, the memory can be allocated.

- 61 -

The design decision to represent memory as one contiguous block (not partitioned) was made to support a dynamic memory management scheme. Without dynamic memory management, the process' total physical memory can not exceed the systems main memory. The supervisor knows the size of the segments and the size of the process' virtual core, therefore it can manage the swap in and swap out to ensure that the process' virtual core has not been exceeded.

In the original design, the user's process inner-traffic controller maintained the software images of the memory management unit. This design required the memory manager to return the appropriate memory management data (viz., segment location) to the kernel of the user's process. In the current design, the software images of the MMU are maintained by the memory manager. A descriptor base pointer is provided for the inner-traffic controller to multiplex the process address spaces. The MMU image data base does not need to be locked (to prevent race conditions) due to the fact that process interrupts are masked in the kernel. Thus, if the memory manager (a kernel process) is running then no other process can access the MMU image.

The system initialization process has not been addressed to date. However, this design has made some assumptions about the initial state of the system. Since the memory manager handles the transfer of segments from secondary storage to main memory, it is likely to be one of the first

- 62 -

processes created. The memory manager's core image will consist of its pure code and data sections. The minimal initialization of the memory manager's data bases are entries for the system root and the supervisor's segments in the G\_AST and L\_AST(s), and the initializaton of the MMU images with the kernel segments. The current design does not call for an entry in the G\_AST or L\_AST for the kernel segments. However, when system generation is designed this will have to be readdressed.

The original [2] memory manager databases have been refined by this thesis to facilitate the memory management functions. The major refinements of the global and local active segment tables are outlined in the following section.

### C. DATA BASES

# 1. Global Active Segment Table

The Global Active Segment Table (see Figure 14) is a system wide, shared data base used by memory manager processes to manage all active segments. A lock/unlock mechanism is utilized to prevent any race conditions from occurring. The signalling process locks the G\_AST before it signals the memory manager. This is done to prevent a deadly embrace from occurring between memory manager processes, and also to simplify synchronization between memory managers. The entire G\_AST is locked in this design to simplify the implementation (vice locking each individual entry).

- 63 -

Index\_# 
 Image: State of the state o | |-----| Bit | Bit | | #0 | #1 | | | 1 1 1 1 V I \* Field indicates a two processor environment / # Active | No. | | Page | Alias | Seq - |Inst - |Inst - | Inst - Inst - Inst - Inst - | Inst - Inst - | /In Memory | Active |Size|Table| Table|uencer|ance1|ance2| | Depend. | LOC | LOC | | | | / / // -i / / / / 

Figure 14: Global Active Segment Table

- 64 -

The G\_AST size is fixed at compile time. The size of the G\_AST is the product of the G\_AST record size, the maximum number of processes and the number of authorized known segments per process. Although the G\_AST is of fixed size, it is plausible to dynamically manage the entries as proposed by Richardson and O'Connell [7]. The current memory manager design could be extended to include this dynamic management.

The Unique\_Id field is a unique segment identification number in the G\_AST. This field is four bytes wide and will provide over four billion identification numbers. A design choice was made not to manage the reallocation of the unique\_id's. Thus when a segment is deleted from the system, the unique\_id is not reused.

The Global\_Address field is used to indicate if a segment resides in global or local memory. If not null, it contains the global memory base address of a segment. A null entry indicates that the segment might be in local memory(s).

The Processors\_L\_ASTE\_# field is used as a connected processors list. The field is an array structure, indexed by Processor\_Id. It identifies which L\_AST the segment is active in, and provides the index into each of these tables. The design choice of maintaining an entry in the L\_AST for all locally active segments implies that if all entries in the Processors\_L\_ASTE\_# field are null, the segment is not

- 65 -

active and can be removed from the G\_AST (viz., no processors are connected).

The Flag\_Bits field consists of the written bit, and the writable bit. The written bit is set when a segment is swapped out of memory, and the MMU image indicates that it has been written into. The writable bit is set during segment loading to indicate that some process has write access to that segment.

If an active segment is a leaf, the G\_ASTE\_\*\_Parent field provides a back pointer to the G\_AST index of its parent. This back pointer to the parent is important during the creation of a segment. If a request is received to create a segment which has a leaf segment as its parent, then an alias table has to be created for that parent. Also, the alias table of the parent's parent needs to be updated to reflect the existence of the newly created alias table (see Figure 15). The indirect pointer shown is the back pointer to the parent via the G\_AST.

The No\_Active\_In\_Memory field is a count of the number of processes that have the segment in global memory. It is used during swap out to determine if the segment can be removed from global memory.

The No\_Active\_Dependents field is a count of the number of active leaf segments that are dependent on this entry (viz., require that this segment remain in the G\_AST). Each time a process activates or deactivates a dependent segment this field is incremented or decremented.

- 66 -



Figure 15: Alias Table Creation

- 67 -

The Size field is the size of the segment in bytes. The Page\_Table\_location field is the disk location of the page table for a segment, and the Alias\_Table\_Location field is the disk location of the alias table for the segment. The Alias\_Table field can be null to indicate that no alias table exists for the segment.

The last three fields are used in the management of eventcounts and sequencers [12]. The Sequencer field is used to issue a service number for a segment. The Instance\_1 field and Instance\_2 field are eventcounts (i.e., are used to indicate the next number of occurances of some event).

## 2. Local Active Segment Table

The Local Active Sequent Table (see Figure 16) is a processor local data base. The L\_AST contains the characteristics (viz., segment number, access) of each locally active segment. An entry exists for each segment that is active in a process "loaded" on this CPU and in local memory. The first field of the L\_AST contains the memory address of the segment. If the segment is not in memory, this field is used to indicate whether the L\_AST entry is available or ac-The Segment\_No/Access field is a combination of segtive. ment number and authorized access. It is an array of records data structure that is indexed by DBR #. The first record element (viz., most significant bit) is used to indicate the access (read or read/write) permitted to that segment. The

- 68 -

second record element (viz., the next seven bits) is used to indicate the segment number. A null segment number indicates that the process does not have the segment active.

Index\_#

|   | Memory | Segment_#/Access_Auth |       |       |       |       |       |
|---|--------|-----------------------|-------|-------|-------|-------|-------|
| 1 | Addr   | DBR_0                 | DBR_1 | DBR_2 | DBR_3 | DBR_4 | DBR_5 |
|   |        |                       |       |       |       |       |       |
| V |        |                       |       |       |       |       |       |
|   |        |                       |       |       |       |       |       |
|   |        |                       |       |       |       |       |       |
|   |        |                       |       |       |       |       |       |

Figure 16: Local Active Segment Table

# 3. Alias Table

The alias table (see Figure 17) is a memory manager data base which is associated with each non leaf segment in the kernel. An aliasing scheme is used to prevent passing systemwide information (unique\_id.) out of the kernel. Segments can only be created through a mentor segment and entry

- 69 -

number into the mentor's alias table. When a segment is created, an entry must be made in its mentor segment's alias table. Thus the mentor segment must be known before that segment can be created.

| Entry_#         |               |                                                     |
|-----------------|---------------|-----------------------------------------------------|
| Unique_ID   Siz | e   Class<br> | Page Table   Alias Table  <br>  Location   Location |
|                 |               |                                                     |
|                 | 6<br>1        |                                                     |
|                 |               |                                                     |
|                 |               |                                                     |

#### Figure 17: Alias Table

The alias table consists of a header and an array structure of entries. The header has two "pointers" (viz., disk addresses), one that links the alias table to its associated segment and one that links the alias table to the mentor segment's alias table. The header is provided to support the re-construction of the file system after a system crash due

- 70 -

to device I/O errors. It is not used at all during normal operations. Each entry in the array structure consists of five fields for identifying the created segments. The Unique\_Id field contains the unique identification number for the segment. The Size field is used to record the size of the segment. The Class field contains the appropriate security access class of the segment. The Page\_Table\_Location field has the disk address of the page table. A null entry indicates a zero-length segment. The Alias\_Table\_Location field has the disk address of the alias table for the segment. A null entry indicates that the segment is a leaf segment.

# 4. Memory Management Unit Image

The Memory Management Unit Image (MNU\_Image) is a processor local data base. It is an array structure that is indexed by the DBR\_#. Each MMU\_Image (see Figure 18) includes a software representation of the segment descriptor registers (SDR) for the hardware MMU [23]. This is in exactly the format used by the special I/O instructions for loading/ unloading the MMU hardware. The SDR contains the Base\_Address, Limit and Attribute fields for each loaded segment in the process' address space. The Base\_Address field contains the base address of the segments in memory (local or global). The Limit field is the number of blocks of contiguous storage for each segment (zero indicates one

- 71 -

block). The Attribute field contains eight flags. Five flags are used for protecting the segment against certain types of access, two encode the type of accesses made to the segment (read/write), and one indicates the special structure of the segment [23]. Five of the eight flags in the attribute field are used by the memory manager. The "syster only" and "execute only" flags are used to protect the code of the kernel from malicious or unintentional modifications. The "read only" flag is used to control the read or write access to a segment. The "change" flag is used to indicate that the segment has been written into, and the "CPU-inhibit" flag is used to indicate that the segment is not in memory.

The last two fields of the MMU\_Image are the Block\_Used field and the Maximum\_Available\_Blocks field. These two fields are used in the mangement of each process' virtual core and are not associated with the hardware MMU.

- 72 -

| Blocks Used | | Max Avail Blocks |----| Segment | Base\_Addr | Limit| Attributes | No. \_1\_ 1 1 1 1 1 1 --------1 one record / DBR\_#

DBR #---->

Figure 18: Memory Management Unit Image

- 73 -

#### 5. Memory Allocation/Deallocation Bit Maps

All of the memory allocation/deallocation bit maps (see Figure 19) are basically the same structure. Secondary storage, global memory and local memory are managed by memory The Disk\_Bit\_Map is a global resource that is bit maps. protected from race conditions via the locking convention for the G\_AST. Each bit in the bit map is associated with a block of secondary storage. A zero indicates a free block of storage while a one indicates an allocated block of storage. The Global\_Memory\_Bit\_Map is used to manage global memory. It is a shared resource that is protected from race conditions by the locking of the G\_AST. The Local\_Memory\_Bit\_Map is the same structure as the Global\_Memory\_Bit\_Map and is used to manage local memory. The Local\_Memory\_Bit\_Map is not locked since it is not a shared resource between memory managers.

- 74 -

Memory Bit Map

2 2 2 2 2 2 2 2 2 2 2 Page 012345678911111....444555555 0 1 2 3 4 7 8 9 0 1 2 3 4 5 L ł. 1 1 1 1 L 1 1 1 1 1 L 1 I 1 L 1 L L L l L 1 1 L L 1 1 L 1 L 1 I l L L L l 1 ł. L 1 L I. I. l I 1 L 1 I. I I I. L L L L I t t I. L L I. 1 L 1 1 L 1 1 ł L L 1 1 L I 1 1 1 1 L 1 L l 1 L L 1 L 1 1 1 L I. l L L L L 1 1 ł 1 1 1 1 1 L 1 I 1 L 1 1

Figure 19: Memory Allocation/Deallocation Map

#### D. BASIC FUNCTIONS

The detailed source code for the basic functions and main line of the memory manager is presented in Appendix J.

In the discussion of the memory manager design, a pseudo-code similar to PLZ/SYS is utilized. The rationale for using this pseudo-code was to provide a summary of the memory manager source code, and to facilitate the presentation of this design.

It is assumed that the memory manager is initialized into the ready state at system generation (as previously mentioned). When the memory manager is initially placed into the running state, it will block itself (via a call to

- 75 -

the kernel primitive Wait). Wait will return a message from a signalling process. This message is interpreted by the memory manager to determine the requested function and its required arguments. The function code is used to enter a case statement, which directs the request to the appropriate memory manager procedure.

When the requested action is completed, the memory manager returns a success code (and any additional required data) to the signalling process via a call to the kernel primitive Signal. This call will awaken the process which requested the action to be taken, and place the returned message into that process' message queue. When that action is completed, the memory manager will return to the top of the loop structure and block itself to wait for the the next request. The main line pseudo-code of the memory manager process is displayed in Figure 20.

- 76 -

#### ENTRY

INITIALIZE PROCESSOR LOCAL VARIABLES DO CHECK\_IF\_MSG\_QUEUE\_EMPTY 1 VP\_ID, MSG := WAIT FUNCTION, ARGUMENTS := VALIDATE MSG (MSG) IF FUNCTION CASE CREATE\_ENTRY THEN SUCCESS CODE := CREATE ENTRY (ARGUMENTS) CASE DELETE ENTRY THEN SUCCESS CODE := DELETE\_ENTRY (ARGUMENTS) ACTIVATE THEN CASE SUCCESS CODE := ACTIVATE (ARGUMENTS) CASE DEACTIVATE THEN SUCCESS\_CODE := DEACTIVATE (ARGUMENTS) CASE SWAP\_IN THEN SUCCESS\_CODE := SWAP\_IN (ARGUMENTS) SWAP\_OUT THEN CASE SUCCESS CODE := SWAP OUT (ARGUMENTS) CASE DEACTIVATE\_ALL THEN SUCCESS\_CODE := DEACTIVATE\_ALL (ARGUMENTS) MOVE\_TO\_GLOBAL THEN CASE SUCCESS CODE := MOVE TO GLOBAL (ARGUMENTS) CASE MOVE\_TO\_LOCAL THEN SUCCESS\_CODE := MOVE\_TO\_LOCAL (ARGUMENTS) CASE UPDATE THEN SUCCESS CODE := UPDATE (ARGUMENTS) FI SIGNAL (VP\_ID, SUCCESS\_CODE, ARGUMENTS) 0 D END MEMORY\_MANAGER\_PLZ/SYS MODULE

Figure 20: Memory Manager Mainline Code

- 77 -

# 1. Create an Alias Table Entry

Create\_Entry is invoked when a user desires to create a segment. A segment is created by allocating secondary storage, and by making an entry (unique\_id, secondary storage location, size, classification) into it's mentor segment's alias table. This implies that the mentor segment must have an alias table associated with it, and that the mentor segment must be active in order to obtain the secondary storage location of the alias table.

The mentor segment can be in one of two states. It may have children (viz., have an alias table), or it may be a leaf segment (viz., not have an alias table). If the mentor segment has children, it has an alias table and this alias table can be read into core, secondary storage can be allocated, and the data can be entered into the alias table. If the mentor segment is a leaf, an alias table must be created for that segment before it (the alias table) can be read into core and data entered into it (see Figure 15).

The pseudo-code for CREATE\_ENTRY PROCEDURE is presented in Figure 21. The arguments passed to Create\_Entry are the index into the G\_AST for the mentor segment, the entry number into its alias table, the size of the segment to be created, and the security access class of that segment. The return parameter is a success code, which would be "seg\_created" for a successful segment creation.

- 78 -

CREATE\_ENTRY PROCEDURE (PAR\_INDEX WORD, ENTRY # WORD, SIZE WORD, CLASS BYTE) RETURNS (SUCCESS CODE BYTE) LOCAL BLKS WORD, PAGE\_TABLE\_LOC WORD ENTRY TF ALIAS\_TABLE\_DOES\_NOT\_EXIST THEN SUCCESS CODE := CREATE ALIAS TABLE IF SUCCESS CODE <> VALID THEN RETURN FI FI BLKS := CALCULATE\_NO\_BLKS\_REQ (SIZE) SUCCESS\_CODE := READ\_ALIAS\_TABLE ( G\_AST[ PAR\_INDEX ]. ALIAS\_TABLE\_LOC) SUCCESS\_CODE <> VALID THEN RETURN IF FI SUCCESS\_CODE := CHECK\_DUP\_ENTRY ! in alias table ! IF SUCCESS CODE <> VALID THEN RETURN FI SUCCESS\_CODE, PAGE\_TABLE\_LOC := ALLOC\_SEC\_STORAGE (BLKS) IF SUCCESS CODE <> VALID THEN RETURN FI UPDATE\_ALIAS\_TABLE(ENTRY\_#, SIZE, CLASS, PAGE\_TABLE\_LOC) SUCCESS\_CODE := WRITE\_ALIAS\_TABLE ( G\_AST[ PAR\_INDEX ]. ALIAS\_TABLE\_LOC) IF SUCCESS\_CODE <> VALID THEN RETURN ELSE SUCCESS\_CODE := SEG\_CREATED FI

END CREATE\_ENTRY

Figure 21: Create Entry Pseudo-code

- 79 -

When invoked, Create\_Entry will determine which state the mentor segment is in (viz., if it has an alias table). If an alias table does not exist for the mentor segment, one is created and the alias table of the mentor segment's parent is updated. The alias table is read into core and a duplicate entry check is made. If no duplicate entry exists, the segment size is converted from bytes to blocks, and the secondary storage is allocated for non-zero sized segments. The appropriate data is entered into the alias table and the alias table is then written back to secondary storage.

## 2. <u>Delete an Alias Table Entry</u>

Delete\_Entry is invoked when a user desires to delete a segment. A segment is deleted by deallocating secondary storage, and by removing the appropriate entry from the alias table of its mentor segment (the reverse logic of Create\_Entry). This implies that the mentor segment must be active at the time of deletion. There are three conditions that can be encountered during the deletion of a segment: the segment to be deleted may be an inactive leaf segment, an active leaf segment, or a mentor segment.

If the segment to be deleted is an inactive leaf segment (viz., has been swapped out of core, and does not have an entry in the G\_AST), the secondary storage can be deallocated and the entry deleted from the mentor segment's alias table. If the segment is an active leaf segment, the segment must first be swapped out of core and deactivated before it can be deleted. This entails signalling the memory manager of each processor, in which the segment is active, to swap out and deactivate the segment.

If the segment to be deleted is a mentor segment, an alias table exists for that segment . If the alias table is empty, the secondary storage for the alias table and the segment can be deallocated, and the entry for the deleted segment can be removed from its mentor's alias table. If the alias table contains any entries, the segment cannot be deleted because these entries would be lost. If this condition is encountered a success code of "leaf\_segment\_exists" is returned to the process which requested to delete the entry. Due to a confinement problem in "upgraded" segments, this Success\_code cannot always be passed outside of the kernel. This implies that the segment manager must strictly prohibit deletion of a segment with an access class not equal to that of the process.

The pseudo-code for DELETE\_ENTRY\_PROCEDURE is presented in Figure 22. The parameters that are passed to this procedure are the parent's index into the G\_AST and the entry number into the parent's alias table of the segment to be deleted. The alias\_table\_loc field is checked to determine the state of the mentor segment (either a leaf or a node), and the appropriate action is then taken. A success code is returned to indicate the results of this procedure.

- 81 -

DELETE\_ENTRY PROCEDURE ( PAR\_INDEX WORD, ENTRY\_# WORD ) RETURNS (SUCCESS\_CODE BYTE) LOCAL PAR\_INDEX WORD ENTRY ! Check if the passed mentor segment has an alias table. ! IF G\_AST[ PAR\_INDEX ]. ALIAS\_TABLE\_LOC <> NULL SUCCESS\_CODE := READ\_ALIAS\_TABLE ( G\_AST[ PAR\_INDEX].ALIAS\_TABLE\_LOC) ELSE SUCCESS\_CODE := NO\_CHILD\_TO\_DELETE FI IF SUCCESS CODE <> VALID THEN RETURN FI ! Determine if segment has children in alias table ! IF ALIAS\_TABLE\_NOT\_EMPTY THEN SUCCESS\_CODE := LEAF\_SEGMENT\_EXISTS RETURN ! Deletion will delete children ! ELSE ! Search G\_AST with UNIQUE\_ID to verify segment inactive ! ACTIVE\_IN\_G\_AST THEN IF ! Check if active in AST ! ACTIVE IN\_L\_AST THEN IF DEACTIVATE\_ALL (G\_AST\_INDEX, L\_AST\_INDEX) PI ! Check G\_AST to verify segment inactive in other L AST's ! ACTIVE\_IN\_OTHER\_L\_AST THEN IF SIGNAL\_TO\_DEACTIVATE\_ALL (G\_AST\_INDEX) FI FI FREE\_SEC\_STORAGE\_OF\_SEG\_&\_ALIAS\_IF\_EXISTS DELETE\_ALIAS\_TABLE\_ENTRY FI DELETE\_ALIAS\_TABLE\_ENTRY SUCCESS\_CODE := WRITE\_ALIAS\_TABLE ( G\_AST[ PAR\_INDEX ].ALIAS TABLE LOC) SUCCESS CODE = VALID IF THEN SUCCESS\_CODE := SEG\_DELETED FI END DELETE\_ENTRY

Figure 22: Delete Entry Pseudo-code

- 82 -

## 3. Activate a Segment

Activate is invoked when a user desires to make a segment known by adding a segment to his address space. A segment is activated by making an entry into the L\_AST for that processor, and the G\_AST. The activated segment could be in one of three states; it could have previously been activated by another process and have a current entry in both the G\_AST and L\_AST, it could have previously been activated by another process on a different processor and have an entry in the G\_AST but not the L\_AST, or it could be inactive and have an entry in neither the G\_AST nor the L\_AST.

If the segment to be activated already has entries in both the L\_AST and G\_AST, these entries need only be updated to indicate that another process has activated the segment. The segment number is entered into the Segment\_No/Access\_Auth field of the L\_AST, and if the segment is a leaf, its mentor's No\_Active\_Dependents field in the G\_AST is incremented. In this design, the G\_AST is always searched to determine if the segment has been previously activated by another process.

If the segment to be activated has an entry in the G\_AST but not the L\_AST, an entry must be made in the L\_AST and the G\_AST must be updated. The L\_AST is searched to determine an available index. The segment number is entered into the L\_AST, and the index number is entered into the G\_AST

- 83 -

Processors\_L\_ASTE\_# field. If the segment to be activated is a leaf segment, its mentor's No\_Active\_Dependents field in the G\_AST is incremented.

If the activated segment does not have an entry in either the G\_AST or L\_AST, an entry must be made in both. The G\_AST is searched to find an available index, and the entry is made. The L\_AST is then searched to find an available index, and the entry is made. The L\_AST index is then entered into the G\_AST Processors\_L\_ASTE\_# field. If the activated segment is a leaf, the No\_Active\_Dependents field of its mentor's G\_AST entry is incremented.

The pseudo-code for ACTIVATE PROCEDURE is presented in Figure 23. The parameters that are passed are the DBR\_# of the signalling process, the mentor segment's index into the G\_AST, the alias table entry number, and the segment number of the activated segment. The mentor segment is always checked to determine if it has an associated alias table. If it does not, the success code of "alias\_does\_not\_exist" is returned. If the alias table does exist, it is read into core and the entry number is used as an index to obtain the activated segment's unique id. The GAST is then searched to determine if the segment has already been activated. Tf the unique\_id is found, the G\_AST is updated and the L\_AST is either updated or an entry is made (depending on whether an entry existed or not). If the unique\_id of the segment was not found during the search of the G\_AST, an entry must be made in both the G\_AST and L\_AST. Activate returns the activated segment's classification, size, and handle to the signalling process.

- 85 -

}

PROCEDURE (DBR\_# BYTE, PAR\_INDEX WORD, ACTIVATE ENTRY # WORD, SEGMENT\_NO BYTE) RETURNS (SUCCESS\_CODE BYTE, RET\_G\_AST\_HANDLE HANDLE, CLASS BYTE, SIZE WORD) WORD, L INDEX LOCAL G INDEX WORD ENTRY ! Verify that passed segment is a mentor segment ! IF G\_AST[PAR\_INDEX].ALIAS\_TABLE\_LOC <> 0 THEN SUCCESS\_CODE := READ\_ALIAS\_TABLE ( G AST[PAR\_INDEX].ALIAS\_TABLE\_LOC) ELSE SUCCESS CODE := ALIAS DOES NOT EXIST FI IF SUCCESS\_CODE <> VALID THEN RETURN FI ! Check G\_AST to determine if active ! SUCCESS\_CODE, INDEX := SEARCH\_G\_AST (UNIQUE\_ID) IF SUCCESS CODE = FOUND THEN SEGMENT\_IN\_L\_AST THEN IF UPDATE L AST (SEGMENT NO) ELSE MAKE\_L\_AST\_ENTRY (DBR\_#, SEGMENT\_NO) UPDATE\_G\_AST (L\_INDEX) IF G\_AST[INDEX].ALIAS\_TABLE\_LOC = NULL THEN G\_AST[PAR INDEX].NO DEPENDENTS ACTIVE += 1 FI FI ELSE MAKE\_G\_AST\_ENTRY (ENTRY\_#) MAKE\_L\_AST\_ENTRY (PAR\_INDEX, ENTRY #) FI SUCCESS\_CODE := SEG ACTIVATED END ACTIVATE

Figure 23: Activate Pseudo-code

- 86 -

### 4. Deactivate a Segment

Deactivate is invoked when a user desires to remove a segment from his address space. To deactivate a segment, the memory manager either removes or updates an entry in both the L\_AST and G\_AST. Deactivate uses the reverse logic of activate. Once a segment is deactivated, it can only be reactivated via its mentor's alias table as discussed in activate. If a process requests to deactivate a segment which has not been swapped out of the process' virtual core, the memory manager swaps the segment out and updates the MMU image before the segment is deactivated. The segment to be deactivated could be in one of three states; more than one process could concurrently hold the segment active in the L\_AST, the segment could be held active by one process in the L\_AST and more than one in the G\_AST, the segment could be held active by only one process in both the L\_AST and the G AST.

Deactivation of leaf segments and mentor segments are handled differently. If the segment is a mentor segment and has active dependents, it cannot be removed from the G\_AST (even though no process currently has that segment active). This is based on the design decision which requires that the mentor of all active leaf segments remain in the G\_AST to allow access to its alias table. The mentor's alias table must be accessible when an alias table is created for a de-

- 87 -

pendent leaf segment. If a leaf segment is deactivated, the No\_Active\_Dependents field of its mentor's G\_AST entry is decremented. A mentor segment can only be removed from the G\_AST if no process holds it active, and it has no active dependents.

If more than one process concurrently hold a segment active in the L\_AST, and one of them signals to deactivate that segment, the entry in the L\_AST is updated. This is accomplished by nulling out the Segment\_No/Access\_Auth field of the L\_AST for the appropriate process. If required, the No\_Active\_Dependents field of its mentor segment's G\_AST entry is decremented.

only one process holds the segment active in the If L\_AST, and that Process signals to deactivate the segment, the L\_AST entry for that segment is removed. The Processors\_L\_ASTE\_# is updated and checked to determine if there are other connected processors. If there are no other connected processors and the segment has no active dependents, the segment is removed from the G\_AST. If there are other connected processors, the G\_AST is updated. If the deactivated segment is a leaf, the mentor segment's No\_Active\_Dependents field in the G\_AST is decremented.

The pseudo-code for DEACTIVATE PROCEDURE is presented in Figure 24. The parameters that are passed to the memory manager are the DBR\_# of the signalling process, and the index into the G\_AST for the segment to be deactivated. The

- 88 -

procedure first updates the L\_AST, and then removes the entry if no local process holds the segment active. The G\_AST is then updated, and its mentor segment is checked (if the deactivated segment was a leaf), to determine if it can be removed. If no processes currently hold the segment active, and it has no active dependents, the segment is removed from the G\_AST.

- 89 -

```
DEACTIVATE PROCEDURE (DBR_# BYTE, PAR_INDEX WORD)
    RETURNS (SUCCESS_CODE BYTE)
    LOCAL
           INDEX
                   WORD
    ENTRY
  ! Check if segment is in core !
    IF G_AST[INDEX]. NO_ACTIVE_IN_MEMORY <> 0 THEN
       ! Check MMU image to determine if in local memory !
        IF
            IN_LOCAL_MEMORY THEN
            SUCCESS CODE := OUT (DBR_#, INDEX)
        FI
    FI
  ! Remove process segment_no entry in L_AST !
    L_AST[L_INDEX].SEGMENT_NO/ACCESS_AUTH[DBR_#] = 0
    CHECK_IF_ACTIVE_IN_L_AST (L_AST_INDEX)
        NOT_ACTIVE_IN_L_AST THEN
    IF
        L AST[L INDEX]. MEMORY ADDR := AVAILABLE
    FT
  ! Check if deleted segment was a leaf !
    IF G_AST[INDEX].G ASTE # PAR <> 0 THEN
        G_AST[PAR_INDEX].NO_DEPENDENTS_ACTIVE -= 1
  ! Determine if parent can be removed !
        CHECK_FOR_REMOVAL (PAR_INDEX)
    FI
  ! Determine if deactivated segment can be removed !
    CHECK_FOR_REMOVAL (INDEX)
    SUCCESS CODE := SEG DEACTIVATED
END DEACTIVATE
```

Figure 24: Deactivate Pseudo-code

- 90 -

## 5. Swap a Segment In

SWAP\_IN is invoked when a user desires to swap a segment into main memory (global or local) from secondary storage. A segment is swapped into main memory by obtaining the secondary storage location of its page table from the G\_AST, allocating the required amount of main memory, and reading the segment into the allocated main memory. The segment must be active before it can be swapped into core, and the required main memory space must be available. Three conditions can be encountered during the invocation of SWAP\_IN. The segment can already be located in global memory, the segment can already be located in one or more local memories, or the segment may only reside in secondary storage.

If the segment is not in local or global memory, local memory is allocated, the segment is read into the allocated memory, and the appropriate entries are made in the MMU image, the L\_AST and the G\_AST. If the segment is already in global memory, it can be assumed that the segment is shared and writable. In this case the only required actions are to update the G\_AST and L\_AST. The No\_Active\_In\_Memory field of the G\_AST entry is incremented, and the MMU image is updated to reflect the swapped in segment's core address and attributes.

If the segment already resides in one or more local memories, it must be determined if the segment is "shared" and

```
- 91 -
```

"writable". A segment is "shared" if it exists in more than one local memory. A segment is "writable" if one process has write access to that segment. If the segment is not shared or not writable and in local memory, the appropriate entries are updated in the MMU image, the L\_AST, and the G\_AST. If the segment does not reside in local memory, the required amount of local memory is allocated, the segment is read into the allocated memory, and the appropriate entries are made in the MMU image, the L\_AST, and the G\_AST.

If the segment is shared, writable, and in local memory, the segment must be moved to global memory. If the segment is not in the memory manager's local memory, it signals another memory manager to move the segment to global memory. After the segment is moved to global memory, the memory manager signals all of the connected memory manager's to update their L\_AST and MMU data bases. When all local data bases are current, the memory manager updates the G\_AST and returns a success code of seg\_activated.

The pseudo-code for SWAP\_IN PROCEDURE is presented in Figure 25. The arguments passed to SWAP\_IN are the G\_AST\_INDEX of the segment to be moved in, the process' DBR\_#, and the access authorized. SWAP\_IN will convert the segment size from bytes to blocks, and verify that the process' core will not be exceeded. If the virtual core will be exceeded, a success code of "core\_space\_exceeded" will be returned. If write access is permitted, the writable bit is

- 92 -

set. Checks are then performed to determine the segment's storage location (local or global), and the appropriate action is taken.

- 93 -

```
PROCEDURE (INDEX
                           WORD, DBR_#
                                          BYTE,
SWAP IN
                 ACCESS_AUTH
                             BYTE)
    RETURNS (SUCCESS CODE
                           BYTE)
    LOCAL
          L_INDEX
                    WORD,
                            BLKS
                                   WORD
    ENTRY
    BLKS := CALCULATE_NO._OF_BLKS (G_AST[INDEX].SIZE)
    SUCCESS_CODE := CHECK_MAX_LINEAR_CORE (BLKS)
        SUCCESS CODE = VIRTUAL_LINEAR_CORE_FULL
    IF
                                                    THEN
        RETURN
    FI
    G_AST[INDEX].NO_SEGMENTS_IN_MEMORY += 1
    IF
         ACCESS AUTH = WRITE
                                THEN
        G_AST[INDEX].FLAG_BITS := WRITABLE_BIT_SET
    FI
  ! Determine if segment can be put in local memory !
    IF G_AST[INDEX].FLAG_BITS AND WRITABLE_MASK = 0
    ORIF G_AST[INDEX].NO_ACTIVE_IN_MEMORY <= 1 THEN
      ! Determine if already in local memory !
        CHECK_LOCAL_MEMORY (L_AST_INDEX)
            NOT_IN_LOCAL_MEMORY
        IF
                                   THEN
            ALLOCATE_LOCAL_MEMORY
                                     (BLKS)
            READ_SEGMENT (PAGE_TABLE_LOC, BASE_ADDR)
L_AST[L_INDEX] := BASE_ADDR
        FI
    ELSE
            NOT_IN_GLOBAL MEMORY
        IF
                                   THEN
            UPDATE_MMU
            UPDATE_L_AST
            RETURN
        ELSE
            ALLOCATE_GLOBAL_MEMORY (BLKS)
            IF IN_LOCAL MEMORY
                                  THEN
              MOVE_TO_GLOBAL (L_INDEX, BASE_ADDR, SIZE)
            ELSE
              SIGNAL_OTHER_MEMORY_MANAGERS (IN DEX, BASE_ADDR)
            FΙ
        FI
    FI
    UPDATE_MMU_IMAGE (DBR_#,SEG_#,BASE_ADDR,ACCESS,BLKS)
    UPDATE_L_AST_ACCESS (L_INDEX, ACCESS, DBR #)
    SUCCESS_CODE := SWAPPED IN
END
       SWAP IN
```

Figure 25: Swap\_In Pseudo-code

- 94 -

## 6. Swap a Segment Out

SWAP\_OUT is invoked when a user desires to move a segment out of core. A segment is swapped out of core by obtaining its secondary storage location, writing the segment to that location (if required), and deallocating the main memory used. The decision to write the segment is determined by the G\_AST written bit. This bit is set whenever the segment has been modified. The segment to be swapped out can be in one of two states: the segment can be in local memory, or the segment can be in global memory.

If one process has the segment in local memory and the written bit is set, the segment is written into secondary storage and the local memory is deallocated. If the written bit is not set, the local memory need only be deallocated. If more than one process has the segment in the same local memory, the segment remains in core. The appropriate MMU image is updated to reflect the segments deletion and the G\_AST No\_Active\_In\_Memory field is decremented.

All segments in global memory are shared and writable. If a process requests the segment to be swapped out, the segment remains in memory. The MMU image is updated to reflect the segment's deletion, and the G\_AST No\_Active\_In\_Memory field is decremented. If the No\_Active\_In\_Memory indicates that one process has the segment in core, its memory manager is signalled to move the segment to local memory.

- 95 -

The pseudo-code for SWAP OUT PROCEDURE is presented in Figure 26. The arguments passed to SWAP\_OUT are the DBR\_# of the signalling process, and the G\_AST\_INDEX of the segment to be removed. The return parameter is a success code. SWAP\_OUT removes the segment from the process's virtual core, deletes the segment from its MMU image, and decrements the No\_Active\_In\_Memory field. If the segment can be removed from memory, it is determined which memory can be deallocated. If the segment has been modified, it is written back to secondary storage and the appropriate memory deallocated. If the sequent has not been modified, the appropriate memory is deallocated. If after the deletion one process has the segment in global memory, its memory manager need only be signalled to move the segment to local memory. When SWAP\_OUT successfully completes, it returns a success code of "swapped out".

- 96 -

SWAP\_OUT PROCEDURE (DBR\_# BYTE, INDEX WORD) RETURNS (SUCCESS CODE BYTE) ENTRY BLKS := G\_AST[INDEX].SIZE / BLK SIZE FREE\_PROCESS\_LINEAR\_CORE (BLKS) DELETE\_MMU\_ENTRY (DBR\_#, SEG #) G AST[INDEX].NO SEGMENTS IN MEMORY -= 1 ! Determine if segment has been written into ! IF MMU\_IMAGE(DBR\_#].SDR{SEG\_#].ATTRIBUTES=WRITTEN THEN ! If segment has been written into, update G\_AST ! G\_AST[INDEX].FLAG\_BITS := WRITTEN FI ! Determine if segment is in global memory ! IF G AST[ INDEX ]. GLOBAL ADDR <> NULL THEN IF G\_AST[INDEX].NO\_SEGMENTS\_IN\_MEMORY = 0 ANDIF G\_AST[INDEX].FLAG\_BITS = WRITTEN THEN WRITE SEG (PAGE TABLE LOC, MEMORY ADDR) FREE\_LOCAL\_BIT\_MAP (MEMORY\_ADDR, BLKS) ELSE IF G AST[INDEX].NO ACTIVE IN MEMORY = 0 THEN FREE\_LOCAL\_BIT\_MAP (MEMORY\_ADDR, BLKS) FI FI ELSE ! If not in global memory ! IF G\_AST[INDEX].NO\_ACTIVE\_IN\_MEMORY = 0 ANDIF G\_AST[INDEX].FLAG\_BITS = WRITTEN THEN WRITE SEG (PAGE TABLE LOC, GLOBAL ADDR) FREE GLOBAL\_BIT\_MAP (GLOBAL\_ADDR, BLKS) ELSE IF G\_AST(INDEX].NO\_ACTIVE\_IN\_MEMORY = 0 THEN FREE GLOBAL BIT MAP (GLOBAL ADDR, BLKS) FI FI FI SUCCESS CODE := SWAPPED\_OUT END SWAP\_OUT

Figure 26: Swap\_Out Pseudo-code

- 97 -

## 7. Deactivate All Segments

DEACTIVATE\_ALL is invoked when it becomes necessary to remove a segment from every process' address space. Each process is checked to determine if the segment is active. If a process has the segment active, it is deactivated from its address space. The pseudo code for Deactivate\_all is illustrated in Figure 27. The parameters passed to Deactivate\_all are the deactivated segment's G\_AST index and the L\_AST index. The L\_AST is searched by DBR\_# to determine which process has the segment active. If the check reveals that the segment is active, it is deactivated by calling Deactivate. If the segment was successfully deactivated from all processes, a success\_code of valid is returned.

- 98 -

```
DEACTIVATE_ALL PROCEDURE (INDEX WORD, L INDEX WORD)
    RETURNS (SUCCESS CODE BYTE)
    ENTRY
    LOCAL
         I
             BYTE
       I := 0
       DO
          IF I = MAX_DBR_# THEN
            EXIT
          FT
          IF
             L_AST[L_INDEX]. SEGMENT_NO/ACCESS AUTH[I]
                 <> ZERO
                         THEN
             SUCCESS CODE := DEACTIVATE (I, INDEX)
                SUCCESS_CODE <> SEG_DEACTIVATED THEN
             IF
                RETURN
             FI
         FI
         I += 1
      OD
       SUCCESS CODE := VALID
END DEACTIVATE ALL
```

Figure 27: Deactivate All Pseudo-code

# 8. Move a Segment to Global Memory

MOVE\_TO\_GLOBAL is invoked when it becomes necessary to move a segment from local to global memory. If a segment resides in one or more local memories, and a process with write access swaps that segment into core, or if a segment resides in in local memory (with write access) and another process with read access requests the segment swapped in, the segment is moved from a local to global memory to avoid a secondary storage access. If the segment resides in the running memory manager's local memory, it will affect the

- 99 -

segment transfer, otherwise it will signal another memory manager of a connected processor to affect the transfer. Figure 28 illustrates the pseudo-code for MOVE\_TO\_GLOBAL. Once the segment has been moved to global memory, the signalled memory manager will update the MMU images for all connected processes, and deallocate the freed local memory. A success code of completed will be returned to the signalling memory manager. The parameters passed to the memory manager are the segment's L\_AST index the global memory address of the move, and the size of the segment. This information is passed because the G\_AST is locked during this request.

MOVE\_TO\_GLOBAL PROCEDURE (L\_INDEX WORD, GLOBAL ADDR WORD, SIZE WORD) RETURNS (SUCCESS CODE BYTE) ENTRY ! Move segment from local memory to global memory ! DO\_MEMORY\_MOVE (MEMORY\_ADDR, GLOBAL\_ADDR) L\_AST[INDEX]. MEMORY ADDR := AVAILABLE ! Update the MMU image to reflect new address ! DO FOR ALL DBR'S IF L\_AST[L\_INDEX].SEGMENT\_NO/ACCESS\_AUTH <> 0 ANDIF MMU\_IMAGE[DBR\_#].SDR[SEG\_#].ATTRIBUTES=IN\_LOCAL THEN MMU\_IMAGE[DBR\_#].SDR[SEG\_#].BASE\_ADDR:=GLOBAL\_ADDR 71 OD SUCCESS CODE := VALID END MOVE\_TO\_GLOBAL

Figure 28: Move To Global Pseudo-code

- 100 -

# 9. Move a Sequent to Local Memory

MOVE\_TO\_LOCAL is invoked when it becomes necessary to move a segment from global to local memory. This occurs when one of two processes which hold a segment in global memory swaps the segment out. The segment is moved from global memory to the local memory of the remaining process. Figure 29 illustrates the pseudo-code for MOVE\_TO\_LOCAL. The parameters passed to the memory manager are the segment's L\_AST index, the global address of the segment, and the size of the segment. The return parameter is a success code. The MAU images of the signalled process are updated after the move has been made, and the global memory is deallocated.

HOVE\_TO\_LOCAL PROCEDURE (L\_INDEX WORD, GLOBAL\_ADDR WORD, SIZE WORD) ENTRY BLKS := SIZE / BLK\_SIZE BASE\_ADDRESS := ALLOCATE\_LOCAL\_MEMORY (BLKS) ! MOVE from global to local memory :

MEMORY\_MOVE (GLOBAL\_ADDR, BASE\_ADDRESS, SIZE) L\_AST(L\_INDEX].MEMORY\_ADDR := BASE\_ADDRESS DO FOR\_ALL\_DBE'S IF LAST[L\_INDEX].SEGMENT\_NO/ACCESS\_AUTH <> 0 ANDIF MMU\_IMAGE(DBR\_\*].SDR[SEG\_\*].ATTRIBUTES=IN\_LOCAL THEN MMU\_IMAGE(DBR\_\*].SDR[SEG\_\*].BASE\_ADDR:=BASE\_ADDRESS OD SUCCESS\_CODE := VALID END MOVE\_TO\_LOCAL

Figure 29: Move To Local Pseudo-code

- 101 -

# 10. Update the MMU Image

UPDATE is invoked following a MOVE\_TO\_GLOBAL operation. After a segment has been moved from local memory to global memory, it is necessary to signal the memory managers of all connected processors to update their MMU images and L\_AST with the current location of the segment. They must also deallocate the moved segment's local memory. Figure 30 illustrates the pseudo-code of UPDATE. The parameters passed to the memory manager are the segment's L\_AST index, the new global address for the segment, and the size of the segment. The return parameter is a success code.

UPDATE PROCEDURE (L\_INDEX WORD, GLOBAL ADDR WORD, SIZE WORD) RETURNS (SUCCESS\_CODE BYTE) ENTRY FOR\_ALL\_DBR'S DO IF L\_AST[L\_INDEX].SEGMENT\_NO/ACCESS\_AUTH <> 0 ANDIF MMU\_IMAGE[DBR\_#].SDR[SEG\_#].ATTRIBUTES=IN\_LOCAL THEN MMU\_INAGE[DBR\_#].SDR[SEG\_#].BASE\_ADDR := GLOBAL ADDR FI OD BLKS := SIZE / BLK\_SIZE FREE\_LOCAL\_BIT\_MAP (MEMORY ADDR, BLKS) L\_AST[L\_INDEX].MEMORY\_ADDE := ACTIVE SUCCESS\_CODE := VALID END UPDATE

Figure 30: Update Pseudo-code

- 102 -

## E. SUMMARY

In this chapter the detailed design of the memory manager process has been presented. The purpose of the memory manager was outlined, followed by a detailed discussion of the memory manager's data bases. The design presented has identified ten basic functions for the memory manager. The success codes returned by the memory manager are presented in Figure 31.

This design has assumed that the kernel level inter-process synchronization primitives will be Saltzer's signal and wait primitives [14]. This fact dominated the design decision to lock the G\_AST in the user's process before it signals the memory manager. In a multi-processor environment, the possibility of a deadly embrace exists if the memory manager processes lock the G\_AST. Should follow on work implement eventcounts and sequencers as kernel level synchronization primitives, the locking of the G\_AST and memory manager synchronization will need to be readdressed.

- 103 -

SYSTEM WIDE

INVALID SWAPPED\_IN SWAPPED\_OUT SEG\_ACTIVATED SEG\_DEACTIVATED SEG\_CREATED SEG\_DELETED VIRTUAL\_CORE\_FULL DUPLICATE\_ENTRY READ\_ERROR WRITE\_ERROR DRIVE\_NOT\_READY

MEMORY MANAGER LOCAL

VALID INVALID FOUND NOT\_FOUND IN\_LOCAL\_MEMORY NOT\_IN\_LOCAL\_MEMORY ! + DISK ERRORS ! KERNEL LOCAL

LEAF\_SEGMENT\_EXISTS NO\_LEAF\_EXISTS ALIAS\_DOES\_NOT\_EXIST NO\_CHILD\_TO\_DELETE G\_AST\_FULL L\_AST\_FULL LOCAL\_MEMORY\_FULL GLOBAL\_MEMORY\_FULL SECONDARY\_STORAGE\_FULL

Figure 31: Success Codes

- 104 -

## Chapter XII

# STATUS OF RESEARCH

# A. CONCLUSIONS

The memory manager design utilized state of the art software techniques and hardware devices. The design was developed based upon ZILOG'S Z8001 sixteen bit segmented microprocessor used in conjunction with the Z8010 Memory Management Unit [23]. A microprocessor which supports segmentation is required to provide access control of the stored data. The actual implementation of the selected thread was conducted upon the Z8002 non-segmented microprocessor without the Z8010 MMU.

While information security requires that the microprocessor support segmentation, the memory manager was developed to be configuration independent. The design will support a multi-processor environment, and can be easily implemented upon any microprocessor or secondary storage device. The loop free modular design facilitates any required expansion or modification.

Global bus contention is minimized by the memory manager. Segments are stored in global memory only if they are shared and writable. Secondary storage is accessed only if

- 105 -

the segment does not currently reside in global memory or some local memory. The controlled sharing of segments optimizes main memory usage.

The storage of the alias tables in secondary storage supports the recreation of user file hierarchies following a system crash. The aliasing scheme used to address segments supports system security by not allowing the segment's memory location or unique identification to leave the memory manager.

The design of the distributed kernel was clarified by assigning the MMU image management to the memory manager. The transfer of responsibility for memory allocation and deallocation from the supervisor to the memory manager provides support for dynamic memory management.

In conclusion, the memory manager process will securely manage segments in a multi-processor environment. The process is efficient, and is configuration independent. The primitives provided by the memory manager will support the construction of any desired supervisor/user process built upon the kernel.

- 106 -

## B. FOLLOW ON WORK

There are several possible areas in the SASS design that can be looked into for continued research. The complete implementation of the memory manager design (refine and optimize the current PLZ/SYS code) is one possibility. Other possibilities include the implementation of dynamic memory management, and modifying the interface of the memory manager with the distributed kernel using eventcounts and sequencers for inter-process communication.

The implementation of the supervisor has not been addressed to date. Areas of research include the implmentation of the file manager and input/output processes, and the complete design and implementation of the user-host protocols. The implementation of the gatekeeper, and system initialization are other possible research areas. Dynamic process creation and deletion, and the introduction of multi-level hosts could also prove interesting.

## - 107 -

## PART D

# AN IMPLEMENTATION OF MULTIPROGRAMMING AND PROCESS MANAGEMENT FOR A SECURITY KERNEL OPERATING SYSTEM

This section contains updated excerpts from a Naval Postgraduate School MS Thesis by S. L. Reitz [12]. The origins of these excerpts are:

| INTRODUCTION   | from Chapter | I  |  |
|----------------|--------------|----|--|
| IMPLEMENTATION | from Chapter | IV |  |
| CONCLUSION     | from Chapter | V  |  |

Minor changes have been made for integration into this report.

#### Chapter XIII

### INTRODUCTION

The application of contemporary microprocessor technology to the design of large-scale multiple processor systems offers many potential benefits. The cost of high-power computer systems could be reduced drastically; fault tolerance in critical real-time systems could be improved; and computer services could be applied in areas where their use is not now cost effective. Designing such systems presents many formidable problems that have not been solved by the specialized single processor systems available today.

Specifically, there is an increasing demand for computer systems that provide protected storage and controlled access for sensitive information to be shared among a wide range of users. Data controlled by the Privacy Act, classified Department of Defence (DoD) information, and the transactions of financial institutions are but a few of the areas which require protection for multiple levels of sensitive information. Multiple processor systems which share data are well suited to providing such services - if the data security problem can be solved.

A solution to these problems - a multiprocessor system design with verifiable information security - is offered in

- 109 -

a family of secure, distributed multi-microprocessor operating systems designed by O'Connell and Richardson [7]. A subset of this family, the Secure Archival Storage System (SASS) [9,5], has been selected as a testbed for the general design. SASS will provide consolidated file storage for a network of possibly dissimilar "host" computers. The system will provide controlled, shared access to multiple levels of sensitive information (Figure 32).

This thesis presents an implementation of a basic monitor for the O'Connell-Richardson family of operating systems. The monitor provides multiprogramming and process management functions specifically addressed to the control of physical processor resources of SASS. Concurrent thesis work [7] is developing a detailed design for a security kernel process, the Memory Manager, which will manage SASS memory resources.

- 110 -





- 111 -

#### Chapter XIV

#### IMPLEMENTATION

Implementation of the distributed kernel was simplified by the hierarchical structure of the design for it permitted methodical bottom-up construction of a series of extended machines. This approach was particularly useful in this implementation since the bare machine, the Z8000 Developmental Module, was provided with only a small amount of software support.

# A. DEVELOPMENTAL SUPPORT

A Zilog MCZ Developmental System provided support in developing Z8000 machine code. It provided floppy disk file management, a text editor, a linker and a loader that created an image of each Z8000 load module.

A Z8000 Developmental Module (DM) provided the necessary hardware support for operation of a Z8002 non-segmented microprocessor and 16K words (32K bytes) of dynamic RAM. It included a clock, a USART, serial and parallel I/O support, and a 2K PROM monitor.

The monitor provided access to processor registers and memory, single step and break point functions, basic I/O functions, and a download/upload capability with the MCZ system.

- 112 -

Since a segmented version of the processor was not available for system development, segmentation hardware was simulated in software as an MMU image (see Figure 33). Although this data structure did not provide the hardware support (traps) required to protect segments of the kernel domain, it preserved the general structure of the design.



Figure 33: MMU\_IMAGE

## B. INNER TRAFFIC CONTROLLER

The Inner Traffic Controller runs on the bare machine to create a virtual environment for the remainder of the system. Only this module is dependent on the physical processor configuration of the system. All higher levels see only a set of running virtual processors. A kernel data base, the Virtual Processor Table is used by the Inner Traffic Controller to create the virtual environment of this first level extended machine. A source listing of the Inner Traffic Controller module is contained in Appendix G.

# 1. <u>Virtual Processor Table (VPT)</u>

The VPT is a data structure of arrays and records that maintains the data used by the Inner Traffic Controller to multiplex virtual processors on a real processor and to create the extended instruction set that controls virtual processor operation (see Figure 34). There is one table for each physical processor in the system. Since this implementation was for a uniprocessor system (the Z8000 DM), only one table was necessary.

The table contains a LOCK which supports an exclusion mechanism for a multiprocessor system. It was provided in this implementation only to preserve the generality of the design.

The Descriptor Base Register (DBR) binds a process to a virtual processor. The DBR points to an MMU\_IMAGE contain-

| LOCK                                           |      |
|------------------------------------------------|------|
| RUNNING_LIST                                   |      |
| READY_LIST                                     |      |
| FREE_LIST                                      |      |
|                                                |      |
|                                                |      |
| VP [DBR] PRI STATE IDLE_PLAG CPU NEXT_VP MSG_I | LIST |
| INDEX                                          | i    |
|                                                | i i  |
|                                                | i    |
|                                                | i    |
|                                                |      |
|                                                | ,    |
| MSG     MESSAGE   SENDER   NEXT_MSG            |      |
| INDEX                                          |      |
|                                                |      |
|                                                |      |
|                                                |      |
|                                                |      |
|                                                |      |

Figure 34: Virtual Processor Table

ing the list of descriptors for segments in the process address space.

A virtual processor (VP) can be in one of three states: running, ready, and waiting (Figure 35). A running VP is currently scheduled on a real processor. A ready VP is ready to be scheduled when selected by the level-1 schedul-

- 115 -

ing algorithm. A waiting VP is awaiting a message from some other VP to place it in the ready list. In the meantime it is not in contention for the real processor.

- 116 -



Figure 35: Virtual Processor States

- 117 -

# 2. <u>Level-1</u> <u>Scheduling</u>

Virtual processor state changes are initiated by the inter-virtual-processor communication mechanisms, SIGNAL and These level-1 instructions implement the scheduling WAIT. policy by determining what virtual processor to bind to the real processor. The actual binding and unbinding is performed by a Processor switching mechanism called SWAP\_DBR [14]. Processor switching implies that somehow the execution point and address space of a new process are acquired by the processor. Care must be taken to insure that the old process is saved and the new process loaded in an orderly manner. A solution to this problem, suggested by Saltzer: [14], is to design the switching mechanism so that it is a common procedure having the same segment number in every address space.

In this implementation a processor register (R14) was reserved within the switching mechanism for use as a DBR. Processor switching was performed by saving the old execution point (i.e., processor registers and flag control word), loading the new DBR and then loading the new execution point. The processor switch occurs at the instant the DBR is changed (see Figure 36). Because the switching procedure is distributed in the same numbered segment in all address spaces, the "next" instruction at the instant of the switch will have the same offset no matter what address space the processor is in. This is the key to the proper operation of SWAP\_DBR.

To convert this switching mechanism to segmented hardware it is necessary merely to replace SWAP\_DBR with special I/O block-move instructions that save the contents of the MMU in the appropriate MMU\_IMAGE and load the contents of the new MMU\_IMAGE into the MMU.

# a. Getwork

SWAP\_DBR is contained within an internal Inner Traffic Controller procedure called GETWORK. In addition to multiplexing virtual processors on the CPU, GETWORK interprets the virtual processor status flags, IDLE and PREEMPT, and modifies VP scheduling accordingly in an attempt to keep the CPU busy doing useful work.

There are actually two classes of idle processes within the system. One class belongs to the Traffic Controller. Conceptually there is a ready level-2 idle process for each virtual processor available to the Traffic Controller for scheduling. When a running process blocks itself, the Traffic Controller schedules the first ready process. This will be an idle process if no supervisor processes are in the ready list.

The second class of idle process exists in the kernel. The kernel Idle process is permanently bound to the lowest priority virtual processor.

Process #1 Process #2 Ł Address space Address space ------1 V Call SWAP\_DBR 1 V Save return point on call stack. (Process #1) 1 V Save execution point 1 V ----> Swap DBR (R14) Swap DBR (R14) processor switch V Load new execution ł. point. V Load return point from call stack (process #2) 1 V

Figure 36: SWAP\_DBR

The distinction is made between these classes because of the need to keep the CPU busy doing useful work whenever possible. There is no need for GETWORK to schedule a level-2 idle process that has been loaded on a virtual processor, because the idle process does no useful work. The virtual processor IDLE\_FLAG indicates that a virtual processor has been loaded with a level-2 idle process. GETWORK will schedule this virtual processor only if the PREEMPT flag is also set. The PREEMPT flag is a signal from the Traffic Controller that a supervisor process is now ready to run.

When GETWORK can find no other ready virtual processors with IDLE and PREEMPT flags off, it will select the virtual processor permanently bound to the kernel Idle process. Only then will the Idle process actually run on the CPU.

Getwork contains two entry points. The first, a normal entry, resets the preempt interrupt return flag. (RO is reserved for this purpose within GETWORK.) The second, a hardware interrupt entry point, contains an interrupt handler which sets the preempt interrupt return flag. The DBR (R14) must also be set to the current value by any procedure that calls GETWORK in order to permit the SWAP\_DBR portion of GETWORK to have access to the scheduled process's address space. Upon completion of the processor switch, GETWORK exmines the interrupt return flag to determine whether a norlal return or an interrupt return is required.

- 121 -

The hardware interrupt entry point in GETWORK supports the technique used to initialize the system. Each process address space contains a kernel domain stack segment used by SWAP-DBR in GETWORK to save and restore VP states. For the same reason that SWAP-DBR is contained in a system wide segment number, the stack segment in each process address space will also have the same number (Segment #1 in this implementation). Each stack segment is initially created as though it's process had been previously preempted by a hardware interrupt. This greatly simplifies the initialization of processes at system generation time. The details of system initialization will be described later in this chapter. It is, important to note here, however, that GETWORK must be able to determine whether it was invoked by a hardware preempt: interrupt or by a normal call, before it can execute a return to the calling procedure. This is because a hardware interrupt causes three items to be placed on the system ( stack: the return location of the caller, the flag control. word, and the interrupt identifier, whereas a normal call places only the return location on the stack. Therefore, in order to clean up the stack, GETWORK must execute an interrupt return (assembly instruction:IRET) if entry was via the hardware preempt handler (i.e., R0 set). This instruction will pop the three items off the stack and return to the appropriate location. If the interrupt return flag, RO, is off, a normal return is executed.

During normal operation, SWAP-DBR manipulates process stacks to save the old VP state and load the new VP state. This action proceeds as follows (Figure 37):

- The Flag Control Word (FCW), the Stack Pointer (R15) and the preempt return flag (R0) are saved in the old VP's kernel stack.
- The DBR (R14) is loaded with the new VP's DBR. This permits access to the address space of the new process.
- 3. The Flag Control Word (FCW), the Stack Pointer (R15) and the Interrupt Return Flag (R0), are loaded into the appropriate CPU registers.
- 4. RO is tested. If it is set, GETWORK will execute an interrupt return. If it is off, a normal return occurs.

By constructing GETWORK in this way, both system initialization and normal operations can be handled in the same way. A high level GETWORK algorithm is given in Figure 38.

- 123 -



Figure 37: Kernel Stack Segments

- 124 -

**GETWORK** Procedure (DBR = R14) Begin Reset Interrupt Return Flag (RO) Skip hardware preempt handler Hardware Preempt Entry: Set DBR Save CPU registers Save supervisor stack pointer Set Interrupt Return Flag (RO) Get first ready VP Do while not Select If Idle flag is set then if Preempt flag is set then select else get next ready VP end if else select end if end do SWAP\_DBR: Save old VP registers in stack segment Swap dbr (R14) Load new VP registers in stack segment If Interrupt Return Flag is set then unlock VPT simulate GATEKEEPER exit: Call TEST\_VPREEMPT Restore supervvisor registers Restore supervvisor stack pointer Execute Interrupt Return (IRET) end if Execute normal return end GETWORK

Figure 38: GETWORK

- 125 -

# 3. Virtual Processor Instruction Set

The heart of the SASS scheduling mechanism is the internal procedure, GETWORK. It provides a powerful internal primitive for use by the virtual processors and greatly simplifies the design of the virtual processor instruction set. Virtual processor instructions perform three types of functions: multiprogramming, process management and virtual interrupts.

SIGNAL and WAIT provide synchronization and communication between virtual processors. They multiplex virtual processors on a CPU to provide multiprogramming. This implementation used a version of the signal and wait algorithms proposed by Saltzer [14]. In the SASS design each CPU is provided with a unique (fixed) set of virtual processors. The interaction among virtual processors is a result of multiprogramming them on the real processor. Only one virtual processor is able to access the VPT at a time because of the use of the VPT LOCK (SPIN\_LOCK) to provide mutual exclusion. Therefore race and deadlock conditions will not develop and the signal pending switch used by Saltzer is not necessary.

This implementation also included message passing mechamism not provided by Saltzer. The message slots available for use by virtual processors are initially contained in a queue pointed to by FREE-LIST. When a message is sent from one VP to another, a message slot is removed from the free

- 126 -

list and placed in a FIFO message queue belonging to the VP receiving the message. The head of each VP's message queue is pointed to by MSG-LIST. Each message slot contains a message, the ID of the sender, and a pointer to the next message in the list (either the free list or the VP message list.

IDLE and SWAP\_VDBR provide the Traffic Controller with a means of scheduling processes on the running VP.

SET\_VPREEMPT and TEST\_VPREEMPT install a virtual interrupt mechanism in each virtual processor. When the Traffic Controller determines that a virtual processor should give up its process because a higher priority process is now ready, it sets the PREEMPT flag in that VP. Then, even if an idle process is loaded on the VP, it will be scheduled and will be loaded with the first ready process. Test\_VPreempt is a virtual interrupt unmasking mechanism which forces a process to examine the preempt flag each time it exists from the kernel.

## a. Wait

WAIT provides a means for a virtual processor to move itself from the running state to the waiting state when it has no more work to do. It is invoked only for system events that are always of short duration. It is supported by three internal Procedures.

SPIN\_LOCK enables the running VP to gain control of the Virtual Processor Table. This procedure is only necessary in a multiprocessor environment. The running VP will have to wait only a short amount of time to gain control of the VPT. SPIN\_LOCK returns when the VP has locked the VPT.

GETWORK loads the first eligible virtual processor of the ready list on the real processor. Before this procedure is invoked, the running VP is placed in the ready state. Both ready and running VP's are members of a FIFO queue. GETWORK selects the first VP in this ready list, loads it on the CPU, and places it in the running state. When GETWORK returns, the first VP of the queue will always be running and the second will be the first VP in the ready queue.

GET\_FIRST\_MESSAGE returns the first message of the message list (also managed as a FIFO queue) associated with the running VP. The action taken by WAIT is as follows:

WAIT Procedure (Returns: Msg, Sender\_ID)
Begin
Lock VPT (call SPIN\_LOCK)
If message list empty (i.e., no work) Then
Move VP from Running to Waiting state
Schedule first eligible Ready VP (call GETWORK)
end if
(NOTE: process suspended here until

- 128 -

it receives a signal and is selected by GETWORK.) Get first message from message list (call GET\_FIRST\_MSG) Unlock VPT Return end WAIT

If the running virtual processor calls WAIT and there is a message in its message list (placed there when another VP signaled it) it will get the message and continue to run. If the message list is empty it will place itself in the wait state, schedule the first ready virtual processor, and move it to the running state. The virtual processor will remain in the waiting state until another running VP sends it a message (via SIGNAL). It will then move to the ready list. Pinally it will be selected by GETWORK, the next instructions of WAIT will be executed, it will receive the message for which it was waiting, and it will return to the caller.

- 129 -

b. Signal

Messages are passed between virtual processors by the instruction, SIGNAL, which uses four internal procedures, SPIN\_LOCK, ENTER\_MSG\_LIST, MAKE\_READY, and GETWORK.

SPIN\_LOCK, as explained above insures that only one virtual processor has control of the Virtual Processor Table at a time.

ENTER\_MSG\_LIST manages a FIFO message queue for each virtual Processor and for free messages. This queue is of fixed maximum length because of the implementation decision to restrict the use of SIGNAL. A running VP can send no more than one message (SIGNAL) before it receives a reply (i.e., WAIT's for a message). Therefore if there are N virtual processors per real processors, the message queue length, L, is:

L = N - 1

MAKE\_READY manages the virtual processor ready queue. If a message is sent to a VP in the waiting state, MAKE\_READY wakes it up (it places it in the ready state) and enters it in the ready list. If a running VP signals a waiting VP of higher priority, it will place itself back in the ready state and the higher priority VP will be selected. The action taken by signal is as follows:

SIGNAL Procedure (Message, Destination VP)

Begin

- 130 -

Lock VPT (call SPIN\_LOCK) Send message (call ENTER\_MSG\_LIST) If signaled VP is waiting Then Wake it up and make it ready (call MAKE\_READY) end if Put running VP in ready state. Schedule first elgible ready VP (call GETWORK) Unlock VPT Return (Success\_ccde) End SIGNAL

#### C. SWAP\_VDBR

SWAP\_VDBR contains the same processor switching mechanism used in SWAP\_DBR, but applies it to a virtual processor rather than a real processor. Switching is quite simple in this virtual environment because both processor execution point and address space are defined by the Descriptor Base

- 131 -

Register. SWAP\_VDBR is invoked by the Traffic Controller to load a new process on a virtual processor in support of level-2 scheduling. It uses GETWORK to control the associated level-1 scheduling. The action taken by SWAP\_VDBR is:

SWAP\_VDBR Procedure (New\_DBR)
Begin
Lock VPT (call SPIN\_LOCK)
Load running VP with New\_DBR
Place running VP in ready state
Schedule first eligible ready VP
 (call GETWORK)
Unlock VPT
Return
End SWAP\_VDBR

In this implementation one restriction is placed upon the use of this instruction. If a virtual processor's message list contains at least one message, it can not give up its current DBR. This problem is avoided as the natural result of using SIGNAL and WAIT only for system events, and

- 132 -

"masking" preempts within the kernel. If this were permitted, the messages would lose their context. (The messages in a VP\_MSG\_LIST are actually intended for the process loaded on the VP.)

#### d. IDLE

The IDLE instruction loads the Idle DBR on the running virtual processor. Only virtual processors in contention for process scheduling will be loaded by this instruction. (The Traffic Controller is not even aware of virtual processors permanently bound to kernel processes.)

IDLE has the same scheduling effect as SWAP VDBR, but it also sets the IDLE\_FLAG on the scheduled VP. The distinction is made between the two cases because, although the Traffic Controller must schedule an Idle process on the VP if there are no other ready processes, the Inner Traffic Controller does not wish to schedule an Idle VP if there is an alternative. This would be a waste of physical processor resources. The setting of the IDLE\_FLAG by the Traffic Controller aids the Inner Traffic Controller in making this scheduling decision. Logically, there is an idle process for each VP; actually the same address space (DBR) is used for all idle processes for the same CPU, since only one will run at a time. As previously explained, virtual processors loaded by this instruction will be selected by GETWORK only to give the Idle process away for a new process in response to a virtual preempt interrupt. The action of IDLE is:

- 133 -

IDLE Procedure

Begin

Lock VPT (call SPIN\_LOCK) Load running VP with Idle DBR Set VP'S IDLE\_FLAG Place running VP in ready state Schedule first elgible ready VP (call GETWORK) Unlock VPT Return

End IDLE

## e. SET\_VPREEMPT

SET\_VPREEMPT sets the preempt interrupt flag on a specified virtual processor. This forces the virtual processor into level-1 scheduling contention, even if it is loaded with an Idle process. The instruction retrieves an idle

- 134 -

virtual processor in the same way a hardware preempt retrieves an idle CPU by forcing the VP to be selected by GETWORK. The only difference between the two cases is the entry point used in GETWORK. The action of SET\_VPREEMPT is:

SET\_VPREEMPT Procedure (VP)
Begin
Set VP's PREEMPT flag
If VP belongs to another CPU Then
send hardware interrupt
end if
Return
End SET\_VPREEMPT

Since the action is a safe sequence, no deadlocks or race conditions will arise and no lock is required on the 7PT.

f. TEST\_VPREEMPT

- 135 -

Within the kernel of a multiprocessor system all process interrupts (which excludes system I/O interrupts) are masked. If process interaction results in a virtual preempt being sent to the running virtual processor by another CPU, it will not be handled since GETWORK has already been invoked. TEST\_VPREEMPT provides a virtual preempt interrupt unmasking mechanism.

TEST VPREEMPT mimics the action of a physical CPU when interrupts are unmasked. It forces the process execution point back down into the kernel each time the process attempts to leave the kernel domain, where the preempt flag of the running VP is examined. If the flag is off, TEST\_VPREEMPT returns and the execution point exits through the Gatekeeper into the supervisor domain of the process address space as described above. However, if the PREEMPT flag is on, the TEST\_VPREEMPT executes a virtual interrupt handler located in the Traffic Controller. This jump from the Inner Traffic Controller to the Traffic Controller (TC\_PREEMPT\_HANDLER) is a close parallel to the action of a CPU in response to a hardware interrupt, that is a jump to an interrupt handler. The Traffic Controller Preempt Handler forces level-2 and level-1 scheduling to proceed in the normal manner. The preempt handler forces the Traffic Controller to examine the APT and to apply the level-2 scheduling algorithm, TC\_GETWORK. If the APT has been changed since the last invocation of this scheduler, it will be reflected in the scheduling selections. Eventually, when the running VP's preempt flag is tested and found to be reset, TEST\_VPREEMPT will return to the Gatekeeper where the process execution point will finally make a normal exit into its supervisor domain. TEST\_VPREEMPT performs the following action:

TEST\_VPREEMPT Procedure

Begin

Do while running VP's PREEMPT flag is set

Reset PREEMPT flag

Call preempt handler

(call TC\_PREEMPT\_HANDLER)

End do

Return

End TEST\_VPREEMPT

- 137 -

## C. TRAFFIC CONTROLLER

The Traffic Controller runs in a virtual environment created by the Inner Traffic Controller. It sees a set of running virtual processor instructions: SWAP\_VDBR, IDLE, SET\_VPREEMPT, and RUNNING\_VP, and provides a scheduler, TC\_GETWORK, which multiplexes processes on virtual processors in response to process interaction. It also creates a level-2 instruction set: ADVANCE, AWAIT, and PROCESS\_CLASS, which is available for use by higher levels of the design. The Traffic Controller uses a global data base, the ACTIVE PROCESS TABLE to support its operation.

# 1. <u>Active Process Table (APT)</u>

The Active Process Table is a system-wide kernel database containing entries for each supervvisor process in SASS (Figure 39). It is indexed by active process ID. The structure of the APT closely parallels that of the Virtual Processor Table. It contains a LOCK to support the implementation of a mutual exclusion mechanism, a RUNNING\_LIST, and a READY\_LIST\_HEAD. The Traffic Controller is only concerned with virtual processors that can be loaded with supervisor processes. Since two VP's are permanently bound to kernel processes (the Memory Manager and the Idle Process), they cannot be in contention for level-2 scheduling; the Traffic Controller is unaware of their existence; since there are a number of available virtual processors, the RUNNING\_LIST was implemented as an array indexed by VP\_ID. The READY\_LIST\_HEAD points to a FIFO queue that includes both running and ready processes. The running processes will be at the top of the ready list.

Because of their completely static nature, idle processes require no entries in the APT. Logically, there is an idle process at the end of the ready list for each VP available to the Traffic Controller. If the ready list is empty, TC\_GETWORK loads one of these "virtual" idle processes by calling IDLE, and enters a reserved identifier, #IDLZ, in the appropriate RUNNING\_LIST entry. This identifier is the only data concerning idle processes that is contained in the APT. Idle process scheduling considerations are moved down to level-1, because the Inner Traffic Controller knows about physical processors, and can optimize CPU use by scheduling idle processes only when there is pothing else to do.

The subject access class, S\_CLASS, provides each process with a label that is required by level-3 modules to enforce, the SASS non-discretionary security policy.

- 139 -

| LOCK                    |           |              |       |         |                                           |  |  |  |  |  |
|-------------------------|-----------|--------------|-------|---------|-------------------------------------------|--|--|--|--|--|
| RUNNING_LIST PROCESS_ID |           |              |       |         |                                           |  |  |  |  |  |
| ¥ P<br> <br> <br> <br>  | ID        | <br>  <br>   |       |         |                                           |  |  |  |  |  |
| READY_LIST_HEAD         |           |              |       |         |                                           |  |  |  |  |  |
|                         |           | ACCESS_CLASS | STATE | NEXT_AP | EVENTCOUNT<br>HANDLE<br>INSTANCE<br>COUNT |  |  |  |  |  |
| AP<br>Index<br>1<br>V   | <br> <br> |              |       |         |                                           |  |  |  |  |  |

2.

ti

1

Figure 39: Active Process Table

- 140 -

### 2. Level-2 Scheduling

Above the Traffic Controller, SASS appears as a collection of processes in one of the three states: running, ready, or blocked. Running and ready states are analogous to the corresponding virtual processor states of the Inner Traffic Controller. However, because of the use of eventcount synchronization mechanisms by the Traffic Controller, the blocked state has a slightly different connotation than the VP waiting state.

Blocked processes are waiting for the occurrence of a non-system event, e.g., the event occurrence may be signalled from the supervisor domain. When a specific event happens, all of the blocked processes that were awaiting that event are awakened and placed in the ready state. This broadcast feature of event occurrence is more powerful than the message passing mechanism of SIGNAL, which must be directed at a single recipient.

Just as SIGNAL and WAIT provide virtual processor multiplixing in level-1, the eventcount functions, ADVANCE and AWAIT, control process scheduling in level-2.

### a. TC\_GETWORK

Level-2 scheduling is implemented in the internal Traffic Controller procedure, TC\_GETWORK. This procedure is invoked by eventcount functions when a process state change

- 141 -

may have occurred. It loads the first ready process on the currently scheduled VP (i.e., the virtual processor that has been scheduled at level-1 and is currently executing on the CPU).

> TC\_GETWORK Procedure Begin VP\_ID := RUNNING\_VP Do while not end of ready list if process is running then get next ready process else RUNNING\_LIST [VP\_ID] := PROCESS\_ID Process state := running SWAP\_VDBR end if end do If end of running list (no ready processes) Then RUNNING\_LIST := #IDLE IDLE end if Return End TC\_GETWORK

> > - 142 -

#### b. TC\_PREEMPT\_HANDLER

Preempt interrupts are masked while a process is executing in the kernel domain. As the process leaves the kernel, the gatekeeper unmasks this virtual interrupt by invoking TEST\_VPREEMPT. This instruction tests the scheduled VP's If this flag is off, the process returns to PREEMPT flag. the Gatekeeper and exits from the kernel; but if the flag is set, TEST\_VPREEMPT calls the Traffic Controller's virtual preempt interrupt handler, TC\_PREEMPT\_HANDLER. This handler invokes IC\_GETWORK, which re-evaluates level-2 scheduling. Eventually, when the schedulers have completed their functions, the handler will return control to the preempted process, which will return to te Gatekeeper for a normal exit. This sequence of events closely parallels the action of a hardware interrupt, but in the environment of a virtual processor rather than a CPU. The virtualization of interrupts provides the ability for one virtual processor to interrupt execution of another that may, or may not, be running on a CPU at that time. This is provided without disrupting the logical structure of the system. This capability is particularly useful in a multiprocessor environment where the target virtual processor may be executing on another CPU. Because these interrupts will be virtualized, the operating system will retain control of the system. The action of the TC PREEMPT HANDLER is described in the procedure below.

- 143 -

TC\_PREEMPT\_HANDLER Procedure Begin Call WAIT\_LOCK VP\_ID := RUNNING\_VP Process\_ID := RUNNING LIST [VP\_ID] If process is not idle Then Process state := ready end if Call TC\_GETWORK Call WAIT\_UNLOCK RETURN End TC\_PREEMPT\_HANDLER

WAIT\_LJCK and WAIT\_UNLOCK provide an exclusion mechanism which prevents simultaneous multiple use of the APT in a multiprocessor configuration. This mechanism invokes WAIT and SIGNAL of the Inner Traffic Controller.

- 144 -

# 3. Eventcounts

An eventcount is a non-decreasing integer associated with a global object called an event [11]. The Event Manager, a level-3 module, controls access to event data when required and provides the Traffic Controller with a HANDLE, an INSTANCE, and a COUNT. The values for all eventcounts (and sequencers) are maintained at the Memory Manager level and are accessed by calls to the Memory Manager. The HANDLE provides the traffic controller with an event ID, associated with a particular segment. INSTANCE is a more specific definition of the event. For example, each SASS supervisor segment has two eventcounts associated with it, a INSTANCE 1 and a INSTANCE\_2, that the supervisor uses keep track of read and write access to the segment [9]. Eventcounts provide information concerning system-wide events. They are manipulated by the Traffic Controller functions ADVANCE and AWAIT and by the Memory Manager functions, READ and TICKET. A proposed high level design for ADVANCE and AWAIT is provided by Reitz [12].

### a. Advance

ADVANCE signals the occurrence of an event (e.g., a read access to a particular supervisor segment). The value of the eventcount is the number of ADVANCE operations that have been performed on it. When an event is advanced, the fact must be broadcast to all blocked processes awaiting it and

- 145 -

the process must be awakened and placed on the ready list. Some of the newly awakened processes may have a higher priority than some of the running processes. In this case a virtual preempt, SET\_VPREEMPT (VP\_ID), must be sent to the virtual processors loaded with these lower priority processes.

b. Await

When a process desired to block itself until a particular event occurs, it invokes AWAIT. This procedure returns to the calling process when a specified eventcount is reached. Its function is similar to WAIT.

c. Read

READ returns the current value of the eventcount. This is an Event Manager (level three) function. This module calls the Memory Manager module to obtain the eventcount value.

d. Ticket

TICKET provides a complete time-ordering of possibly concurrent events. It uses a non-decreasing integer, called a sequencer, which is also associated with each supervisor segment. As with READ, this is an Event Manager function that calls the Memory Manager to access the sequencer value. Each invocation of TICKET increments the value of the se-

- 146 -

quencer and returns it to the caller. Two different uses of ticket will return two different values, corresponding to the order in which the calls were made.

# D. SYSTEM INITIALIZATION

Because the Inner Traffic Controller's scheduler, GETWORK, can accommodate both normal calls and hardware interrupt jumps, the problem of system initialization is not difficult.

When SASS is first started at level-1, the Idle VP is running and the memory manager VP, which has the highest priority, is the first ready virtual processor in the ready list. All VP's available to the Traffic Controller for level-2 schedling are ready. Their IDLE\_FLAG's and PREEMPT flags are set.

At level-2, all VP's are loaded with idle processes and all supervisor processes are ready.

The kernel stack segment of each process is initialized to appear as if it had been saved by a hardware Preempt interrupt (Figure 40).

All CPU registers and the supervisor stack pointer are stored on the stack. R15 is reserved as the kernel stack point; R14 contains the DBR. All other registers can be used to pass initial parameters to the process. The order in which these registers appear on the stack supports the PLZ/ASM block-move instructions.

- 147 -



Figure 40: Initialized Stack

- 148 -

The status block contains the current value of the stack pointer, R15, and the preempt interrupt return flag. This flag is set to indicate that the process has been saved by a preempt interrupt. The first three items on the stack: the process entry point, the initial process flag control word, and an interrupt indentifier, are also initialized to support the action of a hardware interrupt.

To start-up the system, R14 (the DBR) is set to the Idle process DBR; the CPU Program counter is assigned the PREEMPT\_ENTRY point in GETWORK; the CPU Flag Control Word (FCW) is initialized for the kernel domain: and the CPU is started. Because the Idle\_VP is the lowest priority VP in the system, it will place itself back in the ready state and move the Memory Manager in the running state. The Memory Manager will execute an interrupt return because the interrupt return flag was set by system initialization. There will be no work for this kernel process so it will call WAIT to place itself in the waiting state. The next ready VP is idling, but since it's IDLE\_FLAG and PREEMPT flag are set, GETWORK will select it. It too will execute an interrupt return, but because its PREEMPT flag is set, it will call TC\_PREEMPT\_HANDLER. This will cause the first ready process to be scheduled. Each time a supervisor process blocks itself, the next idle VP will be selected and the sequence will be repeated.

- 149 -

The action described above is in accord with normal operation of the system. The only unique features of initialization are the entry point (PREEMPT-ENTRY: in GETWORK) and the values in the initialized kernel stack.

The implementation presented in this thesis has been run on a Z8000 developmental module. System initialization has been tested and executes correctly. At the current level of implementation, no process multiplexing function is available. There is no provision for unlocking the APT after an initialized process has been loaded as a result, a call to the Traffic Controller (viz., ADVANCE or AWAIT). In a process multiplexed environment this would cause a system deadlock. Once the process left the kernel domain with a locked APT, no process would be able to unlock it. The Traffic Controller must handle this system initialization problem.

#### Chapter XV

#### CONCLUSION

The implementation presented in this thesis created a security kernel monitor that runs on the Z8000 Developmental Module. This monitor supports multiprogramming and process management in a distributed operating system. The process executes in a multiple virtual processor environment which is independent of the CPU configuration.

This monitor was designed specifically to support the Secure Archival Storage System (SASS) [2, 9, 5]. However, the implementation is based on a family of Operating Systems [7] designed with a primary goal of providing multilevel security of information. Although the monitor currently runs on a single microprocessor system, the implementation fully supports a multiprocessor design.

## A. <u>**RECOMMENDATIONS</u></u></u>**

Because the Zilog MMU is not yet available for the Z8000 Developmental Module, it was necesary to simulate the segmentation hardware. As Reitz explained [12], this was accomplished by reserving a CPU register, R14, as a Descriptor Base Register (DBR) to provide a link to the loaded addresss space. When the MMU becomes available, this simulation must be removed. This can be done in two steps.

First, the addressing format must be translated to the segmented form. This requires no system redesign.

Second, the switching mechanism most be modified to accomodated to use the MMU. This can be done by modifying the SWAP\_DBR portion of GETWORK to multiplex the MMU\_IMAGE onto the MMU hardware and this can be accomplished by changing about a dozen lines of the existing code.

### B. FOLLOW ON WORK

Although the monitor appears to execute correctly, it has not been rigorously tested. Before higher levels of the system are added, it is essential that the monitor be highly reliable. Therefore a formal test and evaluation plan should be developed.

An automated system generation and initialization mechanism is also required if the monitor to be is a useful tool in the development of higher levels of the design.

Once the monitor has been proven reliable and can be loaded easily, work on the implementation of the Memory Manager kernel process and the remainder of the kernel can continue.

- 152 -

### PART E

# IMPLEMENTATION OF SEGMENT MANAGEMENT FOR A SECURE ARCHIVAL STORAGE SYSTEM

This section contains excerpts from a Naval Postgraduate School MS Thesis by J. T. Wells [20]. The origins of these excerpts are:

INTEODUCTION from Chapter I SEGMENT MANAGEMENT FUNCTIONS SEGMENT MANAGER NON-DISCRETIONARY SECURITY MODULE MEMORY MANAGER SUMMARY from Chapter II SEGMENT MANAGEMENT IMPLEMENTATION from Chapter III CONCLUSIONS AND FOLLOW ON WORK from Chapter IV

Minor changes have been made for integration into this report.

#### Chapter XVI

### INTRODUCTION

This thesis addresses the implementation of the segment management functions of an operating system known as the Secure Archival Storage System or SASS. This system, with full implementation, will provide: (1) multilevel secure access to information (files) stored in a "data warehouse" for a network of multiple host computers, and (2) controlled data sharing among authorized users. The correct performance of both of these features is directly dependent upon the proper implementation of the segment management functions addressed in this thesis. The issue of access to sensitive information is addressed by the Non-Discretionary Security Module, which mediates all non-discretionary access to in-Sharing of information is accomplished chiefly formation. through the properties of sequentation, the SASS memory management scheme that is supported by the Memory Manager Module and the Segment Manager Module. The implementation of segment management for SASS is thus integral to the attainment of the two key goals that SASS was designed to achieve. This implementation addresses the Non-Discretionary Security, Distributed Memory Manager (the interface to the Memory Manager Process), and Segment Manager modules.

#### Chapter XVII

## SEGMENT MANAGEMENT FUNCTIONS

### A. SEGMENT MANAGER

### 1. Function

The Segment Manager is the focal point of the segment management function. Using the per-process Known Segment Table as its database and the Memory Manager and Non-Discretionary Security Module in strongly supportive roles, it is responsible for managing the segmented virtual memory for a process. Its role can be viewed as somewhat intermediary in nature (viz., between the Supervisor modules and the Memory Manager modules). The extended instruction set created in the Segment Manager includes the following instructions: CREATE\_SEGMENT, DELETE\_SEGMENT, MAKE\_KNCWN, TERMINATE SM\_SWAP IN, and SM\_SWAP\_OUT (note that the names for SWAP\_IN and SWAP\_OUT have been modified by preceding each with SM\_;; this is strictly for clarity because the Memory Manager also creates two instructions called SWAP\_IN and SWAP\_CUT). These instructions are invoked by the Supervisor domain of the process (viz., calls are made from the Supervisor domain via the Gatekeeper to the Segment Manager in the Kernel domain) to provide SASS support to the Host.

- 155 -

In general, when the Segment Manager receives these calls, it performs certain checks to ensure the validity and security compliance (when required) of the request (call). These checks are performed using its own database (the KST) and by calls to the Non-Discretionary Security Module (when required). The Segment Manager invokes one of six Memory Manager (more specifically, the Distributed Memory Manager Module) created instructions. These instructions include: MM\_DELETE\_ENTRY, MM\_CREATE\_ENTRY, MM ACTIVATE, MM\_DEACTIVATE, MM\_SWAP\_IN, and MM\_SWAP\_OUT. These invoked instructions (procedures) in turn perform interprocess conmunciations with the non-distributed memory manager process (where actual memory management functions are accomplished). These interprocess invocations and returns are accomplished i through the use of the IPC primitives Signal and Wait. The Segment Manager returns the required arguments to the Supervisor by value (as passed back to it by the Memory Manager: and/or determined within itself). The Segment Manager performs actual segment number assignment when a segment is made known to a process' address space. It also performs any further database (KST) updating as may be required.

### 2. Database

The Known Segment Table (KST) is the database used to manage segments. The KST is described in its tabular form and PLZ/SYS structured representation in Figure 41. There are several basic and pertinent facts to be noted of the KST:

- It is a process local database; that is, each process has its own KST.
- The KST is indexed by segment number; each record of the KST consists of a set of fields (description information) regarding a particular segment.
- 3. Entering information into the fields of a segment is called "making a segment known". This simply refers to adding a segment to a process' address space (viz., making a segment accessible to a process).
- 4. In SASS, a correspondence exists between making a segment "known" and making a segment "active"; i.e., when a segment is added to the address space of a process, this action results in an entry in the KST (making "known") by the Segment Manager and an entry in the Global Active Segment Table (G\_AST) by the Memory Manager process (making it "active"). The G\_AST will be described later in this chapter.

A proper description of the structure and fields of the KST is necessary at this point. Using the representation of the PLZ/SYS language structure, the KST is described as an array of records of fields of varying types. The fields are described separately below. Although the KST index is not in itself a field in the record, it does perform a rather significant role. The KST index is an integer closely related

- 157 -

to the segment number of the segment described in that KST entry (viz., it is the subscript into the array of records). This segment number also corresponds to the MMU descriptor register (number) for that segment.

The MM\_Handle is the first field in a KST record. The MM\_Handle is a system wide unique number that is assigned to each segment with an entry in the G\_AST (viz., every active segment). This "handle" is the instrument of controlled single copy sharing of information (segments). It allows a segment to exist under one unique handle but be accessible in the address space of more than one process (with different segment numbers in each address space). The MM\_Handle is returned to the Segment Manager by the Memory Manager during: the execution of the Make\_Known instruction.

The Size field is an integer value (of language structure type "word") which represents the number of 256 byte blocks composing a segment.

The Access\_Mode field is used to describe the process' access to the segment (i.e., null or read and/or write).

The In\_Core field is used to indicate if the segment is or is not in main memory (i.e., this field is a flag or true/false boolean switch).

The Class field is a long word field used to represent the degree of information sensitivity (viz., access class) assigned to the segment. This field (for example) would be used to numerically describe a classification label (as described above).

- 158 -

| Segment_#                                                                                                                                                        |       |                 |             |       |                |                   |  |  |  |  |
|------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------|-----------------|-------------|-------|----------------|-------------------|--|--|--|--|
| VI<br>MM_Handle                                                                                                                                                  | Size  | Access_<br>Mode | In_<br>Core | Class | M_  <br>Seg_No | Entry  <br>Number |  |  |  |  |
|                                                                                                                                                                  |       |                 | •           |       |                |                   |  |  |  |  |
|                                                                                                                                                                  |       |                 |             |       |                |                   |  |  |  |  |
|                                                                                                                                                                  |       |                 |             |       |                |                   |  |  |  |  |
|                                                                                                                                                                  |       |                 | 1<br>1<br>1 |       |                |                   |  |  |  |  |
|                                                                                                                                                                  |       |                 | 8           |       |                |                   |  |  |  |  |
|                                                                                                                                                                  |       |                 | 8           | 1     |                |                   |  |  |  |  |
|                                                                                                                                                                  |       |                 | 1           | 1     | 8              |                   |  |  |  |  |
|                                                                                                                                                                  |       |                 |             |       |                |                   |  |  |  |  |
| KST Arraj                                                                                                                                                        | Y [4] | KST_REC]        |             |       |                |                   |  |  |  |  |
| KST_REC Record [MM_Handle Array [3 Word]<br>Size Word<br>Access_Mode Byte<br>In_Core Byte<br>Class Long<br>M_Seg_No Short_Integer<br>Entry_Number Short_Integer] |       |                 |             |       |                |                   |  |  |  |  |
| Figure 41: Known Segment Table                                                                                                                                   |       |                 |             |       |                |                   |  |  |  |  |
|                                                                                                                                                                  |       |                 |             |       |                |                   |  |  |  |  |

- 159 -

The Mentor\_Seg\_Nr field is a number representing the segment number of a segment's parent or "mentor" segment. Its importance will discussed shortly.

The Entry\_Nr field is a number representing a segment's index number into its parent or mentor segment's Alias Table (not yet discussed).

The Alias Table is a Memory Manager database and will be described later. The aliasing scheme provided via the aliass tables is used to prevent passing system wide information out of the Kernel (i.e., the Unique\_ID of a segment). The "alias" of a segment is the concatenation of the Mentor\_Seg\_Nr with the segment's Entry\_Nr (index) into the mentor segment's Alias Table. It is clear that the last two fields of a KST record are the "alias" of that segment.

### B. NON-DISCRETIONARY SECURITY MODULE

The key in protection of secure information using internal controls was identified as the security kernel concept. The basic idea within this concept is to prove the hardware part of the Kernel correct and, similarly, to keep the software part small enough so that proving it correct is feasible. A central component of the kernel software is the Non-Discretionary Security Module (hereafter referred to as the NDS Module). The NDS Module is concerned only with the non-discretionary aspect of the security policy in effect; since the discretionary aspect is subservient in nature to

- 160 -

the non-discretionary aspect, it is then sufficient that the Kernel contain only the software representing the non-discretionary aspect of the security policy. The discretionary security is provided outside the kernel in the SASS supervisor. Every attempt to access information must result in an invocation of the NDS Module.

The function of the NDS Module is to compare two classifications (viz., compare two labels), make a decision as to their relationship (i.e., =,>,<,i), and return a true/false interpretive answer relative to the query of the calling procedure. The mechanism used as a basis is the lattice model abstraction previously discussed. The NDS Module does not require a database since the labels it compares are stored in (passed from) other Kernel databases.

# C. <u>MEMORY MANAGER</u>

# 1. Function

The Memory Manager process is the only component of the non-distributed kernel. It is responsible for managing the real memory resources of the system -- main (local and global) memory and secondary storage. It is tasked by other processes within the Kernel domain (via Signal and Wait) to perform memory management functions. This thesis will address the Memory Manager in terms of two components: (1) the Memory Manager Process (also called the nondistributed kernel and the Memory Manager Module), and (2) the distributed

- 161 -

Memory Manager (also called the Distributed Memory Manager Module). The former is the "true" memory manager while the latter is the interface with other processes, that is, it resolves the issue of interprocess communication with the "true" memory manager.

The Distributed Memory Manager Module creates the following extended instruction set: MM CREATE ENTRY, MM DELETE ENTRY, MM\_ACTIVATE, MM\_DEACTIVATE, MM\_SWAP\_IN, and MM\_SWAP\_OUT. The instructions form the mechanism of communication between the Segment Manager of a process and a memory manager process (where the actual memory management functions are performed). The Memory Manager Process instruction set corresponds one to one with that of the Distributed Memory Manager; the set consists of: CREATE ENTRY, DELETE ENTRY, ACTIVATE, DEACTIVATE, SWAP IN, and SWAP OUT. The basic functions performed by the Memory manager are allocation/deallocation of global and local memory and of secondary storage, and segment transfers from local to global memory (and vice-versa) and from secondary storage to main memory (and vice-versa).

# 2. Databases

A detailed and descriptive discussion of the Memory Manager databases is presented in the work of Gary and Moore [5], and the reader may refer to it for memory manager database details. This thesis addresses the implementation of the distributed Memory Manager but not the Memory Manager Process, thus brief descriptions are provided of the latter's databases.

The Global Active Segment Table (G\_AST) is a system wide (i.e., shared by all memory manager processes) database used to manage all active segments. A lock/unlock mechanism is used to prevent race conditions from occurring. The distributed memory manager of the signalling process locks the G\_AST before it signals the memory manager process.

The Local Active Segment Table (L\_AST) is a processor local database which contains an entry for each segment active in a process currently loaded in local memory.

The Alias Table is a system wide database associated with each nonleaf segment in the Kernel. It is a product of the aliasing scheme used to prevent passing system wide information out of the Kernel. The alias table header (provided for file system reconstruction after system crashes) has two pointers, one linking the alias table to its associated segment, the other linking the alias table to the mentor segment's alias table. The fields in the alias table are Unique\_ID, Size, Class, Page\_Table\_Loc, and Alias\_Table\_Loc. The index into the alias table is Entry\_No.

The Memory Management Unit Image (MMU\_Image, Figure 42) is a processor local database indexed by DBR\_No (viz., for each DBR\_No there is a MMU\_Image record, with each record containing a software image of the segment descriptor regis-

- 163 -

ters of the hardware MMU). The MMU\_Image is an exact image of the MMU. Each record is indexed by Segment\_NO (segment number) and each Segment\_No entry contains three fields. The Base\_Addr field contains the segment's base address in memory. The Limit field contains the number of blocks of contiguous storage for the segment (zero indicates one block). The Attributes field contains 8 flags including 5 which relate to the memory manager. The Blks\_Used field and the Max\_Blks (available) fields are per record (not per segment entry) and are used in the management of each process' virtual core.

The Memory Bit Maps (Disk\_Bit\_Map, Global\_Memory\_Bit\_Map, and Local\_Memory\_Bit\_Map) are memory block usage maps that use true/false flags (bits) to indicate the use or availability of storage blocks.

The only database in the Distributed Memory Manager is: the Memory Manager CPU Table (Figure 43). It is an array of memory manager VP\_ID's (MM\_VP\_ID) indexed by CPU number. This table enables a signalling process to identify the appropriate memory manager process (virtual processor) to signal.

- 164 -

\_\_\_\_\_\_ \_\_\_\_\_ Blocks Used Max Avail Blocks Segment |Base Addr | Limit |Attributes | NO. 1 I. Ł ÷. L L L I. Ł Ł 1 V Ł 1 Ł Ł 1 ł 1 ł Ł ł 1 ł Ł 1 Array [Max\_DBR\_No MMU] MHU\_Image Record [SDR Array [No\_Seg\_Desc\_Reg MMU

DBR\_NO ---->

Address Word [JBR Allef [Mc\_Scy\_Score\_acy] Seg\_Desc\_Reg Record [Base\_Addr Address Limit Byte Address Word

Figure 42: Memory Management Unit Image

- 165 -



Figure 43: Memory Manager-CPU Table

# D. SUMMARY

The segment management functions and key related concepts (such as segmentation) were discussed in this chapter. The importance of segmentation to data sharing and information security was emphasized as were key information security concepts. With this background, the implementation of: segment management and a non-discretionary security policy will be described in the following chapter.

- 166 -

#### Chapter IVIII

# SEGMENT MANAGEMENT IMPLEMENTATION

The implementation of segment management functions and a non-discretionary security policy is presented in this chapter. Paramount to this implementation were several key issues that affected the implementation. These issues are discussed first. The implementation is discussed in terms of the Segment Manager, Non-Discretionary Security (NDS), and Distributed Memory Manager modules.

# A. IMPLEMENTATION ISSUES

Segment management for the SASS was provided through the implementation of the Segment Manager Module, the NDS Module, and the Distributed Memory Manager Module. Additionally, since a demonstration/testbed was integral to the testing and verification of the implementation, it was necessary to complete other supportive tasks. Reitz [12] provided a demonstration of the operation of the Inner Traffic Controller primitives SIGNAL and WAIT (for interprocess communication). Integral to this demonstration was the correct performance of the Inner Traffic Controller VP scheduling mechanism and a "stub" of the Traffic Controller and its process scheduling mechanism (the TC support and use of the

- 167 -

mechanism of eventcounts and sequencers was not a part of the demonstration). The Segment management demonstration (hereafter referred to as "Seg\_Mgr.Demo") was "built on top of" Reitz' ITC synchronization primitive demonstration (hereafter referred to as "Sync. Demo"). Thus, an immediate issue was to resolve the feasibility of adding on to Sync.Demo and also to refine the present design of the Sync. Demo to facilitate its integration into the Seg\_Mgr.Demo. One aspect of this effort was in resolving the problem of how to pass (i.e., in interprocess communication) a larger message.

### 1. Interprocess Messages

The Sync.Demo passed "word" (16 bit) messages. To provide the mechanism for the distributed memory manager to signal the memory manager process with a command function identification code and the arguments needed to perform that function (e.g., CREATE-ENTRY and its input arguments), a message size of at least eight words (16 bytes) was neces-An obvious answer was to signal with an array of sary. eight words as the message. PLZ/SYS, however, does not allow passing arrays in its procedure calls (a procedure call is analogous to a subroutine call). Another alternative was to signal with a pointer to the array of words, since PLZ/SYS does allow passing pointers in procedure calls (thus the message would be a pointer to the real message). This,

however, would be invalid in the segmented implementation (on the Z8000 segmented microprocessor) since identical segment numbers in different processes may not refer to identical segments. For example, a pointer in a process (e.g., file management) points to an array (i.e., provides its address) by segment number and offset; passing this pointer to another process (e.g., memory manager) would provide this same segment number and offset which, of course, may be a different object in the second process's address space).

Another alternative considered was that of a shared "Mailbox" segment with an associated eventcount acted on by the Kernel Inner Traffic Controller primitives TICKET, ADVANCE and AWAIT. A design for using this concept in the supervisor ring is provided by Parks [9]. This alternative was not deeply considered since these primitives are not included in the current Inner Fraffic Controller.

The method ultimately used to signal the new length messages is based on the fact that the ITC is in both the signalling and the receiving (memory manager) processes' address space. The message is loaded into an array in process #1 and a pointer to the array is passed in the call SIGNAL; the VPT. the ITC's database, is then updated by (using the pointer) putting the message into its MSG\_Q section. The message is retrieved by process #2 by execution of Reitz' WAIT primitive with only one refinement. That refinement is for the "waiting" process to provide as an argument (in the

- 169 -

WAIT primitive) a pointer to its own message array so that the message in the VPT can be copied to it. This refinement provides for passing a long message essentially "by value" between processes.

# 2. <u>Structures as Arguments</u>

Another issue concerned the use of pointers in the implementation of segment management. This necessary "evil" is a result of the need to pass linguistically "complex" data types in procedure calls. Complex types refer to array and record structures in PLZ/SYS (as opposed to the "simple" types--byte, word, integer, short-integer, long, and pointer). In managing databases (e.g., KST, G\_AST) which consist of arrays of records (which in turn contain records and/or arrays), it was frequently necessary to reference data as an array or record. Within a process, the use of pointers was not a problem (i.e., not a problem such as would be encountered in IPC passing of pointers).

## 3. <u>Reentrant Code</u>

The issue of code reentrancy was addressed at the assembly language level through the use of a stack segment and registers for storage of local variables. PLZ/SYS (high level language) does not address reentrant procedures and thus the segment management high level code is not automatically reentrant. The problem of reentrancy can be seen by looking at a shared procedure that is not reentrant; such a procedure has storage for its variables allocated statically in memory. Suppose a procedure (e.g., in the Kernel) can be activated by more than one process. While the procedure is executing in one process, a process switch occurs (e.g., to wait for a disk transfer) and its execution is suspended. The second process is activated, and while it is running it invokes the procedure. While the procedure is executing for the second process it uses the same storage space for variables as it did when executing for the first process. Eventually, it relinquishes the processor. However, when the procedure resumes its execution for the first process, the variable values that were in use by it originally have been changed during its execution in the second process. Thus, incorrect results are now inevitable.

# 4. Process Structure of the Memory Manager

References to the "Memory Manager" in past works have generally meant the memory manager process (non-distributed kernel). This work references two distinct components of the "memory manager module". The Distributed Memory Manager is an interface provided to the Memory Manager Process. It is, in fact, distributed in the address space of each Supervisor process. In contrast, the Memory Manager Process clearly is not distributed and its address space is contained entirely in the Kernel.

- 171 -

# 5. Per-Process Known Segment Table

Another key issue was that of the per process Segment Manager database, the KST. Since each process has its own KST, it cannot be linked to the (shared) segment manager procedures. To implement the KST as a per process database, it was convenient to establish, by convention, a KST segment number that is consistent from process to process. That segment in each process is the KST segment for that process. Implementation is then accomplished by using the segment number to construct a pointer to the base of the appropriate KST. It is then easy to calculate an appropriate offset to index any desired entry in the KST data.

### 6. DBR Handle

In Reitz's implementation of the multilevel scheduler and the IPC primitives, references to "DBR" (descriptor base register) are references to an address. That address value represents a pointer to an MMU\_IMAGE record containing the list of descriptors for segments in the process address space. Gary and Moore [5] reference a "DBR\_NO" that is essentially a handle used within the memory manager as an index within the MMU\_IMAGE to a particular MMU record. The base address of the MMU record indexed by DBR\_NO is then equivalent to the concept of DBR value used in Reitz' work. The effect of this inconsistency on the segment management implementation was minor and will be further discussed later in this chapter.

#### B. SEGMENT MANAGER MODULE

The Segment Manager Module consists of six procedures representing the six extended instructions it provides. These are based on the design of Coleman [2]. Only calls from external to the Kernel (via the Gate Keeper) may be made to the Segment Manager (per the loop-free structure of the SASS). The normal sequence of invocation of the Segment Manager functions to allow referencing a segment is: (1) CREATE\_SEGMENT--allocate secondary storage for the segment and update the mentor segment's Alias Table, (2) MAKE\_KNOWN--add the segment to the process address space (segment number is assigned), (3) SWAP IN--move the segment from secondary storage into the process's main memory. The normal sequence of invocation to "undo" the above is: (1) SWAP\_OUT--move the segment from main memory to secondary storage, (2) FERMINATE--remove the segment from the process's address space, (3) DELETE\_SEGMENT--deallocate secondary storage and remove the appropriate entry from the alias table of its mentor segment. The six Supervisor entries into the Segment Manager (viz., the six extended instructions) will be discussed individually below. The PLZ/ASM listings for the Segment Manager are in Appendix H.

- 173 -

### 1. Create a Segment

The function that creates a segment (i.e., adds a new segment to the SASS) is CREATE\_SEGMENT. This function validates the correctness of the Supervisor call by checking the parameters and making certain security checks. The distributed memory manager is then called to accomplish interprocess communication with the Memory Manager Process, where segment creation is realized through secondary storage allocation and alias table updating.

passed as arguments: (1) Men-CREATE SEGMENT is tor\_Seg\_No--the segment number of the mentor segment of the segment to be created, (2) Entry No--the desired entry number in the alias table of the mentor segment, (3) Class--the access class (label) of the segment to be created, and (4) | Size--the desired size of the segment (in blocks of 256 € initial check is to verify that the desired bytes). The size does not exceed the designed maximum segment size. Iff this check is satisfactory, a conversion of the Mentor Seq No to a KST index is necessary. This is because the Kernel segments use the first several segment numbers available but do not have entries in the KST. Thus if there were 10 Kernel segments and a system segment had segment number 15, then its index in the KST would actually be 5 (i.e., the Kernel segments would use numbers 0-9, and this segment would be the sixth segment in the KST and its index would be 5). A call is then made to the procedure

ITC\_GET\_SEG\_PTR with the constant KST\_SEG\_NO passed as а parameter. This procedure will return a pointer to the base of this process! KST. This pointer is then the basis for addressing entries in the KST. The next check is to see if the mentor segment is known (viz., is in the address space of the process, and thus, in the KST). The key to determining if any segment is known is the mentor segment entry (M\_SEG\_No) for that segment in the KST. If not known, this entry in the segment's KST record will be filled with the constant NULL\_SEG. The basis for checking to see if the segment's mentor segment is known is the aliasing scheme implication that a mentor segment must be known before a segment can be created. The process classification must next be obtained from the Traffic Controller. The process classification is checked to ensure that it is equal to the classification of the mentor sequent since write access to its alias table is needed to create a segment. The NDS module's CLASS\_EQ procedure is called and returns a code of true or false. The last check is the compatibility cneck to ensure that the classification of the segment to be created is greater than or equal to the classification of the mentor segment. This is accomplished by calling the NDS Module's CLASS\_GE procedure which returns a code of true or false. If any of these checks are unsatisfactory, an appropriate error code is generated and the Segment Manager returns to its calling point. If all checks are satisfactory, then a

- 175 -

pointer to the mentor segment's MM\_Handle array is derived (HPTR). Note that in the current memory manager design [5] the actual MM\_Handle contents are a Unique\_ID (a long word, viz., two words concatenated), and an Index\_No (index into the G\_AST, a word); thus together these two fields are a total of three words. Since the Segment Manager does not interpret this handle, it is considered a three word array at this level. For this reason, the entire uninterpreted MM\_Handle array will be passed by passing its pointer. This pointer and Entry No, Size, and Class are then passed in a the distributed memory manager procedure call to MM\_CREATE\_ENTRY. This procedure, in turn, performs IPC with the memory manager process where segment creation ultimately is accomplished. A success code is returned in an IPC message from the memory manager process via the distributed memory manager to the CREATE\_SEGMENT procedure to indicate success or failure as appropriate. This success code is checked by the Segment Manager to ensure confinement would not be violated if it is returned to the calling process! supervisor domain. Only after the success code has been returned can the action of segment creation be considered com-Segment creation does not imply the ability to replete. ference that segment; MAKE\_KNOWN will accomplish that.

# 2. Delete a Segment

The function that deletes a segment (i.e., deletes a segment from SASS) is DELETE\_SEGMENT. Validation of parameters and security checks are performed here similar to (but fewer than) the CREATE\_SEGMENT checks. The distributed memory manager is then called to cause IPC with the memory manager process, where segment deletion is realized through secondary storage deallocation and alias table entry deletions. DELETE\_SEGMENT is passed as arguments: (1) Mentor\_Seg\_No and (2) Entry\_No. Conversion of the Mentor\_Seg\_No to a KST index is accomplished first. The pointer to the base of the KST is located and returned, as before. The mentor sequent is checked to ensure it is known, again, by verifying that its own M\_SEG\_No (mentor segment number) entry in the KST is not the NULL\_SEG. The process classification is obtained from the TC and checked (by a call to CLASS\_EQ) to ensure it is equal to the mentor segment classification, since deleting an entry requires write access to the alias table. If all checks are satisfactory, then the mentor segment's MM\_Handle pointer is derived. This pointer and the mentor segment alias table entry number are passed in a call to the distributed memory manager procedure MM DELETE ENTRY. It then performs IPC with the memory manager process where segment deletion is accomplished and a success code is returned as before.

- 177 -

#### 3. <u>Make a Segment Known</u>

The function that makes a segment known (i.e., adds that segment to the process' address space by assigning a segment number, updating the KST, and causing the memory manager process to "activate" the segment (that is, add it to the AST )) is MAKE\_KNOWN. Making a segment known is the way the Supervisor declares its intention to use a segment. MAKE\_KNOWN is passed as arguments: (1) Mentor\_Seg\_No, (2) Entry\_No, and (3) Acess\_Desired (e.g., write, read, or null). It returns (1) a success code, (2) the access allowed to the segment, and (3) the segment number. Conversion of the mentor segment number to a KST index, finding the KST pointer, and verifying that the mentor segment is known occur as previously discussed.

There are three basic cases that may occur in MAKE\_KNOWN: (1) the segment is already known (has an entry) in the KST), (2) the segment is not known and there is a segment number available, or (3) the segment is not known and there is no segment number available.

A search is made of the KST using each record's (segment's) M\_SEG\_NO (mentor segment number) and Entry\_Number fields as the search key. If these two fields match the input values Mentor\_Seg\_No and Entry\_No, then the record indexed is that of the desired segment; thus the segment to be made known is already known. In this case, all that need be done is to return the success code, segment number (converted from the index by adding to it the number of kernel segments), and the access allowed (equal to the Access\_Mode entry in the KST for the already known segment).

During the search of the KST, the M\_SEG\_No field is also checked to see if it contains the NULL\_SEG entry (this implies that the segment number associated with the record is "available"). The first time this is noted, the index is saved. Note the first available index is saved since it is desired to assign segment numbers at the "top" of the KST to keep it dense there. When the search does not find that the segment is already known, the index for the available segment number is retrieved and converted to segment number by adding to it the number of kernel segments. If this index is the NULL\_SEG entry, then there is no segment number available. In this event, the success code is set to NO\_SEG\_AVAIL, the segment number is assigned NULL\_SEG, and access allowed is set to NULL\_ACCESS (this is the third case mentioned). If the index is not equal to NULL\_SEG and conversion to segment number has occurred then the Traffic Controller is called to provide the DBR\_No (descriptor base register number) for the current process. The DBR\_No is used by the memory manager process as an index in the MMU\_Image and the local AST. The distributed memory manager procedure MM Activate is called: it is passed the DBR number, the pointer to the mentor segment's MM\_Handle entry, the mentor segment alias table Entry\_No, and the segment

- 179 -

number. MM\_Activate performs the normal interface function (performs IPC with the memory manager process procedure that updates the local and global AST's) and also updates the KST entry for the new segment's MM\_Handle entry (returned from the memory manager process). It also returns to the Segment Manager the success code, the segment classification, and the segment size from the memory manager process. If the success code is "succeeded" then the issue of access to be granted must be resolved. The process classification is obtained from the TC and passed with the segment classification to the NDS Module procedure CLASS\_GE. If the CONDITION\_CODE returned is FALSE then access allowed is NULL ACCESS, the segment number is NULL SEG, and MM\_DEACTIVATE is called to deactivate the segment. An appropriate error code is returned. If it is greater than or equal then the access allowed is assigned as follows: (1) the two classifications are compared again--this time to see if equal; (2) If they are equal, then the access allowed is either read or write per the access desired; (3) if they are not equal (i.e., the process class is greater than the seqment class) then the access allowed is read. Finally the KST entries for that segment number (more accurately for its index in the KST) are filled with the appropriate information (e.g., IN\_CORE is false, etc.). If the success code returned from the memory manager process via the distributed memory manager is not "succeeded", then the segment number

is set to NULL\_SEG and the access allowed is set to NULL\_ACCESS.

# 4. Make a Segment Unknown (Terminate)

0:

The function that makes a segment unknown (i.e., removes that segment from the process' address space--by updating the KST and causing the memory manager process to "deactivate" the segment) is TERMIMATE. It results in removal of the M\_SEG\_No (mentor segment number) entry from that segment's KST record. Terminate is passed the segment number of the segment to be terminated as an argument. It returns a success code. Conversion of the segment number to a KST index, finding the KST pointer, and verifying that the segment is known occurs in the same manner as previously discussed. The next check is to verify that the segment is not still lcaded in the process' virtual core (viz., it has been "swapped-out"). If not, an error code is returned and the user must cause the Segment Manager extended instruction SM\_SWAP\_OUT to be executed. The next check is to ensure that the user is not attempting to terminate a Kernel segment. The first several segment numbers in a process' address space will be used by Kernel procedures and data (though they will not be entries in the KST). Thus if there vere 10 Kernel segments, then the segment number to be terminated must be greater than or equal to #10 (since the Kernel segments used #'s 0-9). Thus a check is made to ensure

- 181 -

that the segment number is not less than the number of Kernel segments; otherwise an error code is returned. Next, the segment number is checked to ensure that it is not larger than the maximum segment number allowable (if so, an error code is returned). If all checks are satisfactory, then the segment's MM\_Handle pointer and the process DBR\_No are obtained (as discussed before) and passed in a call to the MM\_Deactivate procedure. It calls the memory manager process procedure DEACTIVATE which removes or updates (as appropriate) the entries in the local and global AST's.

# 5. <u>Swap a Segment In</u>

The function that swaps a segment from secondary storage to main memory (global or local) is SM\_SWAP\_IN. It is passed the segment number of the segment to be swapped in as an argument and returns a success code. Conversion of the segment number to a KST index, finding the KST pointer, and verifying that the segment number is known are accomplished as previously discussed. If the check is satisfactory, then the segment's MM\_Handle pointer and the process DBR number: are obtained. They are passed with the segment's access mode (from the KST) as arguments in the call to MM\_SWAP\_IN. It performs normal interface (IPC) functions and returns a success code from the memory manager process' SWAP\_IN procedure (where, if not already in core, allocation of main memory space and reading the segment into main memory occurs). If the success code is "succeeded" then the segment's IN\_CORE entry in the KST is updated to show that the segment is in main memory for this process (i.e., the entry is now "true").

# 6. Swap a Segment Out

1×.

The function that swaps a segment from main memory to secondary storage is SM\_SWAP\_OUT. It is passed the segment number of the segment to be swapped out as an argument and returns a success code. The behavior of SM\_SWAP\_OUT is exactly analogous to that of SM\_SWAP\_IN except that the segment's KST IN\_CORE entry is updated to reflect that the segment has been removed from main memory for this process (i.e., the new entry is "false").

# C. NON-DISCRETIONARY SECURITY MODULE

The Non-Discretionary Security Module implements the non-discretionary security policy for the SASS. The NDS module contains two procedures: CLASS\_EQ and CLASS\_GE; both compare two labels (classifications) and determine if their relationship meets that of the procedure's name (i.e., equal, or greater than or equal). Although the type of checks being made are, in fact, compatibility checks, Simple Security Condition checks, etc, the NDS Module does not recognize or need to recognize this. It simply uses an algorithm to determine if classification #1 = classification #2

- 183 -

or if classification #1 >= classification #2, as appropriate. It then returns a condition code of true or false in accordance with the particular case. The earlier discussion of label comparison in accordance with a partially ordered lattice structure is relevant in discussing the NDS Module's algorithm. Consider the same "totally ordered" relationship TS > S > C > U of levels and the "disjoint" relationship Cy | N | Nu | % of categories. Comparison of levels will be numerical comparisons while comparison of categories will use set theory comparison as a basis. If TS=4, S=3, C=2, U=1 are level numerical assignments, then the totally ordered relationship is maintained (i.e., TS>S>C>U is still true). Now consider the categories and make the following assignments: Cy=1, N=2, Nu=4, %=0. Note that a classification may have only one level and one category set (the category set : may contain several categories). Consider this example: (TS, Cy,N. The level is TS (=4). The category is the set Cy,N and numerically is formed by performing a logical OR with the categories Cy and N. Sixteen bit representation of this is:

CY OR N

(0000 0000 0000 0001) OR (0000 0000 0000 0010)

 $= 0000 0000 0000 0011 = Cy_N$ 

If (TS, Cy,N) is considered label #1 and (S, N) as label

#2 then a comparison of the two labels would be:

(1) Compare level #1 with level #2 -- 4 > 3?

Clearly, the answer is yes.

- 184 -

(2) Compare category #1 with category #2 -- is (0000 0000 0000 0011) a superset of (0000 0000 0000 0010), or more clearly is the latter a subset of the former?

The answer is yes, and one way to show that is true is by performing a logical OR of category #1 with category #2 and comparing the result to category #1. If the result of the OR operation equals category #1 then category #1 is a superset (not necessarily proper) of category #2. Since usage of the term subset is more frequent than that of superset, this relationship will typically be stated as "category #2 is a subset of category #1. To illustrate the above: Cy,N OR N : (0000 0000 0000 0011) OR (0000 0000 0000 0010)

= 0000 0000 0000 0011 = category #1.

This means , in this example, that category #2 is a subset (not necessarily proper) of category #1. Since level #1 > level #2 and category #2 subset category #1 then label #1 > label #2. Thus, a call to the CLASS\_EQ procedure with these two labels as the input classifications would return a condition code of false while CLASS\_GE would return true. The decision to have the classifications as long word (32 bits) supports the requirement of some DoD specifications for eight levels and sixteen categories. This module uses sixteen bits for the level and sixteen bits for the category. Appendix I is the PLZ/ASM listings for the NDS Module.

- 185 -

### 1. Equal Classification Check

The CLASS\_EQ procedure performs comparison of two classifications (labels) and returns a condition code of true if they are equal (an exact match of the two long words bit per bit) or false if they are not.

# 2. Greater or Equal Classification Check

The CLASS\_GE procedure performs comparison of two classifications (labels) and returns a condition code true if classification #1 is greater than or equal to classification #2 or a condition code of false otherwise. For classification #1 to be greater than or equal to classification #2, the following must be true: (1) level #1 >= level #2 (determine this by simple numerical comparison of values) and (2) category #2 subset category #1 (determine this by performing a logical OR with the categories and comparing the result to category #1 -- if they are equal then category #2 is a subset of category #1).

Since PLZ/SYS allows passing only "simple" types in calls, the labels were passed as long words (as opposed to each being word arrays of length two). An access class label is never interpreted outside the NDS Module. However, within the NDS Module it is necessary to address the classification's components separately (viz., level and category). Thus, an "overlay" of the logical view of the classification was created. This overlay was a record of type ACCESS\_CLASS and it consisted of two fields: level -- 16 bit integer and category -- 16 bit integer. A pointer type CPTR was declared to be of type pointer to ACCESS\_CLASS. Two other pointers CLASS1\_PTR and CLASS2\_PTR were declared to be of type CPTR and were set equal to the base address of CLASS1 and CLASS2 respectively. This "overlay" of the record frame over the two classification labels passed as arguments allowed the desired component addressibility. Futhermore, the non-discretionary policy enforced by SASS can be changed from the current DoD policy to another lattice policy by changing (only) the NDS Module.

# D. DISTRIBUTED MEMORY MANAGER MODULE

The Distributed Memory Manager Module performs as an interface between the Segment Manager and the Memory Manager Process. As its name implies, it is distributed in the kernel domain of each Supervisor process. The key role performed in this module is to arrange and perform interprocess communication between its process (actually the VP) and the memory manager process (VP). The module consists of eight procedures. Six of the procedures are called directly by Segment Manager procedures; they are MM\_CREATE\_ENTRY, MM\_DELETE\_ENTRY, MM\_ACTIVATE, MM\_DEACTIVATE, MM\_SWAP\_IN, and MM\_SWAP\_OUT. The other two procedures are "service" procedures called by multiple procedures; they are: MM\_GET\_DBE\_VALUE and PERFORM\_IPC. The logic used in the first six procedures is somewhat uniform (except for MM\_ACTIVATE). Thus, the general logic will be explained (with MM\_CREATE\_ENTRY as an example) and it should suffice as a description for all (except MM\_ACTIVATE) procedures. The service procedures will be described separately.

# 1. <u>Description of Procedures</u>

Each procedure is invoked (and returns) on a one to one basis with a corresponding procedure in the Segment Manager. For example, CREATE\_SEGMENT invokes MM\_CREATE\_ENTRY which signals the CREATE\_ENTRY procedure in the Memory Manager Process Module. Associated with each procedure is an IPC message "frame" to describe the unique format of the contents of the message to be signalled to the memory manager process. Similarly, there must be a message "frame" for return messages from the memory manager process; this frame is the same for all but the MM\_ACTIVATE procedure. Consider the message frame for MM\_CREATE\_ENTRY; it consists of: (1) a code to describe which function is to be performed (e.g., CREATE\_CODE indicates that the CREATE\_ENTRY procedure is the intended recipient of the message), (2) MM\_Handle (an array of three words), (3) Entry\_No, (4) Size, and (5) Class. The message frame has a filler (in this case) of one byte to ensure that it is of length 16 bytes. The purpose of this frame is to provide an overlay onto the actual message array to be signalled and to facilitate loading the arguments into

the message array. This is accomplished by having a pointer of the type that points to the frame but by converting its address so that it actually points to the base of the message array. Consider these lines of PLZ/SYS code:

# CE\_MSGPTR := CE\_PTR COM\_MSGPTR

# CE\_MSGPTR-.CREATE\_CODE := CREATE\_ENTRY\_CODE

This code is putting a value into the structure pointed to by CE\_MSGPTR at entry CREATE\_CODE. The key point is that the frame of that structure is, in fact, CREATE\_MSG (as described before), but the physical location pointed to is the message array. This is assured by having the pointer CE\_MSGPTR (which points to a structure of type CREATE\_MSG) set equal to a pointer (COM\_MSGPTR) to the actual message array (COM\_MSGBUF). This is accomplished by the first line of code. The message array itself is never directly referenced, but rather the message array that is overlayed by the message frame is filled in the format of the CREATE MSG frame. In this example, the first two bytes of the message array now contain the value of the constant CREATE\_ENTRY\_CODE. The remainder of the message array is filled in the same manner (all procedures use the same notion of a frame, although the frames have different formats). The PERFORM\_IPC (perform interprocess communication) procedure is called by all procedures at this point in their execution. The key is that the argument passed is the message array pointer not the pointer to the CREATE\_MSG record

- 189 -

(after all it is only an overlay frame -- linguistically, it is only a type and is never declared as a structure requiring memory storage allocation). When PERFORM\_IPC returns, the message array contains a return message. This message consists of only a success code and filler space in all cases but MM\_ACTIVATE. Interpretation of the return message is performed in the same manner as loading the message array. The retrieved success code is returned to the calling Segment Manager procedure. For MM\_ACTIVATE, the return message must be interpreted and values for success code, segment size, and segment classification retrieved and returned to the Segment Manager MAKE\_KNOWN procedure. The value for the MM\_Handle (called the G\_AST\_Handle by the memory manager process) must be retrieved and entered in the KST record for this segment.

# 2. Interprocess Communication

The final arrangements and actual performance of IPC is completed by the internal procedure PERFORM\_IPC. By locating the identity of the current physical processor (CPU) and using that identity to index into the MM\_CPU\_TABLE, the VP\_ID of the current memory manager is resolved, so that the memory manager process dedicated to this physical processor is signalled. The call to K\_LOCK is, in fact, a disguised call to the SPIN\_LOCK procedure (since K\_LOCK calls SPIN\_LOCK). K\_LOCK represents an ultimate (as yet unimplemented) goal of

- 190 -

a Kernel locking (wait-lock) system. In any event, the G\_AST lock must be set prior to signalling the memory manager process. After SIGNAL has been called, a call is made to WAIT with the pointer to the message array as the argument. The synchronization cycle that results is: (1) PERFORM\_IPC calls the ITC procedure SIGNAL with the memory manager VP ID and message array pointer as arguments; PERFORM\_IPC then calls WAIT with the message array as the argument, (2)SIGNAL causes the message array to be copied into the message queue (in the VPT) of the appropriate VP ID, (3) ultimately, the signalled VP is scheduled; it had previously called WAIT, passing a pointer to its own local message array; the action of WAIT is to copy the message from the VPT to the signalled process' local message array; there it is interpreted by the memory manager process main procedure and the appropriate procedure is called for action (e.g., CREATE\_ENTRY), (4) when action is completed the memory manager process fills its local message array with the appropriate return message and calls SIGNAL with a pointer to the message and the original signalling process' VP\_ID as arguments, (5) SIGNAL causes the memory manager process! message to be copied into the VPT message queue for the appropriate VP ID, (6) that VP is eventually scheduled and through the action of WAIT has the return message copied from its message queue in the VPT to its local message array; WAIT then returns to PERFORM\_IPC. The G\_AST lock is unlocked and PERFORM\_IPC returns to the appropriate distributed memory manager procedure.

The last procedure in the distributed memory manager is MM\_GET\_DBR\_VALUE. This procedure simply provides the service of translating a DBR\_NO (DBR number) into its appropriate DBR address. It is called by the TC\_GETWORK procedure to allow it to call the ITC procedure SWAP\_VDBR (remember that presently the Inner Traffic Controller deals with the DBR as the address of the appropriate MMU record in the MMU\_IMAGE while the Traffic Controller uses DBR as a DBR number which indexes to the appropriate MMU record).

### E. <u>SUMMARY</u>

The implementation of segment management functions and a non-discretionary security policy for the SASS has been presented in this chapter. The implementation of the Segment Manager Module, Non-Discretionary Security Module, and Distributed Memory Manager management demonstration was described.

- 192 -

#### Chapter XIX

# CONCLUSIONS AND FOLLOW ON WORK

The implementation of segment management for the security kernel of a secure archival storage system has been presented. The implementation was completed on Zilog's Z8002 sixteen bit nonsegmented microprocessor. Segmentation hardware (Zilog's Z8010 Memory Management Unit) was not available, therefore it was simulated in software as described by Reitz [12]. The loop free modular construction used in the implementation facilitates ease of expansion or modification.

A non-discretionary security policy was implemented using a partially ordered lattice structure as a basis. Enforcement was realized through an algorithm that compared two labels and determined if their relationship was equal to a desired relationship. Although the DoD security classification system was represented, any non-discretionary security policy that may be represented by a lattice structure may similarly be implemented. This implementation has shown that by having the non-discretionary security policy enforced in one module, changing to another policy requires changing only this one module.

- 193 -

Software engineering techniques used in previous work emphasized the advantages of working with code that is well structured, well documented, and well organized. Despite being written in assembly language, Reitz<sup>+</sup> implementation of multiprogramming and process management proved to be consistent in style, clarity and documentation. This enhanced the construction of a segment management demonstration which was built onto his synchronization demonstration. Further, refinements made to his code (not necessitated by any failures of his code) were relatively easily accomplished.

While the segment management implementation appears to perform properly, it has not been subjected to a formal test plan. Such a test plan should be developed and implemented.

The Memory Manager Process has been designed but not implemented. Segment management implementation, provision for IPC using more practical size messages, and the detailed design of the memory manager by Moore and Gary [5], provide a sound foundation for memory manager implementation. A framework of the mainline code needed is provided in the Memory Manager Module of the demonstration code in Appendix J. Prior to this implementation, formal testing of the segment management implementation herein and the monitor implemented by Reitz [12] should be completed.

- 194 -

#### PART F

# IMPLEMENTATION OF PROCESS MANAGEMENT FOR A SECURE ARCHIVAL STORAGE SYSTEM

This section contains excerpts from a Naval Postgraduate School MS Thesis by A. R. Strickler [19]. The origins of these excerpts are:

INTRODUCTION from Chapter I IMPLEMENTATION ISSUES from Chapter III PROCESS MANAGEMENT IMPLEMENTATION from Chapter IV CONCLUSION from Chapter V

Minor changes have been made for integration into this report.

#### Chapter XX

### INTRODUCTION

This thesis addresses the implementation of process management functions for the Secure Archival Storage System or SASS. This system is designed to provide multilevel secure access to information stored for a network of possibly dissimilar host computer systems and the controlled sharing of data amongst authorized users of the SASS. Effective process management is essential to insure efficient use and control of the system.

The major accomplishments of this thesis effort include the provisions for efficient process creation and management. These functions are provided through the establishment of a system Traffic Controller and the creation of a virtual interrupt structure. An effective mechanism for inter-process communication and synchronization is realized through an Event Manager that makes use of uniquely identified segments supported by eventcount and sequencer primitives. A hardware controlled two domain operational environment is created with the necessary interfacing between domains provided by a software "gate" mechanism. Additional support is provided through considerable work in the area of database initialization and a technique for limited dynamic memory allocation.

- 196 -

This implementation was completed on the commercial AMC Am96/4116 MonoBoard Computer with a standard Multibus interface.

- 197 -

#### Chapter XXI

#### IMPLEMENTATION ISSUES

Issues bearing on the implementation of process management and refinements made to existing modules are presented in this chapter. Process management for the SASS was provided through the implementation of the Traffic Controller Module, the Event Manager Module, the Distributed Memory Manager Module, and a Gate Keeper Stub (system trap). Additionally, since a demonstration/testbed was integral to the testing and verification of the implementation, it was necessary to complete other supportive tasks. These supportive tasks included limited Kernel database initialization, revised preempt interrupt handling mechanisms, Idle process definition and structure, and additional refinements to existing modules.

## A. <u>DATABASE INITIALIZATION</u>

Previous work on SASS has relied on statically built databases, which proved to be sufficient for demonstration of a single processor, single host supported system. In the current demonstration, multiple hosts are simulated, and the Kernel data structures have been refined to represent a multiprocessor environment. Since a multiprocessor system was

- 198 -

unavailable at the time of this demonstration, several "runs" were made and traced, using different logical CPU numbers, to show the correctness of this structure. Due to this multiprocessor representation and simulation of multiple hosts, the use of statically built Kernel databases was no longer convenient. Therefore, it became necessary to provide initialization routines for the dynamic creation of those Kernel databases required for this implementation. While it was not the intent of this effort to implement system initialization, care was taken in the writing of these initializing routines so that they might be utilized in the system intialization implementation with, hopefully, minimal refinement. Database initialization was restricted to those databases existing in the Inner Traffic Controller and the Traffic Controller. Limited elements of the Known Segment Table (KST) and Global Active Segment Table (G\_AST) were also created for demonstration purposes.

# 1. Inner Traffic Controller Initialization

A "Bootstrap Loader" Module, which logically exists at a higher level of abstraction within the Kernel, was created to initialize the databases of the Inner Traffic Controller. This initialization includes the creation of: 1) the Processor Data Segment (PRDS), 2) an MMU Map, 3) Kernel domain stack segments for Kernel processes, 4) allocation and updating of MMU entries for Kernel processes, and 5) Virtual Processor Fable (VPT) entries.

- 199 -

The PRDS was loaded with constant values that specify the physical CPU ID, logical CPU ID, and number of VP's allocated to the CPU. A design decision was made to allocate logical CPU ID's in increments of two (beginning with zero) so that they could be used to directly access lists indexed by CPU number. The MMU map, constructed as a "byte" map, was created to specify allocated and free MMU Image entries.

A separate procedure, CREATE\_STACK, was created to establish the initial Kernel domain stack conditions for Kernel processes. A discussion and diagram of these initial stack conditions is presented in the next section. Map and allocates the next ALLOCATE MMU checks the MMU availabe MMU entry to the process being created. The PRDS is inserted in the allocated MMU entry and the DBR number is returned to the calling procedure. The DBR number (handle) is merely the offset of the DBR in the MMU Image. Since the ITC deals with an address rather than a handle, a procedure, GET\_DBR\_ADDR, was created to convert this offset into a physical address. UPDATE\_MMU\_IMAGE is the procedure which creates or modifies MMU Image entries. UPDATE\_MMU\_IMAGE accepts as arguments the DBR number, segment number, segment attributes, and segment limits. To facilitate process switching and control, various process segments must possess the same segment number system wide. This is accomplished during initialization through the use of the UPDATE\_MMU\_IMAGE procedure. In the ITC, these segments include the PRDS (segment number zero) and the Kernel stack segment (segment number one).

The final task required in ITC intialization is the creation of the VPT. The VPT header is initialized with the "running" and "ready" lists pointers set to a 'nil' state, and the "free" list pointer set to the first entry in the message table. Virtual Processor entries are inserted in the main body of the VPT by the UPDATE\_VP\_TABLE procedure. Entries are first made for the VP's permanently bound to the Memory Manager and Idle processes. The VP bound to the MM process is given a priority of 2 (highest), and the VP bound to the Idle process is given a priority of 0 (lowest). The External VP ID for both of these VP's is set to "nil" as they are not visible to the Traffic Controller. The remaining VP's allocated to the CPU (viz., TC visible VP's) are then entered in the VPT with a priority of 1 (intermediate), and their "idle" and "preempt" flags are set. The preempt flag is set for these TC visible VP's to insure proper scheduling by the Traffic Controller. The DBR for these remaining VP's is initialized with the Idle process DBR. A discussion of "idle" processes and VP's will be provided later in this chapter. The External VP ID for each TC visible VP is merely the offset of the next available entry in the EXTERNAL VP LIST. This External VP ID is entered in the VPT, and the corresponding VP ID (viz., VPT Entry #) is entered in the EXTERNAL VP LIST.

- 201 -

Once these VPT entries have been made, it is necessary to set the state of each VP to "ready" and thread them (by priority) into the appropriate ready list. A VPT threading mechanism was provided by Reitz [12] in procedure MAKE\_READY. However, it was desired to have a more general threading mechanism that could be used for other lists. Procedure LIST\_INSERT was created to provide this general threading mechanism. LIST\_INSERT is logically a "library" function that exists at the lowest level of abstraction in the Kernel. This function threads an object into a list (specified by the caller) in order of priority, and then sets its state as specified by the calling parameters.

Once the "Bootstrap Loader" has completed ITC initialization, it passes control to the ITC GETWORK procedure to begin VP scheduling.

# 2. Traffic Controller Initialization

The initialization routines for the TC include TC\_INIT, CREATE\_PROCESS, and CREATE\_KST. These routines are called from the Memory Manager process. The MM process was chosen to initiate these routines as it is bound to the highest priority VP and will begin running immediately after the Inner Traffic Controller is initialized. Procedure MM\_ALLOCATE was written to allocate memory space for data structures during initialization (viz., Kernel stacks, user stacks, and KST's). Memory space is allocated in blocks of

- 202 -

100 (hex) bytes. MM\_ALLOCATE is merely a stub of the memory allocating procedure designed by Moore and Gary [5].

It was necessary to pass long lists of arguments to the TC for initialization purposes. To aid in this passing of parameters, a data structure template was used. This template was created by declaring the parameters as a data structure in both the sending and receiving procedures, and then imaging this structure at absolute address zero. The process' stack pointer was then decremented by the size of the parameter data structure, and the parameters were loaded into this data structure indexed by the stack pointer. This template made it very easy to send and receive long argument lists using the process' stack segment.

TC\_INIT initializes the APT header and virtual interrupt vector (discussed later). Each element of the running list is marked "idle", the ready and blocked lists are set to "nil", and the number of VP's and first VP for each CPU are entered in the VP table. The address of the virtual preempt handler is then passed to the ITC procedure CREATE\_INT\_VEC for insertion in the virtual interrupt vector.

CREATE\_PROCESS intializes user processes and creates entries in the APT. ALLOCATE\_MMU is called to acquire a DBR number, and an APT entry is created with the process descriptors (viz., parameters). The process is then declared "ready" and threaded into the approciate ready list by calling the threading function, LIST\_INSERT. A user stack

- 203 -

is allocated and UPDATE\_MMU\_IMAGE is called to include the user stack in the MMU as segment number three. The user stack contains no information or user process initialization parameters (viz., execution point and address space) as all processes are initialized and begin execution from the Kernel domain. Next, a Kernel domain stack is allocated and included in the MMU Image. A design decision was made to initialize the Kernel stacks for user processes with the same structure as the Kernel process' stacks. The rationale for this decision is presented in the next section. As a result of this decision, it became possible to use the CREATE\_STACK procedure in building Kernel domain stacks for both Kernel and user prosesses. CREATE\_STACK was therefore used as a library function and placed in the library module with LIST-INSERT.

Finally, a Known Segment Table (KST) stub is created to provide a means of demonstrating the mechanism provided by the eventcounts and sequencers for interprocess communication (IPC) and mutual exclusion. Space for the process' KST is created by calling MM\_ALLOCATE. The KST is then included in the process' address space, as segment number two, by UPDATE\_MMU\_IMAGE. Initial entries are made in the Known Segment Table by procedure CREATE\_KST. CREATE\_KST makes an entry in the KST for the "root" and marks the remaining KST entries as "available." The Unique\_ID portion of the root's handle (viz., upper two words) is initialized as -1 (for

- 204 -

convenience) and the G\_AST entry number portion of the handle (viz., lowest word) is initialized with zero.

# 3. Additional Initialization Requirements

As already mentioned, the Memory Manager Process prepares the arguments utilized by TC\_INIT, CREATE\_PROCESS, and CREATE\_KST for TC initialization and user process creation. Additionally, the MM process creates a Global Active Segment Table (G\_AST) stub utilized for demonstration of event data management. The G\_AST stub is declared in a separate module (viz., the DEMO\_DATABASE Module) with the format prescribed by Moore and Gary [5]. However, the only fields initialized utilized by this implementation are UNIQUE\_ID, and SEQUENCER, INSTANCE 1, and INSTANCE 2. The eventcounts and sequencer fields are initialized as zero whenever an entry is created in the G\_AST. The UNIQUE\_ID is created just to support this demonstration and does not reflect the segment's unique identifier as specified by Moore and Gary [5]. In this demonstration, UNIQUE ID is built with the parameters passed to MM\_ACTIVATE. The first word in UNIQUE\_ID is the G\_AST entry number of the segment's parent, and the second word is the segment's entry number into the alias table. The UNIQUE ID together with the offset of the segment's entry in the G\_AST comprise the segment HANDLE maintained in the KST. The first entry in the G\_AST is reserved for the root, and is initialized with an Unique\_ID of minus one

- 205 -

(-1). It should be noted that any call to MM\_ACTIVATE for a segment already possessing an entry in the G\_AST will not effect any changes to that entry. This is to insure that a single G\_AST entry exists for every segment as specified by Moore and Gary [5].

### B. <u>PREEMPT INTERRUPTS</u>

Various refinements were made in the handling of both physical (hardware) and virtual (software) preempt interrupts. A hardware preempt is a non-vectored interrupt that invokes the virtual processor scheduling mechanism (viz., ITC GETWORK). A virtual preempt is a software vectored interrupt that invokes the user process scheduling mechanism (viz., TC\_GETWORK). This implementation provides the notion of a virtual interrupt that closely mirrors the behavior of a hardware interrupt. In particular, there are similar constructs for initialization of a handler, invokation of a handler, masking of interrupts, and return from a handler. As with most hardware interrupts, a virtual interrupt can occur only at the completion of execution for an "instruction," where each kernel entry and exit for a process delimit a single "virtual instruction."

- 206 -

# 1. Physical Preempt Handler

The physical preempt handler resides in the virtual processor manager (viz., Inner Traffic Controller). The functions it perform are: 1) save the execution point, 2) invoke ITC GETWORK, 3) check for virtual preempt interrupts, 4) restore the execution point, and 5) return control via the IRET instruction. Reitz [12] included the hardware preempt handler in ITC GETWORK by establishing two entry points and two exit points, one for a regular call to GETWORK and another for the preempt interrupt. He had a separate procedure, TEST\_PREEMPT, that was used to check for the occurrence of virtual preempt interrupts. This structure works nicely, but it requires some means of determining how GETWORK was invoked so that the proper exiting mechanism is used. This was resolved by incorporating a preempt interrupt flag in the status register block of every process\* Kernel domain stack segment. A design decision was made to restructure the hardware preempt handler into a single and separate procedure, PHYS\_PREEMPT\_HANDLER. This allowed ITC GEZWORK to have a single entry and exit point, and it did away with the necessity of maintaining a preempt interrupt flag in the process stacks. PHYS\_PREEMPT\_HANDLER was constructed from the preempt handling code in GETWORK anċ procedure TEST\_PREEMPT. TEST\_PREEMPT was deleted from the ITC as its functions were performed by PHYS\_PREEMPT-HANDLER.

- 207 -

A further refinement was made to the hardware preempt handler dealing with the method by which the virtual preempt handler was invoked. Reitz [12] invoked the virtual preempt handler from TEST\_PREEMPT by means of the "call" instruction. Since the virtual preempt handler logically exists at a higher level of abstraction than the ITC, this invocation violated our notion of only allowing "calls" to lower or equal abstraction levels. However, this deviation was necessitated by the absence of a virtual interrupt structure. This problem was alleviated by creating a virtual interrupt vector in the ITC that is used in the same way as the hardware interrupt vector. The virtual preempt was given a virtual interrupt number (zero). The virtual interrupt handler is then invoked by means of a "jump" through the virtual interrupt vector for virtual interrupt number 0. This invocation occurs in the same manner that the handlers for hardware interrupts are invoked. The virtual interrupt vector is created by procedure CREATE\_INT\_VEC. CREATE\_INT\_VEC accepts as arguments a virtual interrupt number and the address of the interrupt handler. The creation of the virtual preempt entry in the virtual interrupt vector is accomplished at the time of the Traffic Controller initialization by TC\_INIT.

# 2. Virtual Preempt Handler

The virtual preempt handler (VIRT\_PREEMPT\_HANDLER) resides in the user process manager (viz., the Traffic Controller). The functions performed by VIRT\_PREEMPT\_HANDLER are: 1) determine the VP ID of the virtual processor being preempted, 2) invoke the process scheduling mechanism (viz., TC\_GETWORK), and 3) return control via a virtual interrupt return. The correct VP ID is obtained by calling RUNNING\_VP in the ITC. The Active Process Table is then locked, and the state of the process running on that VP is changed to "ready." At this time, process scheduling is effected by calling TC\_GETWORK. Once process scheduling is completed, the APT is unlocked and control is returned via a virtual interrupt return. This virtual interrupt return is merely a jump to the PREEMPT\_RET label in the hardware preempt hanaler (This jump emulates the action of the IRET instruction for a hardware interrupt return). This label is the point at which the virtual preempt interrupts are unmasked.

All Kernel processes are initialized to appear as though they are returning from a hardware preempt interrupt. All user processes initially appear to be returning from a virtual preempt interrupt. Therefore, the initial conditions of a process. Kernel domain stack is largely influenced by the stack manipulation of the preempt handlers. Figure 44 illustrates the initial Kernel domain stack structure for all system processes.



Figure 44: Initial Process Stack

- 210 -

The initial Kernel Flag Control Word (FCW) value is "5000", indicating non-segmented code, system mode of operation, non-vectored interrupts masked, and vectored interrupts enabled. The Current Stack Pointer value is set to the first entry in the stack (viz., SP). The IRET Frame is the portion of the Kernel stack affected by the IRET instruction. The first element, Interrupt ID (set to "FFFF") is merely popped off of the stack and discarded. The next element, Initial FCW, is popped and placed in the system Flag Control Word. Initial FCW is set to "5000" for Kernel processes and "1800" (indicating normal mode with all interrupts enabled) for user processes. The final element of the IRET frame, Initial IC is popped off of the stack and placed in the program counter (PC) register. This value is initialized as the entry address of the process in question.

The "register" entries on the stack represent the initial register contents for the process at the beginning of its execution. Since the Kernel processes (viz., MM and Idle) do not require any specific initial register states, their entries reflect the register contents at the time of stack creation. Initial register conditions are used to provide initial "parameters" required by the user processes. This will depend largely upon the parameter passing conventions of the implementation language. The means for register initialization was provided through CREATE\_PROCESS; however, the only initial register condition used for the user

- 211 -

processes in this demonstration was register #13. Register #13 was used to pass the user ID/Host number of the process created. This value is utilized by the user process in activating the segment used for inter-process communication between a Host's File manager and I/O processes. Another logical parameter passed to the user processes is the root segment number. This did not require a register for passing in the demonstration as it is known to be the first entry in the KST for all processes. The N\_S\_P entry on the stack represents the initial value of the normal stack pointer. For user processes, this value is obtained when the Supervisor domain stack for that process is created. For Kernel processes, this value is set to "FFFF" since they execute solely in the Kernel domain and have no Superivsor domain stack. The Preempt Return Point specifies the address where control will be passed once the process' VP is scheduled and the "return" from ITC GETWORK is executed. For Kernel processes, this is the point within the hardware preempt handler where the virtual processor table is unlocked. For user processes, this is the point within the virtual preempt handler where the Active Process Table is unlocked.

It is important to note that if the APT was not unlocked when a user process began its initial execution, the system would become deadlocked and no further process scheduling could occur. It should be further noted that the initial stack conditions for user processes do not reflect a valid

history of execution. The "normal" history of a user process returning from ITC GETWORK after a virtual preempt interrupt would reflect the passing of control through SWAP VDBR and TC\_GETWORK to the point in the virtual preempt handler where the APT is unlocked. Another "possible" history could reflect the occurrence of a hardware preempt interrupt at the point in the virtual preempt handler where the APT is unlocked. Such a history would be depicted by replacing the current top of the stack with the return point into the hardware preempt handler (viz., at the point of virtual preempt interrupt unmasking) and an additional hardware preempt interrupt frame whose IC value in the IRET frame is the point in the virtual preempt handler where the AFT is unlocked. The current initial stack condition for user processes was chosen for its ease of understanding and its clear depiction of the fact that the structure of a Kernel domain stack is the same for both Kernel and user processes.

# C. IDLE PROCESSES

In the SASS design, there logically exists a Kernel domain "Idle" process for every physical processor in the system and a Supervisor domain "Idle" process for every "TC visible" virtual processor in the system. These processes are necessary to insure that both the VP scheduler (viz., ITC GETWORK) and the process scheduler (TC\_GETWORK) will always

- 213 -

have some object to schedule, hence precluding any CPU or VP from ever having an undefined execution point. Since the Kernel domain Idle process performs no useful work, it could be included within the ITC by means of an infinite looping mechanism. The Kernel Idle process was maintained separately, however, as it is hoped that future work on SASS will provide this Idle process with some constructive purpose (e.g., performing maintenance diagnostics).

The Supervisor domain Idle processes (hereafter referred to as TC Idle processes) are scheduled (bound) on VP's when there are no user processes awaiting scheduling. Since a TC Idle process performs no user constructive work, we do not want any VP executing a TC Idle process to be bound to a physical processor. In other words, a VP bound to a TC Idle process assumes the lowest system priority (represented by the "idle flag"). Therefore, any such VP will have its idle flag set and will not be scheduled unless it receives a virtual preempt interrupt. Such an interrupt will allow the VP to be rescheduled by the Traffic Controller. It should be obvious, at this point, that a TC Idle process will never This knowactually begin execution on a real processor. ledge allowed a design decision to be made to only simulate the existence of TC Idle processes. At the TC level, this was accomplished by a constant value, IDLE PROC, that was used as a process ID in the APT running list, thus precluding the necessity of any "Idle" entries in the APT. At the

ITC level, any VP marked "Idle" (viz., the idle flag set) was given the DBR number (viz., address space) of the Kernel Idle process solely to provide the use of a Kernel domain stack for rescheduling of the VP.

#### D. ADDITIONAL KERNEL REFINEMENTS

In addition to those already discussed, several other refinements to existing Kernel modules were effected in this implementation. One of these refinements deals with the way virtual processors are identified by the Traffic Controller. In the current implementation, all TC visible virtual processors are given an External VP ID which corresponds to its entry number in an External VP List. This required a modification to the ITC procedure RUNNING\_VP. The benefits derived from this refinement included the ability to directly access the External VP ID in the Virtual Processor Table vice the requirement of a run time division to compute its value and the ability to use the External VP ID as an index into the TC running list.

Refinements were also made to the existing Memory Manager, File Manager and IO process stubs used for demonstration purposes. These refinements were largely associated with the eventcount and sequencer mechanisms utilized in this implementation. The current status of these processes is provided in this report.

- 215 -

The remaining refinements deal largely with the MMU Image. In Moore and Gary's [5] design, the MMU Image was managed by the Memory Manager process. This was largely because the MMU Image is a processor local database and would seem well suited for management by the non-distributed Kernel. In fact, the MMU Image is utilized mainly by the ITC for the multiplexing of process address spaces. Therefore, in the current design, the MMU Images are maintained by the Inner Traffic Controller. However, the MMU header proposed by Moore and Gary (viz., the BLOCKS\_USED and MAXIMUM\_AVAILABLE\_BLOCKS fields) was retained in the Memory Manager as it is used strictly in the management of a process' virtual core and is not associated with the hardware MMU.

In Wells' design [20], the Traffic Controller used the linear ordering of the DBR entries in the MMU Image as the DBR handle (viz., 1,2,3...). This required a run time division operation to compute the DBR number, and a run time multiplication operation, by MM\_GET\_DBR\_VALUE, to recompute the DBR address for use by the ITC. In the current design, the offset of the DBR entry in the MMU Image (obtained at the time of MMU allocation) is used as the DBR handle in the Traffic Controller. Furthermore, SWAP\_VDBR was refined to accept a DBR handle rather than a DBR address to preclude the necessity of the Traffic Controller having to deal with MMU addresses. DBR addresses are computed only within the

- 216 -

ITC (viz., by procedure GET\_DBR\_ADDR) by adding the value of the DBR handle to the base address of the MMU Image. Since DBR addresses are now used solely within the ITC, procedure MM\_GET\_DBR\_VALUE was no longer needed and was deleted from the Memory Manager.

### E. <u>SUMMARY</u>

The primary issues addressed in this thesis effort have been presented in this chapter. Aside from the process management functions, this description included a mechanism for limited Kernel database initialization, a revised preempt interrupt handling mechanism, the creation of a virtual interrupt structure, a definition of "idle" processes and their structure, and a discussion of the minor refinements effected in existing SASS modules. A detailed description of the implementation of process management functions for the SASS is presented in the next chapter.

- 217 -

## Chapter XXII

## PROCESS MANAGEMENT IMPLEMENTATION

The implementation of process management functions and a gate keeper stub (system trap) is presented in this chapter. The implementation is discussed in terms of the Event Manager, Traffic Controller, Distributed Memory Manager, User Gate, and Kernel Gate Keeper modules. A block diagram depicting the structure and interrelationships of these modules is presented in Figure 45. Support in developing the Z8000 machine code for this implementation was provided by a Zilog MCZ Developmental System operating under the RIO operating The Developmental System provided disk file managesystem. ment for a dual drive, hard sectored floppy disk, a line oriented text editor, a PLZ/ASM assembler, a linker and a loader that created an executable image of each Z8000 load module. Δn upload/download capability with the Am96/4116 MonoBoard computer was also provided. This capability, along with the general interfacing of the Am96/4116 into the SASS system, was accomplished in a concurrent thesis endeavor by Gary Baker. Baker's work relating to hardware initialization in SASS, will be published upon completion of his thesis work in June 1981.

- 218 -

-----Kernel Gate |-----| Gate Keeper |----| Ticket | Advance | |----| | Read | | Await | |----| | Convert | and | | Verify | |----| Event Manager |----| |----| -----| TC\_Await | | Process | | TC\_Advance | |----| -----| Class | ----------| TC\_Getwork | | Virt Int | |-----| | Handler | |----| Traffic Controller |----| |----| | MM\_Read\_Eventcount | | MM\_Ticket | | NM\_Advance | -----|----| |------| Distributed Memory Manager

Figure 45: Implementation Module Structure

- 219 -

## A. EVENT MANAGER MODULE

The eventcount and sequencer primitives [11], which are system-wide objects, collectively comprise the event data of SASS. As mentioned earlier, this event data is tied directly to system segments and is stored in the Global Active Segment Table. There are two eventcounts and one sequencer for every segment in the system. These objects are identified to the Kernel in user calls by specification of a segment number. Once this segment number is identified by the Kernel, the segment's handle can be obtained from the process' Known Segment Table. The segment handle identifies the particular entry in the G\_AST containing the event data desired.

The Event Manager module manages the event data within the system and provides the mechanism for interprocess communication between user processes. The Event Manager consists of six procedures. Four of these (Advance, Await, Read, and Ticket) represent the four user extended instructions provided by the Event Manager. The remaining two procedures provide internal computational support to include necessary security checking. The Event Manager is invoked solely by user processes, via the Gate Keeper, through utilization of the extended instruction set provided. For every Event Manager extended instruction invoked by a user process, the non-discretionary security is verified by com-

- 220 -

paring the security access classification of the process invoking the instruction with the classification of the object (segment) being accessed. Access to the user process' Known Segment Table is required by the module in order to ascertain the segment handle and security class for a given segment number. The PLZ/ASM assembly language listing for the Event Manager module is provided in Appendix A. A more detailed discussion of the procedures comprising the Event Manager follows.

## 1. <u>Support Procedures</u>

The procedures GET\_HANDLE and CONVERT\_AND\_VERIFY provide internal support for the Event Manager and are not visible to the user processes. Procedure CONVERT AND VERIFY is invoked by the four procedures representing the instruction set of the Event Manager. The input parameters to CONVERT\_LNC\_VERIFY are a segment number and a requested mode of access (viz., read or write). CONVERT\_AND\_VERIFY returns a pointer to the segment's handle and a success code. GET\_HANDLE is invoked solely Procedure by CONVERT AND VERIFY. The input parameter to GET\_HANDLE is the segment number received as input by CONVERT\_AND\_VERIFY. GET\_HANDLE returns a pointer to the segment's handle, a pointer to the segment's security classification, and a success code. A discussion of the functions provided by these support procedures follows.

- 221 -

Procedure GET\_HANDLE translates the segment number, received as input, into a KST index number and verifies that the resulting index number is valid. Next the base address process' KST is obtained from procedure of the KST index number is then converted ITC GET SEG PTR. The into a KST offset value and added to the base address to obtain the appropriate KST entry pointer for the segment in question. A verification is then made to insure that the referenced segment is "known" to the process. If the segan error message is returned to ment is not known, CONVERT AND VERIFY. Otherwise, a pointer to the segment's handle is obtained to identify the segment to the memory manager. A pointer to the segment's security class entry in the KST is also returned for use in appropriate security checks.

Procedure CONVERT\_AND\_VERIFY provides the necessary non-discretionary security verification for the extended instruction set of the Event Manager. Procedure GET\_HANDLE is invoked for segment number verification and to obtain pointers to the segment's handle and security class. If GET\_HANDLE returns with a successful verification, the process' security class is compared to the segment's security class to verify the mode of access requested. A request for "write" access causes invocation of the CLASS\_EQ function in the Non-Discretionary Security Module to insure that the security classification of the process is equal to the classi-

- 222 -

fication of the eventcount or sequencer, which is the same as that of the segment. Otherwise, the CLASS\_GE function is called to verify that the process has read access. If the appropriate security check is unsuccessful, an error code is returned by CONVERT\_AND\_VERIFY. Otherwise, the segment handle is returned along with a success code of "succeeded" indicating that the user process possesses the necessary security clearance to complete execution of the extended instruction.

## 2. Read

Procedure READ ascertains the current value of a user specified eventcount and returns its value to the caller. The input parameters to READ are a segment number and an instance (viz., an event number). CONVERT\_AND\_VERIFY is invoked with a "read" access request to obtain the segment's handle and necessary verification. "Read" access is sufficient for this operation as it only requires observation of the current eventcount value and performs no data modification. If verification is successful, procedure MM\_READ\_EVENTCOUNT is called to obtain the eventcount value.

#### 3. Ticket

Procedure TICKET returns the current sequencer value for the segment specified by the user. CONVERT\_AND\_VERIFY is called with a request for write access to obtain verifica-

- 223 -

tion and the segment handle. Write access is required because once the sequencer value is read it must be incremented in anticipation of the next ticket request. Once verification is complete, MM\_TICKET is invoked to obtain the sequencer value that is returned to the user process. It is noted that every call to TICKET for a particular segment number will return a unique and time ordered sequencer value. This is because the sequencer value may only be read within MM\_TICKET while the G\_AST is locked, thereby preventing simultaneous read operations. Futhermore, once the sequencer value is read it is incremented before the G\_AST is unlocked.

#### 4. Avait

Procedure AWAIT allows a user process to block itself until some specified event has occurred. The parameters to AWAIT include a segment number and instance, which identify a particular event, and a user specified value which identifies a particular occurrence of the event. Verification of read access and a pointer to the segment's handle is obtained from procedure CONVERT\_AND\_VERIFY. Procedure TC\_AWAIT is invoked to effect the actual waiting for the event occurrence. TC\_AWAIT will not return to AWAIT until the requested event has occurred. It is noted that AWAIT makes no assumptions about the event value specified by the user. Therefore, the Kernel cannot guarantee that the event specified by the user will ever occur; this is the responsibility of other cooperating user processes.

# 5. <u>Advance</u>

Procedure ADVANCE allows a user process to broadcast the occurrence of some event. This is accomplished by incrementing the value of the eventcount associated with the event that has occurred. The parameters to ADVANCE include a segment number and instance which identify a particular event. The calling process must have write access to the identified segment as modification of the eventcount is required. Verification of write access and a pointer to the segment's handle is obtained through procedure CONVERT\_AND\_VERIFY. Procedure TC\_ADVANCE is invoked to perform the actual broadcasting of event occurrence.

## E. TRAFFIC CONTROLLER MODULE

The primary functions of the Traffic Controller module are user process scheduling and support of the inter-process communication mechanism. The Traffic Controller is invoked by the occurrence of a virtual preempt interrupt and by the Event Manager and the Segment Manager through the extended instruction set: TC\_Advance, TC\_Await, Process\_Class, and Get\_DBR\_NUMBER. The Traffic Controller module is comprised of nine procedures. Four of these procedures represent the extended instruction set of the Traffic Controller. A de-

- 225 -

tailed discussion of six of the procedures contained in the Traffic Controller module is presented below. The remaining three procedures (viz., TC\_INIT, CREATE\_PROCESS, and CREATE\_KST) were described in chapter three. The PLZ/ASM assembly language source code listings for the Traffic Controller module is provided in Appendix B.

#### 1. <u>TC Getwork</u>

Procedure TC\_GETWORK provides the mechanism for user process scheduling. The input parameters to TC\_GETWORK are the VP ID of the virtual processor to which a process will be scheduled and the logical CPU number to which the virtual processor belongs. The determination of which process to schedule is made by a looping mechanism that finds the first "ready" process on the ready list associated with the current logical CPU number. Processes appear in the ready list by order of priority. This looping mechanism is required as both "running" and "ready" processes are maintained on the ready list. This ready list structure was chosen to simplify the algorithm provided in procedure TC\_Advance. If a ready process is found, its state is changed to "running" and its process ID (viz., the APT entry number) is inserted in the running list entry associated with the current virtual processor. Procedure SWAP VDBR is then invoked in the Inner Traffic Controller to effect the actual process switch. If a ready process was not found (viz., the ready

list was empty or comprised solely of "running processes"), then the running list entry associated with the current virtual processor is marked with the constant "Idle\_Proc" and procedure IDLE is invoked in the Inner Traffic Controller.

## 2. TC Avait

The primary function of TC\_AWAIT is the determination of whether some user specified event has occurred. If the event has occured, control is returned to the caller. Otherwise, the process is blocked and another process is scheduled. The input parameters to TC\_AWAIT are a pointer to a segment handle, an instance (event number), and a user specified eventcount value. TC\_AWAIT initially locks the Active Process Table and obtains the current value of the evin question by calling procedure entcount MM\_READ\_EVENTCOUNT. The determination of event occurrence is made by comparing the user specified eventcount value with the current eventcount. If the user value is less than or equal to the current eventcount, the awaited event has occurred and control is returned to the caller. Otherwise, the awaited event has not yet occurred and the process aust be blocked.

If the process is to be blocked, procedure RUNNING\_VP is invoked to ascertain the VP ID of the virtual processor bound to the process. The process' ID (viz., APT entry number) is then read from the running list. The input parame-

- 227 -

ters to TC\_AWAIT (viz., Handle, Instance, and Value) are then stored in the Event Data portion of the process' APT entry. The process is removed from its associated ready list by redirecting the appropriate linking threads (pointers). Once removed from the ready list, the process is threaded into the blocked list and its state changed to "blocked" by invocation of the library function LIST\_INSERT. Procedure TC\_GETWORK is then called to schedule another process for the current virtual processor.

## 3. <u>TC Advance</u>

The primary purpose of TC\_ADVANCE is the broadcasting of some event occurrence. This entails incrementing the eventcount associated with the event, awakening all processes that are waiting for the event, and insuring proper scheduling order by generating any necessary virtual preempt inter-The high level design algorithm for TC\_ADVANCE is rupts. provided in Figure 46. The input parameters to TC ADVANCE are a pointer to a segment's handle and an instance (event number). Initially, TC\_ADVANCE locks the APT to prevent the possibility of a race condition. The eventcount identified by the input parameters is then incremented by calling MM\_ADVANCE. MM\_ADVANCE returns the new value of the eventcount. Once the eventcount has been advanced, TC ADVANCE awakens all processes awaiting this event occurrence. This is accomplished by checking all processes that are currently in the blocked list. The process' HANDLE and INSTANCE entries are compared with the handle and instance identifying the current event. If they are the same, then the process is awaiting some occurrence of the current event. In such a case, the process' VALUE entry in the APT is compared with the current value of the eventcount. If the process' VALUE is less than or equal to the current eventcount value, the awaited event has occurred and the process is removed from the blocked list and threaded into the appropriate ready list by the library function LIST\_INSERT.

Once the blocked list has been checked, it is necessary to reevaluate each ready list to insure that the highest priority processes are running. It is relatively simple to determine if a virtual preempt interrupt is necessary, however, it is considerably more difficult to determine which virtual processor should receive the virtual preempt. То assist in this evaluation, a "count" variable (number of preempts needed} is zeroed and a preempt vector is created on the Kernel stack with an entry for every virtual processor associated with the logical CPU being evaluated. Initially, every entry in the preempt vector is marked "true" indicating that its associated virtual processor is a candidate for preemption. Once the preempt vector is initialized, the first "n" processes on the ready list (where n equals the number of VP's associated with the current logical CPU) are checked for a determination of their state. If

- 229 -

TC ADVANCE Procedure (HANDLE, INSTANCE) Begin ! Get new eventcount ! COUNT := MM ADVANCE (HANDLE, INSTANCE) Call WAIT\_LOCK (APT) ! Wake up processes ! PROCESS := BLOCKED\_LIST\_HEAD Do while not end of BLOCKED LIST If (PROCESS.HANDLE = HANDLE) and (PROCESS.INSTANCE = INSTANCE) and  $(PROCESS.COUNT \leq COUNT)$ then Call LIST INSERT (READY LIST) end if PROCESS := PROCESS.NEXT\_PROCESS end do ! Check all ready lists for preempts ! LOGICAL\_CPU\_NO := 1 Do while LOGICAL\_CPU\_NO <= #NR\_CPU ! Initialize preempt vector ! VP\_ID := FIRST VP (LOGICAL CPU NO) Do for LOOP := 1 to NR\_VP(LOGICAL\_CPU NO RUNNING\_LIST[VP\_ID].PREEMPT := #TRUE VP\_ID := VP\_ID + 1 end do ! Find preempt candidates ! CANDIDATES := 0 PROCESS := READY\_LIST\_HEAD (LOGICAL\_CPU NO)

Figure 46: TC\_ADVANCE Algorithm

- 230 -

```
VP_ID := FIRST_VP(LOGICAL_CPU_NO)
   Do (for CYCLE = 1 to NR_VP(LOGICAL_CPU_NO) and
      not end of READY_LIST(LOGICAL_CPU_NO)
     If PROCESS = #RUNNING
       then
        RUNNING_LIST[VP_ID].PREEMPT := #FALSE
       else
        CANDIDATES := CANDIDATES + 1
     end if
     VP_ID := VP_ID + 1
     PROCESS := PROCESS.NEXT_PROCESS
   end do
   ! Preempt appropriate candidates !
   VP_ID := FIRST_VP(LOGICAL_CPU_NO)
   Do for CHECK := 1 to NR_VP(LOGICAL_CPU_NO)
      If (RUNNING_LIST[VP_ID].PREEMPT = #TRUE) and
         (CANDIDATES > G)
       then
       Call SET PREEMPT (VP_ID)
        CANDIDATES := CANDIDATES - 1
     end if
     VP_{ID} := VP_{ID} + 1
   end do
   LOGICAL_CPU_NO := LOGICAL_CPU_NO + 1
 end do
 Call UNLOCK (APT)
 Return
End TC_ADVANCE
```

Figure 46: TC\_ADVANCE Algorithm (Continued)

```
- 231 -
```

a process is found to be "running" then it should not be preempted as processes appear in the ready list in order of priority. When a running process is found, its associated entry in the preempt vector is marked "false." If a process is encountered in the "ready" state then it should be running and the "count" variable is incremented. When the first "n" processes have been checked or when we reach the end of the current ready list (whichever comes first), the entries in the preempt vector are "popped" from the stack. If an entry from the preempt vector is found to be "true", this indicates that its associated virtual processor is a candidate for preemption since it is either bound to a lower priority process, or it is "idle." In such a case, the "count" variable is evaluated to determine if the virtual processor associated with the vector entry should be preempted. If the count exceeds zero, a virtual preempt interrupt is sent to the VP and the count is decremented. Otherwise, no preempt is sent as there is no higher priority process awaiting scheduling.

This preemption algorithm is completed for every ready list in the Active Process Table. Once all ready lists have been evaluated, the APT is unlocked and control is returned to the caller. It is noted that it is not necessary to invoke TC\_GETWORK before exiting ADVANCE. If the current VP requires rescheduling, it will have received a virtual preempt interrupt from the preemption algorithm. If this has occurred, the VP will be rescheduled when its running process attempts to leave the Kernel domain and the virtual preempt interrupts are unmasked.

# 4. Virtual Preempt Handler

VIRTUAL\_PREEMPT\_HANDLER is the interrupt handler for virtual preempt interrupts. The entry address of VIRTUAL\_PREEMPT\_HANDLER is maintained in the virtual interrupt vector located in the Inner Traffic Controller. Once invoked, the handler locks the Active Process Table and determines which wirtual processor is being preempted by calling RUNNING\_VP. The process running on the preempted VP is then set to the "ready" state and TC\_GETWORK is invoked to reschedule the virtual processor. When TC\_GETWORK returns to VIRTUAL\_PREEMPT\_HANDLER, the APT is unlocked and a virtual interrupt return is executed. This return is simply a jump to the point in the hardware preempt handler where the virtual interrupts are unmasked. This effects a virtual interrupt return instruction.

## 5. Remaining Procedures

The remaining two procedures in the Traffic Controller module represent the extended instructions: PROCESS\_CLASS and GET\_DBR\_NUMBER. Both procedures lock the Active Process Table and call RUNNING\_VP to determine which virtual processor is executing the current process. The process ID (viz.,

APT entry Number) is then extracted from the running list. PROCESS CLASS reads and returns the current process' security access classification from the APT. GET\_DBR\_NUMBER reads and returns the current process! DBR handle. It should be noted that in general the DBR number provided by procedure GET\_DBR\_NUMBER is only valid while the APT is locked. Particularly, in the current SASS implementation, the Segment Manager invokes GET\_DBR\_NUMBER and then passes the obtained DBR number to the Distributed Memory Manager for utilization at that level. In a more general situation, the process associated with the DBR number may have been unloaded before the DBR number was utilized, thus making it invalid. This problem does not arise in SASS as all processes remain loaded for the life of the system.

## C. <u>DISTRIBUTED MEMORY MANAGER MODULE</u>

The Distributed Memory Manager module provides an interface between the Segment Manager and the Memory Hanager process, manipulates event data in the Global Active Segment Table (G\_AST), and dynamically allocates available memory. A detailed description of the Distributed Memory Manager interface to the Memory Manager process was presented by Wells [20]. The remaining extended instruction set is discussed in detail below. The complete PLZ/ASM source listings for the Distributed Memory Manager module is provided in Appendix C.

## 1. <u>MM\_Read\_Eventcount</u>

MM\_READ\_EVENTCOUNT is invoked by the Event Manager and the Traffic Controller to obtain the current value of the eventcount associated with a particular event. The input parameters to this procedure are a segment handle pointer and an instance (event Number), which together uniquely identify a particular event.

The G\_AST is locked and the entry offset of the segment into the G\_AST is obtained from the segment's handle. The instance parameter is then validated to determine which eventcount is to be read. If an invalid instance is specified, control is returned to the caller specifying an error condition. Otherwise, the current value of the specified eventcount is read. The G\_AST is then unlocked, and the current eventcount value is returned to the caller.

## 2. <u>MM Advance</u>

MM\_ADVANCE is invoked by the Traffic Controller to reflect the occurrence of some event. The input parameters to MM\_ADVANCE are a pointer to a segment's handle and a particular instance (event number).

The Global Active Segment Table is locked to prevent a race condition, and the offset of the segment's entry into the G\_AST is obtained from the segment handle. The instance parameter is then validated to determine which eventcount is to be advanced. If an invalid instance is specified, an er-

ror condition is returned to the caller and no data entries are affected. If the instance value is valid, the appropriate eventcount is incremented, and its new value is returned.

### 3. <u>MM\_Ticket</u>

MM\_TICKET is invoked by the Event Manager to obtain the current value of the sequencer associated with a specified segment. The input parameter to MM\_TICKET is a pointer to a segment's handle.

Initially, MM\_TICKET locks the Global Active Segment Table to prevent a race condition. Next the offset of the segment's entry into the G\_AST is obtained from the segment handle. The current value of the sequencer for the specified segment is then read and saved as a return parameter to the caller. The sequencer value is then incremented in anticipation of the next ticket request. Once this is complete, the G\_AST is unlocked and control is returned to the caller.

## 4. <u>MM\_Allocate</u>

The MM\_ALLOCATE procedure provided in this implementation is a stub of the MM\_ALLOCATE described in the Memory Manager design of Moore and Gary [5]. The primary function of MM\_ALLOCATE is the dynamic allocation of fixed size blocks of available memory space. It is invoked in the cur-

implementation by the initialization routines rent in BOOTSTRAP\_LOADER and TC\_INIT for the allocation of memory space used in the creation of the Kernel domain and Supervisor domain stack segments and the creation of the Known Segment Tables for user processes. Dynamic reallocation of previously used memory space (viz., garbage collection) is not provided by the MM\_ALLOCATE stub in this implementation. All memory allocation required in this implementation is for segments supporting system processes that remain active, and thus allocated, for the entire life of the system. Memory is allocated in blocks of 256 (decimal) bytes of processor local memory (on-board RAM). In this stub allocatable memory is declared at compile time by a data structure (MEM\_POOL) that is accessible only by MM\_ALLOCATE.

The input parameter to MM\_ALLOCATE is the number of blocks of requested memory. This parameter is converted from a block size to the actual number of bytes requested. This computation is made simple since memory is allocated in powers of two. The byte size is obtained by logically shifting left the input parameter eight times, where eight is the power of two desired (viz., 256). Once the size of the requested memory is computed, it is necessary to determine the starting address of the memory block(s) to be allocated. To assist in this computation, a variable (NEXT\_BLOCK) is used to keep track of the next available block of memory in MEM\_POOL. NEXT\_BLOCK, which is initial-

- 237 -

ized as zero, provides the offset into the memory being allocated. Once the starting address is obtained, the physical size of the memory allocated is added to NEXT\_BLOCK so that the next request for memory allocation will begin at the next free byte of memory in MEM\_POOL. This new value of NEXT\_BLOCK is saved and the starting address of the memory for this request is returned to the caller.

#### D. GATE KEEPER MODULES

The SASS Gate Keeper provides the logical boundary between the Supervisor and the Kernel and isolates the Kernel from the system users, thus making it tamperproof. This is accomplished by means of the hardware system/normal mode and the software ring-crossing mechanism provided by the Gate Keeper. The Gate Keeper is comprised of two separate modules: 1) the USER\_GATE module, and 2) the KERNEL\_GATE\_KEEPER module. These modules are disjoint, with the USER\_GATE module residing in the Supervisor domain and the KERNEL\_GATE\_KEEPER module residing in the Kernel domain. It is important to note that the USER GATE is a separately linked component in the Supervisor domain and is not linked to the Kernel. The only thing in common between these two modules is a set of constants identifying the valid extended instruction set which the Kernel provides to the users.

The Gate Keeper modules presented in this implementation are only stubs as they do not provide all of the functions required of the Gate Keeper. However, the only task not provided in this implementation is the validation of parameters passed from the Supervisor to the Kernel. A detailed description of this parameter validation design is provided by Coleman [2]. In the process management demonstration, the Supervisor stubs are written in PLZ/ASM with all parameters passed by CPU registers. A detailed description of the Gate Keeper modules and the nature of their interfaces is presented below. The PLZ/ASM source listings for the two Gate Keeper modules are provided in Appendix D.

## 1. User Gate Module

The USER\_GATE module provides the interface structure between the user processes in the Supervisor domain and the Kernel. The USER\_GATE is comprised of ten procedures (viz., entry points) that correlate on a one to one basis with the ten "user visible" extended instructions (listed in Figure 10) provided by the Kernel. The only action performed by each of these procedures is the execution of the "system call" instruction (SC) with a constant value, identifying the particular extended instruction invoked, as the source operand.

The SC instruction is a system trap that forces the hardware into the system mode (Kernel domain) and loads register 15 with the system stack pointer (Kernel domain stack). The current instruction counter value (IC) is

- 239 -

pushed onto the Kernel stack along with the current CPU flag control word (FCW). In addition, the system trap instruction is pushed onto the Kernel stack with the upper byte representing the SC instruction and the lower byte representing the SC instruction's source operand (viz., the Kernel extended instruction code). Together, these operations form an interrupt return (IRET) frame as illustrated in Figure 44. Once this is complete, the FCW is loaded with the FCW value found in the System Call frame of the Program Sta-Area (viz., the hardware "interrupt vector"). tus The structure of the Program Status Area is illustrated in Figure 47. The instruction counter is then loaded with the address of the SC instruction trap handler. This value is also located in the SC frame of the Program Status Area.

- 240 -

# OFFSET

| 0  |                                      |                                        |
|----|--------------------------------------|----------------------------------------|
| 4  | Reserved                             | Frames                                 |
| 8  | Unimplemented<br>Instruction<br>Trap |                                        |
| 12 | Privileged<br>Instruction<br>Trap    |                                        |
| 14 | Kernel FCW                           | System<br> Call                        |
| 16 | Kernel Gate Keeper  <br>Address      | Instruction                            |
| i  | Segment<br>Trap                      |                                        |
| 20 | Non-Maskable<br>Interrupt            |                                        |
| 24 | Kernel FCW                           | Hardware<br>  Preempt                  |
| 28 | PHYS_PREEMPT_HANDLER<br>Address      | (Non-<br>    Vectored<br>   Interrupt) |
| 32 | Vectored Int                         | Turerrupe                              |
|    | •                                    |                                        |
|    | •                                    |                                        |

\* NOTE: Offsets represent Program Status Area structure for non-segmented Z8002 microprocessor.

Figure 47: Program Status Area

- 241 -

## 2. Kernel Gate Keeper Module

The system trap handler for the System Call instruction address of the KERNEL GATE KEEPER. The the is KERNEL\_GATE\_KEEPER and the Kernel FCW value are placed in the System Call frame of the Program Status Area by the during initialization. BOOTSTRAP LOADER module The KERNEL\_GATE\_KEEPER fetches the extended instruction code from the trap instruction entry in the IRET frame on the Kernel stack. This value is then decoded by a "case" statement to determine which extended instruction is to be executed. If the extended instruction code is valid, the appropriate Kernel procedure is invoked. Otherwise, an error condition is set and no Kernel procedures are not invoked. Once control returns to the KERNEL\_GATE\_KEEPER, the CPU registers and normal stack pointer (NSP) value are pushed onto the Kernel stack in preparation for return to the Supervisor It is noted that this operation would normally ocdomain. cur immediately upon entry into the KERNEL GATE KEEPER. In this implementation, however, parameter validation is not accomplished and the CPU registers are used to pass parameters to and from the Kernel only for use by the process management demonstration. In an actual SASS environment, all parameters would be passed in a separate argument list and the CPU registers would appear exactly the same upon leaving the Kernel as they did upon entering the Kernel. This is

important to insure that no data or information is leaked from the Kernel by means of the CPU registers.

Control is returned to the Supervisor by means of the return mechanism in the hardware preempt handler. This mechanism is utilized to preclude the necessity of building a separate mechanism for the KERNEL\_GATE\_KEEPER that would actually perform the very same function. To accomplish this, the KERNEL\_GATE\_KEEPER executes an unconditional jump to the PREEMPT\_RET label in PHYS\_PREEMPT\_HANDLER. This "jump" to the hardware preempt handler represents a "virtual IRET" instruction providing the same function as the virtual interrupt return described in the discussion of the virtual preempt handler. At this point, the virtual preempt interrupts are unmasked, the normal stack pointer and CPU registers are restored from the stack, and control is returned to the Supervisor by execution of the IRET instruction.

#### E. SUMMARY

The implementation of process management functions for the SASS has been presented in this chapter. The implementation was discussed in terms of the Event Manager, Traffic Controller, Distributed Memory Manager, and Gate Keeper modules.

- 243 -

#### Chapter XXIII

#### CONCLUSION

The implementation of process management for the security Kernel of a secure archival storage system has been presented. The process management functions presented provide a logical and efficient means of process creation, control, and scheduling. In addition, a simple but effective mechanism for inter-process communication, based on the eventcount and sequencer primitives, was created. Work was also completed in the area of Kernel database initialization and a Gate Keeper stub to allow for dual domain operation.

The design for this implementation was based on the Zilog Z8001 sixteen bit segmented microprocessor [22] used in conjunction with the Zilog Z8010 Memory Management Unit [23]. The actual implementation of process management for the SASS was conducted on the Advanced Micro Computers Am96/4116 MonoBoard Computer [1] featuring the AmZ8002 sixteen bit non-segmented microprocessor. Segmentation hardware was simulated by a software Memory Management Unit Image.

This implementation was effected specifically to support the Secure Archival Storage System (SASS) [17]. However, the implementation is based on a family of Operating Systems [7] designed with a primary goal of providing multilevel information security. The loop free modular design utilized in this implementation easily facilitates any required expansion or modification for other family members. In addition, this implementation fully supports a multiprocessor design. While the process management implementation appears to perform correctly, it has not been subjected to a formal test plan. Such a test plan should be developed and implemented before kernel verification is begun.

## A. FOLLOW ON WORK

There are several possible areas in the SASS design that would be immediately suitable for continued research. In the area of hardware, this includes, the establishment of a multiprocessor environment, hardware initialization, and interfacing to the host computers and secondary storage. Further work in the Kernel includes the actual implementation of the memory manager process, and the refinement of the Gate Keeper and Kernel intialization structures. The implementation of the Supervisor has not been addressed to date. Its areas of research include the implementation of the File Manager and Input/Output processes, and the final design and implementation of the SASS-Hosts protocols.

Other areas that could also prove interesting in relation to the SASS include the implementation of dynamic memory management, the support of multilevel hosts, dynamic pro-

- 245 -

cess creation and deletion, and the provision of constructive work to be performed by the Idle process.

# - 246 -

## Appendix A

EVENT MANAGER LISTINGS

**Z8000ASM** 2.02

LOC OBJ CODE STMT SOURCE STATEMENT

**\$LISTON \$TTY** 

EVENT\_MGR MODULE

CONSTANT

| TRUE                |     |     |
|---------------------|-----|-----|
| INUE                | :=  | 1   |
| FALSE               | :=  | 0   |
| READ_ACCESS         | : = | 1   |
| WRITE_ACCESS        | : = | 0   |
| SUCCEEDED           | :=  | 2   |
| SEGMENT_NOT_KNOWN   | : = | 28  |
| ACCESS_CLASS_NOT_EQ | : = | 33  |
| ACCESS_CLASS_NOT_GE | :=  | 41  |
| KST_SEG_NO          | :=  | 2   |
| NR_OF_KSEGS         | :=  | 10  |
| MAX_NO_KST_ENTRIES  | :=  | 54  |
| NOT_KNOWN           | :=  | %PP |

TYPE

```
H_ARRAY ARRAY[3 WORD]
```

```
KST_REC RECORD

[MM_HANDLE H_ARRAY

SIZE WORD

ACCESS_MODE BYTE

IN_CORE BYTE

CLASS LONG

M_SEG_NO SHORT_INTEGER

ENTRY_NUMBER SHORT_INTEGER]
```

EXTERNAL

| MM_TICKET          | PROCEDURE |
|--------------------|-----------|
| MM_READ_EVENTCOUNT | PROCEDURE |
| TC_ADVANCE         | PROCEDURE |
| TC_AWAIT           | PROCEDURE |
| PROCESS_CLASS      | PROCEDURE |
| CLASS_EQ           | PROCEDURE |
| CLASS_GE           | PROCEDURE |
| ITC_GET_SEG_PTR    | PROCEDURE |

INTERNAL

\$SECTION EM\_KST\_DCL ! NOTE: THIS SECTION IS AN "OVERLAY" OR "FRAME" USED TO DEFINE THE FORMAT OF THE KST. NO STORAGE IS ASSIGNED BUT RATHER THE KST IS STORED IN A SEPARATELY OBTAINED AREA. (A SEGMENT SET ASIDE FOR IT)!

\$ABS 0

0000 KST ARRAY[MAX\_NO\_KST\_ENTRIES KST\_REC]

- 248 -

GLOBAL \$SECTION EM\_GLB\_PROC 0000 READ PROCEDURE \* READS SPECIFIED EVENTCOUNT \* \* AND RETURNS IT'S VALUE TO sk: \* THE CALLER ste \*\*\*\*\*\*\* \* PARAMETERS: ske. \* R1: SEGMENT # \* \* R2: INSTANCE \*\*\*\*\*\* \* RETURNS: ×. RO: SUCCESS CODE \* \* RR4: EVENTCOUNT \* alc. \*\*\*\*\*\* ENTRY ! SAVE INSTANCE ! 0000 93F2 PUSH @R15, R2 ! "READ" ACCESS REOUIRED ! 0002 2102 LD R2, #READ\_ACCESS 0004 0001 ! GET SEG HANDLE & VERIFY ACCESS ! 0006 5F00 CALL CONVERT AND VERIFY !R1:SEG # 0008 0000 R2:REQ. ACCESS RETURNS: RO:SUCCESS CODE R1:HANDLE PTR! CP RO, #SUCCEEDED 000A 0B00 000C 0002 IF EQ ! ACCESS PERMITTED! 000E 5E0E THEN !READ EVENTCOUNT! 0010 001C' **!RESTORE INSTANCE!** 0012 97F2 POP R2, aR15 0014 5F00 CALL MM\_READ\_EVENTCOUNT !R1:HPTR 0016 0000\* R2: INSTANCE RETURNS: RO:SUCCESS CODE RR4: EVENTCOUNT! 0018 5E08 ELSE !RESTORE SP! 001A 001E POP R2, @R15 001C 97F2 FI 001E 9E08 RET END READ 0020

| 0020       | TICKET PROCEDURE                       |
|------------|----------------------------------------|
|            | {************************************* |
|            | * RETURNS CURRENT VALUE OF *           |
|            | * TICKET TO CALLER AND INCRE- *        |
|            | * MENTS SEQUENCER FOR NEXT *           |
|            | * TICKET OPERATION *                   |
|            | ******                                 |
|            | * PARAMETERS: *                        |
|            | * R1: SEGMENT # *                      |
|            | * RI: SEGMENT #                        |
|            | *****                                  |
|            | * RETURNS: *                           |
|            | * RO: SUCCESS CODE *                   |
|            | * RR4: TICKET VALUE *                  |
|            | ******                                 |
|            |                                        |
|            | ENTRY                                  |
|            | ! GET SEG HANDLE & VERIFY ACCESS !     |
|            | ! "WRITE" ACCESS REQUIRED !            |
| 0020 2102  | LD R2, #WRITE_ACCESS                   |
| 0022 0000  |                                        |
|            | CALL CONVERSE AND VERTEX ID1.CEC 4     |
|            | CALL CONVERT_AND_VERIFY !R1:SEG #      |
| 0026 00001 |                                        |
|            | R2:ACCESS REQ                          |
|            | RETURNS:                               |
|            | RO:SUCCESS CODE                        |
|            | R1:HANDLE PTR!                         |
| 0028 0B00  | CP RO, #SUCCEEDED                      |
| 002A 0002  |                                        |
|            | IF EQ !ACCESS PERMITTED!               |
| 002C 5E0E  | THEN ! GET TICKET !                    |
| 002E 0038  | INDU : GDI ITCUDI :                    |
|            |                                        |
| 0030 5700  | CALL MM_TICKET !R1:HANDLE PTR          |
| 0032 0000* |                                        |
|            | RETURNS:                               |
|            | RR4:TICKET!                            |
|            | ! RSTORE SUCCESS CODE !                |
| 0034 2100  | LD RO, #SUCCEEDED                      |
| 0036 0002  |                                        |
|            | FI                                     |
| 0038 9E08  | RET                                    |
| 003A       |                                        |
| ACOU       | END TICKET                             |

- 250 -

| 0034         |               | AWAIT PROCEDURE<br>!************************************                |
|--------------|---------------|-------------------------------------------------------------------------|
|              |               | **************************************                                  |
|              |               | * R2: INSTANCE (EVENT #) *<br>* RR4: SPECIFIED VALUE *                  |
|              |               | ******                                                                  |
|              |               | * RETURNS: *<br>* RO: SUCCESS CODE *                                    |
|              |               | *******                                                                 |
|              |               | ENTRY                                                                   |
| 003A         | 91E4          | ! SAVE DESIRED EVENTCOUNT VALUE !<br>PUSHL @R15, RR4                    |
| 003C         | 93F2          | ! SAVE INSTANCE !<br>PUSH @R15, R2<br>! "READ" ACCESS REQUIRED !        |
| 003E<br>0040 |               | LD R2, #READ_ACCESS                                                     |
|              | 5700          | ! GET SEG HANDLE & VERIFY ACCESS !<br>CALL CONVERT_AND_VERIFY !R1:SEG # |
| 0044         | 0000*         | R2:ACCESS REQ<br>RETURNS:<br>R0:SUCCESS CODE<br>R1:HANDLE PTR!          |
| 0046         |               | CP RO, #SUCCEEDED                                                       |
| 0048         | 0002          | IF EQ ! ACCESS PERMITTED !                                              |
| 004A<br>004C |               | THEN ! AWAIT EVENT OCCURRENCE !                                         |
| 004E         | 9 <b>7</b> F2 | ! RESTORE INSTANCE !<br>POP R2, @R15                                    |
| 0050         | 95F4          | ! RESTORE SPECIFIED VALUE !<br>POPL RR4, @R15                           |
| 0052         |               | CALL TC_AWAIT !R1: HANDLE PTR                                           |
| 0054         | 0000+         | R2:INSTANCE<br>RR4:VALUE<br>RETURNS:<br>R0:SUCCESS CODE!                |

| 0056 | 5E08          | ELSE !    | RESTOR | E STACK! |
|------|---------------|-----------|--------|----------|
| 0058 | 005E          |           |        |          |
| 005A | 95F4          | POPL      | RR4,   | @R15     |
| 005C | 9 <b>7</b> F2 | POP       | R2, @  | R 15     |
|      |               | FI        |        |          |
| 005E | 9E08          | RET       |        |          |
| 0060 |               | END AWAI' | Т      |          |
|      |               |           |        |          |

- 252 -

0060 ADVANCE PROCEDURE \* SIGNALS THE OCCURRENCE OF \* \* SOME EVENT. EVENTCOUNT IS \* \* INCREMENTED AND THE TRAFFIC \* \* CONTROLLER IS INVOKED TO \* \* AWAKEN ANY PROCESS AWAITING \* \* THE OCCURRENCE. \*\*\*\*\*\*\* 家 **\* PARAMETERS:** R1: SEGMENT # \* \* R2: INSTANCE (EVENT #) \* \* \*\*\*\*\* \* \* RETURNS: RO: SUCCESS CODE ×. \*\*\*\*\* ENTRY ! SAVE INSTANCE ! PUSH @R15, R2 0060 93F2 ! GET SEG HANDLE & VERIFY ACCESS ! ! "WRITE" ACCESS REQUIRED ! R2, #WRITE\_ACCESS 0062 2102 LD 0064 0000 CALL CONVERT\_AND\_VERIFY !R1:SEG # 0066 5F00 0068 0000 R2:ACCESS REQ RETURNS: RO:SUCCESS CODE R1:HANDLE PTR! CP RO, #SUCCEEDED 006A 0B00 006C 0002 IF EQ ! ACCESS PERMITTED ! THEN ! ADVANCED EVENTCOUNT ! 006E 5E0E 0070 007C' ! RESTORE INSTANCE ! R2, @R15 POP 0072 97F2 CALL TC\_ADVANCE !R1:HANDLE PTR 0074 5F00 0076 0000\* R2: INSTANCE **RETURNS:** RO:SUCCESS CODE! ELSE !RESTORE STACK! 0078 5E08 007A 007E' R2, @R15 POP 007C 97F2 FI 007E 9E08 RET END ADVANCE 0080

INTERNAL SSECTION EM\_INT\_PROC

0000 CONVERT\_AND\_VERIFY PROCEDURE \* CONVERTS SEGMENT NUMBER TO KST INDEX\* \* AND EXTRACTS SEGMENT'S HANDLE FROM \* \* KST. IF SUCCESSFUL, THEN ACCESS \* \* CLASS OF SUBJECT IS CHECKED AGAINST \* \* ACCESS CLASS OF OBJECT TO INSURE \* \* THAT ACCESS IS PERMITTED. \* \*\*\*\*\*\*\* **\* PARAMETERS:** \* R1: SEGMENT NUMBER \* R2: ACCESS REQUESTED \* \* \* RETURNS: \* RO: SUCCESS CODE \* R1: HANDLE POINTER \* \* \*\*\*\*\*\*\*\*\*\*\*\* ENTRY ! SAVE REQUESTED ACCESS ! 0000 93F2 PUSH @R15, R2 ! GET SEGMENT HANDLE ! C002 5F00 CALL GET HANDLE IR1:SEG # 0004 0062\* **RETURNS: RO:SUCCESS CODE** R4:HANDLE PTR **R5:CLASS PTR!** COO6 0B00 CP RO, #SUCCEEDED 0008 0002 IF EQ ! SEGMENT IS KNOWN ! COOA 5EOE THEN ! VERIFY ACCESS ! 000C 005E' ! SAVE HANDLE & CLASS PTR ! 000E 91F4 PUSHL DR15, RR4 ! GET SUBJECT'S SAC ! 0010 5F00 CALL PROCESS CLASS !RETURNS: 0012 0000\* RR2:PROC CLASS! ! RETRIEVE SEG CLASS POINTER ! 0014 95F0 POPL RRO, DR15 ! GET SEGMENT'S CLASS ! LDL RR4, @R1 ! RETRIEVE REQUESTED ACCESS ! 0016 1414 0018 97F1 POP R1, @R15 ! SAVE HANDLE POINTER ! 001A 93F0 PUSH @R15, RO ! CHECK ACCESS CLEARANCE ! 001C 0801 CP R1, #WRITE\_ACCESS 001E 0000 IF EQ ! WRITE ACCESS REQUESTED !

| 0020 5E0E<br>0022 0040               | THEN                                                   |
|--------------------------------------|--------------------------------------------------------|
| 0024 5F00<br>0026 0000*              | CALL CLASS_EQ !RR2: PROCESS CLASS                      |
|                                      | RR4:SEGMENT CLASS<br>RETURNS:                          |
| 0028 0B01<br>0028 0000               | R1: CONDITION CODE:<br>CP R1, #FALSE                   |
| 002C 5E0E                            | IF EQ !ACCESS NOT PERMITTED!<br>THEN                   |
| 002E 0038'<br>0030 2100              | LD RO, #ACCESS_CLASS_NOT_EQ                            |
| 0032 0021<br>0034 5E08<br>0036 003C' | ELSE !ACCESS PERMITTED!                                |
| 0038 2100<br>003A 0002               | LD RO, #SUCCEEDED                                      |
| 003C 5E08                            | FI<br>ELSE ! READ ACCESS REQUESTED !                   |
| 003E 0058<br>0040 5F00<br>0042 0000* | CALL CLASS_GE !RR2:PROCESS CLASS                       |
| 0042 0000+                           | RR4:SEGMENT CLASS<br>RETURNS:                          |
| 0044 0801                            | R1:CONDITION CODE!<br>CP R1, #PALSE                    |
| 0046 0000                            | IF EQ !ACCESS NOT PERMITTED!                           |
| 0048 5E0E<br>004A 0054'              | THEN<br>LD RO, #ACCESS_CLASS_NOT_GE                    |
| 004C 2100<br>004E 0029<br>0050 5E08  | LD RO, #ACCESS_CLASS_NOT_GE<br>Else !access permitted! |
| 0052 0058<br>0054 2100               | LD RO, #SUCCEEDED                                      |
| 0056 0002                            | FI                                                     |
| 0058 97F1                            | FI<br>! RETRIEVE HANDLE POINTER !<br>POP R1, @R15      |
| 0058 5771<br>005A 5E08<br>005C 0060' | ELSE                                                   |
| 005E 97F2                            | ! RESTORE STACK !<br>POP R2, @R15                      |
| 0060 9E08                            | PI<br>RET<br>THE CONVERT AND VERIEV                    |
| 0062                                 | END CONVERT_AND_VERIFY                                 |

| 0062                   | GET_HANDLE PROCEDURE<br>!************************************ |
|------------------------|---------------------------------------------------------------|
|                        | ENTRY                                                         |
| 00(0.0001              | ! CONVERT SEGMENT # TO KST INDEX # !                          |
| 0062 0301<br>0064 000A | SUB R1, #NR_OF_KSEGS                                          |
| 0004 000A              | ! VERIFY KST INDEX !                                          |
| 0066 2100              | LD RO, #SUCCEEDED                                             |
| 0068 0002              | CD D1 40                                                      |
| 006A 0B01<br>006C 0000 | CP R1, #0                                                     |
| 0000 0000              | IF LE !INDEX NEGATIVE!                                        |
| 006E 5E0A              | THEN                                                          |
| 0070 007A'             |                                                               |
| 0072 2100<br>0074 001C | LD RO, #SEGMENT_NOT_KNOWN                                     |
| 0076 5208              | ELSE !INDEX POSITIVE:                                         |
| 0078 0086'             |                                                               |
| 007A 0B01              | CP R1, #MAX_NO_KST_ENTRIES                                    |
| 007C 0036              | IF GT !EXCEEDS MAXIMUM INDEX!                                 |
| 00 <b>7</b> E 5E02     | THEN !INVALID INDEX!                                          |
| 0080 0086'             |                                                               |
| 0082 2100<br>0084 001C | LD RO, #SEGMENT_NOT_KNOWN                                     |
| 0004 0010              | FI                                                            |
|                        | FI                                                            |
| 0086 0B00              | CP RO, #SUCCEEDED                                             |
| 0088 0002              | IF EQ !INDEX VALID!                                           |
| 008A 5E0E              | THEN                                                          |
| 008C 00BE•             |                                                               |
| 0092 0324              | ! SAVE KST INDEX !                                            |
| 008E 93F1              | PUSH @R15, R1<br>! GET KST ADDRESS !                          |
| 0090 2101              | LD R1, #KST_SEG_NO                                            |
| 0092 0002              |                                                               |
| 0094 5F00              | CALL ITC_GET_SEG_PTR !R1:KST_SEG_NO                           |
|                        |                                                               |

0096 0000\* **RETURNS:** RO:KST ADDR! ! RETRIEVE KST INDEX # ! 0098 97F3 POP R3, DR15 ! CONVERT KST INDEX # TO KST OFFSET ! 009A 1902 MULT RR2, #SIZEOF KST\_REC 009C 0010 ! COMPUTE KST ENTRY ADDRESS ! ADD R3, RO 009E 8103 ! SEE IF SEGMENT IS KNOWN ! 00A0 4D31 CP KST.M\_SEG\_NO(R3), #NOT\_KNOWN 00A2 000E 00A4 00FF IF EQ ISEGMENT NOT KNOWN! 00A6 5E0E THEN 00A8 00B2" 00AA 2100 LD RO, #SEGMENT\_NOT\_KNOWN 00AC 001C 00AE 5E08 ELSE ISEGMENT KNOWN! 00B0 00BE • 00B2 2100 LD RO, #SUCCEEDED 00B4 0002 ! GET HANDLE POINTER ! 00B6 7634 LDA R4, KST.MM\_HANDLE(R3) 00B8 0000 ! GET CLASS POINTER ! 00BA 7635 LDA R5, KST. CLASS (R3) 00BC 000A FI FI 00BE 9E08 RET END GET\_HANDLE 0000 END EVENT\_MGR

### Appendix B

### TRAFFIC CONTROLLER LISTINGS

Z8000ASM 2.02 LOC OBJ CODE STMT SOURCE STATEMENT \$LISTON \$TTY TC MODULE CONSTANT ! \*\*\*\*\*\*\* SYSTEM PARAMETERS \*\*\*\*\*\* ! NR PROC := 4 VP\_NR := 2 NR\_CPU := 2 NR\_KST := 54 ! \*\*\*\*\*\* SYSTEM CONSTANTS \*\*\*\*\*\* ! RUNNING := 0 := 1 READY BLOCKED := 2 IDLE\_PROC := %DDDD := %FFFF NIL INVALID := %EEEE KERNEL\_STACK := 1 USER\_STACK := 3 KST\_SEG := 2 KST LIMIT := 1 USER FCW := %1800 := 0 WRITE **!INDICATES LOWEST SYSTEM** SECURITY CLASS! SYSTEM\_LOW := 0 STK OFFSET := %PF REMOVED := %ABCD := 1 TRUE FALSE := 0 SUCCEEDED := 2 TYPE AP PTR WORD VF\_PTR WORD ADDRESS WORD H ARRAY ARRAY[3 WORD]

- 258 -

AP\_TABLE RECORD [NEXT\_AP AP PTR DBR WORD SAC LONG PRI INTEGER STATE INTEGER AFFINITY WORD VP\_ID VP PTR HANDLE H\_ARRAY INSTANCE WORD VALUE LONG FILL 2 ARRAY[2 WORD] ] RUN ARRAY ARRAY[VP\_NR AP\_PTR] RDY\_ARRAY ARRAY[NR\_CPU AP\_PTR] AP\_DATA ARRAY[NR\_PROC AP\_TABLE] VP\_DATA RECORD [NR\_VP ARRAY[NR CPU WORD] FIRST ARRAY[NR\_CPU VP\_PTR] 1 KST\_REC RECORD H\_ARRAY [MM\_HANDLE SIZE WORD ACCESS BYTE IN\_CORE BYTE CLASS LONG M\_SEG\_NO SHORT\_INTEGER ENTRY\_NUM SHORT\_INTEGER 1 EXTERNAL K LOCK PROCEDURE K\_UNLOCK PROCEDURE SET PREEMPT PROCEDURE SWAP\_VDBR PROCEDURE IDLE PROCEDURE RUNNING\_VP PROCEDURE CREATE\_INT\_VEC PROCEDURE LIST\_INSERT PROCEDURE ALLOCATE\_MMU PROCEDURE MM\_ALLOCATE PROCEDURE UPDATE\_MMU\_IMAGE PROCEDURE CREATE STACK PROCEDURE MM\_ADVANCE PROCEDURE MM READ EVENTCOUNT PROCEDURE G AST LOCK WORD PREEMPT\_RET LABEL

| 0000              | <pre>\$SECTION TC_DATA<br/>INTERNAL<br/>APT RECORD<br/>[ LOCK WORD<br/>RUNNING_LIST RUN_ARRAY<br/>READY_LIST RDY_ARRAY<br/>BLOCKED_LIST AP_PTR<br/>FILL_3 LONG<br/>VP VP_DATA<br/>FILL ARRAY[4 WORD]<br/>AP AP_DATA<br/>]</pre>      |
|-------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| 00 A 0<br>0 0 A 2 | ITHESE VARIABLES ARE USED DURING TC<br>INITIALIZATION TO SPECIFY AVAILABLE<br>ENTRIES IN THE APT, AND ARE INITIAL-<br>IZED BY TC_INIT IN THIS IMPLEMENTATION!<br>NEXT_VP WORD<br>APT_ENTRY WORD                                      |
| 0000              | <pre>\$SECTION TC_LOCAL<br/>\$ABS 0<br/>!NOTE: USED AS OVERLAY ONLY!<br/>ARG_LIST RECORD<br/>[REG ARRAY[13 WORD]<br/>IC WORD<br/>CPU_ID WORD<br/>SAC1 LONG<br/>PRI1 WORD<br/>USR_STK WORD<br/>KER_STK WORD<br/>KST1 LONG<br/>]</pre> |
| 0000              | <pre>\$ABS 0 !NOTE: USED AS STACK PRAME FOR STORAGE OF TEMPORARY VARIABLES FOR CREATE_PROCESS.! CKEATE RECORD   [ARG_PTR WORD   DBR_NUM WORD   LIMITS WORD   SEG_ADDR ADDRESS   N_S_P WORD  ]</pre>                                  |
| 0000              | <pre>\$ABS 0<br/>HANDLE_VAL RECORD<br/>[HIGH LONG<br/>LOW WORD<br/>]<br/>!THE FOLLOWING DECLARATION IS UTILIZED<br/>AS A STACK FRAME FOR STORAGE OF</pre>                                                                            |

|      | TEMPORARY VARIABLES UTILIZED BY     |
|------|-------------------------------------|
|      | TC_ADVANCE AND TC_AWAIT. !          |
|      | \$ABS 0                             |
| 0000 | TEMP RECORD                         |
|      | [HANDLE_PTR WORD                    |
|      | EVENT_NR WORD                       |
|      | EVENT_VAL LONG                      |
|      | EVENT_VAL LONG<br>ID_VP WORD        |
|      | CPU_NUM WORD                        |
|      | HANDLE_HIGH LONG                    |
|      | HANDLE_LOW WORD                     |
|      | ]                                   |
|      | \$SECTION TC_KST_DCL                |
|      | INOTE: KST DECLARATION IS USED HERE |
|      | TO SUPPORT KST INITIALIZATION FOR   |
|      | THIS DEMONSTRATION ONLY. THIS       |
|      | DECLARATION AND INITIALIZATION      |
|      | SHOULD EXIST AT THE SEGMENT MANAGER |
|      | LEVEL AND THUS SHOULD BE REMOVED    |
|      | UPON IMPLEMENTATION OF SYSTEM       |
|      | INITIALIZATION.!                    |
|      | \$ABS 0                             |
| 0000 | KST ARRAY[NR_KST KST_REC]           |

- 261 -

**SSECTION TC INT PROC** 0000 PROCEDURE TC GETWORK \*\*\*\*\*\* \* PROVIDES GENERAL MANAGE-\* MENT OF USER PROCESSES BY \* \* EFFECTING PROCESS SCHEDU- \* \* LING ON VIRTUAL PROCESSORS\* \*\*\*\*\*\* **\*** PARAMETERS: \* R1: CURRENT VP ID жċ, \* R3: LOGICAL CPU # \* \* \*\*\*\*\*\* \* LOCAL VARIABLES: \* \* R2: NEXT READY PROCESS \* R4: AP PTR wie: \*\*\*\*\*\* ENTRY ! FIND FIRST READY PROCESS ! 0000 6132 LD R2, APT.READY LIST (R3) 0002 0006 GET\_READY\_AP: DO !WHILE NOT (END OF LIST OR READY)! 0004 0B02 R2, #NIL СР 0006 FFFF 0008 5E0E IF EQ INO READY PROCESS! THEN 000A 0010' 000C 5E08 EXIT FROM GET READY AP 000E 0026" FI 0010 4D21 CP APT.AP.STATE(R2), #READY 0012 002A\* 0014 0001 0016 5E0E IF EQ !PROCESS READY! THEN 0018 001E. 001A 5E08 EXIT FROM GET READY AP 001C 0026 · FI ! GET NEXT AP FROM LIST ! 001E 6124 LD R4, APT.AP.NEXT AP(R2) 0020 0020\* 0022 A142 R2, R4 LD 0024 E8EF OD 0026 0B02 CP R2,#NIL 0028 FFFF 002A 5E0E IF EQ ! IF NO PROCESSES READY ! THEN 002C 003C\* ! LOAD IDLE PROCESS ! 002E 4D15 LD APT.RUNNING\_LIST (R1), #IDLE\_PROC 0030 0002" 0032 DDDD 0034 5F00 CALL IDLE 0036 0000\* 0038 5E08 ELSE

| 003A | 0052* |                               |
|------|-------|-------------------------------|
|      |       | ! LOAD FIRST READY AP !       |
| 003C | 6F12  | LD APT.RUNNING_LIST (R1), R2  |
| 003E | 0002* |                               |
| 0040 | 4D25  | LD APT.AP.STATE(R2), #RUNNING |
| 0042 | 002A* |                               |
| 0044 | 0000  |                               |
| 0046 | 6F21  | LD APT.AP.VP_ID(R2), R1       |
| 0048 | 002E  |                               |
| 004A | 6121  | LD R1, APT.AP.DBR (R2)        |
| 004C | 0022* |                               |
| 004E | 5F00  | CALL SWAP_VDBR ! (R1:DBR) !   |
| 0050 | *0000 |                               |
|      |       | FI                            |
| 0052 | 9E08  | RET                           |
| 0054 |       | END TC_GETWORK                |
|      |       | -                             |

- 263 -

VIRTUAL PREEMPT\_HANDLER 0054 PROCEDURE \*\*\*\*\*\*\* \* LOADS FIRST READY AP \* **\*** IN RESPONSE TO PREEMPT \* \* INTERRUPT \* \*\*\*\*\*\*\* ENTRY 1\*\* CALL WAIT LOCK (APT-.LOCK) \*\*! !\*\* RETURNS WHEN PROCESS HAS LOCKED APT \*\*! 0054 7604 LDA R4, APT.LOCK 0056 0000\* 0058 5F00 CALL K LOCK 005A 0000\* ! GET RUNNING VP ID ! 005C 5F00 CALL RUNNING\_VP !RETURNS: 005E 0000\* R1:VP\_ID R3:CPU #! ! GET AP ! 0060 6112 LD R2, APT.RUNNING LIST(R1) 0062 0002\* ! IF NOT AN IDLE PROCESS, SET IT TO READY ! 0064 0B02 CP R2, #IDLE PROC 0066 DDDD IF NE ! NOT IDLE ! THEN 0068 SE06 006A 0072" 006C 4D25 LD APT.AP.STATE(R2), #READY 006E 002A" 0070 0001 FI ! LOAD FIRST READY PROCESS ! 0072 5F00 CALL TC\_GETWORK !R1:VP\_ID 0074 0000. R3:CPU #! INOTE: THIS IS THE INITIAL POINT OF EXECUTION FOR USER PROCESSES.! VIRT\_PREEMPT\_RETURN: \*\*\* CALL UNLOCK (APT-.LOCK) \*\*! **\*\*\* RETURNS WHEN PROCESS HAS UNLOCKED APT \*\*!** !\*\* AND ADVANCED ON THIS EVENT \*\*! 0076 7604 LDA R4, APT.LOCK 0078 0000. 007A 5F00 CALL K UNLOCK 007C 0000\* ! PERFORM A VIRTUAL INTERBUPT RETURN ! INOTE: THIS JUMP EFFECTS A VIRTUAL IRET INSTRUCTION.! JP PREEMPT\_RET 007E 5E08 \*0000 0800

0082 END VIRTUAL\_PREEMPT\_HANDLER

- 265 -

| \$SE<br>0000            | BAL<br>CTION TC_GLB_PROC<br>TC_INIT PROCEDURE<br>************************************ |
|-------------------------|---------------------------------------------------------------------------------------|
|                         | ENTRY                                                                                 |
|                         | ! NOTE: THE NEXT FOUR VALUES ARE                                                      |
| 0000 4005               | ONLY TO BE INITIALIZED ONCE. !<br>LD NEXT_VP, #0                                      |
| 0002 0040"              |                                                                                       |
| 0004 0000<br>0006 4D05  | LD APT_ENTRY, #0                                                                      |
| 0008 00A2"              |                                                                                       |
| 000A 0000<br>000C 4D05  | LD APT.BLOCKED_LIST, #NIL                                                             |
| 000E 000A*<br>0010 FFFF |                                                                                       |
| 0010 FFFF<br>0012 4D08  | CLR APT.LOCK                                                                          |
| 0014 0000*              | · * * * * * * * * * * * * * * * * * * *                                               |
|                         | NOTE: THE FOLLOWING CODE IS INCLUDED                                                  |
|                         | ONLY FOR SIMULATION OF A MULTIPROCESSOR<br>ENVIRONMENT. THIS IS TO INSURE THAT THE    |
|                         | READY LIST (S) AND VP DATA OF THE SIMULATED                                           |
|                         | CPU(S) ARE PROPERLY INITIALIZED. IN AN<br>ACTUAL MULTIPROCESSOR ENVIRONMENT, THIS     |
|                         | BLOCK OF CODE SHOULD BE REMOVED.                                                      |
| 0016 2104               | **************************************                                                |
| 0018 0000               |                                                                                       |
| 001A 0B04               | DO<br>CP R4, #NR_CPU#2                                                                |
| 001C 0004               | _                                                                                     |
| 001E 5E0E               | IF EQ !ALL LISTS INITIALIZED!<br>THEN EXIT                                            |
| 0020 0026<br>0022 5E08  |                                                                                       |
| 0024 0036               |                                                                                       |
|                         | FI<br>! INITIALIZE READY_LISTS AS EMPTY !                                             |
| 0026 4 <b>D</b> 45      | LD APT.READY_LIST(R4), #NIL                                                           |
| 0028 0006<br>002A FFFF  |                                                                                       |
| JULA FFF                | ! INITIALLY MARK ALL LOGICAL CPU'S                                                    |
|                         | AS HAVING 1 VP. THIS IS NECESSARY<br>TO INSURE TC_ADVANCE WILL FUNCTION               |
|                         | PROPERLY, AS IT EXPECTS EVERY CPU                                                     |
|                         | - 266 -                                                                               |

TO HAVE AT LEAST 1 VP. ! 002C 4D45 LD APT.VP.NR VP(R4), #1 002E 0010\* 0030 0001 0032 A941 R4, #2 INC 0034 E8F2 0D ! END MULTIPROCESSOR SIMULATION CODE. APT.VP.NR\_VP(R1), R2 0036 6F12 LD 0038 0010\* 003A 6103 LD R3, NEXT VP 003C 00A0\* 003E 6F13 LD APT.VP.FIRST(R1), R3 0040 0014\* ! RECOMPUTE NEXT\_VP VALUE FOR TC INITIALIZATION OF NEXT LOGICAL CPU. ! 0042 A125 R5, R2 LD 0044 1904 MULT RR4, #2 0046 0002 R3, R5 0048 8153 ADD 004A 6F03 NEXT\_VP, R3 LD 004C 00A0" ! INITIALIZE RUNNING LIST ! LD R3. APT. VP.FIRST(R1) 004E 6113 0050 0014 DO CP R2, #0 0052 0B02 0054 0000 0056 5E0E IF EQ THEN EXIT FI 0058 005E\* 005A 5E08 005C 006A\* LD APT.RUNNING\_LIST (R3), #IDLE\_PROC 005E 4D35 0060 0002\* 0062 DDDD 0064 A931 INC R3, #2 R2, #1 0066 AB20 DEC 0068 E8F4 0D LD APT.READY LIST(R1), #NIL 006A 4D15 006C 0006" 006E FFFF R1, #0 0070 2101 LD 0072 0000 ! ENTRY ADDRESS ! LDA R2, VIRTUAL PREEMPT\_HANDLER 0074 7602 0076 0054" CALL CREATE\_INT\_VEC 0078 5F00 007A 0000\* !R1:VIRTUAL INTERRUPT # R2: INTERRUPT HANDLER ADDRESS! 007C 9E08 RET END TC\_INIT 007E

| 007E                    | CREATE_PROCESS PROCEDURE                 |
|-------------------------|------------------------------------------|
|                         | *******                                  |
|                         | * CREATES USER PROCESS *                 |
|                         | * DATABASES AND APT *                    |
|                         | * ENTRIES *                              |
|                         | * PARAMETERS: *                          |
|                         | * R14: ARGUMENT PTR *                    |
|                         | *****                                    |
|                         | ENTRY                                    |
|                         | INOTE: THIS PROCEDURE IS A STUB TO ALLOW |
|                         | PROCESS INITIALIZATION FOR THIS          |
|                         | DEMONSTRATION.!                          |
|                         | ! ESTABLISH STACK PRAME FOR LOCAL        |
|                         | VARIABLES. !                             |
|                         | SUB R15, #SIZEOF CREATE                  |
| <b>A</b> 000 0800       |                                          |
|                         | ! STORE INPUT ARGUMENT POINTER !         |
|                         | LD CREATE.ARG_PTR (R15), R14             |
| 0084 0000               | ! LOCK APT !                             |
| 0086 7604               | LDA R4, APT.LOCK                         |
| 0088 0000               |                                          |
| 008A 5F00               |                                          |
| 008C 0000*              |                                          |
|                         | I RETURNS WHEN APT IS LOCKED !           |
|                         | ! CREATE MMU ENTRY FOR PROCESS !         |
|                         | CALL ALLOCATE_MMU !RETURNS:              |
| 0090 0000*              |                                          |
|                         | RO: DBR #!                               |
| 0000 (101               | : GET NEXT AVAILABLE ENTRY IN APT !      |
| 0092 6101<br>0094 00A2* | LD R1, APT_ENTRY                         |
| 0034 0082               | ! COMPUTE APT OFFSET !                   |
| 0096 2102               | LD R2, #SIZEOF AP_TABLE                  |
| 0098 0020               |                                          |
| 009A 8112               | ADD R2, R1                               |
|                         | ! SAVE NEXT AVAILABLE APT ENTRY !        |
| 009C 6F02               |                                          |
| 009E 00A2"              |                                          |
|                         | ! CREATE APT ENTRY FOR PROCESS !         |
| 00A0 4D15               |                                          |
| 00A2 0020*              |                                          |
| 00A4 FFFF<br>00A6 6F10  | LD APT.AP.DBR(R1), RO                    |
| 0CA8 0022*              |                                          |
| 0010 0022               | ! GET PROCESS CLASS !                    |
| 00AA 54E2               |                                          |
| 004C 001E               |                                          |
| 00AE 5D12               | LDL APT. AP. SAC (R1), RR2               |
| 0080 0024               |                                          |
|                         | ! GET PROCESS PRIORITY !                 |
| 00B2 61E2               | LD R2, ARG_LIST.PRI1(R14)                |
|                         |                                          |

| 00B4 0022<br>00B6 6F12<br>00B8 0028' | LD APT. AP. PRI (R1), R2                             |
|--------------------------------------|------------------------------------------------------|
| 00BA 61E2<br>00BC 001C               | ! GET LOGICAL CPU # !<br>LD R2, ARG_LIST.CPU_ID(R14) |
|                                      | LD APT. AP. AFFINITY (R1), R2                        |
|                                      | THREAD IN LIST AND MAKE READY!                       |
| 00C2 7623                            | LDA R3, APT.READY_LIST(R2)                           |
| 00C6 7604<br>00C8 0020'              | LDA R4, APT.AP.NEXT_AP                               |
| 00CC 00284                           | LDA R5, APT.AP.PRI                                   |
| 00CE 7606<br>00D0 002A'              | LDA R6, APT.AP.STATE                                 |
|                                      | LD R7, #READY                                        |
|                                      | EX R1, R2                                            |
|                                      | ! SAVE DBR # !                                       |
| 00D8 6FF0<br>00DA 0002               | LD CREATE.DBR_NUM (R15), RO                          |
|                                      | CALL LIST_INSERT                                     |
| 00DE 0000*                           |                                                      |
|                                      | <pre>!R2: OBJ ID<br/>R3: LIST HEAD PTR</pre>         |
|                                      | R4: NEXT OBJ PTR                                     |
|                                      | R5: PRIORITY PTR                                     |
|                                      | R6: STATE PTR                                        |
|                                      | R7: STATE!<br>! UNLOCK APT !                         |
| 00E0 7604                            | LDA R4, APT.LOCK                                     |
| 00E2 0000 •                          |                                                      |
| 00E4 5F00<br>00E6 0000*              | CALL K_UNLOCK                                        |
| 0059 0000+                           | CREATE USER STACK!                                   |
|                                      | ! RESTORE ARGUMENT POINTER !                         |
| 00E8 61FE                            | LD R14, CREATE.ARG_PTR(R15)                          |
| 00EA 0000<br>00EC 61E3               | LD R3, ARG_LIST.USR_STK(R14)                         |
| 00EE 0024                            | LD x5, ARG_DIST.05A_SIR(A14)                         |
|                                      | ! SAVE LINITS !                                      |
| 00F0 6FF3                            | LD CREATE.LIMITS(R15), R3                            |
| 00F2 0004<br>00F4 5F00               | CALL MM_ALLOCATE !R3: # OF BLOCKS                    |
| 00F6 0000*                           |                                                      |
|                                      | RETURNS:                                             |
|                                      | R2: START ADDR!<br>COMPUTE & SAVE NSP!               |
| 00F8 A128                            | LD R8, R2                                            |
|                                      | ! ESTABLISH INITIAL SP VALUE                         |
|                                      | FOR USER STACK. !                                    |
| 00FA 0108                            | ADD R8, #STK_OFFSET                                  |
|                                      | - 269 -                                              |

| 00FE 6FF8       LD       CREATE.N_S_P(R15), R8         0100       0008       !         !       RESTORE LIMITS !         0102       61F4       LD       R4, CREATE.LIMITS(R15)         0104       0004         0106       AB40       DEC       R4       !SEG LIMITS!                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |   |
|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---|
| ! RESTORE LIMITS !<br>0102 61F4 LD R4, CREATE.LIMITS(R15)<br>0104 0004                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |   |
| 0102 61F4 LD R4, CREATE.LIMITS(R15)<br>0104 0004                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   |   |
| 0104 0004                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          |   |
|                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    |   |
| TELES A STATE THE AND THE FULL TO THE FULL TO THE STATE ST |   |
| ! RESTORE DBR !                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    |   |
| 0108 61F0 LD RO, CREATE.DER_NUM (R15)                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |   |
| 010A 0002                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          |   |
| 010C 2101 LD R1, #USER_STACK                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       |   |
| 010E 0003                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          |   |
| 0110 2103 LD R3, #WRITE !ATTRIBUTE!                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |   |
| 0112 0000                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          |   |
| 0114 5F00 CALL UPDATE_MMU_IMAGE                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    |   |
| 0116 0000*                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         |   |
| !RO: DBR #<br>R1: SEGMENT #                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        |   |
| R1: SEGMENI #<br>R2: SEG ADDRESS                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   |   |
| R3: SEG ATTRIBUTES                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 |   |
| R4: SEG LIMITS!                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    |   |
| CREATE KERNEL STACK!                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               |   |
| ! RESTORE ARGUMENT POINTER !                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       |   |
| 0118 61FE LD R14, CREATE.ARG_PTR(R15)                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |   |
| 011A 0000                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          |   |
| 011C 61E3 LD R3, ARG_LIST.KER_STK(R14)                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |   |
| 011E 0026                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          |   |
| 0120 5F00 CALL MM_ALLOCATE !R3: # OF BLOCK                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         | S |
| 0122 0000*                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         |   |
| RETURNS<br>R2: START ADDR                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          |   |
| MAKE MMU ENTRY!                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    |   |
| ! RESTORE DBR # !                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  |   |
| 0124 61F0 LD RO, CREATE.DBR_NUM(R15)                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               |   |
| 0126 0002                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          |   |
| 0128 2101 LD R1, #KERNEL_STACK                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     |   |
| 012A 0001                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          |   |
| 012C A134 LD R4, R3                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |   |
| 012E AB40 DEC R4                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   |   |
| 0130 2103 LD R3, #WRITE                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |   |
| 0132 0000                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          |   |
| ! SAVE START ADDRESS !                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |   |
|                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    |   |
| 0134 6FF2 LD CREATE.SEG_ADDR(R15), R2                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |   |
| 0136 0006                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          |   |
| 0136 0006<br>0138 5F00 CALL UPDATE_MMU_IMAGE                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       |   |
| 0136 0006<br>0138 5F00 CALL UPDATE_MMU_IMAGE<br>013A 0000*                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         |   |
| 0136 0006<br>0138 5F00 CALL UPDATE_MMU_IMAGE<br>013A 0000*<br>!R0: DER #                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           |   |
| 0136 0006<br>0138 5F00 CALL UPDATE_MMU_IMAGE<br>013A 0000*<br>!R0: DER #<br>R1: SEGMENT #                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          |   |
| 0136 0006<br>0138 5F00 CALL UPDATE_MMU_IMAGE<br>013A 0000*<br>!R0: DER #                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           |   |
| 0136 0006<br>0138 5F00 CALL UPDATE_MMU_IMAGE<br>013A 0000*<br>!R0: DER #<br>R1: SEGMENT #<br>R2: SEG ADDRESS<br>R3: SEG ATTRIBUTES<br>R4: SEG LIMITS!                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |   |
| 0136 0006<br>0138 5F00<br>013A 0000*<br>IRO: DER #<br>R1: SEGMENT #<br>R2: SEG ADDRESS<br>R3: SEG ATTRIBUTES<br>R4: SEG LIMITS!<br>IESTABLISH ARGUMENTS!                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           |   |
| 0136 0006<br>0138 5F00 CALL UPDATE_MMU_IMAGE<br>013A 0000*<br>!R0: DER #<br>R1: SEGMENT #<br>R2: SEG ADDRESS<br>R3: SEG ATTRIBUTES<br>R4: SEG LIMITS!                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |   |

| 013E 0000               |                                                                        |
|-------------------------|------------------------------------------------------------------------|
| 0135 0000               | ! RESTORE STACK ADDRESS !                                              |
| 0140 61F1               | LD R1, CREATE.SEG_ADDR(R15)                                            |
| 0142 0006               | ,                                                                      |
| 0146 1800               | LD R3, #USER_FCW                                                       |
|                         | LD R4, ARG_LIST.IC(R14)                                                |
| 014A 001A               |                                                                        |
| 0.1/10 6.185            | ! RESTORE INITIAL NSP !                                                |
| 014E 0008               | LD R5, CREATE.N_S_P(R15)                                               |
| 0150 7606               | LDA R6, VIRT_PREEMPT_RETURN                                            |
| 0152 0076               |                                                                        |
| 0156 0008               | SUB R15, #8                                                            |
|                         | LDM @R15, R3, #4                                                       |
| 015A 0303               |                                                                        |
|                         | ! LOAD ARGUMENT POINTER FOR                                            |
| 015C A1F0               | CREATE_STACK CALL !<br>LD RO. R15                                      |
| 015E 93F1               | PUSH @R15, R1                                                          |
| 0160 A1E1               | LD RO, R15<br>PUSH $\partial$ R15, R1<br>LD R1, R14                    |
|                         | ! LOAD INITIAL REGISTER VALUES TO<br>BE PASSED TO USER PROCESS AS      |
|                         | INITIAL PARAMETERS. !                                                  |
|                         | LDM R2, ARG_LIST.REG(R1), #13                                          |
| 0164 020C               |                                                                        |
| 0166 0000<br>0168 97F1  | POP R1, DR15                                                           |
|                         | CALL CREATE_STACK                                                      |
| 016C 0000*              | -                                                                      |
|                         | PO: ARGUMENT PTR<br>R1: TOP OF STACK                                   |
|                         | R2-R14: INITIAL                                                        |
|                         | REG STATES!                                                            |
|                         | NOTE: THE ABOVE INITIAL REG STATES<br>REPRESENT THE INITIAL PARAMETERS |
|                         | (VIZ., EEGISTER CONTENTS) THAT A                                       |
|                         | USER PROCESS WILL RECEIVE UPON                                         |
|                         | INITIAL EXECUTION. !                                                   |
| 016E 010F<br>0170 0008  | ADD R15, #8 !OVERLAY PARAMETERS!                                       |
| 0170 0000               | ! ALLOCATE KST !                                                       |
|                         | LD R3, #KST_LIMIT                                                      |
| 0174 0001               |                                                                        |
| 0176 5F00<br>0178 0000* | CALL MM_ALLOCATE !R3:# OF BLOCKS                                       |
|                         | RETURNS                                                                |
|                         | R 2: START ADDR!                                                       |
| 017A 61F0               | ! RESTORE DBR !<br>LD RO, CREATE.DBR_NUM(R15)                          |
| 017C 0002               |                                                                        |
|                         | ! SAVE KST ADDRESS !                                                   |
| 017E 6FF2               | LD CREATE.SEG_ADDR(R15), R2                                            |
|                         | - 271 -                                                                |

| 0180 | 0006  |                               |
|------|-------|-------------------------------|
|      |       | MAKE MMU ENTRY FOR KST SEG!   |
|      |       | LD R1, #KST_SEG               |
|      | 0002  |                               |
|      |       | LD R3, #WRITE !ATTRIBUTE!     |
|      | 0000  |                               |
|      |       | LD R4, #KST_LIMIT-1           |
|      | 0000  |                               |
|      |       | CALL UPDATE_MMU_IMAGE         |
| 0190 | 0000* |                               |
|      |       | IRO: DBR #                    |
|      |       | R1: SEGMENT #                 |
|      |       | R2: SEG ADDRESS               |
|      |       | R3: SEG ATTRIBUTES            |
|      |       | R4: SEG LIMITS!               |
|      |       | ! RESTORE KST ADDRESS !       |
|      |       | LD R2, CREATE.SEG_ADDR(R15)   |
| 0194 | 0006  |                               |
|      |       | ! CREATE INITIAL KST STUB !   |
|      |       | CALL CREATE_KST !R2:KST ADDR! |
| 0198 | 0140  |                               |
|      |       | ! REMOVE TEMPORARY VARIABLE   |
|      |       | STACK FRAME. !                |
|      |       | ADD R15, #SIZEOF CREATE       |
|      | 000A  |                               |
|      | 9E08  |                               |
| 0140 |       | END CREATE_PROCESS            |

CREATE\_KST 01A0 PROCEDURE \*\*\*\*\*\*\* \* CREATES KST STUB FOR \* \* PROCESS MANAGEMENT \* \* DEMO. INSERTS ROOT \* \* ENTRY IN KST. NOT \* \* INTENDED TO BE FINAL \* \* PRODUCT. \* \*\*\*\*\*\* **\*** PARAMETERS: \* R2: KST ADDRESS \* \* ENTRY INOTE: THIS PROCEDURE IS A STUB USED FOR INITIALIZATION IN THIS IMPLEMENTATION THE ACTUAL INITIALIZATION CODE ONLY. FOR THE KST WILL RESIDE AT THE SEGMENT MANAGER LEVEL ONCE IMPLEMENTATION OF SYSTEM INITIALIZATION IS EFFECTED. ! ! CREATE ROOT ENTRY IN KST ! 01A0 1406 LDL RR6, #-1 !ROOT HANDLE! 01A2 FFFF 01A4 FFFF 01A6 5D26 LDL KST.MM\_HANDLE(R2), RR6 01A8 0000 SET ROOT ENTRY # IN G\_AST ! KST.MM HANDLE[2](R2), #0 01AA 4D25 LD 01AC 0004 01AE 0000 ! SET ROOT CLASSIFICATION ! RR6, #SYSTEM\_LOW 01B0 1406 LDL 01B2 0000 01B4 0000 KST.CLASS(R2), RR6 01B6 5D26 LDL 01B8 000A ISET MENTOR SEG #! KST.M\_SEG\_NO(R2), #0 01BA 4C25 LDB 01BC 000E 01BE 0000 INITIALIZE FREE KST ENTRIES FOR DEMO. NOT FULL KST! R1, #10 01C0 2101 LD 01C2 000A DO R1, #0 CP 01C4 0B01 01C6 0000 01C8 5E0E IF EQ THEN EXIT FI 01CA 01D0' 01CC 5E08 01CE 01DE\* R2, #SIZEOF KST\_REC 01D0 0102 ADD 01D2 0010

| 01D4    | 4C25  | LDB    | KST.M_SEG_NO(R2), #%H | FF |
|---------|-------|--------|-----------------------|----|
| 01D6    | 000E  |        |                       |    |
| 01D8    | FFFF  |        |                       |    |
| 0 1 D A | AB 10 | DEC    | R 1                   |    |
| 01DC    | E8F3  | OD     |                       |    |
| 01DE    | 9E08  | RET    |                       |    |
| 01E0    |       | END CR | EATE KST              |    |

- 274 -

| 01E0                                              | TC_ADVANCE PROCEDURE<br>!************************************                                                                                                                                                                              |
|---------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
|                                                   | <ul> <li>* LISTS ARE THEN CHECKED TO</li> <li>* INSURE PROPER SHEDULING IS</li> <li>* EFFECTED. IF NECESSARY VIR-</li> <li>* TUAL PREEMPTS ARE SENT TO ALL*</li> <li>* THOSE VP'S BOUND TO LOWER</li> <li>* PRIORITY PROCESSES.</li> </ul> |
|                                                   | **************************************                                                                                                                                                                                                     |
|                                                   | <pre>* R0: SUCCESS CODE * ***********************************</pre>                                                                                                                                                                        |
| 01E0 030F<br>01E2 0012                            | SUB R 15, #SIZEOF TEMP<br>! SAVE INPUT ARGUMENTS !                                                                                                                                                                                         |
| 01E6 0000                                         | LD TEMP.HANDLE_PTR(R15), R1<br>LD TEMP.EVENT_NR(R15), R2                                                                                                                                                                                   |
| 01EE 0000°<br>01F0 5F00                           | CALL K_LOCK                                                                                                                                                                                                                                |
| 01F2 0000*                                        | ! RETURNS WHEN APT IS LOCKED !<br>! ANNOUNCE EVENT OCCURRENCE BY<br>INCREMENTING EVENTCOUNT IN G_AST!<br>CALL MM_ADVANCE !R1:HANDLE PTR                                                                                                    |
| 01F6 0000*                                        | R2:INSTANCE<br>RETURNS:<br>R0:SUCCESS CODE<br>RR2:EVENTCOUNT!                                                                                                                                                                              |
| 01F8 0B00<br>01FA 0002<br>01FC 5E0E<br>01FE 0372* | IF EQ THEN                                                                                                                                                                                                                                 |
| 0200 5DF2<br>0202 0004                            | : SAVE EVENTCOUNT !<br>LDL TEMP.EVENT_VAL (R15), RR2<br>- 275 -                                                                                                                                                                            |
|                                                   | _                                                                                                                                                                                                                                          |

|                        | ! RESTORE INSTANCE !                                       |
|------------------------|------------------------------------------------------------|
| 0204 61F0              |                                                            |
| 0206 0002              |                                                            |
|                        | ! RESTORE HANDLE POINTER !                                 |
| 0208 61F1              | LD R1, TEMP.HANDLE_PTR(R15)                                |
| 020A 0000              |                                                            |
| 020C 5414              | ! SAVE HANDLE !<br>LDL RR4, HANDLE_VAL.HIGH(R1)            |
| 020E 0000              | LDL AR4, MANDLE_VAL. HIGH (AI)                             |
| 0210 5DF4              | LDL TEMP.HANDLE_HIGH (R15), RR4                            |
| 0212 000C              |                                                            |
| 0214 6114              | LD R4, HANDLE_VAL.LOW(R1)                                  |
| 0216 0004              |                                                            |
| 0218 6FF4              | LD TEMP.HANDLE_LOW(R15), R4                                |
| 021A 0010              | A NUNERN NEL DROGRAGIA NUNTETNO                            |
|                        | ! AWAKEN ALL PROCESSES AWAITING<br>THIS EVENT OCCURRENCE ! |
|                        | ! GET FIRST BLOCKED PROCESS !                              |
| 021C 6101              |                                                            |
| 021E 000A              |                                                            |
| 0220 7606              |                                                            |
| 0222 000A              |                                                            |
|                        | WAKE_UP:                                                   |
|                        | DO                                                         |
| 0004 0004              | ! DETERMINE IF AT END OF BLOCKED LIST !                    |
| 0224 0B01<br>0226 FFFF | CP R1, #NIL                                                |
| 0220 FFFF              | IF EQ ! NO MORE BLOCKED PROCESSES !                        |
| 0228 5E0E              |                                                            |
| 022A 0230              |                                                            |
| 022C 5E08              |                                                            |
| 022E 02B4              |                                                            |
|                        | FI                                                         |
| 0000 (117              | ! SAVE NEXT ITEM IN LIST !                                 |
| 0230 6117 0232 0020    |                                                            |
| 0232 0020              | ! DETERMINE IF PROCESS IS ASSOCIATED                       |
|                        | WITH CURRENT HANDLE !                                      |
| 0234 54F4              |                                                            |
| 0236 000C              | ·····                                                      |
| 0238 5014              |                                                            |
| 023A 0030              |                                                            |
|                        | IF EQ !HIGH HANDLE VALUE MATCHES!                          |
| 023C 5E0E<br>023E 02A2 |                                                            |
| 0240 61F4              | LD R4, TEMP.HANDLE_LOW (R15)                               |
| 0242 0010              | ED RA, TENESNANDEE_DON (RTS)                               |
| 0244 4514              | CP R4, APT.AP.HANDLE[2](R1)                                |
| 0246 0034              |                                                            |
|                        | IF EQ ! HANDLE'S MATCH !                                   |
| 0248 5E0E              |                                                            |
| 024A 029C              |                                                            |
| 024C 61F0<br>024E 0002 | LD RO, TEMP.EVENT_NR (R15)                                 |
| 0246 0002              |                                                            |

| 0250  | 4B10          | CP RO, APT.AP.INSTANCE (R1)                                  |
|-------|---------------|--------------------------------------------------------------|
|       | 0036          |                                                              |
|       |               | IF EQ ! INSTANCE MATCHES !                                   |
|       | 5E0E<br>0296' | THEN IDETERMINE IF THIS IS THE                               |
| 0250  | 0290.         | OCCURRENCE THE PROCESS                                       |
|       |               | WAITING FOR !                                                |
| 0258  | 54F2          | WAITING FOR !<br>LDL RR2, TEMP.EVENT_VAL(R15)                |
| UZDA  | 0004<br>5012  | CPL RR2, APT. AP. VALUE (R1)                                 |
| 025C  | 0038          | CEL RAZ, API. AP. VALUE (RI)                                 |
|       |               | TP GF IAWAITTED EVENT HAS OCCUPEED!                          |
| 0260  | 5E01          | THEN ! AWAKEN PROCESS !                                      |
|       | 0290          | ! REMOVE FROM BLOCKED LIST !                                 |
| 0264  | 2 <b>F67</b>  | LD DR6, R7                                                   |
|       |               |                                                              |
| 0266  | 91F6          | PUSHL 0R15, RR6                                              |
| 0.269 | 6112          | !SET LIST THREADING ARGUMENTS!<br>LD R2, APT.AP.AFFINITY(R1) |
|       | 002C          | LD NZ, AFI AFI ATIMIT (A)                                    |
| 026C  | 7623          | LDA R3, APT.READY_LIST(R2)                                   |
|       | 0006          |                                                              |
|       | 7604<br>0020* | LDA R4, APT.AP.NEXT_AP                                       |
|       | 7605          | LDA R5, APT.AP.PRI                                           |
| 0276  | 0028          |                                                              |
|       | 7606          | LDA R6, APT.AP.STATE                                         |
|       | 002A*<br>2107 |                                                              |
|       | 0001          |                                                              |
| 0280  | A112          | LD R2, R1                                                    |
| 0282  | 5F00          | CALL LIST_INSERT                                             |
| 0284  | 0000*         | !R2: OBJ ID                                                  |
|       |               | R3: LIST HEAD PTR                                            |
|       |               | R4: NEXT OBJ PTR                                             |
|       |               | R5: PRIORITY PTR<br>R6: STATE PTR                            |
|       |               | R7: STATE VALUE !                                            |
|       |               | ! RESTORE LOCAL VARIABLES !                                  |
|       | 95F6          | POPL RR6, DR 15                                              |
|       | 210B<br>ABCD  | LD R11, #REMCVED                                             |
|       | 5E08          | ELSE !PROCESS STILL BLOCKED!                                 |
| 028E  | 0292          |                                                              |
| 0290  | 8DB8          | CLR R11<br>FI ! END VALUE CHECK !                            |
| 0292  | 5E08          | ELSE ! PROCESS STILL BLOCKED!                                |
|       | 0298          |                                                              |
| 0296  | 8DB8          | CLR R11                                                      |
| 0.200 | 5P09          | FI ! END INSTANCE CHECK !<br>ELSE !PROCESS STILL BLOCKED!    |
|       | 5E08<br>029E  | STOR 'LKOCHOO SIIM PHOCUPS                                   |
| 0234  |               |                                                              |

029C 8DB8 CLR R11 FI ! END HANDLE CHECK ! ELSE ! PROCESS STILL BLOCKED! 029E 5E08 0240 0244" 02A2 8DB8 CLR R11 FI ! END HIGH HANDLE CHECK ! **!** RESET AP POINTER REGISTERS **!** R11, #REMOVED CP 02A4 0B0B 02A6 ABCD IF NE ! PROCESS IS STILL BLOCKED ! 02A8 5E06 THEN 02AA 02BO" 02AC 7616 LDA R6, APT.AP.NEXT\_AP(R1) 02AE 0020" FI 02B0 A171 LD R1, R7 02B2 E8B8 OD ! DETERMINE IF ANY VIRTUAL PREEMPT INTERRUPTS ARE REQUIRED ! 02B4 8D28 CLR R 2 PREEMPT\_CHECK: DO  $R2, \#NR_CPU = 2$ 0286 0802 CP 02B8 0004 02BA 5EOE IF EQ !ALL READY LISTS CHECKED! THEN 02BC 02C2\* 02BE 5E08 EXIT FROM PREEMPT\_CHECK 02C0 0366" FI ! CREATE PREEMPT VECTOR FOR VP'S ! 02C2 8D18 CLR R 1 DO !FOR R1=1 TO NR\_VP'S! 02C4 A910 INC R1 02C6 4B21 CP R1, APT.VP.NR\_VP(R2) 02C8 0010\* IF GT ! PREEMPT VECTOR COMPLETED ! 02CA 5E02 THEN EXIT 02CC 02D2\* 02CE 5E08 02D0 02D8" FI 02D2 0DF9 PUSH DR15, #TRUE 02D4 0001 02D6 E8F6 O D ! # TO PREEMPT ! 02D8 9D38 CLR R3 02DA 6124 LD R4, APT.VP.NR\_VP(R2) 02DC 0010 · ! # OF VP'S ! ! GET FIRST READY PROCESS ! 02DE 6121 LD R1, APT.READY LIST(R2) 02E0 0006" CHECK\_RDY\_LIST: DO

! SEE IF READY LIST IS EMPTY ! 02E2 0B01 CP R1, #NIL 02E4 FFFF IF EQ !LIST IS EMPTY! 02E6 5E0E THEN EXIT FROM CHECK\_RDY\_LIST 02E8 02EE 02EA 5E08 02EC 0324" FI 02EE 4D11 CP APT.AP.STATE (R1), #RUNNING 02F0 002A" 02F2 0000 IF EQ !PROCESS IS RUNNING! 02F4 5E0E THEN !DON'T PREEMPT IT! 02F6 030C\* 02F8 6115 LD R5, APT.AP.VP\_ID(R1) 02FA 002E COMPUTE LOCATION IN PREEMPT VECTOR! 02FC 4325 SUB R5, APT. VP.FIRST(R2) 02FE 0014 · 0300 74F6 LDA R6, R15(R5) 0302 0500 0304 0D65 OR6, #PALSE LD 0306 0000 0308 5E08 ELSE ! PREEMPT IT ! 030A 030E" 030C A930 INC R 3 FI 030E AB40 R4 DEC 0310 0B04 CP R4, #0 0312 0000 IF EQ !ALL VP'S VERIFIED! 0314 5E0E THEN 0316 031C' 0318 5E08 EXIT FROM CHECK\_RDY\_LIST 031A 0324" FI ! GET NEXT AP IN READY LIST ! 031C 6110 LD RO, APT. AP.NEXT\_AP(R1) 031E 0020" 0320 A101 R1, R0 LD 0322 E8DF OD !END CHECK\_RDY\_LIST! ! SET NECESSARY PREEMPTS ! 0324 6124 LD R4, APT.VP.NR\_VP(R2) 0326 0010\* 0328 6121 R1, APT.VP.FIRST(R2) LD 032A 0014" SEND\_PREEMPT: DO 032C 97F0 RO, @R15 POP ! CHECK TEMPLATE ! 032E 0B00 CP RO, #TRUE 0330 0001 IF EQ ICAN BE PREEMPTED!

| 0336 0B03       CP       R3, #0         0338 0000       IF GT !PREEMPTS REQUIRED!         033A 5E02       THEN !PREEMPT IT!         033C 0350*       !SAVE ARGUMENTS!         033E 9351       PUSH @B15, R1         0340 91F2       PUSH @B15, R2         0342 93F4       PUSH @B15, R4         0344 5F00       CALL SET_PREEMPT         0346 0000*       !R1: VP ID!         !RESTORE ARGUMENTS !         0348 97F4       POP R4, @R15         0344 97F4       POP R4, @R15         0344 97F1       POP R1, @R15         0342 93F1       INC F1, #2         0342 97F1       POP R4, @R15         0344 B30       DEC R3         FI       POP R4, @R15         0352 AB40       DEC R4         0354 0B04       CP R4, #0         0355 0000       IF EQ !STACK RESTORED!         0358 5E0E       THEN         0350       OJ !END SEND_PREEMPT!         0360 F8E5       OD !END PREEMPT_CHECK!         0360 F8E5       OD !END PREMPT_CHECK!         0364 E8A8       OD !END PREMPT_CHECK!         0364 E8A8       OD !END PREMPT_CHECK!         0364 E8A8       OD !END PREMPT_CHECK!         0366 7604                                 | 0332 5E0E<br>0334 0350 |                                   |
|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------|-----------------------------------|
| 033A 5E02       THEN !PREEMPT IT!         033C 0350'       !SAVE ARGUMENTS!         0340 91F2       PUSH @R15, R1         0340 91F2       PUSH @R15, R2         0342 93F4       PUSH @R15, R4         0344 5F00       CALL SET_PREEMPT         0346 0000*       !R1: VP ID!         !R1: VP ID!       !RESTORE ARGUMENTS !         0348 97F4       POP R4, @R15         0344 95F2       POPL RR2, @R15         0342 03F1       POP R1, @R15         0344 AB30       DEC R3         FI       POP R1, @R15         0350 A911       INC P1, #2         0354 0804       CP R4, #0         0355 0000       IF EQ !STACK RESTORED!         0356 0000       IF EQ !STACK RESTORED!         0358 5E0E       OD !END SEND_PREEMPT!         0350 0362'       FI         0360 E8E5       OD !END SEND_PREEMPT!         0360 E8E5       OD !END PREEMPT_CHECK!         0364 E8A8       OD !END PREEMPT_CHECK!         0364 E8A8       OD !END PREEMPT_CHECK!         0364 67604       LDA R4, APT.LOCK         0366 7604       LDA R4, APT.LOCK         0366 7604       LD R0, #SUCCEEDED         0370 0002       FI         <                   |                        |                                   |
| 033C 0350"<br>1 SAVE ARGUMENTS!<br>0340 91F2<br>0342 93F4<br>0344 5F00<br>0346 0000*<br>1 RESTORE ARGUMENTS !<br>0348 97F4<br>0348 97F4<br>0344 95F2<br>0348 97F1<br>0348 97F1<br>0348 97F1<br>0348 97F1<br>0348 97F1<br>0349 95F2<br>0349 95F2<br>0349 95F2<br>0340 95F2<br>0340 95F2<br>0340 POP<br>FI<br>0350 A911<br>INC F1, #2<br>0352 A840<br>DEC R4<br>0354 0B04<br>CP R4, #0<br>0356 0000<br>IF EQ ISTACK RESTORED!<br>0358 5E0E<br>0358 5E0E<br>0358 5E08<br>EXIT<br>0360 F8E5<br>0D IEND SEND_PREEMPT!<br>I CHECK NEXT READY LIST !<br>0362 A921<br>INC R2, #2<br>0364 E8A8<br>0D IEND PREEMPT_CHECK!<br>I UNLOCK APT !<br>0366 7604<br>DAR R4, APT.LOCK<br>0366 7604<br>DAR R4, APT.LOCK<br>0366 2100<br>0370 0002<br>FI<br>0372 010F<br>ADD R15, #SIZEOF TEMP<br>0376 9E08 RET                                                                                                                                                                                                                                                                                                                                           |                        | IF GT !PREEMPTS REQUIRED!         |
| ! SAVE ARGUMENTS!         0340 91F2         0342 93F4         0344 91F2         0344 91F2         0342 93F4         0344 5F00         0346 0000*         !R1: VP ID!         !R1: VP IR2, @R15         0346 97F1         DOP R1, @R15         0355 0000         IF EQ !STACK RESTORED!         0356 0000         IF EQ !STACK RESTORED!         0360 E8E5       OD !END SEND_PREEMPT!         0360 E8E5       OD !END SEND_PREEMPT_CHECK!         !UNLOCK APT !         0366 7604       LDA R4, APT.LOCK         0366                                                                                                                                                                            | 033A 5E02              | THEN !PREEMPT IT!                 |
| 033E 93F1       PUSH @E15, R1         0340 91F2       PUSH @R15, RE2         0342 93F4       PUSH @R15, RE2         0344 5F00       CALL SET_PREEMPT         0346 0000*       'R1: VP ID!         'R1: VP ID!       'RESTORE ARGUMENTS !         0348 97F4       POP R4, @R15         0344 95F2       POPL RR2, @R15         0342 97F1       POP R1, @R15         0342 93F1       INC F1, #2         0342 93F1       DEC R3         PI       FI         0345 0804       CP R4, #0         0354 0804       CP R4, #0         0355 0362'       FI         0360 E8E5       OD !END SEND_PREEMPT!         0360 E8E5       OD !END SEND_PREEMPT!         0366 7604       LDA R4, APT.LOCK         0368 0000'       CALL K_UNLOCK         0368 0000'       CALL K_UNLOCK         0368 0000'       CALL K_UNLOCK         0366 7604       LDA R4, APT.LOCK         0368 2100       LD R0, #SUCCEEDED         0370 0002       FI         : RESTORE STACK !         0372 010F       ADD R15, #SIZEOF TEMP         0374 0920       ADD R15, #SIZEOF TEMP                                                                                        | 033C 0350'             |                                   |
| 0342 93F4<br>0344 5F00<br>0346 0000*<br>PUSH @R15, R4<br>CALL SET_PREEMPT<br>0346 0000*<br>PI<br>POP R4, @R15<br>0348 97F4<br>90P R4, @R15<br>0344 95F2<br>90PL RR2, @R15<br>934C 97F1<br>90P R1, @R15<br>934C 97F1<br>90P R1, @R15<br>934C 97F1<br>90P R1, @R15<br>9352 AB40<br>9EC R3<br>PI<br>FI<br>0350 A911<br>INC F1, #2<br>0352 AB40<br>9EC R4<br>0354 0B04<br>CP R4, #0<br>0356 0000<br>IF EQ !STACK RESTORED!<br>0358 5E0E<br>01 !END SEND_PREEMPT!<br>1 CHECK NEXT READY LIST !<br>0360 E8E5<br>0D !END SEND_PREEMPT!<br>1 CHECK NEXT READY LIST !<br>0362 A921<br>INC R2, #2<br>0364 E8A8<br>0D !END PREEMPT_CHECK!<br>! UNLOCK APT !<br>0366 7604<br>1DA R4, APT.LOCK<br>0368 0000'<br>036A 5F00<br>036A 5F00<br>036C 2100<br>1D R0, #SUCCEEDED<br>0370 0002<br>FI<br>: RESTORE STACK !<br>0372 010F<br>0374 0012<br>0376 9E08 RET                                                                                                                                                                                                                                                                                       |                        | ISAVE ARGUMENTS!                  |
| 0342 93F4<br>0344 5F00<br>0346 0000*<br>PUSH @R15, R4<br>CALL SET_PREEMPT<br>0346 0000*<br>PI<br>POP R4, @R15<br>0348 97F4<br>90P R4, @R15<br>0344 95F2<br>90PL RR2, @R15<br>934C 97F1<br>90P R1, @R15<br>934C 97F1<br>90P R1, @R15<br>934C 97F1<br>90P R1, @R15<br>9352 AB40<br>9EC R3<br>PI<br>FI<br>0350 A911<br>INC F1, #2<br>0352 AB40<br>9EC R4<br>0354 0B04<br>CP R4, #0<br>0356 0000<br>IF EQ !STACK RESTORED!<br>0358 5E0E<br>01 !END SEND_PREEMPT!<br>1 CHECK NEXT READY LIST !<br>0360 E8E5<br>0D !END SEND_PREEMPT!<br>1 CHECK NEXT READY LIST !<br>0362 A921<br>INC R2, #2<br>0364 E8A8<br>0D !END PREEMPT_CHECK!<br>! UNLOCK APT !<br>0366 7604<br>1DA R4, APT.LOCK<br>0368 0000'<br>036A 5F00<br>036A 5F00<br>036C 2100<br>1D R0, #SUCCEEDED<br>0370 0002<br>FI<br>: RESTORE STACK !<br>0372 010F<br>0374 0012<br>0376 9E08 RET                                                                                                                                                                                                                                                                                       | 033E 93F1              | PUSH ORIS, RI                     |
| 0344 5F00       CALL SET_PREEMPT         0346 0000*       !R1: VP ID!         !R1: VP ID!       !Restore Arguments !         0348 97F4       POP R4, @R15         0348 97F1       POP R4, @R15         0342 97F1       POP R1, @R15         0350 A911       INC R1, #2         0352 AB40       DEC R4         0354 0B04       CP R4, #0         0356 0000       IF EQ !STACK RESTORED!         0358 5E0E       OD !END SEND_PREEMPT!         0358 5E0E       OD !END SEND_PREEMPT!         0356 0362'       FI         0360 E8E5       OD !END SEND_PREEMPT!         0362 A921       INC R2, #2         0364 E8A8       OD !END PREEMPT_CHECK!         ! UNLOCK APT !       0366 7604         0366 7604       LDA R4, APT.LOCK         0368 0000'       INC R2, #SUCCEES CODE !         0366 2100       LD R0, #SUCCEED ED         0370 0002       FI         ! RESTORE STACK !         0372 010F       ADD R15, #SIZEOF TEMP         0374 0012       0376 9E08       RET <td>0340 9182</td> <td>PUSHL OKIS, RHZ</td> | 0340 9182              | PUSHL OKIS, RHZ                   |
| 0346 0000*<br>!R1: VP ID!<br>! RESTORE ARGUMENTS !<br>0348 97F4<br>0344 95F2<br>0344 95F2<br>0342 AB30<br>POPL RR2, @R15<br>0345 AB30<br>PEC R3<br>PI<br>FI<br>0350 A911<br>INC E1, #2<br>0352 AB40<br>0356 0000<br>IF EQ !STACK RESTORED!<br>0358 5E0E<br>0358 5E0E<br>0358 5E0E<br>0356 0362'<br>FI<br>0360 E8E5<br>0D !END SEND_PREEMPT!<br>! CHECK NEXT READY LIST !<br>0362 A921<br>0364 E8A8<br>0D !END PREEMPT_CHECK!<br>! UNLOCK APT !<br>0366 7604<br>0366 7604<br>0366 7604<br>0366 7604<br>1DA R4, APT.LOCK<br>0366 7604<br>0366 7604<br>0366 7604<br>IDA R4, APT.LOCK<br>0366 7604<br>IDA R4, APT.LOCK<br>0366 7604<br>IDA R4, SUCCESS CODE !<br>0366 2100<br>0370 0002<br>FI<br>: RESTORE STACK !<br>0372 010F<br>0374 0012<br>0376 9E08<br>RET                                                                                                                                                                                                                                                                                                                                                                         |                        | PUSH OKID, K4<br>Call cem dreemen |
| <pre>!R1: VP ID!<br/>! RESTORE ARGUMENTS !<br/>90348 97F4 POP R4, @R15<br/>034A 95F2 POPL RR2, @R15<br/>034C 97F1 POP R1, @R15<br/>034E AB30 DEC R3<br/>FI<br/>0350 A911 INC P1, #2<br/>0352 AB40 DEC R4<br/>0354 0B04 CP R4, #0<br/>0356 0000 IF EQ !STACK RESTORED!<br/>0358 5E0E THEN<br/>0358 5E0E THEN<br/>0350 A960'<br/>035C 5E08 EXIT<br/>0360 E8E5 OD !END SEND_PREEMPT!<br/>! CHECK NEXT READY LIST !<br/>0362 A921 INC R2, #2<br/>0364 E8A8 OD !END PREEMPT_CHECK!<br/>! UNLOCK APT !<br/>0366 7604 LDA R4, APT.LOCK<br/>0368 0000'<br/>036A 5F00 CALL K_UNLOCK<br/>036C 0000*<br/>! RESTORE SUCCESS CODE !<br/>036E 2100 LD R0, #SUCCEEDED<br/>0370 0002<br/>FI<br/>: RESTORE STACK !<br/>0372 010F ADD R15, #SIZEOF TEMP<br/>0374 0012<br/>0376 9E08 RET</pre>                                                                                                                                                                                                                                                                                                                                                          |                        |                                   |
| 0350 A911       INC E1, #2         0352 AB40       DEC E4         0354 0B04       CP R4, #0         0356 0000       IF EQ !STACK RESTORED!         0358 5E0E       THEN         0352 A0360*       EXIT         0355 0362*       FI         0360 E8E5       OD !END SEND_PREEMPT!         0362 A921       INC R2, #2         0364 E8A8       OD !END PREEMPT_CHECK!         !UNLOCK APT !         0366 7604       LDA R4, APT.LOCK         0368 0000*       CALL K_UNLOCK         0366 2100       LD R0, #SUCCESS CODE !         0366 2100       LD R0, #SUCCEEDED         0370 0002       FI         : RESTORE STACK !         0372 010F       ADD R15, #SIZEOF TEMP         0374 0012       RET                                                                                                                                                                                                                                                                                                                                                                                                                                     | 0346 0000#             |                                   |
| 0350 A911       INC E1, #2         0352 AB40       DEC E4         0354 0B04       CP R4, #0         0356 0000       IF EQ !STACK RESTORED!         0358 5E0E       THEN         0352 A0360*       EXIT         0355 0362*       FI         0360 E8E5       OD !END SEND_PREEMPT!         0362 A921       INC R2, #2         0364 E8A8       OD !END PREEMPT_CHECK!         !UNLOCK APT !         0366 7604       LDA R4, APT.LOCK         0368 0000*       CALL K_UNLOCK         0366 2100       LD R0, #SUCCESS CODE !         0366 2100       LD R0, #SUCCEEDED         0370 0002       FI         : RESTORE STACK !         0372 010F       ADD R15, #SIZEOF TEMP         0374 0012       RET                                                                                                                                                                                                                                                                                                                                                                                                                                     |                        | I DREMORE ADEUNENME I             |
| 0350 A911       INC E1, #2         0352 AB40       DEC E4         0354 0B04       CP R4, #0         0356 0000       IF EQ !STACK RESTORED!         0358 5E0E       THEN         0352 A0360*       EXIT         0355 0362*       FI         0360 E8E5       OD !END SEND_PREEMPT!         0362 A921       INC R2, #2         0364 E8A8       OD !END PREEMPT_CHECK!         !UNLOCK APT !         0366 7604       LDA R4, APT.LOCK         0368 0000*       CALL K_UNLOCK         0366 2100       LD R0, #SUCCESS CODE !         0366 2100       LD R0, #SUCCEEDED         0370 0002       FI         : RESTORE STACK !         0372 010F       ADD R15, #SIZEOF TEMP         0374 0012       RET                                                                                                                                                                                                                                                                                                                                                                                                                                     | 02119 0721             | ESTORE ARGUMENTS :                |
| 0350 A911       INC E1, #2         0352 AB40       DEC E4         0354 0B04       CP R4, #0         0356 0000       IF EQ !STACK RESTORED!         0358 5E0E       THEN         0352 A0360*       EXIT         0355 0362*       FI         0360 E8E5       OD !END SEND_PREEMPT!         0362 A921       INC R2, #2         0364 E8A8       OD !END PREEMPT_CHECK!         !UNLOCK APT !         0366 7604       LDA R4, APT.LOCK         0368 0000*       CALL K_UNLOCK         0366 2100       LD R0, #SUCCESS CODE !         0366 2100       LD R0, #SUCCEEDED         0370 0002       FI         : RESTORE STACK !         0372 010F       ADD R15, #SIZEOF TEMP         0374 0012       RET                                                                                                                                                                                                                                                                                                                                                                                                                                     | 0340 5714              | דטר בקי שמוס<br>בסס זמסס          |
| 0350 A911       INC E1, #2         0352 AB40       DEC E4         0354 0B04       CP R4, #0         0356 0000       IF EQ !STACK RESTORED!         0358 5E0E       THEN         0352 A0360*       EXIT         0355 0362*       FI         0360 E8E5       OD !END SEND_PREEMPT!         0362 A921       INC R2, #2         0364 E8A8       OD !END PREEMPT_CHECK!         !UNLOCK APT !         0366 7604       LDA R4, APT.LOCK         0368 0000*       CALL K_UNLOCK         0366 2100       LD R0, #SUCCESS CODE !         0366 2100       LD R0, #SUCCEEDED         0370 0002       FI         : RESTORE STACK !         0372 010F       ADD R15, #SIZEOF TEMP         0374 0012       RET                                                                                                                                                                                                                                                                                                                                                                                                                                     | 034A 33F2              |                                   |
| 0350 A911       INC E1, #2         0352 AB40       DEC E4         0354 0B04       CP R4, #0         0356 0000       IF EQ !STACK RESTORED!         0358 5E0E       THEN         0352 A0360*       EXIT         0355 0362*       FI         0360 E8E5       OD !END SEND_PREEMPT!         0362 A921       INC R2, #2         0364 E8A8       OD !END PREEMPT_CHECK!         !UNLOCK APT !         0366 7604       LDA R4, APT.LOCK         0368 0000*       CALL K_UNLOCK         0366 2100       LD R0, #SUCCESS CODE !         0366 2100       LD R0, #SUCCEEDED         0370 0002       FI         : RESTORE STACK !         0372 010F       ADD R15, #SIZEOF TEMP         0374 0012       RET                                                                                                                                                                                                                                                                                                                                                                                                                                     | 0340 3711              | DEC P3                            |
| 0350 A911       INC E1, #2         0352 AB40       DEC E4         0354 0B04       CP R4, #0         0356 0000       IF EQ !STACK RESTORED!         0358 5E0E       THEN         0352 A0360*       EXIT         0355 0362*       FI         0360 E8E5       OD !END SEND_PREEMPT!         0362 A921       INC R2, #2         0364 E8A8       OD !END PREEMPT_CHECK!         !UNLOCK APT !         0366 7604       LDA R4, APT.LOCK         0368 0000*       CALL K_UNLOCK         0366 2100       LD R0, #SUCCESS CODE !         0366 2100       LD R0, #SUCCEEDED         0370 0002       FI         : RESTORE STACK !         0372 010F       ADD R15, #SIZEOF TEMP         0374 0012       RET                                                                                                                                                                                                                                                                                                                                                                                                                                     | 034E ADSU              |                                   |
| 0350 A911       INC E1, #2         0352 AB40       DEC E4         0354 0B04       CP R4, #0         0356 0000       IF EQ !STACK RESTORED!         0358 5E0E       THEN         0352 A0360*       EXIT         0355 0362*       FI         0360 E8E5       OD !END SEND_PREEMPT!         0362 A921       INC R2, #2         0364 E8A8       OD !END PREEMPT_CHECK!         !UNLOCK APT !         0366 7604       LDA R4, APT.LOCK         0368 0000*       CALL K_UNLOCK         0366 2100       LD R0, #SUCCESS CODE !         0366 2100       LD R0, #SUCCEEDED         0370 0002       FI         : RESTORE STACK !         0372 010F       ADD R15, #SIZEOF TEMP         0374 0012       RET                                                                                                                                                                                                                                                                                                                                                                                                                                     |                        | PT                                |
| 0354 0B04       CP       R4, #0         0356 0000       IF EQ !STACK RESTORED!         0358 5E0E       THEN         035A 0360'       EXIT         035C 5E08       EXIT         035C 0362'       FI         0360 E8E5       OD !END SEND_PREEMPT!         !       CHECK NEXT READY LIST !         0362 A921       INC R2, #2         0364 E8A8       OD !END PREEMPT_CHECK!         !       UNLOCK APT !         0366 7604       LDA R4, APT.LOCK         0368 0000'       CALL K_UNLOCK         0366 2100       LD R0, #SUCCESS CODE !         036E 2100       LD R0, #SUCCEEDED         0370 0002       FI         !       RESTORE STACK !         0372 010F       ADD R15, #SIZEOF TEMP         0374 0012       0376 9E08                                                                                                                                                                                                                                                                                                                                                                                                          | 0350 1911              | TNC P1. #2                        |
| 0354 0B04       CP       R4, #0         0356 0000       IF EQ !STACK RESTORED!         0358 5E0E       THEN         035A 0360'       EXIT         035C 5E08       EXIT         035C 0362'       FI         0360 E8E5       OD !END SEND_PREEMPT!         !       CHECK NEXT READY LIST !         0362 A921       INC R2, #2         0364 E8A8       OD !END PREEMPT_CHECK!         !       UNLOCK APT !         0366 7604       LDA R4, APT.LOCK         0368 0000'       CALL K_UNLOCK         0366 2100       LD R0, #SUCCESS CODE !         036E 2100       LD R0, #SUCCEEDED         0370 0002       FI         !       RESTORE STACK !         0372 010F       ADD R15, #SIZEOF TEMP         0374 0012       0376 9E08                                                                                                                                                                                                                                                                                                                                                                                                          | 0352 1840              | DEC R4                            |
| 0356 0000       IF EQ !STACK RESTORED!         0358 5E0E       THEN         035A 0360'       EXIT         035C 5E08       EXIT         035C 0362'       FI         0360 E8E5       OD !END SEND_PREEMPT!         0362 A921       INC R2, #2         0364 E8A8       OD !END PREEMPT_CHECK!         !UNLOCK APT !         0366 7604       LDA R4, APT.LOCK         0368 0000'         0364 5F00         CALL K_UNLOCK         936C 0000*         !RESTORE SUCCESS CODE !         036E 2100         LD R0, #SUCCEEDED         0370 0002         FI         !RESTORE STACK !         0372 010F       ADD R15, #SIZEOF TEMP         0374 0012       0376 9E08                                                                                                                                                                                                                                                                                                                                                                                                                                                                            | 0354 0B04              |                                   |
| IF EQ !STACK RESTORED!         0358 5E0E       THEN         035A 0360'       EXIT         035C 5E08       EXIT         035E 0362'       FI         0360 E8E5       OD !END SEND_PREEMPT!         0362 A921       INC R2, #2         0364 E8A8       OD !END PREEMPT_CHECK!         ! UNLOCK APT !         0366 7604       LDA R4, APT.LOCK         0368 0000'         0362 A900'         CALL K_UNLOCK         0362 2100         LD R0, #SUCCESS CODE !         036E 2100         LD R0, #SUCCEEDED         0370 0002         FI         : RESTORE STACK !         0372 010F         ADD R15, #SIZEOF TEMP         0374 0012         0376 9E08       RET                                                                                                                                                                                                                                                                                                                                                                                                                                                                             | 0356 0000              |                                   |
| 0358 5E0E THEN<br>035A 0360'<br>035C 5E08 EXIT<br>0360 E8E5 OD !END SEND_PREEMPT!<br>! CHECK NEXT READY LIST !<br>0362 A921 INC R2, #2<br>0364 E8A8 OD !END PREEMPT_CHECK!<br>! UNLOCK APT !<br>0366 7604 LDA R4, APT.LOCK<br>0368 0000'<br>036A 5F00 CALL K_UNLOCK<br>036E 2100 LD R0, #SUCCESS CODE !<br>036E 2100 LD R0, #SUCCEDED<br>0370 0002<br>FI<br>! RESTORE STACK !<br>0372 010F ADD R15, #SIZEOF TEMP<br>0374 0012<br>0376 9E08 RET                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       | 0550 0000              | TE EO ISTACK RESTORED!            |
| 035A 0360'<br>035C 5E08 EXIT<br>0360 E8E5 OD !END SEND_PREEMPT!<br>! CHECK NEXT READY LIST !<br>0362 A921 INC R2, #2<br>0364 E8A8 OD !END PREEMPT_CHECK!<br>! UNLOCK APT !<br>0366 7604 LDA R4, APT.LOCK<br>0368 0000'<br>036A 5F00 CALL K_UNLOCK<br>036C 0000* ! RESTORE SUCCESS CODE !<br>036E 2100 LD R0, #SUCCEEDED<br>0370 0002 FI<br>: RESTORE STACK !<br>0372 010F ADD R15, #SIZEOF TEMP<br>0374 0012<br>0376 9E08 RET                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        | 0358 5E0E              | THEN                              |
| 035C 5E08 EXIT<br>0360 E8E5 OD !END SEND_PREEMPT!<br>1 CHECK NEXT READY LIST !<br>0362 A921 INC R2, #2<br>0364 E8A8 OD !END PREEMPT_CHECK!<br>! UNLOCK APT !<br>0366 7604 LDA R4, APT.LOCK<br>0368 0000*<br>036A 5F00 CALL K_UNLOCK<br>036C 0000*<br>! RESTORE SUCCESS CODE !<br>036E 2100 LD R0, #SUCCEEDED<br>0370 0002<br>FI<br>! RESTORE STACK !<br>0372 010F ADD R15, #SIZEOF TEMP<br>0374 0012<br>0376 9E08 RET                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |                        |                                   |
| 035E       0362*         FI       0360       E8E5       OD !END SEND_PREEMPT!         !       CHECK NEXT READY LIST !         0362       A921       INC       R2, #2         0364       E8A8       OD !END PREEMPT_CHECK!       !         0366       7604       LDA       R4, APT.LOCK         0368       000*       CALL       K_UNLOCK         0366       000*       !       RESTORE SUCCESS CODE !         0366       2100       LD       R0, #SUCCEEDED         0370       0002       FI       !         FI       !       RESTORE STACK !         0372       010F       ADD       R15, #SIZEOF TEMP         0374       0012       0376       9E08                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |                        | EXTT                              |
| FI       OD !END SEND_PREEMPT!         0360 E8E5       OD !END SEND_PREEMPT!         ! CHECK NEXT READY LIST !         0362 A921       INC R2, #2         0364 E8A8       OD !END PREEMPT_CHECK!         ! UNLOCK APT !         0366 7604       LDA R4, APT.LOCK         0368 0000*         036A 5F00         CALL K_UNLOCK         036C 0000*         ! RESTORE SUCCESS CODE !         036E 2100       LD R0, #SUCCEEDED         0370 0002         FI         ! RESTORE STACK !         0372 010F         ADD R15, #SIZEOF TEMP         0374 0012         0376 9E08                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 |                        | 14 63 AL &                        |
| 0360 E8E5       OD !END SEND_PREEMPT!         ! CHECK NEXT READY LIST !         0362 A921       INC R2, #2         0364 E8A8       OD !END PREEMPT_CHECK!         ! UNLOCK APT !         0366 7604       LDA R4, APT.LOCK         0368 0000*         0366 7604       LDA R4, APT.LOCK         0368 0000*       CALL K_UNLOCK         0366 2100       LD R0, #SUCCESS CODE !         036E 2100       LD R0, #SUCCEEDED         0370 0002       FI         ! RESTORE STACK !         0372 010F       ADD R15, #SIZEOF TEMP         0374 0012       RET                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 |                        | FT                                |
| ! CHECK NEXT READY LIST !         0362 A921       INC R2, #2         0364 E8A8       OD !END PREEMPT_CHECK!         ! UNLOCK APT !         0366 7604       LDA R4, APT.LOCK         0368 0000*         036A 5F00         036C 0000*         ! RESTORE SUCCESS CODE !         036E 2100         LD R0, #SUCCEEDED         0370 0002         FI         ! RESTORE STACK !         0372 010F         ADD R15, #SIZEOF TEMP         0374 0012         0376 9E08                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          | 0360 E8E5              |                                   |
| 0362 A921 INC R2, #2<br>0364 E8A8 OD !END PREEMPT_CHECK!<br>! UNLOCK APT !<br>0366 7604 LDA R4, APT.LOCK<br>0368 0000*<br>036A 5F00 CALL K_UNLOCK<br>036C 0000*<br>! RESTORE SUCCESS CODE !<br>036E 2100 LD R0, #SUCCEEDED<br>0370 0002<br>FI<br>! RESTORE STACK !<br>0372 010F ADD R15, #SIZEOF TEMP<br>0374 0012<br>0376 9E08 RET                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  |                        |                                   |
| 0364 E8A8       OD !END PREEMPT_CHECK!         ! UNLOCK APT !         0366 7604       LDA R4, APT.LOCK         0368 0000*         036A 5F00       CALL K_UNLOCK         036C 0000*       ! RESTORE SUCCESS CODE !         036E 2100       LD R0, #SUCCEEDED         0370 0002       FI         ! RESTORE STACK !         0372 010F       ADD R15, #SIZEOF TEMP         0374 0012         0376 9E08       RET                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         |                        |                                   |
| ! UNLOCK APT !<br>0366 7604 LDA R4, APT.LOCK<br>0368 0000*<br>036A 5F00 CALL K_UNLOCK<br>036C 0000*<br>! RESTORE SUCCESS CODE !<br>036E 2100 LD R0, #SUCCEEDED<br>0370 0002<br>FI<br>! RESTORE STACK !<br>0372 010F ADD R15, #SIZEOF TEMP<br>0374 0012<br>0376 9E08 RET                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |                        |                                   |
| 0368 0000*<br>036A 5F00<br>036C 0000*<br>! RESTORE SUCCESS CODE !<br>036E 2100<br>0370 0002<br>FI<br>! RESTORE STACK !<br>0372 010F<br>0374 0012<br>0376 9E08<br>RET                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 |                        |                                   |
| 036A 5F00<br>036C 0000*<br>! RESTORE SUCCESS CODE !<br>036E 2100<br>0370 0002<br>FI<br>! RESTORE STACK !<br>0372 010F<br>ADD<br>R15, #SIZEOF TEMP<br>0374 0012<br>0376 9E08<br>RET                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   | 0366 7604              | LDA R4, APT.LOCK                  |
| 036C 0000*<br>! RESTORE SUCCESS CODE !<br>036E 2100<br>0370 0002<br>FI<br>! RESTORE STACK !<br>0372 010F<br>ADD R15, #SIZEOF TEMP<br>0374 0012<br>0376 9E08<br>RET                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   | 0368 0000*             | ·                                 |
| 036C 0000*<br>! RESTORE SUCCESS CODE !<br>036E 2100<br>LD R0, #SUCCEEDED<br>0370 0002<br>FI<br>! RESTORE STACK !<br>0372 010F<br>ADD R15, #SIZEOF TEMP<br>0374 0012<br>0376 9E08<br>RET                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              | 036A 5F00              | CALL K UNLOCK                     |
| 036E 2100<br>0370 0002<br>FI<br>: RESTORE STACK :<br>0372 010F<br>0374 0012<br>0376 9E08<br>RET                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      | 036C 0000*             |                                   |
| 0370 0002<br>FI<br>! RESTORE STACK !<br>0372 010F ADD R15, #SIZEOF TEMP<br>0374 0012<br>0376 9E08 RET                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |                        | ! RESTORE SUCCESS CODE !          |
| FI<br>! RESTORE STACK !<br>0372 010F ADD R15, #SIZEOF TEMP<br>0374 0012<br>0376 9E08 RET                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             | 036E 2100              | LD RO, #SUCCEEDED                 |
| ! RESTORE STACK !<br>0372 010F ADD R15, #SIZEOF TEMP<br>0374 0012<br>0376 9E08 RET                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   | 0370 0002              |                                   |
| 0372 010F ADD R15, #SIZEOF TEMP<br>0374 0012<br>0376 9E08 RET                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        |                        |                                   |
| 0374 0012<br>0376 9E08 RET                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           |                        |                                   |
| 0376 9E08 RET                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        |                        | ADD R15, #SIZEOF TEMP             |
|                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      |                        |                                   |
| 0378 END TC_ADVANCE                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  |                        |                                   |
|                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      | 0378                   | END TC_ADVANCE                    |

| 0.770            |                                                            |
|------------------|------------------------------------------------------------|
| 0378             | TC_AWAIT PROCEDURE<br>************************************ |
|                  |                                                            |
|                  | * CHECKS USER SPECIFIED VALUE *                            |
|                  | * AGAINST CURRENT EVENTCOUNT *                             |
|                  | * VALUE. IF USER VALUE IS LESS *                           |
|                  | * THAN OR EQUAL EVENTCOUNT THEN*                           |
|                  | * CONTROL IS RETURNED TO USER. *                           |
|                  | * ELSE USER IS BLOCKED UNTIL *                             |
|                  | * EVENT OCCURRENCE. *                                      |
|                  | *****                                                      |
|                  | * PARAMETERS: *                                            |
|                  | * R1: HANDLE POINTER *                                     |
|                  | * R2: INSTANCE (EVENT #) *                                 |
|                  | * RR4: SPECIFIED VALUE *                                   |
|                  | ******                                                     |
|                  | * RETURNS: *                                               |
|                  | * RO: SUCCESS CODE *                                       |
|                  | ***                                                        |
|                  |                                                            |
|                  | ENTRY                                                      |
|                  | ! ESTABLISH STACK FRAME FOR                                |
|                  | TEMPORARY VARIABLES. !                                     |
| 0279 030F        | SUB R15, #SIZEOF FEMP                                      |
| 037A 0012        |                                                            |
| 0374 0012        | ! SAVE INPUT PARAMETERS !                                  |
| 0.070 (PP4       |                                                            |
| 037C BFF1        | LD TEMP.HANDLE_PTR(R15), R1                                |
| 037E 0000        |                                                            |
| 0380 6FF2        | LD TEMP.EVENT_NR(R15), R2                                  |
| 0382 0002        |                                                            |
| 0384 5DF4        | LDL TEMP.EVENT_VAL (R15), RR4                              |
| 0386 0004        |                                                            |
|                  | ! LOCK APT !                                               |
| 0388 7604        | LDA R4, APT.LOCK                                           |
| 038A 0000"       |                                                            |
| 038C 5F00        | CALL K_LOCK                                                |
| 038E 0000*       |                                                            |
|                  | ! RETURNS WHEN APT IS LOCKED !                             |
|                  | ! GET CURRENT EVENTCOUNT !                                 |
| 0390 5F00        |                                                            |
| 0392 0000*       |                                                            |
|                  | !R1:HANDLE POINTER                                         |
|                  | R2: INSTANCE                                               |
|                  | RETURNS:                                                   |
|                  | RO:SUCCESS_CODE                                            |
|                  | RR4: EVENTCOUNT!                                           |
| 0394 OB00        | CP RO, #SUCCEEDED                                          |
| 0396 0002        |                                                            |
|                  | IF EQ THEN                                                 |
| 0398 5E0E        | -                                                          |
| 039A 0440*       | : DETERMINE IF REQUESTED EVENT                             |
|                  | HAS OCCURRED !                                             |
|                  |                                                            |
| 039C 54F6        | The wwo' lensergar arrivel                                 |
| 039E 0004        |                                                            |
| <b>03A0</b> 9046 | CPL RR6, RR4                                               |
|                  | 201                                                        |
|                  | - 281 -                                                    |

|       |                | IF GT !EVENT HAS NOT OCCUERED!              |
|-------|----------------|---------------------------------------------|
| 0342  | 5E02           | THEN !BLOCK PROCESS!                        |
|       | 0440*          |                                             |
| 0.744 | 0440           | ! IDENTIFY PROCESS !                        |
| 0316  | 5F00           | CALL RUNNING_VP !RETURNS:                   |
|       | *0000          | CALL ROBATHS_VE .ALIONAS.                   |
| ODAO  | 0000+          | R1:VP ID                                    |
|       |                | R3:CPU #!                                   |
|       |                |                                             |
|       | (              | ! SAVE RETURN VARIABLES !                   |
|       | 6FF1           | LD TEMP.ID_VP(R15), R1                      |
|       | 0008           |                                             |
|       | 6FF3           | LD TEMP.CPU_NUM (R15), R3                   |
|       | <b>A 0 0 0</b> |                                             |
|       | 6118           | LD R8, APT.RUNNING_LIST(R1)                 |
| 03B4  | 0002           |                                             |
|       |                | ! RESTORE REMAINING ARGUMENTS !             |
| 03B6  | 61F2           | LD R2, TEMP.EVENT_NR(R15)                   |
| 03B8  | 0002           |                                             |
| 03BA  | 61F1           | LD R1, TEMP.HANDLE_PTR (R15)                |
| 03BC  | 0000           |                                             |
|       |                | ! SAVE EVENT DATA !                         |
| 03BE  | 5414           | LDL RR4, HANDLE_VAL.HIGH(R1)                |
|       | 0000           |                                             |
| 03C2  |                | LDL APT.AP.HANDLE(R8), RR4                  |
|       | 0030           |                                             |
|       | 6114           | LD R4, HANDLE_VAL.LOW(R1)                   |
|       | 0004           |                                             |
|       | 6F84           | LD APT.AP.HANDLE[2](38), R4                 |
|       | 0034           | $LD \qquad \text{AFI-AF-HANDLE}[2](20), 14$ |
|       | 6F82           | LD APT.AP.INSTANCE (R8), R2                 |
|       | 0036           | LD API.AP.INSTANCE (AO), AZ                 |
|       | 54F6           | זהי האם מעדאים מעדיים לאונים 15 א           |
|       |                | LDL RR6, TEMP.EVENT_VAL (R15)               |
|       | 0004           |                                             |
|       | 5D86           | LDL APT. AP. VALUE (R8), RR6                |
| 0308  | 0038           |                                             |
|       |                | ? REMOVE PROCESS FROM READY LIST !          |
|       | 6131           | LD R1, APT. AP. APFINITY (R8)               |
|       | 002C*          |                                             |
|       | 6112           | LD R2, APT.READY_LIST (R1)                  |
| 03E0  | 0006'          |                                             |
|       |                | ! SEE IF PROCESS IS FIRST                   |
|       |                | ENTRY IN READY LIST !                       |
| 03E2  | 8862           | CP R2, R8                                   |
|       |                | IF EQ !INSERT NEW READY LIST HEAD!          |
| 03E4  | 5E0E           | THEN                                        |
| 03E6  | 03F4'          |                                             |
| 03E8  | 6183           | LD R3, APT.AP.NEXT_AP(R8)                   |
| 03EA  | 0020           | -                                           |
| 03EC  | 6F13           | LD APT.READY_LIST(E1), R3                   |
|       | 0006 •         |                                             |
|       | 5E08           | ELSE !DELETE FROM LIST BODY!                |
|       | 040E*          |                                             |
|       |                | DO                                          |
| 03F4  | 6123           | LD R3, APT.AP.NEXT_AP(R2)                   |
|       |                |                                             |
|       |                | - 282 -                                     |
|       |                |                                             |

03F6 0020" 03F8 8B83 CP R3, R8 IF EQ !FOUND ITEM IN LIST! O3FA 5EOE THEN 03FC 040A\* 03FE 6183 LD R3, APT.AP.NEXT\_AP(R8) 0400 0020\* 0402 6F23 LD APT.AP.NEXT\_AP(R2), R3 0404 0020\* 0406 5E08 EXIT 0408 040E\* FI 040A A132 LD R2. R3 040C E8F3 OD FI **!THREAD PROCESS IN BLOCKED LIST!** 040E A182 LD R2, R8 0410 7603 LDA R3, APT.BLOCKED\_LIST 0412 000A" 0414 7604 LDA R4, APT.AP.NEXT\_AP 0416 0020\* 0418 7605 LDA R5, APT. AP. PRI 041A 0028\* LDA 041C 7606 R6, APT.AP.STATE 041E 002A" 0420 2107 LD R7, #BLOCKED 0422 0002 0424 5F00 CALL LIST INSERT !R2:OBJ ID 0426 0000\* R3:LIST HEAD PTR R4:NEXT OBJ PTR R5: PRIORITY PTR R6:STATE PTR R7:STATE ! ! GET CURRENT VP ID ! 0428 61F1 LD R1, TEMP.ID\_VP(R15) 042A 0008 042C 61F3 LD R3, TEMP.CPU\_NUM (R15) 042E 000A ! SCHEDULE FIRST READY PROCESS ! CALL TC\_GETWORK 0430 5F00 !R1:VP\_ID 0432 0000\* R3:CPU #! ! UNLOCK APT ! 0434 7604 R4, APT.LOCK LDA 0436 0000\* 0438 5F00 K\_UNLOCK CALL 043A 0000\* ! RESTORE SUCCESS CODE ! RO, #SUCCEEDED 043C 2100 LD 043E 0002 FI FI **!** RESTORE STACK ! - 283 -

| 0440 | 010F | AD D    | R15,  | #SIZEOF | TEMP |
|------|------|---------|-------|---------|------|
| 0442 | 0012 |         |       |         |      |
| 0444 | 9E08 | RET     |       |         |      |
| 0446 |      | END TC_ | AWAIT | 2       |      |

- 284 -

| 0446  |             | PROCESS_CLASS PROCEDURE<br>! * * * * * * * * * * * * * * * * * * *                                                                             | 3    |
|-------|-------------|------------------------------------------------------------------------------------------------------------------------------------------------|------|
|       |             |                                                                                                                                                |      |
|       |             | * READS SECURITY ACCESS *                                                                                                                      | ٤    |
|       |             | * CLASS OF CURRENT PROCESS *                                                                                                                   | £.   |
|       |             | * IN APT. CALLED BY SEG *                                                                                                                      | R.   |
|       |             | * MGR AND EVENT MGR 4                                                                                                                          | E.   |
|       |             | *******                                                                                                                                        | E    |
|       |             | * LOCAL VARIABLES:                                                                                                                             | ĸ    |
|       |             | * R1: VP ID                                                                                                                                    | je.  |
|       |             | <pre>* READS SECURITY ACCESS * CLASS OF CURRENT PROCESS * IN APT. CALLED BY SEG * MGR AND EVENT MGR ************************************</pre> | je – |
|       |             | *******                                                                                                                                        | je – |
|       |             | * RETURNS:                                                                                                                                     |      |
|       |             | * RR2: PROCESS SAC                                                                                                                             | je – |
|       |             | ******                                                                                                                                         | k t  |
|       |             |                                                                                                                                                |      |
|       |             | ENTRY                                                                                                                                          |      |
| 0446  | 7604        | LDA R4, APT. LOCK                                                                                                                              |      |
| 0448  | 0000        |                                                                                                                                                |      |
|       |             | CALL K_LOCK !R4:-APT.LOC                                                                                                                       | CKI  |
|       | 0000*       |                                                                                                                                                |      |
| 044E  | 5F00        | CALL RUNNING_VP !RETURNS:                                                                                                                      | •    |
|       | 0000*       |                                                                                                                                                |      |
|       |             | R1:VP_I                                                                                                                                        | D    |
|       |             | R3:CPU                                                                                                                                         | #1   |
| 0452  | 6115        | LD R5, APT. RUNNING_LIST (                                                                                                                     | R1)  |
| 0452  | 0002        |                                                                                                                                                |      |
|       |             | LDL RR2, APT. AP. SAC (R5)                                                                                                                     |      |
|       | 0024        |                                                                                                                                                |      |
| 0430  | 0024        | ! UNLOCK APT !                                                                                                                                 |      |
| 0.053 | 7600        | LDA R4, APT.LOCK                                                                                                                               |      |
|       | 0000        |                                                                                                                                                |      |
|       |             |                                                                                                                                                |      |
|       |             | CALL K_UNLOCK                                                                                                                                  |      |
|       | 0000*       |                                                                                                                                                |      |
| 0462  | <b>AF08</b> | RET<br>END PROCESS_CLASS                                                                                                                       |      |
| 0464  |             | END BROCE22 CL 822                                                                                                                             |      |

0464 GET DBR NUMBER PROCEDURE \* OBTAINS DBR NUMBER FROM APT \* \* FOR THE CURRENT PROCESS. \* CALLED BY SEGMENT MANAGER \* \*\*\*\*\*\* \* LOCAL VARIABLES: R1: VP ID × \* \* R5: PROCESS ID \*\*\*\*\*\*\*\*\*\*\*\*\* \* RETURNS: \* \* R1: DBR NUMBER \* \*\*\*\*\*\*\* ENTRY INOTE: DBR # IS ONLY VALID WHILE PROCESS IS LOADED. THIS IS NO PROBLEM IN SASS AS ALL PROCESSES REMAIN LOADED. IN A MORE GENERAL CASE, THE DBR # COULD ONLY BE ASSUMED CORRECT WHILE THE APT IS LOCKED! 0464 7604 LDA R4, APT. LOCK 0466 0000\* 0468 5F00 CALL K LOCK !R4: -APT.LOCK! 046A 0000\* 046C 5F00 CALL RUNNING\_VP !RETURNS: 046E 0000\* R1: VP ID R3:CPU #! 0470 6115 LD R5, APT. RUNNING\_LIST(R1) 0472 0002 0474 6151 LD R1, APT. AP. DBR(R5) 0476 00221 I UNLOCK APT I 0478 7604 LDA R4, APT.LOCK 047A 0000" 047C 5F00 CALL K\_UNLOCK 047E 0000\* 0480 9E08 RET 0482 END GET\_DBR\_NUMBER

END TC

## Appendix C

## DISTRIBUTED MEMORY MANAGER LISTINGS

Z8000ASM 2.02 OBJ CODE STMT SOURCE STATEMENT LOC \$LISTON \$TTY DIST\_MM MODULE CONSTANT := 50 CREATE\_CODE := 51 DELETE CODE ACTIVATE\_CODE := 52 DEACTIVATE\_CODE := 53 SWAP\_IN\_CODE := 54 SWAP\_OUT\_CODE := 55 := 2 NR\_CPU := 54 NR\_KST\_ENTRY MAX\_SEG\_SIZE := 128 := 4 MAX\_DBR\_NO := 2 KST\_SEG\_NO := 10 NR\_OF\_KSEGS := 8 BLOCK SIZE := % P00 MEM\_AVAIL := 10 G\_AST\_LIMIT := 1 INSTANCE1 := 2 INSTANCE2 := 95 INVALID\_INSTANCE := 2 SUCCEEDED TYPE ARRAY [3 WORD ] H ARRAY BYTE] ARRAY [16 COM\_MSG WORD ADDRESS RECORD G\_AST\_REC LONG [UNIQUE\_ID GLOBAL\_ADDR ADDRESS P\_L\_ASTE\_NO WORD WORD FLAG WORD PAR\_ASTE NR\_ACTIVE WORD BYTE NO ACT\_DEP BYTE SIZE1

- 287 -

|      | PG_TBL<br>ALIAS_TBL<br>SEQUENCER<br>EVENT1<br>EVENT2<br>]                        | LONG                                                                                                                                     |
|------|----------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------|
|      | MM_VP_ID                                                                         | WORD                                                                                                                                     |
|      | SEG_ARRAY                                                                        | ARRAY [MAX_SEG_SIZE BYTE]                                                                                                                |
|      | \$SECTION D_MM_D<br>GLOBAL                                                       | ATA                                                                                                                                      |
| 0000 | MM_CPU_TBL ARRA                                                                  | Y [NR_CPU MM_VP_ID]                                                                                                                      |
|      | \$SECTION AVAIL_<br>INTERNAL<br>! NOTE: MEM_POO<br>CPU LOCAL MEM                 | L IS LOCATED IN<br>ORY. !                                                                                                                |
| 0000 | _                                                                                | RAY [MEM_AVAIL BYTE]                                                                                                                     |
|      | STUB AS AN OF                                                                    | OCK IS USED IN THE MM_ALLOCATE<br>FSET POINTER INTO THE BLOCK<br>E MEMORY. IT IS INITIALIZED<br>LOADER. !                                |
|      | NEXT_BLOCK<br>\$SECTION MSG_FR<br>INTERNAL<br>!NOTE: THESE REG<br>TO DEFINE MESS | WORD<br>AME_DCL<br>CORDS ARE "OVERLAYS" OR "FRAMES" USED<br>AGE FORMATS. NO MEMORY IS ALLOCATED !                                        |
| 0000 | CREATE_MSG                                                                       | RECORD [CR_CODE WORD<br>CE_NM_HANDLE H_ARRAY<br>CE_ENTRY_NO SHORT_INTEGER<br>CE_FILL BYTE<br>CE_SIZE WORD<br>CE_CLASS LONG]              |
| 0000 | \$ABS 0<br>DELETE_MSG                                                            | RECORD [DE_CODE WORD<br>DE_MM_HANDLE H_ARRAY<br>DE_ENTRY_NO SHORT_INTEGER<br>DE_FILL ARRAY[7 BYTE]]                                      |
| 0000 | \$ABS 0<br>ACTIVATE_MSG                                                          | RECORD [ ACT_CODE WORD<br>A_DBR_NO WORD<br>A_MM_HANDLE H_ARRAY<br>A_ENTRY_NO SHORT_INTEGER<br>A_SEGMENT_NO SHORT_INTEGER<br>A_FILL LONG] |
|      |                                                                                  |                                                                                                                                          |

|                | ABS O<br>EACTIVAT | E_MSG           | RECORD[ | DEACT_CODE<br>D_DBR_NO<br>D_MM_HANDLE<br>D_FILL                                | NORD                            |
|----------------|-------------------|-----------------|---------|--------------------------------------------------------------------------------|---------------------------------|
|                | ABS O<br>WAP_IN_M | ISG             | RECORD  | [S_IN_CODE<br>SI_MM_HANDLE<br>SI_DBR_NO<br>SI_ACCESS_AU<br>SI_PILL1<br>SI_PILL | H_ARRAY<br>WORD                 |
| \$A<br>0000 SW | ABS O<br>WAP_OUT_ | MSG             | RECORD  | [S_OUT_CODE<br>SO_DBR_NO<br>SO_MM_HANDLE                                       | WO RD<br>WO RD                  |
|                | ABS 0<br>ET_SUC_C | ODE             | RECORD  | SUC_CODE<br>SC_FILL                                                            | BYTE<br>ARRAY[15 BYTE]]         |
|                | ABS O<br>_ACTIVAT | E_ARG           | RECORD  | [R_SUC_CODE<br>R_FILL<br>R_MM_HANDLE<br>R_CLASS<br>R_SIZE<br>R_FILL1           | BYTE<br>H_ARRAY<br>LONG<br>WORD |
| 0000 MM        | [ID               | LONG<br>NO WORD | CORD    |                                                                                |                                 |
|                | G_                | AST_LOCK        |         | WORD                                                                           |                                 |
|                | G_                | AST ARR         | AY[G_AS | T_LIMIT G_AST                                                                  | _REC ]                          |
|                | ĸ                 | LOCK            |         | PROCEDURE                                                                      |                                 |
|                | K                 | <b>UNLOCK</b>   |         | PROCEDURE                                                                      |                                 |
|                | GI                | T_CPU_NO        |         | PROCEDURE                                                                      |                                 |
|                | SI                | GNAL            |         | PROCEDURE                                                                      |                                 |
|                | W E               | IT              |         | PROCEDURE                                                                      |                                 |

- 289 -

GLOBAL \$SECTION D\_MM\_PROC

| 0000                   | MM CRE | ATE_ENTRY PROCEDURE                             |
|------------------------|--------|-------------------------------------------------|
| 0000                   | 1***** | ******                                          |
|                        |        | RFACE BETWEEN SEG MGR *                         |
|                        |        | ATE_SEG PROCEDURE) AND *                        |
|                        | * MMGR | PROCESS (CREATE_ENTRY *                         |
|                        |        | EDURE). ARRANGES AND *                          |
|                        | * PERF | ORMS IPC. *                                     |
|                        | *****  | ******                                          |
|                        | * REGI | STER USE: *                                     |
|                        | * PARA | METERS *                                        |
|                        | * R0:  | SUCCESS_CODE (RET) *                            |
|                        | * R1:  | HPTR (INPUT) *                                  |
|                        | * R2:  | ENTRY_NO (INPUT) *                              |
|                        | * R3:  | SIZE (INPUT) *                                  |
|                        | * RR4  | CLASS (INPUT) *                                 |
|                        |        |                                                 |
|                        |        | MM_HANDLE ARRAY ENTRY *<br>~COM_MSGBUF *        |
|                        | * 10.  | :¬COM_MSGBUF *                                  |
|                        | * 1(5  | *****                                           |
|                        | ENTRY  | •••••••••••••••••••••••••••••••••••••••         |
|                        |        | STACK FOR MESSAGE!                              |
| 0000 030F              | SUB    | R15, #SIZEOF COM_MSG                            |
| 0002 0010              |        |                                                 |
| 0004 A1FD              | LD     | R13,R15 ! -COM_MSGBUF !                         |
|                        |        |                                                 |
|                        |        | COM_MSGBUF (LOAD MESSAGE). CREATE MSG           |
|                        |        | E IS BASED AT ADDRESS ZERO. IT IS               |
|                        |        | LAID ONTO COM_MSGBUF FRAME BY INDEXING          |
|                        |        | ENTRY (I.E. ADDING TO EACH ENTRY) THE           |
|                        | BASE   | ADDRESS OF COM_MSGBUF!                          |
| 0006 4005              | LD     | CREATE_MSG.CR_CODE (R13) ,#CREATE_CODE          |
| 0008 0000              |        |                                                 |
| 000A 0032              |        |                                                 |
| 000C 3116              | LD     | R6,R1(#0) !INDEX TO MM_HANDLE ENTRY!            |
| 000E 0000              |        |                                                 |
| 0010 6PD6              | LD     | CREATE_MSG.CE_MM_HANDLE[0](R13),R6              |
| 0012 0002              |        |                                                 |
| 0014 3116              | LD     | R6,R1(#2)                                       |
| 0016 0002              |        |                                                 |
| 0018 6FD6              | LD     | CREATE_MSG.CE_MM_HANDLE[1](R13),R6              |
| 001A 0004              |        |                                                 |
| 001C 3116<br>001E 0004 | LD     | R6,R1(#4)                                       |
| 001E 0004<br>0020 6FD6 | LD     | CREATE_MSG.CE_MM_HANDLE[2](R13),R6              |
| 0022 0006              | 717    | erraringeren un un neuerol villeren erreren ver |
| 0024 6FD2              | LD     | CREATE_MSG.CE_ENTRY_NO(E13),R2                  |
| 0026 0008              |        |                                                 |
| 0028 5DD4              | LDL    | CREATE_MSG.CE_CLASS(R13),RR4                    |
| 002A 000C              |        |                                                 |

| 002C | 6FD3 | LD    | CREATE_MSG.CE_SIZE(R13),R3                |
|------|------|-------|-------------------------------------------|
| 002E | AOOO |       |                                           |
| 0030 | A1D8 | LD    | R8, R13                                   |
| 0032 | 5F00 | CALL  | PERFORM_IPC !R8: ¬COM_MSGBUF!             |
| 0034 | 018C |       |                                           |
|      |      | IRETR | IEVE SUCCESS_CODE FROM RETURNED MESSAGE!  |
|      |      |       |                                           |
| 0036 | 8008 | CLR   | RO                                        |
| 0038 | 60D8 | LDB   | RLO, RET_SUC_CODE.SUC_CODE(R13)           |
| AEOO | 0000 |       |                                           |
| 003C | 010F | ADD   | R15,#SIZEOF COM_MSG !RESTORE STACK STATE! |
| 003E | 0100 |       |                                           |
| 0040 | 9E08 | RET   |                                           |
| 0042 | EN D | MM_CR | EATE_ENTRY                                |

- 291 -

| 0042                   | MM_DELETE_ENTRY PROCEDURE<br>************************************            |
|------------------------|------------------------------------------------------------------------------|
|                        | * ARRANGES AND PERFORMS IPC. *<br>***********************************        |
|                        | * PARAMETERS *<br>* R0:SUCCESS_CODE(RET) *                                   |
|                        | * R1:HPTR(INPUT) *<br>* R2:ENTRY_NO(INPUT) *<br>* LOCAL USE *                |
|                        | * R6:MM_HANDLE ARRAY ENTRY *<br>* R8:¬COM_MSGBUF *<br>* R13:¬COM_MSGBUF *    |
|                        | ***********                                                                  |
|                        | ENTRY<br>!USE STACK FOR MESSAGE!                                             |
|                        | SUB R15, #SIZEOF COM_MSG                                                     |
| 0044 0010              |                                                                              |
| 0046 A1FD              | LD R13,R15 ! ¬COM_MSGBUF !<br>LL COM_MSGBUF (LOAD MESSAGE). DELETE_MSG FRAME |
|                        | BASED AT ADDRESS ZERO. IT IS OVERLAID ONTO                                   |
|                        | M_MSGBUF FRAME BY INDEXING EACH ENTRY (I.E. ADD-                             |
|                        | G TO EACH ENTRY) THE BASE ADDRESS OF COM_MSGBUP!                             |
| 0048 4DD5<br>004A 0000 | LD DELETE_MSG.DE_CODE(R13),#DELETE_CODE                                      |
| 004C 0033              |                                                                              |
| 004E 3116              | LD R6,R1(#0) !INDEX TO MM_HANDLE ENTRY!                                      |
| 0050 0000              |                                                                              |
| 0052 6FD6<br>0054 0002 | LD DELETE_MSG.DE_MM_HANDLE[0](R13),R6                                        |
|                        | LD R6,R1(#2)                                                                 |
| 0058 0002              |                                                                              |
| 005A 6FD6<br>005C 0004 | LD DELETE_MSG.DE_MM_HANDLE[1](R13),R6                                        |
| 005E 3116              | LD R6,R1(#4)                                                                 |
| 0060 0004              |                                                                              |
| 0062 6FD6              | LD DELETE_MSG.DE_MM_HANDLE[2](R13),R6                                        |
| 0064 0006<br>0066 6FD2 | LD DELETE_MSG.DE_ENTRY_NO(R13),R2                                            |
| 0068 0008              |                                                                              |
| 006A A1D8              | LD R8,R13                                                                    |
| 006C 5F00              | CALL PERFORM_IPC !R8: ¬COM_MSGBUF!                                           |
| 006E 018C*             | RETRIEVE SUCCESS_CODE FROM RETURNED MESSAGE!                                 |
| 0070 8D08              | CLR RO                                                                       |
| 0072 60D8              | LDB RLO, RET_SUC_CODE.SUC_CODE (R13)                                         |
| 0074 0000<br>0076 010F | ADD R15, #SIZEOF COM MSG !RESTORE STACK STATE!                               |
| 0078 0010              | ADD R15, #SIZEOF COM_MSG !RESTORE STACK STATE!                               |
| 007A 9E08              | RET                                                                          |
| 007C END               | MM_DELETE_ENTRY                                                              |

| 007C                 |      | * *****<br>* INTE<br>* (MAK<br>* MMGR<br>* ARRA<br>* ARRA<br>* REGI<br>* PARA<br>* R1:<br>* R2:<br>* R3:<br>* R4:<br>* R12<br>* LOCA<br>* R8:<br>* R13<br>* RETU<br>* R0:<br>* R2<br>* R4:<br>* R2 | ¬COM_MSGBUF<br>:¬COM_MSGBUF<br>RNS:<br>SUCCESS CODE<br>:CLASS | **********<br>EG MGR *<br>RE) AND *<br>OCEDURE) *<br>MS IPC *<br>***********<br>*<br>*<br>*<br>*<br>*<br>*<br>*<br>*<br>*<br>*<br>*<br>* |                  |
|----------------------|------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------|------------------|
|                      |      |                                                                                                                                                                                                    |                                                               |                                                                                                                                          |                  |
|                      |      | ENTRY<br>IUSE                                                                                                                                                                                      | STACK FOR MESSA                                               | TE I                                                                                                                                     |                  |
|                      |      | SUB                                                                                                                                                                                                | R15, #SIZEOF CON                                              |                                                                                                                                          |                  |
|                      | 0010 |                                                                                                                                                                                                    |                                                               |                                                                                                                                          |                  |
| 0080                 | AIFD | LD                                                                                                                                                                                                 | R 13, R 15 ! ¬C(<br>E RETURN HANDLE                           | M_MSGBUF !                                                                                                                               |                  |
| 0082                 | 93FC |                                                                                                                                                                                                    | DR15, R12                                                     | POINTER :                                                                                                                                |                  |
|                      |      |                                                                                                                                                                                                    |                                                               |                                                                                                                                          |                  |
|                      | ;    |                                                                                                                                                                                                    | _HSGBUF (LOAD M)<br>AT ADDRESS ZER(                           |                                                                                                                                          |                  |
|                      |      |                                                                                                                                                                                                    | UF FRAME BY INDI                                              |                                                                                                                                          |                  |
|                      |      |                                                                                                                                                                                                    | ACH ENTRY) THE                                                |                                                                                                                                          |                  |
|                      |      | LD                                                                                                                                                                                                 | ACTIVATE_MSG.AC                                               | CT_CODE (R13)                                                                                                                            | , #ACTIVATE_CODE |
| 0086<br>0088         |      |                                                                                                                                                                                                    |                                                               |                                                                                                                                          |                  |
| 008A                 |      | LD                                                                                                                                                                                                 | ACTIVATE_MSG.A                                                | DBR_NO (R13)                                                                                                                             | , R 1            |
| 008C                 |      |                                                                                                                                                                                                    |                                                               |                                                                                                                                          | -                |
| 008E<br>0090         |      | LD                                                                                                                                                                                                 | R6,R2(#0)                                                     |                                                                                                                                          |                  |
| 0090                 |      | LD                                                                                                                                                                                                 | ACTIVATE_MSG.A                                                | MM HANDLEFO                                                                                                                              | 7(R13),R6        |
| 0094                 | 0004 |                                                                                                                                                                                                    |                                                               |                                                                                                                                          |                  |
| 0096<br>0098         |      | LD                                                                                                                                                                                                 | R6,R2(#2)                                                     |                                                                                                                                          |                  |
| 0098<br>009A<br>009C | 6FD6 | LD                                                                                                                                                                                                 | ACTIVATE_MSG.A_                                               | MM_HANDLE[ 1                                                                                                                             | ](R13),R6        |
| 009E                 |      | LD                                                                                                                                                                                                 | R6,R2(#4)                                                     |                                                                                                                                          |                  |
| 0040                 |      | TD                                                                                                                                                                                                 |                                                               |                                                                                                                                          | 1/013) 06        |
| 00A2<br>00A4         |      | LD                                                                                                                                                                                                 | ACTIVATE_MSG.A                                                | aa_aANDLE[2                                                                                                                              | ](415],40        |
| 00A6<br>00A8         | 6EDB | LD B                                                                                                                                                                                               | ACTIVATE_MSG.A                                                | ENTRY_NO (R1                                                                                                                             | 3),RL3           |
|                      |      |                                                                                                                                                                                                    |                                                               |                                                                                                                                          |                  |

| 00AA<br>00AC |      | LDB    | ACTIVATE_MSG.A_SEGMENT_NO(R13),RL4         |
|--------------|------|--------|--------------------------------------------|
| OOAE         |      | TD     | R8, R13                                    |
| 00B0         |      |        | •                                          |
|              |      | CALL   | PERFORM_IPC ! (R8: ~COM_MSGBUF!            |
| 0082         | 018C |        |                                            |
|              |      |        | ORE RETURN HANDLE POINTER !                |
| 00B4         | 97FC | PO P   | R12, @R15                                  |
|              |      | ! UPDA | TE MM_HANDLE ENTRY !                       |
| 00B6         | 54D6 | LDL    | RR6, R_ACTIVATE_ARG.R_MM_HANDLE (R13)      |
| 00B8         |      |        |                                            |
| OOBA         |      | LDL    | MM_HANDLE.ID (R12), RR6                    |
| 00BC         | 0000 |        |                                            |
| OOBE         | 61D6 | LD     | R6, R_ACTIVATE_ARG. R_MM_HANDLE[2](R13)    |
| 00C0         | 0006 |        |                                            |
| 00C2         | 6FC6 | LD     | MM_HANDLE.ENTRY_NO (R12), R6               |
| 00C4         | 0004 |        |                                            |
|              |      | !RETRI | EVE OTHER RETURN ARGUMENTS!                |
| 00C6         | 8D08 | CLR    | RO                                         |
| 00C8         | 60D8 | LDB    | RLO, R_ACTIVATE_ARG.R_SUC_CODE (R13)       |
| OOCA         | 0000 |        |                                            |
| 00CC         | 54D2 | LDL    | RR2, R_ACTIVATE_ARG.R_CLASS (R13)          |
| OOCE         | 8000 |        |                                            |
| 00D0         | 61D4 | LD     | R4, R_ACTIVATE_ARG. R_SIZE (R 13)          |
| 00D2         | 000C |        |                                            |
| 00D4         | 010F | ADD    | R15, #SIZEOF COM_MSG !RESTORE STACK STATE! |
| 00D6         | 0010 |        | -                                          |
| 8000         | 9E08 | RET    |                                            |
| ACOO         | END  | MM_ACT | IVATE                                      |

.

| 00DAMM_DEACTIVATEPROCEDURE!************************************                                                                                                                                                   |
|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| ENTRY                                                                                                                                                                                                             |
| IUSE STACK FOR MESSAGE!                                                                                                                                                                                           |
| OODA 030F SUB R15,#SIZEOF COM_MSG                                                                                                                                                                                 |
| 00DC 0010<br>00DE A1FD LD R13,R15 ! ¬COM_MSGBUF !                                                                                                                                                                 |
| CODE AILD TO WISKIS : -COUTUSEDOF :                                                                                                                                                                               |
| PILL COM_MSGBUF (LOAD MESSAGE). DEACTIVATE_MSG FRAME<br>IS BASED AT ADDRESS ZERO. IT IS OVERLAID ONTO<br>COM_MSGBUF FRAME BY INDEXING EACH ENTRY (I.E. ADD-<br>ING TO EACH ENTRY) THE BASE ADDRESS OF COM_MSGBUF! |
| 00E0 4DD5LDDEACTIVATE_MSG.DEACT_CODE(R13),00E2 0000#DEACTIVATE_CODE                                                                                                                                               |
| 00E4 0035<br>00E6 6FD1 LD DEACTIVATE_MSG.D_DBR_NO(R13),R1                                                                                                                                                         |
| 00E8 0002                                                                                                                                                                                                         |
| OOEA 3126 LD R6,R2(#0) !INDEX TO MM_HANDLE ENTRY!<br>OOEC 0000                                                                                                                                                    |
| OOEE 6FD6 LD DEACTIVATE_MSG.D_MM_HANDLE[0](R13),R6                                                                                                                                                                |
| 00F0 0004<br>00F2 3126 LD R6,R2(#2)                                                                                                                                                                               |
| 00F4 0002                                                                                                                                                                                                         |
| OOF6 6FD6 LD DEACTIVATE_MSG.D_MM_HANDLE[1](R13),R6                                                                                                                                                                |
| 00F8 0006<br>00FA 3126 LD R6,R2(#4)                                                                                                                                                                               |
| 00FC 0004<br>00FE 6FD6 LD DEACTIVATE_MSG.D_MM_HANDLE[2](R13),R6                                                                                                                                                   |
| 0100 0008                                                                                                                                                                                                         |
| 0102 A1D8 LD R8,R13<br>0104 5F00 CALL PERFORM_IPC !R8: ¬COM_MSGBUF!                                                                                                                                               |
| 0106 018C'                                                                                                                                                                                                        |
| RETRIEVE SUCCESS_CODE FROM RETURNED MESSAGE                                                                                                                                                                       |
| 0108 8D08 CLR R0                                                                                                                                                                                                  |
| 010A 60D8 LDB RLO,RET_SUC_CODE.SUC_CODE(R13)                                                                                                                                                                      |
| - 295 -                                                                                                                                                                                                           |

| 010C | 0000 |        |              |         |          |       |        |
|------|------|--------|--------------|---------|----------|-------|--------|
| 010E | 010F | ADD    | R15, #SIZEOF | COM_MSG | !RESTORE | STACK | STATE! |
| 0110 | 0010 |        |              | -       |          |       |        |
| 0112 | 9E08 | RET    |              |         |          |       |        |
| 0114 | END  | MM DEL | CTTVATE      |         |          |       |        |

- 296 -

| υ                                    | * * * * * * * * * * * * * * * * * * * | P_IN PROCEDURE<br>************************************                                                                                                                        |
|--------------------------------------|---------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
|                                      | ENTRY<br>IUSE                         | STACK FOR MESSAGE!                                                                                                                                                            |
| 0114 030P                            |                                       | R15, #SIZEOF COM_MSG                                                                                                                                                          |
| 0116 0010<br>0118 A1FD               | LD                                    | R13,R15 ! -COM_MSGBUF !                                                                                                                                                       |
| IS<br>CO                             | BASED<br>M_MSGB                       | _MSGBUF (LOAD MESSAGE). SWAP_IN_MSG FRAME<br>AT ADDRESS ZERO. IT IS OVERLAID ONTO<br>UF FRAME BY INDEXING EACH ENTRY (I.E. ADD-<br>ACH ENTRY) THE BASE ADDRESS OF COM_MSGBUF! |
| 011A 4DD5<br>011C 0000               | LD                                    | SWAP_IN_MSG.S_IN_CODE(R13),#SWAP_IN_CODE                                                                                                                                      |
|                                      | LD                                    | R6,R2(#0) !INDEX TO MM_HANDLE ENTRY!                                                                                                                                          |
| 0122 0000<br>0124 6FD6               | LD                                    | SWAP_IN_MSG.SI_MM_HANDLE[0](R13),R6                                                                                                                                           |
| 0126 0002<br>0128 3126<br>0128 0002  | LD                                    | R6,R2(#2)                                                                                                                                                                     |
| 012C 6FD6                            | LD                                    | SWAP_IN_MSG.SI_MM_HANDLE[1](R13),R6                                                                                                                                           |
| 012E 0004<br>0130 3126               | LD                                    | R6,R2(#4)                                                                                                                                                                     |
| 0132 0004<br>0134 6FD6<br>0136 0006  | LD                                    | SWAP_IN_MSG.SI_MM_HANDLE[2](R13),R6                                                                                                                                           |
| 0138 6FD1<br>013A 0008               | LD                                    | SWAP_IN_MSG.SI_DBR_NO(R13),R1                                                                                                                                                 |
| 013C 6EDB<br>013E 000A               | LD B                                  | SWAP_IN_MSG.SI_ACCESS_AUTH (R13),RL3                                                                                                                                          |
| 0140 A1D8<br>0142 5F00<br>0144 018C' | LD<br>CALL                            | R8,R13<br>PERFORM_IPC !R8: -COM_MSGBUF!                                                                                                                                       |
| 0146 8D08                            | IRETR<br>CLR                          | IEVE SUCCESS_CODE FROM RETURNED MESSAGE!<br>RO                                                                                                                                |
| 0148 6008                            | LDB                                   | RLO, RET_SUC_CODE.SUC_CODE (R13)                                                                                                                                              |
|                                      |                                       |                                                                                                                                                                               |

| 014A | 0000 |     |         |        |     |     |          |       |        |
|------|------|-----|---------|--------|-----|-----|----------|-------|--------|
| 014C | 010F | ADD | R 15, i | SIZEOF | COM | MSG | !RESTORE | STACK | STATE! |
| 014E | 0010 |     | -       |        | -   | -   |          |       |        |
| 0150 | 9E08 | RET |         |        |     |     |          |       |        |
|      |      |     |         |        |     |     |          |       |        |

0152 END MM\_SWAP\_IN

- 298 -

| 0152                                                                                                                                                                                                 | ,                                                                                                                                                                     | MM_SWA                                                          | P_OUT PROCEDURE                                                                                                                                                                                                                                                                                                                      |
|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
|                                                                                                                                                                                                      | •                                                                                                                                                                     | * INTE                                                          | RFACE BETHEEN SEG MGR (SM_*                                                                                                                                                                                                                                                                                                          |
|                                                                                                                                                                                                      |                                                                                                                                                                       | * SWAP                                                          | OUT PROCEDURE) AND MMGR *                                                                                                                                                                                                                                                                                                            |
|                                                                                                                                                                                                      |                                                                                                                                                                       | * (SWA                                                          | P_OUT PROCEDURE). ARRANGES*                                                                                                                                                                                                                                                                                                          |
|                                                                                                                                                                                                      |                                                                                                                                                                       | * AND                                                           | PERFORMS IPC. * ***********************************                                                                                                                                                                                                                                                                                  |
|                                                                                                                                                                                                      |                                                                                                                                                                       | * REGI                                                          | STER USE: *                                                                                                                                                                                                                                                                                                                          |
|                                                                                                                                                                                                      |                                                                                                                                                                       |                                                                 | METERS *                                                                                                                                                                                                                                                                                                                             |
|                                                                                                                                                                                                      |                                                                                                                                                                       | * R1:                                                           | SUCCESS_CODE (RET) *<br>DBR_NO(INPUT) *                                                                                                                                                                                                                                                                                              |
|                                                                                                                                                                                                      |                                                                                                                                                                       | * R2:                                                           | TPTR (INPUT) *                                                                                                                                                                                                                                                                                                                       |
|                                                                                                                                                                                                      |                                                                                                                                                                       | <pre>* LOCA * R6.</pre>                                         | L USE *<br>MM_HANDLE ARRAY ENTRY *                                                                                                                                                                                                                                                                                                   |
|                                                                                                                                                                                                      |                                                                                                                                                                       | * R8:                                                           | ¬COM_MSGBUF *                                                                                                                                                                                                                                                                                                                        |
|                                                                                                                                                                                                      |                                                                                                                                                                       |                                                                 | :¬COM_MSGBUF *                                                                                                                                                                                                                                                                                                                       |
|                                                                                                                                                                                                      |                                                                                                                                                                       | ENTRY                                                           | **********                                                                                                                                                                                                                                                                                                                           |
|                                                                                                                                                                                                      |                                                                                                                                                                       | !USE                                                            | STACK FOR MESSAGE!                                                                                                                                                                                                                                                                                                                   |
|                                                                                                                                                                                                      |                                                                                                                                                                       | SUB                                                             | R15, #SIZEOF COM_MSG                                                                                                                                                                                                                                                                                                                 |
|                                                                                                                                                                                                      | 0010<br>A1FD                                                                                                                                                          | LD                                                              | R13,R15 ! -COM_MSGBUF !                                                                                                                                                                                                                                                                                                              |
| • • • • •                                                                                                                                                                                            |                                                                                                                                                                       |                                                                 | _                                                                                                                                                                                                                                                                                                                                    |
|                                                                                                                                                                                                      |                                                                                                                                                                       |                                                                 | _MSGBUF (LOAD MESSAGE). SWAP_OUT_MSG FRAME<br>AT ADDRESS ZERO. IT IS OVERLAID ONTO                                                                                                                                                                                                                                                   |
|                                                                                                                                                                                                      |                                                                                                                                                                       |                                                                 | UF FRAME BY INDEXING EACH ENTRY (I.E. ADD-                                                                                                                                                                                                                                                                                           |
|                                                                                                                                                                                                      |                                                                                                                                                                       |                                                                 | ACH ENTRY) THE BASE ADDRESS OF COM_MSGBUF!                                                                                                                                                                                                                                                                                           |
| 0158                                                                                                                                                                                                 | 4005                                                                                                                                                                  | LD                                                              | SWAP_OUT_MSG.S_OUT_CODE(R13), #SWAP_OUT_CODE                                                                                                                                                                                                                                                                                         |
| 015A                                                                                                                                                                                                 |                                                                                                                                                                       |                                                                 |                                                                                                                                                                                                                                                                                                                                      |
| 015C                                                                                                                                                                                                 | 0007                                                                                                                                                                  |                                                                 |                                                                                                                                                                                                                                                                                                                                      |
|                                                                                                                                                                                                      |                                                                                                                                                                       | TD                                                              | יעסייעים קומאנים אא שמעיים אייסטייט אייסטענ                                                                                                                                                                                                                                                                                          |
| 0160                                                                                                                                                                                                 | 3126                                                                                                                                                                  | LD                                                              | R6,R2(#0) !INDEX TO MM_HANDLE ENTRY!                                                                                                                                                                                                                                                                                                 |
| 0160<br>0162                                                                                                                                                                                         | 3126<br>0000<br>6FD6                                                                                                                                                  |                                                                 | R6,R2(#0) !INDEX TO MM_HANDLE ENTRY!<br>SWAP_OUT_MSG.SO_MM_HANDLE[0](R13),R6                                                                                                                                                                                                                                                         |
| 0160<br>0162<br>0164                                                                                                                                                                                 | 3126<br>0000<br>6FD6<br>0004                                                                                                                                          | LD                                                              | SWAP_OUT_MSG.SO_MM_HANDLE[0](R13),R6                                                                                                                                                                                                                                                                                                 |
| 0160<br>0162                                                                                                                                                                                         | 3126<br>0000<br>6FD6<br>0004<br>3126                                                                                                                                  | LD                                                              | SWAP_OUT_MSG.SO_MM_HANDLE[0](R13),R6<br>R6,R2(#2)                                                                                                                                                                                                                                                                                    |
| 0160<br>0162<br>0164<br>0166<br>0168<br>016A                                                                                                                                                         | 3126<br>0000<br>6FD6<br>0004<br>3126<br>0002<br>6FD6                                                                                                                  | LD                                                              | SWAP_OUT_MSG.SO_MM_HANDLE[0](R13),R6                                                                                                                                                                                                                                                                                                 |
| 0160<br>0162<br>0164<br>0166<br>0168<br>0168<br>016A                                                                                                                                                 | 3126<br>0000<br>6FD6<br>0004<br>3126<br>0002<br>6FD6<br>0006                                                                                                          | LD<br>LD<br>LD                                                  | SWAP_OUT_MSG.SO_MM_HANDLE[0](R13),R6<br>R6,R2(#2)<br>SWAP_OUT_MSG.SO_MM_HANDLE[1](R13),R6                                                                                                                                                                                                                                            |
| 0160<br>0162<br>0164<br>0166<br>0168<br>0168<br>016C<br>016C<br>016E<br>0170                                                                                                                         | 3126<br>0000<br>6FD6<br>0004<br>3126<br>0002<br>6FD6<br>0006<br>3126<br>0004                                                                                          | LD<br>LD                                                        | SWAP_OUT_MSG.SO_MM_HANDLE[0](R13),R6<br>R6,R2(#2)<br>SWAP_OUT_MSG.SO_MM_HANDLE[1](R13),R6<br>R6,R2(#4)                                                                                                                                                                                                                               |
| 0160<br>0162<br>0164<br>0166<br>0168<br>0168<br>016C<br>016C<br>016E<br>0170<br>0172                                                                                                                 | 3126<br>0000<br>6FD6<br>0004<br>3126<br>0002<br>6FD6<br>0006<br>3126<br>0004<br>6FD6                                                                                  | LD<br>LD<br>LD                                                  | SWAP_OUT_MSG.SO_MM_HANDLE[0](R13),R6<br>R6,R2(#2)<br>SWAP_OUT_MSG.SO_MM_HANDLE[1](R13),R6                                                                                                                                                                                                                                            |
| 0160<br>0162<br>0164<br>0166<br>0168<br>0168<br>0162<br>0162<br>0170<br>0172<br>0174                                                                                                                 | 3126<br>0000<br>6FD6<br>0004<br>3126<br>0002<br>6FD6<br>0006<br>3126<br>0004<br>6FD6<br>0008                                                                          | LD<br>LD<br>LD<br>LD                                            | SWAP_OUT_MSG.SO_MM_HANDLE[0](R13),R6<br>R6,R2(#2)<br>SWAP_OUT_MSG.SO_MM_HANDLE[1](R13),R6<br>R6,R2(#4)<br>SWAP_OUT_MSG.SO_MM_HANDLE[2](R13),R6                                                                                                                                                                                       |
| 0160<br>0162<br>0164<br>0166<br>0168<br>0168<br>0168<br>0168<br>0162<br>0162<br>0170<br>0172<br>0174<br>0176<br>0178                                                                                 | 3126<br>0000<br>6FD6<br>0004<br>3126<br>0002<br>6FD6<br>0006<br>3126<br>0004<br>6FD6<br>0008<br>6FD1<br>0002                                                          | LD<br>LD<br>LD<br>LD<br>LD                                      | SWAP_OUT_MSG.SO_MM_HANDLE[0](R13),R6<br>R6,R2(#2)<br>SWAP_OUT_MSG.SO_MM_HANDLE[1](R13),R6<br>R6,R2(#4)<br>SWAP_OUT_MSG.SO_MM_HANDLE[2](R13),R6<br>SWAP_OUT_MSG.SO_DBR_NO(R13),R1                                                                                                                                                     |
| 0160<br>0162<br>0164<br>0166<br>0168<br>0168<br>0168<br>0168<br>0168<br>0168<br>0168                                                                                                                 | 3126<br>0000<br>6FD6<br>0004<br>3126<br>0002<br>6FD6<br>0006<br>3126<br>0004<br>6FD6<br>0008<br>6FD1<br>0002<br>A1D8                                                  | LD<br>LD<br>LD<br>LD<br>LD<br>LD                                | SWAP_OUT_MSG.SO_MM_HANDLE[0](R13),R6<br>R6,R2(#2)<br>SWAP_OUT_MSG.SO_MM_HANDLE[1](R13),R6<br>R6,R2(#4)<br>SWAP_OUT_MSG.SO_MM_HANDLE[2](R13),R6<br>SWAP_OUT_MSG.SO_DBR_NO(R13),R1<br>R8,R13                                                                                                                                           |
| 0160<br>0162<br>0164<br>0166<br>0168<br>0166<br>0166<br>0166<br>0166<br>0170<br>0172<br>0174<br>0176<br>0178<br>017A<br>017C                                                                         | 3126<br>0000<br>6FD6<br>0004<br>3126<br>0002<br>6FD6<br>0006<br>3126<br>0004<br>6FD6<br>0008<br>6FD1<br>0002<br>A1D8                                                  | LD<br>LD<br>LD<br>LD<br>LD<br>LD<br>LD<br>LD<br>CALL            | SWAP_OUT_MSG.SO_MM_HANDLE[0](R13),R6<br>R6,R2(#2)<br>SWAP_OUT_MSG.SO_MM_HANDLE[1](R13),R6<br>R6,R2(#4)<br>SWAP_OUT_MSG.SO_MM_HANDLE[2](R13),R6<br>SWAP_OUT_MSG.SO_DBR_NO(R13),R1<br>R8,R13<br>PERFORM_IPC !R8: ¬COM_MSGBUF!                                                                                                          |
| 0160<br>0162<br>0164<br>0166<br>0168<br>0168<br>0168<br>0168<br>0168<br>0168<br>0170<br>0172<br>0174<br>0176<br>0178<br>0178<br>0177<br>0178                                                         | 3126<br>0000<br>6FD6<br>0004<br>3126<br>0002<br>6FD6<br>0006<br>3126<br>0004<br>6FD6<br>0008<br>6FD1<br>0002<br>A1D8<br>5F00<br>018C'                                 | LD<br>LD<br>LD<br>LD<br>LD<br>LD<br>LD<br>CALL<br>!RETR         | <pre>SWAP_OUT_MSG.SO_MM_HANDLE[0](R13),R6 R6,R2(#2) SWAP_OUT_MSG.SO_MM_HANDLE[1](R13),R6 R6,R2(#4) SWAP_OUT_MSG.SO_MM_HANDLE[2](R13),R6 SWAP_OUT_MSG.SO_DBR_NO(R13),R1 R8,R13 PERFORM_IPC !R8: ¬COM_MSGBUF! IEVE SUCCESS_CODE FROM RETURNED MESSAGE!</pre>                                                                           |
| 0160<br>0162<br>0164<br>0166<br>0168<br>0168<br>0168<br>0168<br>0168<br>0168<br>0170<br>0172<br>0174<br>0176<br>0178<br>0177<br>0177<br>0177<br>0178                                                 | 3126<br>0000<br>6FD6<br>0004<br>3126<br>0002<br>6FD6<br>0006<br>3126<br>0004<br>6FD6<br>0008<br>6FD1<br>0002<br>A1D8<br>5F00<br>018C'<br>8D08                         | LD<br>LD<br>LD<br>LD<br>LD<br>LD<br>LD<br>CALL<br>!RETR<br>CLR  | SWAP_OUT_MSG.SO_MM_HANDLE[0](R13),R6<br>R6,R2(#2)<br>SWAP_OUT_MSG.SO_MM_HANDLE[1](R13),R6<br>R6,R2(#4)<br>SWAP_OUT_MSG.SO_MM_HANDLE[2](R13),R6<br>SWAP_OUT_MSG.SO_DBR_NO(R13),R1<br>R8,R13<br>PERFORM_IPC !R8: ¬COM_MSGBUF!<br>IEVE SUCCESS_CODE FROM RETURNED MESSAGE!<br>R0                                                        |
| 0160<br>0162<br>0164<br>0166<br>0168<br>0168<br>0168<br>0168<br>0168<br>0168<br>0162<br>0172<br>0174<br>0172<br>0174<br>0176<br>0178<br>0178<br>0178<br>0178<br>0178<br>0178<br>0180<br>0182<br>0184 | 3126<br>0000<br>6FD6<br>0004<br>3126<br>0002<br>6FD6<br>0006<br>3126<br>0004<br>6FD6<br>0008<br>6FD1<br>0002<br>A1D8<br>5F00<br>018C'<br>8D08<br>60D8<br>0000         | LD<br>LD<br>LD<br>LD<br>LD<br>LD<br>CALL<br>!RETR<br>CLR<br>LDB | <pre>SWAP_OUT_MSG.SO_MM_HANDLE[0](R13),R6<br/>R6,R2(#2)<br/>SWAP_OUT_MSG.SO_MM_HANDLE[1](R13),R6<br/>R6,R2(#4)<br/>SWAP_OUT_MSG.SO_MM_HANDLE[2](R13),R6<br/>SWAP_OUT_MSG.SO_DBR_NO(R13),R1<br/>R8,R13<br/>PERFORM_IPC !R8: ¬COM_MSGBUF!<br/>IEVE SUCCESS_CODE FROM RETURNED MESSAGE!<br/>R0<br/>RLO,RET_SUC_CODE.SUC_CODE(R13)</pre> |
| 0160<br>0162<br>0164<br>0166<br>0168<br>0168<br>0168<br>0168<br>0168<br>0168<br>0162<br>0172<br>0174<br>0172<br>0174<br>0176<br>0178<br>0178<br>0178<br>0178<br>0178<br>0178<br>0180<br>0182<br>0184 | 3126<br>0000<br>6FD6<br>0004<br>3126<br>0002<br>6FD6<br>0006<br>3126<br>0004<br>6FD6<br>0008<br>6FD1<br>0002<br>A1D8<br>5F00<br>018C'<br>8D08<br>60D8<br>0000<br>010F | LD<br>LD<br>LD<br>LD<br>LD<br>LD<br>CALL<br>!RETR<br>CLR<br>LDB | SWAP_OUT_MSG.SO_MM_HANDLE[0](R13),R6<br>R6,R2(#2)<br>SWAP_OUT_MSG.SO_MM_HANDLE[1](R13),R6<br>R6,R2(#4)<br>SWAP_OUT_MSG.SO_MM_HANDLE[2](R13),R6<br>SWAP_OUT_MSG.SO_DBR_NO(R13),R1<br>R8,R13<br>PERFORM_IPC !R8: ¬COM_MSGBUF!<br>IEVE SUCCESS_CODE FROM RETURNED MESSAGE!<br>R0                                                        |

018A 9E08 RET 018C END MM\_SWAP\_OUT

- 300 -

.

| ة ب<br>2<br>2<br>3<br>3<br>3<br>3<br>3<br>3<br>3<br>3<br>3<br>3<br>3<br>3<br>3<br>3<br>3<br>3<br>3 | <pre>************************************</pre> | -COM_MSG(INPUT) *                                         |
|----------------------------------------------------------------------------------------------------|-------------------------------------------------|-----------------------------------------------------------|
|                                                                                                    |                                                 |                                                           |
|                                                                                                    | ENTRY                                           |                                                           |
| 018C 93FD                                                                                          | PUSH                                            | DR15,R13 I-COM_MSGBUF!                                    |
| 0190 0000*                                                                                         | LALL                                            | GET_CPU_NO !RET-R1:CPU_NO!                                |
| 0192 A112                                                                                          | TD                                              | 1 0 1                                                     |
| 0194 6121                                                                                          | מז                                              | R1,MM_CPU_TBL(R2) !MM_VP_ID!                              |
| 0196 0000                                                                                          |                                                 |                                                           |
|                                                                                                    | LDA                                             | R4,G_AST_LOCK                                             |
| 019A 0000*                                                                                         |                                                 |                                                           |
|                                                                                                    | CALL                                            | K_LOCK                                                    |
| 019E 0000*                                                                                         |                                                 | -                                                         |
| 01A0 5F00                                                                                          | CALL                                            | SIGNAL !R1: MM_VP_ID, R8: -COM_MSGBUF!                    |
| 01A2 0000*                                                                                         |                                                 |                                                           |
| 01A4 97FD                                                                                          | PO P                                            | R13, @R15                                                 |
| 01A6 A1D8                                                                                          | LD                                              | R8,R13 INCOM_MSGBUFI                                      |
| 01A8 93FD                                                                                          | PUSH                                            | R8,R13 !¬COM_MSGBUF!<br>@R15,B13<br>WAIT !R8:¬COM_MSGBUF! |
| 01AA 5F00                                                                                          | CALL                                            | WAIT : R8: -CUM_H5GBUF:                                   |
| 01AC 0000*<br>01AE 7604                                                                            | 1 D A                                           | R4,G_AST_LOCK                                             |
| 01B0 0000*                                                                                         | LDH                                             | R4,6_AST_BOOK                                             |
|                                                                                                    | CALL                                            | K_UNLOCK                                                  |
| 01B4 0000*                                                                                         | •                                               |                                                           |
| 01B6 97FD                                                                                          | POP                                             | R13, 0R15                                                 |
| 01B8 9E08                                                                                          | RET                                             |                                                           |
| O1BA END                                                                                           |                                                 | RM_IPC                                                    |
|                                                                                                    |                                                 |                                                           |

| 0.1.0.3                 |                                                                                 |
|-------------------------|---------------------------------------------------------------------------------|
| 018A                    | MM_ALLOCATE PROCEDURE<br>!******                                                |
|                         | * ALLOCATES BLOCKS OF CPU*                                                      |
|                         | * LOCAL MEMORY. EACH *                                                          |
|                         | * BLOCK CONTAINS 256 *                                                          |
|                         | * BYTES OF MEMORY. *                                                            |
|                         | *****                                                                           |
|                         | * PARAMETERS: *                                                                 |
|                         | * R3: # OF BLOCKS *                                                             |
|                         | * RETURNS: *                                                                    |
|                         | * R2: STARTING ADDR *                                                           |
|                         | * LOCAL: *                                                                      |
|                         | * R4: BLOCK POINTER *                                                           |
|                         | *****                                                                           |
|                         | ENTRY                                                                           |
|                         | ! NOTE: THIS PROCEDURE IS ONLY A STUB                                           |
|                         | OF THE ORIGINALLY DESIGNED MEMORY                                               |
|                         | ALLOCATING MECHANISM. IT IS USED                                                |
|                         | BY THE PROCESS MANAGEMENT DEMONSTRATION<br>TO ALLOCATE CPU LOCAL MEMORY FOR ALL |
|                         | MEMORY ALLOCATION REQUIREMENTS. IN AN                                           |
|                         | ACTUAL SASS ENVIRONMENT, THIS WOULD                                             |
|                         | BE BETTER SERVED TO HAVE SEPARATE                                               |
|                         | ALLOCATION PROCEDURES FOR KERNEL AND                                            |
|                         | SUPERVISOR NEEDS. (E.G., KERNEL_ALLOCATE                                        |
|                         | AND SUPERVISOR ALLOCATE). !                                                     |
|                         | ! COMPUTE SIZE OF MEMORY REQUESTED !                                            |
| 01BA B331               | SLL R3, #BLOCK SIZE                                                             |
| 01BC 0008               |                                                                                 |
|                         | ! COMPUTE OFFSET OF MEMORY THAT IS                                              |
|                         | TO BE ALLOCATED !                                                               |
| 01BE 6104               | LD R4, NEXT_BLOCK !OFFSET!                                                      |
| 01C0 0F00 •             |                                                                                 |
| 01C2 7642               | LDA R2, MEM_POOL(R4) !START ADDR!                                               |
| 01C4 0000*              |                                                                                 |
| 01C6 8134               | ADD R4, R3 !UPDATE OFFSET!                                                      |
|                         | ! UPDATE OFFSET IN SECTION OF AVAILABLE                                         |
|                         | MEMORY TO INDICATE THAT CURRENTLY                                               |
| 0100 680#               | REQUESTED MEMORY IS NOW ALLOCATED !                                             |
| 01C8 6F04               | LD NEXT_BLOCK, R4 !SAVE OFFSET!                                                 |
| 01CA 0F00"<br>01CC 9E08 | በምጥ                                                                             |
| 01CE 9E08               | RET<br>END MM_ALLOCATE                                                          |
|                         | BUD HUTETOCALE                                                                  |

| 01CE              |                                                              |
|-------------------|--------------------------------------------------------------|
| 0.02              | MM_TICKET PROCEDURE<br>!************************************ |
|                   | * RETURNS CURRENT VALUE OF *                                 |
|                   | * SEGMENT SEQUENCER AND *                                    |
|                   | * INCREMENTS SEQUENCER VALUE*                                |
|                   | * FOR NEXT TICKET OPERATION *                                |
|                   | ***************************************                      |
|                   | * PARAMETERS: *                                              |
|                   | * R1: SEG HANDLE PTR *                                       |
|                   | * RETURNS: *                                                 |
|                   | * RR4: TICKET VALUE *<br>* LOCAL VARIABLES: *                |
|                   | * LOCAL VARIABLES: *                                         |
|                   | * RR6: SEQUENCER VALUE *                                     |
|                   | * R8: G_AST ENTRY # *<br>**********************************  |
|                   | -                                                            |
|                   | ENTRY                                                        |
| 0105 0351         | ! SAVE HANDLE PTR !                                          |
| UTCE 93FT         | PUSH DR15, R1                                                |
| 0100 7604         | ! LOCK G_AST !                                               |
|                   | LDA R4, G_AST_LOCK                                           |
| 01D2 0000*        | CALL K_LOCK                                                  |
| 01D6 0000*        |                                                              |
| 0100 0000         | ! RESTORE HANDLE PTR !                                       |
| 01D8 97F1         | POP R1, DR15                                                 |
|                   | ! GET G_AST ENTRY # !                                        |
| 01DA 6118         | LD R8, MM_HANDLE.ENTRY_NO(R1)                                |
| 01DC 0004         |                                                              |
|                   | ! GET TICKET VALUE !                                         |
| 01DE 5486         | LDL RR6, G_AST.SEQUENCER(R8)                                 |
| 01E0 0014*        |                                                              |
|                   | ! SET RETURN REGISTER VALUE !                                |
| 01E2 9464         |                                                              |
|                   | ADVANCE SEQUENCER FOR NEXT                                   |
|                   | TICKET OPERATION!                                            |
| 01F# 1606         | ADDL RR6, #1                                                 |
| 01E6 0000         |                                                              |
| 01E8 0001         |                                                              |
| 0120 0001         | ! SAVE NEW SEQUENCER VALUE IN G AST !                        |
| 01EA 5D86         |                                                              |
| 01EC 0014*        |                                                              |
|                   | ! UNLOCK G_AST !                                             |
|                   | ! SAVE RETURN VALUES !                                       |
| 01EE 91F4         | PUSHL DR15, RR4                                              |
| 01F0 7604         | LDA R4, G_AST_LOCK                                           |
| 01F2 0000*        |                                                              |
|                   | CALL K_UNLOCK                                                |
| 01F6 0000*        |                                                              |
|                   | ! RETRIEVE RETURN VALUES !                                   |
|                   | POPL RR4, DR15                                               |
| 01FA 9E08<br>01FC |                                                              |
| UTEC              | END MM_TICKET                                                |

01FC MM READ EVENTCOUNT PROCEDURE \*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\* \* READS CURRENT VALUE OF THE 嵐 \* EVENTCOUNT SPECIFIED BY THE \* \* USER. \*\*\*\*\*\*\* \* \* PARAMETERS: R1: SEG HANDLE PTR \* R2: INSTANCE (EVENT #) \* \*\*\*\*\*\* \* RETURNS: \* **RR4: EVENTCOUNT VALUE** \* \* \*\*\*\*\*\* \* LOCAL VARIABLES: \* **RR6: SEQUENCER VALUE** \* \* R8: G AST ENTRY # \* × ENTRY ! SAVE INPUT PARAMETERS ! 01FC 93F1 @R15, R1 PUSH 01FE 93F2 PUSH @R15, R2 ! LOCK G\_AST ! 0200 7604 R4, G\_AST\_LOCK LDA 0202 0000\* 0204 5F00 CALL K\_LOCK 0206 0000\* **! RESTORE INPUT PARAMETERS !** 0208 97F2 POP R2, @R15 020A 97F1 POP R1, @R15 ! GET G AST ENTRY # ! 020C 6118 R8, MM\_HANDLE.ENTRY\_NO(R1) LD 020E 0004 ! READ EVENTCOUNT ! ! CHECK WHICH EVENT # ! IF R2 0210 0B02 CASE **#INSTANCE1 THEN** 0212 0001 0214 5E0E 0216 0224\* 0218 5484 LDL RR4, G\_AST.EVENT1(R8) 021A 0018\* 021C 2100 LD RO, #SUCCEEDED 021E 0002 0220 5E08 CASE **#INSTANCE2 THEN** 0222 023C! 0224 OB02 0226 0002 0228 5E0E 022A 0238' 022C 5484 LDL RR4, G AST.EVENT2(R8) 022E 001C\* 0230 2100 LD RO, #SUCCEEDED 0232 0002

| 0234          | 5E08  | ELSE !INVALID INPUT!            |
|---------------|-------|---------------------------------|
| 0236          | 023C* |                                 |
| 0238          | 2100  | LD RO, #INVALID_INSTANCE        |
| 023A          | 005F  |                                 |
|               |       | FI                              |
|               |       | ! NOTE: NO VALUE IS RETURNED IF |
|               |       | USER SPECIFIED INVALID EVENT #! |
|               |       | ! SAVE RETURN VALUES !          |
| 023C          | 91F4  | PUSHL @R15, RR4                 |
|               |       | ! UNLOCK G_AST !                |
| 02 <b>3</b> E | 7604  | LDA R4, G_AST_LOCK              |
| 0240          | 0000* |                                 |
| 0242          | 5F00  | CALL K_UNLOCK                   |
| 0244          | *0000 |                                 |
|               |       | ! RESTORE RETURN VALUES !       |
| 0246          | 95F4  | POPL RR4, DR15                  |
| 0248          | 9E08  | RET                             |
| 024A          |       | END MM_READ_EVENTCOUNT          |
|               |       |                                 |

- 305 -

| 024A                                               | <pre>MM_ADVANCE PROCEDURE '************************************</pre>                  |
|----------------------------------------------------|----------------------------------------------------------------------------------------|
| 024A 93F1<br>024C 93F2                             | ENTRY<br>! SAVE INPUT PARAMETERS !<br>PUSH @R15, R1<br>PUSH @R15, R2<br>! LOCK G_AST ! |
| 024E 7604<br>0250 0000*<br>0252 5F00<br>0254 0000* | LDA R4, G_AST_LOCK<br>CALL K_LOCK<br>! RESTORE INPUT PARAMETERS !                      |
| 0258 97F1                                          | POP R2, @R15<br>POP R1, @R15<br>! GET G_AST OFFSET !                                   |
| 025A 6114<br>025C 0004                             | LD R4, MM_HANDLE.ENTRY_NO(R1)<br>! DETERMINE INSTANCE !<br>IF R2                       |
| 025E 0B02<br>0260 0001<br>0262 5E0E<br>0264 027C   |                                                                                        |
| 0266 5442<br>0268 0018*<br>026A 1602<br>026C 0000  |                                                                                        |
| 026E 0001<br>0270 5D42                             | ! SAVE NEW EVENTCOUNT !<br>LDL G_AST.EVENT1(R4), RR2                                   |
| 0272 0018*<br>0274 2100<br>0276 0002               | LD RO, #SUCCEEDED                                                                      |
| 0278 5E08<br>027A 029E<br>027C 0B02<br>027E 0002   | CASE #INSTANCE2 THEN                                                                   |

| 0280 5E0E   |                                   |
|-------------|-----------------------------------|
| 0282 029A • |                                   |
| 0284 5442   | LDL RR2, G_AST.EVENT2(R4)         |
| 0286 001C*  |                                   |
| 0288 1602   | ADDL RR2, #1                      |
| 028A 0000   |                                   |
| 028C 0001   |                                   |
|             | I SAVE NEW EVENTCOUNT I           |
| 028E 5D42   | LDL G_AST.EVENT2 (R4), RR2        |
| 0290 001C*  |                                   |
| 0292 2100   | LD RO, #SUCCEEDED                 |
| 0294 0002   |                                   |
| 0296 5E08   | ELSE !INVALID INPUT!              |
| 0298 029E   |                                   |
|             | LD RO, #INVALID_INSTANCE          |
| 029C 005F   |                                   |
|             | FI                                |
|             | ! NOTE: AN INVALID INSTANCE VALUE |
|             | WILL NOT AFFECT EVENT DATA !      |
|             | ! UNLOCK G_AST !                  |
| 029E 7604   | LDA R4, G_AST_LOCK                |
| 02A0 0000*  |                                   |
| 02A2 5F00   | CALL K_UNLOCK                     |
| 02A4 0000*  |                                   |
| 02A6 9E08   | RET                               |
| 0288        | END MM_ADVANCE                    |
|             | END DIST_MM                       |
|             |                                   |

## Appendix D

GATE\_KEEPER LISTINGS

| 28000ASM 2.02                                                                                                                                                                                                                                                                                                                         |           |
|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------|
| LOC OBJ CODE STMT SOURCE                                                                                                                                                                                                                                                                                                              | STATEMENT |
| KERNEL_GATE_KEEPER                                                                                                                                                                                                                                                                                                                    | MODULE    |
| \$LISTON \$TTY                                                                                                                                                                                                                                                                                                                        |           |
| CONSTANT<br>ADVANCE_CALL<br>AWAIT_CALL<br>CREATE_SEG_CALL<br>DELETE_SEG_CALL<br>MAKE_KNOWN_CALL<br>READ_CALL<br>SM_SWAP_IN_CALL<br>SM_SWAP_OUT_CALL<br>TERMINATE_CALL<br>TICKET_CALL<br>WRITE_CALL<br>WRITE_CALL<br>WRITELN_CALL<br>WRITE<br>WRITELN<br>CRLF<br>MONITOR<br>REGISTER_BLOCK<br>TRAP_CODE_OFFSET<br>INVALID_KERNEL_ENTRY | := 36     |
| GLOBAL<br>GATE_KEEPER_ENTRY                                                                                                                                                                                                                                                                                                           | LABEL     |
| EXTERNAL<br>ADVANCE<br>AWAIT<br>CREATE_SEG                                                                                                                                                                                                                                                                                            |           |

- 308 -

000

|              |               | TERNAL<br>ECTION KERNEL_GATE_PROC                                 |
|--------------|---------------|-------------------------------------------------------------------|
| 0000         |               | GATE_KEEPER_MAIN PROCEDURE                                        |
|              |               | ENTRY<br>GATE_KEEPER_ENTRY:                                       |
| 0002         | 0020          |                                                                   |
|              | 010F          | LDM @R15, R1, #16<br>! SAVE NSP !                                 |
| 0008         | 9382          | PUSH @R15, R2                                                     |
| 0000         | 7n27          | LDCTL R2, NSP                                                     |
| OUUN         | 1021          | ! RESTORE INPUT REGISTERS !                                       |
| 000C         | 2DF2          | EX R2, DR15                                                       |
|              |               | ! SAVE REGISTER 2 !                                               |
| 000E         | 93F2          | PUSH DR15, R2<br>! GET SYSTEM TRAP CODE !                         |
| 00 10        | 31F2          |                                                                   |
|              | 0024          |                                                                   |
|              |               | ! REMOVE SYSTEM CALL IDENTIFIER FROM<br>SYSTEM TRAP INSTRUCTION ! |
| 0014         | 8C28          | CLRB RH2                                                          |
|              |               | ! NOTE: THIS LEAVES THE USER VISIBLE                              |
|              |               | EXTENDED INSTRUCTION NUMBER IN R2 !                               |
|              |               | ! DECODE AND EXECUTE EXTENDED INSTRUCTION !                       |
|              |               | IF R2                                                             |
|              |               | ! NOTE: THE INITIAL VALUE FOR REGISTER 2                          |
|              |               | WILL BE RESTORED WHEN THE APPROPRIATE                             |
| 0016         | 0802          | CONDITION IS FOUND !                                              |
|              | 0001          | CASE #ADVANCE_CALL THEN                                           |
| 0018<br>001A |               |                                                                   |
|              | 0028          |                                                                   |
|              | 97F2          | POP R2, DR15                                                      |
|              |               | CALL ADVANCE                                                      |
|              | *0000         |                                                                   |
|              | 5E08          | CASE #AWAIT_CALL THEN                                             |
| 0026         | 010C'         |                                                                   |
| 0028         | <b>0B02</b>   |                                                                   |
|              | 0002          |                                                                   |
|              | 5E0E          |                                                                   |
|              | 003A *        | 202 2015                                                          |
|              | 97F2          | POP R2, $\partial$ R15                                            |
|              | 5F00<br>0000* |                                                                   |
|              | 5E08          | CASE #CREATE_SEG_CALL THEN                                        |
|              | 010C'         |                                                                   |
| 003A         |               |                                                                   |
|              | 0003          |                                                                   |
|              | 5E0E          |                                                                   |
|              |               |                                                                   |

| 0042<br>0044<br>0046<br>0048<br>004A<br>004C<br>004C | *0000                                 | CALL CREATE_SEG                  |
|------------------------------------------------------|---------------------------------------|----------------------------------|
| 0 052<br>0 054<br>0 056                              | 005E<br>97F2<br>5F00<br>0000*         | POP R2, @R15<br>CALL DELETE_SEG  |
| 005A<br>005C<br>005E<br>0060                         | 5E08<br>010C<br>0B02<br>0005          | CASE #MAKE_KNOWN_CALL THEN       |
| 0064<br>0066<br>0068                                 | 5E0E<br>0070<br>97F2<br>5F00<br>0000* | POP R2, @R15<br>CALL MAKE_KNOWN  |
| 006C<br>006E<br>0070<br>0072                         | 5E08<br>010C*<br>0B02<br>0006         | CASE #READ_CALL THEN             |
| 0078<br>007a                                         | 5E0E<br>0082<br>97F2<br>5F00<br>0000* | •                                |
| 007E<br>0080<br>0082<br>0084                         | 5E08<br>010C<br>0B02<br>0007          | CASE #SM_SWAP_IN_CALL THEN       |
| 008A<br>008C                                         | 0094 <b>*</b><br>97F2                 | POP R2, DR15<br>CALL SM_SWAP_IN  |
| 0090<br>0092<br>0094<br>0096                         | 5E08<br>010C*<br>0B02<br>0008         | CASE #SM_SWAP_OUT_CALL THEN      |
| 009C<br>009E                                         | 00A6<br>97F2                          | POP R2, ØR15<br>CALL SM_SWAP_OUT |
| 00A2                                                 | 5E08<br>010C*<br>0B02<br>0009         | CASE #TERMINATE_CALL THEN        |
|                                                      |                                       |                                  |

0

| 00AC 00B8*              |                                   |
|-------------------------|-----------------------------------|
| 00AE 97F2               | POP R2, DR15                      |
| 00B0 5F00               | CALL TERMINATE                    |
| 00B2 0000*              |                                   |
| 00B4 5E08               | CASE #TICKET_CALL THEN            |
| 00B6 010C               | -                                 |
| 0088 0802               |                                   |
| 00BA 000A               |                                   |
| 00BC 5E0E               |                                   |
| OOBE OOCA'              |                                   |
| 00C0 97F2               | POP R2, DR15                      |
| 00C2 5F00<br>00C4 0000* | CALL TICKET                       |
| 00C6 5E08               |                                   |
| 0008 0100               | CASE #WRITE_CALL THEN             |
| 00CA 0B02               |                                   |
| 00CC 000B               |                                   |
| OOCE SEOE               |                                   |
| 00D0 00DC*              |                                   |
|                         | POP R2, @R15                      |
| 00D4 5F00               | CALL WRITE                        |
| 00D6 0FC8               |                                   |
| 00D8 5E08               | CASE #WRITELN_CALL THEN           |
| 00DA 010C*              |                                   |
| 00DC 0B02               |                                   |
| 00DE 000C               |                                   |
| 00E0 5E0E               |                                   |
| 00E2 00EE*              |                                   |
|                         | POP R2, @R15                      |
|                         | CALL WRITELN                      |
| 00E8 OFCO               |                                   |
| 00EC 010C*              | CASE #CRLF_CALL THEN              |
| 00EE 0B02               |                                   |
| 00F0 000D               |                                   |
| 00F2 5E0E               |                                   |
| 00F4 0100*              |                                   |
| 00F6 97F2               | POP R2, DR15                      |
| 00F8 5F00               | CALL CRLF                         |
| OOFA OFD4               |                                   |
| 00FC 5E08               | ELSE !INVALID KERNEL INVOCATION!  |
| 00FE 010C*              |                                   |
|                         | ! RETURN TO MONITOR !             |
|                         | ! NOTE: THIS RETURN TO MONITOR IS |
|                         | FOR STUB USE ONLY. AN INVALID     |
|                         | KERNEL INVOCATION WOULD NORMALLY  |
| 0100 7601               | RETURN TO USER. !<br>LDA R1, \$   |
| 0102 0100 '             | LUA RIO P                         |
| 0104 2100               | LD RO, #INVALID_KERNEL_ENTRY      |
| 0106 OBAD               | 22 COL EXCOUNTS CONCOMPACTURE     |
| 0108 5F00               | CALL MONITOR                      |
| 010A A902               |                                   |
|                         | FI                                |
|                         |                                   |

| <pre>! SAVE R1 ! 010C 93F1 PUSH @R15, R1 ! GET ADDRESS OF REGISTER BLOCK ! 010E 34F1 LDA R1, R15 (#4) 0110 0004 ! SAVE REGISTERS IN REGISTER BLOCK ! 0112 1C19 LDM @R1, R1, #16 0114 010F ! RESTORE R1 BUT MAINTAIN ADDRESS</pre>                                                                                                                                                                                                                                                                                                                                                                     |           |        | ! SAVE REGISTERS ON KERNEL STAC        | IK 1 |
|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------|--------|----------------------------------------|------|
| <pre>! GET ADDRESS OF REGISTER BLOCK !<br/>010E 34F1<br/>0110 0004<br/>! SAVE REGISTERS IN REGISTER BLOCK<br/>ON KERNEL STACK. !<br/>0112 1C19<br/>0114 010F<br/>! RESTORE R1 BUT MAINTAIN ADDRESS<br/>OF REGISTER BLOCK !<br/>0116 2DF1 EX R1, @R15<br/>! SAVE R1 ON STACK !<br/>0118 33F1 LD R15(#4), R1<br/>0118 0004<br/>! RESTORE REGISTER BLOCK ADDRESS !<br/>011C 97F1 POP R1, @R15<br/>! SAVE VALID EXIT SP VALUE !<br/>011E 33F1 LD R15(#30), R1<br/>0120 001E<br/>! EXIT KERNEL BY MEANS OF HARDWARE<br/>PREEMPT HANDLER !<br/>0122 5E08 JP KERNEL_EXIT<br/>0126 END GATE_KEEPER_MAIN</pre> |           |        | ! SAVE R1 !                            |      |
| 010E 34F1<br>0110 0004<br>! SAVE REGISTERS IN REGISTER BLOCK<br>ON KERNEL STACK. !<br>0112 1C19<br>0114 010F<br>! RESTORE R1 BUT MAINTAIN ADDRESS<br>OF REGISTER BLOCK !<br>0116 2DF1<br>EX R1, @R15<br>! SAVE R1 ON STACK !<br>0118 33F1<br>011A 0004<br>! RESTORE REGISTER BLOCK ADDRESS !<br>011C 97F1<br>POP R1, @R15<br>! SAVE VALID EXIT SP VALUE !<br>011E 33F1<br>0120 001E<br>! EXIT KERNEL BY MEANS OF HARDWARE<br>PREEMPT HANDLER !<br>0122 5E08<br>0124 0000*<br>0126<br>END GATE_KEEPER_MAIN                                                                                             | 010C      | 93F1   | PUSH @R15, R1                          |      |
| 0110 0004<br>! SAVE REGISTERS IN REGISTER BLOCK<br>ON KERNEL STACK. !<br>0112 1C19<br>0114 010F<br>! RESTORE R1 BUT MAINTAIN ADDRESS<br>OF REGISTER BLOCK !<br>0116 2DF1<br>EX R1, @R15<br>! SAVE R1 ON STACK !<br>0118 33F1<br>011A 0004<br>! RESTORE REGISTER BLOCK ADDRESS !<br>011C 97F1<br>POP R1, @R15<br>! SAVE VALID EXIT SP VALUE !<br>011E 33F1<br>0120 001E<br>! EXIT KERNEL BY MEANS OF HARDWARE<br>PREEMPT HANDLER !<br>0122 5E08<br>0124 0000*<br>0126<br>END GATE_KEEPER_MAIN                                                                                                          |           |        | ! GET ADDRESS OF REGISTER BLOCK        | 1 2  |
| <pre>! SAVE REGISTERS IN REGISTER BLOCK<br/>ON KERNEL STACK. !<br/>D112 1C19<br/>D114 010F<br/>! RESTORE R1 BUT MAINTAIN ADDRESS<br/>OF REGISTER BLOCK !<br/>D116 2DF1 EX R1, @R15<br/>! SAVE R1 ON STACK !<br/>D118 33F1 LD R15(#4), R1<br/>D11A 0004<br/>! RESTORE REGISTER BLOCK ADDRESS !<br/>D11C 97F1 POP R1, @R15<br/>! SAVE VALID EXIT SP VALUE !<br/>D11E 33F1 LD R15(#30), R1<br/>D120 001E<br/>! EXIT KERNEL BY MEANS OF HARDWARE<br/>PREEMPT HANDLER !<br/>D122 5E08<br/>D124 0000*<br/>D126 END GATE_KEEPER_MAIN</pre>                                                                   | 010E      | 34 P 1 | LDA R1, R15 (#4)                       |      |
| ON KERNEL STACK. !<br>D112 1C19<br>D114 010F<br>! RESTORE R1 BUT MAINTAIN ADDRESS<br>OF REGISTER BLOCK !<br>D116 2DF1<br>EX R1, @R15<br>! SAVE R1 ON STACK !<br>D118 33F1<br>D11A 0004<br>! RESTORE REGISTER BLOCK ADDRESS !<br>POP R1, @R15<br>! SAVE VALID EXIT SP VALUE !<br>D11E 33F1<br>D120 001E<br>! EXIT KERNEL BY MEANS OF HARDWARE<br>PREEMPT HANDLER !<br>D122 5E08<br>D124 0000*<br>D126 END GATE_KEEPER_MAIN                                                                                                                                                                             | 0110      | 0004   |                                        |      |
| 0112 1C19<br>0114 010F<br>! RESTORE R1 BUT MAINTAIN ADDRESS<br>OF REGISTER BLOCK !<br>0116 2DF1<br>EX R1, @R15<br>! SAVE R1 ON STACK !<br>0118 33F1<br>0118 0004<br>! RESTORE REGISTER BLOCK ADDRESS !<br>011C 97F1<br>0112 33F1<br>0112 33F1<br>0120 001E<br>! EXIT KERNEL BY MEANS OF HARDWARE<br>PREEMPT HANDLER !<br>0122 5E08<br>0124 0000*<br>0126<br>END GATE_KEEPER_MAIN                                                                                                                                                                                                                      |           |        | <b>!</b> SAVE REGISTERS IN REGISTER BI | JCK  |
| 0114 010F<br>! RESTORE R1 BUT MAINTAIN ADDRESS<br>OF REGISTER BLOCK !<br>0116 2DF1<br>EX R1, @R15<br>! SAVE R1 ON STACK !<br>0118 33F1<br>0118 33F1<br>0110 97F1<br>POP R1, @R15<br>! SAVE VALID EXIT SP VALUE !<br>011E 33F1<br>0120 001E<br>! EXIT KERNEL BY MEANS OF HARDWARE<br>PREEMPT HANDLER !<br>0122 5E08<br>0124 0000*<br>0126<br>END GATE_KEEPER_MAIN                                                                                                                                                                                                                                      |           |        | ON KERNEL STACK. !                     |      |
| 0114 010F<br>! RESTORE R1 BUT MAINTAIN ADDRESS<br>OF REGISTER BLOCK !<br>0116 2DF1<br>EX R1, @R15<br>! SAVE R1 ON STACK !<br>0118 33F1<br>0118 33F1<br>0110 97F1<br>POP R1, @R15<br>! SAVE VALID EXIT SP VALUE !<br>011E 33F1<br>0120 001E<br>! EXIT KERNEL BY MEANS OF HARDWARE<br>PREEMPT HANDLER !<br>0122 5E08<br>0124 0000*<br>0126<br>END GATE_KEEPER_MAIN                                                                                                                                                                                                                                      | 0112      | 1019   | LDM @R1, R1, #16                       |      |
| <pre>! RESTORE R1 BUT MAINTAIN ADDRESS<br/>OF REGISTER BLOCK !<br/>0116 2DF1 EX R1, @R15<br/>! SAVE R1 ON STACK !<br/>0118 33F1 LD R15(#4), R1<br/>011A 0004<br/>! RESTORE REGISTER BLOCK ADDRESS !<br/>011C 97F1 POP R1, @R15<br/>! SAVE VALID EXIT SP VALUE !<br/>011E 33F1 LD R15(#30), R1<br/>0120 001E<br/>! EXIT KERNEL BY MEANS OF HARDWARE<br/>PREEMPT HANDLER !<br/>0122 5E08 JP KERNEL_EXIT<br/>0126 END GATE_KEEPER_MAIN</pre>                                                                                                                                                             |           |        |                                        |      |
| OF REGISTER BLOCK !<br>0116 2DF1 EX R1, @R15<br>! SAVE R1 ON STACK !<br>0118 33F1 LD R15(#4), R1<br>011A 0004<br>! RESTORE REGISTER BLOCK ADDRESS !<br>011C 97F1 POP R1, @R15<br>! SAVE VALID EXIT SP VALUE !<br>011E 33F1 LD R15(#30), R1<br>0120 001E<br>! EXIT KERNEL BY MEANS OF HARDWARE<br>PREEMPT HANDLER !<br>0122 5E08 JP KERNEL_EXIT<br>0124 0000*<br>0126 END GATE_KEEPER_MAIN                                                                                                                                                                                                             |           |        | ! RESTORE R1 BUT MAINTAIN ADDRE        | ess  |
| <pre>! SAVE R1 ON STACK !<br/>0118 33F1<br/>011A 0004<br/>! RESTORE REGISTER BLOCK ADDRESS !<br/>011C 97F1<br/>011E 33F1<br/>0120 001E<br/>! EXIT KERNEL BY MEANS OF HARDWARE<br/>PREEMPT HANDLER !<br/>0122 5E08<br/>0124 0000*<br/>0126<br/>END GATE_KEEPER_MAIN</pre>                                                                                                                                                                                                                                                                                                                              |           |        |                                        |      |
| <pre>! SAVE R1 ON STACK !<br/>0118 33F1<br/>011A 0004<br/>! RESTORE REGISTER BLOCK ADDRESS !<br/>011C 97F1<br/>011E 33F1<br/>0120 001E<br/>! EXIT KERNEL BY MEANS OF HARDWARE<br/>PREEMPT HANDLER !<br/>0122 5E08<br/>0124 0000*<br/>0126<br/>END GATE_KEEPER_MAIN</pre>                                                                                                                                                                                                                                                                                                                              | 0116      | 2DF1   | EX R1. aR15                            |      |
| 0118 33F1<br>011A 0004<br>! RESTORE REGISTER BLOCK ADDRESS !<br>011C 97F1<br>011E 33F1<br>0120 001E<br>! EXIT KERNEL BY MEANS OF HARDWARE<br>PREEMPT HANDLER !<br>0122 5E08<br>0124 0000*<br>0126<br>END GATE_KEEPER_MAIN                                                                                                                                                                                                                                                                                                                                                                             | • • • • • |        |                                        |      |
| 011A 0004<br>! RESTORE REGISTER BLOCK ADDRESS !<br>011C 97F1<br>POP R1, DR15<br>! SAVE VALID EXIT SP VALUE !<br>011E 33F1<br>0120 001E<br>! EXIT KERNEL BY MEANS OF HARDWARE<br>PREEMPT HANDLER !<br>0122 5E08<br>0124 0000*<br>0126<br>END GATE_KEEPER_MAIN                                                                                                                                                                                                                                                                                                                                          | 0118      | 33P1   |                                        |      |
| <pre>! RESTORE REGISTER BLOCK ADDRESS ! 011C 97F1 POP R1, DR15 ! SAVE VALID EXIT SP VALUE ! 011E 33F1 LD R15(#30), R1 0120 001E ! EXIT KERNEL BY MEANS OF HARDWARE PREEMPT HANDLER ! 0122 5E08 JP KERNEL_EXIT 0124 0000* 0126 END GATE_KEEPER_MAIN</pre>                                                                                                                                                                                                                                                                                                                                              |           |        |                                        |      |
| 011C 97F1 POP R1, DR15<br>! SAVE VALID EXIT SP VALUE !<br>011E 33F1 LD R15(#30), R1<br>0120 001E<br>! EXIT KERNEL BY MEANS OF HARDWARE<br>PREEMPT HANDLER !<br>0122 5E08 JP KERNEL_EXIT<br>0124 0000*<br>0126 END GATE_KEEPER_MAIN                                                                                                                                                                                                                                                                                                                                                                    | 0.1.17    | 0004   | I RESTORE REGISTER BLOCK ADDRES        | S 1  |
| <pre>! SAVE VALID EXIT SP VALUE ! 0 11E 33F1 0 120 001E ! EXIT KERNEL BY MEANS OF HARDWARE PREEMPT HANDLER ! 0 122 5E08 0 124 0000* 0 126 END GATE_KEEPER_MAIN</pre>                                                                                                                                                                                                                                                                                                                                                                                                                                  | 0110      | 9781   |                                        |      |
| 0 11E 33F1 LD R 15 (#30), R1<br>0 120 001E<br>! EXIT KERNEL BY MEANS OF HARDWARE<br>PREEMPT HANDLER !<br>0 122 5E08 JP KERNEL_EXIT<br>0 124 0000*<br>0 126 END GATE_KEEPER_MAIN                                                                                                                                                                                                                                                                                                                                                                                                                       | 0110      | 5711   |                                        |      |
| 0120 001E<br>! EXIT KERNEL BY MEANS OF HARDWARE<br>PREEMPT HANDLER !<br>0122 5E08 JP KERNEL_EXIT<br>0124 0000*<br>0126 END GATE_KEEPER_MAIN                                                                                                                                                                                                                                                                                                                                                                                                                                                           | 0112      | 2221   |                                        |      |
| ! EXIT KERNEL BY MEANS OF HARDWARE<br>PREEMPT HANDLER !<br>0122 5E08 JP KERNEL_EXIT<br>0124 0000*<br>0126 END GATE_KEEPER_MAIN                                                                                                                                                                                                                                                                                                                                                                                                                                                                        |           |        |                                        |      |
| PREEMPT HANDLER !<br>0122 5E08 JP KERNEL_EXIT<br>0124 0000*<br>0126 END GATE_KEEPER_MAIN                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              | 0120      | OUTE   | I FYTE VEDNEL DV NENNC OF UNDI         |      |
| 0122 5E08 JP KERNEL_EXIT<br>0124 0000*<br>0126 END GATE_KEEPER_MAIN                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   |           |        |                                        | ARE  |
| 0124 0000*<br>0126 END GATE_KEEPER_MAIN                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               | 0 4 2 2   | 5 70 0 |                                        |      |
| 0126 END GATE_KEEPER_MAIN                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |           |        | JP KERNEL_EXIT                         |      |
|                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       |           |        |                                        |      |
| END KERNEL_GATE_KEEPER                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                | 0126      |        |                                        |      |
|                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       |           | ENI    | KERNEL_GATE_KEEPER                     |      |

- 312 -

Z8000ASM 2.02 LOC OBJ CODE STMT SOURCE STATEMENT USER\_GATE MODULE \$LISTON \$TTY CONSTANT ADVANCE\_CALL := 1 AWAIT\_CALL := 2 CREATE\_SEG\_CALL := 3 DELETE\_SEG\_CALL := 4

| DDDDTD_200_CKPF  | . – | 4  |
|------------------|-----|----|
| MAKE_KNOWN_CALL  | :=  | 5  |
| R EAD_CALL       | :=  | 6  |
| SM_SWAP_IN_CALL  | :=  | 7  |
| SM_SWAP_OUT_CALL | :=  | 8  |
| TERMINATE_CALL   | :=  | 9  |
| TICKET_CALL      | ; = | 10 |
| WRITE_CALL       | :=  | 11 |
| WRITELN_CALL     | :=  | 12 |
| CRLF_CALL        | :=  | 13 |
|                  |     |    |

## GLOBAL

\$SECTION USER\_GATE\_PROC

| 0000 |                      | A D VA NCE       PROCEDURE         ! ************************************                                             |
|------|----------------------|-----------------------------------------------------------------------------------------------------------------------|
|      | <b>7</b> F01<br>9E08 | ENTRY<br>SC #ADVANCE_CALL<br>RET<br>END ADVANCE                                                                       |
| 0004 |                      | AWAIT PROCEDURE<br>!********                                                                                          |
|      |                      | <pre>* PARAMETERS: * * R1:SEGMENT # * R2:INSTANCE * * RR4:SPECIFIED VALUE * ***********************************</pre> |
|      | 7f02<br>9e08         | SC #AWAIT_CALL                                                                                                        |

| 8000              | CREATE_SEG PROCEDURE                               |
|-------------------|----------------------------------------------------|
|                   | *****                                              |
|                   | * PARAMETERS: *<br>* R1:MENTOR_SEG_NO *            |
|                   | * R2:ENTRY_NO *                                    |
|                   | * R3:SIZE *                                        |
|                   | * RR4:CLASS *                                      |
|                   | ******                                             |
|                   | * RETURNS: *                                       |
|                   | * R0:SUCCESS CODE *                                |
|                   | ENTRY                                              |
| 0008 7F03         | SC #CREATE_SEG_CALL                                |
| 000A 9E08         |                                                    |
| 000C              | END CREATE_SEG                                     |
| 000 <b>C</b>      | DELETE_SEG PROCEDURE                               |
|                   | *******                                            |
|                   | * PARAMETERS: *                                    |
|                   | * R1:MENTOR_SEG_NO *                               |
|                   | * R1:MENTOR_SEG_NO *<br>* R2:ENTRY_NO *<br>******* |
|                   | * RETURNS: *                                       |
|                   | * RO:SUCCESS CODE *                                |
|                   | ******                                             |
|                   | ENTRY                                              |
| 000C 7F04         | SC #DELETE_SEG_CALL                                |
| 000E 9E08<br>0010 | END DELETE_SEG                                     |
| 0010              |                                                    |
| 0010              | MAKE_KNOWN PROCEDURE                               |
|                   | ! ************************************             |
|                   | * R1:MENTOR_SEG_NO *                               |
|                   | * R2:ENTRY_NO *                                    |
|                   | * R3:ACCESS DESIRED *                              |
|                   | *****                                              |
|                   | * RETURNS: *                                       |
|                   | * RO:SUCCESS CODE *<br>* R1:SEGMENT * *            |
|                   | * R2:ACCESS ALLOWED *                              |
|                   | *******                                            |
|                   | ENTRY                                              |
| 0010 7F05         | SC #MAKE_KNOWN_CALL                                |
| 0012 9E08<br>0014 | RET<br>END MAKE_KNOWN                              |
|                   |                                                    |
| 0014              | READ PROCEDURE                                     |
|                   | **************************************             |
|                   | * PARAMETERS: *<br>* R1:SEGMENT # *                |
|                   | * R2:INSTANCE *                                    |
|                   | ******                                             |
|                   |                                                    |

- 314 -

|       |               | * RETURNS: *                                                                               |
|-------|---------------|--------------------------------------------------------------------------------------------|
|       |               | * RO:SUCCESS CODE *                                                                        |
|       |               | * RR4: EV ENTCOUNT * ***********************************                                   |
|       |               | ENTRY                                                                                      |
| 0014  | 7 <b>F</b> 06 |                                                                                            |
|       | 9E08          | RET                                                                                        |
| 0018  |               | END READ                                                                                   |
|       |               |                                                                                            |
| 0018  |               | SM_SWAP_IN PROCEDURE<br>!************************************                              |
|       |               | * PARAMETERS: *                                                                            |
|       |               | * R1:SEGMENT # *                                                                           |
|       |               | *******                                                                                    |
|       |               | * RETURNS: ÷                                                                               |
|       |               | * RO:SUCCESS CODE *                                                                        |
|       |               | ** *******                                                                                 |
| 0.010 | 7807          | ENTRY                                                                                      |
|       | 7F07<br>9E08  |                                                                                            |
| 001A  | 9500          | END SM_SWAP IN                                                                             |
| 0010  |               |                                                                                            |
| 001C  |               | SM_SWAP_OUT PROCEDURE                                                                      |
|       |               | <b>***</b> *********************************                                               |
|       |               | * PARAMETERS: *                                                                            |
|       |               | * R1:SEGMENT # *                                                                           |
|       |               | * RETURNS: *                                                                               |
|       |               | * RO:SUCCESS CODE *                                                                        |
|       |               | ******                                                                                     |
|       |               | ENTRY                                                                                      |
|       | <b>7F</b> 08  |                                                                                            |
|       | 9E08          |                                                                                            |
| 0020  |               | END SM_SWAP_OUT                                                                            |
| 0020  |               | TERMINATE PROCEDURE                                                                        |
|       |               | ****                                                                                       |
|       |               | * PARAMETERS: *                                                                            |
|       |               | * R1:SEGMENT # *                                                                           |
|       |               | * DDUC:<br>************************************                                            |
|       |               | * RETURNS: *<br>* RO:SUCCESS CODE *                                                        |
|       |               | *******                                                                                    |
|       |               | ENTRY                                                                                      |
| 0020  | 7F09          | SC #TERMINATE_CALL                                                                         |
| 0022  | 9509          | RET                                                                                        |
| 0024  | 9500          |                                                                                            |
| 0024  | 9200          | END TERMINATE                                                                              |
|       | 9200          | END TERMINATE                                                                              |
| 0024  | 9200          | END TERMINATE                                                                              |
|       | 9E00          | END TERMINATE<br>TICKET PROCEDURE                                                          |
|       | 9E03          | END TERMINATE         TICKET       PROCEDURE         !************************************ |
|       | 9E00          | END TERMINATE         TICKET       PROCEDURE         !************************************ |
|       | JE00          | END TERMINATE         TICKET       PROCEDURE         !************************************ |

| 0026 | 9E08 | <pre>* R0:SUCCESS CODE * * RR4:TICKET VALUE * ***********************************</pre> |
|------|------|-----------------------------------------------------------------------------------------|
| 0028 |      | WRITE PROCEDURE<br>ENTRY                                                                |
| 002A | 9E08 | SC #WRITE_CALL<br>RET<br>END WRITE                                                      |
| 002C |      | WRITELN PROCEDURE<br>ENTRY                                                              |
|      | 9E08 | SC #WRITELN_CALL<br>RET<br>END WRITELN                                                  |
| 0030 |      | CRLF PROCEDURE<br>ENTRY                                                                 |
|      | 9E08 | SC #CRLF_CALL<br>RET<br>END CRLF                                                        |

- 316 -

#### Appendix E

# BOOTSTRAP\_LOADER LISTINGS

Z8000ASM 2.02 LOC OBJ CODE STMT SOURCE STATEMENT

BOOTSTRAP\_LOADER MODULE

\$LISTON \$TTY CONSTANT

TYPE

: \*\*\*\*\*\*\* SYSTEM PARAMETERS \*\*\*\*\*\*\* ! NR\_CPU := 2 := NR\_CPU\*4 NR\_VP NR AVAIL VP := NR CPU\*2 MAX\_DBR\_NR := 10 STACK SEG := 1 STACK\_SEG\_SIZE := %100 STACK\_BLOCK := STACK\_SEG\_SIZE/256 ! \* \* OFFSETS IN STACK SEG \* \* ! STACK\_BASE := STACK\_SEG\_SIZE-%10 STATUS\_REG\_BLOCK: = STACK\_SEG\_SIZE-%10 INTERRUPT FRAME := STACK\_BASE-4 INTERRUPT\_REG := INTERRUPT\_FRAME-34 := INTERRUPT\_REG-2 N\_S\_P := STACK SEG SIZE-%E F\_C\_W ! \*\*\*\*\* SYSTEM CONSTANTS \*\*\*\*\* ! ON := %FFFF := 0 OFF := 1 READY := %FFFF NIL INVALID := %EEEE := %5000 KERNEL FCW AVAILABLE := 0 := %FF ALLOCATED := 12 SC OFFSET

MESSAGE ARRAY [16 BYTE] ADDRESS WORD MM\_VP\_ID WORD VP\_INDEX INTEGER MSG\_INDEX INTEGER

- 317 -

MSG TABLE RECORD [ MSG MESSAGE SENDER VP\_INDEX NEXT MSG MSG\_INDEX ARRAY [5, WORD] FILLER 1 VP TABLE RECORD DBR ADDRESS ſ PRI WORD STATE WORD IDLE FLAG WORD PREEMPT WORD PHYS PROCESSOR WORD NEXT\_READY\_VP VP\_INDEX MSG\_LIST MSG\_INDEX WORD EXT ID FILLER\_1 ARRAY[ 7, WORD] ] EXTERNAL GET\_DBR\_ADDR PROCEDURE CREATE STACK PROCEDURE LIST\_INSERT PROCEDURE ALLOCATE\_MMU PROCEDURE UPDATE MMU IMAGE PROCEDURE MM ALLOCATE PROCEDURE MM\_ENTRY LABEL IDLE ENTRY LABEL PREEMPT\_RET LABEL BOOTSTRAP\_ENTRY LABEL GATE\_KEEPER\_ENTRY LABEL NEXT\_BLOCK WORD MM\_CPU\_TBL ARRAY[NR\_CPU MM\_VP\_ID] VPT RECORD [ LOCK WORD RUNNING\_LIST ARRAY[NR\_CPU WORD] READY\_LIST ARRAY[NR\_CPU WORD] FREE\_LIST MSG\_INDEX VIRT INT VEC ARRAY 1. ADDRESS ] FILLER\_2 WORD VP ARRAY [NR\_VP, VP\_TABLE] MSG\_Q ARRAY [NR\_VP, MSG\_TABLE] 1

EXT\_VP\_LIST ARRAY[NR\_AVAIL\_VP WORD] NEXT\_AVAIL\_MMU ARRAY[MAX\_DBR\_NR BYTE]

PRDS RECORD [PHYS\_CPU\_ID WORD LOG\_CPU\_ID INTEGER VP\_NR WORD IDLE\_VP VP\_INDEX]

INTERNAL \$SECTION LOADER\_DATA

- ! NOTE: THESE DECLARATIONS WILL NOT WORK IN A TRUE MULTIPROCESSOR ENVIRONMENT AS THEY ARE SUBJECT TO A "CALL." THEY MUST BE DECLARED AS A SHARED GLOBAL DATABASE WITH "RACE" PROTECTION (E.G., LOCK). !
- 0000 NEXT\_AVAIL\_VP INTEGER
- 0002 NEXT\_EXT\_VP INTEGER

- 319 -

|                         | N LOADER_INT                                                 |
|-------------------------|--------------------------------------------------------------|
|                         | CENAL DECODENDE                                              |
| 0000                    | BOOTSTRAP PROCEDURE<br>!************************************ |
|                         | * CREATES KERNEL PROCESSES AND *                             |
|                         | * INITIALIZES KERNEL DATABASES.*                             |
|                         | * INCLUDES INITIALIZATION OF *                               |
|                         | * VIRTUAL PROCESSOR TABLE, *                                 |
|                         | * EXTERNAL VP LIST, AND MMU *                                |
|                         | * IMAGES. ALLOCATES MMU IMAGE *                              |
|                         | * AND CREATES KERNEL DOMAIN *                                |
|                         | * STACK FOR KERNEL PROCESSES. *<br>*********                 |
|                         | **********************************                           |
|                         | ENTRY                                                        |
|                         | ! INITIALIZE PRDS AND MMU POINTER !                          |
|                         | ! NOTE: THE FOLLOWING CONSTANTS ARE                          |
|                         | ONLY TO BE INITIALIZED ONCE. THIS                            |
| 0000 000                | WILL OCCUR DURING SYSTEM INITIALIZATION!                     |
| 0000 4D05<br>0002 0000* | LD PRDS.PHYS_CPU_ID, #%FFFF                                  |
| 0002 00007<br>0004 FFFF |                                                              |
| 0004 1111               | ! NOTE: LOGICAL CPU NUMBERS ARE ASSIGNED                     |
|                         | IN INCREMENTS OF 2 TO FACILITATE INDEXING                    |
|                         | (OFFSETS) INTO LISTS SUBSCRIPTED BY                          |
|                         | LOGICAL CPU NUMBER. !                                        |
| 0006 4D05               | LD PRDS.LOG_CPU_ID, #2                                       |
| 0008 0002*              |                                                              |
| 000A 0002               | ! SPECIFY NUMBER OF VIRTUAL PROCESSORS                       |
|                         | ASSOCIATED WITH PHYSICAL CPU. !                              |
| 000C 4D05               | LD PRDS. VP_NR, #2                                           |
| 000E 0004*              |                                                              |
| 0010 0002               |                                                              |
| 0012 4D08               | CLR NEXT_BLOCK                                               |
| 0014 0000*              |                                                              |
| 0016 4008               | CLR NEXT_AVAIL_VP                                            |
| 0018 0000*              |                                                              |
| 001A 4D08<br>001C 0002* | CLR NEXT_EXT_VP                                              |
|                         | ! ESTABLISH GATE KEEPER AS SYSTEM CALL                       |
|                         | TRAP HANDLER !                                               |
|                         | ! GET BASE OF PROGRAM STATUS AREA !                          |
| 001E 7D15               | LDCTL R1, PSAP                                               |
|                         | ! ADD SYSTEM CALL OFFSET TO PSA BASE ADDR !                  |
| 0020 0101               | ADD R1, #SC_OFFSET                                           |
| 0022 000C               |                                                              |
|                         | ! STORE KERNEL PCW IN PSA !                                  |
| 0024 0D15               | LD @R1, #KERNEL_FCW                                          |
| 0026 5000               |                                                              |
|                         | STORE ADDRESS OF GATE KEEPER IN PROGRAM                      |
| 0028 A911               | STATUS AREA AS SYSTEM TRAP HANDLER !                         |
| UUZO AJII               | INC R1, #2                                                   |
|                         |                                                              |

002A 0D15 LD OR1, #GATE\_KEEPER\_ENTRY 002C 0000\* 002E 8D18 CLR R1 ! NEXT\_AVAIL\_MMU INDEX ! ! INITIALIZE ALL MMU IMAGES AS AVAILABLE ! SET\_MMU\_MAP: DO 0030 4C15 LDB NEXT\_AVAIL\_MMU(R1), #AVAILABLE 0032 0000\* 0034 0000 0036 A910 INC R1, #1 ! CHECK FOR END OF TABLE ! 0038 0B01 CP R1, #MAX DBR NR 003A 000A 003C 5E0E IF EQ THEN EXIT FROM SET\_MMU\_MAP FI 003E 0044\* 0040 5E08 0042 0046\* 0044 E8F5 OD ! CREATE MEMORY MANAGER PROCESS ! 0046 2103 LD R3, #STACK\_BLOCK 0048 0001 ! ALLOCATE AND INITIALIZE KERNEL DOMAIN STACK SEGMENT ! 004A 5F00 CALL MM ALLOCATE 183: # OF BLOCKS 004C 0000\* RETURNS R2: START ADDR! 004E A121 LD R1, R2 0050 2103 LD R3, #KERNEL\_FCW 0052 5000 0054 7604 R4, HM\_ENTRY LDA 0056 0000\* 0058 6105 LD R5, %FFFF INSP! 005A FFFF 005C 7606 R6, PREEMPT\_RET LDA 005E 0000\* 0060 93F1 PUSH OR15, R1 ISAVE STACK ADDR! 0062 030F SUB R15, #8 0064 0008 0066 1CF9 @R15, R3, #4 LDM 0068 0303 R0, R15 006A A1F0 LD I NOTE: ARGLIST FOR CREATE\_STACK INCLUDES KERNEL\_PCW, INITIAL IC, NSP, AND INITIAL RETURN POINT. ! 006C 5F00 CALL CREATE\_STACK ! (RO: ARGUMENT PTR 006E 0000\* R1: TOP OF STACK R2-R14: INITIAL REG.STATES !

R15, #8 !OVERLAY ARGUMENTS! 0070 010F ADD 0072 0008 ! ALLOCATE MMU IMAGE ! CALL ALLOCATE\_MMU 0074 5F00 !RETURNS: 0076 0000\* (RO: DBR #) ! 0078 2101 R1, #STACK SEG I SEGMENT NO. ! LD 007A 0001 007C 97F2 POP R2. ØR15 !GET STACK ADDR! 007E 2103 R3, #0 ! WRITE ATTRIBUTE ! LD 0080 0000 ! SPECIFY NUMBER OF BLOCKS. COUNT STARTS FROM ZERO. (I.E., 1 BLOCK=0, 2=1, ETC.)! R4, #STACK\_BLOCK-1 0082 2104 LD 0084 0000 I SAVE DBR # ! 0086 93F0 @R15, R0 PUSH I CREATE MMU ENTRY FOR MM STACK SEGMENT ! 0088 5F00 UPDATE\_MMU\_IMAGE !(RO: DBR # CALL \*0000 A800 R1: SEGMENT # R2: SEG ADDRESS **R3:** SEG ATTRIBUTES R4: SEG LIMITS) ! ! RESTORE DBR # ! 008C 97F0 POP RO, @R15 ! GET ADDRESS OF MMU INAGE ! 008E 5F00 CALL GET DBR ADDR ! (RO: DBR #) 0090 0000\* **RETURNS:** (R1: DBR ADDRESS) ! ! PREPARE VP TABLE ENTRIES FOR MM ! R2, #2 ! FRIORITY ! 0092 2102 LD 0094 0002 0096 2105 LD R5, #OFF ! PREEMPT ! 0008 0000 009A 2106 R6, #OFF ! KERNEL PROCESS ! LD 009C 0000 ! UPDATE VPT ! 009E 5F00 CALL UPDATE\_VP\_TABLE ! (R1: DBR 00A0 01CA\* R2: PRIORITY **R5: PREEMPT FLAG** R6: EXT\_VP FLAG) **RETURNS:** R9: VP ID ! ! INITIALIZE MM\_CPU\_TBL IN DISTRIBUTED MEMORY MANAGER WITH VP ID OF HM PROCESS ! ! GET LOGICAL CPU # ! 00A2 610A LD R10, PRDS.LOG CPU ID 00A4 0002\*

LD MM\_CPU\_TBL (R10), R9 00A6 6FA9 \*0000 8A00 ! CREATE IDLE PROCESS ! 00AA 2103 LD R3, #STACK BLOCK 00AC 0001 00AE 5F00 CALL MM\_ALLOCATE !R3: # OF BLOCKS 00B0 0000\* RETURNS R2: START ADDR! 00B2 A121 LD R1, R2 00B4 2103 LD R3, #KERNEL FCW 0086 5000 00B8 7604 LDA R4, IDLE\_ENTRY 00BA 0000\* 00BC 2105 LD R5, #%FFFF !NSP! OOBE FFFF 00C0 7606 LDA R6, PREEMPT\_RET 00C2 0000\* 00C4 93F1 PUSH OR15, R1 ISAVE STACK ADDR! 00C6 030F SUB R15, #8 00C8 0008 00CA 1CF9 LDM @R15, R3, #4 00CC 0303 LD RO, R15 OOCE A1FO ! INITIALIZE IDLE STACK VALUES ! 00D0 5F00 CALL CREATE\_STACK ! (RO: ARGUMENT PTR 00D2 0000\* R1: TOP OF STACK R2-R14: INITIAL REG. STATES ! 00D4 010F ADD R15, #8 !OVERLAY ARGUMENTS! 00D6 0008 ! ALLOCATE MMU IMAGE FOR IDLE PROCESS ! 00D8 5F00 CALL ALLOCATE\_MMU ! RETURNS RO:DBR # ! 00DA 0000\* ! PREPARE IDLE PROCESS MMU ENTRIES ! LD R1, #STACK SEG ! SEG # ! 00DC 2101 00DE 0001 POP R2, ØR15 !GET STACK ADDR! 00E0 97F2 R3, #0 I WRITE ATTRIBUTE ! 00E2 2103 LD 00E4 0000 R4, #STACK\_BLOCK-1 ! BLOCK LIMITS ! 00E6 2104 LD 00E8 0000 I SAVE DBR # ! 00EA 93F0 @R15, R0 PUSH : CREATE MMU IMAGE ENTRY ! CALL UPDATE\_MMU\_IMAGE !(R1: SEGMENT # 00EC 5F00 00EE 0000\* R2: SEG ADDRESS **R3: SEG ATTRIBUTES** 

R4: SEG LIMITS ) ! ! RESTORE DBR # ! 00F0 97F0 POP RO, @R15 I GET MMU ADDRESS ! GET\_DBR\_ADDR ! (RO: DBR #) 00F2 5F00 CALL 00F4 0000\* RETURNS (R1: DBR ADDRESS) ! ! PREPARE VPT ENTRIES FOR IDLE PROCESS ! 00F6 2102 LD R2, #0 ! PRIORITY ! 00F8 0000 00FA 2105 R5, #OFF ! PREEMPT ! LD 00FC 0000 00FE 2106 LD R6. #OFF I KERNEL PROC ! 0100 0000 ! CREATE VPT ENTRIES ! UPDATE\_VP\_TABLE ! (R1: DBR 0102 5F00 CALL 0104 01CA\* R2: PRIORITY **R4: IDLE FLAG R5: PREEMPT** R6: EXT\_VP FLAG) **RETURNS:** R9: VP ID ! ! ENTER VP ID OF IDLE PROCESS IN PRDS ! 0106 6F09 LD PRDS.IDLE VP, R9 0108 0006\* ! INITIALIZE IDLE VP'S ! 010A 2102 LD R2, #1 ! PRIORITY ! 010C 0001 010E 2105 R5, #ON LD ! PREEMPT ! 0110 FFFF 0112 2106 LD R6, #ON INON-KERNEL PROCI 0114 FFFF 0116 6100 LD RO, PRDS. VP\_NR 0118 0004\* ! INITIALIZE VP VALUES ! DO 011A 5F00 CALL UPDATE\_VP\_TABLE !(R1: DBR 011C 01CA. R2: PRIORITY R4: IDLE FLAG R5: PREEMPT R6: EXT\_VP FLAG) **RETURNS:** R9: VP ID ! 011E AB00 DEC RO, #1 0120 0B00 CP RO, #0 0122 0000 0124 SEOE IF EQ !ALL VP'S INITIALIZED! THEN 0126 012C' 0128 5E08 EXIT

| 012A                 | 012E*                          |                                                                                                |
|----------------------|--------------------------------|------------------------------------------------------------------------------------------------|
| 012C                 | E8F6                           | FI<br>OD                                                                                       |
|                      | 6102                           | ! INITILIZE VPT HEADER !<br>! GET LOGICAL CPU NUMBER !<br>LD R2, PRDS.LOG_CPU_ID               |
| 0132                 | 0002*<br>4D05<br>0000*<br>0000 | LD VPT.LOCK, #OFF                                                                              |
| 0138<br>013A<br>013C | 0002*                          | LD VPT.RUNNING_LIST(R2), #NIL                                                                  |
| 013E                 | 4D25<br>0006*                  | LD VPT.READY_LIST(R2), #NIL                                                                    |
| 0144                 | 4D08<br>000A*                  | CLR VPT.FREE_LIST !HEAD OF MSG LIST!                                                           |
| 0148                 | !<br>8D28                      | THREAD VP'S BY PRIORITY AND SET STATES TO READY !CLRR2R2!START WITH VP #1!                     |
|                      |                                | THREAD:<br>DO                                                                                  |
|                      | 610D<br>0002*                  | LD R13, PRDS.LOG_CPU_ID                                                                        |
| 014E<br>0150         | 76D3<br>0006*                  | LDA R3, VPT. READY_LIST (R13)                                                                  |
| 0152                 |                                | LDA R4, VPT. VP.NEXT_READY_VP                                                                  |
| 0156                 |                                | LDA R5, VPT. VP.PRI                                                                            |
| 0154                 |                                | LDA R6, VPT. VP.STATE                                                                          |
| 015E<br>0160         | 2107                           | LD R7, #READY                                                                                  |
|                      |                                | ! SAVE OBJ ID !                                                                                |
|                      | 93F2<br>5F00                   | PUSH @R15, R2<br>CALL LIST_INSERT !R2: OBJ ID                                                  |
|                      | 0000*                          |                                                                                                |
|                      |                                | R3: LIST_HEAD_PTR ADDR<br>R4: NEXT_OBJ PTR<br>R5: PRIORITY_PTR<br>R6: STATE_PTR<br>R7: STATE ! |
|                      |                                | ! RESTORE OBJ ID !                                                                             |
|                      | 97F2                           | POP R2, @R15                                                                                   |
|                      | 0102<br>0020                   | ADD R2, #SIZEOF VP_TABLE                                                                       |
| 016E                 | <b>0</b> B02                   | CP R2, # (NR_VP * (SIZEOF VP_TABLE))                                                           |
| 0170<br>0172<br>0174 |                                | IF EQ THEN EXIT FROM THREAD FI                                                                 |

| 0178          | 5E08<br>017C<br>E8E7 | OD                                                                                                                                                                                                                                                                                                          |
|---------------|----------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| 01 <b>7</b> C | 8D18                 | <pre>! INITIALIZE VP MESSAGE LIST !<br/>! NOTE: ONLY THE THREAD FOR THE MESSAGE<br/>LIST NEED BE CREATED AS ALL MESSAGES<br/>ARE INITIALLY AVAILABLE FOR USE. THE<br/>INITIAL MESSAGE VALUES WERE CREATED<br/>FOR CLARITY ONLY TO SHOW THAT THE<br/>MESSAGES HAVE NO USABLE INITIAL VALUE!<br/>CLR R1</pre> |
|               | MSG                  | _LST_INIT:                                                                                                                                                                                                                                                                                                  |
|               |                      | ! NOTE: R1 REPRESENTS CURRENT ENTRY IN<br>MSG_LIST, R2 REPRESENTS CURRENT POSITION<br>IN MSG_LIST ENTRY, AND R3 REPRESENTS<br>NEXT ENTRY IN MSG_LIST. !<br>DO                                                                                                                                               |
|               |                      | LD R2, R1                                                                                                                                                                                                                                                                                                   |
|               |                      | LD R3, R2                                                                                                                                                                                                                                                                                                   |
|               | 0103                 | ADD R3, #SIZEOF MESSAGE                                                                                                                                                                                                                                                                                     |
|               |                      | FILL_MSG:<br>DO                                                                                                                                                                                                                                                                                             |
|               | 4D25                 | LD VPT.MSG_Q.MSG(R2), #INVALID                                                                                                                                                                                                                                                                              |
|               | 0110*<br>EEEE        |                                                                                                                                                                                                                                                                                                             |
|               | A921                 | INC R2, #2                                                                                                                                                                                                                                                                                                  |
|               | 8B32                 | CP R2, R3                                                                                                                                                                                                                                                                                                   |
|               | 5E0E<br>0198'        | IF EQ THEN EXIT FROM FILL_MSG FI                                                                                                                                                                                                                                                                            |
|               | 5E08                 |                                                                                                                                                                                                                                                                                                             |
|               | 019A*                |                                                                                                                                                                                                                                                                                                             |
|               | E8F6                 | OD                                                                                                                                                                                                                                                                                                          |
|               | 4D15<br>0120*        | LD VPT.MSG_Q.SENDER(R1), #NIL                                                                                                                                                                                                                                                                               |
| 019C          |                      |                                                                                                                                                                                                                                                                                                             |
| 0140          | A112                 | LD R2, R1                                                                                                                                                                                                                                                                                                   |
|               | 0101                 | ADD R1, #SIZEOF MSG_TABLE                                                                                                                                                                                                                                                                                   |
| 01A4<br>01A6  |                      | CP R1, #SIZEOF MSG_TABLE*NR_VP                                                                                                                                                                                                                                                                              |
| 0148          |                      |                                                                                                                                                                                                                                                                                                             |
|               |                      | IF EQ                                                                                                                                                                                                                                                                                                       |
| 0144          |                      | THEN                                                                                                                                                                                                                                                                                                        |
|               | 01BC<br>4D25         | LD VPT.MSG_Q.NEXT_MSG(R2), #NIL                                                                                                                                                                                                                                                                             |
|               | 0122*                |                                                                                                                                                                                                                                                                                                             |
| 01B2          |                      |                                                                                                                                                                                                                                                                                                             |
|               | 5E08<br>01C2         | EXIT FROM MSG_LST_INIT                                                                                                                                                                                                                                                                                      |
|               | 5E08                 | ELSE                                                                                                                                                                                                                                                                                                        |
| 0 1 B A       | 01C0                 |                                                                                                                                                                                                                                                                                                             |
| 01BC          | 6F21                 | LD VPT.MSG_Q.NEXT_MSG(R2), R1                                                                                                                                                                                                                                                                               |
|               |                      |                                                                                                                                                                                                                                                                                                             |

| 01BE    | 0122* |                                             |
|---------|-------|---------------------------------------------|
|         |       | FI                                          |
| 0100    | E8DE  | OD                                          |
|         |       |                                             |
|         |       | ! GET LOGICAL CPU # FOR USE                 |
|         |       | BY ITC GETWORK. !                           |
| 01C2    | 610D  | LD R13, PRDS.LOG_CPU_ID                     |
| 01C4    | 0002* | · 600 600                                   |
|         |       | ! BOOTSTRAP COMPLETE !                      |
|         |       | ! START SYSTEM EXECUTION AT PREEMPT ENTRY ! |
|         |       | ! POINT IN ITC GETWORK PROCEDURE !          |
| 01C6    | 5E08  | JP BOOTSTRAP_ENTRY                          |
| 01C8    | 0000* | 60                                          |
| 0 1 C A |       | END BOOTSTRAP                               |

- 327 -

01CA UPDATE\_VP\_TABLE PROCEDURE \*\*\*\*\*\*\*\*\*\*\* \* INITIALIZES VPT ENTRIES \*\*\*\*\*\*\*\* \* REGISTER USE: \* ж PARAMETERS: R1: DBR ADDRESS ж \* \* R2: PRIORITY \* \* × **R5: PREEMPT FLAG** R6: EXTERNAL VP FLAG \* \* \* \* **RETURNS:** \* \* **R9: ASSIGNED VP ID** LOCAL VARIABLES: \* × R7: LOGICAL CPU # \* \* she a **R8: EXT VP LIST OFFSET** ж R9: VPT OFFSET × \* \*\*\*\*\*\*\* ENTRY ! GET OFFSET IN VPT FOR NEXT ENTRY ! R9, NEXT\_AVAIL\_VP 01CA 6109 LD 01CC 0000' 01CE 6F91 LD VPT.VP.DBR(R9), R1 01D0 0010\* 01D2 6F92 LD VPT.VP.PRI(R9), R2 01D4 0012\* 01D6 6F96 VPT.VP.IDLE\_FLAG(R9), R6 LD 01D8 0016\* 01DA 6F95 LD VPT.VP.PREEMPT(R9), R5 01DC 0018\* 01DE 6107 LD R7, PRDS.LOG\_CPU\_ID 01E0 0002\* 01E2 6F97 VPT.VP.PHYS PROCESSOR (R9), R7 LD 01E4 001A\* 01E6 4D95 LD VPT.VP.NEXT\_READY\_VP(R9), #NIL 01E8 001C\* **OIEA FFFF** 01EC 4D95 LD VPT.VP.MSG\_LIST(R9), #NIL 01EE 001E\* 01F0 FFFF ! CHECK EXTERNAL VP FLAG ! 01F2 0B06 CP R6, #ON 01F4 FFFF IF EQ !EXTERNAL VP! 01F6 5E0E THEN ! VP IS TC VISIBLE ! 01F8 0210. 01FA 6108 LD R8, NEXT\_EXT\_VP 01FC 0002" ! INSERT ENTRY IN EXTERNAL VP LIST ! 01FE 6F89 LD EXT\_VP\_LIST(R8), R9 0200 0000\* 0202 6F98 VPT.VP.EXT\_ID(R9), R8 LD 0204 0020\*

INC R8, #2 0206 A981 0208 6F08 LD NEXT\_EXT\_VP, R8 020A 0002" 020C 5E08 ELSE !VP BOUND TO KERNEL PROCESS! 020E 0216 0210 4D05 LD VPT.VP.EXT\_ID, #NIL 0212 0020\* 0214 FFFF FI 0216 A19A LD R10, R9 0218 010A ADD R10, #SIZEOF VP\_TABLE 021A 0020 021C 6F0A LD NEXT\_AVAIL\_VP, R10 021E 0000" 0220 9E08 RET END UPDATE\_VP\_TABLE 0222 END BOOTSTRAP\_LOADER

- 329 -

### Appendix F

LIBRARY FUNCTION LISTINGS

Z8000ASM 2.02 LOC OBJ CODE STMT SOURCE STATEMENT LIBRARY\_FUNCTION MODULE \$LISTON \$TTY CONSTANT KERNEL\_FCW := %5000 STACK\_SEG\_SIZE := %100 STACK\_BASE := STACK\_SEG\_SIZE-%10 STATUS\_REG\_BLOCK:= STACK\_SEG\_SIZE-%10 INTERRUPT\_FRAME := STACK\_BASE-4 INTERRUPT\_REG := INTERRUPT\_FRAME-34 N\_S\_P := INTERRUPT\_REG-2 NIL := %FFFF

- 330 -

0

**\$SECTION LIB PROC** GLOBAL

0000

LIST\_INSERT PROCEDURE \* INSERTS OBJECTS INTO A LIST \* BY ORDER OF PRIORITY AND SETS \* \* ITS STATE \*\*\*\*\*\* \* REGISTER USE: \* \* PARAMETERS: \* \* R2: OBJECT ID \* R3: HEAD\_OF\_LIST\_PTR ADDR R4: NEXT\_OBJ\_PTR ADDR \* \* \* \* \* R5: PRIORITY PTR ADDR \* \* R6: STATE PTR ADDR \* R7: OBJECT STATE \* \* \* LOCAL VARIABLES: \* R8: HEAD\_OF\_LIST\_PTR \* \* R9: NEXT OBJ PTR \* \* R10: CURRENT\_OBJ PRIORITY \* \* R11: NEXT OBJ PRIORITY \* \* \*\*\*\*\*\*\*\*\*\*\*\*\* ENTRY ! GET FIRST OBJECT IN LIST ! 0000 2138 LD R8, @R3 0002 OB08 CP R8, #NIL 0004 FFFF IF EQ !LIST IS EMPTY! THEN 0006 5E0E 0008 0018 ! PLACE OBJ AT HEAD OF LIST ! @R3, R2 000A 2F32 LD 000C 7449 LDA R9, R4(R2) 000E 0200 **DR9**, #NIL 0010 0D95 LD 0012 FFFF ELSE 0014 5E08 0016 005A' ! COMPARE OBJ PRI WITH LIST HEAD PRI ! R10, R5(R2) !OBJ PRI! 0018 715A LD 001A 0200 R11, R5 (R8) !HEAD PRI! 001C 715B LD 001E 0800 R10, R11 CP 0020 8BBA IF GT !OBJ PRI>HEAD PRI! THEN 0022 5E02 0024 0030\* DR3, R2 !PUT AT FRONT! LD 0026 2F32 R4(R2), R8 0028 7348 LD 002A 0200 ELSE ! INSERT IN BODY OF LIST ! 002C 5E08 002E 005A"

|                         | DO                                |
|-------------------------|-----------------------------------|
| 0030 0808               | CP R8, #NIL                       |
| 0032 FFFF               |                                   |
|                         | IF EQ !END OF LIST! THEN          |
| 0036 003C'              |                                   |
| 0038 5E08               | EXIT FROM SEARCH_LIST             |
| 003A 0052"              |                                   |
|                         | FI                                |
| 003C 715B               | LD R11, R5 (R8) !GET NEXT PRI!    |
| 003E 0800               | CD D40 D44                        |
| 0040 8BBA               | CP R10, R11                       |
| 0042 5E02               | IF GT !CUBBENT PRI>NEXT PRI! THEN |
| 0044 004A*              | BYTH BOOM CENDCU LICH             |
| 0046 5E08<br>0048 0052' | EXIT FROM SEARCH_LIST             |
| 0048 0052.              | FI                                |
|                         | r 1                               |
|                         | ! GET NEXT OBJ !                  |
| 004A A189               |                                   |
| 004C 7148               |                                   |
| 004E 0900               |                                   |
| 0050 E8EF               | OD ! END SEARCH_LIST !            |
|                         | -                                 |
|                         | ! INSERT IN LIST !                |
| 0052 7348               | LD R4(R2), R8                     |
| 0054 0200               |                                   |
| 0056 7342               | LD R4(R9), R2                     |
| 0058 0900               |                                   |
|                         | PI                                |
|                         | FI                                |
|                         | ! SET OBJECT'S STATE !            |
| 005A 7367               |                                   |
| 005C 0200               | LD R6 (R2), R7                    |
|                         | RET                               |
| 0060                    | END LIST_INSERT                   |
| 0000                    | THE PIST THORY                    |

| 0060                                 | CREATE_STACK PROCEDURE                                                                   |
|--------------------------------------|------------------------------------------------------------------------------------------|
|                                      | ******                                                                                   |
|                                      | * INITIALIZES KERNEL STACK *                                                             |
|                                      | * SEGMENT FOR PROCESSES *                                                                |
|                                      | *****                                                                                    |
|                                      | * REGISTER USE: *<br>* PARAMETERS: *                                                     |
|                                      | * PARAMETERS: *                                                                          |
|                                      | * RO: ARGUMENT POINTER *                                                                 |
|                                      | * (INCLUDES:FCW,IC,NSP, AND *                                                            |
|                                      | * RETURN POINT. SEE LOCAL *                                                              |
|                                      | <ul> <li>* VARIABLES BELOW.) *</li> <li>* R1: TOP OF STACK *</li> </ul>                  |
|                                      | * RI: TOP OF STACK *                                                                     |
|                                      | * R2-R14: INITIAL REGISTER *                                                             |
|                                      | <ul> <li>* STATES. (NOTE: IN DEMO, NO*</li> <li>* SPECIFIC INITIAL REGISTER *</li> </ul> |
|                                      | * VALUES ARE SET, EXCEPT R13*                                                            |
|                                      | * (USER ID) FOR USER PRO- *                                                              |
|                                      | * CESSES.) *                                                                             |
|                                      | *****                                                                                    |
|                                      | * LOCAL VARIABLES *                                                                      |
|                                      | * (FROM ARGUMENTS STORED ON *                                                            |
|                                      | * STACK.) *                                                                              |
|                                      | * R3: FCW *                                                                              |
|                                      | <pre>* R4: PROCESS ENTRY POINT(IC) * * R5: NSP * </pre>                                  |
|                                      | * R5: NSP *                                                                              |
|                                      | * R6: PREEMPT RETURN POINT *                                                             |
|                                      | ********                                                                                 |
|                                      |                                                                                          |
| 0000 0000                            | ENTRY                                                                                    |
| 0060 9380                            | PUSH ØR 15, RO ISAVE ARGUMENT PTRI                                                       |
| 0060 93F0<br>0062 ADF0<br>0064 34 1F | EX RO, R15 ISAVE SPI                                                                     |
| 0066 00CA                            | LDA R15, R1 (#INTERRUPT_REG)                                                             |
| 0068 1CF9                            | LDM @R15, R1, #16 !INITIAL REG. VALUES!                                                  |
| 006A 010F                            | LDU WAIS, AN, AIO INTITAL ALG. ARDES:                                                    |
|                                      | ! NOTE: ONLY REGISTERS R2-R14 MAY CONTAIN                                                |
|                                      | INITIALIZATION VALUES !                                                                  |
| 006C A10F                            | LD R15, RO !RESTORE SP!                                                                  |
| 006E 97F0                            | POP RO, DR15 !RESTORE ARGUMENT PTR!                                                      |
| 0070 A1FE                            | LD R14, R15 !SAVE CALLER RETURN POINT!                                                   |
| 0072 A10F                            | LD R15, RO !GET ARGUMENT PTR!                                                            |
| 0074 1CF1                            | LDM R3, @R15, #4 !LOAD ARGUMENTS!                                                        |
| 0076 0303                            |                                                                                          |
| 0078 341F                            | LDA R15, R1(#INTERRUPT_FRAME)                                                            |
| 007A 00EC                            |                                                                                          |
| 007C 1CF9                            | LDM @R15, R3, #2 !INIT IRET FRAME!                                                       |
| 007E 0301                            |                                                                                          |
| 0080 341F                            | LDA R15, R1 ( $\#N_S_P$ )                                                                |
| 0082 0008                            |                                                                                          |
| 0084 2FF5<br>0086 030F               | LD @R15, R5 !SET NSP!<br>SUB R15, #2                                                     |
| 0088 0002                            |                                                                                          |
| 0000 0002                            |                                                                                          |
| 0081 2886                            |                                                                                          |
| 008A 2FF6<br>008C 3418               | LD DR 15, R6 !PREEMPT RET POINT!<br>LDA R8, R1(#STACK_BASE)                              |

| 008E | 00F0 |             |        |       |       |       |      |          |    |
|------|------|-------------|--------|-------|-------|-------|------|----------|----|
|      |      | ! INITIAL   | IZE SI | ATUS  | REGI  | ISTER | BLOC | CK I     |    |
| 0090 | 2100 | LD          | RO, #  | KERNI | EL_FC | CW    |      |          |    |
| 0092 | 5000 |             |        |       |       |       |      |          |    |
| 0094 | 1C89 | LDM         | DR8,   | R15,  | #2    | ISAVE | SP   | & FCWI   |    |
| 0096 | 0F01 |             |        |       |       |       |      |          |    |
| 0098 | AIEF | LD          | R15,   | R14   | ! RES | STORE | RETU | JRN POIN | T! |
| 009A | 9E08 | RET         |        |       |       |       |      |          |    |
| 009C |      | END CREATE  | STACK  |       |       |       |      |          |    |
|      | END  | LIBRARY_FUN |        |       |       |       |      |          |    |
|      |      | _           |        |       |       |       |      |          |    |

000-

- 334 -

### Appendix G

## INNER TRAFFIC CONTROLLER LISTINGS

**Z8000ASM** 2.02

LOC OBJ CODE STMT SOURCE STATEMENT

INNER\_TRAFFIC\_CONTROL MODULE

\$LISTON \$TTY

- !\*\*1. GETWORK:
  - A. NORMAL ENTRY DOES NOT SAVE REGISTERS.
    (THIS IS A FUNCTION OF THE GATEKEEPER).
    B. R14 IS AN INPUT PARAMETER TO GETWORK THAT SIMULATES INFO THAT WILL EVENTUALLY BE ON THE MMU HARDWARE. THIS REGISTER MUST BE ESTABLISHED AS A DBR BY ANY PROCEDURE INVOKING GETWORK.
  - C. THE PREEMPT INTERRUPT ENTRY HANDLER DOES NOT USE THE GATEKEEPER AND MUST PERFORM FUNCTIONS NORMALLY ACCOMPLISHED BY IT PRIOR TO NORMAL ENTRY AND EXIT.
     ( SAVE/RESTORE: REGS, NSP: UNLOCK VPT, TEST INT)
  - 2. GENERAL:
    - A. ALL VIOLATIONS OF VIRTUAL MACHINE INSTRUCTIONS ARE CONSIDERED ERROR CONDITIONS AND WILL RETURN SYSTEM TO THE MONITOR WITH AN ERROR CODE IN RO AND THE PC VALUE IN R1.
    - B. ITC PROCEDURES CALLING GETWORK PASS DBR (REGISTER R14) AND LOGICAL CPU NUMBER (REGISTER R13) AS INPUT PARAMETERS. (INCLUDES: SIGNAL, WAIT, SWAP\_VDBR, PHYS\_PREEMPT\_HANDLER, AND IDLE). !

CONSTANT

| ! *******   | ERROR | CODES ******** !        |
|-------------|-------|-------------------------|
| U_L := (    | ) !   | UNAUTHORIZED LOCK !     |
| M_L_EM :=   | 1 :   | MESSAGE LIST EMPTY !    |
| M_L_ER :≃ 3 | 2 1   | MESSAGE LIST ERROR !    |
| $R_L = :=$  |       | READY LIST EMPTY !      |
| M_L_0 := (  | 1 1   | MESSAGE LIST OVERFLOW ! |
| S_N_A := !  | 5 1   | SWAP NOT ALLOWED !      |
| V_I_E := (  | 5 !   | VP INDEX ERROR !        |
| N_U := '    | 7 !   | MMU UNAVAILABLE !       |

- 335 -

! \*\*\*\*\*\*\* SYSTEM PARAMETERS \*\*\*\*\*\*\* ! NR SDR := 64 ILONG WORDS! := 2 NR\_CPU NR VP := NR CPU = 4NR\_AVAIL\_VP := NR\_CPU\*2 MAX\_DBR\_NR := 10 !PER CPU! STACK SEG := 1 PRDS SEG := 0 STACK\_SEG\_SIZE := %100 ! \*\*\*\*\* OFFSETS IN STACK SEG \*\*\*\*\* ! STACK\_BASE := STACK\_SEG\_SIZE-%10 STATUS\_REG\_BLOCK:= STACK\_SEG\_SIZE- %10 INTERRUPT\_FRAME := STACK\_BASE-4 := INTERRUPT\_FRAME-34 INTERRUPT\_REG := INTERRUPT\_REG-2 N\_S\_P F\_C\_W := STACK\_SEG\_SIZE-%E ON := %FFFF OFF := 0 RUNNING := 0:= 1 READY WAITING := 2:= %FFFF NIL INVALID := %EEEE MONITOR := %A900 ! HBUG ENTRY ! KERNEL FCW := %5000 AVAILABLE := 0 ALLOCATED := %FF TYPE MESSAGE ARRAY [ 16 BYTE ] ADDRESS WORD VP\_INDEX INTEGER MSG INDEX INTEGER SEG\_DESC\_REG RECORD [ BASE ADDRESS ATTRIBUTES BYTE LIMITS BYTE 1 UMM ARRAY[NR\_SDR SEG\_DESC\_REG] MSG TABLE RECORD [ MSG MESSAGE SENDER VP\_INDEX NEXT\_MSG MSG INDEX FILLER ARRAY [6, WORD] ]

VP\_TABLE RECORD DBR ADDRESS ſ. PRI WORD STATE WORD IDLE\_FLAG WORD PREEMPT WORD PHYS\_PROCESSOR WORD NEXT\_READY\_VP VP\_INDEX MSG\_LIST MSG\_INDEX EXT ID WORD FILLER 1 ARRAY[ 7, WORD ] 1 EXTERNAL LIST\_INSERT PROCEDURE GLOBAL BOOTSTRAP\_ENTRY LABEL SSECTION ITC\_DATA 0000 VPT RECORD [ LOCK WORD RUNNING\_LIST ARRAY[NR\_CPU WORD] READY\_LIST ARRAY[NR\_CPU WORD] FREE\_LIST MSG\_INDEX VIRT\_INT\_VEC ARRAY[1, ADDRESS] FILLER\_2 WORD V P ARRAY [NR\_VP, VP\_TABLE] MSG Q ARRAY [NR\_VP, MSG\_TABLE] 1 0210 ARRAY[NR\_AVAIL\_VP WORD] EXT\_VP\_LIST SSECTION MMU\_DATA 0000 MMU\_IMAGE RECORD ſ HMU\_STRUCTURE ARRAY[MAX\_DBR\_NR MMU] NEXT\_AVAIL\_MMU ARRAY[MAX\_DBR\_NR BYTE] 0 A 0 0 OAOA PRDS RECORD [PHYS\_CPU\_ID WORD LOG\_CPU\_ID INTEGER VP NR WORD VP\_INDEX] IDLE VP

|                                                                              | SECTION ITC_INT_PROC<br>INTERNAL<br>GETWORK PROCEDURE<br>!************************************                                                              |
|------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------|
| 0000 31E4<br>0002 0004<br>0004 3445<br>0006 00F0                             | ! GET STACK BASE !<br>LD R4, R14(#STACK_SEG*4)                                                                                                              |
|                                                                              | ! * * SAVE SP * * !<br>LD @R5, R15<br>! * * SAVE FCW * * !<br>LDCTL R3, FCW<br>LD R4 (#F_C_W), R3                                                           |
| BOC<br>0010 61D1<br>0012 0006"                                               | DTSTRAP_ENTRY: ! GLOBAL LABEL !<br>! GET READY_VP LIST !<br>LD R1, VPT.READY_LIST(R13)                                                                      |
| 0014 4D11<br>0016 0016'<br>0018 FFFF<br>001A 5E0E<br>001C 0030'<br>001E 4D11 | <pre>SELECT_VP:<br/>DO ! UNTIL ELGIBLE READY_VP FOUND !<br/>CP VPT.VP.IDLE_FLAG(R1), #ON<br/>IF EQ ! VP IS IDLE ! THEN<br/>CP VPT.VP.PREEMPT(R1), #ON</pre> |
| 0020 0018<br>0022 FFFF<br>0024 5E0E<br>0026 002C<br>0028 5E08<br>002A 003C   | IF EQ ! PREEMPT INTERRUPT IS ON ! THEN<br>EXIT FROM SELECT_VP                                                                                               |

|                      |                       | PT                                                                                                                                                                                                                                                                                                                    |
|----------------------|-----------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| 002E                 | 5E08<br>0034 •        |                                                                                                                                                                                                                                                                                                                       |
|                      | 5E08<br>003C'         | EXIT FROM SELECT_VP<br>FI                                                                                                                                                                                                                                                                                             |
| 0036                 | 6113<br>001C'<br>A131 | ! GET NEXT READY_VP !<br>LD R3, VPT.VP.NEXT_READY_VP(R1)<br>LD R1, R3                                                                                                                                                                                                                                                 |
|                      | E8EC                  | OD OD                                                                                                                                                                                                                                                                                                                 |
|                      |                       | ! NOTE: THE READY_LIST WILL NEVER BE EMPTY SINCE<br>THE IDLE VP, WHICH IS THE LOWEST PRI VP,<br>WILL NEVER BE REMOVED FROM THE LIST.<br>IT WILL RUN ONLY IF ALL OTHER READY VP'S ARE<br>IDLING OR IF THERE ARE NO OTHER VP'S ON<br>THE READY_LIST. ONCE SCHEDULED, IT<br>WILL RUN UNTIL RECEIVING A HDWE INTERRUPT. ! |
|                      |                       | ! NOTE: R14 IS USED AS DBR HERE. WHEN MMU<br>IS AVAILABLE THIS SERIES OF SAVE AND LOAD<br>INSTRUCTIONS WILL BE REPLACED BY SPECIAL I/O<br>INSTRUCTIONS TO THE MMU. !                                                                                                                                                  |
| 003C<br>003E<br>0040 | 0014 •                | ! PLACE NEW_VP IN RUNNING STATE !<br>LD VPT.VP.STATE(R1), #RUNNING                                                                                                                                                                                                                                                    |
| 0042                 | 6FD1<br>0002          |                                                                                                                                                                                                                                                                                                                       |
|                      | 611E<br>0010'         | ! * * SWAP DBR * * !<br>LD R14, VPT.VP.DBR(R1)                                                                                                                                                                                                                                                                        |
| 004A<br>004C         | 31E4<br>0004          | ! LOAD NEW_VP SP !<br>LD R4, R14 (#STACK_SEG*4)                                                                                                                                                                                                                                                                       |
| 004E<br>0050         | 3445<br>00F0          | LDA R5, R4 (#STATUS_REG_BLOCK)                                                                                                                                                                                                                                                                                        |
| 0052                 | 215F                  | LD R15, @R5                                                                                                                                                                                                                                                                                                           |
| 0054<br>0056         |                       | ! * * LOAD NEW FCW * * !<br>LD R3, R4(#F_C_W)                                                                                                                                                                                                                                                                         |
| 0058                 | 7D3A<br>9e08          | LDCTL FCW, R3<br>RET<br>END GETWORK                                                                                                                                                                                                                                                                                   |
|                      |                       |                                                                                                                                                                                                                                                                                                                       |

| 005C                                                                                                                           | ENTER_MSG_LIST PROCEDURE<br>!************************************                         |
|--------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|
| 005C 61D2<br>005E 0002                                                                                                         | ENTRY<br>LD R2, VPT.RUNNING_LIST(R13)                                                     |
| 0060 6103<br>0062 000A'                                                                                                        | ! GET FIRST MSG FROM FREE_LIST !<br>LD R3, VPT.FREE_LIST                                  |
| 0064 0303<br>0066 FFFF<br>0068 5E0E<br>006A 0078<br>006C 7601<br>006E 006C<br>0070 2100<br>0072 0004<br>0074 5F00<br>0076 A900 | IF EQ THEN<br>LDA R1, \$                                                                  |
| 0078 6134<br>007A 0122<br>007C 6F04                                                                                            | LD R4, VPT.MSG_Q.NEXT_MSG(R3)<br>LD VPT.FREE_LIST, R4                                     |
| 007E 000A<br>0080 763A<br>0082 0110<br>0084 2107                                                                               | ! INSERT MESSAGE LIST INFORMATION !<br>LDA R10,VPT.MSG_Q.MSG(R3)<br>LD R7,#SIZEOF MESSAGE |
| 0086 0010<br>0088 BA81<br>008A 07A0<br>008C 6F32                                                                               | LDIRB @R10,@R8,R7<br>LD VPT.MSG_Q.SENDER(R3), R2                                          |
| 008E 0120"                                                                                                                     |                                                                                           |

! INSERT MSG IN MSG\_LIST ! 0090 6115 LD R5, VPT.VP.MSG\_LIST(R1) 0092 001E 0094 0B05 CP R5, #NIL 0096 FFFF IF EQ ! MSG LIST IS EMPTY ! THEN 0098 5E0E 009A 00A4" ! INSERT MSG AT TOP OF LIST ! 009C 6F13 LD VPT.VP.MSG LIST(R1), R3 009E 001E 00A0 5E08 ELSE ! INSERT MSG IN LIST ! 00A2 00BC\* MSG\_Q\_SEARCH: DO ! WHILE NOT END OF LIST ! 00A4 0B05 СР R5, #NIL 00A6 FFFF 00A8 5E0E IF EQ ! END OF LIST ! THEN 00AA 00B0" 00AC 5E08 EXIT FROM MSG\_Q\_SEARCH 00AE 00B8 . FI ! GET NEXT LINK ! 00B0 A156 R6, R5 LD R5, VPT.MSG\_Q.NEXT\_MSG(R6) 00B2 6165 LD 00B4 0122\* 00B6 E8F6 OD ! INSERT MSG IN LIST ! VPT.MSG\_Q.NEXT\_MSG(R6), R3 00B8 6F63 LD 00BA 0122 FI VPT.MSG\_Q.NEXT\_MSG(R3), R5 00BC 6735 LD 00BE 0122" 00C0 9E08 RET END ENTER\_MSG\_LIST 00C2

| 00C2                                                                                                                                          | GET_FIRST_MSG PROCEDURE<br>!************************************                                                       |
|-----------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------|
| 00C2 61D2<br>00C4 0002*                                                                                                                       | ENTRY<br>LD R2, VPT.RUNNING_LIST (R13)                                                                                 |
| 00C6 6123<br>00C8 001E                                                                                                                        | ! REMOVE FIRST MSG FROM MSG_LIST !<br>LD R3, VPT.VP.MSG_LIST(R2)                                                       |
| 00CA 0B03<br>00CC FFFF<br>00CE 5E0E<br>00D0 00DE*<br>00D2 2100<br>00D4 0001<br>00D6 7601<br>00D6 7601<br>00D8 00D6*<br>00DA 5F00<br>00DC A900 | <pre>! * * * DEBUG * * * * ! CP R3, #NIL IF EQ THEN LD R0, #M_L_EM ! MSG LIST EMPTY ! LDA R1, \$ CALL MONITOR FI</pre> |
| 00DE 6134<br>00E0 0122<br>00E2 6F24<br>00E4 001E                                                                                              | ! * * * END DEBUG * * * !<br>LD R4, VPT.MSG_Q.NEXT_MSG(R3)<br>LD VPT.VP.MSG_LIST(R2), R4                               |
| 00E6 6105<br>00E8 000A*<br>00EA 0B05<br>00EC FFFF<br>00EE 5E0E<br>00F0 0100*                                                                  |                                                                                                                        |
| 00F2 6F03<br>00F4 000A*                                                                                                                       | ! INSERT AT TOP OF LIST !<br>LD VPT.FREE_LIST, R3                                                                      |

00F6 4D35 LD VPT.MSG\_Q.NEXT\_MSG(R3), #NIL 00F8 0122\* OOFA FFFF 00FC 5E08 ELSE ! INSERT IN LIST ! 00FE 011C' FREE\_Q\_SEARCH: DO R5, #NIL 0100 OB05 CP 0102 FFFF 0104 5E0E IF EQ ! END OF LIST ! THEN 0106 010C" 0108 5E08 EXIT FROM FREE Q SEARCH 010A 0114 FI ! GET NEXT MSG ! 010C A156 LD R6, R5 010E 6165 LD R5, VPT.MSG\_Q.NEXT\_MSG (R6) 0110 0122\* 0112 E8F6 OD ! INSERT IN LIST ! 0114 6F63 LD VPT.MSG\_Q.NEXT\_MSG(R6), R3 0116 0122' 0118 6F35 LD VPT.MSG Q.NEXT MSG(R3), R5 011A 0122' FI ! GET MESSAGE INFORMATION: (RETURNS R1: SENDING VP) 1 011C 6131 R1, VPT.MSG\_Q.SENDER(R3) LD 011E 0120' 0120 763A LDA R10, VPT. MSG\_Q. MSG(R3) 0122 0110 0124 2107 LD R7, #SIZEOF MESSAGE 0126 0010 0128 BAA1 @R8, @R10, R7 LDIRB 012A 0780 012C 9E08 RET END GET\_FIRST\_MSG 012E

|                        | ! * * INNER TRAFFIC CONTROL ENTRY POINTS * * !                                                                                                                               |
|------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
|                        | ! NOTE: ALL INTERRUPTS MUST BE MASKED WHENEVER<br>THE VPT IS LOCKED. THIS IS TO PREVENT AN<br>EMBRACE FROM OCCURRING SHOULD AN INTERRUPT<br>OCCUR WHILE THE VPT IS LOCKED. ! |
|                        | GLOBAL<br>\$SECTION ITC_GLB_PROC                                                                                                                                             |
| 0000                   |                                                                                                                                                                              |
|                        | !*************************************                                                                                                                                       |
|                        | * DLER. *<br>***********************************                                                                                                                             |
|                        | * R1: VIRTUAL INTERRUPT # *<br>* R2: INTERRUPT HANDLER ADDR *<br>*************************                                                                                   |
|                        | ENTRY<br>! COMPUTE OFFSET IN VIRTUAL<br>INTERRUPT VECTOR !                                                                                                                   |
| 0000 1900<br>0002 0002 | MULT BRO, #SIZEOF ADDRESS                                                                                                                                                    |
| 0004 6F12<br>0006 000C |                                                                                                                                                                              |
| 00 <b>08</b> 9E08      |                                                                                                                                                                              |

| AOOO                   | GET_DBR_ADDR PROCEDURE                        |     |
|------------------------|-----------------------------------------------|-----|
|                        | **************************************        |     |
|                        | * CALCULATES DER ADDRESS FROM *               |     |
|                        | * DBR NUMBER *                                |     |
|                        | ******                                        |     |
|                        | * REGISTER USE: *                             |     |
|                        | * PARAMETERS: *                               |     |
|                        | * RO: DBR # *                                 |     |
|                        | * RETURNS: *                                  |     |
|                        | * R1: DBR ADDRESS *                           |     |
|                        | **************************************        |     |
|                        | ENTRY                                         |     |
|                        | ! GET BASE ADDRESS OF MMU IMAGE !             |     |
| 000A 7601              | LDA R1, MMU_IMAGE                             |     |
| 000C 0000*             |                                               |     |
|                        | ! ADD DBR HANDLE (OFFSET) TO MMU B.           | ASE |
|                        |                                               |     |
|                        | ADDRESS TO OBTAIN DBR ADDRESS !               |     |
| 000E 8101              | * *                                           |     |
| 000E 8101<br>0010 9E08 | ADDRESS TO OBTAIN DBR ADDRESS !<br>ADD R1, R0 |     |

- 345 -

0012 ALLOCATE MMU PROCEDURE \*\*\*\*\*\*\* \* ALLOCATES NEXT AVAILABLE MMU \* \* IMAGE AND CREATES PRDS ENTRY \* \*\*\*\*\*\*\* \* **\*** REGISTER USE: \* \* **RETURNS:** \* RO: DBR # 4 \* \* LOCAL VARIABLES: \* R1: SEGMENT # \* R2: PRDS ADDRESS \* \* ×. ŵ. **R3: PRDS ATTRIBUTES** R4: PRDS LIMITS ×. ×. \*\*\*\*\*\*\* ENTRY ! GET NEXT AVAILABLE DBR # ! 0012 8D08 CLR R0 0014 8D18 CLR R 1 ! NOTE: THE FOLLOWING IS A SAFE SEQUENCE AS NEXT\_AVAIL\_MMU AND MMU ARE CPU LOCAL! GET\_DBR: DO 0016 4C11 CPB NEXT\_AVAIL\_MMU(R1), #AVAILABLE 0018 0A00" 001A 0000 IF EO **!MMU ENTRY IS AVAILABLE!** 001C 5E0E THEN 001E 002E 0020 4C15 LDB NEXT\_AVAIL\_MMU(R1), #ALLOCATED 0022 0A00" 0024 FFFF 0026 5E08 EXIT FROM GET DBR 0028 004A\* 002A 5E08 ELSE **CURRENT ENTRY IS ALLOCATED!** 002C 0048\* 002E A910 INC R1, #1 0030 0100 ADD RO, #SIZEOF MMU 0032 0100 1 \* \* \* \* DEBUG \* \* \* \* ! 0034 0B01 CP R1, #MAX\_DBR\_NR 0036 000A 0038 5E0E IF EQ THEN 003A 0048\* 003C 2100 LD RO, #M\_U !MMU UNAVAILABLE! 003E 0007 0040 7601 LDA R1, 3 0042 0040\* 0044 5F00 CALL MONITOR 0046 A900 FI ! \* \* \* END DEBUG \* \* \* ! FI 0048 E8E6 OD

004A 2101 LD R1, #PRDS\_SEG ! SEGMENT NO. ! 004C 0000 R2, PRDS ! PRDS ADDR ! 004E 7602 LDA 0050 0A0A' 0052 2103 R3, #1 ! READ ATTR ! LD 0054 0001 0056 2104 LD R4, #((SIZEOF PRDS)-1)/256 0058 0000 ! PRDS LIMITS ! ! CREATE PRDS ENTRY IN MMU IMAGE ! 005A 5F00 CALL UPDATE MMU IMAGE ! (R1: SEGMENT # 005C 0060' R2: SEG ADDRESS R3: ATTRIBUTES R4: SEG LIMITS)! 005E 9E08 RET

0060 END ALLOCATE\_MMU

- 347 -

| 0060                   | UPDATE_MMU_IMAGE PROCEDURE<br>!************************************                    |
|------------------------|----------------------------------------------------------------------------------------|
|                        | * R2: SEGMENT ADDRESS *                                                                |
|                        | * R3: SEGMENT ATTRIBUTES *                                                             |
|                        | * R4: SEGMENT LIMITS *<br>* LOCAL VARIABLES: *                                         |
|                        |                                                                                        |
|                        | * R10: MMU BASE ADDRESS *                                                              |
|                        | * R13: OFFSET VARIABLE * ***********************************                           |
|                        | ENTRY                                                                                  |
| 0060 210A              |                                                                                        |
| 0062 0000              | LD R10, #MMU_IMAGE ! MMU BASE ADDRESS !<br>'                                           |
| 0064 810A              | ADD R10, R0<br>LD R13, #SIZEOF SEG_DESC_REG                                            |
| 0066 210D              | LD R13, #SIZEOF SEG_DESC_REG                                                           |
| 0068 0004              |                                                                                        |
| 006A 991C              | MULT RR12, R1 & COMPUTE SEG_DESC OFFSET !<br>ADD R10, R13 #ADD OFFSET TO BASE ADDRESS! |
| UUBC BIDA              | INSERT DESCRIPTOR DATA !                                                               |
| 006E 2EA2              | LD OR10, R2                                                                            |
| 0070 A9A1              | INC R10, #2                                                                            |
| 0072 0DA8              | CLR @R10                                                                               |
|                        | LDB @R10, RL4                                                                          |
| 0076 A9A0              | INC R10, #1                                                                            |
| 0078 20AC              | LDB RL4, @R10                                                                          |
|                        | CPB RL3, #%(2)00001000 ! EXECUTE !                                                     |
| 007C 0808              |                                                                                        |
| 007E 5E0E              |                                                                                        |
| 0080 008A<br>0082 060C |                                                                                        |
| 0082 000C              |                                                                                        |
| 0086 5E08              | ELSE                                                                                   |
| 0088 008E              |                                                                                        |
| 008A 060C              | ANDB RL4, #% (2) 11111110 ! READ MASK !                                                |
| 008C FEFE              |                                                                                        |
| 008E 84BC<br>0090 2EAC | FI<br>ORB RL4, RL3<br>LDB @R10, RL4                                                    |
| 0092 9E08<br>0094      | RET                                                                                    |
| 0094                   | END UPDATE_MMU_IMAGE                                                                   |

0094 WAIT PROCEDURE \*\*\*\*\*\*\* \* INTRA\_KERNEL SYNC/COM PRIMATIVE \* \* INVOKED BY KERNEL PROCESSES xic. \*\*\* \*\* \*\*\* \* PARAMETERS \* R8 (R9): MSG POINTER (INPUT) 38 R1: SENDING\_VP (RETURN) \* \* GLOBAL VARIABLES R14: DBR (PARAM TO GETWORK) \* \* \* LOCAL VARIABLES sk. R2: CURRENT\_VP (RUNNING) \* R3: NEXT\_READY\_VP R4: LOCK\_ADDRESS \* \* R13: LOGICAL CPU NUMBER \*\*\*\*\*\*\*\*\*\*\* ENTRY I MASK INTERRUPTS ! 0094 7C01 DI VI ! LOCK VPT ! 0096 7604 R4, VPT.LOCK LDA 0098 0000\* 009A 5F00 CALL SPIN\_LOCK ! (R4:-VPT.LOCK) ! 009C 0282 ! NOTE: RETURNS WHEN VPT IS LOCKED BY THIS VP ! ! GET CPU NUMBER ! 009E 5F00 CALL GET\_CPU\_NO !RETURNS: 00A0 02C8" R1:CPU # R2:# VP'S! 00A2 A11D LD R13, R1 R2, VPT.RUNNING\_LIST (R 13) 00A4 61D2 LD 00A6 0002\* 00A8 6123 R3, VPT.VP.NEXT\_READY\_VP(R2) LD 00AA 001C" VPT.VP.MSG LIST(R2), #NIL 00AC 4D21 CP 00AE 001E" OOBC FFFF IF EQ ! CURRENT VP'S MSG LIST IS EMPTY ! THEN 00B2 5E0E 00B4 00EA" ! REMOVE CURRENT\_VP FROM READY\_LIST ! ! \* \* \* \* DEBUG \* \* \* \* ! R3, #NIL 00B6 0B03 CP 00B8 FFFF **OOBA SEOE** IF EQ THEN OOBC OOCA' LD RO, #R\_L\_E ! READY LIST EMPTY ! 00BE 2100 00C0 0003 LDA R1, \$ 00C2 7601 00C4 00C2\* CALL MONITOR 00C6 5F00 00C8 A900

FI ! \* \* \* END DEBUG \* \* \* ! 00CA 6FD3 LD VPT.READY\_LIST(R13), R3 00CC 0006 · 00CE 4D25 VPT.VP.NEXT\_READY\_VP(R2), #NIL LD 00D0 001C' 00D2 FFFF ! PUT IT IN WAITING STATE ! 00D4 4D25 LD VPT.VP.STATE(R2), #WAITING 00D6 0014\* 0008 0002 ! SET DBR ! 00DA 612E LD R14, VPT.VP.DBR(R2) 00DC 0010\* I SCHEDULE FIRST ELGIBLE READY VP ! 00DE 93F8 PUSH @R15,R8 ! SAVE LOGICAL CPU # ! @R15, R13 00E0 93FD PUSH 00E2 5F00 CALL GETWORK !R13:CPU # 00E4 0000\* R14:DBR! 1 RESTORE CPU # 1 00E6 97FD POP R13, @R15 00E8 97F8 POP R8,0R15 FI ! GET FIRST MSG ON CURRENT VP'S MSG LIST ! 00EA 5F00 CALL GET\_FIRST\_MSG ! COPIES MSG IN MSG ARRAY! 00EC 00C2\* ! R13: LOGICAL CPU # ! !RETURNS R1: SENDER VP ! ! UNLOCK VPT ! 00EE 4D08 CLR VPT.LOCK 00F0 0000\* ! UNMASK VECTORED INTERRUPTS ! 00F2 7C05 EI VI ! RETURN: R1:SENDER\_VP ! 00F4 9E08 RET 00F6 END WAIT

00F6 SIGNAL PROCEDURE \* INTRA\_KERNEL SYNC /COM PRIMATIVE \* \* INVOKED BY KERNEL PROCESSES \*\*\*\*\*\* \* REGISTER USE: 攎 \* **PARAMETERS:** \* \* R8 (R9): MSG POINTER (INPUT) \* \* R1: SIGNALED VP\_ID (INPUT) \* \* GLOBAL VARIABLES \* R13: CPU # (PARAM TO GETWORK) R14: DBR (PARAM TO GETWORK) \* \* LOCAL VARIABLES: \* R1: SIGNALED VP × \* R2: CURRENT VP × R4: VPT.LOCK ADDRESS ×. \*\*\*\*\*\*\*\*\*\*\*\* ENTRY ! SAVE VP ID ! 00F6 93F1 @R15, R1 PUSH ! MASK INTERRUPTS ! 00F8 7C01 DT VI ! LOCK VPT ! 00FA 7604 LDA R4, VPT.LOCK 00FC 0000\* 00FE 5F00 SPIN\_LOCK ! (R4:-VPT.LOCK) ! CALL 0100 0282\* INOTE: RETURNS WHEN VPT IS LOCKED BY THIS VP. ! ! GET LOGICAL CPU # ! 0102 5F00 GET\_CPU\_NO !RETURNS: CALL 0104 02C8\* R1:CPU # R2:# VP\*SI 0106 A11D R13, R1 LD ! RESTORE VP ID ! 0108 97F1 R1, @R15 POP ! PLACE MSG IN SIGNALED\_VP'S MSG\_LIST ! CALL ENTER\_MSG\_LIST ! (R8:MSG POINTER 010A 5F00 010C 005C\* R1:SIGNALED\_VP R13:LOGICAL CPU #) ! VPT.VP.STATE(R1), #WAITING 010E 4D11 CP 0110 0014 0112 0002 0114 SEOE IF EQ ! SIGNALED\_VP IS WAITING ! THEN 0116 0148 ! WAKE IT UP AND MAKE IT READY ! 0118 A112 R2, R1 LD R3, VPT.READY\_LIST (R13) 011A 76D3 LDA 011C 0006' R4, VPT.VP.NEXT\_READY\_VP 011E 7604 LDA 0120 001C\*

|        | 7605          |                                     |
|--------|---------------|-------------------------------------|
|        | 7606          |                                     |
|        | 0014          |                                     |
|        | 2107          |                                     |
|        | 0001          |                                     |
|        |               | ! SAVE LOGICAL CPU # !              |
| 012E   | 93FD          |                                     |
|        | 5F00          |                                     |
|        | 0000          | k                                   |
|        |               | R3: LIST_PTR ADDR                   |
|        |               | R4: NEXT_OBJ_PTR                    |
|        |               | R5: PRIORITY_PTR                    |
|        |               | R6: STATE PTR                       |
|        |               | R7: STATE !                         |
|        |               | ! RESTORE LOGICAL CPU # !           |
| 0134   | 9 <b>7</b> FD | POP R13, 0R15                       |
|        |               | ! PUT CURRENT_VP IN READY_STATE !   |
| 0136   | 61D2          |                                     |
| 0138   | 0002          | -                                   |
|        | 4D25          |                                     |
|        | 00141         | 1                                   |
| 013E   | 0001          |                                     |
|        |               | ! SET DBR !                         |
|        | 612E          |                                     |
| 0142   | 0010          |                                     |
|        |               |                                     |
|        |               | ! SCHEDULE FIRST ELGIBLE READY VP ! |
|        | 5 <b>F</b> 00 |                                     |
| 0146   | 0000          |                                     |
|        |               | R14:DBR !                           |
|        |               | FI                                  |
|        |               |                                     |
|        |               | ! UNLOCK VPT !                      |
|        | 4D08          |                                     |
| 014A   | 0000          |                                     |
| 0.44.0 | 7             | ! UNMASK VECTORED INTERRUPTS !      |
| 014C   | 7C05          | EI VI                               |
| 0145   | 9508          | RET                                 |
|        |               | END SIGNAL                          |
| 0150   |               | EUD STRUFF                          |

| 0 150                               | SET_PREEMPT     PROCEDURE       !************************************                                                                             |
|-------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------|
|                                     | <pre>* REGISTER USE: * * PARAMETERS: * * R1:TARGET_VP_ID (INPUT) * * LOCAL VARIABLES * * R1: VP_INDEX * ***********************************</pre> |
| 0150 6112<br>0152 0210•             | ! CONVERT VP_ID TO VP_INDEX !<br>LD R2, EXT_VP_LIST(R1)                                                                                           |
| 0154 4D25<br>0156 0018<br>0158 FFFF | : TURN ON TGT_VP PREEMPT FLAG :<br>LD VPT.VP.PREEMPT(R2), #ON                                                                                     |
|                                     | <pre>! ** IF TARGET VP NOT LOCAL</pre>                                                                                                            |
| 015A 9E08<br>015C                   | RET<br>END SET_PREEMPT                                                                                                                            |

015C IDLE PROCEDURE \*\*\*\*\*\* \* LOADS IDLE DBR ON \* \* CURRENT VP. CALLED BY \* \* TC GETWORK. \* \*\*\*\*\* \* REGISTER USE \* GLOBAL VARIABLE \* \* R13: LOG CPU # \* \* R14: DBR \* \* \* LOCAL VARIABLES: \* \* R2: CURRENT\_VP \* R3: TEMP VAR \* \* \* R4: VPT.LOCK ADDR \* \* R5: TEMP \* \*\*\*\*\*\*\* ENTRY ! GET LOGICAL CPU # ! 015C 5F00 GET\_CPU\_NO !RETURNS: CALL ! LOAD IDLE DBR ON CURRENT VP ! 0174 6103 LD R3, PRDS.IDLE VP 0176 OA10" 0178 6135 R5, VPT.VP.DBR(R3) LD 017A 0010' 017C 6F25 LD VPT.VP.DBR(R2), R5 017E 0010' ! TURN ON CURRENT VP'S IDLE FLAG ! 0180 4D25 LD VPT.VP.IDLE FLAG(R2), #ON 0182 0016 0184 FFFF ! SET VP TO READY STATE ! 0186 4D25 LD VPT.VP.STATE(R2), #READY 0188 00141 018A 0001 ! SCHEDULE FIRST ELIGIBLE READY VP ! CALL GETWORK !R13:LOGICAL CPU # 018C 5F00 018E 0000 . R14:DBR 1 ! UNLOCK VPT ! 0190 4D08 CLR VPT.LOCK 0192 0000\* ! UNMASK VECTORED INTERRUPTS ! 0194 7005 EI VI 0196 9E08 RET 0198 END IDLE

0198 SWAP VDBR PROCEDURE \*\*\*\*\*\* \* LOADS NEW DBR ON \* \* CURRENT VP. CALLED BY \* \* TC GETWORK. \*\*\*\*\*\*\* \* REGISTER USE \* \* PARAMETERS \* \* R1: NEW\_DBR (INPUT) \* × GLOBAL VARIABLES \* \* R13: LOGICAL CPU # \* \* R14: DBR \* \* LOCAL VARIABLES \* R2: CURRENT VP \* \* \* R4: VPT.LOCK ADDR \* \*\*\*\*\*\*\* ENTRY ! SAVE NEW DBR ! 0198 93F1 PUSH @R15, R1 ! MASK INTERRUPTS ! 019A 7C01 DI VI ! LOCK VPT ! 019C 7604 LDA R4, VPT.LOCK 019E 0000\* 01A0 5F00 CALL SPIN\_LOCK ! (R4:-VPT.LOCK) ! 01A2 0282 ! NOTE: RETURNS WHEN VPT IS LOCKED BY THIS VP.! I GET CPU # ! 01A4 5F00 CALL GET\_CPU\_NO !RETURNS: 01A6 02C8 R1: CPU # R2:# VP'S! 01A8 A11D R13, R1 LD ! GET CURRENT VP ! 01AA 61D2 LD R2, VPT.RUNNING\_LIST(R13) 01AC 0002\* 1 \* \* \* DEBUG \* \* \* 1 01AE 4D21 CP VPT.VP.MSG LIST (R2), #NIL 01B0 001E 01B2 FFFF IF NE ! MSG WAITING ! THEN 01B4 5E06 01B6 01C4 · 01B8 2100 ĹD RO, #S\_N\_A ! SWAP NOT ALLOWED ! 01BA 0005 LDA R1, \$ !PC! 01BC 7601 01BE 01BC' 01C0 5F00 CALL MONITOR 01C2 A900 FI 1 \* \* END DEBUG \* \* ! ! SET DBR ! 01C4 612E R14, VPT.VP.DBR(R2) LD 01C6 0010 I RESTORE NEW DBR !

01C8 97F0 POP R0, @R15 01CA 5F00 CALL GET\_DBR\_ADDR ! (R0: DBR #) 01CC 000A" RETURNS (R1: DBR ADDR) ! ! LOAD NEW DBR ON CURRENT VP ! 01CE 6F21 LD VPT.VP.DBR (R2), R1 01D0 0010 · ! TURN OFF IDLE FLAG ! 01D2 4D25 LD VPT.VP.IDLE\_FLAG(R2), #OFF 01D4 0016 · 01D6 0000 ! SET VP TO READY STATE ! 01D8 4D25 LD VPT.VP.STATE(R2), #READY 01DA 0014' 01DC 0001 ! SCHEDULE FIRST ELGIBLE READY VP ! 01DE 5F00 CALL GETWORK !R13:LOGICAL CPU # 01E0 0000" R14:DBR ! ! UNLOCK VPT ! 01E2 4D08 CLR VPT.LOCK 01E4 0000\* ! UNMASK VECTORED INTERRUPTS ! 01E6 7C05 EI VI 01E8 9E08 RET O1EA END SWAP\_VDBR

| OIEA                    | PHYS_PREEMPT_HANDLER PROCEDURE                                |
|-------------------------|---------------------------------------------------------------|
| UIBA                    | <b>****</b> ********************************                  |
|                         | * HARDWARE PREEMPT INTERRUPT *                                |
|                         | * HANDLER. ALSO TESTS FOR *                                   |
|                         | * VIRTUAL PREEMPT INTERRUPT *                                 |
|                         | * FLAG AND INVOKES INTERRUPT *<br>* HANDLER IF FLAG IS SET. * |
|                         | * INVOKED UPON EVERY EXIT FROM *                              |
|                         | * KERNEL. KERNEL FCW MASKS *                                  |
|                         | * NVI INTERBUPTS TO PREVENT *                                 |
|                         | * SIMULTANEOUS PREEMPT INTERR. *                              |
|                         | * HANDLING. *<br>********                                     |
|                         | * REGISTER USE *                                              |
|                         | * LOCAL VARIABLES *                                           |
|                         | * R1: PREEMPT_INT_FLAG *                                      |
|                         | * R2: CURRENT_VP *                                            |
|                         | * GLOBAL VARIABLES *                                          |
|                         | * R13:LOGICAL CPU # *                                         |
|                         | * R14:DBR *<br>*******                                        |
|                         | •••••••••••••••••••••••••••••••••••••••                       |
|                         | ENTRY                                                         |
|                         | ! * * PREEMPT_HANDLER * * !                                   |
|                         | ! SAVE ALL REGISTERS !                                        |
| 01EA 030F               | SUB R15, #32                                                  |
| 01EC 0020               |                                                               |
|                         | LDM @R15, R1, #16                                             |
| 01F0 010F               |                                                               |
|                         | ! SAVE NORMAL STACK POINTER (NSP) !                           |
| 01F2 7D67               | LDCTL R6, NSP                                                 |
| 01F4 93F6               | PUSH @R15, R6                                                 |
|                         | I GET CPU # !<br>CNU CRT CPU NO IRFTURNS:                     |
| 01F6 5F00<br>01F8 02C8  | CALL GET_CPU_NO !RETURNS:                                     |
| 0116 0200               | R1: CPU #                                                     |
|                         | R2:# VP°S!                                                    |
| 01PA A11D               | LD R13, R1                                                    |
|                         | ! MASK INTERRUPTS !                                           |
| 01FC 7C01               | DI VI                                                         |
| 0.177 7604              | ! LOCK VPT !<br>LDA R4, VPT.LOCK                              |
| 01FE 7604<br>0200 0000' |                                                               |
| 0202 5F00               | CALL SPIN_LOCK                                                |
| 0204 0282               | -                                                             |
|                         | RETURNS WHEN VPT IS LOCKED!                                   |
| 0.000 ( 10.0            | ! SET DBR !<br>LD R2, VPT.RUNNING_LIST(R13)                   |
| 0206 61D2<br>0208 0002* |                                                               |
| 0208 0002<br>020A 612E  |                                                               |
| 020C 0010'              |                                                               |

! PUT CURRENT PROCESS IN READY STATE ! LD 020E 4D25 VPT.VP.STATE(R2), #READY 0210 0014\* 0212 0001 CALL GETWORK !R13:LOG CPU # 0214 5F00 0216 0000' R14:DBR 1 PREEMPT RET: I UNLOCK VPT I 0218 4008 CLR VPT.LOCK 021A 0000" **! UNMASK VECTORED INTERRUPTS !** 021C 7C05 EI VI KERNEL\_EXIT: ! \*\*\* UNMASK VIRTUAL PREEMPTS \*\*\* ! ! \*\* NOTE: SAFE SEQUENCE AND DOES NOT REQUIRE VPT TO BE LOCKED. \*\* ! I GET CURRENT VP ! 021E 610D LD R13, PRDS.LOG\_CPU\_ID 0220 0A0C' 0222 61D2 LD R2, VPT.RUNNING LIST (R13) 0224 0002\* I TEST PREEMPT INTERRUPT FLAG ! 0226 4D21 CP VPT.VP.PREEMPT(R2), #ON 0228 0018 022A FFFF 022C 5E0E IF EQ ! PREEMPT FLAG IS ON ! THEN 022E 0240\* ! RESET PREEMPT FLAG ! 0230 4D25 LD VPT.VP.PREEMPT(R2), #OFF 0232 0018 0234 0000 ! SIMULATE VIRTUAL PREEMPT INTERRUPT ! 0236 2101 LD R1, #0 0238 0000 023A 6112 LD R2, VPT.VIRT\_INT\_VEC(R1) 023C 000C' 023E 1E28 JP DR2 INOTE: THIS JUMP TO TRAFFIC CONTROL IS USED ONLY IN THE CASE OF A PREEMPT INTERRUPT. AND SIMULATES A HARDWARE INTERRUPT. \*\* ! ! \*\*\* END VIRTUAL PREEMPT HANDLER \*\*\* ! FI ! NOTE: SINCE A HDWE INTERRUPT DOES NOT EXIT THROUGH THE GATE, THOSE FUNCTIONS PROVIDED BY A GATE EXIT TO HANDLE PREEMPTS MUST BE PROVIDED HERE ALSO. !

! RESTORE NSP ! 0240 97F6 POP R6, @R15 0242 7D6F LDCTL NSP, R6 ! RESTORE ALL REGSTERS ! 0244 1CF1 LDM R1, @R15, #16 0246 010F 0248 010F ADD R15, #32 024A 0020 ! EXECUTE HARDWARE INTERRUPT RETURN ! 024C 7B00 IRET 024E END PHYS\_PREEMPT\_HANDLER

- 359 -

024E RUNNING\_VP PROCEDURE \*\*\*\*\*\*\*\* \* CALLED BY TRAFFIC CONTROL. \* RETURNS VP\_ID. RESULT IS VALID\* \* ONLY WHILE APT IS LOCKED. ÷. \*\*\*\*\*\* \* REGISTER USE \* \* PARAMETERS \* R1: EXT\_VP ID (RETURNED) \* R3: LOG CPU # (RETURNED) \* \* LOCAL VARIABLES \* \* R2: VP INDEX \* \*\*\*\*\*\*\*\* ENTRY ! MASK INTERRUPTS ! 024E 7C01 DI VI ! LOCK VPT ! 0250 7604 LDA R4, VPT.LOCK 0252 0000 CALL 0254 5F00 SPIN\_LOCK ! (R4:-VPT.LOCK) ! 0256 0282' ! NOTE: RETURNS WHEN VPT IS LOCKED BY THIS VP ! ! GET LOGICAL CPU # ! 0258 5F00 CALL GET\_CPU\_NO !RETURNS: 025A 02C8\* R1: CPU # R2:# VP\*S! 025C A113 R3, R1 LD 025E 6132 LD R2, VPT.RUNNING LIST(R3) 0260 0002\* ! CONVERT VP INDEX TO VP ID ! 0262 6121 R1, VPT.VP.EXT ID (R2) LD 0264 0020" 1 \* \* \* DEBUG \* \* \* 1 0266 0B01 CP R1, #NIL 0268 FFFF 026A 5E0E IF EQ ! KERNEL PROC ! THEN 026C 027A' 026E 2100 LD RO, #V\_I\_E ! VP INDEX ERROR ! 0270 0006 0272 7601 LDA R1, \$ 0274 0272 0276 5F00 CALL MONITOR 0278 A900 FI ! \* \* END DEBUG \* \* ! ! UNLOCK VPT ! 027A 4008 CLR VPT.LOCK 027C 0000\* **! UNMASK VECTORED INTERRUPTS !** 027E 7C05 EI VI 0280 9E08 RET 0282 END RUNNING VP

| 0282       | SPIN_LOCK PROCEDURE<br>! *******************     |
|------------|--------------------------------------------------|
|            | * USES SPIN_LOCK MECH. *                         |
|            | * LOCKS UNLOCKED DATA *                          |
|            | * STRUCTURE (POINTED TO *                        |
|            | * BY INPUT PARAMETER). *                         |
|            | ********                                         |
|            | *REGISTER USE *                                  |
|            | * PARAMETERS *                                   |
|            | * R4: LOCK ADDR (INPUT) *                        |
|            | ********                                         |
|            | ENTRY                                            |
|            | ! NOTE: SINCE ONLY ONE PROCESSOR CURRENTLY       |
|            | IN SYSTEM, LOCK NOT NECESSARY. ** !              |
|            | ! * * * DEBUG * * * !                            |
| 0282 0D41  | CP @R4, #OFF                                     |
| 0284 0000  |                                                  |
| 0286 5E06  | IF NE ! NOT UNLOCKED ! THEN                      |
| 0288 0296  |                                                  |
| 028A 2100  | LD RO, #U_L ! UNAUTHORIZED LOCK !                |
| 028C 0000  |                                                  |
| 028E 7601  | LDA R1, \$                                       |
| 0290 028E  | CLIF HONTMOD                                     |
|            | CALL MONITOR                                     |
| 0294 A900  | FI                                               |
|            | I * * END DEBUG * * !                            |
|            | TEST_LOCK:                                       |
|            | ! DO WHILE STRUCTURE LOCKED !                    |
| 0.206 0046 | TSET DR4                                         |
|            | JR MI, TEST_LOCK                                 |
| 0298 EDLE  | JR HI, ILSI_LOCK<br>! ** NOTE SEE PLZ/ASM MANUAL |
|            | FOR RESTRICTIONS ON                              |
|            | USE OF TSET. ** !                                |
| 029A 9E08  |                                                  |
| 023A 3E00  |                                                  |
| 0290       | END SPIN_LOCK                                    |
|            | -                                                |

ITC\_GET\_SEG\_PTR 029C PROCEDURE \* GETS BASE ADDRESS OF SEGMENT × \* INDICATED. \*\*\*\*\*\*\*\* **\*** REGISTER USE: 崠 RO:SEG BASE ADDRESS(RET) \* \* \* R1:SEG NR (INPUT) \* R2:RUNNING VP (LOCAL) \* R3:DBR\_VALUE (LOCAL) \* R4:VPT.LOCK R13:LOGICAL CPU # **北** \* \*\*\*\*\*\* ENTRY : SAVE SEGMENT # ! 029C 93F1 PUSH @R15, R1 I MASK INTERRUPTS ! 029E 7C01 DI VI ! LOCK VPT ! 0240 7604 LDA R4, VPT.LOCK 02A2 0000. 02A4 5F00 CALL SPIN LOCK !R4:-VPT.LOCK! 02A6 0282\* I GET CPU # I 02A8 5F00 CALL GET\_CPU\_NO !RETURNS: 02AA 02C8" R1: CPU # R2:# VP'S! 02AC A11D LD R13, R1 ! RESTORE SEGMENT # ! 02AE 97F1 POP R1, @R15 02B0 61D2 LD R2, VPT. RUNNING LIST (R13) 02B2 0002\* 02B4 6123 LD R3, VPT.VP.DBR(R2) 02B6 0010' ! UNLOCK VPT ! 02B8 4D08 CLR VPT.LOCK 02BA 0000" ! UNMASK VECTORED INTERRUPTS ! 02BC 7C05 EI VI 02BE 1900 RRO,#4 MULT 02C0 0004 02C2 7130 R0, R3 (R1) LD 02C4 0100 02C6 9E08 RET 02C8 END ITC\_GET\_SEG\_PTR

02C8 GET\_CPU\_NO PROCEDURE \*\*\*\*\*\* \* FIND CURRENT CPU NO \* \* CALLED BY DIST MMGR 320 \* AND MM sk \*\*\*\*\*\* \* RETURNS ×k \* R1: CPU\_NO \* \* R2: # OF VP'S \* \*\*\*\*\*\*\* ENTRY 02C8 6101 LD R1, PRDS.LOG\_CPU\_ID 02CA 0AOC' 02CC 6102 LD R2, PRDS.VP\_NR O2CE OAOE" 02D0 9E08 RET 02D2 END GET\_CPU\_NO 02D2 K LOCK **PROCEDURE** \*\*\*\*\*\*\* STUB FOR WAIT LOCK \* \* \*\*\*\*\*\*\* \* R4:¬LOCK (INPUT) \* \*\*\*\*\*\*\* ENTRY 02D2 5F00 CALL SPIN\_LOCK 02D4 0282\* 02D6 9E08 RET 02D8 END K LOCK

ENTRY 02D8 0D48 CLR 3R4 02DA 9E08 RET 02DC END K\_UNLOCK

END INNER\_TRAFFIC\_CONTROL

- 363 -

# Appendix H

# SEGMENT MANAGER LISTINGS

28000ASM 2.02

- LOC OBJ CODE STMT SOURCE STATEMENT
  - \$LISTON \$TTY
  - SEG\_MGR MODULE

CONSTANT

|   | NU DI AUI                           |    |     |       |     |
|---|-------------------------------------|----|-----|-------|-----|
|   | NULL_SEG                            | := | - 1 |       |     |
|   | NULL_ACCESS                         | := | 4   |       |     |
|   | MAX_SEG_NO                          | := | 64  |       |     |
|   | MAX_NO_KST_ENTRIES                  | := | 54  |       |     |
|   |                                     |    | 128 |       |     |
|   | KST_SEG_NO                          | := | 2   |       |     |
|   | NR_OF_KSEGS                         |    |     |       |     |
|   |                                     | := |     |       |     |
|   | FALSE                               | := | 0   |       |     |
|   | READ                                | := |     |       |     |
|   | WRITE                               | := |     |       |     |
| ŧ | **** SUCCESS_CODES                  | -  | -   | kak j |     |
| • | SUCCEEDED                           | := |     |       |     |
|   | MENTOR_SEG_NOT_KNOWN                |    |     |       |     |
|   | ACCESS_CLASS_NOT_EQ                 | := | 33  |       |     |
|   |                                     | := |     |       |     |
|   | SEGMENT TOO LARGE                   |    |     |       |     |
|   |                                     | := |     |       |     |
|   |                                     | := |     |       |     |
|   | SEGMENT_IN_CORE                     | := |     |       |     |
|   |                                     | := |     |       |     |
|   | INVALID_SEGMENT_NO                  |    |     |       |     |
|   | NO_ACCESS_PERMITTED                 |    |     |       |     |
|   | LEAF_SEG_EXISTS                     | := | 10  |       |     |
|   | NO_LEAF EXISTS                      | := |     |       |     |
|   | ALIAS_DOES_NOT_EXIST                |    |     |       |     |
|   |                                     | := |     |       |     |
|   | G AST FULL                          | := |     |       |     |
|   | L_AST_FULL                          |    | 13  |       |     |
|   | PROC_CLASS_NOT_GE_SEG               |    |     | :=    | 41  |
|   | LOCAL_MEMORY_FULL                   |    |     | •     | - · |
|   | GIOBAT MEMORY RUTT                  | •= | 17  |       |     |
|   | GLOBAL_MEMORY_FULL<br>SEC_STOR_FULL |    | 21  |       |     |
|   | 226-2104-1011                       | •  | 41  |       |     |

- 364 -

| MONITOR                                                                              |       |     | := % | 0591               |   |       |
|--------------------------------------------------------------------------------------|-------|-----|------|--------------------|---|-------|
| TYPE                                                                                 |       |     |      |                    |   |       |
| H_ARRAY                                                                              | ARRAY | E   | 3    | WORD               | ] |       |
| KST_REC                                                                              | RECOR | D   |      |                    |   |       |
| [ MM_HANDLE<br>SIZE<br>ACCESS_MOD<br>IN_CORE<br>CLASS<br>M_SEG_NO<br>ENTRY_NUME<br>] | )E    |     | T_IN | T EGE R<br>T EGE R |   |       |
| ADDRESS                                                                              | WORD  |     |      |                    |   |       |
| SEG_ARRAY                                                                            | ARRAY | [MA | X_SE | G_SIZ              | E | BYTE] |

INTERNAL

0000

```
$SECTION SM_KST_DCL
! NOTE: THIS SECTION IS AN "OVERLAY"
  OR "FRAME" USED TO DEFINE THE
  FORMAT OF THE KST. NO STORAGE
  IS ASSIGNED BUT RATHER THE KST IS
  STORED IN A SEPARATELY OBTAINED
  AREA (A SEGMENT SET ASIDE FOR IT) !
$ABS 0
KST
      ARRAY
            MAX_NO_KST_ENTRIES KST_BEC
EXTERNAL
  CLASS EQ PROCEDURE
  CLASS GE PROCEDURE
  MM_CREATE_ENTRY PROCEDURE
  MM_DELETE_ENTRY PROCEDURE
  MM_ACTIVATE PROCEDURE
  MM DEACTIVATE PROCEDURE
  MM_SWAP_IN PROCEDURE
  MM_SWAP_OUT PROCEDURE
PROCESS_CLASS PROCEDURE
  ITC_GET_SEG_PTR PROCEDURE
  GET DBR NUMBER PROCEDURE
```

\$SECTION SM\_PROC GLOBAL

| 0000                                | CREATE_SI                                                                                                                                                              | EG PROCEDURE                                                 |
|-------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------|
|                                     | CHECKS<br>REQUEST<br>CALLS MM<br>**********<br>REGISTEN<br>PARAMET<br>R1: MEN<br>R2: ENT<br>R3: SIT<br>RR4: CI<br>R0: SUC<br>LOCAL C<br>R9: KST<br>R6, R7 M<br>R13: ¬F | M_CREATE IF VALID. !<br>************************************ |
|                                     | ENTRY                                                                                                                                                                  |                                                              |
| 0002 0080<br>0004 5E02              | IF GT                                                                                                                                                                  | #MAX_SEG_SIZE<br>THEN                                        |
| 0006 0010<br>0008 2100<br>000A 0019 |                                                                                                                                                                        | 0,#SEGMENT_TOO_LARGE                                         |
| 000C 5E08<br>000E 0CA2              |                                                                                                                                                                        |                                                              |
| 0010 030F                           | SUB                                                                                                                                                                    | R15,#10 !STACK AREA FOR<br>INPUT REGS!                       |
| 0012 000A<br>0014 1CF9<br>0016 0104 | LDM                                                                                                                                                                    | @R15,R1,#5                                                   |
| 0018 2101<br>001A 0002              | LD                                                                                                                                                                     | R1, #KST_SEG_NO                                              |
| 001C 5F00<br>001E 0000*             | CALL                                                                                                                                                                   | ITC_GET_SEG_PTR !R1: KST_SEG_NO!<br>!RET:R0:¬KST!            |
| 0020 A10D                           | LD                                                                                                                                                                     | R13,R0 !KST BASE ADDRESS<br>(IE ¬KST)!                       |
| 0022 1CF1<br>0024 0104              | LDM                                                                                                                                                                    | R1, @R15, #5 !RESTORE NEEDED REGS!                           |
| 0026 A119                           | T. D                                                                                                                                                                   | R9,R1 !COPY OF MENTOR_SEG_NO!                                |
| 0028 0309                           |                                                                                                                                                                        | R9, #NR_OF_KSEGS !CONVERT<br>MENTOR_SEG_NO                   |
| 002A 000A                           |                                                                                                                                                                        | KST_REC INDEX!                                               |
| 002C 1908                           | MULT                                                                                                                                                                   | RR8,#SIZEOF KST_REC<br>!OFFSET TO KST_REC!                   |

002E 0010 0030 819D ADD R13, R9 ! ADD OFFSET TO KST **BASE ADDRESS!** LD R6, #NULL\_SEG 0032 2106 0034 FFFF 0036 4ADE CPB RL6,KST.M\_SEG NO(R13) 0038 000E 003A 5E0E IF EQ THEN !MENTOR SEG NOT KNOWN! 003C 0046\* 003E 2100 LD RO, #MENTOR\_SEG\_NOT\_KNOWN 0040 0016 0042 5E08 ELSE 0044 009E\* 0046 93FD PUSH @R15,R13 0048 5F00 CALL PROCESS\_CLASS !RR2: PROC\_CLASS! 004A 0000\* 004C 97FD POP R13, @R15 004E 54D4 LDL RR4, KST. CLASS (R13) 0050 000A 0052 93FD PUSH @R15,R13 0054 5F00 CALL CLASS\_EQ !RR2: PROC\_CLASS! 0056 0000\* IRR4: MENTOR SEG CLASS! !R1: (RET) CONDITION CODE! 0058 97FD R13, @R15 POP 005A A116 LD R6, R1 005C 1CF1 LDM R1, @R15, #5 !RESTORE INPUT REGS! 005E 0104 0060 OB06 CP R6.#FALSE 0062 0000 0064 5E0E IF EO THEN 0066 0070 • 0068 2100 LD R0, #ACCESS\_CLASS\_NOT\_EQ 006A 0021 006C 5E08 ELSE 006E 009E @R15,R13 ISAVE -KST! 0070 93FD PUSH RR2,RR4 !CLASS! 0072 9442 LDL RR4, KST. CLASS (R13) 0074 54D4 LDL 0076 000A 0078 5F00 CALL CLASS\_GE !RR2:CLASS! 007A 0000\* IRR4: MENTOR CLASS! !RET:R1:COND\_CODE! R13, @R15 !RESTORE PTR! 20 P 007C 97FD CP R1, #FALSE 007E 0B01 0080 0000 LDM R1,@R15,#5 0082 1CF1 0084 0104 0086 5E0E IF EQ THEN 0088 0092\* RO, #NOT\_COMPATIBLE LD 008A 2100 - 367 -

| 008C<br>008E |       | EL        | SE        |         |        |        |            |        |
|--------------|-------|-----------|-----------|---------|--------|--------|------------|--------|
| 0092<br>0094 | 76D1  |           | LDA       | R 1, KS | ST.M   | IN_HAI | NDLE (     | R 1 3) |
| 0096         |       |           | CALL      | WW_CI   | REAT   | E_EN   | <b>FRY</b> |        |
| 0000         | 0000. |           | !R1:PT    | R TO    | MM_    | HANDI  | LE!        |        |
|              |       |           | !R2:EN    | TRY 1   | 101    |        |            |        |
|              |       |           | !R3:SI    | _       |        |        |            |        |
|              |       |           | !RR4:C    | LASS    | 1      |        |            |        |
|              |       |           | ! RO: (R  | ETUR    | NED    | succ   | ess c      | ODE!   |
| A 6 0 0      | 5F00  |           | CALL C    |         | •      |        | _          |        |
|              | 04281 |           |           |         |        |        |            |        |
| 0050         | 0420  |           | 1 (20     | :SUC    | - FC C | COD    | R) 1       |        |
|              |       | FI        | -         |         |        |        | •••        |        |
|              |       | FI        |           |         |        |        |            |        |
|              |       |           |           |         |        |        |            |        |
| 0.007        | 0100  | FI        | D45 44    | 0       |        |        |            |        |
| 009E         |       | ADD       | R 15, # 1 | 0       |        |        |            |        |
| 0040         | 000A  |           |           |         |        |        |            |        |
|              |       | FI        |           |         |        |        |            |        |
| 00A2         | 9E08  | RET       |           |         |        |        |            |        |
| 00A4         |       | END CREAT | E_SEG     |         |        |        |            |        |
|              |       |           |           |         |        |        |            |        |

- 368 -

| 00A4  |        | DELETE SH        | EG       |                 | PROCEDURE                               |
|-------|--------|------------------|----------|-----------------|-----------------------------------------|
|       | !      | ******           | ****     | *******         | ****                                    |
|       |        |                  |          |                 | DELETE !                                |
|       |        | REQUEST          |          |                 | t .                                     |
|       |        |                  |          |                 | F VALID. !                              |
|       | 1      | ******           | ****     | *******         | *****                                   |
|       | !      | REGIST           | ERU      | JSE:            | ţ                                       |
|       |        | PARATE           | F P. R S |                 | 1                                       |
|       | 1      | R1:MEN           | NTOR     | R_SEG_NO        | (INPUT) !<br>T) !<br>RET) !             |
|       | :      | RZ:ENI<br>PO-SUC | CRI_     | -NO (INDA)      |                                         |
|       | :      |                  | ICDJ     |                 | KEI) :                                  |
|       |        | R6:VAN           | RIOU     | IS LOCAL        | USES !                                  |
|       |        |                  |          |                 | *****                                   |
|       |        |                  |          |                 |                                         |
|       |        | ENTRY            |          | 54 461          |                                         |
| 0044  | 9311   | PUSH 01          | K15,     | RI ISAN         | VE NEEDED REGS!                         |
| OOAO  | 9312   | PUSH @1          | 1 I D g  | KZ<br>KGT GTC I | NO                                      |
|       | 0002   | LD R             | 1, *0    | "21_2TC_1       | 10                                      |
|       |        | CALL T           |          |                 | PTR !R1:KST_SEG_NO!                     |
| OOAE  | 0000*  |                  |          |                 |                                         |
| 0080  | A10D   | LD R             | 13.R     | RO I-KS         | T!                                      |
| 00B2  | 97F2   | POP R            | 2,05     | R15 !RES        | STORE INPUT REGS!                       |
| 00B4  | 97F1   | POP R            | 1, @R    | R 15            |                                         |
| 00B6  | 0301   | SUB R            | 1, #N    | NR_OF_KSI       | T!<br>STORE INPUT REGS!<br>EGS !CONVERT |
|       |        |                  |          |                 | MENTOR_SEG_NO TO                        |
| 0088  | 000A   |                  |          |                 | KST REC INDEX!                          |
| OOBA  | 1900   |                  | R () . # | #STZEOF         | KST_REC !OFFSET                         |
| OODA  | 1900   |                  |          |                 | TO DESIRED REC!                         |
| 00BC  | 0010   |                  |          |                 |                                         |
|       |        | ADD R            | 13,F     | R1 !ADD         | OFFSET TO KST BASE                      |
|       |        |                  | ·        |                 | ADDRESS!                                |
|       |        | LD Re            | 5,#N     | NULL_SEG        |                                         |
|       | FFFF   |                  |          |                 |                                         |
| 00C4  |        | CPB RI           | L6, K    | KST.M_SE        | G_NO (R13)                              |
| 00C6  |        |                  | ~        | ה ווכדות        | MENTOR SEGMENT                          |
| 0008  | 5E0E   | IF E             | 2        | THEN !!         | NOT KNOWN!                              |
| 0.000 | 0004 * |                  |          |                 |                                         |
|       | 2100   | T. D             | RO.      | #MENTOR         | SEG_NOT_KNOWN                           |
|       | 0016   | 40               |          |                 |                                         |
|       | 5E08   | ELSE             |          |                 |                                         |
|       | 010E'  |                  |          |                 |                                         |
| 00D4  | 93F1   |                  |          |                 | SAVE NEEDED REGS!                       |
|       | 93F2   | PUSH             | @R1      | 15,R2           |                                         |
|       | 93FD   |                  | DR       | 15,R13          | 200                                     |
|       | 5F00   | CALL             | PRC      | OCESS_CL        | 14 J J                                  |
| UUDC  | *0000  |                  | 1 / 5    | RETIRNS         | RR2:PROC_CLASS) !                       |
| OODE  | 97FD   | POP              |          | 3,0R15          |                                         |
|       | 54D4   | LDL              |          | 4.KST.CL        | ASS (R13) !MENTOR                       |
| 0010  | 9197   |                  |          | ·               |                                         |
|       |        |                  |          |                 |                                         |

|         |               | SEG CLASS!                                          |
|---------|---------------|-----------------------------------------------------|
| 00E2    | 000A          |                                                     |
|         |               | PUSH @R15,R13                                       |
|         | 5F00          | CALL CLASS_EQ !RR2:PROCESS CLASS!                   |
| 00E8    | *0000         |                                                     |
|         |               | !RR4:MENTOR SEG CLASS!                              |
|         |               | !R1: (RET) CONDITION_CODE!                          |
|         | A116          | LD R6, R1                                           |
| 00EC    | 97FD          | POP R13, 0R15<br>POP R2, 0R15 !RESTORE NEEDED REGS! |
| 0 0 E E | 9 <b>7</b> F2 | POP R2, @R15 !RESTORE NEEDED REGS!                  |
| 00F0    | 97F1          | POP R1, $\partial$ R15                              |
|         | 0806          | CP R6, #FALSE                                       |
|         | 0000          |                                                     |
| 00F6    |               | IF EQ THEN                                          |
|         | 0102          |                                                     |
|         | 2100          | LD RO,#ACCESS_CLASS_NOT_EQ                          |
|         | 0021          |                                                     |
| OOFE    |               | ELSE                                                |
|         | 010E          |                                                     |
|         | 76D1          | LDA R1,KST.MM_HANDLE(R13)                           |
|         | 0000          |                                                     |
|         | 5F00          | CALL MM_DELETE_ENTRY                                |
| 0108    | *0000         |                                                     |
|         |               | !R1:¬MM_HANDLE!                                     |
|         |               | ! R2:ENTRY_NO!                                      |
|         |               | !RO: (RET) SUCCESS_CODE!                            |
|         | 5F00          | CALL CONFINEMENT_CHECK                              |
| 0100    | 0428          |                                                     |
|         |               | ! (R0:SUCCESS_CODE) !                               |
|         |               | FI                                                  |
| 0.107   | 0 = 0 0       | FI                                                  |
|         | 9E08          | RET                                                 |
| 0110    |               | END DELETE_SEG                                      |

| 0110 |                | MAKE_KNOWN PROCEDURE<br>! ************************************                                                                                                                                                                                                                                      |
|------|----------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
|      |                | MAKE_KNOWN       PROCEDURE         ! ************************************                                                                                                                                                                                                                           |
|      |                | ! CHECKS VALIDITY OF MAKE KNOWN !                                                                                                                                                                                                                                                                   |
|      |                | ! REQUEST AND CALLS MM_ACTIVATE !                                                                                                                                                                                                                                                                   |
|      |                | ! IF VALID. ASSIGNS SEG                                                                                                                                                                                                                                                                             |
|      |                | ! NUMBER AND UPDATES KST.                                                                                                                                                                                                                                                                           |
|      |                | • ************************************                                                                                                                                                                                                                                                              |
|      |                | ! REGISTER USE:                                                                                                                                                                                                                                                                                     |
|      |                | ! PARAMETERS:                                                                                                                                                                                                                                                                                       |
|      |                | ! R1:MENTOR_SEG_NO(INPUT)                                                                                                                                                                                                                                                                           |
|      |                | ! R2:ENTRY_NO(INPUT) !                                                                                                                                                                                                                                                                              |
|      |                | ! R3:ACCESS_DESIRED (INPUT) !                                                                                                                                                                                                                                                                       |
|      |                | ! RO:SUCCESS_CODE (RET) !                                                                                                                                                                                                                                                                           |
|      |                | ! R1:SEGMENT_NO (RET) !                                                                                                                                                                                                                                                                             |
|      |                | ! R2:ACCESS_ALLOWED (RET) !                                                                                                                                                                                                                                                                         |
|      |                | !       R1:MENTOR_SEG_NO (INPUT)         !       R1:MENTOR_SEG_NO (INPUT)         !       R2:ENTRY_NO (INPUT)         !       R3:ACCESS_DESIRED (INPUT)         !       R0:SUCCESS_CODE (RET)         !       R1:SEGMENT_NO (RET)         !       R2:ACCESS_ALLOWED (RET)         !       LOCAL USE |
|      |                | IDENTIFIED AT POINT OF USAGE !                                                                                                                                                                                                                                                                      |
|      |                | *******                                                                                                                                                                                                                                                                                             |
|      |                | ENTRY                                                                                                                                                                                                                                                                                               |
| 0110 | 93F1           | PUSH @R15,R1 ISAVE INPUT REGS!                                                                                                                                                                                                                                                                      |
| 0112 | 91F2           | PUSHL @R15, RR2                                                                                                                                                                                                                                                                                     |
| 0114 | 2101           | PUSH @R15,R1 !SAVE INPUT REGS!<br>PUSHL @R15,RR2<br>LD R1,#KST_SEG_NO                                                                                                                                                                                                                               |
| 0116 | 0002           |                                                                                                                                                                                                                                                                                                     |
| 0118 | 5F00           | CALL ITC_GET_SEG_PTR ! (R1:KST_SEG_NO,                                                                                                                                                                                                                                                              |
|      |                | RET:R0:¬KST)!                                                                                                                                                                                                                                                                                       |
| 011A | 0000*          |                                                                                                                                                                                                                                                                                                     |
| 011C | A10D           | LD R13,RO !¬KST!                                                                                                                                                                                                                                                                                    |
| 011E | 95F2           | LD R13,R0 !-KST!<br>POPL RR2,@R15                                                                                                                                                                                                                                                                   |
| 0120 | 97F1           | POP R1, aR15                                                                                                                                                                                                                                                                                        |
| 0122 | A115           | POP R1, 0R15<br>LD R5, R1 !COPY OF MENTOR_SEG_NO!                                                                                                                                                                                                                                                   |
| 0124 | 0305           | SUB R5, #NR_OF_KSEGS ! CONVERT TO                                                                                                                                                                                                                                                                   |
|      |                | INDEX!                                                                                                                                                                                                                                                                                              |
| 0126 | <b>A 0 0 0</b> |                                                                                                                                                                                                                                                                                                     |
|      |                | MULT RR4, #SIZEOF KST_REC !KST OFFSET                                                                                                                                                                                                                                                               |
|      |                | TO SEG REC!                                                                                                                                                                                                                                                                                         |
| 012A | 0010           |                                                                                                                                                                                                                                                                                                     |
| 012C | 815D           | ADD R13,R5 !ADD OFFSET TO ¬KST!                                                                                                                                                                                                                                                                     |
| 012E | 2104           | LD R4, #NULL_SEG                                                                                                                                                                                                                                                                                    |
| 0130 |                | -                                                                                                                                                                                                                                                                                                   |
|      | 4ADC           | CPB RL4,KST.M_SEG_NO(R13)                                                                                                                                                                                                                                                                           |
| 0134 |                |                                                                                                                                                                                                                                                                                                     |
| 0136 |                | IF EQ THEN                                                                                                                                                                                                                                                                                          |
|      | 014A'          |                                                                                                                                                                                                                                                                                                     |
| 013A |                | LD RO, #MENTOR_SEG_NOT_KNOWN                                                                                                                                                                                                                                                                        |
| 013C |                |                                                                                                                                                                                                                                                                                                     |
| 013E |                | LD R1, #NULL_SEG                                                                                                                                                                                                                                                                                    |
| 0140 |                |                                                                                                                                                                                                                                                                                                     |
| 0142 | 2102           | LD R2, #NULL_ACCESS                                                                                                                                                                                                                                                                                 |
| 0144 | 0004           |                                                                                                                                                                                                                                                                                                     |
| 0146 | 5E08           | ELSE                                                                                                                                                                                                                                                                                                |
| 0148 | 02C8           |                                                                                                                                                                                                                                                                                                     |
| 014A | 2107           | LD R7,#0 !KST INDEX!                                                                                                                                                                                                                                                                                |
| 014C | 0000           |                                                                                                                                                                                                                                                                                                     |
|      |                |                                                                                                                                                                                                                                                                                                     |

| 014E 2108<br>0150 FFFF                                                                                                                                                                            | LD R8, #NULL_SEG ! AVAIL SEG INDEX!                                                                                                                                                                                                                                                      |
|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| 0152 A109                                                                                                                                                                                         | LD R9,R0 !¬KST!                                                                                                                                                                                                                                                                          |
| 0154 210A                                                                                                                                                                                         | LD R10, #NULL_SEG !SEG KNOWN INDICATOR!                                                                                                                                                                                                                                                  |
| 0156 FFFF                                                                                                                                                                                         |                                                                                                                                                                                                                                                                                          |
|                                                                                                                                                                                                   | SEE_IF_KNOWN:                                                                                                                                                                                                                                                                            |
|                                                                                                                                                                                                   | DO                                                                                                                                                                                                                                                                                       |
| 0158 4499                                                                                                                                                                                         | CPB RL1,KST.M_SEG_NO(R9)                                                                                                                                                                                                                                                                 |
| 015A 000E                                                                                                                                                                                         |                                                                                                                                                                                                                                                                                          |
| 015C 5E0E                                                                                                                                                                                         | IF EQ THEN                                                                                                                                                                                                                                                                               |
| 015E 017C'                                                                                                                                                                                        |                                                                                                                                                                                                                                                                                          |
| 0160 4A9A                                                                                                                                                                                         | CPB RL2, KST. ENTRY_NUMBER (R9)                                                                                                                                                                                                                                                          |
| 0162 000F                                                                                                                                                                                         |                                                                                                                                                                                                                                                                                          |
| 0164 5E0E                                                                                                                                                                                         |                                                                                                                                                                                                                                                                                          |
| 0166 017C                                                                                                                                                                                         |                                                                                                                                                                                                                                                                                          |
| 0168 2100                                                                                                                                                                                         | LD RO, #SUCCEEDED                                                                                                                                                                                                                                                                        |
| 016A 0002                                                                                                                                                                                         |                                                                                                                                                                                                                                                                                          |
| 016C 0107                                                                                                                                                                                         | ADD R7,#NR_OF_KSEGS                                                                                                                                                                                                                                                                      |
| 016E 000A                                                                                                                                                                                         |                                                                                                                                                                                                                                                                                          |
| 0170 A171                                                                                                                                                                                         | LD R1, R7 !SEG#!                                                                                                                                                                                                                                                                         |
| 0172 609A                                                                                                                                                                                         | LDB RL2,KST.ACCESS_MODE(R9)                                                                                                                                                                                                                                                              |
| 0174 0008                                                                                                                                                                                         |                                                                                                                                                                                                                                                                                          |
| 0176 A11A                                                                                                                                                                                         | LD R10,R1 !SET SEG KNOWN                                                                                                                                                                                                                                                                 |
| 0490 5900                                                                                                                                                                                         | INDICATOR!                                                                                                                                                                                                                                                                               |
|                                                                                                                                                                                                   | EXIT FROM SEE_IF_KNOWN                                                                                                                                                                                                                                                                   |
| 017A 01A6'                                                                                                                                                                                        | PT                                                                                                                                                                                                                                                                                       |
|                                                                                                                                                                                                   | PI<br>FI                                                                                                                                                                                                                                                                                 |
|                                                                                                                                                                                                   | * -                                                                                                                                                                                                                                                                                      |
|                                                                                                                                                                                                   |                                                                                                                                                                                                                                                                                          |
| 017C 4A9C                                                                                                                                                                                         | CPB RL4,KST.M SEG NO(R9)                                                                                                                                                                                                                                                                 |
| 017C 4A9C                                                                                                                                                                                         | CPB RL4,KST.M_SEG_NO(R9)<br>!SEE IF SEG # AVAIL!                                                                                                                                                                                                                                         |
| 017C 4A9C<br>017E 000E                                                                                                                                                                            |                                                                                                                                                                                                                                                                                          |
|                                                                                                                                                                                                   |                                                                                                                                                                                                                                                                                          |
| 01 <b>7</b> e 000e                                                                                                                                                                                | SEE IF SEG # AVAIL!                                                                                                                                                                                                                                                                      |
| 01 <b>7</b> E 000E<br>0180 5E0E                                                                                                                                                                   | SEE IF SEG # AVAIL!                                                                                                                                                                                                                                                                      |
| 017E 000E<br>0180 5E0E<br>0182 0192"                                                                                                                                                              | <pre>!SEE IF SEG # AVAIL! IF EQ THEN CP R8,#NULL_SEG</pre>                                                                                                                                                                                                                               |
| 017E 000E<br>0180 5E0E<br>0182 0192<br>0184 0B08                                                                                                                                                  | SEE IF SEG # AVAIL!                                                                                                                                                                                                                                                                      |
| 017E 000E<br>0180 5E0E<br>0182 0192<br>0184 0B08<br>0186 FFFF                                                                                                                                     | <pre>!SEE IF SEG # AVAIL! IF EQ THEN CP R8,#NULL_SEG</pre>                                                                                                                                                                                                                               |
| 017E 000E<br>0180 5E0E<br>0182 0192<br>0184 0B08<br>0186 FFFF<br>0188 5E0E                                                                                                                        | <pre>!SEE IF SEG # AVAIL!<br/>IF EQ THEN<br/>CP R8,#NULL_SEG<br/>IF EQ THEN<br/>LD R8,R7 !SAVE FIRST</pre>                                                                                                                                                                               |
| 017E 000E<br>0180 5E0E<br>0182 0192°<br>0184 0B08<br>0186 FFFF<br>0188 5E0E<br>018A 0192°<br>018C A178                                                                                            | <pre>!SEE IF SEG # AVAIL!<br/>IF EQ THEN<br/>CP R8,#NULL_SEG<br/>IF EQ THEN<br/>LD R8,R7 !SAVE FIRST<br/>AVAIL SEG INDEX!</pre>                                                                                                                                                          |
| 017E 000E<br>0180 5E0E<br>0182 0192"<br>0184 0B08<br>0186 FFFF<br>0188 5E0E<br>018A 0192"                                                                                                         | <pre>!SEE IF SEG # AVAIL!<br/>IF EQ THEN<br/>CP R8, #NULL_SEG<br/>IF EQ THEN<br/>LD R8, R7 !SAVE FIRST<br/>AVAIL SEG INDEX!<br/>ADD R8, #NR_OF_KSEGS</pre>                                                                                                                               |
| 017E 000E<br>0180 5E0E<br>0182 0192<br>0184 0B08<br>0186 FFFF<br>0188 5E0E<br>018A 0192<br>018C A178<br>018E 0108                                                                                 | <pre>!SEE IF SEG # AVAIL!<br/>IF EQ THEN<br/>CP R8,#NULL_SEG<br/>IF EQ THEN<br/>LD R8,R7 !SAVE FIRST<br/>AVAIL SEG INDEX!</pre>                                                                                                                                                          |
| 017E 000E<br>0180 5E0E<br>0182 0192°<br>0184 0B08<br>0186 FFFF<br>0188 5E0E<br>018A 0192°<br>018C A178                                                                                            | <pre>!SEE IF SEG # AVAIL!<br/>IF EQ THEN<br/>CP R8,#NULL_SEG<br/>IF EQ THEN<br/>LD R8,R7 !SAVE FIRST<br/>AVAIL SEG INDEX!<br/>ADD R8,#NR_OF_KSEGS<br/>!CONVERT TO SEG #!</pre>                                                                                                           |
| 017E 000E<br>0180 5E0E<br>0182 0192<br>0184 0B08<br>0186 FFFF<br>0188 5E0E<br>018A 0192<br>018C A178<br>018E 0108                                                                                 | <pre>!SEE IF SEG # AVAIL!<br/>IF EQ THEN<br/>CP R8, #NULL_SEG<br/>IF EQ THEN<br/>LD R8, R7 !SAVE FIRST<br/>AVAIL SEG INDEX!<br/>ADD R8, #NR_OF_KSEGS<br/>!CONVERT TO SEG #!<br/>FI</pre>                                                                                                 |
| 017E 000E<br>0180 5E0E<br>0182 0192°<br>0184 0B08<br>0186 FFFF<br>0188 5E0E<br>018A 0192°<br>018C A178<br>018E 0108<br>0190 000A                                                                  | <pre>!SEE IF SEG # AVAIL!<br/>IF EQ THEN<br/>CP R8,#NULL_SEG<br/>IF EQ THEN<br/>LD R8,R7 !SAVE FIRST<br/>AVAIL SEG INDEX!<br/>ADD R8,#NR_OF_KSEGS<br/>!CONVERT TO SEG #!<br/>FI<br/>FI</pre>                                                                                             |
| 017E 000E<br>0180 5E0E<br>0182 0192<br>0184 0B08<br>0186 FFFF<br>0188 5E0E<br>018A 0192<br>018C A178<br>018E 0108<br>0190 000A                                                                    | <pre>!SEE IF SEG # AVAIL!<br/>IF EQ THEN<br/>CP R8,#NULL_SEG<br/>IF EQ THEN<br/>LD R8,R7 !SAVE FIRST<br/>AVAIL SEG INDEX!<br/>ADD R8,#NR_OF_KSEGS<br/>!CONVERT TO SEG #!<br/>FI<br/>FI<br/>INC R7</pre>                                                                                  |
| 017E 000E<br>0180 5E0E<br>0182 0192°<br>0184 0B08<br>0186 FFFF<br>0188 5E0E<br>018A 0192°<br>018C A178<br>018E 0108<br>0190 000A                                                                  | <pre>!SEE IF SEG # AVAIL!<br/>IF EQ THEN<br/>CP R8,#NULL_SEG<br/>IF EQ THEN<br/>LD R8,R7 !SAVE FIRST<br/>AVAIL SEG INDEX!<br/>ADD R8,#NR_OF_KSEGS<br/>!CONVERT TO SEG #!<br/>FI<br/>FI<br/>INC R7<br/>ADD R9,#SIZEOF KST_REC</pre>                                                       |
| 017E 000E<br>0180 5E0E<br>0182 0192<br>0184 0B08<br>0186 FFFF<br>0188 5E0E<br>018A 0192<br>018C A178<br>018E 0108<br>0190 000A<br>0192 A970<br>0194 0109                                          | <pre>!SEE IF SEG # AVAIL!<br/>IF EQ THEN<br/>CP R8,#NULL_SEG<br/>IF EQ THEN<br/>LD R8,R7 !SAVE FIRST<br/>AVAIL SEG INDEX!<br/>ADD R8,#NR_OF_KSEGS<br/>!CONVERT TO SEG #!<br/>FI<br/>FI<br/>INC R7</pre>                                                                                  |
| 017E 000E<br>0180 5E0E<br>0182 0192<br>0184 0B08<br>0186 FFFF<br>0188 5E0E<br>018A 0192<br>018C A178<br>018E 0108<br>0190 000A<br>0192 A970<br>0194 0109<br>0196 0010                             | <pre>!SEE IF SEG # AVAIL!<br/>IF EQ THEN<br/>CP R8,#NULL_SEG<br/>IF EQ THEN<br/>LD R8,R7 !SAVE FIRST<br/>AVAIL SEG INDEX!<br/>ADD R8,#NR_OF_KSEGS<br/>!CONVERT TO SEG #!<br/>FI<br/>FI<br/>INC R7<br/>ADD R9,#SIZEOF KST_REC<br/>!INCREMENT ONE REC!</pre>                               |
| 017E 000E<br>0180 5E0E<br>0182 0192°<br>0184 0B08<br>0186 FFFF<br>0188 5E0E<br>018A 0192°<br>018C A178<br>018E 0108<br>0190 000A<br>0192 A970<br>0194 0109<br>0196 0010<br>0198 0B07              | <pre>!SEE IF SEG # AVAIL!<br/>IF EQ THEN<br/>CP R8, #NULL_SEG<br/>IF EQ THEN<br/>LD R8, R7 !SAVE FIRST<br/>AVAIL SEG INDEX!<br/>ADD R8, #NR_OF_KSEGS<br/>!CONVERT TO SEG #!<br/>FI<br/>FI<br/>INC R7<br/>ADD R9, #SIZEOF KST_REC</pre>                                                   |
| 017E 000E<br>0180 5E0E<br>0182 0192°<br>0184 0B08<br>0186 FFFF<br>0188 5E0E<br>018A 0192°<br>018C A178<br>018E 0108<br>0190 000A<br>0192 A970<br>0194 0109<br>0196 0010<br>0198 0B07<br>019A 0036 | <pre>!SEE IF SEG # AVAIL!<br/>IF EQ THEN<br/>CP R8,#NULL_SEG<br/>IF EQ THEN<br/>LD R8,R7 !SAVE FIRST<br/>AVAIL SEG INDEX!<br/>ADD R8,#NR_OF_KSEGS<br/>!CONVERT TO SEG #!<br/>FI<br/>FI<br/>INC R7<br/>ADD R9,#SIZEOF KST_REC<br/>!INCREMENT ONE REC!<br/>CP R7,#MAX_NO_KST_ENTRIES</pre> |
| 017E 000E<br>0180 5E0E<br>0182 0192°<br>0184 0B08<br>0186 FFFF<br>0188 5E0E<br>018A 0192°<br>018C A178<br>018E 0108<br>0190 000A<br>0192 A970<br>0194 0109<br>0196 0010<br>0198 0B07              | <pre>!SEE IF SEG # AVAIL!<br/>IF EQ THEN<br/>CP R8,#NULL_SEG<br/>IF EQ THEN<br/>LD R8,R7 !SAVE FIRST<br/>AVAIL SEG INDEX!<br/>ADD R8,#NR_OF_KSEGS<br/>!CONVERT TO SEG #!<br/>FI<br/>FI<br/>INC R7<br/>ADD R9,#SIZEOF KST_REC<br/>!INCREMENT ONE REC!</pre>                               |

-

01A0 5E08 EXIT FROM SEE\_IF\_KNOWN 01A2 01A6" FI 01A4 E8D9 OD SEE\_IF\_KNOWN! 01A6 0B0A CP R10, #NULL\_SEG 01A8 FFFF 01AA 5EOE IF EQ THEN ISEG KNOWN INDICATOR NOT SET! 01AC 02C8. 01AE 0B08 CP R8, #NULL SEG 01B0 FFFF 01B2 5E06 IF NE THEN **!CASE:SEG UNKNOWN** AND SEG# AVAIL! 01B4 02BC\* 01B6 91F0 PUSHL @R15, RRO !-KST AND MENTOR\_SEG\_NO! 01B8 91F2 PUSHL @R15, RR2 !ENTRY\_NO &ACCESS\_DESIRED! 01BA 93F8 PUSH **DR15, R8 !AVAIL SEG** INDEX IN KST! 01BC 93FD PUSH **DR15, R13 IMENTOR SEG REC PTR!** 01BE 5F00 CALL GET\_DBR\_NUMBER ! (RET:RL1:DBR NO) ! 01C0 0000\* 01C2 A11A R10,R1 !DBR\_NO! LD 01C4 97FD POP R13,0R15 01C6 97F8 R8, @R15 POP 01C8 95F2 POPL RR2, @R15 01CA 95F0 RRO, @R15 POPL MUST REARRANGE REGS FOR PASSING AND **RETURN CONSISTENCY OF LOCATION!** 01CC A135 000D 047C 5E0E LD R5,R3 !ACCESS\_DESIRED! !ENTRY\_NO! 01CE A123 LD R3,R2 01D0 76D2 LDA R2,KST.MM\_HANDLE(R13) !HPTR! 01D2 0000 R6,R1 IMENTOR\_SEG\_NO! 01D4 A116 LD 01D6 A181 LD R1, R8 ISEGMENT\_NO (SAVE)! 01D8 A184 LD R4,R8 ISEGMENT\_NO (PASSING ARG) ! R9,R0 01DA A109 LD !-KST! 01DC 030F SUB R15,#20 01DE 0014 @R 15, R 1, # 10 !SAVE REGS 1-10! 01E0 1CF9 LDM 01E2 0109 !DBR\_NO PASSED 01E4 A1A1 LD R1, R10 IN R1! LD R11, R8 01E6 A18B 01E8 030B SUB R11, #NR\_OF\_KSEGS 01EA 000A RR10, #SIZEOF KST REC 01EC 190A MULT 01EE 0010

| 01F0 A1BC<br>01F2 819C<br>01F4 5F00<br>01F6 00004 | CALL MM_ACTIVATE                                                                                                                  |
|---------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------|
|                                                   | <pre>! (R1:DBR_NO,R2:HPTR,R3:ENTRY_NO,<br/>R4:SEGMENT_NO,R12:RET_HPTR)!<br/>! (RET:R0:SUCCESS_CODE,RR2:CLASS,<br/>R4:SIZE)!</pre> |
| 01F8 5F00                                         | CALL CONFINEMENT_CHECK<br>! (R0:SUCCESS_CODE) !                                                                                   |
| 01FA 0428                                         |                                                                                                                                   |
| 01FC 942A                                         |                                                                                                                                   |
| 01FE A14C                                         |                                                                                                                                   |
| 0200 1CF1                                         |                                                                                                                                   |
| 0202 0108                                         |                                                                                                                                   |
| 0204 A187                                         |                                                                                                                                   |
| 0206 0307                                         | SUB R7,#NR_OF_KSEGS                                                                                                               |
| 0208 000A                                         |                                                                                                                                   |
| 020A 1906                                         |                                                                                                                                   |
| 0.200 00.10                                       | !OFFSET TO REC!                                                                                                                   |
| 020C 0010<br>020E A17D                            | ם 13 ס <b>7</b>                                                                                                                   |
| 0210 819D                                         | LD R13,R7<br>ADD R13,R9 !ADD ¬KST TO OFFSET!                                                                                      |
| 0210 019D                                         | LDL KST.CLASS (R13), RR10 !CLASS!                                                                                                 |
| 0214 000A                                         |                                                                                                                                   |
| 0216 6FDC                                         | LD KST.SIZE(R13),R12 !SIZE!                                                                                                       |
| 0218 0006                                         |                                                                                                                                   |
| 021A 0A08                                         | CPB RLO, #SUCCEEDED                                                                                                               |
| 021C 0202                                         |                                                                                                                                   |
| 021E 5E0E                                         | IF EQ THEN                                                                                                                        |
| 0220 02AC                                         |                                                                                                                                   |
| 0222 93FD                                         | PUSH @R15,R13                                                                                                                     |
| 0224 5F00                                         | CALL PROCESS_CLASS                                                                                                                |
| 0226 0000*                                        |                                                                                                                                   |
|                                                   | ! (RET: RR2: PROC_CLASS) !                                                                                                        |
| 0228 97FD                                         | POP R13,0R15                                                                                                                      |
| 022A 54D4                                         | LDL RR4, KST.CLASS (R13)                                                                                                          |
| 022C 000A<br>022E 93FD                            | PUSH DR15,R13                                                                                                                     |
| 0230 91F2                                         | PUSHL @R15,RR2                                                                                                                    |
| 0232 91F4                                         |                                                                                                                                   |
| 0234 5F00                                         | CALL CLASS_GE                                                                                                                     |
| 0236 0000+                                        |                                                                                                                                   |
|                                                   | ! (RR2: PROC_CLASS, RR4: SEG CLASS, RET:                                                                                          |
|                                                   | R1:CONDITION_CODE) !                                                                                                              |
| 0238 95F4                                         | POPL RR4, 0R15                                                                                                                    |
| 023A 95F2                                         | POPL RR2, @R15                                                                                                                    |
| 023C 97FD                                         | POP R13,0R15                                                                                                                      |
| 023E 0B01                                         | CP R1, #FALSE                                                                                                                     |
| 0240 0000                                         |                                                                                                                                   |
| 0242 5E0E                                         | IF EQ THEN !NO ACCESS<br>POSSIBLEDEACT.!                                                                                          |
| 0244 0266                                         |                                                                                                                                   |

| 0246<br>0248         |                      | LDM       | R1, @R15, #10                                          |
|----------------------|----------------------|-----------|--------------------------------------------------------|
| 024A<br>024C         | A1A1                 | LD<br>LDA | R1,R10 !DBR_NO!<br>R2,KST.MM_HANDLE(R13)<br>!HPTR!     |
| 024E<br>0250         |                      |           | MM_DEACTIVATE<br>RET:R0:S_CODE!                        |
| 0254                 | 0000*<br>5700        |           | CONFINEMENT_CHECK<br>!R0:S_CODE!                       |
|                      | 2102                 | LD<br>LD  | R1,@R15 !SEG #!<br>R2,#NULL_ACCESS                     |
| 025E                 |                      | LD<br>#PR | RO,<br>OC_CLASS_NOT_GE_SEG_CLASS                       |
| 0262                 |                      | ELSE      |                                                        |
| 0266<br>0268         | 5F00                 |           | <pre>@R15,R13 CLASS_EQ !(RR2:PROC_CLASS,</pre>         |
| 026A                 | 0000*                |           | RR4:SEG CLASS,<br>RET:R1:CONDITION_CODE)!              |
| 026C<br>026E<br>0270 | A110<br>1CF1         | LD        | R13, a R15<br>R0, R1 !CONDITION_CODE!<br>R1, a R15, #9 |
| 0272<br>0274<br>0276 | 0800                 | CP        | RO, #TRUE                                              |
| 0278<br>027A         | 5E0E<br>0290         | IF EQ     |                                                        |
| 027C<br>027E         | 0000                 |           | R5, #WRITE                                             |
| 0280<br>0282<br>0284 | 028A "               |           | EQ THEN<br>DB RL2,#WRITE                               |
| 0286                 | 5E08<br>028C*        | ELS       |                                                        |
| 028A                 |                      | FI        | DB RL2, #READ                                          |
| 028E                 | 5E08<br>0292<br>CA01 |           | RL2,#READ                                              |
| 0294                 | 4CD5<br>0009         | FI<br>LDB | KST.IN_CORE (R13), #FALSE                              |
| 0298                 | 0000<br>6EDE<br>000E | LDB       | KST.M_SEG_NO(R13), RL6                                 |
| 029C                 | 6EDB<br>000F         | LDB       | KST.ENTRY_NUMBER(R13),RL3                              |

|              | 6EDA<br>0008 |             | LDB        | KST.ACCESS_MODE(R13),RL2        |
|--------------|--------------|-------------|------------|---------------------------------|
| 02A2         |              |             | LD         | R0,#SUCCEEDED<br>!SUCCESS_CODE! |
| 0286         | 0002         | FI          |            |                                 |
| 0288         | 5E08         | ELSE        |            |                                 |
|              | 02B4         |             |            |                                 |
| 02AC         |              | LD          | ) E        | 1, #NULL_SEG                    |
| 02AE         |              |             |            |                                 |
| 02B0         | 2102         | LD          |            | 2, #NULL_ACCESS                 |
| 02B2         | 0004         |             |            | -                               |
|              |              | FI          |            |                                 |
| 02B4         | 010F         | AD D        | R15        | <b>;</b> #20                    |
| 02B6         |              |             |            |                                 |
| 02B8         |              | ELSE        |            |                                 |
|              | 02C8         |             |            |                                 |
| 02BC         |              | LD          | RO,        | #NO_SEG_AVAIL                   |
| 02BE         |              |             |            | #N #FT 67 6                     |
| 0200         |              | LD          | КΙ,        | #NULL_SEG                       |
| 02C2         |              | TD          | <b>D D</b> | ANULL ACCESS                    |
| 02C4<br>02C6 |              | LD          | R 2 ,      | #NULL_ACCESS                    |
| 0200         | 0004         | FI          |            |                                 |
|              |              | FI<br>FI    |            |                                 |
|              |              | FI          |            |                                 |
| 02C8         | 9E08         | RET         |            |                                 |
| 0 2 C A      |              | END MAKE_KN | OWN        |                                 |
|              |              | -           |            |                                 |

.

- 376 -

| 02CA    |       | TERMINA          | TE       | PROCEDURE                                 |
|---------|-------|------------------|----------|-------------------------------------------|
|         | 1     | ******           | *****    | ****                                      |
|         |       | -                |          | ITY OF TERMINATE !                        |
|         |       |                  |          | CALLS !                                   |
|         |       |                  |          | E IF VALID !                              |
|         |       |                  |          | *****                                     |
|         |       | REGIST           |          |                                           |
|         |       | PARAME           |          | •<br>•                                    |
|         |       |                  |          | NO (INPUT)                                |
|         |       |                  |          | CODE (RET)                                |
|         |       | LOCAL            |          | NO (INPUT) !<br>CODE (RET) !              |
|         |       |                  |          |                                           |
|         |       |                  |          | INDEX !<br>STORAGE !                      |
|         |       | R13:-            |          | I I                                       |
|         |       |                  |          | -<br>************************************ |
|         |       | •                |          |                                           |
|         |       | ENTRY            |          |                                           |
| 02CA    | A113  | LD               | R3,R1    | COPY OF SEG #!                            |
|         |       |                  |          | OF_KSEGS                                  |
|         |       |                  |          | G# TO KST INDEX!                          |
| 0 2 C E | 000A  |                  |          |                                           |
|         |       | MULT             | RR2,#S   | IZEOF KST_REC                             |
|         | 0010  |                  |          |                                           |
| 02D4    | 93F1  | PUSH             | @R15.R   | 1                                         |
| 0206    | 93F3  | PUSH             | @R15.R   | 3                                         |
| 0208    | 2101  | LD               | R1. #KS  | A1<br>A3<br>ST_SEG_NO                     |
| 0200    | 0002  |                  |          |                                           |
|         |       | CALL             | TTC GE   | T_SEG_PTR                                 |
| 0200    | 31.00 | 01100            | ! (R1:K  | (ST_SEG_NO)!                              |
| 02DE    | *0000 |                  | •        | /                                         |
|         |       | 1                | (RETUR   | NS:RO:KST_SEG_PTR)!                       |
| 02E0    | A10D. | LD               | R13,R0   | )                                         |
| 02E2    | 97F3  | LD<br>POP<br>POP | R3, OR 1 | 15                                        |
| 02E4    | 97F1  | POP              | R1, @R1  | 15                                        |
| 02E6    | 813D  | A D D            | R13,R3   | B IADD OFFSET TO ¬KST!                    |
| 02E8    | 2106  | LD               | R6, #NU  | ILL_SEG                                   |
| 02EA    |       |                  |          | -                                         |
| 02EC    |       | CPB              | RL6,KS   | ST.M_SEG_NO(R13)                          |
| 02EE    |       |                  |          |                                           |
| 02F0    |       | IF               | EQ       | THEN                                      |
|         | 02FC' |                  |          |                                           |
| 02F4    |       |                  | LD       | RO, #SEGMENT_NOT_KNOWN                    |
| 02F6    |       |                  |          |                                           |
|         | 5E08  | ELSE             |          |                                           |
|         | 0346  | 2202             |          |                                           |
| 02FC    |       |                  | LD       | R6, #TRUE                                 |
|         | 0001  |                  |          |                                           |
|         | 4ADE  |                  | CPB      | RL6,KST.IN_CORE(R13)                      |
|         | 0009  |                  |          |                                           |
|         | 5EOE  | IF               | EQ       | THEN                                      |
|         | 0310  |                  | ~        |                                           |
|         | 2100  |                  | LD       | RO, #SEGMENT_IN_CORE                      |
|         |       |                  |          |                                           |
|         |       |                  |          | - 277 -                                   |

| 030A 001D         |               |                               |
|-------------------|---------------|-------------------------------|
| 030C 5E08         | ELSE          |                               |
| 030E 0346"        |               |                               |
| 0310 OB01         | CP            | R1, #NR_OF_KSEGS              |
| 0312 000A         |               |                               |
| 0314 5E09         | IF L'         | T THEN                        |
| 0316 0320*        |               |                               |
| 0318 2100         | LD            | RO,#KERNEL_SEGMENT            |
| 031A 001E         |               |                               |
| 031C 5E08         | ELSE          |                               |
| 031E 0346         |               |                               |
| 0320 93FD         | PUSH          | @R15,R13                      |
| 0322 5F00         | CALL          | GET_DBR_NUMBER                |
| 0324 0000*        |               |                               |
|                   | ! (RET        | URNS:RL1:DBR_NO)!             |
| 0326 97FD         | POP           | R13,0R15                      |
| 0328 <b>7</b> 6D2 | LDA           | R2,KST.MM_HANDLE(R13)         |
| 032A 0000         |               |                               |
| 032C 93FD         | PUSH          | @R15,R13                      |
| 032E 5F00         | CALL          | MM_DEACTIVATE ! (R1:DBR_NO) ! |
| 0330 0000*        |               |                               |
|                   |               | ! (R2:-MM_HANDLE) !           |
|                   | :             | (RET:R0:SUCCESS_CODE) !       |
| 0332 5F00         | CALL (        | CONFINEMENT_CHECK             |
| 0334 0428         |               |                               |
|                   | ! (R0:SUCCESS |                               |
| 0336 97FD         |               | R13,0R15                      |
| 0338 0A08         | CPB           | RLO,#SUCCEEDED                |
| 033A 0202         |               |                               |
| 033C 5E0E         | IF            | EQ THEN LUPDATE KST!          |
| 033E 0346         |               |                               |
| 0340 4CD5         | LDB           | KST.M_SEG_NO(R13),            |
| 0342 000E         |               |                               |
| 0344 FFFF         |               |                               |
|                   |               | #NULL_SEG                     |
|                   | FI            |                               |
|                   | FI            |                               |
|                   | FI            |                               |
| 0.246 0.700       | FI            |                               |
| 0346 9E08         | RET           | 8                             |
| 0348              | END TERMINAT  |                               |
|                   |               |                               |

| 0348         |         | SM_SWAP_IN PROCEDURE                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           |
|--------------|---------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
|              |         | · * * * * * * * * * * * * * * * * * * *                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        |
|              |         | ! CHECKS VALIDITY OF SWAP IN :                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 |
|              |         | REQUEST AND CALLS !                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |
|              |         | ! MM_SWAP_IN IF VALID !                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        |
|              |         | ***************************************                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        |
|              |         | ! REGISTER USE                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 |
|              |         | ! PARAMETERS                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   |
|              |         | Image: A LOG ISTER USE       Image: A LOG ISTER USE         Image: PARAMETERS       Image: A LOG ISTER USE         Image: R1:SEGMENT_NO (INPUT)       Image: A LOG ISTER USE |
|              |         | ! RO:SUCCESS_CODE(RET) !                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       |
|              |         | LOCAL USE                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      |
|              |         | R7:KST REC INDEX                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               |
|              |         | R3:ACCESS_MODE                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 |
|              |         | R6:CONSTANT STORAGE I<br>R13:¬KST I                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |
|              |         | ***************************************                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        |
|              |         |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |
|              |         | ENTRY                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          |
| 0348         | A117    | LD R7,R1 !COPY OF SEG #!                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       |
| 034A         | 0307    | SUB R7, #NR OF KSEGS                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           |
|              |         | CONVERT SEG# TO KST INDEX!                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     |
| 034C         | A 0 0 0 |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |
| 034E         | 1906    | MULT RR6, #SIZEOF KST_REC                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      |
|              |         | !OFFSET TO KST_REC!                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |
| 0350         | 0010    |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |
| 0352         | 9311    | PUSH ØR15,R1 ISAVE SEGMENT#I                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   |
| 0354         | 9317    | PUSH @R15,R1 !SAVE SEGMENT#!<br>PUSH @R15,R7<br>LD R1,#KST_SEG_NO                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
| 0350         | 0002    | LD RI, #KSI_SEG_NO                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
|              |         | CALL ITC_GET_SEG_PTR !R1:KST_SEG_NO!                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           |
| 0350         | 0000*   |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |
| 035E         | A10D    | LD R13.R0 !¬KST!                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               |
| 0360         | 9777    | POP R7, DR 15                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  |
| 0362         | 97F1    | POP R1, DR15 !RETRIEVE SEGMENT#!                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               |
| 0364         | 817D    | LD R13,R0 !¬KST!<br>POP R7,@R15<br>POP R1,@R15 !RETRIEVE SEGMENT#!<br>ADD R13,R7 !ADD OFFSET TO KST BASE ADDR!<br>LD R6,#NULL_SEG                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
| 0366         | 2106    | LD R6, #NULL_SEG                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               |
| 0.000        | LLLL    |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |
|              | 4ADE    | CPB RL6,KST.M_SEG_NO(R13)                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      |
| 036C         |         |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |
| 036E         |         | IF EQ THEN                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     |
|              | 037A*   |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |
| 0372         |         | LD RO, #SEGMENT_NOT_KNOWN                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      |
| 0374<br>0376 |         | ELSE                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           |
|              | 0388    |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |
| 037A         |         | LD R6, #TRUE                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   |
| 037C         |         |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |
| 037E         |         | CPB RL6, KST.IN_CORE (R13)                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     |
| 0380         | 0009    |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |
| 0382         |         | IF EQ THEN                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     |
|              | 038E'   |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |
| 0386         | 2100    | LD RO, #SUCCEEDED                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
|              |         |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |

| 0388    | 0002    |                                        |
|---------|---------|----------------------------------------|
| 038A    | 5E08    | ELSE                                   |
| 038C    | 03B8 •  |                                        |
| 038E    | 93FD    | PUSH @R15,R13 !SAVE KST REC ADDR!      |
|         | 5F00    | CALL GET_DBR_NUMBER !R1: (RET) DBR_NO! |
|         | *0000   |                                        |
|         | 97 F D  | POP R13, aR15                          |
|         | 76D2    | LDA R2,KST.MM_HANDLE(R13)              |
| 0398    |         |                                        |
| 039A    |         | LDB RL3, KST. ACCESS_MODE (R13)        |
| 039C    |         |                                        |
|         | 93FD    | PUSH @R15,R13 !SAVE SEG KST REC ADDR!  |
| 0 3 A O |         | CALL MM_SWAP_IN !R1:DBR_NO !           |
| 03A2    | *0000   |                                        |
|         |         | !R2: ¬MM_HANDLE!                       |
|         |         | !R3:ACCESS_MODE!                       |
|         |         | !RO: (RET) SUCCESS_CODE!               |
| 03A4    | 5F00    | CALL CONFINEMENT_CHECK                 |
|         |         | ! (R0:SUCCESS_CODE) !                  |
|         | 0428    |                                        |
|         | 97FD    | POP R13, aR15                          |
| 0344    |         | CPB RLO, #SUCCEEDED                    |
| 03AC    |         |                                        |
| 03AE    |         | IF EQ THEN                             |
|         | 0388    |                                        |
| 03B2    |         | LDB KST.IN_CORE (R13), #TRUE           |
| 03B4    |         |                                        |
| 0386    | 0101    |                                        |
|         |         | FI                                     |
|         |         | FI                                     |
| 0.2.00  | 0 7 0 0 | FI                                     |
| 03B8    | 9E08    | RET                                    |
| 0 3 B A |         | END SM_SWAP_IN                         |

| OBBA                   | SM_SWAP_OUT PROCEDURE                                                                |
|------------------------|--------------------------------------------------------------------------------------|
|                        | ·*************************************                                               |
|                        | ! CHECKS VALIDITY OF SWAP OUT !<br>! REQUEST AND CALLS !<br>! MM_SWAP_OUT IF VALID ! |
|                        | ********                                                                             |
|                        | ! REGISTER USE                                                                       |
|                        | ! PARAMETERS                                                                         |
|                        | ! R1:SEGMENT_NO :                                                                    |
|                        | RO:SUCCESS_CODE(RET)                                                                 |
|                        | LOCAL USE                                                                            |
|                        | R7:KST REC INDEX                                                                     |
|                        | ! R6:CONSTANT STORAGE !                                                              |
|                        | ! R13:¬KST !<br>!********                                                            |
|                        | • • • • • • • • • • • • • • • • • • • •                                              |
|                        | ENTRY                                                                                |
| 03BA A117              | LD R7,R1 !COPY OF SEG #!                                                             |
| 03BC 0307              | SUB R7, #NR_OF_KSEGS                                                                 |
|                        | CONVERT SEG# TO KST INDEX!                                                           |
| 03BE 000A              |                                                                                      |
| 03C0 1906              | MULT RR6, #SIZEOF KST_REC                                                            |
|                        | !OFFSET TO KST_REC!                                                                  |
| 03C2 0010              |                                                                                      |
| 0304 9381              | PUSH @R15,R1 !SAVE SEGMENT#!<br>PUSH @R15,R7<br>LD R1,#KST_SEG_NO                    |
| 0308 2101              | ID R1 #KST SFC NO                                                                    |
| 03CA 0002              |                                                                                      |
|                        | CALL ITC_GET_SEG_PTR !R1:KST_SEG_NO!                                                 |
| 03CE 0000*             |                                                                                      |
| 03D0 A10D              | LD R13,RO !¬KST!<br>POP R7,@R15<br>POP R1,@R15 !RETRIEVE SEGMENT#!                   |
| 03D2 97F7              | POP R7, DR 15                                                                        |
| 03D4 97F1              | POP R1, DR15 !RETRIEVE SEGMENT#!                                                     |
| 0306 81/0              | ADD R13, R7 ! ADD OFFSET TO KST                                                      |
| 0308 2106              | BASE ADDR!<br>LD R6, #NULL_SEG                                                       |
| 03DA FFFF              |                                                                                      |
| 03DC 4ADE              | CPB RL6,KST.M_SEG_NO(R13)                                                            |
| <b>03DE</b> 000E       |                                                                                      |
| 03E0 5E0E              | IF EQ THEN                                                                           |
| 03E2 03EC*             |                                                                                      |
| 03E4 2100              | LD RO, #SEGMENT_NOT_KNOWN                                                            |
| 03E6 001C              |                                                                                      |
| 03E8 5E08<br>03EA 0426 | ELSE                                                                                 |
| 03EC 2106              | LD R6, #FALSE                                                                        |
| 03EE 0000              |                                                                                      |
| OJPO 4ADE              | CPB RL6, KST.IN_CORE (R13)                                                           |
| <b>03F2</b> 0009       |                                                                                      |
| <b>03F4</b> 5E0E       | IF EQ THEN                                                                           |
| 03F6 0400*             |                                                                                      |
| <b>03F8</b> 2100       | LD RO, #SUCCEEDED                                                                    |

| OJFA | 0002         |                                        |
|------|--------------|----------------------------------------|
| 03FC | 5E08         | ELSE                                   |
| 03FE | 0426         |                                        |
| 0400 | 93FD         | PUSH @R15,R13 !SAVE KST REC ADDR!      |
| 0402 | 5F00         | CALL GET_DBR_NUMBER !R1: (RET) DBR_NO! |
|      | *0000        |                                        |
| 0406 | 97FD         | POP R13, DR15                          |
| 0408 | <b>7</b> 6D2 | LDA R2, KST. MM_HANDLE (R13)           |
| 040A | 0000         |                                        |
| 040C | 93FD         | PUSH @R15,R13 ISAVE SEG KST REC ADDR!  |
| 040E | 5F00         | CALL MM_SWAP_OUT !R1:DBR_NO!           |
| 0410 | *0000        |                                        |
|      |              | !R2:¬MM_HANDLE!                        |
|      |              | !RO: (RET) SUCCESS_CODE!               |
| 0412 | 5F00         | CALL CONFINEMENT CHECK                 |
|      |              | ! (R0:SUCCESS_CODE)!                   |
| 0414 | 0428         | · <u>-</u> ·                           |
| 0416 | 97FD         | POP R13, aR15                          |
| 0418 | 0A08         | CPB RLO, #SUCCEEDED                    |
| 041A | 0202         |                                        |
| 041C | 5E0E         | IF EQ THEN                             |
| 041E | 0426         |                                        |
| 0420 | 4CD5         | LDB KST.IN_CORE (R13), #FALSE          |
| 0422 | 0009         |                                        |
| 0424 | 0000         |                                        |
|      |              | FI                                     |
|      |              | FI                                     |
|      |              | FI                                     |
| 0426 | 9E08         | RET                                    |
| 0428 |              | END SM_SWAP_OUT                        |

| 0428 |                       | CONFINEMENT_CHECKPROCEDURE*********************************** |
|------|-----------------------|---------------------------------------------------------------|
|      |                       | PARAMETERS !<br>RO:SUCCESS CODE !                             |
|      |                       | ! R0:SUCCESS_CODE !<br>!***********************************   |
|      |                       | ENTRY                                                         |
|      |                       | IF RO                                                         |
| 0428 | 0800                  | CASE #LEAF_SEG_EXISTS THEN<br>CALL MONITOR                    |
| 042A |                       |                                                               |
| 042C |                       |                                                               |
|      | 0438*                 |                                                               |
| 0430 |                       |                                                               |
|      | 059A<br>5e08          | CASE #NO_LEAF_EXISTS THEN                                     |
| 0404 | 5000                  | CALL MONITOR                                                  |
| 0436 | 04B4*                 |                                                               |
| 0438 | 0800                  |                                                               |
| 043A |                       |                                                               |
| 043C |                       |                                                               |
|      | 0448*                 |                                                               |
| 0440 |                       |                                                               |
|      | 059A                  | CASE #ALIAS_DOES_NOT_EXIST THEN                               |
| 0444 | 5E08                  | CALL MONITOR                                                  |
| 0446 | 0484*                 |                                                               |
|      | 0800                  |                                                               |
| 044A |                       |                                                               |
| 044C | 5E0E                  |                                                               |
| 044E | 0458*                 |                                                               |
| 0450 |                       |                                                               |
|      | 059A                  |                                                               |
| 0454 | 5E08                  | CASE #NO_CHILD_TO_DELETE THEN<br>CALL MONITOR                 |
|      | 04B4*                 |                                                               |
| -    | 0B00                  |                                                               |
|      | 0014                  |                                                               |
|      | 5E0E                  |                                                               |
|      | 0468 <b>*</b><br>5700 |                                                               |
|      | 059A                  |                                                               |
|      | 5E08                  | CASE #G_AST_FULL THEN                                         |
|      |                       | CALL MONITOR                                                  |
| 0466 | 0484*                 |                                                               |
|      | 0B <b>00</b>          |                                                               |
| 046A | 000C                  |                                                               |
|      |                       |                                                               |

| 0460      | 5E0E         |                               |
|-----------|--------------|-------------------------------|
|           | 0478*        |                               |
|           | 5F00         |                               |
|           | 059A         |                               |
|           | 5E08         | CASE #L_AST_FULL THEN         |
| 0474      | 5000         | CALL MONITOR                  |
| 0476      | 04B4*        |                               |
| 0478      | <b>0</b> B00 |                               |
| 047A      | 000D         |                               |
|           | 5EOE         |                               |
|           | 0488*        |                               |
|           | 5F00         |                               |
|           | 059A         |                               |
|           | 5E08         | CASE #LOCAL_MEMORY_FULL THEN  |
| • • • • • |              | CALL MONITOR                  |
| 0486      | 04B4•        |                               |
|           | 0B00         |                               |
|           | 0010         |                               |
|           | 5E0E         |                               |
|           | 0498         |                               |
|           | 5F00         |                               |
|           | 059A         |                               |
|           | 5E08         | CASE #GLOBAL_MEMORY_FULL THEN |
|           |              | CALL MONITOR                  |
| 0496      | 04B4 •       |                               |
|           | 0B00         |                               |
|           | 0011         |                               |
|           | 5E0E         |                               |
|           | 04 8 1       |                               |
|           | 5P00         |                               |
|           | 059A         |                               |
|           | 5E08         | CASE #SEC_STOR_FULL THEN      |
|           |              | CALL MONITOR                  |
| 0446      | 04B4*        |                               |
|           | 0B00         |                               |
| 0444      | 0015         |                               |
|           | 5E0E         |                               |
|           | 04B4 •       |                               |
|           | 5F00         |                               |
|           | 059A         |                               |
|           |              | FI                            |
| 04B4      | 9E08         | RET                           |
| 04B6      |              | END CONFINEMENT_CHECK         |
|           |              |                               |
|           | EN           | D SEG_MGR                     |

## Appendix I

### NON-DISCRETIONARY SECURITY LISTINGS

Z8000ASM 2.02 LOC OBJ CODE STMT SOURCE STATEMENT \$LISTON \$TTY NDS MODULE CONSTANT TRUE :=1 FALSE :=0 INTERNAL \$SECTION ACC\_CLASS\_DCL !NOTE: IS AN OVERLAY, IE NO ALLOCATION OF MEMORY! \$ABS 0 0000 ACCESS\_CLASS RECORD [LEVEL INTEGER CAT INTEGER] GLOBAL **\$SECTION NDS\_PROC** 0000 CLASS\_EQ PROCEDURE **! PASSED PARAMETERS** 1 RR2 = CLASS11 1 RR4 = CLASS21 1 1 ! RETURNED R1 = CONDITION CODE1 1 ENTRY 0000 9042 CPL RR2,RR4 0002 5E0E IF ΕQ THEN 0004 000E LD R1, #TRUE 0006 2101 0008 0001 000A 5E08 ELSE 000C 0012" LD R1, #FALSE 000E 2101 0010 0000 FI 0012 9E08 RET 0014 END CLASS\_EQ

0014 CLASS GE PROCEDURE 1 PASSED PARAMETERS 1 t 1 RR2 = CLASS1RR4 = CLASS21 1 ! RETURNED PARAMETER 1 R1 = CONDITION CODEI 1 ENTRY 0014 91F2 PUSHL @R15, RR2 !PUSH CLASS1 ON STACK--REFER BY ADDR! 0016 A1FD ! CLASS1 ADDR ! R13,R15 LD PUSHL @R15, RR4 0018 91F4 001A A1FE R14,R15 ! CLASS2 ADDR ! LD 001C 31E7 LD R7, R14 (#ACCESS\_CLASS.CAT) ! CAT2 IN R7 ! 001E 0002 0020 45D7 OR R7, ACCESS\_CLASS.CAT (R13) !CAT1 OR CAT2, R7! 0022 0002 0024 4BD7 CP R7, ACCESS\_CLASS.CAT (R13) !CAT1=(CAT1 OR CAT2)?! 0026 0002 0028 5E0E IF EQ THEN 002A 0048\* 002C 61D6 LD R6, ACCESS CLASS. LEVEL (R13) !LEVEL1! 002E 0000 ! COMPARE LEVEL1 WITH LEVEL2 ! 0030 4BE6 CP R6, ACCESS\_CLASS. LEVEL (R14) 0032 0000 0034 5E01 THEN !LEVEL1 GE LEVEL2! IF GΕ 0036 0040\* 0038 2101 LD R1, #TRUE 003A 0001 003C 5E08 ELSE 003E 0044\* 0040 2101 LD R1, #FALSE 0042 0000 FI 0044 5E08 ELSE 0046 004C\* 0048 2101 LD R1, #FALSE 004A 0000 FI 004C 95F4 POPL  $RR4, \partial R15$ 004E 95F2 POPL RR2, DR15 !RESTORE STACK! 0050 9E08 RET 0052 END CLASS GE END NDS

### Appendix J

### MEMORY MANAGER LISTINGS

Z8000ASM 2.02 LOC OBJ CODE STMT SOURCE STATEMENT \$LISTON \$TTY MM PROCESS MODULE ! VERS. 1.9 ! CONSTANT RETURN\_TO\_MONITOR := %A902 !HBUG REENTRY! COUNT := 10TIME := 500NR\_OF\_HOSTS := 2 G\_AST\_LIMIT := 10  $G\_AST\_FULL$  := 12 FREE\_ENTRY := %EEEEEEE := %BBBB TRUE := %CCCC FALSE SPACE := %20 := %2D DASH IO\_MGR :=%60 := %40 FILE\_MGR MEM\_MGR := %00 FM\_ENTRY := %4A00 IO\_ENTRY := %4 E00 CREATE\_ENTRY\_CODE := 50 INVALID\_MMGR\_CODE := 60 DELETE\_ENTRY\_CODE := 51 ACTIVATE\_SEG\_CODE := 52 DEACTIVATE\_SEG\_CODE:= 53 SWAP\_IN\_SEG\_CODE := 54 SWAP\_OUT\_SEG\_CODE := 55 := 2 SUCCEEDED := 1 STK SIZE TOP SECRET := 4 := 3 SECRET := 2 CONFIDENTIAL := 1 UNCLASS := 0 EMPTY := 1 CRYPTO

- 387 -

| N ATO<br>N UCLEAR  | := 2<br>:= 4                                                 |
|--------------------|--------------------------------------------------------------|
|                    | WORD<br>ARRAY[3 WORD]                                        |
|                    | WORD<br>WORD<br>WORD<br>BYTE<br>BYTE<br>ADDRESS<br>C ADDRESS |
| EXTERNAL<br>SIGNAL | PROCEDURE                                                    |
|                    | PROCEDURE                                                    |
| TC_INIT            | PROCEDURE                                                    |
| GET_CPU_NO         | PROCEDURE                                                    |
| CREATE_PROCESS     | PROCEDURE                                                    |
| SNDCHR             | PROCEDURE                                                    |
| SNDMSG             | PROCEDURE                                                    |
| SNDCRLF            | PROCEDURE                                                    |
| G_AST_LOCK         | WORD                                                         |
| G_AST ARRAY[G      | AST_LIMIT G_AST_REC]                                         |
| GLOBAL             |                                                              |
| \$SECTION MM_DATA  |                                                              |
| MM_ENTRY           | LABEL                                                        |

## INTERNAL

|                                                     | 28<br>4F<br>20<br>4F                               | ! * * * MESSAGES * * * * !<br>IO ARRAY [* BYTE] := °%08(FOR IO) ° |
|-----------------------------------------------------|----------------------------------------------------|-------------------------------------------------------------------|
| 0009 08<br>000B 46<br>000D 52<br>000F 46<br>0011 29 | 28<br>4F<br>20<br>4D                               | FM ARRAY [* BYTE] := "%08(FOR FM)"                                |
| 001C 53<br>001E 47<br>0020 41<br>0022 4C            | 4B<br>52<br>45<br>20<br>20<br>49<br>4E<br>4C<br>45 | MM_MSG_1<br>ARRAY [* BYTE] := "%12KERNEL = SIGNALLER"             |
| 0031 45<br>0033 54                                  | 4D<br>3A<br>43<br>45<br>54<br>5F<br>4E<br>52       | CREATE_MSG<br>ARRAY [* BYTE]:= "%10MM: CREATE_ENTRY"              |
| 0038 4D<br>003A 20<br>003C 45<br>003E 45<br>0040 45 | 4 D<br>3 A<br>4 4<br>5 4<br>5 F<br>4 E<br>5 2      | DELETE_MSG<br>ARRAY (* BYTE] := "%10MM: DELETE_ENTRY"             |

| 0047                          | 0C  | 4 D      | ACTIVATE_MSG<br>ARRAY [* BYTE] := "%OCMM: ACTIVATE"         |
|-------------------------------|-----|----------|-------------------------------------------------------------|
| 0049                          | 4 D | 3 A      |                                                             |
| 004B                          |     |          |                                                             |
| 004D                          |     | 54       |                                                             |
| 004F<br>0051                  |     | 56<br>54 |                                                             |
| 0051                          |     | 24       |                                                             |
| 0054                          |     | 4 D      | DEACTIVATE_MSG                                              |
|                               |     |          | ARRAY [* BYTE] := "%OEMM: DEACTIVATE"                       |
| 0056                          |     | 3 A      |                                                             |
| 0058                          |     | 44       |                                                             |
| 005A                          |     | 41<br>54 |                                                             |
| 005C<br>005E                  |     | 54       |                                                             |
| 0060                          |     | 54       |                                                             |
| 0062                          |     |          |                                                             |
| 0063                          | 0 B | 4 D      | SWAP_IN_MSG                                                 |
|                               |     |          | ARRAY [* BYTE] := "%0BMM: SWAP_IN"                          |
| 0065                          |     | 3A       |                                                             |
| 0067<br>0069                  |     | 53<br>41 |                                                             |
| 006B                          |     | 5F       |                                                             |
| 006D                          |     |          |                                                             |
| 006F                          |     |          | SWAP_OUT_MSG                                                |
|                               |     |          | ARRAY [* BYTE] := "%OCMM: SWAP_OUT"                         |
| 0071                          |     | 34       |                                                             |
| 0073                          |     | 53       |                                                             |
| 00 <b>7</b> 5<br>00 <b>77</b> |     | 41<br>5F |                                                             |
| 0079                          |     | 55       |                                                             |
| 00 <b>7</b> B                 |     |          |                                                             |
| 007C                          | 0C  | 49       | ERROR_MSG                                                   |
|                               |     |          | ARRAY [* BYTE] := "%OCINVALID CODE"                         |
| 007E                          |     | 56       |                                                             |
| 0080                          |     | 4C<br>44 |                                                             |
| 0084                          |     |          |                                                             |
|                               |     | 44       |                                                             |
| 0088                          |     |          |                                                             |
| 0089                          | 02  | 00       | RET_VALUES<br>ARRAY [* BYTE] := $[2,0,0,0,0,16,0,17,0,3,0,$ |
| 008B                          |     | 00       |                                                             |
| 008D                          |     | 10       |                                                             |
| 008F<br>0091                  | 00  | 11<br>03 |                                                             |
| 0093                          | 00  | 01       |                                                             |
| 0095                          |     | 30       |                                                             |
| 0097                          | 00  | 00       |                                                             |
|                               |     |          | 1,0,48,0,0]                                                 |
| 099A                          |     |          | MM_MSG_ARRAY ARRAY [ 8 WORD ]                               |
| 0044                          |     |          | SENDER WORD                                                 |

|      |        | \$ABS 0<br>!NO MEMORY ALLOCATED; USED<br>FOR PARAMETER TEMPLATE ONLY!                                                                                 |
|------|--------|-------------------------------------------------------------------------------------------------------------------------------------------------------|
| 0000 |        | ACTIVATE_ARG RECORD<br>CODE WORD<br>DBR WORD<br>HANDLE H_ARRAY                                                                                        |
|      | ]      | HANDLE H_ARRAY<br>ENTRY_NO BYTE<br>SEG_NO BYTE                                                                                                        |
|      |        | \$ABS 0<br>!NO MEMORY ALLOCATED; USED<br>FOR PARAMETER TEMPLATE ONLY!                                                                                 |
| 0000 | [      | RET_VAL RECORD<br>CODE1 BYTE<br>FILLER BYTE<br>MM_HANDLE H_ARRAY<br>CLASS LONG<br>SIZE WORD<br>FILLER1 WORD                                           |
| 0000 | ]<br>[ | <pre>\$ABS 0<br/>ARG_LIST RECORD<br/>REG ARRAY[13 WORD]<br/>IC WORD<br/>CPU_ID WORD<br/>SAC LONG<br/>PRI WORD<br/>USR_STK WORD<br/>KER_STK WORD</pre> |

\$SECTION MM\_PROC

| 0000                    | MM_MAIN PROCEDURE                          |
|-------------------------|--------------------------------------------|
| 0000                    | ENTRY IN INCOMPOSED                        |
|                         | MM_ENTRY:                                  |
|                         | ! INITIALIZE G_AST !                       |
| 0000 4D08               | CLR G_AST_LOCK                             |
| 0002 0000*              |                                            |
| 0004 2102               | LD R2, #1                                  |
| 0006 0001               |                                            |
| 0008 2101               | LD R1, #0                                  |
| 0000 A000               |                                            |
| 000C 1404               | LDL RR4, #FREE_ENTRY                       |
| OOOE EEEE               |                                            |
| 0010 EEEE               | <b>DO</b>                                  |
| 0010 5014               |                                            |
| 0012 5D14<br>0014 0000* | LDL G_AST.UNIQUE_ID(R1), RR4               |
| 0016 A920               | INC R2, #1                                 |
| 0018 0B02               |                                            |
| 001A 000A               |                                            |
| 001C 5E02               | IF GT !END OF G_AST! THEN                  |
| 001E 0024'              |                                            |
| 0020 5E08               | EXIT FI                                    |
| 0022 002A'              |                                            |
| 0024 0101               | ADD R1, #SIZEOF G_AST_REC                  |
| 0026 0020               |                                            |
| 0028 E8F4               | OD                                         |
|                         |                                            |
|                         | ! RESERVE FIRST ENTRY IN                   |
| 0000 0101               | G_AST FOR ROOT !                           |
| 002A 2101<br>002C 0000  | LD R1, #0                                  |
| 002E 1404               | LDL RR4, #-1                               |
| 0030 FFFF               |                                            |
| 0032 FFFF               |                                            |
| 0034 5D14               | LDL G_AST.UNIQUE_ID(R1), RR4               |
| 0036 0000*              |                                            |
|                         | CALL GET_CPU_NO !RETURNS:                  |
| 003A 0000*              |                                            |
|                         | R1: CPU #                                  |
|                         | R2: # VP'S!                                |
| 003C 93F1               | PUSH @R15, R1 !SAVE CPU #!<br>CALL TC_INIT |
|                         | CALL TC_INIT                               |
| 0040 0000*              |                                            |
|                         | ! USER/HOST # !                            |
|                         | • 05 buy noo x + •                         |
| 0042 210D               | LD R13, #0                                 |
| 0044 0000               | •                                          |
|                         | ! INITIALIZE USERS !                       |
|                         | DO                                         |
| 0046 A9D0               | INC R13, #1                                |
|                         |                                            |
|                         |                                            |

- 392 -

| 0048<br>004A          |                | CP            | R13, #NR_OF_HOSTS                             |
|-----------------------|----------------|---------------|-----------------------------------------------|
| 004E                  | 5E02<br>0054 • | IF GI<br>THEN | ALL HOSTS INITIALIZED:<br>EXIT                |
| 0050<br>0052          | 5E08<br>00B8•  | FI            |                                               |
|                       |                | ! CI          | REATE FM PROCESS !                            |
|                       |                |               | RO, @R15 !RESTORE CPU #!                      |
|                       | 0028           |               | R15, #SIZEOF ARG_LIST                         |
| 0.053                 | A1F1           |               | ARGUMENT LIST IN STACK!                       |
|                       |                |               | ARG_LIST.CPU_ID(R1), R0                       |
| 005E                  |                |               |                                               |
|                       |                |               | ) INITIAL REGISTER PARAMETERS                 |
|                       |                |               | FM PROCESS (SIMULATED)                        |
| 0060                  | 5C 19          |               | DENOTES USER # !<br>ARG_LIST.REG(R1), R2, #13 |
| 0062                  | 020C           |               |                                               |
| 0064                  |                | T D           |                                               |
| 0066<br>0068          |                | لا ما         | R2, #FM_ENTRY                                 |
| 006A                  |                | LD            | ARG_LIST.IC(R1), R2                           |
| 006C                  |                |               |                                               |
| 006E<br>00 <b>7</b> 0 |                | LD            | R2, #SECRET                                   |
| 0072                  | 8D38           | CLR           | R3                                            |
| 0074                  | 0503           | OR            | R3, #CRYPTO                                   |
| 0076                  |                | LDL           | ARG LIST.SAC(R1), RR2                         |
| 007A                  | 001E           |               | -                                             |
| 007C                  |                | L D           | ARG_LIST.PRI(R1), #2                          |
| 007E<br>0080          |                |               |                                               |
| 0082                  |                | LD            | ARG_LIST.USR_STK (R1) , #STK_SIZE             |
| 0084                  |                |               |                                               |
| 0086<br>0088          |                | LD            | ARG_LIST.KER_STK(R1), #STK_SIZE               |
| 0088<br>0088          |                |               |                                               |
| 008C                  |                |               |                                               |
| 008E                  |                |               | R14, R1<br>@R15, R13                          |
| 0090                  | 5F00           | CALL          | CREATE_PROCESS !R14: ARG PTR!                 |
|                       | *0000          |               |                                               |
| 0096                  | 97FD           | POP           | R13, @R15                                     |
|                       |                | ! CI          | REATE IO PROCESS !                            |

| 0098    | A 1 F 1      | LD R1, R15 !RESTORE ARGUMENT PTR!     |
|---------|--------------|---------------------------------------|
|         |              | LOAD INITIAL REGISTER PARAMETERS      |
|         |              | FOR IO PROCESS (SIMULATED)            |
|         |              | R13 DENOTES USER # !                  |
| 009A    | 5C19         | LDM ARG_LIST.REG(R1), R2, #13         |
|         | 020C         |                                       |
|         | 0000         |                                       |
|         | 2102         | LD R2, #IO_ENTRY                      |
|         | 4E00         |                                       |
|         |              | LD ARG_LIST.IC(R1), R2                |
|         | 001A         |                                       |
|         | A11E         | LD R14, R1                            |
| OOAA    | 93FD         | PUSH DR15, R13                        |
|         |              | CALL CREATE_PROCESS !R14: ARG PTR!    |
|         | 0000*        |                                       |
|         |              | POP R13, OR15                         |
|         | 0028         | ADD R15, #SIZEOF ARG_LIST             |
|         | E8C7         | 0.D                                   |
| 0000    |              | ! REMOVE CPU # FROM STACK !           |
| 0088    |              | POP RO, @R15                          |
| 0000    |              | DO !** DO FOREVER **!                 |
| 0.0 BA  |              | LDA R8,MM_MSG_ARRAY 0                 |
|         | 009A'        |                                       |
|         |              | CALL WAIT                             |
|         | *0000        |                                       |
|         |              | LD SENDER, R1 !SAVE SIGNALING PROC #! |
|         | OOAA .       |                                       |
| 00C6    | 2103         | LD R3,#50                             |
| 00C8    | 0032         |                                       |
|         | 5F00         | CALL MM_PRINT_BLANKS                  |
|         | 030C'        |                                       |
|         | 2102         | LD R2,#MM_MSG_1                       |
|         | 0012         |                                       |
|         | 5F00         | CALL SNDMSG                           |
|         | *0000        |                                       |
|         | 6101         | LD R1,SENDER                          |
| 0008    | 00 A A *     | <b>TT</b> D 1                         |
| κ π 0 0 | 0B0 <b>1</b> | IF R1<br>CASE #IO_MGR THEN LD R2,#IO  |
| 00DC    |              | CASE #10_HOR THEN LD RZ,#10           |
|         | 5E0E         |                                       |
|         | OOEE'        |                                       |
| 00E2    |              |                                       |
|         | 0000         |                                       |
| 00E6    |              | CALL SNDMSG                           |
|         | *0000        |                                       |
| OOEA    | 5E08         | CASE #FILE_MGR THEN LD R2,#FM         |
|         | 00FE •       |                                       |
| 00EE    |              |                                       |
| 00F0    |              |                                       |
| 00F2    | 5E0E         |                                       |
|         |              |                                       |

| 00F4  | OOFE'  |      |                    |
|-------|--------|------|--------------------|
| 00F6  | 2102   |      |                    |
| 00F8  | 00091  |      |                    |
| OOFA  | 5F00   | CALI | LSNDMSG            |
| OOFC  | 0000*  |      |                    |
|       |        | FI   |                    |
| OOFE  | 5F00   | CALL | MM_DELAY           |
| 0100  | 0208 • |      |                    |
| 0102  | 5700   | CALL | SNDCRLF            |
| 0104  | 0000*  |      |                    |
| 0 106 | 2103   | LD   | R3,#50             |
| 0108  | 0032   |      |                    |
| 010A  | 5F00   | CALL | MM_PRINT_BLANKS    |
| 010C  | 0300'  |      | _                  |
| 010E  | 6101   | LD   | R1, MM_MSG_ARRAY 0 |
| 0110  | 009A . |      |                    |

- 395 -

|             | IF R1                          |
|-------------|--------------------------------|
| 0112 0801   | CASE #CREATE_ENTRY_CODE THEN   |
| 0114 0032   |                                |
| 0116 5E0E   |                                |
| 0118 0122'  |                                |
| 011A 5F00   | CALL CREATE_ENTRY              |
| 011C 019E'  |                                |
| 011E 5E08   | CASE #DELETE_ENTRY_CODE THEN   |
| 0120 0176'  | *****                          |
| 0122 0801   |                                |
| 0124 0033   |                                |
| 0126 5E0E   |                                |
| 0128 0132   |                                |
| 012A 5F00   | CALL DELETE_ENTRY              |
| 012C 01AC'  |                                |
| 012E 5E08   | CASE #ACTIVATE_SEG_CODE THEN   |
| 0130 0176   |                                |
| 0132 OB01   |                                |
| 0134 0034   |                                |
| 0136 5E0E   |                                |
| 0138 0142'  |                                |
| 013A 5F00   | CALL ACTIVATE                  |
| 013C 01BA'  |                                |
| 013E 5E08   | CASE #DEACTIVATE_SEG_CODE THEN |
| 0140 0176   |                                |
| 0142 0B01   |                                |
| 0144 0035   |                                |
| 0146 5E0E   |                                |
| 0148 0152   |                                |
| 014A 5F00   | CALL DEACTIVATE                |
| 014C 029E   |                                |
| 014E 5E08   | CASE #SWAP_IN_SEG_CODE THEN    |
| 0150 0176 • |                                |
| 0152 OB01   |                                |
| 0154 0036   |                                |
| 0156 5E0E   |                                |
| 0158 0162   |                                |
| 015A 5F00   | CALL SWAP_IN                   |
| 015C 02AC'  | -                              |
| 015E 5E08   | CASE #SWAP_OUT_SEG_CODE THEN   |
| 0160 0176 • |                                |
| 0162 OB01   |                                |
| 0164 0037   |                                |
| 0166 5E0E   |                                |
| 0168 0172   |                                |
| 016A 5F00   | CALL SWAP_OUT                  |
| 016C 02CA • |                                |
| 016E 5E08   | ELSE                           |
| 0170 0176   |                                |
| 0172 2102   | LD R2,#ERROR_MSG               |
| 0174 007C   |                                |
|             | FI                             |

- 396 -

|              | 5F00<br>0000*  | CALL        | SNDMSG         |              |
|--------------|----------------|-------------|----------------|--------------|
| 017A         | 5F00<br>02D8   | CALL        | MM_DELAY       |              |
| 017E         | 5F00           | CALL        | SNDCRLF        |              |
| 0182         | 0000*<br>2103  |             | R3,#75         |              |
| 0186         | 004B<br>5700   |             | MM_PRINT_LINE  |              |
| 018A         | 02F4 •<br>5F00 | CALL        | SNDCRLF        |              |
| 0 18C        | 0000*          |             | GNAL (SENDER,  | "DONE") ** ! |
|              | 6101<br>00AA   | LD          | R1, SENDER     | ·            |
| 0192         | 7608           | LDA         | R8,MM_MSG_ARR  | AY O         |
|              | 009A •         |             |                |              |
|              | 0000×          | CALL SIG    | SNAL .         |              |
|              |                |             | EPEAT FOREVER  | ** !         |
|              | 9E08           |             | TEDAT LOUDING  | á á          |
| 019E         |                | END MM_MAIN | I              |              |
| 019E         |                | CREATE_ENTF | XX             | PROCEDURE    |
|              |                | ENTRY       |                |              |
| 019E         | 7608           | LDA R8,M    | M_MSG_ARRAY O  |              |
|              | 009A •         |             |                |              |
|              |                | LDB DR8,    | #SUCCEEDED     |              |
|              | 0202           |             |                |              |
|              | 0025           |             | 2, #CREATE_MSG |              |
|              | 9E08           | RET         |                |              |
| 01AC         |                | END CREATE_ | ENTRY          |              |
| 0 1 A C      |                | DELETE_ENTE | Y              | PROCEDURE    |
|              |                | ENTRY       |                |              |
| 01AC         |                | LDA R8,M    | M_MSG_ARRAY O  |              |
| 01B2<br>01B4 | 0C85           | LDB @R8,    | #SUCCEEDED     |              |
|              | 2102           | LD R2,#     | DELETE_MSG     |              |
| 01B6<br>01B8 | 0036 •<br>9E08 | R ET        |                |              |
| 01BA         | 100            | END DELETE  | ENTRY          |              |

| 0184                   | ACTIVATE PROCEDURE<br>! R8: ARGUMENT PTR !                           |
|------------------------|----------------------------------------------------------------------|
|                        | ENTRY                                                                |
| 01BA 7608              | LDA R8, MM_MSG_ARRAY O                                               |
| 01BC 009A<br>01BE 6182 | LD R2, ACTIVATE_ARG.HANDLE 2 (R8)<br>!UNIQUE ID!                     |
| 01C0 0008              |                                                                      |
|                        | CLR R3                                                               |
| 01C4 608B<br>01C6 000A | LDB RL3, ACTIVATE_ARG.ENTRY_NO(R8)                                   |
|                        | SUB R15, #SIZEOF RET_VAL                                             |
| 01CA 0010              | SOB RIS, *SIZEOF REI_VRL                                             |
|                        | LD R8, R15                                                           |
|                        | LD RO, #FALSE                                                        |
| 01D0 CCCC              |                                                                      |
|                        | LD R1, #0 !G_AST INDEX!                                              |
| 01D4 0000              |                                                                      |
|                        | LD R4, #1 !NR OF ENTRIES SEARCHED!                                   |
| 01D8 0001              |                                                                      |
|                        | SEADCH C ASM.                                                        |
|                        | SEARCH_G_AST:<br>DO                                                  |
| 01DA 5012              | CPL RR2, G_AST.UNIQUE_ID(R1)                                         |
| 01DC 0000*             |                                                                      |
| 01DE 5E0E              | IF EQ !SEGMENT IS ACTIVE! THEN                                       |
| 01E0 01EA"             |                                                                      |
| 01E2 2100              | LD RO, #TRUE                                                         |
| 01E4 BBBB              |                                                                      |
| 01E6 5E08              | EXIT FROM SEARCH_G_AST                                               |
| 01E8 01FE*             |                                                                      |
| 0103 3040              | PI<br>TNC F# #1                                                      |
| 01EA A940              | INC E4, #1<br>CP R4, #G_AST_LIMIT                                    |
| 01EE 000A              | CE VA <sup>®</sup> <sup>a</sup> G <sup>w</sup> OT <sup>m</sup> TIUTI |
| 01F0 5E02              | IF GT !END OF G_AST! THEN                                            |
| 01F2 01F8              |                                                                      |
| 01F4 5E08              | EXIT FROM SEARCH_G_AST                                               |
| 01F6 01FE              |                                                                      |
|                        | FI                                                                   |
| 01F8 0101              | ADD R1, #SIZEOF G_AST_REC                                            |
| 01FA 0020              |                                                                      |
| 01FC E8EE              | OD                                                                   |
| 01FE 0B00              | CP RO, #FALSE                                                        |
| 0200 CCCC              |                                                                      |
|                        | IF EQ !SEGMENT NOT ACTIVE!                                           |
| 0202 5E0E              | THEN                                                                 |
| 0204 0266              |                                                                      |
| 0206 2100              | LD RO, #1                                                            |
| 0208 0001              |                                                                      |
| 020A 2101              | LD R1, #0                                                            |
|                        |                                                                      |

020C 0000 FIND\_FREE\_ENTRY: DO 020E 1404 LDL RR4, #FREE ENTRY 0210 EEEE 0212 EEEE 0214 5014 CPL RR4, G\_AST.UNIQUE ID (R1) 0216 0000\* 0218 5E0E IF EQ !ENTRY IS AVAILABLE! THEN 021A 0220" 021C 5E08 EXIT FROM FIND FREE ENTRY 021E 0234' FI INC 0220 A900 RO, #1 0222 OB00 CP RO, #G\_AST\_LIMIT 0224 000A 0226 5E02 IF GT !END OF G\_AST! THEN 0228 022E 022A 5E08 EXIT FROM FIND\_FREE\_ENTRY 022C 0234" FI 022E 0101 ADD R1, #SIZEOF G\_AST\_REC 0230 0020 0232 E8ED OD RO, #G\_AST\_LIMIT 0234 OB00 CP 0236 000A LE !FOUND FREE ENTRY! IF 0238 5E0A THEN 023A 025C" 023C 5D12 LDL G AST. UNIQUE\_ID(R1), RR2 023E 0000\* ! ZERO ALL EVENT DATA ENTRIES ! 0240 1404 LDL RR4, #0 0242 0000 0244 0000 LDL G\_AST. SEQUENCER (R1), RR4 0246 5D14 0248 0014\* 024A 5D14 LDL G\_AST.EVENT1(R1), RR4 024C 0018\* 024E 5D14 LDL G AST. EVENT2(R1), RR4 0250 001C\* LDB RET\_VAL.CODE1 (R8) , #SUCCEEDED 0252 4C85 0254 0000 0256 0202 0258 5E08 ELSE 025A 0262" LDB RET VAL.CODE1 (R8), #G\_AST\_FULL 025C 4C85 025E 0000 0260 0000 FI 0262 5E08 ELSE !SEGMENT ACTIVE!

|              | 0000         | LDB   | RET_VAL.CODE1 (R8) , #SUCCEEDED |
|--------------|--------------|-------|---------------------------------|
|              |              | FI    |                                 |
|              | 5D82<br>0002 | LDL   | RET_VAL.MM_HANDLE 0 (R8), RR2   |
| 0270         |              | LD    | RET_VAL.MM_HANDLE 2 (R8), R1    |
| 0272         |              |       |                                 |
| 0274         | 1404         | LDL   | RR4, #%30001                    |
| 0276         |              |       |                                 |
| 0278         |              |       |                                 |
| 027A         |              | LDL   | RET_VAL.CLASS (R8), RR4         |
| 027C<br>027E |              | TD    | RET_VAL.SIZE(R8), #1            |
| 0280         |              | עע    | REI_VAL.SIZE(RO), VI            |
| 0282         |              |       |                                 |
| 0284         | 7689         | LDA   | R9, RET_VAL (R8)                |
| 0286         |              |       |                                 |
| _            | 7608         | LDA   | R8, MM_MSG_ARRAY O              |
|              | 0094         | TD    | R2, #16                         |
|              | 0010         | لا ما | AZ, #10                         |
|              |              | LDIRB | @R8, @R9, R2                    |
| 0292         |              |       |                                 |
| 0294         |              | LD    | R2, #ACTIVATE_MSG               |
|              | 0047         |       |                                 |
|              |              | ADD   | R15, #SIZEOF RET_VAL            |
| 029A         | 9E08         | ምዊ ፍ  |                                 |
|              | 5500         |       | TIVATE                          |
|              |              |       |                                 |

| 029E                    | DEACTI | VATE                      | PROCEDURE |
|-------------------------|--------|---------------------------|-----------|
|                         | ENTRY  |                           |           |
| 029E 7608<br>02A0 009A' | LDA    | R8,MM_MSG_ARRAY           | 0         |
| 02A2 0C85               | LDB    | @R8,#SUCCEEDED            |           |
| 02A4 0202<br>02A6 2102  | LD     | R2, #DEACTIVATE_M         | SG        |
| 02A8 0054<br>02AA 9E08  | የ ምጥ   |                           |           |
| 02AC                    |        | ACTIVATE                  |           |
| 0 2 A C                 | SWAP_I | N                         | PROCEDURE |
|                         | ENTRY  |                           |           |
| 02AC 2102<br>02AE FF30  | LD     | R2, #%FF30                |           |
| 02B0 3B26               | OUT    | %FFD2, R2                 |           |
| 02B2 FFD2<br>02B4 7608  | LDA    | R8, MM_MSG_ARRAY          |           |
| 02B6 009A               |        | WAIT !R8:MSG AR           |           |
| 02BA 0000*              |        |                           |           |
| 02BC 7608<br>02BE 009A  | LDA    | R8,MM_MSG_ARRAY           | 0         |
| 02C0 0C85               | LDB    | <pre>@R8,#SUCCEEDED</pre> |           |
| 02C2 0202<br>02C4 2102  | LD     | R2,#SWAP_IN_MSG           |           |
| 02C6 0063<br>02C8 9E08  |        |                           |           |
| 02C8 5E00               |        | AP_IN                     |           |

- 401 -

| 02CA |        | SWAP_OU | IT                        | PROCEDURE |
|------|--------|---------|---------------------------|-----------|
|      |        | ENTRY   |                           |           |
| 02CA | 7608   | LDA     | R8, MM_MSG_ARRAY C        | )         |
| 02CC | 009A * |         |                           |           |
| 02CE | 0C85   | LDB     | <pre>@R8,#SUCCEEDED</pre> |           |
| 02D0 | 0202   |         |                           |           |
| 02D2 | 2102   | LD      | R2, #SWAP_OUT_MSG         |           |
| 02D4 | 006F*  |         |                           |           |
| 02D6 | 9E08   | RET     |                           |           |
| 02D8 |        | END SWA | P_OUT                     |           |
|      |        |         |                           |           |

| 02D8              | MM_DELAY              | PROCEDURE |
|-------------------|-----------------------|-----------|
|                   | ******************    | ********* |
|                   | ! PRODUCES 2 SEC DELA | Y I       |
|                   | *******               | ****      |
|                   | ENTRY                 |           |
| 02D8 2102         | LD R2, #COUNT         |           |
| 02DA 000A         |                       |           |
| 02DC 2101         | LD R1, #TIME          |           |
| 02DE 01F4         |                       |           |
|                   | DO                    |           |
| 02E0 0B02         | CP R2, #0             |           |
| 02E2 0000         |                       |           |
| 02E4 5E0E         | IF EQ THEN EXIT F     | I         |
| 02E6 02EC'        |                       |           |
| 02E8 5E08         |                       |           |
| 02EA 02F2*        |                       |           |
| 02EC AB20         | DEC R2                |           |
| 02EE <b>7</b> B1D | MREQ R1               |           |
| 02F0 E8F7         | OD                    |           |
| 02F2 9E08         | RET                   |           |
| 02F4              | END MM_DELAY          |           |

| 02F4 MM_PRINT_LINE PROCEDURE                  |
|-----------------------------------------------|
| ·*************************************        |
| ! PRINTS LINE LENGTH !                        |
| ! SPEC IN R3.                                 |
| <b>;****</b> ******************************** |
| ENTRY                                         |
| 02F4 C82D LDB RLO, #DASH                      |
| DO                                            |
| 02F6 0B03 CP R3, #0                           |
| 02F8 0000                                     |
| O2FA SEOE IF EQ THEN EXIT FI                  |
| 02FC 0302*                                    |
| 02FE 5E08                                     |
| 0300 030A*                                    |
| 0302 5F00 CALL SNDCHR                         |
| 0304 0000*                                    |
| 0306 AB30 DEC R3                              |
| 0308 E8F6 OD                                  |
| 030A 9E08 RET                                 |
| 030C END MM_PRINT_LINE                        |
| 030C MM_PRINT_BLANKS PROCEDURE                |
| 1*************************************        |
| ! PRINTS NUMBER OF                            |
| ! BLANKS SPEC IN R3.                          |
| · • • • • • • • • • • • • • • • • • • •       |
| ENTRY                                         |
| 030C C820 LDB RLO, #SPACE                     |
|                                               |
| 030E 0B03 CP R3, #0                           |
| 0310 0000                                     |
| 0312 SEOE IF EQ THEN EXIT FI                  |
| 0314 031A'                                    |
| 0316 5E08                                     |
| 0318 0322                                     |
| 031A 5F00 CALL SNDCHR                         |
| 031C 0000*                                    |
| O31E AB30 DEC R3                              |
| 0320 E8F6 OD                                  |
| 0322 9E08 RET                                 |
| 0324 END MM_PRINT_BLANKS                      |
| END MM_PROCESS                                |

### LIST OF REFERENCES

- Advanced Micro Computers, AM96/4116 AMZ8000 16-bit Monoboard Computer, Users's Manual, 1980.
- Coleman, A. R., <u>Security Kernel Design for a</u> <u>Microprocessor-Based</u>, <u>Multilevel</u>, <u>Archival Storage</u> <u>System</u>, MS Thesis, Naval Postgraduate School, December 1979.
- Denning, D. E., "A Lattice Model of Secure Information Flow," <u>Communications of the ACM</u>, V. 19, p 236-242, May 1976.
- 4. Dijkstra, E. W., "The Humble Programmer," <u>Communications of the ACM</u>, V. 15, No. 10, p. 859-865, October 1972.
- Gary, A. V. and Moore, E. E., <u>The Design and</u> <u>Implementation of the Memory Manager for a Secure</u> <u>Archival Storage System</u>, MS Thesis, Naval Postgraduate School, June, 1980.
- Madnick, S. E. and Donovan, J. J., <u>Operating Systems</u>, McGraw Hill, 1974.
- O'Connell, J. S. and Richardson, L. D., <u>Distributed</u> <u>Secure Desqn for a Multi-microprocessor Operating</u> <u>System</u>, MS Thesis, Naval Postgraduate School, June 1980.
- 8. Organick, E. J., <u>The Multics System</u>: <u>An Examination of</u> <u>Its Structure</u>, MIT Press, 1972.
- Parks, E. J., <u>The Design of a Secure File Storage</u> <u>System</u>, MS Thesis, Naval Postgraduate School, December 1979.
- Reed, P. D., <u>Processor Multiplexing in a Layered</u> <u>Operating System</u>, MS Thesis, Massachusetts Institute of Technology, MIT LCS/TR-167, 1979.
- Reed, P. D. and Kanodia, R. K., "Sycnhronization With Eventcounts and Sequencers," <u>Communications of the ACM</u>, V. 22, No. 2, pp. 115-124, February 1979.

- 404 -

- 12. Reitz, S. L., <u>An Implementation of Multiprogramming</u> and <u>Process Management for a Security Kernel Operating</u> <u>System</u>, MS Thesis Naval Postgraduate School, June 1980.
- Riggins, C., "When No Single Language Can Do the Job, Make it a Language-Family Matter," <u>Electronics Design</u>, February 15, 1979.
- 14. Saltzer, J. H., <u>Traffic Control in a Multiplexed</u> <u>Computer System</u>, Ph.D. Thesis, Massachusetts Institute of Technology, 1966.
- Schell, Lt. Col. R. R., "Computer Security: the Achilles Heel of the Electronic Air Forece?," <u>Air</u> <u>University Review</u>, V. 30, No. 2, pp. 16-33, January 1979.
- Schell, Lt. Col. R. R., "Security Kernels: A Methodical Design of System Security," <u>USE Technical</u> <u>Papers</u> (Spring Conference, 1979) pp. 245-250, March 1979.
- Schell, R. R. and Cox, L. A., <u>Secure Archival Storage</u> <u>System</u>, <u>Part I -- Design</u>, Naval Postgraduate School, NPS52-80-002, March 1980.
- Schroeder, M.D., "A Hardware Architecture for Implementing Protection Rings," <u>Communications of the</u> <u>ACM</u>, V. 15, No. 3, pp. 157-170, March 1972.
- Strickler, A. R., <u>Implementation of Process Management</u> for a <u>Secure Archival Storage System</u>, MS Thesis, Naval Postgraduate School, March 1981.
- Wells, J. T., <u>Implementation of Segment Management for</u> <u>a Secure Archival Storage Sytem</u>, MS Thesis, Naval Postgraduate School, Septemeber 1980.
- Zilog, Inc., <u>Z8000 PLZ/ASM Assembly Language</u> <u>Programming Manual</u>, 03-3055-01, Revision A, April 1979.
- 22. Zilog, Inc., Z8001 CPU Z8002 CPU, Preliminary Product Specificaion, March 1979.
- 23. Zilog, Inc., <u>Z8010 MMU Memory Management Unit</u>, Preliminary Product Specification, October 1979.

# INITIAL DISTRIBUTION LIST

| 1. | Defense Documentation Center<br>ATTN:DDC-TC<br>Cameron Station<br>Alexandria, Virginia 22314                               | No. Copies<br>2 |
|----|----------------------------------------------------------------------------------------------------------------------------|-----------------|
| 2. | Library, Code 0142<br>Naval Postgraduate School<br>Monterey, California 93940                                              | 2               |
| 3. | Department Chairman, Code 52<br>Department of Computer Science<br>Naval Postgraduate School<br>Monterey, California 93940  | 2               |
| 4. | National Security Agency<br>Attn.: Col. Roger R. Schell<br>C1<br>Fort George Meade, Maryland 20755                         | 5               |
| 5. | Lyle A. Cox, Jr., Code 52C1<br>Department of Computer Science<br>Naval Postgraduate School<br>Monterey, California 93940   | 4               |
| 6. | Joel Trimble, Code 221<br>Office of Naval Research<br>800 North Quincy<br>Arlington, Virginia 22217                        | 1               |
| 7. | John P.L. Woodward<br>The MITRE Corporation<br>P.O. Box 208<br>Bedford, Massachusetts 01730                                | 1               |
| 8. | Digital Equipment Corporation<br>Attn: Mr. Donald Gaubatz<br>146 Main Street<br>ML 3-2/E41<br>Maynard, Massachusetts 01754 | 1               |

| 9.  | Joe Urban<br>University of Southwestern Louisiana<br>P.O. Box 44330<br>Lafayette, Louisiana 70504                              | 1 |
|-----|--------------------------------------------------------------------------------------------------------------------------------|---|
| 10. | LCDR Gary Baker, Code 37<br>COMRESPATWINGPAC<br>Code 32<br>NAS Moffett Field, California 94035                                 | 1 |
| 11. | LCDR John T. Wells<br>P.O. Box 366<br>Waynesboro, Mississippi 39367                                                            | 1 |
| 12. | James P. Anderson Co.<br>Box 42<br>Fort Washington, Pennsylvania 19034                                                         | 1 |
| 13. | I. Larry Avrunin, Code 18<br>DTNSRDC<br>Bethesda, Maryland 20084                                                               | 1 |
| 14. | Gerald B. Blanton<br>242 San Carlos Way<br>Novato, Calif. 94947                                                                | 1 |
| 15. | Intel Corporation<br>Attn: Mr. Robert Childs<br>Mail Code: SC4-490<br>3065 Bowers Avenue<br>Santa Clara, California 95051      | 1 |
| 16. | Dr. J. McGraw<br>U.C L.L.L. (1-794)<br>P.O. Box 808<br>Livermore, California 94550                                             | 1 |
| 17. | M. George Michael<br>U.C L.L.L. (L-76)<br>P.O. Box 808<br>Livermore, California 94550                                          | 1 |
| 18. | Robert Montee<br>Director, Long Range Systems Planning<br>Honeywell, MN 12-2276<br>Honeywell Plaza<br>Minneapolis, Minn. 55408 | 1 |

19. Dr. F. C. Colon Osorio 1 Research and Developement Digital Equipment Corp. 146 Main Street Maynard, Mass. 01754 1 20. David P. Reed MIT Lab for Computer Science 545 Tech Sq Cambridge, Mass. 02139 1 21. Capt. Anthony R. Strickler HQ Command, US Army Signal Center & Ft. Gordon (WOU5AA) Ft. Gordon, Georgia 30905 1 22. Lt. W. J. Wasson Naval Electronics Systems Command Headquarters, PME 124 Washington D. C. 20360 23. S. H. Wilson 1 Code 7590 Naval Research Lab Washington D. C. 20375 1 24. Maj. Robert Yingling Box 6227 APO New York, New York 09012 LCDR William R. Shockley 40 25. Code 52Sp Department of Computer Science Naval Postgraduate School Monterey, California 93940 5 26. LCDR Ronald W. Modes Code 52Mf Department of Computer Science Naval Postgraduate School Monterey, California 93940 27. S. L. Perdue 5 Code 52 Department of Computer Science Naval Postgraduate School Monterey, California 93940



# U199439



