Symbian OS kernel architecture
With those design goals in mind, we designed an operating system whose architecture, at the highest level, looked like that in Figure 1.1. You can see the major building blocks of the kernel. I've also included two other key system components that are usually considered to be part of the operating system, and that I will cover in this book the file server and the window server. I'll cover each of these building blocks and give you an idea of its basic functionality. The main function ofthe...
The USB client LDD
The class DLddUsbcChannel is the USB client LDD channel object - an instance being created for each main interface that is set on the UDC. It is derived from logical channel base class DLogicalChannel - which means that channel requests are executed in the context of a kernel thread. A DFC queue is associated with the controller object, and this determines which kernel thread is used to process these requests. It is set on a per-platform basis, with the default being DFC thread 0. The channel...
The execution model
When a device driver is loaded and a channel is opened to it, it is ready to handle requests. EKA2 provides two device driver models, which are distinguished by the execution context used to process requests from userside clients. In the first model, requests from user-side clients are executed in the context of these clients, in privileged mode. This functionality is provided by the DLogicalChannelBase class, as shown in Figure 12.4. DModeMChannel__ DLogicalChannelBase DModeMChannel__...
JH Goldfuss
A description of how Symbian OS operates, manages hardware resources and provides services for application software is incomplete without an explanation of how it takes the hardware from an uninitialized, powered-off state to one in which the system is fully ready for action. In this chapter I will walk through the boot process for mobile phones that run the operating system from execute-in-place XIP Flash memory, such as NOR Flash, and then describe the differences needed to support non-XIP...
Processing requests
The EKA1 version of the file server is single-threaded. This single thread processes all requests, for all drives. When the thread blocks, waiting on an I O operation on a particular drive, it is unable to process requests for any other drive. We took the opportunity to improve the file server design in EKA2. It is multi-threaded and allows concurrent access to each drive. As well as the main file server thread, there is normally a thread for each logical drive, and a thread for handling...
Virtual address mapping Yjv
The emulator runs as a single Win32 process, with the consequence that it only has a 2 GB virtual address range for all memory allocation. Compare this with a real device, where each application within the OS typically has approximately 1 GB of virtual address space for its own use. To provide the programming model of the chunk, the emulator uses the low-level VirtualAlloc Windows API, which can reserve, commit and release pages of the process address space. This also enables an emulation of...
Revisiting the synonym problem
Although the multiple memory model is an improvement on the moving memory model, it is not without its own complexities. The most awkward issue is related to the solution for the synonym problem - providing a second or alias virtual address for the same physical address. The problem stems from the use of the virtual address as the initial index into the cache to select the small set of lines from which to determine an exact match using the physical address. Figure 7.16 primarily illustrates the...
Validating the capabilities of the calling thread
As we saw in Chapter 8, Platform Security, many APIs must be governed by security capabilities, to avoid an untrusted application gaining access to privileged functionality. You can see this in the LCD HAL handler that I describe in Section 12.3, where the EDisplayHalSetState function requires the client to have power management capabilities. Such API policing prevents untrusted applications from being able to deny the user access to the screen. You use the following kernel API to validate...
Services provided by the kernel to the kernel
In the introduction to this book, I mentioned that we could consider the architecture of EKA2 from a software layering perspective, as shown in Figure 5.3, and went on to discuss the kind of software that appeared at each layer. In this chapter, I am more concerned with the services each layer provides to the other layers.
Kernel extensions
Fundamentally, kernel extensions are just device drivers that are loaded at kernel boot. However, because of this, their use cases are somewhat specialized. By the time the kernel is ready to start the scheduler, it requires resources that are not strictly defined by the CPU architecture. These are provided by the variant and ASSP extensions, which I have discussed in Chapter 1, Introducing EKA2. These extensions are specific to the particular platform that Symbian OS is running on, and permit...
Shared memory
In many cases, when an application must pass data across some memory context boundary, such as between two processes or between user and kernel contexts, it is most convenient to copy the data. This can be done in a controlled manner that ensures the data being transferred belongs to the sending memory context - and errors are reported correctly rather than causing the wrong program to terminate. However, when the amount of data to be transferred is large, or lower delays in transfer are...
Search rules on loading a process
When a client calls RProcess Create to start a new process, it specifies the filename of the executable and optionally the UID type . If the filename includes the drive and path, then the task of locating the executable is straightforward. When either of these is not supplied, the loader has a fixed set of locations that it searches. This set is much more limited when platform security is enabled. The search rules that it uses are as follows 1. If the filename includes a path but no drive...
Static priority based scheduling
This is the most common form of preemptive scheduling, at least among real time operating systems. Each task is assigned a fixed priority when it is created, and these priorities determine which tasks preempt which other tasks. The actual priority values used are derived using a very simple rule from the deadlines of the various tasks. The tasks are placed in increasing deadline order - that is, the task with the shortest deadline has the highest priority and so on. This is known as deadline...
DFCs
As I will explain in Section 6.3.2.4, IDFCs must be short and there are restrictions on which kernel services they may use. For these reasons IDFCs are rarely used directly except by RTOS personality layers. Instead, ISRs generally use Deferred Function Calls known as DFCs when they want to schedule a thread or perform other tasks not possible from within the ISR itself. DFCs make use of IDFCs in their implementation, so ISRs indirectly use IDFCs whenever they use DFCs. A DFC is an object that...
Memory model
In EKA2, we confine our assumptions about the memory architecture of the ASIC to one module, the memory model. Thus the memory model encapsulates significant MMU differences, such as whether a cache is virtually tagged or physically tagged, and indeed, whether there is an MMU at all. In EKA1, assumptions about memory and the MMU were spread throughout the operating system, making it difficult to produce a mobile phone based on an ASIC without an MMU, for example. This has become much easier...
Mapping RTOS to EKA
I will now assume that the real time application expects a flat address space with no protection, as would be the case on hardware with no MMU. To get this behavior under EKA2, the application must run in supervisor mode in the kernel address space. The obvious way to do this is to make the real time application plus personality layer a kernel extension this will also ensure that it is started automatically, early on in the boot process. In general, a real time application will have its own...
Kernel events reference documentation
A detailed description of each event can be found in the Symbian Developer Library's C component reference section, and in the source for TKernelEvent in kernel kernel.h. A summary is provided here The current user-side thread has taken a software exception, User RaiseExceptionO . The exception type is provided as the first argument to the handler. NKern UnlockSystem has been called by the kernel. The current thread can be discovered from Kern CurrentThread . See Chapter 6, Interrupts and...
Loading a library file
There are various overloads of the method to load a library but all eventually call TInt RLibrary Load const TDesC amp aFileName, const TDesC amp aPath, const TUidType amp aType, TUint32 aModuleVersion The argument aFileName specifies the name of the DLL to be loaded. The descriptor aPath contains a list of path names to be searched, each separated by a semicolon. The argument aType specifies a triplet of UIDs which the DLL must match and aModuleVersion specifies the version that the DLL must...
Caching 1
When we use the FAT file system on either removable media or NAND Flash drives, we always employ two caching schemes to improve performance. The first of these is a cache for the FAT itself. The file system caches the entire FAT into RAM, for all drives formatted using FAT12 or FAT16, and for any drives formatted using FAT32 whose FAT is smaller than 128 KB. This is a ''write-back with dirty bit'' type of cache scheme, with the file system flushing all dirty segments at certain critical points...
Reducing DFC latency
DFCs are the basic tool for doing anything in response to an interrupt. In a real-time environment, there is no time for the interrupt preamble to prepare the system to offer a full and flexible execution environment for the interrupt service routine to run in. Because at the time of an interrupt the kernel could be in almost any state, it's not possible to access kernel data structures freely during an ISR. Instead, EKA2 offers DFCs and IDFCs. These provide a method for your interrupt handler...
Removable media systems
Those Symbian OS phones that support removable media devices must provide a hardware scheme for detecting disk insertion or removal, and it is the local media sub-system that interfaces with this. The file server needs to receive notification of these media change events so that it can handle the possible change of volume, and also so it can pass the information on to any of its clients that have registered for disk event notification. I have already described in Section 9.3.3.1 how the file...
The mass storage file system
This is quite different from any other file system. It contains null implementations of the file system API described in Section 9.4.1, and, when it is mounted on a drive, that drive is inaccessible from the Symbian OS device. Instead, the desktop host computer is allowed exclusive block level access to the drive. The mass storage file system implements the mass storage controller function that I introduced in Section 13.6.2, which involves the handling of SCSI commands received from the host...
Arm 1
The ARM architecture uses banked registers and a fixed-size, fixed-address vector table to deal with exceptions. In ARM terminology, there are seven execution modes 2 A shim is a small section of code which simply passes control to another piece of code without doing any work itself other than possibly some rearrangement of parameters. 1. User usr . This is the only non-privileged mode-that is, certain instructions cannot be executed in user mode, and the MMU will block access to memory regions...
Data cache DCache
When the CPU is reading data, the DCache works in the same way as the ICache. Data hits within the cache are returned immediately and missed data will be sourced from main memory, replacing a recently evicted line. The complexity comes with data writes into the DCache and the combinations of strategies to return it to memory. With write-through caching, every time the CPU writes data, it will be immediately written out to memory, through the write buffer, and the data will update the cached...
Symbian LRTA communication
If the functionality of the LRTA is to be available to Symbian OS applications, we need a mechanism by which Symbian OS code and the LRTA may communicate with each other. In practice this means 1. It must be possible for a Symbian OS thread to cause an RTOS thread to be scheduled and vice-versa 2. It must be possible for data to be transferred between Symbian OS and RTOS threads in both directions. It is usually possible for a Symbian OS thread to make standard personality layer calls the same...
Priority inheritance
Under the priority inheritance scheme, whenever a task t2 holds a mutex M and another task t1 of higher priority is blocked on M then the priority of t2 is raised to that of t1 . When the task eventually releases M, its priority is returned to normal. If the counting semaphore in the classic unbounded priority inversion scenario is replaced by a priority inheritance mutex, you can see that the problem no longer occurs. Instead, when task t1 attempts to acquire the mutex, it is blocked and t2...
The core OS image
As I mentioned in Section 9.4.3.3, NAND Flash devices are not byte-addressable, and they can only be read or written in page-sized units. As a result, they do not support code execute in place XIP . This means that we need a RAM-shadowing scheme for code stored on NAND devices-the code must be read from the Flash into RAM from where it is then executed. Code on the Flash device must be stored in separate partitions from those used for data storage. Since the code partition is a read-only area,...
Nanothread lifecycle
A nanokernel thread can be in one of several states, enumerated by NThreadState and determined by the NThread 's iNState member data. I will describe these states below Threads in this state are eligible for execution. They are linked into the ready list. The highest priority EReady thread is the one that will actually execute at any given time, unless it is blocked on a fast mutex. A thread in this state has been explicitly suspended by another thread rather than blocking on a wait object. A...
Random Access Memory RAM
Random Access Memory RAM is the home of all the live data within the system, and often the executing code. The quantity of RAM determines the type and number of applications you can run simultaneously, the access speed of the RAM contributes to their performance. A Symbian OS phone will have between 8 and 64 MB of RAM. The OS itself has modest needs and the total requirement is determined by the expected use cases. Multimedia uses lots of RAM for mega-pixel cameras images and video recording....
Introduction to GSM
Data is transmitted over the radio channel at a bit rate of 270.833 kHz 13 MHz 48, period 3.69 s . The spectrum used for GSM is divided into channels spaced 200 kHz apart. These channels are time-division multiplexed into eight timeslots, numbered 0 to 7. Each timeslot lasts for 156.25 bit periods 577 s and eight consecutive timeslots one of each number make up one frame 4.615 ms . In the original GSM system prior to GPRS and high speed circuit switched data services each mobile receives only...
Basic power model overview
The basic power framework only gives external visibility to the system-wide power states, which I will now enumerate The model relies on a user-side component to initiate the transitions to standby and off states. There should only be one such component in the system and it must have power management capabilities for more on capabilities, see Chapter 8, Platform Security . This component is currently the shutdown server but that may change in the future to be the domain manager - see Chapter...
Creating and closing a handle to a property
You carry out some property operations such as defining and deleting properties by specifying a category and key, but other operations such as subscribing require a reference to the property to be established beforehand. Some operations, such as publishing, can be done in either way. To create a reference to a property, you use the RProp-erty Attach member function. After this has completed successfully, the RProperty object will act like a normal handle to a kernel resource. When the handle is...
Personality layer
We designed the nanokernel to provide just enough functionality to run a GSM signaling stack. The idea behind this was to allow mobile phone manufacturers to run both their signaling stacks and their personal information management PIM software on a single processor, providing considerable cost savings over the usual two-processor solution. Most mobile phone manufacturers have written their signaling stacks for existing RTOSes such as Nucleus or .ITRON. These signaling stacks represent a...
Kernel event handlers 1
XTRAP handlers can only catch supervisor-mode exceptions in one thread, and are normally used to catch exceptions within a single function call. We use kernel event handlers when we want to catch exceptions occurring in multiple threads or in user-mode over extended periods of time. We implement kernel event handlers using the class DKernelEventHandler, the public interface of which follows class DKernelEventHandler public DBase Values used to select where to insert the handler in the queue...
Andrew Thoelke
Andrew joined Symbian then Psion in 1994 and became one of the key developers of OVAL, a rapid application development language similar to Visual Basic, for the Psion Series3a computers. He has since worked on projects throughout the lifetime of Symbian OS, and spanning many of its technology areas such as kernel, data storage, messaging, Java and platform security. He has been deeply involved in the design, development and promotion of EKA2 for the last four years, taking this project from...
Preemptive scheduling
Cyclic scheduling is a completely co-operative scheduling method - there is no preemption. Once a task begins execution, it must complete before any other task can gain control of the processor - and this is the root of the major problems with cyclic scheduling. To overcome these problems, preemptive scheduling is used. A preemptive system has the following characteristics Interrupts are used to signal external events. An interrupt will have some way, direct or indirect, of triggering a task...
System memory management
It is quite possible to write a single application that manages its own memory carefully, handles OOM scenarios and can adjust its behavior when less memory is available. However, a single application cannot easily determine whether it should release some non-critical memory for example, a cache so that another application can run. However, the kernel provides some support to the system as a whole, to enable the implementation of system-wide memory management policies, typically within a...
Physical memory map
The buses and their connections determine the physical address map of the chip - with 32-bit addressing there is 4 GB of addressable space. Symbian OS uses the CPU's Memory Management Unit MMU to remap the reality of the chip's address space layout into a consistent virtual address space for the software. As an example, the 4 GB address space of the SoC might be divided into large regions by the system bus controller. By only decoding the top three address bits, it produces eight regions, each...
Device driver architecture
The Symbian OS device driver model uses two types of kernel DLL - the logical device driver LDD and the physical device driver PDD . See Figure 12.2. This flexible arrangement provides a level of abstraction that assists in porting between platforms and in adding new implementations of device drivers without impacting or modifying common code and APIs. The LDD contains functionality that is common to a specific class of devices. User-side code communicates with an LDD via a simple interface...
Static data initialization
Kernel-side DLLs, such as device drivers and extensions, are only ever loaded and used by a single process, the kernel itself. Hence, they only need one copy of static data of course, if several threads within the same process require access to this data, the usual care must be taken to avoid synchronization issues . Writeable static data for ROM-resident kernel-mode DLLs that is, those declared in the rombuild.oby file with the keywords variant, device or extension is appended to the kernel's...
Kernel trace channel
The kernel provides tracing support as the lowest common denominator debugging tool. The trace port is available for all software, from the bootstrap and device drivers, right up to C applications. Software can output trace strings through the trace port to assist with development and diagnosis. By default, most hardware platforms will configure a serial port as a debug channel to allow the ASCII strings to be picked up by a host PC with a standard terminal program. The trace support is...
Key ups and downs
WSERV processes each up and down event thus It logs the event, if logging is enabled It tells the keyboard repeat timer object about the event It passes the event to the keyboard translator object It checks for any modifier changes It queues the key up down event It performs further processing to create the character event if there is to be one . The keyboard-repeat-timer object controls auto repeating of key presses. WSERV only receives a single up or down event from the kernel, no matter how...
Other clientside code
RHandWritingAnim contains several other functions for communicating with the anim. Here are a couple of examples void RHandWritingAnim SetDrawData const THandwritingDrawData amp aDrawData TPckgBuf lt THandwritingDrawData gt param param aDrawData return CommandReply EHwOpGetLastChar The first of these functions tells the handwriting animation to draw the digital ink differently that is, with different color or line width . This requires the sending of data to the anim - this is packaged into a...
Changes to the userside API
Both EKA1 and EKA2 use the RBusLogicalChannel class to provide the client-side API to a device driver. On EKA1, this is defined as follows class RBusLogicalChannel public RHandleBase, TDesC amp aDevice,const TVersion amp const TDesC aChan,TInt aUnit,const TDesC aDriver, const TDesC8 anInfo,TOwnerType aType EOwnerProcess DoSvControl TInt aFunction,TAny a1 DoSvControl TInt aFunction,TAny a1,TAny a2 TInt DoCheckBusStatus TInt aSocket This defines four separate types of device driver call This...
Interacting with a device driver
In previous sections, I have explained how device drivers are loaded and channels are opened using the device driver framework. The next stage is to service requests issued from user-side code. There are three main classes involved 1. RBusLogicalChannel - the user-side channel handle 2. DlogicalChannelBase -the kernel-side channel receives requests in the context of the client thread 3. DLogicalChannel - the kernel-side channel receives requests in the context of a separate kernel thread . Note...
NOR Flash characteristics
Flash is nonvolatile memory which can be erased and rewritten. Reading from NOR Flash is just like reading from ROM or RAM. However, unlike RAM, data cannot be altered on Flash just by writing to the location concerned. Flash must be erased before a write operation is possible, and we can only do this erasing in relatively large units called blocks . To erase, the phone software must issue a command and then wait for the device to signal that the operation is complete. The erase sets each bit...
Internal RAM IRAM
Memory that is embedded within the SoC is known as internal RAM IRAM . There is much less of this than main memory. When booting a system from NAND Flash, core-loader code is copied from the first block of NAND into RAM. IRAM is an ideal target for this code due to its simple setup. Once the core-loader is running from IRAM, it will initialize main RAM so that the core OS image can be decompressed and copied there. IRAM can be used as an internal frame buffer. An LCD controller driving a dumb...
Publish and subscribe
Publish and subscribe, also known as ''properties'', provides 1. System-wide global variables 2. A new IPC mechanism, for asynchronous peer-to-peer communication between threads. Figure 4.6 Publish and subscribe overview Figure 4.6 Publish and subscribe overview Publish and subscribe can be used by both user and kernel code, through similar APIs, and so this method also allows communication between user and kernel code. From the user side, you would use the RProperty handle, defined in...
Processes in the emulator
The increased code-sharing in the EKA2 emulator means that the EKA2 emulator provides much better emulation of Symbian OS processes than the EKA1 emulator did. The emulator can instantiate a process from a .EXE file and has the same object and thread ownership model as on target hardware. The EKA1 emulator failed to emulate processes at all. That said, debugging multiple processes on a host OS is difficult and so the EKA2 emulator still executes as a single process in the host OS. Indeed, the...
A GSM stack on EKA
As an illustration of a real time application running on EKA2, I will consider the implementation of a GSM protocol stack. Obviously, only an outline will be given and not all scenarios will be considered - a real stack requires many man-years of development I will assume that all processing is done on the main ARM processor and there is no DSP - while, in principle, this could be achieved on high end ARM devices such as ARM1136, in practice no-one would actually do so, because it would be...