Monday, October 28, 2024

Active power

 CPU power consists of logic power and io power. Logic power consists of dynamic power and leakage power. Dynamic power included the power used by the clocks and the power used for computation.  Dynamic power varies according to the workload. For example a simple application not using floating point calculation will consume less power as the floating point unit is unused. Leakage of power exists when  transistor are charged and discharged  

Io power is used to drive the connections from the CPU to the peripheral. Some io connection uses power proportional to the bandwidth (eg ram). Some io uses constant power all the time eg PCI. 

The third type of power is called platform power which is the power used by ram, disk, network card etc. 

Sunday, October 27, 2024

IO signalling

 Single-ended signalling use a reference line transmitting the base voltage. To transmit n bits, it uses n+1 signal paths. The data path voltage relative to the reference line determine the value of the bit. 

Differential signalling uses 2 lines and their relative voltage different determine the bit transmitted. Differential signalling has higher interference resistant but uses more power even when there is no transmission is needed. 

Thermal Design Point

 TDP indicate the heat generated by a CPU running with a worst case SSE commercial application for a period of time. CPU is designed for a specific TDP to ensure heat generated are dissipated. CPU would throttle or shutdown if it operate above TDP.  TDP is defined with a base frequency (p1 frequency)  

Actual workload having different profile may operate the CPU below TDP. This gives room for increasing the base frequency when this workload runs and this is the basis for turbo. 

Saturday, October 26, 2024

CPU interfaces

 Beside interfacing to memory, storage, video, network and USB port, the coherent interconnect (eg Intel QOI) connects cpu sockets to allow sharing a common OS. The non-coherent interface allows connecting machine together and the remote machine can access local memory like a PCIe device with a MMIO memory mapped IO range assigned. 

CPU power control

 Compare to CPU l, memory uses significantly less power because there is less transistor switching required. When the machine is idle, the relative power usage for cpu may become less. Microcontrollers are built into the core major components to s new thermal level and control individual component power state. This hardware set up is called power control unit and the firmware is called pcode. The firmware is typically proprietary and configuration is exposed via BIOS or OS to users. 


Some vendor also run their Ocoe off-chip on a Baseboard Management controller and interface to the PCU via platform environmental control interface (PECI). 

Monday, October 14, 2024

Raytracing

Set the camera at a point in space and the direction that it is facing. At a distance D set a viewport through which the camera see. The viewport defines the part of the scene to be render on the canvas which is a memory buffer sized for a certain resolution. 

The scene is a 3-D space which contains objects. Each object (like a sphere) is model mathematically by equation. Each object has a distance away from the camera (D1). Object behind the viewport will be raytraced and rendered on the canvas. From the camera position to each grid on the view port forms a vector. Extend the vector directionally intent hit an object in the scene (intersect). Paint the grid with the color of the object. As the one t is 3-D, the ray may intersect multiple points on the object. Only the front most point will be painted. 

Sunday, October 13, 2024

SPIE set up

The SPIE macro expanded into a PICA structure and a SVC 14 call.  PICA contains a new program mask, the address of the exit routine supplied by the caller and the program check interrupts to trap. 

SPIE is not a type 1 SVC and so a SVRB is created by FLIH to save the registers of the caller. SVC 14 will check if this is a request to eliminate or to cancel an existing SPIE set up. If not, it will check if it is the first SPIE to set up by checking the TCBPIE field for 0. It GETMAINto create a SCA and a PIE. SCA is made to point to PIE which points to PICA. 

if there is an existing SPIE, put the address of the old PICA in R1 and change the PICA to point to the new PICA. 

Lastly SVC 14 gets the program mask from RBOPSW and save it into TCBPMASK which is the first 4 bits in the first byte o TCBPIE. IT THEN BRACH TO EXIT PROLOG. 

Program interrupt handler

Among the various program.interrupts, 4 of them can be disabled (arithmetic overflow or underflow). MVS will ignore these interrupts when it is disabled. PCFLIH determine if there is a SPIE set up by user to handle the specific types of interrupt and passes control to it if it does. Otherwise PCFLIH passes control to OS EXIT routine will will generate a dump if SYSABEND or SYSDUMP DD card is specified. 

SVC EXIT PROLOG

 After SBC completed processing, it passed control to EXIT PROLOG via a BR 14. EXIT PROLOG may pass control to the dispatcher to f the force switch is on. Done SVC like POST or ENQ will caused new work to be ready and thus letting the dispatcher to chose the highest priority work to run next. If the force switch is ofF, EXIT PROLOG may pass control back to the caller. T first determine the type of SVC to work out how to restore the state before returning. Type 1 saved the register in TCB and the other type saves in SVRB. 


EXIT PROLOG would turn off the type 1 flag in ASCB and releases all locks used by SVC. For other SVC types, it acquired the local lock so it can manipulate the RB chain, restored the registers and disabled the io and external interrupt to make it same condition at the time of interrupt. It uses a LPSW instruction to pass control back to the caller. 

web attacks

Injection is to trick the server side to execute code by appending code fragment to the input.  If server side use the input to form the final call to the system, the code fragment is executed.  SQL injection add additional SQL code fragment.  Command injection happens when the system call uses the input.   Remote code execution uses similar principle to exploit web server handling of input.

Cross site scripting attack (XSS) on the other hands is to inject code to client side (web browser).  Web browser dutifully execute all javascript code received.  Stored XSS exploit web pages that embed data stored in database.  Attacker send data contain <script> code segment to the server.  When user retrieve these data (e.g. chat group), the data will be placed inline in the final web page and the code would be executed by the web browser.  

Reflected XSS uses the HTTP request to insert code into the return web page.  Some site may include part of the URL in the web page.  To mitigate, server must sanitize the URL before embed it into the web page to return.  DOM based XSS exploit the URI fragment.  URI fragment is the part of the URL after '#' character.  URI fragment instruct the web browser to automatically scroll to the frame that matches the fragment label.  URI fragment is not saved with the URL in bookmark.  URI segment is not sent to the server and so server side cannot sanitize the URL effectively.


 

 

Saturday, October 12, 2024

Color Depth

 To represent a colour on computer, each base color (RGB) is represented by a number of bit. The number of bit represent the intensity of the color emitted by variying the voltage to each colour pixel in the screen. The group of bits for a colour is called a color channel. The number of bit per colour represent the colour depth. Green colour may have more bits than red and blue in some representation because human eyes are more sensitive to green. 

Color model

Subtractive colour applies to light reflect off a surface such as paper. A colour painted on paper work by filtering out (subtract) certain frequent from white light hitting the surface. For example red color on paper is when light hit the color layer and certain frequency is removed, the remaining light hit the surface, reflected off and goes through the paint layer again. The result is the remains frequency shown as red.  The base color is not red blue and yellow, but cyan, magenta and yellow (CYM)  mixing all 3 colours result in a dark color not reallly black. The colour model is represented as CYMK and K stand for black  

Additive colour on the other hand is used when light is emitted from source.and directly observed.  This is the light sent out from monitor. The base color is red, blue and green (RBG). Mixing all 3 base colour result in white. 

SVC Type 2/3/4 processing by FLIH

 FLIH will obtain storage to build SVRB because the type 3 and 4 module will s separate from the nucleus. As interior is still disabled, FLIH cannot issue GETNAIN SVC. It uses GETCELL macro to get storage. 

FLIh then moves the registers saved in LCCA to SVRB. IO and external interrupt is re-enabled. Get the locks specified in the SVC table entry. Set up R14 with the address of EXIT PROLOG which is entered when the handle ends to clean up such as SVRB. Beach to the interrupt handler. 

SVC Type 1 processing by FLIH

 FLIH copies the registers in LCCA (saved by the interrupt) to TCB register save area. It then try to acquire a local lock (to the address space it runs in) conditionally. If the lock is granted, it set a flag to indicate it got the local lock, enable interrupt for io and external. It then obtains the other lock required based on the SVC table entry and call the handler. 

If the local lock cannot be granted, FLIh decrement the PSW instruction address by 2. PSW is saved in RB. So PSE is now pointing to the SVC instruction. FLIH then calls dispatcher to dispatch the next highest task in system. When the TCB becomes the highest task again, it becomes a resistance and retry the SVC call. 

SVC FLIH

Upon an interrupt, the system will automatically save the PSW in PSA and invoke the SVC FLIH (first level interrupt handler). 

FLIH firstly save the state including registers into LCCA. FLIH is executed with interrupt disable so that the registers will not be change before the save is completed. Next FLIH checks various pre-requisites for SVC call before it invoke the actual SVC module to process the request. This include:

- is the SVC called from another SVC? If yes, SVC violation and abend 

- is is called from SRB mode? It f yes, abend

- test the issuer holding any locks  if yes, abend

- check SVC old PSW if it is in disabled state. If yes, abend

When the tests are passed, FLIH get the TCB added from PSATOLD. Get the RB adddress from TcB. Save the states (PSE, ILC, interrupt code) into RB. 

Finally FLIH looks up the SVC handler address from the SVC table and perform one more check - to check if the SVC needs AFP authorised and that the caller indeed satisfy this crirteria. Depending on the SVC type, FLIH will perform some more processing before calling the SBC handler 

As FLIH is executed disabled, it cannot call ABEND SVC.  To abend the caller when above check fails, it uses CALLRTM macro which will resolved into a branch instruction to RTM1 which in turn jump to RTM2 abend processing.