Document revision date: 15 July 2002 | |
Previous | Contents | Index |
Many images that are part of the OpenVMS software product are installed
as shared known images with shared address data. This provides the
performance benefit without requiring the system manager to take any
explicit action.
17.10.6.2 Application Images
As system manager, you might choose to install additional images with
shared address data. In considering this option, you need to
investigate application dependencies on sharable images.
17.10.7 Installing Images to Conserve Physical Memory
You can conserve physical memory by installing images that usually run concurrently from several processes. When an image is not installed, or is installed without the shared attribute, each process running the image requires private sections in memory. Shared images conserve physical memory because only one copy of the code needs to be in memory at any time, and many users can access the code concurrently. Use the /SHARED qualifier to install images as shared images.
When you install an image with the shared attribute, permanent system global sections are created. Execution of non-copy-on-reference global sections requires only one copy per section to be in physical memory, no matter how many processes are running the image to which the sections belong.
The number of images you can install with the shared attribute is
restricted by the GBLPAGES and GBLSECTIONS system parameters. For more
information about these system parameters, refer to the OpenVMS System Management Utilities Reference Manual.
17.10.8 Installing Images to Enhance Privileges of Images
There are two ways to allow an image to execute in an enhanced privilege environment:
Installing an image with enhanced privilege can compromise system security. Make sure the image does not enable a user to regain control with extra privileges enabled. |
A nonprivileged process can perform the privileged functions of an executable image when the image is installed with privileges. Install executable images with enhanced privileges by using the /PRIVILEGED qualifier; amplified privileges are temporarily assigned to any process running the image (executable images only), permitting the process to exceed its user authorization file (UAF) privilege restrictions during execution of the image. In this way, users with normal privileges can run programs that require higher-than-normal privileges.
For an image installed with privileges to activate another image, such as a shareable image, either by having it linked to the privileged image or by using LIB$FIND_IMAGE_SYMBOL, the following conditions hold:
A privileged shareable image is a shareable image with defined entry points that execute in inner (executive or kernel) mode. Inner-mode entry points in shareable images are referred to as user-written system services.
To create a privileged shareable image, you must:
You cannot grant privileges to a shareable image using the /PRIVILEGED qualifier for the INSTALL commands ADD or CREATE. This qualifier works only for executable images. |
For more information about creating privileged shareable images, refer
to the OpenVMS Programming Concepts Manual.
17.10.9 Activating Images in a Privileged Context
When a process performs one of the following actions, the image activator enters a restricted mode of operation similar to that entered when a privileged program is run:
In this mode of operation:
The executable image that calls an execute-only shareable image must be installed with the /EXECUTE_ONLY qualifier, which enables the executable image to activate shareable images to which the process has execute but not read access. The /EXECUTE_ONLY qualifier has meaning only for executable images. This restriction assures that shareable images running in a privileged context can be trusted to behave as expected. |
When you use INSTALL commands, your file specifications must name existing executable or shareable images. OpenVMS RMS resolves each file specification using the following defaults:
You can specify a specific version of the file as the known version of
the image with the CREATE or REPLACE command. Even if other versions of
the file exist, the version that you specify will be the version that
satisfies all known file lookups for the image.
17.10.11 Installing Images with INSTALL
Before performing this task, you should understand the following points:
$ SET PROCESS/PRIVILEGES=CMKRNL |
$ INSTALL |
CREATE file-spec [/qualifier...] |
Specify one or more of the following qualifiers, depending on which
attributes you want to assign to the image:
/EXECUTE_ONLY
/HEADER_RESIDENT
/OPEN
/PRIVILEGED
/PROTECTED
/RESIDENT (Alpha systems only)
/SHARED
/WRITABLE
Installing the Install utility itself requires that a number of shareable images have been previously installed. If any of those required shareable images (such as SMG$SHR, LIBOTS, and so on) is unavailable, the execution of the Install utility fails. Since INSTALL will not work in this situation, you cannot simply install the missing images. To work around this problem, redefine the INSTALL command as follows:
When you now enter the INSTALL command, the image activator does not check the known files list for INSTALL.EXE, and the INSTALL command will complete, allowing you to install the required shareable images. |
Use the INSTALL command LIST to display information about known images.
The information displayed with the /FULL qualifier of the LIST command can help you determine if installing an image is worth the expense.
$ INSTALL |
LIST file-spec |
For example:
INSTALL> LIST LOGINOUT |
LIST/FULL file-spec |
The following example displays complete information about the installed image LOGINOUT.EXE, including the number of accesses, the number of concurrent accesses, and the number of global sections created:
$ INSTALL INSTALL> LIST/FULL LOGINOUT DISK$VMS551:<SYS2.SYSCOMMON.SYSEXE>.EXE LOGINOUT;2 Open Hdr Shar Prv Entry access count = 36366 Current / Maximum shared = 1 / 10 Global section count = 3 Privileges = CMKRNL SYSNAM LOG_IO ALTPRI TMPMBX SYSPRV INSTALL> |
If a shareable image is not located in SYS$SHARE, you must define a logical name for that image in order to run an executable image linked against it. For example, if the file specification for STATSHR is SYS$SHARE:STATSHR.EXE, no logical name is necessary. But if you put STATSHR in SYS$DEVICE:[TEST], you must define STATSHR as a logical name before running an executable image that calls it. The logical name must be the same one that was used as the input file specification for the shareable image when it was linked (this is the same name used in installation). For example:
$ DEFINE STATSHR SYS$SYSDEVICE:[TEST]STATSHR |
By redefining the logical name of a shareable image, you can replace that shareable image with another without requiring the calling executable image to relink. For example, the following statement redefines the file name STATSHR. It becomes the logical name of the shareable image SYS$SYSDEVICE:[MAIN]STATSHR.EXE for executable images calling STATSHR.
$ DEFINE STATSHR SYS$SYSDEVICE:[MAIN]STATSHR |
Logical names defined in the process or group logical name table are ignored when you run a privileged executable image. Only logical names and table names defined in executive or kernel modes are used to find the image. |
The INSTALL command REMOVE removes a known file entry for an image and deletes any global sections created when the image was installed. Note that a volume cannot be dismounted while any known file entries are associated with it. To dismount a volume, you must delete all known images associated with it. You must also wait for all processes using those images to exit. Use the DCL command SHOW DEVICES/FILES to determine the status of the files.
For more information about the INSTALL command DELETE, refer to the
INSTALL section of the OpenVMS System Management Utilities Reference Manual.
17.11 Reserved Memory Registry
The Reserved Memory Registry through its interface within the SYSMAN utility allows an OpenVMS Alpha system to be configured with large amounts of memory set aside for use within memory-resident sections and by other privileged applications. The Reserved Memory Registry also allows an OpenVMS system to be properly tuned through the AUTOGEN utility, taking into account the preallocated reserved memory.
With the Reserved Memory Registry you can:
The Reserved Memory Registry includes the ability to specify that the preallocated pages are to be zeroed during the booting of the system. This option reduces the time required to create the memory-resident global demand-zero section.
Another option within the Reserved Memory Registry is to include the
size of the page tables required to map to the memory-resident global
section in the reserved memory. If this option is specified and the
reserved memory is being used for a memory-resident global section, the
memory-resident global section is created with shared page tables.
17.11.1 Using the Reserved Memory Registry
OpenVMS provides a mechanism to reserve non-fluid memory for use within a memory-resident global demand-zero section. The reserved memory may either be simply a deduction from the system's nonfluid memory size or pages may be preallocated.
Using the Reserved Memory Registry ensures that AUTOGEN tunes the system properly to not include memory-resident section pages in its calculation of the system's fluid page count. AUTOGEN sizes the system pagefile, number of processes and working set maximum size based on the system's fluid page count. A system can experience severe performance problems if AUTOGEN adjusts parameters based upon a fluid page count that does not account for the physical memory that is permanently reserved for some other purpose.
Using the Reserved Memory Registry also ensures that contiguous, aligned memory is available for memory-resident sections when the allocate option is used.
Although this section describes how to use the reserved memory registry for global sections, this feature can be used for other privileged applications. |
Consumers of reserved, nonfluid memory enter the characteristics of the memory into a data file that is read during the system initialization (boot-time). The mechanics of manipulating the data file are similar to SYS$LOADABLE_IMAGES:VMS$SYSTEM_IMAGES.DATA (indicates installation-specific executive loaded images).
This file is called:
SYS$SYSTEM:VMS$RESERVED_MEMORY.DATA |
The file is maintained by the SYSMAN utility (as is the executive
loaded image data file).
17.11.1.2 AUTOGEN
The Reserved Memory Registry file, VMS$RESERVED_MEMORY.DATA, is read by
the AUTOGEN feedback mechanism and factors into the setting of the
system's fluid page count. AUTOGEN sizes the system pagefile, number of
processes and working set maximum size based on the system's fluid page
count.
17.11.1.3 Adding Entries to the Reserved Memory Registry
You add an entry to the data file by using the SYSMAN utility. The SYSMAN command is as follows:
SYSMAN RESERVED_MEMORY ADD gs_name - /GROUP = n - /SIZE = {size of reserved memory, unit: MB} - /[NO]ALLOCATE - /[NO]ZERO - /[NO]PAGE_TABLES |
1. size >= 4 MB: physically aligned on a 4 Mbyte boundary 2. size < 4 MB: physically aligned on a 512 KB boundary |
You can remove a reserved memory entry by issuing the following SYSMAN command:
SYSMAN RESERVED_MEMORY REMOVE gs_name /GROUP = n |
The specified gs_name is the name of the memory-resident section associated with the entry being removed from the Reserved Memory Registry. A name must be specified.
The value n specified by the /GROUP qualifier is the UIC group number (in octal) associated with the memory-resident section being removed. If the memory-resident global section is a group section, you must specify the /GROUP qualifier. If the memory-resident global section is a system global section, you must not specify the /GROUP qualifier.
If page tables are reserved for the named memory-resident global section, the additional reserved memory is also removed.
The REMOVE command only removes entries from the Reserved Memory Registry data file; it does not affect memory within the running system.
Previous | Next | Contents | Index |
privacy and legal statement | ||
6017PRO_079.HTML |