Core Software Fundamentals

C/C++ Translation to Machine Code

• Pointers, memory access, data/structure layout, etc
• C++ VTables
  • General implementations under the hood
  • The virtual table – Learn C++ (learncpp.com)

CPU fundamentals

System/OS fundamentals

• Context Switching
  • Thread context
  • Thread scheduling
  • CPU Scheduling in Operating Systems - Geeks for Geeks
  • Preemptive and Non-Preemptive Scheduling - Geeks for Geeks
  • Process Table and Process Control Block (PCB) - Geeks for Geeks
• Synchronization (atomic operations, mutex, semaphore, etc)
• Operating Systems - Geeks for Geeks
• Computer Organization and Architecture Tutorials - Geeks for Geeks

Memory Paging

• Page Tables
  • Switching application contexts changes what page table entries are active/valid
  • Page Table - Wikipedia
  • Virtual Memory in Operating System - Geeks for Geeks
  • Paging in Operating System - Geeks for Geeks
  • Page Table Entries in Page Table - Geeks for Geeks
  • Memory Allocation Techniques | Mapping Virtual Addresses to Physical Addresses - Geeks for Geeks
• Security Features
  • ASLR: Address Space Layout Randomization - Wikipedia
  • "No Execute" permission: NX Bit - Wikipedia
  • Page Table Entry locking: HW or SW enforced protection to prevent unintended external modifications.

Assembly

• Basic understanding of assembly design
  • Calling conventions (stack owner, argument passing)
  • Prolog, epilog (stack manipulation, return address)
  • Local variables/stack access
  • Registers/flags
  • Standard/common control flows
  • Common optimization techniques
    • Control flow optimizations
    • Integer bit tricks/data manipulation optimizations
  • Execution context switching
    • Thread switching
    • Interrupt processing
• RISC vs CISC architectures
• RISCV - Used in a lot of custom/proprietary controllers/sub systems
• ARM - Used for a lot of public/consumer IoT products
• X86/64 - Home/business computers
• Instruction pipelines
  • Instruction pipelining - Wikipedia
  • Out-of-order execution - Wikipedia

Interrupts

• Software interrupts
  • Intentially triggered interrupts (BREAK, INT, signal, etc)
  • Exceptions/faults
  • syscalls
    • Common design patterns of passing arguments to syscalls
  • Introduction of System Call - Geeks for Geeks
• Hardware interrupts
  • Programmable interrupt controller - Wikipedia
• Privilege Levels
  • Processing an interrupt causes a context switch into matching or higher privileged level to process the interrupt
  • X86 Protection Rings
  • ARM Exception Levels (EL)
  • RISCV Privilege Modes
  • Assign privilege levels to appropriate software layers
    Example:
    • Most privileged
      • TPM, Security Module, etc
      • Ring/EL 0, Machine Mode
    • 2nd privileged
      • Hypervisor
      • Ring/EL 1/0, Supervisor/Machine Mode
    • 3rd privileged
      • Kernel
      • Ring/EL 2/1, Supervisor Mode
    • 4th privileged
      • Micro/user driver, system service
      • (If available/applicable) Ring/EL 3/2
    • Least privileged
      • User space
      • Ring/EL 4/3, User Mode
• Interrupt Service Routine (ISR)
  • Interrupt Handler - Wikipedia
• CPU ISR/exception/trap table/vector
• Maskable vs unmaskable interrupt
• Interrupt request (PC architecture) - Wikipedia
• Privileged and Non-Privileged Instructions in Operating System - Geeks for Geeks
• Dual Mode Operations in OS - Geeks for Geeks

Inter Process Communication (IPC) designs

• Pipes, shared memory, message boxes, etc
• Inter Process Communication (IPC) - Geeks for Geeks
• Methods in Interprocess Communication - Geeks for Geeks
• IPC Through Shared Memory - Geeks for Geeks
• IPC using Message Queues - Geeks for Geeks

Secure System Software Layers

• What they do/contain, how they provide security, etc

Security Modules

• TPM, HSM, ARM TrustZone, etc
• Trusted Platform Module Technology Overview (Windows) - Windows security | Microsoft Docs
• Trusted Platform Module - Wikipedia
• Hardware Security Module - Wikipedia
• Trusted Execution Environments and Arm TrustZone | Azeria Labs (azeria-labs.com)
• Arm TrustZone explained (microcontrollertips.com)

Hypervisor

• Multi OS system
  • For consumer/IoT devices, it isolates a vulnerable user OS from a trusted, higher privileged system OS
  • In a cloud environment, it isolates separate customer’s OS’ from each other
• Hypervisor - Geeks for Geeks
  • Type 1 HV: bare metal. Better VM isolation but less support for peripherals, cross VM communication, etc.
  • Type 2 HV: Container inside a host OS. Better support for host to container communication, peripherals, etc. But not as good isolation and more risk of container breakout to host.

Kernel

• Microkernel vs Monolithic
• Microkernel in Operating Systems - Geeks for Geeks
• Monolithic Kernel and key differences from Microkernel - Geeks for Geeks

OS/User Mode

• RTOS vs standard OS
• Real Time Operating System (RTOS) - Geeks for Geeks
• RTOS vs OS - Ask Any Difference
• Benefits vs Cons

Containers

• A container is a method used for cloud application deployment that isn’t as secure/isolated as compared to using a VM.
• A container application runs as a normal application within a host OS alongside other deployed container applications. Container applications are configured with a set of versioned support libraries that make it run in a constantly defined environment, regardless of the host OS.
• Popular modern host OS’ have containerization support that help with security and isolation, such as a sandbox environment (isolated view of files, system resources, etc) and fine-grained permissions (accessible socket ports, files, system resources, etc).
• Because it runs in the context of a shared host OS, any vulnerable or malicious container application can put the system at risk of compromising the host and all other containers, resources, etc. If the host OS provides containerization features, this would require using an exploit to break out of the container sandbox to gain system level access (“container/sandbox escape”).
• Security can be comparable to a Type 2 hypervisor where the hypervisor runs in the host OS. The main difference is that containers will interact with the host OS kernel while applications in a VM will interact with the hosted VM kernel. Container Escape is comparable to VM Escape.

System Boot, Drivers

Registers

• How to use/access them, etc
• Memory-mapped I/O - Wikipedia
• Memory Mapped IO and Isolated IO - Geeks for Geeks

Driver Development

• Drivers communicate with controllers via registers (MMIO) and interrupts
• Users (or microkernel drivers) communicate with drivers via syscalls and/or IPC
• Getting started with Windows drivers - Windows drivers | Microsoft Docs
• Linux Device Drivers, Third Edition (LWN.net)
• Linux Device Drivers: Tutorial for Linux Driver Development (apriorit.com)

Bootstrapping

• General understanding of the process
• BootROM vs BootLoader vs platform/OS packages
  • Introduction of Basic Input Output System (BIOS) - Geeks for Geeks
  • UEFI (Unified Extensible Firmware Interface) and how is it different from BIOS - Geeks for Geeks
  • Board support package (BSP) - Wikipedia

I/O, Direct Memory Access (DMA)

• I/O Interface (Interrupt and DMA Mode) - Geeks for Geeks

Common Bus Protocols

• Basic familiarity
• UART
• I²C
• JTAG
• SPI

Common Driver Stacks

• Basic familiarity
• USB
• Network
• Bluetooth