The Common Language Runtime CLR Mark Sapossnek CS
- Slides: 93
The Common Language Runtime (CLR) Mark Sapossnek CS 594 Computer Science Department Metropolitan College Boston University
Prerequisites w Overview of. NET
Learning Objectives w Understand the breadth of services that the Common Language Runtime provides
Agenda w w w What Is the CLR? Assemblies Execution Model Interoperability Security
What is the CLR? The. NET Platform Clients Applications Web Form Protocols: HTTP, HTML, XML, SOAP, UDDI Web Service . NET Framework CLR Tools: Visual Studio. NET, Notepad Windows Your Internal Web Service . NET Foundation Web Services Third-Party Web Services . NET Enterprise Servers
What Is the CLR? The. NET Framework w A set of technologies for developing and using components to create: n n n Web Forms Web Services Windows applications w Supports the software lifecycle n n Development Debugging Deployment Maintenance
What Is the CLR? The. NET Framework VB C++ C# JScript … ASP. NET: Web Services and Web Forms Windows Forms ADO. NET: Data and XML Base Classes Common Language Runtime Visual Studio. NET Common Language Specification
What Is the CLR? Overview w The CLR provides a run-time environment that manages the execution of code and provides services that improves development, deployment, and run time. w Code that targets the CLR is called managed code.
What Is the CLR? Goals w Development services n n Deep cross-language interoperability Increased productivity w Deployment services n n Simple, reliable deployment Fewer versioning problems – NO MORE ‘DLL HELL’ w Run-time services n n n Performance Scalability Availability
What Is the CLR? Goal: Simpler Development w Plumbing disappears n n Metadata Transparent proxies Memory management Consistent exception handling w Great WYSIWYG tool support n n n Designers and wizards Debuggers Profilers w Increased productivity
What Is the CLR? Goal: Simpler, Safer Deployment w No registration, zero-impact install n XCOPY deployment, incremental download w Side-by-side versions of shared components n n Capture version at compile time Administrative policy at run time w Evidence-based security policy n n n Based on code as well as user Code origin (location) Publisher (public key) DLL Hell
What Is the CLR? Goal: Scalability w Smart device to Web Farm w Automatic memory management n n Self-configuring Dynamically tuning w Thread pool w Asynchronous messaging n n Object remoting Events w Smart device version n n Multiple RTOSes Same tools used for desktop
What Is the CLR? Goal: Rich Web Clients, Safe Hosting w Win. Forms on the client w ASP. NET Web Forms on the server w Code is granted permissions n Evidence is used by policy to grant permissions w Application that starts runtime l n n n Like Internet Explorer, IIS, SQL Server™, Shell Provides some evidence Controls code loading Maps applications to processes
What Is the CLR? Goal: Converge Programming Models w COM, ASP, VB, C++ n n All services available Many services redesigned l l l Ease of use Scalability Consistent API w Consistent framework raises the abstraction layer w Gradual transition from simplicity to full power w Less training, greater productivity
What Is the CLR? Goal: Multiple Languages w Common Type System n n n Object-oriented in flavor Procedural languages well supported Functional languages possible w CLS guides frameworks design n n Rules for wide reach All. NET Framework functionality available w Over 15 languages investigated n n Most are CLS consumers Many are CLS extenders w Choose the right language for a particular job
What Is the CLR? Highlights w Common Type System n Mapping of data types: Programming language Framework w Just-in-time (JIT) compilers n n JIT compiles intermediate language (MSIL) into native code Highly optimized for platform or device w Garbage collector w Permission and policy-based security w Exceptions w Threading w Reflection w Diagnostics and profiling
What Is the CLR? Services w Code management w Memory management and isolation w Verification of type safety w Conversion of MSIL to native code w Loading and execution of managed code w Creation and management of metadata w Insertion and execution of security checks w Handling cross-language exceptions w Interoperation between. NET Framework objects and COM objects and Win 32 DLLs w Automation of object layout for late binding w Developer services (profiling, debugging, etc. )
What Is the CLR? Architecture Base Class Library (. NET Framework) Support Thread Support COM Marshaler Type Checker Exception Manager Security Engine Debug Engine MSIL to Native Compilers (JIT) Code Manager Class Loader Garbage Collector (GC)
What Is the CLR? Soon To Be a Standard w Microsoft, with HP and Intel, submitted proposal to ECMA to standardize: n n C# Common Language Infrastructure l Includes the Common Language Runtime and a subset of the. NET Framework classes w http: //msdn. microsoft. com/net/ecma/ w http: //www. ecma. ch
Agenda w w w What Is the CLR? Assemblies Execution Model Interoperability Security
Assemblies Overview w Contains code and metadata w Assemblies function as: n n n Unit of deployment Type boundary Security boundary Reference scope boundary Version boundary Unit of side-by-side execution
Assemblies Overview w Assemblies can be: n Static: DLL, EXE l Uses existing COFF binary format w Via existing extension mechanism n Dynamic w Create assemblies with n n n . NET Framework SDK Visual Studio. NET Your own code l Dynamic assemblies
Assemblies Components of an Assembly w Manifest n Metadata about the assembly itself w Type metadata n Completely describes all types defined in an assembly w Managed code n Microsoft Intermediate Language (MSIL) w Resources n For example, . bmp, . jpg
Assemblies Components of an Assembly Parcel. Tracker. DLL Manifest Type Metadata MSIL Resources
Assemblies Components of an Assembly w An assembly is a logical unit, not physical n It can consist of multiple modules (. DLL, . JPG, etc. ) In this figure, containment implies a 1: M relationship Assembly Module File Type
Assemblies Components of an Assembly A single-file assembly A multi-file assembly File 1. dll File 2. dll Graphic. jpg Logo. gif Manifest Metadata MSIL Resource File 3. dll Manifest
Assemblies Assembly Generation Tool: al. exe w Takes one or more files (containing either MSIL or resource files) and produces a file with an assembly manifest. w When compiling a C# file, you can specify that it create a module instead of an assembly by using /target: module.
Assemblies Manifest w Manifest contains: n Identity information l n n n List of files in the assembly Map of assembly types to files Dependencies l n n Name, version number, culture, strong name Other assemblies used by this assembly Exported types Security permissions needed to run
Assemblies Manifest and Metadata Manifest Type Descriptions Name Version Culture Other assemblies Security Permissions Exported Types Assembly Description Metadata Classes Base classes Implemented interfaces Data members Methods
Assemblies What’s In the Metadata w Description of types n n Name, visibility, base class, interfaces implemented Members l methods, fields, properties, events, nested types w Attributes n n n User-defined Compiler-defined Framework-defined
Assemblies Demo: ILDASM. EXE w Allows you to inspect the metadata and disassembled IL code in an assembly w Great way to see what’s really going on w Use ildasm /? to see the various options
Assemblies Metadata w Key to simpler programming model w Generated automatically n Stored with code in executable file (. dll or. exe)
Assemblies Metadata: Creation and Use noitcelfe. R Source Code srengise. D Other Compiler noitazilaire. S )PAOS. g. e( Compiler Debugger Assembly Type Browser Schema Generator (Manifest, metadata and code) Profiler Proxy Generator gnidocne LMX )LDSW(
Assemblies Compilers Use Metadata w For cross-language data type import w Emit metadata with output code n n n Describe types defined and used Record external assemblies referenced Record version information w Custom attributes can be used n n Obsolete CLS compliance Compiled for debugging Language-specific markers
Assemblies Other Tools Use Metadata w Designer behavior n Controlled by user-supplied attributes l l Category Description w Designer extensibility n User-supplied attributes specify code to use l l Type converters Editors w Web methods marked by custom attribute w Type viewer
Assemblies Global Assembly Cache w A set of assemblies that can be referenced by any application on a machine w Should be used only when needed n Private assemblies are preferred w Located at %System. Root%assembly n (c: winntassembly) w Add assemblies by n n n Installer program gacutil. exe Windows Explorer l n Assembly Cache Viewer (shfusion. dll) is a shell extension for GAC that is installed with the. NET Framework SDK . NET Framework Configuration Tool (mscorcfg. msc) w Assembly must have a strong name
Assemblies Strong Names w Strong names identify an assembly n Contains text name, version, culture, public key, and digital signature w Generated from an assembly using a private key w Benefits n n Guarantees name uniqueness Protect version lineage l n No one else can create a new version of your assembly Provides strong integrity check l Guarantees that contents of an assembly didn’t change since it was built
Assemblies Strong Names w To sign an assembly with a strong name: n n Use Assembly Generation tool: al. exe Use assembly attributes (Assembly. Key. File. Attribute or Assembly. Key. Name. Attribute) w Requires a key pair (private and public) n To generate a key pair use the Strong Name tool: sn. exe
Assemblies Demo: Installing an Assembly in GAC w Create assembly w Sign assembly with key from sn. exe w Install into GAC via gacutil. exe, Assembly Cache Viewer and. NET Framework Configuration Tool
Assemblies Signcode w A strong name identifies an assembly but it does not authenticate an assembly n Strong names do NOT imply a level of trust w Signcode allows the embedding of a certificate in an assembly n Now your assembly can be authenticated
Assemblies Signcode w To use signcode: n n Obtain a Software Publisher Certificate (. spc) Use signcode. exe to sign the assembly w Signcode can only sign one file at a time n For an assembly, you sign the file containing the manifest
Assemblies How Do You Obtain a Certificate? w Purchase one from a well known Certificate Authority (such as Verisign) w Create your own n For testing purposes only Use Makecert. exe to create a X. 509 certificate Use cert 2 spc. exe to generate an SPC from a X. 509 certificate
Assemblies Strong Names and Signcode w Strong names and signcode provide different, complimentary levels of protection w You can assign a strong name or assign a signcode signature to an assembly, or both w When using both, the strong name must be assigned first
Assemblies Signcode w Specify what permissions your assembly needs n n Only specify required permissions Handle optional permissions dynamically w Set security policy on run-time machine
Assemblies Deployment w Unit of deployment n n One or more files, independent of packaging Self-describing via manifest and metadata w Versioning n n Captured by compiler Policy per-application as well as per-machine w Security boundary n n Assemblies are granted permissions Methods can demand proof that a permission has been granted to entire call chain w Mediate type import and export n Types named relative to assembly
Assemblies Deployment w Applications are configurable units n n One or more assemblies Application-specific files or data w Assemblies are located based on: n Their logical name and the application that loads them w Applications can have private versions of assemblies n n Private version preferred to shared version Version policy can be per application
Assemblies MSIL w Microsoft Intermediate Language. assembly hello {}. assembly extern mscorlib {}. method static public void main() il managed {. entrypoint. maxstack 1 ldstr "Hello World from IL!" call void [mscorlib]System. Console: : Write. Line(class System. String) ret }
Assemblies MSIL w Compiled with ilasm. exe w MSIL was designed for the CLR n n n Object-oriented (primitives are not special) Designed for the Common Type System Does not embed type information w See documentation in Framework. SDKTool Developers Guidedocs
Agenda w w w What Is the CLR? Assemblies Execution Model Interoperability Security
Execution Model Create Assembly Source Code Assembly Compiler C++, C#, VB or any. NET language csc. exe or vbc. exe DLL or EXE
Execution Model Source Code MSIL Ngen Native Code VB C# C++ Compiler Assembly Common Language Runtime JIT Compiler Managed Code CLR Services Managed CLR Code Managed Code Operating System Services Unmanaged Code
Execution Model Compiling IL to Native Code w JIT compiler n n n Generates optimized native code Compiled when a method is first called Includes verification of IL code w Ngen. exe n n Install-time native code generation Used when assembly is installed on machine Reduces start-up time Native code has version checks and reverts to run-time JIT if they fail
Execution Model Run-Time Hosts w w ASP. NET Internet Explorer Shell executables More in future n For example: SQL Server (Yukon) w Can create your own run-time hosts
Execution Model Binding to Assemblies w An application consists of one or more assemblies. w How does one assembly bind to another? n Based upon metadata and policy l l Local (preferred) Assembly Global Cache w Multiple versions of an assembly may exist on the same machine. n n Easier software deployment, updates and removal Multiple versions of an assembly can even be used by the same application
Execution Model Application Domains w Traditionally, processes were used to isolate applications running on the same computer n n Isolates failure of one application Isolates memory w Problems n n Uses more resources If needed, inter-process calls can be expensive
Execution Model Application Domains w. NET introduces Application Domains, which allow you to run multiple applications within the same process w Enabled by code verification n No code will crash the process w Managed by the System. App. Domain class w Common assemblies can be shared across domains or can be specific to a domain
Execution Model Application Domains w Benefits: n n n Application domains are isolated Faults are isolated Individual applications can be stopped without stopping the process Can configure each application domain independently Can configure security for each domain Cross-domain calls can be done through proxies l More efficient than cross-process calls
Execution Model Application Domains Thread Shared class data and native code App. Domain (class data and native code) App. Domain Process
Agenda w w w What Is the CLR? Assemblies Execution Model Interoperability Security
Interoperability Cross Language w Common Type System (CTS) n A superset of the data types used by most modern programming languages w Common Language Specification (CLS) n A subset of CTS that allows code written in different languages to interoperate w What languages? n n Microsoft: C++, Visual Basic, C#, JScript Third-Party: Cobol, Eiffel, Smalltalk, Scheme, Oberon, Haskell, Python, Perl, Java, …
Interoperability Common Type System w w w w Value types Classes Arrays Interfaces Delegates Nested types Enumerations Pointers n Managed pointers, unmanaged function pointers
Interoperability Common Type System w Members: fields, properties, methods, events n n n Abstract, virtual, final Literal, initialize-only Static, instance Public, private, family, assembly Newslot, override
Interoperability Managed/Unmanaged w. NET provides interoperability mechanism to permit managed code to call into unmanaged code and vice versa w Why? n n Existing code works, why rewrite it? Calling Microsoft functionality not yet available as. NET assemblies l n n For example, OLEDB server-side cursors Calling 3 rd party native code Migrate your code incrementally
Interoperability Managed/Unmanaged Managed C# Unmanaged VB MFC/ATL VB MSVCRT Delphi C++
Interoperability Managed/Unmanaged. NET Framework w Type standard w Assemblies w Resilient w Type safe w Object based w Exceptions w Strong names w w w w COM/DLL Binary standard Type libraries Immutable Type unsafe Interface based HResults Guids
Interoperability Managed/Unmanaged w. NET provides two mechanisms for interoperability between managed and unmanaged code: n n P/Invoke – Platform Invocation COM integration
Interoperability P/Invoke w Provides access to static entry points in unmanaged DLLs w Similar to: n n VB Declare statement C/C++ Load. Library / Get. Proc. Address w Requires method definition with custom attribute w Marshalls data across the boundary
Interoperability P/Invoke public class Win 32 API { [Dll. Import(“User 32. dll”, Entry. Point=“Message. Box”)] public static extern Boolean Msg. Box(…); }
Interoperability P/Invoke [Struct. Layout(Layout. Kind. Sequential)] Public struct OSInfo ( uint Major. Version; uint Minor. Version; String Version. String; } public class Win 32 API { [Dll. Import(“User 32. dll”)] public static extern Boolean Get. Version. Ex(OSInfo osi); }
Interoperability P/Invoke w Transitions have overhead n Roughly 20 -30 instructions per call w Data marshaling adds additional overhead n n Depending on type and size of data Isomorphic types (char, int, float, long, double, etc. ) are cheap w Make transitions wisely n Chunky calls as opposed to chatty
Interoperability COM Integration w What is COM? w What is the relationship between the CLR and COM?
Interoperability What Is COM? Application Code and data structures Before COM, applications were completely separate entities with little or no integration
Interoperability What Is COM? COM provides a way for components to integrate. However, each component must provide the “plumbing” and objects cannot directly interact.
Interoperability COM Integration With the. NET Framework Common Language Runtime, components are built on a common substrate. No “plumbing” is needed and objects can directly interact.
Interoperability COM Integration w Provides a bridge between. NET Framework and COM and vice versa w Maintains programming model consistency on both sides w Abstracts the inconsistencies between the two models n n n Different data types Method signatures Exception/HRESULTs w Use COM interoperability for n n Backward compatibility COM+ services
Interoperability COM Integration w Using COM components from. NET n n Use Tlb. Imp. exe to generate an assembly (. DLL) that is a wrapper for a COM component Then just reference it, instantiate with new, call it, derive classes from it, catch exceptions, use reflection, etc. Don’t have to know anything about COM The CLR creates a Runtime Callable Wrapper (RCW) that implements all the COM plumbing l Reference counting, marshalling data, mapping HRESULTs to exceptions, etc.
Interoperability COM Integration w Using. NET components from COM n n n Use Reg. Asm. exe to register all public classes in an assembly Can use Tlb. Exp. exe to create a COM type library Use the component from COM just like any other COM component The CLR creates a COM Callable Wrapper (CCW) that implements the necessary COM interfaces (IUnknown, IDispatch, IType. Info, etc. ) and marshalls data between managed and unmanaged code Use Reg. Svcs. exe to register. NET classes in COM+ l Will create COM+ Application or use an existing one
Agenda w w w What Is the CLR? Assemblies Execution Model Interoperability Security
Security Why Care?
Security Design Goals w Provide a robust security system for partiallytrusted, mobile code w Make it easy to: n n n Express fine-grained authorizations Extend and customize the system Perform security checks in user code w No end-user UI! n Never ask a user to make a security decision “on the fly”
Security Code Verification w Code can only perform legal operations w Encapsulation boundary is preserved n Can only call the exposed methods w No buffer overruns
Security Code Access Security w Code may require permissions to run w Security policy determines what code is allowed to run n By machine l l n Where did this code come from? Who authored it? By user w If no permission then a Security. Exception is thrown
Security Code Access Security w Can specify the permissions needed by code n n Declarative, with attributes Imperative l l See permissions classes in the namespace: System. Security. Permissions Create a permission object, then call Demand() w By default, the CLR will ensure that all code in call chain has the necessary permissions
Security Code Access Security w Security check w Varying levels of trust w Behavior constrained by least trustworthy component Call Chain Assembly A 1 G 1 P Assembly A 2 G 2 P Assembly A 3 G 3 P Assembly A 4 G 4
Security Code Access Security w Can override security checks n n n Assert() lets you and the code you call perform actions that you have permission to do, but your callers may not. Deny() lets you prevent downstream code from performing certain actions Permit. Only() is like Deny(), but you specify the only permissions the downstream code will have.
Security Permissions w Permission and permission set n XML representation of permissions w Code access permissions n Protect resources and operations w Identity permissions n Characteristics of an assembly‘s identity w Role-based permissions n Discover a user‘s role or identity w Custom permissions n Design and implement your own classes
Security Policy w Process of determining permissions to grant to code n n Permissions granted to code, not user Grants are on a per-assembly basis w Multiple levels of policy n n Machine-wide, user-specific by default Further restrictions allowed on a per applicationdomain basis
Security Policy w Each policy level is a collection of code groups n n Code has identity in the runtime, just like users have identity in OS Permissions are associated with each code group w Evidence determines group membership n In the group, get granted the related permissions All Code P Publisher: Microsoft Name: MS. Office P P Name: MS. Money Zone: Internet P P Zone: Local Intranet Publisher: Corp. Admin P P Site: XYZ. COM Site: localweb P P
Security Policy w Policy levels: machine, user, application domain user machine appdomain Resulting permission set
Security Tools w Code access security tool n caspol. exe w Managing certificates n cert 2 spc. exe, certmgr. exe , makecert. exe , chktrust. exe w Managing assemblies n n Shared Name utility: Sn. exe Global Assembly Cache utility: gacutil. exe w permview. exe n View permissons requested by an assembly
Conclusion w w w What Is the CLR? Assemblies Execution Model Interoperability Security
Resources w. NET Framework and the CLR by Jeffrey Richter n http: //msdn. microsoft. com/msdnmag/issues/0900/Framework. asp n http: //msdn. microsoft. com/msdnmag/issues/1000/Framework 2. asp w Garbage Collection by Jeffrey Richter n http: //msdn. microsoft. com/msdnmag/issues/1100/GCI. asp n http: //msdn. microsoft. com/msdnmag/issues/1200/GCI 2. asp w Building, Packaging, Deploying by Jeffrey Richter n http: //msdn. microsoft. com/msdnmag/issues/01/02/buildapps. asp n http: //msdn. microsoft. com/msdnmag/issues/01/03/buildapps 2. asp
Resources w Security article by Keith Brown n http: //msdn. microsoft. com/msdnmag/issues/01/02/CAS. asp w ECMA CLI Standardization n http: //msdn. microsoft. com/net/ecma/ n http: //www. ecma. ch
- Clr c#
- Clr c#
- Case study on memory management
- Sjmp instruction in 8051
- Jvm vs clr
- Clr co to
- Clr 250
- Lcr is related to which tree traversal
- Clr vs jvm
- Clr in net
- Clr vs jvm
- Src:clr
- Weather 20015
- Clr button
- Cil clr
- Clr garbage collection
- List and explain different subdivisions of run-time memory
- Windows 10 system programming, part 1
- Arduino scadabr
- Difference between compile time and runtime
- Kinect for windows runtime
- What is constructor in java
- Heapify runtime
- Matrix multiplication time complexity
- Runtime error index out of bounds
- Dynamic code generation
- Storage organization in compiler design
- Ford fulkerson runtime
- Prims algorithm runtime
- Basic runtime checks
- Python logic error
- Heapify runtime
- Control hijacking
- Umdf reflector
- Runtime error 9
- Runtime code generation
- Blackberry
- Runtime vs compile time
- In futuregrid runtime adaptable insertion service
- Futuregrid
- In futuregrid runtime adaptable
- Dfs runtime
- Curs practic de java
- Simplex algorithm runtime
- An exception is a runtime error
- Javascript runtime environment
- The control which is invisible at run time
- Casablanca runtime
- Things are explanatory parts of uml model
- Asymptotic growth
- Softuni judge runtime error
- Windows runtime component
- Spark runtime architecture
- Gcf 54 and 27
- Common anode and common cathode
- Factors of 60 and 72
- Highest common factors and lowest common multiples
- Factors of 12 and 42
- Highest common factors and lowest common multiples
- Common krait bite mark
- Hát kết hợp bộ gõ cơ thể
- Ng-html
- Bổ thể
- Tỉ lệ cơ thể trẻ em
- Gấu đi như thế nào
- Chụp phim tư thế worms-breton
- Chúa sống lại
- Các môn thể thao bắt đầu bằng tiếng bóng
- Thế nào là hệ số cao nhất
- Các châu lục và đại dương trên thế giới
- Công của trọng lực
- Trời xanh đây là của chúng ta thể thơ
- Cách giải mật thư tọa độ
- Làm thế nào để 102-1=99
- Phản ứng thế ankan
- Các châu lục và đại dương trên thế giới
- Thơ thất ngôn tứ tuyệt đường luật
- Quá trình desamine hóa có thể tạo ra
- Một số thể thơ truyền thống
- Cái miệng xinh xinh thế chỉ nói điều hay thôi
- Vẽ hình chiếu vuông góc của vật thể sau
- Nguyên nhân của sự mỏi cơ sinh 8
- đặc điểm cơ thể của người tối cổ
- Giọng cùng tên là
- Vẽ hình chiếu đứng bằng cạnh của vật thể
- Phối cảnh
- Thẻ vin
- đại từ thay thế
- điện thế nghỉ
- Tư thế ngồi viết
- Diễn thế sinh thái là
- Dạng đột biến một nhiễm là
- Số nguyên tố là số gì
- Tư thế ngồi viết