You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: lkmpg.tex
+19-21Lines changed: 19 additions & 21 deletions
Original file line number
Diff line number
Diff line change
@@ -331,7 +331,7 @@ \subsection{Hello and Goodbye}
331
331
Now have a look at \src{drivers/char/Makefile} for a real world example.
332
332
As you can see, some things get hardwired into the kernel (\verb|obj-y|) but where are all those \verb|obj-m| gone?
333
333
Those familiar with shell scripts will easily be able to spot them.
334
-
For those not, the \verb|obj-$(CONFIG_FOO)| entries you see everywhere expand into \verb|obj-y| or \verb|obj-m|, depending on whether the \verb|CONFIG_FOO| variable has been set to y or m.
334
+
For those not, the \verb|obj-$(CONFIG_FOO)| entries you see everywhere expand into \verb|obj-y| or \verb|obj-m|, depending on whether the \verb|CONFIG_FOO| variable has been set to \verb|y| or \verb|m|.
335
335
While we are at it, those were exactly the kind of variables that you have set in the \verb|.config| file in the top-level directory of Linux kernel source tree, the last time when you said \sh|make menuconfig| or something like that.
336
336
337
337
\subsection{The \_\_init and \_\_exit Macros}
@@ -488,7 +488,7 @@ \subsection{Building modules for a precompiled kernel}
488
488
insmod: error inserting 'poet_atkm.ko': -1 Invalid module format
489
489
\end{verbatim}
490
490
491
-
Less cryptical information are logged to the systemd journal:
491
+
Less cryptic information is logged to the systemd journal:
492
492
493
493
\begin{verbatim}
494
494
Jun 422:07:54 localhost kernel: poet_atkm: version magic '2.6.5-1.358custom 686
@@ -512,7 +512,7 @@ \subsection{Building modules for a precompiled kernel}
To overcome this problem we could resort to the \verb|--force-vermagic| option, but this solution is potentially unsafe, and unquestionably inacceptable in production modules.
515
+
To overcome this problem we could resort to the \verb|--force-vermagic| option, but this solution is potentially unsafe, and unquestionably unacceptable in production modules.
516
516
Consequently, we want to compile our module in an environment which was identical to the one in which our precompiled kernel was built.
517
517
How to do this, is the subject of the remainder of this chapter.
518
518
@@ -522,7 +522,7 @@ \subsection{Building modules for a precompiled kernel}
522
522
You may just want to copy it to your kernel source tree: \sh|cp /boot/config-`uname -r` .config|.
523
523
524
524
Let's focus again on the previous error message: a closer look at the version magic strings suggests that, even with two configuration files which are exactly the same, a slight difference in the version magic could be possible, and it is sufficient to prevent insertion of the module into the kernel.
525
-
That slight difference, namely the custom string which appears in the module's version magic and not in the kernel's one, is due to a modification with respect to the original, in the makefile that some distribution include.
525
+
That slight difference, namely the custom string which appears in the module's version magic and not in the kernel's one, is due to a modification with respect to the original, in the makefile that some distributions include.
526
526
Then, examine your \verb|Makefile|, and make sure that the specified version information matches exactly the one used for your current kernel.
527
527
For example, you makefile could start as follows:
528
528
@@ -606,7 +606,7 @@ \subsection{Functions available to modules}
606
606
\end{code}
607
607
608
608
with \sh|gcc -Wall -o hello hello.c|.
609
-
Run the exectable with \sh|strace ./hello|.
609
+
Run the executable with \sh|strace ./hello|.
610
610
Are you impressed?
611
611
Every line you see corresponds to a system call.
612
612
\href{https://strace.io/}{strace} is a handy program that gives you details about what system calls a program is making, including which call is made, what its arguments are and what it returns.
@@ -620,7 +620,7 @@ \subsection{Functions available to modules}
620
620
The 3rd man section is devoted to library calls, which you would probably be more familiar with (like \cpp|cosh()| and \cpp|random()|).
621
621
622
622
You can even write modules to replace the kernel's system calls, which we will do shortly.
623
-
Crackers often make use of this sort of thing for backdoors or trojans, but you can write your own modules to do more benign things, like have the kernel write Tee hee, that tickles! everytime someone tries to delete a file on your system.
623
+
Crackers often make use of this sort of thing for backdoors or trojans, but you can write your own modules to do more benign things, like have the kernel write Tee hee, that tickles! every time someone tries to delete a file on your system.
624
624
625
625
\subsection{User Space vs Kernel Space}
626
626
\label{sec:user_kernl_space}
@@ -646,7 +646,7 @@ \subsection{Name Space}
646
646
647
647
When writing kernel code, even the smallest module will be linked against the entire kernel, so this is definitely an issue.
648
648
The best way to deal with this is to declare all your variables as static and to use a well-defined prefix for your symbols.
649
-
By convention, all kernel prefixes are lowercase. If you do not want to declare everything as static, another option is to declare a symbol table and register it with a kernel.
649
+
By convention, all kernel prefixes are lowercase. If you do not want to declare everything as static, another option is to declare a symbol table and register it with the kernel.
650
650
We will get to this later.
651
651
652
652
The file \verb|/proc/kallsyms| holds all the symbols that the kernel knows about and which are therefore accessible to your modules since they share the kernel's codespace.
@@ -938,7 +938,7 @@ \subsection{Writing Modules for Multiple Kernel Versions}
938
938
\section{The /proc File System}
939
939
\label{sec:procfs}
940
940
In Linux, there is an additional mechanism for the kernel and kernel modules to send information to processes --- the \verb|/proc| file system.
941
-
Originally designed to allow easy access to information about processes (hence the name), it is now used by every bit of the kernel which has something interesting to report, such as \verb|/proc/modules| which provides the list of modules and \verb|/proc/meminfo| which stats memory usage statistics.
941
+
Originally designed to allow easy access to information about processes (hence the name), it is now used by every bit of the kernel which has something interesting to report, such as \verb|/proc/modules| which provides the list of modules and \verb|/proc/meminfo| which gathers memory usage statistics.
942
942
943
943
The method to use the proc file system is very similar to the one used with device drivers --- a structure is created with all the information needed for the \verb|/proc| file, including pointers to any handler functions (in our case there is only one, the one called when somebody attempts to read from the \verb|/proc| file).
944
944
Then, \cpp|init_module| registers the structure with the kernel and \cpp|cleanup_module| unregisters it.
The return value is a \cpp|struct proc_dir_entry|, and it will be used to configure the file \verb|/proc/helloworld| (for example, the owner of this file).
957
957
A null return value means that the creation has failed.
958
958
959
-
Each time, everytime the file \verb|/proc/helloworld| is read, the function \cpp|procfile_read| is called.
959
+
Every time the file \verb|/proc/helloworld| is read, the function \cpp|procfile_read| is called.
960
960
Two parameters of this function are very important: the buffer (the second parameter) and the offset (the fourth one).
961
961
The content of the buffer will be returned to the application which read it (for example the \sh|cat| command).
962
962
The offset is the current position in the file.
@@ -1076,7 +1076,7 @@ \subsection{Manage /proc file with seq\_file}
1076
1076
If you want more information, you can read this web page:
@@ -1138,7 +1138,7 @@ \section{Talking To Device Files}
1138
1138
This is not always enough.
1139
1139
Imagine you had a serial port connected to a modem (even if you have an internal modem, it is still implemented from the CPU's perspective as a serial port connected to a modem, so you don't have to tax your imagination too hard).
1140
1140
The natural thing to do would be to use the device file to write things to the modem (either modem commands or data to be sent through the phone line) and read things from the modem (either responses for commands or the data received through the phone line).
1141
-
However, this leaves open the question of what to do when you need to talk to the serial port itself, for example to send the rate at which data is sent and received.
1141
+
However, this leaves open the question of what to do when you need to talk to the serial port itself, for example to configure the rate at which data is sent and received.
1142
1142
1143
1143
The answer in Unix is to use a special function called \cpp|ioctl| (short for Input Output ConTroL).
1144
1144
Every device can have its own \cpp|ioctl| commands, which can be read ioctl's (to send information from a process to the kernel), write ioctl's (to return information to a process), both or neither.
@@ -1153,8 +1153,7 @@ \section{Talking To Device Files}
1153
1153
In the example below, the header file is chardev.h and the program which uses it is ioctl.c.
1154
1154
1155
1155
If you want to use ioctls in your own kernel modules, it is best to receive an official ioctl assignment, so if you accidentally get somebody else's ioctls, or if they get yours, you'll know something is wrong.
1156
-
% FIXME: use the right entry about ioctl assignment
1157
-
For more information, consult the kernel source tree at \src{Documentation/driver-api/ioctl.rst}.
1156
+
For more information, consult the kernel source tree at \src{Documentation/userspace-api/ioctl/ioctl-number.rst}.
1158
1157
1159
1158
\samplec{examples/chardev2.c}
1160
1159
@@ -1173,7 +1172,7 @@ \section{System Calls}
1173
1172
While writing the example below, I killed the \cpp|open()| system call.
1174
1173
This meant I could not open any files, I could not run any programs, and I could not shutdown the system.
1175
1174
I had to restart the virtual machine.
1176
-
No important files got anihilated, but if I was doing this on some live mission critical system then that could have been a possible outcome.
1175
+
No important files got annihilated, but if I was doing this on some live mission critical system then that could have been a possible outcome.
1177
1176
To ensure you do not lose any files, even within a test environment, please run \sh|sync| right before you do the \sh|insmod| and the \sh|rmmod|.
1178
1177
1179
1178
Forget about \verb|/proc| files, forget about device files.
@@ -1223,12 +1222,12 @@ \section{System Calls}
1223
1222
When A is removed, it sees that the system call was changed to \cpp|B_open| so that it is no longer pointing to \cpp|A_open|, so it will not restore it to \cpp|sys_open| before it is removed from memory.
1224
1223
Unfortunately, \cpp|B_open| will still try to call \cpp|A_open| which is no longer there, so that even without removing B the system would crash.
1225
1224
1226
-
Note that all the related problems make syscall stealing unfeasiable for production use.
1225
+
Note that all the related problems make syscall stealing unfeasible for production use.
1227
1226
In order to keep people from doing potential harmful things \cpp|sys_call_table| is no longer exported.
1228
1227
This means, if you want to do something more than a mere dry run of this example, you will have to patch your current kernel in order to have \cpp|sys_call_table| exported.
1229
1228
In the example directory you will find a README and the patch.
1230
1229
As you can imagine, such modifications are not to be taken lightly.
1231
-
Do not try this on valueable systems (ie systems that you do not own - or cannot restore easily).
1230
+
Do not try this on valuable systems (ie systems that you do not own - or cannot restore easily).
1232
1231
You will need to get the complete sourcecode of this guide as a tarball in order to get the patch and the README.
1233
1232
Depending on your kernel version, you might even need to hand apply the patch.
1234
1233
@@ -1341,7 +1340,7 @@ \subsection{Mutex}
1341
1340
\subsection{Spinlocks}
1342
1341
\label{sec:spinlock}
1343
1342
As the name suggests, spinlocks lock up the CPU that the code is running on, taking 100\% of its resources.
1344
-
Because of this you should only use the spinlock mechanism around code which is likely to take no more than a few milliseconds to run and so will not noticably slow anything down from the user's point of view.
1343
+
Because of this you should only use the spinlock mechanism around code which is likely to take no more than a few milliseconds to run and so will not noticeably slow anything down from the user's point of view.
1345
1344
1346
1345
The example here is \verb|"irq safe"| in that if interrupts happen during the lock then they will not be forgotten and will activate when the unlock happens, using the \cpp|flags| variable to retain their state.
To take advantage of them requires handlers to be written in assembler, so they do not really fit into the kernel.
1464
1463
They can be made to work similar to the others, but after that procedure, they are no longer any faster than "common" IRQs.
1465
1464
SMP enabled kernels running on systems with more than one processor need to solve another truckload of problems.
1466
-
It is not enough to know if a certain IRQs has happend, it's also important for what CPU(s) it was for.
1465
+
It is not enough to know if a certain IRQs has happened, it's also important to know what CPU(s) it was for.
1467
1466
People still interested in more details, might want to refer to "APIC" now.
1468
1467
1469
1468
This function receives the IRQ number, the name of the function, flags, a name for \verb|/proc/interrupts| and a parameter to be passed to the interrupt handler.
@@ -1534,18 +1533,17 @@ \section{Standardizing the interfaces: The Device Model}
1534
1533
\label{sec:device_model}
1535
1534
Up to this point we have seen all kinds of modules doing all kinds of things, but there was no consistency in their interfaces with the rest of the kernel.
1536
1535
To impose some consistency such that there is at minimum a standardized way to start, suspend and resume a device a device model was added.
1537
-
An example is show below, and you can use this as a template to add your own suspend, resume or other interface functions.
1536
+
An example is shown below, and you can use this as a template to add your own suspend, resume or other interface functions.
1538
1537
1539
1538
\samplec{examples/devicemodel.c}
1540
1539
1541
1540
\section{Optimizations}
1542
1541
\label{sec:optimization}
1543
1542
\subsection{Likely and Unlikely conditions}
1544
1543
\label{sec:likely_unlikely}
1545
-
Sometimes you might want your code to run as quickly as possible, especially if it is handling an interrupt or doing something which might cause noticible latency.
1544
+
Sometimes you might want your code to run as quickly as possible, especially if it is handling an interrupt or doing something which might cause noticeable latency.
1546
1545
If your code contains boolean conditions and if you know that the conditions are almost always likely to evaluate as either \cpp|true| or \cpp|false|,
1547
1546
then you can allow the compiler to optimize for this using the \cpp|likely| and \cpp|unlikely| macros.
1548
-
1549
1547
For example, when allocating memory you are almost always expecting this to succeed.
0 commit comments