Project 1, Linux Kernel Hacking
Download
Report
Transcript Project 1, Linux Kernel Hacking
Programming Project #1
Linux Kernel Hacking
CS-502, Operating Systems
Fall 2007
CS-502 Fall 2007
Project #1, Linux Kernel
Modifications
1
Objective
• To learn how to work with an operating
system kernel
• To understand some of the constraints and
techniques of programming in a kernel
(versus user space)
CS-502 Fall 2007
Project #1, Linux Kernel
Modifications
2
Method
• To add a new system call to the Linux
kernel
• To get useful information from the data
structures of a Linux kernel
CS-502 Fall 2007
Project #1, Linux Kernel
Modifications
3
Background – User vs. Kernel mode
• Hardware provides two modes
– Indicated by bit in PSW
• Allows OS to protect itself & system components
against
– Faulty and malicious processes
• Some instructions designated as privileged
– Only executable in kernel mode
• System call, all traps, & interrupts change mode
from user to kernel
– return from system call resets mode to user
CS-502 Fall 2007
Project #1, Linux Kernel
Modifications
4
Transition from User to Kernel Mode
• Note: each different system call has its own
number or other identity.
• Kernel trap handler uses syscall number to index
into table of syscall routines
CS-502 Fall 2007
Project #1, Linux Kernel
Modifications
5
Inside Kernel, the OS can …
• Read and modify data structures not in user
address space
• Control devices and hardware settings
forbidden to user processes
• Invoke operating system functions not
available to user processes
• …
CS-502 Fall 2007
Project #1, Linux Kernel
Modifications
6
Accessing the Kernel via System Call
• Normally embedded within a library routine
• User API never makes system calls directly
• System call mechanism is machine specific
• Different CPU architectures make system calls in
different ways
• System call numbers different for various
architectures
• Even for same operating system & version!
• E.g., poll system call is #167 on PowerPC but #168
on Intel 386 platforms (in SUSE Linux 9.3)
CS-502 Fall 2007
Project #1, Linux Kernel
Modifications
7
Accessing Kernel via Library interface
CS-502 Fall 2007
Project #1, Linux Kernel
Modifications
8
Accessing Kernel via Library interface
CS-502 Fall 2007
Project #1, Linux Kernel
Modifications
9
In this project, we will …
• Add a new system call to the Linux kernel
– It does nothing except announce its presence
• Add a second system call to provide information
about the calling process
– Information not readily available via existing system
calls
• Follow Linux naming & numbering conventions
CS-502 Fall 2007
Project #1, Linux Kernel
Modifications
10
In this project, we won’t …
• … bother to make a library to encapsulate
our systems calls
• … try to support them on all machine
architectures
CS-502 Fall 2007
Project #1, Linux Kernel
Modifications
11
Part 1: Adding a System Call
• See Silbershatz, pp 74-78
• Similar problem statement
• Many details are different (due to version of Linux)
• Many how-to details in Robert Love, ch. 5
• System Calls
• Clone a new kernel tree as in Project 0
• cp –al /usr/src/linux-2.6.18.8-0.5 kernelSrc
• Remember to build to a destination – e.g. ~/kernelDst
CS-502 Fall 2007
Project #1, Linux Kernel
Modifications
12
Linux Conventions (all versions)
• If your library routine is alarm, …
• … then the corresponding system call is
sys_alarm
• … and the corresponding function prototype for
its kernel implementation is
asmlinkage unsigned long sys_alarm (unsigned
int seconds)
• Note that asmlinkage is a compiler directive that
tells gcc how to compile calls to the function
sys_alarm within the kernel
CS-502 Fall 2007
Project #1, Linux Kernel
Modifications
13
Linux Conventions (continued)
• To invoke alarm system call from a library
routine in user space, use macro
_syscall1(unsigned long, alarm, unsigned int
seconds)
• _syscalln
has n+2 arguments
• Return type
• Name of actual system call (in user space)
• Arguments to system call function
• This macro defines the function
unsigned long alarm(unsigned int seconds)
CS-502 Fall 2007
Project #1, Linux Kernel
Modifications
14
Hello, World!
• Our first system call will be helloworld
• No arguments
• Return int
CS-502 Fall 2007
Project #1, Linux Kernel
Modifications
15
helloworld System Call
• /* This is the text of the helloworld
system call implementation */
asmlinkage long sys_helloworld(void) {
printk(KERN_EMERG “Hello, world!\n”);
return 0;
}
• Add to the file
kernelSrc/kernel/sys.c
CS-502 Fall 2007
Project #1, Linux Kernel
Modifications
16
helloworld System Call
• /* This is the text of the helloworld
system call */
asmlinkage long sys_helloworld(void) {
printk(KERN_EMERG “Hello, world!\n”);
return 0;
}
• Add to the file
kernelSrc/kernel/sys.c
CS-502 Fall 2007
Project #1, Linux Kernel
Modifications
17
printk(), the Kernel Debug Print Tool
• Very robust
•
•
•
•
May be called from (almost) anywhere in kernel
Same calling convention as printf()
Writes to system log
Output survives crashes (almost all of the time)
• To read output, see
• /var/log/messages
• Needs root privileges to read
• Circular log, newest messages at end
• See Linux Kernel Development, 2nd edition, by
Robert Love, Chapter 18.
CS-502 Fall 2007
Project #1, Linux Kernel
Modifications
18
More on reading the syslog
• SUSE Linux implements syslog-ng
• Newer, more powerful logging tool
• Filters messages, etc.
• Difficulty seeing our printk() messages
• Try instead
• /bin/dmesg
• cat /proc/kmsg in another shell window (with root
privileges)
CS-502 Fall 2007
Project #1, Linux Kernel
Modifications
19
helloworld System Call
• /* This is the text of the helloworld
system call implementation */
asmlinkage long sys_helloworld(void) {
printk(KERN_EMERG “Hello, world!\n”);
return 0;
}
• Add to the file
kernelSrc/kernel/sys.c
CS-502 Fall 2007
Project #1, Linux Kernel
Modifications
20
Registering your System Call
• include/asm-i386/unistd.h
– Add entry for your call number
– Increment total number of calls
• arch/i386/kernel/syscall_table.S
– Lists entry points for system calls
– Must be kept in numerical order!
– Number must correspond to entry in unistd.h
• Rebuild and install your kernel
CS-502 Fall 2007
Project #1, Linux Kernel
Modifications
21
Note #1
• On i386 architecture, the syscall table
has moved since
• Robert Love’s book
• CS-502 last fall
• It used to be in
– arch/i386/kernel/entry.S
• But now it is in
– arch/i386/kernel/syscall_table.S
– … which is included by entry.S
CS-502 Fall 2007
Project #1, Linux Kernel
Modifications
22
Note #2
• The x86_64 architecture does it differently
– Everything is in
include/asm-x86_64/unistd.h
– Add to the list
#define
251 /*next number in list*/
__SYSCALL(__NR_helloworld, sys_helloworld)
• No need to edit entry.S
CS-502 Fall 2007
Project #1, Linux Kernel
Modifications
23
Note #3
• Remember: – to edit a source file foo.h in
your kernel tree
– Move it to foo.h~
– Make changes and save to foo.h
CS-502 Fall 2007
Project #1, Linux Kernel
Modifications
24
Testing your System Call
• #include
#include
#include
#include
<linux/errno.h>
<sys/syscall.h>
<linux/unistd.h>
<stdio.h>
#define __NR_helloworld
288
whatever you set it in unistd.h */
/* or
_syscall0(long, helloworld);
main () {
printf(“The return code from the helloworld
system call is %d\n”, helloworld());
}
• Check log for the printk() message!
CS-502 Fall 2007
Project #1, Linux Kernel
Modifications
25
Creating a Patch File
• One level above kernel source tree, do
diff –urN /usr/src/linux-2.6.18.8-0.5 kernelSrc > patch1
• To recreate your directory from patch
– cp –al usr/src/linux-2.6.18.8-0.5 newSrc
– cd newSrc
– patch –p1 < patch1
• Do not prefix name of kernelSrc directory or use
fully qualified name
– E.g, ~/kernelSrc, ./kernelSrc
CS-502 Fall 2007
Project #1, Linux Kernel
Modifications
26
Submission – Part 1
• Patch1
• Test program and Makefile
• Short write-up explaining what you
observed
• Via web-based turnin
– http://turnin.cs.wpi.edu:8088/servlets/turnin.ss
– This is “Project1, Part1”
– Part 1 is due by Monday, September 24
CS-502 Fall 2007
Project #1, Linux Kernel
Modifications
27
End of Part 1
Questions?
CS-502 Fall 2007
Project #1, Linux Kernel
Modifications
28
Part 2: Get Process Information
• Modify your kernel of Part 1 to add another
system call to get information about process
• Please leave helloworld system call in place!
• System call is
– long getprinfo(struct prinfo *info)
– info is pointer to caller area to store results
– Returns zero if successful, error code if not
• See handout for definition of struct
CS-502 Fall 2007
Project #1, Linux Kernel
Modifications
29
prinfo
Information needed for prinfo
• See task_struct in include/linux/sched.h
• See getuid and getpid for examples of
simple system calls
• See include/asm/current.h to find current
process information
• Use copy_to_user to safely copy data from
kernel to user space (next slide)
• Return EFAULT error code if info argument
is not valid pointer in user space
CS-502 Fall 2007
Project #1, Linux Kernel
Modifications
30
copy_to_user
and
copy_from_user
• Functions to safely copy data to/from user
space
• Check validity of pointer arguments for
your
• Return zero if successful, number of bytes
that fail if there is a problem
• Immune to page faults, pre-emption, null
pointers, other errors, etc.
CS-502 Fall 2007
Project #1, Linux Kernel
Modifications
31
Implementing getprinfo System Call
• Add after helloworld system call from Part 1
• Create and implement in
– kernel/prinfo.c, with Makefile edits
• Register in unistd.h
– And in syscall_table.S if i386
• Use printk() to print debugging statements
to system log
– For your debugging convenience
CS-502 Fall 2007
Project #1, Linux Kernel
Modifications
32
Testing getprinfo
• Write test program in user space
• Must have own user space version of prinfo.h
• Must have own Makefile
• Run multiple times from same shell,
different shell, different processes
• Note differences in results
• Compare with what you can find about
processes from ps command
CS-502 Fall 2007
Project #1, Linux Kernel
Modifications
33
Submission – Part 2
• Patch2
– Difference between original source tree and Part 2
kernel.
• User space test program
– Include file(s)
– Test program itself
– Makefile
• Short writeup with results
• Submit using web-based turnin program
– http://turnin.cs.wpi.edu:8088/servlets/turnin.ss
CS-502 Fall 2007
Project #1, Linux Kernel
Modifications
34
Submission (continued)
• Put your name on all documents and at top
of every edited file!
CS-502 Fall 2007
Project #1, Linux Kernel
Modifications
35
Due Dates
• Pace yourself:–
– Part 1 is due by Monday, September 24
– Part 2 is due by Monday, October 1
• Part 1 should not take all week
• Part 2 may take more than one week
– Start on Part 2 before September 24!
• Report to instructor any difficulties
CS-502 Fall 2007
Project #1, Linux Kernel
Modifications
36
Questions?
CS-502 Fall 2007
Project #1, Linux Kernel
Modifications
37