20135201 Li Chenxi "Three layers of skins" in the fourth week of the "Linux kernel Analysis" system call

Li Chenxi no reprint "Linux kernel Analysis" MOOC course http://mooc.study.163.com/course/USTC-1000029000

I. User-state, kernel-state, and interrupt-handling processes

1. The way we deal with system calls is through library functions

2. General modern CPUs have several different levels of instruction execution

Because if all the programmers write code can have privileged instructions, the system will easily crash.

3. Difference:

1. In a high-level state, code can execute privileged instructions and access arbitrary physical addresses.
2. Under the corresponding low-level execution state, the control of the code will be limited.
3. Intel x86 CPUs have four different levels of execution 0--3,linux just use 0 and three to represent the kernel State and user state.

Two. Interrupt processing (interrupt processing is the main way to enter the kernel state from the user state)

1. Enter the kernel state from the user state: The register context of the user state must be saved

2. Interrupt/int Instruction holds the value of the Register on the stack: User state/kernel stack top address (SS:ESP), status Word (eflags), Cs:eip value (point to interrupt Service entry when kernel state)

Three. Overview of system calls and three-layer skins for system calls

1. Meaning of the system call:

The operating system provides a set of interfaces for user-state processes to interact with hardware devices-system calls:

Freeing users from the underlying hardware programming, greatly improving the security of the system, and portability of user programs.

2.API and system calls

API: Application programming interface, is a function definition

System call: A soft interrupt sends a clear request to the kernel

Some APIs defined by the 3.LIBC Library reference the encapsulation routines (the only purpose is to publish system calls)

Typically each system call corresponds to an encapsulation routine

Library uses encapsulation routines to define the API for the user

4. Not every API corresponds to a specific system call

API provides direct user configuration services, such as mathematical functions

API can invoke several system calls

Different APIs can invoke the same system call

5. Return value

The encapsulation routine returns an integer meaning dependency to the corresponding system call

1 indicates that the kernel does not meet the requirements of the process

LIBC defined errno variable contains a specific error code

6. Three-layer skins for system calls:

Xyz,sysytem_call and SYSYTEM_XYZ

(1) Interrupt vector 0x80 and system_call bind together

(2) The system call number Associates XYZ with SYS_XYZ (using EAX)

Four. Triggering the same system call using the Library function API and the embed assembly code in C code

The code is as follows:

Code:

time.c#include <stdio.h>#include <time.h>int main(){    time_t tt;//int型数值    struct tm *t;    tt = time(NULL);    t = localtime(&tt);//强制类型转换，便于输出    printf("time:%d:%d:%d:%d:%d:%d:\n",t->tm_year+1960,t->tm_mon,t->tm_mda,t->tm_hour,t->tm_min,t->tm_sec);    return 0;}

1. Use the Library function API to get the current time of the system

How to embed assembly code in 2.C code:

_asm_ (

Assembly Statement Template:

Output section:

Input section:

Destruction of the description section);

3. Triggering system calls using embedded assembly code in C code get system current time

The result is the year, month, day, hour, minute, and second of the printed system time.

Experiment (select 2nd system call fork)

Results:

Compile:

Five. Summary

1. The system call is a set of interfaces that the operating system provides for the user-state process to interact with the hardware device, and is a special interrupt that allows the user state to switch to the kernel state. When the user-state process invokes a system call, the CPU switches to the kernel state and starts executing a kernel function.

2. System call mechanism, is to make a number of system calls in order in accordance with the sequence of the black box, as long as you know the number of a system call, according to its API or assembly format call method, you can use the function of this black box, complete a certain task, and the contents of the black box is the system to provide us with services, Help us pull out of the hardware operation, improve the security of the system.

20135201 Li Chenxi "Three layers of skins" in the fourth week of the "Linux kernel Analysis" system call