Final summary of Linux kernel analysis

Final summary of the Linux kernel analysis 20135313 Wu Ziyi. Beijing Institute of Electronic TechnologyChapter1 to the past period blog portal(1) How the computer works:Linux kernel Analysis-the first week of study notes (2) How the operating system works: Linux kernel Analysis-second-week learning notes (3) Linux system boot process: Linux kernel Analysis-third week study notes (4) method of system call: Linux kernel Analysis-- The four-week learning note Linux Kernel Lab job four (5) Analysis System_call interrupt processing: Linux kernel Analysis-- Week Five Study notes Lab assignment: Make GDB trace analyze a system call kernel function (6) analyzing the Linux kernel's process of creating a new process: Linux kernel Lab job six Linux kernel analysis-- Six weeks Study notes (7) How Linux loads and launches an executable program: Linux kernel Lab job six (8) understand process scheduling timing and process switching process: Linux kernel analysis-eighth Week study notes Chapter2 knowledge point grooming 1. How does a computer work?

Stored program computer working model: von Neumann architecture X86 Assembly Basics: CPU Registers (general purpose registers, segment registers, flag registers), common assembly directives, stack compilations a simple C program analyzes its assembly instruction execution process

2. How does the operating system work?

function call stack using the Linux kernel part source code to simulate the storage program computer working model and clock interrupt constructing a simple operating system kernel on the basis of Mykernel three magic Weapon:

• Stored program computers: Logical framework for all computer fundamentals
• Stack: A starting point for a high-level language, a function call requires a stack mechanism
• Interrupt mechanism: The basis of multi-channel system is the key to improve the efficiency of computer

3. Construct a simple Linux system menuos

• Introduction to Linux kernel source code

Arch: Support different CPU source code, the key directory includes: documentation, drivers, firewall, FS, include and so on documentation: Document directory fs: File System · Init: Kernel boot-related code MAIN.C, makefile, etc. are basically in this directory. (The Start_ kernel function in MAIN.C is the starting point for the Linux kernel, that is, the starting point for initializing the kernel) kernel:linux kernel Core code in the kernel directory. lib: Common library file mm: Code scripts for memory management: script-related code security: Security-related Code Sound directory: Sound-related code Tools Catalog: Tool-related code NET: network-related code · Readme: Describes what Linux,linux can run on which hardware, how to install kernel source code, etc.

• To construct a simple Linux system

CD Linuxkernel/qemu-kernel LINUX-3.18.6/ARCH/X86/BOOT/BZIMAGE-INITRD rootfs.img

The QEMU command is to impersonate the kernel to boot the virtual machine, starting the Linux kernel requires three parameters (kernel, initrd, root partition and directory), and the first file executed is init. -kernel indicates that the kernel file name-INITRD indicates the root filesystem and starts the init file in it. (Menuos source code compilation->INIT->ROOTFS.IMG) where rootfs.img is the root file system, currently only supports Help, version, quit function. Startup process: Boot kernel--Start init-> boot process

• Tracing the boot process of the debug Linux kernel

Qemu-kernel LINUX-3.18.6/ARCH/X86/BOOT/BZIMAGE-INITRD Rootfs.img-s-S

4. The three-layer skin (top) of the system call is clawed

(i) User state, kernel state and interrupt processing process

Kernel state: There are several levels of command execution for the general modern CPU. At high execution level, the code can execute privileged instructions to access any physical address, which corresponds to the kernel state of the user state: in the corresponding low-level execution state, the code is limited in control, only the corresponding level allows the active interrupt processing is the main way to enter the kernel state from the user state, interrupt/ The int instruction holds the value of some registers on the stack: such as the user-state stack top address, the current status word, the value of the CS:EIP at the time (the entry of the current interrupt program)

(ii) Overview of system invocation

A system call is a set of interface system invocation overviews and system calls that the operating system provides for the user-state process to interact with the hardware device three layers of skins: xyz (API), system_ call (Interrupt vector), SYS_XYZ (Interrupt service program for interrupt vectors)

(iii) triggering the same system call using the Library function API and the embed assembly code in C code

Use the Library function API to get the system current time C code in the Embed assembly code method using c code embedded assembly code to trigger system calls to get system current time

5. Three-layer peel of the application system (bottom)

RM MENU-RF//Force Delete current Menugit clone Http://github.com/mengning/menu.git   //re-clone new version of MENUCD Menulsmake Rootfs// Rootfs is a pre-written script that automatically compiles the root file system automatically, and automatically starts MENUOSVI test.c  //enters test.c file Menuconfig ("Getpid", "Show Pid", getpid); Menuconfig ("Getpid_asm", "Show Pid (ASM)", getpidasm);  In the main function, add menuconfig () int getpid (int argc,char *argv[]); int getpidasm (int argc,char *argv[]); Add the corresponding getpid and getpidasm two functions make Rootfs//compile

Chapter 3 Key Issues

Portal: http://www.cnblogs.com/paperfish/p/5293913.html

Chapter 4 Summary

In the course of following the net course, I have a very full week. Although the weekly course time is not long, but every minute is the essence. During the first week of basic knowledge, I mastered the structure of the computer-the von Neumann architecture and the x86 assembly instruction base. In particular, the x86 compilation foundation, can be said to be throughout the learning process. In addition to the teaching of knowledge, the teacher will also decorate with knowledge-related experiments, let us through their hands-on practice, faster mastery of the classroom and knowledge of the classroom has a more profound understanding and mastery.

first week: Understanding "How computers work"

1, the computer is based on the von Neumann body storage structure, according to its core idea--the Memory program computer work model, according to the Order of the program arrangement, step by step take out the instruction, automatically completes the instruction stipulation operation.

2, the work of the computer is actually concentrated in the CPU and for its transmission of data on the address bus. The bottom-up operation of a computer is actually an n-type instruction.

3, the CPU can be abstracted into a for loop, always executes the next instruction from memory. Memory is responsible for saving instruction data, and the CPU is responsible for interpreting execution instructions and data. The memory is connected to the CPU via the bus.

4. A key register IP in the CPU always points to an area in memory. When the computer is working, it takes an IP-directed instruction from memory to the CPU, extracts the data from the memory for the specified operation and logical operation as required by the instruction, and then sends the result to the memory.

Week Two: clarifying the understanding of how the "operating system works"

The basis of operating system work: Stored program computer, stack mechanism, interrupt mechanism. The operating system is the program to manage computer hardware and software resources, but also the core and cornerstone of the computer system. Operating system is to manage all the hardware resources of computer system including software resources and data resources, control program operation, improve human-machine interface, and support other application software, so as to maximize the function of all resources of computer system and provide users with convenient, effective and friendly service interface. The operating system is a large management control program, which roughly includes 5 management functions: Process and processor management, job management, storage management, device management, file management. The Linux system has a process table, and a process is one of them. Each item in the Process Control table is a TASK_STRUCT structure that stores a variety of low-level and advanced information in the TASK_STRUCT structure, including links from the registers of some hardware devices to the working directory of the process. The Process Control table is both an array, a doubly linked list, and a tree, and its physical implementation is a static array that includes multiple pointers. Once the system is started, the kernel is typically represented as a process. A global pointer variable, pointing to Task_struct, is used to record a running process.

third week: clarifying the understanding of the "Linux system startup process"

Sched_init () initializes the No. 0 process, which is the idle process, within the initialization function. Then Rest_init () Other initialization functions, within the function, will create a 1th process, the init process. Then Rest_init is actually the Start_kernel kernel will always exist when the boot, this is called the No. 0 process; process # No. 0 created process kernel_init and other service threads. This is the boot process of the kernel.

Week Fourth: working mechanism of system invocation

The system invocation mechanism is that the system call is packaged into a wrapper routine, then passed to the LIBC library, reserved by the LIBC Library Reference, and then libc the library to the API. Users use the system to invoke various functions indirectly through the API. That is, the system call is the function of the kernel state encapsulated by the library function.

Its three layers of skins are: API, interrupt vector, interrupt service program.

Week Fifth: "system invoke process and extension to interrupt processing"

The specific system call is bound to the system call number and is then documented in a system call table, each time the system call is made through such a binding relationship, the system call number is used to find the system call table and then find the location of the corresponding system call.

Similarly, the interrupt processing process is the same, it also through the interrupt vector number as an index to look up the table, and then execute the corresponding specific interrupt handler to deal with the interruption.

In short, "Two & two sheets".

Sixth Week: understanding of the "Linux system creates a new process"

Linux creates a new process by replicating the parent process, implementing it by calling Do_fork and assigning a structure dynamically to each newly created process task_struct . In order to organize all the processes in the kernel, Linux provides several organizational ways, in which the hash table and the two-way loop list are for all processes in the system (including kernel threads), while the run queue and wait queue are organized by the process in the same state.

The fork () function is called once, but returns two times.

The following is the process creation flowchart:

You can copy an existing process by fork to produce a child process that is almost but not exactly the same as the parent process. The child process obtains a copy of the same user-level virtual address space as the parent process, including code snippets, data segments and BSS segments, heaps, and user stacks. The child process also obtains the same copy as any open file descriptor of the parent process, the biggest difference being that they have different PID.

Week seventh: "Linux kernel mounts and launches an executable program"

Linux reads, recognizes, and loads elf from the file system via the SYS_EXECVE () system call .

After calling Sys_execve, execute the procedure:

1	do_execve -> do_execve_common -> exec_binprm->load_elf_binary()->sys_close

According to the ELF library type, Elf_entry is not the same. The load_elf_binary writes different entry addresses through the parser.

<<< Flowchart: (execve–> do--execve–> search_binary_handle–> load_binary)

<<< stack change diagram (how parameter blocks and environment blocks are uploaded to the new process):

Week Eighth: understanding of the "general implementation process for Linux systems"

In terms of scheduling, kernel threads can call schedule () for process switching, or they can be dispatched during interrupt processing, which means that kernel threads can be dispatched as a special class of processes or passively. The schedule () function implements the process scheduling, Context_ switch completes the process context switch, Switch_ to complete the register switch. The user-state process cannot implement the active scheduling, but can only be dispatched by a point in time after the kernel state, that is, scheduling during interrupt processing.

I have such a brief summary of the Linux kernel analysis (other details can be seen in the weekly blog I understand in detail)

Linux system is divided into the user state and the kernel state, like a ball has inside and outside of the points, and in which run is called process. The communication kernel state and the user state are called system calls, and the system calls are implemented through interrupt handlers, APIs (application programming interfaces) and different service programs. The creation of a process is implemented by the Do_fork () function. The general execution of a Linux system can be abstracted as the process of running user-state process x switching to running user-state process y

1.   The running user-state process X2.   An interrupt occurred--save cs:eip/esp/eflags (current) to kernel Stack,then load Cs:eip (entry of a specific ISR) and SS:ESP (point to Kernel Stack). 3.   Save_all//Save site 4.   Schedule () was called before interrupt processing or the interrupt was returned, where the switch_to made a critical process context switch 5.   The user-state process y is started after the label 1 (where Y has been switched out through the above steps so that it can continue from label 1) 6.   Restore_all//Recovery site 7.   Iret-pop cs:eip/ss:esp/eflags from kernel stack8.   Continue to run user-state process y

Since the study, I think my most important harvest is the improvement of self-study ability, as a college student, self-study ability is particularly important, and MOOC precisely training our ability to learn, this harvest can be said to benefit for a lifetime.

Speaking of regret: I think my study in the net class, every week is very regular and very substantial. But at the end of the day there was a rush of haste, which suddenly ended when I looked forward to the new week's knowledge. It was a surprise. I think the learning of Linux is like the learning of skills in our daily life. The teacher led the door. It also needs the students ' own experience and depth. I will continue to read and study.

Chapter 5 Appendix

Wu Ziyi

Study No.: 20135313

Original works reproduced please indicate the source

"Linux kernel Analysis" MOOC course http://mooc.study.163.com/course/USTC-1000029000

Final summary of Linux kernel analysis