Linux and Security "Linux kernel Design and implementation" Chapter III--20135227 Huang

Chapter III

(Because Linux does not differentiate between processes and threads, they are called tasks in Linux, also called Task)

Summary: This chapter mainly includes the concepts and definitions of processes and threads, how the Linux kernel manages each process, how they are enumerated in the kernel, how they are created, and how they eventually die out. The operating system has the meaning of running the user program, process management is the heart of all operating systems.

3.1 Process

A process is a program that is in the execution period and is a real-time result of executing program code. But not limited to an executable code, but also includes other resources (open file, pending signal, kernel internal data, processor state, one or more memory mapped memory address space, one or more execution threads, data segments that hold global variables)

Thread

The execution thread, which is the thread, the active object in the process, is the kernel-dispatched object. (The kernel is not a dispatch process yo ~) Each thread has a separate counter, process stack, and a set of process registers.

Two virtual mechanisms provided by the process:

Virtual Processor: Gives the process an illusion of its own in the exclusive processors

Virtual Memory: Let the process feel that it has all the memory resources of the whole system when allocating and managing memory space

Program

Processes that process the execution period and the associated resources collectively.

The entire cycle of the process

From the moment it was created (typically fork () system call creation), then call EXEC () to create a new address space and load the new program, and the final program exits execution through the exit () system call. The process exits execution and is set to a zombie state until its parent process calls wait () or waitpid ().

3.2 process descriptors and task structures

Structure of the process descriptor:

Task_struct, defined in the <linux/sched.h> file. A two-way loop linked list of task queues (where the kernel holds the process lists), each of which is task_sturct. It contains all the information of a specific process (open file, process address space, pending signal, status of process, etc.)

3.2.1 Assigning process descriptors

Linux allocates task_struct structures through the slab allocator. You only need to create a new struct thread_info on the bottom of the stack (for the stack that is growing down) or the top of the stack (the stack that grows upward) to dynamically generate the task_struct structure.

The thread_info of each task is allocated at the end of its kernel stack. A task field in the structure holds the actual task_struct pointer to the task.

3.2.2 storage of process descriptors

The kernel identifies each process through a unique PID process identifier (whose type is pid_t, but is actually an int). The kernel puts the PID in their respective process descriptors. Its default value is 32768 (max for short int), which represents the maximum number of processes allowed to exist in the system. (You can increase the upper limit by/proc/sys/kernel/pid_max.)

Accessing a task requires obtaining a task_struct pointer, and it is important to find the speed of the process descriptor through the current macro. X86 the end of the kernel stack creates a thread_info structure that is indirectly searched by offsets. Stack size (8KB) needs to be shielded from the back 13 bits (8192), 4KB shielded 12 bits (4096)

Assembly Code:

Figure

Return:

Figure

X8 registers are too few to do this, in fact access to the process descriptor is a very frequent operation, so more registers of the operating system, will use a special register to save the task_struct.

3.2.3 Process Status

The process descriptor state describes the current status of the process:

Task_running Run

Task_interruptible interruptible (blocked)

Task_uninterruptible Non-disruptive

_task_traced is tracked by other processes

_task_stoppped stop

Figure 3

3.2.4 Set Current process state

Use the Set_current_stste (state) or set_task_state (current,state) function.

Figure 4

Equivalent to

Figure 5

3.2.5 Process Context

Executable code is loaded from an executable file into the process address space execution. When it falls into the kernel, the kernel "represents process Execution" and is in the context of the process, where the current macro is valid.

3.2.6 Process Family Tree

There is an obvious inheritance relationship between processes. All processes in a Linux system are descendants of the pid=1 process. (The pid=1 process is the init process started in the last phase of operating system startup)

The inheritance relationships between processes are stored in the process descriptor. (Task_struct structure)

Gets the process descriptor of the parent process

Figure 6

Gets the process descriptor for the child process

Figure 7

Because of this inheritance, we access all the other processes in the task list from any process. Thankfully the task queue itself is a doubly linked list, so it is easy to implement.

Get the next process:

Figure 8

Get previous process

Figure 9

Traverse the entire process queue (no need to traverse, because it is expensive)

Figure 10

3.3 Process Creation

Divided into three steps: 1. Create a process in the new address space 2. Read in the executable file 3. Start execution

3.3.1 write-time copy

A write-time copy is a technique that lets the child parent process share the same copy.

Equivalent resources are copied only when they need to be written, and are previously shared in a read-only manner.

3.3.2fork ()

Do_fork () completed most of the work of the creation process, where copy_process completed the work:

1) Call Dup_task_struct () to create a kernel stack for the new process, Thread_info, task_sturct These values are synchronized with the current process

2) Check whether the number of processes owned by the user exceeds the limit

3) The child process begins to differentiate itself from the parent process

4) Set child process status to non-disruptive

5) Call Copy_flags to update the flag member

6) Call Alloc_pid () to assign a valid PID to the new process

7) Pass parameter identification

8) Returns a pointer to a child process

3.3.3vfork ()

In addition to not copying page tables, it is the same as fork.

Figure 11

3.4 Thread in Linux implemented in

Threads are abstracted by Linux into a unit that consumes less resources and runs quickly.

3.4.1 Creating Threads

is similar to the creation process, but some flag parameters are required to be passed in call Clone ()

Figure 12

The meaning of the parameter:

Figure 13

3.4.2 Kernel Threads

Kernel background tasks are typically performed through kernel threads, kernel threads do not have a separate address space to run only on the kernel, the kernel thread starts running until it is called DO_EX () exits, or the other part of the kernel calls Thread_stop () exits.

3.5 Process End

At the end, you release the resource and inform the parent process. Most tasks are done by Do_exit ().

Figure 14

3.5.1 Delete Process Descriptor

After calling Do_exit (), the thread is zombie but retains its process descriptor. The process description characters of the child process is freed after the parent process obtains the terminated child process information, or it notifies the kernel that it is not concerned about that information.

Wait () is the process that suspends calling it until one of the child processes exits, and the function returns the PID of the child process.

Release_task is the final execution of the release process descriptor into the function:

Figure 15

3.5.2 the dilemma caused by the orphan process

If the parent process exits before the child process, a new father needs to be found for the child process. If not found, let Init be their parent process

3.6 Summary

Summarize:

This chapter mainly includes the concepts and definitions of processes and threads, how the Linux kernel manages each process, how they are enumerated in the kernel, how they are created, and how they end up dying. The operating system has the meaning of running the user program, process management is the heart of all operating systems.

Linux and Security "Linux kernel Design and implementation" Chapter III--20135227 Huang