Linux kernel Analysis-analyzing the process of creating a new process for the Linux kernel

Jiang

id:fuchen1994

Experimental topic: Analyzing the process of creating a new process for the Linux kernel

1. Reading comprehension task_struct data structure http://codelab.shiyanlou.com/xref/linux-3.18.6/include/linux/sched.h#1235;

2. Analyze the kernel processing process of the fork function Sys_clone, understand how to create a new process and how to create and modify task_struct data structure;

3. Using the GDB trace to analyze a fork system calling the kernel handler Sys_clone, verifying your understanding of creating a new process for the Linux system, it is recommended to complete the experiment in the lab Building Linux virtual Machine environment.

4. Paying special attention to where the new process starts? Why does it go smoothly? That is, how the execution starting point and the kernel stack ensure consistency

Experimental process:

1.TASK_STRUCT Data structure

struct task_struct {  volatilelongvoid * int  int  struct files_struct * files; system Open File ...}

2.fork function corresponds to the kernel processing process sys_clone, understanding how to create a new process how to create and modify TASK_STRUCT data structures

return 0, parent_tidptr, child_tidptr);

is the creation of processes through Do_fork ()

The Linux system creates a child process by copying the information of the parent process, and in the Do_fork function, the copy_process function is actually replicated:

p = copy_process (Clone_flags, Stack_start, Stack_size,child_tidptr, NULL, Trace);

p = dup_task_struct (current); Creating a kernel stack

retval = Security_task_create (clone_flags);

retval = Sched_fork (Clone_flags, p); and scheduling-related settings, the CPU will dispatch this task

retval = Copy_thread (Clone_flags, Stack_start, Stack_size, p); Copies the contents of the parent process stack to the child process's stack. In this, the statement P->thread.ip = (unsigned long) in the Copy_thread function determines the first instruction address of the new process.

Create a stack function dup_task_struct:

Tsk = alloc_task_struct_node (node); Open up memory space

TI = Alloc_thread_info_node (tsk, node), Ti points to Thread_info's first address, and is the first address of two successive pages that the system assigns to the new process.

Err = Arch_dup_task_struct (tsk, orig); Copy the task_struct information of the parent process into the new task_struct

Tsk->stack = ti;task corresponding stack

Setup_thread_stack (tsk, orig); Initialize the thread info structure

Set_task_stack_end_magic (tsk); End of stack address setting data for stack end indicator

3. Use GDB trace to analyze a fork system call kernel processing function Sys_clone

Start Menu

Debugging

Start GDB

Set breakpoints

The operating system creates a new process (child process), and establishes a new table entry for it in the process table accordingly. The new process and the executable procedure of the original process are the same program; the majority of the context and data is the copy of the original process (parent process), but they are two separate processes! At this time the program register PC, in the context of the parent, child process, claims that the process is currently executing to the fork call is about to return (at this time the child process does not occupy the CPU, the child process of the PC is not really saved in the register, but as the process context is saved in the process table in the corresponding table key). The question is how to go back and split up in the parent-child process.

The parent process continues execution, and the operating system implements the fork so that the call returns the PID(a positive integer) of the child process that was just created in the parent process

The child process is dispatched at some later time, its context is swapped in, the CPU is occupied, and the operating system implements the fork , which causes the fork call in the child process to return 0. So in this process (note that this is not the parent process Oh, although it is the same program, but this is another execution of the same program, in the operating system this execution is represented by another process, from the perspective of execution and the parent process is independent of each other) pid=0. While this process continues to execute, Pid<0 is not satisfied in the IF statement, but Pid==0 is true.

4. Where does the new process begin? Why does it go smoothly? That is, how the execution starting point and the kernel stack ensure consistency

The new process starts with the ret_from_fork execution

Why does it go smoothly?

1. Inret_from_forkbefore,is inCopy_thread ()function in*childregs = *current_pt_regs (); The sentence converts the parent process'sregsparameter assignment to the kernel stack of the child process,2. *childregsis of typePt_regs,it's stored inside.SAVE AllThe parameters of the medium press into the stack3. So after theRESTORE Allcan be carried out smoothly..

Linux Kernel Analysis-analyzing the process of creating a new process for the Linux kernel