Linux Driver Pen Test summary __linux

Linux Driver Pen Test summary

The questions are taken from the network and used for the people. Recently in the study of Linux drivers, driving development in the written test when the knowledge points are the law to follow, and these pastries are usually driving the work of the theoretical guidance, a deep understanding of these points is still very necessary, so in this summary record, I believe will be used.
PS: After the interview drive, who is asking me these questions, I despise dead him. Authoritative answer to the whole Simon B he. the difference between kernel space and user space in 1:linux. How user space communicates with the kernel.

For:
-in 32-bit schema CPUs, the physical memory size is limited to 4G. Linux 4G memory into two parts, 0~1g for kernel use, 1~4g for users, the process runs in kernel, is run in 0-1g, the process runs in user space, is run in 1-4g.
-User space and kernel space communication methods have those.
1. Using APIs: This is one of the most commonly used methods.
A.get_user (X,PTR): called in the kernel, gets the value of the user-space-specified address and saves it to the kernel variable x.
B.put_user (X,PTR): called in the kernel, saves the value of the kernel space variable x to the user space at the specified address.
C.copy_from_user ()/copy_to_user (): Mainly used in device-driven read-write functions, triggered by system calls.
2. Using the proc file system: Similar to the Sysfs file system, it can also be used as a means of interacting between kernel space and user space.
3. NetLink
4. Using the MMAP system call
5. Signal
Kernel space and user space communication way 2:linux memory partition and how to use. The concept of virtual address and physical address and the transformation between each other, the concept of high-end memory.

1. User virtual address
     This is a regular address that can be seen in the user-space process. Each process has its own virtual address, and can use more space than the physical memory size.
 2. Physical Address
     The address is used between the processor and the system memory, and corresponds to the physical address.
 3. Bus address
     did not understand, do not say.
 4. The kernel logical address
     kernel logical address consists of the kernel's regular address space. This address maps some (or all) of the memory and is often treated as a physical address. The
     logical address uses the hardware-built pointer size, so it cannot address all of the physical memory in a 32-bit system with a large amount of memory installed.
     logical addresses are usually stored in variables of type unsigned long or void *. The memory returned by Kmalloc is the kernel logical address.
     (The above paragraph is very important, must understand, suggest oneself use marker red)
 5. Kernel virtual address
     kernel virtual address and Physical address mapping do not have to be one-to-one, and this is the characteristics of the virtual address.

     all logical addresses are kernel virtual addresses, but many kernel virtual addresses are not logical addresses. The memory allocated by Vmalloc is a virtual address.
     You can refer to the following address:  

Detailed memory

Summary: The role of high-end memory is used to establish temporary address mapping, for kernel application user space memory 3:linux interrupt implementation mechanism, Tasklet and workqueue differences and the underlying implementation of the difference. Why do you want to distinguish between the upper half and the lower part.

For:
The difference between Tasklet and Workqueue.
Tasklet runs in the interrupt context, blocking, hibernation is not allowed, and Workqueue runs with the process context, and can hibernate and block.
Why do you want to distinguish between the upper half and the lower part.
The interrupt service program executes asynchronously, which may disrupt other important code, including other interrupt services programs. Therefore, in order to avoid interrupted code delays too long, the interrupt service program needs to run as soon as possible, and the shorter the execution time is better, so interrupt the program only to do the necessary work, other work deferred to later processing. So Linux cuts the interrupt processing to two parts: the upper half and the lower half. The top half is the interrupt handler, and the less work it needs to do, the better, the quicker it executes, and the sooner it receives an interrupt, the sooner it starts executing. Tasks such as time-sensitive, hardware-related, and requiring assurances not to be interrupted by other interrupts are often executed in an interrupt handler, while the remaining tasks that are relevant to the interrupt but can be deferred, such as manipulation of the data, are deferred by the lower half. The lower half is deferred and all interrupts can be performed during execution, thus making the system as short as possible in the interrupt-shielding state, improving the system's responsiveness. Implementation of the program to run fast at the same time more work to achieve the goal. 4:linux the interrupted response execution process. Interrupted request and when to execute (when the interrupt handler function is executed).

Interrupted response process: CPU Accept Terminal-> Save interrupt context jump to interrupt process-> execution interrupt upper half-> execution interrupt lower half-> resume interrupt context.
The correct location of the interrupted application Request_irq: It should be before the first time the hardware is told to the terminal. the synchronization mechanism in 5:linux. The difference between spinlock and signal volume.

Synchronization mechanism in Linux: Spin lock/semaphore/read/loop buffer
Spinlock when the lock is not available, the program loops access the lock, and performance drops
The semaphore sleeps when the lock is not available, and continues execution when the lock is acquired.