Linux Security Second week summary

20135336 Wang Weixian

"Linux kernel Analysis" MOOC course http://mooc.study.163.com/course/USTC-1000029000

First, the experimental process

CD linuxkernel/linux-3.9. 4  -kernel Arch/x86/boot/bzimage

Then CD Mykernel you can see the contents of the Qemu window output code MYMAIN.C and myinterrupt.c

1.MYMAIN.C Code

/** LINUX/MYKERNEL/MYINTERRUPT.C * * Kernel Internal My_timer_handler * * Copyright (c) mengning **/#include<linux/types.h>#include<linux/string.h>#include<linux/ctype.h>#include<linux/tty.h>#include<linux/vmalloc.h>#include"Mypcb.h"externTPCB Task[max_task_num];externTPCB *My_current_task;extern volatile intmy_need_sched;volatile intTime_count =0;/** Called by timer interrupt. * It runs with the name of the current running process, * so it use kernel stacks of current RU Nning Process*/voidMy_timer_handler (void){#if1if(time_count% +==0&& my_need_sched! =1) {PRINTK (Kern_notice">>>my_timer_handler here<<<\n"); My_need_sched=1; } Time_count++ ; #endif    return; }voidMy_schedule (void) {TPCB*Next; TPCB*prev; if(My_current_task = =NULL|| My_current_task->next = =NULL) {        return; } PRINTK (Kern_notice">>>my_schedule<<<\n"); /*Schedule*/Next= my_current_task->Next; Prev=My_current_task; if(Next->state = =0)/*-1 unrunnable, 0 runnable, >0 stopped*/    {        /*switch to Next process*/ASMvolatile(                "PUSHL%%ebp\n\t"         /*Save EBP*/            "MOVL%%esp,%0\n\t"     /*Save ESP*/            "MOVL%2,%%esp\n\t"     /*Restore ESP*/            "MOVL $1f,%1\n\t"       /*Save Eip*/                "PUSHL%3\n\t"             "ret\n\t"                 /*Restore EIP*/            "1:\t"                  /*Next process start here*/            "popl%%ebp\n\t"            : "=m"(PREV-&GT;THREAD.SP),"=m"(prev->thread.ip):"m"(NEXT-&GT;THREAD.SP),"m"(next->Thread.ip)); My_current_task=Next; PRINTK (Kern_notice">>>switch%d to%d<<<\n",prev->pid,next->pid); }    Else{Next->state =0; My_current_task=Next; PRINTK (Kern_notice">>>switch%d to%d<<<\n",prev->pid,next->pid); /*switch to New process*/ASMvolatile(                "PUSHL%%ebp\n\t"         /*Save EBP*/            "MOVL%%esp,%0\n\t"     /*Save ESP*/            "MOVL%2,%%esp\n\t"     /*Restore ESP*/            "MOVL%2,%%ebp\n\t"     /*Restore EBP*/            "MOVL $1f,%1\n\t"       /*Save Eip*/                "PUSHL%3\n\t"             "ret\n\t"                 /*Restore EIP*/            : "=m"(PREV-&GT;THREAD.SP),"=m"(prev->thread.ip):"m"(NEXT-&GT;THREAD.SP),"m"(next->Thread.ip)); }       return; }

Print one PRINTK per cycle 100,000 times (kern_notice "My_start_kernel here%d \ n", i);

2.MYINTERRUPT.C Code

/* * LINUX/MYKERNEL/MYINTERRUPT.C * * Kernel Internal My_timer_handler * * Copyright (c) mengning * */#include &L t;linux/types.h> #include <linux/string.h> #include <linux/ctype.h> #include <linux/tty.h># Include <linux/vmalloc.h> #include "mypcb.h" extern tpcb task[max_task_num];extern TPCB * My_current_task;extern volatile int My_need_sched;volatile int time_count = 0;/* * Called by timer interrupt. * It runs in the name of the current running process, * so it is kernel stack of current running process */void My_timer_hand Ler (void) {#if 1 if (time_count%1000 = = 0 && my_need_sched! = 1) {PRINTK (kern_notice ">>>my_t        Imer_handler here<<<\n ");    my_need_sched = 1;  } Time_count + +;      #endif return;    }void my_schedule (void) {TPCB * next;    TPCB * PREV;    if (My_current_task = = NULL | | my_current_task->next = = NULL) {return; } PRINTK (Kern_notice ">>>my_schedule<<<\n ");    /* Schedule */next = my_current_task->next;    prev = My_current_task; if (next->state = = 0)/*-1 unrunnable, 0 runnable, >0 stopped */* switch to Next process */ASM            Volatile ("PUSHL%%ebp\n\t"/* Save EBP */"MOVL%%esp,%0\n\t"/* Save ESP */ "Movl%2,%%esp\n\t"/* Restore ESP */"MOVL $1f,%1\n\t"/* Save EIP */"PUSHL%3 \n\t "" ret\n\t "/* Restore EIP */" 1:\t "/* Next process start he Re */"POPL%%ebp\n\t": "=m" (PREV-&GT;THREAD.SP), "=m" (PREV-&GT;THREAD.IP): "M" (next-         &GT;THREAD.SP), "M" (Next->thread.ip));         My_current_task = Next;           PRINTK (kern_notice ">>>switch%d to%d<<<\n", prev->pid,next->pid);        } else {next->state = 0;        My_current_task = Next; PRINTK (Kern_notice ">&Gt;>switch%d to%d<<<\n ", prev->pid,next->pid); /* Switch to New process */ASM volatile ("PUSHL%%ebp\n\t"/* Save EBP */"MOVL     %%esp,%0\n\t "/* Save ESP */" MOVL%2,%%esp\n\t "/* Restore ESP */" MOVL%2,%%ebp\n\t "                 /* Restore EBP */"MOVL $1f,%1\n\t"/* Save EIP */"PUSHL%3\n\t" "ret\n\t" /* Restore EIP */: "=m" (PREV-&GT;THREAD.SP), "=m" (PREV-&GT;THREAD.IP): "M" (next-              &GT;THREAD.SP), "M" (Next->thread.ip));    } return; }

Each clock interrupt is called once PRINTK (), PRINTK (Kern_notice "\n>>>>>>>>>>>>>>>>> My_timer_handler here<<<<<<<<<<<<<<<<<<\n\n ");

Ii. contents of the study

(a) How does the computer work?

1. Stored program computer working model, the most basic logical structure of computer system;

2. Function call stack, high-level language to run the foundation, only the machine language and assembly languages when the stack mechanism for the computer is not so important, but with high-level language and functions, the stack has become the basic function of the computer;

ENTER:PUSHL%EBP

MOVL%ESP,%EBP

LEAVE:MOVL%ebp,%esp

• POPL%EBP

• 
  function parameter passing mechanism and local variable storage

• 3. Interrupt, multi-channel program operating system base point, no interrupt mechanism program can only run from the beginning to the end of the possibility to start running other programs.
• (ii) Function call stack
• Stack
• 1. The stack is a space that the C language program must run with a record call path and parameters.
• 2. Purpose of Stack existence: function call frame; pass parameter; save return address; provide local variable space;
• 3. Understanding the purpose of the stack and the rules used by the compiler on the stack are fundamental to understanding some of the key code of the operating system.
• Stack registers and stack operations
• 1. Stack-related registers: ESP, stack pointer (stacks pointer): EBP, base address pointer (base pointer)
• 2. Stack operation: Push stack top address reduced by 4 bytes (32 bit) pop stack top address increased by 4 bytes
• 3.EBP record the current function call base in C language
• (iii) Simulation of the storage program computer working model and clock interruption with the help of the Linux kernel part source code
• (iv) Constructing a simple operating system kernel on the basis of Mykernel
• Third, learning experience
• In this study I through the kernel source code to understand, from the environment to build up, Mystartkernerl start initialization to completion, start NO. 0 process, using time slices, each process every 10 million times, to determine whether to dispatch, scheduling using Myshedule () To schedule. Set the size of the time slice, when the time slice runs out, set the dispatch identity. There are two kinds of scheduling, one is the next process is in progress, the other is never dispatched, the process has never been executed, the execution of a special point, the state into the runtime state, as the current execution of the process.

Linux Security Second week summary