I. Using GDB trace to parse a system call kernel function
1. Add the time function to the test.c file and the time function in the C language inline assembly. See for yourself.
2. Then add the Menuconfig function to the main function to register. This way, when Menuos is running, the interface will have more time and time-asm options.
3. Run with make Rootfs command
The process of debugging with GDB
- Qemu-kernel LINUX-3.18.6/ARCH/X86/BOOT/BZIMAGE-INITRD rootfs.img-s-S
- gdb
- file linux-3.18.6/vmlinux
- target remote:1234
- b start_kernel
- b sys_time
GDB Single-Step debug command N, continue to run C, jump into the function kernel s.
Two. Analyzing the System_call code execution process
when a user invokes a system call, the system automatically enters the kernel via int $0x80 and enters the System_call function through the interrupt vector. Then the system_call process begins.
490ENTRY (System_call)491Ring0_int_frame # can't unwind into user space anyway492Asm_clac493Pushl_cfi%eax # save Orig_eax 494 save_all #保存寄存器上下文环境 495Get_thread_info (%EBP)496# system Call TracinginchOperation/emulation497Testl $_tif_work_syscall_entry,ti_flags (%EBP)498jnz syscall_trace_entry499Cmpl $ (nr_syscalls),%eax -Jae Syscall_badsys501syscall_call:502 Call *sys_call_table (,%eax,4 ) #通过eax寄存器存储的具体系统调用号来去system_call表中去执行具体的系统调用503syscall_after_call:504 movl%eax,pt_eax (% ESP) #系统调用执行完之后用eax保存返回值505syscall_exit: 506Lockdep_sys_exit507Disable_interrupts (clbr_any) # Make sure we don'T miss an interrupt508# setting need_resched or sigpending509 # between sampling and the Iret510Trace_irqs_off511MOVL ti_flags (%EBP),%ecx +Testl $_tif_allwork_mask,%ECX# current->work to determine whether you need to continue the Syscall_exit_word process now 513 jne syscall_exit_work #若需要, enter the syscall_exit_work process 514515restore_all:516 Trace_irqs_iret #恢复上下文环境
The overall flow of this code is:
- Save current process Environment (Save_all)
- Perform a specific system call and save the return value
- Determine whether additional tasks are currently required (that is, syscall_exit_work).
- Restores the context environment.
Next, look at what specific tasks Syscall_exit_work performed.
656syscall_exit_work:657Testl $_tif_work_syscall_exit,%ecx658 jz work_pending #进入work_pending 659trace_irqs_on660enable_interrupts (clbr_any) # could let Syscall_trace_leave () call661# Schedule () instead662MOVL%esp,%eax663Call Syscall_trace_leave664jmp resume_userspace665end (syscall_exit_work)
The main work of work_pending is to determine whether the current process has a signal or process communication task to handle.
593work_pending: 594Testb $_tif_need_resched,%CL595JZ work_notifysig #如果有信号处理, enter the Work_notifysig process 596work_resched: 597Call Schedule #是否需要进行进程调度, if there is a process scheduled task, enter 598Lockdep_sys_exit599Disable_interrupts (clbr_any) # Make sure we don'T miss an interrupt -# setting need_resched or sigpending601# between sampling and the Iret602Trace_irqs_off603MOVL ti_flags (%EBP),%ecx604Andl $_tif_work_mask,%ECX # isthere any work to is done other605# than Syscall tracing?606jz restore_all #返回进行上下文607Testb $_tif_need_resched,%CL608jnz work_resched609
Therefore, after the process finishes executing a system call, before returning the value, it checks to see if the process has signaled that it needs to be processed and whether there are processes scheduled for the task to execute.
Three. Experimental summary
Further in-depth learning is performed at the bottom of the kernel when a user invokes a system call.
"Linux kernel Analysis" WEEK5 job-system call Interrupt processing process