The sixth week of Linux kernel and analysis

20135130 Wangkuandong

1, the operating system's three major management functions include: Process management, memory management, file system.

2. The Linux kernel distinguishes each process by its unique process identity PID. To manage the process, the kernel must have a clear description of each process, and the process descriptor provides the process information that the kernel needs to understand. All information for each process is recorded in the process descriptor (task_struct). The struct TASK_STRUCT data structure is very large, including process state, process kernel stack, process open file, process priority and process scheduling related information and so on. This is a structure containing a lot of information, also known as the Process Control block (PCB).

3, in Linux, the PCB task_struct does not contain the thread list information contained in the process.

4, the status of the Linux process and operating system principles described in the process state seems to be different, such as the readiness state and running state are task_running. This is because in Linux, the so-called difference between the state of a process is ready or running, whether it gets control of the CPU. That is, whether the process is actually executed on the CPU, if there is actual execution, it is running, if not, even if the current can be run, but also just ready state.

Note that there is a list of processes in the PCB task_struct, which is to say that all processes exist in a doubly linked list structure. struct List_head tasks.

5, the process created by the program has a parent-child relationship, in programming often need to refer to such a parent-child relationship. There are several fields in the process descriptor that are used to represent such relationships.

6. Linux allocates a 8KB-sized memory area for each process to hold two different data structures for the process: Thread_info and the kernel stack of the process. The process is used in the kernel state, unlike the user-state stack, where the kernel stack is specified in the PCB. The kernel controls the path with very few stacks, so 8KB is enough for stacks and thread_info

7, create a new process in the kernel execution process: fork, Vfork and clone three system calls can create a new process, and all by calling Do_fork to achieve the creation of the process; Linux creates a new process by replicating the parent process. Look at the fork () from the user's code, the function returns two times, that is, each time it is returned in a parent-child process, the parent process returns from the system call is easier to understand, and the child process returns from the system call, where does it start executing in the process of system invocation? In Linux, the child processes produced by the fork () system call are executed from Ret_from_fork during system invocation processing.

Experimental process:

Analyze the process by which the Linux kernel creates a new process by adding fork to the Mykernel.

After adding, regenerate menu and run.

Debug through GDB, set breakpoints in Sys_clone, Do_fork, Dup_task_struct, copy_process, Copy_thread, Ret_from_fork. Run the fork in the Menuos, continue debugging, and see the code at the breakpoint .

Process analysis for creating a new process:

Where the new process was created starts : Ret_from_fork

*childregs = *current_pt_regs();  复制内核堆栈（复制的pt_regs，是SAVE_ALL中系统调用压栈的那一部分。）
childregs->ax = 0;                               子进程的fork返回0     p->thread.sp = (unsigned long) childregs;  调度到子进程时的内核栈顶p->thread.ip = (unsigned long) ret_from_fork; 调度到子进程时的第一条指令地址

IP is pointing to ret_from_fork, so it starts here.

Linux operating system through Start_kernel, at the time of the call to execute the Cpu_idle process, and then through Kernel_init and Kthreadd generated No. 0 process and 1th process, respectively, as the initial kernel process and user process. The process here is initially through the programmer specific in the code to set the structure Ah, information ah, and then the process is copied before the process, which can be seen as a parent process, generated a new process, that is, the child process, of course, the child process information will be modified, it is not exactly the same as the parent process.

The program call State can be expressed as:

Fork Specific work process:

1. Call Sys_clone

2. Execute do_fork (), fork, Vfork, and clone three system calls can create a new process, and all are created by calling Do_fork to implement the process. Do_fork () is responsible for replication of the process.

3. Executive Copy_process

4 dup_task_struct, copy the task_struct information of the parent process into the new task_struct

Fork produces a parent-child process in which the return value is the process number of the child process, and in the child process, the return value is 0. The return value can therefore be used to determine whether the current process is a parent or child process. The child process that is obtained by using the fork function is a replica of the parent process, which copies the entire process's address space from the parent process, including the process context, process stack, memory information, open file descriptor, signal control setting, process priority, process group number, current working directory, root directory, resource limit, control terminal, and so on.

5.copy_thread

6.ret_from_fork

The start address of the user stack for the process is stored in the Stack_start member of the TASK_STRUCT structure, and the new process starts at ret_from_fork. For the fork execution process, the parent-child process shares the same code space, "One call, two return", in fact, for the parent process calling fork, if the fork out of the child process is not dispatched, then the parents process from the fork system call back. Look at the fork out of the sub-process, as can be seen by the copy_process function, the return address of the child process is ret_from_fork (and the parent process is returned on the same code point), the return value is directly set to 0. So when the child process is dispatched, it is also returned from fork, with a return value of 0. Ret_from_fork () invokes the Schedule_tail () function, loads all registers with the values stored in the stack, and forces the CPU to return to the user state. In this way, the EAX register is loaded with two values, one is the value of the child process 0, and one is the parent process's value-the PID of the child process. The new process will then start executing when fork (), vfork (), or Clone () is returned. Different values are returned in different processes.

The sixth week of Linux kernel and analysis