Kernel Hacking

A put-together of kernel related topics.

Topics and Dependencies

• Modern Character Devices
• File Operations on Character Devices
• Coding: First Functionality
• Character Device Basics
• Coding: Multiple Devices
• Coding: Refactoring
• DMA
• Fedora: Building the Kernel
• Fedora: Building External Kernel Modules
• Module Loading, Hello World
• Coding: Raspi GPIO Interrupts
• Interrupts
• IO Memory
• Dynamic Memory: kmalloc()
• Doubly Linked Lists
• Coding: Fix Race Condition (Mutex)
• Mutex (and RT Mutex)
• Network Devices
• PCI
• Process vs.Atomic Context
• Raspberry Pi: Building the Kernel
• Coding: Fix Sleep While Atomic
• Spinlock (vs. Mutex)
• dup(), fork(), and Reference Counting (Stub)
• Coding: Timed Event
• Timer Management
• Accessing Userspace Memory
• Waiting for Something
• Workqueue

Group Description

• Process vs.Atomic Context (kernel.process_vs_atomic)

• Interrupts (kernel.interrupt)

• Fedora: Building the Kernel (kernel.fedora_kernel_build)

• Fedora: Building External Kernel Modules (kernel.fedora_module_build)

• Module Loading, Hello World (kernel.modules_hello_world)

• IO Memory (kernel.iomemory)

• Dynamic Memory: kmalloc() (kernel.kmalloc)

• DMA (kernel.dma)

• PCI (kernel.pci)

• Raspberry Pi: Building the Kernel (kernel.raspi_kernel_build)

• Workqueue (kernel.workqueue)

• Accessing Userspace Memory (kernel.usermem)

• Character Device Basics (kernel.cdev_manual)

• Modern Character Devices (kernel.cdev_auto)

• dup(), fork(), and Reference Counting (Stub) (kernel.stub_sysprog_dup)

• File Operations on Character Devices (kernel.cdev_file_operations)

• Waiting for Something (kernel.waitqueue)

• Spinlock (vs. Mutex) (kernel.spinlock)

• Doubly Linked Lists (kernel.list)

• Mutex (and RT Mutex) (kernel.mutex)

• Timer Management (kernel.timer)

• Network Devices (kernel.netdev)

Sample Code Maintenance

• Github repo here

• Directory _morph holds my_driver.c, which is the base for livehacking sessions

• my_driver.c is morphed as we go

• Branch tree (not merged back)

  • Branch my_driver_hello

    Topic	Module Loading, Hello World
    Branch	my_driver_hello
    Contents	The root of everything Makefile, build Module loading, init(), exit().
    Status	DONE

  • Branch my_driver_cdev_manual

    Topic	Character Device Basics
    Branch	my_driver_cdev_manual
    Contents	History: static device numbers Character device basics
    Status	DONE

  • Branch my_driver_cdev_dynamic_major

    Topic	Modern Character Devices
    Branch	my_driver_cdev_dynamic_major
    Contents	Dynamic device number allocation devtmpfs and sysfs
    Status	…

  • Branch my_driver_cdev_file_operations

    Topic	File Operations on Character Devices
    Branch	my_driver_cdev_file_operations
    Contents	History: static device numbers Character device basics struct file_operations open() ioctl() and _IO*() macros
    Status	DONE

  • Branch my_driver_cdev_first_functionality

    Topic	Coding: First Functionality
    Branch	my_driver_cdev_first_functionality
    Contents	Doubly linked list Basic OO Simple ioctl Userspace ioctl usage
    Status	DONE

  • Branch my_driver_cdev_refactoring

    Topic	Coding: Refactoring
    Branch	my_driver_cdev_refactoring
    Contents	Separate files My Device encapsulation of matters My Device as filp->private_data
    Status	DONE

  • Branch my_driver_multiple_devices

    Topic	Coding: Multiple Devices
    Branch	my_driver_multiple_devices
    Contents	…
    Status	…

  • Branch my_driver_mutex

    Topic	Coding: Fix Race Condition (Mutex)
    Branch	my_driver_mutex
    Contents	Race on unprotected lists Mutex RT mutex “Interruptible”
    Status	DONE

  • Branch my_driver_interrupt

    Topic	Coding: Raspi GPIO Interrupts
    Branch	my_driver_interrupt
    Contents	Short GPIO introduction ⟶ move to Raspi Request and free IRQ Atomic?
    Status	DONE

  • Branch my_driver_spinlock_atomic.

    Topic	Coding: Fix Sleep While Atomic
    Branch	my_driver_spinlock_atomic
    Contents	Spinlock usage Spinlock caveats (sleep/atomic)
    Status	DONE

  • Branch my_driver_time_timer.

    Topic	Coding: Timed Event
    Branch	my_driver_time_timer
    Contents	jiffies Timer wheel methods
    Status	DONE

  • Branch my_driver_workqueue.

    Topic	Workqueue
    Branch	my_driver_workqueue
    Contents	Workqueue Getting rid of atomic code Realtime priorities
    Status	DONE

  • Branch my_driver_usermem.

    Topic	Accessing Userspace Memory
    Branch	my_driver_usermem
    Contents	copy_{to,from}_user()
    Status	DONE

  • Branch my_driver_waitqueue.

    Topic	Waiting for Something
    Branch	my_driver_waitqueue
    Contents	Wait queues Blocking vs. nonblocking read() EAGAIN and EOF
    Status	DONE

Links

• https://www.kernel.org/doc/

• https://www.kernel.org/doc/html/latest/

• LDD3, O’Reilly

To Do List

• Networking

  https://www.cs.dartmouth.edu/~sergey/netreads/path-of-packet/Lab9_modified.pdf

• Kernel

  • Topic “Kernel Source”

  • “Kernel Modules”? Probably aggregate into Module Loading, Hello World

  • “Kernel Internals”?

  • 0520-kernel-communication

  • 0521-kernel-kmalloc (GFP etc, depend interrupts on it)

  • 0525-kernel-io-memory

  • 0532-kernel-threaded-interrupts

  • 0710-kernel-preempt-rt

• Aggregate _morph/ branches top-level

• Bring source code into slides/screenplays

• Userspace/kernel picture from sysprog.

• In topics that refer to github code, mention branch where code is maintained. (code-block caption)

• SEO

  • meta everywhere

  • sidebars with backlinks to this document

  • this document: course description