System Calls: A Kernel Project in
Linux
CS-550-3: Operating Systems
Fall 2003
Hunter Bell
2
Table of Contents
Main Body of Text (pages 3 –5)
1. Introduction - page 3
2. Description of trap-table and user space interaction –
page 3
3. Creating a new kernel function – pages 3-4
4. Revision of system call table – page 4 - 5
5. Rebuilding the kernel – page 5-6
6. Creation of user-space program – page 6
7. Conclusion – page 6
8. Bibliography – page 7
Appendices
1. Appendix
2. Appendix
3. Appendix
4. Appendix
A: alterations to time.c – page 8
B: alterations to entry.S – page 9
C: user-space program (exercise-5.c) –page 10
D: alteration to unistd.h – page 11
3
Introduction
The system call linkage within any operating system is
an important piece of functionality for the computer on
which it is running. It provides an interface through
which software (in user space) can request an action by the
operating system itself. Gary Nutt’s Exercise Five
requires the alteration of the system call linkage in
Linux. Since the book is based on Linux Mandrake version
2.2.12, Red Hat Linux was not used in this project.
Instead, the version of Linux Mandrake (2.2.14) provided
with the book was used. On the following pages, the
process for successfully adding a new function and system
call to the Linux Mandrake kernel is examined and explained
in detail.
Description of Trap table and User Space Interaction
Kernel functions appearing in the system call
interface cannot be called directly from user space, but
must be called through the trap table, also known as the
system call table. This is accomplished by creating a new
entry in the kernel trap table, which references the newly
created function. Once created, the entry in the trap
table can be called through a macro-created-stub function
from user space. This stub function includes a trap
instruction that changes the CPU from user to supervisor
(administrative) mode so it can run the kernel function.
In Linux, the trap instruction included here causes an
interrupt (0x80), and uses the arguments passed through the
stub/macro to access the system call table at the correct
location. Once identified, the system call function
(syscall() ) checks to ensure the requested function
(passed as an argument from user space) is acceptable and
then calls the kernel function, which executes according to
instructions in its body. This will only occur, however,
if the compiler agrees that the arguments passed from the
stub in user space are correct in number and type with
regard to the kernel function (Nutt, 2001).
Creating a New Kernel Function
Creating the new kernel function, named pedagogictime,
was a required task in this programming exercise. The body
of the function needed to reside in the
/usr/src/linux/arch/i386/kernel/time.c (see Appendix A)
file within the kernel of the operating system. This
4
location enabled the new code to be compiled along with the
pre-existing kernel functions when the kernel was rebuilt.
(If the function resided outside of this file (within its
own file), it would have been necessary to edit the
Makefile within that same directory by adding the new file
name to O_OBJS list.) In order to correctly implement the
function, a call-by-reference argument was necessary in the
function header/signature. This enabled the kernel to
write information into a user-space address. This can only
be accomplished, however, if the address has been correctly
identified in user space (Nutt, 2001).
There exists a kernel function, verify_area, that can
ensure the validity of a read/write operation into or out
of user space. The return from this function is either a
true or false value that identifies whether or not the
kernel can access the variable from user space. This
function was used as a fail-safe check to exit the kernel
function if reading or writing was not possible. If the
result was valid, the function would continue operation and
call two additional kernel-level functions: copy_to_user
and copy_from_user. The suggested functions, memcpy_fromfs
and memcpy_tofs, suggested in the exercise description did
not work as anticipated, and would not compile. The grep
command was used, and searched through the kernel until the
copy functions were identified. The copy_to_user function
allows the kernel to write new values into user space. In
this case, the values contained within the kernel variable
xtime were written to the variable passed by reference
through calling the function. To ensure the correct values
were sent, it was necessary to disable interrupts on the
operating system as the values were copied by calling the
system function cli(). This guaranteed the values stored
in xtime would not change during this process. Once copied
into user space, the interrupts were re-enabled using the
function sti(). Pedagogictime then called, back from user
space, the values copied into the argument by reference.
If the argument “flag” (sent as another argument from user
space) is true, the function then prints the resulting
values using the printk function. Printk is almost
identical to the printf function in user space, but it just
adds the ability to print to stdout from kernel space (Nutt
2001).
Revision of System Call Table
After having completed the new kernel function, it was
necessary to revise the sys_call_table so the operating
5
system would recognize calls and stubs to this function.
This was accomplished by editing the table in the
/usr/src/linux/arch/i386/kernel/entry.S file, and the table
in the /usr/src/linux/asm/unistd.h file.
There were
already 190 entries in the system call table, so the new
function would be identified as number 191 (see appendix
B). It was also necessary to update the total number of
system calls recognized by the system to 191, and this was
done in the same file. In the unistd.h file, an entry was
added as definition number 191 so the system would be able
to recognize stubs for this function generated by Macros in
user space. With these new additions, whenever a
trap/interrupt 0x80 occurs with an argument of 191, the new
function will be invoked (assuming the kernel has been
rebuilt with the new code included) (Nutt, 2001).
Rebuilding the Kernel
The last stage of the adding the function to the
kernel project was to rebuild the kernel itself, and this
proved to be one of the more challenging aspects of the
entire assignment. The process can be time-consuming and
very frustrating if your code does not compile (because you
are not notified until step 4 of 5 in the process). All of
the instructions for rebuilding the kernel in its various
phases are found within the Makefile for each directory
inside the kernel. That is, each directory has its own
specific Makefile that hooks into the bigger Makefile in
the top-level kernel directory. This ensures all pieces of
the kernel are affected in the proper way when each step of
the rebuild process is executed (Nutt, 2001).
The first phase of rebuilding the kernel is to issue
the “make clean” statement from the command line prompt.
This causes the operating system to remove old object files
so they may be replaced during the rebuild process. After
this statement executes, the “make <config_opt>” command is
issued from the command line. The <config_opt> is replaced
by “oldconfig” and creates the kernel configuration based
upon the old configuration that was present before the make
clean statement was issued. After execution of this step,
the command “make depend” is given. This command ensures
that certain files within the kernel are scheduled for
compilation before others, making certain all dependencies
between various files are maintained. The fourth step in
the process is issuing the “make” statement. This compiles
all of the kernel source code, and results in the
executable file version of the kernel. It is in this step
6
where the new code created in the kernel source files is
compiled, and where the programmer is notified of
successful or unsuccessful compilation of that code. If
the code does not compile here, he/she will have to return
and make adjustments based upon the errors encountered
during compilation. This can prove to be a daunting task,
because once the changes are made, all of the previous
steps in rebuilding the kernel must be run to ensure
integrity throughout the rebuild process. The last step of
rebuilding the kernel includes issuing the “make
<boot_opt>” command. The <boot_opt> is replaced, in this
exercise, by bzImage. This creates a bootable kernel image
and installs it within the kernel boot directory. If all
five steps complete successfully, the new kernel function
has been implemented correctly as far as compilation. The
true test will be calling the function from a macro in user
space(Nutt, 2001).
Creation of User Space Program
Finally, after the function was added correctly to the
kernel, the user-space program was created (see Appendix
C). This was an easy task, as compilation and running of
the program is all done within user space. A timeval
variable in which the values from xtime would be passed to
and from the kernel was created, along with an int (flag)
for notifying the kernel function to print the results.
The next step was generating a stub that allowed the
program to call the kernel function from user space. This
was accomplished by utilizing a macro. The macro
automatically creates a system call stub based upon the
number of arguments passed into the macro. The stub then
causes the interrupt 0x80 to occur, and having passed the
argument 191 into the macro, the interrupt then calls the
kernel function defined before rebuilding the kernel (Nutt,
2001)
Conclusion
The successful completion of a change to the system
call interface coupled with creating a user space function
is a time-consuming process. The end product, however, is
more than just a change to the operation of an operating
system. It includes attaining hands-on experience, and
knowledge of a computer at a level not attainable unless
each step of the process is worked through and completed.
7
Bibliography
Nutt, Gary (2001). Kernel Projects For Linux. New York, NY:
Addison Wesley Longman, Inc. ISBN 0-201-61243-7.
8
Appendix A: Alterations to time.c
(unaltered code not included)
/*****************************************
* Hunter Bell - CS550 Fall2003
* Term Project - Nutt Exercise-5
* **************************************/
asmlinkage int sys_pedagogictime(int flag,struct timeval *thetime)
{
/*declarations*/
int write_failed;
struct timeval *temp;
/*verify we can write to user space*/
write_failed = verify_area(VERIFY_WRITE,thetime,sizeof(thetime));
if(!write_failed)
{
printk("skelcall: Cannot write into user space");
return 0;
}/*end if*/
cli(); /*disable interrupts*/
/* write into user space the values in xtime */
__copy_to_user(thetimec,xtime,sizeof(xtime);
__copy_to_user(thetime,xtime,sizeof(xtime);
sti(); /*enable interrupts*/
/* verify we can read from user space*/
write_failed = verify_area(VERIFY_READ,thetime,sizeof(thetime));
if(!write_failed)
{
printk("skelcall: Cannot read from user space");
return 0;
}
/*copy back from user space into temporary variable for printing*/
temp = NULL;
__copy_from_user(temp,thetime,sizeof(thetime);
__copy_from_user(temp,thetime,sizeof(thetime);
/*Print time if flag is true*/
if(flag)
printk("%s",ctime(temp->tv_sec));
return 1;
}//end pedagogic time
9
Appendix B: Alterations to entry.S
(unchanged code not included)
ENTRY(sys_call_table)
.long SYMBOL_NAME(sys_ni_syscall)
/* 0 - old "setup()" system call*/
.long SYMBOL_NAME(sys_exit)
.long SYMBOL_NAME(sys_fork)
.long SYMBOL_NAME(sys_read)
.long SYMBOL_NAME(sys_write)
.long SYMBOL_NAME(sys_open)
/* 5 */
…
.long SYMBOL_NAME(sys_ni_syscall)
/* streams2 */
.long SYMBOL_NAME(sys_vfork)
/* 190 */
.long SYMBOL_NAME(sys_pedagogictime) /*191 - Hunter Bell*/
/*
* NOTE!! This doesn't have to be exact - we just have
* to make sure we have _enough_ of the "sys_ni_syscall"
* entries. Don't panic if you notice that this hasn't
* been shrunk every time we add a new system call.
*/
.rept NR_syscalls-191
.long SYMBOL_NAME(sys_ni_syscall)
10
Appendix C: User-Space Program
/* ****************************************
* Hunter Bell - CS550
* exercise-5 (term project)
* this program executes in user space and
* makes a system call to kernel space
***************************************** */
#include <linux/unistd.h>
#include <sys/syscall.h>
#include <stdio.h>
#include <time.h>
int main(int argc, char * argv[])
{
struct timeval *thetime = (struct timeval *) malloc(sizeof(struct timeval *));
int flag = 1;
/* generate a stub for System call for int pedagogictime through a Macro*/
_syscall2(int,pedagogictime,int,flag,struct timeval *,thetime);
return 0;
}//end main
11
Appendix D: Alteration to unistd.h
#define __NR_exit
#define __NR_fork
…
#define __NR_vfork
#define __NR_pedagogictime
1
2
190
191