I am newbie for Linux kernel, I cloned the Linux source from its repo on GitHub. I cannot find the file sys/mount.h nor the mount function.
Do you know where is this file located in source code? Where can I find its implementation?
If you don't know where a system call is implemented in the kernel, there's a general sequence of steps you can use to find it. You will need to download the kernel source to your machine.
Begin by finding the number of parameters the syscall requires. eg. mount(2) requires five parameters.
Since mount(2) requires 5 parameters, search for SYSCALL_DEFINE5(mount in the kernel source:
grep -nr 'SYSCALL_DEFINE5(mount'
This will take a while to run, but it will eventually find:
./fs/compat.c:92:COMPAT_SYSCALL_DEFINE5(mount, const char __user *, dev_name,
./fs/namespace.c:3026:SYSCALL_DEFINE5(mount, char __user *, dev_name, char __user *, dir_name,
So, the syscall you're looking for is located at in ./fs/namespace.c on line 3026. (I'm using Linux 4.19.99, so the line number will probably be different on your kernel.)
Related
I recently wrote a module implementing these functions.
What is the difference between the two? From my understanding, the copy_..._user functions are more secure. Please correct me if I'm mistaken.
Furthermore, is it a bad idea to mix the two functions in one program? For example, I used simple_read_from_buffer in my misc dev read function, and copy_from_user in my write function.
Edit: I believe I've found the answer to my question from reading fs/libfs.c (I wasn't aware that this was where the source code was located for these functions); from my understanding the simple_...() functions are essentially a wrapper around the copy_...() functions. I think it was appropriate in my case to use copy_from_user for the misc device write function as I needed to validate that the input matched a specific string before returning it to the user buffer.
I will still leave this question open though in case someone has a better explanation or wants to correct me!
simple_read_from_buffer and simple_write_to_buffer are just convenience wrappers around copy_{to,from}_user for when all you need to do is service a read from userspace from a kernel buffer, or service a write from userspace to a kernel buffer.
From my understanding, the copy_..._user functions are more secure.
Neither version is "more secure" than the other. Whether or not one might be more secure depends on the specific use case.
I would say that simple_{read,write}_... could in general be more secure since they do all the appropriate checks for you before copying. If all you need to do is service a read/write to/from a kernel buffer, then using simple_{read,write}_... is surely faster and less error-prone than manually checking and calling copy_{from,to}_user.
Here's a good example where those functions would be useful:
#define SZ 1024
static char kernel_buf[SZ];
static ssize_t dummy_read(struct file *filp, char __user *user_buf, size_t n, loff_t *off)
{
return simple_read_from_buffer(user_buf, n, off, kernel_buf, SZ);
}
static ssize_t dummy_write(struct file *filp, char __user *user_buf, size_t n, loff_t *off)
{
return simple_write_to_buffer(kernel_buf, SZ, off, user_buf, n);
}
It's hard to tell what exactly you need without seeing your module's code, but I would say that you can either:
Use copy_{from,to}_user if you want to control the exact behavior of your function.
Use a return simple_{read,write}_... if you don't need such fine-grained control and you are ok with just returning the standard values produced by those wrappers.
File handling in a kernel module. What is the appropriate way to 'seek' in a file? I could not find a sys_seek() function (such as sys_read()). Or, is it better only to use the VFS function API?
The question How to read/write files within a Linux kernel module? does not handle input stream navigation, i.e. there is no reference to tell()/seek() of any kind.
seek functionality in the kernel space can be achieved by vfs_llseek function:
loff_t vfs_llseek(struct file *file, loff_t offset, int whence);
The function returns resulted offset or negative value in case of error.
Custom read and write operations are defined as
ssize_t (*read) (struct file *,char __user *, size_t, loff_t *);
ssize_t (*write) (struct file *,const char __user *, size_t, loff_t *);
What happens when a read or write is made to a device?
I couldnt find simple explanation of this in LDD book.
For example what happens when I have a device and I made a write like
echo "Hello" > /dev/newdevice
And I am writing a simple character device. Also
cat /dev/newdevice
I know it depends on my custom read/write and what I need is simple read from memory and write to memory
#user567879, Since device node is treated as a special character or block or a network file, each file has an file structure "filp" which in turn holds the pointer to the file operations table where each system call is mapped to appropriate functions in device driver.
for ex: .open = my_open
.write = my_write
.read = my_read etc.
What happens when you issue echo "Hello" > /dev/newdevice is
1) Device node i.e. "/dev/newdevice" is opened using open system call which in turn
calls your mapped open function i.e. "**my_open**"
2) If open is successful, write system call issued with appropriate file descriptor
(fd), which in turn calls "**my_write**" function present in device driver and thus
according to the functionality it writes/transmits user data to the actual
hardware.
3) Same rule applies for "cat /dev/newdevice" i.e. open the device node --> read
system call --> mapped read function in your device driver i.e. "**my_read**" -->
reads the data from actual hardware and sends the data read from the hardware to
user space (application which issued read system call)
I hope I have answered your question :-)
I have downloaded the sytem source code from here, but i can't find source code of read/write functions from the package. Could anybody tell me where I can get the code for these socket operation functions?
[why I want to check the source code]
I am developing a multithreaded linux application and need to know, if calling socket operation functions like write/read/sendmsg to access a same TCP socket from different threads concurrently is safe or not.
you can search a function and other things in the kernel source code on LXR.
But before you search, you should know that write/read/sendmsg are system call,and their definitions aren't like usually functions.
When you use read(), sys_read() works in fact,and itselves defintion is also confused:here
here is write() and sendmsg() .
If you want to know more about system call such as their definiton, you can read chapter.5 of Linux Kernel Development.
1) Find out what library provides function you want to see source of
e.g. "man read"
NAME
read - read from a file descriptor
SYNOPSIS
#include <unistd.h>
ssize_t read(int fd, void *buf, size_t count);
2) locate header file, e.g. "/usr/include/unistd.h"
3) find out what package provides this file, with Debian/Ubuntu e.g.
pwadas#kehillah:~$ dpkg -S /usr/include/unistd.h
libc6-dev: /usr/include/unistd.h
4) Download source package and browse code
there's probably many "read" functions available from various libraries. You might want to try
man 7 socket
man 7 tcp
or other relevant sources.
That is, how do you know
how many parameters a specific syscall expects,
which register each parameter should be in,
and finally what each parameter means?
Is there a man alike command to tell you that?
see also: What are the calling conventions for UNIX & Linux system calls on x86-64
What you are looking for is the kernel ABI, I can't find the official site, but there is a blog with info like this.
In x64 with int 80h call, it is:
value storage
syscall nr rax
arg 1 rdi
arg 2 rsi
arg 3 rdx
arg 4 r10
arg 5 r9
arg 6 r8
Linux man-pages project (of course C-centric)
There is no manual for system calls that I know of, it's something you have to dig into the source code for.
This header file is useful, as it has many of the system calls prototyped with arguments:
include/linux/syscalls.h
It conains definitions, like:
asmlinkage long sys_getresuid(uid_t __user *ruid, uid_t __user *euid, uid_t __user *suid);
asmlinkage long sys_getresgid(gid_t __user *rgid, gid_t __user *egid, gid_t __user *sgid);
asmlinkage long sys_getpgid(pid_t pid);
asmlinkage long sys_getpgrp(void);
asmlinkage long sys_getsid(pid_t pid);
asmlinkage long sys_getgroups(int gidsetsize, gid_t __user *grouplist);
The arch syscalls header file has the rest of the system calls, one that are arch dependant:
arch/x86/include/asm/syscalls.h
(these files are as of 2.6.32 - earlier / later versions of the kernels may have different file/directory names).
Keep in mind that the internals of the linux kernel change fairly often, and there isn't a whole lot of effort put into keeping a stable ABI between major kernel versions. So, you'll have to look at the kernel source code of the kernel you're currently running, and don't expect it to automatically compile on any other kernel version.