About the /proc file system - linux

I am using a command in the proc file system which is the following
echo 0 > /proc/sys/net/ipv4/ip_forward
Note: I don't want to know the basic of the command written above, I want what all happens when it goes inside the kernel. As, I want to implement one of the /proc file.
Now if I want to trace the code right from when the 0 is echoed in the file-system then how to go about it. I mean if I want to trace what happens when I do this.
I want to see where in the kernel code this 0 is accepted and in which value does it get stored inorder to make the changes. Please, can somebody tell what all happens when you call this command. I want in detail explain. I don't want the description of the command.
Any related article on how it changes the kernel parameters is also fine.
I have read this but, not explained there. http://www.linuxjournal.com/article/8381
Thanks

search through linux tree (especially network stack) for create_proc_entry function. Figure out what file creates ip_forward (it must be in ip4v drivers) from name passed to create_proc_entry.
When you find the file, look at where proc_dir_entry structure is created and what functions are assigned to its read_proc, write_proc members.

Related

How can I make usbmon log file (*.mon)?

I'm trying to vusb-analyzer.
It requires *.mon log file.
How can I make usbmon log file (*.mon)?
https://www.kernel.org/doc/Documentation/usb/usbmon.txt
The document you linked in your question is actually the answer, please see the sections 1-3.
In section 3, it says:
# cat /sys/kernel/debug/usb/usbmon/0u > /tmp/1.mon.out
This will create a text file 1.mon.out. Its structure is also described in the same document.
Now, how do I know that this is the file to be opened by vusb-analyzer? From what I see, the website of this project doesn't make it clear what the *.mon file is.
However, you can see it in the source code:
https://github.com/scanlime/vusb-analyzer/blob/master/VUsbTools/Log.py#L498
It clearly states, that the program uses the syntax described in the document that you already know:
https://www.kernel.org/doc/Documentation/usb/usbmon.txt
The name of your file doesn't really matter, but if you want it to end with ".mon", you could simply use:
# cat /sys/kernel/debug/usb/usbmon/0u > ~/somefile.mon
Two warnings:
The line with cat I posted here is just an example and in order to use it, you will need to follow the steps in the document (it won't work without enabling usbmon first)
vusb-analyzer hasn't been updated for years and I wasn't able to run it on my machine. Its website mentions Ubuntu 8.10 so I wouldn't be surprised if others had problems running it, too. (For example, in order to reproduce your problem, provide more help).

How does DIG utility work in FreeBSD and BIND?

I want to know how does the DIG (Domain Information Groper) command really works when it comes to code and implementation. I mean when we enter a DIG command, which part of the code in FreeBSD or BIND hits first.
Currently, I see that when I hit the DIG command, I see the control going to a file client.c. Inside this file, following function is called:
static void
client_request(isc_task_t *task, isc_event_t *event);
But how does the control reach to this place is still a big mystery for me even after digging a lot into 'named' part of the BIND code.
Further, I see this function being called from two places within this file. I tried to put logs into such places to know if control reaches to this place through those paths, but unfortunately that doesn't happen. It seems "Client_request()" function is somehow being called from outside somewhere that I am not able to figure out.
Is there anybody here who can help me out to resolve this mystery for me ?
Thanks.
Not only for bind but to any other command, within FreeBSD you could use ktrace, it is very verbose but could help you to get a quick overview of how the program is behaving.
For example, in latest FreeBSD's you have drill command instead of dig so if you would like to know what is happening behind scenes when you run the command, you could give a try to:
# ktrace drill freebsd.org
Then to disable tracing:
# ktrace -C
Once tracing is enabled on a process, trace data will be logged until
either the process exits or the trace point is cleared. A traced process
can generate enormous amounts of log data quickly; It is strongly
suggested that users memorize how to disable tracing before attempting to
trace a process.
After running ktrace drill freebsd.org a file ktrace.out should be created the one you could read with kdump, for example:
# kdump -f ktrace.out | less
That will hopefully "reveal the mystery", in your case, just replace drill with dig and then use something like:
# ktrace dig freebsd.org
Thanks to FreeBSD Ports system you can compile your own BIND with debugging enabled. To do so run
cd /usr/ports/dns/bind913/ && make install clean WITH_DEBUG=1
Then you can run it inside debugger (lldb /usr/local/bin/dig), break on the line you are interested in and then look at backtrace to figure out how the control reached there.

Backtrace with function-name,file-name and line-no information

We have an application software running on Suse linux. What I want is that whenever there is a crash/fault in the software, a backtrace is generated with call stack information for the current thread(which faults).
We are currently using "backtrace()" and "backtrace_symbols_fd()" to try to get the trace but there is not much useful information. It does not give function names, line no. and filename.
Therefore, I starting looking for alternate options to use and found "libunwind". Wrote a small function to get backtrace and it does print function name with other register values(ip,sp). But still I can not get the filename and linenumbers. Is there a way I can programmatically do that ? What happens if I strip my binary file? Can I still get the filename/lineno info ?

freebsd compile is so complicated?

I want to add custom syscall to freebsd(school work). I google hundreds of time. there is no right solution for it.
my homework is: "Add custom syscall to freebsd kernel and recompile the kernel and use it".
finally I find that I should follow instructions in these two pages:
1 : http://www.onlamp.com/pub/a/bsd/2003/10/09/adding_system_calls.html
then
2: https://www.freebsd.org/doc/en/books/handbook/kernelconfig-building.html
will it shows errors in compile time:
<sys/parma.h> no such file or directory
<sys/kern.h> no such file or directory
<sys/syscallargs.h> no such file or directory
I removed these three header include form my file then recompile it. now shows other errors like: MAXCPU undeclered in pcpu.h file.
what I missed? how can I do my school work?
NOTE: I use freebsd8 in vbox
Look at what the error messages say; the files don't exist.
The first include file is a typo; it's param.h, not parma.h!
There is no kern.h. Maybe you mean sys/kernel.h?
Idem for syscallargs.h. Do you perhaps mean syscall.h?
You can find header files with e.g:
find /usr/src/sys/ -type f -name '*.h'|grep 'sys/.*kern.*\.h'
/usr/src/sys/ofed/include/linux/kernel.h
/usr/src/sys/dev/netmap/netmap_kern.h
...
Update: More important is determining which includes you actually need.
FreeBSD has pretty good documentation. If you want to use a kernel function or data-structure, it is probably covered in section 9 of the manual pages.
You can list all the manual pages in that section with ls /usr/share/man/man9/ | less. Or you can use the apropos command.
Since you want to implement a syscall, start with e.g.
apropos syscall
It will return:
SYSCALL_MODULE(9) - syscall kernel module declaration macro
syscall(2), __syscall(2) - indirect system call
It seems to me that the first one could be relevant to your assignment. (The second one is how to call a system call from user space.) So read it with man SYSCALL_MODULE. Or read it online.
Note that:
A minimal example for a syscall module can be found in
/usr/share/examples/kld/syscall/module/syscall.c.
That example should be enough to get you started on writing your own system call module...
Well take a look at share/examples/kld/syscall for a complete implementation as a module.
Adding a new file to teh kernel is left as an exercise for the reader.
Here is a hint: find the newest added file within kern/* subdir AND CHECK WHAT COMMITS WERE DONE TO MAKE IT COMPILE.
In fact you could have done exactly the same with syscall: FIND THE NEWEST ADDED SYSCALL AND CHECK HOW IT WAS ACHIEVED.
All this is available in svn/git repository history.

Modifying syscall_table.S while adding a system call in linux

I am currently facing a problem in locating the syscall_table.S file in my arch/x86/kernel/ directory. In the online tutorail that i am following, it is gievn that i will find the file in this location. I am using linux-3.11.10. Please tell me how to locate this file. However, I have found this file in some other folders. If i were to modify one of these,which one should I modify ?
The following folders have syscall_table.S :
arch/microblaze/kernel
arch/m32r/kernel
arch/avr32/kernel
arch/parisc/kernel
Your question isn't very specific about what exactly you are trying to do.
sys_call_table is defined in arch/x86/kernel/syscall_64.c
The syscall entry is located in arch/x86/kernel/entry_64.S
routines are associated with their syscall number in include/uapi/asm-generic/unistd.h and arch/x86/syscalls/syscall_64.tbl
You might also want to look at include/linux/syscalls.h.

Resources