filp_open in Linux kernel device driver - linux

filp_open allows us to open a file in the file system. But is it safe to use from Kernel space ? If used what needs to be taken care. Will this be supported in future versions of Linux kernel as well.
Currently using 2.6.28 Linux kernel version.

A lot of drivers use the filp_open() function, it is pretty much a helper to open a file in kernelspace. No reason to assume it won't continue to be supported. Even the kernel's filesystem subsystem uses filp_open().

Related

Considering Linux is not supporting _OSI("Linux") ACPI object, any reliance way to use it in BIOS

Considering Linux is not supporting _OSI("Linux") ACPI object, any reliance way to use it in BIOS such that this ACPI _OSI works across all variants of Linux. acpi_osi has to be set to kernel params else it does not take effect if used in BIOS to to decide on some IO port programming or any other OS specific checks asl.
refering below link:
https://www.kernel.org/doc/html/latest/firmware-guide/acpi/osi.html
As that link outlines, Linux doesn't support _OSI("Linux") because many BIOS manufacturers implemented it incompetently and failed to test their environments properly. As such, you should aim to write your BIOS code in a way that works for any OS. This will mean that your BIOS will work not only on Windows and Linux, but on other OSes, like FreeBSD, NetBSD, and OpenBSD.
If it turns out that your system has a bug, try to make sure your BIOS handles it in the firmware if possible instead of offloading it to your Windows driver. If that's not possible, you can use the mechanism outlined in that link to use an OEM-specific hook, provided you send a patch to the kernel.
Linux will intentionally avoid attempts to be detected in the firmware, so you are better off not trying to do it at all. Note that because Linux tends to change rather rapidly, trying to make an assumption about how all versions of it work is probably not going to work out well.

debugging Device driver using GDB

I'm new to device drivers in Linux. And my first day task is to debug driver using GDB in Linux.
I need to debug some XYZ (PCIe device driver supports ethernet) device driver to know about the flow and what is going on device's registers and all.
I have installed the driver with patch file and insmod command.
The device is working properly. But am not getting any solution to debug the device driver.
All I know is that how to debug C program using GDB in Linux(fedora20). I got one link similar to my Problem but from that also I have not got any knowledge.
Can anybody please share your thoughts that how can I start from scratch.
I am very specific to learn about Debugging device drivers in Linux. Especially that init or probe function inside my driver I need to know the flow.
The gdb debugger is useful to debug user-space application level programs (since it uses ptrace(2)).
For kernel code, things are different. Consider using kgdb (I don't know the details). You might also add debug prints ....
I recommend at least reading more about operating systems, e.g. Operating Systems: Three Easy Pieces (freely downloadable), and reading something about Linux programming (perhaps the old ALP, and also intro(2), syscalls(2) and related stuff). Don't dare coding Linux loadable kernel modules without good familiarity with Linux programming (in user-land). See also kernelnewbies.
BTW, you should prefer writing user-land code than kernel modules. A very simple rule of thumb is to avoid writing kernel code when possible.
To begin with, you may need to understand basics of device driver and kernel in linux. Subsequently focus as per the type of driver in-hand. You also need to understand the functionality (specification / manual / datasheet) of the device you are working on.
The very basic approach for debugging can be using printk. Normally there will be debug logs that can be enabled through compilation flags. If it is present, enable it so that it can give important pointers else you might need to add it on your own.
Start with verification of driver registration and verification of loading of your driver (static or loadable module as per your requirement). Check whether it is getting listed as part of sysfs or proc as applicable. Check whether probe is successful and subsequently the appropriate read/write/open/close/other calls as per your driver / device functionality.
The dmesg shall be very helpfull for viewing the kernel messages. There are also tools like kdb, LTT, strace that can be useful as per the scenario.

How to use the system kernel binary itself as dump-capture kernel?

I want to set up kdump without building separate crash kernel.
How to use the system kernel binary itself as dump-capture kernel?
Firstly you need to install kexec-tools and kdump, although you may not require to recompile the kernel (depending on which flavour being used), you would still require to reboot the box to get the kdump settings in effect after configuring kdump. kdump is essentially a reliable version of the kernel has the crash dumping mechanism that utilizes the kexec software. Kexec is a fast boot mechanism that allows booting a Linux kernel without going through the BIOS again.
Now if you are not going to have another reliable kernel, what is the guarantee that your kernel code in-core is not corrupted and would work correctly, when you have memory corruption, panic, hung-state or possibly in an unreliable state. Therefore its not longer secure to rely on your running kernel for getting the dump.
Hope this helps.

New linux kernels, no lsm using lkms, no kernel hooks now what?

For security reasons, the kernel ceased to export characters necessary for writing security modules in the form of loadable kernel modules (Linux Kernel Module, LKM) starting with version 2.6.24.
And you can't export sys_call_table, again for security reasons.
But then, how can I filter filesystem requests?
I'll state it simply: I want to hook the "open" function!
I don't want to have to compile my own version of the kernel, what's the point of drivers? It should work for all kernels.
Please help, thought I would have more freedom than Windows with Linux, but now I see the most precious parts of my life are blocked in Linux.
I've written a kernel module that can do this called tpe-lkm. I've also mentioned it on some other questions similar to this here on StackOverflow:
access to the sys_call_table in kernel 2.6+
Reading kernel memory using a module
intercepting file system system calls
Hope one of these helps you out.

Why I need to re-compile vmware kernel module after a linux kernel upgrade?

After a linux kernel upgrade, my VMWare server cannot start until using vmware-config.pl to do some re-config work (including build some kernel modules).
If I update my windows VMWare host with latest Windows Service Pack, I usually not need to do anything to run VMWare.
Why VMWare works differently between Linux and Windows? Does this re-compile action brings any benifits on Linux platform over Windows?
Go read The Linux Kernel Driver Interface.
This is being written to try to explain why Linux does not have a binary kernel interface, nor does it have a stable kernel interface. Please realize that this article describes the _in kernel_ interfaces, not the kernel to userspace interfaces. The kernel to userspace interface is the one that application programs use, the syscall interface. That interface is _very_ stable over time, and will not break. I have old programs that were built on a pre 0.9something kernel that still works just fine on the latest 2.6 kernel release. This interface is the one that users and application programmers can count on being stable.
It reflects the view of a large portion of Linux kernel developers:
the freedom to change in-kernel implementation details and APIs at any time allows them to develop much faster and better.
Without the promise of keeping in-kernel interfaces identical from release to release, there is no way for a binary kernel module like VMWare's to work reliably on multiple kernels.
As an example, if some structures change on a new kernel release (for better performance or more features or whatever other reason), a binary VMWare module may cause catastrophic damage using the old structure layout. Compiling the module again from source will capture the new structure layout, and thus stand a better chance of working -- though still not 100%, in case fields have been removed or renamed or given different purposes.
If a function changes its argument list, or is renamed or otherwise made no longer available, not even recompiling from the same source code will work. The module will have to adapt to the new kernel. Since everybody (should) have source and (can find somebody who) is able to modify it to fit. "Push work to the end-nodes" is a common idea in both networking and free software: since the resources [at the fringes]/[of the developers outside the Linux kernel] are larger than the limited resources [of the backbone]/[of the Linux developers], the trade-off to make the former do more of the work is accepted.
On the other hand, Microsoft has made the decision that they must preserve binary driver compatibility as much as possible -- they have no choice, as they are playing in a proprietary world. In a way, this makes it much easier for outside developers who no longer face a moving target, and for end-users who never have to change anything. On the downside, this forces Microsoft to maintain backwards-compatibility, which is (at best) time-consuming for Microsoft's developers and (at worst) is inefficient, causes bugs, and prevents forward progress.
Linux does not have a stable kernel ABI - things like the internal layout of datastructures, etc changes from version to version. VMWare needs to be rebuilt to use the ABI in the new kernel.
On the other hand, Windows has a very stable kernel ABI that does not change from service pack to service pack.
To add to bdonlan's answer, ABI compatibility is a mixed bag. On one hand, it allows you to distribute binary modules and drivers which will work with newer versions of the kernel. On the other hand, it forces kernel programmers to add a lot of glue code to retain backwards compatibility. Because Linux is open-source, and because kernel developers even whether they're even allowed, the ability to distribute binary modules isn't considered that important. On the upside, Linux kernel developers don't have to worry about ABI compatibility when altering datastructures to improve the kernel. In the long run, this results in cleaner kernel code.
It's a consequence of Linux and Windows being developed in different cultural environments and expectations: http://www.joelonsoftware.com/articles/Biculturalism.html. In short: Windows is designed to be suitable for users, whereas Linux evolves to be suitable for open source developers.

Resources