Linux Architecture
Kernel space and user space are two , and the transfer from user space to kernel space can be completed through system calls and hardware interrupts . As shown below:
linux architecture diagram
As can be seen from the above figure, Linux consists of user space and kernel space
Under normal circumstances, user processes cannot access the kernel. It can neither access the memory space where the kernel is located nor call functions in the kernel. A set of subroutines are set up in the Linux kernel to implement various system functions. Users can access the data and functions of the Linux kernel by calling them. These system call interfaces (SCI) are called system calls.
The difference between system calls and ordinary functions:
System calls are very similar to ordinary function calls. The only difference is that system calls are implemented by the operating system kernel and run in kernel mode, while ordinary function calls are provided by function libraries or users themselves and run in user mode.
Number of system calls:
In the 2.6.32 kernel, there are 365 system calls, which can be found in arch/arm/include/asm/unistd.h.
/* This file contains the system call numbers*/
#define __NR_restart_syscall (__NR_SYSCALL_BASE+ 0)
#define __NR_exit (__NR_SYSCALL_BASE+ 1)
#define __NR_fork (__NR_SYSCALL_BASE+ 2)
......
#define __NR_preadv(__NR_SYSCALL_BASE+361)
#define __NR_pwritev (__NR_SYSCALL_BASE+362)
#define __NR_rt_tgsigqueueinfo (__NR_SYSCALL_BASE+363)
#define __NR_perf_event_open (__NR_SYSCALL_BASE+364)
The function of the system call:
Mainly divided into 3 categories:
(1) Process control class
fork creates a child process
clone creates a child process according to specified conditions
execve run executable
...
(2) File control operation
fcntl file control
open open file
read read file
...
(3) System control
ioctl I/O overall control function
reboot reboot
--sysctl read and write system parameters
...
An example of using a system call function:
The following is the number of seconds from 0:00 on January 1, 1970 GMT to the present through the time function system call.
#include<time.h>
main()
{
time_t t_time;
t_time=time((time_t *)0); /*Call the time system call*/
printf("The time is %ld\n",t_time);
}
How system calls work:
一般情况下,用户进程是不能访问内核的。它既不能访问内核所在的内存空间,也不能调用内核中的函数。系
统调用是一个例外。其原理是(1)进程先用适当的值填充寄存器,(2)然后调用一个特殊的指令,(3)这个指令会让用户程序跳转到一个事先定义好的内核中的一个位置。(4)进程可以跳转到的固定的内核位置。这个过程检查系统调用号,这个号码告诉内核进程请求哪种服务。然后,它查看系统调用表(sys_call_table)找到所调用的内核函数入口地址。接着,就调用函数,等返回后,做一些系统检查,最后返回到进程。
工作原理概述:
(1)适当的值
所有适当的值我们都可以在include/asm/unistd.h中找到,在这个文件中为每一个系统调用规定了唯一的编号,叫做系统调用号。
#define __NR_utimensat(__NR_SYSCALL_BASE+348)
#define __NR_signalfd (__NR_SYSCALL_BASE+349)
#define __NR_timerfd_create (__NR_SYSCALL_BASE+350)
#define __NR_eventfd (__NR_SYSCALL_BASE+351)
#define __NR_fallocate (__NR_SYSCALL_BASE+352)
这里面每一个宏就是一个系统调用号
(2)特殊的指令
在Intel CPU中,这个指令由中断0x80实现
在ARM中,这个指令是SWI(softwhere interrupt:软中断指令),现在重新命名为SVC
(3)固定的位置
每个CPU固定的位置是不一样的,在ARM体系中这个固定的内核位置是ENTRY(vector_swi)(在arch\sh\kernel\entry-common.S),也就是PC指针会跳转到这个位置
(4)相应的函数
内核根据应用程序传递来的系统调用号,从系统调用表sys_call_table找到相应的内核函数
CALL(sys_restart_syscall)
CALL(sys_exit)
CALL(sys_fork_wrapper)
实例:
工作原理(应用):下面是一个从用户open调用到找到内核中具体的系统调用函数入口地址的大体流程
#define __syscall(name) "swi\t" __NR_##name "\n\t“
int open( const char * pathname, int flags)
{
。。。。。。
__syscall(open);
。。。。。。
}
转化为
int open( const char * pathname, int flags)
{
。。。。。。
swi\t __NR_open //#define __NR_open (__NR_SYSCALL_BASE+ 5)
。。。。。。
}
//内核入口
/* arch/arm/kernel/entry-common.S */
ENTRY(vector_swi)
…… …… …… ……
adr tbl, sys_call_table @ load syscall table pointer
…… …… …… ……
ldrcc pc, [tbl, scno, lsl #2] @ call sys_* routine
…… …… …… ……
ENTRY(sys_call_table)
#include "calls.S"
/* arch/arm/kernel/calls.S */
/* 0 */ CALL(sys_restart_syscall)
CALL(sys_exit)
CALL(sys_fork_wrapper)
CALL(sys_read)
CALL(sys_write)
/* 5 */ CALL(sys_open)
………………………………………………………………
CALL(sys_dup3)
CALL(sys_pipe2)
/* 360 */CALL(sys_inotify_init1)
http://blog.csdn.net/nanfenglei23/article/details/41928293