First, the user mode, kernel mode and interrupt
1, generally have several modern cpu unused instruction execution level
2, in the implementation of high-level code may execute a privileged instruction , access to any physical address , which corresponds to the level of the CPU executing kernel mode.
3, in the corresponding low-level execution state, control code range is limited. Only correspond to the range of activities permitted level.
Example: intel x86CPU four different execution levels 0-3, Linux only of which 0 and 3, respectively, represent the kernel mode and user mode.
4. Why do you need the permission level of division?
Programmers write code may lack robustness, making the whole system crashes and other problems. Therefore, more specialized program written by ape executing code system, i.e. the use of kernel mode operation, to ensure its robustness.
5, user mode and kernel mode are clearly distinguished and eip cs
Lowest cs register indicates the two current privilege level code.
Each instruction is read by the CPU cs: EIP these two registers:
where cs is the selected code segment register, eip is offset register.
The determination is done by the hardware.
Generally in Linux, the address space is a significant sign: 0xc0000000 more address space accessible only in kernel mode, 0x0000000-0xbffffff address space can be accessed in two states.
This address space is a logical address
6. The interrupt processing is the main way to enter the user mode kernel mode, the system call is only a special interrupt.
: (1) register context
is switched from user mode to kernel mode: ① ② register context must be saved to the user mode kernel mode response values into corresponding register
interrupt / int instruction number register values stored on the stack, such as : user mode stack address, then the status word, then CS: value of eip.
The first thing after the interruption is stored on-site preservation site is to enter the interrupt routine, saving the need to use the data registers, the last thing is to restore the site after the interrupt data recovery site that exits the interrupt routine, restoring the saved registers .
Second, the system calls Overview
1, the operating system to interact with the user mode process and hardware provides a set of system call interfaces -------
To liberate the user from the underlying hardware programming out
greatly improve the security of the system
is the user program portability
2, an application programming interface (API) and different system calls
API is just a function definition (a system call can be packaged as a function)
system call to send a clear request to the kernel by soft interrupt
Libc library defines some of the API application package routines (the sole purpose of issuing system calls, does not require assembly instruction program ape to write code)
Generally speaking, each corresponding to a package system call routines, library routines use these packages to define a user API
Not every API corresponds to a certain system calls.
API may provide services directly to the user mode. A single system call API may call several different API call may call the same system.
3, the return value
most package routine returns an integer value whose meaning depends on the respective system calls.
-1 represents the kernel process can not satisfy the request, Libc defined errno variable contains a specific error code in most cases.
4, when a user-mode process calls a system call, switching to kernel mode and the CPU starts executing a kernel function.
Parameter passing kernel implements many different system calls, a process which must specify the required system call, which requires passing a parameter called the system call number, using the eax register transfer.
5, the system call also require the input and output parameters, such as
the actual value.
Variable address user mode process address space.
Even data structure comprising user-mode address pointer to the function.
Register parameter passing restrictions:
(1) length of each parameter can not exceed the length of the register, or 32 bits.
(2) system call number outside (EAX), the number of parameters can not be over 6 (ebx, ecx, edx, esi , sdi, ebp) to one of the registers will point to a memory after more than six can be accessed All memory.
Third, use the library functions API to get the current time
When this experiment is performed, we encountered many problems, the first is compiled to 32-bit, suggesting that error:
Upon inquiry, because the machine is the number of bits of the virtual machine is 64-bit, but to compile a 32-bit, you need to use the command:
sudo apt-get install libc6-dev-i386
But when this command is executed, an error occurs: link not on the Software Sources:
At this point, set the DNS
sudo vim /etc/resolv.conf
The document read:
Then, restart the network services, and update apt
sudo apt-get update
Then normal installation
sudo apt-get install libc6-dev-i386
After compiling problems:
After Baidu, we found that, on the date the member variables in the structure tm is tm_mday
after correction,
