Linux Kernel(4.19) Hacks

rousalome.egloos.com

포토로그 Kernel Crash


통계 위젯 (화이트)

5112
737
82115


[Linux][Kernel] What is process? Linux-Kernel Analysis

It is difficult to understand process in Linux Kernel. Because processes are abstract concepts, it can be viewed from different perspectives. It seems that you have read and understood the process, but it is often difficult to apply what you have learned in practice to the process.

Why? This is because we study the process in a way that understands theory. This process does not seem to be the goal of learning. Process-related data structures or ftrace log analysis are undertaken that are learned through hands-on experience.

Therefore, we describe the process by looking at the ftrace and Linux kernel code directly when running the Raspberry Pi, not the theory. If you have a raspberry pi, we recommend you to practice yourself.

Process Introduction
This section describes terminology related to the process. Let us first consider this term?

What is process?
Processes are abstract and have multiple meanings, so you can explain which processes from different perspectives.

What is process? Process is a program that runs in the memory of a Linux system. It is used in a similar way to the task being scheduled. The technique of using multiple processes in real time is called multiprocessing, and the way to execute multiple programs at the same time is called multitasking.

Let's take a moment to think about the smartphone operations we are using.
You can leave a message while on the phone, listen to music and view your browser. There are several applications running at the same time. This is possible because you perform multitasking and process the program in a time-sharing manner.

This time, let's consider the process of the Linux developer. A process is an execution flow that loads into the Linux system memory and queues or executes it. If the process is waiting to be executed, what does the process do? What structure does the process recognize? Various problems have arisen.

The data structure of the management process. This object is called the task descriptor and the structure is struct task_struct. This structure stores attribute information such as memory resources used by the process, process name, execution time, process ID (PID), and process stack top address.

Can a process be represented only as a struct task_struct structure? The above process is defined as the execution process itself. Which structures can store the process execution process?

The process calls the Linux kernel function at execution time. Let's take a look at the call stack using the Trace32 program, which is an embedded debugger.
1 -000 | __schedule()
2 -001 | schedule_timeout()
3 -002 | do_sigtimedwait()
4 -003 | sys_rt_sigtimedwait()
5 -004 | ret_fast_syscall(asm)

The above function call direction is the fifth line of the first line. Briefly explain that the call stack is a function call stream sigtimedwait () function is to execute the corresponding system call processing function, the user space program is scheduled after the sys_rt_sigtimedwait () function.

The process is executed when the function is called. But what resources do you use to call and execute functions? Process stack memory space. All processes allocate space in kernel space at execution time and execute functions in the stack space.

Suppose the scheduler runs the above process again. So how do you run it?
1 -000 | __schedule()
2 -001 | schedule_timeout()
3 -002 | do_sigtimedwait()
4 -003 | sys_rt_sigtimedwait()
5 -004 | ret_fast_syscall(asm)

It will return from the first function to the fifth function. This is because the last set of registers and execution streams that the process is running are stored in the process stack space.

Another important space for expressing the process execution flow is the process stack space, where the structure at the top of the process stack is the struct thread_info structure.

In short, a process is an abstract concept, but it has the structure and memory space to store process information and process execution flow. You need to be familiar with this data structure to learn more about real-time processes running in the Linux kernel.

We are working hard to analyze the Linux kernel source code that executes the process and runs in the process stack space.

In the next section, we'll look at the common terms used with the process.

What is the task?
What is the task? This task is a term I used in other operating systems other than Linux.
In the old theory of operating systems, you can often see the word task.

What does this task mean in the operating system? It can actually be called execution.
Usually you will find it in the first chapter in operating system books. Most modern operating systems run programs in a multitasking environment, primarily by default, but in the past they have completed some processing of specific code or program execution. These execution and work units are called tasks.

As for simple Linux System without screen or touch, two tasks can send and receive signals to each other and control the entire system.

However, the concept of the task overlaps with the current process. The meaning of the task evolves with the introduction of the concept of processes and threads. The criteria for determining execution (the unit that performed the task) have been changed to plan.

In many cases, old terms are used in current software. It is called "legacy".

I use the term "task" written in the Linux kernel terminology or source code. The most typical example is to use struct task_struct as the structure name instead of struct process_struct.

The struct task_struct structure represents the attributes of each process, called the task descriptor, also known as the process descriptor.

If you see the word task in a Linux kernel function name or variable, you can think of it as a process-related code. For example, all of the following functions are responsible for managing and controlling processes where tasks visible in function names can be replaced by processes.
dump_task_regs
get_task_mm
get_task_pid
idle_task
task_tick_stop

In the Linux kernel, tasks are a process-like term. When reading the description of the source code or process, let's take a look at the word task and understand it as a process.

About thread
What is a thread? In short, it is a lightweight process created at the user level. When executing multiple processes, context switching must be performed, which is expensive (time). The process of storing virtual memory information for a running process and starting a new run also requires loading virtual memory information. In addition, when creating a thread, it takes less time to create a process.

The thread shares the file descriptor, file and signal information address space with other threads in its own process. Unlike processes that have their own address space, threads share their address space with other threads in the thread group.

However, for the kernel, it manages threads just like any other process. Instead, each task identifier, the task descriptor (struct task_struct), simply checks the thread group.

We briefly introduced the process in this article. In the next section, you'll learn more about the process by entering the ps command on a Linux terminal.

덧글

댓글 입력 영역