Find the answer to your Linux question:
Results 1 to 5 of 5
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Dec 2004

    experimenting with developing kernel module

    hi all,

    This is my first question on this forum.

    Instead of implementing a device driver using a kernel module, i have tried to implement a simple code as a module.
    This code has the functionality as:
    It reads data from a file and collects it in the data structures declared in ".h" file.
    I also have data structures to store process id, process name and instances and then compare the data with data read from file.

    I have not defined or used data structures used by a device driver such as struct file_operations, struct task_struct etc.

    I have used system calls such as read, open to deal with files.
    kmalloc - to allocate kernel memory, printk - to log messages.

    my problem:
    i inserted the module from one terminal.
    i changed to some user(not superuser).
    i was allowed to execute processes from the same terminal, i.e. to open xpdf , i had to type "xpdf abc.pdf" on terminal instead of using GUI.

    If i use GUI to open xpdf or
    if i open another terminal, the computer hanged.

    I was not able to figure out the problem.

    Is it necessary to use the data structures and functions used in kernel code to avoid such a problem?
    Is there a need to define structures as file_operations, if i perform file opearations?

    Please help me and guide me in this new world of kernel modules.

    Thanks in advance

  2. #2
    Linux Guru lakerdonald's Avatar
    Join Date
    Jun 2004
    St. Petersburg, FL
    what was your module for? appears to be a driver of some sort, but for what?

  3. #3
    Linux Engineer
    Join Date
    Nov 2004
    Montreal, Canada
    I mate... Simply to get to your logic.

    1. you open a file to get its data
    2. you collect the data (based on the header), process id, process name...
    3. You compare to the existing one... (?) more explanations

    my problem:
    i inserted the module from one terminal.
    i changed to some user(not superuser).
    i was allowed to execute processes from the same terminal, i.e. to open xpdf , i had to type "xpdf abc.pdf" on terminal instead of using GUI.
    Thats what you've done so far... nothing crashed right?
    If i use GUI to open xpdf or
    if i open another terminal, the computer hanged.
    Before trying to open again did you close the 3 processes?
    I dont know exactly what your trying to do... but it seems you've opened the document to get info from but didnt close it and you try to open again... I'm not saying that this is the cause, but can you explain your algorithm as well as the functionnality of your module... 60% of the time you'll end up finding the solution yourself.. When I have a part of code that doesnt work, I try to explain with as much detail as possible to someone else, and 60-70% of the time I end up finding the answer myself...

    Anyway.. we're waiting for your information
    \"Meditative mind\'s is like a vast ocean... whatever strikes the surface, the bottom stays calm\" - Dalai Lama
    \"Competition ultimatly comes down to one thing... a loser and a winner.\" - Ugo Deschamps

  4. $spacer_open
  5. #4
    Just Joined!
    Join Date
    Dec 2004
    To elaborate on the module:

    These things were tried on Redhat Linux 7
    kernel 2.4.6

    The module is a kind of simple spy program which gets the process id, process name and if more than one program instance is opened then i want to increment the count of pid associated with that process.

    The structure of process_list in which i am storing the information is:
    struct process_list
    long pid;
    struct process_details *prod;
    struct process_list *link;


    struct process_details
    char pname[20];
    int pid_count;
    struct process_details * plink;

    Note: if pid_count becomes 0 then i free the whole data structure related to that process.

    I store the data of current process from exec system call( which i have trapped (do_execve to be more specific), by changing the pointer in sys_call_table) to my data structure.
    Then i open and read my file through open() and then read() system call. open() and read() are not trapped, only exec() is trapped.

    Similar structures as described above is used to put entries in the data file i read.

    Then i compare the pname with pname stored in my file, if they match then that process is blocked.
    My Example is xpdf, which i want to block. i.e. if someone tries to open xpdf through any means i.e. through terminal or through GUI, he should not be able to open it.

    I am able to block this process under the circumstances that:
    i inserted the module from one terminal.
    i changed to some user(not superuser), say bravetanveer.
    When this process called "xpdf" was initiated from the same terminal as:

    [root@localhost /root]#insmod mod.o

    [root@localhost /root]#su bravetanveer

    [bravetanveer@localhost /home/bravetanveer]$

    [bravetanveer@localhost /home/bravetanveer]$xpdf abc.pdf

    , then that process was blocked.
    Note: No other user process is running except the process on terminal.

    I wanted to do a very simple thing using kernel modules, so only simple linked lists are used as data structures and linear searching of the linked list is done to find the match from my data structures to block a process.

    The problem is not with whether the process is blocked or not because it is blocked, but as the circumstances changes, the system hangs.

    The changed circumstances are:

    If i open another terminal ( this invocation of new terminal is not initiated from the same prompt from which i was trying things, but it is invoked by clicking on terminal icon on my panel bar), just at this moment system hangs.

    I also tried opening any other process other than a terminal, still system hangs.

    ------>>>I have also tried invoking different processes from the same terminal i.e. using command line example "strace ls", "ls","gedit". Here nothing goes wrong and the system functions proprely.

    Is it necessary to use the functions used by a typical driver(character or block) to implement such a functionality?
    I mean how should i register this module, as a character device or block device or no registration is required.
    ------->>>because the data structures need to be modified when a process uses this device.

    At application level, we have to use shared memory with semaphores and signals for several processes to access one set of data structures.

    So one thing that comes to my mind is that, are those data structures which i am using shared between invocation of different processes. And the answere to this is Yes, because the process is blocked.
    Now the question is why is not able to use the data structures with the invocation of different terminal.
    Is it that the invocation of new terminal(not of a shell) creates whole new set of things , other that those created when a new shell is spawned from current shell?
    I mean spawning a new shell from the shell on which the module was loaded is ok. But invoking a new terminal is creating a whole new tree of process, as per me?

    Is is that a race condition has occured, it seems?

    I wanted to do this, Just to get more knowledge about the kernel and it's functionality and understand the linux as a whole in more details by implementing few things.

  6. #5
    Linux User
    Join Date
    Oct 2004
    First of all, I must say, it's a really nice idea to learn the functionality of the kernel... I'm trying to learn it too - I was doing a filesystem driver to learn the VFS API
    So maybe, I can try out the same thing and exchange ideas with you, if you don't mind

    Couple of observations from my side about what you're trying to do:
    1. It doesn't require any device per se. So, you cannot implement the module as either a chardev or blockdev. It could still be done as a chardev, but that would require changing quite a lot of things in the existing design.

    2. I don't know how you're trying to increment the count and running through the linked list, but the count should be done as an atomic_t instead of plain int and should be handled with corresponding functions/macros - atomic_inc(), atomic_read(), atomic_set() etc.
    check out include/asm/atomic.h

    3. You've got 2 links - one in the process_details struct and one in the process_list struct. Are both really required? What is the link in process_details struct used for?

    4. You could put in lots of printk()'s to trace the execution of your module code - the output will go to syslog/terminal/whatever.

    Just my $0.02 worth of thoughts
    The Unforgiven
    Registered Linux User #358564

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts