The Linux Kernel Book: A Comprehensive Guide to the Heart of Linux by Rémy Card, Éric Dumas, and Franck Mével
The Linux Kernel Book: A Comprehensive Guide to the Heart of Linux
If you want to learn about the inner workings of one of the most popular operating systems in the world, you should read The Linux Kernel Book by Rémy Card, Éric Dumas, Franck Mével. This book provides an in-depth treatment of the internal functioning of the Linux kernel, covering various topics such as process management, memory management, IPC Systems V, signals, pipes, POSIX tty, file systems, loadable modules, and administration. In this article, we will give you an overview of what this book offers, who it is for, and why you should read it.
Remy Card Eric Dumas And Frank Mevel The Linux Kernel Book Wiley Publications 2003 29
What is the Linux kernel and why is it important?
The Linux kernel is the core component of the Linux operating system. It is responsible for managing the hardware resources, such as CPU, memory, disk, network, etc., as well as providing a common interface for user applications to interact with them. The kernel also handles various tasks such as process creation, scheduling, communication, security, etc. The kernel is what makes Linux a powerful, stable, and flexible operating system that can run on various platforms and devices, from servers to smartphones.
Who are the authors of the book and what are their credentials?
The authors of the book are Rémy Card, Éric Dumas, and Franck Mével. They are experts in the development of Linux and have contributed to various aspects of the kernel. Rémy Card is one of the main developers of the ext2 file system, which is widely used in Linux. Éric Dumas is a specialist in process management and IPC Systems V. Franck Mével is a specialist in memory management and loadable modules. They have written this book based on their extensive knowledge and experience with the Linux kernel.
What are the main topics covered in the book and who is it for?
The book covers the following topics in detail:
General overview of Linux
Processes in Linux
Memory management in Linux
IPC Systems V in Linux
Signals in Linux
Pipes in Linux
POSIX tty in Linux
File systems in Linux
Loadable modules in Linux
Administration in Linux
The book is divided into two parts for each topic. The first part presents the basic concepts and describes the associated system calls, illustrating them with examples written in C. The second part extends to a more advanced treatment, showing how the concepts are implemented at the level of the kernel and presenting the data structures and the internal functions used in Linux.
The book is intended for anyone who wants to learn more about the Linux kernel, whether they are programmers, system administrators, or students. The book assumes that the reader has some basic knowledge of Unix and C programming, but does not require any prior knowledge of the kernel itself.
General overview of Linux
How Linux evolved from Unix and what are its advantages
Linux is a Unix-like operating system that was created by Linus Torvalds in 1991 as a hobby project. He was inspired by Minix, a small Unix-like system developed by Andrew Tanenbaum for educational purposes. Torvalds wanted to create his own operating system that would run on his personal computer, a 386 IBM PC clone. He started by writing a simple program that would switch between different modes of the processor and display some messages on the screen. He then gradually added more features and functionality, such as disk access, keyboard input, memory management, etc., until he had a basic kernel that could run some simple programs.
Torvalds released his kernel to the public via the Internet, inviting other programmers to join him in developing and improving it. Soon, he received many contributions from people around the world who added support for various hardware devices, file systems, network protocols, etc. He also incorporated some existing software components from other Unix-like systems, such as GNU tools, X Window System, etc., to create a complete operating system that could run on various platforms and devices.
Linux has many advantages over other operating systems, such as:
It is free and open source, meaning that anyone can use it, modify it, and distribute it without any restrictions or fees.
It is stable and reliable, meaning that it can handle heavy workloads and complex tasks without crashing or slowing down.
It is secure and robust, meaning that it can protect itself from viruses, malware, hackers, etc.
It is flexible and customizable, meaning that it can be configured and adapted to suit different needs and preferences.
It is compatible and portable, meaning that it can run on various platforms and devices, from servers to smartphones.
Processes in Linux
What is a process and how is it created and managed by the kernel
A process is a program that is being executed by the CPU. It consists of an executable code segment, a data segment, a stack segment, a heap segment, and various attributes such as process ID (PID), parent process ID (PPID), user ID (UID), group ID (GID), priority (nice), state (running, ready, waiting, zombie), etc. A process can also have one or more threads, which are subunits of execution that share the same code segment, data segment, heap segment, and attributes with the process.
is set to the PID of the parent). The child and the parent then resume execution from the point where the fork system call was invoked, but with different return values: the fork system call returns 0 to the child and the PID of the child to the parent. The child and the parent can then execute different code paths depending on their return values.
A process is managed by the kernel using various data structures and functions. The kernel maintains a process table, which is an array of process descriptors. A process descriptor is a structure that contains all the information about a process, such as its attributes, segments, registers, etc. The kernel also maintains a process list, which is a linked list of pointers to process descriptors. The process list is used to keep track of the processes that are in different states: running, ready, waiting, or zombie. The kernel also maintains a process tree, which is a hierarchical representation of the parent-child relationships among processes.
The kernel uses various functions to manipulate processes, such as:
do_fork: This function is called by the fork system call to create a new process. It allocates a free slot in the process table for the new process descriptor, copies the contents of the parent's process descriptor to the child's process descriptor, modifies some fields of the child's process descriptor (such as PID and PPID), adds the child to the process list and the process tree, and returns the PID of the child to the parent and 0 to the child.
schedule: This function is called by the kernel periodically or when an event occurs that affects the state of a process. It implements a scheduling algorithm that decides which process should run next on the CPU. It selects a process from the ready list based on its priority and other factors, switches the context from the current process to the selected process (by saving and restoring their registers), and sets the state of the current process to ready and the state of the selected process to running.
exit: This function is called by a process when it terminates normally or abnormally. It sets the state of the process to zombie, releases its resources (such as memory and file descriptors), notifies its parent (by sending a SIGCHLD signal), and calls schedule to switch to another process.
wait: This function is called by a parent process when it wants to wait for one or more of its children to terminate. It checks if any of its children are in zombie state, and if so, it reaps them (by removing them from the process table, list, and tree) and returns their PID and exit status. If none of its children are in zombie state, it sets its state to waiting and calls schedule to switch to another process.
Memory management in Linux
How memory is allocated and freed by the kernel
Memory is one of the most important resources that the kernel has to manage. Memory is divided into two types: physical memory and virtual memory. Physical memory is the actual RAM that is installed on the system. Virtual memory is an abstraction that allows each process to have its own address space that is larger than physical memory.
The kernel allocates and frees physical memory using pages and frames. A page is a fixed-size unit of virtual memory (usually 4 KB). A frame is a fixed-size unit of physical memory that corresponds to a page (also usually 4 KB). The kernel maintains a page table for each process, which is a data structure that maps each page in its virtual address space to a frame in physical memory or to a disk location (if swapped out). The kernel also maintains a free list of frames that are not allocated to any page.
the first time or when it is swapped in from disk. It uses a page fault handler to handle the page fault exception that occurs when a page is not present in physical memory. The page fault handler checks if the page is valid and accessible by the process, and if so, it allocates a free frame from the free list, copies the contents of the page from disk (if swapped out) or zeroes it (if newly allocated), updates the page table entry to point to the frame, and resumes the execution of the process.
The kernel frees physical memory for a page when it is no longer needed by any process or when it needs to reclaim some memory for other purposes. It uses a page replacement algorithm to decide which page to evict from physical memory. It selects a page based on its age and usage (such as least recently used or least frequently used), writes its contents to disk (if modified), updates the page table entry to mark it as swapped out, and adds the frame to the free list.
IPC Systems V in Linux
What is IPC Systems V and how does it enable interprocess communication
IPC Systems V is a set of mechanisms that allow processes to communicate and synchronize with each other. IPC stands for interprocess communication. Systems V refers to the version of Unix that introduced these mechanisms. IPC Systems V consists of three main components: message queues, semaphores, and shared memory segments.
Message queues are data structures that allow processes to exchange messages with each other. A message queue is identified by a unique key and has a set of attributes, such as maximum size, current size, permissions, etc. A message is a variable-length block of data that has a type and a length. Processes can send messages to a message queue using the msgsnd system call and receive messages from a message queue using the msgrcv system call. The kernel maintains a message queue table, which is an array of message queue descriptors. A message queue descriptor is a structure that contains information about a message queue, such as its key, attributes, pointers to messages, etc.
Semaphores are data structures that allow processes to synchronize their access to shared resources. A semaphore is identified by a unique key and has a set of attributes, such as initial value, permissions, etc. A semaphore also has a value and a list of processes that are waiting for it. Processes can perform two operations on a semaphore: wait and signal. The wait operation decrements the value of the semaphore by one if it is positive, or blocks the process if it is zero or negative. The signal operation increments the value of the semaphore by one and wakes up one of the waiting processes if any. Processes can perform these operations on one or more semaphores using the semop system call. The kernel maintains a semaphore table, which is an array of semaphore descriptors. A semaphore descriptor is a structure that contains information about a semaphore, such as its key, attributes, value, list of waiting processes, etc.
the low-level functions that communicate with the physical or virtual terminal device, such as reading and writing characters, setting and getting parameters, etc.
The kernel uses various functions to manipulate tty, such as:
tty_open: This function is called by a process to open a tty. It checks if the tty device file exists and if the process has permission to access it. It then allocates a free slot in the tty table for the new tty descriptor, initializes its fields, and returns its file descriptors to the process.
tty_read: This function is called by a process to read data from the input end of a tty. It checks if there is any data available in the input buffer of the tty, and if so, it copies it to the user space of the process and returns the number of bytes read. If there is no data available, it blocks the process until some data is received by the tty driver from the terminal device or until the output end of the tty is closed.
tty_write: This function is called by a process to write data to the output end of a tty. It checks if there is any space available in the output buffer of the tty, and if so, it copies the data from the user space of the process and returns the number of bytes written. If there is no space available, it blocks the process until some space is freed by the tty driver to the terminal device or until the input end of the tty is closed.
tty_close: This function is called by a process to close one or both ends of a tty. It decrements the reference count of the file descriptor and releases it if it reaches zero. It also checks if both ends of the tty are closed, and if so, it frees the slot in the tty table and releases the buffers.
tty_ioctl: This function is called by a process to perform various control operations on a tty, such as setting and getting attributes, line discipline, driver, etc. It passes the request and arguments to the corresponding tty driver function and returns its result.
File systems in Linux
What are file systems and how do they organize data on disks
File systems are mechanisms that allow processes to store and retrieve data on disks. A file system organizes data into files and directories. A file is a sequence of bytes that has a name and attributes, such as size, permissions, owner, etc. A directory is a special type of file that contains entries for other files and directories. A file system also maintains metadata that describes its structure and properties, such as superblock, inode table, bitmap, etc.
File system Creator Year of introduction Original operating system Advantages Disadvantages --- --- --- --- --- --- FAT Microsoft 1977 Microsoft Standalone Disk BASIC-80 Simple and widely compatible Limited file size and disk size, no security or journaling NTFS Microsoft 1993 Windows NT 3.1 Supports large files and disks, security, compression, encryption, journaling, etc. Not compatible with some older or non-Windows systems ext2/3/4 Rémy Card, Stephen Tweedie, Theodore Ts'o 1992/1999/2008 Linux Supports large files and disks, journaling, permissions, etc. Not compatible with Windows systems without third-party software HFS/HFS+ Apple 1985/1998 System 1/Mac OS 8.1 Supports large files and disks, compression, encryption, journaling, etc. Not compatible with Windows systems without third-party software exFAT Microsoft 2006 Windows CE 6.0 Supports large files and disks, compatible with Windows and Mac systems No security or journaling, not compatible with some older or non-Windows systems Loadable modules in Linux
What are loadable modules and how do they extend the functionality of the kernel
Loadable modules are pieces of code that can be dynamically loaded into and unloaded from the kernel at runtime. They are used to extend the functionality of the kernel without requiring a recompilation or a reboot. Loadable modules can implement various features such as device drivers, file systems, network protocols, etc.
The kernel maintains a module table, which is an array of module descriptors. A module descriptor is a structure that contains information about a module, such as its name, version, dependencies, references, etc. The kernel also maintains a symbol table, which is a data structure that stores the names and addresses of symbols (such as variables and functions) defined by the modules.
The kernel uses various functions to manipulate modules, such as:
init_module: This function is called by a process to load a module into the kernel. It checks if the module file exists and if the process has permission to load it. It then allocates memory for the module code and data segments, copies them from the user space of the process to the kernel space, resolves any symbol references using the symbol table, initializes any global variables or data structures defined by the module, calls the module initialization function (if any), adds the module to the module table and updates its fields.
delete_module: This function is called by a process to unload a module from the kernel. It checks if the module name exists and if the process has permission to unload it. It then checks if the module has any dependencies or references from other modules or processes, and if not, it calls the module cleanup function (if any), frees the memory allocated for the module code and data segments, removes any symbols defined by the module from the symbol table, removes the module from the module table and updates its fields.
the process has permission to query it. It then retrieves the information requested by the process, such as the module version, dependencies, references, symbols, etc., and returns it to the process.
Loadable modules can be manipulated by user programs using system calls or commands. For example, the insmod command can be used to load a module into the kernel, the rmmod command can be used to unload a module from the kernel, and the lsmod command can be used to list the modules currently loaded in the kernel.
Administration in Linux
What are administration tasks and how do they maintain the system performance and security
Administration tasks are activities that involve managing and maintaining the system performance and security. They include tasks such as:
Monitoring the system resources and processes
Managing the users and groups
Configuring the system settings and parameters
Installing and updating the software and hardware components
Backing up and restoring the data
Securing the system from unauthorized access and attacks
Troubleshooting and resolving any issues or errors
The kernel provides various tools and functions to perform administration tasks, such as:
ps: This tool is used to display information about the processes running on the system, such as their PID, PPID, state, CPU usage, memory usage, etc.
top: This tool is used to display the dynamic information about the system resources and processes, such as the CPU load, memory usage, disk usage, network usage, etc.
useradd: This function is used to create a new user account on the system. It sets up the user's home directory, password, UID, GID, shell, etc.
userdel: This function is used to delete an e