Kernel mode programming

Zera William Holladay zholla1 at uic.edu
Tue Jan 18 11:35:14 PST 2005 


On Tue, 18 Jan 2005, Kamal R. Prasad wrote:

>
> --- Zera William Holladay <zholla1 at uic.edu> wrote:
>
> >
> >
> [snip]
> >
> > My understanding is that when a system call is made
> > from a user process,
> > there is a trap into the kernel, the state of the
> > user process is saved
> > and the address of the system call is determined by
> > a looking up the
> > address of the system call in vector table.
> >
> Not exactly. When you execute a system call on the
> kernel side, you execute it in the context of the
> process. There is a per-process kernel stack -so you
> don't save a copy of the process to execute the sys
> call.
>
> > I assume that a kernel module would at least have to
> > push the parameters
> > of the system call, push some of its registers, jump
> > to the address space
> > of the system call and return.  Further I assume,
>
> When you call another function from within the kernel,
> it is like calling another function within userspace.
> The args get pushed onto stack and there is space for
> retval etc.
>
> > the kernel would have to
> > copy the parameters of the system call to another
> > address, since it is
> > possible for the call to be interrupted and some of
>
> If the syscall is interrupted, it won't affect the
> params as they will essentially be local variables in
> the syscall. An interrupt handler won't corrupt the
> args to the syscall for sure.
>
> > the parameters to be
> > corrupted.
> >
> It is possible that the userspace may pass a pointer
> which gets freed before the kernel is finished with
> accessing it. That is why, a system call
> implementation does a copyin() on entry and when it
> wants to reflect the data to userspace, it does a
> copyout().
>
> > I am really asking a question out of blind ignorance
> > in an attempt to
> > learn more about what goes on with the kernel.  What
> > is the difference
> > between a system call made from the kernel and a
> > system call made from
> > user code?
> >
>
> The differece is that in one, you do a context switch
> in one and in another you don't. The function names
> change eg:- open() is syscall name, and underlying
> function in kernel would be sys_open() -so from within
> kernel, you call sys_open() instead of open() as in
> userspace.
>
> regards
> -kamal

Thanks, that makes sense.

-Zera

More information about the freebsd-hackers mailing list