The Kernel

The kernel of an operating system provides a standard interface for the user's processes to use the non-standard functionality served by the varied hardware of different machines.

What a process does is determined by the program being run.

Thus user programs developed for the Linux kernel can run on any hardware the Linux kernel can run on.

The Linux kernel serves the following functionality;

• Process Management - Creating and destroying  processes. Signals - Sending and receiving signals, timers.
• Network Management -
• File System - Creating, deleting and renaming directories and files, querying information, links and changing directories. Files - Creating, opening and closing files, reading and writing, querying information and status of files.
• Memory Management -
• Device Drivers -
• Kernel Object Management -

"User Processes" access these functions through "System Calls".

Process Management

The Linux can support the running of multiple independent processes each with its own memory space. CPU time allocation is called scheduling. Processes are "idle" when not "running".

The kernel starts the init process which starts other processes. Processes can start other processes and so form a process tree from init that can be seen by typing;

pstree

at the command prompt. Each process has a unique Process Identification Number (PID).

There will be user processes and kernel processes shown in brackets. A process name followed by / and a number gives the number of the processor running that process.

There are two ways create a new process from another process.

Fork - Creates an exact copy of the current process running the same program.

Exec - Loads a new program replacing the old program and starting the new one.

A single program can create multiple execution "threads" i.e. concurrent processes executing the same program and sharing the same memory. Care has to be taken to ensure that problems don't arise due to sharing memory.

The kernel provides the clone method which is similar to fork but allows control of which resources are shared allowing an almost continuous transition between threads and processes.

Signals

Processes can send signals to one another consisting of an integers. All that is required is the PID and the integer value. Certain standard values have particular meanings.

The ptrace command allows another process to be monitored.

Timing TODO

The kernel keeps track of the flow of time by means of timer interrupts that increment a kernel variable called jiffies or jiffies_64.

Network Management

Networks are accessed via the kernels socket interface.

File System

Many file system approaches are supported by linux, ReiserFS, XFS, VFAT and more recently the extended file system Ext2, Ext3 and Ext4. These are the physical file systems.

The kernel provides a "Virtual File System" to isolate user programs from the physical file system.

Memory Management

The virtual memory address space is 2³² on 32 bit machines and 2⁶⁴ on 64 bit machines.

The virtual address space is divided into two parts "User Space" running from 0 to TASK_SIZE and "Kernel Space" running on to 2³² or 2⁶⁴.

All virtual address pages are mapped onto physical memory pages either in RAM or on disk. The physical pages are called page frames.

Every process has its memory mapped from 0 to TASK_SIZE although the physical addresses will be unique to each process.

When a page in virtual memory is accessed that is not in physical memory the CPU identifies a "page fault" and the kernel begins a process to swap the required page into RAM.

Physical Memory

Page tables are used to determine where the physical pages are corresponding to any virtual pages. These can be multi-level affairs on 64 bit machines.

Memory is allocated in blocks of 1,2,4,8,16,.. pages. Blocks can be merged or split. This approach helps with fragmentation issues. (Read about the "Buddy allocation system" to know more about how this is done.)

The kernel often needs to allocate less than a page and so uses uses the "slab allocator" to sub-allocate from blocks.

Device Drivers

There are two classes of device;

• Character Devices - Are devices that deal with streams of data written and read sequentially such as network or serial ports.
• Block Devices - Are devices that deal with blocks of data that can be randomly accessed such as hard disks.

Device drivers are modules that serve the functions necessary to use a device in a standard way.

Modules

Modules are parts of the kernel that can be added and removed while the kernel is running. Almost any part of the kernel can be implemented as a module. Modules must provide certain functions to initialise and terminate the module within the kernel. Otherwise module code is identical to code permanently in the kernel.

Modules are used for device drivers, file systems, network protocols etc.

When hardware is plugged in the system can automatically detect the new device and load the correct device driver.

• Linux Device Drivers, 3rd EditionBy Jonathan Corbet, Greg Kroah-Hartman, Alessandro Rubini

Object Management

C structures are considered "objects" in the kernel and there are of course many of these. The kernel object functionality includes handling;

• Reference counted of objects
• Sets of objects & locking of sets
• Querying object variables from user processes (via the sysfs filesystem)

Links

More detailed information on the Linux Kernel can be found on these links;

• The Linux kernel by Andries Brouwer
• Introduction to Linux, A Hands on Guide by Machtelt Garrels

• The Linux Kernel by David A Rusling
• Introduction to Linux A Hands on Guide Machtelt Garrels
• The Linux Documentation Project

TODO Namespaces

© Tom de Havas 2011. The information under this section is my own work it may be reproduced without modification but must include this notice.