- 1. container_of.c module
- 2. FILE, LINE and func
- 3. list.c module
- 4. hashtable.c module
- 5. wait_queue.c module
- 6. params.c module
- 7. cdev.c module
- 8. sys_fs.c module
- 9. debugfs.c module
- 10. ioctl.c module
- 11. kthread.c module
- 12. export_symbols.c and use_symbols.c modules
- 13. Mutex module
- 14. atomic.c module
- 15. spinlock.c module
- 16. TODO: Workqueue
- 17. TODO: Tasklets
- 18. timer.c module
- 19. misc_driver.c module
- 20. static_completion.c and dynamic_completion.c modules
- 21. TODO: mmap
- 22. simple virtual file system module
- 23. TODO: Mouse
- 24. TODO: Keyboard sniffer Module
- 25. My patch for Task 14 of the Eudyptula Challenge
- 26. ps -aux Module!
How to watch dmesg live ?!
run this script: sudo sh printk_live.sh
1. container_of.c module
Simple use of container_of macro.
1.1. container_of_container_of.c module
I tried to make things more complicated by accessing the container_of of the container_of struct. insmod it & dmesg.
A very simple way, less time-consuming for inserting printk and providing the possibility to analyze the flow of instructions for tests is the use of the predefined constants FILE, LINE and func. insmod it & dmesg.
4. hashtable.c module
Simple example of <linux/hashtable.h>. insmod it & dmesg.
4.1. phone_table.c module
Another example of <linux/hashtable.h>. insmod it & dmesg.
5. wait_queue.c module
please read header comment in wait_queue.c to refresh your knowledge.
5.1. wait_queue_proc.c module
First let me explain to you what should the module do:
After inserting the module, it will wait for you until you give it a specific action to complete the rest of its work.
This behavior is just like a completion. a completion built on top of waitqueue.
How to use: (watch dmesg live)
$ insmod wait_queue.ko & $ echo "hi" > /proc/mydev & $ echo "bla" > /proc/mydev & $ rmmod wait_queue.ko
5.2. waitqueue2.c module
Another example for static waitqueue
How to use: (watch dmesg live)
$ sudo insmod waitqueue2.ko $ sudo cat /dev/etx_device $ rmmod waitqueue2
here is a dynamic version.
Passing Arguments to Device Driver. like: argc & argv
How to use:
$ insmod params.ko myshort=5 myint=100 mystring="Sohaib" myintArray=3,7
6.1. cb_params.c module
Register the callback whenever the argument (parameter) got changed.
insmod & enjoy watching dmesg live!
$ insmod cb_params.ko myint=50 $ echo 333 > /sys/module/cb_params/parameters/myint
Complete char device driver with user-level app for testing.
to test the driver:
$ insmod cdev.ko $ ./test_cdev
How to use:
$ insmod sys_fs.ko $ ls /sys/kernel/sma_sysfs/ $ cat /sys/kernel/sma_sysfs/sma_value $ echo 44 > /sys/kernel/sma_sysfs/sma_value $ cat /sys/kernel/sma_sysfs/sma_value $ rmmod sys_fs
Please read Documentation/filesystems/sysfs.rst and Documentation/core-api/kobject.rst
How to use:
$ insmod debugfs.ko $ ls -l /sys/kernel/debug/sma_debugfs/ $ cat /sys/kernel/debug/sma_debugfs/sma_u8 $ echo 77 > /sys/kernel/debug/sma_debugfs/sma_u8 $ cat /sys/kernel/debug/sma_debugfs/sma_u8 $ rmmod debugfs
Please read Documentation/filesystems/debugfs.rst (Done)
How to use:
$ insmod ioctl.ko $ ./test_ioctl
Nice example from other people:
please see
-
Documentation/driver-api/ioctl.rst -
ioctl man page
-
https://stackoverflow.com/questions/15807846/ioctl-linux-device-driver
-
Google: ioctl linux kernel
How to use: (watch dmesg live)
$ insmod kthread.ko
See your kernel thread:
$ ps -aux | grep "SMA Thread"
12. export_symbols.c and use_symbols.c modules
export_symbols.c shares some dummy symbols (variables & functions).
use_symbols.c uses these dummy symbols. How to use: (insert and remove use_symbols.ko many times and watch dmesg)
$ insmod export_symbols.ko $ insmod use_symbols.ko $ rmmod use_symbols $ insmod use_symbols.ko $ rmmod use_symbols $ insmod use_symbols.ko $ rmmod use_symbols
Check if your symbols really engaged to your kernel:
$ cat /proc/kallsyms | grep SOHAIB_ $ cat /proc/kallsyms | grep sohaib_
I made a very nice trick :D see trick_kallysms.c module.
After inserting export_symbols.c module I took the address of SOHAIB_CONUT symbol from /proc/kallsyms file, then I used it as a hard code in trick_kallysms.c :))
Prerequisites: Make should you understand Kthread.
How to use it: insmod mutex.ko and enjoy watching dmesg live.
This code snippet explains how to create two threads that access a global variable (etx_gloabl_variable). So before accessing the variable, it should lock the mutex. After that, it will release the mutex.
This way is not the most optimal way for locking, because whole the critical section is just singel int var, and you used mutex for locking, this adds moree overhead, the best way here is to use Atomic ops.
Reference: Documentation/kernel-hacking/locking.rst
Trivial example touchs some Atomic ops APIs.
Another nice example. insmod it and dmesg it live..
15. spinlock.c module
How to use it: insmod spinlock.ko and enjoy watching dmesg live.
Prerequisites: Make should you understand Kthread.
This code snippet explains how to create two threads that access a global variable (etx_gloabl_variable). So before accessing the variable, it should lock the spinlock. After that, it will release the spinlock.
Here is Read write spinlock example. insmod it and dmesg it live..
Here is seqlock.c example. insmod it and dmesg it live..
Reference:
-
Documentation/kernel-hacking/locking.rst -
Documentation/locking/spinlocks.rst -
Documentation/locking/locktypes.rst
Simple example of <linux/timer.h>. insmod it & enjoy watching dmesg live.
Please, don’t panic. Here is a simple sturcure of any timer.
19. misc_driver.c module
What misc driver mean?! What is the difference between misc drivers and char drivers?!
How to use it:
$ insmod misc_driver.ko $ ls -l /dev/simple_sma_misc $ echo 1 > /dev/simple_sma_misc $ cat /dev/simple_sma_misc $ rmmod misc_driver
20. static_completion.c and dynamic_completion.c modules
Read Documentation/scheduler/completion.rst
First, Let me explain to you the concept of driver code.
In this source code, two places we are sending the complete call. One from the read function and another one from the driver exit function.
I’ve created one thread (wait_function) which has while(1). That thread will always wait for the event to complete. It will be sleeping until it gets a complete call. When it gets the complete call, it will check the condition. If the condition is 1 then the complete came from the read function. It is 2, then the complete came from the exit function. If complete came from the read function, it will print the read count and it will again wait. If it is coming from the exit function, it will exit from the thread.
Here I’ve added two versions of code.
-
Completion created by static method
-
Completion created by dynamic method
But operation wise, both are the same.
How to use it - watch dmesg live: ( static version)
$ insmod static_completion.ko $ sudo cat /dev/sma_device $ rmmod static_completion
How to use it - watch dmesg live: ( dynamic version)
$ insmod dynamic_completion.ko $ sudo cat /dev/sma_device $ rmmod dynamic_completion
subset of fops
22. simple virtual file system module
I try to get familiar with the interface exposed by the Linux and the Virtual File System (VFS) component. so I made a simple, virtual file system driver (i.e. without physical disk support).
How to use it:
$ sudo chmod +x test_myfs.sh $ sh test_myfs.sh
Further reading: Look at the comment for header of myfs.c file.
24. TODO: Keyboard sniffer Module
This module uses the keyboard IRQ, inspect the incoming key codes and stores them in a buffer. The buffer will be accessible from userspace via character device driver.
How to use it:
25. My patch for Task 14 of the Eudyptula Challenge
This module adds a new proc file for every task called, "sma_pid", located in the
/proc/${PID}/ directory for that task.
When the proc file is read from, have it print out the value of PID. see demo video..
google: sequence file Documentation/filesystems/seq_file.txt
Linux kernel modules act almost like $(ps aux) command.
See list_proc.c, minimal sample all that he does is printing out a list of all processes PIDs and names in dmesg.
26.1. Dynamic debug (dyndbg)
Reference: Documentation/admin-guide/dynamic-debug-howto.rst here are alot of very nice examples ;)
How to use it - watch dmesg live: ( minimal sample )
$ insmod minimal_dyndbg.ko # filter my fie name $ echo "file minimal_dyndbg.c +p" > /sys/kernel/debug/dynamic_debug/control $ rmmod minimal_dyndbg
Filter by specific string:
$ insmod minimal_dyndbg.ko # filter all messages marked as "Important" $ echo "format "Important" +p" > /sys/kernel/debug/dynamic_debug/control $ rmmod minimal_dyndbg
Another example: Filter by function
$ insmod dyndbg.ko # filter all messages in func hello_read & hello_write $ echo "func hello_read +p; func hello_write +p" > /sys/kernel/debug/dynamic_debug/control $ cat /dev/dyndbg $ echo 33 > /dev/dyndbg $ rmmod dyndbg
Filter by line:
$ insmod dyndbg.ko # filter all messages between 14-26 lines $ echo "line 14-26 +p" > /sys/kernel/debug/dynamic_debug/control $ rmmod dyndbg
netlink.c