Presentation is loading. Please wait.

Presentation is loading. Please wait.

Creating a device-file node An introduction to some privileged Linux system-calls (needed for an upcoming programming exercise)

Published bySophie Lang Modified over 9 years ago

Similar presentations

Presentation on theme: "Creating a device-file node An introduction to some privileged Linux system-calls (needed for an upcoming programming exercise)"— Presentation transcript:

1 Creating a device-file node An introduction to some privileged Linux system-calls (needed for an upcoming programming exercise)

2 A device-driver example We want to build a simple device-driver, one that would let ordinary applications read and/or write to the CMOS memory (e.g. to adjust the date or time-of-day) This will require that we have a so-called device ‘special’ file in the ‘/dev’ directory Creating such a file normally requires the privileges of a System Administrator – but could be accomplished via a suitable LKM

3 The Linux commands If a System Administrator wanted to setup a device-file in the ‘/dev’ directory named ‘cmos’ that has read-and-write privileges, the following commands would be used: root# mknod /dev/cmos c 70 0 root# chmod a+rw /dev/cmos Here the ‘c’ argument indicates that the file-node is for a ‘character-mode’ device Values 70 and 0 are arbitrary id-numbers

4 Removing a device-file To delete a file from the ‘/dev’ directory, the SysAdmin uses the ‘unlink’ command: root# unlink /dev/cmos Because of standard privilege-restrictions on the ‘/dev’ directory, these commands will fail if executed by unprivileged users Students have not been given sufficient privileges to successfully execute these ‘mknod’, ‘chmod’ and ‘unlink’ commands

5 LKM’s have full privileges But CS students in this class DO possess privileges that allow them to install, and to remove, Linux kernel modules: user$ /sbin/insmod cmos.ko user$ /sbin/rmmod cmos.ko While installed, modules execute inside the kernel itself, with no privilege barriers Hence we should be able to perform the steps necessary to create a device-file!

6 Developers disapprove! The Linux developers want a ‘secure’ OS, so they have not made it convenient for us to create modules that would bypass the expected privilege-restrictions For example, they use ‘information hiding’ capabilities of the GNU “C” compiler to conceal the locations of kernel-code that performs ‘mknod’, ‘chmod’, and ‘unlink’

7 ‘Open Source’ philosophy At the same time, the Linux developers do adhere to the ‘Open Source’ philosophy – the kernel’s source-files are available in a tree-structured sub-directory: $ cd /usr/src/linux The protocol for invoking system-services is widely known, and the ID-numbers for system-calls are in this header-file: $ cat include/asm/unistd.h

8 How to invoke ‘unlink’ This in-line assembly language code, used within an LKM, can ‘unlink’ a device-file: #include // for get_fs(), set_ds() char pathname[] = “/dev/cmos”;// pathname for file to be ‘unlinked’ int retval;// for the system-call’s return-value { set_fs( get_ds() );// allow kernel to address our data asm(“ pushal “);// preserve registers asm(“ mov $10, %eax “);// ID for ‘sys_unlink()’ asm(“ mov $pathname, %ebx “);// address of pathname asm(“ int $0x80 “);// invoke kernel service asm(“ mov %eax, retval “);// save the return-value asm(“ popal “);// recover registers }

9 How to invoke ‘mknod’ #include // for get_fs(), set_ds() char pathname[] = “/dev/cmos”;// pathname for file to be ‘unlinked’ int retval;// for the system-call’s return-value { set_fs( get_ds() );// allow kernel to address our data asm(“ pushal “);// preserve registers asm(“ mov $14, %eax “);// ID for ‘sys_mknod()’ asm(“ mov $pathname, %ebx “);// address of pathname asm(“ mov $020000, %ecx “);// S_IFCHR constant asm(“ mov $70, %edx “); // our driver ID-number asm(“ shl $8, %edx “); // DH=major, DL=minor asm(“ int $0x80 “);// invoke kernel service asm(“ mov %eax, retval “);// save the return-value asm(“ popal “);// recover registers }

10 How to invoke ‘chmod’ #include // for get_fs(), set_ds() char pathname[] = “/dev/cmos”;// pathname for file to be ‘unlinked’ int retval;// for the system-call’s return-value { set_fs( get_ds() );// allow kernel to address our data asm(“ pushal “);// preserve registers asm(“ mov $15, %eax “);// ID for ‘sys_chmod()’ asm(“ mov $pathname, %ebx “);// address of pathname asm(“ mov $000666, %ecx “);// read-and-write by all asm(“ int $0x80 “);// invoke kernel service asm(“ mov %eax, retval “);// save the return-value asm(“ popal “);// recover registers }

11 Use ‘man’ for prototypes Many of the Linux system-calls use the names of standard library-functions and employ the same function-arguments So the ‘man’ page for the library-function will often give the system-call’s prototype Example:$ man 2 mknod (You need the ‘2’ here -- or you’ll get the manual-page for the ‘mknod’ command)

12 Parameter-passing rule Assembly language code that invokes a system-call always uses register EAX to pass the system-call’s ID-number The system-call’s parameters (up to five) are then passed to the kernel in these registers (and in this order): EBX, ECX, EDX, ESI, EDI Obviously this rule would only apply to a Linux version for the 32-bit x86 platforms

13 In-class exercise #1 Compile and install our ‘tempcdev.c’ LKM (from the class website), then verify using the ‘ls’ command that the ‘/dev/cmos’ file exists (and look at its access-permissions) Remove that LKM, and use ‘ls’ to confirm that the ‘/dev/cmos’ file has been deleted Use the ‘dmesg’ command to display the messages in your machine’s kernel logfile

14 In-class exercise #2 The file created by our ‘tempcdev.c’ LKM has ‘read-only’ permissions. So can you modify its ‘module_init()’ function so that the ‘/dev/cmos’ file will get created with both ‘read’ and ‘write’ access-privileges?

15 Reminder! Information presented in tonight’s lesson carries with it the responsibility of ethical behavior on your part – do not misuse it! You are NOT authorized to look at other users’ files -- nor to erase or modify files which do not belong to you

Download ppt "Creating a device-file node An introduction to some privileged Linux system-calls (needed for an upcoming programming exercise)"

Similar presentations

Linux device-driver issues

Linux device-driver issues
Computer System Laboratory

Computer System Laboratory
Using our device-drivers How can an application display the data in a device special file?

Using our device-drivers How can an application display the data in a device special file?
Assembly Language for x86 Processors 6th Edition Chapter 5: Procedures (c) Pearson Education, 2010. All rights reserved. You may modify and copy this slide.

Assembly Language for x86 Processors 6th Edition Chapter 5: Procedures (c) Pearson Education, All rights reserved. You may modify and copy this slide.
Using VMX within Linux We explore the feasibility of executing ROM-BIOS code within the Linux x86_64 kernel.

Using VMX within Linux We explore the feasibility of executing ROM-BIOS code within the Linux x86_64 kernel.
Operating System Security : David Phillips A Study of Windows Rootkits.

Operating System Security : David Phillips A Study of Windows Rootkits.
Computer Science 635 Advanced Systems Programming Fall 2007 Professor Allan Cruse.

Computer Science 635 Advanced Systems Programming Fall 2007 Professor Allan Cruse.
The ‘system-call’ interface We see how an application program can invoke privileged kernel services.

The ‘system-call’ interface We see how an application program can invoke privileged kernel services.
The ‘system-call’ ID-numbers How can Linux applications written in assembly language create and access files?

The ‘system-call’ ID-numbers How can Linux applications written in assembly language create and access files?
Inline Assembly Section 1: Recitation 7. In the early days of computing, most programs were written in assembly code. –Unmanageable because No type checking,

Inline Assembly Section 1: Recitation 7. In the early days of computing, most programs were written in assembly code. –Unmanageable because No type checking,
Exploring the UNIX File System and File Security

Exploring the UNIX File System and File Security
Character Driver Issues Implementing ‘/dev/physmem’

Character Driver Issues Implementing ‘/dev/physmem’
Timeout for some demos An instructive look at how the Linux Operating System sets up system data-structures.

Timeout for some demos An instructive look at how the Linux Operating System sets up system data-structures.
SiS 315 Graphics Engine Introduction to some capabilities of graphics accelerator hardware.

SiS 315 Graphics Engine Introduction to some capabilities of graphics accelerator hardware.
Standard C Libraries Application Programmming Interface to System-Calls.

Standard C Libraries Application Programmming Interface to System-Calls.
Our first 64-bit ventures How to remotely access our new Core-2 Duo platforms for some exploration and programming.

Our first 64-bit ventures How to remotely access our new Core-2 Duo platforms for some exploration and programming.
1 ICS 51 Introductory Computer Organization Fall 2006 updated: Oct. 2, 2006.

1 ICS 51 Introductory Computer Organization Fall 2006 updated: Oct. 2, 2006.
How to make a pseudo-file As a follow-up to our first lab, we examine the steps needed to create our own ‘/proc’ file.

How to make a pseudo-file As a follow-up to our first lab, we examine the steps needed to create our own ‘/proc’ file.
CS-502 Fall 2006Project 1, Fork1 Programming Project 1 – Fork.

CS-502 Fall 2006Project 1, Fork1 Programming Project 1 – Fork.
Chapter 12: High-Level Language Interface. Chapter Overview Introduction Inline Assembly Code C calls assembly procedures Assembly calls C procedures.

Chapter 12: High-Level Language Interface. Chapter Overview Introduction Inline Assembly Code C calls assembly procedures Assembly calls C procedures.

Similar presentations

Ads by Google