Hacking the Linux Kernel¶
Introduction¶
After downloading the Linux kernel sources (4.15), you will be able to implement new features to your kernel yourself. In this tutorial we will first investigate how the kernel is organized, then we will make some modifications and generate patches.
Note that you must have a working environment (see previous tutorials).
What you find there¶
First go to the Linux sources which are located within your linux-4.15
directory. Once you open and see the top directory of the source tree,
you will find a lot of directories and files in them.
Directories are roughly organized as follows:
Directory |
Description |
|---|---|
arch |
Architecture dependent code |
block |
Block device abstraction |
drivers |
Device drivers |
fs |
File systems |
include |
Header files |
init |
Initialization |
kernel |
Kernel core |
lib |
Misc libraries |
mm |
Memory management |
net |
Networking |
virt |
Virtualization |
Note that in our case we will only focus on the intel x86 (32 bits) architecture. All other architectures (e.g., ARM) can be omitted in our case.
Quickly have a look¶
All the behaviors of Linux is “defined” in the source code. Supposedly you can find implementations of OS components that you learned in the theoretical course.
As an example, we will first consider the syscalls table. You can find
the table for 32bits x86 architecture at
arch/x86/entry/syscalls/syscall_32.tbl.
#
# 32-bit system call numbers and entry vectors
#
# The format is:
# <number> <abi> <name> <entry point> <compat entry point>
#
# The __ia32_sys and __ia32_compat_sys stubs are created on-the-fly for
# sys_*() system calls and compat_sys_*() compat system calls if
# IA32_EMULATION is defined, and expect struct pt_regs *regs as their only
# parameter.
#
# The abi is always "i386" for this file.
#
0 i386 restart_syscall sys_restart_syscall __ia32_sys_restart_syscall
1 i386 exit sys_exit __ia32_sys_exit
2 i386 fork sys_fork __ia32_sys_fork
3 i386 read sys_read __ia32_sys_read
4 i386 write sys_write __ia32_sys_write
5 i386 open sys_open __ia32_compat_sys_open
6 i386 close sys_close __ia32_sys_close
.
.
We encourage you to take a look and investigate on your own.
Exercise: hack the kernel¶
For this part, you will “hack” the kernel by adding two minimal features:
First you will add your name and your email address in the credits.
Then you will add a message “[INFO0940] HELLO WORLD” into the Linux’s boot procedure.
We leave it to you to find where you need to add these changes.
However, it would be interesting to have a look at the init folder
to add the message during the boot procedure. Once the file is found,
you must add the following line:
printk(KERN_INFO "[INFO0940] HELLO WORLD");
After this step, compile your kernel, install it on your reference machine and then check if you see the message appears with the following command:
$ dmesg|grep INFO0940
If you see the message, you have correctly modified your kernel. If it is not the case, try again and persevere!
The next step is to generate patch(es). Basically, we will use your patches to test your projects (e.g., project2). In order to generate (several) patch(es), perform the following command within your Linux folder:
$ git add <your updated files>
$ git commit -m "Add credits + message during boot procedure"
$ git format-patch <hash of the init commit> #use 'git log' to find it
This command will create one patch per commit. Therefore, you can have several patches if the mentioned commit_id is not the previous one. In that case, send all patches on the submission platform.
Danger
If you have several patches, make sure that they are in the right order (e.g., 001_patch1, 002_patch2, …). Use the mv command to rename patch(es).
We have written a dummy project (called Adding a boot Message (NOT MARKED)) on the submission platform , you can use it to test your patches (for this tutorial). It will also be useful to be prepared for the second project. Note that the marks of this dummy project must not to be considered for the course. They are just fake marks to test yourself.