The concept of a process is fundamental to any multiprogramming operating system. A process is usually defined as an instance of a program in execution. They are often called tasks or threads in Linux source code.

struct task_struct

To manage processes, the kernel must have a clear picture of what each process is doing. It must know, for instance, the process’s priority, whether it is running on a CPU or blocked on an event, what address space has been assigned to it, which files it is allowed to address, and so on. This is the role of the process descriptor, a task_struct type structure whose fields contain all the information related to a single process.

In this article I will demonstrate how to edit kernel global variables using KDB. I am assuming that the kernel is compiled for debugging and it had CONFIG_KALLSYMS enabled during configuration.
KDB is one of the debugger front ends available in Linux which interfaces to the debug core. The other one is KGDB. KDB is a simplistic shell-style interface which can be used on a system console with a keyboard or serial console. It can used to inspect memory, registers, process lists, dmesg and even set breakpoints to stop in a certain location. It is however not a source debugger, although it is possible to set breakpoints and execute some basic kernel run control. It is mainly aimed at doing some analysis to aid in development or diagnosing kernel problems.

Here I am going to demonstrate what goes into incorporating a system call in a Linux 2.6 (on x86 architecture)

When a user mode process invokes a system call, the CPU switches to kernel mode and starts the execution of a kernel function. The switch to kernel mode is achieved using the int $0x80 or the sysenter instructions. The net result of both methods, however is a jump to an assembly language function called the system call handler. The user land process that calls the system call must pass a parameter called the system call number to identify the required system call. The %eax register is used for this purpose.

In this article, I will demonstrate how to edit a global variable of a user land process using GDB. A simple use case of this method that comes to mind is editing the value representing the number of licenses of a product.

Kexec uses the image overlay philosophy of the UNIX exec() system call to spawn a new kernel over a running kernel. Essentially, it skips the boot loader stage and directly loads the new kernel into memory, where it starts executing immediately. Kexec’s most popular user is Kdump.

Kdump is used to capture the crash dump from the context of a freshly booted kernel and not from the context of the crashed kernel.
The first kernel reserves a section of memory that the second kernel uses to boot. Kdump is supported in i686, x86_64,a64 and ppc64 platforms.

I am writing this post to introduce my friend’s brand new export business. He needs some web traffic into his website to increase the site’s search ranking, hence the post.

PSN Exim

PSN Exim is an export company that specializes in commodity trading. The company is based in Bangalore with it’s office in RMZ Infinity, Old Madras Road. The company trades both soft commodities such as a variety of spices and agarwood and hard commodities such as natural stones, minerals and steam coal. The materials are sourced internationally from South Africa, Australia, South America and domestically from Rajasthan, Karnataka, Gujarat, AP and Assam. Please head over to the website PSN Exim to know more.