Slashdot Mirror

← Back to Stories (view on slashdot.org)

Become a Linux Kernel Hacker and Write Your Own Module

Posted by Soulskill on from the or-else dept.

M-Saunders (706738) writes "It might sound daunting, but kernel hacking isn't a mysterious black art reserved for the geekiest of programmers. With a bit of background knowledge, anyone with a grounding in C can implement a new kernel module and understand how the kernel works internally. Linux Voice explains how to write a module that creates a new device node, /dev/reverse, that reverses a string when it's written to it. Sure, it's not the most practical example in the world, but it's a good starting point for your own projects, and gives you an insight into how it all fits together."

32 of 143 comments (clear)

  1. Oh no! by fizzer06 · · Score: 5, Funny

    Just to have Linus publicly cuss me out? No thanks!

    1. Re:Oh no! by wjcofkc · · Score: 2

      I've been following the Enlightenment project since its inception. A few months ago I had to hop on their mailing list and ask a question for the first time. Rasterman replied, which itself seemed an honor. Doubly so that he kinda called me an idiot in that round about way he does. It was a good day.

      --
      Brought to you by Carl's Junior.
    2. Re:Oh no! by wjcofkc · · Score: 2

      It's not horrible, it's............ misunderstood. : P

      Seriously though, I could write several thousand words on why I love Enlightenment. I've been using Linux since 1996 and right now I am running the Bodhi beta and it's the best experience I've ever had with a DE. Keep in mind, development stalled for over a decade and only recently restarted. Enlightenment is now being developed at breakneck pace and they have some really cool stuff going on. Although I personally can't imagine going with anything less, at the end of the day I advise most people to use something else like.... elementary OS. The fact is Enlightenment is simply to complicated for most people to bother with the learning curve.

      --
      Brought to you by Carl's Junior.
  2. Very true... by MindPrison · · Score: 4, Interesting

    ...I remember my first meeting with Slackware, it was a Linux distro that provoked any user to learn stuff from scratch, and you HAD to use the command line (bash/shell) to install it if you wanted to use it. This forced me to learn Linux. (At least some of the basics)

    It also came with a Kernel compilation system + all the needed libraries and packages, so compiling to your own computer was a few commands and worked right out of the box. And then my curiosity got piqued and this drove me to go into the configuration and find out how I could optimize my kernel to fit my needs. In the beginning it was a lot of trial and error, and it looked real daunting, but after a few tries - it wasn't nearly as scary. Before you knew it, I was coding my first stuff in C++. A lot of fun, actually.

    So yeah, by all means - if you guys have the time, the curiosity, do go ahead and code something, but do yourself a favor - start off easy.

    --
    What this world is coming to - is for you and me to decide.
    1. Re:Very true... by inasity_rules · · Score: 2

      A Project Euler kernel module would be an interesting way to solve some of those...

      --
      I have determined that my sig is indeterminate.
  3. Umm by ADRA · · Score: 4, Insightful

    Well yes, any C developer (already a minority in the umbrella of 'programmers' these days) can write code for the kernel, but just because one can write software for the kernel doesn't mean they can write anything meaningful to be done in kernel space vs. anywhere else. If you're expecting a slew of new driver hackers reverse engineering chipsets, and implementing better drivers, testing all corner cases (because dev's LOVE testing) I think you're barking up a very small tree, but all the luck to you, becase what's good for Linux is good for me, you, us all.

    --
    Bye!
    1. Re:Umm by TechyImmigrant · · Score: 2

      Some of us build hardware and need to write device drivers.
      Cutting through the cruft is exceedingly useful to those of us that want to get the device to work.

      --
      I should use this sig to advertise my book ISBN-13 : 978-1501515132.
    2. Re:Umm by PhrostyMcByte · · Score: 2

      I've developed Windows drivers before and can say that while yes, it is just plain C or a subset of C++, the APIs are entirely new and come with various curveballs user-mode devs will not have ever dealt with like keeping track of what IRQ level you're at.

      A simple driver is... well, fairly simple. Once you try to do anything interesting though, there's a lot to learn before you can be useful. I'm curious if Linux is any different.

    3. Re:Umm by Richy_T · · Score: 2

      The nice thing is, unless you are doing something totally off the wall, there is a good chance that there is already a module out there that does something similar to what you want to do and the open source love is revealed to you. This applies to many other open-source OSs as well, of course.

      Try this with windows and there's a good chance you'll find some incomplete example code from three API revisions ago that won't even compile with the latest libraries (BTDT)

    4. Re:Umm by swillden · · Score: 2

      If you're expecting a slew of new driver hackers reverse engineering chipsets, and implementing better drivers, testing all corner cases (because dev's LOVE testing) I think you're barking up a very small tree

      Don't be silly.

      The goal is to get a nifty new string manipulation API implemented in kernel space. Imagine how slick it would be to use (error checking omitted for brevity):

      char* buf; FILE* fp = fopen("/dev/strcat", "r+");
      fwrite(string1, string1_length, 1, fp);
      fwrite(string2, string2_length, 1, fp);
      fflush(fp);
      buf = malloc(string1_length + string2_length);
      fread(buf, string1_length + string2_length, fp);
      fclose(fp);

      I mean, how awesome is that? Only 8 lines of code to concatenate two strings! It would even be trivial to include multiple copies of string1 and/or string2 if you wanted!

      And since it's implemented in the kernel you know it'll be uber fast and secure.

      --
      Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
    5. Re:Umm by WalrusSlayer · · Score: 2

      Try this with windows and there's a good chance you'll find some incomplete example code from three API revisions ago that won't even compile with the latest libraries (BTDT)

      Uhhhhh.... for the most part, the kernel API in Windows has been remarkably stable. I have an *extremely* non-trivial Windows driver that works from NT all the way through Win 8. The only major disruption in the 10+ years between NT4 and Vista was the TDI client debacle where they deprecated TDI and there were some workarounds that needed to be implemented to run on the new kernel.

      That. Was. All.

      I'm not a Linux kernel dev (though have lots of user-mode Linux/Unix experience), but my understanding of that world is "we'll change anything and everything if and whenever we feel like it, and it's up to the rest of the world to keep up with those changes". So your example, ironically, would apply much more to a Linux driver sample than it would a Windows driver sample.

    6. Re:Umm by hobarrera · · Score: 2

      I'm not a Linux kernel dev (though have lots of user-mode Linux/Unix experience), but my understanding of that world is "we'll change anything and everything if and whenever we feel like it, and it's up to the rest of the world to keep up with those changes". So your example, ironically, would apply much more to a Linux driver sample than it would a Windows driver sample.

      Linux will change their ABI if necesary, or interal APIs, but not external APIs.

  4. just remember ... by nblender · · Score: 5, Funny

    In kernel space, no one can hear you scream.

    1. Re:just remember ... by iggymanz · · Score: 2

      "I have no dev device, and I must scream"

    2. Re:just remember ... by mlts · · Score: 3, Insightful

      There is always the ability to panic.

  5. Re:Been there done that... by Verdatum · · Score: 2

    I feel like any OS course worth a damn should force you to write at least one OS kernel module; and unless your course uses one of the academic OSes, it might as well be on Linux.

  6. just because by Anonymous Coward · · Score: 5, Funny

    you are 100% required to send all your code to linus, even your test builds

    1. Re:just because by Anonymous Coward · · Score: 3, Funny

      No it was simply a joke Admiral Aspergers.

    2. Re:just because by spitzak · · Score: 2

      You seem to have not italicized the important portion, even though you cut and pasted it into your post! Here I will do it for you:

      If you commercially distribute binaries not accompanied with source code, the GPL says you must provide a written offer to distribute the source code later. When users non-commercially redistribute the binaries they received from you, they must pass along a copy of this written offer. This means that people who did not get the binaries directly from you can still receive copies of the source code, along with the written offer.

      I think it is your turn to read the italicized portion until it sinks in.

    3. Re:just because by QRDeNameland · · Score: 2

      Don't forget about Colonel Panic!! (to bring this back kinda on-topic)

      --
      Momentarily, the need for the construction of new light will no longer exist.
    4. Re:just because by craigminah · · Score: 2

      Funny they say programming something to the Linux kernel is "hacking" rather than "programming.' Most likely to draw in the l33t kids who want to haxor something.

  7. call for warranty service by Anonymous Coward · · Score: 2, Funny

    your sense of humor is broken

  8. Stop telling me what to do! I don't want to! by wonkey_monkey · · Score: 2

    Become a Linux Kernel Hacker and Write Your Own Module

    I don't want to. You do it. sudo you do it.

    --
    systemd is Roko's Basilisk.
  9. Re:Good! Now I have questions: by Tough+Love · · Score: 2

    /dev/input

    --
    When all you have is a hammer, every problem starts to look like a thumb.
  10. Writing modules near impossible by Eravnrekaree · · Score: 3, Interesting

    While the article shows a cute little example on how to write a useless module, it does not show anyone how to actually write a serious kernel module. The Linux kernel has never been known for documenting kernel internals, such documentation is scant at best and simply not sufficient to write a module. It is safe to say tha due to the poor practices of Kernel developers who constitently ignore good practice by not Documenting Their Crap, the kernel is an elite club of developers with knowledge that is secret. The practices of the Linux kernel development is just sheer sloppiness, horribly bad practice. They could have easily set up a Wiki and documented the interfaces and their architecture. What we see with the kernel developers is that they do not care about anyone else, not users, and not even outside techies, so why would they care about whether or not an outsider can understand the kernel, just as why would they care if a user can upgrade kernel versions without having all of their device drivers blow up. As anyone well versed in computer science knows, computer code is rarely self documenting, especially the kernel, and trying to reverse document a large software project is an outrageous waste of time and can be enough of a problem that it keeps even seasoned programmers away from the project. A huge piece of undocumented code is just not worth the effort to learn.

  11. Re:First Tutorial I've seen with Goto... by frank_adrian314159 · · Score: 3, Informative

    Just like any other construct - when it makes the code more clean, clear, correct, and/or optimized. These are tradeoffs.

    For instance, let's say you have a function having a deeply nested conditional:

    if (!a) {
        if (!b) {
            if (!c) {
    ...

    } } }

    This code might be more simply understood as:

    if (a) goto done;
    if (b) goto done;
    if (c) goto done;
    ...
    done:
    ...

    --
    That is all.
  12. "Daunting" by Tyler+Durden · · Score: 2

    You know, I'd like to think there was a time when the majority of Slashdot users could cheerfully take on writing modules for the Linux kernel or *gasp* just code in C.

    --
    Happy people make bad consumers.
    1. Re:"Daunting" by jones_supa · · Score: 2

      You know, I'd like to think there was a time when the majority of Slashdot users could cheerfully take on writing modules for the Linux kernel or *gasp* just code in C.

      I suggest that most people here are just consumers. They try various distros and use open source code that has been readily made available for them. They rarely look at the code or even make the smallest modifications. Not to even talk about something like writing kernel modules from scratch. On the other hand, I believe that the UNIX command line skills of people here are generally quite good, and thus they can drill quite deep in user space administration, configuration, automation and proper bug reporting.

  13. Re:First Tutorial I've seen with Goto... by shoor · · Score: 2

    I got my intro to programming in the mid 1960s with 'the college computer' a PDP-8 that we programmed in Fortran using punched cards. In those days, just getting access to a computer was a pretty big deal, but things were changing, so 'programming paradigms' started appearing, and the first one that I remember was 'structured programming'. This is where I first heard the mantra of 'goto-less' programming. (Before that, the mantra was not to write self-modifying code, which was something you almost had to be writing assembly language code to be able to do, though COBOL had an 'alters' statement as I recall.)

    I remember being somewhat startled by the idea of excluding gotos. How could you write non trivial code without any goto statements? I actually thought of it almost as a challenge to figure out how to do so. The opposite of structured code was 'spaghetti code'. Anyway, it's become a conventional bit of wisdom that I suppose is just automatically passed down to each generation of students without anyone ever seriously questioning it, except those who find they really need it sometimes. At some point I started defiantly putting an occasional goto in my code again, but not often.

    --
    In theory, theory and practice are the same; in practice they're different. (Yogi Berra & A. Einstein)
  14. screw it i'm gonna put my hosts file in the kernel by Anonymous Coward · · Score: 4, Insightful

    Take that APK! I'm going to put my motherfucking hosts file in the kernel..that's right.. I'm going to have a /dev/hosts

    You heard me right! /dev/motherfucking/hosts

    True ring 0 baby!

  15. Also uinput, /dev/input/mice, use the damn API by raymorris · · Score: 2

    > PS: Nothing criminal, just software automation.

    The GUI probably calls function in a library, if not command line binaries. You are normallybetter off using the library directly rather than emulating GUI input from the user.

    To fake user input, see uinput. Also, you can capture the events using od tool from the /dev/input/mice and then replay them once you have decoded the sequence.

    # cat /dev/input/mice | od -t x1 -w3
    0000000 08 02 00
    0000003 08 08 00
    0000006 08 09 00
    0000011 08 07 00
    0000014 08 04 00
    0000017 08 01 01
    0000022 08 00 02
    0000025 08 02 02

  16. device driver by riffraff · · Score: 2

    I once had to write a module for a pc/104 board on an embedded system running kernel 2.4. It had 8 relays that were write-only, there was no way to query a relay for what it's current position was, so I kept track of it myself and made the cached status available by a proc entry.

    It wasn't really that hard and I learned a bit more about how the kernel modules got initialized and executed. I wrote a couple of others also, like for the Sensoray Model 518 (which is discontinued now I think).