Question

In: Computer Science

[1] Can you load a Linux kernel module more than once? Explain briefly. [1] For the...

  1. [1] Can you load a Linux kernel module more than once? Explain briefly.

  2. [1] For the modules we have created in class, does the code run continuously, or does it run in response to certain events? Explain, and be specific.

  3. [1] When the kernel does a printk(), does it write directly to /var/log/kern.log? Explain.

  4. [1] The makefile for a Linux kernel module is generally very simple; however, building a module seems to be a bit complicated, generating lots of files. Where is the module build process getting instructions for doing all this work?

  5. [1] If you change line 22 in the ones module to define CLASS_NAME to be "OSclass", will this change the observable behavior of the module? Explain briefly.

  6. [1] When doing the work for a system call, how does the kernel keep track of which process made that system call (so it does the work on behalf of that process)?

  7. [2] How does the format of data returned by getdents(2) differ from that returned by readdir(3) (at a high level)? What is a key motivation for this difference?

  8. [2] How can you change the magic_prefix for the rootkit without changing the code of the module? How is this information passed to the kernel at runtime?

  9. [2] When the kernel allocates memory for its own use, does it refer to that memory using virtual or physical addresses? How does the remember module show this?

  10. [2] What is a significant reason why the kernel uses functions such as copy_to_user() when accessing process memory? Why not just access this memory directly?

  11. [2] Change the ones module so that it will allow writes, and the first character of whatever is written will become the character that is repeatedly output when reading (instead of '1'). What changes do you need to make?

  12. [4] How could you make a "spooky rootkit" (based on 3000rootkit) that would randomly (with a .01 probability on each call to getdents) insert a file "BOO!" with an inode of 9999 into the stream of returned files? Note that you can get random bytes using the get_random_bytes() function in the kernel.

Solutions

Expert Solution

Q.[1] Can you load a Linux kernel module more than once? Explain briefly.

Ans- Linux allows the Kernel to be configured at run time, to enable or disable different services. A kernel module (or several of them) is generally loaded once. Only one kernel module run at a time but we can keep more than one. There is no harm in keeping multiple versions, and it's usually a good idea to do so in case we hit any issue with the newer version. The kernel would have to be built with all functionalities integrated directly into the kernel image. This would mean having bigger kernels, and system administrators would need to recompile the kernel every time a new functionality is needed.

So, generally we can not load a Linux kernel model more than once.

Q.[1] For the modules we have created in class, does the code run continuously, or does it run in response to certain events? Explain, and be specific.

Ans- There are two utilities to load modules: insmod and modprobe. insmod is a low-level utility: it loads a module file, given by its full path. modprobe is a high-level utility: we pass it a module name, and it looks up that module name in the module database, loads any necessary dependencies then loads the module itself. If the module isn't recorded in the module database, modprobe fails.

Q.[1] When the kernel does a printk(), does it write directly to /var/log/kern.log? Explain.

Ans- The kernel print function, printk(), behaves almost identically to the C library printf() function.The printk() function is callable from just about anywhere in the kernel at any time. It can be called from interrupt or process contex. The kernel needs its own printing function because it runs by itself.

/var/log/kern.log and his rotated logs contains the logs produced by the kernel and handled by syslog. The logging of the printk messages depends on the priority level you assign to each message and on the syslog configuration so depending on the level priority if we assign to kernel messages in syslog.conf, they will be displayed in the log file.

Q.[1] The makefile for a Linux kernel module is generally very simple; however, building a module seems to be a bit complicated, generating lots of files. Where is the module build process getting instructions for doing all this work?

Ans- Yes it is true that the makefile for a Linux kernel module is generally very simple; however, building a module seems to be a bit complicated, generating lots of files. Whenever we create a kernel module, the kernel's build machinery generates a struct module object, and makes THIS_MODULE point to it.The role of a module is to extend kernel functionality.

The module build process requires several steps :

  • creating a module.
  • testing the module - We can test the module with the insmod and rmmod utilities.

A module runs in kernel space so it is the role of the operating system to provide programs with a consistent view of the computer's hardware.


Related Solutions

Fill in the blank ( can be used more than once) - Behind - Real -...
Fill in the blank ( can be used more than once) - Behind - Real - Virtual - Farsightedness - Long - Convex - Thickness - Concave - Retina - Nearsightedness The convex lens of a camera forms a ___ image. An image that forms only bexause the light seems to diverge from it is called a ___ image. Flat mirros and lenses ___ from virtual images. The lens of your eye is a ___ lens.It produces a ___ image...
Match the description with the correct term. Answers can be used more than once!   Group of...
Match the description with the correct term. Answers can be used more than once!   Group of answer choices Crayfish fight each other to determine which male will mate with females. They fight by charging each other and clashing their claws together. The male with bigger claws usually wins. What is this describing?       [ Choose ]            Evolutionary trade-off            Intersexual selection            Stabilizing selection            Intrasexual selection           ...
Please can someone explain briefly or with example the following: Class affects more than our lifestyle....
Please can someone explain briefly or with example the following: Class affects more than our lifestyle. It impacts physical & metal well-being. How so? How do class differences have a significant impact on how we live?
Revision Question 1 on Linux. Please briefly explain the shell script given. a) You have just...
Revision Question 1 on Linux. Please briefly explain the shell script given. a) You have just logged in and have a directory called "images" in your home directory containing the following files: favicons login.png logo.png newlogo.png where "favicons is a directory and contains the files favicon.ico favicon.gif favicon.png favicon.jpg Describe the results you would expect when executing the following shell commands: i) ls images/*og* | wc -1 ii) ls -ld images/* iii) rmdir images/favicons iv) cp images/*/*png images v) rm...
1. Briefly but completely explain the two most significant differences you discern from Windows and Linux...
1. Briefly but completely explain the two most significant differences you discern from Windows and Linux file management. 2. Explain why Windows compatibility may cause issues for users.
Match each scenario with one of the tests. (each test can be used more than once...
Match each scenario with one of the tests. (each test can be used more than once if needed). the tests are: a). Two-sample comparison means of confidence interval or significance tests b) .One-way anova c). One-sample mean confidence interval or significance test d). Match pairs confidence interval or Significance test e). No interference method needed Match the tests to these scenarios: ____ A researcher gathered data on the number of hours of sleep for German Shepherds, Poodles, and Golden Retrievers....
Complete the sentences by using the following terms may be used once, more than once, or...
Complete the sentences by using the following terms may be used once, more than once, or not at all: Congruence, controllability princple, customer, decentralization, decrease, economic value added (EVA), external market price, financial, full cost, incongruence, increase, internal business, investment, learning and growth, profit, residual income, responsibility accounting, return on investment, sales revenue. 1. Managers of a(n)______center are evaulated based on measures such as ROI and residual income. 2. Supoptimal decisions and duplication of resources are considered disadvantages of______. 3....
Drag the labels onto the table to indicate when each statement Is true. Labels can be used once, more than once, or not at all.
Drag the labels onto the table to indicate when each statement Is true. Labels can be used once, more than once, or not at all. 1. Orange dye moves independently of purple dye. 2. Concentration gradients exist that drive diffusion of both dyes. 3. There is a net movement of orange dye from side A to side B. 4. Purple dye moves only from side B to side A. 5. There is no net movement of purple dye.
We will be using the Saxonville Sausage Case Study more than once. For this week, you...
We will be using the Saxonville Sausage Case Study more than once. For this week, you need to develop and submit the answers to the following questions related to the 'Saxonville Sausage Company' Case Study. What was Anne Banks main research objective? Could you identify the Marketing Research Process steps in what she designed? What type of research did she use: qualitative (focus groups) or quantitative (questionnaries)? Do you consider that she used a good marketing research approach?
1. Briefly explain how virtualization of Linux Servers may be used in the enterprise to provide...
1. Briefly explain how virtualization of Linux Servers may be used in the enterprise to provide an infrastructure base capable of overcoming component failures. 2.There are different types of firewalls in LINUX. a. What are the key differences between a proxy firewall, state full firewall and packet filter? b. Which would you use if you wanted to do deep inspection of the underlying protocol? 3. A system administrator has been given a new domain foobar.com. Assuming the domain has not...
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT