how to design a linux kernel interface
play

How to design a Linux kernel interface Michael Kerrisk man7.org - PowerPoint PPT Presentation

Dec 30, 2022 •220 likes •875 views

FOSDEM 2016 How to design a Linux kernel interface Michael Kerrisk man7.org Training and Consulting http://man7.org/training/ 31 January 2016 Bruxelles / Brussel / Brussels Who am I? Maintainer of Linux man-pages project since 2004

  1. FOSDEM 2016 How to design a Linux kernel interface Michael Kerrisk man7.org Training and Consulting http://man7.org/training/ 31 January 2016 Bruxelles / Brussel / Brussels

  2. Who am I? Maintainer of Linux man-pages project since 2004 Documents kernel-user-space and C library APIs 15k commits, 170 releases, author/co-author of 350+ of 990+ pages in project Quite a bit of design review of Linux APIs Lots of testing, lots of bug reports Author of a book on the Linux programming interface IOW: looking at Linux APIs a lot and for a long time Designing a Linux kernel interface � 2015 Michael Kerrisk c 2 / 65

  3. Theme is more about process than technical detail Designing a Linux kernel interface � 2015 Michael Kerrisk c 3 / 65

  4. Outline 1 The problem 2 Think outside your use case 3 Unit tests 4 Specification 5 The feedback loop 6 Write a real application 7 A technical checklist 8 Concluding thoughts

  5. Outline 1 The problem 2 Think outside your use case 3 Unit tests 4 Specification 5 The feedback loop 6 Write a real application 7 A technical checklist 8 Concluding thoughts

  6. Implementation of APIs is the lesser problem (Performance can be improved later; bugs are irritating, but can be fixed) Designing a Linux kernel interface � 2015 Michael Kerrisk c The problem 6 / 65

  7. API design is the big problem Designing a Linux kernel interface � 2015 Michael Kerrisk c The problem 7 / 65

  8. Why is API design a problem? Hard to get right (Usually) can’t be fixed Fix == ABI change User-space will break And... Designing a Linux kernel interface � 2015 Michael Kerrisk c The problem 8 / 65

  9. Thousands of user-space programmers will live with your (bad) design for decades Designing a Linux kernel interface � 2015 Michael Kerrisk c The problem 9 / 65

  10. Many kinds of APIs Pseudo-filesystems ( /proc , /sys , /dev/mqueue , debugfs, configfs, etc.) Netlink Auxiliary vector Virtual devices Signals System calls ⇐ focus, for purposes of example Multiplexor syscalls ( ioctl() , prctl() , fcntl() , ...) Designing a Linux kernel interface � 2015 Michael Kerrisk c The problem 10 / 65

  11. Outline 1 The problem 2 Think outside your use case 3 Unit tests 4 Specification 5 The feedback loop 6 Write a real application 7 A technical checklist 8 Concluding thoughts

  12. Example: POSIX messages POSIX MQs: message-based IPC mechanism, with priorities for messages mq_open() , mq_send() , mq_receive() , ... Linux 2.6.6 Usual use case: reader consumes messages (nearly) immediately (i.e., queue is usually short) Kernel developers coded for usual use case Designing a Linux kernel interface � 2015 Michael Kerrisk c Think outside your use case 12 / 65

  13. Example: POSIX messages Linux 3.5: a vendor developer raises ceiling on number of messages allowed in MQ Raised from 32,768 to 65,536 to serve a customer request I.e., customer wants to queue masses of unread messages Developer notices problems with algorithm that sorts messages by priority Approximates to bubble sort (!) Will not scale well with (say) 50k messages in queue... Among a raft of other MQ changes, developer fixes sort algorithm Designing a Linux kernel interface � 2015 Michael Kerrisk c Think outside your use case 13 / 65

  14. When designing APIs, remember: User-space programmers are endlessly inventive Designing a Linux kernel interface � 2015 Michael Kerrisk c Think outside your use case 14 / 65

  15. Moral 1: try to imagine the ways in which an army of inventive user-space programmers might (ab)use your API Designing a Linux kernel interface � 2015 Michael Kerrisk c Think outside your use case 16 / 65

  16. Is this such a big deal? A performance bug got found and fixed. So what? (but there’s more...) Designing a Linux kernel interface � 2015 Michael Kerrisk c Think outside your use case 17 / 65

  17. 3.5 MQ changes also broke user space in at least two places Introduced hard limit of 1024 on queues_max , disallowing even superuser to override Fixed by commit f3713fd9c in Linux 3.14, and in -stable Semantics of value exported in /dev/mqueue QSIZE field changed Count now includes user data and kernel overhead bytes http://thread.gmane.org/gmane.linux.man/7050 Fixed (at last) in Linux 4.2 Designing a Linux kernel interface � 2015 Michael Kerrisk c Think outside your use case 18 / 65

  18. Moral 2: without unit tests you will screw up someone’s API Designing a Linux kernel interface � 2015 Michael Kerrisk c Think outside your use case 19 / 65

  19. Outline 1 The problem 2 Think outside your use case 3 Unit tests 4 Specification 5 The feedback loop 6 Write a real application 7 A technical checklist 8 Concluding thoughts

  20. Unit tests To state the obvious, unit tests: Prevent behavior regressions in face of future refactoring of implementation Provide checks that API works as expected /advertised Designing a Linux kernel interface � 2015 Michael Kerrisk c Unit tests 21 / 65

  21. Regressions happen more often than you’d expect Designing a Linux kernel interface � 2015 Michael Kerrisk c Unit tests 22 / 65

  22. Examples of regressions Linux 2.6.12 silently changed meaning of fcntl() F_SETOWN No longer possible to target signals at specific thread in multithreaded process Change discovered many releases later; too late to fix Maybe some new applications depend on new behavior! ⇒ Since Linux 2.6.32, we have F_SETOWN_EX to get old semantics Designing a Linux kernel interface � 2015 Michael Kerrisk c Unit tests 23 / 65

  23. Examples of regressions Inotify IN_ONESHOT flag (inotify == filesystem event notification API added in Linux 2.6.13) IN_IGNORED event informs user when watch is automatically dropped for various reasons By design, IN_ONESHOT did not cause an IN_IGNORED event when watch is dropped after one event Because user knows that watch will last for just one events Inotify code was refactored during fanotify implementation (early 2.6.30’s) From 2.6.36, IN_ONESHOT does cause IN_IGNORED Designing a Linux kernel interface � 2015 Michael Kerrisk c Unit tests 24 / 65

  24. Does it do what it says on the tin? (Too often, the answer is no) Designing a Linux kernel interface � 2015 Michael Kerrisk c Unit tests 25 / 65

  25. Does it do what it says on the tin? Inotify IN_ONESHOT flag (2.6.13) Provide one notification event for a monitored object, then disable monitoring Tested in 2.6.15; simply did not work (no effect) ⇒ zero testing before release... Fixed in 2.6.16 Inotify event coalescing Successive identical events (same event type on same file) are combined Saves queue space Before Linux 2.6.25, a new event would be coalesced with item at front of queue I.e., with oldest event rather than most recent event Clearly: minimal pre-release testing Designing a Linux kernel interface � 2015 Michael Kerrisk c Unit tests 26 / 65

  26. Does it do what it says on the tin? recvmmsg() system call (linux 2.6.33) Performance: receive multiple datagrams via single syscall timeout argument added late in implementation, after reviewer suggestion Intention versus implementation: Apparent concept: place timeout on receipt of complete set of datagrams Actual implementation: timeout tested only after receipt of each datagram Renders timeout useless... Clearly, no serious testing of implementation Also, confused implementation with respect to use of EINTR error after interruption by signal handler http://thread.gmane.org/gmane.linux.kernel/1711197/focus=6435 Designing a Linux kernel interface � 2015 Michael Kerrisk c Unit tests 27 / 65

  27. Probably, all of these problems could have been avoided if there were unit tests Designing a Linux kernel interface � 2015 Michael Kerrisk c Unit tests 28 / 65

  28. Writing a new kernel-user-space API? ⇒ include unit tests Refactoring code under existing API that has no unit tests? ⇒ please write some Designing a Linux kernel interface � 2015 Michael Kerrisk c Unit tests 29 / 65

  29. Where to put your tests? Historically, only real home was LTP (Linux Test Project), but: Tests were out of kernel tree Often only added after APIs were released Coverage was only partial kselftest project (started in 2014) seems to be improving matters: Tests reside in kernel source tree Paid maintainer: Shuah Khan Wiki: https://kselftest.wiki.kernel.org/ Mailing list: linux-api@vger.kernel.org Designing a Linux kernel interface � 2015 Michael Kerrisk c Unit tests 30 / 65

  30. But, how do you know what to test if there is no specification? Designing a Linux kernel interface � 2015 Michael Kerrisk c Unit tests 31 / 65

  31. Outline 1 The problem 2 Think outside your use case 3 Unit tests 4 Specification 5 The feedback loop 6 Write a real application 7 A technical checklist 8 Concluding thoughts

  32. “Programming is not just an act of telling a computer what to do: it is also an act of telling other programmers what you wished the computer to do. Both are important, and the latter deserves care.” Andrew Morton, March 2012 Designing a Linux kernel interface � 2015 Michael Kerrisk c Specification 33 / 65

  33. Fundamental problem behind (e.g.) recvmmsg() timeout bugs: no one wrote a specification during development or review Designing a Linux kernel interface � 2015 Michael Kerrisk c Specification 34 / 65

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

How to design a Linux kernel interface Michael Kerrisk man7.org Training and Consulting

How to design a Linux kernel interface Michael Kerrisk man7.org Training and Consulting

LinuxCon North America 2015 How to design a Linux kernel interface Michael Kerrisk man7.org Training and Consulting http://man7.org/training/ 18 August 2015 Seattle, Wa., USA Who am I? Maintainer of Linux man-pages project since 2004

964 views • 61 slides
CS 423 Operating System Design: Introduction to Linux Kernel Programming (MP1 Q&A)

CS 423 Operating System Design: Introduction to Linux Kernel Programming (MP1 Q&A)

CS 423 Operating System Design: Introduction to Linux Kernel Programming (MP1 Q&A) Alberto Alvarez CS423: Operating Systems Design MP1 Goals Get yourself familiar with Linux kernel programming Learn to use the kernels linked

451 views • 32 slides
Debugging the Linux Kernel with GDB Kieran Bingham Debugging the Linux Kernel with GDB Many

Debugging the Linux Kernel with GDB Kieran Bingham Debugging the Linux Kernel with GDB Many

Debugging the Linux Kernel with GDB Kieran Bingham Debugging the Linux Kernel with GDB Many of us need to debug the Linux kernel Proprietary tools like Trace32 and DS-5 are $$$ Open source debuggers like GDB lack kernel

884 views • 40 slides
Linux Kernel Crypto API Herbert Xu Red Hat Inc. Current State Async + sync cipher interface.

Linux Kernel Crypto API Herbert Xu Red Hat Inc. Current State Async + sync cipher interface.

Linux Kernel Crypto API Herbert Xu Red Hat Inc. Current State Async + sync cipher interface. Async + sync hash interface. AEAD interface. Compress-as-you-go interface. RNG interface. Current State A handful of async PCI

970 views • 7 slides
Intro to Linux Kernel Programming Don Porter Lab 4 You will write a Linux kernel module

Intro to Linux Kernel Programming Don Porter Lab 4 You will write a Linux kernel module

Intro to Linux Kernel Programming Don Porter Lab 4 You will write a Linux kernel module Linux is written in C, but does not include all standard libraries And some other idiosyncrasies This lecture will give you a crash

1.35k views • 22 slides
Introduction to Linux Command Line Interface Family of Unix-like Operating Systems Source:

Introduction to Linux Command Line Interface Family of Unix-like Operating Systems Source:

Introduction to Linux Command Line Interface Family of Unix-like Operating Systems Source: http://en.wikipedia.org/w/index.php?title=File:Unix_history-simple.svg&page=1; Creative Commons GNU/Linux and Distributions Linux kernel: the core

476 views • 5 slides
CS 423 Operating System Design: Introduction to Linux Kernel Programming (MP1 Q&A)

CS 423 Operating System Design: Introduction to Linux Kernel Programming (MP1 Q&A)

CS 423 Operating System Design: Introduction to Linux Kernel Programming (MP1 Q&A) Professor Adam Bates Fall 2018 CS423: Operating Systems Design Goals for Today Learning Objectives: Talk about the relevant skills required in

1.15k views • 33 slides
1 Theres a kernel security researcher named Dan Rosenberg whose done a lot of linux kernel

1 Theres a kernel security researcher named Dan Rosenberg whose done a lot of linux kernel

1 Theres a kernel security researcher named Dan Rosenberg whose done a lot of linux kernel vulnerability research Thats unavoidable, but the linux kernel developers dont do very much to make the situation any better. -- Basically, the

625 views • 36 slides
Hacking on Xen in the Linux Kernel Lisa Nguyen, Linux Kernel Intern FOSS Outreach Program for

Hacking on Xen in the Linux Kernel Lisa Nguyen, Linux Kernel Intern FOSS Outreach Program for

Hacking on Xen in the Linux Kernel Lisa Nguyen, Linux Kernel Intern FOSS Outreach Program for Women LinuxCon North America 2013 Agenda Introduction What Got Me Interested in OPW Project Overview Xen Block Ring Protocol

922 views • 13 slides
Introduction to Linux Kernel Modules Luca Abeni luca.abeni@santannapisa.it Linux Kernel Modules

Introduction to Linux Kernel Modules Luca Abeni luca.abeni@santannapisa.it Linux Kernel Modules

Introduction to Linux Kernel Modules Luca Abeni luca.abeni@santannapisa.it Linux Kernel Modules Kernel module: code that can be dynamically loaded/unloaded into the kernel at runtime Change the kernel code without needing to reboot

545 views • 13 slides
GNU/Linux Why use it? What is Linux? Linux is a UNIX-like, GPL-licensed open-source kernel. The

GNU/Linux Why use it? What is Linux? Linux is a UNIX-like, GPL-licensed open-source kernel. The

GNU/Linux Why use it? What is Linux? Linux is a UNIX-like, GPL-licensed open-source kernel. The GNU userland consists of libc, the init system (SystemD) X11 GUI toolkits etc. Ask the audience Who has used

442 views • 22 slides
. Kernel The Variability Model of the Linux Extra Conclusions Linux Study Introduction .

. Kernel The Variability Model of the Linux Extra Conclusions Linux Study Introduction .

. Krzysztof Czarnecki, Andrzej Wsowski The Variability Model of the Linux Kernel . . January 26, 2010 IT University of Copenhagen University of Leipzig University of Waterloo Steven She, Rafael Lotufo, Thorsten Berger, . Kernel The

928 views • 39 slides
Kernel Implementations IV 8 February 2019 OSU CSE 1 Recording Design Decisions The

Kernel Implementations IV 8 February 2019 OSU CSE 1 Recording Design Decisions The

Kernel Implementations IV 8 February 2019 OSU CSE 1 Recording Design Decisions The commutative diagram is a great device to help you think about why (whether?) a kernel class correctly implements the kernel interface However, it is

1.02k views • 57 slides
Linux Kernel Security & Hardening Thomas Lamprecht January 17, 2019 Introduction The Linux

Linux Kernel Security & Hardening Thomas Lamprecht January 17, 2019 Introduction The Linux

Linux Kernel Security & Hardening Thomas Lamprecht January 17, 2019 Introduction The Linux Kernel Widespread Deployed on: powerful (high performance compute clusters) sensitive (bank, gov. systems, ..) safety critical

995 views • 29 slides
Linux Kernel Synchronization System Calls Synchronization in Kernel the kernel RCU File

Linux Kernel Synchronization System Calls Synchronization in Kernel the kernel RCU File

3/1/20 COMP 790: OS Implementation COMP 790: OS Implementation Logical Diagram Binary Memory Threads Formats Allocators User Todays Lecture Linux Kernel Synchronization System Calls Synchronization in Kernel the kernel RCU File

647 views • 8 slides
Module 21: The Linux System History Design Principles Kernel Modules Process

Module 21: The Linux System History Design Principles Kernel Modules Process

Module 21: The Linux System History Design Principles Kernel Modules Process Management Scheduling Memory Management File Systems Input and Output Interprocess Communication Network Structure Security

1.34k views • 56 slides
Creating Solid APIs EuroPython 2018 Rivo Laks 2018-07-27 Background What is an API? What is

Creating Solid APIs EuroPython 2018 Rivo Laks 2018-07-27 Background What is an API? What is

Creating Solid APIs EuroPython 2018 Rivo Laks 2018-07-27 Background What is an API? What is an API? application programming interface What is an API? application programming interface application programmer interface What is an API?

982 views • 86 slides
Introduction CS 351: Systems Programming Michael Saelee <lee@iit.edu> Computer Science

Introduction CS 351: Systems Programming Michael Saelee <lee@iit.edu> Computer Science

Introduction CS 351: Systems Programming Michael Saelee <lee@iit.edu> Computer Science Science Michael (Sae) Lee - lee@iit.edu - http://moss.cs.iit.edu - Office: SB 226C - Hours: Wed & Fri 3:15PM-5:15PM Computer Science Science

547 views • 32 slides
Using API in Java EECS1021: Object Oriented Programming: from Sensors to Actuators Winter 2019

Using API in Java EECS1021: Object Oriented Programming: from Sensors to Actuators Winter 2019

Using API in Java EECS1021: Object Oriented Programming: from Sensors to Actuators Winter 2019 C HEN -W EI W ANG Learning Outcomes Understand: Self-Exploration of Java API Method Header Parameters vs. Arguments Non-Static

167 views • 13 slides
1 Last class: Computer architecture support for systems Today: Operating Systems

1 Last class: Computer architecture support for systems Today: Operating Systems

1 Last class: Computer architecture support for systems Today: Operating Systems Structures and Basics 2 Interlude Recap of OS goals Resource management Memory, Devices Scheduling Security Services to

548 views • 25 slides
Last Class: OS and Computer Architecture System bus Network card CPU, memory, I/O devices,

Last Class: OS and Computer Architecture System bus Network card CPU, memory, I/O devices,

Last Class: OS and Computer Architecture System bus Network card CPU, memory, I/O devices, network card, system bus Computer Science Computer Science CS377: Operating Systems Lecture 3, page 1 Last Class: OS and Computer Architecture

130 views • 11 slides
Experience of the Development of the Geometry Database for the CBM Experiment Akishina E.P. 1 ,

Experience of the Development of the Geometry Database for the CBM Experiment Akishina E.P. 1 ,

Experience of the Development of the Geometry Database for the CBM Experiment Akishina E.P. 1 , Alexandrov E.I. 1 , Alexandrov I.N. 1 , Filozova I.A. 1 , Friese V. 2 , Ivanov V.V. 1,3 for the CBM Collaboration 1 LIT JINR, Dubna 2 GSI, Darmstadt 3

637 views • 15 slides
MPI is too High-Level MPI is too Low-Level Marc Snir High-Level MPI MPI is an Application

MPI is too High-Level MPI is too Low-Level Marc Snir High-Level MPI MPI is an Application

MPI is too High-Level MPI is too Low-Level Marc Snir High-Level MPI MPI is an Application Programming Application Application Interface from MPI-1.0:``Design an application MPI programming interface (not necessarily for

561 views • 19 slides
OpenMP Paolo Burgio paolo.burgio@unimore.it A history of OpenMP 1997 OpenMP for

OpenMP Paolo Burgio paolo.burgio@unimore.it A history of OpenMP 1997 OpenMP for

An introduction to OpenMP Paolo Burgio paolo.burgio@unimore.it A history of OpenMP 1997 OpenMP for Fortran 1.0 1998 OpenMP for C/C++ 1.0 2000 Regular, loop-based parallelism OpenMP for Fortran 2.0 2002

518 views • 13 slides

More recommend