Optimize [Text Tool] to support editing text subscript and superscript, font, font size and other styles;. Optimize [Text Tool] to support editing text subscript and superscript, font, font size and other styles. Optimize the problem of drawing board when the structure is too much; 3. Add structural search; 4. Add some hotkeys module; 5. Add the molecular function of the selected molecule; 6. Add a lasso tool to select the structure in the artboard according to the movement track of the finger; 2.
Experiential optimization, prompting the name of the currently selected tool when switching tools. Windows PC 1. Update Log Record updates to the latest version of KingDraw 1. KingDraw v1. Updates As Follows: 1.
Enable online KDpedia on PC. KingDraw v2. If you want to run lei up as a background process on some server, you should set up a system-level timer and use a different git-credential mechanism e. In the next installment we'll look at some other part of lei and public-inbox I haven't yet decided which. In addition to being posted on the blog, it is also available on the workflows mailing list, so if you want to reply with a follow up, see this link:.
One of kernel developers' perennial complaints is that they just get Too Much Damn Email. For this reason, actual Linux development tends to happen on separate mailing lists dedicated to each particular subsystem. In turn, this has several negative side-effects:. Developers working across multiple subsystems end up needing to subscribe to many different mailing lists in order to stay aware of what is happening in each area of the kernel.
Contributors submitting patches find it increasingly difficult to know where to send their work, especially if their patches touch many different subsystems. However, the submitter needs to be both aware of this script and know how to properly configure it in order to correctly use it with git-send-email.
Any edits to that file must go through the regular patch submission and review process and it may take days or weeks before the updates find their way to individual contributors. Wouldn't it be nice if contributors could just send their patches to one place, and developers could just filter out the stuff that is relevant to their subsystem and ignore the rest? Public-inbox started out as a distributed mailing list archival framework with powerful search capabilities.
We were happy to adopt it for our needs when we needed a proper home for kernel mailing list archives — thus, lore. Even though it started out as merely a list archival service, it quickly became obvious that lore could be used for a lot more.
Public-inbox uses Xapian behind the scenes, which allows to narrowly tailor the keyword database to very specific needs. For example, did you know that you can search lore. And maybe limit the results to just the past month. Now, how about getting that straight into your mailbox, so you don't have to subscribe to the very busy linux-block list, if you are the floppy maintainer? Lei is very new and probably isn't yet available as part of your distribution, but I hope that it will change quickly once everyone realizes how awesome it is.
I'm working on packaging lei for Fedora, so depending on when you're reading this, try dnf install lei — maybe it's already there. If it's not in Fedora proper yet, you can get it from my copr:. Lei can deliver search results either into a local maildir, or to a remote IMAP folder or both. We'll do local maildir first and look at IMAP in a future follow-up, as it requires some preparatory work.
Let's take the exact query we used for the floppy drive above, and get lei to deliver entire matching threads into a local maildir folder that we can read with mutt:.
It doesn't matter to which list the patch was sent — if it's on lore, the query will find it. Make sure that this folder doesn't already exist, or lei will clobber anything already present there unless you use --augment , but I haven't tested this very extensively yet, so best to start with a clean slate. As always, backslashes and newlines are there just for readability — you don't need to use them. It is safe to delete mail from this folder — it will not get re-added during lei up runs, as lei keeps track of seen messages on its own.
By default, lei -q will save your search and start keeping track of it. To see your saved searches, run:. You will notice that the first line of output will say that lei automatically limited the results to only those that arrived since the last time lei was invoked for this particular saved search, so you will most likely get no new messages. To edit your saved search, just run lei edit-search. I suggest you test them on lore. To subscribe to entire mailing lists, you can query based on the list-id header.
For example, if you wanted to replace your individual subscriptions to linux-block and linux-scsi with a single lei command, do:. In the next series installment, I'll talk about how to deliver these results straight to a remote IMAP folder and how to set up a systemd timer to get newest mail automatically if that's your thing — I prefer to run lei up manually and only when I'm ready for it.
As usual we had a LTP release at the end of the September. And the number of patches did slowly grow even before that. While it's great and I'm happy that the project is growing, there is a catch, grow like this puts additional strain on the maintainers, particularly on the patch reviewers. One of the things I finally want to move forward is making the runltp-ng official LTP test runner, but there is much more. So the obvious question is how to make things better and one of the things we came up was automation.
What we implemented for LTP is 'make check' that runs different tools on the test source code that is supposed to be used before patch is sent for a review.
For C code we use the well known checkpatch. The tooling is set up automatically when you call 'make check' for a first time and we tried to make it as effortless as possible, so that there is no reason not to use during the development.
We also use checkbashism. Hopefully this should eliminate on average at least one revision for a patchset which would be hundreds of patches during our development cycle. Ideally this will fix the problem for a while and we will make more effective use of our resources, but eventually we will get to a point where more maintainers and reviewers are needed, which is problem that is hard to solve without your help.
Linux development depends on the ability to send and receive emails. Unfortunately, it is common for corporate gateways to post-process both outgoing and incoming messages with the purposes of adding lengthy legal disclaimers or performing anti-phishing link quarantines, both of which interferes with regular patch flow. While it is possible to configure free options like GMail to work well with sending and receiving patches, Google services may not be available in all geographical locales — or there may be other reasons why someone may prefer not to have a gmail.
For this reason, we have partnered with Migadu to provide a mail hosting service under the linux. If you're a Linux subsystem maintainer or reviewer and you need a mailbox to do your work, we should be able to help you out.
Please see our service documentation page for full details. One of the side-effects of the recent UMN Affair has been renewed scrutiny of the kernel development process that continues to rely on patches sent via email.
This prompted me to revisit my end-to-end patch attestation work and get it to the point where I consider it to be both stable for day-to-day work and satisfactory from the point of view of underlying security and usability. The detailed principles of operation are described on the PyPi project page, so I will not duplicate them here. The screencast linked above shows patatt in action from the point of view of a regular patch contributor.
If you have an hour or so, you can also watch my presentation to the Digital Identity Attestation WG:. Patatt is fully supported starting with version 0. As you see above, b4 verified that the DKIM header was valid and that the PGP signature from Greg Kroah-Hartman passed as well, giving double assurance that the message was not modified between leaving Greg's computer and being checked on the end-system of the person retrieving the patch.
Patatt and b4 also introduce the idea of tracking contributor public keys in the git repository itself. It may sound silly — how can the repository itself be a source of trusted keys? However, it actually makes a lot of sense and isn't any worse than any other currently used public key distribution mechanism:.
Contributor public keys can be added either to the main branch itself, along with the project codebase perhaps in the. The latter can be especially useful for large projects where patches are collected by subsystem maintainers and then submitted as pull requests for inclusion into the mainline repository.
Keeping the keyring in its own ref assures that it stays out of the way of regular development work but is still centrally managed and tracked. I am hoping that people will now start using cryptographic attestation for the patches they send, however I certainly can't force anyone's hand. If you are a kernel subsystem maintainer or a core developer of some other project that relies on mailed-in patches for the submission and code review process, I hope that you will give this a try.
If you have any comments, concerns, or improvement suggestions, please reach out to the tools list. We have reached an important milestone with latest LTP release — the amount of testcases written in the new test library finally outnumbers the amount of old library tests. Which is nice opportunity for a small celebration and also to look back a bit into a history and try to summarize what has happened over the last 10 years in LTP. I've joined LTP development a bit more than 10 years ago in At that point we were really struggling with the basics.
The build system was collection of random Makefiles and the build often failed for very random reasons. The were pieces of shell code embedded in Makefiles for instance to check for devel libraries, manually written shell loops over directories that prevented parallel build, and all kind of ugly mess like that.
This has changed and at the end of as the build system was rewritten, with that LTP supported proper parallel build, started to use autoconf for feature checks, etc. However that was only a start, LTP was easier to build, git was nicer to use, but we still had tests that were mostly failing and fair amount of the tests were producing nothing but noise. There were also tests that didn't produce real results and always passed but it's really hard to count these unless you review the code carefully one testcase at a time, which is part of what we still do even after ten years of work.
From that point on it took us a few years to clear the worst parts and to deal with most of the troublemakers and the results from LTP were gradually getting greener and more stable as well. We are far from being bugless, there are still parts covered in dust that are waiting for attention, but we are getting there.
For instance in this release we finally got a nice cgroup test library that simplifies cgroup testcases and we should fix rest of the cgroup tests ideally before the next one.
Also I'm quite happy that the manpower put into LTP development slowly increases, however compared to the efforts put into the kernel development the situation is still dire.
I used to tell people that the amount of work put into Linux automated testing is a bad joke back then. These days it's much better but still hardly optimal as we struggle to keep up with covering the newly introduced kernel features. At the start I've mentioned new test library so I should explain how we came to this and why it's superior to what we had previously. First of all there was a test library in LTP that could be traced back to SGI and was released under GPL more than 20 years ago, it's probably even older than that though.
The main problems with the library was that it was cumbersome to use. There were some API reporting functions, but these were not thread safe nor could be used in child processes. You had to propagate test results manually in these two cases which was prone to errors.
Even worse since the test implemented the main function you had to return the overall result manually as well and forgetting to do so was one of the common mistakes. At a point where most of the broken tests were finally fixed I had a bit of time to invest into a future and after seven years of dealing with a common test mistakes and I had a pretty good picture of what a test library should look like and what should be avoided.
Hence I've sat down and designed library that is nice and fun to use and makes tests much easier to write. This library still evolves over the time, the version introduced in wasn't as nice as it is now, but even when it was introduced it included the most important bits, for instance thread safe and automatic test result propagation or synchronization primitives that could be used even to synchronize shell code against C binary.
The old library is still present in LTP since we are a bit more than halfway done converting the tests, which is no easy task since we have still more than tests to go. And as we are converting the test we are also reviewing them to ensure that the assertions are correct and the coverage isn't lacking. We still find tests that fail to report results from time to time even now, which only show how hard is to eliminate mistakes like this and why preventing them in the first place is right thing to do.
And if things will go well the rest of tests should be converted in about 5 years and LTP should be finally free of the historical baggage. At that point I guess that I will throw a small celebration since that would conclude a huge task I've been working on for a decade now. In Linux 5. This removes the need to parse vendor specific strings in ethtool -S. Linux has two sources of NIC statistics, the common interface stats which show up in ifconfig, ip link, sysfs and few other places and ethtool -S.
The former — common interface stats — are a mix of basic info packets, bytes, drops, errors in each direction and a handful of lower level stats like CRC errors, framing errors, collisions or FIFO errors. This is why deployments increasingly depend on ethtool -S statistics for error tracking. It started out as a place for drivers to report custom, implementation specific stats, but ended up also serving as a reporting place for new statistics as the networking standards developed.
Sadly there is no commonality in how vendors name their ethtool statistics. This forces infrastructure teams to maintain translations and custom per-vendor logic to scrape ethtool -S output.
Starting with Linux 5. Thanks to that we can now augment the old commands to carry statistics. When user specifies -I --include-statistics on the command line or the appropriate flag in netlink kernel will include relevant statistics in its response, e. General statistics such as PHY and MAC counters are now available via ethtool -S under standard-based names though a new --groups switch, e.
Admittedly the new interface is quite basic. The starting point is based on fulfilling immediate needs. We hope the interfaces will be extended as needed. Statistics can be made arbitrarily complex, so after a couple false-starts with complex interfaces we decided to let the use cases drive the interface. Going forward we can work with vendors on codifying the definitions of other counters they have.
We have recently announced the availability of our new mailing list platform that will eventually take on the duties currently performed by vger. Off the bat, there were a few questions about how it works under the hood — especially regarding DMARC-friendly cofiguration. There is nothing fancy about the setup — mailing lists are managed by mlmmj , while all delivery operations are handled by Postfix. All outgoing mail is delivered via kernel.
When mlmmj writes to the archive directory of the mailing list, the message is immediately picked up by public-inbox-watch and appended to the public-inbox archive for that list.
The archive is then replicated to lore. This replication is parallel to Postfix delivering mail to list subscribers, so is not dependent on the size of the mail queue. In theory, it shouldn't take longer than a few minutes for a message sent to a lists. Similarly, messages should never go missing from the public-inbox archive if they got accepted by mlmmj for delivery I know, famous last words.
There are two key principles to follow:. The Envelope-From should be that of the mailing list domain. There should be no changes to any of the existing message headers and no modifications to the message body.
This is actually the part that generally trips up mailing list operators, as it is a long-standing practice to do two things when it comes to mailing lists: modify the subject to insert a terse list identifier e. As far as I'm concerned, this is the fault of domain owners and is properly fixed by setting up proper DKIM signing and giving users a way to send outgoing mail via proper SMTP gateways.
Here's a write-up I randomly found while writing this post that goes into some more detail regarding DMARC and mailing lists. We don't currently add ARC headers — as far as I can tell, they aren't required for operating a mailing list that properly sets the envelope-from.
Who knows, I may change my mind about this in the future. In short, the best way to assure that a message sent via subspace. If you run your own server, you can either set up OpenDKIM on your own it's not complicated, honest , or you can pay some money to a company like Mailgun to do it for you. The name is a pun on the diving decompression stop that is something you perform after going down below the surface to avoid decompression sickness.
It is one of those development tools that like git just take on the world in a short time. It appears to be not just funded by Google but also part of a PhD thesis work.
As you can guess these calls loads or stores 1, 2, 4, 8 or 16 bytes of memory in a chunk into the virtual address addr and reflects how the compiler thinks that the compiled code usually C thinks about these memory accesses.
ASan intercepts all reads and writes by placing itself between the executing program and any memory management. The above symbols can be implemented by any runtime environment. The address will reflect what the compiler assumed runtime environment thinks about the usually virtual memory where the program will execute. You will instrument your code with ASan, toss heavy test workloads on the code, and see if something breaks.
If something breaks, you go and investigate the breakage to find the problem. The problem will often be one or another instance of buffer overflow, out-of-bounds array or string access, or the use of a dangling pointer such as use-after-free. These problems are a side effect of using the C programming language.
Notice that I say instrumented memory not code: ASan shadows not only the actual compiled code but mainly and most importantly any allocations and referenced pointers the code maintains.
To achive this the userspace links to a special malloc implementation that overrides the default and manages all of this behind the scenes. One aspect of it is that malloc will of course return chunks of memory naturally aligned to 8, so that the shadow memory will be on an even byte boundary. The ASan shadow memory shadows the memory you're interested in inspecting for memory safety. The helper library will allocate shadow memory as part of the runtime, and use it to shadow the code, data and runtime allocations of the program.
Some will be allocated up front as the program is started, some will be allocated to shadow allocations at runtime, such as dynamically allocated buffers or anything else you malloc. Later on a more elaborate scheme was adopted. Values When a piece of memory is legally allocated and accessed the corresponding bits are zeroed. That means all 8 bytes can be freely accessed and we can quickly proceed. Else we need a closer look. Values 1 thru 7 means bytes 1 thru 7 are valid for access partly addressable so we check that and any other values means uh oh.
Decoding the hex values gives a clear insight into what access violation we should be looking for. To be fair the one bit per byte 8-to-1 mapping is not compulsory. This should be pretty obvious.
Other schemes such as mapping even 32 bytes to one byte have been discussed for memory-constrained systems.
All memory access calls such as any instance of dereferencing a pointer and all functions in the library such as all string functions are patched to check for these conditions. It's easy when you have compiler instrumentation. We check it all. It is not very fast but it's bareable for testing. Researchers in one camp argue that we should all be writing software including operating systems in the programming language Rust in order to avoid the problems ASan is trying to solve altogether.
This is a good point, but rewriting large existing software such as the Linux kernel in Rust is not seen as realistic. Thus we paper over the problem instead of using the silver bullet. Hybrid approaches to using Rust in kernel development are being discussed but so far not much has materialized. The AddressSanitizer ASan was written with userspace in mind, and the userspace project is very much alive. As the mechanism used by ASan was quite simple, and the compilers were already patched to handle shadow memory, the Kernel Address Sanitizer KASan was a natural step.
At this point the original authors seem to spend a lot of time with the kernel, so the kernel hardening project has likely outgrown the userspace counterpart. This is why these values often occur in KASan splats. The crucial piece to create KASan was a compiler flag to indicate where to shadow the kernel memory: when the kernel Image is linked, addresses are resolved to absolute virtual memory locations, and naturally all of these, plus the area where kernel allocates memory SLABs at runtime need to be shadowed.
As can be seen in the kernel Makefile. The kernel already had some related tools, notably kmemcheck which can detect some cases of use-after-free and references to uninitialized memory. It was based on a slower mechanism so KASan has since effectively superceded it, as kmemcheck was removed.
To exercise the kernel to find interesting bugs, the inventors were often using syzkaller , a tool similar to the older Trinity: it bombs the kernel with fuzzy system calls to try to provoke undefined and undesired behaviours yielding KASan splats and revealing vulnerabilities.
Since the kernel is the kernel we need to explicitly assign memory for shadowing. Since we are the kernel we need to do some manouvers that userspace can not do or do not need to do:. Once these generic kernel instrumentations were in place, other architectures could be amended with KASan support, with ARM64 following x86 soon in the autumn of We need to use the kernel memblock early memory management to set up memory to hold the page tables themselves in some cases.
As mentioned we first point all shadows to a zero page, and later on to proper KASan shadow memory, and then KASan kicks into action. Not good. Therefore the global page table for the entire kernel the one that has all shadow memory pointing to a zero page is copied and used during this phase.
It is then replaced, finally, with the proper KASan-instrumented page table with pointers to the shadow memory in a single atomic operation.
Further all optimized memory manipulation functions from the standard library need to be patched as these often have assembly-optimized versions in the architecture.
This concerns memcpy , memmove and memset especially. While the quick optimized versions are nice for production systems, we replace these with open-coded variants that do proper memory accesses in C and therefore will be intercepted by KASan. All architectures follow this pattern, more or less. ARM64 supports hardware tags, which essentially means that the architecture supports hardware acceleration of KASan.
As this is pretty fast, there is a discussion about using KASan even on production systems to capture problems seen very seldom. This did not proceed. So when trying to use loadable modules the code would crash as this RAM was not shadowed. The developers tried to create the option to move modules into the vmalloc area and enable this by default when using KASan to work around this limitation.
The special module area is however used for special reasons. Since it was placed in close proximity to the main kernel TEXT segment, the code could be accessed using short jumps rather than long jumps: no need to load the whole bit program counter anew whenever a piece of code loaded from a module was accessed.
This provided serious performance benefits. After some iterations we got it working on some ARM32 platforms and I was successfully stressing it a bit using the Trinity syscall fuzzer.
This version solved the problem of shadowing the loadable modules by simply shadowing all that memory as well. Notice that the amount of physical memory doesn't really matter, as KASan will use the trick to just point large chunks of virtual memory to a single physical poison page. On bit platforms this approach ate our limited address space for lunch.
We were setting aside several static assigned allocations in the virtual address space, so we needed to make sure that we only shadow the addresses actually used by the kernel. This more fine-grained approach to assigning shadow memory would create some devil-in-the-details bugs that will not come out if you shadow the whole virtual address space, as the bit platforms do. A random access to some memory that should not be poked and thus lacking shadow memory will lead to a crash.
While QEMU and some hardware was certainly working, there were some real hardware platforms that just would not boot. Things were getting tedious. The initial patches from Andrey started trading hands and these out-of-tree patches were used by some vendors to test code on some hardware. Personally, I had other assignments and could not take over and develop KASan at this point.
I'm not saying that I was necessarily a good candidate at the time either, I was just testing and tinkering with KASan because ARM32 vendors had a generic interest in the technology. Some things were getting fixed along the road, but what was needed was some focused attention and these people had other things on their plate as well. In April I decided to pick up the patches and have a go at it.
I quickly got support from two key people: Florian Fainelli and Ard Biesheuvel. Florian had some systems with the same odd behaviour of just not working as my pet Qualcomm APQ DragonBoard that I had been using all along for testing. These were the major roadblocks. Fixing these bugs created new bugs which we also fixed. Ard and Florian mopped up the fallout. In the middle of development, five level page tables were introduced and Mike Rapoport made some generic improvements and cleanup to the core memory management code, so I had to account for these changes as well, effectively rewriting the KASan ARM32 shadow memory initialization code.
Eventually the v16 patch set was finalized in october and submitted to Russell Kings patch tracker and he merged it for Linux v5. The idea is again to use shadow memory, but now for concurrency debugging at runtime. I do not know more than this. Recent months saw a lot of changes in the venerable NAPI polling mechanism, which warrants a write up. It is, however, worth clearing up one major misconception. The basic flow of NAPI operation does not involve any explicit processing delays.
Software interrupts softirq or bottom halves are a kernel concept which helps decrease interrupt service latency. Because normal interrupts don't nest in Linux, the system can't service any new interrupt while it's already processing one. Therefore doing a lot of work directly in an IRQ handler is a bad idea. Today systems have tens of CPUs and all of the cores can have dedicated networking queues.
Experiments show that separating network processing from application processing yields better application performance. That said manual tuning and CPU allocation for every workload is tedious and often not worth the effort. In terms of raw compute throughput having many cores service interrupts means more interrupts less batching and more cache pollution. Interrupts are also bad for application latency. Application workers are periodically stopped to service networking traffic.
Last but not least NAPI semi-randomly gets kicked out into the ksoftirqd thread which degrades the network latency. Busy polling is a kernel feature which was originally intended for low latency processing. Whenever an application was out of work it could check if the NIC has any packets to service thus circumventing the interrupt coalescing delay. Recent work by Bjorn Topel reused the concept to avoid application interruptions altogether. The application is expected to use busy polling to process packets, replacing the interrupt driven parts of NAPI.
Here the application does not get interrupted. Once it's done with a request it asks the kernel to process packets. This allows the app to improve the latency by the amount of time NAPI processing would steal from request processing.
Conceptually it's quite similar to the ksoftirq thread, but:. The main advantage of threaded NAPI is that the network processing load is visible to the CPU scheduler, allowing it to make better choices. In tests performed by Google NAPI threads were explicitly pinned to cores but the application threads were not.
The main disadvantage of threaded NAPI is that according to my tests it in fact requires explicit CPU allocation, unless the system is relatively idle, otherwise NAPI threads suffer latencies similar to ksoftirq latencies. The automatic packing and balancing should therefore remove the need to manually allocate CPU cores to networking. This mode of operation is inspired by Linux workqueues, but with higher locality and latency guarantees. Unfortunately, due to upstream emergencies after initial promising results the TAPI work has been on hold for the last 2 months.
So we saw earlier that memblock stores a list of available blocks of memory, and in addition to that it can set aside reserved memory. It makes perfect sense that the kernel cannot use the physical memory occupied by by the kernel — the code of the kernel we are executing. Would be unfortunate if we overwrite that with YouTube videos. Finally we reserve the memory used by the device tree at the moment I write this there is a patch pending to fix a bug here and any other memory reservations defined in the device tree.
A typical example of a memory reservation in the device tree is if you have a special video ram VRAM. The following would be a typical example:. A typical use of such carveouts is media buffers for video and audio. Next, before we have started to allocate any memory on the platform we set aside memory to be used for contiguous memory allocation CMA if this memory manager is in use.
This is taken from the ARM Versatile reference platform and shows that we have one big chunk of memory that is 0x MB in size. In this memory we have chiseled out three reservations of in total 0xC a bit more than 7 MB. After this point, we know what memory in the system we can and cannot use: early memory management using memblock is available.
The main purpose of this mechanism is for the real memory manager to bootstrap itself: we need to allocate memory to be used for the final all-bells-and-whistles memory management: data structures to hold the bitmaps of allocated memory, page tables and so on. But we are not there yet. Well we better take that into account. Redo the whole thing. We now initialize the page table.
This call is really interesting and important: this is where we set up the system to perform the lower levels of proper memory management. This is a good time to recap the inner workings of the ARM32 page tables before you move along. Each of them corresponds to a 2MB chunk of memory. If we try to obtain an instruction or data from one of these addresses we will generate a prefect abort of some type. What happens here? For example if a system has MB of RAM starting at 0x in a single memory block and the kernel zImage is 8MB in size and gets loaded into memory at 0xxFFFFF with the PGD page global directory at 0x , we will start at address 0x translated to virtual memory 0xE and clear all PMDs for the virtual memory up until we reach 0xF This code only initializes the PMDs, i.
This image illustrates what happens when we initialize the PMDs the picture is not to scale. The black blocks are the PMDs we clear, making them unavailable for any references for now. We are not dealing with the userspace view of the memory at all, only the kernel view of the memory. The BSS segment and other non-execuable segments are linked below the executable part of the kernel, so this is in the virtual memory above the executable part of the kernel.
Next we reach the situation where the memblock is covering both the executable and the non-executable part of the kernel image. This is the most common scenario under all circumstances, such as my example with a single MB physical memory block.
Most ARM32 systems are like this. The granularity may require individual 4K pages so this will use elaborate page mapping. The executable kernel memory is also writable because the PGD is in the first PMD sized chunk here — we sure need to be able to write to that — and several kernel mechanisms actually rely on being able to runtime-patch the executable kernel, even if we have already finalized the crucial physical-to-virtual patching.
One example would be facilities such as ftrace. Everything that fits in the linearly mapped lowmem above and below the kernel will be readable and writable by the kernel, which leads to some optimization opportunities — especially during context switches — but also to some problems, especially regarding the highmem. Why would we not allocate PTEs, real page-to-page tables for every 0x chunk of physical-to-virtual map? In our case that will mostly be the case! But we try our best to use the big and fast section maps if we can without unnecessarily creating a myriad of PTE-level objects that turn into level-2 descriptors that need to be painstakingly traversed.
However on the very last page of the executable part of the kernel and very first page of the data segments it is very likely that we cannot use a section mapping, and for the first time the generic kernel fine-granular paging using 4 KB pages will kick in to provide this mapping.
We learnt before that the linker file has been carefully tailored to make sure that each segment of code starts on an even page, so we know that we can work at page granularity here.
Popular repositories Loading KingKernel-rebased Public. KingKernel-floral Public. Stable-builds Public. KingKernel-marlin-old Public. Repositories Loading. All Batchfile C Python Shell. Last updated Name Stars. C 1 0 0 0 Updated May 18, C 5 2 0 0 Updated Nov 22, Python 0 0 0 0 Updated Feb 23, C 7 1 0 0 Updated Jan 28,
0コメント