0x320 Foundation

• 1. Overview
  • 1.1. Concepts
  • 1.2. UNIX like
    • 1.2.1. BSD
    • 1.2.2. System V
    • 1.2.3. OSX
    • 1.2.4. Minix
    • 1.2.5. Linux
  • 1.3. Windows
    • 1.3.1. Windows NT
  • 1.4. New Kernels
    • 1.4.1. GNU Hurd
    • 1.4.2. Zircon
• 2. Interrupt
  • 2.1. Real/Protected
    • 2.1.1. Real mode
    • 2.1.2. Protected Mode
  • 2.2. Interrupt Handler
    • 2.2.1. Top Half
    • 2.2.2. Bottom Half
  • 2.3. Software Interupt (Exception, Sync Interrupt)
    • 2.3.1. Trap
    • 2.3.2. Fault
    • 2.3.3. Abort
  • 2.4. Hardware Interrupt (Async Interrupt)
    • 2.4.1. IRQ (Interrupt Request)
    • 2.4.2. Maskable Interrupt
    • 2.4.3. Nonmaskable Interrupt
• 3. System Call
  • 3.1. ABI
  • 3.2. unistd.h
    • 3.2.1. x86
    • 3.2.2. amd64
• 4. Reference

1. Overview

This subsection is a note summarizing history and principles for different kernels.

1.1. Concepts

UNIX Philosophy Tanenbaum–Torvalds debate (microkernel VS monolithic)

1.2. UNIX like

UNIX UNIX was first developed in 1969 by Ken Thompson at Bell Labs on PDP-7 with assembly language.

• UNIX Philosophy
• The UNIX System: Making Computers More Productive

man Section Number

   1   Executable programs or shell commands
   2   System calls (functions provided by the kernel)
   3   Library calls (functions within program libraries)
   4   Special files (usually found in /dev)
   5   File formats and conventions eg /etc/passwd
   6   Games
   7   Miscellaneous (including macro packages and conventions), e.g. man(7), groff(7)
   8   System administration commands (usually only for root)
   9   Kernel routines [Non standard]

1.2.1. BSD

1.2.2. System V

1.2.3. OSX

1.2.4. Minix

1.2.5. Linux

1.3. Windows

1.3.1. Windows NT

1.4. New Kernels

1.4.1. GNU Hurd

1.4.2. Zircon

new micro-kernel under development derived from Haiku syscalls looks clean

2. Interrupt

Interrupts can be viewed as a mean of communication between the CPU and the OS kernel.

They may be initiated by

• CPU (exceptions - e.g.: divide by zero, page fault)
• devices (hardware interrupts - e.g: input available)
• CPU instruction (traps - e.g: syscalls, breakpoints).

They are eventually managed by the CPU, which "interrupts" the current task, and invokes an OS-kernel provided ISR/interrupt handle.

2.1. Real/Protected

2.1.1. Real mode

routines are stored from linear address 0 to 400H (first 1k byte in memory) interrupt vector is mapped to routine address by multiplying 4.

2.1.2. Protected Mode

interrupt descriptor table's starting address contained in IDT (setup by lidt assembly)

2.2. Interrupt Handler

The processing of interrupt is split into two parts (halves)

• top half: perform time-critical work
• bottom half: runs in the future at a more convenient time

2.2.1. Top Half

2.2.2. Bottom Half

Use tasklet

2.3. Software Interupt (Exception, Sync Interrupt)

2.3.1. Trap

traditional Linux system call entry point was INT 0x80, replaced with sysenter on x86

2.3.2. Fault

2.3.3. Abort

2.4. Hardware Interrupt (Async Interrupt)

A hardware interrupt is signaled by an external hardware device, it arrives asynchronously with respect to the processor's clock, it is later conditioned to synchronize to the clock and act on only at the instruction execution boundary.

2.4.1. IRQ (Interrupt Request)

Each device is corresponding to a IRQ (Interrupt Request) signal, there is a hardware called PIC (Programmable Interrupt Controller) in charge of those interrupt signals, newer x86 are using APIC (A means advanced) supporting IRQ up to 255.

Typically, the IPC number is as follows:

Master PIC

• IRQ 0: timer
• IRQ 1: keyboard or PS/2 port
• IRQ 2: cascade signal from Slave PIC
• IRQ 3: serial port
• IRQ 4: serial port
• IRQ 5: parallel port or sound card
• IRQ 6: floppy disk
• IRQ 7: parallel port

Slave PIC

• IRQ 8: real time clock
• IRQ 9: ACPI?? do not know what it is
• IRQ 10: random (SCSI or NIC)
• IRQ 11: random (SCSI or NIC)
• IRQ 12: mouse on PS/2
• IRQ 13: coprocessor
• IRQ 14: primary ATA
• IRQ 15: secondary ATA

2.4.2. Maskable Interrupt

2.4.3. Nonmaskable Interrupt

3. System Call

3.1. ABI

3.2. unistd.h

system call index can be looked up in the unistd.h file. Note that different arch have different system call indexes e.g.:

• x86_64: arch/x86/entry/syscalls/syscall_64.tbl: read is 0
• x86: arch/x86/entry/syscalls/syscall_32.tbl: read is 3
• arm64: include/uapi/asm-generic/unistd.h: read is 63
• arm: arch/arm/tools/syscall.tbl, read is 3

3.2.1. x86

The first 10 system calls are defined as follows

#define __NR_restart_syscall 0
#define __NR_exit 1
#define __NR_fork 2
#define __NR_read 3
#define __NR_write 4
#define __NR_open 5
#define __NR_close 6
#define __NR_waitpid 7
#define __NR_creat 8
#define __NR_link 9
#define __NR_unlink 10

3.2.2. amd64

4. Reference

[1] Operating Systems: Three Easy Pieces

[2] [1] Kerrisk, Michael. The Linux programming interface: a Linux and UNIX system programming handbook. No Starch Press, 2010.