- Source code example from «Linux kernel programming»
- 2 Answers 2
- Building Linux Kernel
- Step 1: Download the Source Code
- Step 2: Extract the Source Code
- Step 3: Install Required Packages
- Step 4: Configure Kernel
- Step 5: Build the Kernel
- Step 6: Update the Bootloader (Optional)
- Step 7: Reboot and Verify Kernel Version
Source code example from «Linux kernel programming»
was reading Robert Love’s book, chapter 5 on syscalls, and found this simple example a bit questionable:
asmlinkage long sys_silly_copy(unsigned long *src, unsigned long *dst, unsigned long len)
As we see ‘buf’ is object of type ‘unsigned long’ and defined on the kernel stack, i.e. its initial value is likely garbage. Anyway is it valid to copy ‘len’ bytes in the stack where buf is, i.e. it could overwrite something useful? Perhaps this is fine only for this particular example?
Looks fine as long as len == sizeof(unsigned long). All that’s happening is len bytes from src are being written into buf. Just don’t len to be too big or the ret address and other important structures could be overwritten
@kisplit: you never rely on your callers following the rules, especially if you’re the kernel. If you wanted to ensure the copy was only for a single ulong, you’d use sizeof(unsigned long) in the copy operations rather than len . I’ve provided a more secure version in my answer.
@paxdiablo: I totally agree. Of course it’s dangerous unless len == sizeof(unsigned long) in this specific example.
2 Answers 2
It is very questionable. In fact, it’s downright dangerous. I’ll give the author the benefit of the doubt here since they’re just trying to show how copy_from_user and copy_to_user work but they really should have provided an example that wasn’t so dangerous.
Especially since the book waxes lyrical about how you must be extra careful:
System calls must carefully verify all their parameters to ensure that they are valid and legal.The system call runs in kernel-space, and if the user can pass invalid input into the kernel without restraint, the system’s security and stability can suffer.
and then provides a means for the user to totally annihilate the kernel 🙂
The text from the copy I have states:
Let’s consider an example system call that uses both copy_from_user() and copy_to_user() .This syscall, silly_copy() , is utterly worthless; it copies data from its first parameter into its second.This is suboptimal in that it involves an intermediate and extraneous copy into kernel-space for no gain. But it helps illustrate the point.
/* * silly_copy - pointless syscall that copies the len bytes from * ‘src’ to ‘dst’ using the kernel as an intermediary in the copy. * Intended as an example of copying to and from the kernel. */ SYSCALL_DEFINE3(silly_copy, unsigned long *, src, unsigned long *, dst, unsigned long len) < unsigned long buf; /* copy src, which is in the user’s address space, into buf */ if (copy_from_user(&buf, src, len)) return -EFAULT; /* copy buf into dst, which is in the user’s address space */ if (copy_to_user(dst, &buf, len)) return -EFAULT; /* return amount of data copied */ return len; >Other than the catastrophic failure of not checking parameters, I’m pretty certain the last parameter of the SYSCALL_DEFINE3 is missing a comma (though that would just be a typo).
A far better example, without having to allocate arbitrary memory, would be along the lines of:
SYSCALL_DEFINE3(silly_copy, unsigned long *, src, unsigned long *, dst, unsigned long, len) < unsigned long buf[64]; /* Buffer for chunks */ unsigned long lenleft = len; /* Remaining size */ unsigned long chunklen = sizeof(buf); /* Initial chunk length */ /* Loop handling chunk sizes */ while (lenleft >0) < /* Change chunk length on last chunk */ if (lenleft < chunklen) chunklen = lenleft; /* copy src(user) to buf(kernel) then dst(user) */ if (copy_from_user(buf, src, chunklen)) return -EFAULT; if (copy_to_user(dst, buf, chunklen)) return -EFAULT; /* Adjust pointers and remaining size */ src += chunklen; dst += chunklen; lenleft -= chunklen; >/* return amount of data copied */ return len; > Anyone trying to implement that system call would be well advised to steer away from that particular sample in the book, although I suppose, at a bare minimum, it will give you some good kernel debugging experience 🙂
How to Build Linux Kernel From Scratch
The Linux Kernel is the foundation of all the Linux distributions. The kernel is responsible for communication between hardware and software and the allocation of available resources.
All Linux distributions are based on a predefined kernel. But, if you want to disable certain options and drivers or try experimental patches, you need to compile your own Linux kernel.
In this step-by-step guide, you will learn how to build and compile a Linux kernel from scratch.
- A system running Linux
- Access to the terminal/command line
- A user account with sudo/root privileges
- 12GB of available space on the hard drive
Building Linux Kernel
The process of building a Linux kernel can be performed in seven easy steps. However, the procedure may require a significant amount of time to complete, depending on the system speed.
Follow the steps below to build the latest Linux kernel.
Note: If the latest kernel version on the official website does not match the one mentioned in the steps below, replace the version number in the commands with the current latest version.
Step 1: Download the Source Code
1. Visit the official kernel website and download the latest kernel version. The downloaded file contains a compressed source code.
2. Open the terminal and use the wget command to download the Linux kernel source code:
wget https://cdn.kernel.org/pub/linux/kernel/v6.x/linux-6.0.7.tar.xzThe output shows the “saved” message when the download completes.
Note: Learn what to do when you get wget: command not found error.
Step 2: Extract the Source Code
When the file is ready, run the tar command to extract the source code:
The output displays the extracted kernel source code:
Step 3: Install Required Packages
Install additional packages before building a kernel. To do so, run this command:
sudo apt-get install git fakeroot build-essential ncurses-dev xz-utils libssl-dev bc flex libelf-dev bisonThe command we used above installs the following packages:
| Package | Package description |
| git | Tracks and makes a record of all changes during development in the source code. It also allows reverting the changes. |
| fakeroot | Creates the fake root environment. |
| build-essential | Installs development tools such as C, C++, gcc, and g++. |
| ncurses-dev | Provides API for the text-based terminals. |
| xz-utils | Provides fast file compression and decompression. |
| libssl-dev | Supports SSL and TSL that encrypt data and make the internet connection secure. |
| bc (Basic Calculator) | Supports the interactive execution of statements. |
| flex (Fast Lexical Analyzer Generator) | Generates lexical analyzers that convert characters into tokens. |
| libelf-dev | Issues a shared library for managing ELF files (executable files, core dumps and object code) |
| bison | Converts grammar description to a C program. |
Step 4: Configure Kernel
The Linux kernel source code comes with the default configuration. However, you can adjust it to your needs. To do so, follow the steps below:
1. Navigate to the linux-6.0.7 directory using the cd command:
2. Copy the existing configuration file using the cp command:
cp -v /boot/config-$(uname -r) .config
3. To make changes to the configuration file, run the make command:
The command launches several scripts that open the configuration menu:
4. The configuration menu includes options such as firmware, file system, network, and memory settings. Use the arrows to make a selection or choose Help to learn more about the options. When you finish making the changes, select Save, and then exit the menu.
Note: Changing settings for some options can lead to a non-functional kernel. If you are unsure what to change, leave the default settings.
Step 5: Build the Kernel
1. Start building the kernel by running the following command:
The process of building and compiling the Linux kernel takes some time to complete.
The terminal lists all Linux kernel components: memory management, hardware device drivers, filesystem drivers, network drivers, and process management.
If you are compiling the kernel on Ubuntu, you may receive the following error that interrupts the building process:
No rule to make target 'debian/canonical-certs.pemDisable the conflicting security certificates by executing the two commands below:
scripts/config --disable SYSTEM_TRUSTED_KEYSscripts/config --disable SYSTEM_REVOCATION_KEYSThe commands return no output. Start the building process again with make , and press Enter repeatedly to confirm the default options for the generation of new certificates.
2. Install the required modules with this command:
sudo make modules_install
3. Finally, install the kernel by typing:
The output shows done when finished:
Step 6: Update the Bootloader (Optional)
The GRUB bootloader is the first program that runs when the system powers on.
The make install command performs this process automatically, but you can also do it manually.
1. Update the initramfs to the installed kernel version:
sudo update-initramfs -c -k 6.0.72. Update the GRUB bootloader with this command:
The terminal prints out the process and confirmation message:
Step 7: Reboot and Verify Kernel Version
When you complete the steps above, reboot the machine.
When the system boots up, verify the kernel version using the uname command:
The terminal prints out the current Linux kernel version.
In this step-by-step guide, you learned how to build a Linux kernel from scratch and install the required packages.
If you follow the instructions carefully, the process will complete successfully on your Linux machine.
The Linux kernel has a modular design. Functionality is extendible with modules or drivers. Learn how to use the modprobe command to add or remove modules on Linux.
Goran combines his leadership skills and passion for research, writing, and technology as a Technical Writing Team Lead at phoenixNAP. Working with multiple departments and on various projects, he has developed an extraordinary understanding of cloud and virtualization technology trends and best practices.
There are several methods to remove old or unused kernels. It’s also considered good system hygiene practice.
The Linux kernel is the underlying software architecture of each Linux distribution. It provides and defines.