Home PC Games Linux Windows Database Network Programming Server Mobile  
  Home \ Programming \ Linux module mechanism of     - The Samba service does not have permission to access (Server)

- Vim useful plugin: YouCompleteMe (Linux)

- socket busy poll of Linux kernel 3.11 to avoid sleep switch (Linux)

- Solve the compatibility problem between Linux and Java at the source in bold font (Linux)

- Ubuntu Backup and Recovery (Linux)

- Linux Network Programming - raw socket programming (Programming)

- Oracle utilized undo data recovery operations (Database)

- MySQL separation Amoeba achieve literacy (Database)

- To install PostgreSQL 9.4 (Database)

- Linux Basic Course: Install the software from source code (Linux)

- Oracle database online redo logs are several methods of recovery of deleted (Database)

- UNIX file permissions in the "set user ID bit" (Linux)

- Golang use Oracle database on Ubuntu 14.04 (Linux)

- MySQL bulk insert data script (Database)

- Chkconfig set boot start under Linux (Linux)

- How to install and use the Snort in Ubuntu 15.04 (Linux)

- Vi syntax highlighting settings (Linux)

- CentOS7 virtual machine settings, and bridging problems (Linux)

- Python kills corresponding process according to pid (Programming)

- Shell Script: Bulk add users, and set the random character password (Programming)

  Linux module mechanism of
  Add Date : 2018-11-21      
  Linux allows users to insert the module, the core purpose of the intervention. All along, the module mechanism of linux are not clear enough, so this paper loading mechanism for kernel module for simple analysis.

Module Hello World!

We tested this by creating a simple module. The first is the source file main.c and Makefile.

florian @ florian-pc: ~ / module $ cat main.c




static int __init init (void)


    printk ( "Hi module n!");

    return 0;



static void __exit exit (void)


    printk ( "! Bye module n");



module_init (init);

module_exit (exit);

Init module which is the entry function is called when the module is loaded executed, exit to exit function module, the module unload is called.

florian @ florian-pc: ~ / module $ cat Makefile

obj-m + = main.o

#generate the path

CURRENT_PATH: = $ (shell pwd)

#the current kernel version number

LINUX_KERNEL: = $ (shell uname -r)

#the absolute path

LINUX_KERNEL_PATH: = / usr / src / linux-headers - $ (LINUX_KERNEL)

#complie object


    make -C (LINUX K ERNEL P ATH) M = (CURRENT_PATH) modules



    make -C (LINUX K ERNEL P ATH) M = (CURRENT_PATH) clean

Wherein, obj-m specifies the name of the target file, the file name and need the same source file name (except extension) to automatically derive to make.

Then use the make command to compile the module, the module files get main.ko.

florian @ florian-pc: ~ / module $ make

make -C /usr/src/linux-headers-2.6.35-22-generic M = / home / florian / module modules

make [1]: moving into the directory `/usr/src/linux-headers-2.6.35-22-generic '

  Building modules, stage 2.

  MODPOST 1 modules

make [1]: Leaving directory `/usr/src/linux-headers-2.6.35-22-generic '

Using insmod and rmmod command module loading and unloading operations, and use the dmesg prints the kernel log.

florian @ florian-pc: ~ / module $ sudo insmod main.ko; dmesg | tail -1

[31077.810049] Hi module!


florian @ florian-pc: ~ / module $ sudo rmmod main.ko; dmesg | tail -1

[31078.960442] Bye module!

By kernel log information, you can see the entry function and exit function modules are properly called.

Module file

Use readelf check command module file main.ko information.

florian @ florian-pc: ~ / module $ readelf -h main.ko

ELF Header:

  Magic: 7f 45 4c 46 01 01 01 00 00 00 00 00 00 00 00 00

  Class: ELF32

  Data: 2's complement, little endian

  Version: 1 (current)

  OS / ABI: UNIX - System V

  ABI Version: 0

  Type: REL (Relocatable file)

  Machine: Intel 80386

  Version: 0x1

  Entry point address: 0x0

  Start of program headers: 0 (bytes into file)

  Start of section headers: 1120 (bytes into file)

  Flags: 0x0

  Size of this header: 52 (bytes)

  Size of program headers: 0 (bytes)

  Number of program headers: 0

  Size of section headers: 40 (bytes)

  Number of section headers: 19

  Section header string table index: 16

We found main.ko file type is relocatable object files, and this general object file format without any distinction. We know that the target file can not be executed directly, it needs to go through the link's address space allocation, symbol resolution and relocation process into an executable file to run.

Then, after loading the kernel will main.ko, whether it be a link?

Module data structure

First, we look at the kernel data structure of the module.

linux3.5.2 / kernel / module.h: 220

struct module



    / * Startup function. * /

    int (* init) (void);


    / * Destruction function. * /

    void (* exit) (void);



init and exit module function pointer data structures record of our custom module entry function and exit function.

Module is loaded

Module is loaded by the kernel calls init_module complete system.

linux3.5.2 / kernel / module.c: 3009

/ * This is where the real work happens * /

SYSCALL_DEFINE3 (init_module, void __user *, umod,

      unsigned long, len, const char __user *, uargs)


    struct module * mod;

    int ret = 0;


    / * Do all the hard work * /

    mod = load_module (umod, len, uargs); // load module


    / * Start the module * /

    if (mod-> init! = NULL)

      ret = do_one_initcall (mod-> init); // init module function calls


    return 0;


System call init_module by the SYSCALL_DEFINE3 (init_module ...) implementation, which has two key function calls. load_module means for loading, do_one_initcall for init callback module.

Load_module implemented as a function.

linux3.5.2 / kernel / module.c: 2864

/ * Allocate and load the module: note that size of section 0 is always

  zero, and we rely on this for optional sections. * /

static struct module * load_module (void __user * umod,

                unsigned long len,

                const char __user * uargs)


    struct load_info info = {NULL,};

    struct module * mod;

    long err;


    / * Copy in the blobs from userspace, check they are vaguely sane. * /

    err = copy_and_check (& ​​info, umod, len, uargs); // copy the kernel

    if (err)

      return ERR_PTR (err);

    / * Figure out module layout, and allocate all the memory. * /

    // Address space allocation; mod = layout_and_allocate (& info)

    if (IS_ERR (mod)) {

      err = PTR_ERR (mod);

      goto free_copy;



    / * Fix up syms, so that st_value is a pointer to location. * /

    err = simplify_symbols (mod, & info); // symbol resolution

    if (err <0)

      goto free_modinfo;

    err = apply_relocations (mod, & info); // Relocation

    if (err <0)

      goto free_modinfo;



There are four key functions within load_module function calls. copy_and_check module is copied from user space to kernel space, layout_and_allocate for the module address space allocation, simplify_symbols the module symbol resolution, apply_relocations the module relocation.

Thus, when the module is loaded, the kernel module file for the process carried out main.ko link!

As a function of do_one_initcall implementation is relatively simple.

linux3.5.2 / kernel / init.c: 673

int __init_or_module do_one_initcall (initcall_t fn)


    int count = preempt_count ();

    int ret;

    if (initcall_debug)

      ret = do_one_initcall_debug (fn);


      ret = fn (); // call init module


    return ret;


That calls the entry function init module.

Module unload

Module unload call delete_module completed by the kernel.

linux3.5.2 / kernel / module.c: 768

SYSCALL_DEFINE2 (delete_module, const char __user *, name_user,

        unsigned int, flags)


    struct module * mod;

    char name [MODULE_NAME_LEN];

    int ret, forced = 0;


    / * Final destruction now no one is using it. * /

    if (mod-> exit! = NULL)

      mod-> exit (); // calls exit module


    free_module (mod); // unload the module



Exit through a callback function to complete the export function module, the module unload free_module last call.

in conclusion

It seems that the kernel module is not mysterious. Traditional user program needs to be compiled into an executable program to perform, and the module needs to be compiled only program in the form of object files can be loaded into the kernel, there are links to kernel modules to achieve, it will be transformed into executable code. At the same time, the kernel loading and unloading process, the entry function and exit function modules by user-defined callback module, the corresponding function.
- CentOS 7.0 Enable iptables firewall (Linux)
- Oracle 10046 Event (Database)
- Java framework for parallel study - ForkJoin (Programming)
- 3 tips Linux command (Linux)
- Ubuntu UFW firewall settings Introduction (Linux)
- Linux the best download manager uGet (Linux)
- Linux configuration startup mount: fstab file (Linux)
- Use HttpClient remote interface testing (Programming)
- JBoss7 configuration - Supports IPv4 and IPv6 dual-stack environment (Server)
- The direct insertion sort algorithm (Programming)
- Inxi: Get Linux system and hardware information (Linux)
- How to add a new resolution VirtualBox (Linux)
- Development environment to build MEAN In Ubuntu 15.10 (Server)
- Yii PHP Framework Getting Started tutorial (Linux)
- Linux System Getting Started Learning: From VirtualBox from the client host access NAT (Linux)
- OpenResty load balancing MySQL (Database)
- Five strokes to find out the IP address you want to know (Linux)
- The difference between free command displays the buffers and cache (Linux)
- C ++ inheritance and derived (induction principle) (Programming)
- Mhddfs: multiple smaller partitions into one large virtual storage (Linux)
  CopyRight 2002-2022 newfreesoft.com, All Rights Reserved.