Updated Linux supports 5 level of paging by default. I want to compile the Linux for three level of paging. I am using RISC-V architecture and I am not able to find the required support in menuconfig. So how I will achieve the same.

I tried to change the page level in .config file, but after make menuconfig it overwritten again with level 5. If I change this in Kconfig file of riscv architecture, then it failed to resolve page fault may be because of some dependencies in setup_vm. I am using OpenSBI bootloader, in this default 5 configuration works fine, but I want to do this with page level 3, because of specific hardware requirement which support only 3 level of paging.

I'm working on booting a SMARC-sAL28 module with the LS1028A SoC. I've compiled U-Boot and written it to an SD card. The device tree is supposed to include support for ARM crypto extensions and SMMU. However, I'm encountering the following warnings during the boot process:

WARNING: Missing crypto nodeWARNING failed to get smmu node: FDT_ERR_NOTFOUND

Altough the crypto node and smmu node are defined in the device tree:

        crypto {                compatible = "arm,crypto";        };        smmu {                compatible = "arm,smmu-v3";        };

Also the kernel fails to boot and is stuck in an loop with the message:

## Flattened Device Tree blob at 88000000   Booting using the fdt blob at 0x88000000   Loading Kernel Image   Using Device Tree in place at 0000000088000000, end 0000000088006888WARNING: Missing crypto nodeWARNING failed to get smmu node: FDT_ERR_NOTFOUNDStarting kernel ...

I am building a script for work where I have to scrape massive IP addresses, something like 50 million.However, when analyzing my program and machine performance, we notice the following:

At least 10k of sockets went directly on TIME WAIT mode, without even being allocated.Only 2k of sockets were used.I tried editing kernel flags:

# Expand the range of ephemeral portssysctl -w net.ipv4.ip_local_port_range="10768 65535"# Enable TCP Fast Opensysctl -w net.ipv4.tcp_fastopen=3# Increase socket buffer sizessysctl -w net.ipv4.tcp_rmem="4096 87380 6291456"sysctl -w net.ipv4.tcp_wmem="4096 16384 4194304"# Optimize keepalive settings -> in our case I think we don't care because we# are talking about handshakes so we shouldn't have keepalive, but we never knowsysctl -w net.ipv4.tcp_keepalive_intvl=10sysctl -w net.ipv4.tcp_keepalive_probes=3# Increase maximum file descriptorsulimit -n 1048576echo "* soft nofile 1048576" >> /etc/security/limits.confecho "* hard nofile 1048576" >> /etc/security/limits.conf# Increase TCP backlogsysctl -w net.ipv4.tcp_max_syn_backlog=1024# sysctl -w net.core.somaxconn=1024# Enable advanced F-RTO# sysctl -w net.ipv4.tcp_frto=2sysctl -w net.ipv4.tcp_frto=0# Reduce the number of orphan retriessysctl -w net.ipv4.tcp_orphan_retries=1# Set initial number of retransmissions before aggressive timing is usedsysctl -w net.ipv4.tcp_retries1=2# Set maximum number of retransmissions before giving upsysctl -w net.ipv4.tcp_retries2=8# Reduce SYN-ACK retriessysctl -w net.ipv4.tcp_synack_retries=2# Reduce SYN-ACK retriessysctl -w net.ipv4.tcp_syn_retries=2# Reduce TCP connection timeoutssysctl -w net.ipv4.tcp_fin_timeout=6# Enable SYN cookiessysctl -w net.ipv4.tcp_syncookies=1# Set a moderate limit for TIME_WAIT socketssysctl -w net.ipv4.tcp_max_tw_buckets=10000

The only relevant flag that changed something was:

# Reduce TCP connection timeoutssysctl -w net.ipv4.tcp_fin_timeout=6

But it only changed the duration of time wait sockets ; not the fact that only few were allocated.What can I do ?Should I use raw sockets ? (snif)

I'm working on an update of quite old kernel to just a bit newer and I've noticed that my /proc/sys/kernel/random is now quite different, e.g. entropy_pool (entropy_avail) value changed from 4096 to 256. I did some digging and found out my kernel update contains many of the drivers/char/random.c changes. After the update random.c claims to be cryptographically secure pseudorandom data.

In the older kernel I used rng-tools to feed the entropy and since my /dev/hwrng was disabled- I used jitter as an entropy source.
Before the update - initializing rngd took around 8 seconds when it occupied both CPUs at 100%. It was acceptable.
After the update - it takes ~120 seconds which is not acceptable.

That made me thinking- is that possible not to feed the entropy for /dev/random at all?

I tried to learn more about this but reading all the available documentation, reddit threads, comments and posts online only got me confused.

I'm thinking about just enabling CONFIG_RANDOM_TRUST_CPU and disabling rngd but I'm worried that directly after boot the entropy_pool will not be good enough/random enough.

Main question:
Is that acceptable and safe to get rid of rngd-tools and not feed the entropy using rngd?

I am trying to write GPIO sysfs driver implementation from stratch. When i use final code, it gives error: Unknown symbol __stack_chk_guard

When I trimmed my code to find which line this error occurred in, I first found the following line.of_property_read_string(child, "label", &name);Because the very simple code below also gives the same error.

#include<linux/module.h>#include <linux/of.h>/*Module's init entry point */static int __init helloworld_init(void){    const char *name;    of_property_read_string(NULL, "label", &name);   pr_info("Hello world\n");   return 0;}/*Module's cleanup entry point */static void __exit helloworld_cleanup(void){  pr_info("Good bye world\n");}module_init(helloworld_init);module_exit(helloworld_cleanup);MODULE_LICENSE("GPL");MODULE_AUTHOR("asdsa");

How can i fix the error?

Currently working on adding a feature for linux kernel, I'm trying to add a field for each process.

My idea is to add that new field to the pcb struct and initialize it to 0 for init process.

The question is, should I change the implementation of fork syscall? I tried to read the source code and I find it ambiguous, sometimes it copies the pcb for the new process with memcpy and sometimes it's assigning field by field from the father process pcb. What is the correct approach for this? Will the original fork syscall copy the new pcb field?

I have C++ program that collects hardware counters using the perf_event_open and read methods on CentOS9 Stream.The code was working perfectly fine with kernel version 5.14.0-319.el9.x86_64. After a kernel update to 5.14.0-472.el9.x86_64, the readmethod occasionally returns -1. I haven't been able to find the cause, it seems random when it happens. Sometimes I'm able to collect hundreds of samples before I encounter this error, and other times only 20 or so. Sometimes the program runs error free.

I store the errno value immediately after the read(). The value is 10. Then, I call strerror_r to print its description, which is "No child processes".

This is an example of how I initialize the hardware counters:

#define TOTAL_HW_COUNTERS 4const char * pmu_names[TOTAL_HW_COUNTERS] = {"instructions", "cpu-cycles", "branch-misses","cache-misses"};unsigned int pmu_offsets[TOTAL_HW_COUNTERS] = {PERF_COUNT_HW_INSTRUCTIONS, PERF_COUNT_HW_CPU_CYCLES, PERF_COUNT_HW_BRANCH_MISSES, PERF_COUNT_HW_CACHE_MISSES};unsigned int pmu_types[TOTAL_HW_COUNTERS] = {PERF_TYPE_HARDWARE, PERF_TYPE_HARDWARE, PERF_TYPE_HARDWARE, PERF_TYPE_HARDWARE};int initializePerf(pid_t child_pid) {    static struct perf_event_attr pe;    int fd;    /* The first object is the leader */    memset(&pe, 0, sizeof(pe));    pe.type = pmu_types[0];    pe.size = sizeof(pe);    pe.config = pmu_offsets[0];    pe.disabled = 1;    pe.inherit = 1;    pe.exclude_kernel = 0;    pe.exclude_hv = 0;    pe.read_format = PERF_FORMAT_GROUP | PERF_FORMAT_ID;    fd = perf_event_open(&pe, child_pid, -1, -1, 0);    if (fd == -1) {        int errsv = errno;        std::cerr << "Error opening leader " << pe.config << " errno: " << errsv << std::endl;        exit(EXIT_FAILURE);    }    /* Add the rest of the perf_event_attr objects in a group with the leader */    for (int i = 1; i < TOTAL_HW_COUNTERS; i++) {        memset(&pe, 0, sizeof(pe));        pe.type = pmu_types[i];        pe.size = sizeof(pe);        pe.config = pmu_offsets[i];        pe.disabled = 1;        pe.inherit = 1;        pe.exclude_kernel = 0;        pe.exclude_hv = 0;        pe.read_format = PERF_FORMAT_GROUP | PERF_FORMAT_ID;        if (perf_event_open(&pe, child_pid, -1, fd, 0) == -1) {            int errsv = errno;            std::cerr << "Error opening group counter " << pe.config << " errno: " << errsv << std::endl;            exit(EXIT_FAILURE);        }    }    return fd;}int main(int argc, char* argv[]) {    initializePerf(0);    // Do stuff    return 0;}

I have a thread that wakes up every 100ms to reset the counter values and uses this method to read hardware counters and store all samples in read_pmu_buf.

int readPerfCounters(int bytes_read, char * read_pmu_buf, int fd, int count) {    char * bufptr = read_pmu_buf + bytes_read;    int errsv;    int size_read = read(fd, bufptr, count);    errsv = errno;    if (size_read == -1) {        std::cerr << "Error reading perf counters at fd " << fd;        std::cerr << " errno: " << errsv << std::endl;        char buffer[ 256 ];        char * errorMsg = strerror_r(errsv, buffer, 256 );        std::cerr << errorMsg << std::endl; // Output: "No child processes"    }    return size_read;}

Since this happened only after I updated the kernel, I tried a slightly older version than 5.14.0-472.el9.x86_64, 5.14.0-467.el9.x86_64, but the error behavior is still the same.

The error is definitely coming from the read() call, but I don't understand: (1) how is "No child processes" related to a read()? And (2) what changed between kernel versions?

After compiling linux kernel modules/symbols as builtin, how to know they're actually being utilized?

It's fairly simple to know exactly which loadable modules do what, despite the fact there're modules that get loaded with 0 users, however I didn't find a method to detect used/"loaded" - I'm putting it in quotes cause I know they're already loaded - builtin symbols or modules!

And the reason behind my question is that many symbols are just boolean, not tri-state ...

I'm writing a very simple linux kernel driver for my serial keyboard, employing serdev. The driver works and the function

static size_t serdev_keyboard_recv(struct serdev_device *serdev,                              const unsigned char *buffer, size_t count) {        printk("serdev_keyboard: Received byte %d, count %ld \n", buffer[count-1], count);        return 0;    }

shows the count and last byte sent (each message is only one byte from the keyboard).The function is invoked as the receive_buf as:

static const struct serdev_device_ops serdev_keyboard_ops = {    .receive_buf = serdev_keyboard_recv,};

But it seems like the buffer saturates at 512 bytes. How can I tell the driver to drain the buffer when it's full, or just simply every time the receive_buf callback is executed?

I examined the Linux mutex implementation code, where if the lock is held by others, the lock function creates a mutex_waiter struct on the stack (as a local variable) and adds this struct as a node into the wait_list of the mutex. The calling process then goes to sleep and is only awakened later when its previous waiter releases the lock and assigns it the ownership.

However, I'm confused about where exactly this mutex_waiter node gets created - specifically, on the kernel stack of the calling process. I'm uncertain whether kernel stacks are shared across different processes. So, I'm wondering how the system chains all nodes created in each process's stacks (in different virtual address spaces). Are all kernel stacks shared, perhaps allocated on the kernel heap?

I attempted to delve into the source code for clarification, but I'm stuck due to the complexity and depth of encapsulation levels.

I am currently applying hibernation to my linux kernel and I need to manually feed the system watchdog during the last stage of resuming hibernate_exit. However, during this assembly method, the ttbr1 is switched to a different map table, which means that the initial watchdog's virtual address cannot be used. I have read about the docs for fixmap and I believe that it might be the solution to my problem. I have mapped the physical address of the watchdog to a virtual address located in the permanent fix address area using __set_fixmap, and then passed it to hibernate_exit. However, the system crashes when I try to write something to this VA.

After reading many articles, I have learned that fixmap is only used during the system initialization stage and nowhere else. Therefore, my question is: Can I use fixmap to map a PA during the initialization stage and then use this mapping anytime I need it? In other words, is this mapping always stored in the fixmap area unless I delete it? Also, is my assumption that the fixmap is not affected by the switching in ttbr correct?

I added a new field to the task_struct and also 2 very basic syscalls the set and get this field.Now when I try to boot the VM (I am using Linux 4.15.18 Ubuntu on VirtualBox) I get the following message:madam: no arrays found in config file or automatically (repeating many times)gave up waiting for root file system device.alert! uuid=xxxx does not exist, dropping to a shell!I really don't understand what could I have done to cause this.

Those are all the changes that I have made:in include/linux/sched.h:

struct task_struct{volatile long state;int new_field;  //my addition...}

in include/linux/init_task.h:

#define INIT_TASK(tsk) \{INIT_TASK_TI(tsk)  \.state = 0, \.new_field = 0, \  //my addition...}

I also added my syscalls to include/linux/syscalls.h and to arch/x86/entry/syscalls/syscall_64.tblbut I don't think this is what causing the problem/

I tried updating the packages in oracle-linux usingsudo yum updatebut it is throwing an errorErrors during downloading metadata for repository 'securityonion':

• Curl error (37): Couldn't read a file:// file for file:///nsm/repo/repodata/repomd.xml [Couldn't open file /nsm/repo/repodata/repomd.xml]Error: Failed to download metadata for repo 'securityonion': Cannot download repomd.xml: Cannot download repodata/repomd.xml: All mirrors were tried

Tried using dnf instead of yum and tried moving the filesudo mv securityonion.repo securityonion.repo.bakstill having the same issue

I'd like to allocate a user space buffer in a kernel module (linux kernel v5.4.0). According to this post, this should be doable by using do_mmap().

I've written the following code:

#include <linux/module.h>#include <linux/kernel.h>#include <linux/fs.h>#include <linux/slab.h>#include <linux/uaccess.h>#include <linux/err.h>#include <linux/fcntl.h>#include <linux/uio.h>#include <linux/mm.h>#include <linux/kallsyms.h>#include <linux/mman.h>#include <linux/string.h>unsigned long (*orig_do_mmap)(struct file *file, unsigned long addr,                              unsigned long len, unsigned long prot,                              unsigned long flags, vm_flags_t vm_flags,                              unsigned long pgoff, unsigned long *populate,                              struct list_head *uf);MODULE_LICENSE("GPL");MODULE_AUTHOR("Chibi Gwen");MODULE_DESCRIPTION("a simple module");MODULE_VERSION("0.1");static int __init start(void){    printk(KERN_INFO, "module installed\n");    unsigned long populate;    orig_do_mmap = kallsyms_lookup_name("do_mmap");    if (orig_do_mmap == NULL)    {        printk("cannot find do_mmap() via kallsyms_lookup_name()\n");        return -EINVAL;    }    struct mm_struct *mm = current->mm;    down_write(&mm->mmap_sem);    unsigned char *buf= (unsigned char *)orig_do_mmap(NULL, 0, 0x2000, PROT_READ | PROT_WRITE, MAP_ANONYMOUS | MAP_PRIVATE | MAP_LOCKED, 0, 0, &populate, NULL);    up_write(&mm->mmap_sem);    memset(buf, 0x0, 0x2000);    return 0;}static void __exit end(void){    printk(KERN_INFO, "module uninstalled\n");}module_init(start);module_exit(end);

However, when executing memset(), the kernel complains:

[   74.674862] BUG: unable to handle page fault for address: 00007f8945966000[   74.674864] #PF: supervisor write access in kernel mode[   74.674865] #PF: error_code(0x0002) - not-present page

Indeed do_mmap() successfully returns, and 00007f8945966000 happens to be the address of buf. My guess is that my code hasn't initialized the corresponding page table entry.

What is the correct way to allocate a buffer in user space from a kernel module?Any ideas?

My gdb (GNU gdb (GDB) 10.2) backtrace fails to access kernel memory in vmalloc range. This is with a kernel crash coredump on x86_64 platform.

In my understanding 0xffffc90000000000 is the vmalloc start range with 48-bit virtual addressing system.https://www.kernel.org/doc/Documentation/x86/x86_64/mm.txtffffc90000000000 | -55 TB | ffffe8ffffffffff | 32 TB | vmalloc/ioremap space (vmalloc_base)

`(gdb) bt #0  0xffffffff817807ab in neigh_get_next (n=0xffff888129ff0a00, pos=0x0 <fixed_percpu_data>,     seq=<optimized out>, seq=<optimized out>) at net/core/neighbour.c:3220 Backtrace stopped: Cannot access memory at address 0xffffc90000c77dc0`

However linux crash utility helped me to dump the complete backtrace. All stack frame addresses are in 0xffffc9xxxxxxxxxx address range.

`crash>bt#6 [ffffc90000c77dc0] neigh_seq_next at ffffffff8178096d#7 [ffffc90000c77de0] seq_read_iter at ffffffff812302c4#8 [ffffc90000c77e38] seq_read at ffffffff8123054e#9 [ffffc90000c77eb8] proc_reg_read at ffffffff812806b6#10 [ffffc90000c77ed0] vfs_read at ffffffff812046c0#11 [ffffc90000c77f08] ksys_read at ffffffff81204a7a#12 [ffffc90000c77f40] do_syscall_64 at ffffffff81a17bbd#13 [ffffc90000c77f50] entry_SYSCALL_64_after_hwframe at ffffffff81c00099`

To debug further, I dumped all sections from vmlinux (gdb> maintenance info sections, info files). Address range 0xffffc9xxxxxxxxxx is missing there.

gdb usage has become very limited in this case. I am yet to figure out the missing piece. If anyone has encountered similar issue in the past & have any pointer, please share with me.

Thanks in advance.

In an attempt to debug a kernel crash (x86_64) using gdb 10.2, I expected the to see the complete backtrace with relevant information. However gdb fails to access kernel memory, appears to be in vmalloc range.

I have seen several other questions on the forum that talk about this schedule() function, but my question is a bit different. I have seen several discussions and literature about it's theoretical, algorithmic and implementation aspects.

The thing which is not clear and the question is asked about, is the execution aspect. Of course looking at the source of the kernel in depth and doing all the required debugging, tracing bla bla... might answer this question but it seem not wise to reinvent the wheel.

The questions/confusions are as following:

What is the path traversed by a multi-threaded user program at kernel level?

Who schedules the threads? Which interrupt context(s)? Any name? (if we see at a trace at kernel level, there is nothing called "sched", but there are swappers, inits, ksoft* bla bla) Deos it go like this:

A process (user program) its child threads all are taken by the kernel at first, then kernel makes them as executable threads (by amalgamating them with schedule() and/or other functions, i.e., this new executable thread has some instructions from the kernel maybe from schedule()/others, embedded along with user task instructions. That makes it scheduled automatically if the situation occurs )

OR

schedule() is always executing at some co-processor to observe and act, if necessary, from that co-processor? That's why, sometimes when we see any two threads switching on a cpu there is only swapper executing in-between and before and after, i.e., there is nothing called scheduler at that level, right?

Thanks for reading and sorry for writing my confusions to share with.

I am trying to cross compile the latest mainline Linux kernel so I can use this for U-Boot on the RPI3b+. However, it fails to run make.

I have already ensured I have the compiler via sudo apt-get install gcc-aarch64-linux-gnu

I have the sudo add-apt-repository ppa:ubuntu-toolchain-r/testAnd have ran sudo apt-get update

When i run this...

git clone git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.gitcd linuxmake ARCH=arm CROSS_COMPILE=aarch64-linux-gnu- defconfigmake ARCH=arm CROSS_COMPILE=aarch64-linux-gnu- -j$(nproc) # This is where it fails

It fails on the final line executed with

make ARCH=arm CROSS_COMPILE=aarch64-linux-gnu- -j$(nproc)  CC      scripts/mod/empty.oaarch64-linux-gnu-gcc: error: unrecognized argument in option ‘-mabi=aapcs-linux’aarch64-linux-gnu-gcc: note: valid arguments to ‘-mabi=’ are: ilp32 lp64aarch64-linux-gnu-gcc: error: unrecognized command-line option ‘-mtp=cp15’aarch64-linux-gnu-gcc: error: unrecognized command-line option ‘-mfpu=vfp’aarch64-linux-gnu-gcc: error: unrecognized command-line option ‘-msoft-float’make[2]: *** [scripts/Makefile.build:244: scripts/mod/empty.o] Error 1make[1]: *** [/home/eden/Documents/Testing/uboot/linux/Makefile:1207: prepare0] Error 2make[1]: *** Waiting for unfinished jobs....make: *** [Makefile:240: __sub-make] Error 2

I can not seem to find any appearance of this error on the internet. Does anybody have any indication of what may be going wrong please?

• I am running this on Ubuntu 22.04 - intel i5 processor

Thanks

I'm trying to build an android kernel module, but i need to compile the linux kernel from google's branch to it works firts... And I've compiled many kernels from different versions and none of them worked.The problem is like if i built the kernel from this repository: https://android.googlesource.com/kernel/common/+refs in the branch android12-5.10.185_r00 it will compile the module to kernel version 5.10.185 but not works on the emulator which have the kernel version: 5.10.185-android12-9-00043-g383607d234da-ab10550364.It's really strange...

Some idea what to do?

Consider that I'm developing a C program utilizing AFPACKET RAW Sockets:

#include <stdio.h>#include <stdlib.h>#include <string.h>#include <unistd.h>#include <arpa/inet.h>#include <sys/socket.h>#include <netinet/if_ether.h>int main() {    int sockfd;    char buffer[ETH_FRAME_LEN];    struct sockaddr saddr;    socklen_t saddr_len = sizeof(saddr);    // Create a raw socket    sockfd = socket(AF_PACKET, SOCK_RAW, htons(ETH_P_ALL));    if (sockfd < 0) {        perror("socket");        exit(EXIT_FAILURE);    }    // Receive a packet    int packet_len = recvfrom(sockfd, buffer, ETH_FRAME_LEN, 0, &saddr, &saddr_len);    if (packet_len < 0) {        perror("recvfrom");        close(sockfd);        exit(EXIT_FAILURE);    }    printf("Received a packet\n");    close(sockfd);    return 0;}

And I apply different rules in ebtables to for example drop frames depending on their MAC address, will the RAW socket program be affected by those rules?

Will the socket receive the frames regardless or will they be filtered, before the RAW socket has access to the frames?

This error is bugging me and preventing the installation of packages:installed linux-image-5.14.0-1052-oem package post-removal script subprocess returned error exit status 1

I was trying to install Java SDK on my system, but this error keeps popping up even when I trysudo apt -f install