Identifying the type of the kernel routine executing in the kernel ata particular time instant

Jeff Haran jharan at bytemobile.com
Thu May 26 14:09:52 EDT 2011


> -----Original Message-----
> From: kernelnewbies-bounces at kernelnewbies.org [mailto:kernelnewbies-
> bounces at kernelnewbies.org] On Behalf Of limp
> Sent: Thursday, May 26, 2011 8:32 AM
> To: kernelnewbies at kernelnewbies.org
> Subject: Identifying the type of the kernel routine executing in the
kernel ata
> particular time instant
> 
> Hi all,
> 
> I know that kernel routines can be activated in several ways and many
> different things can be executed in the kernel:
> 
> . A process invokes a system call (a system call is executed in the
kernel).
> . The CPU executing a process, signals an exception (e.g. due to an
invalid
> instruction). In this case, an exception handler is executed under the
> kernel on behalf of the process that caused it.
> . A peripheral device issues an interrupt signal to the CPU and the
kernel
> executes the corresponding interrupt handler.
> . A kernel thread is executed in the kernel.
> 
> What I want to do is to find a way of identifying what is currently
executed
> under the kernel by either looking the values of CPU registers (I am
talking
> about the x86 architecture) or by looking at particular flags or
values
> being set in various Linux structures (such as the task_struct). In
> particular, I want to know if a kernel thread, an interrupt handler,
an
> exception handler, etc is executed at a particular time instant in the
> kernel.
> 
> For example, is there a way to tell that a system call is executed
(and
> ideally, which one)? Would the execution of a system call set a
particular
> value to a CPU register or to the task_struct of the process of which
is
> executed under?
> 
> Regarding the peripheral interrupt case, I guess we can tell if an
interrupt
> handler is executed by looking at the ISR flags of the used by Linux
> interrupt controller(s). What I would like is to find out similar
tricks for
> identifying any other possible kernel routines that could be executed
(e.g.
> system call, exception handler, etc.).
> 
> Any help will be much appreciated.
> 
> Kind regards,
> 
> John K.
> 

In include/linux/hardirq.h we have the following APIs:

/*
 * Are we doing bottom half or hardware interrupt processing?
 * Are we in a softirq context? Interrupt context?
 */
#define in_irq()                (hardirq_count())
#define in_softirq()            (softirq_count())
#define in_interrupt()          (irq_count())

I believe if in_irq() returns non-zero, you can safely conclude that you
are executing in IRQ (AKA "top half") context.

However, in_softirq() is a bit less specific if I am not mistaken. It
will return non-zero if you are executing in the context of a soft IRQ,
but I believe it will also return non-zero if you are executing a system
call but the code has previously disabled bottom halves via something
like local_bh_disable(). in_interrupt() is more or less an OR of the
previous two, except it will also return non-zero if you are handling an
NMI.

I don't know of any other way to disambiguate actually executing in the
context of a soft IRQ from executing in task time context with bottom
halves disabled. I suspect there is no way to distinguish the two cases.

Jeff Haran






More information about the Kernelnewbies mailing list