The numbering in Stack Setup under From Bootloader to Kernel is wrong. Instead of 1., 2., 3. it is 1., 1., 1.

I read your post it is really very informative. but i have some doubt.
I am trying to understand booting process.

1. how cpu know about physical ram and Bios rom?
2. what is reset vector and how can it save at 0xfffffff0 location beacuse ram is volatile memory.
3. Bios works in real mode where only 1 mb can access how does cpu access 0xfffffff0( above 1 mb code)?
4. how bios rom and ram maaped to each other?
5. what about if system has 1 gb ram then how cpu access 0xfffffff0 ram?

Thanks & Regards
~Sumit Gemini

Is there a special reason for not capitalising all other chapter directories except "interrupts" and "mm" ?

1. If no reason, then can i submit a pull-request removing the capitalisation of few directories?
2. Also better to have a writing-guideline.md describing common conventions to follow (and avoid) across all files.

Not sure about this part:

always inlined to reduce size of the Linux kernel image

Isn't it pretty much the other way around. If you inline a function many many times, it would actually increase the size of the resulting binaries, not decrease them.

Is it possible to add a license that I can agree to before I submit a pull request?

I read head_64.S and find when initialization level 3 (PDPE) entries, the flags are all 0x7, but you said: " where the first entry will be with 0x7 flags and the others with 0x8" , which I can not agreen. The same issue exists for level 2 (PDE) entries initialization. Can you give me a reasonable explanation ?
Thank you !

I have already started the spanish translation of the first post. It's going a bit slow, since I'm all by myself. I have put links to the original repo and author. However, in other things I've put links
to my email an twitter account, since it will be regarding the translation. I hope that everything is ok.

https://github.com/leolas95/linux-insides

I didn't know whether to put this here or create a PR, so sorry if this isn't the right place. I would like to see a Spanish translation of the book. I've just started with the first chapter, so I would like to know if it would be ok and no one has a problem with it.

There seems to be a typo near https://github.com/0xAX/linux-insides/blame/master/Timers/timers-1.md#L400 - the text shoud read either "one millisecond from now" or jiffies + HZ/100.

I think this book is very interesting and useful. So I want to translate it to Chinese and publish it in the gitbook as the english version.
In order to ensure my work is not done yet, I ask in the issue.
Thank you all.

Hi,

you have a typo here:

The tick boradcast framework

Cheers,
Jean

I have found two kinds of list in kernel : list_head, and hlist_head. The former is for doubly linked list, and the latter is for hash. Is there any other list structure?

CS register consists of two parts: the visible segment selector and hidden base address. We know predefined CS base and IP value, so the logical address will be:

0xffff0000:0xfff0

According to protected mode, the logical address should be "0xffff:0xfff0", is it ?

In linux , there are three kinds of file in elf format:

• relocation file(object file)
• execute file
• shared object file

But in ELF.md file, you always say "elf object file". I don't know your original meaning, but this word will lead us confusion.
Besides, you should add the Linking View and Execution View. This will help to classify those three kinds of file.

There's already a wiki where people document different parts of the kernel. It would be better to put all the stuff there.

In that chapter it says:

thread_info defined as:

struct thread_info {
        struct task_struct      *task;
        struct exec_domain      *exec_domain;
        __u32                   flags; 
        __u32                   status;
        __u32                   cpu;
        int                     saved_preempt_count;
        mm_segment_t            addr_limit;
        struct restart_block    restart_block;
        void __user             *sysenter_return;
        unsigned int            sig_on_uaccess_error:1;
        unsigned int            uaccess_err:1;
};

and occupies 52 bytes.

However, then it says:

The remaining thread_size will be 16 killobytes - 62 bytes = 16332 bytes.

At first I thought it as a typo. But, it seems that the size of thread_info is not less than 56 bytes whatever the size of struct restart_block is, because of memory alignment.
And its size can not be 62 bytes, again because of memory alignment. Its size should be the multiple of 8 bytes.

Hi @0xAX,
thanks for your articles. Please find my two cents below:

• Although in the "Required Knowledge" section we are starting by saying "Understanding assembly code (AT&T syntax)", most of the assembly code at least in linux-bootstrap-1.md is in Intel syntax. I think you should consider mentioning both Intel and AT&T given that if not more, Intel syntax is at least as commonly used as the AT&T syntax.
• Here's a quick objdump command that you might consider adding to the article so that a curious reader can dump the compiled boot from boot.nasm, or an existing boot-sector from a running machine after having extracted the first 512 bytes using dd.

nasm -f binary boot.nasm
objdump -D -b binary -mi386 -Maddr16,data16,intel boot

Or,

dd if=/dev/sdaX of=boot bs=512 count=1
objdump -D -b binary -mi386 -Maddr16,data16,intel boot

Hi, I am translating your Linux kernel memory management Part 1 into Chinese. In Memblock API section after memblock_cap_size code block goes a sentence:

memblock_cap_size returns new size which is the smallest value between the given size and base.

Should it be like the below?

memblock_cap_size returns new size which is the smallest value between the given size and ULLONG_MAX - base.

我在阅读https://0xax.gitbooks.io/linux-insides/content/Booting/linux-bootstrap-1.html， 做测试我使用install_gdt中使用的代码如下：

void install_gdt() {
static const u64 boot_gdt[] attribute((aligned(16))) = {
0
};
static const struct gdt_ptr gdtptr = {
.len = sizeof(boot_gdt),
.ptr = (u32)boot_gdt
};
asm volatile ("lgdtl %0" : : "m"(gdtptr));
}
连接脚本如下：
SECTIONS
{
. = 0;
.text16 : {
(.text16)
}
c32_begin = .;
.text32 : {
*(.text32)
}
. = ALIGN(16);
.rodata : {
*(.rodata)
}
.data : {
*(.data)
}
.bss : {
*(.bss)
}
/DISCARD/ : {
*(.MIPS.options)
*(.options)
*(.pdr)
*(.reginfo)
*(.comment)
*(.note)
}
}

我的问题是 生成的代码 访问的是地址是从0x0开始链接的（这个当然是这么的因为 . = 0;指定了）， 但是我看linux的kernel 也是这么的 不晓得它是怎么让链接出来的地址能够和内存对应。

linux的链接接本https://github.com/torvalds/linux/blob/097f70b3c4d84ffccca15195bdfde3a37c0a7c0f/arch/x86/boot/setup.ld

i don't understand how to get the number of cpus and how to get number of cores in a cpu.

Would really like to get through this information but it's dens on its own merit and the grammatical errors tips it over into unreadable for me.

Is there any PDF version of the book so it can be read offline?

Hi,
In the 3rd part of Kernel Booting Process, the word "segement" is used several times (for example on 9707a44#diff-bd7a5d6000784eb76eabb976454db43bR364). As this word occurs several times, I wonder whether this is "segment" with a typo or a technical word which was not defined. If it is a typo, could you please fix it?
Thanks

I am sorry about Chinese Edition for linux-insides is misoperated to delete by one administrator in my organization.
Now the link in README for Chinese Edition is broken. I was contacting with Github Help to solve this problem and tried to persuade Github to restore my organization.
Apologies!
If github can't restore my organization, I will redirect the link to another repository.
@0xAX

You should update the title for Linux Internals and add a cover, here's an example:

You got

>>> hex((0x2000 << 4) + 0x0010)
'0x20010'

how do you do that, it is a package for Emacs, or some program you can execute in terminal?

Looks interesting. Where do I start reading?

you are saying the reset vector is

FFFF0000h:FFF0h

then add it as its segmented address

0xffff0000 + 0xfff0
'0xfffffff0'

according to your definition, to get linear address from segmented address, we need to multiple by 16 or left shit 4 and then add the offset right ? should it be

FFFFF000h:FFF0h

in real mode as explained in the
wiki page http://en.wikipedia.org/wiki/Reset_vector

Regarding "Linux kernel memory management" -- I'd love to hear more about what impact there is to enabling cgroups-constraints on memory.

Empirically, I've seen that memory allocations made from within a cgroup-memory-constrained process appear to steal cycles to evict cache pages in the foreground (in order to make room for my allocation). This has a devastating impact on worst case latency for memory allocations.

Hi,

In this chapter https://github.com/0xAX/linux-insides/blob/master/interrupts/interrupts-1.md , and more precisely, this snippet:

    per_cpu(irq_stack_ptr, cpu) =
            per_cpu(irq_stack_union.irq_stack, cpu) +
            IRQ_STACK_SIZE - 64;

I don't understand why the minus 64.

You say it's because of the stack canary, but the canary is at the bottom of the irq_stack_union, not the top. Also, you say it's because the canary is 64 bits long, but here we are reserving 64 bytes, not bits. Did I misunderstand something? Maybe this part needs clarification.

And thanks for the good work :)

In linux-bootstrap-1, you say the offset of the actual kernel setup code is 0x200. But later in the document, you say state.cs = segment + 0x20 not 0x200. Also you write cs = 0x1020 where it seems like it should be cs = 0x10200. Do I have something wrong or were you just missing a digit?

The current version reads
A system call is just an userspace request of a kernel service.
however proper grammar would read
A system call is just a userspace request of a kernel service.

I think it would be interesting for some description of the internals of how networking is handled in the kernel.

Hi guys,

Why not to use asciidoc instead of gfm?
Good example is Bitcoin book (https://github.com/aantonop/bitcoinbook).

Thanks,
--- KostaZ

This is an interesting subject but the grammatical errors are too much.
Examples of grammatical errors:

• The nm util allows us to see the list of symbols from the given object file. Look on the its output, it consists from the
• Here we are interesting only in the two callq operations.

There are probably more but I just can't keep reading after things like this.

I and @xinqiu will collaborate to translate linux-insides to Chinese Edition, and Chinese translation repo has moved to another repo.
Later I will open a PR to modify it in README. Hope @0xAX to merge it.

It would be great to publish it as a GitBook, here is the format: https://github.com/GitbookIO/gitbook and the online platform (build CI, ...): https://www.gitbook.com

GitBook.com integrates very well with GitHub and generates nice website, for example here is my book: https://github.com/SamyPesse/How-to-Make-a-Computer-Operating-System and http://samypesse.gitbooks.io/how-to-create-an-operating-system/content/

Let me know if you're interested 🍻

“arch/x86/kernel/vmlinux.lds” should be "arch/x86/kernel/vmlinux.lds.S" ?

Here we can see the jump instruction opcode - 0xe9 to the address _start - ( . + 2),
 and we can see that the reset section is 16 bytes and starts at 0xfffffff0

This is one sentence from Booting/linux-bootstrap-1.md which I can't understand. Can someone explain it for me?

We know predefined CS base and IP value:

which is:

IP              0xfff0
CS selector     0xf000
CS base        0xffff0000

so our logical address will be:
0x0ffff000:0xfff0

How so?

I would like to suggest some new formatting parameters:

• Fit lines in 80 chars width (now is infinite long lines).
• Beware of trailing whitespaces.

I've tried in this branch, but i've used automatic formatting and seems to be broken (bad backquotes handling).

Maybe some manual inspection or another autoformatting method would work.

Hey, I was going through your post, they are really good. I want to hack android os, for that I read some kernel development books and build some small drivers and modules. but still I didn't have much confidence in it, so please guide me how to hack kernel drivers from the start.

Should the line 302 in linux-insides/SysCall/syscall-1.md be:

asmlinkage long sys_write(unsigned int fd, const char __user * buf, size_t count);

rather than:

asmlinkage long sys_write(unsigned int fd, const char __user * filename, size_t count);

Hi, great writeup!

In Booting/linux-bootstrap-1.html, in the section Stack Setup the number is out - each option is showing as 1., but they should be 1., 2. and 3.

I need someone to help me remove codes that are put into my phones and computer...please

The following content is from Theory/ELF.h, but this part is not much related to the theme : ELF.
And they have already been in the linux initialization - linux-initialization-1.md.
I suggest we delete it.

We can read from the Documentation/x86/x86_64/mm.txt:
ffffffff80000000 - ffffffffa0000000 (=512 MB)  kernel text mapping, from phys 0
We can then look this address up in the vmlinux ELF object with:
        ......
        ......
__START_KERNEL_map is the value from the documentation - ffffffff80000000 and 
__PHYSICAL_START is 0x1000000. 
That's why address of the startup_64 is ffffffff81000000.

Unix systems support a large number of special characters that receive special processing by the OS. One such character is the “suspend” character (ctrl-Z by default), that causes a SIGTSTP signal to be sent to the application process. The default action for the signal is to suspend execution of the process. The system responds to the suspend character (by sending the signal) as soon as possible after it is typed in. In older Unix systems there was another special character known as the “delayed suspend” character (ctrl-Y by default) that had the same effect as the suspend character, except that the signal is sent when the application process consumes the character, rather than right away. (That this feature is no longer supported is perhaps some indication of how useful it was ...) The suspend and the delayed-suspend characters have the effect, when they are processed, of deleting all characters currently waiting to be read by the user application that arrived before them. Explain, how both special characters are implemented?

"Impplementation of the gettimeofday system call"

Change that to "Implementation of the gettimeofday system call"