> -----Original Message----- > From: kernelnewbies-bounces@xxxxxxxxxxxxxxxxx [mailto:kernelnewbies- > bounces@xxxxxxxxxxxxxxxxx] On Behalf Of limp > Sent: Thursday, May 26, 2011 8:32 AM > To: kernelnewbies@xxxxxxxxxxxxxxxxx > Subject: Identifying the type of the kernel routine executing in the kernel ata > particular time instant > > Hi all, > > I know that kernel routines can be activated in several ways and many > different things can be executed in the kernel: > > . A process invokes a system call (a system call is executed in the kernel). > . The CPU executing a process, signals an exception (e.g. due to an invalid > instruction). In this case, an exception handler is executed under the > kernel on behalf of the process that caused it. > . A peripheral device issues an interrupt signal to the CPU and the kernel > executes the corresponding interrupt handler. > . A kernel thread is executed in the kernel. > > What I want to do is to find a way of identifying what is currently executed > under the kernel by either looking the values of CPU registers (I am talking > about the x86 architecture) or by looking at particular flags or values > being set in various Linux structures (such as the task_struct). In > particular, I want to know if a kernel thread, an interrupt handler, an > exception handler, etc is executed at a particular time instant in the > kernel. > > For example, is there a way to tell that a system call is executed (and > ideally, which one)? Would the execution of a system call set a particular > value to a CPU register or to the task_struct of the process of which is > executed under? > > Regarding the peripheral interrupt case, I guess we can tell if an interrupt > handler is executed by looking at the ISR flags of the used by Linux > interrupt controller(s). What I would like is to find out similar tricks for > identifying any other possible kernel routines that could be executed (e.g. > system call, exception handler, etc.). > > Any help will be much appreciated. > > Kind regards, > > John K. > In include/linux/hardirq.h we have the following APIs: /* * Are we doing bottom half or hardware interrupt processing? * Are we in a softirq context? Interrupt context? */ #define in_irq() (hardirq_count()) #define in_softirq() (softirq_count()) #define in_interrupt() (irq_count()) I believe if in_irq() returns non-zero, you can safely conclude that you are executing in IRQ (AKA "top half") context. However, in_softirq() is a bit less specific if I am not mistaken. It will return non-zero if you are executing in the context of a soft IRQ, but I believe it will also return non-zero if you are executing a system call but the code has previously disabled bottom halves via something like local_bh_disable(). in_interrupt() is more or less an OR of the previous two, except it will also return non-zero if you are handling an NMI. I don't know of any other way to disambiguate actually executing in the context of a soft IRQ from executing in task time context with bottom halves disabled. I suspect there is no way to distinguish the two cases. Jeff Haran _______________________________________________ Kernelnewbies mailing list Kernelnewbies@xxxxxxxxxxxxxxxxx http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
