Sunday 18 December 2016

// // Leave a Comment

What happens when you start your computer???

In this post we will discuss about what happens when you start your computer system and how that Linux operating system launched.
When you start computer system then control goes to BIOS that Basic Input Output System.
After that control goes to boot loader.
So question arises in mind that what is boot loader.
Here we will try to understand about boot loader.


What is Boot Loader?

Boot Loader is small code which is resides in MBR (Master Boot Record) which will load kernel code of operating system and then control goes to operating system.
When we switched on the computer system then first control  goes to BIOS. BIOS will check all peripherals and check booting order of devices.then select highest priority booting device and execute code stored in MBR of that device.

For Example :-



From Windows Vista onward they use BOOTMGR as a boot loader.


Microsoft Windows up to Windows XP comes with  NTLDR boot loader

These boot loaders are specifically designed to load Windows OS.



For the Ubuntu operating system the boot loader is GRUB2 (Grand Unified Boot loader 2).



What is Master Boot Record (MBR)?



Its located in first sector of HDD, CD, other device.Master Boot Record (MBR) is one block with 512 bytes. The Size of MBR is 512 bytes because smallest sector size on hard disk is 512 bytes Its holds the partition entries and boot code.

Following MBR block, the actual partition are begin.





If you disconnect your hard disk from one machine and attached to another machine then that machine will understand about the partition table and file system from MBR. Because MBR held the data regarding file system and partition table.




As we know that size of MBR is 512 bytes. Out of which 446 bytes are used for boot code (Boot Loader) , 4 partition entry (each entry required 16 bytes so total 16*4=64) and 2 bytes for MBR signature. Total =446+64+2=512 bytes.



As MBR can store only four entries for partition due to that resoan in one Hard disk you can create only four partitons. All four will be primary or 3 primary and 1 logical. But you cannot create more than that partitions.


Here each volume (or) partition has separate boot sector its called volume boot record apart from MBR. its used for chain-loader of boot loader. The reason is grub boot loader can boot all Linux .




 GRUB Boot loader --> Load Linux Kernel




but GRUB Boot loader cannot load windows opearting system because GRUB dont knows windows boot process.




How GRUB Works?




In 446 bytes in MBR is not enough to put entire grub code. so MBR contain small code called boot.img and its capable to read first block of core.img file from any partition (logical volume too) before partition is mounted. Because that time they cant understand the file system. so they read directly one sector (block) where core.img file is located.

boot.img location   

core.img location
diskboot.img location




The first block of core.img is called diskboot.img for HDD or cdboot.img for cd-rom or pxeboot.img for network boot. This block contain many address of blocks , to iterate these address and load blocks then the complete core.img (around 32 KB) comes into memory. This is job for boot code in GRUB.

Actually core.img file is generated when GRUB is installed . This file contain one or more necessary module to mount the File system, where GRUB is installed. So core.img file is responsible for mount the File system and access the GRUB configuration file. Once file system is mounted then we can access the files normal like Linux. All other modules are located /boot/grub. Its loaded when its needed.

All grub related configuration (menu entries, graphics resolution, timeout, etc...) are stored grub.cfg file in /boot/grub/ location. No need to put this line in MBR. because once File system is mounted then we can access through path /boot/grub/grub.cfg 

Read More

Friday 18 November 2016

// // 1 comment

Admin Commands for linux

In this post we will discuss about important admin commands for Ubuntu operating system.
1. Hardinfo
This is GUI based command through which admin can easily all hardware details in Graphical way.
But this package is not by default present. you have to install this package through command.
for user: sudo apt-get install hardinfo
for root user: apt-get install hardinfo

When you are going to run this command make sure that your system have internet connection.
After successfully installation of package you just need to type 
hardinfo in terminal
It will display the GUI  based Hardware details.

2. nmon

nmon command is used to check and monitor system performance.
Nmon or nigel’s monitor is a tool which displays performance information of the system.
Command to install nmon tool.
$ sudo apt-get install nmon

to check cpu information you can type nmon cpu info (press c)
nman disk info (press d)
3. lsblk
This command will be give installed devices on system It will generates tree based output.
command need to type
lsblk

output:

NAME   MAJ:MIN RM   SIZE RO
sda      8:0    0 465.8G  0 disk
├─sda1   8:1    0     1K  0 part
├─sda4   8:4    0 307.5G  0 part /media/supertux/BA1CCF4D1CCF037D
├─sda5   8:5    0   5.3G  0 part /boot
├─sda6   8:6    0  14.9G  0 part [SWAP]
└─sda7   8:7    0 138.1G  0 part /

4. slurm
A command line utility used for command based network interface bandwidth monitoring, it will display ascii based graphic.command need to type: 
$ apt-get install slurm
5. ranwhen.py
A python based terminal utility that can be used to display system activities graphically. Details are presented in a very colourful histogram.

First you need to install python for that run following command in terminal.

$ sudo apt-add-repository ppa:fkrull/deadsnakes

Update system:
$ sudo apt-get update

Download python:
$ sudo apt-get install python3.2

Download ranwhen.py

Run the tool.

$ python3.2 ranwhen.py

output:




Read More

Sunday 13 November 2016

// // Leave a Comment

What happens in memory when you run Java Program.

As we are knowing java is object oriented programming.when you are writing java program with class then when you are going to run java program you have to provide memory to that class.
As class in only skeleton it doesn't possess any memory so to give that memory you have to create object of that class.
we will further discuss that thing.

As we know java possesses two types of memory one is called as 
-stack memory
and another is 
-heap Memory 
 As stack memory holding memory for methods.
and heap memory holding memory for objects.

Let us consider simple java program.

  1.     class Student{  
  2.  int id;//data member (also instance variable)  
  3.  String name;//data member(also instance variable)  
  4.   Static int a;
  5.  public static void main(String args[]){  
  6.   Student s1=new Student();//creating an object of Student  
  7.   System.out.println(s1.id);  
  8.   System.out.println(s1.name);  
  9.  }  
  10. }
In the above java program  we are able to see student class contains one method that is public static void main() as it is static means its memory location will be fixed throughout the execution of program.memory location allocated to static method will be fixed and Java Virtual Machine cannot change or replace its memory location throughout the program.
as main() is method so it will get memory space from stack memory.
at the line number 6 you can able to see that we created object for the same class.
now the s1 is instance of student class.
Let us discuss about object creation 
Student s1=new Student();
in the above line Student is class name and s1 is object name or you can say it as reference variable.

when you use new keyword in program after = symbol it will create memory space for the object.
as we can able to see in diagram that heap memory having object s1 and the id and and name are instance variable in that. so now you will able to refer those variable with reference of s1.
so id becomes s1.id and name becomes name.id.
Student() is constructor so we will discuss about that later on.
but in the program at line number 4 there is static variable a.
so we will discuss about it.
as we know that to use static variable there is no need to create object for the same.
but where is the memory location for that.
we will try to find out answer for the same.
now we will discuss about heap memory in the details.
Heap memory divided into three major parts
-Young Generation Memory 
-Old Generation Memory
-Permanent Generation Memory
As you can able to see in the above figure newly created objects resides in Young Generation memory. If objects present in system for long time so the state of objects is maintained and stored by Old Generation memory. When any class posses static variable then it get store in Permanent Generation Memory and memory location for static variable will be fixed throughout the program.








Read More

Thursday 10 November 2016

// // Leave a Comment

What is "Dirty Cow" vulnerability in Linux?



If you are using android phone or Linux operating system then read this very carefully.“Dirty COW” is a serious Linux kernel vulnerability that was recently discovered to have been lurking in the code for more than nine years. It is pretty much guaranteed that if you’re using any version of Linux or Android released in the past decade, you’re vulnerable.
Dirty COW (CVE-2016-5195) is a privilege escalation vulnerability in the Linux Kernel.
CVE-2016-5195 is the official reference to this bug. CVE (Common Vulnerabilities and Exposures) is the Standard for Information Security Vulnerability Names.
This vulnerability is identified by Phil Oester.


Before understanding this vulnerability we will try to understand atomic transaction.
In the atomic transaction the system will maintain initial state of system until the particular action completed.for that purpose we will going to lock the particular resource until the execution completed.
but there is one flaw for the same in Linux.
there is race condition present in memory mapping.
A race condition is an undesirable situation that occurs when a device or system attempts to perform two or more operations at the same time, but because of the nature of the device or system, the operations must be done in the proper sequence to be done correctly.
 Linux uses the “Copy on Write” (COW) approach to reduce unnecessary duplication of memory 
objects.  Lets understand this concept:
a = ‘COW’

b = a
Lets consider above syntax in which there are two different objects but they are referencing same memory location that is memory location of variable a.there is no need to take up twice the amount of RAM for two identical values.so ram will maintain same memory location.
Next, the OS will wait until the value of the duplicate object is actually modified:
b += ‘ Dirty’
Following steps are performed :
  1. allocate memory for the new, modified version of the object
  2. read the original contents of the object being duplicated (‘COW’)
  3. perform any required changes to it (append ‘ Dirty’)
  4. write modified contents into the newly allocated area of memory
Unfortunately, there is a race condition between step 2 and step 4 which tricks the memory mapper to write the modified contents into the original memory range instead of the newly allocated area, such that instead of modifying memory belonging to “b” we end up modifying the value of "a".

How this will affect to your system:

In the Linux the permissions are read only or read-write.
For example, as a non-privileged user you should be able to read “/bin/bash” in order to start a shell session when you log in, but not write to it. Only a privileged user that is “root” should be able to modify this file, otherwise any malicious user could replace the bash binary with a modified version that,and create  backdoor to your system through which he can access your system remotely.
The race condition  allows the attacker to bypass this permissions by using the COW mechanism to modify the original read-only objects instead of their copies. In other words, a carefully crafted attack can indeed replace "/bin/bash" with a malicious version by an unprivileged user.


The Solution:

The patch is available with latest Linux kernel. so update your kernel.
for the Android OS which is  using Linux kernel there is not any patch yet present. hope google will solve this in the latest release of android.




Read More

Monday 24 October 2016

// // Leave a Comment

How c program runs in os?

Today we are going do discuss when you are going to run any user application or any program in Linux operating system. Here we are considering c program.
in the last post we seen how we are executing c program in Linux.
Now we are going to discuss how c program handled by operating system.
before starting with it. we need to go through some basic concepts of OS and kernel.
Basically there are two spaces in system
1) User space:- Where we are going to run user application. Most of the user program runs in this space.
2) Kernel space:- In the kernel space is reserved for kernel programs and device drivers.
In kernel space all file management , memory management and scheduling programs are executed.

In the following figure you can able to see the clear difference between user space and kernel space.
when you are going to run any user program its runs in user space.
Image result for user space and kernel space in linux
In the figure there is linkage present between user space and kernel space and that is system calls.
Now we will see what is use of system call in simple way.
user processes can directly communicated to kernel or access hardware due to security purpose.
so they communicated through the system calls.
you can say system call is systematic way for user process to request kernel service such as hard disk access or any other device access, creation of any new process or process scheduling.....
  In the Linux operating system the system calls are handled by POSIX libraries.

lets discuss briefly about POSIX.
POSIX is Portable Operating System Interface.
POSIX defines Application Programming Interface(API) and some command shell and utilities.
lets understands in easy way lets consider I want to develop application for Linux operating system so I have to follow posix standard so my application will able to communicate with kernel.

You can get detailed function set of POSIX here.
you will understand this concept after this example.

Let us consider you written down simple C program. Now in the c program you used c system function  printf("hello world") which is function of c.

So when you are going to execute c program you have to tell to the OS that you have to display hello world on terminal but c program is running in user space so c program dont have privilege to access the output window. only kernel can access that so C program requests to POSIX and the POSIX carry forward that request to kernel.
and then we are able to see hello world message on terminal.

printf()----> write()---->kernel code
C program Function----->POSIX fuction------->Kernel code for write()

to see how the system call works:
run the c program to create temporary file for the same refer previous post.
that is $gcc -save-temps -o hi.c
now open the file hi.s
that is assembly code.
the below code is for hi.s

.global _start

     

        .text
_start
_start:        # write(1, message, 13)        mov     $1, %rax                # system call 1 is write        mov     $1, %rdi                # file handle 1 is stdout        mov     $message, %rsi          # address of string to output        mov     $13, %rdx               # number of bytes        syscall                         # invoke operating system to do the write
        # exit(0)        mov     $60, %rax               # system call 60 is exit        xor     %rdi, %rdi              # we want return code 0        syscall                         # invoke operating system to exitmessage:        .ascii  "hi h r u"

In this you can understand from the comments.
This way you can able to see how c program runs by OS.








Read More

Monday 17 October 2016

// // Leave a Comment

How Compiler works on C program??

Last post we seen that how to compile C program.Now we will see how the compiler working on the C programming.
As we know that compiler converting source code into machine code that we are going to execute on the hardware then we will going to get output.
But we do not know how the compiler working internally on the C program. The answer is here. First we will see the internal architecture of compiler.
There are 4 major stages when compiler compiles the C program.
These steps are


  1. Pre-processing
  2. Compilation
  3. Assembly
  4. Linking
We are going to discuss these steps are in details.

1. Pre-Processing

In this step compiler will going to do
  1. Macro substitution
  2. Comments are stripped off
  3. Expansion of the included files
In this step header files we added after pre-processor tag that is #include<stdio.h>
get expanded.
Let us see the example of it.
To see the output of pre-processing stage, we need to  run following command in terminal:
gcc -E hi.c -o bye






The output of this command will create file of name bye.
open that file then you will able to see expanded code.

you can able to see your written code at the bottom of that file.
you can easily get all intermediate file by simple command :
gcc -save-temps hi.c -o bye
 This command will generate three intermediate files.
1. hi.i  
2. hi.s 
3. hi.o
Here hi.i file is output of pre-processing step.

2. Compilation

In the next step the pre-processed file will work as input to Compilation process.
now we will submit hi.i file to compilation process.
This step will convert the code into Assembly code.
so the output of this step will be hi.s
As you are able to see the hi.s is assembly code.

3.Assembly

Now in this step the hi.s file is taken as input and it get converted into object code that is hi.o
This file is object code file which contains machine code which is we can not understand.

4.Linking

This is the final stage at which all the linking of function calls with their definitions are done.
The linker also does some extra work; it combines some extra code to our program that is required when the program starts and when the program ends. For example, there is code which is standard for setting up the running environment like passing command line arguments, passing environment variables to every program. Similarly some standard code that is required to return the return value of the program to the system.

Now we are able to see what actually happening when we are running c program.
In the next post we will discuss regarding how  operating system runs c program.




Read More

Saturday 15 October 2016

// //

How to run C program in Linux??




Most of the students are having habit of using Turbo-C to write C  and C++ programs.They think it as easy to use and easy to run. But Turbo-C software is not giving actual sense of running c program.
 When you runs c program in turbo-c you have to write getch() to block or freeze output window.
Actually you are not freezing output window that is called as incomplete execution of program.
your program is waiting to get character from keyboard to come out from that command prompt.
When you are using Linux operating system to run your C program there is need of GCC compiler that is GNU Compiler Collection is used to compile c program. Most of the time it is by default present in Linux operating system. The explanation given below is related with Ubuntu.
You can check GCC version and whether it is installed or not by using simple command on terminal.
Command: gcc -v


If It is not showing the result then you have to install it through terminal.
Command for the same: sudo apt-get install gcc

After successful installation of GCC major question is how to run your c program.
Type your c program in editor such as gedit or any other editor which you like.
Save that program with .c extension.now from your terminal go to respective directory where you saved your c program.
After that you have to compile your C program with GCC.
Command for that is: gcc hi.c -o bye
I would like to explain the command 
gcc is command for compilation. Instead of gcc you can also use cc.
hi.c is file name
-o is attribute for output 
bye is output file name.
This Command will create executable file having name "bye".

After successful compilation compiler will create executable file bye.
now we have just type ./bye to run that executable.

You successfully executed c program.
In Next post we will see what actually happen behind the screen when you compile c program.


Read More