This document provides an overview of the Linux architecture. It describes Linux as a free UNIX-like kernel that forms the GNU/Linux operating system together with the GNU project software. The kernel acts as an intermediary between hardware and software, managing processes, scheduling, and resources. Processes can be in different states like running, waiting, or sleeping. The kernel uses preemptive multitasking to switch between processes and prioritize interrupts. System calls allow processes to be created and managed.

1. Linux Architecture
Radu Boncea <radu@rotld.ro>
IT Architect

2. What is Linux?
• Usually we refer to Linux as an operating system
• Linux is a free UNIX-like kernel
• GNU is the actual operating system
• GNU is a free UNIX-like operating system
• GNU (Gnu’s Not Unix) project was started by Richard Stallman in 1983 with the sole
intention to build and adopt free software (TeX, Emacs, X Window System, Lisp, shell, GNU
C compiler, Empire game ;p …and GNU kernel )
• Linux project was started by Linus Torvalds in 1991
• The Linux operating system is actually GNU/Linux, that is GNU with Linux kernel, with the
linux kernel accounting 3% of the OS code, the GNU libraries accouting for 20%
• So by linux architecture we mean linux kernel architecture

3. What is the kernel?
• the kernel is an intermediary layer between the hardware and the software
• Its main function is to pass application requests to the hardware and to act as a low-level driver to
address the devices and components of the system.
• Kernel can also be viewed as:
• an enhanced machine that, in the view of the application, abstracts the computer on a high level
• a resource manager
• a library providing a range of system-oriented commands
• There are two kernel implementation strategies:
• microkernels – a central kernel with core functionality and the rest distributed to autonomous
processes which communicate with the central process. Known kernels: Amoeba, Symbian, QNX,
Blackberry, GNU (the GNU/GNU)
• monolithic kernel– one big binary, one big process. Performs better than microkernel, but
harder to develop and maintain. Know kernels: Unix (FreeBSD, OpenBSD, NetBSD, SunOS), Unix
SystemV (HP-UX), Unix-like (Linux), DOS (MS-DOS, FreeDOS)
• There are also hybrid implementations like XNU developed and maintained by Apple (taken from NeXT)
and used in Darwin, iOS, MacOSX
• Today Linux is monolithic, but has implemented dynamic loading of certain modules, like

4. Kernel overview

5. Processes, Task Switching, and Scheduling
• A process (task) is an executing (i.e., running)
instance of a program
• Task switching aka context switching: save task
state, give CPU time to other tasks
• Scheduling: prioritizing and deciding how much
CPU time to give to a task

6. Unix processes
•hierarchical scheme in which each process depends on a parent process
•kernel starts with init responsible for further system initialization actions and display of the login prompt
(or graphical login interface)
•pstree
•two methods of spawning child processes
•fork: after calling fork(), the created child process is an exact copy of the parent except for the
return value.
•exec: loads a new program into an existing content and then executes it
•clone: similar to fork but the process is not independent of the parent (used to implement threads)
•there are 3 process types: interactive processes, automatic processes (batch processing), daemons
•Namespaces: grouping processes
http://www.tldp.org/LDP/intro-linux/html/sect_04_01.html

7. Threads
• light-weight processes
• a process may consist of several threads that all share the same data and
resources but take different paths through the program code
• process can be seen as an executing program, whereas a thread is a program
function or routine running in parallel to the main program

8. Process Life Cycle
• Process states
• Running — The process is executing at the moment.
• Waiting— The process is able to run but is not allowed to because the CPU is allocated to another process. The
scheduler can select the process, if it wants to, at the next task switch.
• Sleeping— The process is sleeping and cannot run because it is waiting for an external event. The scheduler
cannot select the process at the next task switch.
• The system saves all processes in a process table
• Zombie processes are processes that defunct (resources have been release), but there are
still entries in process table

9. Preemptive Multitasking
• A process switches between user mode and kernel mode explicitly though system call or indirectly
though system interrupts
• The preemptive scheduling model of the kernel establishes a hierarchy that determines which process
states may be interrupted by which other states.
• Normal processes may always be interrupted— even by other processes. When an important
process becomes runnable —for example, an editor receives long-awaited keyboard input — the
scheduler can decide whether to execute the process immediately, even if the current process is
still happily running. This kind of preemption makes an important contribution to good
interactive behavior and low system latency.
• If the system is in kernel mode and is processing a system call, no other process in the system is
able to cause withdrawal of CPU time. The scheduler is forced to wait until execution of the
system call has terminated before it can select another process. However, the system call can be
suspended by an interrupt.
• Interrupts can suspend processes in user mode and in kernel mode. They have the highest
priority because it is essential to handle them as soon as possible after they are issued.

10. Process Management System Calls
• Process Duplication
• fork is the heavy-weight call because it creates a full copy of the parent process that then
executes as a child process
• vfork is similar to fork but does not create a copy of the data of the parent process. Instead, it
shares the data between the parent and child process. This saves a great deal of CPU time
• clone generates threads and enables a decision to be made as to exactly which elements are to
be shared between the parent and the child process and which are to be copied
• copy-on-write: technique to prevent all data of the parent process from being copied when fork is
executed.
• Kernel Threads
• processes started directly by the kernel itself
• Kernel daemons: manage deferred actions, periodically synchronize modified memory pages, etc
• Two types:
• The thread is started and waits until requested by the kernel to perform a specific action
• Once started, the thread runs at periodic intervals, checks the utilization of a specific
resource, and takes action when utilization exceeds or falls below a set limit value. The
kernel uses this type of thread for continuous monitoring tasks

11. Process monitoring
• watch
• /proc/[pid]/* http://man7.org/linux/man-
pages/man5/proc.5.html
• strings /proc/[pid]/environ

12. Must read
• https://www.gnu.org/gnu/manifesto.html
• Professional Linux® Kernel Architecture, Wolfgang Mauerer