The ARM processor, unlike many other processors, was designed within a single company to meet its particular requirements for product development. One of the reasons the ARM was designed as a small-scale processor was that the resources to design it were not sufficient to allow the creation of a large and complex device. While ARM was developed as a custom device for a highly specific purpose, the team designing it felt that the best way to produce a good custom chip was to produce a chip with good all-round performance.
ARM as a controller is used for arcade computer games, high-speed data communications, videophones, fuzzy logic controllers, and test equipment.
A. Specifications:
OPERATING SYSTEM
3.1.1 The Open Source Definition
a) Free Redistribution
b) Source Code
c) Derived Works
d) Integrity of the Author's Source Code
e) No Discrimination against Persons or Groups
f) No Discrimination against Fields of Endeavor
g) Distribution of License
h) License Must Not Be Specific to a Product
i) License Must Not Restrict Other Software
j) License Must Be Technology-Neutral
4. COMPUTER NETWORK AND SECURITY
ARM as a controller is used for arcade computer games, high-speed data communications, videophones, fuzzy logic controllers, and test equipment.
Everything on the Internet involves packets. Each packet carries the information that will help it get to its destination -- the sender's IP address, the intended receiver's IP address, something that tells the network how many packets this e-mail message has been broken into and the number of this particular packet. The packets carry the data within the protocols that the Internet uses: Transmission Control Protocol/Internet Protocol (TCP/IP). When a device connects to a network and begins communicating with it, it is taking a risk. Access to the Internet involves the risk of exposing sensitive data, securing these increasingly popular devices comes as a challenge. Security is provided by ways like Cryptography, Firewall, etc. Here, we are providing the security by firewall.
Any Firewall prevents unauthorized use and access to your device, its job is to carefully analyze data entering and exiting the device based on user configurations and ignore information that comes from suspicious location. This Firewall uses Packet Filtering
to examine the header of packet, to determine source, destination and the type of protocol. This information is compared to a set of predefined or user-created rules that determine whether the packet is to be accepted or dropped. A rule can be something like "block all http traffic”. So packets with http protocol header will be dropped by the firewall. Linux kernel provides a mechanism to implement our own firewall with the basic level of security. This mechanism is called "Net filters".
1.1.1 Characteristics
a) An embedded system is a computer system designed to perform one dedicated functions often with real-time computing constraints.
b) It is embedded as part of a complete device often including hardware and mechanical parts. By contrast, a general-purpose computer, such as a personal computer, is designed to be flexible and to meet a wide range of end-user needs.
c) Embedded systems are controlled by one or more main processing cores that is typically either a microcontroller or a digital signal processor (DSP).
d) One common design style uses a small system module, perhaps the size of a business card, holding high density chips such as an ARM-based System-on-a-chip processor and peripherals, like external flash memory for storage.
The module vendor will usually provide boot software and make sure there is a selection of operating systems, usually including Linux and some real time choices. Some also have real-time performance constraints that must be met, for reasons such as safety and usability; others may have low or no performance requirements, allowing the system hardware to be simplified to reduce costs. Embedded systems are not always standalone devices.
Many embedded systems consist of small, computerized parts within a larger device that serves a more general purpose. For example, an embedded system in an automobile provides a specific function as a subsystem of the car itself.
The program instructions written for embedded systems are referred to as firmware, and are stored in read-only memory or Flash memory chips. They run with limited computer hardware resources: little memory, small or non-existent keyboard and/or screen.
1.2 types of embedded systems
Embedded systems are of two types they are:
1) Low level ES
2) High level ES
1) Low level ES
· Low level ES can be used without OS.
· Machine Dependent(H/W).
· Less Flexible/Scalable due to H/W and S/W constraints.
· Difficult to Debug.
· Less IT firms to target with.
2) High level ES
a) High level ES can be used with OS.
b) Machine Independent (H/W).
c) More Flexible/Scalable due to adequate.
d) H/W and S/W.
e) Easy to Debug.
f) More IT firms can be targeted.
1.2.1 A Short list of embedded systems in our daily life
a) Modems
b) MPEG decoders
c) Network cards
d) Network switches/routers
e) On-board navigation
f) Pagers
g) Photocopiers
h) Point-of-sale systems
i) Portable video games
j) Printers
k) Satellite phones
l) Scanners
m) Smart ovens/dishwashers
n) Speech recognizers
o) Stereo systems
p) Teleconferencing systems
q) Televisions
r) Temperature controllers
s) Theft tracking systems
t) TV set-top boxes
u) VCR's, DVD players
v) Video game consoles
1.3 Arm processor
ARM stands for Advanced RISC Machines. As of 2009, ARM processors account for approximately 90% of all embedded 32-bit RISC processors. ARM processors are used extensively in consumer electronics, including PDAs, mobile phones, digital media and music players, hand-held game consoles, calculators and computer peripherals such as hard drives and router. As of 2007, about 98 percent of the more than one billion mobile phones sold each year use at least one ARM processor. The ARM architecture is licensable. ARM processors are developed by ARM and by ARM licensees.
Prominent examples of ARM Holdings ARM processor families include the ARM7, ARM9 etc. The ARM architecture has the best MIPS to Watts ratio in the industry; the smallest CPU die size; all the necessary computing capability coupled with low power consumption of which a highly flexible and customizable set of processors are available with options to choose from, all at a low cost. ARM processor features include, Load/store architecture, an orthogonal instruction set, mostly single-cycle execution, a 6x32-bit register, enhanced power-saving design. The small size, low cost, and low power usage leads to one of the most common uses for an ARM processor today, embedded applications.
Embedded environments like cell phones or PDAs (Personal Digital Assistants) require those benefits that this architecture provides. Sure, there has to be a trade-off between performance, cost, and size. But, the ARM fits into this category nicely. It has very small die size, its performance, although not on the cutting edge, is more than adequate for the tasks at hand, and most importantly, it is cheap and low in power consumption.
1.4 RISC features
The ARM architecture includes the following RISC features:
a) Load/store architecture.
b) No support for misaligned memory accesses (now supported in ARMv6 cores, with some exceptions related to load/store multiple word instructions).
c) Uniform 16 × 32-bit register file.
d) Fixed instruction width of 32 bits to ease decoding and pipelining, at the cost of decreased code density. Later, "Thumb mode" increased code density.
e) Mostly single-cycle execution.
f) Conditional execution of most instructions, reducing branch overhead and compensating for the lack of a branch predictor.
g) Arithmetic instructions alter condition codes only when desired.
h) 32-bit barrel shifter which can be used without performance penalty with most arithmetic instructions and address calculations.
i) Powerful indexed addressing modes.
j) A link register for fast leaf function calls.
k) Simple, but fast, 2-priority-level interrupt subsystem with switched register banks.
l) RISC is an acronym standing for "Reduced Instruction Set Computer".
m) RISC claims of simplicity in comparison to CISC.
n) Fixed 32-bit instruction size instead of variable.
o) Large register bank of GPR 32-bit registers.
p) Easier to prototype and put together.
q) Hard-wired instruction decode logic instead of micro coded ROMs to decode.
r) Pipelined execution.
s) Possible single cycle execution.
t) RISC Advantages.
u) Smaller die sizes.
1.5 CLASSIFICATION OF ARM PROCESSORS
ARM processor families includes
- ARM7.
- ARM9.
- ARM11.
- Cortex.
1.5.1 ARM7
ARM7 is a generation of ARM processor designs. This generation introduced the 16-bit instruction set which provides improved code density compared to previous designs. The most widely used ARM7 designs implement the ARMv4T architecture. All these designs use Von Neumann architecture, so the few versions which include a cache do not separate data and instruction caches.
The ARM7 processor is a 32-bit RISC CPU designed by ARM, and licensed for manufacture by an array of semiconductor companies. In 2009 it remains one of the most widely used ARM cores, and is found in numerous deeply embedded system designs.
A. Specifications:
a. It is a versatile processor designed for mobile devices and other low power electronics.
b. This processor architecture is capable of up to 130 MIPS on a typical 0.13µm process.
c. The processor supports both 32-bit and 16-bit instructions via the ARM and Thumb instruction sets.
B. Range Of Applications:
- Embedded: USB controllers, Bluetooth controllers, Networking/Wi-Fi, Medical scanners.
- Consumer: Electronic toys, Low end handheld devices, GPS, MP3 Players, Entry level handsets.
- Industrial: Power meters, Circuit breakers, UPS, Brushless motor drive, Factory automation.
1.5.2 Arm9
The ARM9 family offers a range of very high-performance, low power optimized 32-bit RISC microprocessor cores, for a wide variety of cost and power-sensitive applications. Built around the robust ARM9 processor core, the ARM9 family delivers up to 250 MHz on 0.13µm technology and incorporates the 32-bit instruction set, which improves code density by as much as 40%.This power and performance capability enables system developers to implement leading-edge features, while delivering benefits including considerable savings in system cost, development cost, time-to-market, and power consumption.
A. Specifications:
- 32-bit RISC processor core with ARM and 32b instruction sets
- 5-stage integer pipeline achieves up to 200 MHz worst case performance
- Single 32-bit AMBA interconnect interface
- Memory Management Unit (MMU)
- Supporting Windows CE, Symbian OS, Linux and Palm OS
- Integrated instruction and data caches
- Portable to latest 0.18µm, 0.15µm and 0.13µm silicon processes
B. Range of applications:
- Consumer: Smart phones, PDA, set top box, digital still cameras, digital video cameras.
b. Networking: Wireless LAN, 802.11, Bluetooth, Fire wire, SCSI, 2.5G/3G Baseband etc
- Automotive : Power train, ABS, Body systems, Navigation, Infotainment etc
- Embedded : USB controllers, Bluetooth controllers, medical scanners etc
1.6 Comparison between ARM7 and ARM9
Table 1.1. Comparison between ARM7 and ARM9.
ARM7 PROCESSOR | ARM9 PROCESSOR |
1. Pipeline depth three-stages | 1.Pipeline depth five-stages |
2. Typical processor speed 80 MHz | 2.Typical processor speed 250 MHz |
3. Follows Von Neumann architecture | 3.Follows Harvard architecture |
4. 36 MIPS | 4. 156 MIPS |
5.Cache memory is 8 KB | 5. Cache memory is 16 KB |
2. ARM BOARD DESCRIPTION
2.1 board information
- It is Linux-ready, hardware/software development kit for Samsung's ARM9-based S3C2440 microprocessor. The 100mm-square Mini2440 board features the workhorse S3C2440 processor clocked to 533MHz, and targets embedded development training applications, industrial control equipment, and consumer electronics devices like PDA devices and GPS navigators.
- The MINI2440 appears to be smallest S3C2440 development kit to date. Measuring 3.9 by 3.9 inches (100 x 100mm), the MINI2440 is a four-layer board that clocks the Samsung S3C2440's ARM920T RISC core at 400MHz (dominant frequency) and 533MHz (peak frequency).
- The S3C2440 system-on-chip (SoC) primarily targets handheld devices such as smart phones and PDAs. The SoC integrates 16KB each of instruction and data cache, 4KB RAM, and a NAND flash boot loader, power management functions, an interrupt controller, and an external memory controller.
- The Mini2440 comes standard with 256MB each of SDRAM and NAND flash, expandable via an SD card slot, along with 2MB of NOR flash. The board has camera and LCD interfaces, and with a built-in 3.5-inch QVGA (320x240) TFT Touch Screen LCD.
- The Mini2440's complement of PC-style I/O includes Ethernet, USB host and slave ports, and three serial connections. Available options include a Wi-Fi module, and CMOS and USB camera options. The Mini2440 board offers a "stable CPU power source chip and reset system.
2.1.1 An Overview of the ARM board
The MINI2440 is a single board computer based on Samsung S3C2440 microprocessor.
ARM stands for Advanced RISC Machines. As of 2007, about 98 percent of the more than one billion mobile phones sold each year use at least one ARM processor. As of 2009, ARM processors account for approximately 90% of all embedded 32-bit RISC processors. ARM processors are used extensively in consumer electronics, including PDAs, mobile phones, digital media, hand-held game consoles, and computer peripherals such as hard drives and routers.
The original objective of the ARM design team was to produce a processor which provided a logical advance from the 6502 processor, and was suitable for use as the central processor of a business or home computer. It was not intended to produce the most powerful processor on the market, but to produce a processor which harnessed the latest techniques to provide computing power at a price which meant that it could be included in a low-cost personal computer system.
Table 2.1 Hardware Configuration or Features of ARM Board
processor (CPU) | Samsung S3C2440 (ARM920T) the highest frequency up to 532MHz) |
memory (SDRAM) | 64Mbyte, , 32 bit 100 MHz Bus |
Flash | 64 MB NAND Flash and 2 MB NOR Flash wit BIOS |
Supported LCD (screen LCD) | 1. on-board integrated 4-wire Resistive Touch Panel interface, you can directly connect four-wire resistive Touch Panel Supporting 2. black and white, 4 gray-scale, 16 gray-scale, 256 color, 4096 color STN LCD screen size from 3.5 inch to 12.1 inch, 1024x768 screen resolution can be achieved pixels Supporting 3. Black & White, 4 gray-scale, 16 gray-scale, 256 color, 64K color, True Color TFT LCD screen size from 3.5 inch to 12.1 inch, 1024x768 screen resolution can be achieved pixels 4. Standard configuration for the NEC 256K color 240x320/3.5-inch TFT true color LCD with Touch Panel; Leads to a 12V power supply on-board interface, for the large-size TFT LCD 12V CCFL backlight module (Inverting) power supply. |
USB port (USB port) | one to USB interface, one from the USB interface(slave & master) |
Dimension | 100 x 100 mm |
Audio (Audio) | 1 stereo audio output interface (standard 3.5mm interface), one input way microphone interface |
network (LAN) | one 100M Ethernet RJ-45 I (DM9000 card used) |
SD / MMC card | one SD / MMC card memory interface |
CAMERA | leads all CPU internal signal pin camera |
SERIAL PORT (UART) | 3serial port, COM0 for RS232 DB9 interface (TTL interface also leads to), COM2 and COM3 for 2.0mm pitch |
JTAG | 3serial port, COM0 for RS232 DB9 interface (TTL interface also leads to), COM2 and COM3 for 2.0mm pitch |
keys (buttons) | 6 user buttons |
LED | 4 users Indicator |
real-timeclock (RTC) | onboard real-time clock with lithium battery backup |
expansion interface | one 34pin 2.0mmGPIO interface one 40pin 2.0mm system bus interface |
power input (Power supply) | 5V power input ,1A, with power switch and led |
Size (Dimensions) | 100x100 mm |
User Inputs | 6x push buttons and 1x A/D pot |
User OutputS | 4x LED |
System Clock Source | 12MHz passive crystal oscillator |
Ethernet | 100M Ethernet RJ-45 port (powered by the DM9000 network chip) |
OS Support | Android, Linux 2.6, Windows CE 5 and 6 |
Boot options you can select the booting mode by toggling the S2 switch. When toggling the S2 switch to the “NOR Flash” side the system will boot from on board Nor Flash. When toggling the S2 switch to the “NAND Flash” side the system will boot from on board NAND Flash.
This board is shipped with the switch toggled to the NAND Flash side by default it will boot from NAND Flash. Both it’s NOR Flash and NAND Flash have been installed an identical BIOS (which supports both types of Flash. The only difference is that the system will have different startup windows).
2.3 Connecting Peripherals
a. Connect the MINI2440 board’s serial port to a PC’s serial port with the shipped serial cable in the package
b. Connect the MINI2440 board’s Ethernet interface to a PC with the shipped crossover cable
c. Connect the shipped 5V power supply adapter to the 5V power supply interface on the board
d. Connect a headphone or speaker to the audio input(green) on the board
e. Connect an LCD touch panel (if the user has one) to the LCD interface on the board following the data bus’ arrow.
f. Connect the MINI2440 board to a PC with a USB cable.
2.4 Setting up Super Terminal
To connect the MINI2440 board to a host PC via a serial cable, you should use a simulated terminal. There are many tools available. A most widely used one is the MS-Windows’ super terminal. In Windows9x, you need to install it by checking that option during installation Windows2000 and later versions already have it installed by default. We used
the super terminal in Windows XP in all our examples in this manual (Other versions of super terminal might have different user interfaces). Go to “Start” -> “All Programs” -> “Accessories” -> “Communications”. Click on “Hyper Terminal” and a Window will pop up as below. Click on the “No” button.
An operating system (OS) is an interface between hardware and user which is responsible for the management & coordination of activities and the sharing of the resources of a computer, that acts as a host for computing applications run on the machine. It is the most important program that runs on a computer. Every general-purpose computer must have an operating system to run other programs. Operating systems perform basic tasks, such as recognizing input from the keyboard, sending output to the display screen, keeping track of files and directories on the disk, and controlling peripheral devices such as disk drives and printers.
Operating systems provide a software platform on top of which other programs, called application programs, can run. The application programs must be written to run on top of a particular operating system. The choice of operating system, therefore, determines to a great extent the applications you can run. For PCs, the most popular operating systems are DOS, OS/2, and Windows but others are available, such as Linux.
3.1 LINUX
A freely-distributable open source operating system that runs on a number of hardware platforms, because it's open to all and because it runs on many platforms, including PCs and Macintoshes, Linux has become an extremely popular alternative to proprietary operating systems. Any changes made in Linux are possible and feasible.
3.1.1 The Open Source Definition
Open source doesn't just mean access to the source code. The distribution terms of open-source software must comply with the following criteria:
a) Free Redistribution
The license shall not restrict any party from selling or giving away the software as a component of an aggregate software distribution containing programs from several different sources. The license shall not require a royalty or other fee for such sale.
b) Source Code
The program must include source code, and must allow distribution in source code as well as compiled form. Where some form of a product is not distributed with source code, there must be a well-publicized means of obtaining the source code for no more than a reasonable reproduction cost preferably, downloading via the Internet without charge. The source code must be the preferred form in which a programmer would modify the program. Deliberately obfuscated source code is not allowed. Intermediate forms such as the output of a preprocessor or translator are not allowed.
c) Derived Works
The license must allow modifications and derived works, and must allow them to be distributed under the same terms as the license of the original software.
d) Integrity of the Author's Source Code
The license may restrict source-code from being distributed in modified form only if the license allows the distribution of "patch files" with the source code for the purpose of modifying the program at build time. The license must explicitly permit distribution of software built from modified source code. The license may require derived works to carry a different name or version number from the original software.
e) No Discrimination against Persons or Groups
The license must not discriminate against any person or group of persons.
f) No Discrimination against Fields of Endeavor
The license must not restrict anyone from making use of the program in a specific field of endeavor. For example, it may not restrict the program from being used in a business, or from being used for genetic research.
g) Distribution of License
The rights attached to the program must apply to all to whom the program is redistributed without the need for execution of an additional license by those parties.
h) License Must Not Be Specific to a Product
The rights attached to the program must not depend on the program's being part of a particular software distribution. If the program is extracted from that distribution and used or distributed within the terms of the program's license, all parties to whom the program is redistributed should have the same rights as those that are granted in conjunction with the original software distribution.
i) License Must Not Restrict Other Software
The license must not place restrictions on other software that is distributed along with the licensed software. For example, the license must not insist that all other programs distributed on the same medium must be open-source software.
j) License Must Be Technology-Neutral
No provision of the license may be predicated on any individual technology or style of interface
3.2 WHY LINUX?
Apart from being open source, efficient Linux kernel is
a. Portable.
b. Follows monolithic kernel architecture.
c. Runs on most of the processors even on ARM.
d. Scalable, can run on super computer and also on tiny devices.
e. Excellent networking support.
3.2.1 Kernel
- The central module of an operating system.
- It is the part of the operating system that loads first, and it remains in main memory.
Because it stays in memory, it is important for the kernel to be as small as possible while still providing all the essential services required by other parts of the operating system and applications. Typically, the kernel is responsible for memory management, process task management, and disk management. A useful system requires much more than a kernel. It should have shells, utility programs etc. It is called Linux distribution.
4.1 COMPUTER NETWORK
A Network is a series of points or nodes interconnected by communication paths. Networks can interconnect with other networks and contain sub networks. In its simplest form, a network is at least two computers, desktops, laptops or one of each connected together with wireless or wired technologies.
Networks can be characterized in terms of spatial distance as local area network (LANs), which connects computers and devices in a limited geographical area such as home, school, computer laboratory etc. Metropolitan area networks (MANs),that connects two or more local area networks or campus area networks together but does not extend beyond the boundaries of the immediate town/city and wide area networks (WANs) that covers a large geographic area such as a city, country etc. A given network can also be characterized by the type of data transmission technology in use on it (for example, a TCP/IP or Systems Network Architecture network); by whether it carries voice, data, or both kinds of signals; by who can use the network (public or private); by the usual nature of its connections (dial-up or switched, dedicated or non switched, or virtual connections); and by the types of physical links (for example, optical fiber, coaxial cable, and Unshielded Twisted Pair), it turns out that everything you do on the Internet involves packets. For example, every Web page that you receive comes as a series of packets, and every e-mail you send leaves as a series of packets.
On the Internet, the network breaks a message into parts of a certain size in bytes. These are the packets. Each packet carries the information that will help it get to its destination. The sender's IP address, the intended receiver's IP address, something that tells the network how many packets this e-mail message has been broken into and the number of this particular packet. The packets carry the data in the protocols that the Internet uses: Transmission Control Protocol/Internet Protocol (TCP/IP). Each packet contains part of the body of your message.
4.2 NEED FOR SECURITY
When a device connects to a network and begins communicating with it, it is taking a risk. Access to the Internet involves the risk of exposing sensitive data, securing these increasingly popular devices comes as a challenge. Network Security is generally taken as providing protection at the boundaries of an organization by keeping out intruders (hackers). Information Security explicitly focuses on protecting data resources from malware attack or simple mistakes by people within an organization by use of Data Loss Prevention (DLP) techniques.
It's very important to understand that in security, one simply cannot say “what's the best firewall?” There are two extremes: absolute security and absolute access. The closest we can get to an absolutely secure machine is one unplugged from the network, power supply, locked in a safe, and thrown at the bottom of the ocean. Unfortunately, it isn't terribly useful in this state. A machine with absolute access is extremely convenient to use: it's simply there, and will do whatever you tell it, without questions, authorization, passwords, or any other mechanism. Unfortunately, this isn't terribly practical, either: the Internet is a bad neighborhood now, and it isn't long before some bonehead will tell the computer to do something like self-destruct, after which, it isn't terribly useful.
“Unauthorized access'' is a very high-level term that can refer to a number of different sorts of attacks. The goal of these attacks is to access some resource that your machine should not provide the attacker. For example, a host might be a web server, and should provide anyone with requested web pages. However, that host should not provide command shell access without being sure that the person making such a request is someone who should get it, such as a local administrator.
It's obviously undesirable for an unknown and un-trusted person to be able to execute commands on your server machines. There are two main classifications of the severity of this problem: normal user access, and administrator access.
4.3 FIRE WALL
A firewall is a part of a computer system or network that is designed to block unauthorized access while permitting authorized communications. It is a device or set of devices configured to permit, deny, encrypt, decrypt, or proxy all (in and out) computer traffic between different security domains based upon a set of rules and other criteria. Any Firewall prevents unauthorized use and access to your device, its job is to carefully analyze data entering and exiting the device based on user configurations and ignore information that comes from suspicious location. A firewall is a dedicated appliance, or software running on a computer, which inspects network traffic passing through it, and denies or permits passage based on a set of rules.
A firewall's basic task is to regulate some of the flow of traffic between computer networks of different trust levels. A firewall's function within a network is similar to physical firewalls with fire doors in building construction. In the former case, it is used to prevent network intrusion to the private network. In the latter case, it is intended to contain and delay structural fire from spreading to adjacent structures.
4.4 PACKET FILTERING
Packet filters act by inspecting the "packets" which represent the basic unit of data transfer between computers on the Internet. If a packet matches the packet filter's set of rules, the packet filter will drop (silently discard) the packet, or reject it (discard it). Packet Filtering firewall examines the header of packet, to determine source, destination and the type of protocol. This information is compared to a set of predefined or user-created rules that determine whether the packet is to be forwarded or dropped. This firewall filters each packet based only on information contained in the packet itself (most commonly using a combination of the packet's source and destination address, its protocol, and, for TCP and UDP traffic, the port number).
Packet filtering firewalls work on the first three layers of OSI reference model which means all the work done between the network and physical layers. When a packet originates from the sender and filters through a firewall the device checks for matches to any of the packet filtering rules that are configured in the firewall and drops or rejects the packet accordingly. When the packet passes through firewall it filters the packet on a protocol. For example if a rule in the firewall exists to “block all http traffic”. So packets with http protocol header will be dropped by the firewall. These rules are written as framework in the Linux kernel. Packet filtering can be done at various locations in the path of packet traversal, as shown below
5. Project description
5.1 Project architecture
The architecture of the project can be shown in the following figure
The core blocks of the project architecture consists of the following:
Ø ARM Processor and Linux operating system running on it.
1) User space.
2) System call interface.
3) Kernel space.
5.2 ARM processor And linux operating system
ARM processor is capable of running open source operating system Linux there by providing the facilities such as multi-tasking environment, designs that include networking. This itself is not enough initialize the system. A boot loader is required. The boot loader is expected to find and initialize all RAM that the kernel will use for volatile data storage in the system. The boot loader should initialize and enable one serial port on the target. This includes enabling any hardware power management etc., to use the port. This allows the kernel serial driver to automatically detect which serial port it should use for the kernel console (generally used for debugging purposes, or communication with the target.)
5.2.1 User space
The user space gives the ability for a user to define his own rules. These rules can be applied to the modules for successful programming. Its blocks are as described below
1. User configuration
The user-defined rules that define the actions to be performed on packets that match those rules. The actions such as Accept, Drop are to be taken with respect to the user defined rules, based on
a) Protocol type: Packets can be dropped based on the type of protocol such as HTTP, ICMP, TCP and UDP.
b) IP Address: Packets can be dropped based on the source and the destination IP Address.
c) Port numbers: Packets can be dropped based on the port number at which the packet is arrived.
2. Time management
A user can also define a rule that, the packets can be dropped from a particular time and end the blocking of packets after a certain time. The time given is of the format HH:MM. Both start-time and end-time has to be mentioned. This clearly shows that the firewall is active for a period of time, and need not be manually started again at that desired time. If the user wishes to start the firewall again, and wants to drop the packets then it can be started again following the same rules mentioned above.
3. Inserting module
Modules are pieces of code that can be loaded and unloaded into the kernel upon demand. The codes are loaded into the kernel using the “insmode” command and removed using “rmmode” command .They extend the functionality of the kernel without the need to reboot the system. For example, one type of module is the device driver, which allows the kernel to access hardware connected to the system. Let us take an example of “hello.c”. Now inserting this into kernel involves the following steps
a) Check if all the required tools and lib (Linux Kernel headers)for building the kernel modules are present.
b) Let the module be a "hello World" program, create c file call - hello.c
Now compile the module to create - hello.ko using command: make a lot of files are created inside the directory, which can be checked using ls command.
Now compile the module to create - hello.ko using command: make a lot of files are created inside the directory, which can be checked using ls command.
c) Load/insert kernel module into running kernel (hello.ko) using insmod hello.ko Command.
d) To list the module currently running inside the kernel : lnsmod.
e) To remove the "hello.ko" module: rmmod hello.ko.
f) This is how a module can be inserted and removed.
4. Device creation
Device drivers take on a special role in the Linux kernel. That make a particular piece of hardware respond to a well-defined internal programming interface; they hide completely the details of how the device works. User activities are performed by means of a set of standardized calls that are independent of the specific driver; mapping those calls to device-specific operations that act on real hardware is then the role of the device driver.
There are two types of device drivers
a) Block Device Drivers.
b) Character Device Drivers.
a) Block Device Drivers
A block driver provides access to devices that transfer randomly accessible data in fixed-size blocks—disk drives, primarily. The Linux kernel sees block devices as being fundamentally different from char devices; as a result, block drivers have a distinct interface and their own particular challenges. Efficient block drivers are critical for performance—and not just for explicit reads and writes in user applications. The Linux block driver interface allows you to get the most out of a block device but imposes, necessarily, a degree of complexity that has to be deal with.
b) Character Device Drivers
Character devices are accessed through names in the file system. A character (char) device is one that can be accessed as a stream of bytes (like a file); a char driver is in charge of implementing this behavior. Those names are called special files or device files or simply nodes of the file system tree; they are conventionally located in the /dev directory. Special files for char drivers are identified by a “c” n the first column of the output of “ls –l”. Block devices appear in /dev as well, but they are identified by a “b”.
Major and Minor Number: If you issue the ls –l command, you’ll see two numbers (separated by a comma) in the device file entries before the date of the last modification, where the file length normally appears. These numbers are the major and minor device number for the particular device. The following listing shows a few devices as they appear on a typical system. Their major numbers are 1, 4, 7, and 10, while the minors are 1, 3, 5, 64, 65, and 129.
crw-rw-rw- 1 root root 1, 3 Apr 11 2002 null
crw------- 1 root root 10, 1 Apr 11 2002 psaux
crw------- 1 root root 10, 1 Apr 11 2002 psaux
crw------- 1 root root 4, 1 Oct 28 03:04 tty1
crw-rw-rw- 1 root tty 4, 64 Apr 11 2002 ttys0
crw-rw---- 1 root uucp 4, 65 Apr 11 2002 ttyS1
crw--w---- 1 vcsa tty 7, 1 Apr 11 2002 vcs1
crw--w---- 1 vcsa tty 7, 129 Apr 11 2002 vcsa
crw-rw-rw- 1 root root 1, 5 Apr 11 2002 zero
crw-rw-rw- 1 root tty 4, 64 Apr 11 2002 ttys0
crw-rw---- 1 root uucp 4, 65 Apr 11 2002 ttyS1
crw--w---- 1 vcsa tty 7, 1 Apr 11 2002 vcs1
crw--w---- 1 vcsa tty 7, 129 Apr 11 2002 vcsa
crw-rw-rw- 1 root root 1, 5 Apr 11 2002 zero
Char devices are accessed through device files, usually located in /dev. The major number tells you which driver handles which device file. The minor number is used only by the driver itself to differentiate which device it's operating on, just in case the driver handles more than one device. Traditionally, the major number identifies the driver associated with the device. For example, /dev/null and /dev/zero are both managed by driver 1, whereas virtual consoles and serial terminals are managed by driver 4; similarly, both vcs1 and vcsa1 devices are managed by driver 7. Modern Linux kernels allow multiple drivers to share major numbers, but most devices seen are still organized on the one-major-one-driver. The minor number is used by the kernel to determine exactly which device is being referred to. Depending on how the user driver is written one can either get a direct pointer to your device from the kernel, or can use the minor number himself as an index into a local array of devices. Either way, the kernel itself knows almost nothing about minor numbers beyond the fact that they refer to devices implemented by your driver.
5.2.2 System call interface
A system call is a request by a running task to the kernel to provide some sort of service on its behalf. In general, the kernel services invoked by system calls comprise an abstraction layer between hardware and user-space programs, allowing a programmer to implement an operating environment without having to tailor his program(s) too specifically to one single brand or precise specific combination of system hardware components.
System calls also serve this generalization function across programming languages; e.g., the read system call will read data from a file descriptor. To the programmer, this looks like another C function, but in actuality, the code for read is contained within the kernel.
<finishing report because of lengthy report, so you can download it >
No comments:
Post a Comment
leave your opinion