Linux Kernel Manager and Activity Monitor 🐧💻
Linux Kernel Manager and Activity Monitor 🐧💻
The kernel is the part of the operating system that facilitates interactions between hardware and software components. On most systems, it is loaded on startup after the bootloader and handles I/O requests as well as peripherals like keyboards, monitors, network adapters, and speakers. Typically, the kernel is responsible for memory management, process management, device management, system calls, and security.
Applications use the system call mechanism for requesting a service from the operating system and most of the time, this request is passed to the kernel using a library provided by the operating system to invoke the related kernel function. While the kernel performs these low-level tasks, it's resident on a separate part of memory named protected kernel space which is not accessible by applications and other parts of the system. In contrast, applications like browsers, text editors, window managers or audio/video players use a different separate area of the memory, user space. This separation prevents user data and kernel data from interfering with each other and causing instability and slowness, as well as preventing malfunctioning application programs from crashing the entire operating system.
There are different kernel designs due to the different ways of managing system calls and resources. For example, while monolithic kernels run all the operating system instructions in the same address space for speed, microkernels use different spaces for user and kernel services for modularity. Apart from those, there are hybrid kernels, nanokernels, and, exokernels. The hybrid kernel architecture is based on combining aspects of microkernel and monolithic kernels.
The Linux kernel is the open-source, monolithic and, Unix-like operating system kernel that used in the Linux distributions, various embedded systems such as routers and as well as in the all Android-based systems. Linus Torvalds conceived and created the Linux kernel in 1991 and it's still being developed by thousands of developers today. It's a prominent example of free and open source software and it's used in other free software projects, notably the GNU operating system. Although the Linux-based operating systems dominate the most of computing, it still carries some of the design flaws which were quite a bit of debate in the early days of Linux. For example, it has the largest footprint and the most complexity over the other types of kernels. But it's a design feature that monolithic kernels inherent to have. These kind of design issues led developers to add new features and mechanisms to the Linux kernel which other kernels don't have.
Unlike the standard monolithic kernels, the Linux kernel is also modular, accepting loadable kernel modules (LKM) that typically used to add support for new hardware (as device drivers) and/or filesystems, or for adding system calls. Since LKMs could be loaded and unloaded to the system at runtime, they have the advantage of extending the kernel without rebooting and re-compiling. Thus, the kernel functionalities provided by modules would not reside in memory without being used and the related module can be unloaded in order to free memory and other resources.
Loadable kernel modules are located in /lib/modules with the .ko (kernel object) extension in Linux. While the lsmod command could be used for listing the loaded kernel modules, modprobe is used for loading or unloading a kernel module.
Here's a simple example of a Linux kernel module that prints a message when it's loaded and unloaded. The build and installation steps of the module using a Makefile are shown below.
make # build
sudo insmod lkm_example.ko # install
sudo modprobe lkm_example # load
sudo modprobe -r lkm_example # unload
The dmesg command is used above to retrieve the message buffer of the kernel.
docker run -it --cap-add syslog orhunp/kmon:tagname
docker build -t kmon .
docker run -it --cap-add syslog kmon
GNU General Public License (3.0)
Copyright (c) 2020, orhun
