procfs File System (Demo)

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
21 hours 25 minutes
Difficulty
Intermediate
CEU/CPE
21
Video Transcription
00:00
>> Hello Cybrarians. Welcome back to
00:00
the Linux Plus course here at Cybrary.
00:00
I'm your instructor, Rob Goelz.
00:00
In today's lesson, we're going to be
00:00
covering the procfs filesystem.
00:00
Upon completion of today's lesson,
00:00
you're going to be able to understand
00:00
the importance of the procfs filesystem,
00:00
we're also going to look at the hardware information
00:00
that the proc directory holds,
00:00
>> and we'll review the contents of
00:00
>> the proc files to find hardware information.
00:00
Remember, in Linux, everything is a file and
00:00
the procfs filesystem,
00:00
>> which is mounted at /proc,
00:00
>> is a really important example
00:00
>> of this because it exposes
00:00
>> hardware and process state information
00:00
from the kernel up to us,
00:00
the users, in what's called user space.
00:00
A /proc doesn't physically exist on
00:00
any filesystem and
00:00
procfs is considered a virtual directory,
00:00
procfs is considered a pseudo-filesystem.
00:00
>> It's really just a way to expose
00:00
>> kernel information in a well-defined format
00:00
that we can query and view.
00:00
The kernel actually dynamically changes
00:00
the contents of the proc directory and it
00:00
provides information about hardware settings
00:00
and status by changing
00:00
the files and data as it
00:00
monitors the status of that hardware.
00:00
Each process on the system will have a directory inside
00:00
of proc and proc contains hardware details as well.
00:00
If you recall, we talked about /proc/interrupts,
00:00
>> /proc/ioports, and /proc/dma.
00:00
>> Those files hold system IRQs,
00:00
system I/O ports,
00:00
>> ]and system DMA addresses and ranges respectively.
00:00
>> Let's take a look at each one of
00:00
these in a little bit more detail.
00:00
First of all, Interrupt Requests or IRQs
00:00
>> are what are used by
00:00
>> hardware devices or peripherals to
00:00
signal a CPU that they have to send data.
00:00
Each device using this is assigned an IRQ address
00:00
>> and each interrupt is assigned a priority.
00:00
>> Older systems had to use
00:00
a Programmable Interrupt Controller called a PIC
00:00
whereas newer systems use
00:00
an Advanced Programmable Interrupt Controller
00:00
>> or an APIC.
00:00
>> A PIC only manage 16 interrupt lines and
00:00
APIC can manage 255 interrupt lines.
00:00
In the /proc/interrupts files,
00:00
>> where we find all this information,
00:00
>> we can view the current IRQs,
00:00
the number of interrupts, and the names of the devices.
00:00
I/O ports are just memory
00:00
addresses that we use to communicate with the device.
00:00
They can be called I/O ports,
00:00
port addresses, or simply ports.
00:00
CPU devices can send or receive data through
00:00
hardware devices with the I/O ports.
00:00
A system is going to assign each
00:00
device a unique I/O port or range,
00:00
>> and this is sometimes referred
00:00
>> to as like sending mail through the mail,
00:00
send you a letter through the mail.
00:00
If you want to send a letter to recipient,
00:00
you need to know the mailing address.
00:00
If you want to send data to a device,
00:00
you need to know the I/O port.
00:00
The /proc/ioports file is what we use
00:00
to view the I/O ports and the names of the devices.
00:00
Direct Memory Access is
00:00
another thing that we could use
00:00
because I/O ports can be slow.
00:00
Sending it through the mail can be slow and using
00:00
IRQ requires the CPU to control the data transfer.
00:00
We have to tell the CPU,
00:00
hey, we have an interrupt, we have data to send.
00:00
But with Direct Memory Address,
00:00
it can really speed things up.
00:00
What can happen is that a motherboard can contain
00:00
a DMA controller chip known as a DCC,
00:00
>> and often the DCC, it can have for
00:00
>> these connect to a memory controller chip
00:00
or a DCC can be cascaded together.
00:00
One of those leads will connect
00:00
to another one and another one
00:00
so that they have multiple DCCs
00:00
connected to a memory controller.
00:00
But there is also this concept of
00:00
something called ultra DMA and that
00:00
bypasses using a DCC entirely and just sends data to
00:00
the memory bus in 33 or 66 megabit per second bursts.
00:00
The /proc/dma file can be used to
00:00
view the DMA channels in use by the system.
00:00
Let's go ahead and take a look at all of
00:00
this with some demo time.
00:00
Okay, here we are over in our environments.
00:00
First of all, let's see
00:00
the contents of the proc directory.
00:00
You could do an ls on proc.
00:00
Here we can see all the different process directories
00:00
for the processes that are running.
00:00
But we can also see our interrupts and
00:00
our I/O ports and all sorts of
00:00
other information here. Let's actually do that first.
00:00
Let's do a cat on /proc/interrupts,
00:00
>> and what we can see here,
00:00
>> first of all, we're using more than 16 interrupts.
00:00
That tells us right off the bat,
00:00
we're using Advanced Programmable
00:00
Interrupt Controller or APIC
00:00
because the number of interrupts is greater than 16.
00:00
We can see the number of interrupts
00:00
and then interrupt names.
00:00
Now let's look at the I/O ports that are in use.
00:00
For this, we're going to want to use a sudo,
00:00
we're going to want to elevate our privileges.
00:00
The sudo cat on /proc/ioports.
00:00
Here we can see all of
00:00
the I/O ports and devices associated with them.
00:00
What's kind of interesting to me, as in some cases,
00:00
you'll see that some devices have
00:00
multiple I/O ports or I/O port ranges like a keyboard
00:00
>> here has and also the ata_piix.
00:00
>> That's just something that's kind of
00:00
interesting to see if you ever need to look into that.
00:00
Finally, let's take a look at
00:00
the DMA channels so we can do this.
00:00
>> Let's clear screen and we'll run a cat on /proc/dma.
00:00
>> This system is actually kind of boring.
00:00
The only device here is a cascade is
00:00
connecting to DMA controllers.
00:00
But there are two other interesting things we can look
00:00
at and they are CPU info and mem info.
00:00
If we do a cat on /proc/cpuinfo, you're
00:00
>> going to see all of the information that you would
00:00
>> possibly want to know about the CPU on the system.
00:00
In this case, there's just really one CPU
00:00
allocated to this virtual machine that I'm running.
00:00
We could also do the same thing to get
00:00
memory information by running cat /proc/meminfo
00:00
>> and that has a lot of
00:00
>> really good information about
00:00
the memory and memory stats for the system.
00:00
But with that, we've reached the end of this lesson.
00:00
In this lesson, we covered the importance of
00:00
the proc filesystem and
00:00
we covered details about
00:00
the hardware information that is held by proc.
00:00
Then also we went through how to review the contents of
00:00
the proc files to find hardware information.
00:00
Thanks so much for being here,
00:00
>> and I look forward to seeing you in the next lesson.
Up Next