Linux Virtual Filesystem (VFS)

 It is the software layer in the kernel that provides a uniform

filesystem interface to userspace programs

 It provides an abstraction within the kernel that allows for

transparent working with a variety of filesystems.

 Thus it allows many different filesystem implementations to

coexist freely

 Each socket is implemented as a “file” mounted on the

sockfs filesystem.
 file->private points to the socket information.
Inodes and File Structures

 Inodes provide a method to access the actual data

blocks allocated to a file. For sockets, they provide
buffer space which can be used to hold socket
specific data.
 struct inode

 Every file is represented in the kernel as an object

of the file structure. It requires an inode provided
to it.
 struct file
Socket(family, type, proto)

Sys_socket()

Sock_create() Sock_map_fd()

Allocate a socket object

(internally an inode Sock_alloc_fd()
Associated with a file object) Allocate a file descriptor

Locate the family requested and

call the create function for that
family Sock_attach_fd()

Inet_create() Fd_install()
Lower layer initialization
Socket layer functions
are elided.
struct sk_buff
Defined in <include/linux/skbuff.h>

 used by every network layer (except the physical layer)

 fields of the structure change as it is passed from one layer to another
 i.e., fields are layer dependent.
sk_buff list
 The kernel maintains all sk_buff structures in a doubly linked list.

struct sk_buff_head {/* only the head of the list */

/* These two members must be first. */
struct sk_buff * next;
struct sk_buff * prev;

_ _u32 qlen;
spinlock_t lock;/* atomicity in accessing a sk_buff list. */
};
Layout

 struct sock * sk
sock data structure of the socket that owns this buffer
 unsigned int len
includes both the data in the main buffer (i.e., the one pointed to by head)
and the data in the fragments
 unsigned int data_len
unlike len, data_len accounts only for the size of the data in the fragments.
 unsigned int truesize
skb->truesize = size + sizeof(struct sk_buff);
 atomic_t users
reference count, or the number of entities using this sk_buff buffer
atomic_inc and atomic_dec
sk_buf->dev
struct net_device *dev
 represents the receiving interface or the to be transmitted device(or
interface) corresponding to the packet.
 usually represents the virtual device’s(representation of all devices
grouped) net_device structure.

 Pointers to protocol headers.

 sk_buff_data_t transport_header;
 sk_buff_data_t network_header;
 sk_buff_data_t mac_header;
memory allocation

struct sk_buff *__netdev_alloc_skb(struct net_device *dev,

unsigned int length, gfp_t gfp_mask)
The buffer allocation function meant for use by device drivers
Executed in interrupt mode

Freeing memory: kfree_skb and dev_kfree_skb

Release buffer back to the buffer-pool.

Buffer released only when skb_users counter is 1. If not, the counter is
decremented.
Socket layer functions
are elided.
net_device
 Defined in <include/linux/netdevice.h>
 stores all information specifically regarding a network device
 one such structure for each device, both real ones (such as Ethernet
NICs) and virtual ones
 Network devices can be classified into types such as Ethernet cards and
Token Ring cards
 Each type may come in several models.
 Model specific parameters are initialized by device driver software.
 Parameters common for different models are initiated by kernel.
Walkthrough Reception

We don’t process the packet in the interrupt subroutine.

Netif_rx() – raise the net Rx softIRQ.
Net_rx_action() is called - start processing the packet
 Processing of packet starts with the protocol switching section
Netif_receive_skb() is called to process the packet and find out the next protocol layer.
Protocol family of the packet is extracted from the link layer header.
ip_rcv() is an entry point for IP packets processing.
Checks if the packet we have is destined for some other host (using PACKET_OTHERHOST)
Check the checksum of the packet by calling ip_fast_csum()
Call ip_route_input() , this routine checks kernel routing table rt_hash_table.
If packet needs to be forwarded input routine is ip_forward()
Otherwise ip_local_deliver()
ip_send() is called to check if the packet needs to be fragmented
If yes , fragment the packet by calling ip_fragment()
Packet output path – ip_finish_output()
ip_local_deliver() – packets need to delivered locally
ip_defrag()
Protocol identifier field skb->np.iph->protocol (in IP header).
For TCP, we find the receive handler as tcp_v4_rcv() (entry point for the TCP layer)
_tcp_v4_lookup() – find the socket to which the packet belongs
Establised sockets are maintained in the hash table tcp_ehash.
Established socket not found – New connection request for any listening socket
Search for listening socket – tcp_v4_lookup_listener()
tcp_rcv_established()