WEBVTT 1 00:00:00.080 --> 00:00:02.839 Welcome to the deep dive. Today. We're going to be 2 00:00:02.879 --> 00:00:06.280 diving into some excerpts that you sent over from The 3 00:00:06.360 --> 00:00:11.640 Linux Programming Interface by Michael Kerrisk. It's a pretty hefty book. 4 00:00:12.199 --> 00:00:16.559 Even just glancing at the table of contents, we see threads, sockets, 5 00:00:16.719 --> 00:00:21.399 file io, pretty much the entire playground of system programming. 6 00:00:21.480 --> 00:00:25.839 It's a foundational text, and for good reason. It's incredibly comprehensive. 7 00:00:26.039 --> 00:00:29.120 It is it is. Yeah, So our mission today is 8 00:00:29.199 --> 00:00:32.600 to really kind of extract those golden nuggets from this book, 9 00:00:33.079 --> 00:00:34.920 the key insights that will either give you a solid 10 00:00:35.000 --> 00:00:37.320 understanding if you're new to this, or maybe spark some 11 00:00:37.479 --> 00:00:41.439 aha moments if you're already familiar with the territory. So 12 00:00:41.520 --> 00:00:44.479 let's jump right in. The book starts off by laying 13 00:00:44.520 --> 00:00:48.280 some historical groundwork talking about the connection between Linux and 14 00:00:48.320 --> 00:00:51.799 the UNI X world. And I was struck by how 15 00:00:51.880 --> 00:00:57.399 much the philosophy of free software really shaped Linux's development. 16 00:00:57.640 --> 00:01:01.920 That's crucial to understand. Yea Stallman and the GNU project. 17 00:01:02.479 --> 00:01:06.599 They had this radical idea in the eighties that software 18 00:01:06.640 --> 00:01:10.719 should be free to use, modify, and share. And it 19 00:01:10.760 --> 00:01:13.439 wasn't just about cost, it was about freedom. Yeah, and 20 00:01:13.480 --> 00:01:17.159 that idea that philosophy is baked into Linux's DNA. 21 00:01:17.319 --> 00:01:20.319 Absolutely, and it's had a huge impact on its affordability 22 00:01:20.359 --> 00:01:23.000 and how widely it's used today. Absolutely, But with so 23 00:01:23.079 --> 00:01:26.400 many people contributing to Linux, Yeah, how do you ensure 24 00:01:26.480 --> 00:01:29.560 that consistency and compatibility? How do you make sure everybody's 25 00:01:29.599 --> 00:01:30.519 kind of on the same page? 26 00:01:30.680 --> 00:01:36.159 Standards? Yeah, Kerisk emphasizes the importance of post six and 27 00:01:36.280 --> 00:01:40.439 the single uni X specification. These are essentially sets of 28 00:01:40.519 --> 00:01:45.959 standards that define how UNX like systems, including Linux, should behave. 29 00:01:46.400 --> 00:01:46.680 Yeah. 30 00:01:46.719 --> 00:01:48.879 It's like having a common language that everyone. 31 00:01:48.560 --> 00:01:51.040 Speaks, right, So it's not just about making sure that 32 00:01:51.200 --> 00:01:55.079 programs run on different Linux distributions. It's about ensuring that 33 00:01:55.120 --> 00:01:58.439 they can potentially run on any system that adheres to 34 00:01:58.519 --> 00:02:00.000 these UNX standards. 35 00:02:00.840 --> 00:02:05.280 Portability and consistency across a diverse ecosystem are huge wins 36 00:02:05.280 --> 00:02:05.920 for developers. 37 00:02:05.959 --> 00:02:09.840 Okay, let's get to the heart of it. The Linux kernel. Yes, 38 00:02:10.080 --> 00:02:14.240 I love how Keris describes it as the central nervous 39 00:02:14.280 --> 00:02:19.759 system of the operating system. It's managing processes, memory, hardware, 40 00:02:20.479 --> 00:02:23.520 the whole shebang, the whole thing, the whole thing. Yeah, 41 00:02:23.560 --> 00:02:26.400 and it's mind blowing to me the sheer scope of 42 00:02:26.439 --> 00:02:27.520 its responsibilities. 43 00:02:27.560 --> 00:02:30.479 Everything you do on a Linux system, from opening a 44 00:02:30.479 --> 00:02:35.199 file to browsing the web, involves the kernel in some way. 45 00:02:35.479 --> 00:02:39.599 It's the ultimate mediator between your software and the physical hardware. 46 00:02:39.879 --> 00:02:42.520 So if the kernel is the brain, what are the 47 00:02:42.520 --> 00:02:44.520 individual thoughts what's going on in there? 48 00:02:44.680 --> 00:02:49.120 Processes? A process is essentially a program in action. Kerisk 49 00:02:49.159 --> 00:02:54.599 breaks down the structure of a process into segments text, data, heap, 50 00:02:54.639 --> 00:02:57.479 and stack. Okay, think of it like a house. The 51 00:02:57.520 --> 00:03:02.719 text segment is the blueprint, the actual program instructions. Data 52 00:03:02.840 --> 00:03:05.759 is like the built in furniture, the initial variables and. 53 00:03:05.759 --> 00:03:07.919 Constant I'm following you. Okay, good, So the heat must 54 00:03:07.960 --> 00:03:10.520 be like the attic or the basement, right, you got it? 55 00:03:10.800 --> 00:03:14.520 That space where a process can dynamically store additional data 56 00:03:14.639 --> 00:03:18.199 as needed exactly. Okay. And lastly, we have the stack, 57 00:03:18.360 --> 00:03:21.400 the stack, which is I'm picturing like that ever growing 58 00:03:21.479 --> 00:03:24.520 pile of papers on your desk, yes, exactly, which is 59 00:03:24.639 --> 00:03:27.319 used for managing function calls and local variables. 60 00:03:27.400 --> 00:03:28.400 Perfect analogy. 61 00:03:28.879 --> 00:03:31.560 I like that. I like that really helps to visualize 62 00:03:31.560 --> 00:03:35.599 how these segments work together. But just like homeowner needs 63 00:03:35.879 --> 00:03:39.599 keys to access different parts of their house right. Processes 64 00:03:39.680 --> 00:03:43.319 need specific permissions to access resources on the system. 65 00:03:43.599 --> 00:03:46.800 Absolutely, and that's where things can get interesting, especially in 66 00:03:46.879 --> 00:03:50.520 terms of security. Keris talks about the traditional super rouser 67 00:03:50.599 --> 00:03:54.919 model with root access right, but also dives into the 68 00:03:55.000 --> 00:03:57.479 more modern capability based system. 69 00:03:57.759 --> 00:04:00.919 So you mean like having a mass y versus having 70 00:04:00.960 --> 00:04:02.840 individual keys for specific doors. 71 00:04:02.960 --> 00:04:07.039 Exactly. Okay, it's all about granting only the minimum privileges necessary. 72 00:04:07.759 --> 00:04:10.199 Too much power in the wrong hands, whether it's a 73 00:04:10.240 --> 00:04:13.479 human user or a rogue process, can spell disaster. 74 00:04:13.800 --> 00:04:16.199 Yeah. That makes a lot of sense from a security perspective. 75 00:04:16.399 --> 00:04:18.160 Yeah, absolutely, So how. 76 00:04:17.959 --> 00:04:22.040 Does Linux actually control and manage all these processes? Like, 77 00:04:22.079 --> 00:04:24.480 how does it decide who gets to go first? 78 00:04:24.720 --> 00:04:27.480 Well, one way is through scheduling. Okay, think of it 79 00:04:27.519 --> 00:04:31.800 as a traffic cop directing the flow of processes vuying 80 00:04:31.839 --> 00:04:37.680 for CPU time. Kerisk explains different scheduling policies. Some prioritize 81 00:04:37.720 --> 00:04:41.959 real time performance, while others focus on fairness and responsiveness. 82 00:04:42.319 --> 00:04:45.279 So like a video editing program might need a higher 83 00:04:45.319 --> 00:04:47.959 priority than a background process checking for email. 84 00:04:48.160 --> 00:04:51.519 Exactly, got it. Now, managing processes isn't just about who 85 00:04:51.560 --> 00:04:54.000 gets to go first, It's also about making sure they 86 00:04:54.079 --> 00:04:56.120 play nice and share resources fairly. 87 00:04:56.279 --> 00:04:58.480 Yeah, you don't want a single process just hogging all 88 00:04:58.519 --> 00:04:59.600 the memory or CPU. 89 00:05:01.000 --> 00:05:05.199 Kerisk explains how Linux uses resource limits to prevent processes 90 00:05:05.199 --> 00:05:08.720 from consuming too many sister resources. These are like safety 91 00:05:08.759 --> 00:05:11.160 veils that prevent a single process from bringing down the 92 00:05:11.160 --> 00:05:11.720 whole system. 93 00:05:11.959 --> 00:05:14.480 So these limits help with both stability and security then, 94 00:05:14.600 --> 00:05:17.480 right by keeping those potentially greedy processes in. 95 00:05:17.480 --> 00:05:21.079 Check exactly, And then there are demons for those silent 96 00:05:21.120 --> 00:05:24.360 workers running in the background doing those essential tasks. 97 00:05:24.560 --> 00:05:26.600 Oh, you mean, like the programs that handle things like 98 00:05:26.720 --> 00:05:28.519 printing or network connections. 99 00:05:29.160 --> 00:05:31.920 Got it? And Chris points out that they often run 100 00:05:31.959 --> 00:05:36.120 with special privileges because they're essential for the system to 101 00:05:36.160 --> 00:05:37.040 function correctly. 102 00:05:37.399 --> 00:05:41.879 That makes sense, But running with privileges also means needing 103 00:05:42.040 --> 00:05:46.720 robust security right absolutely, to prevent any potential misuse. 104 00:05:46.560 --> 00:05:51.959 And Kerisk emphasizes the importance of secure coding practices, especially 105 00:05:52.040 --> 00:05:55.079 for these types of programs. Even a small oversight can 106 00:05:55.120 --> 00:05:59.399 create a vulnerability that could be exploited. Ice stakes for sure. 107 00:05:59.600 --> 00:06:03.360 Yeah, speaking of security, one of the things that really 108 00:06:03.399 --> 00:06:05.279 stayed out to me in the book was the emphasis 109 00:06:05.319 --> 00:06:06.319 on error handling. 110 00:06:06.800 --> 00:06:07.040 Oh. 111 00:06:07.079 --> 00:06:10.839 Absolutely, It's like Carisk is constantly reminding us that in 112 00:06:11.000 --> 00:06:14.319 system programming, you can't just assume everything will always go 113 00:06:14.360 --> 00:06:15.120 according to plan. 114 00:06:15.240 --> 00:06:19.040 He's absolutely right, right, Robust error handling is critical. It's 115 00:06:19.079 --> 00:06:23.199 about anticipating what could go wrong, right, and having a 116 00:06:23.240 --> 00:06:24.759 plan to deal with it gracefully. 117 00:06:24.959 --> 00:06:27.600 And he talks a lot about checking return values from 118 00:06:27.639 --> 00:06:31.240 system calls and using the urno variable to diagnose what 119 00:06:31.279 --> 00:06:34.600 went wrong. Exactly, it's like having this built in troubleshooting system. 120 00:06:34.720 --> 00:06:37.800 It is. You need those checks in place, Yeah, to 121 00:06:38.000 --> 00:06:40.920 catch potential issues before they cascade into bigger problems. 122 00:06:40.959 --> 00:06:41.560 Absolutely. 123 00:06:41.759 --> 00:06:42.199 Yeah. 124 00:06:42.240 --> 00:06:48.399 And speaking of preventing problems, Kerisk dies deep into shared libraries. Yes, 125 00:06:48.720 --> 00:06:51.800 I was fascinated by this concept, this idea that you 126 00:06:51.839 --> 00:06:56.480 can have this central repository of code that multiple programs 127 00:06:56.800 --> 00:06:57.279 can use. 128 00:06:57.639 --> 00:06:59.959 Shared libraries are all about efficiency. 129 00:07:00.360 --> 00:07:00.600 Yeah. 130 00:07:01.160 --> 00:07:04.959 Instead of each program including its own copy of common functions, 131 00:07:05.480 --> 00:07:07.439 they all share a single copy and memory. 132 00:07:07.519 --> 00:07:10.839 So it's not just about saving disk space. It also 133 00:07:11.000 --> 00:07:12.839 means that updates are much more efficient. 134 00:07:13.120 --> 00:07:16.800 Exactly, you update the library once and all the programs 135 00:07:16.800 --> 00:07:19.360 that use it automatically benefit from the changes. 136 00:07:19.399 --> 00:07:21.240 Automatically benefit That's amazing. 137 00:07:21.319 --> 00:07:24.920 Yeah, it's a brilliant way to maintain and manage complex 138 00:07:24.959 --> 00:07:25.800 software systems. 139 00:07:25.920 --> 00:07:28.839 That's really cool, and this idea of efficiency it seems 140 00:07:28.839 --> 00:07:31.120 to be a recurring theme in Linux and programming. 141 00:07:31.199 --> 00:07:34.480 It's fundamental. Yeah, Linux was designed to squeeze the most 142 00:07:34.519 --> 00:07:40.439 performance out of often limited hardware resources, and that philosophy 143 00:07:40.560 --> 00:07:45.160 carries through in many aspects of the system, from how 144 00:07:45.279 --> 00:07:47.839 processes are managed to how files are stored. 145 00:07:48.040 --> 00:07:51.160 Speaking of processes, we just briefly touched on them earlier. Yes, 146 00:07:51.399 --> 00:07:53.759 let's delve a bit deeper into how Linux allows a 147 00:07:53.800 --> 00:07:57.040 single process to juggle multiple tasks concurrently. 148 00:07:57.519 --> 00:07:58.600 You're talking about threads. 149 00:07:58.920 --> 00:07:59.439 Threads, right. 150 00:07:59.560 --> 00:08:04.040 Think of a chef preparing multiple dishes simultaneously. Okay, each 151 00:08:04.120 --> 00:08:07.959 dish requires its own ingredients and steps. Yeah, Threads allow 152 00:08:08.040 --> 00:08:12.120 a single process to handle multiple tasks concurrently, just like 153 00:08:12.160 --> 00:08:13.439 our multitasking chef. 154 00:08:13.560 --> 00:08:16.560 So it's like having multiple cooks in the kitchen, all 155 00:08:16.600 --> 00:08:18.800 sharing the same space and equipment, but working on their 156 00:08:18.839 --> 00:08:22.839 own dishes. Exact concurrency and action. It's it, right, And 157 00:08:22.879 --> 00:08:26.199 the cool thing is creating threads is generally much faster 158 00:08:26.279 --> 00:08:27.920 than creating separate processes. 159 00:08:28.199 --> 00:08:31.399 It is, indeed, and it's a key technique for achieving 160 00:08:31.439 --> 00:08:34.399 responsiveness and performance. In many applications. 161 00:08:34.639 --> 00:08:37.960 Okay, So now for these processes, whether single threaded or 162 00:08:38.039 --> 00:08:41.639 multi threaded, right, to interact with the kernel, they need 163 00:08:41.679 --> 00:08:45.200 a way to communicate their requests, and that's where system 164 00:08:45.240 --> 00:08:47.159 calls come in, right, precisely. Okay. 165 00:08:47.240 --> 00:08:51.320 They're the interface through which programs request services from the kernel, 166 00:08:52.080 --> 00:08:55.200 like opening a file, sending data over a network, or 167 00:08:55.240 --> 00:08:56.120 allocating memory. 168 00:08:56.200 --> 00:08:59.039 It's like the language that user programs use to talk 169 00:08:59.080 --> 00:09:00.360 to the kernel exactly. Ye. 170 00:09:00.759 --> 00:09:04.519 Kerisk uses the simple example of the open system call. 171 00:09:04.840 --> 00:09:07.200 You ask the kernel to open this file and it 172 00:09:07.200 --> 00:09:09.519 does the heavy lifting behind the scenes. Yeah, and just 173 00:09:09.559 --> 00:09:11.919 like a wader might tell you we're out of that dish, 174 00:09:12.639 --> 00:09:15.240 system calls can also fail, right, so. 175 00:09:15.159 --> 00:09:18.120 You don't always get what you want exactly. You got 176 00:09:18.120 --> 00:09:20.639 to have a backup plan, you do, and that's why, 177 00:09:20.720 --> 00:09:24.679 once again, Karris emphasizes error handling right. Always check those 178 00:09:24.720 --> 00:09:28.320 return values, make sure you're getting what you asked for exactly. 179 00:09:28.480 --> 00:09:33.879 And fortunately Linux provides great tools for debugging. Yeah, Kris 180 00:09:34.080 --> 00:09:37.240 mentions the strace command, which allows you to see all 181 00:09:37.279 --> 00:09:40.440 the system calls a program is making. Oh cool, it's 182 00:09:40.480 --> 00:09:43.480 like having a transcript of the conversation. Yeah, between a 183 00:09:43.519 --> 00:09:44.879 program and the kernel. 184 00:09:44.720 --> 00:09:47.679 That's really neat. Yeah, so that can be incredibly helpful 185 00:09:47.720 --> 00:09:51.399 then for tracking down those elusive bugs absolutely. Okay, Yeah, 186 00:09:51.519 --> 00:09:55.759 Now let's talk about feature test macros. Okay, this may 187 00:09:55.840 --> 00:09:58.399 seem like a minor detail. Yeah, but I was surprised 188 00:09:58.399 --> 00:10:01.120 by how important they are for writing portable code. 189 00:10:01.639 --> 00:10:04.919 Portability is key in the Linux world. Yeah, with so 190 00:10:05.000 --> 00:10:08.320 many different versions and distributions out there, right right, feature 191 00:10:08.320 --> 00:10:13.039 test macros allow you to tailor your code to specific 192 00:10:13.159 --> 00:10:17.679 versions of the Linux API, ensuring compatibility across different systems. 193 00:10:17.759 --> 00:10:20.960 It's like having a universal adapter for your electronics when 194 00:10:21.000 --> 00:10:23.759 you travel to different countries. Exactly, you need the right 195 00:10:23.799 --> 00:10:25.360 plug to connect to the power. 196 00:10:25.120 --> 00:10:28.519 Source you do. Future test macros ensure that your code 197 00:10:28.559 --> 00:10:31.960 plugs in correctly to different Linux environments. 198 00:10:32.000 --> 00:10:33.279 Okay, that's a good analogy. 199 00:10:33.399 --> 00:10:33.759 Yeah. 200 00:10:33.879 --> 00:10:36.159 Now let's move on to one of the most fundamental 201 00:10:36.159 --> 00:10:39.000 aspects of system programming, file io. 202 00:10:39.519 --> 00:10:39.720 Right. 203 00:10:40.279 --> 00:10:42.679 This is where things start to get really hands on. 204 00:10:43.480 --> 00:10:47.639 How programs actually interact with data stored on disk. 205 00:10:47.840 --> 00:10:49.320 Yeah, the real nitty gritty. 206 00:10:49.840 --> 00:10:52.240 I'm eager to hear what Kris has to say about it. 207 00:10:52.320 --> 00:10:55.320 You too, So we talked about how programs interact with 208 00:10:55.360 --> 00:10:58.279 the kernel through system calls, especially for things like file io. 209 00:10:59.000 --> 00:11:01.240 But how do they manage the memory they need to 210 00:11:01.320 --> 00:11:02.440 work with all that data? 211 00:11:03.039 --> 00:11:07.440 Well, memory management is a critical aspect of system programming. Yeah, 212 00:11:07.480 --> 00:11:11.399 and Keris explains the different ways that processes and Linux 213 00:11:11.440 --> 00:11:14.759 can allocate and manage memory. We touched upon the heap earlier, 214 00:11:15.000 --> 00:11:19.519 which is a dynamic space where a process can request 215 00:11:19.559 --> 00:11:21.360 more memory as needed. 216 00:11:21.240 --> 00:11:23.720 Right, like that attic or basement that can expand to 217 00:11:23.759 --> 00:11:26.519 hold more stuff as you accumulate things, exactly. 218 00:11:26.679 --> 00:11:29.559 Yeah, but there are other mechanisms as well, Okay, like 219 00:11:29.600 --> 00:11:33.320 shared memory your memory where multiple processes can access the 220 00:11:33.360 --> 00:11:37.399 same region of memory. Oh, imagine a collaborative workspace, yeah, 221 00:11:37.440 --> 00:11:41.159 where multiple programs can share data and communicate directly okay, 222 00:11:41.399 --> 00:11:44.399 without having to constantly copy information back and forth. 223 00:11:44.480 --> 00:11:48.759 That sounds incredibly efficient. What are some of the real 224 00:11:48.799 --> 00:11:51.320 world benefits of using shared memory. 225 00:11:51.080 --> 00:11:55.120 Like that, We'll think about performance critical applications like databases 226 00:11:55.240 --> 00:11:59.279 or real time systems. Right. Shared memory can dramatically reduce 227 00:11:59.320 --> 00:12:04.559 the overhead communication between processes, okay, leading to faster response 228 00:12:04.639 --> 00:12:07.840 times makes sense, and more efficient use of system resources. 229 00:12:07.919 --> 00:12:10.480 So in a way, it's about optimizing for both speed 230 00:12:10.600 --> 00:12:12.480 and resource usage. 231 00:12:12.240 --> 00:12:15.759 Precisely, okay. But efficient memory management isn't just about performance. 232 00:12:16.000 --> 00:12:18.000 It's also crucial for system stability. 233 00:12:18.120 --> 00:12:19.480 Right. If something goes wrong, if a. 234 00:12:19.480 --> 00:12:22.200 Process runs out of memory, yeah, or tries to access 235 00:12:22.240 --> 00:12:25.159 memory it shouldn't, right, it can cause the entire system 236 00:12:25.159 --> 00:12:25.519 to crash. 237 00:12:25.679 --> 00:12:28.480 It's a stark reminder of how interconnected everything is at 238 00:12:28.480 --> 00:12:32.279 the system level. Absolutely, one rogue process can bring down 239 00:12:32.320 --> 00:12:34.440 the whole house of cards, exactly. So you got to 240 00:12:34.440 --> 00:12:35.240 be careful. 241 00:12:35.000 --> 00:12:38.279 You do, which is why secure coding practices, especially around 242 00:12:38.320 --> 00:12:40.480 memory management, are so important. 243 00:12:40.759 --> 00:12:41.440 Absolutely. 244 00:12:41.600 --> 00:12:42.159 Yeah. 245 00:12:42.600 --> 00:12:47.240 Speaking of things that can influence program behavior, I've found 246 00:12:47.240 --> 00:12:51.200 the section on environment variables quite fascinating. Oh yeah, They're 247 00:12:51.240 --> 00:12:53.279 more than just settings, aren't they They are. 248 00:12:53.480 --> 00:12:57.919 Oh, think of environment variables as global variables that processes 249 00:12:58.039 --> 00:13:02.000 inherit from their parent process. It's like inheriting traits from 250 00:13:02.000 --> 00:13:05.240 your parents. Some you can modify, while others are fixed. 251 00:13:05.840 --> 00:13:09.120 They provide a way to pass information and configuration down 252 00:13:09.639 --> 00:13:11.799 through generations of processes, so. 253 00:13:11.759 --> 00:13:16.440 They can affect how a program behaves without the program 254 00:13:16.440 --> 00:13:20.559 itself explicitly setting those values exactly, Okay, I see. 255 00:13:20.600 --> 00:13:24.320 A common example is the path environment variable, which tells 256 00:13:24.320 --> 00:13:26.759 the shell where to look for executable programs. 257 00:13:26.919 --> 00:13:29.159 Right, So if you want to run a program without 258 00:13:29.159 --> 00:13:32.320 typing its full path, it needs to be in one 259 00:13:32.320 --> 00:13:33.840 of the directories listed in. 260 00:13:33.799 --> 00:13:34.879 Your path exactly. 261 00:13:34.919 --> 00:13:36.480 I use that all the time, but I've never really 262 00:13:36.759 --> 00:13:38.639 thought about how it works under the hood. 263 00:13:38.879 --> 00:13:41.440 Yeah, it's a subtle but powerful mechanism. 264 00:13:41.720 --> 00:13:42.360 Yeah. 265 00:13:42.399 --> 00:13:46.759 But Keris also cautions about the security implications of relying 266 00:13:46.759 --> 00:13:51.559 on environment variables. Okay, especially in privileged programs. A malicious 267 00:13:51.600 --> 00:13:55.799 user could manipulate environment variables to trick a program into 268 00:13:55.840 --> 00:13:56.879 doing something it shouldn't. 269 00:13:57.080 --> 00:13:58.600 That's scary, Yeah, it is. 270 00:13:58.919 --> 00:14:03.720 So it's crucial to be aware of the potential pitfalls. Yeah, 271 00:14:03.759 --> 00:14:07.360 and sanitize any input from the environment, especially if you're 272 00:14:07.360 --> 00:14:09.480 writing code that runs with elevated privileges. 273 00:14:09.639 --> 00:14:14.240 It's like someone tampering with a recipe, adding an unexpected 274 00:14:14.360 --> 00:14:17.480 ingredient that could completely change the outcome. Yeah, you got 275 00:14:17.519 --> 00:14:20.240 to be careful about that stuff. Okay. Now for something 276 00:14:20.240 --> 00:14:23.600 a bit more technical, Okay, Caris talks about jump targets 277 00:14:24.480 --> 00:14:29.039 using functions called set jimp and long jimp. I have 278 00:14:29.080 --> 00:14:32.159 to admit this one went a little over my head. Okay, sure, 279 00:14:32.360 --> 00:14:34.159 can you break it down? In a way that even 280 00:14:34.200 --> 00:14:35.039 I can understand. 281 00:14:35.399 --> 00:14:39.639 Sure, Okay. Imagine you're reading a book okay, and you 282 00:14:39.679 --> 00:14:42.720 suddenly decide you want to jump to a specific chapter 283 00:14:43.519 --> 00:14:45.440 bypassing all the pages in between. 284 00:14:45.639 --> 00:14:46.159 Yeah. 285 00:14:46.240 --> 00:14:49.559 That's essentially what set jump and long jimp allow you 286 00:14:49.600 --> 00:14:50.480 to do in your code. 287 00:14:50.519 --> 00:14:53.919 So it's like a nonlinear way of navigating through your 288 00:14:54.159 --> 00:14:56.039 program's execution exactly. 289 00:14:56.559 --> 00:15:00.000 They enable non local jumps okay, which can be particularly 290 00:15:00.200 --> 00:15:01.440 useful for error handling. 291 00:15:01.679 --> 00:15:01.960 Okay. 292 00:15:02.159 --> 00:15:06.519 Imagine a program encountering a fatal error deep within and 293 00:15:06.559 --> 00:15:11.200 nested function calls. Okay, Instead of unwinding the call stack meticulously, 294 00:15:12.039 --> 00:15:14.120 you can use long jemp to jump back to a 295 00:15:14.159 --> 00:15:17.879 previously saved point okay and gracefully handle the error. 296 00:15:18.080 --> 00:15:21.080 So it's like having an escape hatch in a complex maze, 297 00:15:21.159 --> 00:15:23.440 a way to bypass a blocked path and get back 298 00:15:23.480 --> 00:15:24.279 to a safe point. 299 00:15:24.399 --> 00:15:24.919 Precisely. 300 00:15:25.039 --> 00:15:28.000 I like that analogy. Now, let's shift gears a bit 301 00:15:28.120 --> 00:15:32.679 and talk about a fundamental concept in Linux security, User 302 00:15:32.759 --> 00:15:36.440 and group IDs. These are like digital fingerprints that identify 303 00:15:36.519 --> 00:15:40.279 who owns what and who's allowed to access which resources 304 00:15:40.320 --> 00:15:42.919 on the system exactly. So it's similar to having different 305 00:15:42.960 --> 00:15:46.679 levels of security clearance. In a building, your ID determines 306 00:15:46.720 --> 00:15:48.399 which areas you're allowed to enter. 307 00:15:48.480 --> 00:15:52.559 Exactly, okay. Kurisk explains how these ideas play a crucial 308 00:15:52.639 --> 00:15:58.919 role in determining a process's permissions when accessing files, running programs, 309 00:15:59.600 --> 00:16:02.200 interacting with other parts of the system. Right, it's a 310 00:16:02.240 --> 00:16:05.799 foundational aspect of how Linux protects sensitive information. 311 00:16:06.399 --> 00:16:09.240 I can see how understanding these concept is crucial for 312 00:16:09.279 --> 00:16:13.879 system administrators and anyone concerned about security. Absolutely, okay. And 313 00:16:14.120 --> 00:16:18.480 speaking of sensitive information, let's talk about time keeping in Linux. 314 00:16:18.840 --> 00:16:21.759 You might think it's just about clocks and calendars, Yeah, 315 00:16:21.799 --> 00:16:24.240 but ke Risk reveals it's much more nuanced than that. 316 00:16:24.559 --> 00:16:27.519 It is okay, I'm intrigued. What are some of the 317 00:16:27.720 --> 00:16:32.639 less obvious ways that Linux measures time well. 318 00:16:32.840 --> 00:16:35.919 In addition to tracking calendar time, Linux also keeps track 319 00:16:35.960 --> 00:16:39.720 of process time. Process time which measures how much CPU 320 00:16:39.799 --> 00:16:41.679 time a specific process is used. 321 00:16:41.840 --> 00:16:45.480 So it's like measuring how much electricity a particular appliance 322 00:16:45.519 --> 00:16:46.240 has consumed. 323 00:16:46.320 --> 00:16:47.720 That's a great analogy. 324 00:16:47.360 --> 00:16:49.240 Versus just looking at the overall time on the. 325 00:16:49.200 --> 00:16:52.399 Clock exactly, okay. And why is this important? Yeah, because 326 00:16:52.399 --> 00:16:57.080 it allows system programmers to understand how efficiently their programs 327 00:16:57.080 --> 00:16:59.759 are using resources. Okay, a program might be running for 328 00:16:59.759 --> 00:17:02.679 a long time, but if it's mostly waiting for input 329 00:17:02.799 --> 00:17:07.839 or iooperations, its actual CPU usage might be quite low. 330 00:17:08.160 --> 00:17:11.960 So timekeeping isn't just about telling time. It's also about 331 00:17:12.000 --> 00:17:15.440 profiling and understanding program behavior exactly. Ok. 332 00:17:15.599 --> 00:17:17.799 And then there are those intriguing details that you might 333 00:17:17.839 --> 00:17:20.319 not think about until they cause a problem, like path 334 00:17:20.400 --> 00:17:21.000 name limits. 335 00:17:21.000 --> 00:17:22.039 Path name limits. 336 00:17:22.160 --> 00:17:25.799 It turns out there are restrictions on how long filenames 337 00:17:25.839 --> 00:17:28.519 and directory paths can be in Linux. 338 00:17:28.720 --> 00:17:31.759 Oh that's right, I've run into that before when trying 339 00:17:31.799 --> 00:17:35.880 to create a really long filename or deeply nested directory structure. 340 00:17:36.240 --> 00:17:38.400 It seems like such a minor detail. It does, but 341 00:17:38.480 --> 00:17:40.400 it can definitely trip you up if you're not aware 342 00:17:40.400 --> 00:17:40.880 of it. 343 00:17:40.880 --> 00:17:44.480 It can. Kris points out that these limits can vary 344 00:17:44.519 --> 00:17:48.039 depending on the specific file system you're using, and he 345 00:17:48.240 --> 00:17:53.119 explains how to use the pathcon function to determine these limits, 346 00:17:53.680 --> 00:17:55.960 which can be important if you're working with large file 347 00:17:56.039 --> 00:17:58.680 systems or complex directory hierarchies. 348 00:17:58.839 --> 00:18:02.039 It's like knowing the weight LISMD of a bridge before 349 00:18:02.079 --> 00:18:04.119 you try to drive a truck over it. You need 350 00:18:04.160 --> 00:18:05.599 to be aware of the constraints you. 351 00:18:05.599 --> 00:18:09.000 Too, Now let's talk about something that often happens behind 352 00:18:09.079 --> 00:18:15.880 the scenes, ok but can significantly impact performance io buffering. 353 00:18:16.599 --> 00:18:20.160 Oh oh right, buffering. I've heard about buffering. Yes, could 354 00:18:20.200 --> 00:18:21.839 you explain exactly how it works. 355 00:18:22.039 --> 00:18:25.079 Imagine you're writing a letter, Okay, Instead of writing each 356 00:18:25.119 --> 00:18:28.000 word directly onto the envelope, you first write it on 357 00:18:28.000 --> 00:18:30.119 a piece of paper. Yeah, and then when the paper 358 00:18:30.160 --> 00:18:33.720 is full, you transfer the entire page to the envelope. Okay. 359 00:18:33.799 --> 00:18:36.559 That's essentially what buffering does for io operations. 360 00:18:36.839 --> 00:18:40.680 So it's about accumulating data in a temporary storage area 361 00:18:41.279 --> 00:18:44.599 and then writing it in larger chunks other than one 362 00:18:44.640 --> 00:18:45.440 bite at a time. 363 00:18:45.680 --> 00:18:50.119 Right. This reduces the number of system calls required, which 364 00:18:50.160 --> 00:18:53.680 can significantly speed up read and write operations. 365 00:18:54.000 --> 00:18:55.480 That makes a lot of sense. It's like taking a 366 00:18:55.519 --> 00:18:57.839 bus instead of walking every time you need to go 367 00:18:57.880 --> 00:18:59.960 somewhere more efficient and less overhead. 368 00:19:00.160 --> 00:19:00.680 Exactly. 369 00:19:01.079 --> 00:19:04.559 And here's an intriguing fact. Linux actually uses a two 370 00:19:04.640 --> 00:19:05.839 level buffering system. 371 00:19:06.079 --> 00:19:06.440 It does. 372 00:19:06.759 --> 00:19:10.039 There's buffering in the kernel, and then there's additional buffering 373 00:19:10.160 --> 00:19:14.279 in the studio library, which provides standard input and output 374 00:19:14.279 --> 00:19:18.559 functions for C programs. Exactly, So data gets buffered twice. Yeah, 375 00:19:18.640 --> 00:19:19.759 that seems like overkill. 376 00:19:19.960 --> 00:19:22.640 It might seem that way, but it's all about optimizing 377 00:19:22.680 --> 00:19:26.640 performance at different levels. Okay. The kernel's buffering handles the 378 00:19:26.680 --> 00:19:30.160 low level interactions with the hardware, okay, while the studio 379 00:19:30.240 --> 00:19:33.839 library's buffering provides a more convenient interface for. 380 00:19:33.839 --> 00:19:37.240 Programmers, so they each have their own specific roles they do. Okay, 381 00:19:37.359 --> 00:19:40.720 that makes sense. Now, though we've talked about how programs 382 00:19:40.799 --> 00:19:44.880 manage memory and interact with files, Yeah, let's dive into 383 00:19:44.960 --> 00:19:48.880 the world of filesystems themselves. Okay, how does Linux actually 384 00:19:48.920 --> 00:19:51.799 store and organize all this data on disc? 385 00:19:52.119 --> 00:19:56.279 Filesystem internals can be quite complex, Yeah, I bet, but 386 00:19:56.720 --> 00:19:59.799 Kerisk does a great job of providing a high level 387 00:20:00.119 --> 00:20:01.880 review of the key concepts. 388 00:20:01.920 --> 00:20:02.200 Okay. 389 00:20:02.319 --> 00:20:05.680 He talks about inodes innodes, which are like index cards 390 00:20:05.680 --> 00:20:10.160 that contain metadata about each file, including its size, permissions, 391 00:20:10.319 --> 00:20:11.440 and location on disc. 392 00:20:11.680 --> 00:20:14.720 So the inode is like the file's identity cards exactly. 393 00:20:14.799 --> 00:20:16.720 It tells the system everything it needs to know about 394 00:20:16.720 --> 00:20:17.559 the file it does. 395 00:20:17.880 --> 00:20:21.279 He then explains data blocks data blocks, which are the 396 00:20:21.319 --> 00:20:24.759 actual chunks of disk space where the file's content is stored. 397 00:20:24.920 --> 00:20:28.440 Okay, So the inode points to the data blocks where 398 00:20:28.480 --> 00:20:30.920 the actual data resides precisely, okay. 399 00:20:31.000 --> 00:20:33.319 And to tie everything together, there are. 400 00:20:33.240 --> 00:20:35.200 Mount points mount points, right, which. 401 00:20:35.079 --> 00:20:39.640