Linux中「一切皆文件」是什么意思?
听说linux下一切可执行程序是二进位文件?
win的可执行程序不也是二进位文件吗?
Linux的一切皆文件是指,Linux世界中的所有、任意、一切东西都可以通过文件的方式访问、管理。
反过来说,是Linux和GNU世界定的规范,任何东西都挂在文件系统之上,即使它们不是文件,也以文件的形式来呈现。
有一个很关键的点,这个一切是单向的,也即所有的东西都单向通过文件系统呈现,反向不一定可行。比如通过新建文件的方式来创建磁碟设备是行不通的。
比如我们经常会讲的进程(/proc)、设备(/dev)、Socket等等,实际上都不是文件,但是你可以以文件系统的规范来访问它,修改属主和属性。
Linux下有lsof命令,可以查看所有已经打开的文件,你使用lsof -p [pid]的方式就可以查看对应的进程都打开了什么文件,而其中的type栏位就是表明它是什么类型,通过man losf 命令你可以查看到它有下面这么多种。
TYPE is the type of the node associated with the file - e.g., GDIR, GREG, VDIR, VREG, etc.
or ``IPv4 for an IPv4 socket;
or ``IPv6 for an open IPv6 network file - even if its address is IPv4, mapped in an IPv6 address;
or ``ax25 for a Linux AX.25 socket;
or ``inet for an Internet domain socket;
or ``lla for a HP-UX link level access file;
or ``rte for an AF_ROUTE socket;
or ``sock for a socket of unknown domain;
or ``unix for a UNIX domain socket;
or ``x.25 for an HP-UX x.25 socket;
or ``BLK for a block special file;
or ``CHR for a character special file;
or ``DEL for a Linux map file that has been deleted;
or ``DIR for a directory;
or ``DOOR for a VDOOR file;
or ``FIFO for a FIFO special file;
or ``KQUEUE for a BSD style kernel event queue file;
or ``LINK for a symbolic link file;
or ``MPB for a multiplexed block file;
or ``MPC for a multiplexed character file;
or ``NOFD for a Linux /proc/&/fd directory that cant be opened -- the directory path appears in the NAME column, followed by an error message;
or ``PAS for a /proc/as file;
or ``PAXV for a /proc/auxv file;
or ``PCRE for a /proc/cred file;
or ``PCTL for a /proc control file;
or ``PCUR for the current /proc process;
or ``PCWD for a /proc current working directory;
or ``PDIR for a /proc directory;
or ``PETY for a /proc executable type (etype);
or ``PFD for a /proc file descriptor;
or ``PFDR for a /proc file descriptor directory;
or ``PFIL for an executable /proc file;
or ``PFPR for a /proc FP register set;
or ``PGD for a /proc/pagedata file;
or ``PGID for a /proc group notifier file;
or ``PIPE for pipes;
or ``PLC for a /proc/lwpctl file;
or ``PLDR for a /proc/lpw directory;
or ``PLDT for a /proc/ldt file;
or ``PLPI for a /proc/lpsinfo file;
or ``PLST for a /proc/lstatus file;
or ``PLU for a /proc/lusage file;
or ``PLWG for a /proc/gwindows file;
or ``PLWI for a /proc/lwpsinfo file;
or ``PLWS for a /proc/lwpstatus file;
or ``PLWU for a /proc/lwpusage file;
or ``PLWX for a /proc/xregs file;
or ``PMAP for a /proc map file (map);
or ``PMEM for a /proc memory image file;
or ``PNTF for a /proc process notifier file;
or ``POBJ for a /proc/object file;
or ``PODR for a /proc/object directory;
or ``POLP for an old format /proc light weight process file;
or ``POPF for an old format /proc PID file;
or ``POPG for an old format /proc page data file;
or ``PORT for a SYSV named pipe;
or ``PREG for a /proc register file;
or ``PRMP for a /proc/rmap file;
or ``PRTD for a /proc root directory;
or ``PSGA for a /proc/sigact file;
or ``PSIN for a /proc/psinfo file;
or ``PSTA for a /proc status file;
or ``PSXSEM for a POSIX semaphore file;
or ``PSXSHM for a POSIX shared memory file;
or ``PTS for a /dev/pts file;
or ``PUSG for a /proc/usage file;
or ``PW for a /proc/watch file;
or ``PXMP for a /proc/xmap file;
or ``REG for a regular file;
or ``SMT for a shared memory transport file;
or ``STSO for a stream socket;
or ``UNNM for an unnamed type file;
or ``XNAM for an OpenServer Xenix special file of unknown type;
or ``XSEM for an OpenServer Xenix semaphore file;
or ``XSD for an OpenServer Xenix shared data file;
or the four type number octets if the corresponding name isnt known.
应评论中的同学要求,添加一些示例。
# 进到proc目录
[root@k8s ~]# cd /proc
[root@k8s proc]# ls
1 1063 1077 11 12 1504 19 2175 24 280 297 301 317 39 407 413 49 519 726 737 bus devices filesystems kallsyms kpageflags modules partitions softirqs timer_list vmstat
10 1066 1078 1100 13 16 2 2176 25 281 298 302 36 391 408 414 495 52 729 743 cgroups diskstats fs kcore loadavg mounts sched_debug stat timer_stats zoneinfo
102 1068 1083 1102 14 1746 20 2177 26 282 299 303 37 392 409 415 5 53 733 8 cmdline dma interrupts keys locks mpt schedstat swaps tty
1038 1071 1085 1110 15 1748 2005 2178 27 29 3 304 38 4 410 416 50 6 734 9 consoles driver iomem key-users mdstat mtrr scsi sys uptime
1061 1072 1097 1113 1502 1749 2007 22 279 294 30 305 380 405 411 47 51 66 735 acpi cpuinfo execdomains ioports kmsg meminfo net self sysrq-trigger version
1062 1073 1099 1164 1503 18 21 23 28 296 300 31 381 406 412 48 511 7 736 buddyinfo crypto fb irq kpagecount misc pagetypeinfo slabinfo sysvipc vmallocinfo
# 可以看到上面有很多以数字为名称的目录,而这些目录就对应每一个进程
# 使用ps -ef|grep nginx可以找到Nginx主进程的PID是2175
[root@k8s proc]# ps -ef|grep nginx
root 2175 1 0 10:23 ? 00:00:00 nginx: master process /usr/sbin/nginx
nginx 2176 2175 0 10:23 ? 00:00:00 nginx: worker process
nginx 2177 2175 0 10:23 ? 00:00:00 nginx: worker process
root 2182 2007 0 10:24 pts/0 00:00:00 grep --color=auto nginx
# 进入/proc/2175目录,可以看到这个进程相关的目录
[root@k8s 2175]# ls
attr cgroup comm cwd fd io map_files mountinfo net oom_adj pagemap projid_map schedstat smaps statm task wchan
autogroup clear_refs coredump_filter environ fdinfo limits maps mounts ns oom_score patch_state root sessionid stack status timers
auxv cmdline cpuset exe gid_map loginuid mem mountstats numa_maps oom_score_adj personality sched setgroups stat syscall uid_map
# 这里面的内容就是2175进程的全部内容了,非常多的命令实际上都是从这个目录读取的信息,比如上面的ps命令
# 上面的文件我举几个例子解释一下
# 1. fd目录,里面是此进程打开的文件的情况,每个均链接至实际的文件或设备
[root@k8s 2175]# ll fd
总用量 0
lrwx------ 1 root root 64 9月 29 10:53 0 -&> /dev/null
lrwx------ 1 root root 64 9月 29 10:53 1 -&> /dev/null
lrwx------ 1 root root 64 9月 29 10:53 10 -&> socket:[26530]
l-wx------ 1 root root 64 9月 29 10:53 2 -&> /var/log/nginx/error.log
lrwx------ 1 root root 64 9月 29 10:53 3 -&> socket:[26527]
l-wx------ 1 root root 64 9月 29 10:53 4 -&> /var/log/nginx/error.log
l-wx------ 1 root root 64 9月 29 10:53 5 -&> /var/log/nginx/access.log
lrwx------ 1 root root 64 9月 29 10:53 6 -&> socket:[27700]
lrwx------ 1 root root 64 9月 29 10:53 7 -&> socket:[27701]
lrwx------ 1 root root 64 9月 29 10:53 8 -&> socket:[26528]
lrwx------ 1 root root 64 9月 29 10:53 9 -&> socket:[26529]
# 2. limits,内容是此进程的系统限制信息
[root@k8s 2175]# cat limits
Limit Soft Limit Hard Limit Units
Max cpu time unlimited unlimited seconds
Max file size unlimited unlimited bytes
Max data size unlimited unlimited bytes
Max stack size 8388608 unlimited bytes
Max core file size 0 unlimited bytes
Max resident set unlimited unlimited bytes
Max processes 14889 14889 processes
Max open files 1024 4096 files
Max locked memory 65536 65536 bytes
Max address space unlimited unlimited bytes
Max file locks unlimited unlimited locks
Max pending signals 14889 14889 signals
Max msgqueue size 819200 819200 bytes
Max nice priority 0 0
Max realtime priority 0 0
Max realtime timeout unlimited unlimited us
# 3. stack,此进程的内核调用栈信息
[root@k8s 2175]# cat stack
[&] sigsuspend+0x39/0x70
[&] SyS_rt_sigsuspend+0x5e/0x80
[&] system_call_fastpath+0x25/0x2a
[&] 0xffffffffffffffff
# 这些内容都不是普通的文件,你通过文件系统看,它们的大小都是0,但你看我能输出上面的这么多信息
[root@k8s 2175]# ll
总用量 0
dr-xr-xr-x 2 root root 0 9月 29 10:25 attr
-rw-r--r-- 1 root root 0 9月 29 10:25 autogroup
-r-------- 1 root root 0 9月 29 10:25 auxv
-r--r--r-- 1 root root 0 9月 29 10:23 cgroup
--w------- 1 root root 0 9月 29 10:25 clear_refs
-r--r--r-- 1 root root 0 9月 29 10:24 cmdline
-rw-r--r-- 1 root root 0 9月 29 10:25 comm
-rw-r--r-- 1 root root 0 9月 29 10:25 coredump_filter
-r--r--r-- 1 root root 0 9月 29 10:25 cpuset
...
[root@k8s 2175]# du -sh
0
另外,我们经常会使用到的/dev/null, /dev/random,都是可以在文件目录中看到,但它们都不是普通的文件,而是Linux Kernel为了实现某些功能,同时存在everything is a file的约定,才把它们体现在了文件系统上。
2020.9.30 另外补一个我觉得挺有用的,且应该不少人不知道的一个小技巧
man 5 proc命令会输出/proc目录的帮助信息,它里面包含/proc/[pid]目录中每个目录和文件的说明信息
PROC(5) Linux Programmers Manual PROC(5)
NAME
proc - process information pseudo-file system
DESCRIPTION
The proc file system is a pseudo-file system which is used as an interface to kernel data structures. It is commonly mounted at /proc. Most of it is read-only, but some files allow kernel variables to be changed.
The following outline gives a quick tour through the /proc hierarchy.
/proc/[pid]
There is a numerical subdirectory for each running process; the subdirectory is named by the process ID. Each such subdirectory contains the following pseudo-files and directories.
/proc/[pid]/auxv (since 2.6.0-test7)
This contains the contents of the ELF interpreter information passed to the process at exec time. The format is one unsigned long ID plus one unsigned long value for each entry. The last entry contains two zeros.
/proc/[pid]/cgroup (since Linux 2.6.24)
This file describes control groups to which the process/task belongs. For each cgroup hierarchy there is one entry containing colon-separated fields of the form:
5:cpuacct,cpu,cpuset:/daemons
The colon-separated fields are, from left to right:
1. hierarchy ID number
2. set of subsystems bound to the hierarchy
3. control group in the hierarchy to which the process belongs
This file is present only if the CONFIG_CGROUPS kernel configuration option is enabled.
/proc/[pid]/cmdline
This holds the complete command line for the process, unless the process is a zombie. In the latter case, there is nothing in this file: that is, a read on this file will return 0 characters. The command-line arguments appear in this file as a set
of strings separated by null bytes ( ), with a further null byte after the last string.
/proc/[pid]/coredump_filter (since kernel 2.6.23)
See core(5).
/proc/[pid]/cpuset (since kernel 2.6.12)
See cpuset(7).
/proc/[pid]/cwd
This is a symbolic link to the current working directory of the process. To find out the current working directory of process 20, for instance, you can do this:
$ cd /proc/20/cwd; /bin/pwd
Note that the pwd command is often a shell built-in, and might not work properly. In bash(1), you may use pwd -P.
In a multithreaded process, the contents of this symbolic link are not available if the main thread has already terminated (typically by calling pthread_exit(3)).
其实是一种面向对象的设计思想。
就是说将一切外设当做文件,从而可以使用针对文件的那些操作。
串口是文件,内存是文件,usb是文件,进程信息是文件,网卡是文件,建立的每个网路通讯都是文件,蓝牙设备也是文件,等等等等。
所有外设都是文件,本质上就是说他们都支持用来访问文件的那些介面,可以被当做文件来访问。这个原理与子类都能当做基类访问是一样的,就是操作系统层面的oop思想。
Linux 系统把硬体映射成了设备文件。
例如摄像头 /dev/video0 怎么操作这个摄像头呢?思路是这样的。
用C里面的 open() 函数,open(/dev/video0) 就可以连接这个设备,然后通过 read() 就可以读出一帧一帧的图像。然后读出的图像矩阵保存成 BMP/JPG/PNG 文件,就可以查看了。
在举例音效卡。open()打开音效卡设备, read() 就是录音, write() 就是播放。
「一切皆文件「其实不是linux专属的,这是一种设计理念。在linux中大家都在强调这一点,可能是这么说显得自己很高端。。。
「一切皆文件「在可执行文件上可能表现不太明显,但是在一些奇奇怪怪(误)的东西上就显得很清晰了,比如:
我给电脑装了1T的硬碟,对于系统来说,这不是一个硬碟,这是一个文件;
我给电脑装了个贼拉风的机械键盘,对于系统来说,这不是一个键盘,这是一个文件;我给电脑装了个骚粉色的滑鼠,对于系统来说,这不是一个粉色滑鼠,这是一个文件。。
嗯,我500+的机械键盘在linux上是没有姓名的
这么搞有什么用呢?省心
拿滑鼠来举例子:
我们平常用的滑鼠,都是双击确定,但是突然出现了一个滑鼠,不按常理出牌。。它双击表示取消如果没有「一切皆文件」,那 linux 就会很迷惑,为啥别的滑鼠都是双击表示确定,就你是取消呢然后没办法,就只能再给这个滑鼠一个单独的类型,叫——「双击表示取消的奇怪滑鼠」然后每次都要先判断,这是一个正常滑鼠,还是一个奇怪滑鼠。。当各种各样的东西多起来以后,程序没别的事了,1w行代码里9k行是判断类型的。。所以,linux决定,你虽然是一个滑鼠,但你不能再当一个滑鼠了,因为你可太操心了。具体操作是啥呢?
我linux不管你滑鼠是双击确定,还是单击确定,还是双击取消反正,我收到1就当你是确定,我收到2就当你是取消,我收到83251我就当你是在开玩笑。。
linux不管这到底是什么高贵的设备,我就当是个文件,硬体驱动到位了我就用,硬体驱动不到位我就不用。
其实不光是硬体设备,系统的进程啦,代码啦在linux里都是一个文件,linux改了对应的文件,就改了这个设备/进程/代码,而不用操心是怎么改的。
就问你省心不省心。
所以,「一切皆文件」=「一切皆玩意,这个玩意在linux里叫文件」
所以题主你说,windows可执行文件是二进位文件,没错。因为「一切皆文件」跟「文件」其实没啥关系。
这个就是个思想,linux把这个思想用「文件系统」实现了。
linux一切皆文件,是基于Linux 进程抽象的定义,实际上对应内核态里面的一个索引,根据每个文件类型,有可以抽象出以下结构体,感兴趣看内核驱动
struct file_operations {
struct module *owner;
loff_t (*llseek) (struct file *, loff_t, int);
ssize_t (*read) (struct file *, char __user *, size_t, loff_t *);
ssize_t (*write) (struct file *, const char __user *, size_t, loff_t *);
ssize_t (*aio_read) (struct kiocb *, const struct iovec *, unsigned long, loff_t);
ssize_t (*aio_write) (struct kiocb *, const struct iovec *, unsigned long, loff_t);
int (*readdir) (struct file *, void *, filldir_t);
int (*iterate) (struct file *, struct dir_context *);
unsigned int (*poll) (struct file *, struct poll_table_struct *);
long (*unlocked_ioctl) (struct file *, unsigned int, unsigned long);
long (*compat_ioctl) (struct file *, unsigned int, unsigned long);
int (*mmap) (struct file *, struct vm_area_struct *);
int (*open) (struct inode *, struct file *);
int (*flush) (struct file *, fl_owner_t id);
int (*release) (struct inode *, struct file *);
int (*fsync) (struct file *, loff_t, loff_t, int datasync);
int (*aio_fsync) (struct kiocb *, int datasync);
int (*fasync) (int, struct file *, int);
int (*lock) (struct file *, int, struct file_lock *);
ssize_t (*sendpage) (struct file *, struct page *, int, size_t, loff_t *, int);
unsigned long (*get_unmapped_area)(struct file *, unsigned long, unsigned long, unsigned long, unsigned long);
int (*check_flags)(int);
int (*flock) (struct file *, int, struct file_lock *);
ssize_t (*splice_write)(struct pipe_inode_info *, struct file *, loff_t *, size_t, unsigned int);
ssize_t (*splice_read)(struct file *, loff_t *, struct pipe_inode_info *, size_t, unsigned int);
int (*setlease)(struct file *, long, struct file_lock **);
long (*fallocate)(struct file *file, int mode, loff_t offset,
loff_t len);
int (*show_fdinfo)(struct seq_file *m, struct file *f);
};
当我们需要打开一个文件,会调用open,open这个函数是一个系统调用,触发svc中断,切换到内核态,内核处理真正的打开文件的操作,实际上是抽象成为一个结构体,结构体存放在内核buf中,返回fd,实际上是buf的对应位置,内核态处理完成后返回fd,用于下次系统调用到内核态的参数使用。
一个进程最多可以打开多少个文件? 答案是,1024,这取决于内核态的实现。
推荐阅读:
