Re: synchronisation question

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 8/27/05, Yagnavarahan <yagnavarahan@xxxxxxxxx> wrote:

> I'm only trying to hook onto syscalls now that 2.6 doesn't export the
> syscall table. Modifying the syscall table, I believe was a very fragile
> technique but with modifying the IDT, If proper synchronization is in place,
> why would it fail?

You can hook into the syscall table with a module too. Just get the
syscall table address for your system from System.map and try
modifying an obsolete call ID and replace it with your own syscall.
Write a module that will take the sys_call_table address as a
parameter and then use this value to export the sys_call_table
variable (local to that module). Then use it as an 'extern' variable
from another module that will use the sys_call_table variable to find
out the location of an obsolete syscall and replace it with your own.

here's a little pseudo-code:

module1:
------------

unsigned long *sys_call_table;		// need to export it

[..]

MODULE_PARM( syscalltable, "s" );		// setup by 'insmod' 
..
static int __init blah {

unsigned long val;
val = simple_strtoul( syscalltable, NULL, 16 );
sys_call_table = (unsigned long *)myval;

//sanity checks here

}

..
//cleanup module here.

/* module1 ends*/

module2
----------

#define OBSOLETE_ID __NR_blah

static unsigned long save_old_syscall;
extern unsigned long *sys_call_table;

...

static asmlinkage [return type] mysyscall ( arguments ){

//your new syscall here

}

static int __init blah2 {

..

save_old_syscall = sys_call_table[ OBSOLETE_ID ];
sys_call_table[ OBSOLETE_ID ] = mysyscall;

}

//cleanup etc.

/* module2 ends */

Once module1 and module2 are loaded (in that sequence), another
program from userland can be written to use this syscall.

I am not totally sure about repurcussions of modifying the IDT. Maybe
someone else can enlighten.

./h
-- 
Operating Systems and Computer Architecture Research  - University of Cincinnati
http://www.ececs.uc.edu/~mohapth

--
Kernelnewbies: Help each other learn about the Linux kernel.
Archive:       http://mail.nl.linux.org/kernelnewbies/
FAQ:           http://kernelnewbies.org/faq/
[Index of Archives]     [Newbies FAQ]     [Linux Kernel Mentors]     [Linux Kernel Development]     [IETF Annouce]     [Git]     [Networking]     [Security]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux SCSI]     [Linux ACPI]
  Powered by Linux