Solved

Intercept system calls in Kernal 2.6

Posted on 2006-07-07
2
261 Views
Last Modified: 2013-12-16
I have linux box running with Kernal 2.6, and I trying to intercept all the system calls. This method is like this, the system call the system calls, then redirected to my program/modlue where has the "fake" system calls, my program/(molule) intercept the system calls, make a record, then call the "real" system calls.

If there anyway I can do it? or someone can provide an example?
0
Comment
Question by:yarock
2 Comments
 
LVL 22

Accepted Solution

by:
pjedmond earned 300 total points
ID: 17062360
http://www.faqs.org/docs/kernel/

is the guide that I started with, and:

http://www.faqs.org/docs/kernel/x350.html

demonstrates how to pass arguments to the modules. You would need to accept the arguments that the original module would accept, and then pass them to the *real* module.

In order to do this, you would either have to recompile the kernel to call your module first, or rename the module that you want to intercept the calls of to something else.

http://www.digitalhermit.com/linux/Kernel-Build-HOWTO.html

was my original starting documentation when I started messing with this type of thing.

(   (()
(`-' _\
 ''  ''

0
 
LVL 8

Assisted Solution

by:manish_regmi
manish_regmi earned 200 total points
ID: 17110264
Hi adding or replacing a system call in 2.6 kernel is simply not possible using a module. The reason is the system call table is not exported to modules. so the system call table is not visible to your module.

What you can do is change the kernel codes itself. But it will be difficult to distribute.


regards
Manish Regmi
0

Featured Post

Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Network Interface Card (NIC) bonding, also known as link aggregation, NIC teaming and trunking, is an important concept to understand and implement in any environment where high availability is of concern. Using this feature, a server administrator …
Little introduction about CP: CP is a command on linux that use to copy files and folder from one location to another location. Example usage of CP as follow: cp /myfoder /pathto/destination/folder/ cp abc.tar.gz /pathto/destination/folder/ab…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question