Solved

Intercept system calls in Kernal 2.6

Posted on 2006-07-07
2
259 Views
Last Modified: 2013-12-16
I have linux box running with Kernal 2.6, and I trying to intercept all the system calls. This method is like this, the system call the system calls, then redirected to my program/modlue where has the "fake" system calls, my program/(molule) intercept the system calls, make a record, then call the "real" system calls.

If there anyway I can do it? or someone can provide an example?
0
Comment
Question by:yarock
2 Comments
 
LVL 22

Accepted Solution

by:
pjedmond earned 300 total points
ID: 17062360
http://www.faqs.org/docs/kernel/

is the guide that I started with, and:

http://www.faqs.org/docs/kernel/x350.html

demonstrates how to pass arguments to the modules. You would need to accept the arguments that the original module would accept, and then pass them to the *real* module.

In order to do this, you would either have to recompile the kernel to call your module first, or rename the module that you want to intercept the calls of to something else.

http://www.digitalhermit.com/linux/Kernel-Build-HOWTO.html

was my original starting documentation when I started messing with this type of thing.

(   (()
(`-' _\
 ''  ''

0
 
LVL 8

Assisted Solution

by:manish_regmi
manish_regmi earned 200 total points
ID: 17110264
Hi adding or replacing a system call in 2.6 kernel is simply not possible using a module. The reason is the system call table is not exported to modules. so the system call table is not visible to your module.

What you can do is change the kernel codes itself. But it will be difficult to distribute.


regards
Manish Regmi
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Non root SFTP users cannot log in - Software caused connection abort 15 75
change time in cron 4 65
Problem to start Neon 20 82
Linux "time" command output redirection 16 113
In this tutorial I will explain how to make squid prevent malwares in five easy steps: Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. It reduces bandwidth and improves response times by caching and reusing frequently-…
It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

948 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now