Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Intercept system calls in Kernal 2.6

Posted on 2006-07-07
2
Medium Priority
?
271 Views
Last Modified: 2013-12-16
I have linux box running with Kernal 2.6, and I trying to intercept all the system calls. This method is like this, the system call the system calls, then redirected to my program/modlue where has the "fake" system calls, my program/(molule) intercept the system calls, make a record, then call the "real" system calls.

If there anyway I can do it? or someone can provide an example?
0
Comment
Question by:yarock
2 Comments
 
LVL 22

Accepted Solution

by:
pjedmond earned 1200 total points
ID: 17062360
http://www.faqs.org/docs/kernel/

is the guide that I started with, and:

http://www.faqs.org/docs/kernel/x350.html

demonstrates how to pass arguments to the modules. You would need to accept the arguments that the original module would accept, and then pass them to the *real* module.

In order to do this, you would either have to recompile the kernel to call your module first, or rename the module that you want to intercept the calls of to something else.

http://www.digitalhermit.com/linux/Kernel-Build-HOWTO.html

was my original starting documentation when I started messing with this type of thing.

(   (()
(`-' _\
 ''  ''

0
 
LVL 8

Assisted Solution

by:manish_regmi
manish_regmi earned 800 total points
ID: 17110264
Hi adding or replacing a system call in 2.6 kernel is simply not possible using a module. The reason is the system call table is not exported to modules. so the system call table is not visible to your module.

What you can do is change the kernel codes itself. But it will be difficult to distribute.


regards
Manish Regmi
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Setting up Secure Ubuntu server on VMware 1.      Insert the Ubuntu Server distribution CD or attach the ISO of the CD which is in the “Datastore”. Note that it is important to install the x64 edition on servers, not the X86 editions. 2.      Power on th…
Google Drive is extremely cheap offsite storage, and it's even possible to get extra storage for free for two years.  You can use the free account 15GB, and if you have an Android device..when you install Google Drive for the first time it will give…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
Suggested Courses
Course of the Month11 days, 6 hours left to enroll

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question