system-calls

问题 I wrote a custom system call that compares two integers and returns the biggest one. Here's my kernel-side code: max.c #include <linux/kernel.h> #include <linux/syscalls.h> asmlinkage long sys_max(int num1, int num2) { if (num1 > num2) { return num1; } else { return num2; } } And here's my user-space code: max.h #include <unistd.h> #define SYS_MAX 323 int max(int num1, int num2) { int maxnumber = syscall(SYS_MAX, num1, num2); return maxnumber; } I'm using this little program to test the

问题 OPEN_MAX is the constant that defines the maximum number of open files allowed for a single program. According to Beginning Linux Programming 4 th Edition, Page 101 : The limit, usually defined by the constant OPEN_MAX in limits.h, varies from system to system, ... In my system, the file limits.h in directory /usr/lib/gcc/x86_64-linux-gnu/4.6/include-fixed does not have this constant. Am i looking at the wrong limits.h or has the location of OPEN_MAX changed since 2008 ? 回答1: For what it's

问题 I'm doing some experimenting and would like to be able to see what is saved on the stack during a system call (the saved state of the user land process). According to http://lxr.linux.no/#linux+v2.6.30.1/arch/x86/kernel/entry_32.S it shows that the various values of registers are saved at those particular offsets to the stack pointer. Here is the code I have been trying to use to examine what is saved on the stack (this is in a custom system call I have created): asm("movl 0x1C(%esp), %ecx");

问题 I'm currently working on the back-end of ACM-like public programming contest system. In such system, any user can submit a code source, which will be compiled and run automatically (which means, no human-eye pre-moderation is performed) in attempt to solve some computational problem. Back-end is a GNU/Linux dedicated machine, where a user will be created for each contestant, all such users being part of users group. Sources sent by any particular user will be stored at the user's home

问题 I have been trying to write a new system call(called sys_defclose) in the raspberry's kernel, but upon compiling i get this error: arch/arm/kernel/built-in.o: In function `__sys_trace_return': :(.text+0xd50): undefined reference to `sys_defclose' i have modified the following file: -include/linux/syscalls.h : where i put the prototype of my syscall -arch/arm/include/asm/unistd.h : where i put the new raw of the syscall table: #define __NR_sys_defclose (__NR_SYSCALL_BASE+380) -arch/arm/kernel

问题 I'm a bit confused about the understanding of a mode switch in Unix kernel. I give my understanding here and open it for discussion/correction. While transitioning from user mode to kernel mode, the processor makes a switch between the per-process-user-stack and the per-process-kernel-stack. Then the user-per-process stack segment selector and stack pointer is stored in the kernel stack and then the eip instruction pointer (return address at user mode) and other hardware registers are pushed

问题 Is it possible to call os system calls like open, close etc from a shell script? I tried googling but it takes me in the wrong direction of using "system()" command. Can some one help on this? 回答1: Many syscalls are accessible, but only via the native shell mechanisms, rather than being able to directly specify exact parameters. For instance: exec 4>outfile calls: open("outfile", O_WRONLY|O_CREAT|O_APPEND, 0666) = 3 dup2(3, 4) (with 3 being replaced by the next available descriptor), and exec

问题 Does anyone tell me how to block some specific system calls within a program, please? I am building a system which takes a piece of C source code, compiles it with gcc and runs it. For security reasons, I need to prevent the compiled program from calling some system calls. Is there any way to do it, from the source code level (e.g. stripping the header files of gcc, detecting malicious external calls, ...) to the executable level? Edited #1: Add details about malicious calls. Edited #2: My

问题 I've done a little shared library that tries to intercept open, open64, stat and stat64 sys calls. When I export LD_PRELOAD and run oracle's sqlplus, I can see the traces of the open and open64 calls, but no traces of the stat and stat64 calls. The shared library is a single c file with all the definitions of the sys calls in it. Why does it happen that some syscalls are intercepted and others don't? thanks for your help. 回答1: Because the GNU libc implements open() and open64() as you'd

问题 This question already has answers here : How is the system call in Linux implemented? (6 answers) Closed 5 years ago . How does system calls work ? What are the operations happen during system call? There are various system call like open , read, write, socket etc. I would like to know how do they work in general ? 回答1: In short, here's how a system call works: First, the user application program sets up the arguments for the system call. After the arguments are all set up, the program