system-calls

I am trying to intercept all system calls made by my Android app on a non rooted device. So every time my app writes/reads a file, I want to intercept the system call and encrypt/decrypt the stream for security purposes. The encryption part is no problem, but how do I intercept the system calls? Because parts of the app are modules developed by third party providers of which I can not change the source code, there is no other way to make sure that data is stored securely. Since I do not have root access I cannot access the address of the system call table as described here and I can not do

I'm really confused. I have just noticed that starting from Android 8 all system calls like /proc/stat will be disabled. Ok, but what is work around to get CPU Usage in Android 8? No system calls at all. Is there some API that I'm not familiar with? I really hope that there is solution which I can't see now. No, all of /proc/stat has been disabled for non-System apps, as a side-channel. More information, with an official response from Google here: https://issuetracker.google.com/issues/37140047 来源： https://stackoverflow.com/questions/46182041/get-cpu-usage-of-a-device-running-android-8-oreo

I am trying to code a program that traces itself for system calls. I am having a difficult time making this work. I tried calling a fork() to create an instance of itself (the code), then monitor the resulting child process. The goal is for the parent process to return the index of every system call made by the child process and output it to the screen. Somehow it is not working as planned. Here is the code: #include <unistd.h> /* for read(), write(), close(), fork() */ #include <fcntl.h> /* for open() */ #include <stdio.h> #include <sys/ptrace.h> #include <sys/reg.h> #include <sys/wait.h>

Background I'm writing a framework to enable co-simulation of RTL running in a simulator and un-modified host software. The host software is written to control actual hardware and typically works in one of two ways: Read/Write calls through a driver Memory mapped access using mmap The former case is pretty straightforward - write a library that implements the same read / write calls as the driver and link against that when running a simulation. This all works wonderfully and I can run un-modified production software as stimulus for my RTL simulations. The second case is turning out to be far

I've done a little shared library that tries to intercept open, open64, stat and stat64 sys calls. When I export LD_PRELOAD and run oracle's sqlplus, I can see the traces of the open and open64 calls, but no traces of the stat and stat64 calls. The shared library is a single c file with all the definitions of the sys calls in it. Why does it happen that some syscalls are intercepted and others don't? thanks for your help. Because the GNU libc implements open() and open64() as you'd expect (i.e. they're just dynamically linked symbols that you can hook into with LD_PRELOAD ), but does something

A simple program is: I would like to get the thread ID of both of the threads using this gettid function. I do not want to do the sysCall directly. I want to use this function. #include <iostream> #include <boost/thread/thread.hpp> #include <boost/date_time/date.hpp> #include <unistd.h> #include <sys/types.h> using namespace boost; using namespace std; boost::thread thread_obj; boost::thread thread_obj1; void func(void) { char x; cout << "enter y to interrupt" << endl; cin >> x; pid_t tid = gettid(); cout << "tid:" << tid << endl; if (x == 'y') { cout << "x = 'y'" << endl; cout << "thread