system-calls

Where can I find system call source code?

谁说我不能喝 提交于 2019-11-26 12:58:59
问题 In linux where can I find the source code for all system calls given that I have the source tree? Also if I were to want to look up the source code and assembly for a particular system call is there something that I can type in terminal like -my_system_call? 回答1: You'll need the Linux kernel sources in order to see the actual source of the system calls. Manual pages, if installed on your local system, only contain the documentation of the calls and not their source itself. Unfortunately for

How is malloc() implemented internally? [duplicate]

北慕城南 提交于 2019-11-26 11:59:31
This question already has an answer here: How do malloc() and free() work? 13 answers Can anyone explain how malloc() works internally? I have sometimes done strace program and I see a lot of sbrk system calls, doing man sbrk talks about it being used in malloc() but not much more. DarkDust The sbrk system call moves the "border" of the data segment. This means it moves a border of an area in which a program may read/write data (letting it grow or shrink, although AFAIK no malloc really gives memory segments back to the kernel with that method). Aside from that, there's also mmap which is used

how could I intercept linux sys calls?

前提是你 提交于 2019-11-26 09:08:28
问题 Besides the LD_PRELOAD trick , and Linux Kernel Modules that replace a certain syscall with one provided by you , is there any possibility to intercept a syscall ( open for example ) , so that it first goes through your function , before it reaches the actual open ? 回答1: if you really need a solution you might be interested in the DR rootkit that accomplishes just this, http://www.immunityinc.com/downloads/linux_rootkit_source.tbz2 the article about it is here http://www.theregister.co.uk

How do I get a thread ID from an arbitrary pthread_t?

隐身守侯 提交于 2019-11-26 07:33:36
问题 I have a pthread_t, and I\'d like to change its CPU affinity. The problem is that I\'m using glibc 2.3.2, which doesn\'t have pthread_setaffinity_np(). That\'s OK, though, because pthread_setaffinity_np() is itself a wrapper of sched_setaffinity(), which can be called by passing a thread ID instead of a process ID to set the affinity for an arbitrary thread. BUT ... The thread id that sched_setaffinity can work with is an OS thread id, the kind that you can get from the gettid() system call.

What is better “int 0x80” or “syscall”?

假如想象 提交于 2019-11-26 06:27:55
问题 I study the Linux Kernel and found out that for x86_64 architecture the interrupt int 0x80 doesn\'t work for calling system calls. (Editor\'s note: not strictly true, it does work in some cases, but never recommended. What happens if you use the 32-bit int 0x80 Linux ABI in 64-bit code?) For the i386 architecture (32-bit x86 user-space), what is more preferable syscall or int 0x80 and why? EDIT : I use the kernel 3.4 回答1: syscall is default way of entering kernel mode on x86-64 . This

Why do x86-64 Linux system calls modify RCX, and what does the value mean?

对着背影说爱祢 提交于 2019-11-26 06:09:28
问题 I\'m trying to allocate some memory in linux with sys_brk syscall. Here is what I tried: BYTES_TO_ALLOCATE equ 0x08 section .text global _start _start: mov rax, 12 mov rdi, BYTES_TO_ALLOCATE syscall mov rax, 60 syscall The thing is as per linux calling convention I expected the return value to be in rax register (pointer to the allocated memory). I ran this in gdb and after making sys_brk syscall I noticed the following register contents Before syscall rax 0xc 12 rbx 0x0 0 rcx 0x0 0 rdx 0x0 0

How to invoke a system call via sysenter in inline assembly?

泪湿孤枕 提交于 2019-11-26 04:45:56
问题 How can we implement the system call using sysenter/syscall directly in x86 Linux? Can anybody provide help? It would be even better if you can also show the code for amd64 platform. I know in x86, we can use __asm__( \" movl $1, %eax \\n\" \" movl $0, %ebx \\n\" \" call *%gs:0x10 \\n\" ); to route to sysenter indirectly. But how can we code using sysenter/syscall directly to issue a system call? I find some material http://damocles.blogbus.com/tag/sysenter/ . But still find it difficult to

How to access the system call from user-space?

陌路散爱 提交于 2019-11-26 04:44:17
问题 I read some paragraphs in LKD 1 and I just cannot understand the contents below: Accessing the System Call from User-Space Generally, the C library provides support for system calls. User applications can pull in function prototypes from the standard headers and link with the C library to use your system call (or the library routine that, in turn, uses your syscall call). If you just wrote the system call, however, it is doubtful that glibc already supports it! Thankfully, Linux provides a

Is malloc/free a syscall or a library routine provided by libc?

浪子不回头ぞ 提交于 2019-11-26 03:59:41
问题 If malloc/free is implemented as a library routine in libc, then is it implemented on top of the sbrk syscall or the mmap syscall, or something else? And to be general, does the function declared in sys/syscall.h contains ALL the system calls in the target machine? 回答1: malloc and free are standard C library functions which are to be implemented by each C implementation. The C standard only defines the way in which these functions behave and the behavior expected from them. How they are to be

How is malloc() implemented internally? [duplicate]

╄→гoц情女王★ 提交于 2019-11-26 02:39:36
问题 This question already has answers here : How do malloc() and free() work? (13 answers) Closed 6 years ago . Can anyone explain how malloc() works internally? I have sometimes done strace program and I see a lot of sbrk system calls, doing man sbrk talks about it being used in malloc() but not much more. 回答1: The sbrk system call moves the "border" of the data segment. This means it moves a border of an area in which a program may read/write data (letting it grow or shrink, although AFAIK no
订阅 system-calls