Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id ; Mon, 21 Oct 2002 13:37:13 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id ; Mon, 21 Oct 2002 13:37:03 -0400 Received: from guttormur.frisk-software.com ([213.220.100.9]:64199 "EHLO guttormur.frisk-software.com") by vger.kernel.org with ESMTP id ; Mon, 21 Oct 2002 13:35:54 -0400 Subject: System call wrapping From: =?ISO-8859-1?Q?Henr=FD_=DE=F3r?= Baldursson To: Linux Kernel Mailing List Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=-s9K8jnV2bFdf7tzxghTm" X-Mailer: Ximian Evolution 1.0.8 (1.0.8-10) Date: 21 Oct 2002 17:42:01 +0000 Message-Id: <1035222121.1063.20.camel@pc177> Mime-Version: 1.0 Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2180 Lines: 59 --=-s9K8jnV2bFdf7tzxghTm Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Dear sirs,=20 I work for FRISK Software International. We are an Antivirus company. Our product is the F-Prot Antivirus scanner.=20 We have started to port our application to the Linux platform in an effort to provide system administrators with means to scan the content they supply their workstations with via Linux servers.=20 In our Windows product we have something called "Realtime protector" which monitors file access on Windows running machines and scans them before allowing access.=20 We now want, due to customer demand, to supply our Linux users with similar functionality, and we've created a 2.4.x kernel module which wrapped the open system call by means of overwriting sys_call_table[__NR_open]. We did realize that this is a bad idea if a user loads another module doing the same, and then unloads in the wrong order. And also that this is not a very pretty method. But it worked.=20 Apparently, this is something you kernel hackers don't approve of, since you've recently removed EXPORT_SYMBOL(sys_call_table) from kernel/ksyms.c - so my question is whether there is some other preferred method for accomplishing this without forcing the user to patch and=20 compile a new kernel. Is there some API for wrapping system calls which I am unaware of, or are there plans to provide one?=20 Best regards,=20 Henr=FD =DE=F3r Baldursson, Linux Developer=20 FRISK Software International=20 http://www.f-prot.com http://aves.f-prot.com --=-s9K8jnV2bFdf7tzxghTm Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQA9tDxpmKhgit64+foRArjHAJwLPoamq8OVUuy3cN3kC3UCkMgWBwCgnrJ8 L1iBhQiyW+ec0PDkk7wdv5M= =ROEL -----END PGP SIGNATURE----- --=-s9K8jnV2bFdf7tzxghTm-- - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/