Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S265584AbUABPjN (ORCPT ); Fri, 2 Jan 2004 10:39:13 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S265586AbUABPjN (ORCPT ); Fri, 2 Jan 2004 10:39:13 -0500 Received: from firewall.conet.cz ([213.175.54.250]:3484 "EHLO localhost.localdomain") by vger.kernel.org with ESMTP id S265584AbUABPjI (ORCPT ); Fri, 2 Jan 2004 10:39:08 -0500 Message-ID: <3FF59098.3030904@conet.cz> Date: Fri, 02 Jan 2004 16:39:04 +0100 From: Libor Vanek User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4.1) Gecko/20031114 X-Accept-Language: en-us, en MIME-Version: 1.0 To: =?windows-1250?Q?Ragnar_Kj=F8rstad?= CC: linux-kernel@vger.kernel.org Subject: Re: Syscall table AKA hijacking syscalls References: <3FF56B1C.1040308@conet.cz> <20040102135713.GA9935@vestdata.no> In-Reply-To: <20040102135713.GA9935@vestdata.no> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1449 Lines: 38 >>I'm writing some project which needs to hijack some syscalls in VFS >>layer. AFAIK in 2.6 is this "not-wanted" solution (even that there are >>some very nasty ways of doing it - see >>http://mail.nl.linux.org/kernelnewbies/2002-12/msg00266.html ) >> >>Also I've found out that Linus stated that intercepting syscalls is "bad >>thing" (load module a, load module b, unload module b => crash) but I >>think that there are some very good reasons (and ways) to do it (see >>http://syscalltrack.sourceforge.net ). My main reason to do it is that I >>want my GPLed module to be able to modify some VFS syscalls without >>patching and recompiling whole kernel and rebooting the machine. >> >> > >As part of the openxdsm-project we wrote an syscall-intercept module >that "solves" the (load module a, load module b, unload module b => >crash) part by providing a common infrastructure for intercepting >syscalls. > > The code looks very nice'n'simple but it won't run on 2.6 because mentioned hidden sys_call_table. But I can imagine that this with some small tweaks can be integrated into 2.6 to provide generall infrastructure for syscall hijacking when really needed. -- Libor Vanek - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/