Is there any way to catch all syscalls on Linux? The only solution I know of is using LD_PRELOAD à la fakeroot, but that only works for dynamically linked applications. Furthermore, this approach requires enumerating all syscalls which is something I'd like to avoid. ...
On Linux (or Solaris) is there a better way than hand parsing /proc/self/maps repeatedly to figure out whether or not you can read, write or execute whatever is stored at one or more addresses in memory? For instance, in Windows you have VirtualQuery. In Linux, I can mprotect to change those values, but I can't read them back. Furthe...
Are there differences between the amount of syscalls in the major *NIX variants ? Which syscalls would be supported universally ? ...
I have a pthread_t, and I'd like to change its CPU affinity. The problem is that I'm using glibc 2.3.2, which doesn't have pthread_setaffinity_np(). That's OK, though, because pthread_setaffinity_np() is itself a wrapper of sched_setaffinity(), which can be called by passing a thread ID instead of a process ID to set the affinity for an ...
I am trying to understand how the linux syscall sched_setaffinity() works. This is a follow-on from my question here. I have this guide, which explains how to use the syscall and has a pretty neat (working!) example. So I downloaded the Linux 2.6.27.19 kernel sources. I did a 'grep' for lines containing that syscall, and I got 91 res...
I am trying to write a program that allows a binary to be run, substituting a certain file when requested with another. It is a library with simple replacements for the system call functions, that is used with LD_PRELOAD. The problem is that it catches opens for reading (the substitute file is read instead), but writes always go back to ...
I am using RHEL 4 i am using syscall stat as follows:- if (stat ("file",&stat_obj)){ if (errno == ENOENT){ printf("File not found"); }else{ printf("Unexpected error occured %d ",errno); } } sometimes i get error message as ""Unexpected error occured 0" That means i get error as "0" . i checked file permissions that are...
I want to read the std output of a system call into a C/C++ string. Can I do this without using a temp file? Perl //without file io $output = `echo hello`; C++ //with file io system ("echo hello > tmp"); std::fstream file ("tmp"); std::string s; file >> s; ...
Inspired by this question http://stackoverflow.com/questions/1237489/how-can-i-force-gdb-to-disassemble and related to this one http://stackoverflow.com/questions/1245809/what-is-int-21h How does an actually system call happen under linux? what happens when the call is performed, until the actual kernel routine is invoked ? ...
I am trying to set the sys exit call to a variable by extern void *sys_call_table[]; real_sys_exit = sys_call_table[__NR_exit] however, when I try to make, the console gives me the error error: ‘__NR_exit’ undeclared (first use in this function) Any tips would be appreciated :) Thank you ...
If a Windows executable makes use of SYSENTER and is executed on a processor implementing AMD64 ISA, what happens? I am both new and newbie to this topic (OSes, hardware/software interaction) but from what I've read I have understood that SYSCALL is the AMD64 equivalent to Intel's SYSENTER. Hopefully this question makes sense. ...
I'm trying to add a new syscall in Red Hat 8.0 and I'm confused about some aspect of the mechanism. I've been following this guide: http://www.linuxjournal.com/article/3326 which details the steps of updating the syscall table in entry.S and unistd.h. However, I can't seem to figure out how the compiler actually finds where the syscall ...
How and Where does linux-kernel read proc/pid file which shows all processes in the system. I found linux-source-2.6.31/fs/proc/ Here there are files, but it is hard to understand because it is really complicated. Can someone knows, how it works? ...
Prelude sendfile() is an extremely useful syscall for two reasons: First, it's less code than a read()/write() (or recv()/send() if you prefer that jive) loop. Second, it's faster (less syscalls, implementation may copy between devices without buffer, etc...) than the aforementioned methods. Less code. More efficient. Awesome. In U...
Hello I Checked all of the possible values of AllocationType parameter on AllocateVirtualMemory syscall and found out it accepts values like 0x202000 and 0x203000 and therefore there should be another undocumented possible flag with value 0x200000. In WinNt.h it's defined as MEM_WRITE_WATCH. I want to know what it does? Thank you. ...
It is obvious that in general the read(2) system call can return less bytes than what was asked to be read. However, quite a few programs assume that when working with a local files, read(2) never returns less than what was asked (unless the file is shorter, of course). So, my question is: on Linux, in which cases can read(2) return les...
I'm porting linux kernel module written for Linux 2.4 to work with Linux 2.6. Some syscalls declared through syscallN() macros and wrapped in set_fs() calls were used in the code. How can I still use sycalls in Linux 2.6 where those macros are absent? I know it's a bad taste to use syscalls from kernel space and syscallN() macros are br...
Hi, all Is it possible to force gcc use int instruction for all the system calls, but not sysenter? This question may sound strange but I have to compile some projects like Python and Firefox this way. Summary Thanks to jbcreix, I've downloaded glibc 2.9 source code, and modified the lines in sysdeps/unix/sysv/linux/i386/sysdep.h, to ...
Is there a Windows equivalent to Linux's readahead syscall? EDIT: I would like a full function signature if possible, showing the equivalent offset/count parameters (or lower/upper). Eg: The Linux function signature is: ssize_t readahead(int fd, off64_t *offset, size_t count); and an example of it's use is readahead(file, 100, 500...
Assume a Linux binary foobar which has two different modes of operation: Mode A: A well-behaved mode in which syscalls a, b and c are used. Mode B: A things-gone-wrong mode in which syscalls a, b, c and d are used. Syscalls a, b and c are harmless, whereas syscall d is potentially dangerous and could cause instability to the machine....