EbubekirK wrote:MagicSkyFairy wrote:Googled "linux system calls".
http://docs.cs.up.ac.za/programming/asm … calls.html
There is a table with all the system calls and their numbers in the source somewhere. If you are going to distribute this, don't change the system calls. It's a terrible idea, they don't even remove depreciated ones, but if you're just playing around then have fun and do whatever the hell you want.
Hello, i don't know how to use system call table in 3.x, in 2.x i can, but my 2.x technique not working in 3.x.
It's all over the internet. You can't actually change the system call table by default since it is read only(write access would be a huge security hole). The table is in entry.S of the source code. I think you just have to edit the function in the file where the system call is(look at the link above).
Here is a link explaining how system calls work. I can't really help you anymore after this since I feel like it's more than enough for you to atleast figure out how to find what you need on your own. http://www.win.tue.nl/~aeb/linux/lk/lk-4.html
I found these really quickly by simply searching "linux system calls" and "adding linux system calls". I'm sure you would find your answer much faster by also doing this.
edit: One more link. http://www.tldp.org/HOWTO/html_single/I … -2.6-i386/
if that's not helpful: http://tuxthink.blogspot.com/2012/01/ad … nux-3.html
stackoverflow question on how to add syscalls in linux 3.3: http://stackoverflow.com/questions/9977 … kernel-3-3
and last one https://docs.google.com/viewer?a=v&q=ca … 5pDfsIQBfQ
Good luck and happy hacking.
Thanks
]]>MagicSkyFairy wrote:Googled "linux system calls".
http://docs.cs.up.ac.za/programming/asm … calls.html
There is a table with all the system calls and their numbers in the source somewhere. If you are going to distribute this, don't change the system calls. It's a terrible idea, they don't even remove depreciated ones, but if you're just playing around then have fun and do whatever the hell you want.
Hello, i don't know how to use system call table in 3.x, in 2.x i can, but my 2.x technique not working in 3.x.
It's all over the internet. You can't actually change the system call table by default since it is read only(write access would be a huge security hole). The table is in entry.S of the source code. I think you just have to edit the function in the file where the system call is(look at the link above).
Here is a link explaining how system calls work. I can't really help you anymore after this since I feel like it's more than enough for you to atleast figure out how to find what you need on your own. http://www.win.tue.nl/~aeb/linux/lk/lk-4.html
I found these really quickly by simply searching "linux system calls" and "adding linux system calls". I'm sure you would find your answer much faster by also doing this.
edit: One more link. http://www.tldp.org/HOWTO/html_single/I … -2.6-i386/
if that's not helpful: http://tuxthink.blogspot.com/2012/01/ad … nux-3.html
stackoverflow question on how to add syscalls in linux 3.3: http://stackoverflow.com/questions/9977 … kernel-3-3
and last one https://docs.google.com/viewer?a=v&q=ca … 5pDfsIQBfQ
Good luck and happy hacking.
]]>Why are you even trying to overwrite the syscalltable?
If you're trying to sandbox a program, there's already such functionality build into the kernel (see namespaces http://lwn.net/Articles/531114/#series_index).
If you need to overwrite the behavior of a single program, using ld_preload often works, because programs usually make syscalls through the libc.
Or are you trying to write a kernel-mode rootkit?
Googled "linux system calls".
http://docs.cs.up.ac.za/programming/asm … calls.html
There is a table with all the system calls and their numbers in the source somewhere. If you are going to distribute this, don't change the system calls. It's a terrible idea, they don't even remove depreciated ones, but if you're just playing around then have fun and do whatever the hell you want.
Hello, I dunno how to use system call table in 3.x, in 2.x I can, but 2.x technique do not working in 3.x.
]]>http://docs.cs.up.ac.za/programming/asm … calls.html
There is a table with all the system calls and their numbers in the source somewhere. If you are going to distribute this, don't change the system calls. It's a terrible idea, they don't even remove depreciated ones, but if you're just playing around then have fun and do whatever the hell you want.
]]>You can't dynamically add system calls to the kernel, but you can intercept them.
This article shows you how: http://www.linuxjournal.com/article/4378
I don't want to add new system calls to kernel, I want to change existing system calls
]]>This article shows you how: http://www.linuxjournal.com/article/4378
]]>