[RFC]confusion about syscall
Mulyadi Santosa
mulyadi.santosa at gmail.com
Sun Jul 15 13:42:21 EDT 2012
Hi...
On Sun, Jul 15, 2012 at 4:18 PM, 王哲 <wangzhe5004 at gmail.com> wrote:
> thanks for reply.
> and i wander why the address of vsyscall page is not 0xffffe000 in my
> system?
address space randomization sometimes put the vsyscall page in much
lower address AFAIK. And it varies per invocation...
But wait, i just recall that your getpid() might contain a jump into
unpatched PLT first. It happens for the first time an external
function is called. On subsequent call, getpid() will jump directly to
the needed address in glibc.
Once I wrote about it....try google...
--
regards,
Mulyadi Santosa
Freelance Linux trainer and consultant
blog: the-hydra.blogspot.com
training: mulyaditraining.blogspot.com
More information about the Kernelnewbies
mailing list