Query regarding kernel modules intercepting system call.

Ajinkya Surnis surnisaa at gmail.com
Sat Jul 8 11:38:40 EDT 2017


The purpose of assignment is to check the authenticity of the user
executing the system call, and prevent certain users from executing, kind
of like certain security programs (although I don't exactly know how they
work).

On Sat, Jul 8, 2017 at 8:50 PM, Greg KH <greg at kroah.com> wrote:

> On Sat, Jul 08, 2017 at 07:53:31PM +0530, Ajinkya Surnis wrote:
> > Actually, I've been given an assignment to write a kernel module such
> that
> > whenever a certain system call (e.g. open()) is executed, the control
> should
> > come to my new module; then it will do some processing on the parameters
> and
> > then call the actual syscall function (sys_open()).
>
> Horrible assignment, please pass along my regards to the professor that
> this is not anything that should ever be assigned.  Seriously, do you
> want me to email them this?
>
> > I only found the way of intercepting 'sys_call_table'. I know this kind
> of
> > hacking is probably not a good idea.
> > Can you suggest any alternative way?
> > I would really appreciate.
>
> Don't do it.
>
> Really, this is not a valid thing to do in Linux.
>
> Feel free to quote me.
>
> Also, the assignment said nothing about 2 modules, so are you sure you
> are even doing this right?  :)
>
> thanks,
>
> greg k-h
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.kernelnewbies.org/pipermail/kernelnewbies/attachments/20170708/7099808b/attachment.html 


More information about the Kernelnewbies mailing list