Invoking a system call from within the kernel

Demi Marie Obenour demiobenour at
Wed Nov 15 21:16:35 EST 2017

I am looking to write my first driver.  This driver will create a single
character device, which can be opened by any user.  The device will
support one ioctl:

        long ioctl_syscall(int fd, long syscall, long args[6]);

This is simply equivalent to:

        syscall(syscall, args[0], args[1], args[2], args[3], args[4],
                args[5], args[6]);

and indeed I want it to behave *identically* to that.  That means that
ptracers are notified about the syscall (and given the opportunity to
update its arguments), and that seccomp_bpf filters are applied.
Furthermore, it means that all arguments to the syscall need full
validation, as if they came from userspace (because they do).

Is there an in-kernel API that allows one to invoke an arbitrary syscall
with arguments AND proper ptrace/seccomp_bpf filtering?  If not, how
difficult would it be to create one?


Demi Obenour

More information about the Kernelnewbies mailing list