Invoking a system call from within the kernel
Demi Marie Obenour
demiobenour at gmail.com
Wed Nov 15 21:16:35 EST 2017
I am looking to write my first driver. This driver will create a single
character device, which can be opened by any user. The device will
support one ioctl:
long ioctl_syscall(int fd, long syscall, long args);
This is simply equivalent to:
syscall(syscall, args, args, args, args, args,
and indeed I want it to behave *identically* to that. That means that
ptracers are notified about the syscall (and given the opportunity to
update its arguments), and that seccomp_bpf filters are applied.
Furthermore, it means that all arguments to the syscall need full
validation, as if they came from userspace (because they do).
Is there an in-kernel API that allows one to invoke an arbitrary syscall
with arguments AND proper ptrace/seccomp_bpf filtering? If not, how
difficult would it be to create one?
More information about the Kernelnewbies