I am trying to add a linux syscall for an arm architecture. So far I have added a new syscall number in the /arch/arm/include/asm/unistd.h file, added a function prototype in syscalls.h and included a parameter to call the syscall in calls.S. When I compile the kernel I am able to execute the syscall using the syscall() function. I now want the user to use a wrapper or a stub to call the function so that the user does not need to remember the syscall number. How do I achieve this at the kernel level. I tried looking into the _syscall() function but it seems to be deprecated.
Thanks.
Related
This is a little bit strange question. I am trying to find a syscall that allowed to execute code on the stack without parameters on i386. I am doing ctf and I success to find a way to call syscall and control eax and have full control on the stack (with argv so just pointer to my strings). now I am jumping to the vdso (thats all the code in the program no dll's or anything else) to run a syscall that will allowed stack execution. but I go on the man page over and over and didn't found something I can use.
$uname -r 4.4.179-0404179-generic
There's no zero-arg Linux system call equivalent to mprotect(stack_base, stack_size, PROT_WRITE|PROT_READ|PROT_EXEC).
Not that I know of, and I wouldn't expect there to be one. Probably the only use case would be to help attackers, which is the opposite of hardening; normally you can make the stack executable via linker options or any specific pages via mprotect with args. There's no need for a shortcut for that.
There's also not one that can set the READ_IMPLIES_EXEC personality for an already-running process, even if you do allow args. (See Using personality syscall to make the stack executable - at best it will have an effect after execve.)
You might be able to use some ROP techniques to get some args set up for mprotect, and then return to the code you injected.
I am new to linux kernel programming. I am developing a simple Loadable Kernel
Module which needs info whenever there is a change in scheduler runqueue
(say rq_rt only). So I need to send a signal or interrupt to my kernel module (say a interrupt or signal handler in my module ) from the scheduler's functions (enqueue_rt, dequeue_rt, current_premept etc....).
Can anyone suggest a method how to send such signals or interrupts?
Yes. Finally I got the solution. We can make use of kernel tracing mechanism, ftrace.
This doesn't require any kernel modifications, but we can hook to kernel functions which are not trace protected.
More details are available here
Also for an efficient solution, you can make use of function pointers from kernel source code.
But the problem here is you have to modify Linux source code. Be very careful when you do such modifications.
Implement a NULL function pointer from you Linux source code - Call to this function pointer from the kernel routine (check for NULL and do)
Export the symbol
Provide a local function address to this symbol from your loadable module.
That's it...!!! You will get a function call from the kernel routine. Also make sure that when you exit the module, put the symbol back to NULL, otherwise kernel will crash.
I am trying to add a set of system calls to support semaphore in xv6.
I added a syssemaphore.c file(which will be instored with functions that will path the user arguments from the ustack using argptr, argint, etc..) and noticed that I cant find the h file which will link the functions I will write.
basicly I want to add files like sysproc.c and sysfile.c.
is it possible?
Adding a new system call to XV6 meaning altering the entire system call mechanism flow, from user space invoking system call interrupt while setting the system call id number in eax register, through syscall function which runs the right system call handler, and finally to the system call implementation (which includes a sys_something function to retrieve user parameters and validate them).
If I understand your question correctly, you're new file, syssemaphore.c, includes the sys_something functions that you wish to call from syscall in syscall.c file.
The syscall function is the only function that should invoke your new sys_something wrappers. therefore, it will be sufficient to add those functions prototypes (as extern function) above the syscalls array in syscall.c file, which will then allow you to add your new functions to the syscalls array.
See additional information at How to pass a value into system call XV6
If one tries to hook certain syscalls via sys_call_table-hooking, e.g. sys_execve this will fail, because they are indirectly called by a stub. For sys_execve this is stub_execve (compare assembly code on LXR).
But what are these stubs good for? Why do only certain system calls like execve(2) and fork(2) require a stub and how is this connected to x86_64? Is there a workaround to hook stubbed syscalls (in a Loadable Kernel Module)?
From here, it says:
"Certain special system calls that need to save a complete full stack frame."
And I think execve is just one of these special system calls.
From the code of stub_execve, If you want to hook it, at least you can try:
Get to understand the meaning of those assembly code and do it by yourself, then you can call your own function in your own assembly code.
From the middle of the assembly code, it has a call sys_execve, you can replace the address of sys_execve to your own hook function.
I want to add some code to my Linux 3.10 kernel that will run and use the alloc_bootmem(unsigned long size) function to allocate memory.
I understood that alloc_bootmem(unsigned long size) runs only in the boot stage, so I need my code to run in booting.
The problem is that I don't know how to make my function be called when the computer is booting.
I'm searching for a main function in Linux kernel that runs in the boot stage and calls all different of functions that also need to work in the boot stage. I want to add a line to this function that calls my code.
Can anyone show me this kind of function?
Is this the best way to add code that uses alloc_bootmem in the booting stage to the Linux kernel?
Thanks For Help!
The start_kernel function in init/main.c is kernel entry point. There some functions call alloc_bootmem (like setup_command_line).