5

I was trying to add a new System Call to linux kernel 3.2.x. While searching for useful reference material over the internet i had an impression that implementing system call as a loadable module is not possible as in SO question Is it possible to add a system call via a LKM?

I found another link which says this "There is a way to add system calls without recompiling the kernel using modules as a wrapper, but that is beyond the scope of this document". source http://hekimian-williams.com/?p=20

I know implementing system call statically will require me to compile the kernel code each time i make any changes. Is there a way as specified in the above mentioned blog that i can implement it as a module.

Any suggestions or pointers in the direction are much appreciated.

Community
  • 1
  • 1
abhi
  • 3,476
  • 5
  • 41
  • 58
  • 1
    Can you solve your problem using a device driver model instead? With an open character device you can use read(), write(), ioctl(), etc. to communicate from userspace to kernel space. The result would be much more portable. – Peter Sep 27 '12 at 14:13
  • @Peter yes it can be done by i was looking for this solution specifically as i am trying to learn this. Do you have any idea what this guy in the blog is talking.. thanks – abhi Sep 27 '12 at 16:03

1 Answers1

5
  1. Locate sys_call_table/ia32_sys_call_table
  2. Make a copy and modify it as you wish (let it be my_sys_call_table)
  3. Locate system_call entry (this one and others)
  4. Modify NR_syscalls compare instruction in case of table size has changed

  5. Modify sys_call_table reference at system_call to point to my_sys_call_table:

    500        call *sys_call_table(,%eax,4)
      ->
500        call *my_sys_call_table(,%eax,4)
  6. Profit?

Have fun :)

Ilya Matveychikov
  • 3,936
  • 2
  • 27
  • 42
  • @llya thanks for the reply.. i will try to implement your suggestion. Though in the point 6 what do you mean by Profit?.. thanks – abhi Sep 28 '12 at 05:53
  • 2
    @abhi: Note that `system_call` is in `.text` segment and is RO. You'll need to find a way to write to read-only kernel's memory. Also, note that the write must be atomic operation in case of SMP-systems. `Profit?` means that from the 6th step you'll get the profit :) – Ilya Matveychikov Sep 28 '12 at 12:55