Ideally, I'd like to prevent system calls from happening at all in the hosting
kernel, but that looks impossible. My fallback position is to get the hosting
kernel to execute something innocuous like getpid. That looks like it should
work in entry.S, but in ptrace.c, there is this in the PTRACE_POKEUSR code:
if (addr == ORIG_EAX)
return -EIO;
which kind of gets in the way.
I just looked at the 2.2.7 code, and it looks like that disappeared, plus
there is PTRACE_SETREGS, which is what I want anyway.
So, the question is, does anyone remember when that happened?
I haven't written the code to make this work, but the idea is that it will do
this:
On system call entry, use PTRACE_GETREGS to decode and execute the system
call in user space.
PTRACE_SETREGS and PTRACE_SYSCALL to make the process call getpid
On system call return, PTRACE_SETREGS to make the system call return the
user-space value.
Is there any reason that this wouldn't work?
Are there better ways to do it?
Jeff
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/