Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Looking for system calls implementation on linux kernel

Tags:

c

linux

linux-kernel

kernel

I'm looking for the implementations of open(), close(), write() and unlink(), but I can't find them anywhere! Every function I find is like sys_open, do_open, etc_open... but nothing with the interface we use. Can you help me?

I need to discover what kind of security checks they make

like image 613
Adriano Avatar asked Feb 20 '12 01:02

Adriano

1 Answers

If you mean the library calls such as those found in fcntl.h, they're not part of the kernel, they're part of glibc.

If you are referring to the actual kernel calls, the system call xyzzy is usually handled by the function sys_xyzzy.

The entry.S file, at least in 2.4 (I haven't looked at later kernels), held a table mapping system call numbers to functions:

.data
  ENTRY(sys_call_table)
      .long SYMBOL_NAME(sys_ni_syscall)       /* 0  -  old "setup()" system call*/
      .long SYMBOL_NAME(sys_exit)
      .long SYMBOL_NAME(sys_fork)
      .long SYMBOL_NAME(sys_read)
      .long SYMBOL_NAME(sys_write)
      .long SYMBOL_NAME(sys_open)             /* 5 */
      .long SYMBOL_NAME(sys_close)
      .long SYMBOL_NAME(sys_waitpid)
      .long SYMBOL_NAME(sys_creat)
      .long SYMBOL_NAME(sys_link)
      .long SYMBOL_NAME(sys_unlink)           /* 10 */
      .long SYMBOL_NAME(sys_execve)
      .long SYMBOL_NAME(sys_chdir)
      .long SYMBOL_NAME(sys_time)
      .long SYMBOL_NAME(sys_mknod)
      .long SYMBOL_NAME(sys_chmod)            /* 15 */
        :
      .long SYMBOL_NAME(sys_ni_syscall)       /* sys_remap_file_pages */
      .long SYMBOL_NAME(sys_ni_syscall)       /* sys_set_tid_address */

KernelGrok seems to have a useful page showing the system calls, their names, parameters, and where to find the source. For example (slightly reformatted):

  0   sys_restart_syscall
      eax = 0x00
      kernel/signal.c:2058
  1   sys_exit
      eax = 0x01
      ebx = int error_code
      kernel/exit.c:1046
  2   sys_fork
      eax = 0x02
      ebx = struct pt_regs *
      arch/alpha/kernel/entry.S:716
  3   sys_read
      eax = 0x03
      ebx = unsigned int fd
      ecx = char __user *buf
      edx = size_t count
      fs/read_write.c:391
  4   sys_write
      eax = 0x04
      ebx = unsigned int fd
      ecx = const char __user *buf
      edx = size_t count
      fs/read_write.c:408
  :

and so on. But, being old school, I prefer to keep kernel sources local and just use grep :-)

like image 199
paxdiablo Avatar answered Oct 20 '22 20:10

paxdiablo
Sign in to Comment

Related questions

How to iterate over long path names with any form of the Windows API
Which are the best practices for data intensive reading and writing in a HD?
Why are executables in machine code operating system dependent?
Using stdlib's qsort() to sort an array of strings
How compilers treat SSE (or any) intrinsic functions?
How to know on which physical processor and on which physical core my code is running
should I eliminate TCHAR from Windows code?
Memory leak problem
Manipulating "sticky bit" within a C program
Packed Structs in (gcc)go
Hexadecimal constant in C is unsigned even though L suffix
Assigning data to array using curly brackets
Problem passing byte[] via jni to C on Android
Why does my program not overflow the stack when I allocate a 11MB char array while the stack upper limit is 10MB?
mkmf ignores files in sub-folders when it compiles the C extension
Initialise all elements in an array with a value using compound literals
How can I explicitly wait for a TCP ACK before proceeding?
generating a.out file format with gcc
What is the significance of a 0-length array in C? [duplicate]
sqlite3_column_text returned data gets corrupted during finalize/close

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!