system call reflection
system call reflection
- Subject: system call reflection
- From: Joshua LeVasseur <email@hidden>
- Date: Tue, 28 Jan 2003 18:23:06 +0100
Does Darwin provide a kernel mechanism to reflect system calls to a
third-party task?
The solutions I've investigated:
- ptrace(), but no functionality similar to Linux's PTRACE_SYSCALL
- task_set_exception_ports() with EXC_MASK_SYSCALL : looking through
the Darwin source code, looks as if an exception is sent to the
exception port only for invalid system call numbers.
- task_set_emulation_vector() : looks to be unused in Darwin. I could
imagine it being useful for x86, where the INT instruction can specify
an immediate interrupt vector entry point, and thus provide
non-overlapping system call support. But for PowerPC, the only system
call info is contained in R0, which makes it difficult to differentiate
between a legitimate Darwin system call and an emulated system call
(plus how would you capture an emulated sys call and then call a real
Darwin system call without recursively jumping to the emulated
exception vector again?).
- I looked through the system call invocation path in the kernel for
hooks that might reflect the system call.
I just hope to avoid a user-space solution :)
Thanks for any help,
Josh
_______________________________________________
darwin-kernel mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/darwin-kernel
Do not post admin requests to the list. They will be ignored.