Due: Thursday, September 1, 2016
In the text you should review/skim the introductory chapters 1 and 2 to familiarize yourself with the material they contain. Our first topic is system calls, covered in chapter 5. Some of the questions below require you to browse the kernel source code. You can use the cscope-linux command on DevBox.
Can a process accidentally try to invoke a system call that does not exist? If not, why is it impossible? If so, how could it happen and what does the kernel do in response?
The system call numbers assigned to each system call can, in effect, never be changed once they are assigned. Why not?
What does the ptrace
system call do? If you consult online resources,
give appropriate references in your answer.
In some systems it is possible for a kernel module to "hook" a system call by replacing the call's entry in the system call table with a pointer to a function provided by the module. That function could then do some extra processing before (or after) the original system call. There are a number of applications were this is useful (debugging, security, auditing), however Linux does not allow modules to hook system calls in this way.
Traditionally Unix has had a system call creat
for creating new files
and a separate system call open
for opening existing files. The POSIX
standard requires that open
be able to also create files given appropriate
flags, making creat
technically unnecessary. In Linux how does
creat
differ from open
?
Hint: Look up the implementation of creat
in the kernel source using
cscope. Because system calls are defined in a special way you should search for uses of
SYSCALL_DEFINE2 and SYSCALL_DEFINE3 to find all system calls with two or three parameters
respectively. Then search those lists manually for the calls you are interested in
studying.
Last Revised: 2016-08-11
© Copyright 2016 by Peter C. Chapin
<PChapin@vtc.vsc.edu>