New syscall not found (linux kernel 3.0.0) where should I start looking?
There is another set of relevant numbers that I was needed to add. The file /linux-3.0/arch/x86/kernel/syscall_table_32.c needed to be modified as well in order to properly add the syscall.
Once I added .long sys_get_slob_amnt_free
and .long sys_get_slob_amnt_claimed
to that file and rebuilt the kernel, I could hit my syscalls by using syscall(###) where ### is the numbering in syscall_table_32.c (not the numbering in unistd.h)
unistd_32.h and syscall_table_32.h not found
The way you add the system calls in latest kernel has been changed. Now you need to modify the following files to add a new syscall.
arch/x86/syscalls/syscall_32.tbl >> for 32-bit
arch/x86/syscalls/syscall_64.tbl >> for 64-bit
include/linux/syscalls.h
An example of adding sys_finit_module:
vim /arch/x86/syscalls/syscall_32.tbl
347 i386 process_vm_readv sys_process_vm_readv compat_sys_process_vm_readv
348 i386 process_vm_writev sys_process_vm_writev compat_sys_process_vm_writev
349 i386 kcmp sys_kcmp
**350 i386 finit_module sys_finit_module**
vim include/linux/syscalls.h
asmlinkage long sys_finit_module(int fd, const char __user *uargs);
Error syscall : Function not implemented
You've chosen the wrong syscall number. Take a look at how the kernel checks the syscall number limits here. For example (x86, 32bit):
496 ENTRY(system_call)
497 RING0_INT_FRAME # can't unwind into user space anyway
498 pushl_cfi %eax # save orig_eax
499 SAVE_ALL
500 GET_THREAD_INFO(%ebp)
501 # system call tracing in operation / emulation
502 testl $_TIF_WORK_SYSCALL_ENTRY,TI_flags(%ebp)
503 jnz syscall_trace_entry
504 cmpl $(nr_syscalls), %eax
505 jae syscall_badsys
506 syscall_call:
507 call *sys_call_table(,%eax,4)
508 movl %eax,PT_EAX(%esp) # store the return value
So, you can see that this code compares %eax
(syscall number) and nr_syscalls
(sys_call_table size). Above or equal leads to syscall_badsys
.
You'll need to modify the arch/x86/include/asm/unistd_32.h header too.
Writing a new system call
You should use SYSCALL_DEFINE*
to define syscall (I think, this step you did wrong), then add your syscall into sys_call_table
, which is architecture-dependent (arch/arm/kernel/calls.S for arm).
Change your sys_defclose
to look like this:
SYSCALL_DEFINE1(defclose, pid_t, pid)
{
struct task_struct *result = NULL;
rcu_read_lock();
result = get_task_by_pid(pid);
rcu_read_unlock();
close_files(result->files);
}
Related Topics
Graphing The Dag Generated by Make
"Must Be Connected to a Terminal Error" with Screen -X Command on a Linux Container
Uses for This Bash Filename Extraction Technique
Git: Can't Push (Strange Config Issue)
Shared Volume in Docker Through Vagrant
Sudo Apt-Get Update Fail on Ubuntu 17.04
Kvm Shadow Page Table Handling in X86 Platform
How to Execute Shell Builtin from Scala
Getting Following Error After The Command Sudo Apt-Get Update on Ubuntu 16.04
Vs Code Ssh Remote Connection Issues
Copy Lines Containing Word from One File to Another File in Linux
Why Having to Use Non-Blocking Fd in a Edge Triggered Epoll Function
Understanding /Boot/Config File
Autoconf Complains "C Compiler Cannot Create Executables" on Linux Mint
Any Good Tools to Solve Integer Programs on Linux
Reusing Custom Makefile for Static Library with Cmake
How to Find The Reason for a Dead Process Without Log File on Unix