LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > Programming
User Name
Password
Programming This forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.

Notices



Reply
 
Search this Thread
Old 08-29-2004, 11:43 PM   #1
appas
Member
 
Registered: Jul 2004
Posts: 72

Rep: Reputation: 15
problem in intercepting sys_write system call


Hi All,

I am intercepting sys_write system call and within my_sys_write i will call the original syswrite.
Before calling the original sys_write, i have to get the contents of the file which will be replaced
by the current write.
So i open a new file descriptor inside my_sys_write and read the current buffer before calling the
original sys_write.
I have a problem in reading the current buffer using sys_read which returns zero .
I am giving the relevant code below

Code:
ssize_t  my_sys_write(unsigned int fd, const char * buf, size_t count)
{
           // Get the name of absolute name from file descritpor
           // calling the sys_open to get a new handle for reading 
	 int openForRead = OriginalSysOpen(absoluteFileName,O_RDONLY,0777);
          // calling sys_read and storing the contents in the tmpBuf, bytesRead always return zero
	int bytesRead = OriginalSysRead(openForRead,tmpBuf, count );
	printk("  OPENFILEHANDLE %d BYTESREAD %d \n", openForRead,bytesRead);
	OriginalSysClose(openForRead);
	int returnValue = OriginalSysWrite(fd,buf,count);
	return returnValue;
}
After few hours of frustation, i am posting here to get some help.
 
Old 08-29-2004, 11:48 PM   #2
infamous41md
Member
 
Registered: Mar 2003
Posts: 804

Rep: Reputation: 30
kernel functions expect user space addresses as arguments, not kernel space. read this:
http://www.linux.it/kerneldocs/ksys/
 
Old 08-30-2004, 12:08 AM   #3
appas
Member
 
Registered: Jul 2004
Posts: 72

Original Poster
Rep: Reputation: 15
Thank u for the reply, Though i haven't yet gone through the document i have taken care of the user - kernel addr space using
the get_fs and set_fs. Code actually looks like below but still i am receiveing the number of bytes read as zero.

Code:
ssize_t  my_sys_write(unsigned int fd, const char * buf, size_t count)
{
           // Get the name of absolute name from file descritpor
           mm_segment_t tmpfs;
           tmpfs = get_fs();
	set_fs (get_ds());
         // calling the sys_open to get a new handle for reading 
         int openForRead = OriginalSysOpen(absoluteFileName,O_RDONLY,0777);
          // calling sys_read and storing the contents in the tmpBuf, bytesRead always return zero
         int bytesRead = OriginalSysRead(openForRead,tmpBuf, count );
         printk("  OPENFILEHANDLE %d BYTESREAD %d \n", openForRead,bytesRead);
         OriginalSysClose(openForRead);
         int returnValue = OriginalSysWrite(fd,buf,count);
         set_fs(tmpfs);
         return returnValue;
}
 
Old 08-31-2004, 11:24 AM   #4
appas
Member
 
Registered: Jul 2004
Posts: 72

Original Poster
Rep: Reputation: 15
I would like to add some more points that i noted while trying to fix the above mentioned error.
I wrote a simple c program which makes a call to write function. This write function was trapped by the kernel module (see above code) and successfully read the contents that are supposed to be replaced by the "OriginalSysWrite"
Instead if i open a file in vim editor and made some modifications and save the file. Here again the write was intercepted by "my_sys_write" but the "OriginalSysRead" inside "my_sys_read" returns zero.
If anyone can help me on this, please reply
 
Old 08-31-2004, 10:25 PM   #5
infamous41md
Member
 
Registered: Mar 2003
Posts: 804

Rep: Reputation: 30
don't get offended, but: these are things you need to figure out yourself. people can't and shouldn't hold your hand when you're kernel hacking. read the source for the functions giving you problem, do some simple tests, do w/e it takes to solve the problem. you can do it. i have faith.
 
Old 08-31-2004, 11:28 PM   #6
appas
Member
 
Registered: Jul 2004
Posts: 72

Original Poster
Rep: Reputation: 15
Really heartening to see your mail, thanks for your suggestions and i will do the same.
Thanks once again for the support and confidence you are giving.
 
Old 09-03-2004, 09:16 AM   #7
appas
Member
 
Registered: Jul 2004
Posts: 72

Original Poster
Rep: Reputation: 15
Its time to close the thread. At last i found out the where the problem lies. vi or any editors open the file in trunc mode before doing a write.Hence when i trapped
the sys_write system call, the file descriptor is pointer to a empty file. And i was trying to read from this empty file which was returning zero bytes.
Thanks for all your support.
 
Old 09-03-2004, 01:33 PM   #8
infamous41md
Member
 
Registered: Mar 2003
Posts: 804

Rep: Reputation: 30
good job
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
problem with adding a system call newcat Programming 17 04-08-2006 07:50 AM
Problem using 'read' system call buckles Programming 6 05-10-2005 12:45 PM
Problem w/ 'read' system call - RH 7.3 buckles Linux - Newbie 3 05-07-2005 01:03 AM
Problem in setgroups system call ppy Programming 1 11-04-2004 09:52 AM
a CGI written in C, problem with an fopen() system call Sm0k3 Programming 2 10-03-2003 03:18 PM


All times are GMT -5. The time now is 03:42 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration