system call interception
Hi all,
I have been trying to intercept all the system calls on my system, and want to do it for certain processes only.
I tried playing around with the code in entry_32.S in the kernel sources. If I try to change the value of sys_call_table, the kernel crashes while trying to start the init process. This also happens if I try to move the same value into sys_call_vector again..
i.e, something like
pushl %ecx
movl $sys_call_table, %ecx
movl %ecx, $sys_call_table
popl %ecx
call *sys_call_table(,%eax,4)
Any suggestions ?
--
Cheers
ARviND
|