Who saves the hardware and software context before the system call routine? Is it the processor itself or the software handler? Thanks. Answer Each system call has a wrapper function as already mentioned, each wrapper function triggers interrupt 128, int 0x80, which automatically saves on kernel stack the registers eip, esp, cs, ss, eflags. In the handling function a SAVE_ALL
Tag: call
New linux kernels, no lsm using lkms, no kernel hooks now what?
For security reasons, the kernel ceased to export characters necessary for writing security modules in the form of loadable kernel modules (Linux Kernel Module, LKM) starting with version 2.6.24. And you can’t export sys_call_table, again for security reasons. But then, how can I filter filesystem requests? I’ll state it simply: I want to hook the “open” function! I don’t want