From 71612ad3919baa250f6139ade300bdbb5f228bb9 Mon Sep 17 00:00:00 2001
From: Lorenz Stechauner <lorenz.stechauner@necronda.net>
Date: Tue, 5 Aug 2025 14:59:41 +0200
Subject: [PATCH] thesis: Add Understanding the Linux Kernel

---
 thesis/src/01.introduction.tex | 2 ++
 thesis/src/99.intercept.bib    | 9 +++++++++
 2 files changed, 11 insertions(+)

diff --git a/thesis/src/01.introduction.tex b/thesis/src/01.introduction.tex
index 9b7bdd2..3b52273 100644
--- a/thesis/src/01.introduction.tex
+++ b/thesis/src/01.introduction.tex
@@ -44,10 +44,12 @@ Intercepting calls to functions would one allow to see the name of the function,
 In contrast to functions, system calls are calls to the kernel itself.
 Many operations on a modern operating system require special privileges, which a simple user-space process does not have.
 By invoking a system call, the (user-space) process hands control over to the (privileged) kernel and requests an operation to be performed.
+\cite[Chapter~10]{linuxkernel}
 
 How exactly these system calls work is architecture and system specific.
 But generally, the process places the system call number, and its arguments in defined registers and then executes a special system call opcode.
 Then the kernel executes the requested operation and places the return value inside another register, and lastly hands the execution back to the process.
+\cite[Chapter~10]{linuxkernel}
 
 Intercepting calls to system calls would one allow to see the system call number, arguments and return value.
 One has to keep in mind, that many system-related functionalities are not in fact translated to system calls one-to-one.
diff --git a/thesis/src/99.intercept.bib b/thesis/src/99.intercept.bib
index d3d290e..91661e8 100644
--- a/thesis/src/99.intercept.bib
+++ b/thesis/src/99.intercept.bib
@@ -46,6 +46,15 @@
     publisher = {O'Reilly},
     url = {https://litux.nl/mirror/networksecuritytools/0596007949/toc.html},
 }
+@book{linuxkernel,
+    author = {Daniel P. Bovet and Marco Cesati},
+    title = {Understanding the Linux Kernel},
+    subtitle = {From I/O Ports to Process Management},
+    edition = {3rd},
+    date = {November 2005},
+    isbn = {978-0-596-00565-8},
+    publisher = {O'Reilly},
+}
 @manual{gcc,
     title = {Using the GNU Compiler Collection (GCC)},
     url = {https://gcc.gnu.org/onlinedocs/gcc/index.html},