lorenz.stechauner/BSc-Thesis
1
0
Fork 0
Code Activity

thesis: Add Understanding the Linux Kernel

Browse Source
This commit is contained in:
Lorenz Stechauner
2025-08-05 14:59:41 +02:00
parent 42c02c2199
commit 71612ad391
2 changed files with 11 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
thesis/src/01.introduction.tex
View File

@@ -44,10 +44,12 @@ Intercepting calls to functions would one allow to see the name of the function,
In contrast to functions, system calls are calls to the kernel itself. In contrast to functions, system calls are calls to the kernel itself.
Many operations on a modern operating system require special privileges, which a simple user-space process does not have. Many operations on a modern operating system require special privileges, which a simple user-space process does not have.
By invoking a system call, the (user-space) process hands control over to the (privileged) kernel and requests an operation to be performed. By invoking a system call, the (user-space) process hands control over to the (privileged) kernel and requests an operation to be performed.
\cite[Chapter~10]{linuxkernel}
How exactly these system calls work is architecture and system specific. How exactly these system calls work is architecture and system specific.
But generally, the process places the system call number, and its arguments in defined registers and then executes a special system call opcode. But generally, the process places the system call number, and its arguments in defined registers and then executes a special system call opcode.
Then the kernel executes the requested operation and places the return value inside another register, and lastly hands the execution back to the process. Then the kernel executes the requested operation and places the return value inside another register, and lastly hands the execution back to the process.
\cite[Chapter~10]{linuxkernel}
Intercepting calls to system calls would one allow to see the system call number, arguments and return value. Intercepting calls to system calls would one allow to see the system call number, arguments and return value.
One has to keep in mind, that many system-related functionalities are not in fact translated to system calls one-to-one. One has to keep in mind, that many system-related functionalities are not in fact translated to system calls one-to-one.

9
thesis/src/99.intercept.bib
View File

@@ -46,6 +46,15 @@
publisher = {O'Reilly}, publisher = {O'Reilly},
url = {https://litux.nl/mirror/networksecuritytools/0596007949/toc.html}, url = {https://litux.nl/mirror/networksecuritytools/0596007949/toc.html},
} }
@book{linuxkernel,
author = {Daniel P. Bovet and Marco Cesati},
title = {Understanding the Linux Kernel},
subtitle = {From I/O Ports to Process Management},
edition = {3rd},
date = {November 2005},
isbn = {978-0-596-00565-8},
publisher = {O'Reilly},
}
@manual{gcc, @manual{gcc,
title = {Using the GNU Compiler Collection (GCC)}, title = {Using the GNU Compiler Collection (GCC)},
url = {https://gcc.gnu.org/onlinedocs/gcc/index.html}, url = {https://gcc.gnu.org/onlinedocs/gcc/index.html},