From owner-freebsd-hackers  Wed Feb 17 15:17:16 1999
Delivered-To: freebsd-hackers@freebsd.org
Received: from shibumi.feralmonkey.org (shibumi.feralmonkey.org [203.41.114.182])
	by hub.freebsd.org (Postfix) with ESMTP id 9E00C1135D
	for <FreeBSD-Hackers@FreeBSD.org>; Wed, 17 Feb 1999 15:17:03 -0800 (PST)
	(envelope-from nick@feralmonkey.org)
Received: from shibumi (shibumi [203.41.114.182])
	by shibumi.feralmonkey.org (Postfix) with ESMTP
	id A64DA780B; Wed, 18 Feb 1998 10:21:22 +1100 (EST)
Date: Wed, 18 Feb 1998 10:21:22 +1100 (EST)
From: <nick@feralmonkey.org>
To: Dan Seguin <dseg@texar.com>
Cc: FreeBSD Hackers <FreeBSD-Hackers@FreeBSD.org>
Subject: Re: LKM - interceptors
In-Reply-To: <Pine.BSF.3.91.990217162004.11281E-100000@pak.texar.com>
Message-ID: <Pine.BSF.4.05.9802181020540.2871-101000@shibumi.feralmonkey.org>
MIME-Version: 1.0
Content-Type: MULTIPART/MIXED; BOUNDARY="0-83345488-887757682=:2871"
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

  This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.
  Send mail to mime@docserver.cac.washington.edu for more info.

--0-83345488-887757682=:2871
Content-Type: TEXT/PLAIN; charset=US-ASCII

See attached.

Nick

On Wed, 17 Feb 1999, Dan Seguin wrote:

> 
> 
> Hi. I'd like to ask if it is possible to write a LKM that would intercept
> certain system calls, (do something), then continue the (original) call. 
> I've looked at the misc LKM and understand moving the sysent, and so on. 
> Is it possible to reindex the sysent for your LKM (in all the places of 
> the system calls that you want to intercept), effectively 
> intercepting a number of system calls (say 3, 4 ,7 etc), then calling the 
> original system calls from oldent?
> 
> 
> The goal of this would be to do something like truss but have it inside 
> of the kernel instead of outside without modifying the kernel (hence the 
> LKM).
> 
> 
>  I hope I've made this clear enough.
> 
> 
> Dan Seguin
> 
> Azure Automata, Inc.
> 
> 
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-hackers" in the body of the message
> 

--0-83345488-887757682=:2871
Content-Type: APPLICATION/octet-stream; name="execve.tar.gz"
Content-Transfer-Encoding: BASE64
Content-ID: <Pine.BSF.4.05.9802181021220.2871@shibumi.feralmonkey.org>
Content-Description: 
Content-Disposition: attachment; filename="execve.tar.gz"

H4sIAEQb6jQAA+1YXWgbVxa+UpTYM6vQlNJS9mVvHZqOHFs/tiUtm9qJY7ut
SWyHyHE2GHcYz1xJU82PmB8nagld0LbUFaWCvvWpeSl9KYTdwm4ppYWWhn0L
yz4Udl8XDH7cfciSgnvu3CtpLFsNCyZllzl4dO+ce+65555z7nfumNwi6haR
NxW1ptm2k1lSaqSsGwQdIeWy2cJUFiOMc8X8vpZRLlfEuFDIZacmsxP5AjAm
i8UcwtmjNGIQ+a6nOBgjS1drPyX3qPH/Ubq0tDI/LRCWBaatiaWrc6Uuo5MW
aVVcXlmaXZ7G2LJNxRLFtG6phq8R/OKmq6VrMDNt1mbEn3s7Ef2X1BfozIHA
H8EacP6L+fzA8z85VczD+Z8qTkzl8pMUC3L5QjEbnf/HQZlRLEIMWNilFO4E
XqTc1aruYvjzbKwR07Zcz1E8gqv2TUwUVzcauGH7Dq4RxyIGVhULbxKsbPou
0eh0vUzHsWYDaHjYhMqCYQjbZexVCXaJ6ju618Bloni+Q1ysbCm6oWwaJJhs
4ZccQi6W5tN41cZ1h2wRy6MzQYVrO55LFZmKoau67bsYEMg3QEnZsU06/6bt
1HSrMgbreMzMYEFigB4Dz0zjXDrYI43rhTJxFAM2WCONtO1UxNGMKJ7uIpzb
cDNeo07cdHWmj113bPUgFx7PPJQN8p59cIS6/1B52PJBvlE7XLmqGMahA4Zd
oXzxtAa13SJ49ZUFeWn25cU5+frK1XlhxCWuYpIRUYSz4Okqhjj7qodhHdmj
8cCjZjZ7TtTB/1Vd04iFpzG894kzc7Ht6BWZ5RObYjb4K3hblq9IEpenvsOj
Y3jL1jU86iv1MUzFHeJtKcb6RioFK0B1kpcWS3MS05DqLQqiIgcrw1Y06aDN
tO9xpaqppcQ3RIH2w0Qch+9FcG/qnlrFUiAqgKyqQKZdvrQkL8iXV2bnfyMK
AmS0BFrJLd31XCnQnwJhQQCjfcfC0sLCbxdLq9RMQdhU7XpDOsPcsl66UeJu
2BjDZ0JOggzVXyd2WdrnRrp7QTg4N+02ZBpnsLrr12A1iBDwApPoTLq+Q5Qa
HQtt5NpyZyvcun2GHGrrIOvCK0BeKb7hUb3MowuLy2uzl8/1ZITbINbxEsiA
AuCEggjn95AY7g8h62wRJ4jl/GLpyuzq3CsSFwoEYHAMh/Ki74WqtnzDoEHu
WtB15P7MrA9OTbo8l+XqFafigiRsHaRhu5BqZek5dlpSOMgnGqLxGQqOLOUE
gQ2fPRu4J5iCpedAr2rWJX98pmzBqRzDI5lN3cq41ZEUPnMGAx/W2lrPbbAs
FTKj8APZvljGwQQK2CMgjRVLC4C2rDuuh2FSAOXAMJUKHCAASHAIm1vR4XTC
kBmMk3KZqB5l+bB9QNlsOhDL8BMQMpGbMtYHKcGhoMYJ9fGZuuyrDtHGZ1RH
pgr5eeOW0+WXFLfWZxnFfxoG4rrYgNOWxou0hDQwn+J6OhwCpV4nUL1BNkB4
KFee7TQw4B0tUoD0DhOnltOAqZDyYatHxvWR4KDdDiLQyc/QoeicNwlSIMgD
lgOpIHt+7uJ9BPSo+599BGsE339TA+9/uWIh27v/Teai+9/jpLdjQ3djCGHo
JuH5hLPvwjOMuvkB6IzQte1/rpVa/nBrIZn7e/NBzBObD+Le9O5Ku91e2/nr
3t5e89vEW197Q39+Embunn9tuPo3UF39Hn52/gjD947/A7rPwrOdvw+/u79s
gwwdDgR33geZ3RPtL56B6dvfv0cerL/6l29C624km7dPxUA/FdhVmg/j3rk3
hebDmJfcvdxuNx8e84q7c+17L0mfgbq1nfNdk4aZSel2aW0nT1d5BmyGfor2
RdZ/MpAefutrfwjejsEbt4DjL2LXJDSuo8Cm62DUtWRzmroP+U/coTv67sIp
tHeccloTXyWg+Zw68YdP0L8+9udbFxPNWwnknWvVE18l6eBQd/CF1sZwa+5U
C927kKD+B9nWlUT5zlMgVt6Ov3v8aei8czG+55/a85N7/vAd6ra9+++Rf6+/
KlMv9eg4PLEB4f4wFsQ1sQ0tLJT4HW9v8PZF3uahPQHtWS5/mr//B3SchL9d
li8nv2TrnfwTYuMmy5uTVdYm6Pcj7DJ5g7+XENO/wvmLXH6ev5/ncqNcb5LL
J1gb0FOh/vN0HthGXT5ObYCWBr9AZeIsp+dC/ljmeU3zbT3EV0P91+jacZao
PpenwX2d839Pj01I/oNQ/yN4Kqo6Iau2WdcNoqWRLMsVy+8yZBXJrPDDCPtq
QXLokoLk7g0TyaFKhGR290JycHVDcvfaAt1stquDHlU5dM8JXjTdrStwvT2Q
DwPwn/4/5yigP6BHfP9PZHOFEP5PwPBUoTAR4f/joKHY2yiM/59xfoT/Ef4P
wv8Yx/9jHP9P9OE/6sP/+AD8j3P8Rxz/4334f6IP/zt7+kWo/2yoj0N9WgsS
HMN/jVhdoGG5EJK5hHp4fh2eX3G+jnr15Vao/y7q1ZcPUK++fIR6NeVT1KsX
f4C2A9ZhDO4C+T6UDsF5pzyECkHoHB68oj+64BxeaPZVF1pDIooooogiiiii
iCKKKKKIIvp/pR8B+BGkYQAoAAA=
--0-83345488-887757682=:2871--


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message