System Calls COMS W4118

Similar documents
W4118 Operating Systems. Junfeng Yang

The Plan Today... System Calls and API's Basics of OS design Virtual Machines

Operating Systems and Networks

COS 318: Operating Systems

Syscall Proxying - Simulating remote execution Maximiliano Caceres <maximiliano.caceres@corest.com> Copyright 2002 CORE SECURITY TECHNOLOGIES

Under The Hood: The System Call

Project Adding a System Call to the Linux Kernel

Application-Level Debugging and Profiling: Gaps in the Tool Ecosystem. Dr Rosemary Francis, Ellexus

CSC 2405: Computer Systems II

Lecture 7: Machine-Level Programming I: Basics Mohamed Zahran (aka Z)

System Calls and Standard I/O

Last Class: OS and Computer Architecture. Last Class: OS and Computer Architecture

Last Class: OS and Computer Architecture. Last Class: OS and Computer Architecture

Encryption Wrapper. on OSX

64-Bit NASM Notes. Invoking 64-Bit NASM

Operating System Overview. Otto J. Anshus

ELEC 377. Operating Systems. Week 1 Class 3

CHAPTER 6 TASK MANAGEMENT

Return-oriented programming without returns

Assembly Language: Function Calls" Jennifer Rexford!

Overview of Operating Systems Instructor: Dr. Tongping Liu

Hotpatching and the Rise of Third-Party Patches

Andreas Herrmann. AMD Operating System Research Center

Lecture 27 C and Assembly

Kernel comparison of OpenSolaris, Windows Vista and. Linux 2.6

Applying Clang Static Analyzer to Linux Kernel

Computer Architectures

Lecture 5. User-Mode Linux. Jeff Dike. November 7, Operating Systems Practical. OSP Lecture 5, UML 1/33

OS Virtualization Frank Hofmann

Advanced Mac OS X Rootkits. Dino Dai Zovi Chief Scientist Endgame Systems

How do Users and Processes interact with the Operating System? Services for Processes. OS Structure with Services. Services for the OS Itself

Monitoring, Tracing, Debugging (Under Construction)

Process Description and Control william stallings, maurizio pizzonia - sistemi operativi

Operating Systems. Privileged Instructions

Objectives. Chapter 2: Operating-System Structures. Operating System Services (Cont.) Operating System Services. Operating System Services (Cont.

Attacking Obfuscated Code with IDA Pro. Chris Eagle

Security types to the rescue

KVM: Kernel-based Virtualization Driver

N-Variant Systems. Slides extracted from talk by David Evans. (provenance in footer)

OPERATING SYSTEM SERVICES

There s a kernel security researcher named Dan Rosenberg whose done a lot of linux kernel vulnerability research

Operating Systems. Lecture 03. February 11, 2013

Buffer Overflows. Security 2011

Chapter 2: OS Overview

Intel P6 Systemprogrammering 2007 Föreläsning 5 P6/Linux Memory System

sys socketcall: Network systems calls on Linux

umps software development

Laboratorio di Sistemi Operativi Anno Accademico

Instruction Set Architecture

x86 ISA Modifications to support Virtual Machines

CS412/CS413. Introduction to Compilers Tim Teitelbaum. Lecture 20: Stack Frames 7 March 08

Linux Kernel Architecture

Assignment 5: Adding and testing a new system call to Linux kernel

Software Development Tools for Embedded Systems. Hesen Zhang

For a 64-bit system. I - Presentation Of The Shellcode

Automatic Logging of Operating System Effects to Guide Application-Level Architecture Simulation

Jorix kernel: real-time scheduling

CS:APP Chapter 4 Computer Architecture Instruction Set Architecture. CS:APP2e

Jonathan Brossard CTO - P1 Code Security. jonathan@p1sec.com endrazine@gmail.com

Dynamic VM Monitoring using Hypervisor Probes

Stack Overflows. Mitchell Adair

Betriebssysteme KU Security

Outline. Outline. Why virtualization? Why not virtualize? Today s data center. Cloud computing. Virtual resource pool

Hacking Techniques & Intrusion Detection. Ali Al-Shemery arabnix [at] gmail

Operating System Structure

Lecture 22: C Programming 4 Embedded Systems

Operating System Structures

CS3600 SYSTEMS AND NETWORKS

Carnegie Mellon Virtual Memory of a Linux Process Process-specific data structs (ptables, Different for

Off-by-One exploitation tutorial

Chapter 6, The Operating System Machine Level

Computer Systems II. Unix system calls. fork( ) wait( ) exit( ) How To Create New Processes? Creating and Executing Processes

Operating System Organization. Purpose of an OS

CS61: Systems Programing and Machine Organization

Migration of Process Credentials

Example of Standard API

Rootkit: Analysis, Detection and Protection

Kernel Types System Calls. Operating Systems. Autumn 2013 CS4023

System/Networking performance analytics with perf. Hannes Frederic Sowa

Processes, Protection and the Kernel: Mode, Space, and Context

Understanding a Simple Operating System

Microkernels, virtualization, exokernels. Tutorial 1 CSC469

CS161: Operating Systems

Lecture 24 Systems Programming in C

TODAY, FEW PROGRAMMERS USE ASSEMBLY LANGUAGE. Higher-level languages such

Debugging with TotalView

ECS 165B: Database System Implementa6on Lecture 2

Have both hardware and software. Want to hide the details from the programmer (user).

Project No. 2: Process Scheduling in Linux Submission due: April 28, 2014, 11:59pm

Interrupts in Linux. COMS W4118 Prof. Kaustubh R. Joshi hfp://

Operating Systems. 05. Threads. Paul Krzyzanowski. Rutgers University. Spring 2015

CS 377: Operating Systems. Outline. A review of what you ve learned, and how it applies to a real operating system. Lecture 25 - Linux Case Study

User-Mode Linux. Jeff Dike. Abstract. 2 Devices. 1 Introduction

Exceptions in MIPS. know the exception mechanism in MIPS be able to write a simple exception handler for a MIPS machine

Compilers and Tools for Software Stack Optimisation

Embedded Programming in C/C++: Lesson-1: Programming Elements and Programming in C

Sistemi Operativi. Lezione 25: JOS processes (ENVS) Corso: Sistemi Operativi Danilo Bruschi A.A. 2015/2016

Introduction. Figure 1 Schema of DarunGrim2

esrever gnireenigne tfosorcim seiranib

Outline: Operating Systems

Transcription:

System Calls COMS W4118 References: Opera3ng Systems Concepts (9e), Linux Kernel Development, previous W4118s Copyright no2ce: care has been taken to use only those web images deemed by the instructor to be in the public domain. If you see a copyrighted image on any slide and are the copyright owner, please contact the instructor. It will be removed. 1

Address Space Overview Kernel Address Space Process A Process B Process C Processes can t access anything outside address space How do they communicate with outside world? 2

System calls User processes cannot perform privileged opera3ons themselves Must request OS to do so on their behalf by issuing system calls System calls elevate privilege of user process Must ensure kernel is not tricked into doing something a user process should not be doing Must verify every single parameter! 3

Library vs. System Calls C program invoking print() libc library call, which calls write() system call 4

Examples of Windows and Unix System Calls 5

System Call Dispatch How should actual system call be invoked? Program can t see kernel namespace Need hardware support to change privilege level Traps Type of interrupt SoYware interrupts and excep3ons SoYware interrupts ini3ated by programmer Excep3ons occur automa3cally 6

Traps, Interrupts, Excep3ons for(;;) { if (interrupt) { n = get interrupt number call interrupt handler n } fetch next instruction run next instruction } for(;;) { fetch next instruction run next instruction { if (instr == int n ) call interrupt handler n } if (error or interrupt) { n = get error or interrupt type call interrupt handler n } } On x86, int n (n=0:255) calls interrupts n Some interrupts are privileged Can t be called by user mode Others aren t, e.g., syscalls Processor transi3ons to privileged mode when handling interrupt 7

Three kinds of interrupts 8

System call dispatch 1. Kernel assigns system call type a system call number 2. Kernel ini3alizes system call table, mapping system call number to func3ons implemen3ng the system call Also called system call vector 3. User process sets up system call number and arguments 4. User process runs int X (on Linux, X=80h) 5. Hardware switches to kernel mode and invokes kernel s interrupt handler for X (interrupt dispatch) 6. Kernel looks up syscall table using system call number 7. Kernel invokes the corresponding func3on 8. Kernel returns by running iret (interrupt return) 9

Linux System Call Dispatch User mode write(fd, buf, sz) movl NR_write, %eax int 0x80 ret // libc User program kernel mode IDT 0x80 system_call system_call() { sys_call_table[%eax]() } // arch/x86/kernel/entry_32.s sys_call_ table sys_write sys_write( ) { // do real work } // fs/read_write.c To find code for a Linux syscall: hlp://syscalls.kernelgrok.com /arch/x86/kernel/ syscall_table_32.s 10

System call parameter passing Typical methods Pass via registers (e.g., Linux) More parameters than registers? Pass via user- mode stack Complex: user mode and kernel mode stacks Pass via designated memory region Address passed in register 11

Linux System Call Parameter Passing Syscalls with fewer than 6 parameters passed in registers %eax (syscall number), %ebx, %ecx, %esi, %edi, %ebp If 6 or more arguments Pass pointer to block structure containing argument list Maximum size of argument is register size Larger arguments passed as pointers Stub code copies parameters onto kernel stack before calling syscall code (kernel stack, will study later) Use special rou3nes to fetch pointer arguments get_user(), put_user(), copy_to_user(), copy_from_user Include/asm/uaccess.S These func3ons can block. Why? Why use these func3ons? OS must validate system call parameters 12

Linux system call naming conven3on Usually the user- mode wrapper foo() traps into kernel, which calls sys_foo() sys_foo is implemented by DEFINEx(foo, ) Expands to asmlinkage long sys_foo(void) Where x specifies the number of parameters to syscall OYen wrappers to foo() in kernel System call number for foo() is NR_foo arch/x86/include/asm/unistd_32.h Architecture specific All system calls begin with sys_ 13

System Call from Userspace Generic syscall stub provided in libc _syscalln Where n is the number of parameters Example To implement: ssize_t write(int fd, const void *buf, size_t count); Declare: #define NR_write 4 /* Syscall number */ _syscall3(ssize_t, write, int, fd, const void*, buf, size_t count) Usually done in libc for standard syscalls 14

Tracing system calls in Linux Use the strace command (man strace for info) Linux has a powerful mechanism for tracing system call execu3on for a compiled applica3on Output is printed for each system call as it is executed, including parameters and return codes ptrace() system call is used to implement strace Also used by debuggers (breakpoint, singlestep, etc) Use the ltrace command to trace dynamically loaded library calls 15

System Call Tracing Demo pwd ltrace pwd Library calls setlocale, getcwd, puts: makes sense strace pwd System calls execve, open, fstat, mmap, brk: what are these? getcwd, write 16

Interes3ng System Calls brk, sbrk: increase size of program data void* sbrk(int bytes) Accessed through malloc mmap Another way to allocate memory Maps a file into a process s address space Or just grab memory with MAP_ANONYMOUS MAP_PRIVATE or MAP_SHARED 17

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information