直接使用系统调用
来源:互联网 发布:淘宝网太极女服 编辑:程序博客网 时间:2024/05/05 14:45
网上有很多文档介绍如何添加自定义的系统调用的,说的都特别详细,但是定义好自定义的系统调用后,察看新生成的内核符号表System.map中也出现了自己定义的系统调用,但是在编写用户程序进行测试时,发现问题了:
_syscall0--_syscall6宏在linux/unistd.h中没有了。致使用户测试程序没法进行。
我查阅了内核源码和Changelogs,发现在Linux2.6.19.1中这些宏还在,如下:
#include <linux/err.h>/* * user-visible error numbers are in the range -1 - -MAX_ERRNO: see * <asm-i386/errno.h> */#define __syscall_return(type, res) /do { / if ((unsigned long)(res) >= (unsigned long)(-MAX_ERRNO)) { / errno = -(res); / res = -1; / } / return (type) (res); /} while (0)/* XXX - _foo needs to be __foo, while __NR_bar could be _NR_bar. */#define _syscall0(type,name) /type name(void) /{ /long __res; /__asm__ volatile ("int $0x80" / : "=a" (__res) / : "0" (__NR_##name)); /__syscall_return(type,__res); /}#define _syscall1(type,name,type1,arg1) /type name(type1 arg1) /{ /long __res; /__asm__ volatile ("push %%ebx ; movl %2,%%ebx ; int $0x80 ; pop %%ebx" / : "=a" (__res) / : "0" (__NR_##name),"ri" ((long)(arg1)) : "memory"); /__syscall_return(type,__res); /}#define _syscall2(type,name,type1,arg1,type2,arg2) /type name(type1 arg1,type2 arg2) /{ /long __res; /__asm__ volatile ("push %%ebx ; movl %2,%%ebx ; int $0x80 ; pop %%ebx" / : "=a" (__res) / : "0" (__NR_##name),"ri" ((long)(arg1)),"c" ((long)(arg2)) / : "memory"); /__syscall_return(type,__res); /}#define _syscall3(type,name,type1,arg1,type2,arg2,type3,arg3) /type name(type1 arg1,type2 arg2,type3 arg3) /{ /long __res; /__asm__ volatile ("push %%ebx ; movl %2,%%ebx ; int $0x80 ; pop %%ebx" / : "=a" (__res) / : "0" (__NR_##name),"ri" ((long)(arg1)),"c" ((long)(arg2)), / "d" ((long)(arg3)) : "memory"); /__syscall_return(type,__res); /}#define _syscall4(type,name,type1,arg1,type2,arg2,type3,arg3,type4,arg4) /type name (type1 arg1, type2 arg2, type3 arg3, type4 arg4) /{ /long __res; /__asm__ volatile ("push %%ebx ; movl %2,%%ebx ; int $0x80 ; pop %%ebx" / : "=a" (__res) / : "0" (__NR_##name),"ri" ((long)(arg1)),"c" ((long)(arg2)), / "d" ((long)(arg3)),"S" ((long)(arg4)) : "memory"); /__syscall_return(type,__res); /} #define _syscall5(type,name,type1,arg1,type2,arg2,type3,arg3,type4,arg4, / type5,arg5) /type name (type1 arg1,type2 arg2,type3 arg3,type4 arg4,type5 arg5) /{ /long __res; /__asm__ volatile ("push %%ebx ; movl %2,%%ebx ; movl %1,%%eax ; " / "int $0x80 ; pop %%ebx" / : "=a" (__res) / : "i" (__NR_##name),"ri" ((long)(arg1)),"c" ((long)(arg2)), / "d" ((long)(arg3)),"S" ((long)(arg4)),"D" ((long)(arg5)) / : "memory"); /__syscall_return(type,__res); /}#define _syscall6(type,name,type1,arg1,type2,arg2,type3,arg3,type4,arg4, / type5,arg5,type6,arg6) /type name (type1 arg1,type2 arg2,type3 arg3,type4 arg4,type5 arg5,type6 arg6) /{ /long __res; / struct { long __a1; long __a6; } __s = { (long)arg1, (long)arg6 }; /__asm__ volatile ("push %%ebp ; push %%ebx ; movl 4(%2),%%ebp ; " / "movl 0(%2),%%ebx ; movl %1,%%eax ; int $0x80 ; " / "pop %%ebx ; pop %%ebp" / : "=a" (__res) / : "i" (__NR_##name),"0" ((long)(&__s)),"c" ((long)(arg2)), / "d" ((long)(arg3)),"S" ((long)(arg4)),"D" ((long)(arg5)) / : "memory"); /__syscall_return(type,__res); /}
但是到了Linux2.6.20,这些宏就没有定义了。Changelog中有说是Remove these macros.原因是这些宏会导致系统安全漏洞,网上也有利用此漏洞的例子。
那我们以后自定义系统调用后如何调用呢?我将这些宏加入程序程序后,发现可以很好的运行。
下面是一个例子:
#include <stdio.h>#include <linux/unistd.h> #include <linux/err.h>/* * user-visible error numbers are in the range -1 - -MAX_ERRNO: see * <asm-i386/errno.h> */#define __syscall_return(type, res) /do { / if ((unsigned long)(res) >= (unsigned long)(-MAX_ERRNO)) { / errno = -(res); / res = -1; / } / return (type) (res); /} while (0)/* XXX - _foo needs to be __foo, while __NR_bar could be _NR_bar. */#define _syscall0(type,name) /type name(void) /{ /long __res; /__asm__ volatile ("int $0x80" / : "=a" (__res) / : "0" (__NR_##name)); /__syscall_return(type,__res); /}#define _syscall1(type,name,type1,arg1) /type name(type1 arg1) /{ /long __res; /__asm__ volatile ("push %%ebx ; movl %2,%%ebx ; int $0x80 ; pop %%ebx" / : "=a" (__res) / : "0" (__NR_##name),"ri" ((long)(arg1)) : "memory"); /__syscall_return(type,__res); /}#define _syscall2(type,name,type1,arg1,type2,arg2) /type name(type1 arg1,type2 arg2) /{ /long __res; /__asm__ volatile ("push %%ebx ; movl %2,%%ebx ; int $0x80 ; pop %%ebx" / : "=a" (__res) / : "0" (__NR_##name),"ri" ((long)(arg1)),"c" ((long)(arg2)) / : "memory"); /__syscall_return(type,__res); /}#define _syscall3(type,name,type1,arg1,type2,arg2,type3,arg3) /type name(type1 arg1,type2 arg2,type3 arg3) /{ /long __res; /__asm__ volatile ("push %%ebx ; movl %2,%%ebx ; int $0x80 ; pop %%ebx" / : "=a" (__res) / : "0" (__NR_##name),"ri" ((long)(arg1)),"c" ((long)(arg2)), / "d" ((long)(arg3)) : "memory"); /__syscall_return(type,__res); /}#define _syscall4(type,name,type1,arg1,type2,arg2,type3,arg3,type4,arg4) /type name (type1 arg1, type2 arg2, type3 arg3, type4 arg4) /{ /long __res; /__asm__ volatile ("push %%ebx ; movl %2,%%ebx ; int $0x80 ; pop %%ebx" / : "=a" (__res) / : "0" (__NR_##name),"ri" ((long)(arg1)),"c" ((long)(arg2)), / "d" ((long)(arg3)),"S" ((long)(arg4)) : "memory"); /__syscall_return(type,__res); /} #define _syscall5(type,name,type1,arg1,type2,arg2,type3,arg3,type4,arg4, / type5,arg5) /type name (type1 arg1,type2 arg2,type3 arg3,type4 arg4,type5 arg5) /{ /long __res; /__asm__ volatile ("push %%ebx ; movl %2,%%ebx ; movl %1,%%eax ; " / "int $0x80 ; pop %%ebx" / : "=a" (__res) / : "i" (__NR_##name),"ri" ((long)(arg1)),"c" ((long)(arg2)), / "d" ((long)(arg3)),"S" ((long)(arg4)),"D" ((long)(arg5)) / : "memory"); /__syscall_return(type,__res); /}#define _syscall6(type,name,type1,arg1,type2,arg2,type3,arg3,type4,arg4, / type5,arg5,type6,arg6) /type name (type1 arg1,type2 arg2,type3 arg3,type4 arg4,type5 arg5,type6 arg6) /{ /long __res; / struct { long __a1; long __a6; } __s = { (long)arg1, (long)arg6 }; /__asm__ volatile ("push %%ebp ; push %%ebx ; movl 4(%2),%%ebp ; " / "movl 0(%2),%%ebx ; movl %1,%%eax ; int $0x80 ; " / "pop %%ebx ; pop %%ebp" / : "=a" (__res) / : "i" (__NR_##name),"0" ((long)(&__s)),"c" ((long)(arg2)), / "d" ((long)(arg3)),"S" ((long)(arg4)),"D" ((long)(arg5)) / : "memory"); /__syscall_return(type,__res); /} #define __NR_mycall 325_syscall1(int,mycall,int,rtvalue) int main(){printf("mycall(100)=%d/n",mycall(100));}
自定义的系统调用原型是
asmlinkage sys_mycall(int number){return number;}
一个open系统调用的例子:
#include <stdio.h>#include <linux/unistd.h>#include <linux/errno.h> #define __NR_myopen __NR_open /* * user-visible error numbers are in the range -1 - -MAX_ERRNO: see * <asm-i386/errno.h> */#define __syscall_return(type, res) \do { \ if ((unsigned long)(res) >= (unsigned long)(-4095)) { \ errno = -(res); \ res = -1; \ } \ return (type) (res); \} while (0) #define _syscall2(type,name,type1,arg1,type2,arg2) \type name(type1 arg1,type2 arg2) \{ \long __res; \__asm__ volatile ("push %%ebx ; movl %2,%%ebx ; int $0x80 ; pop %%ebx" \ : "=a" (__res) \ : "0" (__NR_##name),"ri" ((long)(arg1)),"c" ((long)(arg2)) \ : "memory"); \__syscall_return(type,__res); \} _syscall2(long, myopen, const char *, filename, int, flags)void main(){ int fd = myopen("/home/xx.txt", 3); printf("fd is %d\n", fd);}
由此可见,应用程序的调用相当于直接使用汇编代码进行陷入,库函数相当于对汇编代码进行了封装。
- 直接使用系统调用
- 绕过 libc 直接使用系统调用
- 如何实现使用C/C++直接调用系统默认浏览器?
- linux c/c++ 直接使用底层系统调用效率低
- 使用库函数也有系统调用的开销,为什么不直接使用系统调用呢?
- 在VC中直接调用系统对话框
- Android直接调用系统基本应用
- ios app 直接调用系统设置页面
- Android调用系统直接拨打电话功能
- VS2005 使用AJAX直接调用后台方法
- 不使用代理类直接调用Webservice
- 使用 JDBC API 直接调用存储过程
- 使用js直接调用java中的方法
- 使用AJAX直接调用后台方法
- 使用Matlab直接调用Microview相机接口
- Metasploit使用hash直接登录系统
- Metasploit使用hash直接登录系统
- aws ec2直接使用密码登录系统
- android学习——GestureDetector.OnGestureListener 详解
- 舌尖上的家乡——广东云浮/罗定
- 使用Qt在内存中画图
- PHp引用,函数引用,对象引用
- Android退出程序
- 直接使用系统调用
- LA 3530 Martian Mining
- JSONP:(发js请求)请求script,返回回调函数
- Android权限大全
- 邮件发送实现2
- DataGrid中的链接设置多个参数
- Java读取Excel内容
- 在solaris 10 中网络及远程登录相关设置
- shell vim--处理二进制文本