| 发明名称 | Mechanism for interposing on operating system calls | ||
| 摘要 | A method for interposing on operating system calls in a host is provided. The method includes patching an operating system kernel function, the patching comprising adding a first pointer that invokes an agent function, the patching performed by an agent. The method includes executing the agent function, responsive to a system call stub calling the operating system kernel function, which invokes the agent function via the first pointer, wherein at least one action of the method is performed by a processor of a host having an operating system. | ||
| 申请公布号 | US9483327(B2) | 申请公布日期 | 2016.11.01 |
| 申请号 | US201414539634 | 申请日期 | 2014.11.12 |
| 申请人 | Vormetric, Inc. | 发明人 | Pan Feng;Sudarsan Sri |
| 分类号 | G06F9/44;G06F9/54 | 主分类号 | G06F9/44 |
| 代理机构 | Womble Carlyle Sandridge & Rice LLP | 代理人 | Womble Carlyle Sandridge & Rice LLP |
| 主权项 | 1. A method for interposing on operating system calls in a host, comprising: patching an operating system kernel function, the patching comprising adding a first pointer that invokes an agent function; executing the agent function, responsive to a system call stub calling the operating system kernel function, which invokes the agent function via the first pointer, the executing comprising; handling a system trap, responsive to an application requesting a system call service;obtaining the system call stub from a system call vector, responsive to the handling the system trap;executing the system call stub, wherein one of a third party process creation function executes code before a process creation stub function, the third party process creation function executes code after the process creation stub function, or no third party process creation function executes code before or after the process creation stub function; andcalling the operating system kernel function from the system call stub. | ||
| 地址 | San Jose CA US | ||