| 发明名称 |
MECHANISM FOR INTERPOSING ON OPERATING SYSTEM CALLS |
| 摘要 |
A method for interposing on operating system calls in a host is provided. The method includes patching an operating system kernel function, the patching comprising adding a first pointer that invokes an agent function, the patching performed by an agent. The method includes executing the agent function, responsive to a system call stub calling the operating system kernel function, which invokes the agent function via the first pointer, wherein at least one action of the method is performed by a processor of a host having an operating system. |
| 申请公布号 |
US2016132365(A1) |
申请公布日期 |
2016.05.12 |
| 申请号 |
US201414539634 |
申请日期 |
2014.11.12 |
| 申请人 |
Vormetric, Inc. |
发明人 |
PAN Feng;Sudarsan Sri |
| 分类号 |
G06F9/54 |
主分类号 |
G06F9/54 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method for interposing on operating system calls in a host, comprising:
patching an operating system kernel function that is in a portion of memory distinct from a system call vector table, the patching comprising overwriting a portion of the operating system kernel function in the portion of the memory to add a first pointer that invokes an agent function, the patching performed by an agent without the agent patching the system call vector table; and executing the agent function, responsive to a system call stub calling the operating system kernel function, which invokes the agent function via the first pointer, wherein at least one action of the method is performed by a processor of a host having an operating system. |
| 地址 |
San Jose CA US |
