| 摘要 |
A method is provided which includes: facilitating intercepting a system call in user space by setting up signal handler code for executing operations related to the system call, and performing in the executing process, before execution of the system call, a SELF PTRACE request which sets system and self trace flags in the operating system kernel, wherein the self trace flag facilitates self-notifying the executing process whenever the executing process executes the system call; and intercepting the system call, including: verifying by the kernel that the system and self trace flags are set; saving and sending a signal to the signal handler conveying system call information to the user space; starting execution in user space of the signal handler; and at the end of signal handler execution, re-starting execution of the executing process, while providing system call return information to code of the executing process making the system call. |
