How System Call Works [closed] - linux

Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 3 years ago.
Improve this question
I was studying system calls from my operating systems course until this image appeared and I couldn't exactly understand its content.
Can anyone explain to me what is going on in user space and kernel space?

I try to Explain the mechanism of a system call to answer to your question:
When a System call is invoked a software interrupt is raised in user space ( or better in user mode ).
At this point, ever in user mode, the state of the user program is saved into memory.
After that there is the transaction in the kernel mode ( or kernel space ) to handle the interrupt, and return the value to the user space.
Then ,in user mode, the state of the running user program is restored from memory and the execution goes ahead.
I leave you a complete description of system call in this link : Kernel System Call

Related

Create user inside a syscall [closed]

Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 5 years ago.
Improve this question
Is it possible to create an user, just like the useradd command does, inside a system call on Linux kernel?
I saw somewhere that syscalls cannot use the exec family, is it true?
Inside the kernel, users are identified by their ID (a number), and this is the only information that the kernel knows about a user.
As far as the kernel is concerned, users do no need to be created: to make a process have a different user, just call setuid() with a different number.
The mapping between user IDs and other information (name, home directory, etc.) is done entirely in user space. And that the user information is stored in files like /etc/passwd is just a convention; there are systems that use users differently (e.g. Android gives each app its own user ID).
If you really want to execute a user-mode program, call call_usermodehelper().

How can I create a new process in Linux Kernel? [closed]

Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 7 years ago.
Improve this question
How I can create a new process in the Linux kernel?
Because the function fork could not be implemented in the kernel... Then as How I can create a new process in the Kernel?
Thx.
In-kernel process can be created using kthread_create (or kthread_run, which is similar to kthread_create, but also starts the thread).
User-space program can be called using call_usermodehelper.
Creating generic user-space process in the kernel is discouraged (and actually unclear).

Will the Nest API support reading the state of the system? [closed]

Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 8 years ago.
Improve this question
The API doesn't give any information on the state of the HVAC system, i.e. heating, cooling, fan. Will this be added in the future?
You can determine the cooling/heating mode using the "hvac_mode" property (https://developer.nest.com/documentation/api#hvac_mode), and "fan_timer_active" to check if the fan timer is running. You can also query the target properties, starting with "target_temperature_f" (https://developer.nest.com/documentation/api#target_temperature_f)
No, HVAC mode isn't the same as HVAC state. My system could be in cooling mode but not actively making a call for cooling. If you know the swing value you can guess based on the difference between set point and actual temp but that really isn't reliable.
Presumably this might be to prevent replication of existing Nest functionality?

What is a Kernel Space Shellcode? and How can we debug it? [closed]

Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 9 years ago.
Improve this question
Im a beginner in Linux and exploitation things.. and I'm trying to figure out what is a kernel space shellcode and how can we debug it .. Thanks in advance =)
Shellcode are machine code instructions contained in data. They are used when exploiting buffer overrun and other vulnerabilities that cause the data you supply to be copied over existing code, or allow you to set a return address to a buffer filled with your shellcode.
Debugging kernel mode shellcode would require a kernel debugger. Place a breakpoint in the vulnerable kernel code, perform your exploit, and single step as control transfers to the shellcode.

What happens? The output or the process linux,registers [closed]

Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 8 years ago.
Improve this question
What happens if you try to step into (si), the sysenter instruction?
In order to answer this question, you need to understand how si works.
How could it work? There are two ways I can think of:
either the debugger must set a (temporary) breakpoint on the next
instruction, or
the debugger modifies processor state such that the processor will execute one instruction and stop (aka single-step).
Option 1. is complicated, because the instruction could be an indirect jump, e.g. CALL (%eax), or a RET, and so the debugger might have to go to significant trouble to understand what that next instruction is.
All debuggers I am familiar with use option 2.
Now you can probably explain what you observe when you si over a sysenter (or a syscall, or a int80) instruction. The only other thing you need to know is that the kernel can't possibly allow the single-step mode once sysenter switches to the kernel mode (or else your entire system will freeze).

Resources