Questions tagged [system-calls]
Questions concerning the details of how a program uses system calls to interact with the kernel API, what calls are available, how they work etc.
393 questions
3
votes
2
answers
85
views
What would be the most reliable way to obtain PID, remote address and port combinations for all connections?
I tried tcp_connect, udp_sendmsg kprobes together on an eBPF program and it worked, but it missed a lot of connections. I couldn't really get any reliable results with other kprobes as well so I tried ...
2
votes
1
answer
37
views
Probing Hardware for Sensor Data with High Frequency (Temperature and CPU clock frequency)
I'm trying to learn how to probe my CPU sensor data. I need at most 1 to 2 ms sampling period. Using hwmon this could be possible for the temperature data.
But so far I only discovered the CPUfreq ...
- 25
3
votes
1
answer
71
views
File acess permissions missing after setuid() system call
I have a file access problem in a self developed daemon process after a setuid() system call. I already post this question to SO but the impression is that the problem is not C++ related but Linux ...
- 33
7
votes
1
answer
557
views
Syscalls required by glibc calls
Are there any lists compiled that provide a list of linux system calls used per function in a standard glibc build?
For example, free() requires mmap, munmap, mprotect, prlimit64, and brk.
If ...
- 73
0
votes
2
answers
313
views
What is the difference between user-space and kernel-space program/application?
I am currently learning about Kernels in operating system and I often come across the terms "user-space applications" and "programs"—especially in the context of the kernel's ...
2
votes
0
answers
62
views
Wrong attributes bitmask in READDIR requests on NFSv4.1
I'm struggling the following problem.
I have an NFS v4.1 mount, where I have a directory with a couple of thousands files. I'm trying to list their names and types. Even with a minimal example program ...
- 21
0
votes
0
answers
61
views
How to trace recvfrom and sendto syscall each time apache2/httpd handle incoming http request?
So, I decided to start learn about system call with strace and want to observe network-related system call on apache2 processes, here's how I attach it:
pidof -s apache2
pstree -sTp <pid-from-pidof&...
- 33
0
votes
1
answer
226
views
How to better understand and reverse-engineer system calls within processes given a specific example
I am very new to linux and as such would appreciate any pointers with respect to understanding system calls and having the ability, knowledge and tools to reverse-engineer their origin or their ...
- 1
0
votes
0
answers
40
views
BPF program attached to `getname` won't get called when calling the `renameat2` syscall
I'm fiddling with a BPF program that needs to attach to the two "getname" functions that are being called from the renameat2 syscall, defined in linux/fs/namei.c as:
SYSCALL_DEFINE5(...
1
vote
0
answers
40
views
Retrieving the process descriptor during syscall
In Linux, there is a per-process kernel stack that stores at the bottom of it (or top if the stack grows upwards) a small struct named thread_info, which in turn points to the task_struct of the ...
1
vote
2
answers
567
views
Is systemd the first process that runs in user mode in linux?
I know that switching from user mode to kernel mode occurs continuously via system calls. My question is if systemd is the exact point during the starting of a linux system where the first ...
- 11
0
votes
0
answers
688
views
Running find on NFS mount much slower on RHEL8 vs RHEl7
I'm in the process of replacing some RHEL7 NFS server/client systems with RHEL8 systems, performing the same functions.
On the RHEL8 NFS client, I noticed running a find command on the NFS mount, is ...
10
votes
1
answer
2k
views
What is the rationale for the change of syscall calling convention in new Linuxes?
Quoting from https://www.kernel.org/doc/Documentation/process/adding-syscalls.rst:
At least on 64-bit x86, it will be a hard requirement from v4.17
onwards to not call system call functions in the ...
- 29.7k
6
votes
1
answer
2k
views
Does mmap() update the page table after every page fault?
Based on my research on mmap(), I understand that mmap uses demand paging to copy in data to the kernel page cache only when the virtual memory address is touched, through page fault.
If we are ...
- 63
6
votes
1
answer
407
views
getdents() syscall appears to be returning different results within a container
I'm trying to read what type of file /dev/null is. If I use stat() it reports correctly that it's a character device.
If I use getdents(), it also reports that it's a character device - unless I run ...
- 63