mov eax , cr0
or eax , 0x01
mov cr0 , eax

back to months list

Project : Research on Multi-platform System Call Table

Journal Entry Date : 2024.07.11

2024.07.10
2024.07.11
2024.07.12
 >

Today I have a very good idea of solving all the nasty argument problems in just one simple solution. You just differ the system call entry for each program.

See, just like we thought of switching the system call table, we switch the system call entry on the context switching. Now then we need :

  1. The field for the entry function pointer in the interface structure
  2. The function that switches the system call entry in the interface structure

This is just a very rough implementation of that : 

struct sys_call_interface_func_container {
    uint64_t system_call_entry_ptr;
    uint64_t (*switch_system_call_entry)(uint64_t new_entry);
};

..And we just add this structure to the TCB's system call interface.

What we need to do is implement the switch_system_call_entry() function and call the switch_system_call_entry() function from the next task's TCB in the context switching process.

But just as the prior attempt of switching the global system call table in the context switching, this attempt was unsuccessful. I think I have something that I am not understanding correctly about a context switching in Linux kernel, but I believe that there exists something more than just switching the task's context from the previous task to next task. There is a some kind of discrepency between theory and reality :/

(Because this journal is written far after July) I do not have the images or stuff of the implementation of this failed attempt, but this is a crude recreation of how I tried to implement this flawed system back then :

First, I just simply implemented the switch_system_call_entry() function : 

void default_switch_system_call_entry(uint64_t new_entry) {
	wrmsrl(MSR_LSTAR, (unsigned long)new_entry);
}

Second, I just added the code that calls the switching function in the context switching code : 

static __always_inline struct rq *
context_switch(struct rq *rq, struct task_struct *prev,
	       struct task_struct *next, struct rq_flags *rf)
{
    ...
    (struct sys_call_interface *)(next->system_call_interface_ptr)->interface_functions->switch_system_call_entry(
        (struct sys_call_interface *)(next->system_call_interface_ptr)->interface_functions->system_call_entry_ptr
    );

It failed of course.. but if I have more time to investigate I want to dive deeper into this context switching stuffs.

Now I gotta think about other ways that can achieve the switching of the system call entry.