This is the mail archive of the
libc-help@sourceware.org
mailing list for the glibc project.
Re: About hacking libc
- From: Xinyang Ge <xxg113 at cse dot psu dot edu>
- To: "Carlos O'Donell" <carlos at redhat dot com>
- Cc: "Carlos O'Donell" <carlos at systemhalted dot org>, Ángel González <keisial at gmail dot com>, libc-help at sourceware dot org
- Date: Mon, 17 Jun 2013 16:48:42 -0400
- Subject: Re: About hacking libc
- References: <CACY857JO7HoMRQyX1sb1gqR0DzK0PksBy0OPd7awCVbBSVKCPQ at mail dot gmail dot com> <CAE2sS1hv8CU45snKVOSzqYv-J9f4GcVp6v8GyAEg93cSQ=NWow at mail dot gmail dot com> <517EF6C4 dot 5040001 at gmail dot com> <CACY857+juSev+G6GQQdW6L5S4LF+9TWLSD27XDBLYsQz4xCuEg at mail dot gmail dot com> <CAE2sS1h7uE00fQwuUXQF1A2F0sp_K3o798fkR1fi_fZVLhHYgw at mail dot gmail dot com> <CACY857LQCdvfJR4ARuMmCTmqTWAv83JS34cpE5d2mFnUSpEi_Q at mail dot gmail dot com> <51BF6E61 dot 2020807 at redhat dot com>
On Mon, Jun 17, 2013 at 4:15 PM, Carlos O'Donell <carlos@redhat.com> wrote:
> On 06/17/2013 04:05 PM, Xinyang Ge wrote:
>> On Mon, Jun 17, 2013 at 2:39 PM, Carlos O'Donell
>> <carlos@systemhalted.org> wrote:
>>> On Mon, Jun 17, 2013 at 10:33 AM, Xinyang Ge <xxg113@cse.psu.edu> wrote:
>>>> Thanks all. Does anyone know if there is a unified way to catch up all
>>>> open-like library calls?
>>>
>>> Define "all"? All libraries calls from the user's application or all
>>> open calls including those from inside the library?
>>>
>>> If the former, yes, just preload a shared library.
>>>
>>> If the latter, no, but possible with something like System Tap.
>>>
>>> I would be more than happy to see someone work on userspace system tap
>>> probe points for all syscalls.
>>>
>>> Such a probe point would catch everything from within the library in a
>>> unified way.
>>>
>>> Cheers,
>>> Carlos.
>>
>> I mean all library calls that will ultimately call sys_open.
>> Intercepting open library call is not enough because, as you know,
>> there are more functions like fopen which would also call sys_open.
>
> Then you need to instrument the open system call entry point
> from userspace. I would suggest adding a framework to instrument
> the system calls from the glibc side, perhaps using systemtap
> probe points (like we already do for the dynamic loader).
>
> That way you can use systemtap userspace probe points to
> intercept all open syscalls made by a program, manipulate
> the arguments and then continue. You can do this on a per-thread
> basis without halting the entire process and the other threads.
> You can also do this very efficiently.
>
> Cheers,
> Carlos.
>
Thanks. I'll take a look.
Best,
Xinyang
--
Xinyang GE
Department of Computer Science & Engineering
The Pennsylvania State University
Homepage: http://www.cse.psu.edu/~xxg113/