I am looking to write my first driver. This driver will create a single
character device, which can be opened by any user. The device will
support one ioctl:
long ioctl_syscall(int fd, long syscall, long args[6]);
This is simply equivalent to:
syscall(syscall, args[0], args[1], args[2], args[3], args[4],
args[5], args[6]);
and indeed I want it to behave *identically* to that. That means that
ptracers are notified about the syscall (and given the opportunity to
update its arguments), and that seccomp_bpf filters are applied.
Furthermore, it means that all arguments to the syscall need full
validation, as if they came from userspace (because they do).
Is there an in-kernel API that allows one to invoke an arbitrary syscall
with arguments AND proper ptrace/seccomp_bpf filtering? If not, how
difficult would it be to create one?
Sincerely,
Demi Obenour
_______________________________________________
Kernelnewbies mailing list
[email protected]
https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
