syscall-intercept
| Crates.io | syscall-intercept |
| lib.rs | syscall-intercept |
| version | 0.1.0 |
| source | src |
| created_at | 2022-06-23 02:33:41.953992 |
| updated_at | 2022-06-23 02:33:41.953992 |
| description | Userspace syscall intercepting library. |
| homepage | https://github.com/madsys-dev/syscall-intercept-rs |
| repository | https://github.com/madsys-dev/syscall-intercept-rs |
| max_upload_size | |
| id | 611602 |
| size | 649,546 |
Runji Wang (wangrunji0408)
documentation
README
syscall-intercept-rs
A Rust wrapper of pmem/syscall_intercept, a system call intercepting library on x86_64 Linux.
Usage
Install dependencies:
sudo apt install cmake libcapstone-dev
Add the following lines to your Cargo.toml:
[dependencies]
syscall-intercept = "0.1"
Define your syscall hook function:
use syscall_intercept::*;
extern "C" fn hook(
num: isize,
a0: isize,
a1: isize,
a2: isize,
a3: isize,
a4: isize,
a5: isize,
result: &mut isize,
) -> InterceptResult {
...
}
Enable or disable interception:
unsafe { set_hook_fn(hook) };
unsafe { unset_hook_fn() };
Issue syscall without being intercepted:
let ret = unsafe { syscall_no_intercept(libc::SYS_exit as _, 0) };
License
MIT License