I developed a custom system call to log killed processes. A C program kills the process and it invokes the custom system call, passes the process ID of the killed process and then the system call will print out the killed process's ID to the kernel's log. Here I'm just passing a dummy to test if the system call writes to the kernel log. The system call's number in the system call table is 329.
Below is my system call
#include <linux/kernel.h> asmlinkage long sys_killa(char* proc_id) { printk("The process %s has been killed", proc_id); return 0; } This is my C program to call my custom system call.
#include <stdio.h> #include <linux/kernel.h> #include <sys/syscall.h> #include <unistd.h> int main() { char proc_id[5] = "3219"; long int sys = syscall(329, proc_id); printf("System call sys_killa returned %ld\n", sys); return 0; } Running the C program simply prints "Killed" in the terminal. Running the program again crashes my virtual machine. Nothing is printed out in the kernel log when I check using dmesg utility. What am I doing wrong?
copy_from_user()etc.; see existing syscalls for proper approach. Better yet, don't pass a string, pass a process ID (apid_t).