Home/ Questions/Q 7490855
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-29T15:46:42+00:00

purpose:i want to limit the times that a task can make syscall. so,i add

  • 0

purpose:i want to limit the times that a task can make syscall.
so,i add a variable,noexec_count,in the task_struct in the file:
include/linux/sched.h,like:

int exec_count;/*inserted by KaiwingHo line:861*/

by the way,exec_count’s default value is -1,it means there will no limit for the syscall.And when i set a postive integer,it means how many times a task can make the syscall.And 0 means the syscall will never been made by a task.

From above,u know,i should set the default value,-1,to the every task’s exec_count.
And i do this,in the file,kernel/fork.c:
method copy_process():

p->pid = pid;
    p->exec_count=-1;/*line:929inserted by KaiwingHo;the value of noexec shows how many times one task can be called
    by method exec();default value is -1;and so on*/
    retval = -EFAULT;

And as i know,every syscall will finally comes to the method,do_execve() in the file,fs/exec.c.So,i add the following in this method,like:

/**
 * inserted by KaiwiiHo
 * the usage of the noexec is shown in sched.h line:695
 */
if(!current->exec_count)
goto out_ret;
if(current->exec_count > 0)
current->exec_count--;

And finally i add my own syscall,like:
/**
* inserted by KaiwiiHo
* set the value of the task’s noexec
*
*/

asmlinkage long sys_noexec(int times)
{
    int ret=current->exec_count;
    if(ret>=-1)
    current->exec_count=times;
    return ret;
}

Everything,like recompile and also reboot,runs ok.
So,i take a test,like:

#include <stdio.h>
#include <sys/types.h>
#include <linux/unistd.h>
#include </usr/include/errno.h>

#define __NR_noexec 294

_syscall1(long,noexec,int,times);

int main()
{
    int ret;
    ret=noexec(0);
    printf("exec_count=%d\n",ret);
    int pid;
    pid=fork();
    if(pid>0)
    {
        int val;
        val=noexec(0);
        printf("val:noexec=%d.\n",val);
        int i;
        i=5;

        if(i=fork()>0)
            printf("i can fork()!\n");

    }

    return 0;
}

And the output is:

exec_count=-1
exec_count=-1
val:noexec=0.
exec_count=-1
val:noexec=0.
i can fork()!

According the output,i think that the syscall,noexec() definitely take effects.And the task’s exec_count has been revised.But,the fork()can also been called.So i wonder that i can not limit the time.And i wonder whether what i add in the do_exeve() method does not take effect.
Anyone can show me why?thx

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    And as I know,every syscall will finally comes to the method
    do_execve() in the file fs/exec.c.

    This is incorrect.

    Only the execve() syscall ends up here.

    • 0