This event has ended. Visit the official site or create your own event on Sched.
October 23-26, 2017 - Prague, Czech Republic
Click Here For Information & Registration
Back To Schedule
Wednesday, October 25 • 11:15 - 11:55
syscall_intercept - A User Space Library for Intercepting System Calls - Krzysztof Czurylo, Intel

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
The syscall_intercept library provides a low-level interface for hooking Linux system calls in user space. This is achieved by disassembling the code of the standard C library, looking for syscall instructions and hot-patching the machine code in a process memory. The syscall_intercept builds on libcapstone - a multi-platform, multi-architecture disassembly framework.
In this talk, we will present the motivation for creating this new tool and the reasons for choosing the libcapstone framework as a foundation for syscall_intercept. We will present an in-depth view on the syscall_intercept design and APIs, its features and limitations, and the problems we had to solve while implementing the library. We will also discuss the potential use cases for syscall_intercept in Linux software development.


Krzysztof Czuryło

Senior Software Engineer, Intel
Krzysztof Czuryło is a Software Architect at Intel, having over 15 years of experience in databases, networking/telecommunication and 3D graphics. For the last three years he is mostly focused on persistent memory programming and algorithms providing effective and fail-safe usage... Read More →

Wednesday October 25, 2017 11:15 - 11:55 CEST
  LinuxCon Tracks
  • Experience Level Any