reverse system calls to communicate with user-space

Questions and Answers about all things *OS (macOS, iOS, tvOS, watchOS)

reverse system calls to communicate with user-space

Postby adam81 » Tue Aug 22, 2017 7:48 am

In the third book (security and insecurity) there's a quote about a medium to communicate with user-space process from kext using reverse system call.

in page 36, it says in relation to kauth that "the logic is left entirely up to the listener, which can even pass the decision logic to a user mode helper (via reverse system call or mach message)..."

I wonder where can I find any demonstration of how to use this methodology and if I can define new such syscalls to fit my needs...

currently I'm using IOSharedDataQueue which is not optimal for my needs since I cannot get the response to the same kernel thread that posted the command (I actually need to poll another shared memory in order to get the response).

Posts: 26
Joined: Mon Jan 25, 2016 9:26 am

Re: reverse system calls to communicate with user-space

Postby morpheus » Tue Aug 22, 2017 10:32 pm

So - define new sys calls - NO. You can't without recompiling kernel.

Otherwise, reverse sys call is when you implement a device driver, and some BSD device node (/dev/foo). An application in user space will read(2) from the device, which is when your driver will block it. When you want to do something in user space, your driver returns data to the calling application (thereby freeing it), then the driver waits for the subsequent write(2) operation. That's when the app writes the result back into the driver, ergo kernel space.

The technique is not at all unique to XNU, and I'm betting you can find some samples (probably for Linux) all over.
Site Admin
Posts: 698
Joined: Thu Apr 11, 2013 6:24 pm

Return to Questions and Answers

Who is online

Users browsing this forum: No registered users and 6 guests