Abstract
Many contemporary operating systems utilize a system call interface between the operating system and its clients. Increasing numbers of systems are providing low-level mechanisms for intercepting and handling system calls in user code. Nonetheless, they typically provide no higher-level tools or abstractions for effectively utilizing these mechanisms. Using them has typically required reimplementation of a substantial portion of the system interface from scratch, making the use of such facilities unwieldy at best.
This paper presents a toolkit that substantially increases the ease of interposing user code between clients and instances of the system interface by allowing such code to be written in terms of the high-level objects provided by this interface, rather than in terms of the intercepted system calls themselves. This toolkit helps enable new interposition agents to be written, many of which would not otherwise have been attempted. This toolkit has also been used to construct several agents including: system call tracing tools, file reference tracing tools, and customizable filesystem views. Examples of other agents that could be built include: protected environments for running untrusted binaries, logical devices implemented entirely in user space, transparent data compression and/or encryption agents, transactional software environments, and emulators for other operating system environments.
This paper was originally printed in Proceedings of the 14th ACM Symposium on Operating Systems Principles, pages 80–93. Asheville, NC, December, 1993 ©1993 ACM
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
M. Accetta, R. Baron, D. Golub, R. Rashid, A. Tevanian, and M. Young. Mach: A new kernel foundation for UNIX development. In Proc. Summer 1986 USENIX Technical Conference and Exhibition, June 1986.
Apple Computer, Inc. Macintosh System Software User’s Guide Version 6.0, 1988.
AT&T, Customer Information Center, P.O. Box 19901, Indianapolis, IN 46219. System V Interface Definition, Issue 2, 1986.
AT&T. Unix System V Release 4.0 Programmer’s Reference Manual, 1989.
Robert V. Baron, David Black, William Bolosky, Jonathan Chew, Richard P. Draves, David B. Golub, Richard F. Rashid, Avadis Tevanian, Jr., and Michael Wayne Young. Mach Kernel Interface Manual. Carnegie Mellon University School of Computer Science, August 1990.
Brian N. Bershad and C. Brian Pinkerton. Watchdogs: Extending the unix filesystem. In Winter Usenix Conference Proceedings, Dallas, 1988.
D. G. Bobrow, J. D. Burchfiel, D. L. Murphy, and R. S. Tomlinson. TENEX, a paged time sharing system for the PDP-10. Communications of the ACM, 15(3):135–143, March 1972.
D. R. Brownbridge, L. F. Marshall, and B. Randell. The Newcastle Connection, or UNIXes of the world unite! Software — Practice and Experience, 12:1147–1162, 1982.
David R. Cheriton. The V distributed system. Communications of the ACM, 31(3):314–333, March 1988.
F. W. Clegg, G. S.-F. Ho, S. R. Kusmar, and J. R. Sontag. The HP-UX operating system on HP Precision Architecture computers. Hewlett-Packard Journal, 37(12):4–22, December 1986.
David S. H. Rosenthal. Evolving the vnode interface. In USENIX Conference Proceedings, pages 107–118. USENIX, June 1990.
Digital Equipment Corporation. DECSYSTEM-20 Monitor Calls Reference Manual, January 1978.
Digital Equipment Corporation. ULTRIX Reference Pages, Section 2 System Calls, 1989.
D. Eastlake, R. Greenblatt, J. Holloway, T. Knight, and S. Nelson. ITS 1.5 reference manual. Memorandum no. 161, M.I.T. Artificial Intelligence Laboratory, July 1969. Revised form of ITS 1.4 Reference Manual, June 1968.
S. I. Feldman. Make — a program for maintaining computer programs. Software — Practice and Experience, 9(4):255–265, 1979.
David Golub, Randall Dean, Alessandro Forin, and Richard Rashid. Unix as an application program. In Summer Usenix Conference Proceedings, Anaheim, June 1990.
Richard G. Guy, John S. Heidemann, Wai Mak, Thomas W. Page, Jr., Gerald J. Popek, and Dieter Rothmeier. Implementation of the Ficus replicated file system. In USENIX Conference Proceedings, pages 63–71. USENIX, June 1990.
John S. Heidemann. Stackable layers: an architecture for file system development. Master’s thesis, University of California, Los Angeles, July 1991. Available as UCLA technical report CSD-910056.
J. H. Howard, M. L. Kazar, S. G. Menees, D. A. Nichols, M. Satyanarayanan, R. N. Sidebotham, and M. J. West. Scale and performance in a distributed file system. ACM Transactions on Computer Systems, 6(1), February 1988.
N. C. Hutchinson and L. L. Peterson. Design of the x-kernel. In Proceedings of the SIGCOMM’ 88 Symposium, pages 65–75, Stanford, CA, August 1988.
Michael B. Jones. Inheritance in unlikely places: Using objects to build derived implementations of flat interfaces. In Proceedings of the Third International Workshop on Object Orientation in Operating Systems, Paris, September 1992.
Michael B. Jones. Transparently Interposing User Code at the System Interface. PhD thesis, Carnegie Mellon University, September 1992. Available as Technical Report CMU-CS-92-170.
J.J. Kistler and M. Satyanarayanan. Disconnected operation in the coda file system. ACM Transactions on Computer Systems, 10(1), February 1992.
Philip Koch and David Gelhar. DTSS System Programmer’s Reference Manual. Dartmouth College, Hanover, NH, November 1986. Kiewit Computation Center TM059.
Samuel J. Leffler, Marshall Kirk McKusick, Michael J. Karels, and John S. Quarterman. The Design and Implementation of the 4.3BSD UNIX Operating System. Addison-Wesley, October 1990.
Paul R. McJones and Garret F. Swart. Evolving the unix system interface to support multithreaded programs. Research Report 21, Digital Equipment Corporation, Systems Research Center, September 1987.
M. K. McKusick, W. N. Joy, S. J. Leffler, and R. S. Fabry. A fast file system for unix. ACM Transactions on Computer Systems, 2(3), August 1984.
Microsoft Corporation. Microsoft Windows User’s Guide, 1987.
Microsoft Corporation. Microsoft MS-DOS Operating System version 5.0 User’s Guide and Reference, 1991.
Lily B. Mummert and M. Satyanarayanan. Efficient and portable file reference tracing in a distributed workstation environment. To be published as a Carnegie Mellon University School of Computer Science technical report, June 1992.
Peter Norton Computing, Incorporated. The Norton Utilities for the Macintosh. 1990.
Now Software, Inc. Now Utilities: File & Application Management, System Management, and System Extensions, 1990.
R. P. Parmelee, T. I. Peterson, C. C. Tillman, and D. J. Hatfield. Virtual storage and virtual machine concepts. IBM Systems Journal, 11(2):99–130, 1972.
Michael O. Rabin and J. D. Tygar. An integrated toolkit for operating system security. Technical Report TR-05-87, Harvard University Center for Research in Computing Technology, Cambridge, MA, May 1987. Revised August 1988.
R. F. Rashid and G. Robertson. Accent: A communication oriented network operating system kernel. In Proceedings of the 8th Symposium on Operating Systems Principles, pages 64–75, December 1981.
Brian K. Reid and Janet H. Walker. SCRIBE Introductory User’s Manual. UNI-LOGIC, Ltd., third edition, May 1980.
Salient Software, Inc. DiskDoubler User’s Manual, 1991.
M. Satyanarayanan, J. J. Kistler, P. Kumar, M. E. Okasaki, E. H. Siegel, and D. C. Steere. Coda: A highly available file system for a distributed workstation environment. IEEE Transactions on Computers, 39(4), April 1990.
Stac Electronics, Inc. Stacker 2.1 User Guide, 1992.
Richard M. Stallman. Using and Porting GNU CC, for version 1.37. Free Software Foundatation, Inc., 1990.
J. E. Stoy and C. Strachey. OS6 — an experimental operating system for a small computer. Part 1: General principles and structure. Computer Journal, 15(2):117–124, May 1972.
J. E. Stoy and C. Strachey. 0S6 — an experimental operating system for a small computer. Part 2: Input/output and filing system. Computer Journal, 15(3):195–203, August 1972.
Howard Ewing Sturgis. A postmortem for a time sharing system. Xerox Research Report CSL-74-1, Xerox Palo Alto Research Center, January 1974.
Sun Microsystems, Inc. SunOS Reference Manual, May 1988. Part No. 800-1751-10.
Symantec Corporation. The Norton AntiVirus, 1991.
Symantec Corporation. Symantec AntiVirus for Macintosh, 1991.
Robert H. Thomas. A resource sharing executive for the ARPANET. In Proceedings of the AFIPS National Computer Conference, volume 42, pages 155–163, June 1973.
Robert H. Thomas. JSYS traps — a Tenex mechanism for encapsulation of user processes. In Proceedings of the AFIPS National Computer Conference, volume 44, pages 351–360, 1975.
Trend Micro Devices, Incorporated. PC-cillin Virus Immune System User’s Manual, 1990.
D. Walsh, B. Lyon, G. Sager, J. M. Chang, D. Goldberg, S. Kleiman, T. Lyon, R. Sandberg, and P. Weiss. Overview of the sun network filesystem. In Winter Usenix Conference Proceedings, Dallas, 1985.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1999 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Jones, M.B. (1999). Interposition Agents: Transparently Interposing User Code at the System Interface. In: Vitek, J., Jensen, C.D. (eds) Secure Internet Programming. Lecture Notes in Computer Science, vol 1603. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-48749-2_16
Download citation
DOI: https://doi.org/10.1007/3-540-48749-2_16
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-66130-6
Online ISBN: 978-3-540-48749-4
eBook Packages: Springer Book Archive