Accessing Kernel Data While in a System Call

Edit online

A system call can access data that the calling thread cannot access because system calls execute in the kernel protection domain.

The following are the general categories of kernel data:

  • The ublock or u-block (user block data) structure:

    System calls should use the kernel services to read or modify data traditionally found in the ublock or uthread structures. For example, the system call handler uses the value of the thread’s ut_error field to update the thread-specific errno variable before returning to user mode. This field can be read or set by using the getuerror and setuerror kernel services. The current process ID can be obtained by using the getpid kernel service, and the current thread ID can be obtained by using the thread_self kernel service.

  • Global memory:

    System calls can also access global memory such as the kernel and kernel data regions. These regions contain the code and static data for the system call as well as the rest of the kernel.

  • The stack for a system call:

    A system call routine runs on a protected stack associated with a calling thread, which allows a system call to execute properly even when the stack pointer to the calling thread is invalid. In addition, privileged data can be saved on the stack without danger of exposing the data to the calling thread.

Attention: Incorrectly modifying fields in kernel or user block structures can cause unpredictable results or system crashes.