A Toolkit for Interposing User Code at the System Interface

Abstract

Many contemporary operating systems utilize a system call interface between the operating system and its clients. Increasing numbers of systems are providing low-level mechanisms for intercepting and handling system calls in user code. Nonetheless, they typically provide no higher-level tools or abstractions for effectively utilizing these mechanisms. Using them has typically required reimplementation of a substantial portion of the system interface from scratch, making the use of such facilities unwieldy at best.I am currently constructing an object-oriented toolkit which substantially increases the ease of interposing user code between clients and instances of the system interface by allowing such code to be written in terms of the high-level objects provided by this interface, rather than in terms of the intercepted system calls themselves. This toolkit helps enable new interposition agents to be written which otherwise would not have been attempted.I am also currently using this toolkit to construct several agents including: protected environments for running untrusted binaries, modified filesystem namespaces, logical devices implemented entirely in user space, transparent network data compression and/or encryption agents, and system call tracing tools. Examples of other interesting agents which could be built include: transactional software environments, and emulators for other operating system environments.