1. Field of the Invention
The present invention relates generally to data processing, and more particularly but not exclusively to system calls and antivirus.
2. Description of the Background Art
Computer operating systems are well known. Generally speaking, an operating system is a program that manages computer resources and other programs, which are referred to as “application programs.” A kernel is the core of the operating system and provides basic services for all other components of the operating system and application programs. Application programs and the kernel employ different and distinct regions of computer memory. Application programs are user-level programs and accordingly run in user space of the memory. On the other hand, the kernel runs in kernel space of the memory, which is generally restricted to kernel operations.
Generally speaking, a system call provides an interface to a kernel service, which may involve a low-level operation typically reserved for the kernel. Application programs may invoke a system call using the C programming language library, for example. References to system calls may be stored in a system call table, which may be thought of as an array containing the addresses of all available system calls. In UNIX-like operating systems, the address of the system call table is typically included in the so-called “system.map,” which is a text file generated after the kernel is compiled and linked. Application programs that need access to system calls may thus examine system.map to determine the address of the system call table. Unfortunately, some operating systems no longer include the address of the system call table in system.map, thereby preventing these application programs from operating properly.