Follow

How do fds work in the Linux kernel?

Is there a master list of them along with the per process ones?

Can you move one between processes?

Can you replace one in a process?

@gudenau All POSIX systems share the concept of the file descriptor. It is supposed to be an index into the “open file table” for a process. Beyond that, and the fact that file descriptors can be shared between processes using IPC channels, their implementation is unspecified.

Yes, you can replace a file descriptor in a process if you inject code into it (think: use ptrace to spawn code that dlopen()s a DSO with a thread function in it) for such a purpose. But you still need to know which fd.

@SuperFloppies It's pretty easy to find the fd using /proc. I was thinking more on a kernel level, because programs can detect ptrace; no?

@gudenau Well on a kernel level, the only (valid) answer is read the source for the version in question. Remembering that the Linux kernel developers do not care about internal ABI or API compatibility over time, it is the only answer that (correctly) covers all kernel versions.

That said, it should be pretty easy to figure out how to navigate the process table and process descriptor entries once you’re in kernel-land, meaning that yes, such voodoo as you desire should be possible.

@SuperFloppies This is more of an experiment in "I have a stupid idea I want to try" rather than "I have a stupid idea I want to turn into a production program".

That being said, could be used for some fun debugging hooks in addition to ptrace.

Sign in to participate in the conversation
Mastodon for Tech Folks

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!