hi all
i am coding a small module to trace system calls made by programs (i know
about strace/ltrace, but i want something that can trace accross forks and
clones). basically i replace the syscall pointers in the syscall table with
pointers to my functions.
within my module i need to do little things like find the pid of the process
that made the syscall, i/o to a file to dump trace output etc. In user level
programs these things are done with libc calls or lower level UNIX calls
like open, getpid etc. i want to know what how these can be inside a kernel
module. right now i simply set a function pointer to the syscall table's
entry and use that function pointer to make the call. is this ok ? or is
there a better/correct way to do it ?
thanx
srinvas
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
-
Kernelnewbies: Help each other learn about the Linux kernel.
Archive: http://mail.nl.linux.org/kernelnewbies/
IRC Channel: irc.openprojects.net / #kernelnewbies
Web Page: http://www.kernelnewbies.org/
