Just study the code in entry.S, the first code which executes at system
call is as follows, you need to trap this code and check the eax
register here, the value of eax will give you the system call number.
ENTRY(system_call)
pushl %eax # save orig_eax
SAVE_ALL
GET_CURRENT(%ebx)
testb $0x02,tsk_ptrace(%ebx) # PT_TRACESYS
jne tracesys
cmpl $(NR_syscalls),%eax
jae badsys
<Trap it here ...... check the eax register here, you will get the right
system call number>
call *SYMBOL_NAME(sys_call_table)(,%eax,4)
movl %eax,EAX(%esp) # save the return value
ENTRY(ret_from_sys_call)
Cheers !!
Gaurav
-----Original Message-----
From: kernelnewbies-bounce@xxxxxxxxxxxx
[mailto:kernelnewbies-bounce@xxxxxxxxxxxx] On Behalf Of cvraman
Sent: Wednesday, September 29, 2004 11:38 AM
To: kernelnewbies@xxxxxxxxxxxx
Subject: how to know system call number
hi all,
I came to know that eax register contains the system call number
when it
is calling system call but when I am printing the eax register using
ptrace
utility by monitoring another process, I am getting some random numbers
in
sequence like 107603 107603 107603 2 2 2 2 3 3 3 111111......
Can anybody help me how can I exactly know what are the various system
calls
invoked by a process ?
thanx in advance,
c.v.raman
_______________________________
Do you Yahoo!?
Declare Yourself - Register online to vote today!
http://vote.yahoo.com
--
Kernelnewbies: Help each other learn about the Linux kernel.
Archive: http://mail.nl.linux.org/kernelnewbies/
FAQ: http://kernelnewbies.org/faq/
--
Kernelnewbies: Help each other learn about the Linux kernel.
Archive: http://mail.nl.linux.org/kernelnewbies/
FAQ: http://kernelnewbies.org/faq/
