RE: how to know system call number

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Just study the code in entry.S, the first code which executes at system
call is as follows, you need to trap this code and check the eax
register here, the value of eax will give you the system call number.

ENTRY(system_call)
        pushl %eax                      # save orig_eax
        SAVE_ALL
        GET_CURRENT(%ebx)
        testb $0x02,tsk_ptrace(%ebx)    # PT_TRACESYS
        jne tracesys
        cmpl $(NR_syscalls),%eax
        jae badsys

<Trap it here ...... check the eax register here, you will get the right
system call number>

        call *SYMBOL_NAME(sys_call_table)(,%eax,4)
        movl %eax,EAX(%esp)             # save the return value
ENTRY(ret_from_sys_call)

Cheers !!
Gaurav
 


-----Original Message-----
From: kernelnewbies-bounce@xxxxxxxxxxxx
[mailto:kernelnewbies-bounce@xxxxxxxxxxxx] On Behalf Of cvraman
Sent: Wednesday, September 29, 2004 11:38 AM
To: kernelnewbies@xxxxxxxxxxxx
Subject: how to know system call number

hi all,

     I came to know that eax register contains the system call number
when it
is calling system call but when I am printing the eax register using
ptrace
utility by monitoring another process, I am getting some random numbers
in
sequence like 107603 107603 107603 2 2 2 2 3 3 3 111111......

Can anybody help me how can I exactly know what are the various system
calls
invoked by a process ?

thanx in advance,

c.v.raman


		
_______________________________
Do you Yahoo!?
Declare Yourself - Register online to vote today!
http://vote.yahoo.com

--
Kernelnewbies: Help each other learn about the Linux kernel.
Archive:       http://mail.nl.linux.org/kernelnewbies/
FAQ:           http://kernelnewbies.org/faq/



--
Kernelnewbies: Help each other learn about the Linux kernel.
Archive:       http://mail.nl.linux.org/kernelnewbies/
FAQ:           http://kernelnewbies.org/faq/



[Index of Archives]     [Newbies FAQ]     [Linux Kernel Mentors]     [Linux Kernel Development]     [IETF Annouce]     [Git]     [Networking]     [Security]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux SCSI]     [Linux ACPI]
  Powered by Linux