From owner-freebsd-hackers Fri Dec 20 19:22:58 2002 Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0B02937B401 for ; Fri, 20 Dec 2002 19:22:56 -0800 (PST) Received: from milla.ask33.net (milla.ask33.net [217.197.166.60]) by mx1.FreeBSD.org (Postfix) with ESMTP id D7EA243EDA for ; Fri, 20 Dec 2002 19:22:53 -0800 (PST) (envelope-from nick@milla.ask33.net) Received: by milla.ask33.net (Postfix, from userid 1001) id C86523ABB63; Sat, 21 Dec 2002 04:22:33 +0100 (CET) Date: Sat, 21 Dec 2002 04:22:33 +0100 From: Pawel Jakub Dawidek To: freebsd-hackers@freebsd.org Subject: Re: Syscall number. Message-ID: <20021221032233.GG11475@garage.freebsd.pl> References: <20021220184337.GD11475@garage.freebsd.pl> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="Ns7jmDPpOpCD+GE/" Content-Disposition: inline In-Reply-To: <20021220184337.GD11475@garage.freebsd.pl> X-PGP-Key-URL: http://garage.freebsd.pl/jules.asc X-OS: FreeBSD 4.7-STABLE i386 User-Agent: Mutt/1.5.1i Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --Ns7jmDPpOpCD+GE/ Content-Type: text/plain; charset=iso-8859-2 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Dec 20, 2002 at 07:43:37PM +0100, Pawel Jakub Dawidek wrote: +> Simple example (from kld module): +>=20 +> sysent[SYS_chmod].sy_call =3D myfunction; +> sysent[SYS_open].sy_call =3D myfunction; +> sysent[SYS_execve].sy_call =3D myfunction; +>=20 +> int +> myfunction(register struct proc *p, register void *uap) +> { +> int syscallno; +>=20 +> syscallno =3D ? +>=20 +> return (0); +> } +>=20 +> How to get syscall number inside myfunction()? +>=20 +> I've always use method used in spy from Andrzej Bialecki: +>=20 +> syscallno =3D p->p_md.md_regs->tf_eax; +>=20 +> for i386 arch. +> But when I catch many syscalls I got false numbers. +> Hmm, not false numbers, one false numer: SYS___syscall (and I don't catc= h it). Ok, I've found solution (ripped from trap.c, ehh). int myfunction(register struct proc *p, register void *uap) { int scno; caddr_t params; scno =3D p->p_md.md_regs->tf_eax; params =3D (caddr_t)p->p_md.md_regs->tf_esp + sizeof(int); if (scno =3D=3D SYS_syscall) { scno =3D fuword(params); params +=3D sizeof(int); } else if (scno =3D=3D SYS___syscall) { scno =3D fuword(params); params +=3D sizeof(quad_t); } /* Now we got correct syscall number in 'scno'. */ [...] return (0); } --=20 Pawel Jakub Dawidek UNIX Systems Administrator http://garage.freebsd.pl Am I Evil? Yes, I Am. --Ns7jmDPpOpCD+GE/ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (FreeBSD) iQCVAwUBPgPeeT/PhmMH/Mf1AQF/6QP+KrmHDMSXMQOPHg21PjDWarnkIJOSiOJv tUgVkuU46ThQ99lxl5BXfqnleayPOzLH5TQZz2LMLrqxh3dZQG1FrTalR8/Ua3Gy Q+06UnWJpk13tU0esaVt7Jw7Q/YDvodwjVd5ySYlvCZybGKdvrdbMfAeRA3vtPC6 V3khK8o6Bjs= =zKOC -----END PGP SIGNATURE----- --Ns7jmDPpOpCD+GE/-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message