Date: Sun, 03 Dec 2006 12:58:27 +0100 From: Stanislav Ochotnicky <stanislav.ochotnicky@kmit.sk> To: freebsd-hackers@freebsd.org Subject: Re: tracing AND intercepting syscalls? Message-ID: <4572BBE3.7020903@kmit.sk> In-Reply-To: <20061203100714.H40536@fledge.watson.org> References: <4571AA86.1060303@kmit.sk> <20061203100714.H40536@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Robert Watson wrote: > As discussed elsewhere in the thread, ptrace() has a syscall trapping > facility, although I've not used it so can't speak to how well it works. As I mentioned earlier, I didn't find any info about ptrace() syscall trapping facility(PT_SYSCALL, PT_TO_SCE and PT_TO_SCX) because it wasn't in the man nor info page about ptrace(). When I was noticeed about theese interfaces, I checked the source and It looks like it should solve my problem. Maybe the man page should be updated accordingly? > There are patches to add system call entry and exit hooks to the MAC > Framework, but they've not yet been merged. I anticipate that they will > ship in FreeBSD 7.0, and may get MFC'd, depending on schedule, etc. That would be certainly nice, if this could be done at system level. There would be certainly lots of tools that could use this (Dtrace perhaps?) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFFcrvjul7h5FTXf/MRCCjLAJ9wgU4s8Juvu0GXRD8ck1R0gcQ4HACfeSGU QpRT3q9PBBx2I8/9RMJCMkw= =CTRr -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4572BBE3.7020903>