On Thu Jul 07, 2005 at 15:50:13 -0400, Andrew Davenport wrote:
But I want this capability to be built into the kernel (l4 microkernel), and I would rather not use 3rd party packages. Right now Im logging in Thread::do_send. I get the trap state as such:
Trap_state *ts = (Trap_state*)_utcb_handler;
from there i get: Unsigned32 intNo = ts->err >> 3; and Unsigned32 eax = ts->eax, and so on for ebx, etc...
I am simply looking for an easy to filter out non-linux-syscalls so I only pay attention to linux syscalls. I think intNo gets changed somehow bc checking if (intNo == 80) does not log anything!
The exception was an int80 if ts->trapno == 0xd and ts->err = 0x402
So this goes like this:
if (ts->trapno == 0xd && ts->err == 0x402) { /* int $0x80 exception */ Mword syscall_nr = ts->eax;
Mword param1 = ts->ebx; Mword param2 = ts->ecx; Mword param3 = ts->edx; Mword param4 = ts->esi; Mword param5 = ts->edi; Mword param6 = ts->ebp;
/* log something... */
}
How to do the logging itself is another issue. You're probably best off using the kernel provided stuff, like defining yourself a logging function for the trace buffer. Depends what you want to do with that data.
Adam