Keeping track of called syscalls in real-time
valdis.kletnieks at vt.edu
valdis.kletnieks at vt.edu
Wed Jun 28 17:19:10 EDT 2017
On Wed, 28 Jun 2017 17:48:15 -0300, Ben Mezger said:
> Can the kernel keep track of all the system calls that were called by an
> application/module in real-time?
> I know I can statically use strace, or even gdb, but I am looking for a
> solution in real time when the application/module is already running and
> the user has no control over it.
What actual problem are you trying to solve by having the information?
How "real-time" does it have to be?
Have you looked at the syscall audit facility?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 486 bytes
Desc: not available
Url : http://lists.kernelnewbies.org/pipermail/kernelnewbies/attachments/20170628/15f0c2f0/attachment.bin
More information about the Kernelnewbies
mailing list