system call number
Mulyadi Santosa
mulyadi.santosa at gmail.com
Sun Feb 27 10:36:37 EST 2011
Hi..
On Sun, Feb 27, 2011 at 20:41, mohit verma <mohit89mlnc at gmail.com> wrote:
> hi all,
> suppose a process has invoked some system call and cpu runs the system call
> .how can i find out the system call number (invoked) related to that process
> in kenrel space?
Untested idea:
check the related process' kernel stack....specificly the first stack
frame. Then cross check it with information from
http://lxr.linux.no/linux+v2.6.37.2/arch/x86/kernel/entry_32.S or your
related arch.
the upper most comment written there will show the meaning of each
values saved in that stack frame. Then what you need to do is just
locate where EAX is...
I think that's one of the ways....probably there are more....
--
regards,
Mulyadi Santosa
Freelance Linux trainer and consultant
blog: the-hydra.blogspot.com
training: mulyaditraining.blogspot.com
More information about the Kernelnewbies
mailing list