I am trying to intercept the system calls and print out the value of the arguments, as well as which system call was called. I am thinking to do it by modifying libc code and creating wrappers around the system calls, but I am lost on tracking how the systems called are actually executed and which level to cut in. (e.g. The open.S file generated seems to be defining __sys_open function. How is the open call converted to __sys_open?)
I would like to know if this approach is possible, and some pointers on how I should do it.
P.S. I know about ktrace but it is not exactly what I need. I want to capture the output from user programs in the trace too.
Thanks.
I would like to know if this approach is possible, and some pointers on how I should do it.
P.S. I know about ktrace but it is not exactly what I need. I want to capture the output from user programs in the trace too.
Thanks.