Seebs <[email protected]> writes:
>> > I... am really unsure whether it's possible to catch that, because
>> > I really, really, don't want to try to intercept raw syscall()
>> > calls. I don't think that ends well.
>
> Potentially. We rely pretty heavily on the assumption that an *actual*
> syscall can go through.
I think, this would end in implementing architecture dependening
assembly code. E.g. for ARM you can write
----
syscall:
cmp r0, #__NR_renameat2
beq renameat2
ldr r12, _orig_syscall_addr
mov pc, [r9, r12]
_orig_syscall_addr: .word orig_syscall_addr
----
(Untested; the last three lines are probably wrong and try to get the
address of the variable where the original syscall() address has been
stored into).
> Although... Actually, I don't even know if this is an actual syscall.
> This could be an actual glibc wrapper around the syscall interface,
> just like all the others, which is not the *actual* raw syscall or
> whatever, and... I have no idea how often that is or isn't hit.
'ltrace' catches it.
Enrico
--
_______________________________________________
Openembedded-core mailing list
[email protected]
http://lists.openembedded.org/mailman/listinfo/openembedded-core
