2009/1/29 Frédéric Weisbecker <fweis...@gmail.com>: > 2009/1/29 Ingo Molnar <mi...@elte.hu>: >>> >>> Several people talked me about utrace and gave some examples about it in >>> this discussion. The Api is very convenient to fetch syscall numbers, >>> arguments and return values. And the hooks are done in the generic core >>> code, so it is arch independent. >>> >>> The only drawback I can see is that it is not yet merged upstream, in >>> need of in-kernel users. If it only depends on this condition, we could >>> be these users... >>> >>> What do you think? >> >> sure - how do the minimal bits/callbacks look like which enable syscall >> tracing? >> >> Ingo > > > There is a very straightforward example provided by Ananth in there: > http://lkml.org/lkml/2009/1/28/59 >
One other drawback may be the fact that utrace will be traced by the function tracers... adding some junk on their traces. But I guess this is just a matter of some patches to make it not traced. BTW, there is an interesting proof of concept there: http://lkml.org/lkml/2009/1/27/294
