Advanced and improved absolute paths decoding

eQuiNoX equinox.71717171 at gmail.com
Tue Mar 4 13:16:16 UTC 2014 

On Mon, Mar 3, 2014 at 6:26 PM, Dmitry V. Levin <ldv at altlinux.org> wrote:
> On Mon, Mar 03, 2014 at 10:52:48AM +0530, Zubin Mithra wrote:
>> >> I believe that the first step would be to document and note down the system
>> >> calls that belong to one or more of the above categories and their system
>> >> call numbers, and if the -yy flag is used, check the tcp->scno against
>> >> these numbers and act accordingly.
>> >>
>> >> Is there something I'm missing? I'd love any kind of feedback!
>> >
>> > You probably don't need to care about tcp->scno to implement -yy mode.
>>
>> Just a little something I'd like to clarify -- did you mean I should
>> use tcp->s_ent->sys_name instead? Just to make sure I'm not terribly
>> misunderstanding something. :)
>
> The way how strace decodes each syscall is, shortly speaking, this:
> 1. take a syscall number (tcp->scno);
> 2. filter out those syscalls that should not be decoded;
> 3. call the handler assigned for the syscall (tcp->s_ent->sys_func).
>
> At the point of syscall decoding where absolute paths decoding should
> be implemented, the syscall handler is already called, so neither
> tcp->scno nor tcp->s_ent->sys_func is required for decoding.
>
> Only when you are changing syscall filtering algorithms you may need
> to know scno/sys_func in advance.
>
> Just have a look at the code. :)

Already on it, thanks heaps Dmitry !

>
>
> --
> ldv
>
> ------------------------------------------------------------------------------
> Subversion Kills Productivity. Get off Subversion & Make the Move to Perforce.
> With Perforce, you get hassle-free workflows. Merge that actually works.
> Faster operations. Version large binaries.  Built-in WAN optimization and the
> freedom to use Git, Perforce or both. Make the move to Perforce.
> http://pubads.g.doubleclick.net/gampad/clk?id=122218951&iu=/4140/ostg.clktrk
> _______________________________________________
> Strace-devel mailing list
> Strace-devel at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/strace-devel
>

More information about the Strace-devel mailing list