Menu
kernel: 3.4+
Does anyone know of any other way beside using kernel process events connector to "listen" to new forks.
I want to be simply notified in my module every time a new task (process) is created.
534
You could try to use a LSM hook to do this. The function you want to implement is security_task_create
117
I don't know about the state of SystemTap but I think you can do a function boundary tracing like DTrace on Solaris using SystemTap. You'd need to know which linux kernel function to trace though, but that's the simpler part I presume.
32
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
