How to obtain Linux syscall name from the syscall number?

Question

I need to translate Linux syscall number into human-readable name. With kernel 2.6.32, I was extracting the names from _NR* macros in /usr/include/asm/unistd_32.h, which was hacky but it worked. Now I need to make it work on kernel 3.2.0 and this file is no longer there.

What is the least hacky and most portable way of mapping the Linux syscall number into human-readable name? E.g. 1->exit, 6->close etc.

Answer 1

The file <sys/syscall.h> defines a lot of SYS_ macros (indirectly through bits/syscall.h on my system). For example:

#define SYS_eventfd __NR_eventfd
#define SYS_eventfd2 __NR_eventfd2
#define SYS_execve __NR_execve
#define SYS_exit __NR_exit
#define SYS_exit_group __NR_exit_group
#define SYS_faccessat __NR_faccessat

Is this what you are looking? I am not sure if this is part of your question, but then you can do:

switch(code) {
#define syscode_case(x) case x: return #x;
    syscode_case(SYS_eventfd);
    syscode_case(SYS_eventf2);
}

You still need to know what are the available macros, but you do not need to know the actual value.

Edit:

My source is the man 2 syscall, which states:

#include <sys/syscall.h>`   /* For SYS_xxx definitions