Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to obtain Linux syscall name from the syscall number?

Tags:

c

linux

system-calls

I need to translate Linux syscall number into human-readable name. With kernel 2.6.32, I was extracting the names from _NR* macros in /usr/include/asm/unistd_32.h, which was hacky but it worked. Now I need to make it work on kernel 3.2.0 and this file is no longer there.

What is the least hacky and most portable way of mapping the Linux syscall number into human-readable name? E.g. 1->exit, 6->close etc.

like image 806
Grzegorz Jakacki Avatar asked Apr 23 '14 15:04

Grzegorz Jakacki

People also ask

What is syscall number?

syscall() is a small library function that invokes the system call whose assembly language interface has the specified number with the specified arguments.

Where are Linux syscalls defined?

Actual code for system_call entry point can be found in /usr/src/linux/kernel/sys_call. S Actual code for many of the system calls can be found in /usr/src/linux/kernel/sys. c, and the rest are found elsewhere.

What is a Linux syscall?

As the name suggests, syscalls are system calls, and they're the way that you can make requests from user space into the Linux kernel. The kernel does some work for you, like creating a process, then hands control back to user space.

Where is system call number stored?

In assembly language, a system call looks almost exactly like a function call. Arguments are passed to the system call using the general purpose registers and the stack as needed. The main difference is that the system call number is stored into the %rax register.

1 Answers

The file <sys/syscall.h> defines a lot of SYS_ macros (indirectly through bits/syscall.h on my system). For example:

#define SYS_eventfd __NR_eventfd
#define SYS_eventfd2 __NR_eventfd2
#define SYS_execve __NR_execve
#define SYS_exit __NR_exit
#define SYS_exit_group __NR_exit_group
#define SYS_faccessat __NR_faccessat

Is this what you are looking? I am not sure if this is part of your question, but then you can do:

switch(code) {
#define syscode_case(x) case x: return #x;
    syscode_case(SYS_eventfd);
    syscode_case(SYS_eventf2);
}

You still need to know what are the available macros, but you do not need to know the actual value.

Edit:

My source is the man 2 syscall, which states:

#include <sys/syscall.h>`   /* For SYS_xxx definitions
like image 118
André Puel Avatar answered Nov 15 '22 11:11

André Puel
Sign in to Comment

Related questions

Multi-threading with long linked-list
C: Data structures alignment
gdb - get variable name of register
Use strtok in a for loop
C11 compiler conformance comparison
Multiprocessing on Android
What is a simple example of using Pango to render text into an image using a FreeType font?
per-task data structure in linux kernel module
Public 3270 server [closed]
Is it possible to implement a Java Interface in C or C++ using JNI?
Memory map shows more RAM than physically available
Float Returns 0
Format strings and using %n to overwrite memory address with specific value
Solve Number Puzzle with C and Java
double casting in c
How can I manually increment an instruction pointer from a context?
Compile several static libraries into a single iOS Framework
MKL or BLAS routine to multiply vector by a scalar out-of-place
impossible to write on stack (stack overflow)
What does the Parameter superb in LAPACKE_dgesvd(..) mean?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!