I am trying to connect a socket system call on linux x86_32. This system call does not exist, but is passed through socketcall.
man socketcall: socketcall() is a common kernel entry point for the socket system calls. call determines which socket function to invoke. args points to a block containing the actual arguments, which are passed through to the appropriate call.
I connected this syscall (__NR_socketcall - 102 on my system, which is also listed at http://docs.cs.up.ac.za/programming/asm/derick_tut/syscalls.html ) with my own function that prints something and after that calls the original function. However, my function is never called. In addition, strace shows that syscall of the socket () is being called.
The main question is: how can I intercept syscalls on linux x86_32?
Subquestion: Why does strace show socket sketches () and not socketcall ()?
Everything works as expected on x86_64, where there is a syscall socket.
source
share