[panda-users] System calls
Julia Gustafsson
gustafssonjulia92 at gmail.com
Thu Feb 25 14:34:32 EST 2016
Thank you. However, I'm still confused how to use it, in the example it
says :
"$PANDA_PATH/x86_64-softmmu/qemu-system-x86_64 -replay foo -panda
syscalls2:profile=windows7_x86 -panda filedreadmon"
What is "-panda filedreadmon" ?
Best Regards,
Julia
2016-02-25 20:08 GMT+01:00 Brendan Dolan-Gavitt <brendandg at nyu.edu>:
> This is the job of the syscalls2 plugin API, which lets you register
> callbacks for individual system calls. You can also use the
> on_all_sys_enter callback to intercept *every* system call.
>
> The syscalls2 USAGE page has more details:
>
>
> https://github.com/moyix/panda/blob/master/qemu/panda_plugins/syscalls2/USAGE.md
>
> One thing that does not (yet) exist is something that registers every
> syscall callback and then prints the arguments (like strace in Linux
> does). I believe someone is currently working on doing this for Linux,
> but the plugin isn't finished yet and hasn't been committed.
>
> On Thu, Feb 25, 2016 at 1:18 PM, Julia Gustafsson
> <gustafssonjulia92 at gmail.com> wrote:
> > Hello,
> >
> > I have been looking through all the existing plugins, but haven't found
> any
> > way to get a list of the system calls made by either the whole system or
> by
> > certain processes. Does any plugin like that exist?
> >
> > Best Regards,
> > Julia
> >
> > _______________________________________________
> > panda-users mailing list
> > panda-users at mit.edu
> > http://mailman.mit.edu/mailman/listinfo/panda-users
> >
>
>
>
> --
> Brendan Dolan-Gavitt
> Assistant Professor, Department of Computer Science and Engineering
> NYU Tandon School of Engineering
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/panda-users/attachments/20160225/556f7687/attachment.html
More information about the panda-users
mailing list