[panda-users] System calls

Brendan Dolan-Gavitt brendandg at nyu.edu
Thu Feb 25 15:44:34 EST 2016 

The filereadmon plugin doesn't actually exist, it's just a
hypothetical plugin that would register callbacks for (for example)
open, read, write, close, etc. and print out information about them.

On Thu, Feb 25, 2016 at 2:34 PM, Julia Gustafsson
<gustafssonjulia92 at gmail.com> wrote:
> Thank you. However, I'm still confused how to use it, in the example it says
> :
> "$PANDA_PATH/x86_64-softmmu/qemu-system-x86_64 -replay foo -panda
> syscalls2:profile=windows7_x86 -panda filedreadmon"
> What is "-panda filedreadmon" ?
>
> Best Regards,
> Julia
>
> 2016-02-25 20:08 GMT+01:00 Brendan Dolan-Gavitt <brendandg at nyu.edu>:
>>
>> This is the job of the syscalls2 plugin API, which lets you register
>> callbacks for individual system calls. You can also use the
>> on_all_sys_enter callback to intercept *every* system call.
>>
>> The syscalls2 USAGE page has more details:
>>
>>
>> https://github.com/moyix/panda/blob/master/qemu/panda_plugins/syscalls2/USAGE.md
>>
>> One thing that does not (yet) exist is something that registers every
>> syscall callback and then prints the arguments (like strace in Linux
>> does). I believe someone is currently working on doing this for Linux,
>> but the plugin isn't finished yet and hasn't been committed.
>>
>> On Thu, Feb 25, 2016 at 1:18 PM, Julia Gustafsson
>> <gustafssonjulia92 at gmail.com> wrote:
>> > Hello,
>> >
>> > I have been looking through all the existing plugins, but haven't found
>> > any
>> > way to get a list of the system calls made by either the whole system or
>> > by
>> > certain processes. Does any plugin like that exist?
>> >
>> > Best Regards,
>> > Julia
>> >
>> > _______________________________________________
>> > panda-users mailing list
>> > panda-users at mit.edu
>> > http://mailman.mit.edu/mailman/listinfo/panda-users
>> >
>>
>>
>>
>> --
>> Brendan Dolan-Gavitt
>> Assistant Professor, Department of Computer Science and Engineering
>> NYU Tandon School of Engineering
>
>



-- 
Brendan Dolan-Gavitt
Assistant Professor, Department of Computer Science and Engineering
NYU Tandon School of Engineering

More information about the panda-users mailing list