I writing a Linux system call map for the radare2 debugger. This means providing a huge static array mapping system call number to a syscall name name and the number of arguments it takes. This was easy for OpenBSD as the syscall numbers are defined in sys/syscall.h and in a comment above each is the number of args. It was just a matter of writing a script to parse this and throw out the C code for the array.
On linux however, we do not have this luxury. It is easy to get the syscall number from the kernel headers, but how should I get the number of args? The only ideas I have are:
1) Type them in manually. For each and every arch (they vary between arches in linux). All 300+ of the damned things. No way!
2) Parse manual pages.
3) Write a script which tries to call each syscall with 0, 1, 2... args until the program builds. Won't work for varargs, but do syscalls support that?
There has to be a better way. Please help!
strace
(home page) has tables with all this stuff in (see linux/<platform>/syscallent.h
). Source code available in GitHub/strace and GitLab/strace. For example, list of syscalls in x86_64 architecture are in this link.