1

I already posted the following Question got a solution and moving forward
I am using ptrace to find what all are the arguments that are passed to the system call.
The program is fetching me values in ebx, ecx, edx. Now for a open system call I got the foll

SYSCALL 5: ebx :bf9748af ecx: 00008000 edx: 00000000 /open
SYSCALL 5: ebx :80485b3 ecx: 00000242 edx: 000001b6 /open

I used strace and it magically converts the above like this:

open("test.txt", O_RDONLY|O_LARGEFILE) = 3
open("test.txt", O_RDWR|O_CREAT|O_TRUNC, 0666) = 3

How can I do this manually? Is there any place I can find out the values for O_LARGEFILE?
I searched a lot and came across this But it doesnt have everything. Also tried reading strace code but did not come across the code for this conversion.
If someone can help me out it would be very helpful for me. Also If you know where this is written in strace I want to take a peek at it. Thanks in advance.

Community
  • 1
  • 1
kidd0
  • 731
  • 2
  • 8
  • 25
  • I read the `man 2 open` and found out that open does a bitwise OR but I still did not get the complete picture :( – kidd0 Mar 20 '12 at 07:13
  • what are you trying to do again?? – UmNyobe Mar 20 '12 at 07:19
  • @UmNyobe: I want to know how to convert the `242` value to `O_RDWR | O_CREAT | O_TRUNC` – kidd0 Mar 20 '12 at 07:26
  • @nos: In the man page it told me what all flags you can use like `O_RDWR` etc., But when these are passed in registers the values are long integers. (values in ebx, ecx) etc., I want to interpret the integer values to these flags which is not mentioned there. – kidd0 Mar 20 '12 at 07:28
  • I hope you know those values are not in anyway standardized across linux distributions... – UmNyobe Mar 20 '12 at 07:30
  • @bi0s.kidd0 The values are in the header files. You have to pull out the values from the register and do a bitwise and on each of those flags to check which flags were set. – nos Mar 20 '12 at 07:37
  • @UmNyobe yes they are, the linux kernel holds a stable ABI to user space. – nos Mar 20 '12 at 07:37

2 Answers2

1

O_LARGEFILE is implementation specific and is defined in LSB (Linux Standard Base) as

0100000 (equal to 0x8000) for Linux x86 (in fcntl.h)

See LSB reference:

http://linuxbase.org/navigator/browse/constant.php?cmd=list-by-name&Cname=O_LARGEFILE

O_RDONLY value being 0, O_RDONLY | O_LARGEFILE is then equal to 0x8000.

ouah
  • 142,963
  • 15
  • 272
  • 331
  • Thanks I got it. Sorry the answer was right in front of me. Took some time for me to figure out. Really sry :( – kidd0 Mar 20 '12 at 07:31
1

You can read out those values from this header file:

#define O_ACCMODE      0003
#define O_RDONLY         00
#define O_WRONLY         01
#define O_RDWR           02
#define O_CREAT        0100 /* not fcntl */
#define O_EXCL         0200 /* not fcntl */
#define O_NOCTTY       0400 /* not fcntl */
#define O_TRUNC       01000 /* not fcntl */
#define O_APPEND      02000
#define O_NONBLOCK    04000
#define O_NDELAY    O_NONBLOCK
#define O_SYNC       010000
#define O_FSYNC      O_SYNC
#define O_ASYNC      020000

But the portable way of doing it is by using the macros for those values.

orlp
  • 112,504
  • 36
  • 218
  • 315
  • Ok. Also can you clarify what does the bitwise or in the man page signify? – kidd0 Mar 20 '12 at 07:32
  • i figured out the answer to my prob so accepting :) thanks a lot. If you can clarify on that would help me more in my understanding :D – kidd0 Mar 20 '12 at 07:36