I suspect we should implement the pre- and post- hooks in pyda_core, and filter syscall events in the Python wrapper. If the overhead is too substantial, then we can implement a simple version of the filter that just checks the syscall number against a list of registered events.
Proposed API:
# Syscall hooks use the same signature as regular hooks
p.pre_syscall(syscall_num, hook)
p.post_syscall(syscall_num, hook)
This should support multiple hooks for a single syscall, but that support can be provided by the Python wrapper.
Dynamorio supports syscall hooks:
I suspect we should implement the pre- and post- hooks in pyda_core, and filter syscall events in the Python wrapper. If the overhead is too substantial, then we can implement a simple version of the filter that just checks the syscall number against a list of registered events.
Proposed API:
This should support multiple hooks for a single syscall, but that support can be provided by the Python wrapper.