I'm trying to reverse-engineer a user-mode shared object that interacts with a kernel driver via ioctl syscalls. I have a header file with definitions for the kernel driver's ioctl interface (i.e. #defines for ioctl command numbers, and struct definitions for the various data sent to ioctl).
I see that strace has the ability to de-reference user pointers that are passed into system calls, but it obviously can't de-reference my custom structs that are passed into ioctl. Is there an easy way to add my definitions to strace so that I can get meaningful data being passed into ioctl, rather than just a pointer address?
I have the source for strace and have successfully compiled/installed it, but all of my attempts to include my own header have had no effect.
The strace build doesn't automatically introspect structures and generate parsers for them -- you'll have to write some code to handle your structures.