I am trying to keep track of the process flow in Linux. So far I have added some debugging printk to understand the distribution of pid on the Linux kernel. However, now I want to map the PIDs for the binaries as they are created (or executed).
I know that the way Linux creates processes is to minimize init and then execute exec .. or execute exec directly from init ..
I am trying to track when and where the comm field on the new task_struct . The comm field holds the binary executable. So far, no matter where I try to print the comm field (execept during the context_switch function), all processes always display their name as khelper
I tried intensively debugging the do_execve function, but this does not seem to contain code related to changing the comm field.
Can anyone indicate where and when the comm field is assigned
source share