On a very constrained embedded Linux system, I wish to log all files that are opened/mapped/whatever for read and or write. In other words, all files that are accessed at least once. What would be the best approach? Because of "some" constraints, I would prefer NOT to modify/hack the file system, init scripts and the user-space level... I think that I would prefer to do things in the kernel. Even an insertion of printk in the right functions would be acceptable. If that matters, I'm using an ext3 filesystem.
Answering my own question. Patching the kernel file system driver is a working solution:
char *buf = (char*)__get_free_page(GFP_USER);
char *name = dentry_path_raw(file->f_dentry, buf, PAGE_SIZE);
printk("FILE OPEN read: %d write: %d %s\n", file->f_mode & FMODE_READ, file->f_mode & FMODE_WRITE, name);
free_page((unsigned long)buf);