LinuxQuestions.org - hook the execve system call how to find the file path from the const char _

- Linux - Kernel (https://www.linuxquestions.org/questions/linux-kernel-70/)

- - hook the execve system call how to find the file path from the const char __user* (https://www.linuxquestions.org/questions/linux-kernel-70/hook-the-execve-system-call-how-to-find-the-file-path-from-the-const-char-__user%2A-4175667628/)

danielhaish

01-13-2020 09:34 AM

hook the execve system call how to find the file path from the const char __user*

hi i hooked the execve system call with lkm and when i wrote a code that print alert each time process is been execute it work fine but when i tried to print the file name paramter it crashed my computer

Code:

asmlinkage long our_execl( const char __user* filename, const char __user* const __user* argv,

                    const char __user* const __user* envp )

{

    printk(filename);

    return orignal_execl( filename, argv, envp );

}

jeremy

01-14-2020 08:36 AM

Please post your thread in only one forum. Posting a single thread in the most relevant forum will make it easier for members to help you and will keep the discussion in one place. This thread is being closed because it is a duplicate.

https://www.linuxquestions.org/quest...er-4175667619/

All times are GMT -5. The time now is 02:38 PM.