Welcome to the new Linux Foundation Forum!

hook the execve system call what is the const __user parmter and how can i extract the file name

hi i hooked the execve system call and when i told it to print log each time that process been execute it worked fine but when i wanted to print the file name parameter it crashed my computer , how can i find the file exe path of the process or the binary code of it
this is my code
``asmlinkage long our_execl( const char __user* filename, const char __user* const __user* argv,const char __user* const __user* envp )
{`

printk(filename);
return orignal_execl( filename, argv, envp );

}

`

Sign In or Register to comment.