Hi...
I am trying to collect the user state of the process inside a new system
call which I am trying to implement. I need to collect the following
values
inside the kernel.
1. The user stack pointer.
2. The values of the registers before the system call was attempted.
I can't give you code snippet, but have you check entry.S files ? such
as in arch/i386/kernel/entry.S? There, at about the top of the file,
you'll see these:
* Stack layout in 'ret_from_system_call':
* ptrace needs to have all regs on the stack.
* if the order here is changed, it needs to be
* updated in fork.c:copy_process, signal.c:do_signal,
* ptrace.c and ptrace.h
*
* 0(%esp) - %ebx
* 4(%esp) - %ecx
* 8(%esp) - %edx
* C(%esp) - %esi
* 10(%esp) - %edi
* 14(%esp) - %ebp
* 18(%esp) - %eax
* 1C(%esp) - %ds
* 20(%esp) - %es
* 24(%esp) - %gs
* 28(%esp) - orig_eax
* 2C(%esp) - %eip
* 30(%esp) - %cs
* 34(%esp) - %eflags
* 38(%esp) - %oldesp
* 3C(%esp) - %oldss
%esp points to the current stack pointer, which is kernel mode stack
pointer (since we are talking in kernel context). So using a right
offset, you can get oldesp (the user mode stack pointer). Assuming you
don't use something like 4:4 VM split, we live on the same flat memory
segment so IMO you don't need to check for oldss .
Another registers you need should be easily derived from the same offset
calculation.
good luck....
regards,
Mulyadi
--
To unsubscribe from this list: send an email with
"unsubscribe kernelnewbies" to ecartis@xxxxxxxxxxxx
Please read the FAQ at http://kernelnewbies.org/FAQ
