Last active
May 28, 2017 22:07
-
-
Save le4ker/2190428 to your computer and use it in GitHub Desktop.
Get absolute executable process path in Linux kernel
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <linux/err.h> | |
char *exe_from_mm(const struct mm_struct *mm, char *buffer, int length) | |
{ | |
char *p = NULL; | |
struct vm_area_struct *vma; | |
if(mm == NULL) | |
{ | |
return NULL; | |
} | |
down_read(&mm->mmap_sem); | |
vma = mm->mmap; | |
while(vma) | |
{ | |
if((vma->vm_flags & VM_EXECUTABLE) && vma->vm_file) | |
{ | |
break; | |
} | |
vma = vma->vm_next; | |
} | |
if (vma && vma->vm_file) | |
{ | |
p = call_d_path(vma->vm_file, buffer, length); | |
if(IS_ERR(p)) | |
{ | |
up_read(&mm->mmap_sem); | |
return NULL; | |
} | |
} | |
up_read(&mm->mmap_sem); | |
return p; | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment