Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
334 views
in Technique[技术] by (71.8m points)

File path or file descriptor for ARM execute system call

I would like to retrieve the name of the executable file when an ARM "execute" system call is performed at runtime.

It may help to know how an "execute" system call is translated in ARM assembly. I would know the register where the file name is stored and retrieve it at runtime.

Thanks

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

This example illustrates a simple use of execu in ARMv7.

Assumes you have a simple file contain some text to sort.

The man page indicates that placement of the pointer to the executable. In my example "/bin/sh" is the executable.

So you are looking for an array structure pointer at R0.

NAME
       execve - execute program

SYNOPSIS
       #include <unistd.h>

       int execve(const char *filename, char *const argv[],
                  char *const envp[]);

DESCRIPTION
       execve() executes the program pointed to by filename.  filename must be either a binary executable, or a script starting with a line of the form:

           #! interpreter [optional-arg]

       For details of the latter case, see "Interpreter scripts" below.

       argv  is  an array of argument strings passed to the new program.  By convention, the first of these strings should contain the filename associated with the file being executed.
       envp is an array of strings, conventionally of the form key=value, which are passed as environment to the new program.  Both argv and envp must be terminated by a null  pointer.
       The argument vector and environment can be accessed by the called program's main function, when it is defined as:

           int main(int argc, char *argv[], char *envp[])

       execve() does not return on success, and the text, data, bss, and stack of the calling process are overwritten by that of the program loaded.

Sample code:

.data
        _filename:      .string "/bin/sh"
        arg0:           .string "/bin/sh"
        arg1:           .string "-c"
        arg2:           .string "sort -n myfile.txt"
        args:
                .word arg0
                .word arg1
                .word arg2
.text
        .global  main
main:
        bl _work

_work:
        push {lr}
        mov r7, #11             // execve syscall
        ldr r0,=_filename
        ldr r1,=args
        svc #0
        pop {pc}

Simple text file:

  $ cat myfile.txt
        9
        1
        5
        233
        5
        6
        723
        91
        0
        3
        2
        4576
        557
        6
        353
        3553

output example:

 $ ./simple_exec
0
1
2
3
5
5
6
6
9
91
233
353
557
723
3553
4576

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...