what's the difference/relationship between ptregs_execve and sys_execve

Question

I'm hooking system calls on Linux 2.6.32 x86-32.

However, I find that in the system call table, __NR_execve is pointing to ptregs_execve rather than sys_execve. And, I can't find the function definition of ptregs_execve anywhere.

Can anyone help me clarify the difference or relationship between ptregs_execve and sys_execve? I know for the um architecture, ptregs_execve is defined as sys_execve. How about other architectures?

Yeah. In /arch/um/sys-i386/sys_call_table.S, we can find #define ptregs_execve sys_execve. — user1718039, Nov 02 '12 at 02:17

score 2 · Answer 1 · answered Jun 28 '13 at 15:38

Possibly more helpful:

Note that the macro PTREGSCALL3 is defined in entry_32.S. This defines a shim function that calls sys_##name. This macro is invoked with execve as an argument. So, ptregs_execve is simply a shim that calls sys_execve with the appropriate arguments.

what's the difference/relationship between ptregs_execve and sys_execve

1 Answers1