I was trying to read the first syscall argument (stored in x0 register) while ptracing a process on an arm64 CPU, but it's overwritten by the result, and struct user_regs_struct does not contain it. I saw there is an orig_x0 variable in the kernel source (commit:eec4df2/arch/arm64/include/asm/ptrace.h:188). Is there any ways to read it?
Asked
Active
Viewed 103 times
0
SBell6hf
- 31
- 3
-
Hello @SBell6h, "I was trying to read the first syscall argument (stored in x0 register)" -> where are you doing it? in which part of code? From userland or kernel? `struct pt_regs` defines how registers are stored in stack during an exception. You may read `sizeof(struct pt_regs)` bytes from kernel from the top of the stack during the exception, if you're writing kernel code. – MM92x Jan 05 '22 at 02:48
-
Please provide enough code so others can better understand or reproduce the problem. – Community Jan 10 '22 at 10:44