TRACEHOOK_REPORT_EXE(9) Kernel Internals TRACEHOOK_REPORT_EXE(9)
NAME
tracehook_report_exec - a successful exec was completed
SYNOPSIS
void tracehook_report_exec(struct linux_binfmt * fmt, struct linux_binprm * bprm, struct pt_regs * regs);
ARGUMENTS
fmt
struct linux_binfmt that performed the exec
bprm
struct linux_binprm containing exec details
regs
user-mode register state
DESCRIPTION
An exec just completed, we are shortly going to return to user mode. The freshly initialized register state can be seen and changed in
regs. The name, file and other pointers in bprm are still on hand to be inspected, but will be freed as soon as this returns.
Called with no locks, but with some kernel resources held live and a reference on fmt->module.
Kernel Hackers Manual 2.6. July 2010 TRACEHOOK_REPORT_EXE(9)
