<div dir="auto">Hello,<div dir="auto"><br></div><div dir="auto">I came across the function: <span style="font-family:inherit;font-size:inherit;font-style:inherit;font-variant-ligatures:inherit;font-variant-caps:inherit;font-weight:inherit;background-color:rgb(240,240,240)">call_usermodehelper </span></div><div dir="auto"><span style="font-family:inherit;font-size:inherit;font-style:inherit;font-variant-ligatures:inherit;font-variant-caps:inherit;font-weight:inherit;background-color:rgb(255,255,255)">This can be used to invoke exec a binary from the kernel space.</span></div><div dir="auto"><span style="font-family:inherit;font-size:inherit;font-style:inherit;font-variant-ligatures:inherit;font-variant-caps:inherit;font-weight:inherit;background-color:rgb(255,255,255)">It ultimately calls:</span></div><div dir="auto"><span style="background-color:rgb(224,224,224)">call_usermodehelper_exec_async </span></div><div dir="auto"><br></div><div dir="auto">Which internally does: </div><div dir="auto"><span style="font-family:"ubuntu mono",monospace;font-size:0.9em">retval </span><span style="font-family:"ubuntu mono",monospace;font-size:0.9em;color:rgb(102,102,102)">=</span><span style="font-family:"ubuntu mono",monospace;font-size:0.9em"> </span><a href="https://elixir.bootlin.com/linux/v4.7/ident/do_execve" style="font-family:"ubuntu mono",monospace;font-size:0.9em;background-color:rgb(244,246,255);text-decoration-line:none;font-weight:700;border-radius:0.2em">do_execve</a><span style="font-family:"ubuntu mono",monospace;font-size:0.9em;color:rgb(102,102,102)">(</span><a href="https://elixir.bootlin.com/linux/v4.7/ident/getname_kernel" style="font-family:"ubuntu mono",monospace;font-size:0.9em;background-color:rgb(244,246,255);text-decoration-line:none;font-weight:700;border-radius:0.2em">getname_kernel</a><span style="font-family:"ubuntu mono",monospace;font-size:0.9em;color:rgb(102,102,102)">(</span><span style="font-family:"ubuntu mono",monospace;font-size:0.9em">sub_info</span><span style="font-family:"ubuntu mono",monospace;font-size:0.9em;color:rgb(102,102,102)">-></span><a href="https://elixir.bootlin.com/linux/v4.7/ident/path" style="font-family:"ubuntu mono",monospace;font-size:0.9em;background-color:rgb(244,246,255);text-decoration-line:none;font-weight:700;border-radius:0.2em">path</a><span style="font-family:"ubuntu mono",monospace;font-size:0.9em;color:rgb(102,102,102)">),</span><span style="font-family:"ubuntu mono",monospace;font-size:0.9em;color:rgb(102,102,102)">(</span><span style="font-family:"ubuntu mono",monospace;font-size:0.9em;color:rgb(0,136,0)">const</span><span style="font-family:"ubuntu mono",monospace;font-size:0.9em"> </span><span style="font-family:"ubuntu mono",monospace;font-size:0.9em;color:rgb(51,51,153)">char</span><span style="font-family:"ubuntu mono",monospace;font-size:0.9em"> </span><a href="https://elixir.bootlin.com/linux/v4.7/ident/__user" style="font-family:"ubuntu mono",monospace;font-size:0.9em;background-color:rgb(244,246,255);text-decoration-line:none;font-weight:700;border-radius:0.2em">__user</a><span style="font-family:"ubuntu mono",monospace;font-size:0.9em"> </span><span style="font-family:"ubuntu mono",monospace;font-size:0.9em;color:rgb(102,102,102)">*</span><span style="font-family:"ubuntu mono",monospace;font-size:0.9em;color:rgb(0,136,0)">const</span><span style="font-family:"ubuntu mono",monospace;font-size:0.9em"> </span><a href="https://elixir.bootlin.com/linux/v4.7/ident/__user" style="font-family:"ubuntu mono",monospace;font-size:0.9em;background-color:rgb(244,246,255);text-decoration-line:none;font-weight:700;border-radius:0.2em">__user</a><span style="font-family:"ubuntu mono",monospace;font-size:0.9em"> </span><span style="font-family:"ubuntu mono",monospace;font-size:0.9em;color:rgb(102,102,102)">*</span><span style="font-family:"ubuntu mono",monospace;font-size:0.9em;color:rgb(102,102,102)">)</span><span style="font-family:"ubuntu mono",monospace;font-size:0.9em">sub_info</span><span style="font-family:"ubuntu mono",monospace;font-size:0.9em;color:rgb(102,102,102)">-></span><a href="https://elixir.bootlin.com/linux/v4.7/ident/argv" style="font-family:"ubuntu mono",monospace;font-size:0.9em;background-color:rgb(244,246,255);text-decoration-line:none;font-weight:700;border-radius:0.2em">argv</a><span style="font-family:"ubuntu mono",monospace;font-size:0.9em;color:rgb(102,102,102)">,</span><span style="font-family:"ubuntu mono",monospace;font-size:0.9em;color:rgb(102,102,102)">(</span><span style="font-family:"ubuntu mono",monospace;font-size:0.9em;color:rgb(0,136,0)">const</span><span style="font-family:"ubuntu mono",monospace;font-size:0.9em"> </span><span style="font-family:"ubuntu mono",monospace;font-size:0.9em;color:rgb(51,51,153)">char</span><span style="font-family:"ubuntu mono",monospace;font-size:0.9em"> </span><a href="https://elixir.bootlin.com/linux/v4.7/ident/__user" style="font-family:"ubuntu mono",monospace;font-size:0.9em;background-color:rgb(244,246,255);text-decoration-line:none;font-weight:700;border-radius:0.2em">__user</a><span style="font-family:"ubuntu mono",monospace;font-size:0.9em"> </span><span style="font-family:"ubuntu mono",monospace;font-size:0.9em;color:rgb(102,102,102)">*</span><span style="font-family:"ubuntu mono",monospace;font-size:0.9em;color:rgb(0,136,0)">const</span><span style="font-family:"ubuntu mono",monospace;font-size:0.9em"> </span><a href="https://elixir.bootlin.com/linux/v4.7/ident/__user" style="font-family:"ubuntu mono",monospace;font-size:0.9em;background-color:rgb(244,246,255);text-decoration-line:none;font-weight:700;border-radius:0.2em">__user</a><span style="font-family:"ubuntu mono",monospace;font-size:0.9em"> </span><span style="font-family:"ubuntu mono",monospace;font-size:0.9em;color:rgb(102,102,102)">*</span><span style="font-family:"ubuntu mono",monospace;font-size:0.9em;color:rgb(102,102,102)">)</span><span style="font-family:"ubuntu mono",monospace;font-size:0.9em">sub_info</span><span style="font-family:"ubuntu mono",monospace;font-size:0.9em;color:rgb(102,102,102)">-></span><a href="https://elixir.bootlin.com/linux/v4.7/ident/envp" style="font-family:"ubuntu mono",monospace;font-size:0.9em;background-color:rgb(244,246,255);text-decoration-line:none;font-weight:700;border-radius:0.2em">envp</a><span style="font-family:"ubuntu mono",monospace;font-size:0.9em;color:rgb(102,102,102)">);</span></div><div dir="auto"><span style="font-family:"ubuntu mono",monospace;font-size:0.9em;color:rgb(102,102,102)"><br></span></div><div dir="auto">This function works as expected and a new thread is spawned.</div><div dir="auto">Now when I try to directly call do_execve within my module by passing the required arguments, I am getting  -EFAULT error.</div><div dir="auto">This is happening in this function:</div><div dir="auto"><br></div><div dir="auto"><span style="background-color:rgb(224,224,224)">count(argv, MAX_ARG_STRINGS</span>)</div><div dir="auto"><br></div><div dir="auto">What am I missing here?</div><div dir="auto"><br></div><div dir="auto">Thank you</div><div dir="auto">Hemanth</div><div dir="auto"><br></div></div>