Relative path to Absolute path in linux kernel

Question

I met some difficulties when I collect args from hooking sys_open and sys_execve.

Both systemcall use filename as first argument, and the argument may be absolute path or relative path. I want to get absolute path whether it's an absolute path or relative path.

Example:

if the filename is "/root/Desktop/../Downloads", i need to change it to "/root/Downloads".

I suppose the OS source code have resolution, but I end up with reading source code of "__link_path_walk".

The function "__link_path_walk" is used to deal with "../" and "./", but it seems that the function don't get absolute path but get final entry (noted in source code). My OS code version is linux-2.6.32-754.el6.

Any help would be appreciated.

Answer 1

I spend 2 days and I have solved the problem, I find the solution in the sys_stat, code below:

int get_absolute_path(const char __user *filename){
struct path path;
int dfd=AT_FDCWD;
char *ret_ptr=NULL;
int error = -EINVAL,flag=0;
unsigned int lookup_flags = 0;
char *tpath=kmalloc(1024,GFP_KERNEL);
if ((flag & ~(AT_SYMLINK_NOFOLLOW | AT_NO_AUTOMOUNT)) != 0)
    goto out;
if (!(flag & AT_SYMLINK_NOFOLLOW))
    lookup_flags |= LOOKUP_FOLLOW;
error = user_path_at(dfd, filename, lookup_flags, &path);
if (error)
    goto out;
ret_ptr = d_path(&path, tpath, 1024);
printk("%s\n",ret_ptr);
kfree(tpath);
return 0;
out:
kfree(tpath);
return error;

}