Getting a process' EIP address (and other registers)

[Hanson, Jonathan M]

	I have written a 2.4 kernel module that is triggered upon an
IOCTL from a user application. Once triggered the kernel module dumps
out the contents of the system memory and the x86 CPU architecture state
to separate files.
	I'm writing to the list because my method for getting registers
from the user process before it entered the kernel is producing
incorrect results. I've looked all through the kernel code and searched
all over the web for an answer to this specific question and found
nothing relevant.
	In my research how to do this I've found that the stack pointer
for the user process before it entered the kernel is stored in
current->thread.esp0. From there the registers for the user process are
stored at offsets from that location (for example, EIP is supposed to be
0x28 unsigned char bytes from esp0). I have code to get the EIP as
follows:

unsigned char *stack_address, *eip;

stack_address = (unsigned char *)(current->thread.esp0);
eip = stack_address + 0x28;
printk("eip = %08lx\n", *(unsigned long *)eip);

Like I mentioned this is producing incorrect results. How do I access
the user process' general purpose registers contents as they were before
the kernel was entered (or correct my code above if I'm accessing
something wrong)?
	Thanks in advance for any help offered.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/