According to Linux Kernel's doc:
bprm_check_security: This hook mediates the point when a search for a binary handler will begin. It allows a check against thebprm->cred->securityvalue which was set in the precedingcreds_for_execcall. Theargvlist andenvplist are reliably available inbprm. This hook may be called multiple times during a singleexecve.bprmcontains thelinux_binprmstructure.
However, the value of argv and envp (e.g. bprm->mm->arg_start) are actually NULL at this point. This is due to the fact these values are setup in setup_arg_pages is called after the hook. Also, the current struct still points to the old process thus it cannot be used to get these data.
So my question is: Is the documentation incorrect or is there an alternate way to reliably get the arguments at this point?
Side note: I know that this post already asks a quite similar question but I don't think it's a duplicate since this post asks a way to get argv from bprm_check_security, while I think that might not be possible thus I ask a confirmation that the issue comes from the doc. Additionally, no correct answer were given to this post.
