bool drakvuf_get_current_thread_previous_mode( drakvuf_t drakvuf,
uint64_t vcpu_id, const x86_registers_t *regs,
privilege_mode_t *previous_mode )
{
addr_t kthread = drakvuf_get_current_thread( drakvuf, vcpu_id, regs );
return drakvuf_get_thread_previous_mode( drakvuf, kthread, previous_mode );
}
addr_t drakvuf_get_current_process(drakvuf_t drakvuf, uint64_t vcpu_id, x86_registers_t *regs) {
addr_t thread, process;
thread=drakvuf_get_current_thread(drakvuf,vcpu_id,regs);
if (thread == 0 || VMI_SUCCESS != vmi_read_addr_va(drakvuf->vmi, thread + offsets[KTHREAD_PROCESS], 0, &process)){
return 0;
}
return process;
}
bool drakvuf_get_current_thread_id( drakvuf_t drakvuf, uint64_t vcpu_id, const x86_registers_t *regs,
uint32_t *thread_id )
{
addr_t p_tid ;
addr_t ethread = drakvuf_get_current_thread( drakvuf, vcpu_id, regs );
if ( ethread )
{
if ( vmi_read_addr_va( drakvuf->vmi, ethread + drakvuf->offsets[ ETHREAD_CID ] + drakvuf->offsets[ CLIENT_ID_UNIQUETHREAD ],
0,
&p_tid ) == VMI_SUCCESS )
{
*thread_id = p_tid;
return true;
}
}
return false ;
}
