/**
* @brief Fills an OsiProc struct.
*/
int vmi_pgd_changed(CPUState *env, target_ulong oldval, target_ulong newval) {
static int vmi_pgd_changed_count = 0;
OsiProcs *ps;
OsiModules *ms;
uint32_t i;
if (!panda_in_kernel(env)) {
// This shouldn't ever happen, as PGD is updated only in kernel mode.
LOG_ERR("Can't do introspection in user mode.");
goto error;
}
// Directly call the linux-specific introspection functions.
// For testing the functions via their callbacks, use the osi_test plugin.
LOG_INFO("--- START %4d ---------------------------------------------", vmi_pgd_changed_count);
on_get_processes(env, &ps);
for (i=0; i< ps->num; i++) {
on_get_libraries(env, &ps->proc[i], &ms);
on_free_osimodules(ms);
}
on_free_osiprocs(ps);
LOG_INFO("--- END %4d ---------------------------------------------", vmi_pgd_changed_count);
vmi_pgd_changed_count++;
return 0;
error:
return -1;
}
// get current process before each bb execs
// which will probably help us actually know the current process
int osi_foo(CPUState *env, TranslationBlock *tb) {
if (panda_in_kernel(env)) {
OsiProc *p = get_current_process(env);
//some sanity checks on what we think the current process is
// this means we didnt find current task
if (p->offset == 0) return 0;
// or the name
if (p->name == 0) return 0;
// this is just not ok
if (((int) p->pid) == -1) return 0;
uint32_t n = strnlen(p->name, 32);
// name is one char?
if (n<2) return 0;
uint32_t np = 0;
for (uint32_t i=0; i<n; i++) {
np += (isprint(p->name[i]) != 0);
}
// name doesnt consist of solely printable characters
// printf ("np=%d n=%d\n", np, n);
if (np != n) return 0;
target_ulong asid = panda_current_asid(env);
if (running_procs.count(asid) == 0) {
printf ("adding asid=0x%x to running procs. cmd=[%s] task=0x%x\n", (unsigned int) asid, p->name, (unsigned int) p->offset);
}
running_procs[asid] = *p;
}
return 0;
}
// get current process before each bb executes
// which will probably help us actually know the current process
int osi_foo(CPUState *cpu, TranslationBlock *tb) {
if (panda_in_kernel(cpu)) {
OsiProc *p = get_current_process(cpu);
//some sanity checks on what we think the current process is
// this means we didnt find current task
if (p->offset == 0) return 0;
// or the name
if (p->name == 0) return 0;
// weird -- this is just not ok
if (((int) p->pid) == -1) return 0;
uint32_t n = strnlen(p->name, 32);
// yuck -- name is one char
if (n<2) return 0;
uint32_t np = 0;
for (uint32_t i=0; i<n; i++) {
np += (isprint(p->name[i]) != 0);
}
// yuck -- name doesnt consist of solely printable characters
if (np != n) return 0;
target_ulong asid = panda_current_asid(cpu);
if (running_procs.count(asid) == 0) {
if (debug) printf ("adding asid=0x%x to running procs. cmd=[%s] task=0x%x\n", (unsigned int) asid, p->name, (unsigned int) p->offset);
}
if (running_procs.count(asid) != 0) {
/*
OsiProc *p2 = running_procs[asid];
// something there already
if (p2)
free_osiproc(p2);
*/
}
running_procs[asid] = *p;
}
return 0;
}
