int main (int argc, char **argv)
{
vmi_instance_t vmi;
char *memory = (char *) malloc(PAGE_SIZE);
/* this is the VM or file that we are looking at */
char *name = argv[1];
/* this is the symbol to map */
char *symbol = argv[2];
/* initialize the libvmi library */
if (vmi_init(&vmi, VMI_AUTO | VMI_INIT_COMPLETE, name) == VMI_FAILURE){
printf("Failed to init LibVMI library.\n");
goto error_exit;
}
/* get memory starting at symbol for the next PAGE_SIZE bytes */
if (PAGE_SIZE != vmi_read_ksym(vmi, symbol, memory, PAGE_SIZE)){
printf("failed to get symbol's memory.\n");
goto error_exit;
}
vmi_print_hex(memory, PAGE_SIZE);
error_exit:
if (memory) free(memory);
/* cleanup any memory associated with the libvmi instance */
vmi_destroy(vmi);
return 0;
}
///////////////////////////////////////////////////////////
// Easy access to memory using kernel symbols
static status_t
vmi_read_X_ksym(
vmi_instance_t vmi,
char *sym,
void *value,
int size)
{
size_t len_read = vmi_read_ksym(vmi, sym, value, size);
if (len_read == size) {
return VMI_SUCCESS;
}
else {
return VMI_FAILURE;
}
}
int
main(
int argc,
char **argv)
{
if ( argc != 3 )
return 1;
vmi_instance_t vmi;
unsigned char *memory = malloc(PAGE_SIZE);
/* this is the VM or file that we are looking at */
char *name = argv[1];
/* this is the symbol to map */
char *symbol = argv[2];
/* initialize the libvmi library */
if (VMI_FAILURE ==
vmi_init_complete(&vmi, name, VMI_INIT_DOMAINNAME, NULL,
VMI_CONFIG_GLOBAL_FILE_ENTRY, NULL, NULL))
{
printf("Failed to init LibVMI library.\n");
goto error_exit;
}
/* get memory starting at symbol for the next PAGE_SIZE bytes */
if (VMI_FAILURE == vmi_read_ksym(vmi, symbol, PAGE_SIZE, memory, NULL)) {
printf("failed to get symbol's memory.\n");
goto error_exit;
}
vmi_print_hex(memory, PAGE_SIZE);
error_exit:
if (memory)
free(memory);
/* cleanup any memory associated with the libvmi instance */
vmi_destroy(vmi);
return 0;
}
