static status_t
vmi_init_private(
vmi_instance_t *vmi,
uint32_t flags,
uint64_t id,
const char *name,
vmi_config_t config)
{
uint32_t access_mode = flags & 0x0000FFFF;
uint32_t init_mode = flags & 0x00FF0000;
uint32_t config_mode = flags & 0xFF000000;
status_t status = VMI_FAILURE;
/* allocate memory for instance structure */
*vmi = (vmi_instance_t) safe_malloc(sizeof(struct vmi_instance));
memset(*vmi, 0, sizeof(struct vmi_instance));
/* initialize instance struct to default values */
dbprint(VMI_DEBUG_CORE, "LibVMI Version 0.11.0\n"); //TODO change this with each release
/* save the flags and init mode */
(*vmi)->flags = flags;
(*vmi)->init_mode = init_mode;
(*vmi)->config_mode = config_mode;
/* the config hash table is set up later based on mode */
(*vmi)->config = NULL;
/* set page mode to unknown */
(*vmi)->page_mode = VMI_PM_UNKNOWN;
/* setup the caches */
pid_cache_init(*vmi);
sym_cache_init(*vmi);
rva_cache_init(*vmi);
v2p_cache_init(*vmi);
if ( init_mode & VMI_INIT_SHM_SNAPSHOT ) {
#if ENABLE_SHM_SNAPSHOT == 1
v2m_cache_init(*vmi);
#else
errprint("LibVMI wasn't compiled with SHM support!\n");
status = VMI_FAILURE;
goto error_exit;
#endif
}
/* connecting to xen, kvm, file, etc */
if (VMI_FAILURE == set_driver_type(*vmi, access_mode, id, name)) {
goto error_exit;
}
/* driver-specific initilization */
if (VMI_FAILURE == driver_init(*vmi)) {
goto error_exit;
}
dbprint(VMI_DEBUG_CORE, "--completed driver init.\n");
/* resolve the id and name */
if (VMI_FAILURE == set_id_and_name(*vmi, access_mode, id, name)) {
goto error_exit;
}
/* init vmi for specific file/domain through the driver */
if (VMI_FAILURE == driver_init_vmi(*vmi)) {
goto error_exit;
}
/* setup the page offset size */
if (VMI_FAILURE == init_page_offset(*vmi)) {
goto error_exit;
}
/* get the memory size */
if (driver_get_memsize(*vmi, &(*vmi)->allocated_ram_size, &(*vmi)->max_physical_address) == VMI_FAILURE) {
errprint("Failed to get memory size.\n");
goto error_exit;
}
dbprint(VMI_DEBUG_CORE, "**set size = %"PRIu64" [0x%"PRIx64"]\n", (*vmi)->size,
(*vmi)->size);
// for file mode we need os-specific heuristics to deduce the architecture
// for live mode, having arch_interface set even in VMI_PARTIAL mode
// allows use of dtb-based translation methods.
if (VMI_FILE != (*vmi)->mode) {
if(VMI_FAILURE == arch_init(*vmi)) {
if (init_mode & VMI_INIT_COMPLETE) {
dbprint(VMI_DEBUG_CORE, "--failed to determine architecture of live vm and INIT_COMPLETE.\n");
goto error_exit;
} else {
dbprint(VMI_DEBUG_CORE, "--failed to determine architecture of live vm and INIT_PARTIAL, continuing.\n");
}
} else {
dbprint(VMI_DEBUG_CORE, "--succesfully completed architecture init.\n");
}
}
/* we check VMI_INIT_COMPLETE first as
VMI_INIT_PARTIAL is not exclusive */
if (init_mode & VMI_INIT_COMPLETE) {
switch((*vmi)->config_mode) {
case VMI_CONFIG_STRING:
/* read and parse the config string */
if(VMI_FAILURE == read_config_string(*vmi, (char*)config)) {
goto error_exit;
}
break;
case VMI_CONFIG_GLOBAL_FILE_ENTRY:
/* read and parse the config file */
if(VMI_FAILURE == read_config_file_entry(*vmi)) {
goto error_exit;
}
break;
case VMI_CONFIG_GHASHTABLE:
/* read and parse the ghashtable */
if (!config) {
goto error_exit;
}
(*vmi)->config = (GHashTable*)config;
break;
case VMI_CONFIG_NONE:
default:
/* init_complete requires configuration
falling back to VMI_CONFIG_GLOBAL_FILE_ENTRY is unsafe here
as the config pointer is probably NULL */
goto error_exit;
}
if(VMI_FAILURE == set_os_type_from_config(*vmi)) {
dbprint(VMI_DEBUG_CORE, "--failed to determine os type from config\n");
goto error_exit;
}
/* setup OS specific stuff */
switch ( (*vmi)->os_type )
{
#ifdef ENABLE_LINUX
case VMI_OS_LINUX:
if(VMI_FAILURE == linux_init(*vmi)) {
goto error_exit;
}
break;
#endif
#ifdef ENABLE_WINDOWS
case VMI_OS_WINDOWS:
if(VMI_FAILURE == windows_init(*vmi)) {
goto error_exit;
}
break;
#endif
default:
goto error_exit;
}
status = VMI_SUCCESS;
} else if (init_mode & VMI_INIT_PARTIAL) {
status = VMI_SUCCESS;
} else {
errprint("Need to specify either VMI_INIT_PARTIAL or VMI_INIT_COMPLETE.\n");
goto error_exit;
}
if(init_mode & VMI_INIT_EVENTS) {
#if ENABLE_XEN_EVENTS == 1
/* Enable event handlers */
events_init(*vmi);
#else
errprint("LibVMI wasn't compiled with events support!\n");
status = VMI_FAILURE;
#endif
}
error_exit:
return status;
}
static status_t
vmi_init_private(
vmi_instance_t *vmi,
uint32_t flags,
unsigned long id,
char *name,
vmi_config_t *config)
{
uint32_t access_mode = flags & 0x0000FFFF;
uint32_t init_mode = flags & 0x00FF0000;
uint32_t config_mode = flags & 0xFF000000;
status_t status = VMI_FAILURE;
/* allocate memory for instance structure */
*vmi = (vmi_instance_t) safe_malloc(sizeof(struct vmi_instance));
memset(*vmi, 0, sizeof(struct vmi_instance));
/* initialize instance struct to default values */
dbprint("LibVMI Version 0.9_alpha\n"); //TODO change this with each release
/* save the flags and init mode */
(*vmi)->flags = flags;
(*vmi)->init_mode = init_mode;
(*vmi)->config = config;
(*vmi)->config_mode = config_mode;
/* setup the caches */
pid_cache_init(*vmi);
sym_cache_init(*vmi);
rva_cache_init(*vmi);
v2p_cache_init(*vmi);
/* connecting to xen, kvm, file, etc */
if (VMI_FAILURE == set_driver_type(*vmi, access_mode, id, name)) {
goto error_exit;
}
/* resolve the id and name */
if (VMI_FAILURE == set_id_and_name(*vmi, access_mode, id, name)) {
goto error_exit;
}
/* driver-specific initilization */
if (VMI_FAILURE == driver_init(*vmi)) {
goto error_exit;
}
dbprint("--completed driver init.\n");
/* we check VMI_INIT_COMPLETE first as
VMI_INIT_PARTIAL is not exclusive */
if (init_mode & VMI_INIT_COMPLETE) {
/* init_complete requires configuration */
if(VMI_CONFIG_NONE & (*vmi)->config_mode) {
/* falling back to VMI_CONFIG_GLOBAL_FILE_ENTRY is unsafe here
as the config pointer is probably NULL */
goto error_exit;
}
/* read and parse the config file */
else if ( (VMI_CONFIG_STRING & (*vmi)->config_mode || VMI_CONFIG_GLOBAL_FILE_ENTRY & (*vmi)->config_mode)
&& VMI_FAILURE == read_config_file(*vmi)) {
goto error_exit;
}
/* read and parse the ghashtable */
else if (VMI_CONFIG_GHASHTABLE & (*vmi)->config_mode
&& VMI_FAILURE == read_config_ghashtable(*vmi)) {
dbprint("--failed to parse ghashtable\n");
goto error_exit;
}
/* setup the correct page offset size for the target OS */
if (VMI_FAILURE == init_page_offset(*vmi)) {
goto error_exit;
}
/* get the memory size */
if (driver_get_memsize(*vmi, &(*vmi)->size) == VMI_FAILURE) {
errprint("Failed to get memory size.\n");
goto error_exit;
}
dbprint("**set size = %"PRIu64" [0x%"PRIx64"]\n", (*vmi)->size,
(*vmi)->size);
/* determine the page sizes and layout for target OS */
// Find the memory layout. If this fails, then proceed with the
// OS-specific heuristic techniques.
(*vmi)->pae = (*vmi)->pse = (*vmi)->lme = (*vmi)->cr3 = 0;
(*vmi)->page_mode = VMI_PM_UNKNOWN;
status = get_memory_layout(*vmi,
&((*vmi)->page_mode),
&((*vmi)->cr3),
&((*vmi)->pae),
&((*vmi)->pse),
&((*vmi)->lme));
if (VMI_FAILURE == status) {
dbprint
("**Failed to get memory layout for VM. Trying heuristic method.\n");
// fall-through
} // if
// Heuristic method
if (!(*vmi)->cr3) {
(*vmi)->cr3 = find_cr3((*vmi));
dbprint("**set cr3 = 0x%.16"PRIx64"\n", (*vmi)->cr3);
} // if
/* setup OS specific stuff */
if (VMI_OS_LINUX == (*vmi)->os_type) {
status = linux_init(*vmi);
}
else if (VMI_OS_WINDOWS == (*vmi)->os_type) {
status = windows_init(*vmi);
}
/* Enable event handlers only if we're in a consistent state */
if((status == VMI_SUCCESS) && (init_mode & VMI_INIT_EVENTS)){
events_init(*vmi);
}
return status;
} else if (init_mode & VMI_INIT_PARTIAL) {
init_page_offset(*vmi);
driver_get_memsize(*vmi, &(*vmi)->size);
/* Enable event handlers */
if(init_mode & VMI_INIT_EVENTS){
events_init(*vmi);
}
return VMI_SUCCESS;
}
error_exit:
return status;
}
