static void my_loadmodule_notify(VMI_Callback_Params *params) {
char *name = params->lm.name;
if (modname_is_set()) {
if (modname_match(name)
&& (decaf_plugin->monitored_cr3 == cpu_single_env->cr[3])) {
tracing_start_condition = 1;
modname_clear();
}
}
}
void tracing_block_begin(DECAF_Callback_Params* params)
{
char current_proc[512] = "";
CPUState* env = NULL;
if (params != NULL)
{
env = params->bb.env;
}
/* Get thread id (needs to be done before checking hooks) */
// TODO: Are hooks checked before or after invoking block begin handler?
current_tid = get_current_tid(env);
// Let DECAF now that we want to hook the instructions in this block
should_monitor =
(decaf_plugin->monitored_cr3 == DECAF_cpu_cr[3]) &&
(!DECAF_is_in_kernel() || tracing_kernel());
/* If not right context, return */
if (!should_monitor)
return;
/* No need to check if we are tracing, otherwise block_begin unregistered */
//if ((tracepid == 0) && (!procname_is_set()))
// return;
/* If tracing module, check if we are in traced module */
if (modname_is_set()) {
// Get current module name
tmodinfo_t *mi =
locate_module(*DECAF_cpu_eip, DECAF_cpu_cr[3], current_proc);
// Check if right module
if (mi && (modname_match(mi->name))) {
tracing_start_condition = 1;
modname_clear();
}
}
return;
}
