/** * @brief Fills an OsiProc struct. */ int vmi_pgd_changed(CPUState *env, target_ulong oldval, target_ulong newval) { OsiProcs *ps; OsiModules *ms; uint32_t i; if (!_IN_KERNEL) { // This shouldn't ever happen, as PGD is updated only in kernel mode. LOG_ERR("Can't do introspection in user mode."); goto error; } LOG_INFO("------------------------------------------------"); on_get_processes(env, &ps); for (i=0; i< ps->num; i++) { on_get_libraries(env, &ps->proc[i], &ms); on_free_osimodules(ms); } on_free_osiprocs(ps); LOG_INFO("------------------------------------------------"); return 0; error: return -1; }
/** * @brief Fills an OsiProc struct. */ int vmi_pgd_changed(CPUState *env, target_ulong oldval, target_ulong newval) { static int vmi_pgd_changed_count = 0; OsiProcs *ps; OsiModules *ms; uint32_t i; if (!panda_in_kernel(env)) { // This shouldn't ever happen, as PGD is updated only in kernel mode. LOG_ERR("Can't do introspection in user mode."); goto error; } // Directly call the linux-specific introspection functions. // For testing the functions via their callbacks, use the osi_test plugin. LOG_INFO("--- START %4d ---------------------------------------------", vmi_pgd_changed_count); on_get_processes(env, &ps); for (i=0; i< ps->num; i++) { on_get_libraries(env, &ps->proc[i], &ms); on_free_osimodules(ms); } on_free_osiprocs(ps); LOG_INFO("--- END %4d ---------------------------------------------", vmi_pgd_changed_count); vmi_pgd_changed_count++; return 0; error: return -1; }