def write_addr_pa(self, paddr, value): cffi_value = ffi.new("addr_t *", value) status = lib.vmi_write_addr_pa(self.vmi, paddr, cffi_value) check(status)
def write_addr_ksym(self, symbol, value): cffi_value = ffi.new("addr_t *", value) status = lib.vmi_write_addr_ksym(self.vmi, symbol.encode(), cffi_value) check(status)
def write_addr_va(self, vaddr, pid, value): cffi_value = ffi.new("addr_t *", value) status = lib.vmi_write_addr_va(self.vmi, vaddr, pid, cffi_value) check(status)
def translate_uv2p(self, vaddr, pid): paddr = ffi.new("addr_t *") status = lib.vmi_translate_uv2p(self.vmi, vaddr, pid, paddr) check(status) return paddr[0]
def write_32(self, ctx, value): cffi_value = ffi.new("uint32_t *", value) status = lib.vmi_write_32(self.vmi, ctx, cffi_value) check(status)
def get_vcpuregs(self, vcpu): registers = ffi.new("registers_t *") status = lib.vmi_get_vcpuregs(self.vmi, registers, vcpu) check(status) return registers
def slat_create(self): slat_id = ffi.new("uint16_t *") status = lib.vmi_slat_create(self.vmi, slat_id) check(status) return slat_id[0]
def read_addr(self, ctx): value = ffi.new("addr_t *") status = lib.vmi_read_addr(self.vmi, ctx.to_ffi(), value) check(status) return value[0]
def read_addr_ksym(self, symbol): value = ffi.new("addr_t *") status = lib.vmi_read_addr_ksym(self.vmi, symbol.encode(), value) check(status) return value[0]
def pagetable_lookup_extended(self, dtb, vaddr): page_info = ffi.new("page_info_t *") status = lib.vmi_pagetable_lookup_extended(self.vmi, dtb, vaddr, page_info) check(status) return page_info
def read_64(self, ctx): value = ffi.new("uint64_t *") status = lib.vmi_read_64(self.vmi, ctx.to_ffi(), value) check(status) return value[0]
def pagetable_lookup(self, dtb, vaddr): paddr = ffi.new("addr_t *") status = lib.vmi_pagetable_lookup(self.vmi, dtb, vaddr, paddr) check(status) return paddr[0]
def dtb_to_pid(self, dtb): pid = ffi.new("vmi_pid_t *") status = lib.vmi_dtb_to_pid(self.vmi, dtb, pid) check(status) return pid[0]
def pid_to_dtb(self, pid): dtb = ffi.new('addr_t *') status = lib.vmi_pid_to_dtb(self.vmi, pid, dtb) check(status) return dtb[0]
def get_offset(self, offset_name): offset = ffi.new("addr_t *") status = lib.vmi_get_offset(self.vmi, offset_name.encode(), offset) check(status) return offset[0]
def read_addr_va(self, vaddr, pid): value = ffi.new("addr_t *") status = lib.vmi_read_addr_va(self.vmi, vaddr, pid, value) check(status) return value[0]
def get_vcpu_reg(self, reg, vcpu): value = ffi.new("uint64_t *") status = lib.vmi_get_vcpureg(self.vmi, value, reg, vcpu) check(status) return value[0]
def read_addr_pa(self, paddr): value = ffi.new("addr_t *") status = lib.vmi_read_addr_pa(self.vmi, paddr, value) check(status) return value[0]
def slat_get_domain_state(self): state = ffi.new("bool *") status = lib.vmi_slat_get_domain_state(self.vmi, state) check(status) return bool(state[0])
def write_64(self, ctx, value): cffi_value = ffi.new("uint64_t *", value) status = lib.vmi_write_64(self.vmi, ctx.to_ffi(), cffi_value) check(status)
def __init__(self, domain, init_flags=INIT_DOMAINNAME, init_data=ffi.NULL, config_mode=VMIConfig.GLOBAL_FILE_ENTRY, config=ffi.NULL, mode=None, partial=False): self.vmi = ffi.NULL self.opaque_vmi = ffi.new("vmi_instance_t *") init_error = ffi.new("vmi_init_error_t *") # avoid GC to free ghashtable inserted values ghash_ref = dict() ghash = None if partial: # vmi_init if not mode: # calling vmi_get_access_mode to auto determine vmi_mode mode = self.get_access_mode(domain, init_flags, init_data) if not isinstance(mode, VMIMode): raise RuntimeError("mode is not an instance of VMIMode") if (not init_flags & INIT_DOMAINNAME and not init_flags & INIT_DOMAINID): raise RuntimeError("Partial init, init_flags must be either" "INIT_DOMAINAME or INIT_DOMAINID") domain = domain.encode() status = lib.vmi_init(self.opaque_vmi, mode.value, domain, init_flags, init_data, init_error) else: # vmi_init_complete # if INIT_DOMAINNAME, we need to encode the string # from str to bytes if init_flags & INIT_DOMAINNAME or init_flags & INIT_DOMAINID: domain = domain.encode() # same for VMI_CONFIG_STRING if config_mode == VMIConfig.STRING: config = config.encode() elif config_mode == VMIConfig.DICT: # need to convert config to a GHashTable g_str_hash_addr = ffi.addressof(lib, "g_str_hash") g_str_equal_addr = ffi.addressof(lib, "g_str_equal") ghash = lib.g_hash_table_new(g_str_hash_addr, g_str_equal_addr) for k, v in list(config.items()): key = k.encode() if isinstance(v, str): value = v.encode() elif isinstance(v, int): value = ffi.new("int*", v) else: raise RuntimeError( "Invalid value {} in config".format(v)) lib.g_hash_table_insert(ghash, key, value) # keep a reference to avoid GC ghash_ref[key] = value config = ghash # init libvmi status = lib.vmi_init_complete(self.opaque_vmi, domain, init_flags, init_data, config_mode.value, config, init_error) error_msg = LibvmiInitError(init_error[0]).name check(status, error_msg) # store handle to real vmi_instance_t self.vmi = self.opaque_vmi[0] # destroy ghashtable if necessary if ghash is not None: lib.g_hash_table_destroy(ghash)
def write_addr(self, ctx, value): cffi_value = ffi.new("addr_t *", value) status = lib.vmi_write_addr(self.vmi, ctx.to_ffi(), cffi_value) check(status)
def translate_ksym2v(self, symbol): vaddr = ffi.new("addr_t *") status = lib.vmi_translate_ksym2v(self.vmi, symbol.encode(), vaddr) check(status) return vaddr[0]
def read_32(self, ctx): value = ffi.new("uint32_t *") status = lib.vmi_read_32(self.vmi, ctx, value) check(status) return value[0]