def list_of_type(self, type, member):
head = self
node = head
if node:
yield basic.container_of(node, type, member)
while node and node != head:
yield basic.container_of(node, type, member)
node = node.next.deref()
def list_of_type(self, type, member):
head = self
node = head
if node:
yield basic.container_of(node, type, member)
while node and node != head:
yield basic.container_of(node, type, member)
node = node.next.deref()
def render(self, renderer):
renderer.table_header([
("Module", "module_addr", "[addrpad]"),
("Module Name", "module", "30"),
("Ref Count", "refcount", "^10"),
("Known", "known", ""),
])
lsmod = self.session.plugins.lsmod(session=self.session)
# We check the container module for membership so we do not get fulled
# by simple name clashes.
modules = set(lsmod.get_module_list())
for kobj in self.get_kset_modules():
name = kobj.name.deref()
ref_count = kobj.kref.refcount.counter
# Real modules have at least 3 references in sysfs.
if ref_count < 3:
continue
container_module = basic.container_of(kobj, "module", "mkobj")
renderer.table_row(container_module, container_module.name,
ref_count, container_module in modules)
def render(self, renderer):
renderer.table_header([
("Module", "module_addr", "[addrpad]"),
("Module Name", "module", "30"),
("Ref Count", "refcount", "^10"),
("Known", "known", ""),
])
lsmod = self.session.plugins.lsmod(session=self.session)
# We check the container module for membership so we do not get fulled
# by simple name clashes.
modules = set(lsmod.get_module_list())
for kobj in self.get_kset_modules():
name = kobj.name.deref()
ref_count = kobj.kref.refcount.counter
# Real modules have at least 3 references in sysfs.
if ref_count < 3:
continue
container_module = basic.container_of(kobj, "module", "mkobj")
renderer.table_row(container_module, container_module.name,
ref_count, container_module in modules)
def sockets(self):
"""Enumerate all socket objects."""
lsof = self.session.plugins.lsof(session=self.session)
for task, file_struct, fd in lsof.lsof():
if (file_struct.f_op == self.profile.get_constant(
"socket_file_ops") or
file_struct.m("d_entry").d_op == self.profile.get_constant(
"sockfs_dentry_operations")):
iaddr = file_struct.dentry.d_inode
# See http://lxr.free-electrons.com/source/include/net/sock.h?v=3.8#L1319
skt = basic.container_of(iaddr, "socket_alloc",
"vfs_inode").socket
yield task, fd, skt.sk, iaddr
def sockets(self):
"""Enumerate all socket objects."""
lsof = self.session.plugins.lsof(session=self.session)
for task, file_struct, fd in lsof.lsof():
if (file_struct.f_op
== self.profile.get_constant("socket_file_ops")
or file_struct.m("d_entry").d_op
== self.profile.get_constant("sockfs_dentry_operations")):
iaddr = file_struct.dentry.d_inode
# See http://lxr.free-electrons.com/source/include/net/sock.h?v=3.8#L1319
skt = basic.container_of(iaddr, "socket_alloc",
"vfs_inode").socket
yield task, fd, skt.sk, iaddr
def collect(self):
lsmod = self.session.plugins.lsmod(session=self.session)
# We check the container module for membership so we do not get fulled
# by simple name clashes.
modules = set(lsmod.get_module_list())
for kobj in self.get_kset_modules():
ref_count = kobj.kref.refcount.refcounter
# Real modules have at least 3 references in sysfs.
if ref_count < 3:
continue
container_module = basic.container_of(kobj, "module", "mkobj")
yield dict(module=container_module, mod_name=container_module.name,
ref_count=ref_count, known=container_module in modules)
def collect(self):
lsmod = self.session.plugins.lsmod(session=self.session)
# We check the container module for membership so we do not get fulled
# by simple name clashes.
modules = set(lsmod.get_module_list())
for kobj in self.get_kset_modules():
ref_count = kobj.kref.refcount.counter
# Real modules have at least 3 references in sysfs.
if ref_count < 3:
continue
container_module = basic.container_of(kobj, "module", "mkobj")
yield dict(module=container_module, mod_name=container_module.name,
ref_count=ref_count, known=container_module in modules)
def _real_mount(self, vfsmnt):
"""Return the mount container of the vfsmnt object."""
return basic.container_of(vfsmnt, "mount", "mnt").reference()
def _real_mount(self, vfsmnt):
"""Return the mount container of the vfsmnt object."""
return basic.container_of(vfsmnt, "mount", "mnt").reference()
def list_of_type(self, type, member):
hlist = self.first.deref()
while hlist:
yield basic.container_of(hlist, type, member)
hlist = hlist.next
def list_of_type(self, type, member):
hlist = self.first.deref()
while hlist:
yield basic.container_of(hlist, type, member)
hlist = hlist.next
