type ksymmap = Virt_mem_mmap.addr Ksymmap.t
(** Kernel symbol table (map of kernel symbols to addresses). *)
-(** {2 Kernel memory images and associated metadata} *)
+(** {2 Kernel memory images and associated metadata}
-type image = {
- dom : Libvirt.ro Libvirt.Domain.t option; (** Domain, if known. *)
- domname : string; (** Domain name. *)
- arch : Virt_mem_utils.architecture; (** Architecture, eg. i386. *)
- mem : ([`Wordsize], [`Endian], [`HasMapping]) Virt_mem_mmap.t;
- (** Memory map. *)
- kernel_min : Virt_mem_mmap.addr; (** Minimum addr of kernel pointers. *)
- kernel_max : Virt_mem_mmap.addr; (** Maximum addr of kernel pointers. *)
-}
- (** A basic kernel image. *)
-
-(** {2 Kernel structures internal format}
-
- So that we don't need to reiterate over certain important
- kernel structures in each tool, we convert them into a more
- convenient internal format.
-
- See {!Virt_mem_tasks}, {!Virt_mem_net_devices}.
+ The kimage structure captures everything known about a kernel
+ image, including the source domain details, kernel address, kernel
+ symbols, kernel memory map, and all the kernel structures parsed
+ out of the memory map.
*)
type utsname = {
}
(** Kernel version, from utsname structure in the kernel. *)
-type task = {
- task_state : int64;
- task_prio : int64;
- task_normal_prio : int64;
- task_static_prio : int64;
- task_comm : string; (** Short command name. *)
- task_pid : int64; (** Process ID. *)
-}
- (** Internal version of the kernel [task_struct]. *)
-
-type net_device = {
- netdev_name : string; (** Device name. *)
- netdev_dev_addr : string; (** Interface network address. *)
-}
- (** Internal version of the kernel [net_device] (network device struct). *)
-
-type kdata = {
- ksyms : ksymmap option; (** Kernel symbol lookup function. *)
- utsname : utsname option; (** Kernel version. *)
- tasks : task list option; (** List of tasks (processes). *)
- net_devices : net_device list option; (** List of net devices. *)
-}
- (** Optional data derived from the raw kernel image by the main
- program and passed to the tools' [~run] functions.
-
- What fields get filled in is controlled by the [~needs_*]
- options passed when tools register themselves, and also of
- course by what we are able to find out about the memory image
- (see {!Virt_mem.register}).
+type kimage = {
+ dom : Libvirt.ro Libvirt.Domain.t option; (** Domain, if known. *)
+ domname : string; (** Domain name. *)
+ arch : Virt_mem_utils.architecture; (** Architecture, eg. i386. *)
- Note there is significant cost to filling in some of these
- fields.
-*)
+ kernel_min : Virt_mem_mmap.addr; (** Minimum addr of kernel pointers. *)
+ kernel_max : Virt_mem_mmap.addr; (** Maximum addr of kernel pointers. *)
-(** {2 Helper declarations for kernel structure parsers}
+ mem : ([`Wordsize], [`Endian], [`HasMapping]) Virt_mem_mmap.t;
+ (** Memory map. *)
- The kernel structure parsers (in {!Kernel_task_struct} et al (see
- [lib/kernel_*])) share a few common types declared here.
+ addrmap : Kernel.addrmap; (** Parsed kernel structures. *)
- Note that the parsers themselves are generated automatically.
-*)
+ ksyms : ksymmap; (** Kernel symbol table *)
-exception ParseError of string * string * string
- (** Parsing exception raised by [Kernel_*] parser functions.
+ have_ksyms : bool; (** True if we were able to load
+ the kernel symbols. *)
+ have_kallsyms : bool; (** True if we were able to load
+ the kallsyms from the kernel. *)
- The fields are: structure name, function which raised the error,
- error message. *)
+ utsname : utsname option; (** Kernel version, if we were able
+ to find it. *)
-type fieldsig = {
- field_available : bool; (** Field available in this kernel version? *)
- field_offset : int; (** Offset of field in this kernel version. *)
+ have_tasks : bool; (** True if we were able to load
+ the kernel task_struct list. *)
+ have_net_devices : bool; (** True if we were able to load
+ the kernel net_device structures.*)
}
- (** Returned by [Kernel_*.field_signature_of_*] functions. *)
+ (** A basic kernel image. *)
(** {2 Functions to load kernel memory} *)
type load_memory_error =
| AddressOutOfRange (** Address not in [kernel_min..kernel_max] *)
- | DomIsNull (** image.dom = None *)
+ | DomIsNull (** kimage.dom = None *)
exception LoadMemoryError of load_memory_error * string
-val load_memory : image -> Virt_mem_mmap.addr -> int -> image
+val load_memory : kimage -> Virt_mem_mmap.addr -> int -> kimage
(** [load_memory img start size] tries to load [size] bytes from
the start address into the memory map. If the memory was loaded
previously, then it is not requested again.
arch:Virt_mem_utils.architecture ->
wordsize:Virt_mem_utils.wordsize -> endian:Bitstring.endian ->
kernel_min:Virt_mem_mmap.addr -> kernel_max:Virt_mem_mmap.addr ->
- Virt_mem_mmap.addr -> int -> image
- (** [load_static_memory ~dom (*...*) start size] creates an [image0]
+ Virt_mem_mmap.addr -> int -> kimage
+ (** [load_static_memory ~dom (*...*) start size] creates a [kimage]
object, and initializes it with static kernel memory loaded
from the [start] address and [size] of [dom].