-(* Memory info command for virtual domains.
+(* Memory info for virtual domains.
(C) Copyright 2008 Richard W.M. Jones, Red Hat Inc.
http://libvirt.org/
open Unix
open Printf
open ExtList
+open ExtString
+open Virt_mem_gettext.Gettext
open Virt_mem_utils
module MMap = Virt_mem_mmap
-(* Main program. *)
-let () =
+let min_kallsyms_tabsize = 1_000L
+let max_kallsyms_tabsize = 250_000L
+
+type ksym = string
+
+type image =
+ string
+ * Virt_mem_utils.architecture
+ * ([`Wordsize], [`Endian]) Virt_mem_mmap.t
+ * (ksym -> MMap.addr)
+
+type kallsyms_compr =
+ | Compressed of (string * MMap.addr) list * MMap.addr
+ | Uncompressed of (string * MMap.addr) list
+
+let start usage_msg =
(* Verbose messages. *)
let verbose = ref false in
| "32" -> def_wordsize := Some W32
| "64" -> def_wordsize := Some W64
| "auto" -> def_wordsize := None
- | str -> failwith (sprintf "set_wordsize: %s: unknown wordsize" str)
+ | str -> failwith (sprintf (f_"set_wordsize: %s: unknown wordsize") str)
in
(* Default endianness. *)
def_endian := Some Bitmatch.LittleEndian
| "be" | "big" | "bigendian" | "motorola" ->
def_endian := Some Bitmatch.BigEndian
- | str -> failwith (sprintf "set_endian: %s: unknown endianness" str)
+ | str -> failwith (sprintf (f_"set_endian: %s: unknown endianness") str)
in
(* Default architecture. *)
let argspec = Arg.align [
"-A", Arg.String set_architecture,
- "arch " ^ "Set kernel architecture, endianness and word size";
+ "arch " ^ s_"Set kernel architecture, endianness and word size";
"-E", Arg.String set_endian,
- "endian " ^ "Set kernel endianness";
+ "endian " ^ s_"Set kernel endianness";
"-T", Arg.String set_text_addr,
- "addr " ^ "Set kernel text address";
+ "addr " ^ s_"Set kernel text address";
"-W", Arg.String set_wordsize,
- "addr " ^ "Set kernel word size";
+ "addr " ^ s_"Set kernel word size";
"-t", Arg.String memory_image,
- "image " ^ "Use saved kernel memory image";
+ "image " ^ s_"Use saved kernel memory image";
"-verbose", Arg.Set verbose,
- " " ^ "Verbose messages";
+ " " ^ s_"Verbose messages";
] in
let anon_fun str =
- raise (Arg.Bad (sprintf "%s: unknown parameter" str)) in
- let usage_msg = "virt-mem: shows memory information for guests
-
-SUMMARY
- virt-mem [-options]
-
-OPTIONS" in
-
+ raise (Arg.Bad (sprintf (f_"%s: unknown parameter") str)) in
+ let usage_msg = usage_msg ^ s_"\n\nOPTIONS" in
Arg.parse argspec anon_fun usage_msg;
let images = !images in
match wordsize with
| None ->
failwith
- (sprintf "%s: use -W to define word size for this image"
+ (sprintf (f_"%s: use -W to define word size for this image")
filename);
| Some ws -> ws in
let endian =
match endian with
| None ->
failwith
- (sprintf "%s: use -E to define endianness for this image"
+ (sprintf (f_"%s: use -E to define endianness for this image")
filename);
| Some e -> e in
| Some I386 -> I386 | Some X86_64 -> X86_64
| _ ->
failwith
- (sprintf "%s: use -A to define architecture (i386/x86-64 only) for this image" filename) in
+ (sprintf (f_"%s: use -A to define architecture (i386/x86-64 only) for this image") filename) in
if text_addr = 0L then
failwith
- (sprintf "%s: use -T to define kernel load address for this image"
+ (sprintf (f_"%s: use -T to define kernel load address for this image")
filename);
(* Map the virtual memory. *)
let mem = MMap.set_wordsize mem wordsize in
let mem = MMap.set_endian mem endian in
- (filename, (arch, mem))
+ (filename, arch, mem)
) images in
- List.iter (
- fun (name, (arch, mem)) ->
- (* Look for some common entries in the symbol table and from
- * that find the symbol table itself. These are just supposed to
- * be symbols which are very likely to be present in any Linux
- * kernel, although we only need one of them to be present to
- * find the symbol table.
- *
- * NB. Must not be __initdata.
- *)
- let common_ksyms = [
- "init_task"; (* first task_struct *)
- "root_mountflags"; (* flags for mounting root fs *)
- "init_uts_ns"; (* uname strings *)
- "sys_open"; (* open(2) entry point *)
- "sys_chdir"; (* chdir(2) entry point *)
- "sys_chroot"; (* chroot(2) entry point *)
- "sys_umask"; (* umask(2) entry point *)
- "schedule"; (* scheduler entry point *)
- ] in
- (* Searching for <NUL>string<NUL> *)
- let common_ksyms = List.map (sprintf "\000%s\000") common_ksyms in
-
- (* Search for these strings in the memory image. *)
- let ksym_strings = List.map (MMap.find_all mem) common_ksyms in
- let ksym_strings = List.concat ksym_strings in
- (* Adjust found addresses to start of the string (skip <NUL>). *)
- let ksym_strings = List.map Int64.succ ksym_strings in
-
- (* For any we found, try to look up the symbol table
- * base addr and size.
- *)
- let ksymtabs = List.map (
- fun addr ->
- (* Search for 'addr' appearing in the image. *)
- let addrs = MMap.find_pointer_all mem addr in
-
- (* Now consider each of these addresses and search back
- * until we reach the beginning of the (possible) symbol
- * table.
- *
- * Kernel symbol table struct is:
- * struct kernel_symbol {
- * unsigned long value;
- * const char *name; <-- initial pointer
- * } symbols[];
- *)
- let pred_long2 addr = MMap.pred_long mem (MMap.pred_long mem addr) in
- let base_addrs = List.map (
- fun addr ->
- let rec loop addr =
- (* '*addr' should point to a C identifier. If it does,
- * step backwards to the previous symbol table entry.
- *)
- let addrp = MMap.follow_pointer mem addr in
- if MMap.is_C_identifier mem addrp then
- loop (pred_long2 addr)
- else
- MMap.succ_long mem addr
+ let images =
+ List.map (
+ fun (name, arch, mem) ->
+ (* Look for some common entries in the exported symbol table and
+ * from that find the symbol table itself. These are just
+ * supposed to be symbols which are very likely to be present
+ * in any Linux kernel, although we only need one of them to be
+ * present to find the symbol table.
+ *
+ * NB. Must not be __initdata, must be in EXPORT_SYMBOL.
+ *)
+ let common_ksyms = [
+ "init_task"; (* first task_struct *)
+ "root_mountflags"; (* flags for mounting root fs *)
+ "init_uts_ns"; (* uname strings *)
+ "sys_open"; (* open(2) entry point *)
+ "sys_chdir"; (* chdir(2) entry point *)
+ "sys_chroot"; (* chroot(2) entry point *)
+ "sys_umask"; (* umask(2) entry point *)
+ "schedule"; (* scheduler entry point *)
+ ] in
+ (* Searching for <NUL>string<NUL> *)
+ let common_ksyms_nul = List.map (sprintf "\000%s\000") common_ksyms in
+
+ (* Search for these strings in the memory image. *)
+ let ksym_strings = List.map (MMap.find_all mem) common_ksyms_nul in
+ let ksym_strings = List.concat ksym_strings in
+ (* Adjust found addresses to start of the string (skip <NUL>). *)
+ let ksym_strings = List.map Int64.succ ksym_strings in
+
+ (* For any we found, try to look up the symbol table
+ * base addr and size.
+ *)
+ let ksymtabs = List.map (
+ fun addr ->
+ (* Search for 'addr' appearing in the image. *)
+ let addrs = MMap.find_pointer_all mem addr in
+
+ (* Now consider each of these addresses and search back
+ * until we reach the beginning of the (possible) symbol
+ * table.
+ *
+ * Kernel symbol table struct is:
+ * struct kernel_symbol {
+ * unsigned long value;
+ * const char *name; <-- initial pointer
+ * } symbols[];
+ *)
+ let pred_long2 addr =
+ MMap.pred_long mem (MMap.pred_long mem addr)
+ in
+ let base_addrs = List.map (
+ fun addr ->
+ let rec loop addr =
+ (* '*addr' should point to a C identifier. If it does,
+ * step backwards to the previous symbol table entry.
+ *)
+ let addrp = MMap.follow_pointer mem addr in
+ if MMap.is_C_identifier mem addrp then
+ loop (pred_long2 addr)
+ else
+ MMap.succ_long mem addr
+ in
+ loop addr
+ ) addrs in
+
+ (* Also look for the end of the symbol table and
+ * calculate its size.
+ *)
+ let base_addrs_sizes = List.map (
+ fun base_addr ->
+ let rec loop addr =
+ let addr2 = MMap.succ_long mem addr in
+ let addr2p = MMap.follow_pointer mem addr2 in
+ if MMap.is_C_identifier mem addr2p then
+ loop (MMap.succ_long mem addr2)
+ else
+ addr
+ in
+ let end_addr = loop base_addr in
+ base_addr, end_addr -^ base_addr
+ ) base_addrs in
+
+ base_addrs_sizes
+ ) ksym_strings in
+ let ksymtabs = List.concat ksymtabs in
+
+ (* Simply ignore any symbol table candidates which are too small. *)
+ let ksymtabs = List.filter (fun (_, size) -> size > 64L) ksymtabs in
+
+ if verbose then (
+ printf "%s: candidate symbol tables at:\n" name;
+ List.iter (
+ fun (addr, size) ->
+ printf "\t%Lx\t%Lx\t%!" addr size;
+ printf "first symbol: %s\n%!"
+ (MMap.get_string mem
+ (MMap.follow_pointer mem
+ (MMap.succ_long mem addr)))
+ ) ksymtabs
+ );
+
+ (* Vote for the most popular symbol table candidate and from this
+ * generate a function to look up ksyms.
+ *)
+ let lookup_ksym =
+ let freqs = frequency ksymtabs in
+ match freqs with
+ | [] ->
+ eprintf (f_"%s: cannot find start of kernel symbol table\n") name;
+ (fun _ -> raise Not_found)
+
+ | (_, (ksymtab_addr, ksymtab_size)) :: _ ->
+ if verbose then
+ printf
+ "%s: Kernel symbol table found at %Lx, size %Lx bytes\n%!"
+ name ksymtab_addr ksymtab_size;
+
+ (* Load the whole symbol table as a bitstring. *)
+ let ksymtab =
+ Bitmatch.bitstring_of_string
+ (MMap.get_bytes mem ksymtab_addr
+ (Int64.to_int ksymtab_size)) in
+
+ (* Function to look up an address in the symbol table. *)
+ let lookup_ksym sym =
+ let bits = bits_of_wordsize (MMap.get_wordsize mem) in
+ let e = MMap.get_endian mem in
+ let rec loop bs =
+ bitmatch bs with
+ | { value : bits : endian(e);
+ name_ptr : bits : endian(e) }
+ when MMap.get_string mem name_ptr = sym ->
+ value
+ | { _ : bits : endian(e);
+ _ : bits : endian(e);
+ bs : -1 : bitstring } ->
+ loop bs
+ | { _ } -> raise Not_found
+ in
+ loop ksymtab
in
- loop addr
- ) addrs in
- (* Also look for the end of the symbol table and
- * calculate its size.
- *)
- let base_addrs_sizes = List.map (
- fun base_addr ->
- let rec loop addr =
- let addr2 = MMap.succ_long mem addr in
- let addr2p = MMap.follow_pointer mem addr2 in
- if MMap.is_C_identifier mem addr2p then
- loop (MMap.succ_long mem addr2)
+ lookup_ksym
+ in
+
+ (* Now try to find the /proc/kallsyms table. This is in an odd
+ * compressed format (but not a very successful compression
+ * format). However if it exists we know that it will contain
+ * addresses of the common ksyms above, and it has some
+ * characteristics which make it easy to detect in the
+ * memory.
+ *
+ * kallsyms contains a complete list of symbols so is much
+ * more useful than the basic list of exports.
+ *)
+ let ksym_addrs = List.filter_map (
+ fun ksym -> try Some (lookup_ksym ksym) with Not_found -> None
+ ) common_ksyms in
+
+ (* Search for those kernel addresses in the image. We're looking
+ * for the table kallsyms_addresses followed by kallsyms_num_syms
+ * (number of symbols in the table).
+ *)
+ let ksym_addrs = List.map (MMap.find_pointer_all mem) ksym_addrs in
+ let ksym_addrs = List.concat ksym_addrs in
+
+ (* Test each one to see if it's a candidate list of kernel
+ * addresses followed by length of list.
+ *)
+ let kallsymtabs = List.filter_map (
+ fun addr ->
+ (* Search upwards from address until we find the length field.
+ * If found, jump backwards by length and check all addresses.
+ *)
+ if verbose then
+ printf "%s: testing candidate kallsyms at %Lx\n" name addr;
+ let rec loop addr =
+ let addrp = MMap.follow_pointer mem addr in
+ if MMap.is_mapped mem addrp then
+ loop (MMap.succ_long mem addr) (* continue up the table *)
+ else
+ if addrp >= min_kallsyms_tabsize &&
+ addrp <= max_kallsyms_tabsize then (
+ (* addrp might be the symbol count. Count backwards and
+ * check the full table.
+ *)
+ let num_entries = Int64.to_int addrp in
+ let entry_size = bytes_of_wordsize (MMap.get_wordsize mem) in
+ let start_addr =
+ addr -^ Int64.of_int (entry_size * num_entries) in
+ let end_addr = addr in
+ let rec loop2 addr =
+ if addr < end_addr then (
+ let addrp = MMap.follow_pointer mem addr in
+ if MMap.is_mapped mem addrp then
+ loop2 (MMap.succ_long mem addr)
+ else
+ None (* can't verify the full address table *)
+ ) else
+ (* ok! *)
+ let names_addr = MMap.succ_long mem end_addr in
+ if verbose then
+ printf "%s: candidate kallsyms found at %Lx (names_addr at %Lx, num_entries %d)\n"
+ name start_addr names_addr num_entries;
+ Some (start_addr, num_entries, names_addr)
+ in
+ loop2 start_addr
+ )
else
- addr
+ None (* forget it *)
+ in
+ match loop addr with
+ | None -> None
+ | Some (start_addr, num_entries, names_addr) ->
+ (* As an additional verification, check the list of
+ * kallsyms_names.
+ *)
+ try
+ (* If the first byte is '\000' and is followed by a
+ * C identifier, then this is old-school list of
+ * symbols with prefix compression as in 2.6.9.
+ * Otherwise Huffman-compressed kallsyms as in
+ * 2.6.25.
+ *)
+ if MMap.get_byte mem names_addr = 0 &&
+ MMap.is_C_identifier mem (names_addr+^1L) then (
+ let names = ref [] in
+ let prev = ref "" in
+ let rec loop names_addr start_addr num =
+ if num > 0 then (
+ let prefix = MMap.get_byte mem names_addr in
+ let prefix = String.sub !prev 0 prefix in
+ let name = MMap.get_string mem (names_addr+^1L) in
+ let len = String.length name in
+ let name = prefix ^ name in
+ prev := name;
+ let names_addr = names_addr +^ Int64.of_int len +^ 2L in
+ let sym_value = MMap.follow_pointer mem start_addr in
+ let start_addr = MMap.succ_long mem start_addr in
+ (*printf "%S -> %Lx\n" name sym_value;*)
+ names := (name, sym_value) :: !names;
+ loop names_addr start_addr (num-1)
+ )
+ in
+ loop names_addr start_addr num_entries;
+ let names = List.rev !names in
+
+ Some (start_addr, num_entries, names_addr,
+ Uncompressed names)
+ )
+ else ( (* new-style "compressed" names. *)
+ let compressed_names = ref [] in
+ let rec loop names_addr start_addr num =
+ if num > 0 then (
+ let len = MMap.get_byte mem names_addr in
+ let name = MMap.get_bytes mem (names_addr+^1L) len in
+ let names_addr = names_addr +^ Int64.of_int len +^ 1L in
+ let sym_value = MMap.follow_pointer mem start_addr in
+ let start_addr = MMap.succ_long mem start_addr in
+ compressed_names :=
+ (name, sym_value) :: !compressed_names;
+ loop names_addr start_addr (num-1)
+ ) else
+ names_addr
+ in
+ let markers_addr = loop names_addr start_addr num_entries in
+ let markers_addr = MMap.align mem markers_addr in
+ let compressed_names = List.rev !compressed_names in
+
+ Some (start_addr, num_entries, names_addr,
+ Compressed (compressed_names, markers_addr))
+ )
+ with
+ Invalid_argument _ -> None (* bad names list *)
+ ) ksym_addrs in
+
+ if verbose then (
+ printf "%s: candidate kallsyms at:\n" name;
+ List.iter (
+ function
+ | (start_addr, num_entries, names_addr, Uncompressed _) ->
+ printf "\t%Lx %d entries names_addr=%Lx old-style\n%!"
+ start_addr num_entries names_addr
+ | (start_addr, num_entries, names_addr,
+ Compressed (_, markers_addr)) ->
+ printf "\t%Lx %d entries names_addr=%Lx markers_addr=%Lx\n%!"
+ start_addr num_entries names_addr markers_addr
+ ) kallsymtabs
+ );
+
+ (* Vote for the most popular symbol table candidate and
+ * enhance the function for looking up ksyms.
+ *)
+ let lookup_ksym =
+ let freqs = frequency kallsymtabs in
+ match freqs with
+ | [] ->
+ (* Can't find any kallsymtabs, just return the lookup_ksym
+ * function generated previously from the exported symbols.
+ *)
+ lookup_ksym
+
+ | (_, (_, _, _, Uncompressed names)) :: _ ->
+ let lookup_ksym name =
+ try (* first look it up in kallsyms table. *)
+ List.assoc name names
+ with Not_found -> (* try the old exports table instead *)
+ lookup_ksym name
+ in
+ lookup_ksym
+
+ | (_, (start_addr, num_entries, names_addr,
+ Compressed (compressed_names, markers_addr))) :: _ ->
+ (* Skip the markers and look for the token table. *)
+ let num_markers = Int64.of_int ((num_entries + 255) / 256) in
+ let marker_size =
+ Int64.of_int (bytes_of_wordsize (MMap.get_wordsize mem)) in
+ let tokens_addr = markers_addr +^ marker_size *^ num_markers in
+
+ (* Now read out the compression tokens, which are just
+ * 256 ASCIIZ strings that map bytes in the compression
+ * names to substrings.
+ *)
+ let tokens = Array.make 256 "" in
+ let rec loop i addr =
+ if i < 256 then (
+ let str = MMap.get_string mem addr in
+ let len = String.length str in
+ let addr = addr +^ Int64.of_int (len+1) in
+ tokens.(i) <- str;
+ loop (i+1) addr
+ )
in
- let end_addr = loop base_addr in
- base_addr, end_addr -^ base_addr
- ) base_addrs in
-
- base_addrs_sizes
- ) ksym_strings in
- let ksymtabs = List.concat ksymtabs in
-
- (* Simply ignore any symbol table candidates which are too small. *)
- let ksymtabs = List.filter (fun (_, size) -> size > 64L) ksymtabs in
-
- if verbose then (
- printf "name %s:\n" name;
- List.iter (
- fun (addr, size) ->
- printf "\t%Lx\t%Lx\t%!" addr size;
- printf "first symbol: %s\n%!"
- (MMap.get_string mem
- (MMap.follow_pointer mem
- (MMap.succ_long mem addr)))
- ) ksymtabs
- );
-
- (* Vote for the most popular symbol table candidate. *)
- let freqs = frequency ksymtabs in
- match freqs with
- | [] ->
- eprintf "%s: cannot find start of kernel symbol table\n" name
- | (_, (ksymtab_addr, ksymtab_size)) :: _ ->
+ loop 0 tokens_addr;
+
+ (* Expand the compressed names using the tokens. *)
+ let names = List.filter_map (
+ fun (name, sym_value) ->
+ let f c = tokens.(Char.code c) in
+ let name = String.replace_chars f name in
+ (* First character in uncompressed output is the symbol
+ * type, eg. 'T'/'t' for text etc.
+ *)
+ (* NOTE: Symbol names are NOT unique
+ * (eg. 'con_start' is both a function and data in
+ * some kernels). XXX We need to handle this situation
+ * better.
+ *)
+ (*let typ = name.[0] in*)
+ let name = String.sub name 1 (String.length name - 1) in
+ (*printf "%S -> %Lx\n" name sym_value;*)
+ Some (name, sym_value)
+ ) compressed_names in
+
+ let lookup_ksym name =
+ try (* first look it up in kallsyms table. *)
+ List.assoc name names
+ with Not_found -> (* try the old exports table instead *)
+ lookup_ksym name
+ in
+
+ lookup_ksym in
+
+ (* Just wrap the lookup_ksym call in something which prints
+ * the query when verbose is set.
+ *)
+ let lookup_ksym =
if verbose then
- printf "%s: Kernel symbol table found at %Lx, size %Lx bytes\n%!"
- name ksymtab_addr ksymtab_size;
-
- (* Load the whole symbol table as a bitstring. *)
- let ksymtab =
- Bitmatch.bitstring_of_string
- (MMap.get_bytes mem ksymtab_addr (Int64.to_int ksymtab_size)) in
-
- (* Function to look up an address in the symbol table. *)
- let lookup_ksym sym =
- let bits = bits_of_wordsize (MMap.get_wordsize mem) in
- let e = MMap.get_endian mem in
- let rec loop bs =
- bitmatch bs with
- | { value : bits : endian(e);
- name_ptr : bits : endian(e) }
- when MMap.get_string mem name_ptr = sym ->
- value
- | { _ : bits : endian(e);
- _ : bits : endian(e);
- bs : -1 : bitstring } ->
- loop bs
- | { _ } -> raise Not_found
+ let lookup_ksym sym =
+ try
+ let value = lookup_ksym sym in
+ printf "lookup_ksym %S = %Lx\n%!" sym value;
+ value
+ with Not_found ->
+ printf "lookup_ksym %S failed\n%!" sym;
+ raise Not_found
in
- loop ksymtab
- in
-
- if verbose then (
- (* This just tests looking up kernel symbols. *)
- printf "init_task = %Lx\n" (lookup_ksym "init_task");
- printf "schedule = %Lx\n" (lookup_ksym "schedule");
- printf "system_utsname = %s\n"
- (try
- let addr = lookup_ksym "system_utsname" in
- sprintf "%Lx" addr
- with Not_found -> "not found");
- printf "init_uts_ns = %s\n"
- (try
- let addr = lookup_ksym "init_uts_ns" in
- sprintf "%Lx" addr
- with Not_found -> "not found");
- );
-
-
-
-
- ) images
+ lookup_ksym
+ else
+ lookup_ksym
+ in
+
+ ((name, arch, mem, lookup_ksym) : image)
+ ) images in
+
+ verbose, images
git.annexia.org / virt-mem.git / blobdiff