+ (* Do the kernel symbol analysis. *)
+ let kimage =
+ if not needs_ksyms then kimage
+ else (
+ (* Look for ordinary kernel symbols: *)
+ let kimage = Virt_mem_ksyms.find_kernel_symbols debug kimage in
+
+ if kimage.have_ksyms then
+ (* Look for kallsyms: *)
+ Virt_mem_kallsyms.find_kallsyms debug kimage
+ else kimage
+ ) in
+
+ (* Get the kernel version (utsname analysis). *)
+ let kimage =
+ if not needs_utsname then kimage
+ else (
+ if kimage.have_ksyms then
+ Virt_mem_utsname.find_utsname debug kimage
+ else
+ kimage
+ ) in
+
+ (* Get the tasks. *)
+ let kimage =
+ if not needs_tasks then kimage
+ else (
+ let { ksyms = ksyms; have_ksyms = have_ksyms; utsname = utsname;
+ addrmap = addrmap } = kimage in
+ match have_ksyms, utsname with
+ | true, Some { uts_kernel_release = kernel_version } ->
+ let kimage = ref kimage in
+ let load struct_name addr size =
+ if debug then
+ eprintf "load for task, %s: %Lx %d ...\n"
+ struct_name addr size;
+ let mapped =
+ Virt_mem_mmap.is_mapped_range !kimage.mem addr size in
+ if not mapped then kimage := load_memory !kimage addr size;
+ let bits = Virt_mem_mmap.get_bytes !kimage.mem addr size in
+ Bitstring.bitstring_of_string bits
+ in
+ let addrmap =
+ try
+ let init_task = Ksymmap.find "init_task" ksyms in
+ Some (Kernel.task_struct_follower debug kernel_version
+ load addrmap init_task)
+ with
+ Not_found ->
+ eprintf (f_"%s: cannot find init_task symbol in kernel image.\n") !kimage.domname;
+ None in
+ (match addrmap with
+ | None -> !kimage
+ | Some addrmap ->
+ { !kimage with addrmap = addrmap; have_tasks = true }
+ )
+ | _, _ -> kimage
+ ) in
+
+ (* Get the net devices. *)
+ let kimage =
+ if not needs_net_devices then kimage
+ else (
+ let { ksyms = ksyms; have_ksyms = have_ksyms; utsname = utsname;
+ addrmap = addrmap } = kimage in
+ match have_ksyms, utsname with
+ | true, Some { uts_kernel_release = kernel_version } ->
+ let kimage = ref kimage in
+ let load struct_name addr size =
+ if debug then
+ eprintf "load for net dev, %s: %Lx %d ...\n"
+ struct_name addr size;
+ let mapped =
+ Virt_mem_mmap.is_mapped_range !kimage.mem addr size in
+ if not mapped then kimage := load_memory !kimage addr size;
+ let bits = Virt_mem_mmap.get_bytes !kimage.mem addr size in
+ Bitstring.bitstring_of_string bits
+ in
+ let addrmap =
+ try
+ let dev_base = Ksymmap.find "dev_base" ksyms in
+ Some (Kernel.net_device_follower debug kernel_version
+ load addrmap dev_base)
+ with Not_found ->
+ try
+ let dev_base_head = Ksymmap.find "dev_base_head" ksyms in
+ (* XXX adjust to get offset of start of net_device *)
+ assert false
+ with Not_found ->
+ try
+ let init_net = Ksymmap.find "init_net" ksyms in
+ Some (Kernel.net_follower debug kernel_version
+ load addrmap init_net)
+ with Not_found ->
+ eprintf (f_"%s: cannot find dev_base, dev_base_head or init_net symbols in kernel image.\n") !kimage.domname;
+ None in
+ (match addrmap with
+ | None -> !kimage
+ | Some addrmap ->
+ { !kimage with addrmap = addrmap; have_net_devices = true }
+ )
+ | _, _ -> kimage
+ ) in
+
+ (* Run the tool's main function. *)