| Trees | Indices | Help |
|
|---|
|
|
1 # Rekall Memory Forensics
2 #
3 # Copyright Digital Forensics Solutions.
4 # Copyright 2013 Google Inc. All Rights Reserved.
5 #
6 # This program is free software; you can redistribute it and/or modify
7 # it under the terms of the GNU General Public License as published by
8 # the Free Software Foundation; either version 2 of the License, or (at
9 # your option) any later version.
10 #
11 # This program is distributed in the hope that it will be useful, but
12 # WITHOUT ANY WARRANTY; without even the implied warranty of
13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 # General Public License for more details.
15 #
16 # You should have received a copy of the GNU General Public License
17 # along with this program; if not, write to the Free Software
18 # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
19
20 __author__ = ("Andrew Case <atcuno@gmail.com>",
21 "Michael Cohen <scudette@google.com>")
22
23
24 from rekall.plugins.linux import common
25
26
28 '''mimics /proc/iomem.'''
29
30 __name = "iomem"
31
32 table_header = [
33 dict(name="resource", style="address"),
34 dict(name="start", style="address"),
35 dict(name="end", style="address"),
36 dict(name="name", type="TreeNode"),
37 ]
38
40 # Resources are organized in a tree structure.
41 resource_tree_root = self.profile.get_constant_object(
42 "iomem_resource", target="resource")
43
44 seen = set()
45
46 return self._GetResources(resource_tree_root, seen)
47
49 """Traverse the resource tree depth first."""
50 if not node or node in seen:
51 return
52
53 seen.add(node)
54
55 yield node, depth
56
57 if node.child:
58 for x in self._GetResources(node.child.deref(), seen, depth+1):
59 yield x
60
61 for sibling in node.walk_list("sibling"):
62 for x in self._GetResources(sibling, seen, depth):
63 yield x
64
65
74
| Trees | Indices | Help |
|
|---|
| Generated by Epydoc 3.0.1 on Mon Oct 9 03:29:47 2017 | http://epydoc.sourceforge.net |