search

504ensicsLabs / LiME

LiME (formerly DMD) is a Loadable Kernel Module (LKM), which allows the acquisition of volatile memory from Linux and Linux-based devices, such as those powered by Android. The tool supports acquiring memory either to the file system of the device or over the network. LiME is unique in that it is the first tool that allows full memory captures from Android devices. It also minimizes its interaction between user and kernel space processes during acquisition, which allows it to produce memory captures that are more forensically sound than those of other tools designed for Linux memory acquisition.
GNU General Public License v2.0
1.72k stars 339 forks source link

Fails to build for Linux 4.0 #6

Closed eribertomota closed 9 years ago

eribertomota commented 9 years ago

Please, see more details here[1]. I confirmed this issue in some tests.

[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=788273

Thanks in advance.

Regards,

Eriberto

jtsylve commented 9 years ago

Should be fixed now in tag v1.5

eribertomota commented 9 years ago

Thanks a lot Joe.

I already packaged the new version and it worked fine.

To help you to improve the source code, I got these warnings when building:

root@astron:/usr/src/lime-forensics-1.5-1# make make -C /lib/modules/4.0.0-2-amd64/build M=/usr/src/lime-forensics-1.5-1 modules make[1]: Entering directory '/usr/src/linux-headers-4.0.0-2-amd64' Makefile:10: ** mixed implicit and normal rules: deprecated syntax CC [M] /usr/src/lime-forensics-1.5-1/tcp.o /usr/src/lime-forensics-1.5-1/tcp.c: In function ‘write_vaddr_tcp’: /usr/src/lime-forensics-1.5-1/tcp.c:145:27: warning: passing argument 2 of ‘sock_sendmsg’ from incompatible pointer type s = sock_sendmsg(accept, &msg, is); ^ In file included from /usr/src/linux-headers-4.0.0-2-common/include/linux/skbuff.h:29:0, from /usr/src/linux-headers-4.0.0-2-common/include/linux/if_ether.h:23, from /usr/src/linux-headers-4.0.0-2-common/include/uapi/linux/ethtool.h:17, from /usr/src/linux-headers-4.0.0-2-common/include/linux/ethtool.h:16, from /usr/src/linux-headers-4.0.0-2-common/include/linux/netdevice.h:43, from /usr/src/linux-headers-4.0.0-2-common/include/net/sock.h:51, from /usr/src/lime-forensics-1.5-1/tcp.c:32: /usr/src/linux-headers-4.0.0-2-common/include/linux/net.h:216:5: note: expected ‘struct msghdr ’ but argument is of type ‘struct user_msghdr ’ int sock_sendmsg(struct socket sock, struct msghdr *msg, size_t len); ^ CC [M] /usr/src/lime-forensics-1.5-1/disk.o CC [M] /usr/src/lime-forensics-1.5-1/main.o LD [M] /usr/src/lime-forensics-1.5-1/lime.o Building modules, stage 2. MODPOST 1 modules CC /usr/src/lime-forensics-1.5-1/lime.mod.o LD [M] /usr/src/lime-forensics-1.5-1/lime.ko make[1]: Leaving directory '/usr/src/linux-headers-4.0.0-2-amd64' strip --strip-unneeded lime.ko mv lime.ko lime-4.0.0-2-amd64.ko

Have a nice day!

Regards,

Eriberto

2015-06-22 0:38 GMT-03:00 Joe Sylve notifications@github.com:

Should be fixed now in tag v1.5

— Reply to this email directly or view it on GitHub https://github.com/504ensicsLabs/LiME/issues/6#issuecomment-113994420.