search

Yamato-Security / hayabusa

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
GNU Affero General Public License v3.0
2.26k stars 200 forks source link

aarch64 musl binary can't run #1332

Open YamatoSecurity opened 5 months ago

YamatoSecurity commented 5 months ago

I can compile an aarch64 musl binary in a arm based Kali VM on a M1 Mac but it gets killed by the shell when I try to run it: zsh: killed ./target/aarch64-unknown-linux-musl/release/hayabusa

Here is how I am compiling

rustup install stable-aarch64-unknown-linux-musl
rustup target add aarch64-unknown-linux-musl
export CARGO_TARGET_AARCH64_UNKNOWN_LINUX_MUSL_LINKER=aarch64-linux-gnu-gcc
export CC=aarch64-linux-gnu-cc
cargo build --release --target=aarch64-unknown-linux-musl
./target/aarch64-unknown-linux-musl/release/hayabusa
YamatoSecurity commented 5 months ago

I don't think there is anything we can do about this until it gets fixed at the compiler level. Checking things with strace, Haybusa just tries to allocate infinite memory on launch and gets killed trying to use 100% of free memory. Even when doing something as simple as displaying the help menu.