search

shree007 / volatility

Automatically exported from code.google.com/p/volatility
GNU General Public License v2.0
0 stars 0 forks source link

Fix Linux kernel module compilation on kernel versions >= 3.7 #368

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago 
The Linux kernel module used to build profiles no longer compiles on Linux 
Kernel versions >= 3.7 due to removal of VM_RESERVED and VM_CAN_NONLINEAR.

Attaching a patch to fix the problem. I can successfully build and use profiles 
after this patch is applied.

Original issue reported on code.google.com by dhiru.kh...@gmail.com on 29 Dec 2012 at 11:00

Attachments:

GoogleCodeExporter commented 8 years ago 
Attaching a non-git patch as well.

Original comment by dhiru.kh...@gmail.com on 29 Dec 2012 at 11:04

Attachments:

GoogleCodeExporter commented 8 years ago

Original comment by mike.auty@gmail.com on 29 Dec 2012 at 5:38

GoogleCodeExporter commented 8 years ago

Original comment by michael.hale@gmail.com on 1 Feb 2013 at 5:09

GoogleCodeExporter commented 8 years ago 
similar error building a profile on centos 5.3 x86 with 2.6.18 kernel. 

we should take pmem out of the makefile since it doesn't need to be built 
during profile creation anyway. 

[root@localhost linux]# make
make -C //lib/modules/2.6.18-128.el5/build CONFIG_DEBUG_INFO=y 
M=/home/mhl/Desktop/volatility/tools/linux modules
make[1]: Entering directory `/usr/src/kernels/2.6.18-128.el5-x86_64'
  CC [M]  /home/mhl/Desktop/volatility/tools/linux/module.o
/home/mhl/Desktop/volatility/tools/linux/module.c:303:5: warning: "STATS" is 
not defined
/home/mhl/Desktop/volatility/tools/linux/module.c:319:5: warning: "DEBUG" is 
not defined
  CC [M]  /home/mhl/Desktop/volatility/tools/linux/pmem.o
/home/mhl/Desktop/volatility/tools/linux/pmem.c: In function 
‘is_page_valid’:
/home/mhl/Desktop/volatility/tools/linux/pmem.c:60: error: ‘iomem_resource’ 
undeclared (first use in this function)
/home/mhl/Desktop/volatility/tools/linux/pmem.c:60: error: (Each undeclared 
identifier is reported only once
/home/mhl/Desktop/volatility/tools/linux/pmem.c:60: error: for each function it 
appears in.)
/home/mhl/Desktop/volatility/tools/linux/pmem.c:67: error: dereferencing 
pointer to incomplete type
/home/mhl/Desktop/volatility/tools/linux/pmem.c:67: error: dereferencing 
pointer to incomplete type
/home/mhl/Desktop/volatility/tools/linux/pmem.c:68: error: dereferencing 
pointer to incomplete type
/home/mhl/Desktop/volatility/tools/linux/pmem.c:68: error: dereferencing 
pointer to incomplete type
/home/mhl/Desktop/volatility/tools/linux/pmem.c:69: error: dereferencing 
pointer to incomplete type
/home/mhl/Desktop/volatility/tools/linux/pmem.c: In function 
‘pmem_get_size’:
/home/mhl/Desktop/volatility/tools/linux/pmem.c:83: error: ‘iomem_resource’ 
undeclared (first use in this function)
/home/mhl/Desktop/volatility/tools/linux/pmem.c:85: error: dereferencing 
pointer to incomplete type
/home/mhl/Desktop/volatility/tools/linux/pmem.c:85: error: dereferencing 
pointer to incomplete type
/home/mhl/Desktop/volatility/tools/linux/pmem.c:86: error: dereferencing 
pointer to incomplete type
/home/mhl/Desktop/volatility/tools/linux/pmem.c:99: error: dereferencing 
pointer to incomplete type
/home/mhl/Desktop/volatility/tools/linux/pmem.c: At top level:
/home/mhl/Desktop/volatility/tools/linux/pmem.c:203: warning: ‘struct 
vm_fault’ declared inside parameter list
/home/mhl/Desktop/volatility/tools/linux/pmem.c:203: warning: its scope is only 
this definition or declaration, which is probably not what you want
/home/mhl/Desktop/volatility/tools/linux/pmem.c: In function 
‘pmem_vma_fault’:
/home/mhl/Desktop/volatility/tools/linux/pmem.c:205: error: dereferencing 
pointer to incomplete type
/home/mhl/Desktop/volatility/tools/linux/pmem.c:206: error: dereferencing 
pointer to incomplete type
/home/mhl/Desktop/volatility/tools/linux/pmem.c:218: error: dereferencing 
pointer to incomplete type
/home/mhl/Desktop/volatility/tools/linux/pmem.c: At top level:
/home/mhl/Desktop/volatility/tools/linux/pmem.c:223: error: unknown field 
‘fault’ specified in initializer
/home/mhl/Desktop/volatility/tools/linux/pmem.c:223: warning: initialization 
from incompatible pointer type
/home/mhl/Desktop/volatility/tools/linux/pmem.c: In function ‘pmem_mmap’:
/home/mhl/Desktop/volatility/tools/linux/pmem.c:233: error: 
‘VM_CAN_NONLINEAR’ undeclared (first use in this function)
make[2]: *** [/home/mhl/Desktop/volatility/tools/linux/pmem.o] Error 1
make[1]: *** [_module_/home/mhl/Desktop/volatility/tools/linux] Error 2
make[1]: Leaving directory `/usr/src/kernels/2.6.18-128.el5-x86_64'
make: *** [dwarf] Error 2

Original comment by michael.hale@gmail.com on 2 Feb 2013 at 11:36

GoogleCodeExporter commented 8 years ago 
This issue was closed by revision r3161.

Original comment by jamie.l...@gmail.com on 2 Mar 2013 at 2:15

GoogleCodeExporter commented 8 years ago 
I'm experiencing some similar errors with this configuration :

    - OS: Debian Jessie/testing
    - Kernel: 3.9.8-1 x86_64

My first problem was this :

volatility-2.2/tools/linux$ make
make -C //lib/modules/3.9-1-amd64/build CONFIG_DEBUG_INFO=y 
M=/media/WDCaviarRed/home2/grobs/Hack/root-me/Forensics/ch02-Command_and_Control
_2/volatility-2.2/tools/linux modules
make[1]: entrant dans le répertoire « /usr/src/linux-headers-3.9-1-amd64 »
  CC [M]  /media/WDCaviarRed/home2/grobs/Hack/root-me/Forensics/ch02-Command_and_Control_2/volatility-2.2/tools/linux/module.o
/media/WDCaviarRed/home2/grobs/Hack/root-me/Forensics/ch02-Command_and_Control_2
/volatility-2.2/tools/linux/module.c:70:33: fatal error: linux/net_namespace.h: 
Aucun fichier ou dossier de ce type
compilation terminated.
make[4]: *** 
[/media/WDCaviarRed/home2/grobs/Hack/root-me/Forensics/ch02-Command_and_Control_
2/volatility-2.2/tools/linux/module.o] Erreur 1
make[3]: *** 
[_module_/media/WDCaviarRed/home2/grobs/Hack/root-me/Forensics/ch02-Command_and_
Control_2/volatility-2.2/tools/linux] Erreur 2
make[2]: *** [sub-make] Erreur 2
make[1]: *** [all] Erreur 2
make[1]: quittant le répertoire « /usr/src/linux-headers-3.9-1-amd64 »
make: *** [dwarf] Erreur 2

Which I bypassed by doing this:
volatility-2.2/tools/linux$ mkdir linux 
volatility-2.2/tools/linux$ cp 
/usr/src/linux-headers-3.9-1-common/include/net/net_namespace.h linux/

and then here is the issue:

volatility-2.2/tools/linux$ make
make -C //lib/modules/3.9-1-amd64/build CONFIG_DEBUG_INFO=y 
M=/media/WDCaviarRed/home2/grobs/Hack/root-me/Forensics/ch02-Command_and_Control
_2/volatility-2.2/tools/linux modules
make[1]: entrant dans le répertoire « /usr/src/linux-headers-3.9-1-amd64 »
  CC [M]  /media/WDCaviarRed/home2/grobs/Hack/root-me/Forensics/ch02-Command_and_Control_2/volatility-2.2/tools/linux/module.o
  CC [M]  /media/WDCaviarRed/home2/grobs/Hack/root-me/Forensics/ch02-Command_and_Control_2/volatility-2.2/tools/linux/pmem.o
/media/WDCaviarRed/home2/grobs/Hack/root-me/Forensics/ch02-Command_and_Control_2
/volatility-2.2/tools/linux/pmem.c: In function ‘pmem_mmap’:
/media/WDCaviarRed/home2/grobs/Hack/root-me/Forensics/ch02-Command_and_Control_2
/volatility-2.2/tools/linux/pmem.c:233:20: error: ‘VM_RESERVED’ undeclared 
(first use in this function)
/media/WDCaviarRed/home2/grobs/Hack/root-me/Forensics/ch02-Command_and_Control_2
/volatility-2.2/tools/linux/pmem.c:233:20: note: each undeclared identifier is 
reported only once for each function it appears in
/media/WDCaviarRed/home2/grobs/Hack/root-me/Forensics/ch02-Command_and_Control_2
/volatility-2.2/tools/linux/pmem.c:233:34: error: ‘VM_CAN_NONLINEAR’ 
undeclared (first use in this function)
make[4]: *** 
[/media/WDCaviarRed/home2/grobs/Hack/root-me/Forensics/ch02-Command_and_Control_
2/volatility-2.2/tools/linux/pmem.o] Erreur 1
make[3]: *** 
[_module_/media/WDCaviarRed/home2/grobs/Hack/root-me/Forensics/ch02-Command_and_
Control_2/volatility-2.2/tools/linux] Erreur 2
make[2]: *** [sub-make] Erreur 2
make[1]: *** [all] Erreur 2
make[1]: quittant le répertoire « /usr/src/linux-headers-3.9-1-amd64 »
make: *** [dwarf] Erreur 2

Original comment by tom.lar...@gmail.com on 25 Jul 2013 at 2:41

GoogleCodeExporter commented 8 years ago 
Please update to svn trunk or at the very least check out tools/linux from svn 
and use that to create the profile. We fixed some issues in the 2.2 version

Original comment by atc...@gmail.com on 25 Jul 2013 at 4:08