search

tking2 / volatility

Automatically exported from code.google.com/p/volatility
GNU General Public License v2.0
0 stars 1 forks source link

Module.c - Problem generating dwarf #351

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
Hey Guys,

I found a problem with module.c when I create a profile:

make -C //lib/modules/2.6.38-8-generic/build CONFIG_DEBUG_INFO=y 
M=/media/LIME/Lime/Ubuntu-11.04-64-bit/profiles modules
make[1]: Entering directory `/usr/src/linux-headers-2.6.38-8-generic'
  CC [M]  /media/LIME/Lime/Ubuntu-11.04-64-bit/profiles/module.o
/media/LIME/Lime/Ubuntu-11.04-64-bit/profiles/module.c:70:33: fatal error: 
linux/net_namespace.h: No such file or directory
compilation terminated.
make[2]: *** [/media/LIME/Lime/Ubuntu-11.04-64-bit/profiles/module.o] Error 1
make[1]: *** [_module_/media/LIME/Lime/Ubuntu-11.04-64-bit/profiles] Error 2
make[1]: Leaving directory `/usr/src/linux-headers-2.6.38-8-generic'
make: *** [dwarf] Error 2

Problem seems to be related to library net_namespace.h

#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,24)
#include <linux/net_namespace.h>
#endif

http://code.google.com/p/volatility/source/browse/trunk/tools/linux/module.c#70

I'm able to compile a profile under Fedora 15 and Ubuntu 11 if I change that 
library to 

#include <net/net_namespace.h>

Sebastien

Original issue reported on code.google.com by sebastie...@gmail.com on 10 Oct 2012 at 8:58

GoogleCodeExporter commented 9 years ago 
Thanks for reporting Sebastien. Just CC'ing andrew...

Original comment by michael.hale@gmail.com on 10 Oct 2012 at 11:09

GoogleCodeExporter commented 9 years ago 
Had the same issue on Debian Squeeze (6.0.6).

dimitris@BlackBox:~$ uname -a
Linux BlackBox 2.6.32-5-amd64 #1 SMP Sun Sep 23 10:07:46 UTC 2012 x86_64 
GNU/Linux

The workaround that I used was to hardcode the location of net_namespace.h on 
my system, in module.c:70:

...
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,24)
/*#include <linux/net_namespace.h>*/
#include "/usr/src/linux-headers-2.6.32-5-common/include/net/net_namespace.h"
#endif
...

Regards,
Dimitris

Original comment by dkaragasidis on 11 Oct 2012 at 9:46

GoogleCodeExporter commented 9 years ago

Original comment by michael.hale@gmail.com on 11 Oct 2012 at 10:11

GoogleCodeExporter commented 9 years ago 
Fixed in http://code.google.com/p/volatility/source/detail?r=2707

Original comment by atc...@gmail.com on 15 Oct 2012 at 5:06

GoogleCodeExporter commented 9 years ago 
Thanks Andrew!

Original comment by sebastie...@gmail.com on 15 Oct 2012 at 5:22

GoogleCodeExporter commented 9 years ago 
Someone should make a note in the wiki install guide about the compile error 
for module.dwarf and put a link  to the fix here --> 
http://code.google.com/p/volatility/wiki/LinuxMemoryForensics#Creating_vtypes

Original comment by peekn...@gmail.com on 25 Jan 2013 at 1:36

GoogleCodeExporter commented 9 years ago 
Here's the fix for Linux 3.7.0

tools/linux/module.c
70c70
< #include "/usr/src/linux-headers-3.7.0-7-generic/include/net/net_namespace.h"
---
> #include <linux/net_namespace.h>

tools/linux/pmem.c
233c233,234
<   vma->vm_flags |= VM_RESERVED | VM_CAN_NONLINEAR;
---
>   /*vma->vm_flags |= VM_RESERVED | VM_CAN_NONLINEAR; */
>   vma->vm_flags |= (VM_IO | VM_LOCKED | (VM_DONTEXPAND | VM_DONTDUMP));

Original comment by anthony.eufemio on 22 May 2013 at 6:48