omstation
commented
7 years ago Also it is constant, always at 2304 56%, multiple restarts tested.
Closed omstation closed 6 years ago
omstation
commented
7 years ago Also it is constant, always at 2304 56%, multiple restarts tested.
ufrisk
commented
7 years ago That is normal and expected behavior. The PCI-Express memory space for memory mapped devices are usually mapped into physical address space around 2-3GB up to 4GB. This "space" consists of PCIe devices and empty space containing no mapped memory. It's like that on all x86/x64 computers.
Please insert a kernel module to access all memory.
kylefix
commented
6 years ago @omstation are you doing this for the iPhone NAND by any chance?
ufrisk
commented
6 years ago closed due to old age
`C:\Users\fff\Desktop\pcileech-master\pcileech_files>pcileech dump
Current Action: Dumping Memory Access Mode: DMA (hardware only) Progress: 2304 / 4096 (56%) Speed: 209 MB/s Address: 0x000000009F000000 Pages read: 585632 / 1048576 (55%) Pages failed: 4192 (0%) Memory Dump: Failed. Cannot dump any sequential data in 16MB - terminating.
C:\Users\fff\Desktop\pcileech-master\pcileech_files>pcileech dump
Current Action: Dumping Memory Access Mode: DMA (hardware only) Progress: 16 / 4096 (0%) Speed: 16 MB/s Address: 0x0000000010000000 Pages read: 0 / 1048576 (0%) Pages failed: 4096 (0%) Memory Dump: Failed. Cannot dump any sequential data in 16MB - terminating.
C:\Users\fff\Desktop\pcileech-master\pcileech_files>`
As you can see it cuts out around 2 gigs with the failure message, the raw files do have good memory though.
Anything through pcileech fails after that error appears until I restart my computer.
Target and victim are same pc running Microsoft Windows [Version 10.0.15063]
Using usb 3380 pcie card. Flashing succeeded clearly because it can read memory.