-
Notifications
You must be signed in to change notification settings - Fork 29
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Adding support for "Live Kernel Memory" dump type (0x6) #30
Conversation
Hell yeah! I am guessing at least some of the tests are failing because the new dump isn't part of the testdatas? Send it my way and I'll add it up 🙏🏽 Thanks again man! |
All right, I added the file to the testdatas, re-running the tests to see what is left to address.. |
Okay, most parsers get built properly now - just OSX to figure out. Not sure what's going on with the binding targets yet though 🤔 |
Lol, while compiling with latest compiler 😅
|
All right, making progress - we just need to figure out what's the deal with OSX and how do we work around the MSVC bug on Windows 😅 |
Okay so the |
Okay - have a look whenever you have some time @hugsy and let me know what you think. The OSX part is annoying as I don't know how easy it'd be to port / have all the bindings etc work properly on ARM64 🤷🏽♂️ For Windows, maybe you have a better idea; I can also file a bug to make sure to update the CI back to Cheers |
Regarding
I've also pinned the rest of runner images so that everything should keep working for future updates and we can introduce newer runner as they become more stable. |
Okay I think we're good to go, merging - thank you again @hugsy! |
All right - this took a while but I finally fixed the way I was generating wheels for Linux so that it doesn't break anymore. What happens for the 0.7.3 release is that we were generating them 'manually' and it turns out their names has meaning to pypi. I tried to upload them and the Linux ones were rejected. I decided to rename the package to make it happy and they did get uploaded, but the package were actually broken. Once downloaded a checksum wouldn't match and installation would fail. Note that this whole thing only affected Linux packages (as far as I know; at least Windows ones were fine). To fix this, you are apparently to build wheels using the
Sorry for the lag on this, and thank you again! |
Description
This PR adds support for "Live Kernel Memory" dump type (0x6), including Python API, and tests.
As indicated here such dump can be generated as such:
But is actually processed the same way as regular bmp dump:
As a result, this PR only implements the type itself, and binds it to the "normal" BMP routine (i.e.
BuildPhysmemBMPDump
).Fixes #26