-
-
Notifications
You must be signed in to change notification settings - Fork 393
Dev_Rust
Developing MemProcFS plugins in Rust will give you the performance of native code while avoiding common programming pitfalls such as race conditions and memory issues.
A Rust plugin is a Rust library with the crate type cdylib
. The library should export/expose the native C-function InitializeVmmPlugin
which MemProcFS will call to register the plugin. The resulting plugin .dll/.so file should be named m_.dll or m_.so and be placed in the MemProcFS plugins sub-directory.
For more information check out the example plugin and especially its Cargo.toml file and the plugin example library source code.
Also check out the MemProcFS API documentation at docs.rs.
A small example of the InitializeVmmPlugin
plugin entry point is found below. Check out the example project for a more complete documentation.
use memprocfs::*;
#[no_mangle]
pub extern "C" fn InitializeVmmPlugin(native_h : usize, native_reginfo : usize) {
let (system_info, mut plugin_init_ctx) =
match new_plugin_initialization::<PluginContext>(native_h, native_reginfo) {
Ok(r) => r,
Err(_) => return,
};
let ctx = PluginContext {
// ...
};
plugin_init_ctx.ctx = Some(ctx);
plugin_init_ctx.is_root_module = true;
plugin_init_ctx.is_process_module = true;
plugin_init_ctx.path_name = String::from("/rust/example");
plugin_init_ctx.fn_list = Some(plugin_list_cb);
plugin_init_ctx.fn_read = Some(plugin_read_cb);
plugin_init_ctx.fn_write = Some(plugin_write_cb);
let _r = plugin_init_ctx.register();
}
Sponsor PCILeech and MemProcFS:
PCILeech and MemProcFS is free and open source!
I put a lot of time and energy into PCILeech and MemProcFS and related research to make this happen. Some aspects of the projects relate to hardware and I put quite some money into my projects and related research. If you think PCILeech and/or MemProcFS are awesome tools and/or if you had a use for them it's now possible to contribute by becoming a sponsor!
If you like what I've created with PCIleech and MemProcFS with regards to DMA, Memory Analysis and Memory Forensics and would like to give something back to support future development please consider becoming a sponsor at: https://github.com/sponsors/ufrisk
Thank You 💖