Chipsec Linux kernel module
===========================

This module was originally built on/adapted from fmem 1.5.0 and LoLA (Low Level Access) (https://code.google.com/archive/p/lola-linux/)

To install CHIPSEC framework with the kernel module, please see "Linux Installation" section of chipsec-manual.pdf
When installed, CHIPSEC framework automatically loads and unloads kernel module. 

However, if you want to manually build/install the kernel module, please follow instructions below.

To build:
	make

To load kernel module:
	sudo insmod ./chipsec.ko

To remove kernel module:
	sudo rmmod chipsec

NOTE:
You may need run apt-get install python-dev for the Python.h header (needed for switching cpu affinity). 
If you already have this in a non-standard location (i.e. any other than /usr/include/python-2.7), you can manually edit the path in drivers/linux/Makefile

NOTE:
Building against recent Linux kernels generates the warning 

	WARNING: could not find [...]/chipsec/drivers/linux/amd64/.cpu.o.cmd for [...]/chipsec/drivers/linux/amd64/cpu.o

The cmd files are generated with the cmd_and_fixdep rule found in scripts/Kbuild.include, which are used (among other
places) in rule_cc_o_c and rule_as_o_S defined in scripts/Makefile.build (both files are in the kernel source tree).  
Removing the warning could be done by converting cpu.asm to cpu.S (i.e. nasm to as), or by adding a rule_nasm_o_asm 
to the Kbuild project.  The latter might require a new rule in our Makefile:

	NASM ?= `which nasm`
	NASMFLAGS = -f $(elf-size)

	%.o : %.asm
        	$(NASM) $(NASMFLAGS) $< -o $@

but for now it's probably best to just ignore the warning (it's harmless).  See 
	https://www.kernel.org/doc/ols/2003/ols2003-pages-185-200.pdf for an introduction to Kbuild 
	https://www.kernel.org/doc/Documentation/kbuild/modules.txt
for more detail.

-------------


fmem 1.5.0

This module creates /dev/fmem device,
that can be used for dumping physical memory,
without limits of /dev/mem (1MB/1GB, depending on distribution)
  
Tested on i386 and x64, feel free to test it on 
different architectures. (and send report please)
 
Cloned from linux/drivers/char/mem.c 
(so GPL license apply)

Original name of this tool was fdump, 
which was conflict with already existing tool,
so name was changed to fmem  

Bug reports and patches welcome.

2009,2010 niekt0@hysteria.sk

-----
Usage:

$ make

# ./run.sh

# dd if=/dev/fmem of=... bs=1MB count=... 

-----
BUGS: if you do something like # dd if=/dev/fmem of=dump 
      dd will never stop, even if there is no more physical RAM
      on the system. This is more a feature, because Linux kernel
      don't have stable API, and detection of mapped areas can be 
      tricky on older kernels. Because primary usage for fmem is 
      memory forensic, I think it is safer to specify 
      amount of RAM by hand.
-----
