diff --git a/.gitignore b/.gitignore index aa9e30e95..a549d2726 100644 --- a/.gitignore +++ b/.gitignore @@ -7,11 +7,13 @@ compile config.guess config.h config.h.in +config.h.in~ config.log config.status config.sub configure depcomp +doc/html/ examples/.deps/ examples/.libs/ examples/Makefile @@ -26,8 +28,12 @@ examples/map-symbol examples/map-symbol.o examples/module-list examples/module-list.o +examples/msr-event-example +examples/msr-event-example.o examples/process-list examples/process-list.o +examples/singlestep-event-example +examples/singlestep-event-example.o examples/win-guid examples/win-guid.o install-sh diff --git a/NEWS b/NEWS index 704770ae3..66e7ada09 100644 --- a/NEWS +++ b/NEWS @@ -25,8 +25,8 @@ Release 0.10 from working. Xen 4.2.1+, and Xen 4.1.2 do not suffer from this issue. Exposing peparse.h as part of LibVMI to aid in Windows PE validation, - gaining access to the PE headers and the Image Data Directories entries - (the export table is natively supported) + gaining access to the PE headers and the Image Data Directories + entries (the export table is natively supported) Page mode can now be accessed in partial init Windows version can be determined in partial init provided a physical address is given to the kernel diff --git a/README.rst b/README.rst index 0a1a4fc2a..7a9951e53 100644 --- a/README.rst +++ b/README.rst @@ -6,6 +6,11 @@ for accessing this memory using physical or virtual addresses and kernel symbols. LibVMI also supports accessing memory from a physical memory snapshot, which is helpful for debugging or forensic analysis. +In addition to memory access, LibVMI supports memory events. Events provide +notifications when registered regions of memory are executed, written to, or +read. Memory events require hypervisor support and are currently only +available with Xen. + LibVMI is designed to run on Linux (file, Xen, or KVM access) or Mac OS X (file access only). The most used platform is Linux + Xen, but the others are well tested and worth exploring as well. LibVMI can provide access diff --git a/configure.ac b/configure.ac index 6b6145fa8..3e10a6eb7 100644 --- a/configure.ac +++ b/configure.ac @@ -2,7 +2,7 @@ dnl -------------------------------- dnl Initialization macros. dnl -------------------------------- -AC_INIT([libvmi], [0.9.0]) +AC_INIT([libvmi], [0.10.0]) AM_INIT_AUTOMAKE([subdir-objects]) AC_CONFIG_SRCDIR(libvmi/core.c) diff --git a/doc/doxyfile b/doc/doxyfile index 7145bacfd..d3cd468c2 100644 --- a/doc/doxyfile +++ b/doc/doxyfile @@ -31,7 +31,7 @@ PROJECT_NAME = LibVMI # This could be handy for archiving the generated documentation or # if some version control system is used. -PROJECT_NUMBER = "Version 0.9_alpha" +PROJECT_NUMBER = "Version 0.10". # The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute) # base path where the generated documentation will be put. diff --git a/libvmi/core.c b/libvmi/core.c index cf10bbacd..e74273064 100644 --- a/libvmi/core.c +++ b/libvmi/core.c @@ -634,7 +634,7 @@ vmi_init_private( memset(*vmi, 0, sizeof(struct vmi_instance)); /* initialize instance struct to default values */ - dbprint("LibVMI Version 0.9_alpha\n"); //TODO change this with each release + dbprint("LibVMI Version 0.10\n"); //TODO change this with each release /* save the flags and init mode */ (*vmi)->flags = flags;