this is for holding javascript data
Igor.Korkin deleted file 3.2.2. Memory Dump Approach2.tex
over 9 years ago
Commit id: f621f631c2bb2626284c60f22765d9f5ff5eee39
deletions | additions
diff --git a/3.2.2. Memory Dump Approach2.tex b/3.2.2. Memory Dump Approach2.tex
deleted file mode 100644
index 08cfaa4..0000000
--- a/3.2.2. Memory Dump Approach2.tex
+++ /dev/null
...
The disadvantage of this method lies in ignoring physical memory ranges of all PCI devices to avoid crashes, no matter whether DMA is supported and used by this device or not. However it is possible to manually set the physical memory ranges that should be ignored. This disadvantage does not diminish the importance of MASHKA, because the essential structures such as EPROCESS and DRIVER_OBJECT cannot be located in the memory of these devices.
