Implement Linux OS layer

[afeuerstein]

As far as I understand, a OS layer for Linux (apart from native) does not exist. Having an OS layer is beneficial if, for example, when a VM guest is running on Linux.

[h33p]

Hi, thanks for the request! It is an open research problem to autodetect kernel structure offsets, and it is crucial for one-shot Linux system analysis. It has been on our roadmap for years, and it should ideally be tackled over the next 1-2 years.

I suppose in the meantime, it might be worth to expose a Linux OS layer with hardcoded offsets. It would not be pretty from user perspective, but it would also not deviate much from existing practices. What do you think @ko1N?

[ko1N]

Hi, thanks for the request! It is an open research problem to autodetect kernel structure offsets, and it is crucial for one-shot Linux system analysis. It has been on our roadmap for years, and it should ideally be tackled over the next 1-2 years.

I suppose in the meantime, it might be worth to expose a Linux OS layer with hardcoded offsets. It would not be pretty from user perspective, but it would also not deviate much from existing practices. What do you think @ko1N?

Could we use a similiar solution as in memflow-win32 where we parse offsets from a binary and use those? We could force the user supply those beforehand even.