FS_Process_Status
The directory .status exists as a sub-directory in each process directory.
The file contains Memory Process File System status and configuration settings related to each process. The settings are exposed as files - please find them listed below:
- cache_file_enable: in-memory caching of memory pages when reading/writing memory in this process - always user writable!
NB! the cache_file_enable file will allow a user to disable read caching of memory on a per-process basis. This is only a meaningful setting if memory may change - such as when analyzing live memory with a write-capable memory acquisition device. This is not a meaningful setting (even though it works) if never changing read-only memory devices, such as memory dump files, are analyzed.
The example below shows reading and writing to the cache_file_enable in the .status process directory.
The .status sub-directory is implemented as a built-in native C-code plugin. The plugin source is located in the file m_status.c in the vmm project. In addition of being responsible for the per-process status and configuration settings it's responsible for global status and configuration.