doxygen/html/agent_8c_source.html

 /*
  * Copyright (c) 2020 Bitdefender
  * SPDX-License-Identifier: Apache-2.0
  */
 #include "agent.h"
 #include "winagent.h"
 #include "lixagent.h"
 #include "guests.h"


 INTSTATUS
 IntAgentHandleInt3(
     _In_ QWORD Rip,
     _In_ DWORD CpuNumber
     )
 {
     if (gGuest.OSType == introGuestWindows)
     {
         return IntWinAgentHandleInt3(Rip, CpuNumber);
     }
     else if (gGuest.OSType == introGuestLinux)
     {
         return IntLixAgentHandleInt3(Rip);
     }
     else
     {
         return INT_STATUS_NOT_SUPPORTED;
     }
 }


 INTSTATUS
 IntAgentHandleVmcall(
     _In_ QWORD Rip
     )
 {
     if (gGuest.OSType == introGuestLinux)
     {
         return IntLixAgentHandleVmcall(Rip);
     }
     else if (gGuest.OSType == introGuestWindows)
     {
         return IntWinAgentHandleVmcall(Rip);
     }
     else
     {
         return INT_STATUS_NOT_SUPPORTED;
     }
 }


 INTSTATUS
 IntAgentActivatePendingAgent(
     void
     )
 {
     if (gGuest.OSType == introGuestUnknown)
     {
         return INT_STATUS_NOT_INITIALIZED_HINT;
     }

     if (gGuest.OSType == introGuestWindows)
     {
         return IntWinAgentActivatePendingAgent();
     }
     else if (gGuest.OSType == introGuestLinux)
     {
         return IntLixAgentActivatePendingAgent();
     }
     else
     {
         return INT_STATUS_NOT_SUPPORTED;
     }
 }


 void
 IntAgentDisablePendingAgents(
     void
     )
 {
     if (gGuest.OSType == introGuestWindows)
     {
         IntWinAgentDisablePendingAgents();
     }
     else if (gGuest.OSType == introGuestLinux)
     {
         IntLixAgentDisablePendingAgents();
     }
 }


 AG_WAITSTATE
 IntAgentGetState(
     _Out_opt_ DWORD *Tag
     )
 {
     if (gGuest.OSType == introGuestWindows)
     {
         return IntWinAgentGetState(Tag);
     }
     else if (gGuest.OSType == introGuestLinux)
     {
         return IntLixAgentGetState(Tag);
     }
     else
     {
         if (Tag != NULL)
         {
             *Tag = 0;
         }
         return agNone;
     }
 }


 INTSTATUS
 IntAgentEnableInjection(
     void
     )
 {
     if (gGuest.OSType == introGuestWindows)
     {
         return IntWinAgentEnableInjection();
     }
     else if (gGuest.OSType == introGuestLinux)
     {
         IntLixAgentEnableInjection();

         return INT_STATUS_SUCCESS;
     }
     else
     {
         return INT_STATUS_NOT_SUPPORTED;
     }
 }


 BOOLEAN
 IntAgentIsPtrInTrampoline(
     _In_ QWORD Ptr,
     _In_ THS_PTR_TYPE Type
     )
 {
     if (gGuest.OSType == introGuestWindows)
     {
         return IntWinAgentIsPtrInTrampoline(Ptr, Type);
     }

     return FALSE;
 }
IntLixAgentDisablePendingAgents
void IntLixAgentDisablePendingAgents(void)
Disables all pending agents.
Definition: lixagent.c:1844

IntWinAgentGetState
AG_WAITSTATE IntWinAgentGetState(DWORD *Tag)
Gets the global agents state.
Definition: winagent.c:3245

BOOLEAN
_Bool BOOLEAN
Definition: intro_types.h:58

introGuestUnknown
Unknown.
Definition: intro_types.h:2042

IntWinAgentHandleInt3
INTSTATUS IntWinAgentHandleInt3(QWORD Rip, DWORD CpuNumber)
Handle a breakpoint that was initiated inside the guest.
Definition: winagent.c:2273

agNone
No active/pending agents.
Definition: agent.h:15

_In_
#define _In_
Definition: intro_sal.h:21

IntLixAgentHandleVmcall
INTSTATUS IntLixAgentHandleVmcall(QWORD Rip)
Handle a VMCALL that was executed inside the guest.
Definition: lixagent.c:1760

INT_STATUS_SUCCESS
#define INT_STATUS_SUCCESS
Definition: introstatus.h:54

IntWinAgentEnableInjection
INTSTATUS IntWinAgentEnableInjection(void)
enables agent injections.
Definition: winagent.c:3010

IntAgentHandleVmcall
INTSTATUS IntAgentHandleVmcall(QWORD Rip)
Dispatch a VMCALL event to the Windows or Linux agent VMCALL handler.
Definition: agent.c:42

IntWinAgentDisablePendingAgents
void IntWinAgentDisablePendingAgents(void)
Disables all pending agents.
Definition: winagent.c:3291

INTSTATUS
int INTSTATUS
The status data type.
Definition: introstatus.h:24

IntAgentDisablePendingAgents
void IntAgentDisablePendingAgents(void)
Disable the Windows or Linux pending agents.
Definition: agent.c:102

_GUEST_STATE::OSType
INTRO_GUEST_TYPE OSType
The type of the guest.
Definition: guests.h:278

IntLixAgentActivatePendingAgent
INTSTATUS IntLixAgentActivatePendingAgent(void)
Activates a pending agent that waits to be injected.
Definition: lixagent.c:1082

guests.h

IntAgentHandleInt3
INTSTATUS IntAgentHandleInt3(QWORD Rip, DWORD CpuNumber)
Dispatch a breakpoint event to the Windows or Linux agent breakpoint handler.
Definition: agent.c:12

_Out_opt_
#define _Out_opt_
Definition: intro_sal.h:30

introGuestLinux
Linux.
Definition: intro_types.h:2044

QWORD
unsigned long long QWORD
Definition: intro_types.h:53

IntLixAgentHandleInt3
INTSTATUS IntLixAgentHandleInt3(QWORD Rip)
Called when a INT3 instruction from the current running agent is executed.
Definition: lixagent.c:1573

introGuestWindows
Windows.
Definition: intro_types.h:2043

IntAgentEnableInjection
INTSTATUS IntAgentEnableInjection(void)
Enable Windows or Linux agent injection.
Definition: agent.c:152

DWORD
uint32_t DWORD
Definition: intro_types.h:49

gGuest
GUEST_STATE gGuest
The current guest state.
Definition: guests.c:50

THS_PTR_TYPE
THS_PTR_TYPE
The type of pointer to be checked.
Definition: thread_safeness.h:28

IntAgentIsPtrInTrampoline
BOOLEAN IntAgentIsPtrInTrampoline(QWORD Ptr, THS_PTR_TYPE Type)
Check if the provided pointer points inside the Windows trampoline code.
Definition: agent.c:180

winagent.h

agent.h

IntWinAgentHandleVmcall
INTSTATUS IntWinAgentHandleVmcall(QWORD Rip)
Handle a VMCALL that was executed inside the guest.
Definition: winagent.c:2397

INT_STATUS_NOT_INITIALIZED_HINT
#define INT_STATUS_NOT_INITIALIZED_HINT
Definition: introstatus.h:320

lixagent.h

INT_STATUS_NOT_SUPPORTED
#define INT_STATUS_NOT_SUPPORTED
Definition: introstatus.h:287

IntAgentActivatePendingAgent
INTSTATUS IntAgentActivatePendingAgent(void)
Activate a pending Windows or Linux agent.
Definition: agent.c:70

IntLixAgentGetState
AG_WAITSTATE IntLixAgentGetState(DWORD *Tag)
Gets the global agents state.
Definition: lixagent.c:1804

AG_WAITSTATE
enum _AG_WAITSTATE AG_WAITSTATE

IntWinAgentIsPtrInTrampoline
BOOLEAN IntWinAgentIsPtrInTrampoline(QWORD Ptr, THS_PTR_TYPE Type)
Check if the provided address points inside the agent trampoline.
Definition: winagent.c:3219

IntAgentGetState
AG_WAITSTATE IntAgentGetState(DWORD *Tag)
Get the current Windows or Linux agent state.
Definition: agent.c:121

IntLixAgentEnableInjection
void IntLixAgentEnableInjection(void)
Enables agent injections.
Definition: lixagent.c:1964

IntWinAgentActivatePendingAgent
INTSTATUS IntWinAgentActivatePendingAgent(void)
Activates a pending agent that waits to be injected.
Definition: winagent.c:920

FALSE
#define FALSE
Definition: intro_types.h:34