Bitdefender Hypervisor Memory Introspection
agent.h
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2020 Bitdefender
3  * SPDX-License-Identifier: Apache-2.0
4  */
5 #ifndef _AGENT_H_
6 #define _AGENT_H_
7 
8 #include "thread_safeness.h"
9 
10 //
11 // Agent state.
12 //
13 typedef enum _AG_WAITSTATE
14 {
15  agNone,
16  agActive,
17  agWaiting,
18 } AG_WAITSTATE;
19 
20 
21 INTSTATUS
22 IntAgentHandleInt3(
23  _In_ QWORD Rip,
24  _In_ DWORD CpuNumber
25  );
26 
27 INTSTATUS
28 IntAgentHandleVmcall(
29  _In_ QWORD Rip
30  );
31 
32 INTSTATUS
33 IntAgentActivatePendingAgent(
34  void
35  );
36 
37 void
38 IntAgentDisablePendingAgents(
39  void
40  );
41 
42 AG_WAITSTATE
43 IntAgentGetState(
44  _Out_opt_ DWORD *Tag
45  );
46 
47 INTSTATUS
48 IntAgentEnableInjection(
49  void
50  );
51 
52 BOOLEAN
53 IntAgentIsPtrInTrampoline(
54  _In_ QWORD Ptr,
55  _In_ THS_PTR_TYPE Type
56  );
57 
58 #endif // _AGENT_H_
BOOLEAN
_Bool BOOLEAN
Definition: intro_types.h:58
agNone
No active/pending agents.
Definition: agent.h:15
_In_
#define _In_
Definition: intro_sal.h:21
IntAgentActivatePendingAgent
INTSTATUS IntAgentActivatePendingAgent(void)
Activate a pending Windows or Linux agent.
Definition: agent.c:70
agWaiting
We have at least pending agent waiting to be injected inside the guest.
Definition: agent.h:17
INTSTATUS
int INTSTATUS
The status data type.
Definition: introstatus.h:24
_Out_opt_
#define _Out_opt_
Definition: intro_sal.h:30
_AG_WAITSTATE
_AG_WAITSTATE
Definition: agent.h:13
QWORD
unsigned long long QWORD
Definition: intro_types.h:53
IntAgentEnableInjection
INTSTATUS IntAgentEnableInjection(void)
Enable Windows or Linux agent injection.
Definition: agent.c:152
IntAgentIsPtrInTrampoline
BOOLEAN IntAgentIsPtrInTrampoline(QWORD Ptr, THS_PTR_TYPE Type)
Check if the provided pointer points inside the Windows trampoline code.
Definition: agent.c:180
IntAgentHandleInt3
INTSTATUS IntAgentHandleInt3(QWORD Rip, DWORD CpuNumber)
Dispatch a breakpoint event to the Windows or Linux agent breakpoint handler.
Definition: agent.c:12
IntAgentHandleVmcall
INTSTATUS IntAgentHandleVmcall(QWORD Rip)
Dispatch a VMCALL event to the Windows or Linux agent VMCALL handler.
Definition: agent.c:42
thread_safeness.h
DWORD
uint32_t DWORD
Definition: intro_types.h:49
IntAgentDisablePendingAgents
void IntAgentDisablePendingAgents(void)
Disable the Windows or Linux pending agents.
Definition: agent.c:102
THS_PTR_TYPE
THS_PTR_TYPE
The type of pointer to be checked.
Definition: thread_safeness.h:28
AG_WAITSTATE
enum _AG_WAITSTATE AG_WAITSTATE
agActive
We have an active agent, currently injected inside the guest.
Definition: agent.h:16
IntAgentGetState
AG_WAITSTATE IntAgentGetState(DWORD *Tag)
Get the current Windows or Linux agent state.
Definition: agent.c:121