Bitdefender Hypervisor Memory Introspection
Data Structures | Typedefs | Functions | Variables
deploy.c File Reference
#include "../common.h"

Go to the source code of this file.

Data Structures

struct  data
 

Typedefs

typedef void *() filp_open_fn(const char *filename, int flags, unsigned short mode)
 
typedef int() filp_close_fn(void *filp, void *id)
 
typedef void *() vmalloc_fn(unsigned long size)
 
typedef unsigned int() __kernel_write_fn(void *file, const void *buf, unsigned int count, long long *pos)
 
typedef int() kernel_write_fn(void *file, const char *buf, size_t count, unsigned long pos)
 
typedef void() vfree_fn(void *ptr)
 
typedef char **() argv_split_fn(unsigned int gfp, const char *str, int *argcp)
 
typedef void() argv_free_fn(char **argv)
 
typedef void *() call_usermodehelper_setup_fn(const char *path, char **argv, char **envp, unsigned long gfp_mask, int(*init) (void *info, void *new), void(*cleanup) (void *info), void *data)
 
typedef int() call_usermodehelper_exec_fn(void *sub_info, int wait)
 
typedef void() do_exit_fn(long code)
 
typedef int() printk_fn(const char *fmt,...)
 

Functions

struct data _data __aligned (1)
 The section used for this agent is .adata'. More...
 
__default_fn_attr int call_usermodehelper (const char *path, char **argv, char **envp, unsigned int wait)
 
__default_fn_attr void deploy (void)
 Creates a file using the provided name and writes the content given by Introcore in the file. More...
 
__fn_naked void trampoline (void)
 The trampoline of the agent. More...
 

Variables

void * __address
 

Typedef Documentation

◆ __kernel_write_fn

typedef unsigned int() __kernel_write_fn(void *file, const void *buf, unsigned int count, long long *pos)

Definition at line 10 of file deploy.c.

◆ argv_free_fn

typedef void() argv_free_fn(char **argv)

Definition at line 14 of file deploy.c.

◆ argv_split_fn

typedef char**() argv_split_fn(unsigned int gfp, const char *str, int *argcp)

Definition at line 13 of file deploy.c.

◆ call_usermodehelper_exec_fn

typedef int() call_usermodehelper_exec_fn(void *sub_info, int wait)

Definition at line 17 of file deploy.c.

◆ call_usermodehelper_setup_fn

typedef void*() call_usermodehelper_setup_fn(const char *path, char **argv, char **envp, unsigned long gfp_mask, int(*init)(void *info, void *new), void(*cleanup)(void *info), void *data)

Definition at line 15 of file deploy.c.

◆ do_exit_fn

typedef void() do_exit_fn(long code)

Definition at line 18 of file deploy.c.

◆ filp_close_fn

typedef int() filp_close_fn(void *filp, void *id)

Definition at line 8 of file deploy.c.

◆ filp_open_fn

typedef void*() filp_open_fn(const char *filename, int flags, unsigned short mode)

Definition at line 7 of file deploy.c.

◆ kernel_write_fn

typedef int() kernel_write_fn(void *file, const char *buf, size_t count, unsigned long pos)

Definition at line 11 of file deploy.c.

◆ printk_fn

typedef int() printk_fn(const char *fmt,...)

Definition at line 19 of file deploy.c.

◆ vfree_fn

typedef void() vfree_fn(void *ptr)

Definition at line 12 of file deploy.c.

◆ vmalloc_fn

typedef void*() vmalloc_fn(unsigned long size)

Definition at line 9 of file deploy.c.

Function Documentation

◆ __aligned()

struct data _data __aligned ( )

The section used for this agent is .adata'.

◆ call_usermodehelper()

__default_fn_attr int call_usermodehelper ( const char *  path,
char **  argv,
char **  envp,
unsigned int  wait 
)

Definition at line 69 of file deploy.c.

Referenced by deploy().

◆ deploy()

__default_fn_attr void deploy ( void  )

Creates a file using the provided name and writes the content given by Introcore in the file.

If an error occurs, the Intocore is notified.

Definition at line 84 of file deploy.c.

Referenced by trampoline().

◆ trampoline()

__fn_naked void trampoline ( void  )

The trampoline of the agent.

Calls the deploy function and calls 'do_exit'.

The section used for this function is '.start'.

Definition at line 171 of file deploy.c.

Referenced by IntWinAgentInjectTrampoline().

Variable Documentation

◆ __address

void* __address