- Generated by
1.8.13
|
Bitdefender Hypervisor Memory Introspection
|
Go to the source code of this file.
Functions | |
| INTSTATUS | IntHookDtrSetHook (DWORD Flags, PFUNC_DtrReadWriteHookCallback Callback, void **Hook) |
| Places a descriptor table register hook. More... | |
| static INTSTATUS | IntHookDtrDeleteHook (HOOK_DTR *Hook) |
| Permanently delete a descriptor register hook. More... | |
| INTSTATUS | IntHookDtrRemoveHook (HOOK_DTR *Hook) |
| Remove a descriptor register hook. More... | |
| static void | IntHookDtrRemoveAllHooks (void) |
| Remove all descriptor register hooks. More... | |
| INTSTATUS | IntHookDtrCommit (void) |
| Commit the descriptor registers hooks. More... | |
| INTSTATUS | IntHookDtrInit (void) |
| Initialize the descriptor registers hook state. More... | |
| INTSTATUS | IntHookDtrUninit (void) |
| Uninit the descriptor registers hooks state. More... | |
| INTSTATUS IntHookDtrCommit | ( | void | ) |
Commit the descriptor registers hooks.
This function will iterate the list of DTR hooks, and it will delete all the hooks that were flagged for removal.
| INT_STATUS_SUCCESS | On success. |
| INT_STATUS_NOT_INITIALIZED | If the DTR hooks state is not initialized. |
Definition at line 165 of file hook_dtr.c.
Referenced by IntGuestPreReturnCallback().
Permanently delete a descriptor register hook.
NOTE: If this is the last descriptor register hook that is removed, Introcore will ask the HV to disable descriptor table access notifications.
| [in] | Hook | The DTR hook to be deleted. |
| INT_STATUS_SUCCESS | On success. |
Definition at line 75 of file hook_dtr.c.
Referenced by IntHookDtrCommit(), and IntHookDtrRemoveHook().
| INTSTATUS IntHookDtrInit | ( | void | ) |
Initialize the descriptor registers hook state.
| INT_STATUS_SUCCESS | On success. |
| INT_STATUS_INSUFFICIENT_RESOURCES | If a memory alloc fails. |
Definition at line 203 of file hook_dtr.c.
Referenced by IntGuestInit().
|
static |
Remove all descriptor register hooks.
Definition at line 146 of file hook_dtr.c.
Referenced by IntHookDtrUninit().
Remove a descriptor register hook.
Removes a DTR hook. First of all, this function will mark the hook as being disabled (the callback will never be called again). If we are currently in the context of a DTR violation, we will wait for the commit phase to permanently delete the hook. Otherwise, the hook will be deleted immediately.
| [in] | Hook | The hook to be removed. |
| INT_STATUS_SUCCESS | On success. |
| INT_STATUS_INVALID_PARAMETER | If an invalid parameter is supplied. |
Definition at line 106 of file hook_dtr.c.
Referenced by IntGdtrUnprotect(), IntHandleDtrViolation(), IntHookDtrRemoveAllHooks(), and IntIdtrUnprotect().
| INTSTATUS IntHookDtrSetHook | ( | DWORD | Flags, |
| PFUNC_DtrReadWriteHookCallback | Callback, | ||
| void ** | Hook | ||
| ) |
Places a descriptor table register hook.
Establishes a hook on a descriptor table register. The Flags argument indicates which register is hooked and for what access. On each load or store on the hooked register, the callback will be called. NOTE: Make sure that the Flags contains only one of:
| [in] | Flags | A combination of IG_DESC_ACCESS indicating what register & for what access the hook is set. |
| [in] | Callback | The callback to be called when the indicated register is loaded/stored. |
| [out] | Hook | The handle to the newly placed hook. |
| INT_STATUS_SUCCESS | On success. |
| INT_STATUS_INVALID_PARAMETER | If an invalid parameter is supplied. |
| INT_STATUS_INSUFFICIENT_RESOURCES | If a memory alloc fails. |
Definition at line 11 of file hook_dtr.c.
Referenced by IntGdtrProtect(), and IntIdtrProtect().
| INTSTATUS IntHookDtrUninit | ( | void | ) |
Uninit the descriptor registers hooks state.
| INT_STATUS_SUCCESS | On success. |
| INT_STATUS_NOT_INITIALIZED_HINT | If the DTR hooks state is not initialized. |
Definition at line 226 of file hook_dtr.c.
Referenced by IntGuestUninit().
1.8.13