- Generated by
1.8.13
|
Bitdefender Hypervisor Memory Introspection
|
#include "introtypes.h"Go to the source code of this file.
Data Structures | |
| struct | _XCR_HOOK_STATE |
| struct | _HOOK_XCR |
Typedefs | |
| typedef INTSTATUS(* | PFUNC_XcrWriteHookCallback) (void *Context, DWORD Xcr, INTRO_ACTION *Action) |
| Extended control register write callback. More... | |
| typedef struct _XCR_HOOK_STATE | XCR_HOOK_STATE |
| typedef struct _XCR_HOOK_STATE * | PXCR_HOOK_STATE |
| typedef struct _HOOK_XCR | HOOK_XCR |
| typedef struct _HOOK_XCR * | PHOOK_XCR |
Functions | |
| INTSTATUS | IntHookXcrSetHook (DWORD Xcr, DWORD Flags, PFUNC_XcrWriteHookCallback Callback, void *Context, HOOK_XCR **Hook) |
| Set an extended control register write hook. More... | |
| INTSTATUS | IntHookXcrRemoveHook (HOOK_XCR *Hook) |
| Remove an extended control register hook. More... | |
| INTSTATUS | IntHookXcrCommit (void) |
| Commit the extended control register hooks. More... | |
| INTSTATUS | IntHookXcrInit (void) |
| Initialize the extended control registers hook state. More... | |
| INTSTATUS | IntHookXcrUninit (void) |
| Uninit the extended control register hooks state. More... | |
| typedef INTSTATUS(* PFUNC_XcrWriteHookCallback) (void *Context, DWORD Xcr, INTRO_ACTION *Action) |
Extended control register write callback.
| [in] | Context | The optional context, as passed to the XCR set hook function. |
| [in] | Xcr | The written XCR. |
| [out] | Action | Desired action. |
Definition at line 19 of file hook_xcr.h.
| typedef struct _XCR_HOOK_STATE * PXCR_HOOK_STATE |
| typedef struct _XCR_HOOK_STATE XCR_HOOK_STATE |
Global XCR hooks state.
| INTSTATUS IntHookXcrCommit | ( | void | ) |
Commit the extended control register hooks.
This function will iterate the list of XCR hooks, and it will delete all the hooks that were flagged for removal.
| INT_STATUS_SUCCESS | On success. |
| INT_STATUS_NOT_INITIALIZED | If the XCR hooks state is not initialized. |
Definition at line 169 of file hook_xcr.c.
Referenced by IntGuestPreReturnCallback().
| INTSTATUS IntHookXcrInit | ( | void | ) |
Initialize the extended control registers hook state.
| INT_STATUS_SUCCESS | On success. |
| INT_STATUS_INSUFFICIENT_RESOURCES | If a memory alloc fails. |
Definition at line 207 of file hook_xcr.c.
Referenced by IntGuestInit().
Remove an extended control register hook.
Removes an XCR write hook. First of all, this function will mark the hook as being disabled (the callback will never be called again). If we are currently in the context of a XCR violation, we will wait for the commit phase to permanently delete the hook. Otherwise, the hook will be deleted immediately.
| [in] | Hook | The hook to be removed. |
| INT_STATUS_SUCCESS | On success. |
| INT_STATUS_INVALID_PARAMETER | If an invalid parameter is supplied. |
Definition at line 110 of file hook_xcr.c.
Referenced by IntHandleXcrWrite(), and IntHookXcrRemoveAllHooks().
| INTSTATUS IntHookXcrSetHook | ( | DWORD | Xcr, |
| DWORD | Flags, | ||
| PFUNC_XcrWriteHookCallback | Callback, | ||
| void * | Context, | ||
| HOOK_XCR ** | Hook | ||
| ) |
Set an extended control register write hook.
This function will place an XCR write hook. Currently, only XCR0 is defined by Intel. When the first XCR hook is set, the notification callback will be registered to the integrator.
| [in] | Xcr | The intercepted XCR. |
| [in] | Flags | Flags. Can be used by the caller. |
| [in] | Callback | The callback to be called when the indicated XCR is written. |
| [in] | Context | Optional context. |
| [out] | Hook | A handle to the newly placed hook. |
| INT_STATUS_SUCCESS | On success. |
| INT_STATUS_INVALID_PARAMETER | If an invalid parameter is supplied. |
| INT_STATUS_INSUFFICIENT_RESOURCES | If a memory alloc failed. |
Definition at line 11 of file hook_xcr.c.
| INTSTATUS IntHookXcrUninit | ( | void | ) |
Uninit the extended control register hooks state.
| INT_STATUS_SUCCESS | On success. |
| INT_STATUS_NOT_INITIALIZED_HINT | If the XCR hooks state is not initialized. |
Definition at line 230 of file hook_xcr.c.
Referenced by IntGuestUninit().
1.8.13