#include "introtypes.h"

Data Structures
struct	_LIST_ENTRY

Macros
#define	OFFSET_OF(Type, Member) __builtin_offsetof(Type, Member)

#define	CONTAINING_RECORD(List, Type, Member) (Type *)((size_t)(List) - OFFSET_OF(Type, Member))

#define	LIST_HEAD_INIT(Name) { { .Head = &(Name) }, { .Tail = &(Name) } }

#define	list_for_each(_head, _struct_type, _var) _list_for_each(_head, _struct_type, Link, _var)

#define	list_for_next(_start, _head, _type, _var) _list_for_next(_start, _head, _type, Link, _var)

#define	list_for_each_link(_head, _struct_type, _member, _var) _list_for_each(_head, _struct_type, _member, _var)

#define	_next(_var, _member) _var->_member.Flink

#define	_next_entry(_var, _member, _type) CONTAINING_RECORD(_next(_var, _member), _type, _member)

#define	PREPROC_CONCAT(a, b) PREPROC_CONCAT_1(a, b)

#define	PREPROC_CONCAT_1(a, b) PREPROC_CONCAT_2(~, a ## b)

#define	PREPROC_CONCAT_2(p, res) res

#define	UNIQUE_NAME(base) PREPROC_CONCAT(base, __LINE__)

#define	_list_for_each(_head, _type, _member, _var)

#define	_list_for_next(_start, _head, _type, _member, _var)

Typedefs
typedef struct _LIST_ENTRY	LIST_ENTRY

typedef struct _LIST_ENTRY	LIST_HEAD

typedef struct _LIST_ENTRY *	PLIST_ENTRY

typedef struct _LIST_ENTRY *	PLIST_HEAD

Functions
static void	InitializeListHead (LIST_ENTRY *ListHead)

static BOOLEAN	IsListEmpty (const LIST_ENTRY *ListHead)

static BOOLEAN	RemoveEntryList (LIST_ENTRY *Entry)

static LIST_ENTRY *	RemoveHeadList (LIST_ENTRY *ListHead)

static LIST_ENTRY *	RemoveTailList (LIST_ENTRY *ListHead)

static void	InsertTailList (LIST_ENTRY ListHead, LIST_ENTRY Entry)

static void	InsertHeadList (LIST_ENTRY ListHead, LIST_ENTRY Entry)

static void	InsertAfterList (LIST_ENTRY Pivot, LIST_ENTRY Item)

Macro Definition Documentation

◆ _list_for_each

#define _list_for_each	(	_head,
		_type,
		_member,
		_var
	)

Value:

for (_type *_var = CONTAINING_RECORD(_head.Flink, _type, _member), *UNIQUE_NAME(_n) = _next_entry(_var, _member, _type); \
         &_var->_member != &_head;                                      \
         _var = UNIQUE_NAME(_n), UNIQUE_NAME(_n) = _next_entry(_var, _member, _type))

Definition at line 57 of file introlists.h.

◆ _list_for_next

#define _list_for_next	(	_start,
		_head,
		_type,
		_member,
		_var
	)

Value:

for (_type *_var = _next_entry(_start, _member, _type), *UNIQUE_NAME(_n) = _next_entry(_var, _member, _type); \
         &_var->_member != &_head;                                      \
         _var = UNIQUE_NAME(_n), UNIQUE_NAME(_n) = _next_entry(_var, _member, _type))

Definition at line 62 of file introlists.h.

◆ _next

#define _next	(	_var,
		_member
	)	_var->_member.Flink

Definition at line 48 of file introlists.h.

Referenced by DbgDumpGuestModules().

◆ _next_entry

#define _next_entry	(	_var,
		_member,
		_type
	)	CONTAINING_RECORD(_next(_var, _member), _type, _member)

Definition at line 49 of file introlists.h.

◆ CONTAINING_RECORD

#define CONTAINING_RECORD	(	List,
		Type,
		Member
	)	(Type *)((size_t)(List) - OFFSET_OF(Type, Member))

Definition at line 36 of file introlists.h.

Referenced by DbgCrWriteTestCallback(), DbgDumpExceptions(), DbgDumpHooksGva(), DbgIterateVaSpace(), IntDbgCheckHooks(), IntExceptRemoveKernelUserListExceptions(), IntExceptRemoveKmListExceptions(), IntExceptRemoveUmGlobListExceptions(), IntExceptRemoveUmListExceptions(), IntGpaCacheLookupEntry(), IntGpaCacheRelease(), IntGpaCacheUnInit(), IntHandleMemAccess(), IntHookAddCallbackToList(), IntHookGpaCommitHooks(), IntHookGpaDump(), IntHookGpaEnableDisablePtCache(), IntHookGpaEnableDisableVe(), IntHookGpaFindConvertible(), IntHookGpaGetExistingEptEntry(), IntHookGpaInsertHookInList(), IntHookGpaIsPageHooked(), IntHookGvaCommitHooks(), IntHookObjectCommit(), IntHookObjectDestroy(), IntHookObjectDestroyAll(), IntHookObjectFindRegion(), IntHookPtmAddTable(), IntHookPtmCommitHooks(), IntHookPtmWriteCallback(), IntHookPtsCheckIntegrity(), IntHookPtsCleanupList(), IntHookPtsCloneCallbacks(), IntHookPtsCommitHooks(), IntHookPtsDump(), IntHookPtsDumpPtsEntry(), IntHookPtsFindEntry(), IntHookPtsHandleModification(), IntHookPtsInvokeCallbacks(), IntHookPtsMergeEntry(), IntHookPtsSetHook(), IntIcAddInvdForInstruction(), IntIcDumpIcache(), IntIcRemoveAllInvdEntries(), IntLixAgentActivatePendingAgent(), IntLixAgentGetState(), IntLixPatchHandler(), IntMemClkDump(), IntMemClkHashRegion(), IntMemClkUnInit(), IntMtblCheckAccess(), IntMtblDisable(), IntMtblInsRelocated(), IntMtblIsPtrInReloc(), IntMtblRemoveAgentEntries(), IntMtblUninit(), IntPtiDumpStats(), IntPtiHandleInt3(), IntPtiRbTreeNodeCompareRip(), IntPtiRemoveInstruction(), IntPtiRestoreAllPtWriteCandidates(), IntSlackAllocLinux(), IntSwapgsDisable(), IntSwapgsInstallHandler(), IntSwapgsIsPtrInHandler(), IntSwapgsRelocatePtrIfNeeded(), IntSwapgsUninit(), IntSwapMemCancelTransaction(), IntSwapMemDump(), IntSwapMemFindPendingPage(), IntSwapMemInjectPendingPF(), IntSwapMemReadData(), IntSwapMemRemoveTransactionsForVaSpace(), IntUninit(), IntUnpFindPage(), IntUnpRemovePages(), IntUnpUnWatchPage(), IntUnpUnWatchVaSpacePages(), IntUpdateAddKernelExceptionInOrder(), IntUpdateAddKernelUserExceptionInOrder(), IntUpdateAddUserExceptionInOrder(), IntVasDump(), IntVasStopMonitorVaSpace(), IntWinAgentActivatePendingAgent(), IntWinAgentCheckIfProcessAgentAndDecrement(), IntWinAgentCheckIfProcessAgentAndIncrement(), IntWinAgentDisablePendingAgents(), IntWinAgentGetState(), IntWinAgentInject(), IntWinAgentRemoveEntryByAgid(), IntWinAgentUnInit(), IntWinDrvObjFindByDrvObj(), IntWinDrvObjFindByOwnerAddress(), IntWinDrvObjRemoveFromAddress(), IntWinDrvObjUninit(), IntWinDrvObjUpdateProtection(), IntWinGuestCancelKernelRead(), IntWinHalCancelRead(), IntWinModBlockRemoveBlockObject(), IntWinModCacheExportNodeCompare(), IntWinModCacheExportNodeCompareWithErorr(), IntWinModCacheFixNamePointers(), IntWinModHandleExportsInMemory(), IntWinModHandleUnload(), IntWinModulesChangeProtectionFlags(), IntWinObjCleanup(), IntWinProcDeleteProcessObject(), IntWinProcDump(), IntWinProcDumpEgFlags(), IntWinProcDumpProtected(), IntWinProcDumpVads(), IntWinProcExistsProtectedProcess(), IntWinProcFindObjectByCr3(), IntWinProcFindObjectByEprocess(), IntWinProcFindObjectByName(), IntWinProcFindObjectByPid(), IntWinProcFindObjectByUserCr3(), IntWinProcGetAgentsAsCli(), IntWinProcGetNameFromInternalEprocess(), IntWinProcGetObjectByPid(), IntWinProcGetProtectedInfo(), IntWinProcGetProtectedInfoEx(), IntWinProcHandleReadFromLsass(), IntWinProcRbTreeNodeCompareCr3(), IntWinProcRbTreeNodeCompareEproc(), IntWinProcRbTreeNodeCompareUserCr3(), IntWinProcRemoveAllProtectedProcesses(), IntWinProcRemoveProtectedProcessInternal(), IntWinProcRemoveSubsystem(), IntWinProcSendAllDllEventsForSubsystem(), IntWinProcUninit(), IntWinProcUpdateProtectedProcess(), IntWinProcUpdateProtection(), IntWinSelfMapDisableSelfMapEntryProtection(), IntWinSelfMapEnableSelfMapEntryProtection(), IntWinSelfMapValidateSelfMapEntries(), IntWinTokenCheckIntegrity(), IntWinTokenProtectPrivs(), IntWinTokenPtrIsStolen(), IntWinTokenUnprotectPrivs(), IntWinUmCacheUninit(), IntWinUmModCacheExportFind(), IntWinUmModCacheFetch(), IntWinUmModFindByAddress(), IntWinUmPathFetchBySubsection(), IntWinUmPathRbTreeNodeCompare(), IntWinVadFindByBase(), IntWinVadFindByRange(), IntWinVadFindByVa(), IntWinVadRbTreeNodeCompare(), IntWinVadRbTreeNodeCompareBases(), IntWinVadRbTreeNodeCompareVa(), and IntWinVadRbTreeNodeFree().

◆ list_for_each

#define list_for_each	(	_head,
		_struct_type,
		_var
	)	_list_for_each(_head, _struct_type, Link, _var)

Definition at line 41 of file introlists.h.

Referenced by IntHandleCrWrite(), IntHandleDtrViolation(), IntHandleMsrViolation(), IntHandleXcrWrite(), IntHookCrCommit(), IntHookCrRemoveAllHooks(), IntHookCrRemoveHook(), IntHookCrSetHook(), IntHookDtrCommit(), IntHookDtrRemoveAllHooks(), IntHookMsrCommit(), IntHookMsrRemoveAllHooks(), IntHookMsrRemoveHook(), IntHookMsrSetHook(), IntHookXcrCommit(), IntHookXcrRemoveAllHooks(), IntLixAgentDecProcRef(), IntLixAgentDisablePendingAgents(), IntLixAgentIncProcRef(), IntLixAgentNameGetTagByAgid(), IntLixAgentNameIsRunning(), IntLixAgentNameRemoveByAgid(), IntLixCredAdd(), IntLixDrvRemoveDuplicate(), IntLixDrvRemoveFromAddress(), IntLixDrvUpdateProtection(), IntLixTaskDump(), IntUDGetEntry(), IntUDRemoveAllEntriesForCr3(), IntVirtMemUnmapMultiPage(), IntWinDrvRemoveFromAddress(), IntWinDrvUpdateProtection(), IntWinGetDriverByGva(), IntWinModBlockHandleExecution(), IntWinModBlockRegisterCallbackForReason(), IntWinModCancelExportTransactions(), IntWinSDCheckAclIntegrity(), IntWinSDCheckIntegrity(), and IntWinSDIsSecDescPtrAltered().

◆ list_for_each_link

#define list_for_each_link	(	_head,
		_struct_type,
		_member,
		_var
	)	_list_for_each(_head, _struct_type, _member, _var)

Definition at line 43 of file introlists.h.

◆ list_for_next

#define list_for_next	(	_start,
		_head,
		_type,
		_var
	)	_list_for_next(_start, _head, _type, Link, _var)

Definition at line 42 of file introlists.h.

◆ LIST_HEAD_INIT

#define LIST_HEAD_INIT ( Name ) { { .Head = &(Name) }, { .Tail = &(Name) } }

Definition at line 39 of file introlists.h.

Referenced by DbgCrWriteTestCallback().

◆ OFFSET_OF

#define OFFSET_OF	(	Type,
		Member
	)	__builtin_offsetof(Type, Member)

Definition at line 33 of file introlists.h.

Referenced by IntDetCreateObjectLix(), IntDetDisableLixHypercall(), IntLixApiUpdateHooks(), IntWinDrvObjCreateFromAddress(), IntWinDrvObjHandleModification(), IntWinDrvObjHandleWrite(), IntWinGuestFindDriversNamespace(), IntWinObjGetObjectNameInfo(), IntWinObjGetPoolHeaderForObject(), and IntWinThrHandleThreadHijack().

◆ PREPROC_CONCAT

#define PREPROC_CONCAT	(	a,
		b
	)	PREPROC_CONCAT_1(a, b)

Definition at line 51 of file introlists.h.

◆ PREPROC_CONCAT_1

#define PREPROC_CONCAT_1	(	a,
		b
	)	PREPROC_CONCAT_2(~, a ## b)

Definition at line 52 of file introlists.h.

◆ PREPROC_CONCAT_2

#define PREPROC_CONCAT_2	(	p,
		res
	)	res

Definition at line 53 of file introlists.h.

◆ UNIQUE_NAME

#define UNIQUE_NAME ( base ) PREPROC_CONCAT(base, __LINE__)

Definition at line 55 of file introlists.h.

Typedef Documentation

◆ LIST_ENTRY

typedef struct _LIST_ENTRY LIST_ENTRY

◆ LIST_HEAD

typedef struct _LIST_ENTRY LIST_HEAD

◆ PLIST_ENTRY

typedef struct _LIST_ENTRY * PLIST_ENTRY

◆ PLIST_HEAD

typedef struct _LIST_ENTRY * PLIST_HEAD

Function Documentation

◆ InitializeListHead()

static void InitializeListHead ( LIST_ENTRY * ListHead )

inlinestatic

◆ InsertAfterList()

static void InsertAfterList	(	LIST_ENTRY *	Pivot,
		LIST_ENTRY *	Item
	)

inlinestatic

Definition at line 169 of file introlists.h.

Referenced by IntHookAddCallbackToList(), IntHookGpaInsertHookInList(), IntLixTaskHandleExec(), IntUpdateAddKernelExceptionInOrder(), IntUpdateAddKernelUserExceptionInOrder(), and IntUpdateAddUserExceptionInOrder().

◆ InsertHeadList()

static void InsertHeadList	(	LIST_ENTRY *	ListHead,
		LIST_ENTRY *	Entry
	)

inlinestatic

Definition at line 152 of file introlists.h.

Referenced by IntExceptUser(), and IntHookObjectRemoveRegionInternal().

◆ InsertTailList()

static void InsertTailList	(	LIST_ENTRY *	ListHead,
		LIST_ENTRY *	Entry
	)

inlinestatic

Definition at line 135 of file introlists.h.

Referenced by DbgCrWriteTestCallback(), IntDetSetHook(), IntDetSetLixHook(), IntGpaCacheAddVictim(), IntHookAddCallbackToList(), IntHookCrSetHook(), IntHookDtrSetHook(), IntHookGpaGetEptEntry(), IntHookGpaInsertHookInList(), IntHookGvaRemoveHookInternal(), IntHookGvaSetHook(), IntHookMsrSetHook(), IntHookObjectCreate(), IntHookObjectHookRegion(), IntHookObjectRemoveRegionInternal(), IntHookPtmAddTable(), IntHookPtmRemoveHookInternal(), IntHookPtmRemoveTableHook(), IntHookPtmSetHook(), IntHookPtmWriteCallback(), IntHookPtsCloneCallbacks(), IntHookPtsCreateEntry(), IntHookPtsRemoveHookInternal(), IntHookPtsRemovePteHook(), IntHookPtsSetHook(), IntHookXcrSetHook(), IntIcAddInvdForInstruction(), IntIntegrityAddRegion(), IntLixAgentInject(), IntLixAgentNameCreate(), IntLixAgentThreadInject(), IntLixCredAdd(), IntLixDrvCreateFromAddress(), IntLixDrvCreateKernel(), IntLixFileCacheCreateDentryPath(), IntLixTaskActivateExploitProtection(), IntLixTaskAddProtected(), IntLixTaskCreate(), IntLixTaskCreateInitTask(), IntLixTaskPathGetByDentry(), IntLixVmaCreate(), IntMemClkCloakRegion(), IntMtblCheckAccess(), IntPtiMonitorAllPtWriteCandidates(), IntSlackAllocLinux(), IntSlackAllocWindows(), IntSwapgsInstallHandler(), IntSwapgsStartMitigation(), IntSwapMemReadData(), IntUDAddToPendingList(), IntUnpWatchPage(), IntUpdateAddCbSignature(), IntUpdateAddExportSignature(), IntUpdateAddIdtSignature(), IntUpdateAddKernelException(), IntUpdateAddKernelExceptionInOrder(), IntUpdateAddKernelUserException(), IntUpdateAddKernelUserExceptionInOrder(), IntUpdateAddKmException(), IntUpdateAddKmUmException(), IntUpdateAddProcessCreationSignature(), IntUpdateAddUmException(), IntUpdateAddUserException(), IntUpdateAddUserExceptionGlob(), IntUpdateAddUserExceptionInOrder(), IntUpdateAddValueCodeSignature(), IntUpdateAddValueSignature(), IntUpdateAddVersionIntroSignature(), IntUpdateAddVersionOsSignature(), IntVasStartMonitorVaSpace(), IntVirtMemMapMultiPage(), IntWinAgentInject(), IntWinAgentInjectBreakpoint(), IntWinDrvCreateFromAddress(), IntWinDrvObjCreateFromAddress(), IntWinGuestNew(), IntWinGuestReadKernel(), IntWinHalReadHal(), IntWinModBlockRegisterCallbackForReason(), IntWinModCacheCreate(), IntWinModHandleLoadFromVad(), IntWinObjHandleDirectoryEntryInMemory(), IntWinObjHandleDriverDirectoryEntryInMemory(), IntWinObjHandleObjectInMemory(), IntWinObjHandleRootDirTagInMemory(), IntWinObjParseDriverDirectory(), IntWinPfnLockAddress(), IntWinProcAddProtectedProcess(), and IntWinProcLstInsertProcess().

◆ IsListEmpty()

static BOOLEAN IsListEmpty ( const LIST_ENTRY * ListHead )

inlinestatic

◆ RemoveEntryList()

static BOOLEAN RemoveEntryList ( LIST_ENTRY * Entry )

inlinestatic

Definition at line 87 of file introlists.h.

Referenced by DbgCrWriteTestCallback(), IntDetUninit(), IntDriverUninit(), IntExceptUser(), IntGpaCacheRelease(), IntGpaCacheUnInit(), IntHookCrCommit(), IntHookCrRemoveHook(), IntHookDtrCommit(), IntHookDtrRemoveHook(), IntHookGpaDeleteHookInternal(), IntHookGpaSetNewPageProtection(), IntHookGvaDeleteHookInternal(), IntHookGvaRemoveHookInternal(), IntHookMsrCommit(), IntHookMsrRemoveHook(), IntHookObjectCommit(), IntHookObjectDeleteRegion(), IntHookObjectRemoveRegionInternal(), IntHookPtmDeleteHookInternal(), IntHookPtmDeleteTableHook(), IntHookPtmRemoveHookInternal(), IntHookPtmRemoveTableHook(), IntHookPtmWriteCallback(), IntHookPtsDeleteHookInternal(), IntHookPtsDeletePdHook(), IntHookPtsHandleModification(), IntHookPtsInvokeCallbacks(), IntHookPtsMergeEntry(), IntHookPtsRemoveHookInternal(), IntHookPtsRemovePteHook(), IntHookXcrCommit(), IntHookXcrRemoveHook(), IntIcInvdEntry(), IntIcRemoveAllInvdEntries(), IntIntegrityRemoveRegion(), IntLixAgentActivatePendingAgent(), IntLixAgentDisablePendingAgents(), IntLixAgentNameRemove(), IntLixCredRemove(), IntLixDrvRemoveDuplicate(), IntLixDrvRemoveFromAddress(), IntLixFilesCacheUninit(), IntLixTaskDeactivateExploitProtection(), IntLixTaskDestroy(), IntLixTaskHandleExec(), IntLixTaskPathFree(), IntLixTaskRemoveProtected(), IntLixTaskUninit(), IntLixVmaDestroy(), IntMemClkUncloakRegionInternal(), IntMtblRemoveAgentEntries(), IntMtblUninit(), IntPtiDeleteInstruction(), IntSlackFree(), IntSlackUninit(), IntSwapgsUninit(), IntSwapMemCancelTransaction(), IntSwapMemPageSwappedIn(), IntSwapMemRemoveTransaction(), IntSwapMemRemoveTransactionsForVaSpace(), IntUDRemoveEntry(), IntUninit(), IntUnpUnWatchPageInternal(), IntVasStopMonitorVaSpace(), IntVirtMemUnmapMultiPage(), IntWinAgentActivatePendingAgent(), IntWinAgentCheckIfProcessAgentAndDecrement(), IntWinAgentDisablePendingAgents(), IntWinAgentRemoveEntryByAgid(), IntWinAgentUnInit(), IntWinDrvObjRemoveFromAddress(), IntWinDrvObjUninit(), IntWinDrvRemoveEntry(), IntWinDrvRemoveFromAddress(), IntWinGuestCancelKernelRead(), IntWinGuestKernelHeadersInMemory(), IntWinGuestSectionInMemory(), IntWinHalCancelRead(), IntWinHalSectionInMemory(), IntWinModBlockRemoveBlockObject(), IntWinModHandleUnload(), IntWinObjCleanup(), IntWinObjHandleDirectoryEntryInMemory(), IntWinObjHandleDriverDirectoryEntryInMemory(), IntWinObjHandleObjectInMemory(), IntWinObjHandleRootDirTagInMemory(), IntWinObjParseDriverDirectory(), IntWinPfnRemoveLock(), IntWinPfnUnlockAddress(), IntWinProcLstRemoveProcess(), IntWinProcRemoveAllProtectedProcesses(), IntWinProcRemoveProtectedProcessInternal(), IntWinProcRemoveSubsystem(), IntWinProcUninit(), and IntWinUmCacheRemoveCache().

◆ RemoveHeadList()

static LIST_ENTRY* RemoveHeadList ( LIST_ENTRY * ListHead )

inlinestatic

Definition at line 105 of file introlists.h.

◆ RemoveTailList()

static LIST_ENTRY* RemoveTailList ( LIST_ENTRY * ListHead )

inlinestatic

Definition at line 120 of file introlists.h.

Data Structures

Macros

Typedefs

Functions

Macro Definition Documentation

◆ _list_for_each

◆ _list_for_next

◆ _next

◆ _next_entry

◆ CONTAINING_RECORD

◆ list_for_each

◆ list_for_each_link

◆ list_for_next

◆ LIST_HEAD_INIT

◆ OFFSET_OF

◆ PREPROC_CONCAT

◆ PREPROC_CONCAT_1

◆ PREPROC_CONCAT_2

◆ UNIQUE_NAME

Typedef Documentation

◆ LIST_ENTRY

◆ LIST_HEAD

◆ PLIST_ENTRY

◆ PLIST_HEAD

Function Documentation

◆ InitializeListHead()

◆ InsertAfterList()

◆ InsertHeadList()

◆ InsertTailList()

◆ IsListEmpty()

◆ RemoveEntryList()

◆ RemoveHeadList()

◆ RemoveTailList()