doxygen/html/lixfiles_8h_source.html

 /*
  * Copyright (c) 2020 Bitdefender
  * SPDX-License-Identifier: Apache-2.0
  */
 #ifndef LIX_FILES_H_
 #define LIX_FILES_H_

 #include "lixprocess.h"

 typedef struct _LIX_QSTR
 {
     union
     {
         struct
         {
             DWORD   Hash;
             DWORD   Length;
         };

         QWORD       HashLen;
     };

     QWORD           Name;
 } LIX_QSTR, *PLIX_QSTR;


 #define LIX_MAX_PATH            256u

 #define LIX_MAX_DENTRY_DEPTH    30

 #ifdef INT_COMPILER_MSVC
 #define LIX_FILE_HAS_SUID(mode) ((mode & S_ISUID) || ((mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP)))
 #else
 #define LIX_FILE_HAS_SUID(mode)                                         \
     ({ __auto_type mode_suid_ = (mode);                                 \
         ((mode_suid_ & S_ISUID) || ((mode_suid_ & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP))); })
 #endif

 INTSTATUS
 IntLixFileGetDentry(
     _In_ QWORD File,
     _Out_ QWORD *Dentry
     );

 INTSTATUS
 IntLixDentryGetName(
     _In_ QWORD Dentry,
     _Outptr_ char **FileName,
     _Out_opt_ DWORD *NameLength
     );

 INTSTATUS
 IntLixGetFileName(
     _In_ QWORD FileStruct,
     _Outptr_ char **FileName,
     _Out_opt_ DWORD *NameLength,
     _Out_opt_ QWORD *DentryGva
     );

 INTSTATUS
 IntLixFileGetPath(
     _In_ QWORD FileStructGva,
     _Out_ char **Path,
     _Out_opt_ DWORD *Length
     );

 void
 IntLixFilesCacheUninit(
     void
     );

 #endif // LIX_FILES_H_
_Out_
#define _Out_
Definition: intro_sal.h:22

_In_
#define _In_
Definition: intro_sal.h:21

_Outptr_
#define _Outptr_
Definition: intro_sal.h:19

INTSTATUS
int INTSTATUS
The status data type.
Definition: introstatus.h:24

PLIX_QSTR
struct _LIX_QSTR * PLIX_QSTR

_Out_opt_
#define _Out_opt_
Definition: intro_sal.h:30

_LIX_QSTR::Hash
DWORD Hash
Unused by introcore.
Definition: lixfiles.h:19

QWORD
unsigned long long QWORD
Definition: intro_types.h:53

IntLixDentryGetName
INTSTATUS IntLixDentryGetName(QWORD Dentry, char **FileName, DWORD *NameLength)
Gets the file-name that corresponds to the provided Dentry (guest virtual address).
Definition: lixfiles.c:227

LIX_QSTR
struct _LIX_QSTR LIX_QSTR
Describes a string used for paths by the linux kernel (quick string).

_LIX_QSTR::HashLen
QWORD HashLen
The union between the Hash and the Length.
Definition: lixfiles.h:23

IntLixFileGetDentry
INTSTATUS IntLixFileGetDentry(QWORD File, QWORD *Dentry)
Reads the value of the dentry field of the &#39;struct file&#39;.
Definition: lixfiles.c:195

_LIX_QSTR::Length
DWORD Length
The length of the string.
Definition: lixfiles.h:20

DWORD
uint32_t DWORD
Definition: intro_types.h:49

IntLixFilesCacheUninit
void IntLixFilesCacheUninit(void)
Removes and frees the entries of the dentry-cache.
Definition: lixfiles.c:86

IntLixGetFileName
INTSTATUS IntLixGetFileName(QWORD FileStruct, char **FileName, DWORD *NameLength, QWORD *DentryGva)
Gets the file-name that corresponds to the provided FileStruct (guest virtual address).
Definition: lixfiles.c:565

_LIX_QSTR::Name
QWORD Name
A pointer to the string.
Definition: lixfiles.h:26

lixprocess.h

_LIX_QSTR
Describes a string used for paths by the linux kernel (quick string).
Definition: lixfiles.h:13

IntLixFileGetPath
INTSTATUS IntLixFileGetPath(QWORD FileStructGva, char **Path, DWORD *Length)
Gets the path that corresponds to the provided FileStructGva (guest virtual address of the &#39;struct fi...
Definition: lixfiles.c:352