Bitdefender Hypervisor Memory Introspection
|
Exposes the functions used to schedule an asynchronous code execution scan and receives its result. More...
Go to the source code of this file.
Functions | |
INTSTATUS | IntLixEngExecSendNotification (LIX_TASK_OBJECT *Task, PIG_ARCH_REGS Registers, PINTRO_EXEC_INFO ExecInfo) |
Notify the scan engines about a possible malicious code execution in a Linux guest. More... | |
INTSTATUS | IntWinEngExecSendNotification (PWIN_PROCESS_OBJECT Process, PIG_ARCH_REGS Registers, PINTRO_EXEC_INFO ExecInfo) |
Notify the scan engines about a possible malicious code execution in a Windows guest. More... | |
INTSTATUS | IntHandleExecCallback (PENG_NOTIFICATION_CODE_EXEC ExecNotification) |
Handle the code execution scan result provided by the engines. More... | |
Exposes the functions used to schedule an asynchronous code execution scan and receives its result.
Definition in file scan_engines.h.
INTSTATUS IntHandleExecCallback | ( | PENG_NOTIFICATION_CODE_EXEC | ExecNotification | ) |
Handle the code execution scan result provided by the engines.
If the introspection successfully sent a code execution notification to the engines, this callback will be triggered in an asynchronous fashion. Please note that since the ENG_NOTIFICATION_CODE_EXEC is heap allocated, this callback must always be invoked (otherwise a memory leak will occur).
[in] | ExecNotification | The engine notification sent to the integrator from IntWinEngExecSendNotification or IntLixEngExecSendNotification. |
Definition at line 371 of file scan_engines.c.
Referenced by IntEnginesResultCallback().
INTSTATUS IntLixEngExecSendNotification | ( | LIX_TASK_OBJECT * | Task, |
PIG_ARCH_REGS | Registers, | ||
PINTRO_EXEC_INFO | ExecInfo | ||
) |
Notify the scan engines about a possible malicious code execution in a Linux guest.
If the Introcore internal logic did not consider the code executions as being malicious, the scan engines will be notified and they will provided a result in an asynchronous fashion.
[in] | Task | The Linux task that triggered the execution. |
[in] | Registers | The current state of the CPU registers. |
[in] | ExecInfo | Information about the execution itself. |
Definition at line 215 of file scan_engines.c.
Referenced by IntLixVmaHandlePageExecution().
INTSTATUS IntWinEngExecSendNotification | ( | PWIN_PROCESS_OBJECT | Process, |
PIG_ARCH_REGS | Registers, | ||
PINTRO_EXEC_INFO | ExecInfo | ||
) |
Notify the scan engines about a possible malicious code execution in a Windows guest.
If the Introcore internal logic did not consider the code executions as being malicious, the scan engines will be notified and they will provided a result in an asynchronous fashion.
[in] | Process | The Windows process that triggered the execution. |
[in] | Registers | The current state of the CPU registers. |
[in] | ExecInfo | Information about the execution itself. |
Definition at line 293 of file scan_engines.c.
Referenced by IntWinVadIsExecSuspicious().