Bitdefender Hypervisor Memory Introspection
scan_engines.h
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2020 Bitdefender
3  * SPDX-License-Identifier: Apache-2.0
4  */
11 
12 #ifndef _SCAN_ENGINES_H_
13 #define _SCAN_ENGINES_H_
14 
15 #include "winprocess.h"
16 #include "lixprocess.h"
17 
18 INTSTATUS
19 IntLixEngExecSendNotification(
20  _In_ LIX_TASK_OBJECT *Task,
21  _In_ PIG_ARCH_REGS Registers,
22  _In_ PINTRO_EXEC_INFO ExecInfo
23  );
24 
25 INTSTATUS
26 IntWinEngExecSendNotification(
27  _In_ PWIN_PROCESS_OBJECT Process,
28  _In_ PIG_ARCH_REGS Registers,
29  _In_ PINTRO_EXEC_INFO ExecInfo
30  );
31 
32 INTSTATUS
33 IntHandleExecCallback(
34  _In_ PENG_NOTIFICATION_CODE_EXEC ExecNotification
35  );
36 
37 #endif //_SCAN_ENGINES_H_
winprocess.h
Exposes the types, constants and functions used to handle Windows processes events (creation...
_In_
#define _In_
Definition: intro_sal.h:21
IntHandleExecCallback
INTSTATUS IntHandleExecCallback(PENG_NOTIFICATION_CODE_EXEC ExecNotification)
Handle the code execution scan result provided by the engines.
Definition: scan_engines.c:371
INTSTATUS
int INTSTATUS
The status data type.
Definition: introstatus.h:24
IntLixEngExecSendNotification
INTSTATUS IntLixEngExecSendNotification(LIX_TASK_OBJECT *Task, PIG_ARCH_REGS Registers, PINTRO_EXEC_INFO ExecInfo)
Notify the scan engines about a possible malicious code execution in a Linux guest.
Definition: scan_engines.c:215
_ENG_NOTIFICATION_CODE_EXEC
Execution notification for scan engines.
Definition: intro_types.h:2071
_LIX_TASK_OBJECT
Definition: lixprocess.h:38
IntWinEngExecSendNotification
INTSTATUS IntWinEngExecSendNotification(PWIN_PROCESS_OBJECT Process, PIG_ARCH_REGS Registers, PINTRO_EXEC_INFO ExecInfo)
Notify the scan engines about a possible malicious code execution in a Windows guest.
Definition: scan_engines.c:293
_INTRO_EXEC_INFO
Holds information about an execution attempt.
Definition: intro_types.h:999
_IG_ARCH_REGS
Holds register state.
Definition: glueiface.h:30
_WIN_PROCESS_OBJECT
This structure describes a running process inside the guest.
Definition: winprocess.h:83