Bitdefender Hypervisor Memory Introspection
Data Fields
_EVENT_DTR_VIOLATION Struct Reference

Event structure for GDTR/IDTR descriptor tables modifications. More...

#include <intro_types.h>

Data Fields

INTRO_VIOLATION_HEADER Header
 The alert header. More...
 
struct {
   INTRO_MODULE   Module
 The module that modified the DTR. More...
 
   INTRO_MODULE   ReturnModule
 The module to which the current code return to. More...
 
Originator
 
struct {
   INTRO_OBJECT_TYPE   Type
 The type of the modified register. More...
 
Victim
 
INTRO_WRITE_INFO WriteInfo
 The original value and the new value of the register. More...
 
INTRO_CODEBLOCKS CodeBlocks
 Code blocks extracted for the alert. More...
 
INTRO_EXEC_CONTEXT ExecContext
 Information about the instruction that triggered the alert. More...
 

Detailed Description

Event structure for GDTR/IDTR descriptor tables modifications.

Definition at line 1625 of file intro_types.h.

Field Documentation

◆ CodeBlocks

INTRO_CODEBLOCKS _EVENT_DTR_VIOLATION::CodeBlocks

Code blocks extracted for the alert.

Definition at line 1642 of file intro_types.h.

Referenced by IntDtrSendAlert().

◆ ExecContext

INTRO_EXEC_CONTEXT _EVENT_DTR_VIOLATION::ExecContext

Information about the instruction that triggered the alert.

Definition at line 1644 of file intro_types.h.

Referenced by IntDtrSendAlert().

◆ Header

INTRO_VIOLATION_HEADER _EVENT_DTR_VIOLATION::Header

The alert header.

Definition at line 1627 of file intro_types.h.

Referenced by IntDtrSendAlert().

◆ Module

INTRO_MODULE _EVENT_DTR_VIOLATION::Module

The module that modified the DTR.

Definition at line 1631 of file intro_types.h.

◆ Originator

struct { ... } _EVENT_DTR_VIOLATION::Originator

◆ ReturnModule

INTRO_MODULE _EVENT_DTR_VIOLATION::ReturnModule

The module to which the current code return to.

Definition at line 1632 of file intro_types.h.

◆ Type

INTRO_OBJECT_TYPE _EVENT_DTR_VIOLATION::Type

The type of the modified register.

Definition at line 1637 of file intro_types.h.

◆ Victim

struct { ... } _EVENT_DTR_VIOLATION::Victim

◆ WriteInfo

INTRO_WRITE_INFO _EVENT_DTR_VIOLATION::WriteInfo

The original value and the new value of the register.

Definition at line 1640 of file intro_types.h.

The documentation for this struct was generated from the following file: