- Generated by
1.8.13
|
Bitdefender Hypervisor Memory Introspection
|
#include <integrity.h>
Data Fields | |
| LIST_ENTRY | Link |
| Link to the next integrity region. More... | |
| QWORD | Gva |
| The guest virtual address where the region starts. More... | |
| DWORD | Length |
| The length of the current region, in bytes. More... | |
| DWORD | OriginalHash |
| DWORD | ModifiedHash |
| The newly computed hash when a modification is detected. More... | |
| DWORD | ViolationCount |
| The number of detected modifications on the given region. More... | |
| INTRO_OBJECT_TYPE | Type |
| The associated INTRO_OBJECT_TYPE with the protected region. More... | |
| void * | Context |
| User supplied context, see IntIntegrityAddRegion for an example. More... | |
| void * | OriginalContent |
| A buffer containing the original bytes of the associated region. More... | |
| PFUNC_IntegrityViolationCallback | Callback |
| The callback to be called when a violation occurs. More... | |
| BOOLEAN | Deleted |
| Set TRUE for postpone deleting of integrity regions (e.g. deleting from callback) More... | |
Structure describing a region protected through integrity mechanism.
Definition at line 28 of file integrity.h.
| PFUNC_IntegrityViolationCallback _INTEGRITY_REGION::Callback |
The callback to be called when a violation occurs.
Definition at line 45 of file integrity.h.
Referenced by IntIntegrityAddRegion().
| void* _INTEGRITY_REGION::Context |
User supplied context, see IntIntegrityAddRegion for an example.
Definition at line 41 of file integrity.h.
Referenced by IntIntegrityAddRegion().
| BOOLEAN _INTEGRITY_REGION::Deleted |
Set TRUE for postpone deleting of integrity regions (e.g. deleting from callback)
Definition at line 47 of file integrity.h.
Referenced by IntIntegrityAddRegion(), and IntIntegrityDeleteRegion().
| QWORD _INTEGRITY_REGION::Gva |
The guest virtual address where the region starts.
Definition at line 31 of file integrity.h.
Referenced by IntIntegrityAddRegion(), IntIntegrityDeleteRegion(), and IntIntegrityRemoveRegion().
| DWORD _INTEGRITY_REGION::Length |
The length of the current region, in bytes.
Definition at line 32 of file integrity.h.
Referenced by IntIntegrityAddRegion(), IntIntegrityDeleteRegion(), and IntIntegrityRemoveRegion().
| LIST_ENTRY _INTEGRITY_REGION::Link |
Link to the next integrity region.
Definition at line 30 of file integrity.h.
Referenced by IntIntegrityAddRegion(), and IntIntegrityRemoveRegion().
| DWORD _INTEGRITY_REGION::ModifiedHash |
The newly computed hash when a modification is detected.
Definition at line 35 of file integrity.h.
| void* _INTEGRITY_REGION::OriginalContent |
A buffer containing the original bytes of the associated region.
Definition at line 43 of file integrity.h.
Referenced by IntIntegrityAddRegion(), IntIntegrityRemoveRegion(), and IntWinIntObjHandleModification().
| DWORD _INTEGRITY_REGION::OriginalHash |
The computed hash of the region.
Definition at line 33 of file integrity.h.
Referenced by IntIntegrityAddRegion().
| INTRO_OBJECT_TYPE _INTEGRITY_REGION::Type |
The associated INTRO_OBJECT_TYPE with the protected region.
Definition at line 39 of file integrity.h.
Referenced by IntIntegrityAddRegion().
| DWORD _INTEGRITY_REGION::ViolationCount |
The number of detected modifications on the given region.
Definition at line 37 of file integrity.h.
Referenced by IntIntegrityAddRegion().
1.8.13