Bitdefender Hypervisor Memory Introspection
|
Holds information about a security descriptor write attempt. More...
#include <intro_types.h>
Data Fields | |
QWORD | OldAddress |
The old security descriptor address. More... | |
QWORD | NewAddress |
DWORD | NewSecDescHash |
The CRC32 hash of the new security descriptor (after zeroing out SIDs with more than one sub-authority). More... | |
BYTE | OldSecDesc [INTRO_SECURITY_DESCRIPTOR_SIZE] |
The old security descriptor buffer (valid only if INTRO_OBJECT_TYPE is introObjectTypeSecDesc or introObjectTypeAcl). More... | |
DWORD | OldSecDescSize |
The size of the old security descriptor buffer (valid only if INTRO_OBJECT_TYPE is introObjectTypeSecDesc or introObjectTypeAcl). More... | |
BYTE | NewSecDesc [INTRO_SECURITY_DESCRIPTOR_SIZE] |
The new security descriptor buffer (valid only if INTRO_OBJECT_TYPE is introObjectTypeSecDesc or introObjectTypeAcl). More... | |
DWORD | NewSecDescSize |
The size of the new security descriptor buffer (valid only if INTRO_OBJECT_TYPE is introObjectTypeSecDesc or introObjectTypeAcl). More... | |
Holds information about a security descriptor write attempt.
Definition at line 1011 of file intro_types.h.
QWORD _INTRO_SEC_DESC_INFO::NewAddress |
The new security descriptor address.
Definition at line 1014 of file intro_types.h.
Referenced by IntWinSDSendAclIntegrityViolation(), and IntWinSDSendSecDescIntViolation().
BYTE _INTRO_SEC_DESC_INFO::NewSecDesc[INTRO_SECURITY_DESCRIPTOR_SIZE] |
The new security descriptor buffer (valid only if INTRO_OBJECT_TYPE is introObjectTypeSecDesc or introObjectTypeAcl).
Definition at line 1027 of file intro_types.h.
Referenced by IntWinSDSendAclIntegrityViolation(), and IntWinSDSendSecDescIntViolation().
DWORD _INTRO_SEC_DESC_INFO::NewSecDescHash |
The CRC32 hash of the new security descriptor (after zeroing out SIDs with more than one sub-authority).
Definition at line 1016 of file intro_types.h.
Referenced by IntWinSDSendAclIntegrityViolation(), and IntWinSDSendSecDescIntViolation().
DWORD _INTRO_SEC_DESC_INFO::NewSecDescSize |
The size of the new security descriptor buffer (valid only if INTRO_OBJECT_TYPE is introObjectTypeSecDesc or introObjectTypeAcl).
Definition at line 1030 of file intro_types.h.
Referenced by IntWinSDSendAclIntegrityViolation(), and IntWinSDSendSecDescIntViolation().
QWORD _INTRO_SEC_DESC_INFO::OldAddress |
The old security descriptor address.
Definition at line 1013 of file intro_types.h.
Referenced by IntWinSDSendAclIntegrityViolation(), and IntWinSDSendSecDescIntViolation().
BYTE _INTRO_SEC_DESC_INFO::OldSecDesc[INTRO_SECURITY_DESCRIPTOR_SIZE] |
The old security descriptor buffer (valid only if INTRO_OBJECT_TYPE is introObjectTypeSecDesc or introObjectTypeAcl).
Definition at line 1020 of file intro_types.h.
Referenced by IntWinSDSendAclIntegrityViolation(), and IntWinSDSendSecDescIntViolation().
DWORD _INTRO_SEC_DESC_INFO::OldSecDescSize |
The size of the old security descriptor buffer (valid only if INTRO_OBJECT_TYPE is introObjectTypeSecDesc or introObjectTypeAcl).
Definition at line 1023 of file intro_types.h.
Referenced by IntWinSDSendAclIntegrityViolation(), and IntWinSDSendSecDescIntViolation().