- Generated by
1.8.13
|
Bitdefender Hypervisor Memory Introspection
|
#include <windriver.h>
Data Fields | |
| DWORD | TimeDateStamp |
| The driver`s internal timestamp (from the _IMAGE_FILE_HEADER). More... | |
| DWORD | PathHash |
| CRC32 hash value for the driver`s path. More... | |
| DWORD | PathLength |
| The driver`s path length (number of WCHARS). More... | |
| PWCHAR | Path |
| The driver`s path. More... | |
| void * | EpHookObject |
| The EP hook placed on the driver (we will be notified when the execution began) - useful to obtain the DriverObject in order to protect it. More... | |
| PBYTE | MzPeHeaders |
| The driver`s MZ/PE headers (cached internally). More... | |
| PWIN_DRIVER_OBJECT | DriverObject |
| The driver object. More... | |
| void * | HeadersSwapHandle |
| The swap handle used to read the driver`s headers. More... | |
| void * | EatReadHook |
| The read hook placed on the driver`s EAT. More... | |
| QWORD | EatReadCount |
| The number of EAT reads that took place from withing known drivers. More... | |
Definition at line 21 of file windriver.h.
| PWIN_DRIVER_OBJECT _WIN_KERNEL_DRIVER::DriverObject |
The driver object.
Definition at line 36 of file windriver.h.
Referenced by IntExceptKernelMatchVictim(), IntWinDrvHandleDriverEntry(), IntWinDrvObjCreateFromAddress(), IntWinDrvObjHandleWrite(), and IntWinDrvObjRemove().
| QWORD _WIN_KERNEL_DRIVER::EatReadCount |
The number of EAT reads that took place from withing known drivers.
Definition at line 43 of file windriver.h.
Referenced by IntHandleTimer(), IntWinDrvForceDisableReadNtEat(), and IntWinDrvHandleRead().
| void* _WIN_KERNEL_DRIVER::EatReadHook |
The read hook placed on the driver`s EAT.
Definition at line 40 of file windriver.h.
Referenced by IntWinProtectReadNtEat(), and IntWinUnprotectReadNtEat().
| void* _WIN_KERNEL_DRIVER::EpHookObject |
The EP hook placed on the driver (we will be notified when the execution began) - useful to obtain the DriverObject in order to protect it.
Definition at line 32 of file windriver.h.
Referenced by IntWinDrvCreateFromAddress(), and IntWinDrvHandleDriverEntry().
| void* _WIN_KERNEL_DRIVER::HeadersSwapHandle |
The swap handle used to read the driver`s headers.
Definition at line 38 of file windriver.h.
Referenced by IntWinDrvHeadersInMemory().
| PBYTE _WIN_KERNEL_DRIVER::MzPeHeaders |
The driver`s MZ/PE headers (cached internally).
Definition at line 34 of file windriver.h.
Referenced by IntExceptWinKernelGetOriginator(), IntVeInit(), IntWinDrvHeadersInMemory(), IntWinHalFindHalHeapAndInterruptController(), IntWinHalFindInterruptController(), IntWinHalFindPerformanceCounter(), IntWinHalHeadersInMemory(), IntWinHalReadHal(), IntWinModFillDriverInjectionData(), IntWinProtectReadNtEat(), and IntWinStackTraceGet64().
| PWCHAR _WIN_KERNEL_DRIVER::Path |
The driver`s path.
Definition at line 28 of file windriver.h.
Referenced by IntVeInit(), and IntWinDrvCreateFromAddress().
| DWORD _WIN_KERNEL_DRIVER::PathHash |
CRC32 hash value for the driver`s path.
Definition at line 25 of file windriver.h.
Referenced by IntVeInit(), IntWinDrvCreateFromAddress(), and IntWinModFillDriverInjectionData().
| DWORD _WIN_KERNEL_DRIVER::PathLength |
The driver`s path length (number of WCHARS).
Definition at line 26 of file windriver.h.
Referenced by IntExceptKernelLogWindowsInformation(), IntVeInit(), and IntWinDrvCreateFromAddress().
| DWORD _WIN_KERNEL_DRIVER::TimeDateStamp |
The driver`s internal timestamp (from the _IMAGE_FILE_HEADER).
Definition at line 23 of file windriver.h.
Referenced by IntWinBcLogBsodEvent(), IntWinDrvHeadersInMemory(), and IntWinGuestFinishInit().
1.8.13