- Generated by
1.8.13
|
Bitdefender Hypervisor Memory Introspection
|
#include "introtypes.h"Go to the source code of this file.
Functions | |
| INTSTATUS | IntWinInfHookProtect (void) |
| This function initializes protection against infinity hook mechanism. More... | |
| INTSTATUS | IntWinInfHookUnprotect (void) |
| Removes the protection against infinity hook. More... | |
| INTSTATUS IntWinInfHookProtect | ( | void | ) |
This function initializes protection against infinity hook mechanism.
Called on timer once every second, it will try to initialize the infinity hook protection mechanism. If the initialization has already failed, the function will bail out. Note that this function might be called multiple times since EtwpDebuggerDataSilo may not be initialized and once everything is set up, it will try once again to initialize protection on timer when a write to the pointer in order to initialize it has been made.
| INT_STATUS_SUCCESS | On success. |
| INT_STATUS_ALREADY_INITIALIZED_HINT | When the protection is already initialized or it already failed to initialize. |
| INT_STATUS_NOT_NEEDED_HINT | When, based on the current options, the infinity hook protection is not activated. |
| INT_STATUS_NOT_INITIALIZED_HINT | When we don't have yet a kernel driver, thus the protection cannot be established yet. |
| INT_STATUS_ALREADY_INITIALIZED | When the hooks are already established but the protection is not considered initialized. Indicates an error in properly setting the gLoggerCtxState fields. |
Definition at line 1451 of file wininfinityhook.c.
Referenced by IntGuestUpdateCoreOptions(), and IntHandleTimer().
| INTSTATUS IntWinInfHookUnprotect | ( | void | ) |
Removes the protection against infinity hook.
It will remove all the established hooks, and reset the state. Note that the FailedToInitialize field in gLoggerCtxState will remain in the same value, in order to avoid retrying to establish the hooks if the protection failed if there are protection flags changes which disable and then re-enable the infinity hook protection.
| INT_STATUS_SUCCESS | On success. |
Definition at line 1611 of file wininfinityhook.c.
Referenced by IntGuestUpdateCoreOptions(), and IntWinInfHookProtect().
1.8.13