- Generated by
1.8.13
|
Bitdefender Hypervisor Memory Introspection
|
#include "debugger.h"#include "codeblocks.h"#include "decoder.h"#include "deployer.h"#include "gpacache.h"#include "hook.h"#include "hook_cr.h"#include "icache.h"#include "introapi.h"#include "kernvm.h"#include "memcloak.h"#include "ptfilter.h"#include "swapmem.h"#include "vasmonitor.h"#include "vecore.h"#include "visibility.h"#include "winnet.h"#include "winpe.h"#include "winpfn.h"#include "winprocesshp.h"#include "lixksym.h"#include "swapgs.h"Go to the source code of this file.
Data Structures | |
| struct | _DEBUGGER_COMMAND |
Typedefs | |
| typedef void(* | PFUNC_DebuggerFunctionArgs) (DWORD Argc, const char *Argv[]) |
| typedef void(* | PFUNC_DebuggerFunctionNoArgs) (void) |
| typedef struct _DEBUGGER_COMMAND | DEBUGGER_COMMAND |
Functions | |
| static INTSTATUS | DbgSwapCallback (void *Context, QWORD Cr3, QWORD VirtualAddress, QWORD PhysicalAddress, void *Data, DWORD DataSize, DWORD Flags) |
| static INTSTATUS | DbgVaModificationHandler (void *Context, QWORD VirtualAddress, QWORD OldEntry, QWORD NewEntry, QWORD OldPageSize, QWORD NewPageSize) |
| static INTSTATUS | DbgVaSpaceIterationCallback (QWORD Cr3, QWORD VirtualAddress, QWORD Entry, QWORD PageSize) |
| static INTSTATUS | DbgVaSpaceIterationCallbackCount (QWORD Cr3, QWORD VirtualAddress, QWORD PhysicalAddress, QWORD PageSize) |
| static void | IntDbgCheckHooks (void) |
| static void | DbgDumpKmException (KM_EXCEPTION *Exception) |
| static void | DbgDumpUmException (UM_EXCEPTION *Exception) |
| static void | DbgDumpUmExceptionGlobMatch (UM_EXCEPTION_GLOB *Exception) |
| static INTSTATUS | DbgCrWriteTestCallback (void *Context, DWORD Cr, QWORD OldValue, QWORD NewValue, INTRO_ACTION *Action) |
| static void | DbgShowHelp (void) |
| static void | DbgDumpGuestModules (void) |
| static void | DbgInjectPf (DWORD Argc, const char *Argv[]) |
| static void | DbgDumpPfn (DWORD Argc, const char *Argv[]) |
| static void | DbgDumpCodeblocks (DWORD Argc, const char *Argv[]) |
| static void | DbgDumpExceptions (void) |
| static void | DbgDumpHooksGva (void) |
| static void | DbgDumpProcesses (void) |
| static void | DbgProcAdd (DWORD Argc, const char *Argv[]) |
| static void | DbgProcRem (DWORD Argc, const char *Argv[]) |
| static void | DbgProcClear (void) |
| static void | DbgProcList (void) |
| static void | DbgDumpGpaCache (void) |
| static void | DbgDisasm (DWORD Argc, const char *Argv[]) |
| static void | DbgInjectAgent (DWORD Argc, const char *Argv[]) |
| static void | DbgInjectFileAgent (DWORD Argc, const char *Argv[]) |
| static void | DbgSearchVaSpace (DWORD Argc, const char *Argv[]) |
| static void | DbgIterateVaSpace (void) |
| static void | DbgDumpTranslation (DWORD Argc, const char *Argv[]) |
| static void | DbgPtsHook (DWORD Argc, const char *Argv[]) |
| static void | DbgPtsUnhook (DWORD Argc, const char *Argv[]) |
| static void | DbgPtsWrite (DWORD Argc, const char *Argv[]) |
| static void | DbgDumpCpuState (void) |
| static void | DbgLogCoreOptions (void) |
| static void | DbgSetCoreOptions (DWORD Argc, const char *Argv[]) |
| static void | DbgLogCurrentProcess (void) |
| static void | DbgFindKsym (DWORD Argc, const char *Argv[]) |
| static void | DbgLogKpcr (void) |
| static void | DbgDumpProcToken (DWORD Argc, const char *Argv[]) |
| static void | DbgDumpEthreadToken (DWORD Argc, const char *Argv[]) |
| static void | DbgDumpVaSpace (DWORD Argc, const char *Argv[]) |
| static void | DbgSwap (DWORD Argc, const char *Argv[]) |
| static void | DbgDumpVadRoot (DWORD Argc, const char *Argv[]) |
| static void | DbgDumpVads (DWORD Argc, const char *Argv[]) |
| static void | DbgVadFind (DWORD Argc, const char *Argv[]) |
| static void | DbgLogFilePath (DWORD Argc, const char *Argv[]) |
| static void | DbgLoadPt (void) |
| static void | DbgUnloadPt (void) |
| static void | DbgLoadVe (void) |
| static void | DbgUnloadVe (void) |
| static void | DbgTestSse (DWORD Argc, const char *Argv[]) |
| static void | DbgTestRead (DWORD Argc, const char *Argv[]) |
| static void | DbgTestCrHookSet (DWORD Argc, const char *Argv[]) |
| static void | DbgTestCrHookRem (DWORD Argc, const char *Argv[]) |
| static void | DbgFailAllocs (void) |
| static void | DbgCheckEpt (void) |
| static void | DbgSetLogLevel (DWORD Argc, const char *Argv[]) |
| static void | DbgMitigateSwapgs (DWORD Argc, const char *Argv[]) |
| INTSTATUS | IntDbgProcessCommand (DWORD Argc, const char *Argv[]) |
Variables | |
| BOOLEAN | gFailAllocs = FALSE |
| BOOLEAN | gInsideDebugger = FALSE |
| Set to True when introcore is inside a debugger. More... | |
| LIST_HEAD | gWinProcesses |
| The list of all the processes inside the guest. More... | |
| BOOLEAN | gLoadPtDriver |
| BOOLEAN | gUnloadPtDriver |
| BOOLEAN | gInjectVeLoader |
| BOOLEAN | gInjectVeUnloader |
| static QWORD | gTargetPML4 |
| static QWORD | gPagesRead |
| static QWORD | gPagesWrite |
| static QWORD | gPagesDirty |
| static BYTE * | gPagesBitmap = NULL |
| BOOLEAN | swapgsMit = FALSE |
| static DEBUGGER_COMMAND | gDbgCommands [] |
| typedef struct _DEBUGGER_COMMAND DEBUGGER_COMMAND |
| typedef void(* PFUNC_DebuggerFunctionArgs) (DWORD Argc, const char *Argv[]) |
Definition at line 37 of file debugger.c.
| typedef void(* PFUNC_DebuggerFunctionNoArgs) (void) |
Definition at line 42 of file debugger.c.
|
static |
Definition at line 2313 of file debugger.c.
|
static |
Definition at line 359 of file debugger.c.
Referenced by DbgTestCrHookSet().
|
static |
Definition at line 1448 of file debugger.c.
|
static |
Definition at line 846 of file debugger.c.
|
static |
Definition at line 1720 of file debugger.c.
|
static |
Definition at line 1908 of file debugger.c.
|
static |
Definition at line 946 of file debugger.c.
|
static |
Definition at line 1439 of file debugger.c.
|
static |
Definition at line 619 of file debugger.c.
|
static |
Definition at line 1204 of file debugger.c.
|
static |
Definition at line 249 of file debugger.c.
Referenced by DbgDumpExceptions().
|
static |
Definition at line 749 of file debugger.c.
|
static |
Definition at line 1255 of file debugger.c.
|
static |
Definition at line 1870 of file debugger.c.
|
static |
Definition at line 1593 of file debugger.c.
|
static |
Definition at line 285 of file debugger.c.
Referenced by DbgDumpExceptions().
|
static |
Definition at line 322 of file debugger.c.
Referenced by DbgDumpExceptions().
|
static |
Definition at line 2006 of file debugger.c.
|
static |
Definition at line 2061 of file debugger.c.
|
static |
Definition at line 1950 of file debugger.c.
|
static |
Definition at line 2302 of file debugger.c.
|
static |
Definition at line 1789 of file debugger.c.
|
static |
Definition at line 1480 of file debugger.c.
|
static |
Definition at line 1507 of file debugger.c.
|
static |
Definition at line 722 of file debugger.c.
|
static |
Definition at line 1558 of file debugger.c.
|
static |
Definition at line 2119 of file debugger.c.
|
static |
Definition at line 2137 of file debugger.c.
|
static |
Definition at line 1740 of file debugger.c.
|
static |
Definition at line 1771 of file debugger.c.
|
static |
Definition at line 2106 of file debugger.c.
|
static |
Definition at line 1837 of file debugger.c.
|
static |
Definition at line 2360 of file debugger.c.
|
static |
Definition at line 1271 of file debugger.c.
|
static |
Definition at line 1414 of file debugger.c.
|
static |
Definition at line 1423 of file debugger.c.
|
static |
Definition at line 1343 of file debugger.c.
|
static |
Definition at line 1630 of file debugger.c.
|
static |
Definition at line 1664 of file debugger.c.
|
static |
Definition at line 1690 of file debugger.c.
|
static |
Definition at line 1533 of file debugger.c.
|
static |
Definition at line 1749 of file debugger.c.
|
static |
Definition at line 2333 of file debugger.c.
|
static |
Definition at line 2776 of file debugger.c.
Referenced by DbgCrWriteTestCallback().
|
static |
Definition at line 1975 of file debugger.c.
|
static |
Definition at line 48 of file debugger.c.
Referenced by DbgSwap().
|
static |
Definition at line 2277 of file debugger.c.
|
static |
Definition at line 2247 of file debugger.c.
|
static |
Definition at line 2211 of file debugger.c.
|
static |
Definition at line 2155 of file debugger.c.
|
static |
Definition at line 2128 of file debugger.c.
|
static |
Definition at line 2146 of file debugger.c.
|
static |
Definition at line 2080 of file debugger.c.
|
static |
Definition at line 69 of file debugger.c.
Referenced by DbgPtsHook().
|
static |
Definition at line 98 of file debugger.c.
Referenced by DbgSearchVaSpace().
|
static |
Definition at line 120 of file debugger.c.
Referenced by DbgIterateVaSpace().
|
static |
Definition at line 182 of file debugger.c.
Referenced by IntHookCommitAllHooks().
Definition at line 2811 of file debugger.c.
Referenced by IntDbgEnterDebugger2(), and IntProcessDebugCommand().
|
static |
Definition at line 2397 of file debugger.c.
Definition at line 27 of file debugger.c.
Referenced by DbgFailAllocs().
| BOOLEAN gInjectVeLoader |
Definition at line 27 of file callbacks.c.
Referenced by DbgLoadVe(), and IntHandleTimer().
| BOOLEAN gInjectVeUnloader |
Definition at line 27 of file callbacks.c.
Referenced by DbgUnloadVe(), and IntHandleTimer().
Set to True when introcore is inside a debugger.
This is used to avoid pausing VCPUs while trapped inside a debugger, as that can lead to deadlocks
Definition at line 28 of file debugger.c.
Referenced by IntDbgProcessCommand(), IntPauseVcpus(), and IntResumeVcpus().
| BOOLEAN gLoadPtDriver |
Definition at line 28 of file callbacks.c.
Referenced by DbgLoadPt(), and IntHandleTimer().
|
static |
Definition at line 116 of file debugger.c.
|
static |
Definition at line 115 of file debugger.c.
|
static |
Definition at line 115 of file debugger.c.
|
static |
Definition at line 115 of file debugger.c.
|
static |
Definition at line 94 of file debugger.c.
| BOOLEAN gUnloadPtDriver |
Definition at line 28 of file callbacks.c.
Referenced by DbgUnloadPt(), and IntHandleTimer().
| LIST_HEAD gWinProcesses |
The list of all the processes inside the guest.
Definition at line 11 of file winprocesshp.c.
Definition at line 2357 of file debugger.c.
1.8.13