- Generated by
1.11.0
|
HyperDbg Debugger
|
Here we put global variables that are used more or less in all part of our hypervisor (not all of them) More...
Go to the source code of this file.
Variables | |
| COMPATIBILITY_CHECKS_STATUS | g_CompatibilityCheck |
| Different attributes and compatibility checks of the current processor. | |
| VMM_CALLBACKS | g_Callbacks |
| List of callbacks. | |
| VIRTUAL_MACHINE_STATE * | g_GuestState |
| Save the state and variables related to virtualization on each to logical core. | |
| MEMORY_MAPPER_ADDRESSES * | g_MemoryMapper |
| Save the state of memory mapper. | |
| EPT_STATE * | g_EptState |
| Save the state and variables related to EPT. | |
| TRANSPARENCY_MEASUREMENTS * | g_TransparentModeMeasurements |
| holds the measurements from the user-mode and kernel-mode | |
| LIST_ENTRY | g_EptHook2sDetourListHead |
| List header of hidden hooks detour. | |
| BOOLEAN | g_IsEptHook2sDetourListInitialized |
| List header of hidden hooks detour. | |
| BOOLEAN | g_TransparentMode |
| Shows whether the debugger transparent mode is enabled (true) or not (false) | |
| VOID * | g_ApicBase |
| APIC Base. | |
| BOOLEAN | g_NmiBroadcastingInitialized |
| check for broadcasting NMI mechanism support and its initialization | |
| PVOID | g_NmiHandlerForKeDeregisterNmiCallback |
| NMI handler pointer for KeDeregisterNmiCallback. | |
| BOOLEAN | g_IsUnsafeSyscallOrSysretHandling |
| Shows whether the debuggee is waiting for an trap step or not. | |
| UINT64 * | g_MsrBitmapInvalidMsrs |
| Bitmap of MSRs that cause #GP. | |
| BOOLEAN | g_CheckPageFaultsAndMov2Cr3VmexitsWithUserDebugger |
| Whether the page-fault and cr3 vm-exits in vmx-root should check the #PFs or the PML4.Supervisor with user debugger or not. | |
| BOOLEAN | g_ModeBasedExecutionControlState |
| Enable interception of Cr3 for Mode-based Execution detection. | |
| BOOLEAN | g_TriggerEventForVmcalls |
| Showes whether the vmcall handler is allowed to trigger an event or not. | |
| BOOLEAN | g_TriggerEventForCpuids |
| Showes whether the cpuid handler is allowed to trigger an event or not. | |
| BOOLEAN | g_ExecTrapInitialized |
| Showes whether the execution trap handler is allowed to trigger an event or not. | |
| BOOLEAN | g_ExecTrapUnInitializationStarted |
| Showes whether the uninitialization of the exec trap is started or not. | |
| USER_KERNEL_EXECUTION_TRAP_STATE | g_ExecTrapState |
| State of the trap-flag. | |
| BOOLEAN | g_IsInterceptingInstructions |
| Test value for intercepting instructions. | |
| BOOLEAN | g_WaitingForInterruptWindowToInjectPageFault |
| Shows whether the the VMM is waiting to inject a page-fault or not. | |
| UINT64 | g_PageFaultInjectionAddressFrom |
| The (from) address for page-fault injection. | |
| UINT64 | g_PageFaultInjectionAddressTo |
| The (to) address for page-fault injection. | |
| UINT32 | g_PageFaultInjectionErrorCode |
| The error code for page-fault injection. | |
Here we put global variables that are used more or less in all part of our hypervisor (not all of them)
Note : All the global variables are not here, just those that will be used in all project. Special use global variables are located in their corresponding headers
| VOID* g_ApicBase |
APIC Base.
| VMM_CALLBACKS g_Callbacks |
List of callbacks.
| BOOLEAN g_CheckPageFaultsAndMov2Cr3VmexitsWithUserDebugger |
Whether the page-fault and cr3 vm-exits in vmx-root should check the #PFs or the PML4.Supervisor with user debugger or not.
| COMPATIBILITY_CHECKS_STATUS g_CompatibilityCheck |
Different attributes and compatibility checks of the current processor.
| LIST_ENTRY g_EptHook2sDetourListHead |
List header of hidden hooks detour.
| EPT_STATE* g_EptState |
Save the state and variables related to EPT.
| BOOLEAN g_ExecTrapInitialized |
Showes whether the execution trap handler is allowed to trigger an event or not.
| USER_KERNEL_EXECUTION_TRAP_STATE g_ExecTrapState |
State of the trap-flag.
| BOOLEAN g_ExecTrapUnInitializationStarted |
Showes whether the uninitialization of the exec trap is started or not.
| VIRTUAL_MACHINE_STATE* g_GuestState |
Save the state and variables related to virtualization on each to logical core.
| BOOLEAN g_IsEptHook2sDetourListInitialized |
List header of hidden hooks detour.
| BOOLEAN g_IsInterceptingInstructions |
Test value for intercepting instructions.
| BOOLEAN g_IsUnsafeSyscallOrSysretHandling |
Shows whether the debuggee is waiting for an trap step or not.
| MEMORY_MAPPER_ADDRESSES* g_MemoryMapper |
Save the state of memory mapper.
| BOOLEAN g_ModeBasedExecutionControlState |
Enable interception of Cr3 for Mode-based Execution detection.
| UINT64* g_MsrBitmapInvalidMsrs |
Bitmap of MSRs that cause #GP.
| BOOLEAN g_NmiBroadcastingInitialized |
check for broadcasting NMI mechanism support and its initialization
| PVOID g_NmiHandlerForKeDeregisterNmiCallback |
NMI handler pointer for KeDeregisterNmiCallback.
| UINT64 g_PageFaultInjectionAddressFrom |
The (from) address for page-fault injection.
| UINT64 g_PageFaultInjectionAddressTo |
The (to) address for page-fault injection.
| UINT32 g_PageFaultInjectionErrorCode |
The error code for page-fault injection.
| BOOLEAN g_TransparentMode |
Shows whether the debugger transparent mode is enabled (true) or not (false)
| TRANSPARENCY_MEASUREMENTS* g_TransparentModeMeasurements |
holds the measurements from the user-mode and kernel-mode
| BOOLEAN g_TriggerEventForCpuids |
Showes whether the cpuid handler is allowed to trigger an event or not.
| BOOLEAN g_TriggerEventForVmcalls |
Showes whether the vmcall handler is allowed to trigger an event or not.
| BOOLEAN g_WaitingForInterruptWindowToInjectPageFault |
Shows whether the the VMM is waiting to inject a page-fault or not.
1.11.0