HyperDbg's SDK for VMM project. More...
Go to the source code of this file.
Classes | |
| struct | _VMM_CALLBACKS |
| Prototype of each function needed by VMM module. More... | |
Typedefs | |
| typedef BOOLEAN(* | LOG_CALLBACK_PREPARE_AND_SEND_MESSAGE_TO_QUEUE) (UINT32 OperationCode, BOOLEAN IsImmediateMessage, BOOLEAN ShowCurrentSystemTime, BOOLEAN Priority, const char *Fmt, va_list ArgList) |
| A function from the message tracer that send the inputs to the queue of the messages. | |
| typedef BOOLEAN(* | LOG_CALLBACK_SEND_MESSAGE_TO_QUEUE) (UINT32 OperationCode, BOOLEAN IsImmediateMessage, CHAR *LogMessage, UINT32 BufferLen, BOOLEAN Priority) |
| A function that sends the messages to message tracer buffers. | |
| typedef BOOLEAN(* | LOG_CALLBACK_SEND_BUFFER) (_In_ UINT32 OperationCode, _In_reads_bytes_(BufferLength) PVOID Buffer, _In_ UINT32 BufferLength, _In_ BOOLEAN Priority) |
| A function that sends the messages to message tracer buffers. | |
| typedef BOOLEAN(* | LOG_CALLBACK_CHECK_IF_BUFFER_IS_FULL) (BOOLEAN Priority) |
| A function that checks whether the priority or regular buffer is full or not. | |
| typedef VMM_CALLBACK_TRIGGERING_EVENT_STATUS_TYPE(* | VMM_CALLBACK_TRIGGER_EVENTS) (VMM_EVENT_TYPE_ENUM EventType, VMM_CALLBACK_EVENT_CALLING_STAGE_TYPE CallingStage, PVOID Context, BOOLEAN *PostEventRequired, GUEST_REGS *Regs) |
| A function that handles trigger events. | |
| typedef BOOLEAN(* | DEBUGGING_CALLBACK_HANDLE_BREAKPOINT_EXCEPTION) (UINT32 CoreId) |
| A function that checks and handles breakpoints. | |
| typedef BOOLEAN(* | DEBUGGING_CALLBACK_HANDLE_DEBUG_BREAKPOINT_EXCEPTION) (UINT32 CoreId) |
| A function that checks and handles debug breakpoints. | |
| typedef BOOLEAN(* | DEBUGGING_CALLBACK_CONDITIONAL_PAGE_FAULT_EXCEPTION) (UINT32 CoreId, UINT64 Address, UINT32 PageFaultErrorCode) |
| Check for page-faults in user-debugger. | |
| typedef BOOLEAN(* | UD_CHECK_FOR_COMMAND) () |
| Check for commands in user-debugger. | |
| typedef VOID(* | VMM_CALLBACK_REGISTERED_MTF_HANDLER) (UINT32 CoreId) |
| Handle registered MTF callback. | |
| typedef BOOLEAN(* | VMM_CALLBACK_RESTORE_EPT_STATE) (UINT32 CoreId) |
| Check for user-mode access for loaded module details. | |
| typedef BOOLEAN(* | VMM_CALLBACK_CHECK_UNHANDLED_EPT_VIOLATION) (UINT32 CoreId, UINT64 ViolationQualification, UINT64 GuestPhysicalAddr) |
| Check for unhandled EPT violations. | |
| typedef VOID(* | INTERCEPTION_CALLBACK_TRIGGER_CR3_CHANGE) (UINT32 CoreId) |
| Handle cr3 process change callbacks. | |
| typedef BOOLEAN(* | INTERCEPTION_CALLBACK_TRIGGER_CLOCK_AND_IPI) (_In_ UINT32 CoreId) |
| Check for process or thread change callback. | |
| typedef BOOLEAN(* | ATTACHING_HANDLE_CR3_EVENTS_FOR_THREAD_INTERCEPTION) (UINT32 CoreId, CR3_TYPE NewCr3) |
| Check to handle cr3 events for thread interception. | |
| typedef BOOLEAN(* | BREAKPOINT_CHECK_AND_HANDLE_REAPPLYING_BREAKPOINT) (UINT32 CoreId) |
| Check and handle reapplying breakpoint. | |
| typedef VOID(* | VMM_CALLBACK_NMI_BROADCAST_REQUEST_HANDLER) (UINT32 CoreId, BOOLEAN IsOnVmxNmiHandler) |
| Handle NMI broadcast. | |
| typedef BOOLEAN(* | KD_CHECK_AND_HANDLE_NMI_CALLBACK) (UINT32 CoreId) |
| Check and handle NMI callbacks. | |
| typedef VOID(* | VMM_CALLBACK_SET_LAST_ERROR) (UINT32 LastError) |
| Set the top-level driver's error status. | |
| typedef BOOLEAN(* | VMM_CALLBACK_QUERY_TERMINATE_PROTECTED_RESOURCE) (UINT32 CoreId, PROTECTED_HV_RESOURCES_TYPE ResourceType, PVOID Context, PROTECTED_HV_RESOURCES_PASSING_OVERS PassOver) |
| Check and modify the protected resources of the hypervisor. | |
| typedef BOOLEAN(* | KD_QUERY_DEBUGGER_THREAD_OR_PROCESS_TRACING_DETAILS_BY_CORE_ID) (UINT32 CoreId, DEBUGGER_THREAD_PROCESS_TRACING TracingType) |
| Query debugger thread or process tracing details by core ID. | |
| typedef BOOLEAN(* | VMM_CALLBACK_VMCALL_HANDLER) (UINT32 CoreId, UINT64 VmcallNumber, UINT64 OptionalParam1, UINT64 OptionalParam2, UINT64 OptionalParam3) |
| Handler of debugger specific VMCALLs. | |
| typedef struct _VMM_CALLBACKS | VMM_CALLBACKS |
| Prototype of each function needed by VMM module. | |
| typedef struct _VMM_CALLBACKS * | PVMM_CALLBACKS |
HyperDbg's SDK for VMM project.
This file contains definitions of HyperLog routines
| typedef BOOLEAN(* ATTACHING_HANDLE_CR3_EVENTS_FOR_THREAD_INTERCEPTION) (UINT32 CoreId, CR3_TYPE NewCr3) |
Check to handle cr3 events for thread interception.
Check and handle reapplying breakpoint.
| typedef BOOLEAN(* DEBUGGING_CALLBACK_CONDITIONAL_PAGE_FAULT_EXCEPTION) (UINT32 CoreId, UINT64 Address, UINT32 PageFaultErrorCode) |
Check for page-faults in user-debugger.
A function that checks and handles breakpoints.
A function that checks and handles debug breakpoints.
Check for process or thread change callback.
Handle cr3 process change callbacks.
| typedef BOOLEAN(* KD_QUERY_DEBUGGER_THREAD_OR_PROCESS_TRACING_DETAILS_BY_CORE_ID) (UINT32 CoreId, DEBUGGER_THREAD_PROCESS_TRACING TracingType) |
Query debugger thread or process tracing details by core ID.
A function that checks whether the priority or regular buffer is full or not.
| typedef BOOLEAN(* LOG_CALLBACK_PREPARE_AND_SEND_MESSAGE_TO_QUEUE) (UINT32 OperationCode, BOOLEAN IsImmediateMessage, BOOLEAN ShowCurrentSystemTime, BOOLEAN Priority, const char *Fmt, va_list ArgList) |
A function from the message tracer that send the inputs to the queue of the messages.
| typedef BOOLEAN(* LOG_CALLBACK_SEND_BUFFER) (_In_ UINT32 OperationCode, _In_reads_bytes_(BufferLength) PVOID Buffer, _In_ UINT32 BufferLength, _In_ BOOLEAN Priority) |
A function that sends the messages to message tracer buffers.
| typedef BOOLEAN(* LOG_CALLBACK_SEND_MESSAGE_TO_QUEUE) (UINT32 OperationCode, BOOLEAN IsImmediateMessage, CHAR *LogMessage, UINT32 BufferLen, BOOLEAN Priority) |
A function that sends the messages to message tracer buffers.
| typedef struct _VMM_CALLBACKS * PVMM_CALLBACKS |
| typedef BOOLEAN(* UD_CHECK_FOR_COMMAND) () |
Check for commands in user-debugger.
| typedef BOOLEAN(* VMM_CALLBACK_CHECK_UNHANDLED_EPT_VIOLATION) (UINT32 CoreId, UINT64 ViolationQualification, UINT64 GuestPhysicalAddr) |
Check for unhandled EPT violations.
| typedef VOID(* VMM_CALLBACK_NMI_BROADCAST_REQUEST_HANDLER) (UINT32 CoreId, BOOLEAN IsOnVmxNmiHandler) |
Handle NMI broadcast.
| typedef BOOLEAN(* VMM_CALLBACK_QUERY_TERMINATE_PROTECTED_RESOURCE) (UINT32 CoreId, PROTECTED_HV_RESOURCES_TYPE ResourceType, PVOID Context, PROTECTED_HV_RESOURCES_PASSING_OVERS PassOver) |
Check and modify the protected resources of the hypervisor.
Check for user-mode access for loaded module details.
Set the top-level driver's error status.
| typedef VMM_CALLBACK_TRIGGERING_EVENT_STATUS_TYPE(* VMM_CALLBACK_TRIGGER_EVENTS) (VMM_EVENT_TYPE_ENUM EventType, VMM_CALLBACK_EVENT_CALLING_STAGE_TYPE CallingStage, PVOID Context, BOOLEAN *PostEventRequired, GUEST_REGS *Regs) |
A function that handles trigger events.
| typedef BOOLEAN(* VMM_CALLBACK_VMCALL_HANDLER) (UINT32 CoreId, UINT64 VmcallNumber, UINT64 OptionalParam1, UINT64 OptionalParam2, UINT64 OptionalParam3) |
Handler of debugger specific VMCALLs.
| typedef struct _VMM_CALLBACKS VMM_CALLBACKS |
Prototype of each function needed by VMM module.
1.11.0