41 _In_reads_bytes_(BufferLength)
PVOID Buffer,
BOOLEAN(* LOG_CALLBACK_SEND_MESSAGE_TO_QUEUE)(UINT32 OperationCode, BOOLEAN IsImmediateMessage, CHAR *LogMessage, UINT32 BufferLen, BOOLEAN Priority)
A function that sends the messages to message tracer buffers.
Definition HyperEvade.h:34
BOOLEAN(* CHECK_ACCESS_VALIDITY_AND_SAFETY)(UINT64 TargetAddress, UINT32 Size)
A function that checks the validity and safety of the target address.
Definition HyperEvade.h:61
BOOLEAN(* LOG_CALLBACK_PREPARE_AND_SEND_MESSAGE_TO_QUEUE)(UINT32 OperationCode, BOOLEAN IsImmediateMessage, BOOLEAN ShowCurrentSystemTime, BOOLEAN Priority, const CHAR *Fmt, va_list ArgList)
A function from the message tracer that send the inputs to the queue of the messages.
Definition HyperEvade.h:23
BOOLEAN(* LOG_CALLBACK_CHECK_IF_BUFFER_IS_FULL)(BOOLEAN Priority)
A function that checks whether the priority or regular buffer is full or not.
Definition HyperEvade.h:49
BOOLEAN(* SYSCALL_CALLBACK_SET_TRAP_FLAG_AFTER_SYSCALL)(GUEST_REGS *Regs, UINT32 ProcessId, UINT32 ThreadId, UINT64 Context, SYSCALL_CALLBACK_CONTEXT_PARAMS *Params)
A function that sets the trap flag after a syscall.
Definition HyperEvade.h:85
VOID(* HV_HANDLE_TRAPFLAG)()
A function that handles the trap flag.
Definition HyperEvade.h:95
BOOLEAN(* MEMORY_MAPPER_READ_MEMORY_SAFE_ON_TARGET_PROCESS)(UINT64 VaAddressToRead, PVOID BufferToSaveMemory, SIZE_T SizeToRead)
A function that reads memory safely on the target process.
Definition HyperEvade.h:67
BOOLEAN(* HYPERTRACE_LBR_IS_SUPPORTED)(UINT32 *Capacity, BOOLEAN *IsArchLbr)
A function that checks if LBR is supported on the current CPU and gets its capacity.
Definition HyperEvade.h:55
struct _HYPEREVADE_CALLBACKS * PHYPEREVADE_CALLBACKS
PCHAR(* COMMON_GET_PROCESS_NAME_FROM_PROCESS_CONTROL_BLOCK)(PVOID Eprocess)
A function that gets the process name from the process control block.
Definition HyperEvade.h:79
BOOLEAN(* MEMORY_MAPPER_WRITE_MEMORY_SAFE_ON_TARGET_PROCESS)(UINT64 Destination, PVOID Source, SIZE_T Size)
A function that writes memory safely on the target process.
Definition HyperEvade.h:73
struct _HYPEREVADE_CALLBACKS HYPEREVADE_CALLBACKS
Prototype of each function needed by hyperevade module.
BOOLEAN(* LOG_CALLBACK_SEND_BUFFER)(_In_ UINT32 OperationCode, _In_reads_bytes_(BufferLength) PVOID Buffer, _In_ UINT32 BufferLength, _In_ BOOLEAN Priority)
A function that sends the messages to message tracer buffers.
Definition HyperEvade.h:40
VOID(* EVENT_INJECT_GENERAL_PROTECTION)()
A function that injects a general protection (GP).
Definition HyperEvade.h:101
BOOLEAN(* LOG_CALLBACK_SEND_MESSAGE_TO_QUEUE)(UINT32 OperationCode, BOOLEAN IsImmediateMessage, CHAR *LogMessage, UINT32 BufferLen, BOOLEAN Priority)
A function that sends the messages to message tracer buffers.
Definition HyperEvade.h:34
BOOLEAN(* CHECK_ACCESS_VALIDITY_AND_SAFETY)(UINT64 TargetAddress, UINT32 Size)
A function that checks the validity and safety of the target address.
Definition HyperEvade.h:61
BOOLEAN(* LOG_CALLBACK_PREPARE_AND_SEND_MESSAGE_TO_QUEUE)(UINT32 OperationCode, BOOLEAN IsImmediateMessage, BOOLEAN ShowCurrentSystemTime, BOOLEAN Priority, const CHAR *Fmt, va_list ArgList)
A function from the message tracer that send the inputs to the queue of the messages.
Definition HyperEvade.h:23
BOOLEAN(* LOG_CALLBACK_CHECK_IF_BUFFER_IS_FULL)(BOOLEAN Priority)
A function that checks whether the priority or regular buffer is full or not.
Definition HyperEvade.h:49
BOOLEAN(* SYSCALL_CALLBACK_SET_TRAP_FLAG_AFTER_SYSCALL)(GUEST_REGS *Regs, UINT32 ProcessId, UINT32 ThreadId, UINT64 Context, SYSCALL_CALLBACK_CONTEXT_PARAMS *Params)
A function that sets the trap flag after a syscall.
Definition HyperEvade.h:85
VOID(* HV_HANDLE_TRAPFLAG)()
A function that handles the trap flag.
Definition HyperEvade.h:95
BOOLEAN(* MEMORY_MAPPER_READ_MEMORY_SAFE_ON_TARGET_PROCESS)(UINT64 VaAddressToRead, PVOID BufferToSaveMemory, SIZE_T SizeToRead)
A function that reads memory safely on the target process.
Definition HyperEvade.h:67
BOOLEAN(* HYPERTRACE_LBR_IS_SUPPORTED)(UINT32 *Capacity, BOOLEAN *IsArchLbr)
A function that checks if LBR is supported on the current CPU and gets its capacity.
Definition HyperEvade.h:55
PCHAR(* COMMON_GET_PROCESS_NAME_FROM_PROCESS_CONTROL_BLOCK)(PVOID Eprocess)
A function that gets the process name from the process control block.
Definition HyperEvade.h:79
BOOLEAN(* MEMORY_MAPPER_WRITE_MEMORY_SAFE_ON_TARGET_PROCESS)(UINT64 Destination, PVOID Source, SIZE_T Size)
A function that writes memory safely on the target process.
Definition HyperEvade.h:73
BOOLEAN(* LOG_CALLBACK_SEND_BUFFER)(_In_ UINT32 OperationCode, _In_reads_bytes_(BufferLength) PVOID Buffer, _In_ UINT32 BufferLength, _In_ BOOLEAN Priority)
A function that sends the messages to message tracer buffers.
Definition HyperEvade.h:40
VOID(* EVENT_INJECT_GENERAL_PROTECTION)()
A function that injects a general protection (GP).
Definition HyperEvade.h:101
Prototype of each function needed by hyperevade module.
Definition HyperEvade.h:112
EVENT_INJECT_GENERAL_PROTECTION EventInjectGeneralProtection
Definition HyperEvade.h:151
LOG_CALLBACK_SEND_MESSAGE_TO_QUEUE LogCallbackSendMessageToQueue
Definition HyperEvade.h:117
CHECK_ACCESS_VALIDITY_AND_SAFETY CheckAccessValidityAndSafety
Definition HyperEvade.h:133
LOG_CALLBACK_PREPARE_AND_SEND_MESSAGE_TO_QUEUE LogCallbackPrepareAndSendMessageToQueueWrapper
Definition HyperEvade.h:116
LOG_CALLBACK_CHECK_IF_BUFFER_IS_FULL LogCallbackCheckIfBufferIsFull
Definition HyperEvade.h:119
COMMON_GET_PROCESS_NAME_FROM_PROCESS_CONTROL_BLOCK CommonGetProcessNameFromProcessControlBlock
Definition HyperEvade.h:140
HYPERTRACE_LBR_IS_SUPPORTED HyperTraceLbrIsSupported
Definition HyperEvade.h:124
MEMORY_MAPPER_WRITE_MEMORY_SAFE_ON_TARGET_PROCESS MemoryMapperWriteMemorySafeOnTargetProcess
Definition HyperEvade.h:135
LOG_CALLBACK_SEND_BUFFER LogCallbackSendBuffer
Definition HyperEvade.h:118
MEMORY_MAPPER_READ_MEMORY_SAFE_ON_TARGET_PROCESS MemoryMapperReadMemorySafeOnTargetProcess
Definition HyperEvade.h:134
SYSCALL_CALLBACK_SET_TRAP_FLAG_AFTER_SYSCALL SyscallCallbackSetTrapFlagAfterSyscall
Definition HyperEvade.h:145
HV_HANDLE_TRAPFLAG HvHandleTrapFlag
Definition HyperEvade.h:150
Definition BasicTypes.h:136