HyperDbg Debugger
Loading...
Searching...
No Matches
HyperTrace.h
Go to the documentation of this file.
1
12#pragma once
13
15// Callback Types //
17
24 BOOLEAN IsImmediateMessage,
25 BOOLEAN ShowCurrentSystemTime,
26 BOOLEAN Priority,
27 const CHAR * Fmt,
28 va_list ArgList);
29
34typedef BOOLEAN (*LOG_CALLBACK_SEND_MESSAGE_TO_QUEUE)(UINT32 OperationCode, BOOLEAN IsImmediateMessage, CHAR * LogMessage, UINT32 BufferLen, BOOLEAN Priority);
35
40typedef BOOLEAN (*LOG_CALLBACK_SEND_BUFFER)(_In_ UINT32 OperationCode,
41 _In_reads_bytes_(BufferLength) PVOID Buffer,
42 _In_ UINT32 BufferLength,
43 _In_ BOOLEAN Priority);
44
50
54typedef UINT64 (*VM_FUNC_GET_DEBUGCTL)();
55
60
65
70
75typedef VOID (*VM_FUNC_SET_DEBUGCTL)(UINT64 Value);
76
82
87typedef VOID (*VM_FUNC_SET_GUEST_IA32_LBR_CTL)(UINT64 Value);
88
94
99typedef VOID (*VM_FUNC_SET_LBR_SELECT)(UINT64 FilterOptions);
100
105typedef VOID (*VM_FUNC_SET_LBR_SELECT_VMCALL_ON_TARGET_CORE)(UINT64 FilterOptions);
106
112
118
123typedef VOID (*VM_FUNC_SET_LOAD_DEBUG_CONTROLS)(UINT32 CoreId, BOOLEAN Set);
124
130
136
142
147typedef VOID (*VM_FUNC_SET_SAVE_DEBUG_CONTROLS)(UINT32 CoreId, BOOLEAN Set);
148
154
160
166
172
177typedef BOOLEAN (*CHECK_ACCESS_VALIDITY_AND_SAFETY)(UINT64 TargetAddress, UINT32 Size);
178
183typedef BOOLEAN (*MEMORY_MAPPER_READ_MEMORY_SAFE_ON_TARGET_PROCESS)(UINT64 VaAddressToRead, PVOID BufferToSaveMemory, SIZE_T SizeToRead);
184
189typedef BOOLEAN (*MEMORY_MAPPER_WRITE_MEMORY_SAFE_ON_TARGET_PROCESS)(UINT64 Destination, PVOID Source, SIZE_T Size);
190
196
198// Callback Structure //
200
206{
207 //
208 // *** Log (Hyperlog) callbacks ***
209 //
214
215 //
216 // *** Hypervisor (Hyperhv) callbacks ***
217 //
219
220 //
221 // *** Legacy LBR callbacks ***
222 //
223
225
230
235
238
239 //
240 // *** Architectural LBR callbacks ***
241 //
242
244
249
254
UCHAR BOOLEAN
Definition BasicTypes.h:35
void * PVOID
Definition BasicTypes.h:56
unsigned int UINT32
Definition BasicTypes.h:54
char CHAR
Definition BasicTypes.h:33
BOOLEAN(* LOG_CALLBACK_SEND_MESSAGE_TO_QUEUE)(UINT32 OperationCode, BOOLEAN IsImmediateMessage, CHAR *LogMessage, UINT32 BufferLen, BOOLEAN Priority)
A function that sends the messages to message tracer buffers.
Definition HyperEvade.h:34
BOOLEAN(* CHECK_ACCESS_VALIDITY_AND_SAFETY)(UINT64 TargetAddress, UINT32 Size)
A function that checks the validity and safety of the target address.
Definition HyperEvade.h:61
BOOLEAN(* LOG_CALLBACK_PREPARE_AND_SEND_MESSAGE_TO_QUEUE)(UINT32 OperationCode, BOOLEAN IsImmediateMessage, BOOLEAN ShowCurrentSystemTime, BOOLEAN Priority, const CHAR *Fmt, va_list ArgList)
A function from the message tracer that send the inputs to the queue of the messages.
Definition HyperEvade.h:23
BOOLEAN(* LOG_CALLBACK_CHECK_IF_BUFFER_IS_FULL)(BOOLEAN Priority)
A function that checks whether the priority or regular buffer is full or not.
Definition HyperEvade.h:49
BOOLEAN(* MEMORY_MAPPER_READ_MEMORY_SAFE_ON_TARGET_PROCESS)(UINT64 VaAddressToRead, PVOID BufferToSaveMemory, SIZE_T SizeToRead)
A function that reads memory safely on the target process.
Definition HyperEvade.h:67
PCHAR(* COMMON_GET_PROCESS_NAME_FROM_PROCESS_CONTROL_BLOCK)(PVOID Eprocess)
A function that gets the process name from the process control block.
Definition HyperEvade.h:79
BOOLEAN(* MEMORY_MAPPER_WRITE_MEMORY_SAFE_ON_TARGET_PROCESS)(UINT64 Destination, PVOID Source, SIZE_T Size)
A function that writes memory safely on the target process.
Definition HyperEvade.h:73
BOOLEAN(* LOG_CALLBACK_SEND_BUFFER)(_In_ UINT32 OperationCode, _In_reads_bytes_(BufferLength) PVOID Buffer, _In_ UINT32 BufferLength, _In_ BOOLEAN Priority)
A function that sends the messages to message tracer buffers.
Definition HyperEvade.h:40
BOOLEAN(* VM_FUNC_VMX_GET_CURRENT_EXECUTION_MODE)()
A function that checks whether the current execution mode is VMX-root mode or not.
Definition HyperPerf.h:55
VOID(* VM_FUNC_SET_LBR_SELECT)(UINT64 FilterOptions)
A function that set MSR_LEGACY_LBR_SELECT.
Definition HyperTrace.h:99
BOOLEAN(* VM_FUNC_CHECK_CPU_SUPPORT_FOR_SAVE_AND_LOAD_DEBUG_CONTROLS)()
A function that checks whether IA32_DEBUGCTL can be used in load and save of exit and entry controls.
Definition HyperTrace.h:111
VOID(* VM_FUNC_SET_LOAD_GUEST_IA32_LBR_CTL)(UINT32 CoreId, BOOLEAN Set)
A function that sets load guest IA32_LBR_CTL on VM-entry controls.
Definition HyperTrace.h:135
BOOLEAN(* VM_FUNC_CHECK_CPU_SUPPORT_FOR_LOAD_AND_CLEAR_GUEST_IA32_LBR_CTL_CONTROLS)()
A function that checks whether guest IA32_LBR_CTL can be used in load and clear of guest IA32_LBR_CTL...
Definition HyperTrace.h:117
VOID(* VM_FUNC_SET_LOAD_GUEST_IA32_LBR_CTL_VMCALL_ON_TARGET_CORE)(BOOLEAN Set)
A function that sets load guest IA32_LBR_CTL on VM-entry controls on the target core from VMCS using ...
Definition HyperTrace.h:141
VOID(* VM_FUNC_SET_SAVE_DEBUG_CONTROLS_VMCALL_ON_TARGET_CORE)(BOOLEAN Set)
A function that sets save debug controls on VM-exit controls on the target core from VMCS using VMCAL...
Definition HyperTrace.h:153
VOID(* VM_FUNC_SET_GUEST_IA32_LBR_CTL)(UINT64 Value)
A function that sets guest IA32_LBR_CTL.
Definition HyperTrace.h:87
VOID(* VM_FUNC_SET_GUEST_IA32_LBR_CTL_VMCALL_ON_TARGET_CORE)(UINT64 Value)
A function that sets guest IA32_LBR_CTL on the target core using VMCALL.
Definition HyperTrace.h:93
VOID(* VM_FUNC_SET_SAVE_DEBUG_CONTROLS)(UINT32 CoreId, BOOLEAN Set)
A function that sets save debug controls on VM-exit controls.
Definition HyperTrace.h:147
VOID(* VM_FUNC_SET_DEBUGCTL_VMCALL_ON_TARGET_CORE)(UINT64 Value)
A function that gets the guest state of IA32_DEBUGCTL on the target core using VMCALL.
Definition HyperTrace.h:81
UINT64(* VM_FUNC_GET_DEBUGCTL)()
A function that gets the guest state of IA32_DEBUGCTL.
Definition HyperTrace.h:54
struct _HYPERTRACE_CALLBACKS HYPERTRACE_CALLBACKS
Prototype of each function needed by hypertrace module.
VOID(* VM_FUNC_SET_LOAD_DEBUG_CONTROLS)(UINT32 CoreId, BOOLEAN Set)
A function that sets load debug controls on VM-entry controls.
Definition HyperTrace.h:123
VOID(* VM_FUNC_SET_LOAD_DEBUG_CONTROLS_VMCALL_ON_TARGET_CORE)(BOOLEAN Set)
A function that sets load debug controls on VM-entry controls on the target core from VMCS using VMCA...
Definition HyperTrace.h:129
VOID(* VM_FUNC_SET_CLEAR_GUEST_IA32_LBR_CTL_VMCALL_ON_TARGET_CORE)(BOOLEAN Set)
A function that sets clear guest IA32_LBR_CTL on VM-exit controls on the target core from VMCS using ...
Definition HyperTrace.h:165
struct _HYPERTRACE_CALLBACKS * PHYPERTRACE_CALLBACKS
VOID(* VM_FUNC_SET_LBR_SELECT_VMCALL_ON_TARGET_CORE)(UINT64 FilterOptions)
A function that set MSR_LEGACY_LBR_SELECT on the target core using VMCALL.
Definition HyperTrace.h:105
VOID(* VM_FUNC_SET_CLEAR_GUEST_IA32_LBR_CTL)(UINT32 CoreId, BOOLEAN Set)
A function that sets clear guest IA32_LBR_CTL on VM-exit controls.
Definition HyperTrace.h:159
UINT64(* VM_FUNC_GET_GUEST_IA32_LBR_CTL_VMCALL_ON_TARGET_CORE)()
A function that gets the guest state of IA32_LBR_CTL on the target core using VMCALL.
Definition HyperTrace.h:69
UINT64(* VM_FUNC_GET_GUEST_IA32_LBR_CTL)()
A function that gets the guest state of IA32_LBR_CTL.
Definition HyperTrace.h:64
VOID(* VM_FUNC_SET_DEBUGCTL)(UINT64 Value)
A function that gets the guest state of IA32_DEBUGCTL.
Definition HyperTrace.h:75
UINT64(* VM_FUNC_GET_DEBUGCTL_VMCALL_ON_TARGET_CORE)()
A function that gets the guest state of IA32_DEBUGCTL on the target core using VMCALL.
Definition HyperTrace.h:59
BOOLEAN(* LOG_CALLBACK_SEND_MESSAGE_TO_QUEUE)(UINT32 OperationCode, BOOLEAN IsImmediateMessage, CHAR *LogMessage, UINT32 BufferLen, BOOLEAN Priority)
A function that sends the messages to message tracer buffers.
Definition HyperTrace.h:34
VOID(* VM_FUNC_SET_LBR_SELECT)(UINT64 FilterOptions)
A function that set MSR_LEGACY_LBR_SELECT.
Definition HyperTrace.h:99
BOOLEAN(* LOG_CALLBACK_PREPARE_AND_SEND_MESSAGE_TO_QUEUE)(UINT32 OperationCode, BOOLEAN IsImmediateMessage, BOOLEAN ShowCurrentSystemTime, BOOLEAN Priority, const CHAR *Fmt, va_list ArgList)
A function from the message tracer that send the inputs to the queue of the messages.
Definition HyperTrace.h:23
BOOLEAN(* VM_FUNC_CHECK_CPU_SUPPORT_FOR_SAVE_AND_LOAD_DEBUG_CONTROLS)()
A function that checks whether IA32_DEBUGCTL can be used in load and save of exit and entry controls.
Definition HyperTrace.h:111
BOOLEAN(* LOG_CALLBACK_CHECK_IF_BUFFER_IS_FULL)(BOOLEAN Priority)
A function that checks whether the priority or regular buffer is full or not.
Definition HyperTrace.h:49
VOID(* VM_FUNC_SET_LOAD_GUEST_IA32_LBR_CTL)(UINT32 CoreId, BOOLEAN Set)
A function that sets load guest IA32_LBR_CTL on VM-entry controls.
Definition HyperTrace.h:135
BOOLEAN(* VM_FUNC_CHECK_CPU_SUPPORT_FOR_LOAD_AND_CLEAR_GUEST_IA32_LBR_CTL_CONTROLS)()
A function that checks whether guest IA32_LBR_CTL can be used in load and clear of guest IA32_LBR_CTL...
Definition HyperTrace.h:117
VOID(* VM_FUNC_SET_LOAD_GUEST_IA32_LBR_CTL_VMCALL_ON_TARGET_CORE)(BOOLEAN Set)
A function that sets load guest IA32_LBR_CTL on VM-entry controls on the target core from VMCS using ...
Definition HyperTrace.h:141
VOID(* VM_FUNC_SET_SAVE_DEBUG_CONTROLS_VMCALL_ON_TARGET_CORE)(BOOLEAN Set)
A function that sets save debug controls on VM-exit controls on the target core from VMCS using VMCAL...
Definition HyperTrace.h:153
VOID(* VM_FUNC_SET_GUEST_IA32_LBR_CTL)(UINT64 Value)
A function that sets guest IA32_LBR_CTL.
Definition HyperTrace.h:87
VOID(* VM_FUNC_SET_GUEST_IA32_LBR_CTL_VMCALL_ON_TARGET_CORE)(UINT64 Value)
A function that sets guest IA32_LBR_CTL on the target core using VMCALL.
Definition HyperTrace.h:93
VOID(* VM_FUNC_SET_SAVE_DEBUG_CONTROLS)(UINT32 CoreId, BOOLEAN Set)
A function that sets save debug controls on VM-exit controls.
Definition HyperTrace.h:147
VOID(* VM_FUNC_SET_DEBUGCTL_VMCALL_ON_TARGET_CORE)(UINT64 Value)
A function that gets the guest state of IA32_DEBUGCTL on the target core using VMCALL.
Definition HyperTrace.h:81
BOOLEAN(* VM_FUNC_VMX_GET_CURRENT_EXECUTION_MODE)()
A function that checks whether the current execution mode is VMX-root mode or not.
Definition HyperTrace.h:171
UINT64(* VM_FUNC_GET_DEBUGCTL)()
A function that gets the guest state of IA32_DEBUGCTL.
Definition HyperTrace.h:54
VOID(* VM_FUNC_SET_LOAD_DEBUG_CONTROLS)(UINT32 CoreId, BOOLEAN Set)
A function that sets load debug controls on VM-entry controls.
Definition HyperTrace.h:123
VOID(* VM_FUNC_SET_LOAD_DEBUG_CONTROLS_VMCALL_ON_TARGET_CORE)(BOOLEAN Set)
A function that sets load debug controls on VM-entry controls on the target core from VMCS using VMCA...
Definition HyperTrace.h:129
VOID(* VM_FUNC_SET_CLEAR_GUEST_IA32_LBR_CTL_VMCALL_ON_TARGET_CORE)(BOOLEAN Set)
A function that sets clear guest IA32_LBR_CTL on VM-exit controls on the target core from VMCS using ...
Definition HyperTrace.h:165
VOID(* VM_FUNC_SET_LBR_SELECT_VMCALL_ON_TARGET_CORE)(UINT64 FilterOptions)
A function that set MSR_LEGACY_LBR_SELECT on the target core using VMCALL.
Definition HyperTrace.h:105
VOID(* VM_FUNC_SET_CLEAR_GUEST_IA32_LBR_CTL)(UINT32 CoreId, BOOLEAN Set)
A function that sets clear guest IA32_LBR_CTL on VM-exit controls.
Definition HyperTrace.h:159
UINT64(* VM_FUNC_GET_GUEST_IA32_LBR_CTL_VMCALL_ON_TARGET_CORE)()
A function that gets the guest state of IA32_LBR_CTL on the target core using VMCALL.
Definition HyperTrace.h:69
UINT64(* VM_FUNC_GET_GUEST_IA32_LBR_CTL)()
A function that gets the guest state of IA32_LBR_CTL.
Definition HyperTrace.h:64
VOID(* VM_FUNC_SET_DEBUGCTL)(UINT64 Value)
A function that gets the guest state of IA32_DEBUGCTL.
Definition HyperTrace.h:75
UINT64(* VM_FUNC_GET_DEBUGCTL_VMCALL_ON_TARGET_CORE)()
A function that gets the guest state of IA32_DEBUGCTL on the target core using VMCALL.
Definition HyperTrace.h:59
BOOLEAN(* LOG_CALLBACK_SEND_BUFFER)(_In_ UINT32 OperationCode, _In_reads_bytes_(BufferLength) PVOID Buffer, _In_ UINT32 BufferLength, _In_ BOOLEAN Priority)
A function that sends the messages to message tracer buffers.
Definition HyperTrace.h:40
RequestedActionOfThePacket Value(0x1) 00000000
Prototype of each function needed by hypertrace module.
Definition HyperTrace.h:206
VM_FUNC_SET_LOAD_GUEST_IA32_LBR_CTL VmFuncSetLoadGuestIa32LbrCtl
Definition HyperTrace.h:250
VM_FUNC_SET_DEBUGCTL_VMCALL_ON_TARGET_CORE VmFuncSetDebugctlVmcallOnTargetCore
Definition HyperTrace.h:229
VM_FUNC_SET_GUEST_IA32_LBR_CTL VmFuncSetGuestIa32LbrCtl
Definition HyperTrace.h:247
VM_FUNC_SET_CLEAR_GUEST_IA32_LBR_CTL VmFuncSetClearGuestIa32LbrCtl
Definition HyperTrace.h:252
VM_FUNC_GET_DEBUGCTL_VMCALL_ON_TARGET_CORE VmFuncGetDebugctlVmcallOnTargetCore
Definition HyperTrace.h:227
VM_FUNC_CHECK_CPU_SUPPORT_FOR_SAVE_AND_LOAD_DEBUG_CONTROLS VmFuncCheckCpuSupportForSaveAndLoadDebugControls
Definition HyperTrace.h:224
VM_FUNC_SET_LBR_SELECT_VMCALL_ON_TARGET_CORE VmFuncSetLbrSelectVmcallOnTargetCore
Definition HyperTrace.h:237
VM_FUNC_SET_CLEAR_GUEST_IA32_LBR_CTL_VMCALL_ON_TARGET_CORE VmFuncSetClearGuestIa32LbrCtlVmcallOnTargetCore
Definition HyperTrace.h:253
VM_FUNC_SET_GUEST_IA32_LBR_CTL_VMCALL_ON_TARGET_CORE VmFuncSetGuestIa32LbrCtlVmcallOnTargetCore
Definition HyperTrace.h:248
LOG_CALLBACK_SEND_MESSAGE_TO_QUEUE LogCallbackSendMessageToQueue
Definition HyperTrace.h:211
VM_FUNC_SET_SAVE_DEBUG_CONTROLS_VMCALL_ON_TARGET_CORE VmFuncSetSaveDebugControlsVmcallOnTargetCore
Definition HyperTrace.h:234
LOG_CALLBACK_CHECK_IF_BUFFER_IS_FULL LogCallbackCheckIfBufferIsFull
Definition HyperTrace.h:213
VM_FUNC_GET_DEBUGCTL VmFuncGetDebugctl
Definition HyperTrace.h:226
LOG_CALLBACK_PREPARE_AND_SEND_MESSAGE_TO_QUEUE LogCallbackPrepareAndSendMessageToQueueWrapper
Definition HyperTrace.h:210
VM_FUNC_SET_LBR_SELECT VmFuncSetLbrSelect
Definition HyperTrace.h:236
VM_FUNC_SET_LOAD_DEBUG_CONTROLS_VMCALL_ON_TARGET_CORE VmFuncSetLoadDebugControlsVmcallOnTargetCore
Definition HyperTrace.h:232
VM_FUNC_SET_SAVE_DEBUG_CONTROLS VmFuncSetSaveDebugControls
Definition HyperTrace.h:233
VM_FUNC_SET_LOAD_DEBUG_CONTROLS VmFuncSetLoadDebugControls
Definition HyperTrace.h:231
VM_FUNC_GET_GUEST_IA32_LBR_CTL VmFuncGetGuestIa32LbrCtl
Definition HyperTrace.h:245
VM_FUNC_CHECK_CPU_SUPPORT_FOR_LOAD_AND_CLEAR_GUEST_IA32_LBR_CTL_CONTROLS VmFuncCheckCpuSupportForLoadAndClearGuestIa32LbrCtlControls
Definition HyperTrace.h:243
VM_FUNC_GET_GUEST_IA32_LBR_CTL_VMCALL_ON_TARGET_CORE VmFuncGetGuestIa32LbrCtlVmcallOnTargetCore
Definition HyperTrace.h:246
VM_FUNC_VMX_GET_CURRENT_EXECUTION_MODE VmFuncVmxGetCurrentExecutionMode
Definition HyperTrace.h:218
VM_FUNC_SET_LOAD_GUEST_IA32_LBR_CTL_VMCALL_ON_TARGET_CORE VmFuncSetLoadGuestIa32LbrCtlVmcallOnTargetCore
Definition HyperTrace.h:251
VM_FUNC_SET_DEBUGCTL VmFuncSetDebugctl
Definition HyperTrace.h:228
LOG_CALLBACK_SEND_BUFFER LogCallbackSendBuffer
Definition HyperTrace.h:212