IntroVirt/SystemCallFilter_8hh_source.html

/*

 * Copyright 2021 Assured Information Security, Inc.

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *         http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

#pragma once


#include <introvirt/core/fwd.hh>


#include <cstdint>

#include <memory>


namespace introvirt {


class SystemCallFilter {

  public:

    void mask(uint64_t mask);


    uint64_t mask() const;


    void enabled(bool enabled);


    bool enabled() const;


    bool matches(const Event& event) const;


    bool matches(const Vcpu& vcpu) const;


    void set_32(uint32_t index, bool enabled);


    void set_64(uint32_t index, bool enabled);


    void clear();


    SystemCallFilter();


    virtual ~SystemCallFilter();


  private:

    class IMPL;

    std::unique_ptr<IMPL> pImpl_;

};


} // namespace introvirt

introvirt::Event
Interface class for hypervisor events.
Definition Event.hh:43

introvirt::SystemCallFilter
Base class for system call filtering.
Definition SystemCallFilter.hh:35

introvirt::SystemCallFilter::set_64
void set_64(uint32_t index, bool enabled)
Set a filter entry for 64-bit system calls.

introvirt::SystemCallFilter::enabled
bool enabled() const
Check if the filter is enabled.

introvirt::SystemCallFilter::mask
uint64_t mask() const
Get the mask that is in use by the filter.

introvirt::SystemCallFilter::matches
bool matches(const Vcpu &vcpu) const
Check if the filter matches the given system call event.

introvirt::SystemCallFilter::matches
bool matches(const Event &event) const
Check if the filter matches the given system call event.

introvirt::SystemCallFilter::SystemCallFilter
SystemCallFilter()
Construct a new System Call Filter object.

introvirt::SystemCallFilter::~SystemCallFilter
virtual ~SystemCallFilter()
Destroy the instance.

introvirt::SystemCallFilter::clear
void clear()
Clear the filter.

introvirt::SystemCallFilter::set_32
void set_32(uint32_t index, bool enabled)
Set a filter entry for 32-bit system calls.

introvirt::SystemCallFilter::mask
void mask(uint64_t mask)
Mask incoming system calls with the given mask before checking for a match.

introvirt::SystemCallFilter::enabled
void enabled(bool enabled)
Set if the filter is enabled.

introvirt::Vcpu
A class representing a single virtual processor.
Definition Vcpu.hh:33

fwd.hh

introvirt
Core IntroVirt classes.
Definition Cr0.hh:20