Handler class for the NtTraceEvent system call.
More...
#include <NtTraceEvent.hh>
|
| virtual uint64_t | TraceHandle () const =0 |
| | Getter for TraceHandle.
|
| |
| virtual uint32_t | Flags () const =0 |
| | Getter for Flags.
|
| |
| virtual uint32_t | FieldSize () const =0 |
| | Getter for FieldSize.
|
| |
| virtual guest_ptr< void > | FieldsPtr () const =0 |
| | Getter for FieldsPtr.
|
| |
| virtual void | TraceHandle (uint64_t TraceHandle)=0 |
| | Setter for TraceHandle.
|
| |
| virtual void | Flags (uint32_t Flags)=0 |
| | Setter for Flags.
|
| |
| virtual void | FieldSize (uint32_t FieldSize)=0 |
| | Setter for FieldSize.
|
| |
| virtual void | FieldsPtr (const guest_ptr< void > &pFields)=0 |
| | Setter for FieldsPtr.
|
| |
| virtual NTSTATUS | result () const =0 |
| | Get the result code.
|
| |
| virtual void | result (NTSTATUS_CODE code)=0 |
| | Set the result code.
|
| |
| virtual SystemCallIndex | index () const =0 |
| | Get the system call number.
|
| |
| virtual const std::string & | name () const =0 |
| | Get the name of the system call.
|
| |
| virtual void | write (std::ostream &os=std::cout) const =0 |
| | Write a human-readable description of this system call.
|
| |
| virtual Json::Value | json () const =0 |
| |
| virtual bool | will_return () const =0 |
| |
| virtual void | data (const std::string &key, const std::shared_ptr< void > &value)=0 |
| | Store arbitrary data with the SystemCall.
|
| |
| virtual void | data (const std::string &key, std::shared_ptr< void > &&value)=0 |
| | Store arbitrary data with the SystemCall.
|
| |
| virtual std::shared_ptr< void > | data (const std::string &key)=0 |
| | Retrieve arbitrary data stored with the SystemCall.
|
| |
| virtual std::shared_ptr< const void > | data (const std::string &key) const =0 |
| | Retrieve arbitrary data stored with the SystemCall.
|
| |
| virtual bool | supported () const =0 |
| | Check if this system call is supported by a more specific handler.
|
| |
| virtual void | handle_return_event (Event &event)=0 |
| | Handle a system call return event.
|
| |
| virtual | ~SystemCall ()=default |
| | Destroy the instance.
|
| |
Handler class for the NtTraceEvent system call.
◆ FieldSize() [1/2]
| virtual uint32_t introvirt::windows::nt::NtTraceEvent::FieldSize |
( |
| ) |
const |
|
pure virtual |
Getter for FieldSize.
- Returns
- The value of the FieldSize parameter
◆ FieldSize() [2/2]
| virtual void introvirt::windows::nt::NtTraceEvent::FieldSize |
( |
uint32_t |
FieldSize | ) |
|
|
pure virtual |
Setter for FieldSize.
- Parameters
-
| FieldSize | The value to set for the FieldSize parameter |
◆ FieldsPtr() [1/2]
| virtual guest_ptr< void > introvirt::windows::nt::NtTraceEvent::FieldsPtr |
( |
| ) |
const |
|
pure virtual |
Getter for FieldsPtr.
- Returns
- The address pointed to by the the FieldsPtr parameter
◆ FieldsPtr() [2/2]
| virtual void introvirt::windows::nt::NtTraceEvent::FieldsPtr |
( |
const guest_ptr< void > & |
pFields | ) |
|
|
pure virtual |
Setter for FieldsPtr.
- Parameters
-
| pFields | The address to set for the FieldsPtr parameter |
◆ Flags() [1/2]
| virtual uint32_t introvirt::windows::nt::NtTraceEvent::Flags |
( |
| ) |
const |
|
pure virtual |
Getter for Flags.
- Returns
- The value of the Flags parameter
◆ Flags() [2/2]
| virtual void introvirt::windows::nt::NtTraceEvent::Flags |
( |
uint32_t |
Flags | ) |
|
|
pure virtual |
Setter for Flags.
- Parameters
-
| Flags | The value to set for the Flags parameter |
◆ inject()
| static NTSTATUS introvirt::windows::nt::NtTraceEvent::inject |
( |
uint64_t |
TraceHandle, |
|
|
uint32_t |
Flags, |
|
|
uint32_t |
FieldSize, |
|
|
const guest_ptr< void > & |
pFields |
|
) |
| |
|
static |
◆ TraceHandle() [1/2]
| virtual uint64_t introvirt::windows::nt::NtTraceEvent::TraceHandle |
( |
| ) |
const |
|
pure virtual |
Getter for TraceHandle.
- Returns
- The value of the TraceHandle parameter
◆ TraceHandle() [2/2]
| virtual void introvirt::windows::nt::NtTraceEvent::TraceHandle |
( |
uint64_t |
TraceHandle | ) |
|
|
pure virtual |
Setter for TraceHandle.
- Parameters
-
| TraceHandle | The value to set for the TraceHandle parameter |
The documentation for this class was generated from the following file:
- /home/runner/work/IntroVirt/IntroVirt/include/introvirt/windows/kernel/nt/syscall/NtTraceEvent.hh
Public Member Functions inherited from introvirt::windows::nt::NtSystemCall