sentinel-stack/sentinel-vmi/src/cpuid_handler.c
sentinel-stack/sentinel-vmi/src/cpuid_handler.c
Section titled “sentinel-stack/sentinel-vmi/src/cpuid_handler.c”Functions
Section titled “Functions”| Name | |
|---|---|
| uint32_t | identify_malicious_pid(struct vmi_session * s) |
| void | npf_handler_cpuid_intercept(struct vmi_session * s, uint32_t eax, uint32_t ecx, uint64_t cr3) |
| int | npf_handler_is_authorized(uint64_t cr3, uint32_t pid) |
| void | npf_handler_clear_authorized(void ) |
Attributes
Section titled “Attributes”| Name | |
|---|---|
| uint32_t | heki_active_nonce |
| uint64_t | authorized_cr3 |
| uint32_t | authorized_pid |
Functions Documentation
Section titled “Functions Documentation”function identify_malicious_pid
Section titled “function identify_malicious_pid”uint32_t identify_malicious_pid( struct vmi_session * s)function npf_handler_cpuid_intercept
Section titled “function npf_handler_cpuid_intercept”void npf_handler_cpuid_intercept( struct vmi_session * s, uint32_t eax, uint32_t ecx, uint64_t cr3)function npf_handler_is_authorized
Section titled “function npf_handler_is_authorized”int npf_handler_is_authorized( uint64_t cr3, uint32_t pid)function npf_handler_clear_authorized
Section titled “function npf_handler_clear_authorized”void npf_handler_clear_authorized( void)Attributes Documentation
Section titled “Attributes Documentation”variable heki_active_nonce
Section titled “variable heki_active_nonce”uint32_t heki_active_nonce;variable authorized_cr3
Section titled “variable authorized_cr3”static uint64_t authorized_cr3 = 0;variable authorized_pid
Section titled “variable authorized_pid”static uint32_t authorized_pid = 0;Updated on 2026-05-26 at 13:25:29 +0000