lirent/vatrog-vm-introspection-engine
1
0
Fork 0
mirror of https://dev.lirent.ru/Vatrog/vm-introspection-engine.git synced 2026-06-18 02:06:36 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
b3441dd6f6b04786f9296d342edd5b7d9b4cf537
vatrog-vm-introspection-engine/include
T
History
lirent b3441dd6f6 Split the library into CORE / ENGINE / HANDLERS layers 
CORE (src/core): vmie_mem — guest-physical substrate with a data-driven
segment map (replaces the hardcoded 4 GiB PCI-hole topology). ENGINE
(src/engine): x86-64 paging + Windows bring-up; produces the generic memory
model. HANDLERS (src/handlers): the signature/value/pointer scanners, which
now consume an OS-agnostic contract.

Keystone: gva_ctx is split into vmie_mem (core) + vmie (engine); the generic
access functions take vmie_mem* + cr3 and no longer compile in the Windows
offset table. New public contract include/memmodel.h (vmie_mem, mem_view_t,
vregion, task, range, the gva_* access); win32 surface in include/vmie.h.
Leak relocations: the PE parser, UTF-16 decode and CR3-recovery heuristics
move engine-side; the matcher stays a pure, source-agnostic handler, and the
pointer scanner takes a generic range[] instead of reaching into the process
enumerator.
2026-06-15 02:57:46 +03:00
..
memmodel.h
Split the library into CORE / ENGINE / HANDLERS layers
2026-06-15 02:57:46 +03:00
scan.h
Split the library into CORE / ENGINE / HANDLERS layers
2026-06-15 02:57:46 +03:00
sigscan.h
Split the library into CORE / ENGINE / HANDLERS layers
2026-06-15 02:57:46 +03:00
vmie.h
Split the library into CORE / ENGINE / HANDLERS layers
2026-06-15 02:57:46 +03:00