maat::event namespace

Namespace regrouping event related classes and types.

Contents

❱   Classes

class AddrFilter
Filter addresses to monitor.

class EventCallback
A callback to be executed on an event.

class EventHook
Generic hook base.

class EventManager
The event manager holds all hooks that have been set in the engine. It allows to add/remove/enable/disable hooks. It also serves as an interface to check whether hooks should be triggered or not given the current executed instruction.

❱   Enums

enum class Event { EXEC, REG_R, REG_W, REG_RW, MEM_R, MEM_W, MEM_RW, BRANCH, PATH, NONE }
Events on which a hook can be triggered.

enum class When { BEFORE, AFTER }

enum class Action { CONTINUE, HALT, ERROR }
Action returned by hook callbacks for the execution engine.

❱   Functions

auto is_reg_event(event::Event event) -> bool
Return true if event is Event::REG_R, Event::REG_W, Event::REG_RW.

auto is_mem_event(event::Event event) -> bool
Return true if event is Event::MEM_R, Event::MEM_W, or Event::MEM_RW.

auto is_simple_event(event::Event event) -> bool
Return true if event neither a Event::REG_ nor a Event::MEM_ nor an Event::ADDR event.

auto is_exec_event(event::Event event) -> bool
Return true if event is Event::EXEC.