doca_apsh_attr.h File Reference

#include <stdint.h>
#include <stdbool.h>

Include dependency graph for doca_apsh_attr.h:

This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Typedefs
typedef struct doca_dev *	DOCA_APSH_DMA_DEV_TYPE
	dma dev name More...
typedef char *	DOCA_APSH_OS_SYMBOL_MAP_TYPE
	os symbol map path More...
typedef char *	DOCA_APSH_MEM_REGION_TYPE
	memory region path More...
typedef char *	DOCA_APSH_KPGD_FILE_TYPE
	kpgd file path More...
typedef struct doca_dev_rep *	DOCA_APSH_VHCA_ID_TYPE
	vhca id More...
typedef enum doca_apsh_system_os	DOCA_APSH_OS_TYPE_TYPE
	os type More...
typedef uint32_t	DOCA_APSH_SCAN_WIN_SIZE_TYPE
	yara scan window size More...
typedef uint32_t	DOCA_APSH_SCAN_WIN_STEP_TYPE
	yara scan window step More...
typedef int	DOCA_APSH_HASHTEST_LIMIT_TYPE
	limit of vm areas to attest More...
typedef int	DOCA_APSH_MODULES_LIMIT_TYPE
	limit of modules number More...
typedef int	DOCA_APSH_PROCESS_LIMIT_TYPE
	limit of processes number More...
typedef int	DOCA_APSH_THREADS_LIMIT_TYPE
	limit of threads number More...
typedef int	DOCA_APSH_LIBS_LIMIT_TYPE
	limit of libs number More...
typedef int	DOCA_APSH_VADS_LIMIT_TYPE
	limit of vads number More...
typedef int	DOCA_APSH_WINDOWS_ENVARS_LIMIT_TYPE
	length limit of envars for windows More...
typedef int	DOCA_APSH_STRING_LIMIT_TYPE
	length limit of apsh_read_str More...
typedef char *	DOCA_APSH_OS_SYMBOL_MAP_FOLDER_TYPE
	os symbol map folder path More...
typedef int	DOCA_APSH_FILESIZE_LIMIT_TYPE
	limit of parsed files size More...
typedef uint32_t	DOCA_APSH_PROCESS_PID_TYPE
	process pid type More...
typedef uint32_t	DOCA_APSH_PROCESS_PPID_TYPE
	process pid type More...
typedef const char *	DOCA_APSH_PROCESS_COMM_TYPE
	process comm type More...
typedef uint64_t	DOCA_APSH_PROCESS_CPU_TIME_TYPE
	process cpu time type More...
typedef uint64_t	DOCA_APSH_PROCESS_WINDOWS_OFFSET_TYPE
	process offset type More...
typedef uint32_t	DOCA_APSH_PROCESS_WINDOWS_THREADS_TYPE
	process threads type More...
typedef uint64_t	DOCA_APSH_PROCESS_WINDOWS_EXIT_TIME_TYPE
	process exit time type More...
typedef uint32_t	DOCA_APSH_PROCESS_LINUX_GID_TYPE
	process gid type More...
typedef uint32_t	DOCA_APSH_PROCESS_LINUX_UID_TYPE
	process uid type More...
typedef uint64_t	DOCA_APSH_PROCESS_LINUX_STATE_TYPE
	process state type More...
typedef uint32_t	DOCA_APSH_PROCESS_LINUX_NS_PID_TYPE
	process PID namespace type More...
typedef uint32_t	DOCA_APSH_PROCESS_LINUX_NS_MNT_TYPE
	process mount namespace type More...
typedef uint32_t	DOCA_APSH_PROCESS_LINUX_NS_NET_TYPE
	process network namespace type More...
typedef uint32_t	DOCA_APSH_THREAD_PID_TYPE
	thread pid type More...
typedef uint32_t	DOCA_APSH_THREAD_TID_TYPE
	thread tid type More...
typedef uint64_t	DOCA_APSH_THREAD_STATE_TYPE
	thread state type More...
typedef uint8_t	DOCA_APSH_THREAD_WINDOWS_WAIT_REASON_TYPE
	thread wait reason type More...
typedef uint64_t	DOCA_APSH_THREAD_WINDOWS_OFFSET_TYPE
	thread offset type More...
typedef uint8_t	DOCA_APSH_THREAD_WINDOWS_SUSPEND_COUNT_TYPE
	thread suspend count type More...
typedef const char *	DOCA_APSH_THREAD_LINUX_PROC_NAME_TYPE
	thread proc name type More...
typedef const char *	DOCA_APSH_THREAD_LINUX_THREAD_NAME_TYPE
	thread thread name type More...
typedef uint32_t	DOCA_APSH_LIB_PID_TYPE
	lib pid type More...
typedef const char *	DOCA_APSH_LIB_LIBRARY_PATH_TYPE
	lib loaded library path type More...
typedef uint64_t	DOCA_APSH_LIB_LOAD_ADRESS_TYPE
	lib load address for both Windows and Linux More...
typedef const char *	DOCA_APSH_LIB_WINDOWS_DLL_NAME_TYPE
	lib dll name type More...
typedef uint32_t	DOCA_APSH_LIB_WINDOWS_SIZE_OF_IMAGE_TYPE
	lib size of image type More...
typedef uint64_t	DOCA_APSH_LIB_LINUX_LOAD_ADRESS_TYPE
	lib load address for Linux More...
typedef uint32_t	DOCA_APSH_VMA_PID_TYPE
	vma pid type More...
typedef uint64_t	DOCA_APSH_VMA_OFFSET_TYPE
	vma offset type More...
typedef const char *	DOCA_APSH_VMA_PROTECTION_TYPE
	vma protection type More...
typedef uint64_t	DOCA_APSH_VMA_VM_START_TYPE
	vma vm start type More...
typedef uint64_t	DOCA_APSH_VMA_VM_END_TYPE
	vma vm end type More...
typedef const char *	DOCA_APSH_VMA_PROCESS_NAME_TYPE
	vma file path type More...
typedef const char *	DOCA_APSH_VMA_FILE_PATH_TYPE
	vma file path type More...
typedef uint32_t	DOCA_APSH_VMA_WINDOWS_COMMIT_CHARGE_TYPE
	vma commit charge type More...
typedef uint32_t	DOCA_APSH_VMA_WINDOWS_PRIVATE_MEMORY_TYPE
	vma private memory type More...
typedef const char *	DOCA_APSH_VMA_WINDOWS_TAG_TYPE
	vma tag type More...
typedef uint32_t	DOCA_APSH_ATTESTATION_PID_TYPE
	attestation pid type More...
typedef const char *	DOCA_APSH_ATTESTATION_COMM_TYPE
	attestation comm type More...
typedef const char *	DOCA_APSH_ATTESTATION_PATH_OF_MEMORY_AREA_TYPE
	attestation path of memory area type More...
typedef const char *	DOCA_APSH_ATTESTATION_PROTECTION_TYPE
	attestation protection type More...
typedef uint64_t	DOCA_APSH_ATTESTATION_START_ADDRESS_TYPE
	attestation start address type More...
typedef uint64_t	DOCA_APSH_ATTESTATION_END_ADDRESS_TYPE
	attestation end address type More...
typedef int	DOCA_APSH_ATTESTATION_PAGES_NUMBER_TYPE
	attestation pages number type More...
typedef int	DOCA_APSH_ATTESTATION_PAGES_PRESENT_TYPE
	attestation pages present type More...
typedef int	DOCA_APSH_ATTESTATION_MATCHING_HASHES_TYPE
	attestation matching hashes type More...
typedef bool	DOCA_APSH_ATTESTATION_HASH_DATA_IS_PRESENT_TYPE
	attestation hash data is present type More...
typedef uint64_t	DOCA_APSH_MODULES_OFFSET_TYPE
	module offset type More...
typedef const char *	DOCA_APSH_MODULES_NAME_TYPE
	module name type More...
typedef uint32_t	DOCA_APSH_MODULES_SIZE_TYPE
	module size type More...
typedef uint32_t	DOCA_APSH_PRIVILEGES_PID_TYPE
	privilege process pid More...
typedef const char *	DOCA_APSH_PRIVILEGES_NAME_TYPE
	privilege name type More...
typedef bool	DOCA_APSH_PRIVILEGES_IS_ON_TYPE
	privilege is on type More...
typedef bool	DOCA_APSH_PRIVILEGES_WINDOWS_PRESENT_TYPE
	privilege windows present type More...
typedef bool	DOCA_APSH_PRIVILEGES_WINDOWS_ENABLED_TYPE
	privilege windows enabled type More...
typedef bool	DOCA_APSH_PRIVILEGES_WINDOWS_DEFAULT_TYPE
	privilege windows enabled by default type More...
typedef uint32_t	DOCA_APSH_ENVARS_PID_TYPE
	envars pid type More...
typedef const char *	DOCA_APSH_ENVARS_VARIABLE_TYPE
	envars variable type More...
typedef const char *	DOCA_APSH_ENVARS_VALUE_TYPE
	envars value type More...
typedef uint64_t	DOCA_APSH_ENVARS_WINDOWS_BLOCK_TYPE
	envars windows block address type More...
typedef uint32_t	DOCA_APSH_LDRMODULE_PID_TYPE
	ldrmodule pid type More...
typedef uint64_t	DOCA_APSH_LDRMODULE_BASE_ADDRESS_TYPE
	ldrmodule base address type More...
typedef const char *	DOCA_APSH_LDRMODULE_LIBRARY_PATH_TYPE
	ldrmodule library path type More...
typedef const char *	DOCA_APSH_LDRMODULE_WINDOWS_DLL_NAME_TYPE
	ldrmodule windows dll name type More...
typedef uint32_t	DOCA_APSH_LDRMODULE_WINDOWS_SIZE_OF_IMAGE_TYPE
	ldrmodule size of image type More...
typedef bool	DOCA_APSH_LDRMODULE_WINDOWS_INLOAD_TYPE
	ldrmodule inload type More...
typedef bool	DOCA_APSH_LDRMODULE_WINDOWS_INMEM_TYPE
	ldrmodule inmem type More...
typedef bool	DOCA_APSH_LDRMODULE_WINDOWS_ININIT_TYPE
	ldrmodule ininit type More...
typedef uint32_t	DOCA_APSH_HANDLE_PID_TYPE
	handle pid type More...
typedef uint64_t	DOCA_APSH_HANDLE_VALUE_TYPE
	handle value type More...
typedef uint64_t	DOCA_APSH_HANDLE_TABLE_ENTRY_TYPE
	handle table entry type More...
typedef const char *	DOCA_APSH_HANDLE_TYPE_TYPE
	handle type type More...
typedef uint64_t	DOCA_APSH_HANDLE_ACCESS_TYPE
	handle access type More...
typedef const char *	DOCA_APSH_HANDLE_NAME_TYPE
	handle name type More...
typedef uint32_t	DOCA_APSH_PROCESS_PARAMETERS_PID_TYPE
	process-parameters pid More...
typedef const char *	DOCA_APSH_PROCESS_PARAMETERS_CMD_LINE_TYPE
	process-parameters command line More...
typedef uint64_t	DOCA_APSH_PROCESS_PARAMETERS_IMAGE_BASE_ADDR_TYPE
	process-parameters image base address More...
typedef const char *	DOCA_APSH_PROCESS_PARAMETERS_IMAGE_FULL_PATH_TYPE
	process-parameters image full path More...
typedef uint32_t	DOCA_APSH_PROCESS_SID_PID_TYPE
	SID process id. More...
typedef const char *	DOCA_APSH_PROCESS_SID_STRING_TYPE
	SID strings. More...
typedef uint32_t	DOCA_APSH_PROCESS_SID_ATTRIBUTES_TYPE
	SID attributes flag. More...
typedef uint32_t	DOCA_APSH_NETSCAN_PID_TYPE
	netscan process id More...
typedef const char *	DOCA_APSH_NETSCAN_COMM_TYPE
	netscan process name More...
typedef const char *	DOCA_APSH_NETSCAN_PROTOCOL_TYPE
	netscan connection protocol More...
typedef const char *	DOCA_APSH_NETSCAN_LOCAL_ADDR_TYPE
	netscan connection local address More...
typedef const char *	DOCA_APSH_NETSCAN_REMOTE_ADDR_TYPE
	netscan connection remote address More...
typedef uint64_t	DOCA_APSH_NETSCAN_LOCAL_PORT_TYPE
	netscan connection local port More...
typedef uint64_t	DOCA_APSH_NETSCAN_REMOTE_PORT_TYPE
	netscan connection remote port More...
typedef const char *	DOCA_APSH_NETSCAN_STATE_TYPE
	netscan connection state More...
typedef const char *	DOCA_APSH_NETSCAN_TIME_TYPE
	netscan windows connection creation time - depricated More...
typedef const char *	DOCA_APSH_NETSCAN_WINDOWS_TIME_TYPE
	netscan windows connection creation time More...
typedef uint32_t	DOCA_APSH_NETSCAN_LINUX_FD_TYPE
	netscan linux connection file descriptor More...
typedef uint64_t	DOCA_APSH_NETSCAN_LINUX_SOCKET_OFFSET_TYPE
	netscan linux connection socket offset More...
typedef const char *	DOCA_APSH_NETSCAN_LINUX_FAMILY_TYPE
	netscan linux connection Family More...
typedef const char *	DOCA_APSH_NETSCAN_LINUX_TYPE_TYPE
	netscan linux connection Type More...
typedef const char *	DOCA_APSH_NETSCAN_LINUX_FILTER_TYPE
	netscan linux connection filter More...
typedef uint32_t	DOCA_APSH_NETSCAN_LINUX_NET_NAMESPACE_TYPE
	netscan linux connection net namespace More...
typedef uint64_t	DOCA_APSH_NETSCAN_LINUX_TCP_BYTES_SENT_TYPE
	netscan linux connection TCP sent bytes More...
typedef uint64_t	DOCA_APSH_NETSCAN_LINUX_TCP_BYTES_ACKED_TYPE
	netscan linux connection TCP acknowledged bytes More...
typedef uint64_t	DOCA_APSH_NETSCAN_LINUX_TCP_BYTES_RECEIVED_TYPE
	netscan linux connection TCP received bytes More...
typedef uint32_t	DOCA_APSH_NETSCAN_LINUX_TCP_SEGS_IN_TYPE
	netscan linux connection TCP segments in More...
typedef uint32_t	DOCA_APSH_NETSCAN_LINUX_TCP_SEGS_OUT_TYPE
	netscan linux connection TCP segments out More...
typedef uint32_t	DOCA_APSH_NETSCAN_LINUX_TCP_DATA_SEGS_IN_TYPE
	netscan linux connection TCP data segments in More...
typedef uint32_t	DOCA_APSH_NETSCAN_LINUX_TCP_DATA_SEGS_OUT_TYPE
	netscan linux connection TCP data segments out More...
typedef char *	DOCA_APSH_NETSCAN_LINUX_INTERFACE_NAME_TYPE
	netscan linux interface name More...
typedef char **	DOCA_APSH_NETSCAN_LINUX_INTERFACE_IPV4_ARR_TYPE
	netscan interface IPV4 array More...
typedef uint32_t	DOCA_APSH_NETSCAN_LINUX_INTERFACE_IPV4_ARR_SIZE_TYPE
	netscan linux interface IPV4 array size More...
typedef char **	DOCA_APSH_NETSCAN_LINUX_INTERFACE_MAC_ARR_TYPE
	netscan linux interface MAC array More...
typedef uint32_t	DOCA_APSH_NETSCAN_LINUX_INTERFACE_MAC_ARR_SIZE_TYPE
	netscan linux interface MAC array size More...
typedef char **	DOCA_APSH_NETSCAN_LINUX_INTERFACE_IPV6_ARR_TYPE
	netscan linux interface IPV6 array More...
typedef uint32_t	DOCA_APSH_NETSCAN_LINUX_INTERFACE_IPV6_ARR_SIZE_TYPE
	netscan linux interface IPV6 array size More...
typedef const char *	DOCA_APSH_LINUX_INTERFACE_NAME_TYPE
	linux interface name More...
typedef char **	DOCA_APSH_LINUX_INTERFACE_IPV4_ARR_TYPE
	linux interface IPV4 More...
typedef unsigned char *	DOCA_APSH_LINUX_INTERFACE_IPV4_PREFIX_LEN_ARR_TYPE
	linux inteface IPV4 prefix len More...
typedef uint32_t	DOCA_APSH_LINUX_INTERFACE_IPV4_ARR_SIZE_TYPE
	linux IPV4 adrress array size More...
typedef char **	DOCA_APSH_LINUX_INTERFACE_MAC_ARR_TYPE
	linux interface mac address array More...
typedef uint32_t	DOCA_APSH_LINUX_INTERFACE_MAC_ARR_SIZE_TYPE
	linux interface mac address array size More...
typedef char **	DOCA_APSH_LINUX_INTERFACE_IPV6_ARR_TYPE
	linux interface IPV6 More...
typedef uint32_t *	DOCA_APSH_LINUX_INTERFACE_IPV6_PREFIX_LEN_ARR_TYPE
	linux IPV6 prefix len More...
typedef uint32_t	DOCA_APSH_LINUX_INTERFACE_IPV6_ARR_SIZE_TYPE
	linux IPV6 adrress array size More...
typedef uint32_t	DOCA_APSH_LINUX_INTERFACE_NAMESPACE_TYPE
	linux namespace More...
typedef uint32_t	DOCA_APSH_YARA_PID_TYPE
	pid of the process More...
typedef const char *	DOCA_APSH_YARA_COMM_TYPE
	name of the process More...
typedef const char *	DOCA_APSH_YARA_RULE_TYPE
	rule name More...
typedef uint64_t	DOCA_APSH_YARA_MATCH_WINDOW_ADDR_TYPE
	virtual address of the scan window of the match More...
typedef uint64_t	DOCA_APSH_YARA_MATCH_WINDOW_LEN_TYPE
	length of the scan window of the match More...
typedef uint32_t	DOCA_APSH_INJECTION_DETECT_PID_TYPE
	injection detect pid type More...
typedef uint64_t	DOCA_APSH_INJECTION_DETECT_VAD_START_TYPE
	injection detect VAD start address type More...
typedef uint64_t	DOCA_APSH_INJECTION_DETECT_VAD_END_TYPE
	injection detect VAD end address type More...
typedef const char *	DOCA_APSH_INJECTION_DETECT_VAD_PROTECTION_TYPE
	injection detect VAD protection type More...
typedef const char *	DOCA_APSH_INJECTION_DETECT_VAD_TAG_TYPE
	injection detect VAD pool tag type More...
typedef const char *	DOCA_APSH_INJECTION_DETECT_VAD_FILE_PATH_TYPE
	injection detect VAD file path type More...
typedef uint64_t	DOCA_APSH_INJECTION_DETECT_SUSPECTED_AREA_START_TYPE
	injection detect suspected area start type More...
typedef uint64_t	DOCA_APSH_INJECTION_DETECT_SUSPECTED_AREA_END_TYPE
	injection detect suspected area end type More...
typedef const char *	DOCA_APSH_CONTAINER_ID_TYPE
	container id type More...
typedef uint32_t	DOCA_APSH_PROCESS_FILE_DETAILS_PID_TYPE
	process file details pid type More...
typedef const char *	DOCA_APSH_PROCESS_FILE_DETAILS_PATH_TYPE
	process file details path type More...
typedef const char *	DOCA_APSH_PROCESS_FILE_DETAILS_SHA1_TYPE
	process file details sha1 type More...
typedef const char *	DOCA_APSH_PROCESS_FILE_DETAILS_SHA256_TYPE
	process file details sha256 type More...
typedef uint64_t	DOCA_APSH_PROCESS_FILE_DETAILS_INODE_TYPE
	process file details inode number type More...
typedef uint64_t	DOCA_APSH_PROCESS_FILE_DETAILS_SIZE_TYPE
	process file details file size type More...
typedef const char *	DOCA_APSH_PROCESS_FILE_DETAILS_ELF_TYPE_TYPE
	process file details elf type type More...
typedef uint64_t	DOCA_APSH_PROCESS_FILE_DETAILS_INODE_ADDRESS_TYPE
	process file details inode address type More...

Enumerations
enum	doca_apsh_system_os { DOCA_APSH_SYSTEM_LINUX = 0 , DOCA_APSH_SYSTEM_WINDOWS = 1 }
	system os types More...
enum	doca_apsh_system_config_attr {   DOCA_APSH_OS_SYMBOL_MAP = 0 , DOCA_APSH_MEM_REGION = 1 , DOCA_APSH_KPGD_FILE = 2 , DOCA_APSH_VHCA_ID = 3 ,   DOCA_APSH_OS_TYPE = 4 , DOCA_APSH_SCAN_WIN_SIZE = 5 , DOCA_APSH_SCAN_WIN_STEP = 6 , DOCA_APSH_HASHTEST_LIMIT = 7 ,   DOCA_APSH_MODULES_LIMIT = 8 , DOCA_APSH_PROCESS_LIMIT = 9 , DOCA_APSH_THREADS_LIMIT = 10 , DOCA_APSH_LDRMODULES_LIMIT = 11 ,   DOCA_APSH_LIBS_LIMIT = 12 , DOCA_APSH_VADS_LIMIT = 13 , DOCA_APSH_WINDOWS_ENVARS_LIMIT = 14 , DOCA_APSH_HANDLES_LIMIT = 15 ,   DOCA_APSH_STRING_LIMIT = 16 , DOCA_APSH_OS_SYMBOL_MAP_FOLDER = 17 , DOCA_APSH_FILESIZE_LIMIT = 18 }
	doca app shield configuration attributes More...
enum	doca_apsh_process_attr {   DOCA_APSH_PROCESS_PID = 0 , DOCA_APSH_PROCESS_PPID = 1 , DOCA_APSH_PROCESS_COMM = 2 , DOCA_APSH_PROCESS_CPU_TIME = 3 ,   DOCA_APSH_PROCESS_WINDOWS_OFFSET = 1000 , DOCA_APSH_PROCESS_WINDOWS_THREADS = 1001 , DOCA_APSH_PROCESS_WINDOWS_EXIT_TIME = 1002 , DOCA_APSH_PROCESS_LINUX_GID = 2000 ,   DOCA_APSH_PROCESS_LINUX_UID = 2001 , DOCA_APSH_PROCESS_LINUX_STATE = 2002 , DOCA_APSH_PROCESS_LINUX_NS_PID = 2003 , DOCA_APSH_PROCESS_LINUX_NS_MNT = 2004 ,   DOCA_APSH_PROCESS_LINUX_NS_NET = 2005 }
	doca app shield process attributes More...
enum	doca_apsh_thread_attr {   DOCA_APSH_THREAD_PID = 0 , DOCA_APSH_THREAD_TID = 1 , DOCA_APSH_THREAD_STATE = 2 , DOCA_APSH_THREAD_WINDOWS_WAIT_REASON = 1000 ,   DOCA_APSH_THREAD_WINDOWS_OFFSET = 1001 , DOCA_APSH_THREAD_WINDOWS_SUSPEND_COUNT = 1002 , DOCA_APSH_THREAD_LINUX_PROC_NAME = 2000 , DOCA_APSH_THREAD_LINUX_THREAD_NAME = 2001 }
	doca app shield thread attributes More...
enum	doca_apsh_lib_attr {   DOCA_APSH_LIB_PID = 0 , DOCA_APSH_LIB_LIBRARY_PATH = 2 , DOCA_APSH_LIB_LOAD_ADRESS = 3 , DOCA_APSH_LIB_WINDOWS_DLL_NAME = 1000 ,   DOCA_APSH_LIB_WINDOWS_SIZE_OF_IMAGE = 1001 , DOCA_APSH_LIB_LINUX_LOAD_ADRESS = 2000 }
	doca app shield lib attributes More...
enum	doca_apsh_vad_attr {   DOCA_APSH_VMA_PID = 0 , DOCA_APSH_VMA_OFFSET = 1 , DOCA_APSH_VMA_PROTECTION = 2 , DOCA_APSH_VMA_VM_START = 3 ,   DOCA_APSH_VMA_VM_END = 4 , DOCA_APSH_VMA_PROCESS_NAME = 5 , DOCA_APSH_VMA_FILE_PATH = 6 , DOCA_APSH_VMA_WINDOWS_COMMIT_CHARGE = 1000 ,   DOCA_APSH_VMA_WINDOWS_PRIVATE_MEMORY = 1001 , DOCA_APSH_VMA_WINDOWS_TAG = 1002 }
	doca app shield virtual address descriptor attributes More...
enum	doca_apsh_attestation_attr {   DOCA_APSH_ATTESTATION_PID = 0 , DOCA_APSH_ATTESTATION_COMM = 1 , DOCA_APSH_ATTESTATION_PATH_OF_MEMORY_AREA = 2 , DOCA_APSH_ATTESTATION_PROTECTION = 3 ,   DOCA_APSH_ATTESTATION_START_ADDRESS = 4 , DOCA_APSH_ATTESTATION_END_ADDRESS = 5 , DOCA_APSH_ATTESTATION_PAGES_NUMBER = 6 , DOCA_APSH_ATTESTATION_PAGES_PRESENT = 7 ,   DOCA_APSH_ATTESTATION_MATCHING_HASHES = 8 , DOCA_APSH_ATTESTATION_HASH_DATA_IS_PRESENT = 9 }
	doca app shield attestation attributes More...
enum	doca_apsh_module_attr { DOCA_APSH_MODULES_OFFSET = 0 , DOCA_APSH_MODULES_NAME = 1 , DOCA_APSH_MODULES_SIZE = 2 }
	doca app shield module attributes More...
enum	doca_apsh_privilege_attr {   DOCA_APSH_PRIVILEGES_PID = 0 , DOCA_APSH_PRIVILEGES_NAME = 2 , DOCA_APSH_PRIVILEGES_IS_ON = 3 , DOCA_APSH_PRIVILEGES_WINDOWS_PRESENT = 1000 ,   DOCA_APSH_PRIVILEGES_WINDOWS_ENABLED = 1001 , DOCA_APSH_PRIVILEGES_WINDOWS_DEFAULT = 1002 }
	doca app shield privileges attributes windows privilege list can be found on: https://docs.microsoft.com/en-us/windows/win32/secauthz/privilege-constants More...
enum	doca_apsh_envar_attr { DOCA_APSH_ENVARS_PID = 0 , DOCA_APSH_ENVARS_VARIABLE = 2 , DOCA_APSH_ENVARS_VALUE = 3 , DOCA_APSH_ENVARS_WINDOWS_BLOCK = 1000 }
	doca app shield envars attributes More...
enum	doca_apsh_ldrmodule_attr {   DOCA_APSH_LDRMODULE_PID = 0 , DOCA_APSH_LDRMODULE_BASE_ADDRESS = 2 , DOCA_APSH_LDRMODULE_LIBRARY_PATH = 3 , DOCA_APSH_LDRMODULE_WINDOWS_DLL_NAME = 1000 ,   DOCA_APSH_LDRMODULE_WINDOWS_SIZE_OF_IMAGE = 1001 , DOCA_APSH_LDRMODULE_WINDOWS_INLOAD = 1002 , DOCA_APSH_LDRMODULE_WINDOWS_INMEM = 1003 , DOCA_APSH_LDRMODULE_WINDOWS_ININIT = 1004 }
	doca app shield LDR-Modules attributes More...
enum	doca_apsh_handle_attr {   DOCA_APSH_HANDLE_PID = 0 , DOCA_APSH_HANDLE_VALUE = 2 , DOCA_APSH_HANDLE_TABLE_ENTRY = 3 , DOCA_APSH_HANDLE_TYPE = 4 ,   DOCA_APSH_HANDLE_ACCESS = 5 , DOCA_APSH_HANDLE_NAME = 6 }
	doca app shield handle attributes More...
enum	doca_apsh_process_parameters_attr { DOCA_APSH_PROCESS_PARAMETERS_PID = 0 , DOCA_APSH_PROCESS_PARAMETERS_CMD_LINE = 1 , DOCA_APSH_PROCESS_PARAMETERS_IMAGE_BASE_ADDR = 2 , DOCA_APSH_PROCESS_PARAMETERS_IMAGE_FULL_PATH = 3 }
	doca app shield process-parameters attributes More...
enum	doca_apsh_sid_attr { DOCA_APSH_PROCESS_SID_PID = 0 , DOCA_APSH_PROCESS_SID_STRING = 1 , DOCA_APSH_PROCESS_SID_ATTRIBUTES = 2 }
	doca app shield SID (security identifiers) attributes More...
enum	doca_apsh_netscan_attr {   DOCA_APSH_NETSCAN_PID = 0 , DOCA_APSH_NETSCAN_COMM = 1 , DOCA_APSH_NETSCAN_PROTOCOL = 2 , DOCA_APSH_NETSCAN_LOCAL_ADDR = 3 ,   DOCA_APSH_NETSCAN_REMOTE_ADDR = 4 , DOCA_APSH_NETSCAN_LOCAL_PORT = 5 , DOCA_APSH_NETSCAN_REMOTE_PORT = 6 , DOCA_APSH_NETSCAN_STATE = 7 ,   DOCA_APSH_NETSCAN_TIME = 8 , DOCA_APSH_NETSCAN_WINDOWS_TIME = 1000 , DOCA_APSH_NETSCAN_LINUX_FD = 2000 , DOCA_APSH_NETSCAN_LINUX_SOCKET_OFFSET = 2001 ,   DOCA_APSH_NETSCAN_LINUX_FAMILY = 2002 , DOCA_APSH_NETSCAN_LINUX_TYPE = 2003 , DOCA_APSH_NETSCAN_LINUX_FILTER = 2004 , DOCA_APSH_NETSCAN_LINUX_NET_NAMESPACE = 2005 ,   DOCA_APSH_NETSCAN_LINUX_TCP_BYTES_SENT = 2006 , DOCA_APSH_NETSCAN_LINUX_TCP_BYTES_ACKED = 2007 , DOCA_APSH_NETSCAN_LINUX_TCP_BYTES_RECEIVED = 2008 , DOCA_APSH_NETSCAN_LINUX_TCP_SEGS_IN = 2009 ,   DOCA_APSH_NETSCAN_LINUX_TCP_SEGS_OUT = 2010 , DOCA_APSH_NETSCAN_LINUX_TCP_DATA_SEGS_IN = 2011 , DOCA_APSH_NETSCAN_LINUX_TCP_DATA_SEGS_OUT = 2012 , DOCA_APSH_NETSCAN_LINUX_INTERFACE_NAME = 2013 ,   DOCA_APSH_NETSCAN_LINUX_INTERFACE_IPV4_ARR = 2014 , DOCA_APSH_NETSCAN_LINUX_INTERFACE_IPV4_ARR_SIZE = 2015 , DOCA_APSH_NETSCAN_LINUX_INTERFACE_MAC_ARR = 2016 , DOCA_APSH_NETSCAN_LINUX_INTERFACE_MAC_ARR_SIZE = 2017 ,   DOCA_APSH_NETSCAN_LINUX_INTERFACE_IPV6_ARR = 2018 , DOCA_APSH_NETSCAN_LINUX_INTERFACE_IPV6_ARR_SIZE = 2019 }
	doca app shield netscan attributes More...
enum	doca_apsh_interface_attr {   DOCA_APSH_LINUX_INTERFACE_NAME = 3000 , DOCA_APSH_LINUX_INTERFACE_IPV4_ARR = 3001 , DOCA_APSH_LINUX_INTERFACE_IPV4_PREFIX_LEN_ARR = 3002 , DOCA_APSH_LINUX_INTERFACE_IPV4_ARR_SIZE = 3003 ,   DOCA_APSH_LINUX_INTERFACE_MAC_ARR = 3004 , DOCA_APSH_LINUX_INTERFACE_MAC_ARR_SIZE = 3005 , DOCA_APSH_LINUX_INTERFACE_IPV6_ARR = 3006 , DOCA_APSH_LINUX_INTERFACE_IPV6_PREFIX_LEN_ARR = 3007 ,   DOCA_APSH_LINUX_INTERFACE_IPV6_ARR_SIZE = 3008 , DOCA_APSH_LINUX_INTERFACE_NAMESPACE = 3009 }
	doca app shield interface attributes More...
enum	doca_apsh_yara_rule { DOCA_APSH_YARA_RULE_HELLO_WORLD = 0 , DOCA_APSH_YARA_RULE_REFLECTIVE_DLL_INJECTION = 1 , DOCA_APSH_YARA_RULE_MIMIKATZ = 2 }
	available doca app shield yara rules More...
enum	doca_apsh_yara_scan_type { DOCA_APSH_YARA_SCAN_VMA = 1 , DOCA_APSH_YARA_SCAN_HEAP = 1 << 1 }
	doca app shield yara scan type bitmask More...
enum	doca_apsh_yara_attr {   DOCA_APSH_YARA_PID = 0 , DOCA_APSH_YARA_COMM = 1 , DOCA_APSH_YARA_RULE = 2 , DOCA_APSH_YARA_MATCH_WINDOW_ADDR = 3 ,   DOCA_APSH_YARA_MATCH_WINDOW_LEN = 4 }
	doca app shield yara attributes More...
enum	doca_apsh_injection_detect_attr {   DOCA_APSH_INJECTION_DETECT_PID , DOCA_APSH_INJECTION_DETECT_VAD_START , DOCA_APSH_INJECTION_DETECT_VAD_END , DOCA_APSH_INJECTION_DETECT_VAD_PROTECTION ,   DOCA_APSH_INJECTION_DETECT_VAD_TAG , DOCA_APSH_INJECTION_DETECT_VAD_FILE_PATH , DOCA_APSH_INJECTION_DETECT_SUSPECTED_AREA_START , DOCA_APSH_INJECTION_DETECT_SUSPECTED_AREA_END }
	doca app shield injection detect attributes More...
enum	doca_apsh_container_attr { DOCA_APSH_CONTAINER_ID = 0 }
	doca app shield process attributes More...
enum	doca_apsh_proc_file_details_attr {   DOCA_APSH_PROCESS_FILE_DETAILS_PID = 0 , DOCA_APSH_PROCESS_FILE_DETAILS_PATH = 1 , DOCA_APSH_PROCESS_FILE_DETAILS_SHA1 = 2 , DOCA_APSH_PROCESS_FILE_DETAILS_SHA256 = 3 ,   DOCA_APSH_PROCESS_FILE_DETAILS_INODE = 4 , DOCA_APSH_PROCESS_FILE_DETAILS_SIZE = 5 , DOCA_APSH_PROCESS_FILE_DETAILS_ELF_TYPE = 6 , DOCA_APSH_PROCESS_FILE_DETAILS_INODE_ADDRESS = 7 }
	doca app shield process file details attributes More...