- 2.62.0 (latest)
- 2.61.0
- 2.60.0
- 2.59.0
- 2.57.0
- 2.56.0
- 2.55.0
- 2.54.0
- 2.53.0
- 2.52.0
- 2.51.0
- 2.50.0
- 2.49.0
- 2.48.0
- 2.47.0
- 2.45.0
- 2.44.0
- 2.43.0
- 2.42.0
- 2.41.0
- 2.40.0
- 2.39.0
- 2.38.0
- 2.37.0
- 2.36.0
- 2.35.0
- 2.32.0
- 2.31.0
- 2.30.0
- 2.29.0
- 2.28.0
- 2.27.0
- 2.26.0
- 2.25.0
- 2.24.0
- 2.23.0
- 2.22.0
- 2.21.0
- 2.20.0
- 2.19.0
- 2.17.0
- 2.16.0
- 2.15.0
- 2.14.0
- 2.13.0
- 2.12.0
- 2.11.1
- 2.10.0
- 2.9.0
- 2.8.0
- 2.7.1
- 2.6.0
- 2.5.6
- 2.3.2
public static final class KernelRootkit.Builder extends GeneratedMessageV3.Builder<KernelRootkit.Builder> implements KernelRootkitOrBuilder
Kernel mode rootkit signatures.
Protobuf type google.cloud.securitycenter.v2.KernelRootkit
Inheritance
Object > AbstractMessageLite.Builder<MessageType,BuilderType> > AbstractMessage.Builder<BuilderType> > GeneratedMessageV3.Builder > KernelRootkit.BuilderImplements
KernelRootkitOrBuilderStatic Methods
getDescriptor()
public static final Descriptors.Descriptor getDescriptor()
Returns | |
---|---|
Type | Description |
Descriptor |
Methods
addRepeatedField(Descriptors.FieldDescriptor field, Object value)
public KernelRootkit.Builder addRepeatedField(Descriptors.FieldDescriptor field, Object value)
Parameters | |
---|---|
Name | Description |
field |
FieldDescriptor |
value |
Object |
Returns | |
---|---|
Type | Description |
KernelRootkit.Builder |
build()
public KernelRootkit build()
Returns | |
---|---|
Type | Description |
KernelRootkit |
buildPartial()
public KernelRootkit buildPartial()
Returns | |
---|---|
Type | Description |
KernelRootkit |
clear()
public KernelRootkit.Builder clear()
Returns | |
---|---|
Type | Description |
KernelRootkit.Builder |
clearField(Descriptors.FieldDescriptor field)
public KernelRootkit.Builder clearField(Descriptors.FieldDescriptor field)
Parameter | |
---|---|
Name | Description |
field |
FieldDescriptor |
Returns | |
---|---|
Type | Description |
KernelRootkit.Builder |
clearName()
public KernelRootkit.Builder clearName()
Rootkit name, when available.
string name = 1;
Returns | |
---|---|
Type | Description |
KernelRootkit.Builder |
This builder for chaining. |
clearOneof(Descriptors.OneofDescriptor oneof)
public KernelRootkit.Builder clearOneof(Descriptors.OneofDescriptor oneof)
Parameter | |
---|---|
Name | Description |
oneof |
OneofDescriptor |
Returns | |
---|---|
Type | Description |
KernelRootkit.Builder |
clearUnexpectedCodeModification()
public KernelRootkit.Builder clearUnexpectedCodeModification()
True if unexpected modifications of kernel code memory are present.
bool unexpected_code_modification = 2;
Returns | |
---|---|
Type | Description |
KernelRootkit.Builder |
This builder for chaining. |
clearUnexpectedFtraceHandler()
public KernelRootkit.Builder clearUnexpectedFtraceHandler()
True if ftrace
points are present with callbacks pointing to regions
that are not in the expected kernel or module code range.
bool unexpected_ftrace_handler = 4;
Returns | |
---|---|
Type | Description |
KernelRootkit.Builder |
This builder for chaining. |
clearUnexpectedInterruptHandler()
public KernelRootkit.Builder clearUnexpectedInterruptHandler()
True if interrupt handlers that are are not in the expected kernel or module code regions are present.
bool unexpected_interrupt_handler = 8;
Returns | |
---|---|
Type | Description |
KernelRootkit.Builder |
This builder for chaining. |
clearUnexpectedKernelCodePages()
public KernelRootkit.Builder clearUnexpectedKernelCodePages()
True if kernel code pages that are not in the expected kernel or module code regions are present.
bool unexpected_kernel_code_pages = 6;
Returns | |
---|---|
Type | Description |
KernelRootkit.Builder |
This builder for chaining. |
clearUnexpectedKprobeHandler()
public KernelRootkit.Builder clearUnexpectedKprobeHandler()
True if kprobe
points are present with callbacks pointing to regions
that are not in the expected kernel or module code range.
bool unexpected_kprobe_handler = 5;
Returns | |
---|---|
Type | Description |
KernelRootkit.Builder |
This builder for chaining. |
clearUnexpectedProcessesInRunqueue()
public KernelRootkit.Builder clearUnexpectedProcessesInRunqueue()
True if unexpected processes in the scheduler run queue are present. Such processes are in the run queue, but not in the process task list.
bool unexpected_processes_in_runqueue = 9;
Returns | |
---|---|
Type | Description |
KernelRootkit.Builder |
This builder for chaining. |
clearUnexpectedReadOnlyDataModification()
public KernelRootkit.Builder clearUnexpectedReadOnlyDataModification()
True if unexpected modifications of kernel read-only data memory are present.
bool unexpected_read_only_data_modification = 3;
Returns | |
---|---|
Type | Description |
KernelRootkit.Builder |
This builder for chaining. |
clearUnexpectedSystemCallHandler()
public KernelRootkit.Builder clearUnexpectedSystemCallHandler()
True if system call handlers that are are not in the expected kernel or module code regions are present.
bool unexpected_system_call_handler = 7;
Returns | |
---|---|
Type | Description |
KernelRootkit.Builder |
This builder for chaining. |
clone()
public KernelRootkit.Builder clone()
Returns | |
---|---|
Type | Description |
KernelRootkit.Builder |
getDefaultInstanceForType()
public KernelRootkit getDefaultInstanceForType()
Returns | |
---|---|
Type | Description |
KernelRootkit |
getDescriptorForType()
public Descriptors.Descriptor getDescriptorForType()
Returns | |
---|---|
Type | Description |
Descriptor |
getName()
public String getName()
Rootkit name, when available.
string name = 1;
Returns | |
---|---|
Type | Description |
String |
The name. |
getNameBytes()
public ByteString getNameBytes()
Rootkit name, when available.
string name = 1;
Returns | |
---|---|
Type | Description |
ByteString |
The bytes for name. |
getUnexpectedCodeModification()
public boolean getUnexpectedCodeModification()
True if unexpected modifications of kernel code memory are present.
bool unexpected_code_modification = 2;
Returns | |
---|---|
Type | Description |
boolean |
The unexpectedCodeModification. |
getUnexpectedFtraceHandler()
public boolean getUnexpectedFtraceHandler()
True if ftrace
points are present with callbacks pointing to regions
that are not in the expected kernel or module code range.
bool unexpected_ftrace_handler = 4;
Returns | |
---|---|
Type | Description |
boolean |
The unexpectedFtraceHandler. |
getUnexpectedInterruptHandler()
public boolean getUnexpectedInterruptHandler()
True if interrupt handlers that are are not in the expected kernel or module code regions are present.
bool unexpected_interrupt_handler = 8;
Returns | |
---|---|
Type | Description |
boolean |
The unexpectedInterruptHandler. |
getUnexpectedKernelCodePages()
public boolean getUnexpectedKernelCodePages()
True if kernel code pages that are not in the expected kernel or module code regions are present.
bool unexpected_kernel_code_pages = 6;
Returns | |
---|---|
Type | Description |
boolean |
The unexpectedKernelCodePages. |
getUnexpectedKprobeHandler()
public boolean getUnexpectedKprobeHandler()
True if kprobe
points are present with callbacks pointing to regions
that are not in the expected kernel or module code range.
bool unexpected_kprobe_handler = 5;
Returns | |
---|---|
Type | Description |
boolean |
The unexpectedKprobeHandler. |
getUnexpectedProcessesInRunqueue()
public boolean getUnexpectedProcessesInRunqueue()
True if unexpected processes in the scheduler run queue are present. Such processes are in the run queue, but not in the process task list.
bool unexpected_processes_in_runqueue = 9;
Returns | |
---|---|
Type | Description |
boolean |
The unexpectedProcessesInRunqueue. |
getUnexpectedReadOnlyDataModification()
public boolean getUnexpectedReadOnlyDataModification()
True if unexpected modifications of kernel read-only data memory are present.
bool unexpected_read_only_data_modification = 3;
Returns | |
---|---|
Type | Description |
boolean |
The unexpectedReadOnlyDataModification. |
getUnexpectedSystemCallHandler()
public boolean getUnexpectedSystemCallHandler()
True if system call handlers that are are not in the expected kernel or module code regions are present.
bool unexpected_system_call_handler = 7;
Returns | |
---|---|
Type | Description |
boolean |
The unexpectedSystemCallHandler. |
internalGetFieldAccessorTable()
protected GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()
Returns | |
---|---|
Type | Description |
FieldAccessorTable |
isInitialized()
public final boolean isInitialized()
Returns | |
---|---|
Type | Description |
boolean |
mergeFrom(KernelRootkit other)
public KernelRootkit.Builder mergeFrom(KernelRootkit other)
Parameter | |
---|---|
Name | Description |
other |
KernelRootkit |
Returns | |
---|---|
Type | Description |
KernelRootkit.Builder |
mergeFrom(CodedInputStream input, ExtensionRegistryLite extensionRegistry)
public KernelRootkit.Builder mergeFrom(CodedInputStream input, ExtensionRegistryLite extensionRegistry)
Parameters | |
---|---|
Name | Description |
input |
CodedInputStream |
extensionRegistry |
ExtensionRegistryLite |
Returns | |
---|---|
Type | Description |
KernelRootkit.Builder |
Exceptions | |
---|---|
Type | Description |
IOException |
mergeFrom(Message other)
public KernelRootkit.Builder mergeFrom(Message other)
Parameter | |
---|---|
Name | Description |
other |
Message |
Returns | |
---|---|
Type | Description |
KernelRootkit.Builder |
mergeUnknownFields(UnknownFieldSet unknownFields)
public final KernelRootkit.Builder mergeUnknownFields(UnknownFieldSet unknownFields)
Parameter | |
---|---|
Name | Description |
unknownFields |
UnknownFieldSet |
Returns | |
---|---|
Type | Description |
KernelRootkit.Builder |
setField(Descriptors.FieldDescriptor field, Object value)
public KernelRootkit.Builder setField(Descriptors.FieldDescriptor field, Object value)
Parameters | |
---|---|
Name | Description |
field |
FieldDescriptor |
value |
Object |
Returns | |
---|---|
Type | Description |
KernelRootkit.Builder |
setName(String value)
public KernelRootkit.Builder setName(String value)
Rootkit name, when available.
string name = 1;
Parameter | |
---|---|
Name | Description |
value |
String The name to set. |
Returns | |
---|---|
Type | Description |
KernelRootkit.Builder |
This builder for chaining. |
setNameBytes(ByteString value)
public KernelRootkit.Builder setNameBytes(ByteString value)
Rootkit name, when available.
string name = 1;
Parameter | |
---|---|
Name | Description |
value |
ByteString The bytes for name to set. |
Returns | |
---|---|
Type | Description |
KernelRootkit.Builder |
This builder for chaining. |
setRepeatedField(Descriptors.FieldDescriptor field, int index, Object value)
public KernelRootkit.Builder setRepeatedField(Descriptors.FieldDescriptor field, int index, Object value)
Parameters | |
---|---|
Name | Description |
field |
FieldDescriptor |
index |
int |
value |
Object |
Returns | |
---|---|
Type | Description |
KernelRootkit.Builder |
setUnexpectedCodeModification(boolean value)
public KernelRootkit.Builder setUnexpectedCodeModification(boolean value)
True if unexpected modifications of kernel code memory are present.
bool unexpected_code_modification = 2;
Parameter | |
---|---|
Name | Description |
value |
boolean The unexpectedCodeModification to set. |
Returns | |
---|---|
Type | Description |
KernelRootkit.Builder |
This builder for chaining. |
setUnexpectedFtraceHandler(boolean value)
public KernelRootkit.Builder setUnexpectedFtraceHandler(boolean value)
True if ftrace
points are present with callbacks pointing to regions
that are not in the expected kernel or module code range.
bool unexpected_ftrace_handler = 4;
Parameter | |
---|---|
Name | Description |
value |
boolean The unexpectedFtraceHandler to set. |
Returns | |
---|---|
Type | Description |
KernelRootkit.Builder |
This builder for chaining. |
setUnexpectedInterruptHandler(boolean value)
public KernelRootkit.Builder setUnexpectedInterruptHandler(boolean value)
True if interrupt handlers that are are not in the expected kernel or module code regions are present.
bool unexpected_interrupt_handler = 8;
Parameter | |
---|---|
Name | Description |
value |
boolean The unexpectedInterruptHandler to set. |
Returns | |
---|---|
Type | Description |
KernelRootkit.Builder |
This builder for chaining. |
setUnexpectedKernelCodePages(boolean value)
public KernelRootkit.Builder setUnexpectedKernelCodePages(boolean value)
True if kernel code pages that are not in the expected kernel or module code regions are present.
bool unexpected_kernel_code_pages = 6;
Parameter | |
---|---|
Name | Description |
value |
boolean The unexpectedKernelCodePages to set. |
Returns | |
---|---|
Type | Description |
KernelRootkit.Builder |
This builder for chaining. |
setUnexpectedKprobeHandler(boolean value)
public KernelRootkit.Builder setUnexpectedKprobeHandler(boolean value)
True if kprobe
points are present with callbacks pointing to regions
that are not in the expected kernel or module code range.
bool unexpected_kprobe_handler = 5;
Parameter | |
---|---|
Name | Description |
value |
boolean The unexpectedKprobeHandler to set. |
Returns | |
---|---|
Type | Description |
KernelRootkit.Builder |
This builder for chaining. |
setUnexpectedProcessesInRunqueue(boolean value)
public KernelRootkit.Builder setUnexpectedProcessesInRunqueue(boolean value)
True if unexpected processes in the scheduler run queue are present. Such processes are in the run queue, but not in the process task list.
bool unexpected_processes_in_runqueue = 9;
Parameter | |
---|---|
Name | Description |
value |
boolean The unexpectedProcessesInRunqueue to set. |
Returns | |
---|---|
Type | Description |
KernelRootkit.Builder |
This builder for chaining. |
setUnexpectedReadOnlyDataModification(boolean value)
public KernelRootkit.Builder setUnexpectedReadOnlyDataModification(boolean value)
True if unexpected modifications of kernel read-only data memory are present.
bool unexpected_read_only_data_modification = 3;
Parameter | |
---|---|
Name | Description |
value |
boolean The unexpectedReadOnlyDataModification to set. |
Returns | |
---|---|
Type | Description |
KernelRootkit.Builder |
This builder for chaining. |
setUnexpectedSystemCallHandler(boolean value)
public KernelRootkit.Builder setUnexpectedSystemCallHandler(boolean value)
True if system call handlers that are are not in the expected kernel or module code regions are present.
bool unexpected_system_call_handler = 7;
Parameter | |
---|---|
Name | Description |
value |
boolean The unexpectedSystemCallHandler to set. |
Returns | |
---|---|
Type | Description |
KernelRootkit.Builder |
This builder for chaining. |
setUnknownFields(UnknownFieldSet unknownFields)
public final KernelRootkit.Builder setUnknownFields(UnknownFieldSet unknownFields)
Parameter | |
---|---|
Name | Description |
unknownFields |
UnknownFieldSet |
Returns | |
---|---|
Type | Description |
KernelRootkit.Builder |