Class KernelRootkit (2.28.0) 
  
  
  
   
  
    
  
  
    
    
    
    
  Version 2.28.0keyboard_arrow_down  
  
 
    
    
    
      
  
  
  
    
public   final   class  KernelRootkit   extends   GeneratedMessageV3   implements   KernelRootkitOrBuilder  
   Kernel mode rootkit signatures.
 Protobuf type google.cloud.securitycenter.v1.KernelRootkit
    Inherited Members 
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
      com.google.protobuf.GeneratedMessageV3.<ListT>makeMutableCopy(ListT) 
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
   
  Static Fields
   
  NAME_FIELD_NUMBER 
  
    
public   static   final   int   NAME_FIELD_NUMBER  
  
    
      
        Field Value  
      
        Type Description  
      
        int  
     
  
  UNEXPECTED_CODE_MODIFICATION_FIELD_NUMBER 
  
    
public   static   final   int   UNEXPECTED_CODE_MODIFICATION_FIELD_NUMBER  
  
    
      
        Field Value  
      
        Type Description  
      
        int  
     
  
  UNEXPECTED_FTRACE_HANDLER_FIELD_NUMBER 
  
    
public   static   final   int   UNEXPECTED_FTRACE_HANDLER_FIELD_NUMBER  
  
    
      
        Field Value  
      
        Type Description  
      
        int  
     
  
  UNEXPECTED_INTERRUPT_HANDLER_FIELD_NUMBER 
  
    
public   static   final   int   UNEXPECTED_INTERRUPT_HANDLER_FIELD_NUMBER  
  
    
      
        Field Value  
      
        Type Description  
      
        int  
     
  
  UNEXPECTED_KERNEL_CODE_PAGES_FIELD_NUMBER 
  
    
public   static   final   int   UNEXPECTED_KERNEL_CODE_PAGES_FIELD_NUMBER  
  
    
      
        Field Value  
      
        Type Description  
      
        int  
     
  
  UNEXPECTED_KPROBE_HANDLER_FIELD_NUMBER 
  
    
public   static   final   int   UNEXPECTED_KPROBE_HANDLER_FIELD_NUMBER  
  
    
      
        Field Value  
      
        Type Description  
      
        int  
     
  
  UNEXPECTED_PROCESSES_IN_RUNQUEUE_FIELD_NUMBER 
  
    
public   static   final   int   UNEXPECTED_PROCESSES_IN_RUNQUEUE_FIELD_NUMBER  
  
    
      
        Field Value  
      
        Type Description  
      
        int  
     
  
  UNEXPECTED_READ_ONLY_DATA_MODIFICATION_FIELD_NUMBER 
  
    
public   static   final   int   UNEXPECTED_READ_ONLY_DATA_MODIFICATION_FIELD_NUMBER  
  
    
      
        Field Value  
      
        Type Description  
      
        int  
     
  
  UNEXPECTED_SYSTEM_CALL_HANDLER_FIELD_NUMBER 
  
    
public   static   final   int   UNEXPECTED_SYSTEM_CALL_HANDLER_FIELD_NUMBER  
  
    
      
        Field Value  
      
        Type Description  
      
        int  
     
  
  Static Methods
   
  getDefaultInstance() 
  
    
public   static   KernelRootkit   getDefaultInstance ()  
  
  getDescriptor() 
  
    
public   static   final   Descriptors . Descriptor   getDescriptor ()  
  
  newBuilder() 
  
    
public   static   KernelRootkit . Builder   newBuilder ()  
  
  newBuilder(KernelRootkit prototype) 
  
    
public   static   KernelRootkit . Builder   newBuilder ( KernelRootkit   prototype )  
  
  
  
    
public   static   KernelRootkit   parseDelimitedFrom ( InputStream   input )  
  
  
  
  
    
public   static   KernelRootkit   parseDelimitedFrom ( InputStream   input ,   ExtensionRegistryLite   extensionRegistry )  
  
  
  
  parseFrom(byte[] data) 
  
    
public   static   KernelRootkit   parseFrom ( byte []   data )  
  
    
      
        Parameter  
      
        Name Description  
      
        databyte [] 
     
  
  
  
  parseFrom(byte[] data, ExtensionRegistryLite extensionRegistry) 
  
    
public   static   KernelRootkit   parseFrom ( byte []   data ,   ExtensionRegistryLite   extensionRegistry )  
  
  
  
  parseFrom(ByteString data) 
  
    
public   static   KernelRootkit   parseFrom ( ByteString   data )  
  
  
  
  parseFrom(ByteString data, ExtensionRegistryLite extensionRegistry) 
  
    
public   static   KernelRootkit   parseFrom ( ByteString   data ,   ExtensionRegistryLite   extensionRegistry )  
  
  
  
  
    
public   static   KernelRootkit   parseFrom ( CodedInputStream   input )  
  
  
  
  
    
public   static   KernelRootkit   parseFrom ( CodedInputStream   input ,   ExtensionRegistryLite   extensionRegistry )  
  
  
  
  
    
public   static   KernelRootkit   parseFrom ( InputStream   input )  
  
  
  
  
    
public   static   KernelRootkit   parseFrom ( InputStream   input ,   ExtensionRegistryLite   extensionRegistry )  
  
  
  
  parseFrom(ByteBuffer data) 
  
    
public   static   KernelRootkit   parseFrom ( ByteBuffer   data )  
  
  
  
  parseFrom(ByteBuffer data, ExtensionRegistryLite extensionRegistry) 
  
    
public   static   KernelRootkit   parseFrom ( ByteBuffer   data ,   ExtensionRegistryLite   extensionRegistry )  
  
  
  
  parser() 
  
    
public   static   Parser<KernelRootkit>   parser ()  
  
  Methods
   
  equals(Object obj) 
  
    
public   boolean   equals ( Object   obj )  
  
    
      
        Parameter  
      
        Name Description  
      
        objObject  
     
  
  
  Overrides 
  
  getDefaultInstanceForType() 
  
    
public   KernelRootkit   getDefaultInstanceForType ()  
  
  getName() 
  
   Rootkit name, when available.
 string name = 1;
    
      
        Returns  
      
        Type Description  
      
        String The name.
 
     
  
  getNameBytes() 
  
    
public   ByteString   getNameBytes ()  
   Rootkit name, when available.
 string name = 1;
    
      
        Returns  
      
        Type Description  
      
        ByteString The bytes for name.
 
     
  
  getParserForType() 
  
    
public   Parser<KernelRootkit>   getParserForType ()  
  
  Overrides 
  
  getSerializedSize() 
  
    
public   int   getSerializedSize ()  
  
    
      
        Returns  
      
        Type Description  
      
        int  
     
  
  Overrides 
  
  getUnexpectedCodeModification() 
  
    
public   boolean   getUnexpectedCodeModification ()  
   True if unexpected modifications of kernel code memory are present.
 bool unexpected_code_modification = 2;
    
      
        Returns  
      
        Type Description  
      
        boolean The unexpectedCodeModification.
 
     
  
  getUnexpectedFtraceHandler() 
  
    
public   boolean   getUnexpectedFtraceHandler ()  
   True if ftrace points are present with callbacks pointing to regions
 that are not in the expected kernel or module code range.
 bool unexpected_ftrace_handler = 4;
    
      
        Returns  
      
        Type Description  
      
        boolean The unexpectedFtraceHandler.
 
     
  
  getUnexpectedInterruptHandler() 
  
    
public   boolean   getUnexpectedInterruptHandler ()  
   True if interrupt handlers that are are not in the expected kernel or
 module code regions are present.
 bool unexpected_interrupt_handler = 8;
    
      
        Returns  
      
        Type Description  
      
        boolean The unexpectedInterruptHandler.
 
     
  
  getUnexpectedKernelCodePages() 
  
    
public   boolean   getUnexpectedKernelCodePages ()  
   True if kernel code pages that are not in the expected kernel or module
 code regions are present.
 bool unexpected_kernel_code_pages = 6;
    
      
        Returns  
      
        Type Description  
      
        boolean The unexpectedKernelCodePages.
 
     
  
  getUnexpectedKprobeHandler() 
  
    
public   boolean   getUnexpectedKprobeHandler ()  
   True if kprobe points are present with callbacks pointing to regions
 that are not in the expected kernel or module code range.
 bool unexpected_kprobe_handler = 5;
    
      
        Returns  
      
        Type Description  
      
        boolean The unexpectedKprobeHandler.
 
     
  
  getUnexpectedProcessesInRunqueue() 
  
    
public   boolean   getUnexpectedProcessesInRunqueue ()  
   True if unexpected processes in the scheduler run queue are present. Such
 processes are in the run queue, but not in the process task list.
 bool unexpected_processes_in_runqueue = 9;
    
      
        Returns  
      
        Type Description  
      
        boolean The unexpectedProcessesInRunqueue.
 
     
  
  getUnexpectedReadOnlyDataModification() 
  
    
public   boolean   getUnexpectedReadOnlyDataModification ()  
   True if unexpected modifications of kernel read-only data memory are
 present.
 bool unexpected_read_only_data_modification = 3;
    
      
        Returns  
      
        Type Description  
      
        boolean The unexpectedReadOnlyDataModification.
 
     
  
  getUnexpectedSystemCallHandler() 
  
    
public   boolean   getUnexpectedSystemCallHandler ()  
   True if system call handlers that are are not in the expected kernel or
 module code regions are present.
 bool unexpected_system_call_handler = 7;
    
      
        Returns  
      
        Type Description  
      
        boolean The unexpectedSystemCallHandler.
 
     
  
  hashCode() 
  
  
    
      
        Returns  
      
        Type Description  
      
        int  
     
  
  Overrides 
  
  internalGetFieldAccessorTable() 
  
    
protected   GeneratedMessageV3 . FieldAccessorTable   internalGetFieldAccessorTable ()  
  
  Overrides 
  
  isInitialized() 
  
    
public   final   boolean   isInitialized ()  
  
  Overrides 
  
  newBuilderForType() 
  
    
public   KernelRootkit . Builder   newBuilderForType ()  
  
  newBuilderForType(GeneratedMessageV3.BuilderParent parent) 
  
    
protected   KernelRootkit . Builder   newBuilderForType ( GeneratedMessageV3 . BuilderParent   parent )  
  
  
  Overrides 
  
  newInstance(GeneratedMessageV3.UnusedPrivateParameter unused) 
  
    
protected   Object   newInstance ( GeneratedMessageV3 . UnusedPrivateParameter   unused )  
  
  
    
      
        Returns  
      
        Type Description  
      
        Object  
     
  
  Overrides 
  
  toBuilder() 
  
    
public   KernelRootkit . Builder   toBuilder ()  
  
  writeTo(CodedOutputStream output) 
  
    
public   void   writeTo ( CodedOutputStream   output )  
  
  Overrides 
  
  
 
     
    
  
  
  
     
  
    
    
      
       
    
    
  
  
 
  Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License , and code samples are licensed under the Apache 2.0 License . For details, see the Google Developers Site Policies . Java is a registered trademark of Oracle and/or its affiliates.
  Last updated 2025-10-11 UTC.
 
 
  
  
  
    
      [[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-10-11 UTC."],[],[]]