📄 kernel.h
字号:
LPVOID CreateSection(LPVOID lpvAddr);VOID DeleteSection(LPVOID lpvSect);LPVOID HugeVirtualReserve(DWORD dwSize);BOOL HugeVirtualRelease(LPVOID pMem);void InitMUILanguages(void);int NKwvsprintfW(LPWSTR lpOut, LPCWSTR lpFmt, CONST VOID *lpParms, int maxchars);BOOL DoThreadSetContext(HANDLE hTh, const CONTEXT *lpContext);BOOL DoThreadGetContext(HANDLE hTh, LPCONTEXT lpContext);extern fslog_t *LogPtr;#ifdef IN_KERNELDWORD PerformCallBack4Int(CALLBACKINFO *pcbi, ...);#undef ResumeThread#define ResumeThread SC_ThreadResume#undef SuspendThread#define SuspendThread SC_ThreadSuspend#undef GetTickCount#define GetTickCount SC_GetTickCount#undef CreateFileForMappingW#define CreateFileForMappingW SC_CreateFileForMapping#undef CreateFileMapping#define CreateFileMapping SC_CreateFileMapping#undef MapUncompressedFileW#define MapUncompressedFileW SC_MapUncompressedFileW#undef MapViewOfFile#define MapViewOfFile SC_MapViewOfFile#undef UnmapViewOfFile#define UnmapViewOfFile SC_UnmapViewOfFile#undef VirtualAlloc#define VirtualAlloc SC_VirtualAlloc#undef VirtualQuery#define VirtualQuery SC_VirtualQuery#undef VirtualProtect#define VirtualProtect SC_VirtualProtect#undef VirtualCopy#define VirtualCopy DoVirtualCopy#undef VirtualSetPageFlags#define VirtualSetPageFlags SC_VirtualSetPageFlags#undef LockPages#define LockPages DoLockPages#undef UnlockPages#define UnlockPages DoUnlockPages#undef VirtualFree#define VirtualFree SC_VirtualFree#undef SetThreadPriority // don't use - confusing with two sets of prio numbers#undef TakeCritSec#define TakeCritSec SC_TakeCritSec#undef LeaveCritSec#define LeaveCritSec SC_LeaveCritSec#undef CreateCrit#define CreateCrit SC_CreateCrit#undef GetProcAddressA#define GetProcAddressA SC_GetProcAddressA#undef GetProcAddressW#define GetProcAddressW SC_GetProcAddressW#undef CreateProcessW#define CreateProcessW SC_CreateProc#undef WaitForMultipleObjects#define WaitForMultipleObjects SC_WaitForMultiple#undef CreateEventW#define CreateEventW SC_CreateEvent#undef EventModify#define EventModify SC_EventModify#undef Sleep#define Sleep SC_Sleep#undef THGrow#define THGrow SC_THGrow#undef SuspendThread#define SuspendThread SC_ThreadSuspend#undef SetHandleOwner#define SetHandleOwner SC_SetHandleOwner#define SetEvent(h) EventModify(h,EVENT_SET)#define ResetEvent(h) EventModify(h,EVENT_RESET)#define PulseEvent(h) EventModify(h, EVENT_PULSE)#undef SetLastError#define SetLastError(err) (pCurThread->dwLastError = err)#undef GetLastError#define GetLastError() (pCurThread->dwLastError)#undef CacheSync#define CacheSync SC_CacheSync#undef GetModuleFileName#define GetModuleFileName SC_GetModuleFileNameW#undef LoadLibraryEx#define LoadLibraryEx SC_LoadLibraryExW#undef FreeLibrary#define FreeLibrary SC_FreeLibrary#undef NKTerminateThread#define NKTerminateThread SC_NKTerminateThread#undef PerformCallBack4#define PerformCallBack4 SC_PerformCallBack4#undef RegCloseKey#define RegCloseKey SC_RegCloseKey#undef CreateFileW#define CreateFileW SC_CreateFileW#undef ReadFile#define ReadFile SC_ReadFile#undef ReadFileWithSeek#define ReadFileWithSeek SC_ReadFileWithSeek#undef WriteFileWithSeek#define WriteFileWithSeek SC_WriteFileWithSeek#undef RegOpenKeyExW#define RegOpenKeyExW SC_RegOpenKeyExW#undef RegQueryValueExW#define RegQueryValueExW SC_RegQueryValueExW#undef RegEnumValueW#define RegEnumValueW PRIV_WIN32_FS_CALL(LONG, 21, (HKEY hKey, DWORD dwIndex, LPWSTR lpValueName, LPDWORD lpcbValueName, LPDWORD lpReserved, LPDWORD lpType, LPBYTE lpData, LPDWORD lpcbData))#undef CeOidGetInfoEx#define CeOidGetInfoEx PRIV_WIN32_FS_CALL(BOOL, 12, (PCEGUID pguid, CEOID oid, CEOIDINFO *oidInfo))#undef FindFirstFileW#define FindFirstFileW PRIV_WIN32_FS_CALL(HANDLE, 8, (LPCWSTR lpFileName, LPWIN32_FIND_DATAW lpFindFileData))#undef GetFileInformationByHandle#define GetFileInformationByHandle PRIV_WIN32_FILE_CALL(DWORD, 6, (HANDLE hFile, LPBY_HANDLE_FILE_INFORMATION lpFileInformation))#undef FlushFileBuffers#define FlushFileBuffers PRIV_WIN32_FILE_CALL(BOOL, 7, (HANDLE hFile))#undef WriteFile#define WriteFile PRIV_WIN32_FILE_CALL(BOOL, 3, (HANDLE hFile, LPCVOID lpBuffer, DWORD nNumberOfBytesToWrite, LPDWORD lpNumberOfBytesWritten, LPOVERLAPPED lpOverlapped))#undef SetFilePointer#define SetFilePointer PRIV_WIN32_FILE_CALL(DWORD, 5, (HANDLE hFile, LONG lDistanceToMove, PLONG lpDistanceToMoveHigh, DWORD dwMoveMethod))#undef SetEndOfFile#define SetEndOfFile PRIV_WIN32_FILE_CALL(BOOL, 10, (HANDLE hFile))#undef CreateDirectoryW#define CreateDirectoryW PRIV_WIN32_FS_CALL(BOOL, 2, (LPCWSTR lpPathName, LPSECURITY_ATTRIBUTES lpSecurityAttributes))#endif/* Kernel zones */extern DBGPARAM dpCurSettings;#define ZONE_SCHEDULE DEBUGZONE(0) /* 0x0001 */#define ZONE_MEMORY DEBUGZONE(1) /* 0x0002 */#define ZONE_OBJDISP DEBUGZONE(2) /* 0x0004 */#define ZONE_DEBUGGER DEBUGZONE(3) /* 0x0008 */#define ZONE_NEXTTHREAD DEBUGZONE(4) /* 0x0010 */#define ZONE_LOADER1 DEBUGZONE(5) /* 0x0020 */#define ZONE_VIRTMEM DEBUGZONE(6) /* 0x0040 */#define ZONE_LOADER2 DEBUGZONE(7) /* 0x0080 */#define ZONE_DEBUG DEBUGZONE(8) /* 0x0100 */#define ZONE_GETINFO DEBUGZONE(9) /* 0x0200 */#define ZONE_PHYSMEM DEBUGZONE(10) /* 0x0400 */#define ZONE_SEH DEBUGZONE(11) /* 0x0800 */#define ZONE_OPENEXE DEBUGZONE(12) /* 0x1000 */#define ZONE_MEMTRACKER DEBUGZONE(13) /* 0x2000 */#define ZONE_PAGING DEBUGZONE(14) /* 0x4000 */#define ZONE_ENTRY DEBUGZONE(15) /* 0x8000 *//* Kernel Debugger interfaces */extern BOOLEAN (*PKDInit)(LPVOID *, LPVOID *, LPVOID *, LPVOID, LPVOID *, LPVOID *);extern ULONG (*KDTrap)( IN PEXCEPTION_RECORD ExceptionRecord, IN CONTEXT *ContextRecord, IN BOOLEAN SecondChance);extern BOOLEAN (*KDPrintString)(IN LPCWSTR Output);extern void (*KDUpdateSymbols)(DWORD dwAddr, BOOL bUnload);extern BOOL ReadyForStrings;BOOLEAN NKDispatchException(PTHREAD pth, PEXCEPTION_RECORD ExceptionRecord, PCONTEXT ContextRecord);PVOID DbgVerify(PVOID pvAddr, int option);#define DV_PROBE 0 // probe address for read access#define DV_MODIFY 1 // probe address for write access#define DV_SETBP 2 // prepare address for breakpoint (lock if necessary)#define DV_CLEARBP 3 // undo break breakpoint (unlock)#ifndef COREDLLtypedef struct kernptr_t { void (* OEMClearDebugCommError)(void); void (* OEMWriteDebugByte)(unsigned char ch); int (* OEMReadDebugByte)(void); PVOID (* DbgVerify)(PVOID pvAddr, int flags); PFNVOID (* DBG_CallCheck)(PTHREAD pth, DWORD dwJumpAddress); void (* OEMWriteOtherDebugString)(unsigned char * ch); struct KDataStruct *pKData;#if defined(SHx) || defined(x86) void (* FlushCache)(void);#else void (* FlushDCache)(void); void (* FlushICache)(void);#endif#if defined(MIPS_HAS_FPU) || defined(SH4) void (* FPUFlushContext)(void);#endif} kerndata_t;#endif//// Useful//#define ARRAY_SIZE(x) (sizeof(x) / sizeof(x[0]))#define LAST_ELEMENT(x) (&x[ARRAY_SIZE(x)-1])#define CCHSIZEOF(sz) (sizeof(sz)/sizeof(TCHAR))DWORD WireBuffer(LPBYTE buf, DWORD len);#define UnWireBuffer(buf,len) (0)#define PageFreeCount ((long)KInfoTable[KINX_PAGEFREE])int rRegGet(DWORD hKey, CHAR *szName, LPDWORD lpdwType, LPBYTE lpbData, LPDWORD lpdwSize);int rRegOpen(DWORD hKey, CHAR *szName, LPDWORD lphKey);int rRegClose(DWORD hKey);int rRegEnum(DWORD hKey, DWORD dwIndex, LPBYTE lpbData, LPDWORD lpdwSize);// DList - double linked list//// WARNING: The double list routine are NOT preemtion safe. The list must// be protected with a critical section or the functions should be invoked// via KCall().typedef struct _DList DList;struct _DList { DList *fwd; DList *back;};// Insert an item into a double linked listvoid AddToDList(DList *head, DList *item);// Remove an item from a double linked listvoid RemoveDList(DList *item);// REFINFO - reference info for Handle Data.typedef struct FULLREF { ushort usRefs[MAX_PROCESSES];} FULLREF;typedef union REFINFO { ulong count; FULLREF *pFr;} REFINFO;// HDATA - handle data structuretypedef struct _HDATA HDATA, *PHDATA;struct _HDATA { DList linkage; /* 00: links for active handle list */ HANDLE hValue; /* 08: Current value of handle (nonce) */ ACCESSLOCK lock; /* 0C: access information */ REFINFO ref; /* 10: reference information */ const CINFO *pci; /* 14: ptr to object class description structure */ PVOID pvObj; /* 18: ptr to object */ DWORD dwInfo; /* 1C: extra handle info */}; /* 20: sizeof(HDATA) */#define HANDLE_ADDRESS_MASK 0x1ffffffcHANDLE AllocHandle(const CINFO *pci, PVOID pvObj, PPROCESS pprc);BOOL FreeHandle(HANDLE h);PHDATA HandleToPointer(HANDLE h);#define PointerToHandle(phd) ((phd)->hValue)int GetRef(HANDLE h, PPROCESS pprc);// Returns FALSE if handle not valid or refcnt==0.BOOL IncRef(HANDLE h, PPROCESS pprc);// Returns TRUE if all references removed.BOOL DecRef(HANDLE h, PPROCESS pprc, BOOL fAll);// Returns 0 if handle is not valid.DWORD GetUserInfo(HANDLE h);// Returns FALSE if handle is not valid.BOOL SetUserInfo(HANDLE h, DWORD info);// Returns NULL if handle is not valid.PVOID GetObjectPtr(HANDLE h);// Returns NULL if handle is not valid or not correct type.PVOID GetObjectPtrByType(HANDLE h, int type);// Returns NULL if handle is not valid or not correct type or wrong permissionsPVOID GetObjectPtrByTypePermissioned(HANDLE h, int type);// Returns FALSE if handle is not valid.BOOL SetObjectPtr(HANDLE h, PVOID pvObj);// Returns 0 if handle is not valid.int GetHandleType(HANDLE h);// Force a reschedule when KCall returns.#define SetReschedule() (KCResched = 1)// Call a function in non-preemtible kernel mode.// Returns the return value from the function.typedef int (*PKFN)();int KCall(PKFN pfn, ...);#define HandleToThread(h) ((THREAD *)GetObjectPtrByType((h),SH_CURTHREAD))#define HandleToThreadPerm(h) ((THREAD *)GetObjectPtrByTypePermissioned((h),SH_CURTHREAD))#define HandleToProc(h) ((PROCESS *)GetObjectPtrByType((h),SH_CURPROC))#define HandleToEvent(h) ((EVENT *)GetObjectPtrByType((h),HT_EVENT))#define HandleToEventPerm(h) ((EVENT *)GetObjectPtrByTypePermissioned((h),HT_EVENT))#define HandleToMutex(h) ((MUTEX *)GetObjectPtrByType((h),HT_MUTEX))#define HandleToMutexPerm(h) ((MUTEX *)GetObjectPtrByTypePermissioned((h),HT_MUTEX))#define HandleToMap(h) ((FSMAP *)GetObjectPtrByType((h),HT_FSMAP))#define HandleToMapPerm(h) ((FSMAP *)GetObjectPtrByTypePermissioned((h),HT_FSMAP))#define HandleToAPISet(h) ((APISET *)GetObjectPtrByType((h),HT_APISET))#define HandleToAPISetPerm(h) ((APISET *)GetObjectPtrByTypePermissioned((h),HT_APISET))#define HandleToSem(h) ((SEMAPHORE *)GetObjectPtrByType((h),HT_SEMAPHORE))// Test if a value is a handle or a pointer.// NOTE: NULL is considered to be a pointer.#define IsHandle(v) (((int)(v) & 0x02) != 0)#include "heap.h"#define MAX_KCALL_PROFILE 76#define CELOG_KCALL_ID 75#include "celognk.h"#if defined(KCALL_PROFILE)typedef struct KPRF_t { DWORD hits; DWORD max; DWORD min; DWORD total; DWORD tmp;} KPRF_t;extern KPRF_t KPRFInfo[MAX_KCALL_PROFILE];#ifdef NKPROFextern BOOL bProfileKCall;#endif_inline void KCALLPROFON(int IND) { LARGE_INTEGER liPerf;#ifdef NKPROF if (bProfileKCall) {#endif DEBUGCHK(InSysCall()); DEBUGCHK(!KPRFInfo[IND].tmp); DEBUGCHK(IND<MAX_KCALL_PROFILE); SC_QueryPerformanceCounter(&liPerf); KPRFInfo[IND].tmp = liPerf.LowPart;#ifdef NKPROF } CELOG_KCallEnter(IND);#endif}_inline void KCALLPROFOFF(int IND) { LARGE_INTEGER liPerf; DWORD t2;#ifdef NKPROF if (bProfileKCall) {#endif DEBUGCHK(InSysCall()); DEBUGCHK(KPRFInfo[IND].tmp); DEBUGCHK(IND<MAX_KCALL_PROFILE); SC_QueryPerformanceCounter(&liPerf); t2 = liPerf.LowPart - KPRFInfo[IND].tmp; KPRFInfo[IND].tmp = 0; if (t2 > KPRFInfo[IND].max) KPRFInfo[IND].max = t2; if (t2 && (!KPRFInfo[IND].min || (t2 < KPRFInfo[IND].min))) KPRFInfo[IND].min = t2; KPRFInfo[IND].total += t2; KPRFInfo[IND].hits++;#ifdef NKPROF } CELOG_KCallLeave(IND);#endif}#else#define KCALLPROFON(IND) 0#define KCALLPROFOFF(IND) 0#endif#ifdef IN_KERNEL // if we are in the kernel#ifndef SHIP_BUILD // if not SHIP_BUILD#ifdef DEBUG // and is DEBUG#ifdef DBGCHK // if this is already defined#undef DBGCHK // then undef it#endif // DBGCHK#define DBGCHK(module,exp) \ ((void)((exp)?1:( \ NKDbgPrintfW ( TEXT("%s: DEBUGCHK failed in file %s at line %d \r\n"), \ (LPWSTR)module, TEXT(__FILE__) ,__LINE__ ), \ ((InDebugger)?1:(DebugBreak())), \ 0 \ )))#endif // DEBUG#endif // SHIP_BUILD#endif // IN_KERNEL#endif⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -