📄 ex.h
字号:
#ifndef __NTOSKRNL_INCLUDE_INTERNAL_EXECUTIVE_H
#define __NTOSKRNL_INCLUDE_INTERNAL_EXECUTIVE_H
/* GLOBAL VARIABLES *********************************************************/
extern TIME_ZONE_INFORMATION ExpTimeZoneInfo;
extern LARGE_INTEGER ExpTimeZoneBias;
extern ULONG ExpTimeZoneId;
extern ULONG ExpTickCountMultiplier;
extern ULONG ExpLastTimeZoneBias;
extern POBJECT_TYPE ExEventPairObjectType;
extern POBJECT_TYPE _ExEventObjectType, _ExSemaphoreObjectType;
extern ULONG NtBuildNumber;
extern ULONG NtMajorVersion;
extern ULONG NtMinorVersion;
extern FAST_MUTEX ExpEnvironmentLock;
extern ERESOURCE ExpFirmwareTableResource;
extern LIST_ENTRY ExpFirmwareTableProviderListHead;
extern BOOLEAN ExpIsWinPEMode;
ULONG ExpAnsiCodePageDataOffset, ExpOemCodePageDataOffset;
ULONG ExpUnicodeCaseTableDataOffset;
PVOID ExpNlsSectionPointer;
typedef struct _ETIMER
{
KTIMER KeTimer;
KAPC TimerApc;
KDPC TimerDpc;
LIST_ENTRY ActiveTimerListEntry;
KSPIN_LOCK Lock;
LONG Period;
BOOLEAN ApcAssociated;
BOOLEAN WakeTimer;
LIST_ENTRY WakeTimerListEntry;
} ETIMER, *PETIMER;
#define MAX_FAST_REFS 7
#define EX_OBJ_TO_HDR(eob) ((POBJECT_HEADER)((ULONG_PTR)(eob) & \
~(EX_HANDLE_ENTRY_PROTECTFROMCLOSE | EX_HANDLE_ENTRY_INHERITABLE | \
EX_HANDLE_ENTRY_AUDITONCLOSE)))
#define EX_HTE_TO_HDR(hte) ((POBJECT_HEADER)((ULONG_PTR)((hte)->Object) & \
~(EX_HANDLE_ENTRY_PROTECTFROMCLOSE | EX_HANDLE_ENTRY_INHERITABLE | \
EX_HANDLE_ENTRY_AUDITONCLOSE)))
/* Note: we only use a spinlock on SMP. On UP, we cli/sti intead */
#ifndef CONFIG_SMP
#define ExAcquireResourceLock(l, i) { \
(void)i; \
_disable(); \
}
#define ExReleaseResourceLock(l, i) _enable();
#else
#define ExAcquireResourceLock(l, i) KeAcquireSpinLock(l, i);
#define ExReleaseResourceLock(l, i) KeReleaseSpinLock(l, i);
#endif
#define ExAcquireRundownProtection _ExAcquireRundownProtection
#define ExReleaseRundownProtection _ExReleaseRundownProtection
#define ExInitializeRundownProtection _ExInitializeRundownProtection
#define ExWaitForRundownProtectionRelease _ExWaitForRundownProtectionRelease
#define ExRundownCompleted _ExRundownCompleted
#define ExGetPreviousMode KeGetPreviousMode
//
// Detect GCC 4.1.2+
//
#if (__GNUC__ * 10000 + __GNUC_MINOR__ * 100 + __GNUC_PATCHLEVEL__) < 40102
//
// Broken GCC with Alignment Bug. We'll do alignment ourselves at higher cost.
//
#define DEFINE_WAIT_BLOCK(x) \
struct _AlignHack \
{ \
UCHAR Hack[15]; \
EX_PUSH_LOCK_WAIT_BLOCK UnalignedBlock; \
} WaitBlockBuffer; \
PEX_PUSH_LOCK_WAIT_BLOCK x = (PEX_PUSH_LOCK_WAIT_BLOCK) \
((ULONG_PTR)&WaitBlockBuffer.UnalignedBlock &~ 0xF);
#else
//
// This is only for compatibility; the compiler will optimize the extra
// local variable (the actual pointer) away, so we don't take any perf hit
// by doing this.
//
#define DEFINE_WAIT_BLOCK(x) \
EX_PUSH_LOCK_WAIT_BLOCK WaitBlockBuffer; \
PEX_PUSH_LOCK_WAIT_BLOCK x = &WaitBlockBuffer;
#endif
/* INITIALIZATION FUNCTIONS *************************************************/
VOID
NTAPI
ExpWin32kInit(VOID);
VOID
NTAPI
ExInit2(VOID);
VOID
NTAPI
ExPhase2Init(
IN PVOID Context
);
VOID
NTAPI
ExpInitializePushLocks(VOID);
BOOLEAN
NTAPI
ExRefreshTimeZoneInformation(
IN PLARGE_INTEGER SystemBootTime
);
VOID
NTAPI
ExpInitializeWorkerThreads(VOID);
VOID
NTAPI
ExpInitLookasideLists(VOID);
VOID
NTAPI
ExInitializeSystemLookasideList(
IN PGENERAL_LOOKASIDE List,
IN POOL_TYPE Type,
IN ULONG Size,
IN ULONG Tag,
IN USHORT MaximumDepth,
IN PLIST_ENTRY ListHead
);
VOID
NTAPI
ExpInitializeCallbacks(VOID);
VOID
NTAPI
ExpInitUuids(VOID);
VOID
NTAPI
ExpInitializeExecutive(
IN ULONG Cpu,
IN PLOADER_PARAMETER_BLOCK LoaderBlock
);
VOID
NTAPI
ExpInitializeEventImplementation(VOID);
VOID
NTAPI
ExpInitializeEventImplementation(VOID);
VOID
NTAPI
ExpInitializeEventPairImplementation(VOID);
VOID
NTAPI
ExpInitializeSemaphoreImplementation(VOID);
VOID
NTAPI
ExpInitializeMutantImplementation(VOID);
VOID
NTAPI
ExpInitializeTimerImplementation(VOID);
VOID
NTAPI
ExpInitializeProfileImplementation(VOID);
VOID
NTAPI
ExpResourceInitialization(VOID);
VOID
NTAPI
ExInitPoolLookasidePointers(VOID);
/* Callback Functions ********************************************************/
VOID
NTAPI
ExInitializeCallBack(
IN PEX_CALLBACK Callback
);
/* Rundown Functions ********************************************************/
VOID
FASTCALL
ExfInitializeRundownProtection(
OUT PEX_RUNDOWN_REF RunRef
);
VOID
FASTCALL
ExfReInitializeRundownProtection(
OUT PEX_RUNDOWN_REF RunRef
);
BOOLEAN
FASTCALL
ExfAcquireRundownProtection(
IN OUT PEX_RUNDOWN_REF RunRef
);
BOOLEAN
FASTCALL
ExfAcquireRundownProtectionEx(
IN OUT PEX_RUNDOWN_REF RunRef,
IN ULONG Count
);
VOID
FASTCALL
ExfReleaseRundownProtection(
IN OUT PEX_RUNDOWN_REF RunRef
);
VOID
FASTCALL
ExfReleaseRundownProtectionEx(
IN OUT PEX_RUNDOWN_REF RunRef,
IN ULONG Count
);
VOID
FASTCALL
ExfRundownCompleted(
OUT PEX_RUNDOWN_REF RunRef
);
VOID
FASTCALL
ExfWaitForRundownProtectionRelease(
IN OUT PEX_RUNDOWN_REF RunRef
);
/* HANDLE TABLE FUNCTIONS ***************************************************/
#define EX_HANDLE_ENTRY_LOCKED (1 << ((sizeof(PVOID) * 8) - 1))
#define EX_HANDLE_ENTRY_PROTECTFROMCLOSE (1 << 0)
#define EX_HANDLE_ENTRY_INHERITABLE (1 << 1)
#define EX_HANDLE_ENTRY_AUDITONCLOSE (1 << 2)
#define EX_HANDLE_TABLE_CLOSING 0x1
#define EX_HANDLE_ENTRY_FLAGSMASK (EX_HANDLE_ENTRY_LOCKED | \
EX_HANDLE_ENTRY_PROTECTFROMCLOSE | \
EX_HANDLE_ENTRY_INHERITABLE | \
EX_HANDLE_ENTRY_AUDITONCLOSE)
typedef VOID (NTAPI PEX_SWEEP_HANDLE_CALLBACK)(
PHANDLE_TABLE_ENTRY HandleTableEntry,
HANDLE Handle,
PVOID Context
);
typedef BOOLEAN (NTAPI PEX_DUPLICATE_HANDLE_CALLBACK)(
PHANDLE_TABLE HandleTable,
PHANDLE_TABLE_ENTRY HandleTableEntry,
PVOID Context
);
typedef BOOLEAN (NTAPI PEX_CHANGE_HANDLE_CALLBACK)(
PHANDLE_TABLE HandleTable,
PHANDLE_TABLE_ENTRY HandleTableEntry,
PVOID Context
);
VOID
ExpInitializeHandleTables(VOID);
PHANDLE_TABLE
ExCreateHandleTable(IN PEPROCESS QuotaProcess OPTIONAL);
VOID
ExDestroyHandleTable(
IN PHANDLE_TABLE HandleTable
);
VOID
ExSweepHandleTable(
IN PHANDLE_TABLE HandleTable,
IN PEX_SWEEP_HANDLE_CALLBACK SweepHandleCallback OPTIONAL,
IN PVOID Context OPTIONAL
);
PHANDLE_TABLE
ExDupHandleTable(
IN PEPROCESS QuotaProcess OPTIONAL,
IN PEX_DUPLICATE_HANDLE_CALLBACK DuplicateHandleCallback OPTIONAL,
IN PVOID Context OPTIONAL,
IN PHANDLE_TABLE SourceHandleTable
);
BOOLEAN
ExLockHandleTableEntry(
IN PHANDLE_TABLE HandleTable,
IN PHANDLE_TABLE_ENTRY Entry
);
VOID
ExUnlockHandleTableEntry(
IN PHANDLE_TABLE HandleTable,
IN PHANDLE_TABLE_ENTRY Entry
);
HANDLE
ExCreateHandle(
IN PHANDLE_TABLE HandleTable,
IN PHANDLE_TABLE_ENTRY Entry
);
BOOLEAN
ExDestroyHandle(
IN PHANDLE_TABLE HandleTable,
IN HANDLE Handle
);
VOID
ExDestroyHandleByEntry(
IN PHANDLE_TABLE HandleTable,
IN PHANDLE_TABLE_ENTRY Entry,
IN HANDLE Handle
);
PHANDLE_TABLE_ENTRY
ExMapHandleToPointer(
IN PHANDLE_TABLE HandleTable,
IN HANDLE Handle
);
BOOLEAN
ExChangeHandle(
IN PHANDLE_TABLE HandleTable,
IN HANDLE Handle,
IN PEX_CHANGE_HANDLE_CALLBACK ChangeHandleCallback,
IN PVOID Context
);
/* PSEH EXCEPTION HANDLING **************************************************/
LONG
NTAPI
ExSystemExceptionFilter(VOID);
static __inline _SEH_FILTER(_SEH_ExSystemExceptionFilter)
{
return ExSystemExceptionFilter();
}
/* RUNDOWN *******************************************************************/
#ifdef _WIN64
#define ExpChangeRundown(x, y, z) InterlockedCompareExchange64((PLONGLONG)x, y, z)
#define ExpSetRundown(x, y) InterlockedExchange64((PLONGLONG)x, y)
#else
#define ExpChangeRundown(x, y, z) InterlockedCompareExchange((PLONG)x, PtrToLong(y), PtrToLong(z))
#define ExpChangePushlock(x, y, z) LongToPtr(InterlockedCompareExchange((PLONG)x, PtrToLong(y), PtrToLong(z)))
#define ExpSetRundown(x, y) InterlockedExchange((PLONG)x, y)
#endif
/*++
* @name ExfAcquireRundownProtection
* INTERNAL MACRO
*
* The ExfAcquireRundownProtection routine acquires rundown protection for
* the specified descriptor.
*
* @param RunRef
* Pointer to a rundown reference descriptor.
*
* @return TRUE if access to the protected structure was granted, FALSE otherwise.
*
* @remarks This is the internal macro for system use only.In case the rundown
* was active, then the slow-path will be called through the exported
* function.
*
*--*/
BOOLEAN
FORCEINLINE
_ExAcquireRundownProtection(IN PEX_RUNDOWN_REF RunRef)
{
ULONG_PTR Value, NewValue;
/* Get the current value and mask the active bit */
Value = RunRef->Count &~ EX_RUNDOWN_ACTIVE;
/* Add a reference */
NewValue = Value + EX_RUNDOWN_COUNT_INC;
/* Change the value */
NewValue = ExpChangeRundown(RunRef, NewValue, Value);
if (NewValue != Value)
{
/* Rundown was active, use long path */
return ExfAcquireRundownProtection(RunRef);
}
/* Success */
return TRUE;
}
/*++
* @name ExReleaseRundownProtection
* INTERNAL MACRO
*
* The ExReleaseRundownProtection routine releases rundown protection for
* the specified descriptor.
*
* @param RunRef
* Pointer to a rundown reference descriptor.
*
* @return TRUE if access to the protected structure was granted, FALSE otherwise.
*
* @remarks This is the internal macro for system use only.In case the rundown
* was active, then the slow-path will be called through the exported
* function.
*
*--*/
VOID
FORCEINLINE
_ExReleaseRundownProtection(IN PEX_RUNDOWN_REF RunRef)
{
ULONG_PTR Value, NewValue;
/* Get the current value and mask the active bit */
Value = RunRef->Count &~ EX_RUNDOWN_ACTIVE;
/* Remove a reference */
NewValue = Value - EX_RUNDOWN_COUNT_INC;
/* Change the value */
NewValue = ExpChangeRundown(RunRef, NewValue, Value);
/* Check if the rundown was active */
if (NewValue != Value)
{
/* Rundown was active, use long path */
ExfReleaseRundownProtection(RunRef);
}
else
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -