softice.h

ICEExt for Driver Studio3.2的sourcecode

#ifndef __SOFTICE_H__
#define __SOFTICE_H__

#ifdef  __SOFTICE_C__
#define EXPORT
#define INIT  =0
#else
#define EXPORT       extern
#define INIT
#define FINIT
#endif

#include "wdbgexts.h"

extern WINDBG_EXTENSION_APIS  ExtensionApis;

EXPORT struct SiRegs
{
   DWORD EAX, EBX, ECX, EDX, ESI, EDI, EBP, ESP, EIP,
         EFLAGS;
   DWORD CS, DS, SS, ES, FS, GS;
   DWORD CR2, CR3;
} *ClientRegs;

extern ULONG          si_InitCompleted; // flag indicating initialization was
                                        // successful

//////////////////////////////////////////////////////////////////////////////
//                                Constants
//////////////////////////////////////////////////////////////////////////////

//    ********    Break Reason ********
#define BREAK_HOTKEY                   0x10000
#define BREAK_EMBEDDED_INT1            0x10001
#define BREAK_EMBEDDED_INT3            0x10002
#define BREAK_G                        0x10003
#define BREAK_SYMBOL_LOADER            0x10004
#define BREAK_DEBUG_KEYBOARD_REQUEST   0x10005
#define BREAK_NMI                      0x10006 // Non-maskable interrupt
#define BREAK_HOTKEY_2                 0x10007 // not used?
#define BREAK_WINDOWS_REQUESTED_BP     0x10008
#define BREAK_UNHANDLED_EXCEPTION      0x10009
#define BREAK_INVALID_OPCODE_FAULT     0x1000A
#define BREAK_STACK_FAULT              0x1000B
#define BREAK_GPF                      0x1000C // General Protection Fault
#define BREAK_PAGE_FAULT               0x1000D
#define BREAK_VOID                     0x1000E // No break reason message

//////////////////////////////////////////////////////////////////////////////
//                                Types
//////////////////////////////////////////////////////////////////////////////
typedef struct SI_FONT 
{
    ULONG      Height;
    ULONG      Width;
    PVOID      Body;
} SI_FONT; 

//////////////////////////////////////////////////////////////////////////////
//                                Variables
//////////////////////////////////////////////////////////////////////////////

EXPORT ULONG          si_IceVersion;    // SoftICE version
EXPORT ULONG          si_IceBuild;      // SoftICE build number

// Address of SI MZ-header in memory
EXPORT ULONG          si_IceBase INIT;

// Start of SI CODE section in memory (I assume that it is a 1st section it its
EXPORT PUCHAR         si_CodeBase INIT;
EXPORT ULONG          si_CodeSize INIT; // Its size

// Start of DATA section (2nd)
EXPORT PUCHAR         si_DataBase INIT;
EXPORT ULONG          si_DataSize INIT;

// Pointer to screen buffer, Width, Height inside SI DATA section
EXPORT PULONG         si_Screen INIT;
EXPORT PUCHAR         si_Width  INIT;
EXPORT PUCHAR         si_Height INIT;

// CodeFlags. Defines some segment properties
EXPORT PUCHAR         si_CodeFlags INIT;

// Current and popup context
EXPORT PULONG        si_CurrentContext INIT;
EXPORT PULONG        si_PopupContext   INIT;

// Memory to save registers while executing PAGEIN command
EXPORT SiRegs        *si_PageinTempRegz INIT;

// Address of INT3 command in pagein stub code
EXPORT PULONG        si_oPageinINT3    INIT;

// Flag for SI INT3 handler. If 1 - pagein command is executing
EXPORT PULONG        si_Pagein_InProgress INIT;

// Break Reason
EXPORT PULONG        si_BreakReason INIT;          // Contains softice popup reason

// ExecuteMoreCommands
EXPORT PUCHAR        si_ExecuteMoreCommands INIT;  // If true, SoftICE will exit NTIceMain
                                                   // immediatly after current command ends

EXPORT PUCHAR        si_TraceFlag        INIT;     // Trace flag

EXPORT PUCHAR        si_NormCharColor    INIT;     // Normal char color
EXPORT PUCHAR        si_ReverseCharColor INIT;     // Reversed char color
                                                  
EXPORT PULONG        si_OldIntTable      INIT;     // points to  array of dwords
                                                   // each entry = old interrupt

EXPORT SI_FONT       **si_Fonts           INIT;    // array of pointers to 
                                                   // si_FONT structures

EXPORT PULONG        si_CurFontIdx        INIT;    // index of the current font
                                                   // in fonts array

EXPORT PUCHAR        si_DumpFilter        INIT;    // pointer to dump window
                                                   // character filter code
                                                   // inside softice

EXPORT PULONG        si_MSR_LAST_BRANCH_0 INIT;    // points to last branch info
EXPORT PULONG        si_MSR_LAST_BRANCH_1 INIT;    // recorded by SoftICE

EXPORT PUCHAR        si_IceIsActive       INIT;    // nonzero is SoftICE is activated

EXPORT PUCHAR        si_BangFuncsArray    INIT;    // array of exported KDE function 
                                                   // names and addresses

EXPORT PULONG        si_KDEFuncNum        INIT;    // number of exported KDE functions 
                                                   // in SoftICE internal array
EXPORT PULONG        si_QueueMacroExec    INIT;
EXPORT PULONG        si_fMacroQueued      INIT;

EXPORT PUCHAR        si_Patch_DE_JZ       INIT;    // pointer to JZ opcode that
                                                   // controls CR4 DE bit patching by SoftICE

//////////////////////////////////////////////////////////////////////////////
//          Pointers to the functions in SoftIce body.
//////////////////////////////////////////////////////////////////////////////
EXPORT UCHAR (*si_GetChar)();              // Read one key
EXPORT UCHAR (*si_KbHit)();                // Peek one key from keybuffer without
                                           // removing it. Returns 0 if no keys were pressed

EXPORT VOID (*si_UpdateScreen)(VOID);      // Redraw screen after modifying VMem

EXPORT VOID (*si_CallVideoDriver_1)(VOID); // call video driver 1 ? 

EXPORT VOID (*si_MoveCursor)(LONG, LONG);    // Mov cursor pos

EXPORT LONG (*si_Expression2Integer)(PCHAR expr); // Calculate expression
                                                  // ("?" command in SoftICE)

EXPORT LONG (*si_ExecuteMacro)(PCHAR expr);       // Exec SoftIce macro

EXPORT VOID (*si_NTIce)(VOID);         // Enters the SoftIce and traces null_sub.
                                       // Usually called at SoftIce start

EXPORT VOID (*si_NTIceMain)(ULONG);    // Enters the SoftIce and traces given
                                       // virutal address                                       

EXPORT VOID (*si_PrintChar)(VOID);     // Prints character
                                       // Asm-like parameters
                                       // ONLY for use in cmd_tetris.cpp

EXPORT VOID (*si_DelayMilliSec)(VOID); // Delay EAX milliseconds
                                       // Asm-like parameters
                                       // EAX = number of milliseconds to delay

EXPORT LONG (*si_ReadFromKbdBuffer_char)(VOID); // Reads one char from keyboard buffer
                                                // character is removed from keyb-buffer
                                                // returns zero if buffer is empty

EXPORT VOID (*si_WriteToKbdBuffer_char)(VOID);  // Whites one character to
                                                // keyboard buffer

EXPORT VOID (*si_EmptyKbdBuffer)(VOID);// Empies keyboard buffer

EXPORT VOID (*si_ActivateBPs)(VOID);   // Activates breakpoints on SoftICE exit
EXPORT VOID (*si_DeactivateBPs)(VOID); // Deactivates breakpoints on SoftICE entry

EXPORT VOID (*si_ShowBreakReason)(VOID); // Shows break reason on SoftICE popup

EXPORT VOID (*si_SetCursorShape)(VOID);  // Sets cursor shape
                                         // Asm-like params
                                         // al = 0 - shape 1
                                         // al = 1 - shape 2

EXPORT VOID (*si_CallVideoDriver)(VOID);     // call siwvid func
EXPORT VOID (*si_CallVideoDriver_1x)(VOID);  // call video driver func 1

EXPORT VOID (*si_SaveClientRegisters)(VOID);// Saves client registers. Use it 
                                            // before call to si_NTIceMain

EXPORT VOID (*si_SayESI)(VOID);        // prints string
                                       // Asm-like params
                                       // ESI = string to print

EXPORT VOID (*si_SayESIpause)(VOID);   // prints string with pause between screens
                                       // Asm-like params
                                       // ESI = string to print
                                       // BH  = color

EXPORT ULONG (*si_GetCurrentIRQLLevel)(VOID); // Returns current IRQL level

EXPORT VOID (*si_SetFont)(const SI_FONT *);  // set screen font

EXPORT VOID (*si_ActivateHooks)(VOID);   // Activate system functions hooks via int3

EXPORT VOID (*si_DeActivateHooks)(VOID); // Deactivate system functions hooks via int3

EXPORT VOID (*si_RecordLastBranchInfo)(VOID);    // Records Last branch info
                                                 // and enables LBR bit in IA32_DEBUGCTL 
                                           
EXPORT VOID (*si_LoadKDE)(ULONG ModuleBase);     // Loads Kernel debugger extension into
                                                 // SoftICE

EXPORT VOID (*si_EnableIRQ)(VOID);               // Enables specified IRQ
EXPORT VOID (*si_IRQ2INT)(VOID);                 // IRQ -> INT converter
EXPORT VOID (*si_SendSpecificEOI)(VOID);         // Send End of Interrupt message
EXPORT VOID (*si_INT_0E_Handler)(VOID);          // Invalid Opcode interrupt handler

EXPORT ULONG   (*si_ProcessIF)(PCHAR args);             
EXPORT VOID    (*si_ClearCompiledIF)(ULONG CompiledIF);
EXPORT BOOLEAN (*si_CheckCondition) (ULONG CompiledIF);

//////////////////////////////////////////////////////////////////////////////
//                       Some helper functions
//////////////////////////////////////////////////////////////////////////////
BOOLEAN si_Exec(PCHAR Cmd, OPTIONAL BOOLEAN bHideInput = TRUE); // Execute SoftICE command

EXPORT VOID si_PutToKbdBufferChar(CONST CHAR ch); // C-like interface to 
                                                  // si_WriteToKbdBufferChar
                                                  // Puts one byte into keyboard 
                                                  // buffer

EXPORT VOID si_InstallDumpFilter(PVOID MyDumpFilter); // Installs my own dump window character 
                                                      // filter. So that SoftICE will
                                                      // display russian symbols in dump.

EXPORT VOID si_RemoveDumpFilter(VOID);                // Removes my own dump window character 
                                                      // filter.

VOID si_FixChkStkBug(VOID); // SoftICE has a bug in __chkstk implementation that leads to BSOD if KDE 
                            // calls this function. Fix bug, so that my MP3 decoder can work correctly 

VOID si_ClearBangFuncsArray( VOID ); // Deletes all entries in the BangFuncArray pointing into IceExt driver
                                     // Should be called prior to unloading IceExt. 

//////////////////////////////////////////////////////////////////////////////
//                         Some internal pointers
//////////////////////////////////////////////////////////////////////////////
typedef VOID (*SoftIceFunc)();

EXPORT PCHAR si_CommandLine    INIT;  // Pointer to SoftICE command line buffer
EXPORT SoftIceFunc *si_IceCall INIT;  // Pointer to internal SoftICE func table
EXPORT PCHAR si_IceFuncNames   INIT;  // Pointer to table of SoftICE func names