📄 w2k_def.h
字号:
#define OEM_STRING_ sizeof (OEM_STRING)
// -----------------------------------------------------------------
typedef struct _UNICODE_STRING
{
/*000*/ WORD Length;
/*002*/ WORD MaximumLength;
/*004*/ PWORD Buffer;
/*008*/ }
UNICODE_STRING,
* PUNICODE_STRING,
**PPUNICODE_STRING;
#define UNICODE_STRING_ \
sizeof (UNICODE_STRING)
// =================================================================
// DISPATCHER OBJECTS
// =================================================================
typedef struct _DISPATCHER_HEADER
{
/*000*/ BYTE Type; // DISP_TYPE_*
/*001*/ BYTE Absolute;
/*002*/ BYTE Size; // number of DWORDs
/*003*/ BYTE Inserted;
/*004*/ LONG SignalState;
/*008*/ LIST_ENTRY WaitListHead;
/*010*/ }
DISPATCHER_HEADER,
* PDISPATCHER_HEADER,
**PPDISPATCHER_HEADER;
#define DISPATCHER_HEADER_ \
sizeof (DISPATCHER_HEADER)
// -----------------------------------------------------------------
typedef struct _KEVENT
{
/*000*/ DISPATCHER_HEADER Header; // DISP_TYPE_*_EVENT 0x00, 0x01
/*010*/ }
KEVENT,
* PKEVENT,
**PPKEVENT;
#define KEVENT_ \
sizeof (KEVENT)
// -----------------------------------------------------------------
typedef struct _KMUTANT
{
/*000*/ DISPATCHER_HEADER Header; // DISP_TYPE_MUTANT 0x02
/*010*/ LIST_ENTRY MutantListEntry;
/*018*/ struct _KTHREAD *OwnerThread;
/*01C*/ BOOLEAN Abandoned;
/*01D*/ BYTE ApcDisable;
/*020*/ }
KMUTANT, KMUTEX,
* PKMUTANT, * PKMUTEX,
**PPKMUTANT, **PPKMUTEX;
#define KMUTANT_ \
sizeof (KMUTANT)
#define KMUTEX_ \
sizeof (KMUTEX)
// -----------------------------------------------------------------
typedef struct _FAST_MUTEX
{
/*000*/ LONG Count;
/*004*/ struct _KTHREAD *Owner;
/*008*/ DWORD Contention;
/*00C*/ KEVENT Event;
/*01C*/ DWORD OldIrql;
/*020*/ }
FAST_MUTEX,
* PFAST_MUTEX,
**PPFAST_MUTEX;
#define FAST_MUTEX_ \
sizeof (FAST_MUTEX)
// -----------------------------------------------------------------
typedef struct _KSEMAPHORE
{
/*000*/ DISPATCHER_HEADER Header; // DISP_TYPE_SEMAPHORE 0x05
/*010*/ LONG Limit;
/*014*/ }
KSEMAPHORE,
* PKSEMAPHORE,
**PPKSEMAPHORE;
#define KSEMAPHORE_ \
sizeof (KSEMAPHORE)
// -----------------------------------------------------------------
typedef struct _KTIMER
{
/*000*/ DISPATCHER_HEADER Header; // DISP_TYPE_*_TIMER 0x08, 0x09
/*010*/ ULARGE_INTEGER DueTime;
/*018*/ LIST_ENTRY TimerListEntry;
/*020*/ struct _KDPC *Dpc;
/*024*/ LONG Period;
/*028*/ }
KTIMER,
* PKTIMER,
**PPKTIMER;
#define KTIMER_ \
sizeof (KTIMER)
// =================================================================
// I/O OBJECTS
// =================================================================
typedef struct _KAPC
{
/*000*/ SHORT Type; // IO_TYPE_APC 0x12
/*002*/ SHORT Size; // number of BYTEs
/*004*/ DWORD Spare0;
/*008*/ struct _KTHREAD *Thread;
/*00C*/ LIST_ENTRY ApcListEntry;
/*014*/ PKKERNEL_ROUTINE KernelRoutine; // KiSuspendNop
/*018*/ PKRUNDOWN_ROUTINE RundownRoutine;
/*01C*/ PKNORMAL_ROUTINE NormalRoutine; // KiSuspendThread
/*020*/ PVOID NormalContext;
/*024*/ PVOID SystemArgument1;
/*028*/ PVOID SystemArgument2;
/*02C*/ CHAR ApcStateIndex;
/*02D*/ KPROCESSOR_MODE ApcMode;
/*02E*/ BOOLEAN Inserted;
/*030*/ }
KAPC,
* PKAPC,
**PPKAPC;
#define KAPC_ \
sizeof (KAPC)
// -----------------------------------------------------------------
typedef struct _KDPC
{
/*000*/ SHORT Type; // IO_TYPE_DPC 0x13
/*002*/ BYTE Number;
/*003*/ BYTE Importance;
/*004*/ LIST_ENTRY DpcListEntry;
/*00C*/ PKDEFERRED_ROUTINE DeferredRoutine;
/*010*/ PVOID DeferredContext;
/*014*/ PVOID SystemArgument1;
/*018*/ PVOID SystemArgument2;
/*01C*/ PDWORD_PTR Lock;
/*020*/ }
KDPC,
* PKDPC,
**PPKDPC;
#define KDPC_ \
sizeof (KDPC)
// -----------------------------------------------------------------
typedef struct _KDEVICE_QUEUE
{
/*000*/ SHORT Type; // IO_TYPE_DEVICE_QUEUE 0x14
/*002*/ SHORT Size; // number of BYTEs
/*004*/ LIST_ENTRY DeviceListHead;
/*00C*/ KSPIN_LOCK Lock;
/*010*/ BOOLEAN Busy;
/*014*/ }
KDEVICE_QUEUE,
* PKDEVICE_QUEUE,
**PPKDEVICE_QUEUE;
#define KDEVICE_QUEUE_ \
sizeof (KDEVICE_QUEUE)
// -----------------------------------------------------------------
typedef struct _KDEVICE_QUEUE_ENTRY
{
/*000*/ LIST_ENTRY DeviceListEntry;
/*008*/ DWORD SortKey;
/*00C*/ BOOLEAN Inserted;
/*010*/ }
KDEVICE_QUEUE_ENTRY,
* PKDEVICE_QUEUE_ENTRY,
**PPKDEVICE_QUEUE_ENTRY;
#define KDEVICE_QUEUE_ENTRY_ \
sizeof (KDEVICE_QUEUE_ENTRY)
// -----------------------------------------------------------------
typedef struct _WAIT_CONTEXT_BLOCK
{
/*000*/ KDEVICE_QUEUE_ENTRY WaitQueueEntry;
/*010*/ PDRIVER_CONTROL DeviceRoutine;
/*014*/ PVOID DeviceContext;
/*018*/ DWORD NumberOfMapRegisters;
/*01C*/ PVOID DeviceObject;
/*020*/ PVOID CurrentIrp;
/*024*/ PKDPC BufferChainingDpc;
/*028*/ }
WAIT_CONTEXT_BLOCK,
* PWAIT_CONTEXT_BLOCK,
**PPWAIT_CONTEXT_BLOCK;
#define WAIT_CONTEXT_BLOCK_ \
sizeof (WAIT_CONTEXT_BLOCK)
// -----------------------------------------------------------------
#define MAXIMUM_VOLUME_LABEL 32
#define MAXIMUM_VOLUME_LABEL_LENGTH (MAXIMUM_VOLUME_LABEL * WORD_)
typedef struct _VPB // volume parameter block
{
/*000*/ SHORT Type; // IO_TYPE_VPB 0x0A
/*002*/ SHORT Size; // number of BYTEs
/*004*/ WORD Flags;
/*006*/ WORD VolumeLabelLength; // bytes (no term.)
/*008*/ struct _DEVICE_OBJECT *DeviceObject;
/*00C*/ struct _DEVICE_OBJECT *RealDevice;
/*010*/ DWORD SerialNumber;
/*014*/ DWORD ReferenceCount;
/*018*/ WORD VolumeLabel [MAXIMUM_VOLUME_LABEL];
/*058*/ }
VPB,
* PVPB,
**PPVPB;
#define VPB_ \
sizeof (VPB)
// -----------------------------------------------------------------
typedef struct _DEVICE_OBJECT
{
/*000*/ SHORT Type; // IO_TYPE_DEVICE 0x03
/*002*/ WORD Size; // number of BYTEs
/*004*/ LONG ReferenceCount;
/*008*/ struct _DRIVER_OBJECT *DriverObject;
/*00C*/ struct _DEVICE_OBJECT *NextDevice;
/*010*/ struct _DEVICE_OBJECT *AttachedDevice;
/*014*/ struct _IRP *CurrentIrp;
/*018*/ struct _PIO_TIMER *Timer;
/*01C*/ DWORD Flags; // DO_*
/*020*/ DWORD Characteristics; // FILE_*
/*024*/ PVPB Vpb;
/*028*/ PVOID DeviceExtension;
/*02C*/ DEVICE_TYPE DeviceType;
/*030*/ CHAR StackSize;
/*034*/ union
{
/*034*/ LIST_ENTRY ListEntry;
/*034*/ WAIT_CONTEXT_BLOCK Wcb;
/*05C*/ } Queue;
/*05C*/ DWORD AlignmentRequirement;
/*060*/ KDEVICE_QUEUE DeviceQueue;
/*074*/ KDPC Dpc;
/*094*/ DWORD ActiveThreadCount;
/*098*/ PSECURITY_DESCRIPTOR SecurityDescriptor;
/*09C*/ KEVENT DeviceLock;
/*0AC*/ WORD SectorSize;
/*0AE*/ WORD Spare1;
/*0B0*/ struct _DEVOBJ_EXTENSION *DeviceObjectExtension;
/*0B4*/ PVOID Reserved;
/*0B8*/ }
DEVICE_OBJECT,
* PDEVICE_OBJECT,
**PPDEVICE_OBJECT;
#define DEVICE_OBJECT_ \
sizeof (DEVICE_OBJECT)
// -----------------------------------------------------------------
typedef struct _DEVOBJ_EXTENSION
{
/*000*/ SHORT Type; // IO_TYPE_DEVICE_OBJECT_EXTENSION 0x0D
/*002*/ WORD Size; // number of BYTEs
/*004*/ PDEVICE_OBJECT DeviceObject;
/*008*/ }
DEVOBJ_EXTENSION,
* PDEVOBJ_EXTENSION,
**PPDEVOBJ_EXTENSION;
#define DEVOBJ_EXTENSION_ \
sizeof (DEVOBJ_EXTENSION)
// -----------------------------------------------------------------
typedef struct _DRIVER_EXTENSION
{
/*000*/ struct _DRIVER_OBJECT *DriverObject;
/*004*/ PDRIVER_ADD_DEVICE AddDevice;
/*008*/ DWORD Count;
/*00C*/ UNICODE_STRING ServiceKeyName;
/*014*/ }
DRIVER_EXTENSION,
* PDRIVER_EXTENSION,
**PPDRIVER_EXTENSION;
#define DRIVER_EXTENSION_ \
sizeof (DRIVER_EXTENSION)
// -----------------------------------------------------------------
typedef struct _DRIVER_OBJECT
{
/*000*/ SHORT Type; // IO_TYPE_DRIVER 0x04
/*002*/ SHORT Size; // number of BYTEs
/*004*/ PDEVICE_OBJECT DeviceObject;
/*008*/ DWORD Flags;
/*00C*/ PVOID DriverStart;
/*010*/ DWORD DriverSize;
/*014*/ PVOID DriverSection;
/*018*/ PDRIVER_EXTENSION DriverExtension;
/*01C*/ UNICODE_STRING DriverName;
/*024*/ PUNICODE_STRING HardwareDatabase;
/*028*/ PFAST_IO_DISPATCH FastIoDispatch;
/*02C*/ PDRIVER_INITIALIZE DriverInit;
/*030*/ PDRIVER_STARTIO DriverStartIo;
/*034*/ PDRIVER_UNLOAD DriverUnload;
/*038*/ PDRIVER_DISPATCH MajorFunction [IRP_MJ_FUNCTIONS];
/*0A8*/ }
DRIVER_OBJECT,
* PDRIVER_OBJECT,
**PPDRIVER_OBJECT;
#define DRIVER_OBJECT_ \
sizeof (DRIVER_OBJECT)
// -----------------------------------------------------------------
typedef struct _SECTION_OBJECT_POINTERS
{
/*000*/ PVOID DataSectionObject;
/*004*/ PVOID SharedCacheMap;
/*008*/ PVOID ImageSectionObject;
/*00C*/ }
SECTION_OBJECT_POINTERS,
* PSECTION_OBJECT_POINTERS,
**PPSECTION_OBJECT_POINTERS;
#define SECTION_OBJECT_POINTERS_ \
sizeof (SECTION_OBJECT_POINTERS)
// -----------------------------------------------------------------
typedef struct _IO_COMPLETION_CONTEXT
{
/*000*/ PVOID Port;
/*004*/ PVOID Key;
/*008*/ }
IO_COMPLETION_CONTEXT,
* PIO_COMPLETION_CONTEXT,
**PPIO_COMPLETION_CONTEXT;
#define IO_COMPLETION_CONTEXT_ \
sizeof (IO_COMPLETION_CONTEXT)
// -----------------------------------------------------------------
typedef struct _FILE_OBJECT
{
/*000*/ SHORT Type; // IO_TYPE_FILE 0x05
/*002*/ SHORT Size; // number of BYTEs
/*004*/ PDEVICE_OBJECT DeviceObject;
/*008*/ PVPB Vpb;
/*00C*/ PVOID FsContext;
/*010*/ PVOID FsContext2;
/*014*/ PSECTION_OBJECT_POINTERS SectionObjectPointer;
/*018*/ PVOID PrivateCacheMap;
/*01C*/ NTSTATUS FinalStatus;
/*020*/ struct _FILE_OBJECT *RelatedFileObject;
/*024*/ BOOLEAN LockOperation;
/*025*/ BOOLEAN DeletePending;
/*026*/ BOOLEAN ReadAccess;
/*027*/ BOOLEAN WriteAccess;
/*028*/ BOOLEAN DeleteAccess;
/*029*/ BOOLEAN SharedRead;
/*02A*/ BOOLEAN SharedWrite;
/*02B*/ BOOLEAN SharedDelete;
/*02C*/ DWORD Flags; // FO_*
/*030*/ UNICODE_STRING FileName;
/*038*/ LARGE_INTEGER CurrentByteOffset;
/*040*/ DWORD Waiters;
/*044*/ DWORD Busy;
/*048*/ PVOID LastLock;
/*04C*/ KEVENT Lock;
/*05C*/ KEVENT Event;
/*06C*/ PIO_COMPLETION_CONTEXT CompletionContext;
/*070*/ }
FILE_OBJECT,
* PFILE_OBJECT,
**PPFILE_OBJECT;
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -