📄 w2k_def.h
字号:
#define FILE_OBJECT_ \
sizeof (FILE_OBJECT)
// -----------------------------------------------------------------
typedef struct _CONTROLLER_OBJECT
{
/*000*/ SHORT Type; // IO_TYPE_CONTROLLER 0x02
/*002*/ SHORT Size; // number of BYTEs
/*004*/ PVOID ControllerExtension;
/*008*/ KDEVICE_QUEUE DeviceWaitQueue;
/*01C*/ DWORD Spare1;
/*020*/ LARGE_INTEGER Spare2;
/*028*/ }
CONTROLLER_OBJECT,
* PCONTROLLER_OBJECT,
**PPCONTROLLER_OBJECT;
#define CONTROLLER_OBJECT_ \
sizeof (CONTROLLER_OBJECT)
// =================================================================
// TDI STRUCTURES
// =================================================================
#define TDI_CURRENT_MAJOR_VERSION 2
#define TDI_CURRENT_MINOR_VERSION 0
typedef struct _TDI20_CLIENT_INTERFACE_INFO
{
/*000*/ union
{
/*000*/ struct
{
/*000*/ BYTE MajorTdiVersion;
/*001*/ BYTE MinorTdiVersion;
/*002*/ };
/*000*/ WORD TdiVersion;
/*002*/ };
/*002*/ WORD Unused;
/*004*/ PUNICODE_STRING ClientName;
/*008*/ TDI_PNP_POWER_HANDLER PnPPowerHandler;
/*00C*/ union
{
/*00C*/ TDI_BINDING_HANDLER BindingHandler;
/*00C*/ struct
{
/*00C*/ TDI_BIND_HANDLER BindHandler;
/*010*/ TDI_UNBIND_HANDLER UnBindHandler;
/*014*/ };
/*014*/ };
/*014*/ union
{
/*014*/ struct
{
/*014*/ TDI_ADD_ADDRESS_HANDLER_V2 AddAddressHandlerV2;
/*018*/ TDI_DEL_ADDRESS_HANDLER_V2 DelAddressHandlerV2;
/*01C*/ };
/*01C*/ struct
{
/*014*/ TDI_ADD_ADDRESS_HANDLER AddAddressHandler;
/*018*/ TDI_DEL_ADDRESS_HANDLER DelAddressHandler;
/*01C*/ };
/*01C*/ };
/*01C*/ }
TDI20_CLIENT_INTERFACE_INFO,
* PTDI20_CLIENT_INTERFACE_INFO,
**PPTDI20_CLIENT_INTERFACE_INFO;
#define TDI20_CLIENT_INTERFACE_INFO_ \
sizeof (TDI20_CLIENT_INTERFACE_INFO)
// -----------------------------------------------------------------
typedef TDI20_CLIENT_INTERFACE_INFO
TDI_CLIENT_INTERFACE_INFO,
* PTDI_CLIENT_INTERFACE_INFO,
**PPTDI_CLIENT_INTERFACE_INFO;
#define TDI_CLIENT_INTERFACE_INFO_ \
sizeof (TDI_CLIENT_INTERFACE_INFO)
// =================================================================
// OTHER BASIC STRUCTURES
// =================================================================
typedef struct _CLIENT_ID
{
/*000*/ HANDLE UniqueProcess;
/*004*/ HANDLE UniqueThread;
/*008*/ }
CLIENT_ID,
* PCLIENT_ID,
**PPCLIENT_ID;
#define CLIENT_ID_ \
sizeof (CLIENT_ID)
// -----------------------------------------------------------------
typedef DWORD_PTR
ERESOURCE_THREAD,
* PERESOURCE_THREAD,
**PPERESOURCE_THREAD;
#define ERESOURCE_THREAD_ \
sizeof (ERESOURCE_THREAD)
// -----------------------------------------------------------------
typedef struct _OWNER_ENTRY
{
/*000*/ ERESOURCE_THREAD OwnerThread;
/*004*/ union
{
/*004*/ LONG OwnerCount;
/*004*/ DWORD TableSize;
/*008*/ };
/*008*/ }
OWNER_ENTRY,
* POWNER_ENTRY,
**PPOWNER_ENTRY;
#define OWNER_ENTRY_ \
sizeof (OWNER_ENTRY)
// -----------------------------------------------------------------
typedef struct _ERESOURCE
{
/*000*/ LIST_ENTRY SystemResourcesList;
/*008*/ POWNER_ENTRY OwnerTable;
/*00C*/ SHORT ActiveCount;
/*00E*/ WORD Flag;
/*010*/ PKSEMAPHORE SharedWaiters;
/*014*/ PKEVENT ExclusiveWaiters;
/*018*/ OWNER_ENTRY OwnerThreads [2];
/*028*/ DWORD ContentionCount;
/*02C*/ WORD NumberOfSharedWaiters;
/*02E*/ WORD NumberOfExclusiveWaiters;
/*030*/ union
{
/*030*/ PVOID Address;
/*030*/ DWORD_PTR CreatorBackTraceIndex;
/*034*/ };
/*034*/ KSPIN_LOCK SpinLock;
/*038*/ }
ERESOURCE,
* PERESOURCE,
**PPERESOURCE;
#define ERESOURCE_ \
sizeof (ERESOURCE)
// -----------------------------------------------------------------
typedef struct _ERESOURCE_OLD
{
/*000*/ LIST_ENTRY SystemResourcesList;
/*008*/ PERESOURCE_THREAD OwnerThreads;
/*00C*/ PBYTE OwnerCounts;
/*010*/ WORD TableSize;
/*012*/ WORD ActiveCount;
/*014*/ WORD Flag;
/*016*/ WORD TableRover;
/*018*/ BYTE InitialOwnerCounts [4];
/*01C*/ ERESOURCE_THREAD InitialOwnerThreads [4];
/*02C*/ DWORD Spare1;
/*030*/ DWORD ContentionCount;
/*034*/ WORD NumberOfExclusiveWaiters;
/*036*/ WORD NumberOfSharedWaiters;
/*038*/ KSEMAPHORE SharedWaiters;
/*04C*/ KEVENT ExclusiveWaiters;
/*05C*/ KSPIN_LOCK SpinLock;
/*060*/ DWORD CreatorBackTraceIndex;
/*064*/ WORD Depth;
/*066*/ WORD Reserved;
/*068*/ PVOID OwnerBackTrace [4];
/*078*/ }
ERESOURCE_OLD,
* PERESOURCE_OLD,
**PPERESOURCE_OLD;
#define ERESOURCE_OLD_ \
sizeof (ERESOURCE_OLD)
// -----------------------------------------------------------------
typedef struct _KWAIT_BLOCK
{
/*000*/ LIST_ENTRY WaitListEntry;
/*008*/ struct _KTHREAD *Thread;
/*00C*/ PVOID Object;
/*010*/ struct _KWAIT_BLOCK *NextWaitBlock;
/*004*/ WORD WaitKey;
/*006*/ WORD WaitType;
/*018*/ }
KWAIT_BLOCK,
* PKWAIT_BLOCK,
**PPKWAIT_BLOCK;
#define KWAIT_BLOCK_ \
sizeof (KWAIT_BLOCK)
// -----------------------------------------------------------------
typedef struct _IO_ERROR_LOG_PACKET
{
/*000*/ BYTE MajorFunctionCode;
/*001*/ BYTE RetryCount;
/*002*/ WORD DumpDataSize;
/*004*/ WORD NumberOfStrings;
/*006*/ WORD StringOffset;
/*008*/ WORD EventCategory;
/*00C*/ NTSTATUS ErrorCode;
/*010*/ DWORD UniqueErrorValue;
/*014*/ NTSTATUS FinalStatus;
/*018*/ DWORD SequenceNumber;
/*01C*/ DWORD IoControlCode;
/*020*/ LARGE_INTEGER DeviceOffset;
/*028*/ DWORD DumpData [1];
/*030*/ }
IO_ERROR_LOG_PACKET,
* PIO_ERROR_LOG_PACKET,
**PPIO_ERROR_LOG_PACKET;
#define IO_ERROR_LOG_PACKET_ \
sizeof (IO_ERROR_LOG_PACKET)
// -----------------------------------------------------------------
typedef struct _IO_ERROR_LOG_MESSAGE
{
/*000*/ WORD Type; // IO_TYPE_ERROR_MESSAGE 0x0C
/*002*/ WORD Size; // number of BYTEs
/*004*/ WORD DriverNameLength;
/*008*/ LARGE_INTEGER TimeStamp;
/*010*/ DWORD DriverNameOffset;
/*018*/ IO_ERROR_LOG_PACKET EntryData;
/*048*/ }
IO_ERROR_LOG_MESSAGE,
* PIO_ERROR_LOG_MESSAGE,
**PPIO_ERROR_LOG_MESSAGE;
#define IO_ERROR_LOG_MESSAGE_ \
sizeof (IO_ERROR_LOG_MESSAGE)
// -----------------------------------------------------------------
typedef struct _TIME_FIELDS
{
/*000*/ SHORT Year;
/*002*/ SHORT Month;
/*004*/ SHORT Day;
/*006*/ SHORT Hour;
/*008*/ SHORT Minute;
/*00A*/ SHORT Second;
/*00C*/ SHORT Milliseconds;
/*00E*/ SHORT Weekday; // 0 = sunday
/*010*/ }
TIME_FIELDS,
* PTIME_FIELDS,
**PPTIME_FIELDS;
#define TIME_FIELDS_ \
sizeof (TIME_FIELDS)
// -----------------------------------------------------------------
typedef struct _RTL_BITMAP
{
/*000*/ DWORD SizeOfBitMap;
/*004*/ PDWORD Buffer;
/*008*/ }
RTL_BITMAP,
* PRTL_BITMAP,
**PPRTL_BITMAP;
#define RTL_BITMAP_ \
sizeof (RTL_BITMAP)
// =================================================================
// PROCESSOR STRUCTURES
// =================================================================
// base address 0xFFDFF158
#ifndef SIZE_OF_80387_REGISTERS
#define SIZE_OF_80387_REGISTERS 80
typedef struct _FLOATING_SAVE_AREA
{
/*000*/ DWORD ControlWord;
/*004*/ DWORD StatusWord;
/*008*/ DWORD TagWord;
/*00C*/ DWORD ErrorOffset;
/*010*/ DWORD ErrorSelector;
/*014*/ DWORD DataOffset;
/*018*/ DWORD DataSelector;
/*01C*/ BYTE RegisterArea [SIZE_OF_80387_REGISTERS];
/*06C*/ DWORD Cr0NpxState;
/*070*/ }
FLOATING_SAVE_AREA,
* PFLOATING_SAVE_AREA,
**PPFLOATING_SAVE_AREA;
#define FLOATING_SAVE_AREA_ \
sizeof (FLOATING_SAVE_AREA)
#endif
// -----------------------------------------------------------------
// base address 0xFFDFF13C
#ifndef MAXIMUM_SUPPORTED_EXTENSION
#define MAXIMUM_SUPPORTED_EXTENSION 512
typedef struct _CONTEXT
{
/*000*/ DWORD ContextFlags;
/*004*/ DWORD Dr0;
/*008*/ DWORD Dr1;
/*00C*/ DWORD Dr2;
/*010*/ DWORD Dr3;
/*014*/ DWORD Dr6;
/*018*/ DWORD Dr7;
/*01C*/ FLOATING_SAVE_AREA FloatSave;
/*08C*/ DWORD SegGs;
/*090*/ DWORD SegFs;
/*094*/ DWORD SegEs;
/*098*/ DWORD SegDs;
/*09C*/ DWORD Edi;
/*0A0*/ DWORD Esi;
/*0A4*/ DWORD Ebx;
/*0A8*/ DWORD Edx;
/*0AC*/ DWORD Ecx;
/*0B0*/ DWORD Eax;
/*0B4*/ DWORD Ebp;
/*0B8*/ DWORD Eip;
/*0BC*/ DWORD SegCs;
/*0C0*/ DWORD EFlags;
/*0C4*/ DWORD Esp;
/*0C8*/ DWORD SegSs;
/*0CC*/ BYTE ExtendedRegisters [MAXIMUM_SUPPORTED_EXTENSION];
/*2CC*/ }
CONTEXT,
* PCONTEXT,
**PPCONTEXT;
#define CONTEXT_ \
sizeof (CONTEXT)
#endif
// -----------------------------------------------------------------
// base address 0xFFDFF120
typedef struct _KPRCB // processor control block
{
/*000*/ WORD MinorVersion;
/*002*/ WORD MajorVersion;
/*004*/ struct _KTHREAD *CurrentThread;
/*008*/ struct _KTHREAD *NextThread;
/*00C*/ struct _KTHREAD *IdleThread;
/*010*/ CHAR Number;
/*011*/ CHAR Reserved;
/*012*/ WORD BuildType;
/*014*/ KAFFINITY SetMember;
/*018*/ struct _RESTART_BLOCK *RestartBlock;
/*01C*/ }
KPRCB,
* PKPRCB,
**PPKPRCB;
#define KPRCB_ \
sizeof (KPRCB)
// -----------------------------------------------------------------
// base address 0xFFDFF000
typedef struct _KPCR // processor control region
{
/*000*/ NT_TIB NtTib;
/*01C*/ struct _KPCR *SelfPcr;
/*020*/ PKPRCB Prcb;
/*024*/ KIRQL Irql;
/*028*/ DWORD IRR;
/*02C*/ DWORD IrrActive;
/*030*/ DWORD IDR;
/*034*/ DWORD Reserved2;
/*038*/ struct _KIDTENTRY *IDT;
/*03C*/ struct _KGDTENTRY *GDT;
/*040*/ struct _KTSS *TSS;
/*044*/ WORD MajorVersion;
/*046*/ WORD MinorVersion;
/*048*/ KAFFINITY SetMember;
/*04C*/ DWORD StallScaleFactor;
/*050*/ BYTE DebugActive;
/*051*/ BYTE Number;
/*054*/ }
KPCR,
* PKPCR,
**PPKPCR;
#define KPCR_ \
sizeof (KPCR)
// =================================================================
// OBJECT STRUCTURES
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -