📄 ke.h
字号:
#ifndef __NTOSKRNL_INCLUDE_INTERNAL_KE_H
#define __NTOSKRNL_INCLUDE_INTERNAL_KE_H
/* INCLUDES *****************************************************************/
#include "arch/ke.h"
/* INTERNAL KERNEL TYPES ****************************************************/
typedef struct _WOW64_PROCESS
{
PVOID Wow64;
} WOW64_PROCESS, *PWOW64_PROCESS;
typedef struct _KPROFILE_SOURCE_OBJECT
{
KPROFILE_SOURCE Source;
LIST_ENTRY ListEntry;
} KPROFILE_SOURCE_OBJECT, *PKPROFILE_SOURCE_OBJECT;
typedef enum _CONNECT_TYPE
{
NoConnect,
NormalConnect,
ChainConnect,
UnknownConnect
} CONNECT_TYPE, *PCONNECT_TYPE;
typedef struct _DISPATCH_INFO
{
CONNECT_TYPE Type;
PKINTERRUPT Interrupt;
PKINTERRUPT_ROUTINE NoDispatch;
PKINTERRUPT_ROUTINE InterruptDispatch;
PKINTERRUPT_ROUTINE FloatingDispatch;
PKINTERRUPT_ROUTINE ChainedDispatch;
PKINTERRUPT_ROUTINE *FlatDispatch;
} DISPATCH_INFO, *PDISPATCH_INFO;
typedef struct _KI_SAMPLE_MAP
{
LARGE_INTEGER PerfStart;
LARGE_INTEGER PerfEnd;
LONGLONG PerfDelta;
LARGE_INTEGER PerfFreq;
LONGLONG TSCStart;
LONGLONG TSCEnd;
LONGLONG TSCDelta;
ULONG MHz;
} KI_SAMPLE_MAP, *PKI_SAMPLE_MAP;
typedef struct _KTIMER_TABLE_ENTRY
{
LIST_ENTRY Entry;
ULARGE_INTEGER Time;
} KTIMER_TABLE_ENTRY, *PKTIMER_TABLE_ENTRY;
#define MAX_TIMER_DPCS 16
typedef struct _DPC_QUEUE_ENTRY
{
PKDPC Dpc;
PKDEFERRED_ROUTINE Routine;
PVOID Context;
} DPC_QUEUE_ENTRY, *PDPC_QUEUE_ENTRY;
typedef PCHAR
(NTAPI *PKE_BUGCHECK_UNICODE_TO_ANSI)(
IN PUNICODE_STRING Unicode,
IN PCHAR Ansi,
IN ULONG Length
);
extern ULONG_PTR MmFreeLdrFirstKrnlPhysAddr;
extern ULONG_PTR MmFreeLdrLastKrnlPhysAddr;
extern ULONG_PTR MmFreeLdrLastKernelAddress;
extern PVOID KeUserApcDispatcher;
extern PVOID KeUserCallbackDispatcher;
extern PVOID KeUserExceptionDispatcher;
extern PVOID KeRaiseUserExceptionDispatcher;
extern LARGE_INTEGER KeBootTime;
extern ULONGLONG KeBootTimeBias;
extern BOOLEAN ExCmosClockIsSane;
extern ULONG KeI386NpxPresent;
extern ULONG KeI386XMMIPresent;
extern ULONG KeI386FxsrPresent;
extern ULONG KiMXCsrMask;
extern ULONG KeI386CpuType;
extern ULONG KeI386CpuStep;
extern ULONG KeProcessorArchitecture;
extern ULONG KeProcessorLevel;
extern ULONG KeProcessorRevision;
extern ULONG KeFeatureBits;
extern ULONG Ke386GlobalPagesEnabled;
extern BOOLEAN KiI386PentiumLockErrataPresent;
extern KNODE KiNode0;
extern PKNODE KeNodeBlock[1];
extern UCHAR KeNumberNodes;
extern UCHAR KeProcessNodeSeed;
extern ETHREAD KiInitialThread;
extern EPROCESS KiInitialProcess;
extern ULONG KiInterruptTemplate[KINTERRUPT_DISPATCH_CODES];
extern PULONG KiInterruptTemplateObject;
extern PULONG KiInterruptTemplateDispatch;
extern PULONG KiInterruptTemplate2ndDispatch;
extern ULONG KiUnexpectedEntrySize;
#ifdef _M_IX86
extern PVOID Ki386IopmSaveArea;
extern ULONG KeI386EFlagsAndMaskV86;
extern ULONG KeI386EFlagsOrMaskV86;
extern BOOLEAN KeI386VirtualIntExtensions;
extern KIDTENTRY KiIdt[];
extern KGDTENTRY KiBootGdt[];
extern KDESCRIPTOR KiGdtDescriptor;
extern KDESCRIPTOR KiIdtDescriptor;
extern KTSS KiBootTss;
#endif
extern UCHAR P0BootStack[];
extern UCHAR KiDoubleFaultStack[];
extern FAST_MUTEX KernelAddressSpaceLock;
extern ULONG KiMaximumDpcQueueDepth;
extern ULONG KiMinimumDpcRate;
extern ULONG KiAdjustDpcThreshold;
extern ULONG KiIdealDpcRate;
extern BOOLEAN KeThreadDpcEnable;
extern LARGE_INTEGER KiTimeIncrementReciprocal;
extern UCHAR KiTimeIncrementShiftCount;
extern ULONG KiTimeLimitIsrMicroseconds;
extern ULONG KiServiceLimit;
extern LIST_ENTRY KeBugcheckCallbackListHead, KeBugcheckReasonCallbackListHead;
extern KSPIN_LOCK BugCheckCallbackLock;
extern KDPC KiTimerExpireDpc;
extern KTIMER_TABLE_ENTRY KiTimerTableListHead[TIMER_TABLE_SIZE];
extern FAST_MUTEX KiGenericCallDpcMutex;
extern LIST_ENTRY KiProfileListHead, KiProfileSourceListHead;
extern KSPIN_LOCK KiProfileLock;
extern LIST_ENTRY KiProcessListHead;
extern LIST_ENTRY KiProcessInSwapListHead, KiProcessOutSwapListHead;
extern LIST_ENTRY KiStackInSwapListHead;
extern KEVENT KiSwapEvent;
extern PKPRCB KiProcessorBlock[];
extern ULONG KiMask32Array[MAXIMUM_PRIORITY];
extern ULONG KiIdleSummary;
extern VOID __cdecl KiTrap8(VOID);
extern VOID __cdecl KiTrap2(VOID);
extern VOID __cdecl KiFastCallEntry(VOID);
extern PVOID KeUserApcDispatcher;
extern PVOID KeUserCallbackDispatcher;
extern PVOID KeUserExceptionDispatcher;
extern PVOID KeRaiseUserExceptionDispatcher;
extern UCHAR KiDebugRegisterTrapOffsets[9];
extern UCHAR KiDebugRegisterContextOffsets[9];
extern ULONG KeTimeIncrement;
extern ULONG_PTR KiBugCheckData[5];
extern ULONG KiFreezeFlag;
/* MACROS *************************************************************************/
#define AFFINITY_MASK(Id) KiMask32Array[Id]
#define PRIORITY_MASK(Id) KiMask32Array[Id]
/* The following macro initializes a dispatcher object's header */
#define KeInitializeDispatcherHeader(Header, t, s, State) \
{ \
(Header)->Type = t; \
(Header)->Absolute = 0; \
(Header)->Inserted = 0; \
(Header)->Size = s; \
(Header)->SignalState = State; \
InitializeListHead(&((Header)->WaitListHead)); \
}
#define KEBUGCHECKWITHTF(a,b,c,d,e,f) \
DbgPrint("KeBugCheckWithTf at %s:%i\n",__FILE__,__LINE__), \
KeBugCheckWithTf(a,b,c,d,e,f)
/* Tells us if the Timer or Event is a Syncronization or Notification Object */
#define TIMER_OR_EVENT_TYPE 0x7L
/* One of the Reserved Wait Blocks, this one is for the Thread's Timer */
#define TIMER_WAIT_BLOCK 0x3L
/* IOPM Definitions */
#define IO_ACCESS_MAP_NONE 0
#define IOPM_OFFSET FIELD_OFFSET(KTSS, IoMaps[0].IoMap)
#define KiComputeIopmOffset(MapNumber) \
(MapNumber == IO_ACCESS_MAP_NONE) ? \
(USHORT)(sizeof(KTSS)) : \
(USHORT)(FIELD_OFFSET(KTSS, IoMaps[MapNumber-1].IoMap))
#define SIZE_OF_FX_REGISTERS 32
/* INTERNAL KERNEL FUNCTIONS ************************************************/
/* Finds a new thread to run */
NTSTATUS
FASTCALL
KiSwapThread(
IN PKTHREAD Thread,
IN PKPRCB Prcb
);
VOID
NTAPI
KeReadyThread(
IN PKTHREAD Thread
);
BOOLEAN
NTAPI
KeSetDisableBoostThread(
IN OUT PKTHREAD Thread,
IN BOOLEAN Disable
);
VOID
NTAPI
KeBalanceSetManager(IN PVOID Context);
VOID
NTAPI
KiReadyThread(IN PKTHREAD Thread);
ULONG
NTAPI
KeSuspendThread(PKTHREAD Thread);
BOOLEAN
NTAPI
KeReadStateThread(IN PKTHREAD Thread);
BOOLEAN
FASTCALL
KiSwapContext(
IN PKTHREAD CurrentThread,
IN PKTHREAD NewThread
);
VOID
NTAPI
KiAdjustQuantumThread(IN PKTHREAD Thread);
VOID
FASTCALL
KiExitDispatcher(KIRQL OldIrql);
VOID
NTAPI
KiDeferredReadyThread(IN PKTHREAD Thread);
KAFFINITY
FASTCALL
KiSetAffinityThread(
IN PKTHREAD Thread,
IN KAFFINITY Affinity
);
PKTHREAD
FASTCALL
KiSelectNextThread(
IN PKPRCB Prcb
);
VOID
NTAPI
CPUID(
OUT ULONG CpuInfo[4],
IN ULONG InfoType
);
BOOLEAN
FASTCALL
KiInsertTimerTable(
IN PKTIMER Timer,
IN ULONG Hand
);
BOOLEAN
FASTCALL
KiInsertTreeTimer(
IN PKTIMER Timer,
IN LARGE_INTEGER Interval
);
VOID
FASTCALL
KiCompleteTimer(
IN PKTIMER Timer,
IN PKSPIN_LOCK_QUEUE LockQueue
);
/* gmutex.c ********************************************************************/
VOID
FASTCALL
KiAcquireGuardedMutexContented(PKGUARDED_MUTEX GuardedMutex);
/* gate.c **********************************************************************/
VOID
FASTCALL
KeInitializeGate(PKGATE Gate);
VOID
FASTCALL
KeSignalGateBoostPriority(PKGATE Gate);
VOID
FASTCALL
KeWaitForGate(
PKGATE Gate,
KWAIT_REASON WaitReason,
KPROCESSOR_MODE WaitMode
);
/* ipi.c ********************************************************************/
VOID
NTAPI
KiIpiSendRequest(
KAFFINITY TargetSet,
ULONG IpiRequest
);
/* next file ***************************************************************/
UCHAR
NTAPI
KeFindNextRightSetAffinity(
IN UCHAR Number,
IN ULONG Set
);
VOID
NTAPI
DbgBreakPointNoBugCheck(VOID);
VOID
NTAPI
KeInitializeProfile(
struct _KPROFILE* Profile,
struct _KPROCESS* Process,
PVOID ImageBase,
ULONG ImageSize,
ULONG BucketSize,
KPROFILE_SOURCE ProfileSource,
KAFFINITY Affinity
);
VOID
NTAPI
KeStartProfile(
struct _KPROFILE* Profile,
PVOID Buffer
);
BOOLEAN
NTAPI
KeStopProfile(struct _KPROFILE* Profile);
ULONG
NTAPI
KeQueryIntervalProfile(KPROFILE_SOURCE ProfileSource);
VOID
NTAPI
KeSetIntervalProfile(
KPROFILE_SOURCE ProfileSource,
ULONG Interval
);
VOID
NTAPI
KeProfileInterrupt(
PKTRAP_FRAME TrapFrame
);
VOID
NTAPI
KeProfileInterruptWithSource(
IN PKTRAP_FRAME TrapFrame,
IN KPROFILE_SOURCE Source
);
VOID
NTAPI
KeUpdateRunTime(
PKTRAP_FRAME TrapFrame,
KIRQL Irql
);
VOID
NTAPI
KiExpireTimers(
PKDPC Dpc,
PVOID DeferredContext,
PVOID SystemArgument1,
PVOID SystemArgument2
);
VOID
NTAPI
KeInitializeThread(
IN PKPROCESS Process,
IN OUT PKTHREAD Thread,
IN PKSYSTEM_ROUTINE SystemRoutine,
IN PKSTART_ROUTINE StartRoutine,
IN PVOID StartContext,
IN PCONTEXT Context,
IN PVOID Teb,
IN PVOID KernelStack
);
VOID
NTAPI
KeUninitThread(
IN PKTHREAD Thread
);
NTSTATUS
NTAPI
KeInitThread(
IN OUT PKTHREAD Thread,
IN PVOID KernelStack,
IN PKSYSTEM_ROUTINE SystemRoutine,
IN PKSTART_ROUTINE StartRoutine,
IN PVOID StartContext,
IN PCONTEXT Context,
IN PVOID Teb,
IN PKPROCESS Process
);
VOID
NTAPI
KeStartThread(
IN OUT PKTHREAD Thread
);
BOOLEAN
NTAPI
KeAlertThread(
IN PKTHREAD Thread,
IN KPROCESSOR_MODE AlertMode
);
ULONG
NTAPI
KeAlertResumeThread(
IN PKTHREAD Thread
);
ULONG
NTAPI
KeResumeThread(
IN PKTHREAD Thread
);
PVOID
NTAPI
KeSwitchKernelStack(
IN PVOID StackBase,
IN PVOID StackLimit
);
VOID
NTAPI
KeRundownThread(VOID);
NTSTATUS
NTAPI
KeReleaseThread(PKTHREAD Thread);
VOID
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -