📄 ex.h
字号:
#ifndef __NTOSKRNL_INCLUDE_INTERNAL_EXECUTIVE_H
#define __NTOSKRNL_INCLUDE_INTERNAL_EXECUTIVE_H
/* GLOBAL VARIABLES *********************************************************/
extern TIME_ZONE_INFORMATION ExpTimeZoneInfo;
extern LARGE_INTEGER ExpTimeZoneBias;
extern ULONG ExpTimeZoneId;
extern ULONG ExpTickCountMultiplier;
extern ULONG ExpLastTimeZoneBias;
extern POBJECT_TYPE ExEventPairObjectType;
extern POBJECT_TYPE _ExEventObjectType, _ExSemaphoreObjectType;
extern ULONG NtBuildNumber;
extern ULONG NtMajorVersion;
extern ULONG NtMinorVersion;
extern FAST_MUTEX ExpEnvironmentLock;
extern ERESOURCE ExpFirmwareTableResource;
extern LIST_ENTRY ExpFirmwareTableProviderListHead;
extern BOOLEAN ExpIsWinPEMode;
extern LIST_ENTRY ExpSystemResourcesList;
ULONG ExpAnsiCodePageDataOffset, ExpOemCodePageDataOffset;
ULONG ExpUnicodeCaseTableDataOffset;
PVOID ExpNlsSectionPointer;
extern CHAR NtBuildLab[];
extern ULONG CmNtCSDVersion;
extern ULONG NtGlobalFlag;
extern ULONG ExpInitializationPhase;
extern ULONG ExpAltTimeZoneBias;
typedef struct _EXHANDLE
{
union
{
struct
{
ULONG TagBits:2;
ULONG Index:30;
};
HANDLE GenericHandleOverlay;
ULONG_PTR Value;
};
} EXHANDLE, *PEXHANDLE;
typedef struct _ETIMER
{
KTIMER KeTimer;
KAPC TimerApc;
KDPC TimerDpc;
LIST_ENTRY ActiveTimerListEntry;
KSPIN_LOCK Lock;
LONG Period;
BOOLEAN ApcAssociated;
BOOLEAN WakeTimer;
LIST_ENTRY WakeTimerListEntry;
} ETIMER, *PETIMER;
typedef struct
{
PCALLBACK_OBJECT *CallbackObject;
PWSTR Name;
} SYSTEM_CALLBACKS;
#define MAX_FAST_REFS 7
#define ExAcquireRundownProtection _ExAcquireRundownProtection
#define ExReleaseRundownProtection _ExReleaseRundownProtection
#define ExInitializeRundownProtection _ExInitializeRundownProtection
#define ExWaitForRundownProtectionRelease _ExWaitForRundownProtectionRelease
#define ExRundownCompleted _ExRundownCompleted
#define ExGetPreviousMode KeGetPreviousMode
//
// Various bits tagged on the handle or handle table
//
#define EXHANDLE_TABLE_ENTRY_LOCK_BIT 1
#define FREE_HANDLE_MASK -1
//
// Number of entries in each table level
//
#define LOW_LEVEL_ENTRIES (PAGE_SIZE / sizeof(HANDLE_TABLE_ENTRY))
#define MID_LEVEL_ENTRIES (PAGE_SIZE / sizeof(PHANDLE_TABLE_ENTRY))
#define HIGH_LEVEL_ENTRIES (16777216 / (LOW_LEVEL_ENTRIES * MID_LEVEL_ENTRIES))
//
// Maximum index in each table level before we need another table
//
#define MAX_LOW_INDEX LOW_LEVEL_ENTRIES
#define MAX_MID_INDEX (MID_LEVEL_ENTRIES * LOW_LEVEL_ENTRIES)
#define MAX_HIGH_INDEX (MID_LEVEL_ENTRIES * MID_LEVEL_ENTRIES * LOW_LEVEL_ENTRIES)
//
// Detect GCC
//
#ifdef __GNUC__
#define DEFINE_WAIT_BLOCK(x) \
struct _AlignHack \
{ \
UCHAR Hack[15]; \
EX_PUSH_LOCK_WAIT_BLOCK UnalignedBlock; \
} WaitBlockBuffer; \
PEX_PUSH_LOCK_WAIT_BLOCK x = (PEX_PUSH_LOCK_WAIT_BLOCK) \
((ULONG_PTR)&WaitBlockBuffer.UnalignedBlock &~ 0xF);
#else
//
// This is only for compatibility; the compiler will optimize the extra
// local variable (the actual pointer) away, so we don't take any perf hit
// by doing this.
//
#define DEFINE_WAIT_BLOCK(x) \
EX_PUSH_LOCK_WAIT_BLOCK WaitBlockBuffer; \
PEX_PUSH_LOCK_WAIT_BLOCK x = &WaitBlockBuffer;
#endif
/* INITIALIZATION FUNCTIONS *************************************************/
VOID
NTAPI
ExpWin32kInit(VOID);
VOID
NTAPI
ExInit2(VOID);
VOID
NTAPI
Phase1Initialization(
IN PVOID Context
);
VOID
NTAPI
ExpInitializePushLocks(VOID);
BOOLEAN
NTAPI
ExRefreshTimeZoneInformation(
IN PLARGE_INTEGER SystemBootTime
);
VOID
NTAPI
ExpInitializeWorkerThreads(VOID);
VOID
NTAPI
ExpInitLookasideLists(VOID);
VOID
NTAPI
ExInitializeSystemLookasideList(
IN PGENERAL_LOOKASIDE List,
IN POOL_TYPE Type,
IN ULONG Size,
IN ULONG Tag,
IN USHORT MaximumDepth,
IN PLIST_ENTRY ListHead
);
BOOLEAN
NTAPI
ExpInitializeCallbacks(VOID);
VOID
NTAPI
ExpInitUuids(VOID);
VOID
NTAPI
ExpInitializeExecutive(
IN ULONG Cpu,
IN PLOADER_PARAMETER_BLOCK LoaderBlock
);
VOID
NTAPI
ExpInitializeEventImplementation(VOID);
VOID
NTAPI
ExpInitializeEventImplementation(VOID);
VOID
NTAPI
ExpInitializeEventPairImplementation(VOID);
VOID
NTAPI
ExpInitializeSemaphoreImplementation(VOID);
VOID
NTAPI
ExpInitializeMutantImplementation(VOID);
VOID
NTAPI
ExpInitializeTimerImplementation(VOID);
VOID
NTAPI
ExpInitializeProfileImplementation(VOID);
VOID
NTAPI
ExpResourceInitialization(VOID);
VOID
NTAPI
ExInitPoolLookasidePointers(VOID);
/* Callback Functions ********************************************************/
VOID
NTAPI
ExInitializeCallBack(
IN OUT PEX_CALLBACK Callback
);
PEX_CALLBACK_ROUTINE_BLOCK
NTAPI
ExAllocateCallBack(
IN PEX_CALLBACK_FUNCTION Function,
IN PVOID Context
);
VOID
NTAPI
ExFreeCallBack(
IN PEX_CALLBACK_ROUTINE_BLOCK CallbackRoutineBlock
);
BOOLEAN
NTAPI
ExCompareExchangeCallBack (
IN OUT PEX_CALLBACK CallBack,
IN PEX_CALLBACK_ROUTINE_BLOCK NewBlock,
IN PEX_CALLBACK_ROUTINE_BLOCK OldBlock
);
PEX_CALLBACK_ROUTINE_BLOCK
NTAPI
ExReferenceCallBackBlock(
IN OUT PEX_CALLBACK CallBack
);
VOID
NTAPI
ExDereferenceCallBackBlock(
IN OUT PEX_CALLBACK CallBack,
IN PEX_CALLBACK_ROUTINE_BLOCK CallbackRoutineBlock
);
PEX_CALLBACK_FUNCTION
NTAPI
ExGetCallBackBlockRoutine(
IN PEX_CALLBACK_ROUTINE_BLOCK CallbackRoutineBlock
);
PVOID
NTAPI
ExGetCallBackBlockContext(
IN PEX_CALLBACK_ROUTINE_BLOCK CallbackRoutineBlock
);
VOID
NTAPI
ExWaitForCallBacks(
IN PEX_CALLBACK_ROUTINE_BLOCK CallbackRoutineBlock
);
/* Rundown Functions ********************************************************/
VOID
FASTCALL
ExfInitializeRundownProtection(
OUT PEX_RUNDOWN_REF RunRef
);
VOID
FASTCALL
ExfReInitializeRundownProtection(
OUT PEX_RUNDOWN_REF RunRef
);
BOOLEAN
FASTCALL
ExfAcquireRundownProtection(
IN OUT PEX_RUNDOWN_REF RunRef
);
BOOLEAN
FASTCALL
ExfAcquireRundownProtectionEx(
IN OUT PEX_RUNDOWN_REF RunRef,
IN ULONG Count
);
VOID
FASTCALL
ExfReleaseRundownProtection(
IN OUT PEX_RUNDOWN_REF RunRef
);
VOID
FASTCALL
ExfReleaseRundownProtectionEx(
IN OUT PEX_RUNDOWN_REF RunRef,
IN ULONG Count
);
VOID
FASTCALL
ExfRundownCompleted(
OUT PEX_RUNDOWN_REF RunRef
);
VOID
FASTCALL
ExfWaitForRundownProtectionRelease(
IN OUT PEX_RUNDOWN_REF RunRef
);
/* HANDLE TABLE FUNCTIONS ***************************************************/
typedef BOOLEAN
(NTAPI *PEX_SWEEP_HANDLE_CALLBACK)(
PHANDLE_TABLE_ENTRY HandleTableEntry,
HANDLE Handle,
PVOID Context
);
typedef BOOLEAN
(NTAPI *PEX_DUPLICATE_HANDLE_CALLBACK)(
IN PEPROCESS Process,
IN PHANDLE_TABLE HandleTable,
IN PHANDLE_TABLE_ENTRY HandleTableEntry,
IN PHANDLE_TABLE_ENTRY NewEntry
);
typedef BOOLEAN
(NTAPI *PEX_CHANGE_HANDLE_CALLBACK)(
PHANDLE_TABLE_ENTRY HandleTableEntry,
ULONG_PTR Context
);
VOID
NTAPI
ExpInitializeHandleTables(
VOID
);
PHANDLE_TABLE
NTAPI
ExCreateHandleTable(
IN PEPROCESS Process OPTIONAL
);
VOID
NTAPI
ExUnlockHandleTableEntry(
IN PHANDLE_TABLE HandleTable,
IN PHANDLE_TABLE_ENTRY HandleTableEntry
);
HANDLE
NTAPI
ExCreateHandle(
IN PHANDLE_TABLE HandleTable,
IN PHANDLE_TABLE_ENTRY HandleTableEntry
);
VOID
NTAPI
ExDestroyHandleTable(
IN PHANDLE_TABLE HandleTable,
IN PVOID DestroyHandleProcedure OPTIONAL
);
BOOLEAN
NTAPI
ExDestroyHandle(
IN PHANDLE_TABLE HandleTable,
IN HANDLE Handle,
IN PHANDLE_TABLE_ENTRY HandleTableEntry OPTIONAL
);
PHANDLE_TABLE_ENTRY
NTAPI
ExMapHandleToPointer(
IN PHANDLE_TABLE HandleTable,
IN HANDLE Handle
);
PHANDLE_TABLE
NTAPI
ExDupHandleTable(
IN PEPROCESS Process,
IN PHANDLE_TABLE HandleTable,
IN PEX_DUPLICATE_HANDLE_CALLBACK DupHandleProcedure,
IN ULONG_PTR Mask
);
BOOLEAN
NTAPI
ExChangeHandle(
IN PHANDLE_TABLE HandleTable,
IN HANDLE Handle,
IN PEX_CHANGE_HANDLE_CALLBACK ChangeRoutine,
IN ULONG_PTR Context
);
VOID
NTAPI
ExSweepHandleTable(
IN PHANDLE_TABLE HandleTable,
IN PEX_SWEEP_HANDLE_CALLBACK EnumHandleProcedure,
IN PVOID Context
);
/* PSEH EXCEPTION HANDLING **************************************************/
LONG
NTAPI
ExSystemExceptionFilter(VOID);
static __inline _SEH_FILTER(_SEH_ExSystemExceptionFilter)
{
return ExSystemExceptionFilter();
}
/* CALLBACKS *****************************************************************/
VOID
FORCEINLINE
ExDoCallBack(IN OUT PEX_CALLBACK Callback,
IN PVOID Context,
IN PVOID Argument1,
IN PVOID Argument2)
{
PEX_CALLBACK_ROUTINE_BLOCK CallbackRoutineBlock;
PEX_CALLBACK_FUNCTION Function;
/* Reference the block */
CallbackRoutineBlock = ExReferenceCallBackBlock(Callback);
if (CallbackRoutineBlock)
{
/* Get the function */
Function = ExGetCallBackBlockRoutine(CallbackRoutineBlock);
/* Do the callback */
Function(Context, Argument1, Argument2);
/* Now dereference it */
ExDereferenceCallBackBlock(Callback, CallbackRoutineBlock);
}
}
/* RUNDOWN *******************************************************************/
#ifdef _WIN64
#define ExpChangeRundown(x, y, z) InterlockedCompareExchange64((PLONGLONG)x, y, z)
#define ExpSetRundown(x, y) InterlockedExchange64((PLONGLONG)x, y)
#else
#define ExpChangeRundown(x, y, z) InterlockedCompareExchange((PLONG)x, PtrToLong(y), PtrToLong(z))
#define ExpChangePushlock(x, y, z) LongToPtr(InterlockedCompareExchange((PLONG)x, PtrToLong(y), PtrToLong(z)))
#define ExpSetRundown(x, y) InterlockedExchange((PLONG)x, y)
#endif
/*++
* @name ExfAcquireRundownProtection
* INTERNAL MACRO
*
* The ExfAcquireRundownProtection routine acquires rundown protection for
* the specified descriptor.
*
* @param RunRef
* Pointer to a rundown reference descriptor.
*
* @return TRUE if access to the protected structure was granted, FALSE otherwise.
*
* @remarks This is the internal macro for system use only.In case the rundown
* was active, then the slow-path will be called through the exported
* function.
*
*--*/
BOOLEAN
FORCEINLINE
_ExAcquireRundownProtection(IN PEX_RUNDOWN_REF RunRef)
{
ULONG_PTR Value, NewValue;
/* Get the current value and mask the active bit */
Value = RunRef->Count &~ EX_RUNDOWN_ACTIVE;
/* Add a reference */
NewValue = Value + EX_RUNDOWN_COUNT_INC;
/* Change the value */
NewValue = ExpChangeRundown(RunRef, NewValue, Value);
if (NewValue != Value)
{
/* Rundown was active, use long path */
return ExfAcquireRundownProtection(RunRef);
}
/* Success */
return TRUE;
}
/*++
* @name ExReleaseRundownProtection
* INTERNAL MACRO
*
* The ExReleaseRundownProtection routine releases rundown protection for
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -