archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-server-2003/admin/wmi/wbem/winmgmt/esscomp/krnlprov/kerneltraceprovider.h

141 lines
4.2 KiB
Raw Permalink Normal View History

commiting as it is
4 years ago
  1. // KernelTraceProvider.h : Declaration of the CKernelTraceProvider
  3. #ifndef __KERNELTRACEPROVIDER_H_
  4. #define __KERNELTRACEPROVIDER_H_
  6. #include "resource.h" // main symbols
  7. #include "ObjAccess.h"
  8. #include <Sync.h>
  10. _COM_SMARTPTR_TYPEDEF(IWbemEventSink, __uuidof(IWbemEventSink));
  11. _COM_SMARTPTR_TYPEDEF(IWbemServices, __uuidof(IWbemServices));
  13. struct EVENT_TRACE_PROPERTIES_EX : public EVENT_TRACE_PROPERTIES
  14. {
  15. EVENT_TRACE_PROPERTIES_EX()
  16. {
  17. ZeroMemory(this, sizeof(*this));
  19. Wnode.BufferSize = sizeof(*this);
  20. Wnode.Flags = WNODE_FLAG_TRACED_GUID;
  22. LogFileNameOffset = sizeof(EVENT_TRACE_PROPERTIES);
  23. LogFileNameOffset = (DWORD) ((LPBYTE) szLogFileName - (LPBYTE) this);
  24. LoggerNameOffset = (DWORD) ((LPBYTE) szLoggerName - (LPBYTE) this);
  25. }
  27. TCHAR szLogFileName[MAX_PATH];
  28. TCHAR szLoggerName[MAX_PATH];
  29. };
  31. /////////////////////////////////////////////////////////////////////////////
  32. // CKernelTraceProvider
  33. class ATL_NO_VTABLE CKernelTraceProvider :
  34. public CComObjectRootEx<CComMultiThreadModel>,
  35. public CComCoClass<CKernelTraceProvider, &CLSID_KernelTraceProvider>,
  36. public IWbemProviderInit,
  37. public IWbemEventProvider,
  38. public IWbemEventProviderSecurity
  39. {
  40. public:
  41. CKernelTraceProvider();
  42. void FinalRelease();
  44. DECLARE_REGISTRY_RESOURCEID(IDR_KERNELTRACEPROVIDER)
  45. DECLARE_NOT_AGGREGATABLE(CKernelTraceProvider)
  47. DECLARE_PROTECT_FINAL_CONSTRUCT()
  49. BEGIN_COM_MAP(CKernelTraceProvider)
  50. COM_INTERFACE_ENTRY(IWbemProviderInit)
  51. COM_INTERFACE_ENTRY(IWbemEventProvider)
  52. COM_INTERFACE_ENTRY(IWbemEventProviderSecurity)
  53. END_COM_MAP()
  56. // IWbemProviderInit
  57. public:
  58. HRESULT STDMETHODCALLTYPE Initialize(
  59. /* [in] */ LPWSTR pszUser,
  60. /* [in] */ LONG lFlags,
  61. /* [in] */ LPWSTR pszNamespace,
  62. /* [in] */ LPWSTR pszLocale,
  63. /* [in] */ IWbemServices __RPC_FAR *pNamespace,
  64. /* [in] */ IWbemContext __RPC_FAR *pCtx,
  65. /* [in] */ IWbemProviderInitSink __RPC_FAR *pInitSink);
  68. // IWbemEventProvider
  69. public:
  70. HRESULT STDMETHODCALLTYPE ProvideEvents(
  71. /* [in] */ IWbemObjectSink __RPC_FAR *pSink,
  72. /* [in] */ long lFlags);
  75. enum SINK_TYPE
  76. {
  77. //SINK_PROCESS_CREATION,
  78. //SINK_PROCESS_DELETION,
  79. SINK_PROCESS_START,
  80. SINK_PROCESS_STOP,
  82. //SINK_THREAD_CREATION,
  83. //SINK_THREAD_DELETION,
  84. SINK_THREAD_START,
  85. SINK_THREAD_STOP,
  87. SINK_MODULE_LOAD,
  89. SINK_COUNT
  90. };
  92. // IWbemEventProviderSecurity
  93. public:
  94. HRESULT STDMETHODCALLTYPE AccessCheck(
  95. /* [in] */ WBEM_CWSTR wszQueryLanguage,
  96. /* [in] */ WBEM_CWSTR wszQuery,
  97. /* [in] */ long lSidLength,
  98. /* [unique][size_is][in] */ const BYTE __RPC_FAR *pSid);
  101. // Implementation
  102. protected:
  103. IWbemEventSinkPtr m_pSinks[SINK_COUNT];
  104. IWbemServicesPtr m_pNamespace;
  105. EVENT_TRACE_PROPERTIES_EX
  106. m_properties;
  107. TRACEHANDLE m_hSession,
  108. m_hTrace;
  109. BOOL m_bDone;
  110. HANDLE m_hProcessTraceThread;
  111. CCritSec m_cs;
  113. // Process events
  114. CObjAccess //m_eventProcessInstCreation,
  115. //m_eventProcessInstDeletion,
  116. //m_objProcessCreated,
  117. //m_objProcessDeleted,
  118. m_eventProcessStart,
  119. m_eventProcessStop;
  121. // Thread events
  122. CObjAccess //m_eventThreadInstCreation,
  123. //m_eventThreadInstDeletion,
  124. //m_objThread,
  125. m_eventThreadStart,
  126. m_eventThreadStop;
  128. // Module load
  129. CObjAccess m_eventModuleLoad;
  131. HRESULT InitEvents();
  132. HRESULT InitTracing();
  133. void StopTracing();
  135. static DWORD WINAPI DoProcessTrace(CKernelTraceProvider *pThis);
  136. static void WINAPI OnProcessEvent(PEVENT_TRACE pEvent);
  137. static void WINAPI OnThreadEvent(PEVENT_TRACE pEvent);
  138. static void WINAPI OnImageEvent(PEVENT_TRACE pEvent);
  139. };
  141. #endif //__KERNELTRACEPROVIDER_H_