archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 5c6fe3db62
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5c6fe3db62'
${ noResults }
windows-server-2003/base/ntos/dbgk/dbgkproc.c

774 lines
20 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 1989 Microsoft Corporation
  5. Module Name:
  7. dbgkproc.c
  9. Abstract:
  11. This module implements process control primitives for the
  12. Dbg component of NT
  14. Author:
  16. Mark Lucovsky (markl) 19-Jan-1990
  18. Revision History:
  20. --*/
  22. #include "dbgkp.h"
  24. #ifdef ALLOC_PRAGMA
  25. #pragma alloc_text(PAGE, DbgkpSuspendProcess)
  26. #pragma alloc_text(PAGE, DbgkpResumeProcess)
  27. #pragma alloc_text(PAGE, DbgkpSectionToFileHandle)
  28. #pragma alloc_text(PAGE, DbgkCreateThread)
  29. #pragma alloc_text(PAGE, DbgkExitThread)
  30. #pragma alloc_text(PAGE, DbgkExitProcess)
  31. #pragma alloc_text(PAGE, DbgkMapViewOfSection)
  32. #pragma alloc_text(PAGE, DbgkUnMapViewOfSection)
  33. #endif
  37. BOOLEAN
  38. DbgkpSuspendProcess (
  39. VOID
  40. )
  42. /*++
  44. Routine Description:
  46. This function causes all threads in the calling process except for
  47. the calling thread to suspend.
  49. Arguments:
  51. CreateDeleteLockHeld - Supplies a flag that specifies whether or not
  52. the caller is holding the process create delete lock. If the
  53. caller holds the lock, than this function will not aquire the
  54. lock before suspending the process.
  56. Return Value:
  58. None.
  60. --*/
  62. {
  63. PAGED_CODE();
  65. //
  66. // Freeze the execution of all threads in the current process, but
  67. // the calling thread. If we are in the process of being deleted don't do this.
  68. //
  69. if ((PsGetCurrentProcess()->Flags&PS_PROCESS_FLAGS_PROCESS_DELETE) == 0) {
  70. KeFreezeAllThreads();
  71. return TRUE;
  72. }
  74. return FALSE;
  75. }
  77. VOID
  78. DbgkpResumeProcess (
  79. VOID
  80. )
  82. /*++
  84. Routine Description:
  86. This function causes all threads in the calling process except for
  87. the calling thread to resume.
  89. Arguments:
  91. CreateDeleteLockHeld - Supplies a flag that specifies whether or not
  92. the caller is holding the process create delete lock. If the
  93. caller holds the lock, than this function will not aquire the
  94. lock before suspending the process.
  96. Return Value:
  98. None.
  100. --*/
  102. {
  104. PAGED_CODE();
  106. //
  107. // Thaw the execution of all threads in the current process, but
  108. // the calling thread.
  109. //
  111. KeThawAllThreads();
  113. return;
  114. }
  116. HANDLE
  117. DbgkpSectionToFileHandle(
  118. IN PVOID SectionObject
  119. )
  121. /*++
  123. Routine Description:
  125. This function Opens a handle to the file associated with the processes
  126. section. The file is opened such that it can be dupped all the way to
  127. the UI where the UI can either map the file or read the file to get
  128. the debug info.
  130. Arguments:
  132. SectionHandle - Supplies a handle to the section whose associated file
  133. is to be opened.
  135. Return Value:
  137. NULL - The file could not be opened.
  139. NON-NULL - Returns a handle to the file associated with the specified
  140. section.
  142. --*/
  144. {
  145. NTSTATUS Status;
  146. ANSI_STRING FileName;
  147. UNICODE_STRING UnicodeFileName;
  148. OBJECT_ATTRIBUTES Obja;
  149. IO_STATUS_BLOCK IoStatusBlock;
  150. HANDLE Handle;
  152. PAGED_CODE();
  154. Status = MmGetFileNameForSection(SectionObject, (PSTRING)&FileName);
  155. if ( !NT_SUCCESS(Status) ) {
  156. return NULL;
  157. }
  159. Status = RtlAnsiStringToUnicodeString(&UnicodeFileName,&FileName,TRUE);
  160. ExFreePool(FileName.Buffer);
  161. if ( !NT_SUCCESS(Status) ) {
  162. return NULL;
  163. }
  165. InitializeObjectAttributes(
  166. &Obja,
  167. &UnicodeFileName,
  168. OBJ_CASE_INSENSITIVE | OBJ_FORCE_ACCESS_CHECK | OBJ_KERNEL_HANDLE,
  169. NULL,
  170. NULL
  171. );
  173. Status = ZwOpenFile(
  174. &Handle,
  175. (ACCESS_MASK)(GENERIC_READ | SYNCHRONIZE),
  176. &Obja,
  177. &IoStatusBlock,
  178. FILE_SHARE_DELETE | FILE_SHARE_READ | FILE_SHARE_WRITE,
  179. FILE_SYNCHRONOUS_IO_NONALERT
  180. );
  181. RtlFreeUnicodeString(&UnicodeFileName);
  182. if ( !NT_SUCCESS(Status) ) {
  183. return NULL;
  184. } else {
  185. return Handle;
  186. }
  187. }
  190. VOID
  191. DbgkCreateThread(
  192. PETHREAD Thread,
  193. PVOID StartAddress
  194. )
  196. /*++
  198. Routine Description:
  200. This function is called when a new thread begins to execute. If the
  201. thread has an associated DebugPort, then a message is sent thru the
  202. port.
  204. If this thread is the first thread in the process, then this event
  205. is translated into a CreateProcessInfo message.
  207. If a message is sent, then while the thread is awaiting a reply,
  208. all other threads in the process are suspended.
  210. Arguments:
  212. Thread - New thread just being started
  214. StartAddress - Supplies the start address for the thread that is
  215. starting.
  217. Return Value:
  219. None.
  221. --*/
  223. {
  224. PVOID Port;
  225. DBGKM_APIMSG m;
  226. PDBGKM_CREATE_THREAD CreateThreadArgs;
  227. PDBGKM_CREATE_PROCESS CreateProcessArgs;
  228. PEPROCESS Process;
  229. PDBGKM_LOAD_DLL LoadDllArgs;
  230. NTSTATUS Status;
  231. OBJECT_ATTRIBUTES Obja;
  232. IO_STATUS_BLOCK IoStatusBlock;
  233. PIMAGE_NT_HEADERS NtHeaders;
  234. PTEB Teb;
  235. ULONG OldFlags;
  236. #if defined(_WIN64)
  237. PVOID Wow64Process;
  238. #endif
  240. PAGED_CODE();
  242. Process = PsGetCurrentProcessByThread (Thread);
  244. #if defined(_WIN64)
  245. Wow64Process = Process->Wow64Process;
  246. #endif
  248. OldFlags = PS_TEST_SET_BITS (&Process->Flags, PS_PROCESS_FLAGS_CREATE_REPORTED|PS_PROCESS_FLAGS_IMAGE_NOTIFY_DONE);
  250. if ((OldFlags&PS_PROCESS_FLAGS_IMAGE_NOTIFY_DONE) == 0 && PsImageNotifyEnabled) {
  251. IMAGE_INFO ImageInfo;
  252. ANSI_STRING FileName;
  253. UNICODE_STRING UnicodeFileName;
  254. PUNICODE_STRING pUnicodeFileName;
  256. //
  257. // notification of main .exe
  258. //
  259. ImageInfo.Properties = 0;
  260. ImageInfo.ImageAddressingMode = IMAGE_ADDRESSING_MODE_32BIT;
  261. ImageInfo.ImageBase = Process->SectionBaseAddress;
  262. ImageInfo.ImageSize = 0;
  264. try {
  265. NtHeaders = RtlImageNtHeader (Process->SectionBaseAddress);
  267. if (NtHeaders) {
  268. #if defined(_WIN64)
  269. if (Wow64Process != NULL) {
  270. ImageInfo.ImageSize = DBGKP_FIELD_FROM_IMAGE_OPTIONAL_HEADER ((PIMAGE_NT_HEADERS32)NtHeaders, SizeOfImage);
  271. } else {
  272. #endif
  273. ImageInfo.ImageSize = DBGKP_FIELD_FROM_IMAGE_OPTIONAL_HEADER (NtHeaders, SizeOfImage);
  274. #if defined(_WIN64)
  275. }
  276. #endif
  277. }
  278. } except (EXCEPTION_EXECUTE_HANDLER) {
  279. ImageInfo.ImageSize = 0;
  280. }
  281. ImageInfo.ImageSelector = 0;
  282. ImageInfo.ImageSectionNumber = 0;
  284. pUnicodeFileName = NULL;
  285. Status = MmGetFileNameForSection (Process->SectionObject, (PSTRING)&FileName);
  286. if (NT_SUCCESS (Status)) {
  287. Status = RtlAnsiStringToUnicodeString (&UnicodeFileName, &FileName,TRUE);
  288. ExFreePool (FileName.Buffer);
  289. if (NT_SUCCESS (Status)) {
  290. pUnicodeFileName = &UnicodeFileName;
  291. }
  292. }
  293. PsCallImageNotifyRoutines (pUnicodeFileName,
  294. Process->UniqueProcessId,
  295. &ImageInfo);
  296. if (pUnicodeFileName != NULL) {
  297. RtlFreeUnicodeString (pUnicodeFileName);
  298. }
  300. //
  301. // and of ntdll.dll
  302. //
  303. ImageInfo.Properties = 0;
  304. ImageInfo.ImageAddressingMode = IMAGE_ADDRESSING_MODE_32BIT;
  305. ImageInfo.ImageBase = PsSystemDllBase;
  306. ImageInfo.ImageSize = 0;
  308. try {
  309. NtHeaders = RtlImageNtHeader (PsSystemDllBase);
  310. if ( NtHeaders ) {
  311. #if defined(_WIN64)
  312. if (Wow64Process != NULL) {
  313. ImageInfo.ImageSize = DBGKP_FIELD_FROM_IMAGE_OPTIONAL_HEADER ((PIMAGE_NT_HEADERS32)NtHeaders, SizeOfImage);
  314. } else {
  315. #endif
  316. ImageInfo.ImageSize = DBGKP_FIELD_FROM_IMAGE_OPTIONAL_HEADER (NtHeaders, SizeOfImage);
  317. #if defined(_WIN64)
  318. }
  319. #endif
  320. }
  321. } except(EXCEPTION_EXECUTE_HANDLER) {
  322. ImageInfo.ImageSize = 0;
  323. }
  325. ImageInfo.ImageSelector = 0;
  326. ImageInfo.ImageSectionNumber = 0;
  328. RtlInitUnicodeString (&UnicodeFileName,
  329. L"\\SystemRoot\\System32\\ntdll.dll");
  330. PsCallImageNotifyRoutines (&UnicodeFileName,
  331. Process->UniqueProcessId,
  332. &ImageInfo);
  333. }
  336. Port = Process->DebugPort;
  338. if (Port == NULL) {
  339. return;
  340. }
  342. //
  343. // Make sure we only get one create process message
  344. //
  346. if ((OldFlags&PS_PROCESS_FLAGS_CREATE_REPORTED) == 0) {
  348. //
  349. // This is a create process
  350. //
  352. CreateThreadArgs = &m.u.CreateProcessInfo.InitialThread;
  353. CreateThreadArgs->SubSystemKey = 0;
  355. CreateProcessArgs = &m.u.CreateProcessInfo;
  356. CreateProcessArgs->SubSystemKey = 0;
  357. CreateProcessArgs->FileHandle = DbgkpSectionToFileHandle(
  358. Process->SectionObject
  359. );
  360. CreateProcessArgs->BaseOfImage = Process->SectionBaseAddress;
  361. CreateThreadArgs->StartAddress = NULL;
  362. CreateProcessArgs->DebugInfoFileOffset = 0;
  363. CreateProcessArgs->DebugInfoSize = 0;
  365. try {
  367. NtHeaders = RtlImageNtHeader(Process->SectionBaseAddress);
  369. if ( NtHeaders ) {
  371. #if defined(_WIN64)
  372. if (Wow64Process != NULL) {
  373. CreateThreadArgs->StartAddress = UlongToPtr (DBGKP_FIELD_FROM_IMAGE_OPTIONAL_HEADER ((PIMAGE_NT_HEADERS32)NtHeaders, ImageBase) +
  374. DBGKP_FIELD_FROM_IMAGE_OPTIONAL_HEADER ((PIMAGE_NT_HEADERS32)NtHeaders, AddressOfEntryPoint));
  375. } else {
  376. #endif
  377. CreateThreadArgs->StartAddress = (PVOID) (DBGKP_FIELD_FROM_IMAGE_OPTIONAL_HEADER (NtHeaders, ImageBase) +
  378. DBGKP_FIELD_FROM_IMAGE_OPTIONAL_HEADER (NtHeaders, AddressOfEntryPoint));
  379. #if defined(_WIN64)
  380. }
  381. #endif
  383. //
  384. // The following fields are safe for Wow64 as the offsets are the same for a PE32+
  385. // as a PE32 header.
  386. //
  388. CreateProcessArgs->DebugInfoFileOffset = NtHeaders->FileHeader.PointerToSymbolTable;
  389. CreateProcessArgs->DebugInfoSize = NtHeaders->FileHeader.NumberOfSymbols;
  390. }
  391. } except (EXCEPTION_EXECUTE_HANDLER) {
  392. CreateThreadArgs->StartAddress = NULL;
  393. CreateProcessArgs->DebugInfoFileOffset = 0;
  394. CreateProcessArgs->DebugInfoSize = 0;
  395. }
  397. DBGKM_FORMAT_API_MSG(m,DbgKmCreateProcessApi,sizeof(*CreateProcessArgs));
  399. DbgkpSendApiMessage(&m,FALSE);
  401. if (CreateProcessArgs->FileHandle != NULL) {
  402. ObCloseHandle(CreateProcessArgs->FileHandle, KernelMode);
  403. }
  405. LoadDllArgs = &m.u.LoadDll;
  406. LoadDllArgs->BaseOfDll = PsSystemDllBase;
  407. LoadDllArgs->DebugInfoFileOffset = 0;
  408. LoadDllArgs->DebugInfoSize = 0;
  409. LoadDllArgs->NamePointer = NULL;
  411. Teb = NULL;
  412. try {
  413. NtHeaders = RtlImageNtHeader(PsSystemDllBase);
  414. if ( NtHeaders ) {
  415. LoadDllArgs->DebugInfoFileOffset = NtHeaders->FileHeader.PointerToSymbolTable;
  416. LoadDllArgs->DebugInfoSize = NtHeaders->FileHeader.NumberOfSymbols;
  417. }
  419. //
  420. // Normaly the ntdll loaded fills in this pointer for the debug API's. We fake it here
  421. // as ntdll isn't loaded yet and it can't load itself.
  422. //
  424. Teb = Thread->Tcb.Teb;
  425. if (Teb != NULL) {
  426. wcsncpy (Teb->StaticUnicodeBuffer,
  427. L"ntdll.dll",
  428. sizeof (Teb->StaticUnicodeBuffer) / sizeof (Teb->StaticUnicodeBuffer[0]));
  429. Teb->NtTib.ArbitraryUserPointer = Teb->StaticUnicodeBuffer;
  430. LoadDllArgs->NamePointer = &Teb->NtTib.ArbitraryUserPointer;
  431. }
  433. } except (EXCEPTION_EXECUTE_HANDLER) {
  434. LoadDllArgs->DebugInfoFileOffset = 0;
  435. LoadDllArgs->DebugInfoSize = 0;
  436. LoadDllArgs->NamePointer = NULL;
  437. }
  439. //
  440. // Send load dll section for NT dll !
  441. //
  443. InitializeObjectAttributes(
  444. &Obja,
  445. (PUNICODE_STRING)&PsNtDllPathName,
  446. OBJ_CASE_INSENSITIVE | OBJ_FORCE_ACCESS_CHECK | OBJ_KERNEL_HANDLE,
  447. NULL,
  448. NULL
  449. );
  451. Status = ZwOpenFile(
  452. &LoadDllArgs->FileHandle,
  453. (ACCESS_MASK)(GENERIC_READ | SYNCHRONIZE),
  454. &Obja,
  455. &IoStatusBlock,
  456. FILE_SHARE_DELETE | FILE_SHARE_READ | FILE_SHARE_WRITE,
  457. FILE_SYNCHRONOUS_IO_NONALERT
  458. );
  460. if (!NT_SUCCESS (Status)) {
  461. LoadDllArgs->FileHandle = NULL;
  462. }
  464. DBGKM_FORMAT_API_MSG(m,DbgKmLoadDllApi,sizeof(*LoadDllArgs));
  465. DbgkpSendApiMessage(&m,TRUE);
  467. if (LoadDllArgs->FileHandle != NULL) {
  468. ObCloseHandle(LoadDllArgs->FileHandle, KernelMode);
  469. }
  471. try {
  472. if (Teb != NULL) {
  473. Teb->NtTib.ArbitraryUserPointer = NULL;
  474. }
  475. } except (EXCEPTION_EXECUTE_HANDLER) {
  476. }
  478. } else {
  480. CreateThreadArgs = &m.u.CreateThread;
  481. CreateThreadArgs->SubSystemKey = 0;
  482. CreateThreadArgs->StartAddress = StartAddress;
  484. DBGKM_FORMAT_API_MSG (m,DbgKmCreateThreadApi,sizeof(*CreateThreadArgs));
  486. DbgkpSendApiMessage (&m,TRUE);
  487. }
  488. }
  490. VOID
  491. DbgkExitThread(
  492. NTSTATUS ExitStatus
  493. )
  495. /*++
  497. Routine Description:
  499. This function is called when a new thread terminates. At this
  500. point, the thread will no longer execute in user-mode. No other
  501. exit processing has occured.
  503. If a message is sent, then while the thread is awaiting a reply,
  504. all other threads in the process are suspended.
  506. Arguments:
  508. ExitStatus - Supplies the ExitStatus of the exiting thread.
  510. Return Value:
  512. None.
  514. --*/
  516. {
  517. PVOID Port;
  518. DBGKM_APIMSG m;
  519. PDBGKM_EXIT_THREAD args;
  520. PEPROCESS Process;
  521. BOOLEAN Frozen;
  523. PAGED_CODE();
  525. Process = PsGetCurrentProcess();
  526. if (PsGetCurrentThread()->CrossThreadFlags&PS_CROSS_THREAD_FLAGS_HIDEFROMDBG) {
  527. Port = NULL;
  528. } else {
  529. Port = Process->DebugPort;
  530. }
  532. if ( !Port ) {
  533. return;
  534. }
  536. if (PsGetCurrentThread()->CrossThreadFlags&PS_CROSS_THREAD_FLAGS_DEADTHREAD) {
  537. return;
  538. }
  540. args = &m.u.ExitThread;
  541. args->ExitStatus = ExitStatus;
  543. DBGKM_FORMAT_API_MSG(m,DbgKmExitThreadApi,sizeof(*args));
  545. Frozen = DbgkpSuspendProcess();
  547. DbgkpSendApiMessage(&m,FALSE);
  549. if (Frozen) {
  550. DbgkpResumeProcess();
  551. }
  552. }
  554. VOID
  555. DbgkExitProcess(
  556. NTSTATUS ExitStatus
  557. )
  559. /*++
  561. Routine Description:
  563. This function is called when a process terminates. The address
  564. space of the process is still intact, but no threads exist in
  565. the process.
  567. Arguments:
  569. ExitStatus - Supplies the ExitStatus of the exiting process.
  571. Return Value:
  573. None.
  575. --*/
  577. {
  578. PVOID Port;
  579. DBGKM_APIMSG m;
  580. PDBGKM_EXIT_PROCESS args;
  581. PEPROCESS Process;
  583. PAGED_CODE();
  585. Process = PsGetCurrentProcess();
  587. if (PsGetCurrentThread()->CrossThreadFlags&PS_CROSS_THREAD_FLAGS_HIDEFROMDBG) {
  588. Port = NULL;
  589. } else {
  590. Port = Process->DebugPort;
  591. }
  593. if ( !Port ) {
  594. return;
  595. }
  597. if (PsGetCurrentThread()->CrossThreadFlags&PS_CROSS_THREAD_FLAGS_DEADTHREAD) {
  598. return;
  599. }
  601. //
  602. // this ensures that other timed lockers of the process will bail
  603. // since this call is done while holding the process lock, and lock duration
  604. // is controlled by debugger
  605. //
  606. KeQuerySystemTime(&PsGetCurrentProcess()->ExitTime);
  608. args = &m.u.ExitProcess;
  609. args->ExitStatus = ExitStatus;
  611. DBGKM_FORMAT_API_MSG(m,DbgKmExitProcessApi,sizeof(*args));
  613. DbgkpSendApiMessage(&m,FALSE);
  615. }
  617. VOID
  618. DbgkMapViewOfSection(
  619. IN PVOID SectionObject,
  620. IN PVOID BaseAddress,
  621. IN ULONG SectionOffset,
  622. IN ULONG_PTR ViewSize
  623. )
  625. /*++
  627. Routine Description:
  629. This function is called when the current process successfully
  630. maps a view of an image section. If the process has an associated
  631. debug port, then a load dll message is sent.
  633. Arguments:
  635. SectionObject - Supplies a pointer to the section mapped by the
  636. process.
  638. BaseAddress - Supplies the base address of where the section is
  639. mapped in the current process address space.
  641. SectionOffset - Supplies the offset in the section where the
  642. processes mapped view begins.
  644. ViewSize - Supplies the size of the mapped view.
  646. Return Value:
  648. None.
  650. --*/
  652. {
  654. PVOID Port;
  655. DBGKM_APIMSG m;
  656. PDBGKM_LOAD_DLL LoadDllArgs;
  657. PEPROCESS Process;
  658. PIMAGE_NT_HEADERS NtHeaders;
  660. PAGED_CODE();
  662. UNREFERENCED_PARAMETER (SectionOffset);
  663. UNREFERENCED_PARAMETER (ViewSize);
  665. if ( KeGetPreviousMode() == KernelMode ) {
  666. return;
  667. }
  669. Process = PsGetCurrentProcess();
  671. if (PsGetCurrentThread()->CrossThreadFlags&PS_CROSS_THREAD_FLAGS_HIDEFROMDBG) {
  672. Port = NULL;
  673. } else {
  674. Port = Process->DebugPort;
  675. }
  677. if ( !Port ) {
  678. return;
  679. }
  681. LoadDllArgs = &m.u.LoadDll;
  682. LoadDllArgs->FileHandle = DbgkpSectionToFileHandle(SectionObject);
  683. LoadDllArgs->BaseOfDll = BaseAddress;
  684. LoadDllArgs->DebugInfoFileOffset = 0;
  685. LoadDllArgs->DebugInfoSize = 0;
  687. //
  688. // The loader fills in the module name in this pointer before mapping the section.
  689. // Its a very poor linkage.
  690. //
  692. LoadDllArgs->NamePointer = &NtCurrentTeb()->NtTib.ArbitraryUserPointer;
  694. try {
  696. NtHeaders = RtlImageNtHeader (BaseAddress);
  698. if (NtHeaders != NULL) {
  699. LoadDllArgs->DebugInfoFileOffset = NtHeaders->FileHeader.PointerToSymbolTable;
  700. LoadDllArgs->DebugInfoSize = NtHeaders->FileHeader.NumberOfSymbols;
  701. }
  703. } except (EXCEPTION_EXECUTE_HANDLER) {
  705. LoadDllArgs->DebugInfoFileOffset = 0;
  706. LoadDllArgs->DebugInfoSize = 0;
  707. LoadDllArgs->NamePointer = NULL;
  709. }
  711. DBGKM_FORMAT_API_MSG(m,DbgKmLoadDllApi,sizeof(*LoadDllArgs));
  713. DbgkpSendApiMessage(&m,TRUE);
  714. if (LoadDllArgs->FileHandle != NULL) {
  715. ObCloseHandle(LoadDllArgs->FileHandle, KernelMode);
  716. }
  717. }
  719. VOID
  720. DbgkUnMapViewOfSection(
  721. IN PVOID BaseAddress
  722. )
  724. /*++
  726. Routine Description:
  728. This function is called when the current process successfully
  729. un maps a view of an image section. If the process has an associated
  730. debug port, then an "unmap view of section" message is sent.
  732. Arguments:
  734. BaseAddress - Supplies the base address of the section being
  735. unmapped.
  737. Return Value:
  739. None.
  741. --*/
  743. {
  745. PVOID Port;
  746. DBGKM_APIMSG m;
  747. PDBGKM_UNLOAD_DLL UnloadDllArgs;
  748. PEPROCESS Process;
  750. PAGED_CODE();
  752. Process = PsGetCurrentProcess();
  754. if ( KeGetPreviousMode() == KernelMode ) {
  755. return;
  756. }
  758. if (PsGetCurrentThread()->CrossThreadFlags&PS_CROSS_THREAD_FLAGS_HIDEFROMDBG) {
  759. Port = NULL;
  760. } else {
  761. Port = Process->DebugPort;
  762. }
  764. if ( !Port ) {
  765. return;
  766. }
  768. UnloadDllArgs = &m.u.UnloadDll;
  769. UnloadDllArgs->BaseAddress = BaseAddress;
  771. DBGKM_FORMAT_API_MSG(m,DbgKmUnloadDllApi,sizeof(*UnloadDllArgs));
  773. DbgkpSendApiMessage(&m,TRUE);
  774. }