|
|
/*++
Copyright (c) 1989 Microsoft Corporation
Module Name:
dbgkp.h
Abstract:
This header file describes private data structures and functions that make up the kernel mode portion of the Dbg subsystem.
Author:
Mark Lucovsky (markl) 19-Jan-1990
[Environment:]
optional-environment-info (e.g. kernel mode only...)
[Notes:]
optional-notes
Revision History:
--*/
#ifndef _DBGKP_
#define _DBGKP_
#pragma warning(disable:4214) // bit field types other than int
#pragma warning(disable:4201) // nameless struct/union
#pragma warning(disable:4324) // alignment sensitive to declspec
#pragma warning(disable:4127) // condition expression is constant
#pragma warning(disable:4115) // named type definition in parentheses
#include "ntos.h"
#define NOEXTAPI
#include "wdbgexts.h"
#include "ntdbg.h"
#include <zwapi.h>
#include <string.h>
#if defined(_WIN64)
#include <wow64t.h>
#endif
#define DEBUG_EVENT_READ (0x01) // Event had been seen by win32 app
#define DEBUG_EVENT_NOWAIT (0x02) // No waiter one this. Just free the pool
#define DEBUG_EVENT_INACTIVE (0x04) // The message is in inactive. It may be activated or deleted later
#define DEBUG_EVENT_RELEASE (0x08) // Release rundown protection on this thread
#define DEBUG_EVENT_PROTECT_FAILED (0x10) // Rundown protection failed to be acquired on this thread
#define DEBUG_EVENT_SUSPEND (0x20) // Resume thread on continue
#define DBGKP_FIELD_FROM_IMAGE_OPTIONAL_HEADER(hdrs,field) \
((hdrs)->OptionalHeader.##field)
typedef struct _DEBUG_EVENT { LIST_ENTRY EventList; // Queued to event object through this
KEVENT ContinueEvent; CLIENT_ID ClientId; PEPROCESS Process; // Waiting process
PETHREAD Thread; // Waiting thread
NTSTATUS Status; // Status of operation
ULONG Flags; PETHREAD BackoutThread; // Backout key for faked messages
DBGKM_APIMSG ApiMsg; // Message being sent
} DEBUG_EVENT, *PDEBUG_EVENT;
NTSTATUSDbgkpSendApiMessage( IN OUT PDBGKM_APIMSG ApiMsg, IN BOOLEAN SuspendProcess );
BOOLEANDbgkpSuspendProcess( VOID );
VOIDDbgkpResumeProcess( VOID );
HANDLEDbgkpSectionToFileHandle( IN PVOID SectionObject );
VOIDDbgkpDeleteObject ( IN PVOID Object );
VOIDDbgkpCloseObject ( IN PEPROCESS Process, IN PVOID Object, IN ACCESS_MASK GrantedAccess, IN ULONG_PTR ProcessHandleCount, IN ULONG_PTR SystemHandleCount );
NTSTATUSDbgkpQueueMessage ( IN PEPROCESS Process, IN PETHREAD Thread, IN OUT PDBGKM_APIMSG ApiMsg, IN ULONG Flags, IN PDEBUG_OBJECT TargetDebugObject );
VOIDDbgkpOpenHandles ( PDBGUI_WAIT_STATE_CHANGE WaitStateChange, PEPROCESS Process, PETHREAD Thread );
VOIDDbgkpMarkProcessPeb ( PEPROCESS Process );
VOIDDbgkpConvertKernelToUserStateChange ( IN OUT PDBGUI_WAIT_STATE_CHANGE WaitStateChange, IN PDEBUG_EVENT DebugEvent );
NTSTATUSDbgkpSendApiMessageLpc( IN OUT PDBGKM_APIMSG ApiMsg, IN PVOID Port, IN BOOLEAN SuspendProcess );
VOIDDbgkpFreeDebugEvent ( IN PDEBUG_EVENT DebugEvent );
NTSTATUSDbgkpPostFakeProcessCreateMessages ( IN PEPROCESS Process, IN PDEBUG_OBJECT DebugObject, IN PETHREAD *pLastThread );
NTSTATUSDbgkpPostFakeModuleMessages ( IN PEPROCESS Process, IN PETHREAD Thread, IN PDEBUG_OBJECT DebugObject );
NTSTATUSDbgkpPostFakeThreadMessages ( IN PEPROCESS Process, IN PDEBUG_OBJECT DebugObject, IN PETHREAD StartThread, OUT PETHREAD *pFirstThread, OUT PETHREAD *pLastThread );
NTSTATUSDbgkpPostAdditionalThreadMessages ( IN PEPROCESS Process, IN PDEBUG_OBJECT DebugObject, IN PETHREAD LastThread );
VOIDDbgkpWakeTarget ( IN PDEBUG_EVENT DebugEvent );
NTSTATUSDbgkpSetProcessDebugObject ( IN PEPROCESS Process, IN PDEBUG_OBJECT DebugObject, IN NTSTATUS MsgStatus, IN PETHREAD LastThread );
#endif // _DBGKP_
|
