mirror of https://github.com/tongzx/nt5src
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
948 lines
36 KiB
948 lines
36 KiB
/************************************************************************/
|
|
/* */
|
|
/* OBJECT.H -- General Object Manager Definitions */
|
|
/* */
|
|
/************************************************************************/
|
|
/* Author: Gene Apperson */
|
|
/* Copyright: 1991 Microsoft */
|
|
/************************************************************************/
|
|
/* File Description: */
|
|
/* */
|
|
/* */
|
|
/************************************************************************/
|
|
/* Revision History: */
|
|
/* */
|
|
/* */
|
|
/************************************************************************/
|
|
|
|
// This file may have been implicitly included if the client included KERNEL32.H
|
|
// If so, we don't need to define and declare everything again. We match this
|
|
// directive at the bottom of the file.
|
|
#ifndef typObjAny
|
|
|
|
/* ------------------------------------------------------------ */
|
|
/* Object Type Codes */
|
|
/* ------------------------------------------------------------ */
|
|
|
|
#define typObjSemaphore 1
|
|
#define typObjEvent 2
|
|
#define typObjMutex 3
|
|
#define typObjCrst 4
|
|
#define typObjTimer 5
|
|
#define typObjProcess 6
|
|
#define typObjThread 7
|
|
#define typObjFile 8
|
|
#define typObjChange 9
|
|
#define typObjConsole 10
|
|
#define typObjIO 11
|
|
#define typObjConScreenbuf 12
|
|
#define typObjMapFile 13
|
|
#define typObjSerial 14
|
|
#define typObjDevIOCtl 15
|
|
#define typObjPipe 16
|
|
#define typObjMailslot 17
|
|
#define typObjToolhelp 18
|
|
#define typObjSocket 19
|
|
#define typObjR0ObjExt 20
|
|
#define typObjMsgIndicator 21
|
|
#ifdef WOW32_EXTENSIONS
|
|
#define typObjTDBX 22
|
|
#endif
|
|
#define typObjAny 0xffffffff
|
|
#define typObjNone 0
|
|
|
|
// to let us determine what type of object were dealing with in a
|
|
// wait condition
|
|
#define typObjFirstSync typObjSemaphore
|
|
#define typObjLastSync typObjTimer
|
|
#define typObjFirstWait typObjProcess
|
|
#define typObjLastWait typObjIO
|
|
|
|
#define typObjMaxValid typObjMsgIndicator
|
|
#define typObjShiftAdjust (-1)
|
|
|
|
/* ------------------------------------------------------------ */
|
|
/* Common Object Definition */
|
|
/* ------------------------------------------------------------ */
|
|
|
|
// This structure defines a generic object. There is an instance
|
|
// of this structure at the head of all objects in the system. The
|
|
// generic object manipulation functions operate on fields in this
|
|
// structure and call on the object specific manipulation functions
|
|
// based on the object type when necessary.
|
|
// IMPORTANT NOTE: all synchronization objects contain a field called
|
|
// pwnWait which must be at the same offset for all types. Since
|
|
// we are constrained by NT compatibility to keep critical section
|
|
// structures a certain size, you cannot change this structure
|
|
// without ensuring that this field is at the same offset in all
|
|
// sync objects and that critical sections are NT compatible in
|
|
// size.
|
|
typedef struct _obj {
|
|
BYTE typObj; // object type
|
|
BYTE objFlags; // object flags
|
|
WORD cntUses; // count of this objects usage
|
|
} OBJ;
|
|
|
|
typedef OBJ *POBJ;
|
|
|
|
#define fObjTypeSpecific 0x80 // meaning depends on object type
|
|
#define fObjTypeSpecific2 0x40 // meaning depends on object type
|
|
#define fObjTypeSpecific3 0x20 // meaning depends on object type
|
|
|
|
// type-specific objFlag bits.
|
|
#define fNewCrstBlock fObjTypeSpecific // (typObjCrst) high bit for thread blocked while crst owned
|
|
#define fEvtManualReset fObjTypeSpecific // (typObjEvent) set for manual reset
|
|
#define fTimerRing3 fObjTypeSpecific2 // (typObjTimer) timer has ring-3 completion
|
|
|
|
// Every object type contains a nested generic object as its first member
|
|
#define COMMON_OBJECT OBJ objBase;
|
|
|
|
// This is a generic non-synchronization object which can be waited on
|
|
// all of them include a pointer to an event object which is created when
|
|
// they are.
|
|
#define COMMON_NSOBJECT OBJ objBase; \
|
|
struct _evt *psyncEvt; // here's the embedded event
|
|
|
|
|
|
// This is the external object structure which is used to
|
|
// supply a Win32 handle to an external component's structure.
|
|
// e.g. Winsock socket handles
|
|
|
|
typedef struct _external_obj {
|
|
COMMON_OBJECT // it is an object
|
|
DWORD context; // typically a pointer for use by the external component
|
|
} EXTERNAL_OBJ, * PEXTERNAL_OBJ;
|
|
|
|
|
|
/* ------------------------------------------------------------ */
|
|
/* Synchronization Object & Structure Definition */
|
|
/* ------------------------------------------------------------ */
|
|
|
|
#define fWaitDefault 0 // default flags
|
|
#define fWaitAllFlag 1 // set for wait all, clear for wait any
|
|
#define fWaitCrst 2 // special critical section wait
|
|
|
|
typedef struct _wnod {
|
|
struct _wnod *pwnNext; // pointer to next in circular list
|
|
struct _wnod *pwnCirc; // pointer to wait node in next circular list
|
|
struct TDBX *ptdbxWait; // thread waiting
|
|
struct _synco *pobjWait; // object being waited on
|
|
} WNOD;
|
|
|
|
// Every object name is stored in a structure like this one. Each hash table entry
|
|
// points to a forward linked list of these structures.
|
|
typedef struct _objnamestruct {
|
|
struct _objnamestruct *NextOName; // next in hash list
|
|
OBJ *ObjPtr; // named object this refers to
|
|
char NameStr[1]; // name string
|
|
} OBJNAME;
|
|
|
|
// This is a generic synchronization object which is a subset of the other
|
|
// synchronization objects
|
|
typedef struct _synco {
|
|
COMMON_OBJECT
|
|
WNOD *pwnWait; // pointer to the wait node for this object
|
|
LONG cntCur; // current count to test state, != 0 is signaled
|
|
OBJNAME *NameStruct; // name structure for this object
|
|
} SYNCO;
|
|
|
|
// A semaphore object
|
|
// IMPORTANT NOTE: This structure must fit inside the NT KSEMAPHORE type, where
|
|
// sizeof(KSEMAPHORE) is 20.
|
|
typedef struct _sem {
|
|
COMMON_OBJECT
|
|
WNOD *pwnWait; // pointer to the wait node for this object
|
|
LONG cntCur; // current count of semaphore availability
|
|
OBJNAME *NameStruct; // name structure for this object
|
|
LONG cntMax; // maximum allowed count
|
|
} SEM;
|
|
|
|
// A Mutex
|
|
typedef struct _mutx {
|
|
COMMON_OBJECT
|
|
WNOD *pwnWait; // pointer to the wait node for this object
|
|
LONG cntCur; // current count of object
|
|
OBJNAME *NameStruct; // name structure for this object
|
|
struct TDBX *ptdbxOwner; // owner thread
|
|
struct _mutx *SysMutexLst; // system list of mutexes
|
|
} MUTX;
|
|
|
|
typedef MUTX *PMUTX;
|
|
|
|
// This structure defines a critical section. Although it has the
|
|
// typObj field, a critical section is not a true object. This limitation
|
|
// is to provide structure size compatibility with NT.
|
|
// IMPORTANT NOTE: Since the pwnWait is at a specific offset in order
|
|
// to use generic sync object functions, it is important not to
|
|
// reorder this structure's members unless absolutely necessary.
|
|
// If you do, be sure to look at the OBJ data type and other
|
|
// synchronization object types.
|
|
typedef struct _crst {
|
|
BYTE typObj; // type of object
|
|
BYTE objFlags; // object flags
|
|
WORD objPadding; // OBJ.cntUses not needed
|
|
LONG cntRecur; // recursion count of ownership
|
|
struct TDBX *ptdbxOwner; // owner thread of this critical section
|
|
struct TDBX *ptdbxWait; // pointer to the first waiting TDB
|
|
LONG cntCur; // count of critical section ownership
|
|
struct _crst *SysCrstLst; // system list of critical sections
|
|
LST *pdbLst; // list of owning processes
|
|
struct _crstexport *pextcrst; // pointer to external critical section
|
|
} CRST;
|
|
|
|
// This is the exported critical section structure which is used to
|
|
// indirectly access the internal critical section structure and cleanup.
|
|
typedef struct _crstexport {
|
|
COMMON_OBJECT // it is an object
|
|
CRST *crstInternal; // pointer to internal critical section
|
|
} CRST_EXPORT;
|
|
|
|
// This structure and defines make up an event object.
|
|
|
|
// IMPORTANT NOTE: This structure must fit inside the NT KEVENT type, where
|
|
// sizeof(KEVENT) is 16.
|
|
typedef struct _evt {
|
|
COMMON_OBJECT
|
|
WNOD *pwnWait; // pointer to the wait node for this object
|
|
LONG cntCur; // signaled state
|
|
OBJNAME *NameStruct; // name structure for this object
|
|
} EVT;
|
|
|
|
typedef EVT *PEVT;
|
|
|
|
// so we have access to generic NSOBJ's data structure
|
|
typedef struct _nsobj {
|
|
COMMON_NSOBJECT
|
|
} NSOBJ;
|
|
|
|
#define LCRST_DEFINED // disable duplicate definition in syslevel.h
|
|
|
|
// Include heirarchical critical section support
|
|
#include <syslevel.h>
|
|
|
|
|
|
// This is a heirarchical critical section used to ensure
|
|
// deadlock resistant code
|
|
typedef struct _lcrst {
|
|
CRST cstSync;
|
|
#ifdef SYSLEVELCHECK
|
|
SYSLVL slLevel;
|
|
#endif
|
|
} LCRST;
|
|
|
|
typedef LCRST *LPLCRST;
|
|
|
|
typedef struct _createdata16 {
|
|
LPVOID pProcessInfo; // LPPROCESS_INFORMATION
|
|
LPVOID pStartupInfo; // LPSTARTUPINFO
|
|
LPVOID pCmdLine; // points to command line
|
|
} CREATEDATA16;
|
|
|
|
// Include the TIB definition
|
|
#include <k32share.h>
|
|
#include <apc.h>
|
|
|
|
#define TLS_MINIMUM_AVAILABLE_GLOBAL 8
|
|
|
|
// Thread Data Block structure.
|
|
//
|
|
// !!!! BUGBUG !!!!
|
|
// This definition is duplicated in object.inc and core\inc\object16.inc
|
|
//
|
|
typedef struct _tdb
|
|
{
|
|
COMMON_NSOBJECT // standard waitable non-synchronization object
|
|
#ifdef WOW
|
|
TIB * ptib; // Thread Information Block--from k32share.h
|
|
#else // WOW
|
|
TIB tib; // Thread Information Block--from k32share.h
|
|
#endif ; else WOW
|
|
// opengl32 depend on TslArray at offset 0x88 from pTIB. Someone has remove the ppdbProc
|
|
// and wnodLst probably for good reasons. But to keep apps happy, we will add 2 dowords back
|
|
// currently sizeof(TIB)==56
|
|
//struct _pdb* ppdbProc; // DON'T MOVE THIS RELATIVE TO tib!! (for M3 NTcompat)
|
|
DWORD cntHandles; // count of handles to this thread
|
|
WORD selEmul; // selector to 80x87 emulator data area
|
|
WORD selTib; // selector to the TIB for this process
|
|
DWORD dwStatus; // thread status/termination code
|
|
DWORD flFlags; // state of thread
|
|
DWORD dwPad1; // just to pad
|
|
|
|
//WNLST wnodLst; // embedded structure for synchronization
|
|
|
|
//
|
|
// keep R0ThreadHandle offset at 0x54 for Javasup.vxd
|
|
//
|
|
DWORD R0ThreadHandle; // ring 0 thread handle
|
|
|
|
// Warning !!! move dwPad2 below cus SAS 6.12 hardcoded pStackBase at offset 0x54 from
|
|
// pTib. It also used the defunc field pStackTerm ( now dwPad2 ). Whoever gave this
|
|
// internal structure to SAS is a bonehead.
|
|
// Break SAS and see what happen
|
|
|
|
WORD wMacroThunkSelStack16; // Used to be TIBSTRUCT.selStack16
|
|
WORD wPad;
|
|
VOID * pvMapSSTable; //Table of 16-bit ss's for flat thunks
|
|
DWORD dwCurSS; //Current default 16-bit ss for flat thunks
|
|
DWORD dwCurNegBase; //negative base of current default ss
|
|
VOID * pvThunkConnectList; //head of list of in-progress thunk handshakes
|
|
VOID * pvExcept16; //Head of 16-bit thread exception handler chain
|
|
PCONTEXT tdb_pcontext; // pointer to context. if 0, goto ring 0
|
|
HANDLE tdb_ihteDebugger; // thread handle for debugger
|
|
struct _der * tdb_pderDebugger; // pointer to debugger control block
|
|
DWORD ercError; // extended error code for last thread error
|
|
VOID * pvEmulData; // Pointer to emulator data area
|
|
VOID * pStackBase; // stack object base address
|
|
struct TDBX * ptdbx; // ring 0 per thread data pointer
|
|
// wnodLst is 8 bytes, tib has grown, only need 4 bytes here
|
|
DWORD dwPad2; // just to pad, see comment on ppdbProc.
|
|
|
|
LPVOID TlsArray[TLS_MINIMUM_AVAILABLE+TLS_MINIMUM_AVAILABLE_GLOBAL]; // thread local storage array
|
|
LONG tpDeltaPri; // delta from base priority class
|
|
TPITERM tdb_tpiterm;// tpi and termination data union
|
|
struct _createdata16 * pCreateData16; // ptr to creat data for 16-bit creat
|
|
DWORD dwAPISuspendCount; // suspend/resume api count
|
|
LPSTR lpLoadLibExDir; // ptr to LoadLibraryEx() dir
|
|
|
|
// For 16-bit threads only
|
|
WORD wSSBig; // selector of optional Big Stack
|
|
WORD wPad2;
|
|
DWORD lp16SwitchRec;
|
|
|
|
DWORD tdb_htoEndTask;
|
|
DWORD tdb_cMustCompletely;
|
|
|
|
#ifdef DEBUG
|
|
DWORD apiTraceReenterCount; // api trace reenter count
|
|
PWORD pSavedRip; // pointer to saved rip string from 16 bit krnl
|
|
LPVOID
|
|
TlsSetCallerArray[TLS_MINIMUM_AVAILABLE+TLS_MINIMUM_AVAILABLE_GLOBAL]; // caller's to TlsSetValue
|
|
#endif
|
|
#ifdef WOW
|
|
HANDLE hTerminate;
|
|
#endif
|
|
} TDB;
|
|
|
|
typedef TDB *PTDB;
|
|
|
|
#define TDBSTUBSIZE sizeof(TDB)
|
|
|
|
/* Flags for fields of TDB.flFlags
|
|
*/
|
|
|
|
#define fCreateThreadEvent 0x00000001
|
|
#define fCancelExceptionAbort 0x00000002
|
|
#define fOnTempStack 0x00000004
|
|
#define fGrowableStack 0x00000008
|
|
#define fDelaySingleStep 0x00000010
|
|
#define fOpenExeAsImmovableFile 0x00000020
|
|
#define fCreateSuspended 0x00000040
|
|
#define fStackOverflow 0x00000080
|
|
#define fNestedCleanAPCs 0x00000100
|
|
#define fWasOemNowAnsi 0x00000200
|
|
#define fOKToSetThreadOem 0x00000400
|
|
#define fTermCleanupStack 0x00000800
|
|
#define fInCreateProcess 0x00001000
|
|
#define fHoldDisplay 0x00002000
|
|
#define fHoldSystem 0x00004000
|
|
|
|
/* Flags for fields of PDB.flFlags
|
|
*/
|
|
|
|
#define fDebugSingle 0x00000001
|
|
#define fCreateProcessEvent 0x00000002
|
|
#define fExitProcessEvent 0x00000004
|
|
#define fWin16Process 0x00000008
|
|
#define fDosProcess 0x00000010
|
|
#define fConsoleProcess 0x00000020
|
|
#define fFileApisAreOem 0x00000040
|
|
#define fNukeProcess 0x00000080
|
|
#define fServiceProcess 0x00000100
|
|
#define fProcessCreated 0x00000200
|
|
#define fDllRedirection 0x00000400
|
|
#define fLoginScriptHack 0x00000800 //DOS app loaded into existing console and TSR'd
|
|
|
|
/* These bits can be in either the TDB or the PDB
|
|
*/
|
|
|
|
#define fSignaled 0x80000000
|
|
#define fInitError 0x40000000
|
|
#define fTerminated 0x20000000
|
|
#define fTerminating 0x10000000
|
|
#define fFaulted 0x08000000
|
|
#define fTHISFLAGISFREE 0x04000000
|
|
#define fNearlyTerminating 0x00800000
|
|
#define fDebugEventPending 0x00400000
|
|
#define fSendDLLNotifications 0x00200000
|
|
|
|
/* Process Data Block Structure and support defines and structures.
|
|
*/
|
|
|
|
typedef VOID (KERNENTRY *PFN_CONTROL)(DWORD CtrlType);
|
|
|
|
/* Environment data block for various per-process data including arguments,
|
|
** current directories, handles, and environment strings. This data block
|
|
** resides in the scratch heap.
|
|
*/
|
|
|
|
typedef struct _edb {
|
|
char * pchEnv; /* environment block (preceded by PchEnvHdr) */
|
|
DWORD unused; /* was cbEnvMax */
|
|
char * szCmdA; /* command line (ANSI copy)*/
|
|
char * szDir; /* current directory of process */
|
|
STARTUPINFO * lpStartupInfo; /* pointer to startup information */
|
|
HANDLE hStdIn; /* handle of standard in */
|
|
HANDLE hStdOut; /* handle of standard out */
|
|
HANDLE hStdErr; /* handle of standard error */
|
|
HANDLE hProc; /* handle to the owning process. */
|
|
struct _console * pInheritedConsole; /* Console to inherit if needed */
|
|
DWORD ctrlType; /* ctrlNone, ctrlC, ctrlBreak */
|
|
SEM * psemCtrl; /* Protects access to control data */
|
|
EVT * pevtCtrl; /* Control C or Break event */
|
|
TDB * ptdbCtrl; /* Control handler thread */
|
|
PFN_CONTROL * rgpfnCtrl; /* Array of Control C or Break handlers */
|
|
int cpfnCtrlMac; /* Last item in array */
|
|
int cpfnCtrlMax; /* Size of array */
|
|
char * rgszDirs[26]; /* array of drive directories */
|
|
LPWSTR szCmdW; /* command line (Unicode copy)*/
|
|
char * szDirO; /* current directory OEM copy*/
|
|
|
|
} EDB;
|
|
|
|
|
|
// We need a fake DOS MCB structure at the start of our Win32 environment
|
|
// block, because this block also doubles as the DOS environment for Win16
|
|
// apps.
|
|
struct _dosMCB {
|
|
BYTE type; // Set to 'M'
|
|
BYTE owner_lo; // Owner PSP
|
|
BYTE owner_hi;
|
|
BYTE size_lo; // Size (in paragraphs)
|
|
BYTE size_hi;
|
|
BYTE unused[11];
|
|
};
|
|
|
|
|
|
// PCHENVHDR: This header structure must precede the environment strings
|
|
// block pointed to by _edb->pchEnv. It contains the info about the
|
|
// block allocation.
|
|
typedef struct _pchEnvHdr {
|
|
DWORD dwSig; /* Signature: must be PCHENVHDR_SIG */
|
|
DWORD cbReserved; /* # of bytes reserved (must be page-size divisible) */
|
|
DWORD cbCommitted; /* # of bytes committed (must be page-size divisible) */
|
|
struct _pdb * ppdb; /* PDB32 who's context this belongs to. */
|
|
struct _dosMCB MCB; /* Fake DOS MCB for compatibility */
|
|
// Do not add any fields after the MCB. The MCB must immediately precede
|
|
// the environment strings for compatibility.
|
|
} PCHENVHDR, *LPPCHENVHDR;
|
|
|
|
#define PCHENVHDR_SIG 0x45484350 /* 'PCHE' */
|
|
|
|
|
|
// MODREF - a double, doubly linked list of module references.
|
|
// Each loaded module has its own MODREF record. Follow the
|
|
// nextMod element to get a list of modules owned by the process.
|
|
// Follow the nextPdb element to get a list of PDBs that refer
|
|
// to this module.
|
|
|
|
#define fModRecycle 0x8000 /* This modules read only sections
|
|
** should be recycled in context (i.e. before they go away)
|
|
*/
|
|
|
|
#define fModRetain 0x400 /* Used to prevent child from getting
|
|
** freed before the parent
|
|
*/
|
|
|
|
|
|
#define fModRefSnapped 0x200 /* This module's IATs are fixed up
|
|
** in this context (so what is
|
|
** 'fModFixupIAT' below?)
|
|
*/
|
|
|
|
#define fModPrivateResource 0x100/* the resource object has been privatized
|
|
** in this process. Attaches should not be
|
|
** made to the resource object.
|
|
*/
|
|
#define fModFixupIAT 0x80 /* the IAT has been already fixed
|
|
** up for debugging
|
|
*/
|
|
#define fModNoThrdNotify 0x40 /* doesn't need thread notifications */
|
|
|
|
#define fModHasStaticTLS 0x20 /* this module has static TLS */
|
|
|
|
#define fModRefShared 0x10 /* this MODREF is in a shared arena */
|
|
|
|
#define fModAttach 0x8 /* process attach notification has been sent
|
|
** to this module in this process context
|
|
*/
|
|
|
|
#define fModDebug 0x4 /* debug notification has been sent
|
|
** to the debugger for this module
|
|
*/
|
|
|
|
#define fModPrivate 0x2 /* the module has been privatized in this
|
|
** process. Attaches should not be made.
|
|
*/
|
|
#define fModBusy 0x1 /* set to detect dependency loops */
|
|
|
|
#define MOD_USAGE_MAX 0xffff
|
|
typedef struct _tagMODREF {
|
|
struct _tagMODREF
|
|
* nextMod, // next module in this process
|
|
* prevMod,
|
|
* nextPdb, // next process linked to this mod
|
|
* prevPdb;
|
|
IMTE imte; // index in module table
|
|
WORD usage; // reference count this process to this module
|
|
WORD flags; // fModFlags as set above
|
|
WORD cntRefs; // count of implicit references
|
|
struct _pdb *ppdb; // process that owns module
|
|
struct _tagMODREF *refs[1]; // implicit refs of this module, variable length
|
|
// Must be last item in structure
|
|
} MODREF;
|
|
|
|
// Entrypoints into WSOCK32.DLL
|
|
struct socket_epts {
|
|
DWORD recv;
|
|
DWORD arecv;
|
|
DWORD send;
|
|
DWORD asend;
|
|
DWORD close;
|
|
};
|
|
|
|
#define MAX_PROCESS_DWORD 1
|
|
|
|
typedef struct _pdb {
|
|
COMMON_NSOBJECT // standard waitable non-synchronization object
|
|
DWORD dwReserved1; // so that other offsets don't change
|
|
DWORD dwReserved2; // so that other offsets don't change
|
|
DWORD dwStatus; // process termination status code
|
|
DWORD wasDwImageBase; // Points to header of process (MZ + stub)
|
|
struct heapinfo_s *hheapLocal; // DON'T MOVE THIS!!! handle to heap in private memeory
|
|
DWORD hContext; // handle to process' private memory context
|
|
DWORD flFlags; // debugging and inheritance flags
|
|
PVOID pPsp; // linear address of PSP
|
|
WORD selPsp; // selector of the PSP for the process
|
|
SHORT imte; // index to module table entry for this process
|
|
SHORT cntThreads; // number of threads in this process
|
|
SHORT cntThreadsNotTerminated; // threads not past termination code
|
|
SHORT cntFreeLibRecurse; // keep track of recursion into FreeLibrary
|
|
SHORT R0ThreadCount; // ring 0 version of same
|
|
HANDLE hheapShared; // handle to heap in shared memory
|
|
DWORD hTaskWin16; // associated Win16 task handle
|
|
struct fvd_s * pFvd; // ptr to memory mapped file view descriptors
|
|
EDB * pedb; // pointer to environment data block
|
|
struct _htb * phtbHandles;
|
|
struct _pdb * ppdbParent; // pointer to PDB of parent process
|
|
MODREF * plstMod; // pointer to process module table list
|
|
struct _lst * plstTdb; // pointer to list of process threads
|
|
struct _dee * pdb_pdeeDebuggee; // pointer to debuggee control block
|
|
struct lhandle_s *plhFree; // Local heap free handle list head ptr
|
|
DWORD pid; // id, same as initial thread id
|
|
LCRST crstLoadLock; // per-process load synch (hierarchical)
|
|
struct _console * pConsole; // pointer to Console for this process
|
|
DWORD TlsIdxMask[((TLS_MINIMUM_AVAILABLE+31)/32)]; // mask of used TLS idxs
|
|
DWORD adw[MAX_PROCESS_DWORD]; // free-form storage
|
|
struct _pdb * ppdbPGroup; // process group this process belongs to (default 0)
|
|
MODREF * pModExe; // parent EXE ModRef record
|
|
LPTOP_LEVEL_EXCEPTION_FILTER pExceptionFilter; // set by SetUnhandledExceptionFilter
|
|
LONG pcPriClassBase; // priority value of this processes' pri class
|
|
struct heapinfo_s *hhi_procfirst; // linked list of heaps for this process
|
|
struct lharray_s *plhBlock; // local heap lhandle blocks
|
|
struct socket_epts * psock_epts; // socket entrypoints
|
|
struct _console * pconsoleProvider; // pconsole that winoldapp is providing.
|
|
WORD wEnvSel; // selman alloced DOS environment selector
|
|
WORD wErrorMode; // handling of critical errors
|
|
PEVT pevtLoadFinished; // waiting for load to be finished
|
|
WORD hUTState; // UT info
|
|
BYTE bProcessAcpiFlags; // ACPI flags for this process, see def below
|
|
BYTE bPad3;
|
|
LPCSTR lpCmdLineNoQuote; // Optional unquoted command line (apphack)
|
|
} PDB;
|
|
|
|
//
|
|
// Flags def for bProcessAcpiFlags
|
|
//
|
|
#define PROCESS_ACPI_FLAGS_WAKEUP_LT_DONT_CARE 0x00
|
|
#define PROCESS_ACPI_FLAGS_WAKEUP_LT_LOWEST_LATENCY 0x01
|
|
|
|
#define PDBSTUBSIZE sizeof(PDB)
|
|
|
|
typedef PDB *PPDB;
|
|
|
|
/* File Data Block Structure.
|
|
*/
|
|
|
|
/* SPECIAL NOTE on memory mapped files and cached file handles
|
|
* CreateFile(filename, FILE_FLAG_MM_CACHED_FILE_HANDLE);
|
|
* In this case the caller indicates an intention to later
|
|
* call CreateFileMapping(hFile, ...) and desires that the file
|
|
* handle we will using be a cached file handle.
|
|
* So we store away the filename and fsAccessDos in the FDB and
|
|
* in CreateFileMapping() retrieve the filename and flgs for use
|
|
* in implementing cached file handles, where extended handles are
|
|
* not available. eg. real-mode netware drivers
|
|
*/
|
|
|
|
|
|
typedef struct _cfh_id {
|
|
DWORD fsAccessDos; /* dos openfile flgs: used for cached fh
|
|
* of memory mapped files
|
|
*/
|
|
LPSTR lpFilename; /* filename stored only for
|
|
* cached Memory mapped files
|
|
* win32 loader modules and
|
|
* delete_on_close
|
|
*/
|
|
} CFH_ID;
|
|
|
|
typedef struct _fdb {
|
|
COMMON_NSOBJECT // standard waitable non-synchronization object
|
|
WORD hdevDos; /* DOS device handle */
|
|
WORD wDupSrcPSPSel; /* NETX: if inter-process dup'ed
|
|
* holds the PSP dup'ed from so that
|
|
* PSP will remain around till this
|
|
* handle gets closed.
|
|
*/
|
|
CFH_ID cfhid;
|
|
DWORD devNode; // The devvice node where the handle lives on
|
|
DWORD dwCountRequestDeviceWakeup;
|
|
} FDB, *PFDB;
|
|
|
|
/*
|
|
* Spl value for FDB.fsAccessDos to indicate that filename stored should be
|
|
* deleted on close.
|
|
*/
|
|
#define DELETE_ON_CLOSE_FILENAME -1
|
|
|
|
/* Find Change Notify Data Block Structure.
|
|
*/
|
|
|
|
typedef struct _fcndb {
|
|
COMMON_NSOBJECT // base of every ns object structure
|
|
DWORD hChangeInt; /* internal change handle */
|
|
} FCNDB;
|
|
|
|
typedef FCNDB *PFCNDB;
|
|
|
|
/* Pipe Data Block Structure.
|
|
*/
|
|
|
|
typedef struct _pipdb {
|
|
COMMON_OBJECT // base of every object structure
|
|
BYTE * hMem; // Mem handle of pipe
|
|
DWORD hNmPipe; // Named pipe handle (hInvalid if anon)
|
|
DWORD rdRef; // Ref count on read handle
|
|
DWORD wrRef; // Ref count on write handle
|
|
DWORD pszByt; // Size of hMem (pipe) in bytes
|
|
DWORD wPtr; // write pointer (offset in hMem)
|
|
// Pointer to last byte written
|
|
DWORD rPtr; // read pointer (offset in hMem)
|
|
// Pointer to next byte to read
|
|
EVT * wBlkEvnt; // write event handle (waiting for room to write)
|
|
EVT * rBlkEvnt; // read event handle (waiting for data to read)
|
|
} PIPDB;
|
|
|
|
/* MailSlot Data Block Structure.
|
|
*/
|
|
|
|
typedef struct _msdb {
|
|
COMMON_OBJECT // base of every object structure
|
|
LPSTR lpMSName; // Pnt to name of mailslot (== 0 for
|
|
// read (CreateMailslot) handle)
|
|
DWORD hMSDos; // INT 21 mailslot handle (== 0xFFFFFFFF
|
|
// for write (CreateFile) handle)
|
|
} MSDB;
|
|
|
|
/* ToolHelp Data Block Structure.
|
|
*/
|
|
|
|
typedef struct _tlhpdb {
|
|
COMMON_OBJECT // base of every object structure
|
|
DWORD ClassEntryCnt;
|
|
BYTE * ClassEntryList; // actually (CLASSENTRY32 *)
|
|
DWORD HeapListCnt;
|
|
BYTE * HeapList; // actually (HEAPLIST32 *)
|
|
DWORD ProcessEntryCnt;
|
|
BYTE * ProcessEntryList; // actually (PROCESSENTRY32 *)
|
|
DWORD ThreadEntryCnt;
|
|
BYTE * ThreadEntryList; // actually (TREADENTRY32 *)
|
|
DWORD ModuleEntryCnt;
|
|
BYTE * ModuleEntryList; // actually (MODULEENTRY32 *)
|
|
} TLHPDB;
|
|
|
|
/* Device IO Control Object
|
|
*/
|
|
typedef struct _diodb {
|
|
COMMON_OBJECT // base of every object structure
|
|
DWORD pDDB; /* VxD/device DDB */
|
|
LPSTR lpUnloadOnCloseModuleName; /* delete_on_close for a vxd */
|
|
char DDB_Name[8];
|
|
} DIODB;
|
|
|
|
/* Serial Data Block Structure
|
|
*/
|
|
|
|
#define OVERLAPPED_OPEN 1
|
|
#define READEVENT_INUSE 2
|
|
#define WRITEEVENT_INUSE 4
|
|
|
|
typedef struct _sdb {
|
|
COMMON_OBJECT // base of every object structure
|
|
DWORD SerialHandle;
|
|
EVT * pWriteEvent;
|
|
EVT * pReadEvent;
|
|
EVT * pWaitEvent;
|
|
DWORD Flags;
|
|
DWORD DevNode;
|
|
DWORD dwCountRequestDeviceWakeup;
|
|
} SDB;
|
|
|
|
typedef VOID (CALLBACK *PTIMER_APC_ROUTINE)(LPVOID,ULONG,LONG);
|
|
|
|
|
|
|
|
// Timer object.
|
|
//
|
|
// Notes:
|
|
// The timerdb must ALWAYS be pagelocked. This is consistent
|
|
// with the requirement that the structure passed to KeSetTimer
|
|
// be pagelocked. Furthermore, we use the non-preemptibility of
|
|
// of ring-0 code to serialize access to many parts of the structure
|
|
// (due to the fact that much of this code has to run at event time.)
|
|
// This non-preemptibility is guaranteed only if the structure is
|
|
// locked.
|
|
//
|
|
// Timers can be created at ring-0 or ring-3. If a timer is created at
|
|
// ring-3, the memory is always allocated and deallocated by kernel32.
|
|
// Kernel32 also makes sure that an explicit canceltimer is always done
|
|
// on the timer before it is finally freed - we depend on this fact
|
|
// to do the proper cleanup for timerr3apc's.
|
|
//
|
|
// Timers created at ring-3 can be passed to Ke* routines.
|
|
//
|
|
// Timers created at ring-0 cannot be passed to SetWaitableTimer() at
|
|
// ring-3. (There are some nasty cleanup problems associated with this
|
|
// due to the fact that ring-0 timers are freed by the device driver
|
|
// with no notification given to the system.)
|
|
//
|
|
// We use the cntUses field to determine whether a timer was created
|
|
// at ring 3.
|
|
//
|
|
// Synchronization:
|
|
//
|
|
// typObj Static, none needed
|
|
// objFlags
|
|
// fTimerIsRing3 by being in a no-preempt section
|
|
// cntUses Used by handle manager
|
|
// pwnWait WaitR0
|
|
// cntCur WaitR0 [w/ one exception: see [1])
|
|
// NameStruct Krn32Lock - used only at ring3
|
|
// lpNextTimerDb by being in a no-preempt section
|
|
// hTimeout by being in a no-preempt section
|
|
// DueTime by being in a no-preempt section
|
|
// Completion by being in a no-preempt section
|
|
// lPeriod by being in a no-preempt section
|
|
//
|
|
// [1] Because KeSetTimer has to unsignal the timer, and be
|
|
// able to do it at event time, it pokes a zero directly
|
|
// into cntCur. But this is ok because the only code
|
|
// that signals timers is TimerDoTimeout which is
|
|
// non-preemptive.
|
|
//
|
|
// Flag descriptions:
|
|
//
|
|
// fTimerIsEventHandle
|
|
// hTimeout - a timeout handle
|
|
//
|
|
// fTimerIsRing3
|
|
// If the COMPLETION is non-null, this bit indicates whether the
|
|
// COMPLETION points to a TIMERR3APC (ring-3 completion) or a KDPC
|
|
// (ring-0 completion.) The value of this bit is undefined at any
|
|
// other time.
|
|
//
|
|
// Field descriptions:
|
|
//
|
|
// <common-obj and common-sync stuff omitted>
|
|
//
|
|
// lpNextTimerDb:
|
|
// All active timers that were set with fResume TRUE are linked into
|
|
// TimerSysLst (for the purpose of knowing how to program the power
|
|
// timer.) This field is NULL when the timer is inactive or active
|
|
// without fResume.
|
|
//
|
|
// hTimeout:
|
|
// If the timer is active, this field contains the handle to the
|
|
// underlying VMM hTimeout. If the timer is inactive, this
|
|
// field is NULL. If the timer is in the in-progress state,
|
|
// this field is undefined (actually points to a stale VMM timeout
|
|
// handle!)
|
|
//
|
|
//
|
|
// DueTime:
|
|
// If the timer is active, contains the absolute time that the
|
|
// timer is due to go off. Expressed as a FILETIME converted from
|
|
// GetSystemTime. Undefined if the timer isn't active.
|
|
//
|
|
// Completion:
|
|
// Then contains either:
|
|
// NULL - no completion was set
|
|
// LPTIMERR3APC - if fTimerIsRing3 is set
|
|
// PKDPC - if fTimerIsRing3 is not set.
|
|
//
|
|
// Note that it is normal for a timer to be inactive and contain
|
|
// a pointer to a TIMERR3APC structure. This case occurs when
|
|
// a timer set with a ring-3 completion fires normally. The
|
|
// TIMERR3APC structure is kept around so that a subsequent
|
|
// CancelWaitableTimer() can retrieve the underlying apc handle
|
|
// embedded in it.
|
|
//
|
|
// lPeriod:
|
|
// Contains either 0 for a one-shot timer or a positive value
|
|
// (the firing period in milliseconds.)
|
|
|
|
|
|
typedef struct _timerdb {
|
|
COMMON_OBJECT // standard waitable non-synchronization object
|
|
|
|
// These fields have to appear in this form because a timer is a sync object.
|
|
WNOD *pwnWait; // pointer to the wait node for this object
|
|
LONG cntCur; // signaled state
|
|
OBJNAME *NameStruct; // name structure for this object
|
|
|
|
// These fields are timer-specific.
|
|
struct _timerdb *lpNextTimerDb; //Link in TimerSysLst (can be NULL)
|
|
DWORD hTimeout;
|
|
FILETIME DueTime;
|
|
DWORD Completion;
|
|
LONG lPeriod; //Optional period
|
|
// Try not to add new fields. This structure cannot exceed 40 bytes
|
|
// or we break compatibility with NT's Ke api. If you try to hang
|
|
// another structure off it, remember that the Ke*Timer apis can't
|
|
// allocate memory from the heap (system meltdown if these apis
|
|
// are called at event time on a system that's paging thru DOS.)
|
|
|
|
} TIMERDB, *LPTIMERDB;
|
|
|
|
|
|
//
|
|
// A dynamic extension to the timerdb that's used whenever a ring-3 timer
|
|
// is armed with a completion function. This structure must live in locked
|
|
// memory.
|
|
//
|
|
// Access to this structure is serialized by being in a no-preempt section.
|
|
// There are no semaphores guarding it.
|
|
//
|
|
// This structure is allocated whenever SetWaitableTimer() is called on a
|
|
// timer with a non-null completion function. It's stored in the Completion
|
|
// field and the fTimerIsRing3 bit is set to indicate that this a TIMERR3APC
|
|
// (opposed to a ring-0 DPC.)
|
|
//
|
|
// This structure is detached from the timerdb on the next call to
|
|
// CancelWaitableTimer(). It's also usually freed at this time except
|
|
// if a cancel occurs after the last apc has been delivered but TimerApcHandler
|
|
// hasn't yet set fHandlerDone to indicate that's it finished using the
|
|
// structure. In this case, we can't free it so we instead link it onto
|
|
// the TimerDisposalWaitingList. When fHandlerDone does become TRUE,
|
|
// it will be available for pickup the next time we need one of these
|
|
// structures.
|
|
//
|
|
// The automatic rearming of a periodic timer reuses the existing
|
|
// TIMERR3APC. It checks the fHandleDone: if the handler hasn't
|
|
// finished (or begun) on the previous apc, we don't schedule a new
|
|
// one (as per specs).
|
|
//
|
|
// Fields:
|
|
// cRef - reference count
|
|
// pfnCompletion - Ptr to ring-3 completion (never NULL)
|
|
// lpCompletionArg - uninterpreted argument to pfnCompletion
|
|
// R0ThreadHandle - thread that called SetWaitableTimer()
|
|
// DueTime - trigger time to pass to pfnCompletion. This
|
|
// field isn't set until the timer goes off.
|
|
// dwApcHandle - if apc has been queued, contains the underlying
|
|
// apc handle. NULL otherwise. This apc handle gets
|
|
// freed at the same time we free the TIMERR3APC
|
|
// (or in the case of a periodic timer, when we
|
|
// reuse the structure for the next arming.)
|
|
// lpNext - Used for linking in TimerDisposalWaitingList,
|
|
// undefined otherwise.
|
|
//
|
|
//
|
|
//
|
|
typedef struct _timerr3apc {
|
|
|
|
DWORD cRef;
|
|
PTIMER_APC_ROUTINE pfnCompletion; //completion routine
|
|
LPVOID lpCompletionArg; //arg to pass to pfnCompletion
|
|
DWORD ApcTdbx; //thread that set the timer
|
|
FILETIME DueTime; //the DueTime passed to completion
|
|
DWORD dwApcHandle; //underlying apc handle
|
|
struct _timerr3apc *lpNext; //next ptr
|
|
LPTIMERDB lpTimerDB; // back pointer to my TimerDB
|
|
} TIMERR3APC, *LPTIMERR3APC;
|
|
|
|
|
|
|
|
// Ring 0 External Object.
|
|
//
|
|
// Kernel object used to store data about an externally allocated object. VxDs
|
|
// can use the VWIN32_AllocExternalHandle service to make a Win32 handle for
|
|
// one of their data structures and return the handle back to a Win32 app.
|
|
// An application may use this handle to communicate with the VxD, ideally
|
|
// through the DeviceIoControl interface. The VxD can get back to the original
|
|
// object by using the VWIN32_UseExternalObject service. When the VxD is
|
|
// through using the object, it must call VWIN32_UnuseExternalObject.
|
|
//
|
|
// Because the handle returned by VWIN32_AllocExternalHandle is a standard
|
|
// Win32 handle, all of the standard Win32 handle services, such as
|
|
// DuplicateHandle, will work with it. In addition, when a process terminates,
|
|
// the object cleanup is automatically performed. Thus, a VxD doesn't have to
|
|
// watch process notification messages just to check if a per-process data
|
|
// structure should be cleaned-up.
|
|
//
|
|
// When allocating the Win32 handle, the VxD provides a virtual table (vtbl) of
|
|
// functions to invoke whenever type specific handle operations are performed.
|
|
// For example, when the usage count of an object goes to zero, the vtbl is
|
|
// used to notify the VxD that the external object should be released.
|
|
|
|
struct _R0OBJTYPETABLE; // Forward reference (in vwin32.h)
|
|
|
|
typedef struct _r0objext {
|
|
COMMON_NSOBJECT
|
|
DWORD cntExternalUses;
|
|
struct _R0OBJTYPETABLE* pR0ObjTypeTable;
|
|
LPVOID pR0ObjBody;
|
|
ULONG devNode;
|
|
} R0OBJEXT, * PR0OBJEXT;
|
|
|
|
|
|
//
|
|
// objTypMsgIndicator
|
|
//
|
|
|
|
typedef struct _MsgIndicatorDb {
|
|
COMMON_NSOBJECT
|
|
ULONG ulMsgCount;
|
|
} MSGINDICATORDB, *PMSGINDICATORDB;
|
|
|
|
/* ------------------------------------------------------------ */
|
|
/* Function Prototypes
|
|
/* ------------------------------------------------------------ */
|
|
|
|
GLOBAL VOID KERNENTRY UseObject (VOID *); // incs usage count
|
|
GLOBAL OBJ * KERNENTRY NewObject (DWORD, BYTE); // allocates generic obj of size and type
|
|
GLOBAL VOID KERNENTRY DisposeObject (OBJ *); // deallocates generic object
|
|
GLOBAL BOOL KERNENTRY FUnuseObject (VOID *); // decs usage count
|
|
GLOBAL OBJ * KERNENTRY PobjDupObject (OBJ *, PDB *, PDB *); // duplicates pointer to object
|
|
GLOBAL VOID KERNENTRY LockObject(OBJ *);
|
|
GLOBAL VOID KERNENTRY UnlockObject(OBJ *);
|
|
GLOBAL MODREF * KERNENTRY MRAlloc(IMTE imte, PDB *ppdb);
|
|
|
|
#endif
|
|
|
|
/* ------------------------------------------------------------ */
|
|
/* ------------------------------------------------------------ */
|
|
/* ------------------------------------------------------------ */
|
|
/* ------------------------------------------------------------ */
|
|
/* ------------------------------------------------------------ */
|
|
/****************************************************************/
|