runtime / ntapi

Clone
Source Code
GIT

Files

  1.   1717a8ab17
  2.   include
  3.   ntapi
  4.   nt_debug.h
Blob Blame History Raw 
#ifndef _NT_DEBUG_H_
#define _NT_DEBUG_H_

#include "nt_abi.h"
#include "nt_object.h"
#include "nt_exception.h"


/* debug access rights */
#define NT_DEBUG_SPECIFIC_RIGHTS	(0xf)
#define NT_DEBUG_ALL_ACCESS		(NT_SEC_STANDARD_RIGHTS_ALL \
					 | NT_DEBUG_SPECIFIC_RIGHTS)

/* debug flags */
#define NT_DEBUG_DETACH_ON_EXIT		(0x0)
#define NT_DEBUG_KILL_ON_EXIT		(0x1)


/* debug object information classes */
#define NT_DEBUG_OBJECT_FLAGS_INFO	(0X1)


/* debug filter mask */
#define NT_DBG_FLTR_ERROR_LEVEL		(0x0)
#define NT_DBG_FLTR_WARNING_LEVEL	(0x1)
#define NT_DBG_FLTR_TRACE_LEVEL		(0x2)
#define NT_DBG_FLTR_INFO_LEVEL		(0x3)
#define NT_DBG_FLTR_MASK		(0x8000000)


/* debug states */
typedef enum _nt_dbg_state {
	NT_DBG_STATE_IDLE,
	NT_DBG_STATE_REPLY_PENDING,

	NT_DBG_STATE_CREATE_THREAD,
	NT_DBG_STATE_CREATE_PROCESS,

	NT_DBG_STATE_EXIT_THREAD,
	NT_DBG_STATE_EXIT_PROCESS,

	NT_DBG_STATE_EXCEPTION,
	NT_DBG_STATE_BREAKPOINT,
	NT_DBG_STATE_SINGLE_STEP,

	NT_DBG_STATE_DLL_LOAD,
	NT_DBG_STATE_DLL_UNLOAD,
} nt_dbg_state;


/* debug filters */
typedef enum _nt_dbg_fltr_type {
	NT_DBG_FLTR_SYSTEM_ID,
	NT_DBG_FLTR_SMSS_ID,
	NT_DBG_FLTR_SETUP_ID,
	NT_DBG_FLTR_NTFS_ID,
	NT_DBG_FLTR_FSTUB_ID,
	NT_DBG_FLTR_CRASHDUMP_ID,
	NT_DBG_FLTR_CDAUDIO_ID,
	NT_DBG_FLTR_CDROM_ID,
	NT_DBG_FLTR_CLASSPNP_ID,
	NT_DBG_FLTR_DISK_ID,
	NT_DBG_FLTR_REDBOOK_ID,
	NT_DBG_FLTR_STORPROP_ID,
	NT_DBG_FLTR_SCSIPORT_ID,
	NT_DBG_FLTR_SCSIMINIPORT_ID,
	NT_DBG_FLTR_CONFIG_ID,
	NT_DBG_FLTR_I8042PRT_ID,
	NT_DBG_FLTR_SERMOUSE_ID,
	NT_DBG_FLTR_LSERMOUS_ID,
	NT_DBG_FLTR_KBDHID_ID,
	NT_DBG_FLTR_MOUHID_ID,
	NT_DBG_FLTR_KBDCLASS_ID,
	NT_DBG_FLTR_MOUCLASS_ID,
	NT_DBG_FLTR_TWOTRACK_ID,
	NT_DBG_FLTR_WMILIB_ID,
	NT_DBG_FLTR_ACPI_ID,
	NT_DBG_FLTR_AMLI_ID,
	NT_DBG_FLTR_HALIA64_ID,
	NT_DBG_FLTR_VIDEO_ID,
	NT_DBG_FLTR_SVCHOST_ID,
	NT_DBG_FLTR_VIDEOPRT_ID,
	NT_DBG_FLTR_TCPIP_ID,
	NT_DBG_FLTR_DMSYNTH_ID,
	NT_DBG_FLTR_NTOSPNP_ID,
	NT_DBG_FLTR_FASTFAT_ID,
	NT_DBG_FLTR_SAMSS_ID,
	NT_DBG_FLTR_PNPMGR_ID,
	NT_DBG_FLTR_NETAPI_ID,
	NT_DBG_FLTR_SCSERVER_ID,
	NT_DBG_FLTR_SCCLIENT_ID,
	NT_DBG_FLTR_SERIAL_ID,
	NT_DBG_FLTR_SERENUM_ID,
	NT_DBG_FLTR_UHCD_ID,
	NT_DBG_FLTR_RPCPROXY_ID,
	NT_DBG_FLTR_AUTOCHK_ID,
	NT_DBG_FLTR_DCOMSS_ID,
	NT_DBG_FLTR_UNIMODEM_ID,
	NT_DBG_FLTR_SIS_ID,
	NT_DBG_FLTR_FLTMGR_ID,
	NT_DBG_FLTR_WMICORE_ID,
	NT_DBG_FLTR_BURNENG_ID,
	NT_DBG_FLTR_IMAPI_ID,
	NT_DBG_FLTR_SXS_ID,
	NT_DBG_FLTR_FUSION_ID,
	NT_DBG_FLTR_IDLETASK_ID,
	NT_DBG_FLTR_SOFTPCI_ID,
	NT_DBG_FLTR_TAPE_ID,
	NT_DBG_FLTR_MCHGR_ID,
	NT_DBG_FLTR_IDEP_ID,
	NT_DBG_FLTR_PCIIDE_ID,
	NT_DBG_FLTR_FLOPPY_ID,
	NT_DBG_FLTR_FDC_ID,
	NT_DBG_FLTR_TERMSRV_ID,
	NT_DBG_FLTR_W32TIME_ID,
	NT_DBG_FLTR_PREFETCHER_ID,
	NT_DBG_FLTR_RSFILTER_ID,
	NT_DBG_FLTR_FCPORT_ID,
	NT_DBG_FLTR_PCI_ID,
	NT_DBG_FLTR_DMIO_ID,
	NT_DBG_FLTR_DMCONFIG_ID,
	NT_DBG_FLTR_DMADMIN_ID,
	NT_DBG_FLTR_WSOCKTRANSPORT_ID,
	NT_DBG_FLTR_VSS_ID,
	NT_DBG_FLTR_PNPMEM_ID,
	NT_DBG_FLTR_PROCESSOR_ID,
	NT_DBG_FLTR_DMSERVER_ID,
	NT_DBG_FLTR_SR_ID,
	NT_DBG_FLTR_INFINIBAND_ID,
	NT_DBG_FLTR_IHVDRIVER_ID,
	NT_DBG_FLTR_IHVVIDEO_ID,
	NT_DBG_FLTR_IHVAUDIO_ID,
	NT_DBG_FLTR_IHVNETWORK_ID,
	NT_DBG_FLTR_IHVSTREAMING_ID,
	NT_DBG_FLTR_IHVBUS_ID,
	NT_DBG_FLTR_HPS_ID,
	NT_DBG_FLTR_RTLTHREADPOOL_ID,
	NT_DBG_FLTR_LDR_ID,
	NT_DBG_FLTR_TCPIP6_ID,
	NT_DBG_FLTR_ISAPNP_ID,
	NT_DBG_FLTR_SHPC_ID,
	NT_DBG_FLTR_STORPORT_ID,
	NT_DBG_FLTR_STORMINIPORT_ID,
	NT_DBG_FLTR_PRINTSPOOLER_ID,
	NT_DBG_FLTR_VSSDYNDISK_ID,
	NT_DBG_FLTR_VERIFIER_ID,
	NT_DBG_FLTR_VDS_ID,
	NT_DBG_FLTR_VDSBAS_ID,
	NT_DBG_FLTR_VDSDYN_ID,
	NT_DBG_FLTR_VDSDYNDR_ID,
	NT_DBG_FLTR_VDSLDR_ID,
	NT_DBG_FLTR_VDSUTIL_ID,
	NT_DBG_FLTR_DFRGIFC_ID,
	NT_DBG_FLTR_DEFAULT_ID,
	NT_DBG_FLTR_MM_ID,
	NT_DBG_FLTR_DFSC_ID,
	NT_DBG_FLTR_WOW64_ID,
	NT_DBG_FLTR_ALPC_ID,
	NT_DBG_FLTR_WDI_ID,
	NT_DBG_FLTR_PERFLIB_ID,
	NT_DBG_FLTR_KTM_ID,
	NT_DBG_FLTR_IOSTRESS_ID,
	NT_DBG_FLTR_HEAP_ID,
	NT_DBG_FLTR_WHEA_ID,
	NT_DBG_FLTR_USERGDI_ID,
	NT_DBG_FLTR_MMCSS_ID,
	NT_DBG_FLTR_TPM_ID,
	NT_DBG_FLTR_THREADORDER_ID,
	NT_DBG_FLTR_ENVIRON_ID,
	NT_DBG_FLTR_EMS_ID,
	NT_DBG_FLTR_WDT_ID,
	NT_DBG_FLTR_FVEVOL_ID,
	NT_DBG_FLTR_NDIS_ID,
	NT_DBG_FLTR_NVCTRACE_ID,
	NT_DBG_FLTR_LUAFV_ID,
	NT_DBG_FLTR_APPCOMPAT_ID,
	NT_DBG_FLTR_USBSTOR_ID,
	NT_DBG_FLTR_SBP2PORT_ID,
	NT_DBG_FLTR_COVERAGE_ID,
	NT_DBG_FLTR_CACHEMGR_ID,
	NT_DBG_FLTR_MOUNTMGR_ID,
	NT_DBG_FLTR_CFR_ID,
	NT_DBG_FLTR_TXF_ID,
	NT_DBG_FLTR_KSECDD_ID,
	NT_DBG_FLTR_FLTREGRESS_ID,
	NT_DBG_FLTR_MPIO_ID,
	NT_DBG_FLTR_MSDSM_ID,
	NT_DBG_FLTR_UDFS_ID,
	NT_DBG_FLTR_PSHED_ID,
	NT_DBG_FLTR_STORVSP_ID,
	NT_DBG_FLTR_LSASS_ID,
	NT_DBG_FLTR_SSPICLI_ID,
	NT_DBG_FLTR_CNG_ID,
	NT_DBG_FLTR_EXFAT_ID,
	NT_DBG_FLTR_FILETRACE_ID,
	NT_DBG_FLTR_XSAVE_ID,
	NT_DBG_FLTR_SE_ID,
	NT_DBG_FLTR_DRIVEEXTENDER_ID,
	NT_DBG_FLTR_POWER_ID,
	NT_DBG_FLTR_CRASHDUMPXHCI_ID,
	NT_DBG_FLTR_GPIO_ID,
	NT_DBG_FLTR_REFS_ID,
	NT_DBG_FLTR_WER_ID,
	NT_DBG_FLTR_CAPIMG_ID,
	NT_DBG_FLTR_VPCI_ID,
	NT_DBG_FLTR_STORAGECLASSMEMORY_ID,
	NT_DBG_FLTR_ENDOFTABLE_ID,
} nt_dbg_fltr_type;


/* execution flow masks */
#define NT_DBG_FLOW_MASK_IDLE			(1 << NT_DBG_STATE_IDLE)
#define NT_DBG_FLOW_MASK_REPLY_PENDING		(1 << NT_DBG_STATE_REPLY_PENDING)

#define NT_DBG_FLOW_MASK_CREATE_THREAD		(1 << NT_DBG_STATE_CREATE_THREAD)
#define NT_DBG_FLOW_MASK_CREATE_PROCESS		(1 << NT_DBG_STATE_CREATE_PROCESS)

#define NT_DBG_FLOW_MASK_EXIT_THREAD		(1 << NT_DBG_STATE_EXIT_THREAD)
#define NT_DBG_FLOW_MASK_EXIT_PROCESS		(1 << NT_DBG_STATE_EXIT_PROCESS)

#define NT_DBG_FLOW_MASK_EXCEPTION		(1 << NT_DBG_STATE_EXCEPTION)
#define NT_DBG_FLOW_MASK_BREAKPOINT		(1 << NT_DBG_STATE_BREAKPOINT)
#define NT_DBG_FLOW_MASK_SINGLE_STEP		(1 << NT_DBG_STATE_SINGLE_STEP)

#define NT_DBG_FLOW_MASK_DLL_LOAD		(1 << NT_DBG_STATE_DLL_LOAD)
#define NT_DBG_FLOW_MASK_DLL_UNLOAD		(1 << NT_DBG_STATE_DLL_UNLOAD)

#define NT_DBG_FLOW_MASK_EXECUTION_TREE		(0x10000000)
#define NT_DBG_FLOW_MASK_DETACH_AND_CLOSE	(0x20000000)


/* debug events */
typedef struct _nt_dbg_km_thread_exit {
	int32_t			exit_status;
} nt_dbg_km_thread_exit;


typedef struct _nt_dbg_km_process_exit {
	int32_t			exit_status;
} nt_dbg_km_process_exit;


typedef struct _nt_dbg_km_load_module {
	void *			image_handle;
	void *			image_base;
	uint32_t		dbginfo_offset;
	uint32_t		dbginfo_size;
} nt_dbg_km_load_module;


typedef struct _nt_dbg_km_unload_module {
	void *			image_base;
} nt_dbg_km_unload_module;


typedef struct _nt_dbg_km_exception {
	nt_exception_record	exception_record;
	uint32_t		exception_priority;
} nt_dbg_km_exception;


typedef struct _nt_dbg_km_thread_info {
	uint32_t		subsystem_key;
	void *			start_address;
} nt_dbg_km_thread_info;


typedef struct _nt_dbg_ui_thread_info {
	void *			hthread;
	uint32_t		subsystem_key;
	void *			start_address;
} nt_dbg_ui_thread_info;


typedef struct _nt_dbg_km_process_info {
	uint32_t		subsystem_key;
	void *			image_handle;
	void *			image_base;
	uint32_t		dbginfo_offset;
	uint32_t		dbginfo_size;
	nt_dbg_km_thread_info	thread_info;
} nt_dbg_km_process_info;


typedef struct _nt_dbg_ui_process_info {
	void *			hprocess;
	void *			hthread;
	uint32_t		subsystem_key;
	void *			image_handle;
	void *			image_base;
	uint32_t		dbginfo_offset;
	uint32_t		dbginfo_size;
	nt_dbg_km_thread_info	thread_info;
} nt_dbg_ui_process_info;


typedef struct _nt_dbg_wait_state_change {
	nt_dbg_state		state;
	nt_cid			cid;
	union {
		nt_dbg_km_thread_exit	thread_exit;
		nt_dbg_km_process_exit	process_exit;
		nt_dbg_km_load_module	load_module;
		nt_dbg_km_unload_module	unload_module;
		nt_dbg_km_exception	exception_info;
		nt_dbg_ui_thread_info	thread_info;
		nt_dbg_ui_process_info	process_info;
	} _u;
} nt_dbg_wait_state_change;


/* debug interfaces */
typedef int32_t __stdcall ntapi_zw_create_debug_object(
	__out	void **		hdbobj,
	__in	uint32_t	access_mask,
	__in	nt_oa *		oa,
	__in	uint32_t	flags);

typedef int32_t __stdcall ntapi_zw_debug_active_process(
	__in	void *		hprocess,
	__in	void *		hdbgobj);

typedef int32_t __stdcall ntapi_zw_remove_process_debug(
	__in	void *		hprocess,
	__in	void *		hdbgobj);

typedef int32_t __stdcall ntapi_zw_wait_for_debug_event(
	__in	void *				hdbgobj,
	__in	int32_t				alertable,
	__in	nt_timeout *			timeout,
	__out	nt_dbg_wait_state_change *	state);

typedef int32_t __stdcall ntapi_zw_debug_continue(
	__in	void *		hdbgobj,
	__in	nt_cid *	cid,
	__in	int32_t		status);

typedef int32_t __stdcall ntapi_zw_set_information_debug_object(
	__in	void *		hdbgobj,
	__in	int32_t		dbg_info_class,
	__in	void *		dbg_info,
	__in	size_t		dbg_info_length,
	__out	uint32_t *	dbg_return_length);

typedef int32_t __stdcall ntapi_zw_query_debug_filter_state(
	__in	int32_t		dbg_component_id,
	__in	uint32_t	dbg_level);

typedef int32_t __stdcall ntapi_zw_set_debug_filter_state(
	__in	int32_t		dbg_component_id,
	__in	uint32_t	dbg_level,
	__in	int32_t		dbg_state);

/* extension interfaces */
typedef int32_t __stdcall ntapi_tt_debug_create_object(
	__out	void **		hdbobj,
	__in	uint32_t	flags);

typedef int32_t __stdcall ntapi_tt_debug_create_attach_object(
	__out	void **		hdbgobj,
	__in	void *		hprocess,
	__in	uint32_t	flags);

typedef int32_t	__stdcall ntapi_tt_debug_execution_flow(
	__in	void *		hdbgobj,
	__in	void *		hprocess,
	__in	void *		hserver,
	__in	void *		hlogfile,
	__in	uint32_t	evtmask,
	__in	uint64_t *	nevents);

typedef int32_t __stdcall ntapi_tt_debug_break_process(
	__in	void *		hprocess,
	__out	void **		hthread,
	__out	nt_cid *	cid);

#endif

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation | About

© Red Hat, Inc. and others.