ReactOS 0.4.16-dev-927-g467dec4
profile.c
Go to the documentation of this file.
1/*
2 * COPYRIGHT: See COPYING in the top level directory
3 * PROJECT: ReactOS Kernel
4 * FILE: ntoskrnl/ex/profile.c
5 * PURPOSE: Support for Executive Profile Objects
6 * PROGRAMMERS: Alex Ionescu (alex@relsoft.net)
7 * Thomas Weidenmueller
8 */
9
10/* INCLUDES *****************************************************************/
11
12#include <ntoskrnl.h>
13#define NDEBUG
14#include <debug.h>
15
16/* GLOBALS *******************************************************************/
17
18POBJECT_TYPE ExProfileObjectType = NULL;
19KMUTEX ExpProfileMutex;
20
21GENERIC_MAPPING ExpProfileMapping =
22{
23 STANDARD_RIGHTS_READ | PROFILE_CONTROL,
24 STANDARD_RIGHTS_WRITE | PROFILE_CONTROL,
25 STANDARD_RIGHTS_EXECUTE | PROFILE_CONTROL,
26 PROFILE_ALL_ACCESS
27};
28
29/* FUNCTIONS *****************************************************************/
30
31VOID
32NTAPI
33ExpDeleteProfile(PVOID ObjectBody)
34{
35 PEPROFILE Profile;
36 ULONG State;
37
38 /* Typecast the Object */
39 Profile = ObjectBody;
40
41 /* Check if there if the Profile was started */
42 if (Profile->LockedBufferAddress)
43 {
44 /* Stop the Profile */
45 State = KeStopProfile(Profile->ProfileObject);
46 ASSERT(State != FALSE);
47
48 /* Unmap the Locked Buffer */
49 MmUnmapLockedPages(Profile->LockedBufferAddress, Profile->Mdl);
50 MmUnlockPages(Profile->Mdl);
51 IoFreeMdl(Profile->Mdl);
52 ExFreePoolWithTag(Profile->ProfileObject, TAG_PROFILE);
53 }
54
55 /* Check if a Process is associated and reference it */
56 if (Profile->Process) ObDereferenceObject(Profile->Process);
57}
58
59CODE_SEG("INIT")
60BOOLEAN
61NTAPI
62ExpInitializeProfileImplementation(VOID)
63{
64 OBJECT_TYPE_INITIALIZER ObjectTypeInitializer;
65 UNICODE_STRING Name;
66 NTSTATUS Status;
67 DPRINT("Creating Profile Object Type\n");
68
69 /* Initialize the Mutex to lock the States */
70 KeInitializeMutex(&ExpProfileMutex, 64);
71
72 /* Create the Event Pair Object Type */
73 RtlZeroMemory(&ObjectTypeInitializer, sizeof(ObjectTypeInitializer));
74 RtlInitUnicodeString(&Name, L"Profile");
75 ObjectTypeInitializer.Length = sizeof(ObjectTypeInitializer);
76 ObjectTypeInitializer.DefaultNonPagedPoolCharge = sizeof(KPROFILE);
77 ObjectTypeInitializer.GenericMapping = ExpProfileMapping;
78 ObjectTypeInitializer.PoolType = NonPagedPool;
79 ObjectTypeInitializer.DeleteProcedure = ExpDeleteProfile;
80 ObjectTypeInitializer.ValidAccessMask = PROFILE_ALL_ACCESS;
81 ObjectTypeInitializer.InvalidAttributes = OBJ_OPENLINK;
82 Status = ObCreateObjectType(&Name, &ObjectTypeInitializer, NULL, &ExProfileObjectType);
83 if (!NT_SUCCESS(Status)) return FALSE;
84 return TRUE;
85}
86
87NTSTATUS
88NTAPI
89NtCreateProfile(OUT PHANDLE ProfileHandle,
90 IN HANDLE Process OPTIONAL,
91 IN PVOID RangeBase,
92 IN SIZE_T RangeSize,
93 IN ULONG BucketSize,
94 IN PVOID Buffer,
95 IN ULONG BufferSize,
96 IN KPROFILE_SOURCE ProfileSource,
97 IN KAFFINITY Affinity)
98{
99 HANDLE hProfile;
100 PEPROFILE Profile;
101 PEPROCESS pProcess;
102 KPROCESSOR_MODE PreviousMode = ExGetPreviousMode();
103 OBJECT_ATTRIBUTES ObjectAttributes;
104 NTSTATUS Status;
105 ULONG Log2 = 0;
106 ULONG_PTR Segment = 0;
107 ULONG BucketsRequired;
108 PAGED_CODE();
109
110 /* Easy way out */
111 if(!BufferSize) return STATUS_INVALID_PARAMETER_7;
112
113 /* Check if this is a low-memory profile */
114 if ((!BucketSize) && (RangeBase < (PVOID)(0x10000)))
115 {
116 /* Validate size */
117 if (BufferSize < sizeof(ULONG)) return STATUS_INVALID_PARAMETER_7;
118
119 /* This will become a segmented profile object */
120 Segment = (ULONG_PTR)RangeBase;
121 RangeBase = 0;
122
123 /* Recalculate the bucket size */
124 BucketSize = RangeSize / (BufferSize / sizeof(ULONG));
125
126 /* Convert it to log2 */
127 BucketSize--;
128 while (BucketSize >>= 1) Log2++;
129 BucketSize += Log2 + 1;
130 }
131
132 /* Validate bucket size */
133 if ((BucketSize > 31) || (BucketSize < 2))
134 {
135 DPRINT1("Bucket size invalid\n");
136 return STATUS_INVALID_PARAMETER;
137 }
138
139 /* Make sure that the buckets can map the range */
140 BucketsRequired = RangeSize >> BucketSize;
141 if (RangeSize & ((1 << BucketSize) - 1))
142 {
143 BucketsRequired++;
144 }
145 if (BucketsRequired > BufferSize / sizeof(ULONG))
146 {
147 DPRINT1("Bucket size too small\n");
148 return STATUS_BUFFER_TOO_SMALL;
149 }
150
151 /* Make sure that the range isn't too gigantic */
152 if (((ULONG_PTR)RangeBase + RangeSize) < RangeSize)
153 {
154 DPRINT1("Range too big\n");
155 return STATUS_BUFFER_OVERFLOW;
156 }
157
158 /* Check if we were called from user-mode */
159 if(PreviousMode != KernelMode)
160 {
161 /* Entry SEH */
162 _SEH2_TRY
163 {
164 /* Make sure that the handle pointer is valid */
165 ProbeForWriteHandle(ProfileHandle);
166
167 /* Check if the buffer is valid */
168 ProbeForWrite(Buffer,
169 BufferSize,
170 sizeof(ULONG));
171 }
172 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
173 {
174 /* Return the exception code */
175 _SEH2_YIELD(return _SEH2_GetExceptionCode());
176 }
177 _SEH2_END;
178 }
179
180 /* Check if a process was specified */
181 if (Process)
182 {
183 /* Reference it */
184 Status = ObReferenceObjectByHandle(Process,
185 PROCESS_QUERY_INFORMATION,
186 PsProcessType,
187 PreviousMode,
188 (PVOID*)&pProcess,
189 NULL);
190 if (!NT_SUCCESS(Status)) return(Status);
191 }
192 else
193 {
194 /* Segmented profile objects cannot be used system-wide */
195 if (Segment) return STATUS_INVALID_PARAMETER;
196
197 /* No process was specified, which means a System-Wide Profile */
198 pProcess = NULL;
199
200 /* For this, we need to check the Privilege */
201 if(!SeSinglePrivilegeCheck(SeSystemProfilePrivilege, PreviousMode))
202 {
203 DPRINT1("NtCreateProfile: Caller requires the SeSystemProfilePrivilege privilege!\n");
204 return STATUS_PRIVILEGE_NOT_HELD;
205 }
206 }
207
208 /* Create the object */
209 InitializeObjectAttributes(&ObjectAttributes,
210 NULL,
211 0,
212 NULL,
213 NULL);
214 Status = ObCreateObject(KernelMode,
215 ExProfileObjectType,
216 &ObjectAttributes,
217 PreviousMode,
218 NULL,
219 sizeof(EPROFILE),
220 0,
221 sizeof(EPROFILE) + sizeof(KPROFILE),
222 (PVOID*)&Profile);
223 if (!NT_SUCCESS(Status))
224 {
225 /* Dereference the process object if it was specified */
226 if (pProcess) ObDereferenceObject(pProcess);
227
228 /* Return Status */
229 return Status;
230 }
231
232 /* Initialize it */
233 Profile->RangeBase = RangeBase;
234 Profile->RangeSize = RangeSize;
235 Profile->Buffer = Buffer;
236 Profile->BufferSize = BufferSize;
237 Profile->BucketSize = BucketSize;
238 Profile->LockedBufferAddress = NULL;
239 Profile->Segment = Segment;
240 Profile->ProfileSource = ProfileSource;
241 Profile->Affinity = Affinity;
242 Profile->Process = pProcess;
243
244 /* Insert into the Object Tree */
245 Status = ObInsertObject ((PVOID)Profile,
246 NULL,
247 PROFILE_CONTROL,
248 0,
249 NULL,
250 &hProfile);
251
252 /* Check for Success */
253 if (!NT_SUCCESS(Status))
254 {
255 /* Dereference Process on failure */
256 if (pProcess) ObDereferenceObject(pProcess);
257 return Status;
258 }
259
260 /* Enter SEH */
261 _SEH2_TRY
262 {
263 /* Copy the created handle back to the caller*/
264 *ProfileHandle = hProfile;
265 }
266 _SEH2_EXCEPT(ExSystemExceptionFilter())
267 {
268 Status = _SEH2_GetExceptionCode();
269 }
270 _SEH2_END;
271
272 /* Return Status */
273 return Status;
274}
275
276NTSTATUS
277NTAPI
278NtQueryPerformanceCounter(OUT PLARGE_INTEGER PerformanceCounter,
279 OUT PLARGE_INTEGER PerformanceFrequency OPTIONAL)
280{
281 KPROCESSOR_MODE PreviousMode = ExGetPreviousMode();
282 LARGE_INTEGER PerfFrequency;
283 NTSTATUS Status = STATUS_SUCCESS;
284
285 /* Check if we were called from user-mode */
286 if (PreviousMode != KernelMode)
287 {
288 /* Entry SEH Block */
289 _SEH2_TRY
290 {
291 /* Make sure the counter and frequency are valid */
292 ProbeForWriteLargeInteger(PerformanceCounter);
293 if (PerformanceFrequency)
294 {
295 ProbeForWriteLargeInteger(PerformanceFrequency);
296 }
297 }
298 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
299 {
300 /* Return the exception code */
301 _SEH2_YIELD(return _SEH2_GetExceptionCode());
302 }
303 _SEH2_END;
304 }
305
306 /* Enter a new SEH Block */
307 _SEH2_TRY
308 {
309 /* Query the Kernel */
310 *PerformanceCounter = KeQueryPerformanceCounter(&PerfFrequency);
311
312 /* Return Frequency if requested */
313 if (PerformanceFrequency) *PerformanceFrequency = PerfFrequency;
314 }
315 _SEH2_EXCEPT(ExSystemExceptionFilter())
316 {
317 /* Get the exception code */
318 Status = _SEH2_GetExceptionCode();
319 }
320 _SEH2_END;
321
322 /* Return status to caller */
323 return Status;
324}
325
326NTSTATUS
327NTAPI
328NtStartProfile(IN HANDLE ProfileHandle)
329{
330 PEPROFILE Profile;
331 PKPROFILE ProfileObject;
332 KPROCESSOR_MODE PreviousMode = ExGetPreviousMode();
333 PVOID TempLockedBufferAddress;
334 NTSTATUS Status;
335 PAGED_CODE();
336
337 /* Get the Object */
338 Status = ObReferenceObjectByHandle(ProfileHandle,
339 PROFILE_CONTROL,
340 ExProfileObjectType,
341 PreviousMode,
342 (PVOID*)&Profile,
343 NULL);
344 if (!NT_SUCCESS(Status)) return(Status);
345
346 /* To avoid a Race, wait on the Mutex */
347 KeWaitForSingleObject(&ExpProfileMutex,
348 Executive,
349 KernelMode,
350 FALSE,
351 NULL);
352
353 /* The Profile can still be enabled though, so handle that */
354 if (Profile->LockedBufferAddress)
355 {
356 /* Release our lock, dereference and return */
357 KeReleaseMutex(&ExpProfileMutex, FALSE);
358 ObDereferenceObject(Profile);
359 return STATUS_PROFILING_NOT_STOPPED;
360 }
361
362 /* Allocate a Kernel Profile Object. */
363 ProfileObject = ExAllocatePoolWithTag(NonPagedPool,
364 sizeof(*ProfileObject),
365 TAG_PROFILE);
366 if (!ProfileObject)
367 {
368 /* Out of memory, fail */
369 KeReleaseMutex(&ExpProfileMutex, FALSE);
370 ObDereferenceObject(Profile);
371 return STATUS_INSUFFICIENT_RESOURCES;
372 }
373
374 /* Allocate the Mdl Structure */
375 Profile->Mdl = IoAllocateMdl(Profile->Buffer, Profile->BufferSize, FALSE, FALSE, NULL);
376
377 /* Protect this in SEH as we might raise an exception */
378 _SEH2_TRY
379 {
380 /* Probe and Lock for Write Access */
381 MmProbeAndLockPages(Profile->Mdl, PreviousMode, IoWriteAccess);
382 }
383 _SEH2_EXCEPT(ExSystemExceptionFilter())
384 {
385 /* Release our lock, free the buffer, dereference and return */
386 KeReleaseMutex(&ExpProfileMutex, FALSE);
387 ObDereferenceObject(Profile);
388 ExFreePoolWithTag(ProfileObject, TAG_PROFILE);
389 _SEH2_YIELD(return _SEH2_GetExceptionCode());
390 }
391 _SEH2_END;
392
393 /* Map the pages */
394 TempLockedBufferAddress = MmMapLockedPages(Profile->Mdl, KernelMode);
395
396 /* Initialize the Kernel Profile Object */
397 Profile->ProfileObject = ProfileObject;
398 KeInitializeProfile(ProfileObject,
399 &Profile->Process->Pcb,
400 Profile->RangeBase,
401 Profile->RangeSize,
402 Profile->BucketSize,
403 Profile->ProfileSource,
404 Profile->Affinity);
405
406 /* Start the Profiling */
407 KeStartProfile(ProfileObject, TempLockedBufferAddress);
408
409 /* Now it's safe to save this */
410 Profile->LockedBufferAddress = TempLockedBufferAddress;
411
412 /* Release mutex, dereference and return */
413 KeReleaseMutex(&ExpProfileMutex, FALSE);
414 ObDereferenceObject(Profile);
415 return STATUS_SUCCESS;
416}
417
418NTSTATUS
419NTAPI
420NtStopProfile(IN HANDLE ProfileHandle)
421{
422 PEPROFILE Profile;
423 KPROCESSOR_MODE PreviousMode = ExGetPreviousMode();
424 NTSTATUS Status;
425 PAGED_CODE();
426
427 /* Get the Object */
428 Status = ObReferenceObjectByHandle(ProfileHandle,
429 PROFILE_CONTROL,
430 ExProfileObjectType,
431 PreviousMode,
432 (PVOID*)&Profile,
433 NULL);
434 if (!NT_SUCCESS(Status)) return(Status);
435
436 /* Get the Mutex */
437 KeWaitForSingleObject(&ExpProfileMutex,
438 Executive,
439 KernelMode,
440 FALSE,
441 NULL);
442
443 /* Make sure the Profile Object is really Started */
444 if (!Profile->LockedBufferAddress)
445 {
446 Status = STATUS_PROFILING_NOT_STARTED;
447 goto Exit;
448 }
449
450 /* Stop the Profile */
451 KeStopProfile(Profile->ProfileObject);
452
453 /* Unlock the Buffer */
454 MmUnmapLockedPages(Profile->LockedBufferAddress, Profile->Mdl);
455 MmUnlockPages(Profile->Mdl);
456 IoFreeMdl(Profile->Mdl);
457 ExFreePoolWithTag(Profile->ProfileObject, TAG_PROFILE);
458
459 /* Clear the Locked Buffer pointer, meaning the Object is Stopped */
460 Profile->LockedBufferAddress = NULL;
461
462Exit:
463 /* Release Mutex, Dereference and Return */
464 KeReleaseMutex(&ExpProfileMutex, FALSE);
465 ObDereferenceObject(Profile);
466 return Status;
467}
468
469NTSTATUS
470NTAPI
471NtQueryIntervalProfile(IN KPROFILE_SOURCE ProfileSource,
472 OUT PULONG Interval)
473{
474 KPROCESSOR_MODE PreviousMode = ExGetPreviousMode();
475 ULONG ReturnInterval;
476 NTSTATUS Status = STATUS_SUCCESS;
477 PAGED_CODE();
478
479 /* Check if we were called from user-mode */
480 if (PreviousMode != KernelMode)
481 {
482 /* Enter SEH Block */
483 _SEH2_TRY
484 {
485 /* Validate interval */
486 ProbeForWriteUlong(Interval);
487 }
488 _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
489 {
490 /* Return the exception code */
491 _SEH2_YIELD(return _SEH2_GetExceptionCode());
492 }
493 _SEH2_END;
494 }
495
496 /* Query the Interval */
497 ReturnInterval = (ULONG)KeQueryIntervalProfile(ProfileSource);
498
499 /* Enter SEH block for return */
500 _SEH2_TRY
501 {
502 /* Return the data */
503 *Interval = ReturnInterval;
504 }
505 _SEH2_EXCEPT(ExSystemExceptionFilter())
506 {
507 /* Get the exception code */
508 Status = _SEH2_GetExceptionCode();
509 }
510 _SEH2_END;
511
512 /* Return Success */
513 return Status;
514}
515
516NTSTATUS
517NTAPI
518NtSetIntervalProfile(IN ULONG Interval,
519 IN KPROFILE_SOURCE Source)
520{
521 /* Let the Kernel do the job */
522 KeSetIntervalProfile(Interval, Source);
523
524 /* Nothing can go wrong */
525 return STATUS_SUCCESS;
526}
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_EvalMethod.c:87
CODE_SEG
#define CODE_SEG(...)
Definition: Bus_PDO_EvalMethod.c:88
STATUS_PRIVILEGE_NOT_HELD
#define STATUS_PRIVILEGE_NOT_HELD
Definition: DriverTester.h:9
PreviousMode
_In_ PVOID _In_ ULONG _Out_ PVOID _In_ ULONG _Inout_ PULONG _In_ KPROCESSOR_MODE PreviousMode
Definition: KdSystemDebugControl.c:35
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
Name
struct NameRec_ * Name
Definition: cdprocs.h:460
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
DPRINT1
#define DPRINT1
Definition: precomp.h:8
Buffer
Definition: bufpool.h:45
ObjectAttributes
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:36
BufferSize
#define BufferSize
Definition: mmc.h:75
NULL
#define NULL
Definition: types.h:112
TRUE
#define TRUE
Definition: types.h:120
FALSE
#define FALSE
Definition: types.h:117
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:33
KAFFINITY
ULONG_PTR KAFFINITY
Definition: compat.h:85
ULONG_PTR
#define ULONG_PTR
Definition: config.h:101
ExAllocatePoolWithTag
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
KeWaitForSingleObject
#define KeWaitForSingleObject(pEvt, foo, a, b, c)
Definition: env_spec_w32.h:478
NonPagedPool
#define NonPagedPool
Definition: env_spec_w32.h:307
ExGetPreviousMode
#define ExGetPreviousMode
Definition: ex.h:143
ProbeForWrite
VOID NTAPI ProbeForWrite(IN PVOID Address, IN SIZE_T Length, IN ULONG Alignment)
Definition: exintrin.c:143
Process
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:223
IoFreeMdl
#define IoFreeMdl
Definition: fxmdl.h:89
IoAllocateMdl
#define IoAllocateMdl
Definition: fxmdl.h:88
Status
Status
Definition: gdiplustypes.h:25
KeQueryPerformanceCounter
LARGE_INTEGER NTAPI KeQueryPerformanceCounter(IN PLARGE_INTEGER PerformanceFreq)
Definition: timer.c:138
ExSystemExceptionFilter
LONG NTAPI ExSystemExceptionFilter(VOID)
Definition: harderr.c:349
PROCESS_QUERY_INFORMATION
#define PROCESS_QUERY_INFORMATION
Definition: pstypes.h:167
OBJ_OPENLINK
#define OBJ_OPENLINK
Definition: winternl.h:230
KPROFILE_SOURCE
enum _KPROFILE_SOURCE KPROFILE_SOURCE
EXCEPTION_EXECUTE_HANDLER
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:90
MmMapLockedPages
PVOID NTAPI MmMapLockedPages(IN PMDL Mdl, IN KPROCESSOR_MODE AccessMode)
Definition: mdlsup.c:818
MmProbeAndLockPages
VOID NTAPI MmProbeAndLockPages(IN PMDL Mdl, IN KPROCESSOR_MODE AccessMode, IN LOCK_OPERATION Operation)
Definition: mdlsup.c:931
MmUnlockPages
VOID NTAPI MmUnlockPages(IN PMDL Mdl)
Definition: mdlsup.c:1435
MmUnmapLockedPages
VOID NTAPI MmUnmapLockedPages(IN PVOID BaseAddress, IN PMDL Mdl)
Definition: mdlsup.c:837
ASSERT
#define ASSERT(a)
Definition: mode.c:44
ExFreePoolWithTag
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1109
InitializeObjectAttributes
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
Source
_In_ UINT _In_ UINT _In_ PNDIS_PACKET Source
Definition: ndis.h:3169
PROFILE_ALL_ACCESS
#define PROFILE_ALL_ACCESS
Definition: extypes.h:131
PROFILE_CONTROL
#define PROFILE_CONTROL
Definition: extypes.h:130
KernelMode
#define KernelMode
Definition: asm.h:38
KPROFILE
struct _KPROFILE KPROFILE
ProfileObject
@ ProfileObject
Definition: ketypes.h:429
Interval
DWORD Interval
Definition: netstat.c:30
RtlInitUnicodeString
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
STANDARD_RIGHTS_READ
#define STANDARD_RIGHTS_READ
Definition: nt_native.h:65
STANDARD_RIGHTS_WRITE
#define STANDARD_RIGHTS_WRITE
Definition: nt_native.h:66
STANDARD_RIGHTS_EXECUTE
#define STANDARD_RIGHTS_EXECUTE
Definition: nt_native.h:67
ExProfileObjectType
POBJECT_TYPE ExProfileObjectType
Definition: profile.c:18
NtQueryIntervalProfile
NTSTATUS NTAPI NtQueryIntervalProfile(IN KPROFILE_SOURCE ProfileSource, OUT PULONG Interval)
Definition: profile.c:471
NtStopProfile
NTSTATUS NTAPI NtStopProfile(IN HANDLE ProfileHandle)
Definition: profile.c:420
NtCreateProfile
NTSTATUS NTAPI NtCreateProfile(OUT PHANDLE ProfileHandle, IN HANDLE Process OPTIONAL, IN PVOID RangeBase, IN SIZE_T RangeSize, IN ULONG BucketSize, IN PVOID Buffer, IN ULONG BufferSize, IN KPROFILE_SOURCE ProfileSource, IN KAFFINITY Affinity)
Definition: profile.c:89
ExpInitializeProfileImplementation
BOOLEAN NTAPI ExpInitializeProfileImplementation(VOID)
Definition: profile.c:62
NtStartProfile
NTSTATUS NTAPI NtStartProfile(IN HANDLE ProfileHandle)
Definition: profile.c:328
ExpDeleteProfile
VOID NTAPI ExpDeleteProfile(PVOID ObjectBody)
Definition: profile.c:33
ExpProfileMutex
KMUTEX ExpProfileMutex
Definition: profile.c:19
ExpProfileMapping
GENERIC_MAPPING ExpProfileMapping
Definition: profile.c:21
NtQueryPerformanceCounter
NTSTATUS NTAPI NtQueryPerformanceCounter(OUT PLARGE_INTEGER PerformanceCounter, OUT PLARGE_INTEGER PerformanceFrequency OPTIONAL)
Definition: profile.c:278
NtSetIntervalProfile
NTSTATUS NTAPI NtSetIntervalProfile(IN ULONG Interval, IN KPROFILE_SOURCE Source)
Definition: profile.c:518
KeSetIntervalProfile
VOID NTAPI KeSetIntervalProfile(ULONG Interval, KPROFILE_SOURCE ProfileSource)
KeStopProfile
BOOLEAN NTAPI KeStopProfile(struct _KPROFILE *Profile)
KeQueryIntervalProfile
ULONG NTAPI KeQueryIntervalProfile(KPROFILE_SOURCE ProfileSource)
KeInitializeProfile
VOID NTAPI KeInitializeProfile(struct _KPROFILE *Profile, struct _KPROCESS *Process, PVOID ImageBase, SIZE_T ImageSize, ULONG BucketSize, KPROFILE_SOURCE ProfileSource, KAFFINITY Affinity)
KeStartProfile
BOOLEAN NTAPI KeStartProfile(struct _KPROFILE *Profile, PVOID Buffer)
SeSystemProfilePrivilege
const LUID SeSystemProfilePrivilege
Definition: priv.c:30
KeInitializeMutex
VOID NTAPI KeInitializeMutex(IN PKMUTEX Mutex, IN ULONG Level)
Definition: mutex.c:67
KeReleaseMutex
LONG NTAPI KeReleaseMutex(IN PKMUTEX Mutex, IN BOOLEAN Wait)
Definition: mutex.c:189
PsProcessType
POBJECT_TYPE PsProcessType
Definition: process.c:20
SeSinglePrivilegeCheck
BOOLEAN NTAPI SeSinglePrivilegeCheck(_In_ LUID PrivilegeValue, _In_ KPROCESSOR_MODE PreviousMode)
Checks if a single privilege is present in the context of the calling thread.
Definition: priv.c:744
PHANDLE
PVOID *typedef PHANDLE
Definition: ntsecpkg.h:455
STATUS_PROFILING_NOT_STOPPED
#define STATUS_PROFILING_NOT_STOPPED
Definition: ntstatus.h:420
STATUS_INVALID_PARAMETER_7
#define STATUS_INVALID_PARAMETER_7
Definition: ntstatus.h:481
STATUS_PROFILING_NOT_STARTED
#define STATUS_PROFILING_NOT_STARTED
Definition: ntstatus.h:419
L
#define L(x)
Definition: ntvdm.h:50
ObInsertObject
NTSTATUS NTAPI ObInsertObject(IN PVOID Object, IN PACCESS_STATE AccessState OPTIONAL, IN ACCESS_MASK DesiredAccess, IN ULONG ObjectPointerBias, OUT PVOID *NewObject OPTIONAL, OUT PHANDLE Handle)
Definition: obhandle.c:2935
ObCreateObject
NTSTATUS NTAPI ObCreateObject(IN KPROCESSOR_MODE ProbeMode OPTIONAL, IN POBJECT_TYPE Type, IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, IN KPROCESSOR_MODE AccessMode, IN OUT PVOID ParseContext OPTIONAL, IN ULONG ObjectSize, IN ULONG PagedPoolCharge OPTIONAL, IN ULONG NonPagedPoolCharge OPTIONAL, OUT PVOID *Object)
Definition: oblife.c:1039
ObCreateObjectType
NTSTATUS NTAPI ObCreateObjectType(IN PUNICODE_STRING TypeName, IN POBJECT_TYPE_INITIALIZER ObjectTypeInitializer, IN PVOID Reserved, OUT POBJECT_TYPE *ObjectType)
Definition: oblife.c:1136
ObReferenceObjectByHandle
NTSTATUS NTAPI ObReferenceObjectByHandle(IN HANDLE Handle, IN ACCESS_MASK DesiredAccess, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, OUT PVOID *Object, OUT POBJECT_HANDLE_INFORMATION HandleInformation OPTIONAL)
Definition: obref.c:494
_SEH2_GetExceptionCode
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:181
_SEH2_EXCEPT
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:82
_SEH2_END
#define _SEH2_END
Definition: pseh2_64.h:171
_SEH2_TRY
#define _SEH2_TRY
Definition: pseh2_64.h:71
_SEH2_YIELD
#define _SEH2_YIELD(__stmt)
Definition: pseh2_64.h:184
ProbeForWriteLargeInteger
#define ProbeForWriteLargeInteger(Ptr)
Definition: probe.h:46
ProbeForWriteHandle
#define ProbeForWriteHandle(Ptr)
Definition: probe.h:43
ProbeForWriteUlong
#define ProbeForWriteUlong(Ptr)
Definition: probe.h:36
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
STATUS_BUFFER_TOO_SMALL
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:69
STATUS_BUFFER_OVERFLOW
#define STATUS_BUFFER_OVERFLOW
Definition: shellext.h:66
DPRINT
#define DPRINT
Definition: sndvol32.h:73
Exit
static void Exit(void)
Definition: sock.c:1330
OPTIONAL
PULONG MinorVersion OPTIONAL
Definition: CrossNt.h:68
NameRec_
Definition: apinames.c:49
_EPROCESS
Definition: pstypes.h:1262
_EPROCESS::Pcb
KPROCESS Pcb
Definition: pstypes.h:1263
_EPROFILE
Definition: extypes.h:554
_EPROFILE::Affinity
KAFFINITY Affinity
Definition: extypes.h:566
_EPROFILE::LockedBufferAddress
PVOID LockedBufferAddress
Definition: extypes.h:562
_EPROFILE::ProfileObject
PKPROFILE ProfileObject
Definition: extypes.h:561
_EPROFILE::BucketSize
ULONG BucketSize
Definition: extypes.h:560
_EPROFILE::RangeBase
PVOID RangeBase
Definition: extypes.h:556
_EPROFILE::BufferSize
ULONG BufferSize
Definition: extypes.h:559
_EPROFILE::Segment
ULONG_PTR Segment
Definition: extypes.h:564
_EPROFILE::RangeSize
SIZE_T RangeSize
Definition: extypes.h:557
_EPROFILE::Process
PEPROCESS Process
Definition: extypes.h:555
_EPROFILE::ProfileSource
KPROFILE_SOURCE ProfileSource
Definition: extypes.h:565
_EPROFILE::Mdl
PMDL Mdl
Definition: extypes.h:563
_EPROFILE::Buffer
PVOID Buffer
Definition: extypes.h:558
_GENERIC_MAPPING
Definition: nt_native.h:564
_KMUTANT
Definition: ketypes.h:840
_KPROFILE
Definition: ketypes.h:915
_OBJECT_ATTRIBUTES
Definition: umtypes.h:182
_OBJECT_TYPE_INITIALIZER
Definition: obtypes.h:353
_OBJECT_TYPE_INITIALIZER::ValidAccessMask
ULONG ValidAccessMask
Definition: obtypes.h:359
_OBJECT_TYPE_INITIALIZER::GenericMapping
GENERIC_MAPPING GenericMapping
Definition: obtypes.h:358
_OBJECT_TYPE_INITIALIZER::PoolType
POOL_TYPE PoolType
Definition: obtypes.h:363
_OBJECT_TYPE_INITIALIZER::DeleteProcedure
OB_DELETE_METHOD DeleteProcedure
Definition: obtypes.h:369
_OBJECT_TYPE_INITIALIZER::InvalidAttributes
ULONG InvalidAttributes
Definition: obtypes.h:357
_OBJECT_TYPE_INITIALIZER::DefaultNonPagedPoolCharge
ULONG DefaultNonPagedPoolCharge
Definition: obtypes.h:365
_OBJECT_TYPE_INITIALIZER::Length
USHORT Length
Definition: obtypes.h:354
_OBJECT_TYPE
Definition: obtypes.h:380
_UNICODE_STRING
Definition: env_spec_w32.h:368
TAG_PROFILE
#define TAG_PROFILE
Definition: tag.h:30
PULONG
uint32_t * PULONG
Definition: typedefs.h:59
NTAPI
#define NTAPI
Definition: typedefs.h:36
SIZE_T
ULONG_PTR SIZE_T
Definition: typedefs.h:80
RtlZeroMemory
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:262
ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:65
IN
#define IN
Definition: typedefs.h:39
ULONG
uint32_t ULONG
Definition: typedefs.h:59
OUT
#define OUT
Definition: typedefs.h:40
STATUS_INVALID_PARAMETER
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
_LARGE_INTEGER
Definition: typedefs.h:103
BufferSize
_In_ WDFMEMORY _Out_opt_ size_t * BufferSize
Definition: wdfmemory.h:254
Segment
_Inout_ PVOID Segment
Definition: exfuncs.h:1101
Affinity
_In_ ULONG _In_ ULONG _In_ ULONG _Out_ PKIRQL _Out_ PKAFFINITY Affinity
Definition: halfuncs.h:174
Executive
@ Executive
Definition: ketypes.h:415
KPROCESSOR_MODE
CCHAR KPROCESSOR_MODE
Definition: ketypes.h:7
IoWriteAccess
@ IoWriteAccess
Definition: ketypes.h:864
ObDereferenceObject
#define ObDereferenceObject
Definition: obfuncs.h:203