34 #define TAG_RTLREGISTRY 'vrqR' 51 Irp->IoStatus.Information = 0;
115 DPRINT(
"IopGetDriverObject(%p '%wZ' %x)\n",
142 DPRINT(
"Driver name: '%wZ'\n", &DriverName);
156 DPRINT(
"Failed to reference driver object, status=0x%08x\n",
Status);
181 if (
String2->Length < String1->Length)
184 Length = String1->Length / 2;
185 pc1 = String1->Buffer;
216 "%s%sSystem32\\Drivers\\%wZ%s\r\n",
256 DPRINT(
"Normalizing image path '%wZ' for service '%wZ'\n", ImagePath,
ServiceName);
258 InputImagePath = *ImagePath;
259 if (InputImagePath.
Length == 0)
262 ImagePath->MaximumLength = DriversPathString.
Length +
267 ImagePath->MaximumLength,
269 if (ImagePath->Buffer ==
NULL)
276 else if (InputImagePath.
Buffer[0] !=
L'\\')
278 ImagePath->Length = 0;
279 ImagePath->MaximumLength = SystemRootString.
Length +
283 ImagePath->MaximumLength,
285 if (ImagePath->Buffer ==
NULL)
295 DPRINT(
"Normalized image path is '%wZ' for service '%wZ'\n", ImagePath,
ServiceName);
322 HANDLE CCSKey, ServiceKey;
332 DPRINT1(
"IopLoadServiceModule(%wZ, 0x%p) called in ExpInTextModeSetup mode...\n",
ServiceName, ModuleObject);
338 RtlInitEmptyUnicodeString(&ServiceImagePath,
NULL, 0);
344 L"\\Registry\\Machine\\SYSTEM\\CurrentControlSet\\Services");
348 DPRINT1(
"IopOpenRegistryKeyEx() failed for '%wZ' with status 0x%lx\n",
357 DPRINT1(
"IopOpenRegistryKeyEx() failed for '%wZ' with status 0x%lx\n",
389 DPRINT1(
"RtlQueryRegistryValues() failed (Status %x)\n",
Status);
401 DPRINT(
"IopNormalizeImagePath() failed (Status %x)\n",
Status);
415 DPRINT(
"Loading module from %wZ\n", &ServiceImagePath);
474 static const WCHAR ServicesKeyName[] =
L"\\Registry\\Machine\\System\\CurrentControlSet\\Services\\";
499 RtlInitEmptyUnicodeString(&RegistryKey,
NULL, 0);
516 if (FileSystemDriver !=
FALSE)
522 DPRINT(
"Driver name: '%wZ'\n", &DriverName);
526 RtlInitEmptyUnicodeString(&DriverName,
NULL, 0);
540 DPRINT(
"IopCreateDriver() failed (Status 0x%08lx)\n",
Status);
676 DPRINT1(
"Failed to load device %s filters: %08X\n",
677 Lower ?
"lower" :
"upper",
Status);
690 if (ClassKey ==
NULL)
703 DPRINT1(
"Failed to load class %s filters: %08X\n",
704 Lower ?
"lower" :
"upper",
Status);
759 BaseLength *=
sizeof(
WCHAR);
796 *ModuleObject = LdrEntry;
842 if (FileNameWithoutPath ==
NULL)
844 FileNameWithoutPath =
Buffer;
848 FileNameWithoutPath++;
862 if (FileExtension !=
NULL)
895 NextEntry = NextEntry->
Flink;
952 DPRINT(
"IopInitializeBootDrivers()\n");
1009 NextEntry = ListHead->
Flink;
1010 while (ListHead != NextEntry)
1025 NextEntry = NextEntry->
Flink;
1030 NextEntry = ListHead->
Flink;
1031 while (ListHead != NextEntry)
1060 #else // Hack still needed... 1092 NextEntry2 = NextEntry2->
Flink;
1096 NextEntry2 = NextEntry2->
Blink;
1102 NextEntry = NextEntry->
Flink;
1124 NextEntry = NextEntry->
Flink;
1150 ZwLoadDriver(*DriverList);
1210 DPRINT1(
"No unload privilege!\n");
1221 DPRINT(
"IopUnloadDriver('%wZ', %u)\n", &CapturedServiceName, UnloadPnpDrivers);
1225 if (CapturedServiceName.
Length == 0)
1235 &CapturedServiceName,
1299 DPRINT1(
"Driver deletion pending\n");
1317 CapturedServiceName.
Buffer,
1327 DPRINT1(
"RtlQueryRegistryValues() failed (Status %x)\n",
Status);
1339 DPRINT1(
"IopNormalizeImagePath() failed (Status %x)\n",
Status);
1368 DPRINT1(
"Drivers device object is referenced or has attached devices\n");
1370 SafeToUnload =
FALSE;
1492 WCHAR NameBuffer[100];
1511 LocalDriverName.
Length = NameLength *
sizeof(
WCHAR);
1513 LocalDriverName.
Buffer = NameBuffer;
1518 LocalDriverName = *DriverName;
1573 if (!ServiceKeyName.
Buffer)
1645 DPRINT(
"Calling driver entrypoint at %p\n", InitializationFunction);
1650 DPRINT1(
"'%wZ' initialization failed, status (0x%08lx)\n", DriverName,
Status);
1679 DPRINT1(
"Driver <%wZ> set DriverObject->MajorFunction[%lu] to NULL!\n",
1731 if (!ReinitItem)
return;
1760 if (!ReinitItem)
return;
1781 IN ULONG DriverObjectExtensionSize,
1789 *DriverObjectExtension =
NULL;
1794 DriverObjectExtensionSize,
1810 ClientDriverExtension;
1811 while (DriverExtensions)
1826 if (!DriverExtensions)
1848 *DriverObjectExtension = NewDriverExtension + 1;
1868 while (DriverExtensions)
1886 if (!DriverExtensions)
return NULL;
1887 return DriverExtensions + 1;
1941 return LoadParams.
Status;
1993 DPRINT(
"RtlQueryRegistryValues() failed (Status %lx)\n",
Status);
2004 DPRINT(
"IopNormalizeImagePath() failed (Status %x)\n",
Status);
2008 DPRINT(
"FullImagePath: '%wZ'\n", &ImagePath);
2027 DPRINT(
"Loading module from %wZ\n", &ImagePath);
2031 DPRINT(
"MmLoadSystemImage() failed (Status %lx)\n",
Status);
2043 DPRINT1(
"IopCreateDeviceNode() failed (Status %lx)\n",
Status);
2060 DPRINT1(
"IopInitializeDriverModule() failed (Status %lx)\n",
Status);
2079 DPRINT(
"DriverObject already exist in ObjectManager\n");
2121 DPRINT(
"Privilege not held\n");
2133 DPRINT(
"NtLoadDriver('%wZ')\n", &CapturedDriverServiceName);
static __inline NTSTATUS ProbeAndCaptureUnicodeString(OUT PUNICODE_STRING Dest, IN KPROCESSOR_MODE CurrentMode, IN const UNICODE_STRING *UnsafeSrc)
#define RTL_FIND_CHAR_IN_UNICODE_STRING_START_AT_END
#define STATUS_OBJECT_NAME_COLLISION
static const unsigned char pc2[48]
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
BOOLEAN ExpInTextModeSetup
#define DRVO_BUILTIN_DRIVER
_In_ PCWSTR _Inout_ _At_ QueryTable _Pre_unknown_ PRTL_QUERY_REGISTRY_TABLE QueryTable
#define STATUS_DELETE_PENDING
#define DRVO_LEGACY_DRIVER
#define STATUS_PRIVILEGE_NOT_HELD
_In_ __drv_aliasesMem PSTRING Prefix
NTSYSAPI VOID NTAPI RtlCopyMemory(VOID UNALIGNED *Destination, CONST VOID UNALIGNED *Source, ULONG Length)
PDEVICE_NODE IopRootDeviceNode
VOID NTAPI ExQueueWorkItem(IN PWORK_QUEUE_ITEM WorkItem, IN WORK_QUEUE_TYPE QueueType)
IN OUT PLONG IN OUT PLONG Addend IN OUT PLONG IN LONG IN OUT PLONG IN LONG Increment KeRaiseIrqlToDpcLevel
INIT_FUNCTION NTSTATUS NTAPI RawFsDriverEntry(IN PDRIVER_OBJECT DriverObject, IN PUNICODE_STRING RegistryPath)
struct _IO_CLIENT_EXTENSION * NextExtension
#define STATUS_INSUFFICIENT_RESOURCES
NTSTATUS RtlUpcaseUnicodeString(PUNICODE_STRING dst, PUNICODE_STRING src, BOOLEAN Alloc)
#define KeLowerIrql(oldIrql)
static const unsigned char pc1[56]
NTSTATUS NTAPI IoAllocateDriverObjectExtension(IN PDRIVER_OBJECT DriverObject, IN PVOID ClientIdentificationAddress, IN ULONG DriverObjectExtensionSize, OUT PVOID *DriverObjectExtension)
VOID NTAPI IopReinitializeDrivers(VOID)
_Must_inspect_result_ _Out_ PNDIS_STATUS _In_ NDIS_HANDLE _In_ ULONG _Out_ PNDIS_STRING _Out_ PNDIS_HANDLE KeyHandle
#define STATUS_INVALID_PARAMETER
VOID FASTCALL IopDisplayLoadingMessage(PUNICODE_STRING ServiceName)
NTSYSAPI NTSTATUS NTAPI ZwClose(_In_ HANDLE Handle)
struct _LIST_ENTRY * Blink
FORCEINLINE VOID InsertHeadList(_Inout_ PLIST_ENTRY ListHead, _Inout_ __drv_aliasesMem PLIST_ENTRY Entry)
INIT_FUNCTION VOID NTAPI InbvIndicateProgress(VOID)
_In_ PCWSTR _In_z_ PCWSTR _In_ ULONG ValueType
PLIST_ENTRY NTAPI ExInterlockedInsertTailList(IN OUT PLIST_ENTRY ListHead, IN OUT PLIST_ENTRY ListEntry, IN OUT PKSPIN_LOCK Lock)
#define KeGetPreviousMode()
#define IRP_MJ_MAXIMUM_FUNCTION
NTSTATUS IopCreateDeviceNode(IN PDEVICE_NODE ParentNode, IN PDEVICE_OBJECT PhysicalDeviceObject, IN PUNICODE_STRING ServiceName, OUT PDEVICE_NODE *DeviceNode)
LIST_ENTRY DriverBootReinitListHead
#define STATUS_INVALID_DEVICE_REQUEST
_In_ LPWSTR _In_ ULONG _In_ ULONG _In_ ULONG _Out_ DEVINFO _In_ HDEV _In_ LPWSTR _In_ HANDLE hDriver
INIT_FUNCTION NTSTATUS NTAPI IopInitializeBuiltinDriver(IN PLDR_DATA_TABLE_ENTRY BootLdrEntry)
BOOLEAN NTAPI SeSinglePrivilegeCheck(IN LUID PrivilegeValue, IN KPROCESSOR_MODE PreviousMode)
KPROCESSOR_MODE NTAPI ExGetPreviousMode(VOID)
NTSTATUS NTAPI IopCreateDriver(IN PUNICODE_STRING DriverName OPTIONAL, IN PDRIVER_INITIALIZE InitializationFunction, IN PUNICODE_STRING RegistryPath OPTIONAL, IN PCUNICODE_STRING ServiceName, IN PLDR_DATA_TABLE_ENTRY ModuleObject OPTIONAL, OUT PDRIVER_OBJECT *pDriverObject)
#define FILESYSTEM_ROOT_NAME
VOID NTAPI ObDereferenceObject(IN PVOID Object)
POBJECT_TYPE IoDriverObjectType
ACPI_BUFFER *RetBuffer ACPI_BUFFER *RetBuffer char ACPI_WALK_RESOURCE_CALLBACK void *Context ACPI_BUFFER *RetBuffer UINT16 ACPI_RESOURCE **ResourcePtr ACPI_GENERIC_ADDRESS *Reg UINT32 *ReturnValue UINT8 UINT8 *Slp_TypB ACPI_PHYSICAL_ADDRESS PhysicalAddress64 UINT32 UINT32 *TimeElapsed UINT32 ACPI_STATUS const char UINT32 ACPI_STATUS const char UINT32 const char const char * ModuleName
NTSTATUS FASTCALL IopLoadServiceModule(IN PUNICODE_STRING ServiceName, OUT PLDR_DATA_TABLE_ENTRY *ModuleObject)
_In_ PVOID _Out_opt_ PULONG_PTR _Outptr_opt_ PCUNICODE_STRING * ObjectName
VOID NTAPI IoDeleteDriver(IN PDRIVER_OBJECT DriverObject)
NTSTATUS DriverEntry(PDRIVER_OBJECT DriverObject, PUNICODE_STRING RegistryPath)
#define LDRP_DRIVER_DEPENDENT_DLL
NTSTATUS NTAPI IopInvalidDeviceRequest(PDEVICE_OBJECT DeviceObject, PIRP Irp)
LONG NTAPI KeSetEvent(IN PKEVENT Event, IN KPRIORITY Increment, IN BOOLEAN Wait)
NTSTATUS NTAPI KeWaitForSingleObject(IN PVOID Object, IN KWAIT_REASON WaitReason, IN KPROCESSOR_MODE WaitMode, IN BOOLEAN Alertable, IN PLARGE_INTEGER Timeout OPTIONAL)
VOID NTAPI IopReinitializeBootDrivers(VOID)
#define SERVICE_RECOGNIZER_DRIVER
static int Link(const char **args)
#define MAXIMUM_FILENAME_LENGTH
NTSYSAPI VOID NTAPI RtlCopyUnicodeString(PUNICODE_STRING DestinationString, PUNICODE_STRING SourceString)
USHORT NTAPI PpInitGetGroupOrderIndex(IN HANDLE ServiceHandle)
#define DRVO_REINIT_REGISTERED
VOID NTAPI IoRegisterDriverReinitialization(IN PDRIVER_OBJECT DriverObject, IN PDRIVER_REINITIALIZE ReinitRoutine, IN PVOID Context)
NTSTATUS NTAPI RtlFindCharInUnicodeString(_In_ ULONG Flags, _In_ PCUNICODE_STRING SearchString, _In_ PCUNICODE_STRING MatchString, _Out_ PUSHORT Position)
BOOLEAN NTAPI ExAcquireResourceExclusiveLite(IN PERESOURCE Resource, IN BOOLEAN Wait)
INIT_FUNCTION PUNICODE_STRING *NTAPI CmGetSystemDriverList(VOID)
NTSTATUS IopStartDevice(IN PDEVICE_NODE DeviceNode)
_In_ PUNICODE_STRING ValueName
KSPIN_LOCK DriverReinitListLock
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
NTSTATUS NTAPI ObReferenceObjectByHandle(IN HANDLE Handle, IN ACCESS_MASK DesiredAccess, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, OUT PVOID *Object, OUT POBJECT_HANDLE_INFORMATION HandleInformation OPTIONAL)
PRTL_QUERY_REGISTRY_ROUTINE QueryRoutine
KSPIN_LOCK DriverBootReinitListLock
NTSTATUS(* NTAPI)(IN PFILE_FULL_EA_INFORMATION EaBuffer, IN ULONG EaLength, OUT PULONG ErrorOffset)
#define STATUS_DRIVER_UNABLE_TO_LOAD
struct _SETUP_LOADER_BLOCK * SetupLdrBlock
PEPROCESS PsInitialSystemProcess
struct _DRIVER_OBJECT * DriverObject
NTSTATUS NTAPI MmCallDllInitialize(IN PLDR_DATA_TABLE_ENTRY LdrEntry, IN PLIST_ENTRY ListHead)
#define OBJ_NAME_PATH_SEPARATOR
PDRIVER_EXTENSION DriverExtension
#define PsGetCurrentProcess
PLIST_ENTRY NTAPI ExInterlockedRemoveHeadList(IN OUT PLIST_ENTRY ListHead, IN OUT PKSPIN_LOCK Lock)
NTSTATUS FASTCALL IopNormalizeImagePath(_Inout_ _When_(return >=0, _At_(ImagePath->Buffer, _Post_notnull_ __drv_allocatesMem(Mem))) PUNICODE_STRING ImagePath, _In_ PUNICODE_STRING ServiceName)
_In_ PCWSTR _Inout_ _At_ QueryTable EntryContext
VOID(NTAPI * PDRIVER_REINITIALIZE)(_In_ struct _DRIVER_OBJECT *DriverObject, _In_opt_ PVOID Context, _In_ ULONG Count)
const LUID SeLoadDriverPrivilege
BOOLEAN NTAPI ExIsResourceAcquiredExclusiveLite(IN PERESOURCE Resource)
#define STATUS_INVALID_PARAMETER_2
LIST_ENTRY DriverReinitListHead
static PDRIVER_OBJECT DriverObject
#define IoCompleteRequest
#define _At_(target, annos)
PUNICODE_STRING HardwareDatabase
_Check_return_ _CRTIMP _CONST_RETURN wchar_t *__cdecl wcsrchr(_In_z_ const wchar_t *_Str, _In_ wchar_t _Ch)
PDRIVER_OBJECT DriverObject
NTSTATUS FASTCALL IopInitializeDevice(IN PDEVICE_NODE DeviceNode, IN PDRIVER_OBJECT DriverObject)
NTSTATUS FASTCALL IopGetDriverObject(PDRIVER_OBJECT *DriverObject, PUNICODE_STRING ServiceName, BOOLEAN FileSystem)
#define SERVICE_FILE_SYSTEM_DRIVER
PLOADER_PARAMETER_BLOCK KeLoaderBlock
_In_ PCUNICODE_STRING _In_ PVOID Driver
__drv_aliasesMem _In_ PVOID ClientIdentificationAddress
PFLT_MESSAGE_WAITER_QUEUE CONTAINING_RECORD(Csq, DEVICE_EXTENSION, IrpQueue)) -> WaiterQ.mLock) _IRQL_raises_(DISPATCH_LEVEL) VOID NTAPI FltpAcquireMessageWaiterLock(_In_ PIO_CSQ Csq, _Out_ PKIRQL Irql)
VOID ServiceStart(DWORD argc, LPTSTR *argv)
#define DRVO_UNLOAD_INVOKED
NTSTATUS NTAPI ObCreateObject(IN KPROCESSOR_MODE ProbeMode OPTIONAL, IN POBJECT_TYPE Type, IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, IN KPROCESSOR_MODE AccessMode, IN OUT PVOID ParseContext OPTIONAL, IN ULONG ObjectSize, IN ULONG PagedPoolCharge OPTIONAL, IN ULONG NonPagedPoolCharge OPTIONAL, OUT PVOID *Object)
NTSTATUS NTAPI MmUnloadSystemImage(IN PVOID ImageHandle)
NTSTATUS RtlAppendUnicodeToString(IN PUNICODE_STRING Str1, IN PWSTR Str2)
struct _LIST_ENTRY * Flink
static __inline VOID ReleaseCapturedUnicodeString(IN PUNICODE_STRING CapturedString, IN KPROCESSOR_MODE CurrentMode)
VOID NTAPI MmFreeDriverInitialization(IN PLDR_DATA_TABLE_ENTRY LdrEntry)
NTSTATUS NTAPI IopAttachFilterDriversCallback(PWSTR ValueName, ULONG ValueType, PVOID ValueData, ULONG ValueLength, PVOID Context, PVOID EntryContext)
_In_ KPROCESSOR_MODE PreviousMode
_In_ HANDLE _Outptr_result_bytebuffer_ ViewSize PVOID * BaseAddress
#define __drv_allocatesMem(kind)
#define ExInitializeWorkItem(Item, Routine, Context)
#define DOE_UNLOAD_PENDING
#define TAG_DRIVER_EXTENSION
#define NT_SUCCESS(StatCode)
LIST_ENTRY PsLoadedModuleList
PLIST_ENTRY DriverReinitTailEntry
#define swprintf(buf, format,...)
NTSTATUS NTAPI MiResolveImageReferences(IN PVOID ImageBase, IN PUNICODE_STRING ImageFileDirectory, IN PUNICODE_STRING NamePrefix OPTIONAL, OUT PCHAR *MissingApi, OUT PWCHAR *MissingDriver, OUT PLOAD_IMPORTS *LoadImports)
static const UCHAR Index[8]
_In_ GUID _In_ PVOID ValueData
PLIST_ENTRY IopGroupTable
LIST_ENTRY BootDriverListHead
NTSYSAPI VOID NTAPI RtlFreeUnicodeString(PUNICODE_STRING UnicodeString)
NTSYSAPI NTSTATUS WINAPI RtlQueryRegistryValues(ULONG, PCWSTR, PRTL_QUERY_REGISTRY_TABLE, PVOID, PVOID)
_In_ ULONG _In_ ULONG _In_ ULONG Length
VOID FASTCALL ExReleaseResourceLite(IN PERESOURCE Resource)
VOID NTAPI IopReadyDeviceObjects(IN PDRIVER_OBJECT Driver)
#define OBJ_CASE_INSENSITIVE
VOID NTAPI IoRegisterBootDriverReinitialization(IN PDRIVER_OBJECT DriverObject, IN PDRIVER_REINITIALIZE ReinitRoutine, IN PVOID Context)
ASSERT((InvokeOnSuccess||InvokeOnError||InvokeOnCancel) ?(CompletionRoutine !=NULL) :TRUE)
#define ExAllocatePoolWithTag(hernya, size, tag)
NTSYSAPI BOOLEAN NTAPI RtlCreateUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
DRIVER_INITIALIZE * PDRIVER_INITIALIZE
NTSTATUS NTAPI NtUnloadDriver(IN PUNICODE_STRING DriverServiceName)
NTKERNELAPI volatile KSYSTEM_TIME KeTickCount
_Requires_lock_held_ Interrupt _Releases_lock_ Interrupt _In_ _IRQL_restores_ KIRQL OldIrql
PDRIVER_UNLOAD DriverUnload
_In_ GUID _In_ PVOID _In_ ULONG ValueLength
#define RTL_REGISTRY_HANDLE
PVOID NTAPI IoGetDriverObjectExtension(IN PDRIVER_OBJECT DriverObject, IN PVOID ClientIdentificationAddress)
#define KeEnterCriticalRegion()
struct _DRIVER_OBJECT DRIVER_OBJECT
#define RTL_REGISTRY_ABSOLUTE
static const WCHAR Backslash[]
PPCI_DRIVER_EXTENSION DriverExtension
PLIST_ENTRY DriverBootReinitTailEntry
LIST_ENTRY LoadOrderListHead
PDRIVER_OBJECT DriverObject
UNICODE_STRING ServiceKeyName
IN PDEVICE_OBJECT DeviceObject
struct _FileName FileName
ERESOURCE IopDriverLoadResource
PCUNICODE_STRING RegistryPath
NTSTATUS NTAPI IoCreateDriver(IN PUNICODE_STRING DriverName OPTIONAL, IN PDRIVER_INITIALIZE InitializationFunction)
NTSTATUS NTAPI ObInsertObject(IN PVOID Object, IN PACCESS_STATE AccessState OPTIONAL, IN ACCESS_MASK DesiredAccess, IN ULONG ObjectPointerBias, OUT PVOID *NewObject OPTIONAL, OUT PHANDLE Handle)
UNICODE_STRING RegistryPath
INIT_FUNCTION NTSTATUS NTAPI LdrProcessDriverModule(PLDR_DATA_TABLE_ENTRY LdrEntry, PUNICODE_STRING FileName, PLDR_DATA_TABLE_ENTRY *ModuleObject)
DRIVER_INFORMATION DriverInfo
#define KeLeaveCriticalRegion()
#define KeInitializeEvent(pEvt, foo, foo2)
NTSTATUS NTAPI IopOpenRegistryKeyEx(PHANDLE KeyHandle, HANDLE ParentKey, PUNICODE_STRING Name, ACCESS_MASK DesiredAccess)
INIT_FUNCTION VOID FASTCALL IopInitializeSystemDrivers(VOID)
NTSTATUS FASTCALL IopInitializeDriverModule(IN PDEVICE_NODE DeviceNode, IN PLDR_DATA_TABLE_ENTRY ModuleObject, IN PUNICODE_STRING ServiceName, IN BOOLEAN FileSystemDriver, OUT PDRIVER_OBJECT *DriverObject)
struct _LDR_DATA_TABLE_ENTRY * LdrEntry
VOID NTAPI IopDeleteDriver(IN PVOID ObjectBody)
struct _DRIVER_EXTENSION * PDRIVER_EXTENSION
#define InitializeListHead(ListHead)
UNICODE_STRING IopHardwareDatabaseKey
NTSYSAPI NTSTATUS NTAPI RtlAppendUnicodeStringToString(PUNICODE_STRING Destination, PUNICODE_STRING Source)
UNICODE_STRING BaseDllName
NTHALAPI VOID NTAPI HalDisplayString(PUCHAR String)
#define _When_(expr, annos)
_In_ const STRING * String2
char TextBuffer[BUFFERLEN]
PDRIVER_DISPATCH MajorFunction[IRP_MJ_MAXIMUM_FUNCTION+1]
struct tagContext Context
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
#define RtlZeroMemory(Destination, Length)
#define InitializeObjectAttributes(p, n, a, r, s)
_In_ PUNICODE_STRING RegistryPath
NTSTATUS FASTCALL IopAttachFilterDrivers(PDEVICE_NODE DeviceNode, HANDLE EnumSubKey, HANDLE ClassKey, BOOLEAN Lower)
PDRIVER_REINITIALIZE ReinitRoutine
INIT_FUNCTION VOID FASTCALL IopInitializeBootDrivers(VOID)
#define ExFreePoolWithTag(_P, _T)
PVOID ClientIdentificationAddress
IN BOOLEAN OUT PSTR Buffer
NTSTATUS NTAPI IopUnloadDriver(PUNICODE_STRING DriverServiceName, BOOLEAN UnloadPnpDrivers)
#define IoGetDevObjExtension(DeviceObject)
#define RTL_QUERY_REGISTRY_REQUIRED
#define IoGetDrvObjExtension(DriverObject)
NTSTATUS NTAPI ObReferenceObjectByName(IN PUNICODE_STRING ObjectPath, IN ULONG Attributes, IN PACCESS_STATE PassedAccessState, IN ACCESS_MASK DesiredAccess, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, IN OUT PVOID ParseContext, OUT PVOID *ObjectPtr)
NTSTATUS NTAPI NtLoadDriver(IN PUNICODE_STRING DriverServiceName)
#define OBJ_KERNEL_HANDLE
NTSYSAPI BOOLEAN NTAPI RtlEqualUnicodeString(PUNICODE_STRING String1, PUNICODE_STRING String2, BOOLEAN CaseInSensitive)
size_t __cdecl wcslen(_In_z_ const wchar_t *_Str)
base of all file and directory entries
PDRIVER_INITIALIZE DriverInit
#define RTL_QUERY_REGISTRY_DIRECT
UNICODE_STRING DriverName
NTSTATUS NTAPI IopLoadUnloadDriver(_In_opt_ PCUNICODE_STRING RegistryPath, _Inout_ PDRIVER_OBJECT *DriverObject)
PDEVICE_OBJECT DeviceObject
NTSTATUS NTAPI MmLoadSystemImage(IN PUNICODE_STRING FileName, IN PUNICODE_STRING NamePrefix OPTIONAL, IN PUNICODE_STRING LoadedName OPTIONAL, IN ULONG Flags, OUT PVOID *ModuleObject, OUT PVOID *ImageBaseAddress)
#define STATUS_IMAGE_ALREADY_LOADED
#define DRVO_BOOTREINIT_REGISTERED
USHORT NTAPI PipGetDriverTagPriority(IN HANDLE ServiceHandle)
#define RTL_CONSTANT_STRING(s)
VOID NTAPI ObMakeTemporaryObject(IN PVOID ObjectBody)
VOID NTAPI IopLoadUnloadDriverWorker(_Inout_ PVOID Parameter)
PULONG MinorVersion OPTIONAL
BOOLEAN NTAPI IopSuffixUnicodeString(IN PCUNICODE_STRING String1, IN PCUNICODE_STRING String2)
1.8.15