ReactOS 0.4.16-dev-306-g647d351
dbgk.h File Reference

Go to the source code of this file.

Macros

#define _DBGK_DEBUG_   0x00
 
#define DBGK_THREAD_DEBUG   0x01
 
#define DBGK_PROCESS_DEBUG   0x02
 
#define DBGK_OBJECT_DEBUG   0x04
 
#define DBGK_MESSAGE_DEBUG   0x08
 
#define DBGK_EXCEPTION_DEBUG   0x10
 
#define DBGKTRACE(x, fmt, ...)   DPRINT(fmt, ##__VA_ARGS__)
 

Functions

VOID NTAPI DbgkInitialize (VOID)
 
VOID NTAPI DbgkCreateThread (IN PETHREAD Thread, IN PVOID StartAddress)
 
VOID NTAPI DbgkExitProcess (IN NTSTATUS ExitStatus)
 
VOID NTAPI DbgkExitThread (IN NTSTATUS ExitStatus)
 
VOID NTAPI DbgkMapViewOfSection (IN PVOID Section, IN PVOID BaseAddress, IN ULONG SectionOffset, IN ULONG_PTR ViewSize)
 
VOID NTAPI DbgkUnMapViewOfSection (IN PVOID BaseAddress)
 
BOOLEAN NTAPI DbgkpSuspendProcess (VOID)
 
VOID NTAPI DbgkpResumeProcess (VOID)
 
NTSTATUS NTAPI DbgkpSendApiMessage (IN OUT PDBGKM_MSG ApiMsg, IN BOOLEAN SuspendProcess)
 
HANDLE NTAPI DbgkpSectionToFileHandle (IN PVOID Section)
 
VOID NTAPI DbgkCopyProcessDebugPort (IN PEPROCESS Process, IN PEPROCESS Parent)
 
BOOLEAN NTAPI DbgkForwardException (IN PEXCEPTION_RECORD ExceptionRecord, IN BOOLEAN DebugPort, IN BOOLEAN SecondChance)
 
NTSTATUS NTAPI DbgkClearProcessDebugObject (IN PEPROCESS Process, IN PDEBUG_OBJECT SourceDebugObject)
 
NTSTATUS NTAPI DbgkOpenProcessDebugPort (IN PEPROCESS Process, IN KPROCESSOR_MODE PreviousMode, OUT HANDLE *DebugHandle)
 

Variables

ULONG DbgkpTraceLevel
 
POBJECT_TYPE DbgkDebugObjectType
 

Macro Definition Documentation

◆ _DBGK_DEBUG_

#define _DBGK_DEBUG_   0x00

Definition at line 12 of file dbgk.h.

◆ DBGK_EXCEPTION_DEBUG

#define DBGK_EXCEPTION_DEBUG   0x10

Definition at line 21 of file dbgk.h.

◆ DBGK_MESSAGE_DEBUG

#define DBGK_MESSAGE_DEBUG   0x08

Definition at line 20 of file dbgk.h.

◆ DBGK_OBJECT_DEBUG

#define DBGK_OBJECT_DEBUG   0x04

Definition at line 19 of file dbgk.h.

◆ DBGK_PROCESS_DEBUG

#define DBGK_PROCESS_DEBUG   0x02

Definition at line 18 of file dbgk.h.

◆ DBGK_THREAD_DEBUG

#define DBGK_THREAD_DEBUG   0x01

Definition at line 17 of file dbgk.h.

◆ DBGKTRACE

#define DBGKTRACE (   x,
  fmt,
  ... 
)    DPRINT(fmt, ##__VA_ARGS__)

Definition at line 46 of file dbgk.h.

Function Documentation

◆ DbgkClearProcessDebugObject()

NTSTATUS NTAPI DbgkClearProcessDebugObject ( IN PEPROCESS  Process,
IN PDEBUG_OBJECT  SourceDebugObject 
)

Definition at line 1410 of file dbgkobj.c.

1412{
1413 PDEBUG_OBJECT DebugObject;
1415 LIST_ENTRY TempList;
1416 PLIST_ENTRY NextEntry;
1417 PAGED_CODE();
1418 DBGKTRACE(DBGK_OBJECT_DEBUG, "Process: %p DebugObject: %p\n",
1419 Process, SourceDebugObject);
1420
1421 /* Acquire the port lock */
1423
1424 /* Get the Process Debug Object */
1425 DebugObject = Process->DebugPort;
1426
1427 /*
1428 * Check if the process had an object and it matches,
1429 * or if the process had an object but none was specified
1430 * (in which we are called from NtTerminateProcess)
1431 */
1432 if ((DebugObject) &&
1433 ((DebugObject == SourceDebugObject) ||
1434 (SourceDebugObject == NULL)))
1435 {
1436 /* Clear the debug port */
1437 Process->DebugPort = NULL;
1438
1439 /* Release the port lock and remove the PEB flag */
1442 }
1443 else
1444 {
1445 /* Release the port lock and fail */
1447 return STATUS_PORT_NOT_SET;
1448 }
1449
1450 /* Initialize the temporary list */
1451 InitializeListHead(&TempList);
1452
1453 /* Acquire the Object */
1454 ExAcquireFastMutex(&DebugObject->Mutex);
1455
1456 /* Loop the events */
1457 NextEntry = DebugObject->EventList.Flink;
1458 while (NextEntry != &DebugObject->EventList)
1459 {
1460 /* Get the Event and go to the next entry */
1461 DebugEvent = CONTAINING_RECORD(NextEntry, DEBUG_EVENT, EventList);
1462 NextEntry = NextEntry->Flink;
1463
1464 /* Check that it belongs to the specified process */
1465 if (DebugEvent->Process == Process)
1466 {
1467 /* Insert it into the temporary list */
1468 RemoveEntryList(&DebugEvent->EventList);
1469 InsertTailList(&TempList, &DebugEvent->EventList);
1470 }
1471 }
1472
1473 /* Release the Object */
1474 ExReleaseFastMutex(&DebugObject->Mutex);
1475
1476 /* Release the initial reference */
1477 ObDereferenceObject(DebugObject);
1478
1479 /* Loop our temporary list */
1480 while (!IsListEmpty(&TempList))
1481 {
1482 /* Remove the event */
1483 NextEntry = RemoveHeadList(&TempList);
1484 DebugEvent = CONTAINING_RECORD(NextEntry, DEBUG_EVENT, EventList);
1485
1486 /* Wake it up */
1489 }
1490
1491 /* Return Success */
1492 return STATUS_SUCCESS;
1493}
#define PAGED_CODE()
#define DBGK_OBJECT_DEBUG
Definition: dbgk.h:19
#define DBGKTRACE(x, fmt,...)
Definition: dbgk.h:46
VOID NTAPI DbgkpMarkProcessPeb(IN PEPROCESS Process)
Definition: dbgkobj.c:962
FAST_MUTEX DbgkpProcessDebugPortMutex
Definition: dbgkobj.c:16
VOID NTAPI DbgkpWakeTarget(IN PDEBUG_EVENT DebugEvent)
Definition: dbgkobj.c:426
#define NULL
Definition: types.h:112
#define RemoveEntryList(Entry)
Definition: env_spec_w32.h:986
#define InsertTailList(ListHead, Entry)
#define IsListEmpty(ListHead)
Definition: env_spec_w32.h:954
#define RemoveHeadList(ListHead)
Definition: env_spec_w32.h:964
#define InitializeListHead(ListHead)
Definition: env_spec_w32.h:944
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:223
VOID FASTCALL ExAcquireFastMutex(IN PFAST_MUTEX FastMutex)
Definition: fmutex.c:23
VOID FASTCALL ExReleaseFastMutex(IN PFAST_MUTEX FastMutex)
Definition: fmutex.c:31
#define STATUS_DEBUGGER_INACTIVE
Definition: debugger.c:30
#define STATUS_PORT_NOT_SET
Definition: ntstatus.h:894
#define STATUS_SUCCESS
Definition: shellext.h:65
FAST_MUTEX Mutex
Definition: dbgktypes.h:93
LIST_ENTRY EventList
Definition: dbgktypes.h:94
Definition: typedefs.h:120
struct _LIST_ENTRY * Flink
Definition: typedefs.h:121
#define DebugEvent(tess)
Definition: sweep.c:59
#define CONTAINING_RECORD(address, type, field)
Definition: typedefs.h:260
#define ObDereferenceObject
Definition: obfuncs.h:203

Referenced by NtRemoveProcessDebug(), and NtTerminateProcess().

◆ DbgkCopyProcessDebugPort()

VOID NTAPI DbgkCopyProcessDebugPort ( IN PEPROCESS  Process,
IN PEPROCESS  Parent 
)

Definition at line 276 of file dbgkobj.c.

278{
279 PDEBUG_OBJECT DebugObject;
280 PAGED_CODE();
281 DBGKTRACE(DBGK_PROCESS_DEBUG, "Process: %p Parent: %p\n", Process, Parent);
282
283 /* Clear this process's port */
284 Process->DebugPort = NULL;
285
286 /* Check if the parent has one */
287 if (!Parent->DebugPort) return;
288
289 /* It does, acquire the mutex */
291
292 /* Make sure it still has one, and that we should inherit */
293 DebugObject = Parent->DebugPort;
294 if ((DebugObject) && !(Process->NoDebugInherit))
295 {
296 /* Acquire the debug object's lock */
297 ExAcquireFastMutex(&DebugObject->Mutex);
298
299 /* Make sure the debugger is active */
300 if (!DebugObject->DebuggerInactive)
301 {
302 /* Reference the object and set it */
303 ObReferenceObject(DebugObject);
304 Process->DebugPort = DebugObject;
305 }
306
307 /* Release the debug object */
308 ExReleaseFastMutex(&DebugObject->Mutex);
309 }
310
311 /* Release the port mutex */
313}
ACPI_PHYSICAL_ADDRESS ACPI_SIZE BOOLEAN Warn UINT32 *TableIdx UINT32 ACPI_TABLE_HEADER *OutTableHeader ACPI_TABLE_HEADER **OutTable ACPI_HANDLE UINT32 ACPI_WALK_CALLBACK ACPI_WALK_CALLBACK void void **ReturnValue UINT32 ACPI_BUFFER *RetPathPtr ACPI_OBJECT_HANDLER void *Data ACPI_OBJECT_HANDLER void **Data ACPI_STRING ACPI_OBJECT_LIST ACPI_BUFFER *ReturnObjectBuffer ACPI_DEVICE_INFO **ReturnBuffer ACPI_HANDLE Parent
Definition: acpixf.h:732
#define DBGK_PROCESS_DEBUG
Definition: dbgk.h:18
UCHAR DebuggerInactive
Definition: dbgktypes.h:100
#define ObReferenceObject
Definition: obfuncs.h:204

Referenced by PspCreateProcess().

◆ DbgkCreateThread()

VOID NTAPI DbgkCreateThread ( IN PETHREAD  Thread,
IN PVOID  StartAddress 
)

Definition at line 87 of file dbgkutil.c.

89{
91 ULONG ProcessFlags;
92 IMAGE_INFO ImageInfo;
93 PIMAGE_NT_HEADERS NtHeader;
95 UNICODE_STRING NtDllName;
97 PVOID DebugPort;
98 DBGKM_MSG ApiMessage;
101 PDBGKM_LOAD_DLL LoadDll = &ApiMessage.LoadDll;
104 PTEB Teb;
105 PAGED_CODE();
106
107 /* Sanity check */
109
110 /* Try ORing in the create reported and image notify flags */
111 ProcessFlags = PspSetProcessFlag(Process,
114
115 /* Check if we were the first to set them or if another thread raced us */
116 if (!(ProcessFlags & PSF_IMAGE_NOTIFY_DONE_BIT) && (PsImageNotifyEnabled))
117 {
118 /* It hasn't.. set up the image info for the process */
119 ImageInfo.Properties = 0;
121 ImageInfo.ImageBase = Process->SectionBaseAddress;
122 ImageInfo.ImageSize = 0;
123 ImageInfo.ImageSelector = 0;
124 ImageInfo.ImageSectionNumber = 0;
125
126 /* Get the NT Headers */
127 NtHeader = RtlImageNtHeader(Process->SectionBaseAddress);
128 if (NtHeader)
129 {
130 /* Set image size */
131 ImageInfo.ImageSize = NtHeader->OptionalHeader.SizeOfImage;
132 }
133
134 /* Get the image name */
136 if (NT_SUCCESS(Status))
137 {
138 /* Call the notify routines and free the name */
140 Process->UniqueProcessId,
141 &ImageInfo);
143 }
144 else
145 {
146 /* Call the notify routines */
148 Process->UniqueProcessId,
149 &ImageInfo);
150 }
151
152 /* Setup the info for ntdll.dll */
153 ImageInfo.Properties = 0;
155 ImageInfo.ImageBase = PspSystemDllBase;
156 ImageInfo.ImageSize = 0;
157 ImageInfo.ImageSelector = 0;
158 ImageInfo.ImageSectionNumber = 0;
159
160 /* Get the NT Headers */
162 if (NtHeader)
163 {
164 /* Set image size */
165 ImageInfo.ImageSize = NtHeader->OptionalHeader.SizeOfImage;
166 }
167
168 /* Call the notify routines */
169 RtlInitUnicodeString(&NtDllName,
170 L"\\SystemRoot\\System32\\ntdll.dll");
172 Process->UniqueProcessId,
173 &ImageInfo);
174 }
175
176 /* Fail if we have no port */
177 DebugPort = Process->DebugPort;
178 if (!DebugPort) return;
179
180 /* Check if create was not already reported */
181 if (!(ProcessFlags & PSF_CREATE_REPORTED_BIT))
182 {
183 /* Setup the information structure for the new thread */
184 CreateProcess->InitialThread.SubSystemKey = 0;
185 CreateProcess->InitialThread.StartAddress = NULL;
186
187 /* And for the new process */
188 CreateProcess->SubSystemKey = 0;
191 CreateProcess->BaseOfImage = Process->SectionBaseAddress;
192 CreateProcess->DebugInfoFileOffset = 0;
193 CreateProcess->DebugInfoSize = 0;
194
195 /* Get the NT Header */
196 NtHeader = RtlImageNtHeader(Process->SectionBaseAddress);
197 if (NtHeader)
198 {
199 /* Fill out data from the header */
200 CreateProcess->InitialThread.StartAddress =
203 CreateProcess->DebugInfoFileOffset = NtHeader->FileHeader.
204 PointerToSymbolTable;
205 CreateProcess->DebugInfoSize = NtHeader->FileHeader.
206 NumberOfSymbols;
207 }
208
209 /* Setup the API Message */
210 ApiMessage.h.u1.Length = sizeof(DBGKM_MSG) << 16 |
211 (8 + sizeof(DBGKM_CREATE_PROCESS));
212 ApiMessage.h.u2.ZeroInit = 0;
213 ApiMessage.h.u2.s2.Type = LPC_DEBUG_EVENT;
214 ApiMessage.ApiNumber = DbgKmCreateProcessApi;
215
216 /* Send the message */
217 DbgkpSendApiMessage(&ApiMessage, FALSE);
218
219 /* Close the handle */
221
222 /* Setup the parameters */
223 LoadDll->BaseOfDll = PspSystemDllBase;
224 LoadDll->DebugInfoFileOffset = 0;
225 LoadDll->DebugInfoSize = 0;
226 LoadDll->NamePointer = NULL;
227
228 /* Get the NT Headers */
230 if (NtHeader)
231 {
232 /* Fill out debug information */
233 LoadDll->DebugInfoFileOffset = NtHeader->
234 FileHeader.PointerToSymbolTable;
235 LoadDll->DebugInfoSize = NtHeader->FileHeader.NumberOfSymbols;
236 }
237
238 /* Get the TEB */
239 Teb = Thread->Tcb.Teb;
240 if (Teb)
241 {
242 /* Copy the system library name and link to it */
244 L"ntdll.dll",
245 sizeof(Teb->StaticUnicodeBuffer) / sizeof(WCHAR));
247
248 /* Return it in the debug event as well */
249 LoadDll->NamePointer = &Teb->NtTib.ArbitraryUserPointer;
250 }
251
252 /* Get a handle */
258 NULL,
259 NULL);
260 Status = ZwOpenFile(&LoadDll->FileHandle,
268 if (NT_SUCCESS(Status))
269 {
270 /* Setup the API Message */
271 ApiMessage.h.u1.Length = sizeof(DBGKM_MSG) << 16 |
272 (8 + sizeof(DBGKM_LOAD_DLL));
273 ApiMessage.h.u2.ZeroInit = 0;
274 ApiMessage.h.u2.s2.Type = LPC_DEBUG_EVENT;
275 ApiMessage.ApiNumber = DbgKmLoadDllApi;
276
277 /* Send the message */
278 DbgkpSendApiMessage(&ApiMessage, TRUE);
279
280 /* Close the handle */
282 }
283 }
284 else
285 {
286 /* Otherwise, do it just for the thread */
287 CreateThread->SubSystemKey = 0;
288 CreateThread->StartAddress = StartAddress;
289
290 /* Setup the API Message */
291 ApiMessage.h.u1.Length = sizeof(DBGKM_MSG) << 16 |
292 (8 + sizeof(DBGKM_CREATE_THREAD));
293 ApiMessage.h.u2.ZeroInit = 0;
294 ApiMessage.h.u2.s2.Type = LPC_DEBUG_EVENT;
295 ApiMessage.ApiNumber = DbgKmCreateThreadApi;
296
297 /* Send the message */
298 DbgkpSendApiMessage(&ApiMessage, TRUE);
299 }
300}
ACPI_BUFFER *RetBuffer ACPI_BUFFER *RetBuffer char ACPI_WALK_RESOURCE_CALLBACK void *Context ACPI_BUFFER *RetBuffer UINT16 ACPI_RESOURCE **ResourcePtr ACPI_GENERIC_ADDRESS *Reg UINT32 *ReturnValue UINT8 UINT8 *Slp_TypB ACPI_PHYSICAL_ADDRESS PhysicalAddress64 UINT32 UINT32 *TimeElapsed UINT32 ACPI_STATUS const char UINT32 ACPI_STATUS const char UINT32 const char const char * ModuleName
Definition: acpixf.h:1280
LONG NTSTATUS
Definition: precomp.h:26
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
Definition: conport.c:36
NTSTATUS NTAPI DbgkpSendApiMessage(IN OUT PDBGKM_MSG ApiMsg, IN BOOLEAN SuspendProcess)
Definition: dbgkobj.c:242
struct _DBGKM_MSG DBGKM_MSG
@ DbgKmCreateProcessApi
Definition: dbgktypes.h:68
@ DbgKmCreateThreadApi
Definition: dbgktypes.h:67
@ DbgKmLoadDllApi
Definition: dbgktypes.h:71
HANDLE NTAPI DbgkpSectionToFileHandle(IN PVOID Section)
Definition: dbgkutil.c:19
#define TRUE
Definition: types.h:120
#define FALSE
Definition: types.h:117
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:33
#define GENERIC_READ
Definition: compat.h:135
#define RtlImageNtHeader
Definition: compat.h:806
#define FILE_SHARE_READ
Definition: compat.h:136
HANDLE WINAPI DECLSPEC_HOTPATCH CreateThread(IN LPSECURITY_ATTRIBUTES lpThreadAttributes, IN DWORD dwStackSize, IN LPTHREAD_START_ROUTINE lpStartAddress, IN LPVOID lpParameter, IN DWORD dwCreationFlags, OUT LPDWORD lpThreadId)
Definition: thread.c:137
#define PsGetCurrentThread()
Definition: env_spec_w32.h:81
#define ExFreePool(addr)
Definition: env_spec_w32.h:352
_In_opt_ PFILE_OBJECT _In_opt_ PETHREAD Thread
Definition: fltkernel.h:2653
#define FILE_SYNCHRONOUS_IO_NONALERT
Definition: from_kernel.h:31
_Must_inspect_result_ _Outptr_ PVOID * SectionObject
Definition: fsrtlfuncs.h:860
Status
Definition: gdiplustypes.h:25
#define PSF_CREATE_REPORTED_BIT
Definition: pstypes.h:274
#define PSF_IMAGE_NOTIFY_DONE_BIT
Definition: pstypes.h:295
#define OBJ_KERNEL_HANDLE
Definition: winternl.h:231
#define OBJ_CASE_INSENSITIVE
Definition: winternl.h:228
#define OBJ_FORCE_ACCESS_CHECK
Definition: winternl.h:232
#define IMAGE_ADDRESSING_MODE_32BIT
Definition: pstypes.h:194
#define ASSERT(a)
Definition: mode.c:44
static OUT PIO_STATUS_BLOCK IoStatusBlock
Definition: pipe.c:75
#define LPC_DEBUG_EVENT
Definition: port.c:100
#define InitializeObjectAttributes(p, n, a, r, s)
Definition: reg.c:106
#define KernelMode
Definition: asm.h:34
NTSYSAPI NTSTATUS NTAPI ZwOpenFile(_Out_ PHANDLE FileHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES ObjectAttributes, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _In_ ULONG ShareAccess, _In_ ULONG OpenOptions)
#define FILE_SHARE_WRITE
Definition: nt_native.h:681
#define SYNCHRONIZE
Definition: nt_native.h:61
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
#define FILE_SHARE_DELETE
Definition: nt_native.h:682
NTSTATUS NTAPI MmGetFileNameForSection(IN PVOID Section, OUT POBJECT_NAME_INFORMATION *ModuleName)
Definition: section.c:1668
#define L(x)
Definition: ntvdm.h:50
NTSTATUS NTAPI ObCloseHandle(IN HANDLE Handle, IN KPROCESSOR_MODE AccessMode)
Definition: obhandle.c:3379
UNICODE_STRING PsNtDllPathName
Definition: psmgr.c:45
BOOLEAN PsImageNotifyEnabled
Definition: psnotify.c:18
PVOID PspSystemDllBase
Definition: psmgr.c:41
FORCEINLINE VOID PspRunLoadImageNotifyRoutines(PUNICODE_STRING FullImageName, HANDLE ProcessId, PIMAGE_INFO ImageInfo)
Definition: ps_x.h:84
#define PspSetProcessFlag(Process, Flag)
Definition: ps_x.h:33
_CRTIMP wchar_t *__cdecl wcsncpy(wchar_t *_Dest, const wchar_t *_Source, size_t _Count)
HANDLE FileHandle
Definition: dbgktypes.h:163
PVOID NamePointer
Definition: dbgktypes.h:167
ULONG DebugInfoFileOffset
Definition: dbgktypes.h:165
ULONG DebugInfoSize
Definition: dbgktypes.h:166
PORT_MESSAGE h
Definition: dbgktypes.h:208
DBGKM_CREATE_THREAD CreateThread
Definition: dbgktypes.h:214
DBGKM_CREATE_PROCESS CreateProcess
Definition: dbgktypes.h:215
DBGKM_LOAD_DLL LoadDll
Definition: dbgktypes.h:218
DBGKM_APINUMBER ApiNumber
Definition: dbgktypes.h:209
KTHREAD Tcb
Definition: pstypes.h:1104
DWORD NumberOfSymbols
Definition: ntddk_ex.h:126
SIZE_T ImageSize
Definition: pstypes.h:209
ULONG ImageSectionNumber
Definition: pstypes.h:210
PVOID ImageBase
Definition: pstypes.h:207
ULONG Properties
Definition: pstypes.h:198
ULONG ImageAddressingMode
Definition: pstypes.h:200
ULONG ImageSelector
Definition: pstypes.h:208
IMAGE_OPTIONAL_HEADER32 OptionalHeader
Definition: ntddk_ex.h:184
IMAGE_FILE_HEADER FileHeader
Definition: ntddk_ex.h:183
PVOID Teb
Definition: ketypes.h:1807
PVOID ArbitraryUserPointer
Definition: compat.h:719
Definition: compat.h:836
WCHAR StaticUnicodeBuffer[261]
Definition: compat.h:877
NT_TIB NtTib
Definition: ntddk_ex.h:332
void * PVOID
Definition: typedefs.h:50
uint32_t ULONG_PTR
Definition: typedefs.h:65
uint32_t ULONG
Definition: typedefs.h:59
#define CreateProcess
Definition: winbase.h:3783
#define PsGetCurrentProcess
Definition: psfuncs.h:17
__wchar_t WCHAR
Definition: xmlstorage.h:180

Referenced by PspUserThreadStartup().

◆ DbgkExitProcess()

VOID NTAPI DbgkExitProcess ( IN NTSTATUS  ExitStatus)

Definition at line 304 of file dbgkutil.c.

305{
306 DBGKM_MSG ApiMessage;
310 PAGED_CODE();
311
312 /* Check if this thread is hidden, doesn't have a debug port, or died */
313 if ((Thread->HideFromDebugger) ||
314 !(Process->DebugPort) ||
315 (Thread->DeadThread))
316 {
317 /* Don't notify the debugger */
318 return;
319 }
320
321 /* Set the exit status */
322 ExitProcess->ExitStatus = ExitStatus;
323
324 /* Setup the API Message */
325 ApiMessage.h.u1.Length = sizeof(DBGKM_MSG) << 16 |
326 (8 + sizeof(DBGKM_EXIT_PROCESS));
327 ApiMessage.h.u2.ZeroInit = 0;
328 ApiMessage.h.u2.s2.Type = LPC_DEBUG_EVENT;
329 ApiMessage.ApiNumber = DbgKmExitProcessApi;
330
331 /* Set the current exit time */
332 KeQuerySystemTime(&Process->ExitTime);
333
334 /* Send the message */
335 DbgkpSendApiMessage(&ApiMessage, FALSE);
336}
@ DbgKmExitProcessApi
Definition: dbgktypes.h:70
VOID WINAPI ExitProcess(IN UINT uExitCode)
Definition: proc.c:1487
#define KeQuerySystemTime(t)
Definition: env_spec_w32.h:570
_In_ NTSTATUS ExitStatus
Definition: psfuncs.h:867
DBGKM_EXIT_PROCESS ExitProcess
Definition: dbgktypes.h:217
ULONG HideFromDebugger
Definition: pstypes.h:1181

Referenced by PspExitThread().

◆ DbgkExitThread()

VOID NTAPI DbgkExitThread ( IN NTSTATUS  ExitStatus)

Definition at line 340 of file dbgkutil.c.

341{
342 DBGKM_MSG ApiMessage;
347 PAGED_CODE();
348
349 /* Check if this thread is hidden, doesn't have a debug port, or died */
350 if ((Thread->HideFromDebugger) ||
351 !(Process->DebugPort) ||
352 (Thread->DeadThread))
353 {
354 /* Don't notify the debugger */
355 return;
356 }
357
358 /* Set the exit status */
359 ExitThread->ExitStatus = ExitStatus;
360
361 /* Setup the API Message */
362 ApiMessage.h.u1.Length = sizeof(DBGKM_MSG) << 16 |
363 (8 + sizeof(DBGKM_EXIT_THREAD));
364 ApiMessage.h.u2.ZeroInit = 0;
365 ApiMessage.h.u2.s2.Type = LPC_DEBUG_EVENT;
366 ApiMessage.ApiNumber = DbgKmExitThreadApi;
367
368 /* Suspend the process */
370
371 /* Send the message */
372 DbgkpSendApiMessage(&ApiMessage, FALSE);
373
374 /* Resume the process if needed */
376}
unsigned char BOOLEAN
@ DbgKmExitThreadApi
Definition: dbgktypes.h:69
VOID NTAPI DbgkpResumeProcess(VOID)
Definition: dbgkutil.c:77
BOOLEAN NTAPI DbgkpSuspendProcess(VOID)
Definition: dbgkutil.c:57
VOID WINAPI ExitThread(IN DWORD uExitCode)
Definition: thread.c:365
DBGKM_EXIT_THREAD ExitThread
Definition: dbgktypes.h:216
@ Suspended
Definition: ketypes.h:420

Referenced by PspExitThread().

◆ DbgkForwardException()

BOOLEAN NTAPI DbgkForwardException ( IN PEXCEPTION_RECORD  ExceptionRecord,
IN BOOLEAN  DebugPort,
IN BOOLEAN  SecondChance 
)

Definition at line 317 of file dbgkobj.c.

320{
321 DBGKM_MSG ApiMessage;
322 PDBGKM_EXCEPTION DbgKmException = &ApiMessage.Exception;
325 PVOID Port;
326 BOOLEAN UseLpc = FALSE;
327 PAGED_CODE();
329 "ExceptionRecord: %p Port: %u\n", ExceptionRecord, DebugPort);
330
331 /* Setup the API Message */
332 ApiMessage.h.u1.Length = sizeof(DBGKM_MSG) << 16 |
333 (8 + sizeof(DBGKM_EXCEPTION));
334 ApiMessage.h.u2.ZeroInit = 0;
335 ApiMessage.h.u2.s2.Type = LPC_DEBUG_EVENT;
336 ApiMessage.ApiNumber = DbgKmExceptionApi;
337
338 /* Check if this is to be sent on the debug port */
339 if (DebugPort)
340 {
341 /* Use the debug port, unless the thread is being hidden */
342 Port = PsGetCurrentThread()->HideFromDebugger ?
343 NULL : Process->DebugPort;
344 }
345 else
346 {
347 /* Otherwise, use the exception port */
348 Port = Process->ExceptionPort;
349 ApiMessage.h.u2.ZeroInit = 0;
350 ApiMessage.h.u2.s2.Type = LPC_EXCEPTION;
351 UseLpc = TRUE;
352 }
353
354 /* Break out if there's no port */
355 if (!Port) return FALSE;
356
357 /* Fill out the exception information */
358 DbgKmException->ExceptionRecord = *ExceptionRecord;
359 DbgKmException->FirstChance = !SecondChance;
360
361 /* Check if we should use LPC */
362 if (UseLpc)
363 {
364 /* Send the message on the LPC Port */
365 Status = DbgkpSendApiMessageLpc(&ApiMessage, Port, DebugPort);
366 }
367 else
368 {
369 /* Use native debug object */
370 Status = DbgkpSendApiMessage(&ApiMessage, DebugPort);
371 }
372
373 /* Check if we failed, and for a debug port, also check the return status */
374 if (!(NT_SUCCESS(Status)) ||
375 ((DebugPort) &&
376 (!(NT_SUCCESS(ApiMessage.ReturnedStatus)) ||
378 {
379 /* Fail */
380 return FALSE;
381 }
382
383 /* Otherwise, we're ok */
384 return TRUE;
385}
#define DBGK_EXCEPTION_DEBUG
Definition: dbgk.h:21
NTSTATUS NTAPI DbgkpSendApiMessageLpc(IN OUT PDBGKM_MSG Message, IN PVOID Port, IN BOOLEAN SuspendProcess)
Definition: dbgkobj.c:206
@ DbgKmExceptionApi
Definition: dbgktypes.h:66
CPPORT Port[4]
Definition: headless.c:35
#define LPC_EXCEPTION
Definition: port.c:99
#define DBG_EXCEPTION_NOT_HANDLED
Definition: ntstatus.h:57
EXCEPTION_RECORD ExceptionRecord
Definition: dbgktypes.h:131
NTSTATUS ReturnedStatus
Definition: dbgktypes.h:210
DBGKM_EXCEPTION Exception
Definition: dbgktypes.h:213

Referenced by KiDispatchException().

◆ DbgkInitialize()

VOID NTAPI DbgkInitialize ( VOID  )

Definition at line 1498 of file dbgkobj.c.

1499{
1500 OBJECT_TYPE_INITIALIZER ObjectTypeInitializer;
1502 PAGED_CODE();
1503
1504 /* Initialize the process debug port mutex */
1506
1507 /* Create the Debug Object Type */
1508 RtlZeroMemory(&ObjectTypeInitializer, sizeof(ObjectTypeInitializer));
1509 RtlInitUnicodeString(&Name, L"DebugObject");
1510 ObjectTypeInitializer.Length = sizeof(ObjectTypeInitializer);
1511 ObjectTypeInitializer.DefaultNonPagedPoolCharge = sizeof(DEBUG_OBJECT);
1512 ObjectTypeInitializer.GenericMapping = DbgkDebugObjectMapping;
1513 ObjectTypeInitializer.PoolType = NonPagedPool;
1514 ObjectTypeInitializer.ValidAccessMask = DEBUG_OBJECT_ALL_ACCESS;
1515 ObjectTypeInitializer.SecurityRequired = TRUE;
1516 ObjectTypeInitializer.CloseProcedure = DbgkpCloseObject;
1517 ObjectTypeInitializer.DeleteProcedure = DbgkpDeleteObject;
1519 &ObjectTypeInitializer,
1520 NULL,
1522}
struct NameRec_ * Name
Definition: cdprocs.h:460
VOID NTAPI DbgkpDeleteObject(IN PVOID DebugObject)
Definition: dbgkobj.c:1101
POBJECT_TYPE DbgkDebugObjectType
Definition: dbgkobj.c:15
VOID NTAPI DbgkpCloseObject(IN PEPROCESS OwnerProcess OPTIONAL, IN PVOID ObjectBody, IN ACCESS_MASK GrantedAccess, IN ULONG HandleCount, IN ULONG SystemHandleCount)
Definition: dbgkobj.c:1111
GENERIC_MAPPING DbgkDebugObjectMapping
Definition: dbgkobj.c:19
#define DEBUG_OBJECT_ALL_ACCESS
Definition: dbgktypes.h:34
struct _DEBUG_OBJECT DEBUG_OBJECT
#define NonPagedPool
Definition: env_spec_w32.h:307
NTSTATUS NTAPI ObCreateObjectType(IN PUNICODE_STRING TypeName, IN POBJECT_TYPE_INITIALIZER ObjectTypeInitializer, IN PVOID Reserved, OUT POBJECT_TYPE *ObjectType)
Definition: oblife.c:1136
OB_CLOSE_METHOD CloseProcedure
Definition: obtypes.h:368
GENERIC_MAPPING GenericMapping
Definition: obtypes.h:358
OB_DELETE_METHOD DeleteProcedure
Definition: obtypes.h:369
ULONG DefaultNonPagedPoolCharge
Definition: obtypes.h:365
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:262
FORCEINLINE VOID ExInitializeFastMutex(_Out_ PFAST_MUTEX FastMutex)
Definition: exfuncs.h:274

Referenced by ExpInitializeExecutive().

◆ DbgkMapViewOfSection()

VOID NTAPI DbgkMapViewOfSection ( IN PVOID  Section,
IN PVOID  BaseAddress,
IN ULONG  SectionOffset,
IN ULONG_PTR  ViewSize 
)

Definition at line 380 of file dbgkutil.c.

384{
385 DBGKM_MSG ApiMessage;
386 PDBGKM_LOAD_DLL LoadDll = &ApiMessage.LoadDll;
389 PIMAGE_NT_HEADERS NtHeader;
390 PAGED_CODE();
392 "Section: %p. Base: %p\n", Section, BaseAddress);
393
394 /* Check if this thread is kernel, hidden or doesn't have a debug port */
395 if ((ExGetPreviousMode() == KernelMode) ||
397 !(Process->DebugPort))
398 {
399 /* Don't notify the debugger */
400 return;
401 }
402
403 /* Setup the parameters */
404 LoadDll->FileHandle = DbgkpSectionToFileHandle(Section);
405 LoadDll->BaseOfDll = BaseAddress;
406 LoadDll->DebugInfoFileOffset = 0;
407 LoadDll->DebugInfoSize = 0;
408 LoadDll->NamePointer = &NtCurrentTeb()->NtTib.ArbitraryUserPointer;
409
410 /* Get the NT Headers */
411 NtHeader = RtlImageNtHeader(BaseAddress);
412 if (NtHeader)
413 {
414 /* Fill out debug information */
415 LoadDll->DebugInfoFileOffset = NtHeader->FileHeader.
416 PointerToSymbolTable;
417 LoadDll->DebugInfoSize = NtHeader->FileHeader.NumberOfSymbols;
418 }
419
420 /* Setup the API Message */
421 ApiMessage.h.u1.Length = sizeof(DBGKM_MSG) << 16 |
422 (8 + sizeof(DBGKM_LOAD_DLL));
423 ApiMessage.h.u2.ZeroInit = 0;
424 ApiMessage.h.u2.s2.Type = LPC_DEBUG_EVENT;
425 ApiMessage.ApiNumber = DbgKmLoadDllApi;
426
427 /* Send the message */
428 DbgkpSendApiMessage(&ApiMessage, TRUE);
429
430 /* Close the handle */
432}
#define ExGetPreviousMode
Definition: ex.h:140
#define NtCurrentTeb
_In_ HANDLE _Outptr_result_bytebuffer_ ViewSize PVOID * BaseAddress
Definition: mmfuncs.h:404

Referenced by NtMapViewOfSection().

◆ DbgkOpenProcessDebugPort()

NTSTATUS NTAPI DbgkOpenProcessDebugPort ( IN PEPROCESS  Process,
IN KPROCESSOR_MODE  PreviousMode,
OUT HANDLE DebugHandle 
)

Definition at line 1526 of file dbgkobj.c.

1529{
1530 PDEBUG_OBJECT DebugObject;
1532 PAGED_CODE();
1533
1534 /* If there's no debug port, just exit */
1535 if (!Process->DebugPort) return STATUS_PORT_NOT_SET;
1536
1537 /* Otherwise, acquire the lock while we grab the port */
1539
1540 /* Grab it and reference it if it exists */
1541 DebugObject = Process->DebugPort;
1542 if (DebugObject) ObReferenceObject(DebugObject);
1543
1544 /* Release the lock now */
1546
1547 /* Bail out if it doesn't exist */
1548 if (!DebugObject) return STATUS_PORT_NOT_SET;
1549
1550 /* Now get a handle to it */
1551 Status = ObOpenObjectByPointer(DebugObject,
1552 0,
1553 NULL,
1557 DebugHandle);
1558 if (!NT_SUCCESS(Status)) ObDereferenceObject(DebugObject);
1559
1560 /* Return status */
1561 return Status;
1562}
#define MAXIMUM_ALLOWED
Definition: nt_native.h:83
NTSTATUS NTAPI ObOpenObjectByPointer(IN PVOID Object, IN ULONG HandleAttributes, IN PACCESS_STATE PassedAccessState, IN ACCESS_MASK DesiredAccess, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, OUT PHANDLE Handle)
Definition: obhandle.c:2742
_In_ KPROCESSOR_MODE PreviousMode
Definition: sefuncs.h:103

Referenced by NtQueryInformationProcess().

◆ DbgkpResumeProcess()

VOID NTAPI DbgkpResumeProcess ( VOID  )

Definition at line 77 of file dbgkutil.c.

78{
79 PAGED_CODE();
80
81 /* Thaw all the threads */
83}
VOID NTAPI KeThawAllThreads(VOID)
Definition: thrdobj.c:660

Referenced by DbgkExitThread(), DbgkpSendApiMessage(), and DbgkpSendApiMessageLpc().

◆ DbgkpSectionToFileHandle()

HANDLE NTAPI DbgkpSectionToFileHandle ( IN PVOID  Section)

Definition at line 19 of file dbgkutil.c.

20{
26 PAGED_CODE();
27
28 /* Get the filename of the section */
30 if (!NT_SUCCESS(Status)) return NULL;
31
32 /* Initialize object attributes */
34 &FileName->Name,
38 NULL,
39 NULL);
40
41 /* Open the file */
48
49 /* Free the name and return the handle if we succeeded */
51 if (!NT_SUCCESS(Status)) return NULL;
52 return Handle;
53}
struct _FileName FileName
Definition: fatprocs.h:897
ULONG Handle
Definition: gdb_input.c:15
TCHAR Name[MAX_PATH]
Definition: filecomp.c:349

Referenced by DbgkCreateThread(), DbgkMapViewOfSection(), and DbgkpPostFakeThreadMessages().

◆ DbgkpSendApiMessage()

NTSTATUS NTAPI DbgkpSendApiMessage ( IN OUT PDBGKM_MSG  ApiMsg,
IN BOOLEAN  SuspendProcess 
)

Definition at line 242 of file dbgkobj.c.

244{
247 PAGED_CODE();
248 DBGKTRACE(DBGK_MESSAGE_DEBUG, "ApiMsg: %p SuspendProcess: %lx\n", ApiMsg, SuspendProcess);
249
250 /* Suspend process if required */
251 if (SuspendProcess) Suspended = DbgkpSuspendProcess();
252
253 /* Set return status */
254 ApiMsg->ReturnedStatus = STATUS_PENDING;
255
256 /* Set create process reported state */
258
259 /* Send the LPC command */
262 ApiMsg,
263 0,
264 NULL);
265
266 /* Flush the instruction cache */
268
269 /* Resume the process if it was suspended */
271 return Status;
272}
#define STATUS_PENDING
Definition: d3dkmdt.h:43
#define DBGK_MESSAGE_DEBUG
Definition: dbgk.h:20
NTSTATUS NTAPI DbgkpQueueMessage(IN PEPROCESS Process, IN PETHREAD Thread, IN PDBGKM_MSG Message, IN ULONG Flags, IN PDEBUG_OBJECT TargetObject OPTIONAL)
Definition: dbgkobj.c:39
NTSYSAPI NTSTATUS NTAPI ZwFlushInstructionCache(_In_ HANDLE ProcessHandle, _In_ PVOID BaseAddress, _In_ ULONG NumberOfBytesToFlush)
#define NtCurrentProcess()
Definition: nt_native.h:1657

Referenced by DbgkCreateThread(), DbgkExitProcess(), DbgkExitThread(), DbgkForwardException(), DbgkMapViewOfSection(), and DbgkUnMapViewOfSection().

◆ DbgkpSuspendProcess()

BOOLEAN NTAPI DbgkpSuspendProcess ( VOID  )

Definition at line 57 of file dbgkutil.c.

58{
59 PAGED_CODE();
60
61 /* Make sure this isn't a deleted process */
62 if (!PsGetCurrentProcess()->ProcessDelete)
63 {
64 /* Freeze all the threads */
66 return TRUE;
67 }
68 else
69 {
70 /* No suspend was done */
71 return FALSE;
72 }
73}
VOID NTAPI KeFreezeAllThreads(VOID)
Definition: thrdobj.c:306

Referenced by DbgkExitThread(), DbgkpSendApiMessage(), and DbgkpSendApiMessageLpc().

◆ DbgkUnMapViewOfSection()

VOID NTAPI DbgkUnMapViewOfSection ( IN PVOID  BaseAddress)

Definition at line 436 of file dbgkutil.c.

437{
438 DBGKM_MSG ApiMessage;
439 PDBGKM_UNLOAD_DLL UnloadDll = &ApiMessage.UnloadDll;
442 PAGED_CODE();
443
444 /* Check if this thread is kernel, hidden or doesn't have a debug port */
445 if ((ExGetPreviousMode() == KernelMode) ||
447 !(Process->DebugPort))
448 {
449 /* Don't notify the debugger */
450 return;
451 }
452
453 /* Set the DLL Base */
454 UnloadDll->BaseAddress = BaseAddress;
455
456 /* Setup the API Message */
457 ApiMessage.h.u1.Length = sizeof(DBGKM_MSG) << 16 |
458 (8 + sizeof(DBGKM_UNLOAD_DLL));
459 ApiMessage.h.u2.ZeroInit = 0;
460 ApiMessage.h.u2.s2.Type = LPC_DEBUG_EVENT;
461 ApiMessage.ApiNumber = DbgKmUnloadDllApi;
462
463 /* Send the message */
464 DbgkpSendApiMessage(&ApiMessage, TRUE);
465}
@ DbgKmUnloadDllApi
Definition: dbgktypes.h:72
DBGKM_UNLOAD_DLL UnloadDll
Definition: dbgktypes.h:219

Referenced by MiRosUnmapViewOfSection(), and MiUnmapViewOfSection().

Variable Documentation

◆ DbgkDebugObjectType

◆ DbgkpTraceLevel

ULONG DbgkpTraceLevel
extern

Definition at line 17 of file dbgkobj.c.