#include <ntoskrnl.h>#include <debug.h>
Include dependency graph for dbgkutil.c:
Go to the source code of this file.
Macros | |
| #define | NDEBUG |
Functions | |
| HANDLE NTAPI | DbgkpSectionToFileHandle (IN PVOID Section) |
| BOOLEAN NTAPI | DbgkpSuspendProcess (VOID) |
| VOID NTAPI | DbgkpResumeProcess (VOID) |
| VOID NTAPI | DbgkCreateThread (IN PETHREAD Thread, IN PVOID StartAddress) |
| VOID NTAPI | DbgkExitProcess (IN NTSTATUS ExitStatus) |
| VOID NTAPI | DbgkExitThread (IN NTSTATUS ExitStatus) |
| VOID NTAPI | DbgkMapViewOfSection (IN PVOID Section, IN PVOID BaseAddress, IN ULONG SectionOffset, IN ULONG_PTR ViewSize) |
| VOID NTAPI | DbgkUnMapViewOfSection (IN PVOID BaseAddress) |
Macro Definition Documentation
◆ NDEBUG
| #define NDEBUG |
Definition at line 12 of file dbgkutil.c.
Function Documentation
◆ DbgkCreateThread()
Definition at line 87 of file dbgkutil.c.
89{
91 ULONG ProcessFlags;
92 IMAGE_INFO ImageInfo;
93 PIMAGE_NT_HEADERS NtHeader;
95 UNICODE_STRING NtDllName;
97 PVOID DebugPort;
98 DBGKM_MSG ApiMessage;
104 PTEB Teb;
105 PAGED_CODE();
106
107 /* Sanity check */
109
110 /* Try ORing in the create reported and image notify flags */
112 PSF_CREATE_REPORTED_BIT |
114
115 /* Check if we were the first to set them or if another thread raced us */
117 {
118 /* It hasn't.. set up the image info for the process */
119 ImageInfo.Properties = 0;
122 ImageInfo.ImageSize = 0;
123 ImageInfo.ImageSelector = 0;
124 ImageInfo.ImageSectionNumber = 0;
125
126 /* Get the NT Headers */
128 if (NtHeader)
129 {
130 /* Set image size */
132 }
133
134 /* Get the image name */
137 {
138 /* Call the notify routines and free the name */
140 Process->UniqueProcessId,
141 &ImageInfo);
143 }
144 else
145 {
146 /* Call the notify routines */
148 Process->UniqueProcessId,
149 &ImageInfo);
150 }
151
152 /* Setup the info for ntdll.dll */
153 ImageInfo.Properties = 0;
156 ImageInfo.ImageSize = 0;
157 ImageInfo.ImageSelector = 0;
158 ImageInfo.ImageSectionNumber = 0;
159
160 /* Get the NT Headers */
162 if (NtHeader)
163 {
164 /* Set image size */
166 }
167
168 /* Call the notify routines */
169 RtlInitUnicodeString(&NtDllName,
171 PspRunLoadImageNotifyRoutines(&NtDllName,
172 Process->UniqueProcessId,
173 &ImageInfo);
174 }
175
176 /* Fail if we have no port */
177 DebugPort = Process->DebugPort;
178 if (!DebugPort) return;
179
180 /* Check if create was not already reported */
182 {
183 /* Setup the information structure for the new thread */
184 CreateProcess->InitialThread.SubSystemKey = 0;
186
187 /* And for the new process */
188 CreateProcess->SubSystemKey = 0;
190 SectionObject);
192 CreateProcess->DebugInfoFileOffset = 0;
193 CreateProcess->DebugInfoSize = 0;
194
195 /* Get the NT Header */
197 if (NtHeader)
198 {
199 /* Fill out data from the header */
200 CreateProcess->InitialThread.StartAddress =
204 PointerToSymbolTable;
206 NumberOfSymbols;
207 }
208
209 /* Setup the API Message */
212 ApiMessage.h.u2.ZeroInit = 0;
215
216 /* Send the message */
218
219 /* Close the handle */
221
222 /* Setup the parameters */
224 LoadDll->DebugInfoFileOffset = 0;
225 LoadDll->DebugInfoSize = 0;
227
228 /* Get the NT Headers */
230 if (NtHeader)
231 {
232 /* Fill out debug information */
233 LoadDll->DebugInfoFileOffset = NtHeader->
234 FileHeader.PointerToSymbolTable;
236 }
237
238 /* Get the TEB */
240 if (Teb)
241 {
242 /* Copy the system library name and link to it */
247
248 /* Return it in the debug event as well */
250 }
251
252 /* Get a handle */
254 &PsNtDllPathName,
255 OBJ_CASE_INSENSITIVE |
256 OBJ_KERNEL_HANDLE |
258 NULL,
259 NULL);
262 &ObjectAttributes,
263 &IoStatusBlock,
264 FILE_SHARE_DELETE |
265 FILE_SHARE_READ |
266 FILE_SHARE_WRITE,
269 {
270 /* Setup the API Message */
273 ApiMessage.h.u2.ZeroInit = 0;
276
277 /* Send the message */
279
280 /* Close the handle */
282 }
283 }
284 else
285 {
286 /* Otherwise, do it just for the thread */
287 CreateThread->SubSystemKey = 0;
288 CreateThread->StartAddress = StartAddress;
289
290 /* Setup the API Message */
293 ApiMessage.h.u2.ZeroInit = 0;
296
297 /* Send the message */
299 }
300}
ACPI_BUFFER *RetBuffer ACPI_BUFFER *RetBuffer char ACPI_WALK_RESOURCE_CALLBACK void *Context ACPI_BUFFER *RetBuffer UINT16 ACPI_RESOURCE **ResourcePtr ACPI_GENERIC_ADDRESS *Reg UINT32 *ReturnValue UINT8 UINT8 *Slp_TypB ACPI_PHYSICAL_ADDRESS PhysicalAddress64 UINT32 UINT32 *TimeElapsed UINT32 ACPI_STATUS const char UINT32 ACPI_STATUS const char UINT32 const char const char * ModuleName
Definition: acpixf.h:1280
NTSTATUS NTAPI DbgkpSendApiMessage(IN OUT PDBGKM_MSG ApiMsg, IN BOOLEAN SuspendProcess)
Definition: dbgkobj.c:242
struct _DBGKM_MSG DBGKM_MSG
HANDLE NTAPI DbgkpSectionToFileHandle(IN PVOID Section)
Definition: dbgkutil.c:19
HANDLE WINAPI DECLSPEC_HOTPATCH CreateThread(IN LPSECURITY_ATTRIBUTES lpThreadAttributes, IN DWORD dwStackSize, IN LPTHREAD_START_ROUTINE lpStartAddress, IN LPVOID lpParameter, IN DWORD dwCreationFlags, OUT LPDWORD lpThreadId)
Definition: thread.c:137
_Must_inspect_result_ _In_ PLARGE_INTEGER _In_ PLARGE_INTEGER _In_ ULONG _In_ PFILE_OBJECT _In_ PVOID Process
Definition: fsrtlfuncs.h:223
Definition: nsiface.idl:2307
NTSYSAPI NTSTATUS NTAPI ZwOpenFile(_Out_ PHANDLE FileHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES ObjectAttributes, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _In_ ULONG ShareAccess, _In_ ULONG OpenOptions)
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
NTSTATUS NTAPI MmGetFileNameForSection(IN PVOID Section, OUT POBJECT_NAME_INFORMATION *ModuleName)
Definition: section.c:1864
NTSTATUS NTAPI ObCloseHandle(IN HANDLE Handle, IN KPROCESSOR_MODE AccessMode)
Definition: obhandle.c:3379
FORCEINLINE VOID PspRunLoadImageNotifyRoutines(PUNICODE_STRING FullImageName, HANDLE ProcessId, PIMAGE_INFO ImageInfo)
Definition: ps_x.h:84
_CRTIMP wchar_t *__cdecl wcsncpy(wchar_t *_Dest, const wchar_t *_Source, size_t _Count)
Definition: dbgktypes.h:142
Definition: dbgktypes.h:136
Definition: dbgktypes.h:162
Definition: dbgktypes.h:207
Definition: pstypes.h:1261
Definition: pstypes.h:196
Definition: ntddk_ex.h:181
Definition: env_spec_w32.h:870
Definition: umtypes.h:182
Definition: nt_native.h:1269
Definition: compat.h:836
Definition: env_spec_w32.h:368
Referenced by PspUserThreadStartup().
◆ DbgkExitProcess()
Definition at line 304 of file dbgkutil.c.
305{
306 DBGKM_MSG ApiMessage;
310 PAGED_CODE();
311
312 /* Check if this thread is hidden, doesn't have a debug port, or died */
314 !(Process->DebugPort) ||
315 (Thread->DeadThread))
316 {
317 /* Don't notify the debugger */
318 return;
319 }
320
321 /* Set the exit status */
323
324 /* Setup the API Message */
327 ApiMessage.h.u2.ZeroInit = 0;
330
331 /* Set the current exit time */
333
334 /* Send the message */
336}
Definition: dbgktypes.h:157
Definition: pstypes.h:1102
Referenced by PspExitThread().
◆ DbgkExitThread()
Definition at line 340 of file dbgkutil.c.
341{
342 DBGKM_MSG ApiMessage;
347 PAGED_CODE();
348
349 /* Check if this thread is hidden, doesn't have a debug port, or died */
351 !(Process->DebugPort) ||
352 (Thread->DeadThread))
353 {
354 /* Don't notify the debugger */
355 return;
356 }
357
358 /* Set the exit status */
360
361 /* Setup the API Message */
364 ApiMessage.h.u2.ZeroInit = 0;
367
368 /* Suspend the process */
370
371 /* Send the message */
373
374 /* Resume the process if needed */
376}
Definition: dbgktypes.h:152
Referenced by PspExitThread().
◆ DbgkMapViewOfSection()
| VOID NTAPI DbgkMapViewOfSection | ( | IN PVOID | Section, |
| IN PVOID | BaseAddress, | ||
| IN ULONG | SectionOffset, | ||
| IN ULONG_PTR | ViewSize | ||
| ) |
Definition at line 380 of file dbgkutil.c.
384{
385 DBGKM_MSG ApiMessage;
389 PIMAGE_NT_HEADERS NtHeader;
390 PAGED_CODE();
393
394 /* Check if this thread is kernel, hidden or doesn't have a debug port */
397 !(Process->DebugPort))
398 {
399 /* Don't notify the debugger */
400 return;
401 }
402
403 /* Setup the parameters */
406 LoadDll->DebugInfoFileOffset = 0;
407 LoadDll->DebugInfoSize = 0;
409
410 /* Get the NT Headers */
412 if (NtHeader)
413 {
414 /* Fill out debug information */
416 PointerToSymbolTable;
418 }
419
420 /* Setup the API Message */
423 ApiMessage.h.u2.ZeroInit = 0;
426
427 /* Send the message */
429
430 /* Close the handle */
432}
_In_ HANDLE _Outptr_result_bytebuffer_ ViewSize PVOID * BaseAddress
Definition: mmfuncs.h:404
Referenced by NtMapViewOfSection().
◆ DbgkpResumeProcess()
Definition at line 77 of file dbgkutil.c.
Referenced by DbgkExitThread(), DbgkpSendApiMessage(), and DbgkpSendApiMessageLpc().
◆ DbgkpSectionToFileHandle()
Definition at line 19 of file dbgkutil.c.
20{
26 PAGED_CODE();
27
28 /* Get the filename of the section */
31
32 /* Initialize object attributes */
35 OBJ_CASE_INSENSITIVE |
38 NULL,
39 NULL);
40
41 /* Open the file */
44 &ObjectAttributes,
45 &IoStatusBlock,
48
49 /* Free the name and return the handle if we succeeded */
53}
Definition: filecomp.c:348
Referenced by DbgkCreateThread(), DbgkMapViewOfSection(), and DbgkpPostFakeThreadMessages().
◆ DbgkpSuspendProcess()
Definition at line 57 of file dbgkutil.c.
58{
59 PAGED_CODE();
60
61 /* Make sure this isn't a deleted process */
63 {
64 /* Freeze all the threads */
65 KeFreezeAllThreads();
67 }
68 else
69 {
70 /* No suspend was done */
72 }
73}
Referenced by DbgkExitThread(), DbgkpSendApiMessage(), and DbgkpSendApiMessageLpc().
◆ DbgkUnMapViewOfSection()
Definition at line 436 of file dbgkutil.c.
437{
438 DBGKM_MSG ApiMessage;
442 PAGED_CODE();
443
444 /* Check if this thread is kernel, hidden or doesn't have a debug port */
447 !(Process->DebugPort))
448 {
449 /* Don't notify the debugger */
450 return;
451 }
452
453 /* Set the DLL Base */
455
456 /* Setup the API Message */
459 ApiMessage.h.u2.ZeroInit = 0;
462
463 /* Send the message */
465}
Definition: dbgktypes.h:171
Referenced by MiRosUnmapViewOfSection(), and MiUnmapViewOfSection().
