kdfuncs.h File Reference

#include <umtypes.h>
#include <kdtypes.h>

Include dependency graph for kdfuncs.h:

This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Functions
NTSTATUS NTAPI	KdSystemDebugControl (_In_ SYSDBG_COMMAND Command, _In_ PVOID InputBuffer, _In_ ULONG InputBufferLength, _Out_ PVOID OutputBuffer, _In_ ULONG OutputBufferLength, _Inout_ PULONG ReturnLength, _In_ KPROCESSOR_MODE PreviousMode)
BOOLEAN NTAPI	KdPollBreakIn (VOID)
NTSYSCALLAPI NTSTATUS NTAPI	NtQueryDebugFilterState (_In_ ULONG ComponentId, _In_ ULONG Level)
NTSYSCALLAPI NTSTATUS NTAPI	NtSetDebugFilterState (_In_ ULONG ComponentId, _In_ ULONG Level, _In_ BOOLEAN State)
NTSYSCALLAPI NTSTATUS NTAPI	NtSystemDebugControl (SYSDBG_COMMAND ControlCode, PVOID InputBuffer, ULONG InputBufferLength, PVOID OutputBuffer, ULONG OutputBufferLength, PULONG ReturnLength)
NTSYSAPI NTSTATUS NTAPI	ZwQueryDebugFilterState (ULONG ComponentId, ULONG Level)
NTSYSAPI NTSTATUS NTAPI	ZwSetDebugFilterState (ULONG ComponentId, ULONG Level, BOOLEAN State)
NTSYSAPI NTSTATUS NTAPI	ZwSystemDebugControl (SYSDBG_COMMAND ControlCode, PVOID InputBuffer, ULONG InputBufferLength, PVOID OutputBuffer, ULONG OutputBufferLength, PULONG ReturnLength)

Function Documentation

KdPollBreakIn()

BOOLEAN NTAPI KdPollBreakIn

(

VOID

)

Definition at line 75 of file kdlock.c.

{
    BOOLEAN DoBreak = FALSE, Enable;

    /* First make sure that KD is enabled */
    if (KdDebuggerEnabled)
    {
        /* Disable interrupts */
        Enable = KeDisableInterrupts();

        /* Check if a CTRL-C is in the queue */
        if (KdpContext.KdpControlCPending)
        {
            /* Set it and prepare for break */
            KdpControlCPressed = TRUE;
            DoBreak = TRUE;
            KdpContext.KdpControlCPending = FALSE;
        }
        else
        {
            KIRQL OldIrql;
            /* Try to acquire the lock */
            KeRaiseIrql(HIGH_LEVEL, &OldIrql);
            if (KeTryToAcquireSpinLockAtDpcLevel(&KdpDebuggerLock))
            {
                /* Now get a packet */
                if (KdReceivePacket(PACKET_TYPE_KD_POLL_BREAKIN,
                                    NULL,
                                    NULL,
                                    NULL,
                                    NULL) == KdPacketReceived)
                {
                    /* Successful breakin */
                    DoBreak = TRUE;
                    KdpControlCPressed = TRUE;
                }

                /* Let go of the port */
                KdpPortUnlock();
            }
            KeLowerIrql(OldIrql);
        }

        /* Re-enable interrupts */
        KeRestoreInterrupts(Enable);
    }

    /* Tell the caller to do a break */
    return DoBreak;
}

Referenced by KdInitSystem(), KeUpdateSystemTime(), KiInitializeSystem(), and KiSystemStartup().

KdSystemDebugControl()

NTSTATUS NTAPI KdSystemDebugControl	(	_In_ SYSDBG_COMMAND	Command,
		_In_ PVOID	InputBuffer,
		_In_ ULONG	InputBufferLength,
		_Out_ PVOID	OutputBuffer,
		_In_ ULONG	OutputBufferLength,
		_Inout_ PULONG	ReturnLength,
		_In_ KPROCESSOR_MODE	PreviousMode
	)

Definition at line 2152 of file kdapi.c.

{
    /* Handle some internal commands */
    switch ((ULONG)Command)
    {
#if DBG
        case ' soR': /* ROS-INTERNAL */
        {
            switch ((ULONG_PTR)InputBuffer)
            {
                case 0x21: // DumpAllThreads:
                    PspDumpThreads(TRUE);
                    break;

                case 0x22: // DumpUserThreads:
                    PspDumpThreads(FALSE);
                    break;

                case 0x24: // KdSpare3:
                    MmDumpArmPfnDatabase(FALSE);
                    break;

                default:
                    break;
            }
            return STATUS_SUCCESS;
        }

#if defined(_M_IX86) && !defined(_WINKD_) // See ke/i386/traphdlr.c
        /* Register a debug callback */
        case 'CsoR':
        {
            switch (InputBufferLength)
            {
                case ID_Win32PreServiceHook:
                    KeWin32PreServiceHook = InputBuffer;
                    break;

                case ID_Win32PostServiceHook:
                    KeWin32PostServiceHook = InputBuffer;
                    break;

            }
            break;
        }
#endif

        /* Special case for stack frame dumps */
        case 'DsoR':
        {
            KeRosDumpStackFrames((PULONG_PTR)InputBuffer, InputBufferLength);
            break;
        }
#if defined(KDBG)
        /* Register KDBG CLI callback */
        case 'RbdK':
        {
            return KdbRegisterCliCallback(InputBuffer, InputBufferLength);
        }
#endif /* KDBG */
#endif
        default:
            break;
    }

    /* Local kernel debugging is not yet supported */
    DbgPrint("KdSystemDebugControl is unimplemented!\n");
    return STATUS_NOT_IMPLEMENTED;
}

Referenced by DriverEntry(), i8042KbdInterruptService(), KdRosDumpStackFrames(), KdRosSetDebugCallback(), and NtSystemDebugControl().

NtQueryDebugFilterState()

NTSYSCALLAPI NTSTATUS NTAPI NtQueryDebugFilterState	(	_In_ ULONG	ComponentId,
		_In_ ULONG	Level
	)

Definition at line 2352 of file kdapi.c.

{
    PULONG Mask;

    /* Check if the ID fits in the component table */
    if (ComponentId < KdComponentTableSize)
    {
        /* It does, so get the mask from there */
        Mask = KdComponentTable[ComponentId];
    }
    else if (ComponentId == MAXULONG)
    {
        /*
         * This is the internal ID used for DbgPrint messages without ID
         * and Level. Use the system-wide mask for those.
         */
        Mask = &Kd_WIN2000_Mask;
    }
    else
    {
#if (NTDDI_VERSION >= NTDDI_VISTA)
        /* Use the default component ID */
        Mask = &Kd_DEFAULT_Mask;
        // Level = DPFLTR_INFO_LEVEL; // Override the Level.
#else
        /* Invalid ID, fail */
        return STATUS_INVALID_PARAMETER_1;
#endif
    }

    /* Convert Level to bit field if required */
    if (Level < 32) Level = 1 << Level;
    Level &= ~DPFLTR_MASK;

    /* Determine if this Level is filtered out */
    if ((Kd_WIN2000_Mask & Level) || (*Mask & Level))
    {
        /* This mask will get through to the debugger */
        return (NTSTATUS)TRUE;
    }
    else
    {
        /* This mask is filtered out */
        return (NTSTATUS)FALSE;
    }
}

Referenced by DbgQueryDebugFilterState(), KdpPrint(), and vDbgPrintExWithPrefixInternal().

NtSetDebugFilterState()

NTSYSCALLAPI NTSTATUS NTAPI NtSetDebugFilterState	(	_In_ ULONG	ComponentId,
		_In_ ULONG	Level,
		_In_ BOOLEAN	State
	)

Definition at line 2406 of file kdapi.c.

{
    PULONG Mask;

    /* Modifying debug filters requires the debug privilege */
    if (!SeSinglePrivilegeCheck(SeDebugPrivilege, ExGetPreviousMode()))
    {
        /* Fail */
        return STATUS_ACCESS_DENIED;
    }

    /* Check if the ID fits in the component table */
    if (ComponentId < KdComponentTableSize)
    {
        /* It does, so get the mask from there */
        Mask = KdComponentTable[ComponentId];
    }
    else if (ComponentId == MAXULONG)
    {
        /*
         * This is the internal ID used for DbgPrint messages without ID
         * and Level. Use the system-wide mask for those.
         */
        Mask = &Kd_WIN2000_Mask;
    }
    else
    {
#if (NTDDI_VERSION >= NTDDI_VISTA)
        /* Use the default component ID */
        Mask = &Kd_DEFAULT_Mask;
#else
        /* Invalid ID, fail */
        return STATUS_INVALID_PARAMETER_1;
#endif
    }

    /* Convert Level to bit field if required */
    if (Level < 32) Level = 1 << Level;
    Level &= ~DPFLTR_MASK;

    /* Set or remove the Level */
    if (State)
        *Mask |= Level;
    else
        *Mask &= ~Level;

    return STATUS_SUCCESS;
}

Referenced by DbgSetDebugFilterState(), and KdbpCmdFilter().

NtSystemDebugControl()

NTSYSCALLAPI NTSTATUS NTAPI NtSystemDebugControl	(	SYSDBG_COMMAND	ControlCode,
		PVOID	InputBuffer,
		ULONG	InputBufferLength,
		PVOID	OutputBuffer,
		ULONG	OutputBufferLength,
		PULONG	ReturnLength
	)

Definition at line 182 of file dbgctrl.c.

{
    switch (ControlCode)
    {
        case SysDbgQueryModuleInformation:
        case SysDbgQueryTraceInformation:
        case SysDbgSetTracepoint:
        case SysDbgSetSpecialCall:
        case SysDbgClearSpecialCalls:
        case SysDbgQuerySpecialCalls:
        case SysDbgQueryVersion:
        case SysDbgReadVirtual:
        case SysDbgWriteVirtual:
        case SysDbgReadPhysical:
        case SysDbgWritePhysical:
        case SysDbgReadControlSpace:
        case SysDbgWriteControlSpace:
        case SysDbgReadIoSpace:
        case SysDbgWriteIoSpace:
        case SysDbgReadMsr:
        case SysDbgWriteMsr:
        case SysDbgReadBusData:
        case SysDbgWriteBusData:
        case SysDbgCheckLowMemory:
        case SysDbgGetTriageDump:
            return STATUS_NOT_IMPLEMENTED;
        case SysDbgBreakPoint:
        case SysDbgEnableKernelDebugger:
        case SysDbgDisableKernelDebugger:
        case SysDbgGetAutoKdEnable:
        case SysDbgSetAutoKdEnable:
        case SysDbgGetPrintBufferSize:
        case SysDbgSetPrintBufferSize:
        case SysDbgGetKdUmExceptionEnable:
        case SysDbgSetKdUmExceptionEnable:
        case SysDbgGetKdBlockEnable:
        case SysDbgSetKdBlockEnable:
            return KdSystemDebugControl(
                ControlCode,
                InputBuffer, InputBufferLength,
                OutputBuffer, OutputBufferLength,
                ReturnLength, KeGetPreviousMode());
        default:
            return STATUS_INVALID_INFO_CLASS;
    }
}

ZwQueryDebugFilterState()

NTSYSAPI NTSTATUS NTAPI ZwQueryDebugFilterState	(	ULONG	ComponentId,
		ULONG	Level
	)

ZwSetDebugFilterState()

NTSYSAPI NTSTATUS NTAPI ZwSetDebugFilterState	(	ULONG	ComponentId,
		ULONG	Level,
		BOOLEAN	State
	)

ZwSystemDebugControl()

NTSYSAPI NTSTATUS NTAPI ZwSystemDebugControl	(	SYSDBG_COMMAND	ControlCode,
		PVOID	InputBuffer,
		ULONG	InputBufferLength,
		PVOID	OutputBuffer,
		ULONG	OutputBufferLength,
		PULONG	ReturnLength
	)