1 | /* |
---|---|
2 | * Copyright (c) 2018 Virtuozzo International GmbH |
3 | * |
4 | * This work is licensed under the terms of the GNU GPL, version 2 or later. |
5 | * |
6 | */ |
7 | |
8 | #ifndef KDBG_H |
9 | #define KDBG_H |
10 | |
11 | typedef struct DBGKD_GET_VERSION64 { |
12 | uint16_t MajorVersion; |
13 | uint16_t MinorVersion; |
14 | uint8_t ProtocolVersion; |
15 | uint8_t KdSecondaryVersion; |
16 | uint16_t Flags; |
17 | uint16_t MachineType; |
18 | uint8_t MaxPacketType; |
19 | uint8_t MaxStateChange; |
20 | uint8_t MaxManipulate; |
21 | uint8_t Simulation; |
22 | uint16_t Unused[1]; |
23 | uint64_t KernBase; |
24 | uint64_t PsLoadedModuleList; |
25 | uint64_t DebuggerDataList; |
26 | } DBGKD_GET_VERSION64; |
27 | |
28 | #ifndef _WIN32 |
29 | typedef struct LIST_ENTRY64 { |
30 | struct LIST_ENTRY64 *Flink; |
31 | struct LIST_ENTRY64 *Blink; |
32 | } LIST_ENTRY64; |
33 | #endif |
34 | |
35 | typedef struct DBGKD_DEBUG_DATA_HEADER64 { |
36 | LIST_ENTRY64 List; |
37 | uint32_t OwnerTag; |
38 | uint32_t Size; |
39 | } DBGKD_DEBUG_DATA_HEADER64; |
40 | |
41 | typedef struct KDDEBUGGER_DATA64 { |
42 | DBGKD_DEBUG_DATA_HEADER64 Header; |
43 | |
44 | uint64_t KernBase; |
45 | uint64_t BreakpointWithStatus; |
46 | uint64_t SavedContext; |
47 | uint16_t ThCallbackStack; |
48 | uint16_t NextCallback; |
49 | uint16_t FramePointer; |
50 | uint16_t PaeEnabled:1; |
51 | uint64_t KiCallUserMode; |
52 | uint64_t KeUserCallbackDispatcher; |
53 | uint64_t PsLoadedModuleList; |
54 | uint64_t PsActiveProcessHead; |
55 | uint64_t PspCidTable; |
56 | uint64_t ExpSystemResourcesList; |
57 | uint64_t ExpPagedPoolDescriptor; |
58 | uint64_t ExpNumberOfPagedPools; |
59 | uint64_t KeTimeIncrement; |
60 | uint64_t KeBugCheckCallbackListHead; |
61 | uint64_t KiBugcheckData; |
62 | uint64_t IopErrorLogListHead; |
63 | uint64_t ObpRootDirectoryObject; |
64 | uint64_t ObpTypeObjectType; |
65 | uint64_t MmSystemCacheStart; |
66 | uint64_t MmSystemCacheEnd; |
67 | uint64_t MmSystemCacheWs; |
68 | uint64_t MmPfnDatabase; |
69 | uint64_t MmSystemPtesStart; |
70 | uint64_t MmSystemPtesEnd; |
71 | uint64_t MmSubsectionBase; |
72 | uint64_t MmNumberOfPagingFiles; |
73 | uint64_t MmLowestPhysicalPage; |
74 | uint64_t MmHighestPhysicalPage; |
75 | uint64_t MmNumberOfPhysicalPages; |
76 | uint64_t MmMaximumNonPagedPoolInBytes; |
77 | uint64_t MmNonPagedSystemStart; |
78 | uint64_t MmNonPagedPoolStart; |
79 | uint64_t MmNonPagedPoolEnd; |
80 | uint64_t MmPagedPoolStart; |
81 | uint64_t MmPagedPoolEnd; |
82 | uint64_t MmPagedPoolInformation; |
83 | uint64_t MmPageSize; |
84 | uint64_t MmSizeOfPagedPoolInBytes; |
85 | uint64_t MmTotalCommitLimit; |
86 | uint64_t MmTotalCommittedPages; |
87 | uint64_t MmSharedCommit; |
88 | uint64_t MmDriverCommit; |
89 | uint64_t MmProcessCommit; |
90 | uint64_t MmPagedPoolCommit; |
91 | uint64_t MmExtendedCommit; |
92 | uint64_t MmZeroedPageListHead; |
93 | uint64_t MmFreePageListHead; |
94 | uint64_t MmStandbyPageListHead; |
95 | uint64_t MmModifiedPageListHead; |
96 | uint64_t MmModifiedNoWritePageListHead; |
97 | uint64_t MmAvailablePages; |
98 | uint64_t MmResidentAvailablePages; |
99 | uint64_t PoolTrackTable; |
100 | uint64_t NonPagedPoolDescriptor; |
101 | uint64_t MmHighestUserAddress; |
102 | uint64_t MmSystemRangeStart; |
103 | uint64_t MmUserProbeAddress; |
104 | uint64_t KdPrintCircularBuffer; |
105 | uint64_t KdPrintCircularBufferEnd; |
106 | uint64_t KdPrintWritePointer; |
107 | uint64_t KdPrintRolloverCount; |
108 | uint64_t MmLoadedUserImageList; |
109 | |
110 | /* NT 5.1 Addition */ |
111 | |
112 | uint64_t NtBuildLab; |
113 | uint64_t KiNormalSystemCall; |
114 | |
115 | /* NT 5.0 hotfix addition */ |
116 | |
117 | uint64_t KiProcessorBlock; |
118 | uint64_t MmUnloadedDrivers; |
119 | uint64_t MmLastUnloadedDriver; |
120 | uint64_t MmTriageActionTaken; |
121 | uint64_t MmSpecialPoolTag; |
122 | uint64_t KernelVerifier; |
123 | uint64_t MmVerifierData; |
124 | uint64_t MmAllocatedNonPagedPool; |
125 | uint64_t MmPeakCommitment; |
126 | uint64_t MmTotalCommitLimitMaximum; |
127 | uint64_t CmNtCSDVersion; |
128 | |
129 | /* NT 5.1 Addition */ |
130 | |
131 | uint64_t MmPhysicalMemoryBlock; |
132 | uint64_t MmSessionBase; |
133 | uint64_t MmSessionSize; |
134 | uint64_t MmSystemParentTablePage; |
135 | |
136 | /* Server 2003 addition */ |
137 | |
138 | uint64_t MmVirtualTranslationBase; |
139 | uint16_t OffsetKThreadNextProcessor; |
140 | uint16_t OffsetKThreadTeb; |
141 | uint16_t OffsetKThreadKernelStack; |
142 | uint16_t OffsetKThreadInitialStack; |
143 | uint16_t OffsetKThreadApcProcess; |
144 | uint16_t OffsetKThreadState; |
145 | uint16_t OffsetKThreadBStore; |
146 | uint16_t OffsetKThreadBStoreLimit; |
147 | uint16_t SizeEProcess; |
148 | uint16_t OffsetEprocessPeb; |
149 | uint16_t OffsetEprocessParentCID; |
150 | uint16_t OffsetEprocessDirectoryTableBase; |
151 | uint16_t SizePrcb; |
152 | uint16_t OffsetPrcbDpcRoutine; |
153 | uint16_t OffsetPrcbCurrentThread; |
154 | uint16_t OffsetPrcbMhz; |
155 | uint16_t OffsetPrcbCpuType; |
156 | uint16_t OffsetPrcbVendorString; |
157 | uint16_t OffsetPrcbProcStateContext; |
158 | uint16_t OffsetPrcbNumber; |
159 | uint16_t SizeEThread; |
160 | uint64_t KdPrintCircularBufferPtr; |
161 | uint64_t KdPrintBufferSize; |
162 | uint64_t KeLoaderBlock; |
163 | uint16_t SizePcr; |
164 | uint16_t OffsetPcrSelfPcr; |
165 | uint16_t OffsetPcrCurrentPrcb; |
166 | uint16_t OffsetPcrContainedPrcb; |
167 | uint16_t OffsetPcrInitialBStore; |
168 | uint16_t OffsetPcrBStoreLimit; |
169 | uint16_t OffsetPcrInitialStack; |
170 | uint16_t OffsetPcrStackLimit; |
171 | uint16_t OffsetPrcbPcrPage; |
172 | uint16_t OffsetPrcbProcStateSpecialReg; |
173 | uint16_t GdtR0Code; |
174 | uint16_t GdtR0Data; |
175 | uint16_t GdtR0Pcr; |
176 | uint16_t GdtR3Code; |
177 | uint16_t GdtR3Data; |
178 | uint16_t GdtR3Teb; |
179 | uint16_t GdtLdt; |
180 | uint16_t GdtTss; |
181 | uint16_t Gdt64R3CmCode; |
182 | uint16_t Gdt64R3CmTeb; |
183 | uint64_t IopNumTriageDumpDataBlocks; |
184 | uint64_t IopTriageDumpDataBlocks; |
185 | |
186 | /* Longhorn addition */ |
187 | |
188 | uint64_t VfCrashDataBlock; |
189 | uint64_t MmBadPagesDetected; |
190 | uint64_t MmZeroedPageSingleBitErrorsDetected; |
191 | |
192 | /* Windows 7 addition */ |
193 | |
194 | uint64_t EtwpDebuggerData; |
195 | uint16_t OffsetPrcbContext; |
196 | } KDDEBUGGER_DATA64; |
197 | |
198 | #endif /* KDBG_H */ |
199 |