projects / reactos.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
[NDK] Add Win8+ version of KTHREAD
[reactos.git] / sdk / include / ndk / ketypes.h
1 /*++ NDK Version: 0098
2
3 Copyright (c) Alex Ionescu. All rights reserved.
4
5 Header Name:
6
7 ketypes.h
8
9 Abstract:
10
11 Type definitions for the Kernel services.
12
13 Author:
14
15 Alex Ionescu (alexi@tinykrnl.org) - Updated - 27-Feb-2006
16
17 --*/
18
19 #ifndef _KETYPES_H
20 #define _KETYPES_H
21
22 //
23 // Dependencies
24 //
25 #include <umtypes.h>
26 #ifndef NTOS_MODE_USER
27 #include <haltypes.h>
28 #include <potypes.h>
29 #include <ifssupp.h>
30 #endif
31
32 //
33 // A system call ID is formatted as such:
34 // .________________________________________________________________.
35 // | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
36 // |--------------|-------------------------------------------------|
37 // | TABLE NUMBER | TABLE OFFSET |
38 // \----------------------------------------------------------------/
39 //
40 // The table number is then used as an index into the service descriptor table.
41 #define TABLE_NUMBER_BITS 1
42 #define TABLE_OFFSET_BITS 12
43
44 //
45 // There are 2 tables (kernel and shadow, used by Win32K)
46 //
47 #define NUMBER_SERVICE_TABLES 2
48 #define NTOS_SERVICE_INDEX 0
49 #define WIN32K_SERVICE_INDEX 1
50
51 //
52 // NB. From assembly code, the table number must be computed as an offset into
53 // the service descriptor table.
54 //
55 // Each entry into the table is 16 bytes long on 32-bit architectures, and
56 // 32 bytes long on 64-bit architectures.
57 //
58 // Thus, Table Number 1 is offset 16 (0x10) on x86, and offset 32 (0x20) on
59 // x64.
60 //
61 #ifdef _WIN64
62 #define BITS_PER_ENTRY 5 // (1 << 5) = 32 bytes
63 #else
64 #define BITS_PER_ENTRY 4 // (1 << 4) = 16 bytes
65 #endif
66
67 //
68 // We want the table number, but leave some extra bits to we can have the offset
69 // into the descriptor table.
70 //
71 #define SERVICE_TABLE_SHIFT (12 - BITS_PER_ENTRY)
72
73 //
74 // Now the table number (as an offset) is corrupted with part of the table offset
75 // This mask will remove the extra unwanted bits, and give us the offset into the
76 // descriptor table proper.
77 //
78 #define SERVICE_TABLE_MASK (((1 << TABLE_NUMBER_BITS) - 1) << BITS_PER_ENTRY)
79
80 //
81 // To get the table offset (ie: the service call number), just keep the 12 bits
82 //
83 #define SERVICE_NUMBER_MASK ((1 << TABLE_OFFSET_BITS) - 1)
84
85 //
86 // We'll often need to check if this is a graphics call. This is done by comparing
87 // the table number offset with the known Win32K table number offset.
88 // This is usually index 1, so table number offset 0x10 (x86) or 0x20 (x64)
89 //
90 #define SERVICE_TABLE_TEST (WIN32K_SERVICE_INDEX << BITS_PER_ENTRY)
91
92 //
93 // Context Record Flags
94 //
95 #define CONTEXT_DEBUGGER (CONTEXT_FULL | CONTEXT_FLOATING_POINT)
96
97 //
98 // Maximum System Descriptor Table Entries
99 //
100 #define SSDT_MAX_ENTRIES 2
101
102 //
103 // Processor Architectures
104 //
105 #define PROCESSOR_ARCHITECTURE_INTEL 0
106 #define PROCESSOR_ARCHITECTURE_MIPS 1
107 #define PROCESSOR_ARCHITECTURE_ALPHA 2
108 #define PROCESSOR_ARCHITECTURE_PPC 3
109 #define PROCESSOR_ARCHITECTURE_SHX 4
110 #define PROCESSOR_ARCHITECTURE_ARM 5
111 #define PROCESSOR_ARCHITECTURE_IA64 6
112 #define PROCESSOR_ARCHITECTURE_ALPHA64 7
113 #define PROCESSOR_ARCHITECTURE_MSIL 8
114 #define PROCESSOR_ARCHITECTURE_AMD64 9
115 #define PROCESSOR_ARCHITECTURE_UNKNOWN 0xFFFF
116
117 //
118 // Object Type Mask for Kernel Dispatcher Objects
119 //
120 #define KOBJECT_TYPE_MASK 0x7F
121 #define KOBJECT_LOCK_BIT 0x80
122
123 //
124 // Dispatcher Priority increments
125 //
126 #define THREAD_ALERT_INCREMENT 2
127
128 //
129 // Physical memory offset of KUSER_SHARED_DATA
130 //
131 #define KI_USER_SHARED_DATA_PHYSICAL 0x41000
132
133 //
134 // Quantum values and decrements
135 //
136 #define MAX_QUANTUM 0x7F
137 #define WAIT_QUANTUM_DECREMENT 1
138 #define CLOCK_QUANTUM_DECREMENT 3
139
140 //
141 // Kernel Feature Bits
142 //
143 #define KF_V86_VIS 0x00000001
144 #define KF_RDTSC 0x00000002
145 #define KF_CR4 0x00000004
146 #define KF_CMOV 0x00000008
147 #define KF_GLOBAL_PAGE 0x00000010
148 #define KF_LARGE_PAGE 0x00000020
149 #define KF_MTRR 0x00000040
150 #define KF_CMPXCHG8B 0x00000080
151 #define KF_MMX 0x00000100
152 #define KF_WORKING_PTE 0x00000200
153 #define KF_PAT 0x00000400
154 #define KF_FXSR 0x00000800
155 #define KF_FAST_SYSCALL 0x00001000
156 #define KF_XMMI 0x00002000
157 #define KF_3DNOW 0x00004000
158 #define KF_AMDK6MTRR 0x00008000
159 #define KF_XMMI64 0x00010000
160 #define KF_DTS 0x00020000
161 #define KF_BRANCH 0x00020000 // from ksamd64.inc
162 #define KF_SSE3 0x00080000
163 #define KF_CMPXCHG16B 0x00100000
164 #define KF_XSTATE 0x00800000 // from ks386.inc, ksamd64.inc
165 #define KF_NX_BIT 0x20000000
166 #define KF_NX_DISABLED 0x40000000
167 #define KF_NX_ENABLED 0x80000000
168
169 #define KF_XSAVEOPT_BIT 15
170 #define KF_XSTATE_BIT 23
171 #define KF_RDWRFSGSBASE_BIT 28
172
173 //
174 // Internal Exception Codes
175 //
176 #define KI_EXCEPTION_INTERNAL 0x10000000
177 #define KI_EXCEPTION_ACCESS_VIOLATION (KI_EXCEPTION_INTERNAL | 0x04)
178
179 typedef struct _FIBER /* Field offsets: */
180 { /* i386 arm x64 */
181 PVOID FiberData; /* 0x000 0x000 0x000 */
182 struct _EXCEPTION_REGISTRATION_RECORD *ExceptionList;/* 0x004 0x004 0x008 */
183 PVOID StackBase; /* 0x008 0x008 0x010 */
184 PVOID StackLimit; /* 0x00C 0x00C 0x018 */
185 PVOID DeallocationStack; /* 0x010 0x010 0x020 */
186 CONTEXT FiberContext; /* 0x014 0x018 0x030 */
187 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
188 PVOID Wx86Tib; /* 0x2E0 0x1b8 0x500 */
189 struct _ACTIVATION_CONTEXT_STACK *ActivationContextStackPointer; /* 0x2E4 0x1bc 0x508 */
190 PVOID FlsData; /* 0x2E8 0x1c0 0x510 */
191 ULONG GuaranteedStackBytes; /* 0x2EC 0x1c4 0x518 */
192 ULONG TebFlags; /* 0x2F0 0x1c8 0x51C */
193 #else
194 ULONG GuaranteedStackBytes; /* 0x2E0 */
195 PVOID FlsData; /* 0x2E4 */
196 struct _ACTIVATION_CONTEXT_STACK *ActivationContextStackPointer;
197 #endif
198 } FIBER, *PFIBER;
199
200 #ifndef NTOS_MODE_USER
201 //
202 // Number of dispatch codes supported by KINTERRUPT
203 //
204 #ifdef _M_AMD64
205 #define DISPATCH_LENGTH 4
206 #elif (NTDDI_VERSION >= NTDDI_LONGHORN)
207 #define DISPATCH_LENGTH 135
208 #else
209 #define DISPATCH_LENGTH 106
210 #endif
211
212 #else
213
214 //
215 // KPROCESSOR_MODE Type
216 //
217 typedef CCHAR KPROCESSOR_MODE;
218
219 //
220 // Dereferencable pointer to KUSER_SHARED_DATA in User-Mode
221 //
222 #define SharedUserData ((KUSER_SHARED_DATA *)USER_SHARED_DATA)
223
224 //
225 // Maximum WOW64 Entries in KUSER_SHARED_DATA
226 //
227 #define MAX_WOW64_SHARED_ENTRIES 16
228
229 //
230 // Maximum Processor Features supported in KUSER_SHARED_DATA
231 //
232 #define PROCESSOR_FEATURE_MAX 64
233
234 //
235 // Event Types
236 //
237 typedef enum _EVENT_TYPE
238 {
239 NotificationEvent,
240 SynchronizationEvent
241 } EVENT_TYPE;
242
243 //
244 // Timer Types
245 //
246 typedef enum _TIMER_TYPE
247 {
248 NotificationTimer,
249 SynchronizationTimer
250 } TIMER_TYPE;
251
252 //
253 // Wait Types
254 //
255 typedef enum _WAIT_TYPE
256 {
257 WaitAll,
258 WaitAny
259 } WAIT_TYPE;
260
261 //
262 // Processor Execution Modes
263 //
264 typedef enum _MODE
265 {
266 KernelMode,
267 UserMode,
268 MaximumMode
269 } MODE;
270
271 //
272 // Wait Reasons
273 //
274 typedef enum _KWAIT_REASON
275 {
276 Executive,
277 FreePage,
278 PageIn,
279 PoolAllocation,
280 DelayExecution,
281 Suspended,
282 UserRequest,
283 WrExecutive,
284 WrFreePage,
285 WrPageIn,
286 WrPoolAllocation,
287 WrDelayExecution,
288 WrSuspended,
289 WrUserRequest,
290 WrEventPair,
291 WrQueue,
292 WrLpcReceive,
293 WrLpcReply,
294 WrVirtualMemory,
295 WrPageOut,
296 WrRendezvous,
297 Spare2,
298 WrGuardedMutex,
299 Spare4,
300 Spare5,
301 Spare6,
302 WrKernel,
303 WrResource,
304 WrPushLock,
305 WrMutex,
306 WrQuantumEnd,
307 WrDispatchInt,
308 WrPreempted,
309 WrYieldExecution,
310 MaximumWaitReason
311 } KWAIT_REASON;
312
313 //
314 // Profiling Sources
315 //
316 typedef enum _KPROFILE_SOURCE
317 {
318 ProfileTime,
319 ProfileAlignmentFixup,
320 ProfileTotalIssues,
321 ProfilePipelineDry,
322 ProfileLoadInstructions,
323 ProfilePipelineFrozen,
324 ProfileBranchInstructions,
325 ProfileTotalNonissues,
326 ProfileDcacheMisses,
327 ProfileIcacheMisses,
328 ProfileCacheMisses,
329 ProfileBranchMispredictions,
330 ProfileStoreInstructions,
331 ProfileFpInstructions,
332 ProfileIntegerInstructions,
333 Profile2Issue,
334 Profile3Issue,
335 Profile4Issue,
336 ProfileSpecialInstructions,
337 ProfileTotalCycles,
338 ProfileIcacheIssues,
339 ProfileDcacheAccesses,
340 ProfileMemoryBarrierCycles,
341 ProfileLoadLinkedIssues,
342 ProfileMaximum
343 } KPROFILE_SOURCE;
344
345 //
346 // NT Product and Architecture Types
347 //
348 typedef enum _NT_PRODUCT_TYPE
349 {
350 NtProductWinNt = 1,
351 NtProductLanManNt,
352 NtProductServer
353 } NT_PRODUCT_TYPE, *PNT_PRODUCT_TYPE;
354
355 typedef enum _ALTERNATIVE_ARCHITECTURE_TYPE
356 {
357 StandardDesign,
358 NEC98x86,
359 EndAlternatives
360 } ALTERNATIVE_ARCHITECTURE_TYPE;
361
362 #endif
363
364 //
365 // Thread States
366 //
367 typedef enum _KTHREAD_STATE
368 {
369 Initialized,
370 Ready,
371 Running,
372 Standby,
373 Terminated,
374 Waiting,
375 Transition,
376 DeferredReady,
377 #if (NTDDI_VERSION >= NTDDI_WS03)
378 GateWait
379 #endif
380 } KTHREAD_STATE, *PKTHREAD_STATE;
381
382 //
383 // Kernel Object Types
384 //
385 typedef enum _KOBJECTS
386 {
387 EventNotificationObject = 0,
388 EventSynchronizationObject = 1,
389 MutantObject = 2,
390 ProcessObject = 3,
391 QueueObject = 4,
392 SemaphoreObject = 5,
393 ThreadObject = 6,
394 GateObject = 7,
395 TimerNotificationObject = 8,
396 TimerSynchronizationObject = 9,
397 Spare2Object = 10,
398 Spare3Object = 11,
399 Spare4Object = 12,
400 Spare5Object = 13,
401 Spare6Object = 14,
402 Spare7Object = 15,
403 Spare8Object = 16,
404 Spare9Object = 17,
405 ApcObject = 18,
406 DpcObject = 19,
407 DeviceQueueObject = 20,
408 EventPairObject = 21,
409 InterruptObject = 22,
410 ProfileObject = 23,
411 ThreadedDpcObject = 24,
412 MaximumKernelObject = 25
413 } KOBJECTS;
414
415 //
416 // Adjust reasons
417 //
418 typedef enum _ADJUST_REASON
419 {
420 AdjustNone = 0,
421 AdjustUnwait = 1,
422 AdjustBoost = 2
423 } ADJUST_REASON;
424
425 //
426 // Continue Status
427 //
428 typedef enum _KCONTINUE_STATUS
429 {
430 ContinueError = 0,
431 ContinueSuccess,
432 ContinueProcessorReselected,
433 ContinueNextProcessor
434 } KCONTINUE_STATUS;
435
436 //
437 // Process States
438 //
439 typedef enum _KPROCESS_STATE
440 {
441 ProcessInMemory,
442 ProcessOutOfMemory,
443 ProcessInTransition,
444 ProcessInSwap,
445 ProcessOutSwap,
446 } KPROCESS_STATE, *PKPROCESS_STATE;
447
448 //
449 // NtVdmControl Classes
450 //
451 typedef enum _VDMSERVICECLASS
452 {
453 VdmStartExecution = 0,
454 VdmQueueInterrupt = 1,
455 VdmDelayInterrupt = 2,
456 VdmInitialize = 3,
457 VdmFeatures = 4,
458 VdmSetInt21Handler = 5,
459 VdmQueryDir = 6,
460 VdmPrinterDirectIoOpen = 7,
461 VdmPrinterDirectIoClose = 8,
462 VdmPrinterInitialize = 9,
463 VdmSetLdtEntries = 10,
464 VdmSetProcessLdtInfo = 11,
465 VdmAdlibEmulation = 12,
466 VdmPMCliControl = 13,
467 VdmQueryVdmProcess = 14,
468 } VDMSERVICECLASS;
469
470 #ifdef NTOS_MODE_USER
471
472 //
473 // APC Normal Routine
474 //
475 typedef VOID
476 (NTAPI *PKNORMAL_ROUTINE)(
477 _In_ PVOID NormalContext,
478 _In_ PVOID SystemArgument1,
479 _In_ PVOID SystemArgument2
480 );
481
482 //
483 // Timer Routine
484 //
485 typedef VOID
486 (NTAPI *PTIMER_APC_ROUTINE)(
487 _In_ PVOID TimerContext,
488 _In_ ULONG TimerLowValue,
489 _In_ LONG TimerHighValue
490 );
491
492 //
493 // System Time Structure
494 //
495 typedef struct _KSYSTEM_TIME
496 {
497 ULONG LowPart;
498 LONG High1Time;
499 LONG High2Time;
500 } KSYSTEM_TIME, *PKSYSTEM_TIME;
501
502 //
503 // Shared Kernel User Data
504 //
505 typedef struct _KUSER_SHARED_DATA
506 {
507 ULONG TickCountLowDeprecated;
508 ULONG TickCountMultiplier;
509 volatile KSYSTEM_TIME InterruptTime;
510 volatile KSYSTEM_TIME SystemTime;
511 volatile KSYSTEM_TIME TimeZoneBias;
512 USHORT ImageNumberLow;
513 USHORT ImageNumberHigh;
514 WCHAR NtSystemRoot[260];
515 ULONG MaxStackTraceDepth;
516 ULONG CryptoExponent;
517 ULONG TimeZoneId;
518 ULONG LargePageMinimum;
519 ULONG Reserved2[7];
520 NT_PRODUCT_TYPE NtProductType;
521 BOOLEAN ProductTypeIsValid;
522 ULONG NtMajorVersion;
523 ULONG NtMinorVersion;
524 BOOLEAN ProcessorFeatures[PROCESSOR_FEATURE_MAX];
525 ULONG Reserved1;
526 ULONG Reserved3;
527 volatile ULONG TimeSlip;
528 ALTERNATIVE_ARCHITECTURE_TYPE AlternativeArchitecture;
529 LARGE_INTEGER SystemExpirationDate;
530 ULONG SuiteMask;
531 BOOLEAN KdDebuggerEnabled;
532 #if (NTDDI_VERSION >= NTDDI_WINXPSP2)
533 UCHAR NXSupportPolicy;
534 #endif
535 volatile ULONG ActiveConsoleId;
536 volatile ULONG DismountCount;
537 ULONG ComPlusPackage;
538 ULONG LastSystemRITEventTickCount;
539 ULONG NumberOfPhysicalPages;
540 BOOLEAN SafeBootMode;
541 ULONG TraceLogging;
542 ULONG Fill0;
543 ULONGLONG TestRetInstruction;
544 ULONG SystemCall;
545 ULONG SystemCallReturn;
546 ULONGLONG SystemCallPad[3];
547 union {
548 volatile KSYSTEM_TIME TickCount;
549 volatile ULONG64 TickCountQuad;
550 };
551 ULONG Cookie;
552 #if (NTDDI_VERSION >= NTDDI_WS03)
553 LONGLONG ConsoleSessionForegroundProcessId;
554 ULONG Wow64SharedInformation[MAX_WOW64_SHARED_ENTRIES];
555 #endif
556 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
557 USHORT UserModeGlobalLogger[8];
558 ULONG HeapTracingPid[2];
559 ULONG CritSecTracingPid[2];
560 union
561 {
562 ULONG SharedDataFlags;
563 struct
564 {
565 ULONG DbgErrorPortPresent:1;
566 ULONG DbgElevationEnabled:1;
567 ULONG DbgVirtEnabled:1;
568 ULONG DbgInstallerDetectEnabled:1;
569 ULONG SpareBits:28;
570 };
571 };
572 ULONG ImageFileExecutionOptions;
573 KAFFINITY ActiveProcessorAffinity;
574 #endif
575 } KUSER_SHARED_DATA, *PKUSER_SHARED_DATA;
576
577 //
578 // VDM Structures
579 //
580 #include "pshpack1.h"
581 typedef struct _VdmVirtualIca
582 {
583 LONG ica_count[8];
584 LONG ica_int_line;
585 LONG ica_cpu_int;
586 USHORT ica_base;
587 USHORT ica_hipiri;
588 USHORT ica_mode;
589 UCHAR ica_master;
590 UCHAR ica_irr;
591 UCHAR ica_isr;
592 UCHAR ica_imr;
593 UCHAR ica_ssr;
594 } VDMVIRTUALICA, *PVDMVIRTUALICA;
595 #include "poppack.h"
596
597 typedef struct _VdmIcaUserData
598 {
599 PVOID pIcaLock;
600 PVDMVIRTUALICA pIcaMaster;
601 PVDMVIRTUALICA pIcaSlave;
602 PULONG pDelayIrq;
603 PULONG pUndelayIrq;
604 PULONG pDelayIret;
605 PULONG pIretHooked;
606 PULONG pAddrIretBopTable;
607 PHANDLE phWowIdleEvent;
608 PLARGE_INTEGER pIcaTimeout;
609 PHANDLE phMainThreadSuspended;
610 } VDMICAUSERDATA, *PVDMICAUSERDATA;
611
612 typedef struct _VDM_INITIALIZE_DATA
613 {
614 PVOID TrapcHandler;
615 PVDMICAUSERDATA IcaUserData;
616 } VDM_INITIALIZE_DATA, *PVDM_INITIALIZE_DATA;
617
618 #else
619
620 //
621 // System Thread Start Routine
622 //
623 typedef
624 VOID
625 (NTAPI *PKSYSTEM_ROUTINE)(
626 PKSTART_ROUTINE StartRoutine,
627 PVOID StartContext
628 );
629
630 #ifndef _NTSYSTEM_
631 typedef VOID
632 (NTAPI *PKNORMAL_ROUTINE)(
633 IN PVOID NormalContext OPTIONAL,
634 IN PVOID SystemArgument1 OPTIONAL,
635 IN PVOID SystemArgument2 OPTIONAL);
636
637 typedef VOID
638 (NTAPI *PKRUNDOWN_ROUTINE)(
639 IN struct _KAPC *Apc);
640
641 typedef VOID
642 (NTAPI *PKKERNEL_ROUTINE)(
643 IN struct _KAPC *Apc,
644 IN OUT PKNORMAL_ROUTINE *NormalRoutine OPTIONAL,
645 IN OUT PVOID *NormalContext OPTIONAL,
646 IN OUT PVOID *SystemArgument1 OPTIONAL,
647 IN OUT PVOID *SystemArgument2 OPTIONAL);
648 #endif
649
650 //
651 // APC Environment Types
652 //
653 typedef enum _KAPC_ENVIRONMENT
654 {
655 OriginalApcEnvironment,
656 AttachedApcEnvironment,
657 CurrentApcEnvironment,
658 InsertApcEnvironment
659 } KAPC_ENVIRONMENT;
660
661 typedef struct _KTIMER_TABLE_ENTRY
662 {
663 #if (NTDDI_VERSION >= NTDDI_LONGHORN) || defined(_M_ARM) || defined(_M_AMD64)
664 KSPIN_LOCK Lock;
665 #endif
666 LIST_ENTRY Entry;
667 ULARGE_INTEGER Time;
668 } KTIMER_TABLE_ENTRY, *PKTIMER_TABLE_ENTRY;
669
670 typedef struct _KTIMER_TABLE
671 {
672 PKTIMER TimerExpiry[64];
673 KTIMER_TABLE_ENTRY TimerEntries[256];
674 } KTIMER_TABLE, *PKTIMER_TABLE;
675
676 typedef struct _KDPC_LIST
677 {
678 SINGLE_LIST_ENTRY ListHead;
679 SINGLE_LIST_ENTRY* LastEntry;
680 } KDPC_LIST, *PKDPC_LIST;
681
682 typedef struct _SYNCH_COUNTERS
683 {
684 ULONG SpinLockAcquireCount;
685 ULONG SpinLockContentionCount;
686 ULONG SpinLockSpinCount;
687 ULONG IpiSendRequestBroadcastCount;
688 ULONG IpiSendRequestRoutineCount;
689 ULONG IpiSendSoftwareInterruptCount;
690 ULONG ExInitializeResourceCount;
691 ULONG ExReInitializeResourceCount;
692 ULONG ExDeleteResourceCount;
693 ULONG ExecutiveResourceAcquiresCount;
694 ULONG ExecutiveResourceContentionsCount;
695 ULONG ExecutiveResourceReleaseExclusiveCount;
696 ULONG ExecutiveResourceReleaseSharedCount;
697 ULONG ExecutiveResourceConvertsCount;
698 ULONG ExAcqResExclusiveAttempts;
699 ULONG ExAcqResExclusiveAcquiresExclusive;
700 ULONG ExAcqResExclusiveAcquiresExclusiveRecursive;
701 ULONG ExAcqResExclusiveWaits;
702 ULONG ExAcqResExclusiveNotAcquires;
703 ULONG ExAcqResSharedAttempts;
704 ULONG ExAcqResSharedAcquiresExclusive;
705 ULONG ExAcqResSharedAcquiresShared;
706 ULONG ExAcqResSharedAcquiresSharedRecursive;
707 ULONG ExAcqResSharedWaits;
708 ULONG ExAcqResSharedNotAcquires;
709 ULONG ExAcqResSharedStarveExclusiveAttempts;
710 ULONG ExAcqResSharedStarveExclusiveAcquiresExclusive;
711 ULONG ExAcqResSharedStarveExclusiveAcquiresShared;
712 ULONG ExAcqResSharedStarveExclusiveAcquiresSharedRecursive;
713 ULONG ExAcqResSharedStarveExclusiveWaits;
714 ULONG ExAcqResSharedStarveExclusiveNotAcquires;
715 ULONG ExAcqResSharedWaitForExclusiveAttempts;
716 ULONG ExAcqResSharedWaitForExclusiveAcquiresExclusive;
717 ULONG ExAcqResSharedWaitForExclusiveAcquiresShared;
718 ULONG ExAcqResSharedWaitForExclusiveAcquiresSharedRecursive;
719 ULONG ExAcqResSharedWaitForExclusiveWaits;
720 ULONG ExAcqResSharedWaitForExclusiveNotAcquires;
721 ULONG ExSetResOwnerPointerExclusive;
722 ULONG ExSetResOwnerPointerSharedNew;
723 ULONG ExSetResOwnerPointerSharedOld;
724 ULONG ExTryToAcqExclusiveAttempts;
725 ULONG ExTryToAcqExclusiveAcquires;
726 ULONG ExBoostExclusiveOwner;
727 ULONG ExBoostSharedOwners;
728 ULONG ExEtwSynchTrackingNotificationsCount;
729 ULONG ExEtwSynchTrackingNotificationsAccountedCount;
730 } SYNCH_COUNTERS, *PSYNCH_COUNTERS;
731
732 //
733 // PRCB DPC Data
734 //
735 typedef struct _KDPC_DATA
736 {
737 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
738 KDPC_LIST DpcList;
739 #else
740 LIST_ENTRY DpcListHead;
741 #endif
742 ULONG_PTR DpcLock;
743 #if defined(_M_AMD64) || defined(_M_ARM)
744 volatile LONG DpcQueueDepth;
745 #else
746 volatile ULONG DpcQueueDepth;
747 #endif
748 ULONG DpcCount;
749 #if (NTDDI_VERSION >= NTDDI_LONGHORN) || defined(_M_ARM)
750 PKDPC ActiveDpc;
751 #endif
752 } KDPC_DATA, *PKDPC_DATA;
753
754 //
755 // Per-Processor Lookaside List
756 //
757 typedef struct _PP_LOOKASIDE_LIST
758 {
759 struct _GENERAL_LOOKASIDE *P;
760 struct _GENERAL_LOOKASIDE *L;
761 } PP_LOOKASIDE_LIST, *PPP_LOOKASIDE_LIST;
762
763 //
764 // Architectural Types
765 //
766 #include <arch/ketypes.h>
767
768 //
769 // Kernel Memory Node
770 //
771 #include <pshpack1.h>
772 typedef struct _KNODE
773 {
774 SLIST_HEADER DeadStackList;
775 SLIST_HEADER PfnDereferenceSListHead;
776 KAFFINITY ProcessorMask;
777 UCHAR Color;
778 UCHAR Seed;
779 UCHAR NodeNumber;
780 struct _flags {
781 UCHAR Removable : 1;
782 UCHAR Fill : 7;
783 } Flags;
784 ULONG MmShiftedColor;
785 ULONG FreeCount[2];
786 struct _SINGLE_LIST_ENTRY *PfnDeferredList;
787 } KNODE, *PKNODE;
788 #include <poppack.h>
789
790 //
791 // Structure for Get/SetContext APC
792 //
793 typedef struct _GETSETCONTEXT
794 {
795 KAPC Apc;
796 KEVENT Event;
797 KPROCESSOR_MODE Mode;
798 CONTEXT Context;
799 } GETSETCONTEXT, *PGETSETCONTEXT;
800
801 //
802 // Kernel Profile Object
803 //
804 typedef struct _KPROFILE
805 {
806 CSHORT Type;
807 CSHORT Size;
808 LIST_ENTRY ProfileListEntry;
809 struct _KPROCESS *Process;
810 PVOID RangeBase;
811 PVOID RangeLimit;
812 ULONG BucketShift;
813 PVOID Buffer;
814 ULONG_PTR Segment;
815 KAFFINITY Affinity;
816 KPROFILE_SOURCE Source;
817 BOOLEAN Started;
818 } KPROFILE, *PKPROFILE;
819
820 //
821 // Kernel Interrupt Object
822 //
823 typedef struct _KINTERRUPT
824 {
825 CSHORT Type;
826 CSHORT Size;
827 LIST_ENTRY InterruptListEntry;
828 PKSERVICE_ROUTINE ServiceRoutine;
829 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
830 PKSERVICE_ROUTINE MessageServiceRoutine;
831 ULONG MessageIndex;
832 #endif
833 PVOID ServiceContext;
834 KSPIN_LOCK SpinLock;
835 ULONG TickCount;
836 PKSPIN_LOCK ActualLock;
837 PKINTERRUPT_ROUTINE DispatchAddress;
838 ULONG Vector;
839 KIRQL Irql;
840 KIRQL SynchronizeIrql;
841 BOOLEAN FloatingSave;
842 BOOLEAN Connected;
843 CCHAR Number;
844 BOOLEAN ShareVector;
845 KINTERRUPT_MODE Mode;
846 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
847 KINTERRUPT_POLARITY Polarity;
848 #endif
849 ULONG ServiceCount;
850 ULONG DispatchCount;
851 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
852 ULONGLONG Rsvd1;
853 #endif
854 #ifdef _M_AMD64
855 PKTRAP_FRAME TrapFrame;
856 PVOID Reserved;
857 #endif
858 ULONG DispatchCode[DISPATCH_LENGTH];
859 } KINTERRUPT;
860
861 //
862 // Kernel Event Pair Object
863 //
864 typedef struct _KEVENT_PAIR
865 {
866 CSHORT Type;
867 CSHORT Size;
868 KEVENT LowEvent;
869 KEVENT HighEvent;
870 } KEVENT_PAIR, *PKEVENT_PAIR;
871
872 //
873 // Kernel No Execute Options
874 //
875 typedef struct _KEXECUTE_OPTIONS
876 {
877 UCHAR ExecuteDisable:1;
878 UCHAR ExecuteEnable:1;
879 UCHAR DisableThunkEmulation:1;
880 UCHAR Permanent:1;
881 UCHAR ExecuteDispatchEnable:1;
882 UCHAR ImageDispatchEnable:1;
883 UCHAR Spare:2;
884 } KEXECUTE_OPTIONS, *PKEXECUTE_OPTIONS;
885
886 #if (NTDDI_VERSION >= NTDDI_WIN7)
887 typedef union _KWAIT_STATUS_REGISTER
888 {
889 UCHAR Flags;
890 struct
891 {
892 UCHAR State:2;
893 UCHAR Affinity:1;
894 UCHAR Priority:1;
895 UCHAR Apc:1;
896 UCHAR UserApc:1;
897 UCHAR Alert:1;
898 UCHAR Unused:1;
899 };
900 } KWAIT_STATUS_REGISTER, *PKWAIT_STATUS_REGISTER;
901
902 typedef struct _COUNTER_READING
903 {
904 enum _HARDWARE_COUNTER_TYPE Type;
905 ULONG Index;
906 ULONG64 Start;
907 ULONG64 Total;
908 }COUNTER_READING, *PCOUNTER_READING;
909
910 typedef struct _KTHREAD_COUNTERS
911 {
912 ULONG64 WaitReasonBitMap;
913 struct _THREAD_PERFORMANCE_DATA* UserData;
914 ULONG Flags;
915 ULONG ContextSwitches;
916 ULONG64 CycleTimeBias;
917 ULONG64 HardwareCounters;
918 COUNTER_READING HwCounter[16];
919 }KTHREAD_COUNTERS, *PKTHREAD_COUNTERS;
920 #endif
921
922 /// FIXME: should move to rtltypes.h, but we can't include it here.
923 #if (NTDDI_VERSION >= NTDDI_WIN8)
924 typedef struct _RTL_RB_TREE
925 {
926 PRTL_BALANCED_NODE Root;
927 PRTL_BALANCED_NODE Min;
928 } RTL_RB_TREE, *PRTL_RB_TREE;
929 #endif
930
931 #if (NTDDI_VERSION >= NTDDI_WINBLUE)
932 typedef struct _KLOCK_ENTRY_LOCK_STATE
933 {
934 union
935 {
936 struct
937 {
938 #if (NTDDI_VERSION >= NTDDI_WIN10) // since 6.4.9841.0
939 ULONG_PTR CrossThreadReleasable : 1;
940 #else
941 ULONG_PTR Waiting : 1;
942 #endif
943 ULONG_PTR Busy : 1;
944 ULONG_PTR Reserved : (8 * sizeof(PVOID)) - 3; // previously Spare
945 ULONG_PTR InTree : 1;
946 };
947 PVOID LockState;
948 };
949 union
950 {
951 PVOID SessionState;
952 struct
953 {
954 ULONG SessionId;
955 #ifdef _WIN64
956 ULONG SessionPad;
957 #endif
958 };
959 };
960 } KLOCK_ENTRY_LOCK_STATE, *PKLOCK_ENTRY_LOCK_STATE;
961
962 typedef struct _KLOCK_ENTRY
963 {
964 union
965 {
966 RTL_BALANCED_NODE TreeNode;
967 SINGLE_LIST_ENTRY FreeListEntry;
968 };
969 #if (NTDDI_VERSION >= NTDDI_WIN10)
970 union
971 {
972 ULONG EntryFlags;
973 struct
974 {
975 UCHAR EntryOffset;
976 union
977 {
978 UCHAR ThreadLocalFlags;
979 struct
980 {
981 UCHAR WaitingBit : 1;
982 UCHAR Spare0 : 7;
983 };
984 };
985 union
986 {
987 UCHAR AcquiredByte;
988 UCHAR AcquiredBit : 1;
989 };
990 union
991 {
992 UCHAR CrossThreadFlags;
993 struct
994 {
995 UCHAR HeadNodeBit : 1;
996 UCHAR IoPriorityBit : 1;
997 UCHAR IoQoSWaiter : 1; // since TH2
998 UCHAR Spare1 : 5;
999 };
1000 };
1001 };
1002 struct
1003 {
1004 ULONG StaticState : 8;
1005 ULONG AllFlags : 24;
1006 };
1007 };
1008 #ifdef _WIN64
1009 ULONG SpareFlags;
1010 #endif
1011 #else
1012 union
1013 {
1014 PVOID ThreadUnsafe;
1015 struct
1016 {
1017 volatile UCHAR HeadNodeByte;
1018 UCHAR Reserved1[2];
1019 volatile UCHAR AcquiredByte;
1020 };
1021 };
1022 #endif
1023
1024 union
1025 {
1026 KLOCK_ENTRY_LOCK_STATE LockState;
1027 PVOID LockUnsafe;
1028 struct
1029 {
1030 #if (NTDDI_VERSION >= NTDDI_WIN10)
1031 volatile UCHAR CrossThreadReleasableAndBusyByte;
1032 #else
1033 volatile UCHAR WaitingAndBusyByte;
1034 #endif
1035 UCHAR Reserved[sizeof(PVOID) - 2];
1036 UCHAR InTreeByte;
1037 union
1038 {
1039 PVOID SessionState;
1040 struct
1041 {
1042 ULONG SessionId;
1043 #ifdef _WIN64
1044 ULONG SessionPad;
1045 #endif
1046 };
1047 };
1048 };
1049 };
1050 union
1051 {
1052 struct
1053 {
1054 RTL_RB_TREE OwnerTree;
1055 RTL_RB_TREE WaiterTree;
1056 };
1057 CHAR CpuPriorityKey;
1058 };
1059 ULONG_PTR EntryLock;
1060 union
1061 {
1062 #if _WIN64
1063 ULONG AllBoosts : 17;
1064 #else
1065 USHORT AllBoosts;
1066 #endif
1067 struct
1068 {
1069 struct
1070 {
1071 USHORT CpuBoostsBitmap : 15;
1072 USHORT IoBoost : 1;
1073 };
1074 struct
1075 {
1076 USHORT IoQoSBoost : 1;
1077 USHORT IoNormalPriorityWaiterCount : 8;
1078 USHORT IoQoSWaiterCount : 7;
1079 };
1080 };
1081 };
1082 #if _WIN64
1083 ULONG SparePad;
1084 #endif
1085 } KLOCK_ENTRY, *PKLOCK_ENTRY;
1086
1087 #endif
1088
1089 //
1090 // Kernel Thread (KTHREAD)
1091 //
1092 #if (NTDDI_VERSION < NTDDI_WIN8)
1093
1094 typedef struct _KTHREAD
1095 {
1096 DISPATCHER_HEADER Header;
1097 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1098 ULONGLONG CycleTime;
1099 #ifndef _WIN64 // [
1100 ULONG HighCycleTime;
1101 #endif // ]
1102 ULONGLONG QuantumTarget;
1103 #else // ][
1104 LIST_ENTRY MutantListHead;
1105 #endif // ]
1106 PVOID InitialStack;
1107 ULONG_PTR StackLimit; // FIXME: PVOID
1108 PVOID KernelStack;
1109 KSPIN_LOCK ThreadLock;
1110 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1111 KWAIT_STATUS_REGISTER WaitRegister;
1112 BOOLEAN Running;
1113 BOOLEAN Alerted[2];
1114 union
1115 {
1116 struct
1117 {
1118 ULONG KernelStackResident:1;
1119 ULONG ReadyTransition:1;
1120 ULONG ProcessReadyQueue:1;
1121 ULONG WaitNext:1;
1122 ULONG SystemAffinityActive:1;
1123 ULONG Alertable:1;
1124 ULONG GdiFlushActive:1;
1125 ULONG UserStackWalkActive:1;
1126 ULONG ApcInterruptRequest:1;
1127 ULONG ForceDeferSchedule:1;
1128 ULONG QuantumEndMigrate:1;
1129 ULONG UmsDirectedSwitchEnable:1;
1130 ULONG TimerActive:1;
1131 ULONG Reserved:19;
1132 };
1133 LONG MiscFlags;
1134 };
1135 #endif // ]
1136 union
1137 {
1138 KAPC_STATE ApcState;
1139 struct
1140 {
1141 UCHAR ApcStateFill[FIELD_OFFSET(KAPC_STATE, UserApcPending) + 1];
1142 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1143 SCHAR Priority;
1144 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1145 /* On x86, the following members "fall out" of the union */
1146 volatile ULONG NextProcessor;
1147 volatile ULONG DeferredProcessor;
1148 #else // ][
1149 /* On x86, the following members "fall out" of the union */
1150 volatile USHORT NextProcessor;
1151 volatile USHORT DeferredProcessor;
1152 #endif // ]
1153 #else // ][
1154 UCHAR ApcQueueable;
1155 /* On x86, the following members "fall out" of the union */
1156 volatile UCHAR NextProcessor;
1157 volatile UCHAR DeferredProcessor;
1158 UCHAR AdjustReason;
1159 SCHAR AdjustIncrement;
1160 #endif // ]
1161 };
1162 };
1163 KSPIN_LOCK ApcQueueLock;
1164 #ifndef _M_AMD64 // [
1165 ULONG ContextSwitches;
1166 volatile UCHAR State;
1167 UCHAR NpxState;
1168 KIRQL WaitIrql;
1169 KPROCESSOR_MODE WaitMode;
1170 #endif // ]
1171 LONG_PTR WaitStatus;
1172 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1173 PKWAIT_BLOCK WaitBlockList;
1174 #else // ][
1175 union
1176 {
1177 PKWAIT_BLOCK WaitBlockList;
1178 PKGATE GateObject;
1179 };
1180 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1181 union
1182 {
1183 struct
1184 {
1185 ULONG KernelStackResident:1;
1186 ULONG ReadyTransition:1;
1187 ULONG ProcessReadyQueue:1;
1188 ULONG WaitNext:1;
1189 ULONG SystemAffinityActive:1;
1190 ULONG Alertable:1;
1191 ULONG GdiFlushActive:1;
1192 ULONG Reserved:25;
1193 };
1194 LONG MiscFlags;
1195 };
1196 #else // ][
1197 BOOLEAN Alertable;
1198 BOOLEAN WaitNext;
1199 #endif // ]
1200 UCHAR WaitReason;
1201 #if (NTDDI_VERSION < NTDDI_LONGHORN)
1202 SCHAR Priority;
1203 BOOLEAN EnableStackSwap;
1204 #endif // ]
1205 volatile UCHAR SwapBusy;
1206 BOOLEAN Alerted[MaximumMode];
1207 #endif // ]
1208 union
1209 {
1210 LIST_ENTRY WaitListEntry;
1211 SINGLE_LIST_ENTRY SwapListEntry;
1212 };
1213 PKQUEUE Queue;
1214 #ifndef _M_AMD64 // [
1215 ULONG WaitTime;
1216 union
1217 {
1218 struct
1219 {
1220 SHORT KernelApcDisable;
1221 SHORT SpecialApcDisable;
1222 };
1223 ULONG CombinedApcDisable;
1224 };
1225 #endif // ]
1226 struct _TEB *Teb;
1227
1228 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1229 KTIMER Timer;
1230 #else // ][
1231 union
1232 {
1233 KTIMER Timer;
1234 struct
1235 {
1236 UCHAR TimerFill[FIELD_OFFSET(KTIMER, Period) + sizeof(LONG)];
1237 #if !defined(_WIN64) // [
1238 };
1239 };
1240 #endif // ]
1241 #endif // ]
1242 union
1243 {
1244 struct
1245 {
1246 ULONG AutoAlignment:1;
1247 ULONG DisableBoost:1;
1248 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1249 ULONG EtwStackTraceApc1Inserted:1;
1250 ULONG EtwStackTraceApc2Inserted:1;
1251 ULONG CycleChargePending:1;
1252 ULONG CalloutActive:1;
1253 ULONG ApcQueueable:1;
1254 ULONG EnableStackSwap:1;
1255 ULONG GuiThread:1;
1256 ULONG ReservedFlags:23;
1257 #else // ][
1258 LONG ReservedFlags:30;
1259 #endif // ]
1260 };
1261 LONG ThreadFlags;
1262 };
1263 #if defined(_WIN64) && (NTDDI_VERSION < NTDDI_WIN7) // [
1264 };
1265 };
1266 #endif // ]
1267 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1268 #if defined(_WIN64) // [
1269 ULONG Spare0;
1270 #else // ][
1271 PVOID ServiceTable;
1272 #endif // ]
1273 #endif // ]
1274 union
1275 {
1276 DECLSPEC_ALIGN(8) KWAIT_BLOCK WaitBlock[THREAD_WAIT_OBJECTS + 1];
1277 #if (NTDDI_VERSION < NTDDI_WIN7) // [
1278 struct
1279 {
1280 UCHAR WaitBlockFill0[FIELD_OFFSET(KWAIT_BLOCK, SpareByte)]; // 32bit = 23, 64bit = 43
1281 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1282 UCHAR IdealProcessor;
1283 #else // ][
1284 BOOLEAN SystemAffinityActive;
1285 #endif // ]
1286 };
1287 struct
1288 {
1289 UCHAR WaitBlockFill1[1 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareByte)]; // 47 / 91
1290 CCHAR PreviousMode;
1291 };
1292 struct
1293 {
1294 UCHAR WaitBlockFill2[2 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareByte)]; // 71 / 139
1295 UCHAR ResourceIndex;
1296 };
1297 struct
1298 {
1299 UCHAR WaitBlockFill3[3 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareByte)]; // 95 / 187
1300 UCHAR LargeStack;
1301 };
1302 #endif // ]
1303 #ifdef _WIN64 // [
1304 struct
1305 {
1306 UCHAR WaitBlockFill4[FIELD_OFFSET(KWAIT_BLOCK, SpareLong)];
1307 ULONG ContextSwitches;
1308 };
1309 struct
1310 {
1311 UCHAR WaitBlockFill5[1 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareLong)];
1312 UCHAR State;
1313 UCHAR NpxState;
1314 UCHAR WaitIrql;
1315 CHAR WaitMode;
1316 };
1317 struct
1318 {
1319 UCHAR WaitBlockFill6[2 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareLong)];
1320 ULONG WaitTime;
1321 };
1322 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1323 struct
1324 {
1325 UCHAR WaitBlockFill7[168];
1326 PVOID TebMappedLowVa;
1327 struct _UMS_CONTROL_BLOCK* Ucb;
1328 };
1329 #endif // ]
1330 struct
1331 {
1332 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1333 UCHAR WaitBlockFill8[188];
1334 #else // ][
1335 UCHAR WaitBlockFill7[3 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareLong)];
1336 #endif // ]
1337 union
1338 {
1339 struct
1340 {
1341 SHORT KernelApcDisable;
1342 SHORT SpecialApcDisable;
1343 };
1344 ULONG CombinedApcDisable;
1345 };
1346 };
1347 #endif // ]
1348 };
1349 LIST_ENTRY QueueListEntry;
1350 PKTRAP_FRAME TrapFrame;
1351 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1352 PVOID FirstArgument;
1353 union
1354 {
1355 PVOID CallbackStack;
1356 ULONG_PTR CallbackDepth;
1357 };
1358 #else // ][
1359 PVOID CallbackStack;
1360 #endif // ]
1361 #if (NTDDI_VERSION < NTDDI_LONGHORN) || ((NTDDI_VERSION < NTDDI_WIN7) && !defined(_WIN64)) // [
1362 PVOID ServiceTable;
1363 #endif // ]
1364 #if (NTDDI_VERSION < NTDDI_LONGHORN) && defined(_WIN64) // [
1365 ULONG KernelLimit;
1366 #endif // ]
1367 UCHAR ApcStateIndex;
1368 #if (NTDDI_VERSION < NTDDI_LONGHORN) // [
1369 UCHAR IdealProcessor;
1370 BOOLEAN Preempted;
1371 BOOLEAN ProcessReadyQueue;
1372 #ifdef _WIN64 // [
1373 PVOID Win32kTable;
1374 ULONG Win32kLimit;
1375 #endif // ]
1376 BOOLEAN KernelStackResident;
1377 #endif // ]
1378 SCHAR BasePriority;
1379 SCHAR PriorityDecrement;
1380 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1381 BOOLEAN Preempted;
1382 UCHAR AdjustReason;
1383 CHAR AdjustIncrement;
1384 #if (NTDDI_VERSION >= NTDDI_WIN7)
1385 UCHAR PreviousMode;
1386 #else
1387 UCHAR Spare01;
1388 #endif
1389 #endif // ]
1390 CHAR Saturation;
1391 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1392 ULONG SystemCallNumber;
1393 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1394 ULONG FreezeCount;
1395 #else // ][
1396 ULONG Spare02;
1397 #endif // ]
1398 #endif // ]
1399 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1400 GROUP_AFFINITY UserAffinity;
1401 struct _KPROCESS *Process;
1402 GROUP_AFFINITY Affinity;
1403 ULONG IdealProcessor;
1404 ULONG UserIdealProcessor;
1405 #else // ][
1406 KAFFINITY UserAffinity;
1407 struct _KPROCESS *Process;
1408 KAFFINITY Affinity;
1409 #endif // ]
1410 PKAPC_STATE ApcStatePointer[2];
1411 union
1412 {
1413 KAPC_STATE SavedApcState;
1414 struct
1415 {
1416 UCHAR SavedApcStateFill[FIELD_OFFSET(KAPC_STATE, UserApcPending) + 1];
1417 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1418 UCHAR WaitReason;
1419 #else // ][
1420 CCHAR FreezeCount;
1421 #endif // ]
1422 #ifndef _WIN64 // [
1423 };
1424 };
1425 #endif // ]
1426 CCHAR SuspendCount;
1427 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1428 CCHAR Spare1;
1429 #else // ][
1430 UCHAR UserIdealProcessor;
1431 #endif // ]
1432 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1433 #elif (NTDDI_VERSION >= NTDDI_LONGHORN) // ][
1434 UCHAR Spare03;
1435 #else // ][
1436 UCHAR CalloutActive;
1437 #endif // ]
1438 #ifdef _WIN64 // [
1439 UCHAR CodePatchInProgress;
1440 };
1441 };
1442 #endif // ]
1443 #if defined(_M_IX86) // [
1444 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1445 UCHAR OtherPlatformFill;
1446 #else // ][
1447 UCHAR Iopl;
1448 #endif // ]
1449 #endif // ]
1450 PVOID Win32Thread;
1451 PVOID StackBase;
1452 union
1453 {
1454 KAPC SuspendApc;
1455 struct
1456 {
1457 UCHAR SuspendApcFill0[1];
1458 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1459 UCHAR ResourceIndex;
1460 #elif (NTDDI_VERSION >= NTDDI_LONGHORN) // ][
1461 CHAR Spare04;
1462 #else // ][
1463 SCHAR Quantum;
1464 #endif // ]
1465 };
1466 struct
1467 {
1468 UCHAR SuspendApcFill1[3];
1469 UCHAR QuantumReset;
1470 };
1471 struct
1472 {
1473 UCHAR SuspendApcFill2[4];
1474 ULONG KernelTime;
1475 };
1476 struct
1477 {
1478 UCHAR SuspendApcFill3[FIELD_OFFSET(KAPC, SystemArgument1)];
1479 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1480 PKPRCB WaitPrcb;
1481 #else
1482 PVOID TlsArray;
1483 #endif
1484 };
1485 struct
1486 {
1487 UCHAR SuspendApcFill4[FIELD_OFFSET(KAPC, SystemArgument2)]; // 40 / 72
1488 PVOID LegoData;
1489 };
1490 struct
1491 {
1492 UCHAR SuspendApcFill5[FIELD_OFFSET(KAPC, Inserted) + 1]; // 47 / 83
1493 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1494 UCHAR LargeStack;
1495 #else // ][
1496 UCHAR PowerState;
1497 #endif // ]
1498 #ifdef _WIN64 // [
1499 ULONG UserTime;
1500 #endif // ]
1501 };
1502 };
1503 #ifndef _WIN64 // [
1504 ULONG UserTime;
1505 #endif // ]
1506 union
1507 {
1508 KSEMAPHORE SuspendSemaphore;
1509 struct
1510 {
1511 UCHAR SuspendSemaphorefill[FIELD_OFFSET(KSEMAPHORE, Limit) + 4]; // 20 / 28
1512 #ifdef _WIN64 // [
1513 ULONG SListFaultCount;
1514 #endif // ]
1515 };
1516 };
1517 #ifndef _WIN64 // [
1518 ULONG SListFaultCount;
1519 #endif // ]
1520 LIST_ENTRY ThreadListEntry;
1521 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
1522 LIST_ENTRY MutantListHead;
1523 #endif // ]
1524 PVOID SListFaultAddress;
1525 #ifdef _M_AMD64 // [
1526 LONG64 ReadOperationCount;
1527 LONG64 WriteOperationCount;
1528 LONG64 OtherOperationCount;
1529 LONG64 ReadTransferCount;
1530 LONG64 WriteTransferCount;
1531 LONG64 OtherTransferCount;
1532 #endif // ]
1533 #if (NTDDI_VERSION >= NTDDI_WIN7) // [
1534 PKTHREAD_COUNTERS ThreadCounters;
1535 PXSTATE_SAVE XStateSave;
1536 #elif (NTDDI_VERSION >= NTDDI_LONGHORN) // ][
1537 PVOID MdlForLockedTeb;
1538 #endif // ]
1539 } KTHREAD;
1540
1541 #else // not (NTDDI_VERSION < NTDDI_WIN8)
1542
1543 #if defined(_WIN64) && (NTDDI_VERSION < 0x06032580) // since WIN 8.1 Update1 6.3.9600.16384
1544 #define NUMBER_OF_LOCK_ENTRIES 5
1545 #else
1546 #define NUMBER_OF_LOCK_ENTRIES 6
1547 #endif
1548
1549 typedef struct _KTHREAD
1550 {
1551 DISPATCHER_HEADER Header;
1552 PVOID SListFaultAddress;
1553 ULONG64 QuantumTarget;
1554 PVOID InitialStack;
1555 volatile VOID *StackLimit;
1556 PVOID StackBase;
1557 KSPIN_LOCK ThreadLock;
1558 volatile ULONG64 CycleTime;
1559 #ifndef _WIN64
1560 volatile ULONG HighCycleTime;
1561 PVOID ServiceTable;
1562 #endif
1563 ULONG CurrentRunTime;
1564 ULONG ExpectedRunTime;
1565 PVOID KernelStack;
1566 XSAVE_FORMAT* StateSaveArea;
1567 struct _KSCHEDULING_GROUP* SchedulingGroup;
1568 KWAIT_STATUS_REGISTER WaitRegister;
1569 BOOLEAN Running;
1570 BOOLEAN Alerted[MaximumMode];
1571
1572 union
1573 {
1574 struct
1575 {
1576 #if (NTDDI_VERSION < NTDDI_WIN10)
1577 ULONG KernelStackResident : 1;
1578 #else
1579 ULONG AutoBoostActive : 1;
1580 #endif
1581 ULONG ReadyTransition : 1;
1582 #if (NTDDI_VERSION < NTDDI_WIN10TH2)
1583 ULONG ProcessReadyQueue : 1;
1584 #endif
1585 ULONG ProcessReadyQueue : 1;
1586 ULONG WaitNext : 1;
1587 ULONG SystemAffinityActive : 1;
1588 ULONG Alertable : 1;
1589 #if (NTDDI_VERSION < NTDDI_WIN81)
1590 ULONG CodePatchInProgress : 1;
1591 #endif
1592 ULONG UserStackWalkActive : 1;
1593 ULONG ApcInterruptRequest : 1;
1594 ULONG QuantumEndMigrate : 1;
1595 ULONG UmsDirectedSwitchEnable : 1;
1596 ULONG TimerActive : 1;
1597 ULONG SystemThread : 1;
1598 ULONG ProcessDetachActive : 1;
1599 ULONG CalloutActive : 1;
1600 ULONG ScbReadyQueue : 1;
1601 ULONG ApcQueueable : 1;
1602 ULONG ReservedStackInUse : 1;
1603 ULONG UmsPerformingSyscall : 1;
1604 ULONG DisableStackCheck : 1;
1605 ULONG Reserved : 12;
1606 };
1607 LONG MiscFlags;
1608 };
1609
1610 union
1611 {
1612 struct
1613 {
1614 ULONG AutoAlignment : 1;
1615 ULONG DisableBoost : 1;
1616 ULONG UserAffinitySet : 1;
1617 ULONG AlertedByThreadId : 1;
1618 ULONG QuantumDonation : 1;
1619 ULONG EnableStackSwap : 1;
1620 ULONG GuiThread : 1;
1621 ULONG DisableQuantum : 1;
1622 ULONG ChargeOnlyGroup : 1;
1623 ULONG DeferPreemption : 1;
1624 ULONG QueueDeferPreemption : 1;
1625 ULONG ForceDeferSchedule : 1;
1626 ULONG ExplicitIdealProcessor : 1;
1627 ULONG FreezeCount : 1;
1628 #if (NTDDI_VERSION >= 0x060324D7) // since 6.3.9431.0
1629 ULONG TerminationApcRequest : 1;
1630 #endif
1631 #if (NTDDI_VERSION >= 0x06032580) // since 6.3.9600.16384
1632 ULONG AutoBoostEntriesExhausted : 1;
1633 #endif
1634 #if (NTDDI_VERSION >= 0x06032580) // since 6.3.9600.17031
1635 ULONG KernelStackResident : 1;
1636 #endif
1637 #if (NTDDI_VERSION >= NTDDI_WIN10)
1638 ULONG CommitFailTerminateRequest : 1;
1639 ULONG ProcessStackCountDecremented : 1;
1640 ULONG ThreadFlagsSpare : 5;
1641 #endif
1642 ULONG EtwStackTraceApcInserted : 8;
1643 #if (NTDDI_VERSION < NTDDI_WIN10)
1644 ULONG ReservedFlags : 10;
1645 #endif
1646 };
1647 LONG ThreadFlags;
1648 };
1649
1650 #if (NTDDI_VERSION >= NTDDI_WIN10)
1651 volatile UCHAR Tag;
1652 UCHAR SystemHeteroCpuPolicy;
1653 UCHAR UserHeteroCpuPolicy : 7;
1654 UCHAR ExplicitSystemHeteroCpuPolicy : 1;
1655 UCHAR Spare0;
1656 #else
1657 ULONG Spare0;
1658 #endif
1659 ULONG SystemCallNumber;
1660 #ifdef _WIN64
1661 ULONG Spare1; // Win 10: Spare10
1662 #endif
1663 PVOID FirstArgument;
1664 PKTRAP_FRAME TrapFrame;
1665
1666 union
1667 {
1668 KAPC_STATE ApcState;
1669 struct
1670 {
1671 UCHAR ApcStateFill[RTL_SIZEOF_THROUGH_FIELD(KAPC_STATE, UserApcPending)]; // 32bit: 23/0x17, 64bit: 43/0x2B
1672 SCHAR Priority;
1673 ULONG UserIdealProcessor;
1674 };
1675 };
1676
1677 #ifndef _WIN64
1678 ULONG ContextSwitches;
1679 volatile UCHAR State;
1680 #if (NTDDI_VERSION >= NTDDI_WIN10) // since 10.0.10074.0
1681 CHAR Spare12;
1682 #else
1683 CHAR NpxState;
1684 #endif
1685 KIRQL WaitIrql;
1686 KPROCESSOR_MODE WaitMode;
1687 #endif
1688
1689 volatile INT_PTR WaitStatus;
1690 PKWAIT_BLOCK WaitBlockList;
1691 union
1692 {
1693 LIST_ENTRY WaitListEntry;
1694 SINGLE_LIST_ENTRY SwapListEntry;
1695 };
1696 PKQUEUE Queue;
1697 PVOID Teb;
1698 #if (NTDDI_VERSION >= NTDDI_WIN8 /* 0x060223F0 */) // since 6.2.9200.16384
1699 ULONG64 RelativeTimerBias;
1700 #endif
1701 KTIMER Timer;
1702
1703 union
1704 {
1705 DECLSPEC_ALIGN(8) KWAIT_BLOCK WaitBlock[THREAD_WAIT_OBJECTS + 1];
1706 #ifdef _WIN64
1707 struct
1708 {
1709 UCHAR WaitBlockFill4[FIELD_OFFSET(KWAIT_BLOCK, SpareLong)]; // 32bit: -, 64bit: 20/0x14
1710 ULONG ContextSwitches;
1711 };
1712 struct
1713 {
1714 UCHAR WaitBlockFill5[1 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareLong)]; // 32bit: -, 64bit: 68/0x44
1715 UCHAR State;
1716 #if (NTDDI_VERSION >= NTDDI_WIN10)
1717 CHAR Spare13;
1718 #else
1719 CHAR NpxState;
1720 #endif
1721 UCHAR WaitIrql;
1722 CHAR WaitMode;
1723 };
1724 struct
1725 {
1726 UCHAR WaitBlockFill6[2 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareLong)]; // 32bit: -, 64bit: 116/0x74
1727 ULONG WaitTime;
1728 };
1729 struct
1730 {
1731 UCHAR WaitBlockFill7[3 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SpareLong)]; // 32bit: -, 64bit: 164/0xA4
1732 union
1733 {
1734 struct
1735 {
1736 SHORT KernelApcDisable;
1737 SHORT SpecialApcDisable;
1738 };
1739 ULONG CombinedApcDisable;
1740 };
1741 };
1742 #endif
1743 struct
1744 {
1745 UCHAR WaitBlockFill8[FIELD_OFFSET(KWAIT_BLOCK, SparePtr)]; // 32bit: 20/0x14, 64bit: 40/0x28
1746 struct _KTHREAD_COUNTERS *ThreadCounters;
1747 };
1748 struct
1749 {
1750 UCHAR WaitBlockFill9[1 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SparePtr)]; // 32bit: 44/0x2C, 64bit: 88/0x58
1751 PXSTATE_SAVE XStateSave;
1752 };
1753 struct
1754 {
1755 UCHAR WaitBlockFill10[2 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, SparePtr)]; // 32bit: 68/0x44, 64bit: 136/0x88
1756 PVOID Win32Thread;
1757 };
1758 struct
1759 {
1760 UCHAR WaitBlockFill11[3 * sizeof(KWAIT_BLOCK) + FIELD_OFFSET(KWAIT_BLOCK, Object)]; // 32bit: 88/0x58, 64bit: 176/0xB0
1761 #ifdef _WIN64
1762 struct _UMS_CONTROL_BLOCK* Ucb;
1763 struct _KUMS_CONTEXT_HEADER* Uch;
1764 #else
1765 ULONG WaitTime;
1766 union
1767 {
1768 struct
1769 {
1770 SHORT KernelApcDisable;
1771 SHORT SpecialApcDisable;
1772 };
1773 ULONG CombinedApcDisable;
1774 };
1775 #endif
1776 };
1777 };
1778
1779 #ifdef _WIN64
1780 PVOID TebMappedLowVa;
1781 #endif
1782 LIST_ENTRY QueueListEntry;
1783 #if (NTDDI_VERSION >= 0x060223F0) // since 6.2.9200.16384
1784 union
1785 {
1786 ULONG NextProcessor;
1787 struct
1788 {
1789 ULONG NextProcessorNumber : 31;
1790 ULONG SharedReadyQueue : 1;
1791 };
1792 };
1793 LONG QueuePriority;
1794 #else
1795 ULONG NextProcessor;
1796 ULONG DeferredProcessor;
1797 #endif
1798 PKPROCESS Process;
1799
1800 union
1801 {
1802 GROUP_AFFINITY UserAffinity;
1803 struct
1804 {
1805 UCHAR UserAffinityFill[FIELD_OFFSET(GROUP_AFFINITY, Reserved)]; // 32bit: 6/0x6, 64bit: 10/0x0A
1806 CHAR PreviousMode;
1807 CHAR BasePriority;
1808 union
1809 {
1810 CHAR PriorityDecrement;
1811 struct
1812 {
1813 UCHAR ForegroundBoost : 4;
1814 UCHAR UnusualBoost : 4;
1815 };
1816 };
1817 UCHAR Preempted;
1818 UCHAR AdjustReason;
1819 CHAR AdjustIncrement;
1820 };
1821 };
1822
1823 #if (NTDDI_VERSION >= NTDDI_WIN10) // since 10.0.10240.16384
1824 ULONG_PTR AffinityVersion;
1825 #endif
1826 union
1827 {
1828 GROUP_AFFINITY Affinity;
1829 struct
1830 {
1831 UCHAR AffinityFill[FIELD_OFFSET(GROUP_AFFINITY, Reserved)]; // 32bit: 6/0x6, 64bit: 10/0x0A
1832 UCHAR ApcStateIndex;
1833 UCHAR WaitBlockCount;
1834 ULONG IdealProcessor;
1835 };
1836 };
1837
1838 #if (NTDDI_VERSION >= NTDDI_WIN10) // since 10.0.10240.16384
1839 #ifdef _WIN64
1840 ULONG64 NpxState;
1841 #else
1842 ULONG Spare15;
1843 #endif
1844 #else
1845 PKAPC_STATE ApcStatePointer[2];
1846 #endif
1847
1848 union
1849 {
1850 KAPC_STATE SavedApcState;
1851 struct
1852 {
1853 UCHAR SavedApcStateFill[FIELD_OFFSET(KAPC_STATE, UserApcPending) + 1]; // 32bit: 23/0x17, 64bit: 43/0x2B
1854 UCHAR WaitReason;
1855 CHAR SuspendCount;
1856 CHAR Saturation;
1857 SHORT SListFaultCount;
1858 };
1859 };
1860
1861 union
1862 {
1863 KAPC SchedulerApc;
1864 struct
1865 {
1866 UCHAR SchedulerApcFill0[FIELD_OFFSET(KAPC, SpareByte0)]; // 32bit: 1/0x01, 64bit: 1/0x01
1867 UCHAR ResourceIndex;
1868 };
1869 struct
1870 {
1871 UCHAR SchedulerApcFill1[FIELD_OFFSET(KAPC, SpareByte1)]; // 32bit: 3/0x03, 64bit: 3/0x03
1872 UCHAR QuantumReset;
1873 };
1874 struct
1875 {
1876 UCHAR SchedulerApcFill2[FIELD_OFFSET(KAPC, SpareLong0)]; // 32bit: 4/0x04, 64bit: 4/0x04
1877 ULONG KernelTime;
1878 };
1879 struct
1880 {
1881 UCHAR SuspendApcFill3[FIELD_OFFSET(KAPC, SystemArgument1)]; // 32 bit:, 64 bit: 64/0x40
1882 PKPRCB WaitPrcb;
1883 };
1884 struct
1885 {
1886 UCHAR SchedulerApcFill4[FIELD_OFFSET(KAPC, SystemArgument2)]; // 32 bit:, 64 bit: 72/0x48
1887 PVOID LegoData;
1888 };
1889 struct
1890 {
1891 UCHAR SchedulerApcFill5[FIELD_OFFSET(KAPC, Inserted) + 1]; // 32 bit:, 64 bit: 83/0x53
1892 UCHAR CallbackNestingLevel;
1893 ULONG UserTime;
1894 };
1895 };
1896
1897 KEVENT SuspendEvent;
1898 LIST_ENTRY ThreadListEntry;
1899 LIST_ENTRY MutantListHead;
1900
1901 #if (NTDDI_VERSION >= NTDDI_WIN10)
1902 UCHAR AbEntrySummary;
1903 UCHAR AbWaitEntryCount;
1904 USHORT Spare20;
1905 #if _WIN64
1906 ULONG SecureThreadCookie;
1907 #endif
1908 #elif (NTDDI_VERSION >= NTDDI_WINBLUE) // 6.3.9431.0
1909 SINGLE_LIST_ENTRY LockEntriesFreeList;
1910 #endif
1911
1912 #if (NTDDI_VERSION >= NTDDI_WINBLUE /* 0x06032580 */) // since 6.3.9600.16384
1913 KLOCK_ENTRY LockEntries[NUMBER_OF_LOCK_ENTRIES];
1914 SINGLE_LIST_ENTRY PropagateBoostsEntry;
1915 SINGLE_LIST_ENTRY IoSelfBoostsEntry;
1916 UCHAR PriorityFloorCounts[16];
1917 ULONG PriorityFloorSummary;
1918 volatile LONG AbCompletedIoBoostCount;
1919 #if (NTDDI_VERSION >= NTDDI_WIN10_RS1)
1920 LONG AbCompletedIoQoSBoostCount;
1921 #endif
1922
1923 #if (NTDDI_VERSION >= NTDDI_WIN10) // since 10.0.10240.16384
1924 volatile SHORT KeReferenceCount;
1925 #else
1926 volatile SHORT AbReferenceCount;
1927 #endif
1928 #if (NTDDI_VERSION >= 0x06040000) // since 6.4.9841.0
1929 UCHAR AbOrphanedEntrySummary;
1930 UCHAR AbOwnedEntryCount;
1931 #else
1932 UCHAR AbFreeEntryCount;
1933 UCHAR AbWaitEntryCount;
1934 #endif
1935 ULONG ForegroundLossTime;
1936 union
1937 {
1938 LIST_ENTRY GlobalForegroundListEntry;
1939 struct
1940 {
1941 SINGLE_LIST_ENTRY ForegroundDpcStackListEntry;
1942 ULONG_PTR InGlobalForegroundList;
1943 };
1944 };
1945 #endif
1946
1947 #if _WIN64
1948 LONG64 ReadOperationCount;
1949 LONG64 WriteOperationCount;
1950 LONG64 OtherOperationCount;
1951 LONG64 ReadTransferCount;
1952 LONG64 WriteTransferCount;
1953 LONG64 OtherTransferCount;
1954 #endif
1955 #if (NTDDI_VERSION >= NTDDI_WIN10) // since 10.0.10041.0
1956 struct _KSCB *QueuedScb;
1957 #ifndef _WIN64
1958 ULONG64 NpxState;
1959 #endif
1960 #endif
1961 } KTHREAD;
1962
1963 #endif
1964
1965
1966 #define ASSERT_THREAD(object) \
1967 ASSERT((((object)->Header.Type & KOBJECT_TYPE_MASK) == ThreadObject))
1968
1969 //
1970 // Kernel Process (KPROCESS)
1971 //
1972 typedef struct _KPROCESS
1973 {
1974 DISPATCHER_HEADER Header;
1975 LIST_ENTRY ProfileListHead;
1976 #if (NTDDI_VERSION >= NTDDI_LONGHORN)
1977 ULONG_PTR DirectoryTableBase;
1978 ULONG Unused0;
1979 #else
1980 ULONG_PTR DirectoryTableBase[2];
1981 #endif
1982 #if defined(_M_IX86)
1983 KGDTENTRY LdtDescriptor;
1984 KIDTENTRY Int21Descriptor;
1985 #endif
1986 USHORT IopmOffset;
1987 #if defined(_M_IX86)
1988 UCHAR Iopl;
1989 UCHAR Unused;
1990 #endif
1991 volatile ULONG ActiveProcessors;
1992 ULONG KernelTime;
1993 ULONG UserTime;
1994 LIST_ENTRY ReadyListHead;
1995 SINGLE_LIST_ENTRY SwapListEntry;
1996 PVOID VdmTrapcHandler;
1997 LIST_ENTRY ThreadListHead;
1998 KSPIN_LOCK ProcessLock;
1999 KAFFINITY Affinity;
2000 union
2001 {
2002 struct
2003 {
2004 LONG AutoAlignment:1;
2005 LONG DisableBoost:1;
2006 LONG DisableQuantum:1;
2007 LONG ReservedFlags:29;
2008 };
2009 LONG ProcessFlags;
2010 };
2011 SCHAR BasePriority;
2012 SCHAR QuantumReset;
2013 UCHAR State;
2014 UCHAR ThreadSeed;
2015 UCHAR PowerState;
2016 UCHAR IdealNode;
2017 UCHAR Visited;
2018 union
2019 {
2020 KEXECUTE_OPTIONS Flags;
2021 UCHAR ExecuteOptions;
2022 };
2023 ULONG StackCount;
2024 LIST_ENTRY ProcessListEntry;
2025 #if (NTDDI_VERSION >= NTDDI_LONGHORN) // [
2026 ULONGLONG CycleTime;
2027 #endif // ]
2028 } KPROCESS;
2029
2030 #define ASSERT_PROCESS(object) \
2031 ASSERT((((object)->Header.Type & KOBJECT_TYPE_MASK) == ProcessObject))
2032
2033 //
2034 // System Service Table Descriptor
2035 //
2036 typedef struct _KSERVICE_TABLE_DESCRIPTOR
2037 {
2038 PULONG_PTR Base;
2039 PULONG Count;
2040 ULONG Limit;
2041 #if defined(_IA64_)
2042 LONG TableBaseGpOffset;
2043 #endif
2044 PUCHAR Number;
2045 } KSERVICE_TABLE_DESCRIPTOR, *PKSERVICE_TABLE_DESCRIPTOR;
2046
2047 #if (NTDDI_VERSION >= NTDDI_WIN8)
2048 //
2049 // Entropy Timing State
2050 //
2051 typedef struct _KENTROPY_TIMING_STATE
2052 {
2053 ULONG EntropyCount;
2054 ULONG Buffer[64];
2055 KDPC Dpc;
2056 ULONG LastDeliveredBuffer;
2057 PULONG RawDataBuffer;
2058 } KENTROPY_TIMING_STATE, *PKENTROPY_TIMING_STATE;
2059
2060 //
2061 // Constants from ks386.inc, ksamd64.inc and ksarm.h
2062 //
2063 #define KENTROPY_TIMING_INTERRUPTS_PER_BUFFER 0x400
2064 #define KENTROPY_TIMING_BUFFER_MASK 0x7ff
2065 #define KENTROPY_TIMING_ANALYSIS 0x0
2066
2067 #endif /* (NTDDI_VERSION >= NTDDI_WIN8) */
2068
2069 //
2070 // Exported Loader Parameter Block
2071 //
2072 extern struct _LOADER_PARAMETER_BLOCK NTSYSAPI *KeLoaderBlock;
2073
2074 //
2075 // Exported Hardware Data
2076 //
2077 extern ULONG NTSYSAPI KiDmaIoCoherency;
2078 extern ULONG NTSYSAPI KeMaximumIncrement;
2079 extern ULONG NTSYSAPI KeMinimumIncrement;
2080 extern ULONG NTSYSAPI KeDcacheFlushCount;
2081 extern ULONG NTSYSAPI KeIcacheFlushCount;
2082 extern ULONG_PTR NTSYSAPI KiBugCheckData[];
2083 extern BOOLEAN NTSYSAPI KiEnableTimerWatchdog;
2084
2085 //
2086 // Exported System Service Descriptor Tables
2087 //
2088 extern KSERVICE_TABLE_DESCRIPTOR NTSYSAPI KeServiceDescriptorTable[SSDT_MAX_ENTRIES];
2089 extern KSERVICE_TABLE_DESCRIPTOR NTSYSAPI KeServiceDescriptorTableShadow[SSDT_MAX_ENTRIES];
2090
2091 #endif // !NTOS_MODE_USER
2092
2093 #endif // _KETYPES_H
A free Windows-compatible Operating System