1 /*
2 * evntprov.h
3 *
4 * This file is part of the ReactOS PSDK package.
5 *
6 * Contributors:
7 * Created by Amine Khaldi.
8 *
9 * THIS SOFTWARE IS NOT COPYRIGHTED
10 *
11 * This source code is offered for use in the public domain. You may
12 * use, modify or distribute it freely.
13 *
14 * This code is distributed in the hope that it will be useful but
15 * WITHOUT ANY WARRANTY. ALL WARRANTIES, EXPRESS OR IMPLIED ARE HEREBY
16 * DISCLAIMED. This includes but is not limited to warranties of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
18 *
19 */
20
21 #pragma once
22
23 #define _EVNTPROV_
24
25 #ifndef EVNTAPI
26 #ifndef MIDL_PASS
27 #ifdef _EVNT_SOURCE_
28 #define EVNTAPI __stdcall
29 #else
30 #define EVNTAPI DECLSPEC_IMPORT __stdcall
31 #endif /* _EVNT_SOURCE_ */
32 #endif /* MIDL_PASS */
33 #endif /* EVNTAPI */
34
35 #ifdef __cplusplus
36 extern "C" {
37 #endif
38
39 #define EVENT_MIN_LEVEL (0)
40 #define EVENT_MAX_LEVEL (0xff)
41
42 #define EVENT_ACTIVITY_CTRL_GET_ID (1)
43 #define EVENT_ACTIVITY_CTRL_SET_ID (2)
44 #define EVENT_ACTIVITY_CTRL_CREATE_ID (3)
45 #define EVENT_ACTIVITY_CTRL_GET_SET_ID (4)
46 #define EVENT_ACTIVITY_CTRL_CREATE_SET_ID (5)
47
48 typedef ULONGLONG REGHANDLE, *PREGHANDLE;
49
50 #define MAX_EVENT_DATA_DESCRIPTORS (128)
51 #define MAX_EVENT_FILTER_DATA_SIZE (1024)
52
53 #define EVENT_FILTER_TYPE_SCHEMATIZED (0x80000000)
54
55 typedef struct _EVENT_DATA_DESCRIPTOR {
56 ULONGLONG Ptr;
57 ULONG Size;
58 ULONG Reserved;
59 } EVENT_DATA_DESCRIPTOR, *PEVENT_DATA_DESCRIPTOR;
60
61 typedef struct _EVENT_DESCRIPTOR {
62 USHORT Id;
63 UCHAR Version;
64 UCHAR Channel;
65 UCHAR Level;
66 UCHAR Opcode;
67 USHORT Task;
68 ULONGLONG Keyword;
69 } EVENT_DESCRIPTOR, *PEVENT_DESCRIPTOR;
70 typedef const EVENT_DESCRIPTOR *PCEVENT_DESCRIPTOR;
71
72 #ifndef _EVNTRACE_
73 typedef struct _EVENT_FILTER_DESCRIPTOR {
74 ULONGLONG Ptr;
75 ULONG Size;
76 ULONG Type;
77 } EVENT_FILTER_DESCRIPTOR, *PEVENT_FILTER_DESCRIPTOR;
78 #endif
79
80 typedef struct _EVENT_FILTER_HEADER {
81 USHORT Id;
82 UCHAR Version;
83 UCHAR Reserved[5];
84 ULONGLONG InstanceId;
85 ULONG Size;
86 ULONG NextOffset;
87 } EVENT_FILTER_HEADER, *PEVENT_FILTER_HEADER;
88
89 #ifndef _ETW_KM_
90
91 typedef VOID
92 (NTAPI *PENABLECALLBACK)(
93 _In_ LPCGUID SourceId,
94 _In_ ULONG IsEnabled,
95 _In_ UCHAR Level,
96 _In_ ULONGLONG MatchAnyKeyword,
97 _In_ ULONGLONG MatchAllKeyword,
98 _In_opt_ PEVENT_FILTER_DESCRIPTOR FilterData,
99 _Inout_opt_ PVOID CallbackContext);
100
101 #if (WINVER >= _WIN32_WINNT_VISTA)
102 ULONG
103 EVNTAPI
104 EventRegister(
105 _In_ LPCGUID ProviderId,
106 _In_opt_ PENABLECALLBACK EnableCallback,
107 _In_opt_ PVOID CallbackContext,
108 _Out_ PREGHANDLE RegHandle);
109
110 ULONG
111 EVNTAPI
112 EventUnregister(
113 _In_ REGHANDLE RegHandle);
114
115 BOOLEAN
116 EVNTAPI
117 EventEnabled(
118 _In_ REGHANDLE RegHandle,
119 _In_ PCEVENT_DESCRIPTOR EventDescriptor);
120
121 BOOLEAN
122 EVNTAPI
123 EventProviderEnabled(
124 _In_ REGHANDLE RegHandle,
125 _In_ UCHAR Level,
126 _In_ ULONGLONG Keyword);
127
128 ULONG
129 EVNTAPI
130 EventWrite(
131 _In_ REGHANDLE RegHandle,
132 _In_ PCEVENT_DESCRIPTOR EventDescriptor,
133 _In_ ULONG UserDataCount,
134 _In_reads_opt_(UserDataCount) PEVENT_DATA_DESCRIPTOR UserData);
135
136 ULONG
137 EVNTAPI
138 EventWriteTransfer(
139 _In_ REGHANDLE RegHandle,
140 _In_ PCEVENT_DESCRIPTOR EventDescriptor,
141 _In_opt_ LPCGUID ActivityId,
142 _In_opt_ LPCGUID RelatedActivityId,
143 _In_ ULONG UserDataCount,
144 _In_reads_opt_(UserDataCount) PEVENT_DATA_DESCRIPTOR UserData);
145
146 ULONG
147 EVNTAPI
148 EventWriteString(
149 _In_ REGHANDLE RegHandle,
150 _In_ UCHAR Level,
151 _In_ ULONGLONG Keyword,
152 _In_ PCWSTR String);
153
154 ULONG
155 EVNTAPI
156 EventActivityIdControl(
157 _In_ ULONG ControlCode,
158 _Inout_ LPGUID ActivityId);
159
160 #endif /* (WINVER >= _WIN32_WINNT_VISTA) */
161
162 #if (WINVER >= _WIN32_WINNT_WIN7)
163 ULONG
164 EVNTAPI
165 EventWriteEx(
166 _In_ REGHANDLE RegHandle,
167 _In_ PCEVENT_DESCRIPTOR EventDescriptor,
168 _In_ ULONG64 Filter,
169 _In_ ULONG Flags,
170 _In_opt_ LPCGUID ActivityId,
171 _In_opt_ LPCGUID RelatedActivityId,
172 _In_ ULONG UserDataCount,
173 _In_reads_opt_(UserDataCount) PEVENT_DATA_DESCRIPTOR UserData);
174 #endif
175
176 #endif // _ETW_KM_
177
178 FORCEINLINE
179 VOID
EventDataDescCreate(_Out_ PEVENT_DATA_DESCRIPTOR EventDataDescriptor,_In_reads_bytes_ (DataSize)const VOID * DataPtr,_In_ ULONG DataSize)180 EventDataDescCreate(
181 _Out_ PEVENT_DATA_DESCRIPTOR EventDataDescriptor,
182 _In_reads_bytes_(DataSize) const VOID* DataPtr,
183 _In_ ULONG DataSize)
184 {
185 EventDataDescriptor->Ptr = (ULONGLONG)(ULONG_PTR)DataPtr;
186 EventDataDescriptor->Size = DataSize;
187 EventDataDescriptor->Reserved = 0;
188 }
189
190 FORCEINLINE
191 VOID
EventDescCreate(_Out_ PEVENT_DESCRIPTOR EventDescriptor,_In_ USHORT Id,_In_ UCHAR Version,_In_ UCHAR Channel,_In_ UCHAR Level,_In_ USHORT Task,_In_ UCHAR Opcode,_In_ ULONGLONG Keyword)192 EventDescCreate(
193 _Out_ PEVENT_DESCRIPTOR EventDescriptor,
194 _In_ USHORT Id,
195 _In_ UCHAR Version,
196 _In_ UCHAR Channel,
197 _In_ UCHAR Level,
198 _In_ USHORT Task,
199 _In_ UCHAR Opcode,
200 _In_ ULONGLONG Keyword)
201 {
202 EventDescriptor->Id = Id;
203 EventDescriptor->Version = Version;
204 EventDescriptor->Channel = Channel;
205 EventDescriptor->Level = Level;
206 EventDescriptor->Task = Task;
207 EventDescriptor->Opcode = Opcode;
208 EventDescriptor->Keyword = Keyword;
209 }
210
211 FORCEINLINE
212 VOID
EventDescZero(_Out_ PEVENT_DESCRIPTOR EventDescriptor)213 EventDescZero(
214 _Out_ PEVENT_DESCRIPTOR EventDescriptor)
215 {
216 memset(EventDescriptor, 0, sizeof(EVENT_DESCRIPTOR));
217 }
218
219 FORCEINLINE
220 USHORT
EventDescGetId(_In_ PCEVENT_DESCRIPTOR EventDescriptor)221 EventDescGetId(
222 _In_ PCEVENT_DESCRIPTOR EventDescriptor)
223 {
224 return (EventDescriptor->Id);
225 }
226
227 FORCEINLINE
228 UCHAR
EventDescGetVersion(_In_ PCEVENT_DESCRIPTOR EventDescriptor)229 EventDescGetVersion(
230 _In_ PCEVENT_DESCRIPTOR EventDescriptor)
231 {
232 return (EventDescriptor->Version);
233 }
234
235 FORCEINLINE
236 USHORT
EventDescGetTask(_In_ PCEVENT_DESCRIPTOR EventDescriptor)237 EventDescGetTask(
238 _In_ PCEVENT_DESCRIPTOR EventDescriptor)
239 {
240 return (EventDescriptor->Task);
241 }
242
243 FORCEINLINE
244 UCHAR
EventDescGetOpcode(_In_ PCEVENT_DESCRIPTOR EventDescriptor)245 EventDescGetOpcode(
246 _In_ PCEVENT_DESCRIPTOR EventDescriptor)
247 {
248 return (EventDescriptor->Opcode);
249 }
250
251 FORCEINLINE
252 UCHAR
EventDescGetChannel(_In_ PCEVENT_DESCRIPTOR EventDescriptor)253 EventDescGetChannel(
254 _In_ PCEVENT_DESCRIPTOR EventDescriptor)
255 {
256 return (EventDescriptor->Channel);
257 }
258
259 FORCEINLINE
260 UCHAR
EventDescGetLevel(_In_ PCEVENT_DESCRIPTOR EventDescriptor)261 EventDescGetLevel(
262 _In_ PCEVENT_DESCRIPTOR EventDescriptor)
263 {
264 return (EventDescriptor->Level);
265 }
266
267 FORCEINLINE
268 ULONGLONG
EventDescGetKeyword(_In_ PCEVENT_DESCRIPTOR EventDescriptor)269 EventDescGetKeyword(
270 _In_ PCEVENT_DESCRIPTOR EventDescriptor)
271 {
272 return (EventDescriptor->Keyword);
273 }
274
275 FORCEINLINE
276 PEVENT_DESCRIPTOR
EventDescSetId(_In_ PEVENT_DESCRIPTOR EventDescriptor,_In_ USHORT Id)277 EventDescSetId(
278 _In_ PEVENT_DESCRIPTOR EventDescriptor,
279 _In_ USHORT Id)
280 {
281 EventDescriptor->Id = Id;
282 return (EventDescriptor);
283 }
284
285 FORCEINLINE
286 PEVENT_DESCRIPTOR
EventDescSetVersion(_In_ PEVENT_DESCRIPTOR EventDescriptor,_In_ UCHAR Version)287 EventDescSetVersion(
288 _In_ PEVENT_DESCRIPTOR EventDescriptor,
289 _In_ UCHAR Version)
290 {
291 EventDescriptor->Version = Version;
292 return (EventDescriptor);
293 }
294
295 FORCEINLINE
296 PEVENT_DESCRIPTOR
EventDescSetTask(_In_ PEVENT_DESCRIPTOR EventDescriptor,_In_ USHORT Task)297 EventDescSetTask(
298 _In_ PEVENT_DESCRIPTOR EventDescriptor,
299 _In_ USHORT Task)
300 {
301 EventDescriptor->Task = Task;
302 return (EventDescriptor);
303 }
304
305 FORCEINLINE
306 PEVENT_DESCRIPTOR
EventDescSetOpcode(_In_ PEVENT_DESCRIPTOR EventDescriptor,_In_ UCHAR Opcode)307 EventDescSetOpcode(
308 _In_ PEVENT_DESCRIPTOR EventDescriptor,
309 _In_ UCHAR Opcode)
310 {
311 EventDescriptor->Opcode = Opcode;
312 return (EventDescriptor);
313 }
314
315 FORCEINLINE
316 PEVENT_DESCRIPTOR
EventDescSetLevel(_In_ PEVENT_DESCRIPTOR EventDescriptor,_In_ UCHAR Level)317 EventDescSetLevel(
318 _In_ PEVENT_DESCRIPTOR EventDescriptor,
319 _In_ UCHAR Level)
320 {
321 EventDescriptor->Level = Level;
322 return (EventDescriptor);
323 }
324
325 FORCEINLINE
326 PEVENT_DESCRIPTOR
EventDescSetChannel(_In_ PEVENT_DESCRIPTOR EventDescriptor,_In_ UCHAR Channel)327 EventDescSetChannel(
328 _In_ PEVENT_DESCRIPTOR EventDescriptor,
329 _In_ UCHAR Channel)
330 {
331 EventDescriptor->Channel = Channel;
332 return (EventDescriptor);
333 }
334
335 FORCEINLINE
336 PEVENT_DESCRIPTOR
EventDescSetKeyword(_In_ PEVENT_DESCRIPTOR EventDescriptor,_In_ ULONGLONG Keyword)337 EventDescSetKeyword(
338 _In_ PEVENT_DESCRIPTOR EventDescriptor,
339 _In_ ULONGLONG Keyword)
340 {
341 EventDescriptor->Keyword = Keyword;
342 return (EventDescriptor);
343 }
344
345
346 FORCEINLINE
347 PEVENT_DESCRIPTOR
EventDescOrKeyword(_In_ PEVENT_DESCRIPTOR EventDescriptor,_In_ ULONGLONG Keyword)348 EventDescOrKeyword(
349 _In_ PEVENT_DESCRIPTOR EventDescriptor,
350 _In_ ULONGLONG Keyword)
351 {
352 EventDescriptor->Keyword |= Keyword;
353 return (EventDescriptor);
354 }
355
356 #ifdef __cplusplus
357 }
358 #endif
359