1 /*++ NDK Version: 0098 2 3 Copyright (c) Alex Ionescu. All rights reserved. 4 5 Header Name: 6 7 kdtypes.h 8 9 Abstract: 10 11 Type definitions for the Kernel Debugger. 12 13 Author: 14 15 Alex Ionescu (alexi@tinykrnl.org) - Updated - 27-Feb-2006 16 17 --*/ 18 19 #ifndef _KDTYPES_H 20 #define _KDTYPES_H 21 22 // 23 // Dependencies 24 // 25 #include <umtypes.h> 26 27 // 28 // Debug Filter Levels 29 // 30 #define DPFLTR_ERROR_LEVEL 0 31 #define DPFLTR_WARNING_LEVEL 1 32 #define DPFLTR_TRACE_LEVEL 2 33 #define DPFLTR_INFO_LEVEL 3 34 #define DPFLTR_MASK 0x80000000 35 36 // 37 // Debug Status Codes 38 // 39 #define DBG_STATUS_CONTROL_C 1 40 #define DBG_STATUS_SYSRQ 2 41 #define DBG_STATUS_BUGCHECK_FIRST 3 42 #define DBG_STATUS_BUGCHECK_SECOND 4 43 #define DBG_STATUS_FATAL 5 44 #define DBG_STATUS_DEBUG_CONTROL 6 45 #define DBG_STATUS_WORKER 7 46 47 // 48 // DebugService Control Types 49 // 50 #define BREAKPOINT_BREAK 0 51 #define BREAKPOINT_PRINT 1 52 #define BREAKPOINT_PROMPT 2 53 #define BREAKPOINT_LOAD_SYMBOLS 3 54 #define BREAKPOINT_UNLOAD_SYMBOLS 4 55 #define BREAKPOINT_COMMAND_STRING 5 56 57 // 58 // Debug Control Codes for NtSystemDebugcontrol 59 // 60 typedef enum _SYSDBG_COMMAND 61 { 62 SysDbgQueryModuleInformation = 0, 63 SysDbgQueryTraceInformation = 1, 64 SysDbgSetTracepoint = 2, 65 SysDbgSetSpecialCall = 3, 66 SysDbgClearSpecialCalls = 4, 67 SysDbgQuerySpecialCalls = 5, 68 SysDbgBreakPoint = 6, 69 SysDbgQueryVersion = 7, 70 SysDbgReadVirtual = 8, 71 SysDbgWriteVirtual = 9, 72 SysDbgReadPhysical = 10, 73 SysDbgWritePhysical = 11, 74 SysDbgReadControlSpace = 12, 75 SysDbgWriteControlSpace = 13, 76 SysDbgReadIoSpace = 14, 77 SysDbgWriteIoSpace = 15, 78 SysDbgReadMsr = 16, 79 SysDbgWriteMsr = 17, 80 SysDbgReadBusData = 18, 81 SysDbgWriteBusData = 19, 82 SysDbgCheckLowMemory = 20, 83 SysDbgEnableKernelDebugger = 21, 84 SysDbgDisableKernelDebugger = 22, 85 SysDbgGetAutoKdEnable = 23, 86 SysDbgSetAutoKdEnable = 24, 87 SysDbgGetPrintBufferSize = 25, 88 SysDbgSetPrintBufferSize = 26, 89 SysDbgGetKdUmExceptionEnable = 27, 90 SysDbgSetKdUmExceptionEnable = 28, 91 SysDbgGetTriageDump = 29, 92 SysDbgGetKdBlockEnable = 30, 93 SysDbgSetKdBlockEnable = 31, 94 #if (NTDDI_VERSION >= NTDDI_VISTA) 95 SysDbgRegisterForUmBreakInfo = 32, 96 SysDbgGetUmBreakPid = 33, 97 SysDbgClearUmBreakPid = 34, 98 SysDbgGetUmAttachPid = 35, 99 SysDbgClearUmAttachPid = 36, 100 #endif 101 #if (NTDDI_VERSION >= NTDDI_WINBLUE) // NTDDI_WIN81 102 SysDbgGetLiveKernelDump = 37, 103 #endif 104 #if (NTDDI_VERSION >= NTDDI_WIN10_VB) 105 SysDbgKdPullRemoteFile = 38, 106 #endif 107 } SYSDBG_COMMAND; 108 109 // 110 // System Debugger Types 111 // 112 typedef struct _SYSDBG_PHYSICAL 113 { 114 PHYSICAL_ADDRESS Address; 115 PVOID Buffer; 116 ULONG Request; 117 } SYSDBG_PHYSICAL, *PSYSDBG_PHYSICAL; 118 119 typedef struct _SYSDBG_VIRTUAL 120 { 121 PVOID Address; 122 PVOID Buffer; 123 ULONG Request; 124 } SYSDBG_VIRTUAL, *PSYSDBG_VIRTUAL; 125 126 typedef struct _SYSDBG_CONTROL_SPACE 127 { 128 ULONGLONG Address; 129 PVOID Buffer; 130 ULONG Request; 131 ULONG Processor; 132 } SYSDBG_CONTROL_SPACE, *PSYSDBG_CONTROL_SPACE; 133 134 typedef struct _SYSDBG_IO_SPACE 135 { 136 ULONGLONG Address; 137 PVOID Buffer; 138 ULONG Request; 139 INTERFACE_TYPE InterfaceType; 140 ULONG BusNumber; 141 ULONG AddressSpace; 142 } SYSDBG_IO_SPACE, *PSYSDBG_IO_SPACE; 143 144 typedef struct _SYSDBG_BUS_DATA 145 { 146 ULONG Address; 147 PVOID Buffer; 148 ULONG Request; 149 BUS_DATA_TYPE BusDataType; 150 ULONG BusNumber; 151 ULONG SlotNumber; 152 } SYSDBG_BUS_DATA, *PSYSDBG_BUS_DATA; 153 154 typedef struct _SYSDBG_MSR 155 { 156 ULONG Address; 157 ULONGLONG Data; 158 } SYSDBG_MSR, *PSYSDBG_MSR; 159 160 typedef struct _SYSDBG_TRIAGE_DUMP 161 { 162 ULONG Flags; 163 ULONG BugCheckCode; 164 ULONG_PTR BugCheckParam1; 165 ULONG_PTR BugCheckParam2; 166 ULONG_PTR BugCheckParam3; 167 ULONG_PTR BugCheckParam4; 168 ULONG ProcessHandles; 169 ULONG ThreadHandles; 170 PHANDLE Handles; 171 } SYSDBG_TRIAGE_DUMP, *PSYSDBG_TRIAGE_DUMP; 172 173 #if (NTDDI_VERSION >= NTDDI_WINBLUE) // NTDDI_WIN81 174 175 typedef union _SYSDBG_LIVEDUMP_CONTROL_FLAGS 176 { 177 struct 178 { 179 ULONG UseDumpStorageStack : 1; 180 ULONG CompressMemoryPagesData : 1; 181 ULONG IncludeUserSpaceMemoryPages : 1; 182 #if (NTDDI_VERSION >= NTDDI_WIN10_RS4) 183 ULONG AbortIfMemoryPressure : 1; 184 #if (NTDDI_VERSION >= NTDDI_WIN11) 185 ULONG SelectiveDump : 1; 186 ULONG Reserved : 27; 187 #else 188 ULONG Reserved : 28; 189 #endif // (NTDDI_VERSION >= NTDDI_WIN11) 190 #else 191 ULONG Reserved : 29; 192 #endif // (NTDDI_VERSION >= NTDDI_WIN10_RS4) 193 }; 194 ULONG AsUlong; 195 } SYSDBG_LIVEDUMP_CONTROL_FLAGS; 196 197 typedef union _SYSDBG_LIVEDUMP_CONTROL_ADDPAGES 198 { 199 struct 200 { 201 ULONG HypervisorPages : 1; 202 #if (NTDDI_VERSION >= NTDDI_WIN11) 203 ULONG NonEssentialHypervisorPages : 1; 204 ULONG Reserved : 30; 205 #else 206 ULONG Reserved : 31; 207 #endif 208 }; 209 ULONG AsUlong; 210 } SYSDBG_LIVEDUMP_CONTROL_ADDPAGES; 211 212 #if (NTDDI_VERSION >= NTDDI_WIN11) 213 214 typedef struct _SYSDBG_LIVEDUMP_SELECTIVE_CONTROL 215 { 216 ULONG Version; 217 ULONG Size; 218 union 219 { 220 ULONGLONG Flags; 221 struct 222 { 223 ULONGLONG ThreadKernelStacks : 1; 224 ULONGLONG ReservedFlags : 63; 225 }; 226 }; 227 ULONGLONG Reserved[4]; 228 } SYSDBG_LIVEDUMP_SELECTIVE_CONTROL, *PSYSDBG_LIVEDUMP_SELECTIVE_CONTROL; 229 230 #define SYSDBG_LIVEDUMP_CONTROL_VERSION 1 231 #define SYSDBG_LIVEDUMP_CONTROL_VERSION_WIN11 2 232 233 #endif // (NTDDI_VERSION >= NTDDI_WIN11) 234 235 typedef struct _SYSDBG_LIVEDUMP_CONTROL 236 { 237 ULONG Version; 238 ULONG BugCheckCode; 239 ULONG_PTR BugCheckParam1; 240 ULONG_PTR BugCheckParam2; 241 ULONG_PTR BugCheckParam3; 242 ULONG_PTR BugCheckParam4; 243 PVOID DumpFileHandle; 244 PVOID CancelEventHandle; 245 SYSDBG_LIVEDUMP_CONTROL_FLAGS Flags; 246 SYSDBG_LIVEDUMP_CONTROL_ADDPAGES AddPagesControl; 247 #if (NTDDI_VERSION >= NTDDI_WIN11) 248 PSYSDBG_LIVEDUMP_SELECTIVE_CONTROL SelectiveControl; 249 #endif 250 } SYSDBG_LIVEDUMP_CONTROL, *PSYSDBG_LIVEDUMP_CONTROL; 251 252 #endif // (NTDDI_VERSION >= NTDDI_WINBLUE) 253 254 #if (NTDDI_VERSION >= NTDDI_WIN10_VB) 255 256 typedef struct _SYSDBG_KD_PULL_REMOTE_FILE 257 { 258 UNICODE_STRING ImageFileName; 259 } SYSDBG_KD_PULL_REMOTE_FILE, *PSYSDBG_KD_PULL_REMOTE_FILE; 260 261 #endif 262 263 // 264 // KD Structures 265 // 266 typedef struct _KD_SYMBOLS_INFO 267 { 268 PVOID BaseOfDll; 269 ULONG_PTR ProcessId; 270 ULONG CheckSum; 271 ULONG SizeOfImage; 272 } KD_SYMBOLS_INFO, *PKD_SYMBOLS_INFO; 273 274 #endif // _KDTYPES_H 275