2024-01-21 08:22:06 +01:00
|
|
|
#ifndef IO_H
|
|
|
|
|
#define IO_H
|
2023-08-17 10:45:50 +02:00
|
|
|
|
|
|
|
|
#include <ntifs.h>
|
|
|
|
|
#include <wdftypes.h>
|
|
|
|
|
#include <wdf.h>
|
2023-09-02 15:47:15 +02:00
|
|
|
#include "common.h"
|
2023-08-17 10:45:50 +02:00
|
|
|
|
2024-04-13 06:40:51 +02:00
|
|
|
typedef struct _SHARED_MAPPING_INIT {
|
2024-04-13 10:23:14 +02:00
|
|
|
PVOID buffer;
|
|
|
|
|
SIZE_T size;
|
2024-01-25 12:09:16 +01:00
|
|
|
|
|
|
|
|
} SHARED_MAPPING_INIT, *PSHARED_MAPPING_INIT;
|
|
|
|
|
|
2024-04-13 06:40:51 +02:00
|
|
|
typedef enum _SHARED_STATE_OPERATION_ID {
|
2024-04-13 10:23:14 +02:00
|
|
|
ssRunNmiCallbacks = 0,
|
|
|
|
|
ssValidateDriverObjects,
|
|
|
|
|
ssEnumerateHandleTables,
|
|
|
|
|
ssScanForUnlinkedProcesses,
|
|
|
|
|
ssPerformModuleIntegrityCheck,
|
|
|
|
|
ssScanForAttachedThreads,
|
|
|
|
|
ssScanForEptHooks,
|
|
|
|
|
ssInitiateDpcStackwalk,
|
|
|
|
|
ssValidateSystemModules,
|
2024-05-04 17:43:01 +02:00
|
|
|
ssValidateWin32kDispatchTables
|
2024-01-25 12:09:16 +01:00
|
|
|
} SHARED_STATE_OPERATION_ID;
|
|
|
|
|
|
2024-04-13 06:40:51 +02:00
|
|
|
typedef struct _SHARED_STATE {
|
2024-04-13 10:23:14 +02:00
|
|
|
volatile UINT32 status;
|
|
|
|
|
volatile UINT16 operation_id;
|
2024-01-25 12:09:16 +01:00
|
|
|
|
|
|
|
|
} SHARED_STATE, *PSHARED_STATE;
|
|
|
|
|
|
2024-04-13 06:40:51 +02:00
|
|
|
typedef struct _SHARED_MAPPING {
|
2024-04-13 10:23:14 +02:00
|
|
|
volatile LONG work_item_status;
|
|
|
|
|
PVOID user_buffer;
|
|
|
|
|
PSHARED_STATE kernel_buffer;
|
|
|
|
|
PMDL mdl;
|
|
|
|
|
SIZE_T size;
|
|
|
|
|
volatile BOOLEAN active;
|
|
|
|
|
KTIMER timer;
|
|
|
|
|
KDPC timer_dpc;
|
|
|
|
|
PIO_WORKITEM work_item;
|
2024-01-25 12:09:16 +01:00
|
|
|
|
|
|
|
|
} SHARED_MAPPING, *PSHARED_MAPPING;
|
|
|
|
|
|
2023-10-05 08:27:17 +02:00
|
|
|
NTSTATUS
|
2024-01-13 22:33:57 +01:00
|
|
|
DeviceControl(_In_ PDEVICE_OBJECT DeviceObject, _Inout_ PIRP Irp);
|
2023-08-17 10:45:50 +02:00
|
|
|
|
2024-01-15 02:01:14 +01:00
|
|
|
NTSTATUS
|
|
|
|
|
DeviceClose(_In_ PDEVICE_OBJECT DeviceObject, _Inout_ PIRP Irp);
|
2023-08-17 10:45:50 +02:00
|
|
|
|
2024-01-15 02:01:14 +01:00
|
|
|
NTSTATUS
|
|
|
|
|
DeviceCreate(_In_ PDEVICE_OBJECT DeviceObject, _Inout_ PIRP Irp);
|
2023-08-17 10:45:50 +02:00
|
|
|
|
2023-11-09 08:30:59 +01:00
|
|
|
NTSTATUS
|
2023-12-13 05:06:27 +01:00
|
|
|
ValidateIrpOutputBuffer(_In_ PIRP Irp, _In_ ULONG RequiredSize);
|
2023-11-09 08:30:59 +01:00
|
|
|
|
|
|
|
|
NTSTATUS
|
2023-12-13 05:06:27 +01:00
|
|
|
ValidateIrpInputBuffer(_In_ PIRP Irp, _In_ ULONG RequiredSize);
|
2023-11-09 08:30:59 +01:00
|
|
|
|
2024-01-21 08:22:06 +01:00
|
|
|
NTSTATUS
|
2024-01-11 10:16:55 +01:00
|
|
|
IrpQueueInitialise();
|
|
|
|
|
|
2024-05-11 17:27:18 +02:00
|
|
|
VOID
|
|
|
|
|
IrpQueueSchedulePacket(_In_ PVOID Buffer, _In_ UINT32 BufferLength);
|
2024-01-21 08:22:06 +01:00
|
|
|
|
2023-08-17 10:45:50 +02:00
|
|
|
#endif
|
