mirror-ac/driver/modules.h

#ifndef MODULES_H
#define MODULES_H

#include <ntifs.h>
#include <intrin.h>

#include "common.h"

typedef struct _APC_OPERATION_ID {
    int operation_id;

} APC_OPERATION_ID, *PAPC_OPERATION_ID;

/* system modules information */

typedef struct _SYSTEM_MODULES {
    PVOID address;
    INT   module_count;

} SYSTEM_MODULES, *PSYSTEM_MODULES;

#define APC_CONTEXT_ID_STACKWALK 0x1
#define APC_CONTEXT_ID_STARTADDRESS 0x2

typedef struct _APC_CONTEXT_HEADER {
    LONG         context_id;
    volatile INT count;
    volatile INT allocation_in_progress;

} APC_CONTEXT_HEADER, *PAPC_CONTEXT_HEADER;

typedef struct _APC_STACKWALK_CONTEXT {
    APC_CONTEXT_HEADER header;
    PSYSTEM_MODULES    modules;

} APC_STACKWALK_CONTEXT, *PAPC_STACKWALK_CONTEXT;

NTSTATUS
GetSystemModuleInformation(_Out_ PSYSTEM_MODULES ModuleInformation);

NTSTATUS
HandleValidateDriversIOCTL();

PRTL_MODULE_EXTENDED_INFO
FindSystemModuleByName(_In_ LPCSTR          ModuleName,
                       _In_ PSYSTEM_MODULES SystemModules);

NTSTATUS
HandleNmiIOCTL();

NTSTATUS
ValidateThreadsViaKernelApc();

VOID
FreeApcStackwalkApcContextInformation(_Inout_ PAPC_STACKWALK_CONTEXT Context);

BOOLEAN
IsInstructionPointerInInvalidRegion(_In_ UINT64          Rip,
                                    _In_ PSYSTEM_MODULES SystemModules);

PVOID
FindDriverBaseNoApi(_In_ PDRIVER_OBJECT DriverObject, _In_ PWCH Name);

NTSTATUS
DispatchStackwalkToEachCpuViaDpc();

NTSTATUS
ValidateHalDispatchTables();

PVOID
FindDriverBaseNoApi(_In_ PDRIVER_OBJECT DriverObject, _In_ PWCH Name);

NTSTATUS
GetDriverObjectByDriverName(_In_ PUNICODE_STRING  DriverName,
                            _Out_ PDRIVER_OBJECT* DriverObject);

NTSTATUS
ValidateWin32kDispatchTables();

#endif
big money changes to driver 2023-08-19 04:52:57 +02:00			`#ifndef MODULES_H`
			`#define MODULES_H`

			`#include <ntifs.h>`
			`#include <intrin.h>`
gah memory leak waaaaa 2023-09-25 17:41:38 +02:00
AAAAAA 2023-08-22 19:32:25 +02:00			`#include "common.h"`
big money changes to driver 2023-08-19 04:52:57 +02:00
80 line limit - need to refactor lots of code but ceebs atm 2024-04-13 06:40:51 +02:00			`typedef struct _APC_OPERATION_ID {`
indentation 2024-04-13 10:23:14 +02:00			`int operation_id;`
apc operation stuff 2023-09-28 18:10:01 +02:00
some formatting. Smiley face 2023-12-13 05:06:27 +01:00			`} APC_OPERATION_ID, *PAPC_OPERATION_ID;`
apc operation stuff 2023-09-28 18:10:01 +02:00
big money changes to driver 2023-08-19 04:52:57 +02:00			`/* system modules information */`

80 line limit - need to refactor lots of code but ceebs atm 2024-04-13 06:40:51 +02:00			`typedef struct _SYSTEM_MODULES {`
indentation 2024-04-13 10:23:14 +02:00			`PVOID address;`
			`INT module_count;`
big money changes to driver 2023-08-19 04:52:57 +02:00
some formatting. Smiley face 2023-12-13 05:06:27 +01:00			`} SYSTEM_MODULES, *PSYSTEM_MODULES;`
big money changes to driver 2023-08-19 04:52:57 +02:00
gah memory leak waaaaa 2023-09-25 17:41:38 +02:00			`#define APC_CONTEXT_ID_STACKWALK 0x1`
begin tpm implementation 2024-05-30 07:42:35 +02:00			`#define APC_CONTEXT_ID_STARTADDRESS 0x2`
gah memory leak waaaaa 2023-09-25 17:41:38 +02:00
80 line limit - need to refactor lots of code but ceebs atm 2024-04-13 06:40:51 +02:00			`typedef struct _APC_CONTEXT_HEADER {`
indentation 2024-04-13 10:23:14 +02:00			`LONG context_id;`
			`volatile INT count;`
			`volatile INT allocation_in_progress;`
gah memory leak waaaaa 2023-09-25 17:41:38 +02:00
some formatting. Smiley face 2023-12-13 05:06:27 +01:00			`} APC_CONTEXT_HEADER, *PAPC_CONTEXT_HEADER;`
change da apc ref count stuff 2023-09-26 12:00:45 +02:00
80 line limit - need to refactor lots of code but ceebs atm 2024-04-13 06:40:51 +02:00			`typedef struct _APC_STACKWALK_CONTEXT {`
indentation 2024-04-13 10:23:14 +02:00			`APC_CONTEXT_HEADER header;`
			`PSYSTEM_MODULES modules;`
change da apc ref count stuff 2023-09-26 12:00:45 +02:00
some formatting. Smiley face 2023-12-13 05:06:27 +01:00			`} APC_STACKWALK_CONTEXT, *PAPC_STACKWALK_CONTEXT;`
gah memory leak waaaaa 2023-09-25 17:41:38 +02:00
da 2023-10-05 08:27:17 +02:00			`NTSTATUS`
some formatting. Smiley face 2023-12-13 05:06:27 +01:00			`GetSystemModuleInformation(_Out_ PSYSTEM_MODULES ModuleInformation);`
big money changes to driver 2023-08-19 04:52:57 +02:00
da 2023-10-05 08:27:17 +02:00			`NTSTATUS`
Rewrite IO handling (#6) * csq stuff * oh yea * bugfix * epicc * some formating n dat * bug fix * class changes * e * fix up some of the io stuff * fix io PLEASEEE * fff 2024-01-21 08:22:06 +01:00			`HandleValidateDriversIOCTL();`
big money changes to driver 2023-08-19 04:52:57 +02:00
da 2023-10-05 08:27:17 +02:00			`PRTL_MODULE_EXTENDED_INFO`
80 line limit - need to refactor lots of code but ceebs atm 2024-04-13 06:40:51 +02:00			`FindSystemModuleByName(_In_ LPCSTR ModuleName,`
			`_In_ PSYSTEM_MODULES SystemModules);`
AAAAAA 2023-08-22 19:32:25 +02:00
da 2023-10-05 08:27:17 +02:00			`NTSTATUS`
shared mapping - lock free interweaving io 2024-01-25 12:09:16 +01:00			`HandleNmiIOCTL();`
e 2023-09-02 15:47:15 +02:00
da 2023-10-05 08:27:17 +02:00			`NTSTATUS`
fix apc free deadlock ting 2023-09-27 06:22:14 +02:00			`ValidateThreadsViaKernelApc();`
some stuffffffff 2023-09-24 13:13:20 +02:00
fixed apc leak :DDD 2023-09-26 15:32:06 +02:00			`VOID`
some formatting. Smiley face 2023-12-13 05:06:27 +01:00			`FreeApcStackwalkApcContextInformation(_Inout_ PAPC_STACKWALK_CONTEXT Context);`
sum stuff c: 2023-10-07 17:37:47 +02:00
more refactoring 2024-05-05 15:58:36 +02:00			`BOOLEAN`
some code cleaning 2024-07-19 16:27:50 +02:00			`IsInstructionPointerInInvalidRegion(_In_ UINT64 Rip,`
more refactoring 2024-05-05 15:58:36 +02:00			`_In_ PSYSTEM_MODULES SystemModules);`
change da apc ref count stuff 2023-09-26 12:00:45 +02:00
integrate some new stuff [wip] (#9) 2024-05-04 17:43:01 +02:00			`PVOID`
			`FindDriverBaseNoApi(_In_ PDRIVER_OBJECT DriverObject, _In_ PWCH Name);`

ipi interrupt, readme, some bug fix 2023-10-30 12:57:24 +01:00			`NTSTATUS`
refactor nmi, dpc and some other stuf 2023-12-29 17:20:32 +01:00			`DispatchStackwalkToEachCpuViaDpc();`
ipi interrupt, readme, some bug fix 2023-10-30 12:57:24 +01:00
implement hal table validation 2024-01-01 17:45:40 +01:00			`NTSTATUS`
			`ValidateHalDispatchTables();`

significant refactor to mdouel vaerification + expoert stuff kinda wip 2024-01-07 05:13:41 +01:00			`PVOID`
some bug fixes 2024-01-28 08:34:09 +01:00			`FindDriverBaseNoApi(_In_ PDRIVER_OBJECT DriverObject, _In_ PWCH Name);`
significant refactor to mdouel vaerification + expoert stuff kinda wip 2024-01-07 05:13:41 +01:00
pci enumeration!! 2024-02-13 19:08:38 +01:00			`NTSTATUS`
80 line limit - need to refactor lots of code but ceebs atm 2024-04-13 06:40:51 +02:00			`GetDriverObjectByDriverName(_In_ PUNICODE_STRING DriverName,`
			`_Out_ PDRIVER_OBJECT* DriverObject);`
pci enumeration!! 2024-02-13 19:08:38 +01:00
integrate some new stuff [wip] (#9) 2024-05-04 17:43:01 +02:00			`NTSTATUS`
			`ValidateWin32kDispatchTables();`

big money changes to driver 2023-08-19 04:52:57 +02:00			`#endif`