2023-08-17 10:45:50 +02:00
|
|
|
#ifndef IOCTL_H
|
|
|
|
|
#define IOCTL_H
|
|
|
|
|
|
|
|
|
|
#include <ntifs.h>
|
|
|
|
|
#include <wdftypes.h>
|
|
|
|
|
#include <wdf.h>
|
2023-09-02 15:47:15 +02:00
|
|
|
#include "common.h"
|
2023-08-17 10:45:50 +02:00
|
|
|
|
2023-08-19 04:52:57 +02:00
|
|
|
#define IOCCTL_RUN_NMI_CALLBACKS CTL_CODE(FILE_DEVICE_UNKNOWN, 0x2001, METHOD_BUFFERED, FILE_ANY_ACCESS)
|
|
|
|
|
#define IOCTL_VALIDATE_DRIVER_OBJECTS CTL_CODE(FILE_DEVICE_UNKNOWN, 0x2002, METHOD_BUFFERED, FILE_ANY_ACCESS)
|
2023-08-20 16:12:04 +02:00
|
|
|
#define IOCTL_NOTIFY_DRIVER_ON_PROCESS_LAUNCH CTL_CODE(FILE_DEVICE_UNKNOWN, 0x2004, METHOD_BUFFERED, FILE_ANY_ACCESS)
|
2023-08-20 17:04:53 +02:00
|
|
|
#define IOCTL_HANDLE_REPORTS_IN_CALLBACK_QUEUE CTL_CODE(FILE_DEVICE_UNKNOWN, 0x2005, METHOD_BUFFERED, FILE_ANY_ACCESS)
|
2023-08-21 17:48:34 +02:00
|
|
|
#define IOCTL_PERFORM_VIRTUALIZATION_CHECK CTL_CODE(FILE_DEVICE_UNKNOWN, 0x2006, METHOD_BUFFERED, FILE_ANY_ACCESS)
|
2023-08-22 10:51:52 +02:00
|
|
|
#define IOCTL_ENUMERATE_HANDLE_TABLES CTL_CODE(FILE_DEVICE_UNKNOWN, 0x2007, METHOD_BUFFERED, FILE_ANY_ACCESS)
|
2023-08-22 19:32:25 +02:00
|
|
|
#define IOCTL_RETRIEVE_MODULE_EXECUTABLE_REGIONS CTL_CODE(FILE_DEVICE_UNKNOWN, 0x2008, METHOD_BUFFERED, FILE_ANY_ACCESS)
|
|
|
|
|
#define IOCTL_REQUEST_TOTAL_MODULE_SIZE CTL_CODE(FILE_DEVICE_UNKNOWN, 0x2009, METHOD_BUFFERED, FILE_ANY_ACCESS)
|
2023-08-24 17:10:40 +02:00
|
|
|
#define IOCTL_NOTIFY_DRIVER_ON_PROCESS_TERMINATION CTL_CODE(FILE_DEVICE_UNKNOWN, 0x2010, METHOD_BUFFERED, FILE_ANY_ACCESS)
|
2023-08-28 17:00:52 +02:00
|
|
|
#define IOCTL_SCAN_FOR_UNLINKED_PROCESS CTL_CODE(FILE_DEVICE_UNKNOWN, 0x2011, METHOD_BUFFERED, FILE_ANY_ACCESS)
|
2023-08-30 13:15:57 +02:00
|
|
|
#define IOCTL_VALIDATE_KPRCB_CURRENT_THREAD CTL_CODE(FILE_DEVICE_UNKNOWN, 0x2012, METHOD_BUFFERED, FILE_ANY_ACCESS)
|
2023-09-01 13:46:31 +02:00
|
|
|
#define IOCTL_PERFORM_INTEGRITY_CHECK CTL_CODE(FILE_DEVICE_UNKNOWN, 0x2013, METHOD_BUFFERED, FILE_ANY_ACCESS)
|
2023-09-02 15:47:15 +02:00
|
|
|
#define IOCTL_DETECT_ATTACHED_THREADS CTL_CODE(FILE_DEVICE_UNKNOWN, 0x2014, METHOD_BUFFERED, FILE_ANY_ACCESS)
|
2023-09-05 11:16:32 +02:00
|
|
|
#define IOCTL_VALIDATE_PROCESS_LOADED_MODULE CTL_CODE(FILE_DEVICE_UNKNOWN, 0x2015, METHOD_BUFFERED, FILE_ANY_ACCESS)
|
2023-09-07 19:49:36 +02:00
|
|
|
#define IOCTL_REQUEST_HARDWARE_INFORMATION CTL_CODE(FILE_DEVICE_UNKNOWN, 0x2016, METHOD_BUFFERED, FILE_ANY_ACCESS)
|
2023-08-20 16:12:04 +02:00
|
|
|
|
|
|
|
|
typedef struct _DRIVER_INITIATION_INFORMATION
|
|
|
|
|
{
|
|
|
|
|
LONG protected_process_id;
|
|
|
|
|
|
|
|
|
|
} DRIVER_INITIATION_INFORMATION, * PDRIVER_INITIATION_INFORMATION;
|
2023-08-19 04:52:57 +02:00
|
|
|
|
2023-08-17 10:45:50 +02:00
|
|
|
NTSTATUS DeviceControl(
|
|
|
|
|
_In_ PDRIVER_OBJECT DriverObject,
|
|
|
|
|
_In_ PIRP Irp
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
NTSTATUS DeviceClose(
|
|
|
|
|
_In_ PDEVICE_OBJECT DeviceObject,
|
|
|
|
|
_In_ PIRP Irp
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
NTSTATUS DeviceCreate(
|
|
|
|
|
_In_ PDEVICE_OBJECT DeviceObject,
|
|
|
|
|
_In_ PIRP Irp
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
#endif
|
