FB driver development, several structural investigation looking for help

General FreeBASIC programming questions.
Post Reply
MOODSKY2002
Posts: 10
Joined: May 06, 2022 12:43

FB driver development, several structural investigation looking for help

Post by MOODSKY2002 »

Which brother can help clear up the mistake, these days the translation of these several structures are really head to explode.
Now the question is

Code: Select all

Private function FBDriver_IoControl(byval DeviceObject as PDEVICE_OBJECT, byval Irp as PIRP) as NTSTATUS
   dim Status            as NTSTATUS = STATUS_INVALID_DEVICE_REQUEST 'STATUS_SUCCESS
   dim pIrpStack         as PIO_STACK_LOCATION
   dim pDevExt           as PDEVICE_EXTENSION
   dim Process_Callback  as My_Process_Callback PTR
   dim as ulong uIoContrlCode,uInSize,uOutSize 

	pIrpStack         = IoGetCurrentIrpStackLocation(Irp)                        	
	uIoContrlCode     = pIrpStack->Parameters.DeviceIoControl.IoControlCode  '!!!The uIoContrlCode value is never expected!!!   
There's so much involved in this structure, my translators are going to explode. I am not sure whether it is my negligence in translation or POINTER_ALIGNMENT or volatile. Hope a brother can help check the structure

The following structures are all translated and corrected by me with reference to WDK10. If they are correct in the future, they can be included in the official BI to save trouble for everyone

Code: Select all

type _NAMED_PIPE_CREATE_PARAMETERS
   NamedPipeType    as ULONG
   ReadMode         as ULONG
   CompletionMode   as ULONG
   MaximumInstances as ULONG
   InboundQuota     as ULONG
   OutboundQuota    as ULONG
   DefaultTimeout   as LARGE_INTEGER
   TimeoutSpecified as BOOLEAN
end type
type NAMED_PIPE_CREATE_PARAMETERS  as _NAMED_PIPE_CREATE_PARAMETERS
type PNAMED_PIPE_CREATE_PARAMETERS as _NAMED_PIPE_CREATE_PARAMETERS ptr

type _MAILSLOT_CREATE_PARAMETERS
   MailslotQuota      as ULONG
   MaximumMessageSize as ULONG
   ReadTimeout        as LARGE_INTEGER
   TimeoutSpecified   as BOOLEAN 
end type
type MAILSLOT_CREATE_PARAMETERS  as _MAILSLOT_CREATE_PARAMETERS
type PMAILSLOT_CREATE_PARAMETERS as _MAILSLOT_CREATE_PARAMETERS ptr

TYPE _FILE_GET_QUOTA_INFORMATION
   NextEntryOffset AS ULONG
   SidLength       AS ULONG
   Sid             AS SID
END TYPE
type FILE_GET_QUOTA_INFORMATION  as _FILE_GET_QUOTA_INFORMATION
type PFILE_GET_QUOTA_INFORMATION as _FILE_GET_QUOTA_INFORMATION ptr

TYPE _SYSTEM_POWER_STATE_CONTEXT
   union
      TYPE
         Reserved1:8 AS ULONG
         TargetSystemState:4 AS ULONG
         EffectiveSystemState:4 AS ULONG
         CurrentSystemState:4 AS ULONG
         IgnoreHibernationPath:1 AS ULONG
         PseudoTransition:1 AS ULONG
         Reserved2:10 AS ULONG
      END TYPE

      ContextAsUlong AS ULONG
   END UNION
END TYPE
type SYSTEM_POWER_STATE_CONTEXT  as _SYSTEM_POWER_STATE_CONTEXT
type PSYSTEM_POWER_STATE_CONTEXT as _SYSTEM_POWER_STATE_CONTEXT ptr




type IO_STACK_LOCATION_Parameters_Create
   SecurityContext as PIO_SECURITY_CONTEXT
   Options         as ULONG
   FileAttributes  as USHORT 'POINTER_ALIGNMENT
   ShareAccess     as USHORT
   EaLength        as ULONG  'POINTER_ALIGNMENT
end type

type IO_STACK_LOCATION_Parameters_CreatePipe
   SecurityContext as PIO_SECURITY_CONTEXT
   Options         as ULONG
   Reserved        as USHORT 'POINTER_ALIGNMENT
   ShareAccess     as USHORT
   Parameters      as PNAMED_PIPE_CREATE_PARAMETERS         
end type

type IO_STACK_LOCATION_Parameters_CreateMailslot
   SecurityContext as PIO_SECURITY_CONTEXT
   Options         as ULONG
   Reserved        as USHORT 'POINTER_ALIGNMENT
   ShareAccess     as USHORT
   Parameters      as PMAILSLOT_CREATE_PARAMETERS       
end type

type IO_STACK_LOCATION_Parameters_READ
   Length     AS ULONG
   Key        AS ULONG 'POINTER_ALIGNMENT
   ByteOffset AS LARGE_INTEGER         
end type

TYPE IO_STACK_LOCATION_Parameters_WRITE
   Length     AS ULONG
   Key        AS ULONG 'POINTER_ALIGNMENT
   ByteOffset AS LARGE_INTEGER
END TYPE

TYPE IO_STACK_LOCATION_Parameters_QueryDirectory
   Length               AS ULONG
   FileName             AS PUNICODE_STRING
   FileInformationClass AS FILE_INFORMATION_CLASS
   FileIndex            AS ULONG 'POINTER_ALIGNMENT
END TYPE

TYPE IO_STACK_LOCATION_Parameters_NotifyDirectory
   Length           AS ULONG
   CompletionFilter AS ULONG 'POINTER_ALIGNMENT
END TYPE

TYPE IO_STACK_LOCATION_Parameters_QueryFile
   Length               AS ULONG
   FileInformationClass AS FILE_INFORMATION_CLASS 'POINTER_ALIGNMENT
END TYPE

TYPE IO_STACK_LOCATION_Parameters_SetFile
   Length AS ULONG
   FileInformationClass AS FILE_INFORMATION_CLASS 'POINTER_ALIGNMENT
   FileObject           AS PFILE_OBJECT
   union 
      TYPE
         ReplaceIfExists AS BOOLEAN
         AdvanceOnly     AS BOOLEAN
      END TYPE
      ClusterCount AS ULONG
      DeleteHandle AS HANDLE
   END UNION        
END TYPE

TYPE IO_STACK_LOCATION_Parameters_QueryEa
   Length       AS ULONG
   EaList       AS PVOID
   EaListLength AS ULONG
   EaIndex      AS ULONG 'POINTER_ALIGNMENT 
END TYPE

TYPE IO_STACK_LOCATION_Parameters_SetEa
   Length AS ULONG
END TYPE

TYPE IO_STACK_LOCATION_Parameters_QueryVolume
   Length             AS ULONG
   FsInformationClass AS FS_INFORMATION_CLASS 'POINTER_ALIGNMENT
END TYPE

TYPE IO_STACK_LOCATION_Parameters_SetVolume
   Length             AS ULONG
   FsInformationClass AS FS_INFORMATION_CLASS 'POINTER_ALIGNMENT
END TYPE

TYPE IO_STACK_LOCATION_Parameters_FileSystemControl
   OutputBufferLength AS ULONG
   InputBufferLength  AS ULONG  'POINTER_ALIGNMENT
   FsControlCode      AS ULONG  'POINTER_ALIGNMENT
   Type3InputBuffer   AS PVOID         
END TYPE

TYPE IO_STACK_LOCATION_Parameters_LockControl
   Length     AS PLARGE_INTEGER
   Key        AS ULONG     'POINTER_ALIGNMENT
   ByteOffset AS LARGE_INTEGER        
END TYPE  

TYPE IO_STACK_LOCATION_Parameters_DeviceIoControl
   OutputBufferLength AS ULONG
   InputBufferLength  AS ULONG 'POINTER_ALIGNMENT
   IoControlCode      AS ULONG 'POINTER_ALIGNMENT
   Type3InputBuffer   AS PVOID
END TYPE

TYPE IO_STACK_LOCATION_Parameters_QuerySecurity
   SecurityInformation AS SECURITY_INFORMATION
   Length              AS ULONG 'POINTER_ALIGNMENT
END TYPE

TYPE IO_STACK_LOCATION_Parameters_SetSecurity
   SecurityInformation AS SECURITY_INFORMATION
   SecurityDescriptor  AS PSECURITY_DESCRIPTOR
END TYPE

TYPE IO_STACK_LOCATION_Parameters_MountVolume
   Vpb          AS PVPB
   DeviceObject AS PDEVICE_OBJECT
END TYPE 

TYPE IO_STACK_LOCATION_Parameters_VerifyVolume
   Vpb          AS PVPB
   DeviceObject AS PDEVICE_OBJECT
END TYPE

TYPE IO_STACK_LOCATION_Parameters_Scsi
   Srb  AS PSCSI_REQUEST_BLOCK
END TYPE

TYPE IO_STACK_LOCATION_Parameters_QueryQuota
   Length AS ULONG
   StartSid AS PSID
   SidList AS PFILE_GET_QUOTA_INFORMATION
   SidListLength AS ULONG
END TYPE

TYPE IO_STACK_LOCATION_Parameters_SetQuota
   Length AS ULONG
END TYPE  

TYPE IO_STACK_LOCATION_Parameters_QueryDeviceRelations
   Type AS DEVICE_RELATION_TYPE
END TYPE

TYPE IO_STACK_LOCATION_Parameters_QueryInterface
   InterfaceType         AS CONST GUID ptr
   Size                  AS USHORT
   Version               AS USHORT
   Interface             AS PINTERFACE
   InterfaceSpecificData AS PVOID
END TYPE

TYPE IO_STACK_LOCATION_Parameters_DeviceCapabilities
   Capabilities AS PDEVICE_CAPABILITIES 
END TYPE  
                                 
TYPE IO_STACK_LOCATION_Parameters_FilterResourceRequirements
   IoResourceRequirementList AS PIO_RESOURCE_REQUIREMENTS_LIST
END TYPE  

TYPE IO_STACK_LOCATION_Parameters_ReadWriteConfig
   WhichSpace AS ULONG
   Buffer     AS PVOID
   Offset     AS ULONG
   Length     AS ULONG 'POINTER_ALIGNMENT
END TYPE

TYPE IO_STACK_LOCATION_Parameters_SetLock
   Lock AS BOOLEAN
END TYPE
         
TYPE IO_STACK_LOCATION_Parameters_QueryId
   IdType AS BUS_QUERY_ID_TYPE
END TYPE

TYPE IO_STACK_LOCATION_Parameters_QueryDeviceText
   DeviceTextType AS DEVICE_TEXT_TYPE
   LocaleId       AS LCID 'POINTER_ALIGNMENT
END TYPE 

TYPE IO_STACK_LOCATION_Parameters_UsageNotification
   InPath           AS BOOLEAN
   Reserved(0 TO 2) AS BOOLEAN
   Type             AS DEVICE_USAGE_NOTIFICATION_TYPE 'POINTER_ALIGNMENT
END TYPE 

TYPE IO_STACK_LOCATION_Parameters_WaitWake
   PowerState    AS SYSTEM_POWER_STATE
END TYPE 

TYPE IO_STACK_LOCATION_Parameters_PowerSequence
   PowerSequence AS PPOWER_SEQUENCE
END TYPE   

TYPE IO_STACK_LOCATION_Parameters_Power
   union
      SystemContext           AS ULONG
      SystemPowerStateContext AS SYSTEM_POWER_STATE_CONTEXT
   END UNION
   Type         AS POWER_STATE_TYPE 'POINTER_ALIGNMENT
   State        AS POWER_STATE      'POINTER_ALIGNMENT
   ShutdownType AS POWER_ACTION     'POINTER_ALIGNMENT
END TYPE

TYPE IO_STACK_LOCATION_Parameters_StartDevice
   AllocatedResources           AS PCM_RESOURCE_LIST
   AllocatedResourcesTranslated AS PCM_RESOURCE_LIST
END TYPE 

TYPE IO_STACK_LOCATION_Parameters_WMI                                'WMI Irps
   ProviderId AS ULONG_PTR
   DataPath   AS PVOID
   BufferSize AS ULONG
   Buffer     AS PVOID
END TYPE 

TYPE IO_STACK_LOCATION_Parameters_Others                             '其它的
   Argument1 AS PVOID
   Argument2 AS PVOID
   Argument3 AS PVOID
   Argument4 AS PVOID
END TYPE 

union IO_STACK_LOCATION_Parameters
   Create            as IO_STACK_LOCATION_Parameters_Create
   CreatePipe        as IO_STACK_LOCATION_Parameters_CreatePipe
   CreateMailslot    as IO_STACK_LOCATION_Parameters_CreateMailslot   
   READ              AS IO_STACK_LOCATION_Parameters_READ
   WRITE             AS IO_STACK_LOCATION_Parameters_WRITE
   QueryDirectory    AS IO_STACK_LOCATION_Parameters_QueryDirectory
   NotifyDirectory   AS IO_STACK_LOCATION_Parameters_NotifyDirectory
   QueryFile         AS IO_STACK_LOCATION_Parameters_QueryFile
   SetFile           AS IO_STACK_LOCATION_Parameters_SetFile
   QueryEa           AS IO_STACK_LOCATION_Parameters_QueryEa
   SetEa             AS IO_STACK_LOCATION_Parameters_SetEa
   QueryVolume       AS IO_STACK_LOCATION_Parameters_QueryVolume
   SetVolume         AS IO_STACK_LOCATION_Parameters_SetVolume
   FileSystemControl AS IO_STACK_LOCATION_Parameters_FileSystemControl
   LockControl       AS IO_STACK_LOCATION_Parameters_LockControl
   DeviceIoControl   AS IO_STACK_LOCATION_Parameters_DeviceIoControl
   QuerySecurity     AS IO_STACK_LOCATION_Parameters_QuerySecurity
   SetSecurity       AS IO_STACK_LOCATION_Parameters_SetSecurity
   MountVolume       AS IO_STACK_LOCATION_Parameters_MountVolume
   VerifyVolume      AS IO_STACK_LOCATION_Parameters_VerifyVolume
   Scsi              AS IO_STACK_LOCATION_Parameters_Scsi
   QueryQuota        AS IO_STACK_LOCATION_Parameters_QueryQuota
   SetQuota          AS IO_STACK_LOCATION_Parameters_SetQuota
   QueryDeviceRelations AS IO_STACK_LOCATION_Parameters_QueryDeviceRelations
   QueryInterface       AS IO_STACK_LOCATION_Parameters_QueryInterface
   DeviceCapabilities   AS IO_STACK_LOCATION_Parameters_DeviceCapabilities
   FilterResourceRequirements AS IO_STACK_LOCATION_Parameters_FilterResourceRequirements
   ReadWriteConfig      AS IO_STACK_LOCATION_Parameters_ReadWriteConfig
   SetLock              AS IO_STACK_LOCATION_Parameters_SetLock
   QueryId              AS IO_STACK_LOCATION_Parameters_QueryId
   QueryDeviceText      AS IO_STACK_LOCATION_Parameters_QueryDeviceText
   UsageNotification    AS IO_STACK_LOCATION_Parameters_UsageNotification
   WaitWake             AS IO_STACK_LOCATION_Parameters_WaitWake
   PowerSequence        AS IO_STACK_LOCATION_Parameters_PowerSequence
   Power                AS IO_STACK_LOCATION_Parameters_Power
   StartDevice          AS IO_STACK_LOCATION_Parameters_StartDevice
   WMI                  AS IO_STACK_LOCATION_Parameters_WMI
   Others               AS IO_STACK_LOCATION_Parameters_Others
END UNION

'2022-05-11 Fix By MOODSKY
type _IO_STACK_LOCATION
   MajorFunction     as UCHAR
   MinorFunction     as UCHAR
   Flags             as UCHAR
   Control           as UCHAR
   Parameters        as IO_STACK_LOCATION_Parameters
   DeviceObject      AS PDEVICE_OBJECT         '保存一个指向该设备驱动程序的设备对象的指针,如果需要,它可以被传递给完成例程。
   FileObject        AS PFILE_OBJECT           '下面的位置包含一个指向该文件对象的指针,请求。
   CompletionRoutine AS PIO_COMPLETION_ROUTINE '根据上面的标志调用下面的例程,标志字段
   Context           AS PVOID                  '保存context参数的地址,应该传递给CompletionRoutine
end type
'type IO_STACK_LOCATION  as _IO_STACK_LOCATION
'type PIO_STACK_LOCATION as _IO_STACK_LOCATION ptr



'2022-05-11 Fix By Moodsky------------------------------------
#define TIMER_TOLERABLE_DELAY_BITS      6
#define TIMER_EXPIRED_INDEX_BITS        6
#define TIMER_PROCESSOR_INDEX_BITS      5

'1 DUMMYUNIONNAME
union _DISPATCHER_HEADER_DUMMYUNIONNAME_DUMMYUNIONNAME
   Lock   as LONG
   LockNV as LONG
end union


'2 DUMMYSTRUCTNAME
type _DISPATCHER_HEADER_DUMMYUNIONNAME_DUMMYSTRUCTNAME
   Type       as UCHAR
   Signalling as UCHAR
   Size       as UCHAR
   Reserved1  as UCHAR   
end type


'3 DUMMYSTRUCTNAME2 Timer
type _DISPATCHER_HEADER_DUMMYUNIONNAME_DUMMYSTRUCTNAME2_DUMMYSTRUCTNAME
   Absolute:1 as UCHAR
   Wake:1     as UCHAR
   EncodedTolerableDelay:TIMER_TOLERABLE_DELAY_BITS as UCHAR
end type

type _DISPATCHER_HEADER_DUMMYUNIONNAME_DUMMYSTRUCTNAME2_DUMMYUNIONNAME_DUMMYSTRUCTNAME
   #Ifdef __FB_64BIT__
      TIndex:TIMER_EXPIRED_INDEX_BITS      as UCHAR
   #Else
      Index:1                              as UCHAR
      Processor:TIMER_PROCESSOR_INDEX_BITS as UCHAR       
   #EndIf  
   
   Inserted:1     as UCHAR
   Expired:1      as UCHAR     
end type
   
union _DISPATCHER_HEADER_DUMMYUNIONNAME_DUMMYSTRUCTNAME2_DUMMYUNIONNAME
   TimerMiscFlags  as UCHAR
   DUMMYSTRUCTNAME as _DISPATCHER_HEADER_DUMMYUNIONNAME_DUMMYSTRUCTNAME2_DUMMYUNIONNAME_DUMMYSTRUCTNAME
end union

type _DISPATCHER_HEADER_DUMMYUNIONNAME_DUMMYSTRUCTNAME2
   TimerType            as UCHAR
   union 
      TimerControlFlags as UCHAR
      DUMMYSTRUCTNAME   as _DISPATCHER_HEADER_DUMMYUNIONNAME_DUMMYSTRUCTNAME2_DUMMYSTRUCTNAME
   end union

   Hand           as UCHAR
   DUMMYUNIONNAME as _DISPATCHER_HEADER_DUMMYUNIONNAME_DUMMYSTRUCTNAME2_DUMMYUNIONNAME
end type


'4 DUMMYSTRUCTNAME3 Timer2
type _DISPATCHER_HEADER_DUMMYUNIONNAME_DUMMYSTRUCTNAME3_DUMMYUNIONNAME_DUMMYSTRUCTNAME
   Timer2Inserted:1      as UCHAR
   Timer2Expiring:1      as UCHAR
   Timer2CancelPending:1 as UCHAR
   Timer2SetPending:1    as UCHAR
   Timer2Running:1       as UCHAR
   Timer2Disabled:1      as UCHAR
   Timer2ReservedFlags:2 as UCHAR            
end type

union _DISPATCHER_HEADER_DUMMYUNIONNAME_DUMMYSTRUCTNAME3_DUMMYUNIONNAME
   Timer2Flags     as UCHAR
   DUMMYSTRUCTNAME as _DISPATCHER_HEADER_DUMMYUNIONNAME_DUMMYSTRUCTNAME3_DUMMYUNIONNAME_DUMMYSTRUCTNAME
end union

type _DISPATCHER_HEADER_DUMMYUNIONNAME_DUMMYSTRUCTNAME3
   Timer2Type as UCHAR
   DUMMYUNIONNAME as _DISPATCHER_HEADER_DUMMYUNIONNAME_DUMMYSTRUCTNAME3_DUMMYUNIONNAME
   Timer2ComponentId           as UCHAR
   Timer2RelativeId            as UCHAR   
end type


'5 DUMMYSTRUCTNAME4 Queue
type _DISPATCHER_HEADER_DUMMYUNIONNAME_DUMMYSTRUCTNAME4_DUMMYUNIONNAME_DUMMYSTRUCTNAME
   Abandoned:1                 as UCHAR
   DisableIncrement:1          as UCHAR
   QueueReservedControlFlags:6 as UCHAR            
end type
   
union _DISPATCHER_HEADER_DUMMYUNIONNAME_DUMMYSTRUCTNAME4_DUMMYUNIONNAME
   QueueControlFlags  as UCHAR
   DUMMYSTRUCTNAME    as _DISPATCHER_HEADER_DUMMYUNIONNAME_DUMMYSTRUCTNAME4_DUMMYUNIONNAME_DUMMYSTRUCTNAME
end union

type _DISPATCHER_HEADER_DUMMYUNIONNAME_DUMMYSTRUCTNAME4
   QueueType                         as UCHAR
   DUMMYUNIONNAME as _DISPATCHER_HEADER_DUMMYUNIONNAME_DUMMYSTRUCTNAME4_DUMMYUNIONNAME
   QueueSize                         as UCHAR
   QueueReserved                     as UCHAR         
end type


'6 DUMMYSTRUCTNAME5 Thread
type _DISPATCHER_HEADER_DUMMYUNIONNAME_DUMMYSTRUCTNAME5_DUMMYUNIONNAME_DUMMYSTRUCTNAME
   CycleProfiling:1   as UCHAR
   CounterProfiling:1 as UCHAR
   GroupScheduling:1  as UCHAR
   AffinitySet:1      as UCHAR
   Tagged:1           as UCHAR
   EnergyProfiling:1  as UCHAR
   #Ifdef __FB_64BIT__
      ThreadReservedControlFlags:2 as UCHAR
   #Else
      Instrumented:1               as UCHAR
      ThreadReservedControlFlags:1 as UCHAR
   #EndIf      
end type

union _DISPATCHER_HEADER_DUMMYUNIONNAME_DUMMYSTRUCTNAME5_DUMMYUNIONNAME
   ThreadControlFlags    as UCHAR
   DUMMYSTRUCTNAME       as _DISPATCHER_HEADER_DUMMYUNIONNAME_DUMMYSTRUCTNAME5_DUMMYUNIONNAME_DUMMYSTRUCTNAME
end union

type _DISPATCHER_HEADER_DUMMYUNIONNAME_DUMMYSTRUCTNAME5_DUMMYUNIONNAME2_DUMMYSTRUCTNAME
   ActiveDR7:1    as BOOLEAN
   Instrumented:1 as BOOLEAN
   Minimal:1      as BOOLEAN
   Reserved4:3    as BOOLEAN
   UmsScheduled:1 as BOOLEAN
   UmsPrimary:1   as BOOLEAN
end type 

union _DISPATCHER_HEADER_DUMMYUNIONNAME_DUMMYSTRUCTNAME5_DUMMYUNIONNAME2
   DebugActive     as UCHAR
   DUMMYSTRUCTNAME as _DISPATCHER_HEADER_DUMMYUNIONNAME_DUMMYSTRUCTNAME5_DUMMYUNIONNAME2_DUMMYSTRUCTNAME     
end union

type _DISPATCHER_HEADER_DUMMYUNIONNAME_DUMMYSTRUCTNAME5
   ThreadType               as UCHAR
   ThreadReserved           as UCHAR 
   DUMMYUNIONNAME  as _DISPATCHER_HEADER_DUMMYUNIONNAME_DUMMYSTRUCTNAME5_DUMMYUNIONNAME
   DUMMYUNIONNAME2 as _DISPATCHER_HEADER_DUMMYUNIONNAME_DUMMYSTRUCTNAME5_DUMMYUNIONNAME2
end type


'7 DUMMYSTRUCTNAME6  Mutant
type _DISPATCHER_HEADER_DUMMYUNIONNAME_DUMMYSTRUCTNAME6
   MutantType     as UCHAR
   MutantSize     as UCHAR
   DpcActive      as BOOLEAN
   MutantReserved as UCHAR
end type

union _DISPATCHER_HEADER_DUMMYUNIONNAME
   DUMMYUNIONNAME   as _DISPATCHER_HEADER_DUMMYUNIONNAME_DUMMYUNIONNAME
   DUMMYSTRUCTNAME  as _DISPATCHER_HEADER_DUMMYUNIONNAME_DUMMYSTRUCTNAME
   DUMMYSTRUCTNAME2 as _DISPATCHER_HEADER_DUMMYUNIONNAME_DUMMYSTRUCTNAME2 'Timer
   DUMMYSTRUCTNAME3 as _DISPATCHER_HEADER_DUMMYUNIONNAME_DUMMYSTRUCTNAME3 'Timer2
   DUMMYSTRUCTNAME4 as _DISPATCHER_HEADER_DUMMYUNIONNAME_DUMMYSTRUCTNAME4 'Queue
   DUMMYSTRUCTNAME5 as _DISPATCHER_HEADER_DUMMYUNIONNAME_DUMMYSTRUCTNAME5 'Thread
   DUMMYSTRUCTNAME6 as _DISPATCHER_HEADER_DUMMYUNIONNAME_DUMMYSTRUCTNAME6 'Mutant
end union


type _DISPATCHER_HEADER
   DUMMYUNIONNAME as _DISPATCHER_HEADER_DUMMYUNIONNAME
   SignalState    as LONG          'Object lock
   WaitListHead   as LIST_ENTRY    'Object lock 
end type

type DISPATCHER_HEADER as _DISPATCHER_HEADER
type PDISPATCHER_HEADER as _DISPATCHER_HEADER ptr
'------------------------------------


union IRP__AssociatedIrp
	MasterIrp    as PIRP
	IrpCount     as LONG
	SystemBuffer as PVOID
end union

type IRP__Overlay__AsynchronousParameters
   UNION
      UserApcRoutine as PIO_APC_ROUTINE
      IssuingProcess as PVOID
   END UNION
   
   UNION
      UserApcContext as PVOID
      IoRing         as PVOID '_IORING_OBJECT ptr |Can't Find _IORING_OBJECT Info!
   END UNION
end type

union IRP__Overlay
	AsynchronousParameters as IRP__Overlay__AsynchronousParameters
   AllocationSize as LARGE_INTEGER
end union

type IRP__Tail__Overlay
   UNION
      DeviceQueueEntry      as KDEVICE_QUEUE_ENTRY
      TYPE
         DriverContext(0 TO 3) as PVOID
      END TYPE
   END UNION
   
   Thread                as PETHREAD
   AuxiliaryBuffer       as PCHAR
   
   UNION
      TYPE
         ListEntry             as LIST_ENTRY
         UNION
            CurrentStackLocation  as IO_STACK_LOCATION PTR
            PacketType            as ULONG
         END UNION
      END TYPE
   END UNION

   OriginalFileObject    as PFILE_OBJECT
end type

union IRP__Tail
	Overlay       as IRP__Tail__Overlay   
	Apc           as KAPC
	CompletionKey as PVOID
end union

'2022-05-09 Fix By Moodsky/rversteegen 
type _IRP
	Type            as _CSHORT
	Size            as USHORT
	MdlAddress      as PMDL
	Flags           as ULONG 
     
   AssociatedIrp   as IRP__AssociatedIrp 'UNION IRP__AssociatedIrp   
	ThreadListEntry as LIST_ENTRY
	IoStatus        as IO_STATUS_BLOCK
	RequestorMode   as KPROCESSOR_MODE
	PendingReturned as BOOLEAN
	StackCount      as CHAR
	CurrentLocation as CHAR
	Cancel          as BOOLEAN
	CancelIrql      as KIRQL
	ApcEnvironment  as CCHAR
	AllocationFlags as UCHAR  
   
   UNION 
      UserIosb        as PIO_STATUS_BLOCK 'UNION NoName
      IoRingContext   as PVOID            'UNION NoName                
   END UNION
   
	UserEvent       as PKEVENT   
   Overlay         as IRP__Overlay     'UNION IRP__Overlay   
	CancelRoutine   as PDRIVER_CANCEL
	UserBuffer      as PVOID
   Tail            as IRP__Tail        'UNION IRP__Tail
end type
Last edited by fxm on May 14, 2022 7:32, edited 1 time in total.
Reason: Added code tags.
Post Reply