lpus-driver/KMDF Driver2/sioctl.h

/*++

Copyright (c) 1997  Microsoft Corporation

Module Name:

    SIOCTL.H

Abstract:


    Defines the IOCTL codes that will be used by this driver.  The IOCTL code
    contains a command identifier, plus other information about the device,
    the type of access with which the file must have been opened,
    and the type of buffering.

Environment:

    Kernel mode only.

--*/

#ifndef _IOCTL_PROTOCOL_H
#define _IOCTL_PROTOCOL_H

// Device type
#define SIOCTL_TYPE 40000 // 32768 to 65535

// The IOCTL function codes from 0x800 to 0xFFF are for customer use.
#define IOCTL_SETUP_OFFSETS \
    CTL_CODE(SIOCTL_TYPE, 0x900, METHOD_IN_DIRECT, FILE_ANY_ACCESS)

#define GET_KERNEL_BASE \
    CTL_CODE(SIOCTL_TYPE, 0x901, METHOD_OUT_DIRECT, FILE_ANY_ACCESS)

#define SCAN_PS_ACTIVE_HEAD \
    CTL_CODE(SIOCTL_TYPE, 0x902, METHOD_NEITHER, FILE_ANY_ACCESS)

#define SCAN_POOL \
    CTL_CODE(SIOCTL_TYPE, 0x903, METHOD_IN_DIRECT, FILE_ANY_ACCESS)

#define SCAN_POOL_REMOTE \
    CTL_CODE(SIOCTL_TYPE, 0x904, METHOD_IN_DIRECT, FILE_ANY_ACCESS)

#define DEREFERENCE_ADDRESS \
    CTL_CODE(SIOCTL_TYPE, 0xA00, METHOD_OUT_DIRECT, FILE_ANY_ACCESS)

#define HIDE_PROCESS_BY_NAME \
    CTL_CODE(SIOCTL_TYPE, 0xA01, METHOD_IN_DIRECT, FILE_ANY_ACCESS)

#define DRIVER_FUNC_INSTALL     0x01
#define DRIVER_FUNC_REMOVE      0x02

#define DRIVER_NAME       "poolscanner"

typedef struct _OFFSET_VALUE {
    ULONG64 eprocessNameOffset;
    ULONG64 eprocessLinkOffset;
    ULONG64 listBLinkOffset;
    ULONG64 processHeadOffset;
    ULONG64 miStateOffset;
    ULONG64 hardwareOffset;
    ULONG64 systemNodeOffset;
    ULONG64 firstVaOffset;
    ULONG64 lastVaOffset;
    ULONG64 largePageTableOffset;
    ULONG64 largePageSizeOffset;
    ULONG64 poolChunkSize;
} OFFSET_VALUES, *POFFSET_VALUE;

typedef struct _DEREF_ADDR {
    ULONG64 addr;
    ULONG64 size;   // bytes
} DEREF_ADDR, *PDEREF_ADDR;

typedef struct _SCAN_RANGE {
    ULONG64 start;
    ULONG64 end;
} SCAN_RANGE, *PSCAN_RANGE;

typedef struct _HIDE_PROCESS {
    CHAR name[15];
    ULONG64 size;
} HIDE_PROCESS, *PHIDE_PROCESS;

typedef union _INPUT_DATA {
    OFFSET_VALUES offsetValues;
    DEREF_ADDR derefAddr;
    SCAN_RANGE scanRange;
    HIDE_PROCESS processHide;
} INPUT_DATA, *PINPUT_DATA;

typedef struct _POOL_CHUNK {
    ULONG64 addr;
} POOL_CHUNK, *PPOOL_CHUNK;

typedef union _OUTPUT_DATA {
    ULONG64 ulong64Value;   // for gereral addresses, value fit in 64 bit
    POOL_CHUNK poolChunk;
} OUTPUT_DATA, *POUTPUT_DATA;

#endif
init 2020-02-18 02:25:14 +07:00			`/*++`

			`Copyright (c) 1997 Microsoft Corporation`

			`Module Name:`

			`SIOCTL.H`

			`Abstract:`


			`Defines the IOCTL codes that will be used by this driver. The IOCTL code`
			`contains a command identifier, plus other information about the device,`
			`the type of access with which the file must have been opened,`
			`and the type of buffering.`

			`Environment:`

			`Kernel mode only.`

			`--*/`

device io complete 2020-02-27 03:28:26 +07:00			`#ifndef _IOCTL_PROTOCOL_H`
			`#define _IOCTL_PROTOCOL_H`

			`// Device type`
			`#define SIOCTL_TYPE 40000 // 32768 to 65535`

init 2020-02-18 02:25:14 +07:00			`// The IOCTL function codes from 0x800 to 0xFFF are for customer use.`
device io complete 2020-02-27 03:28:26 +07:00			`#define IOCTL_SETUP_OFFSETS \`
			`CTL_CODE(SIOCTL_TYPE, 0x900, METHOD_IN_DIRECT, FILE_ANY_ACCESS)`

			`#define GET_KERNEL_BASE \`
			`CTL_CODE(SIOCTL_TYPE, 0x901, METHOD_OUT_DIRECT, FILE_ANY_ACCESS)`
init 2020-02-18 02:25:14 +07:00
device io complete 2020-02-27 03:28:26 +07:00			`#define SCAN_PS_ACTIVE_HEAD \`
			`CTL_CODE(SIOCTL_TYPE, 0x902, METHOD_NEITHER, FILE_ANY_ACCESS)`
init 2020-02-18 02:25:14 +07:00
device io complete 2020-02-27 03:28:26 +07:00			`#define SCAN_POOL \`
			`CTL_CODE(SIOCTL_TYPE, 0x903, METHOD_IN_DIRECT, FILE_ANY_ACCESS)`
init 2020-02-18 02:25:14 +07:00
device io complete 2020-02-27 03:28:26 +07:00			`#define SCAN_POOL_REMOTE \`
			`CTL_CODE(SIOCTL_TYPE, 0x904, METHOD_IN_DIRECT, FILE_ANY_ACCESS)`
init 2020-02-18 02:25:14 +07:00
device io complete 2020-02-27 03:28:26 +07:00			`#define DEREFERENCE_ADDRESS \`
			`CTL_CODE(SIOCTL_TYPE, 0xA00, METHOD_OUT_DIRECT, FILE_ANY_ACCESS)`
init 2020-02-18 02:25:14 +07:00
simple dkom 2020-02-27 23:36:03 +07:00			`#define HIDE_PROCESS_BY_NAME \`
			`CTL_CODE(SIOCTL_TYPE, 0xA01, METHOD_IN_DIRECT, FILE_ANY_ACCESS)`

init 2020-02-18 02:25:14 +07:00			`#define DRIVER_FUNC_INSTALL 0x01`
			`#define DRIVER_FUNC_REMOVE 0x02`

			`#define DRIVER_NAME "poolscanner"`

device io complete 2020-02-27 03:28:26 +07:00			`typedef struct _OFFSET_VALUE {`
			`ULONG64 eprocessNameOffset;`
			`ULONG64 eprocessLinkOffset;`
			`ULONG64 listBLinkOffset;`
			`ULONG64 processHeadOffset;`
			`ULONG64 miStateOffset;`
			`ULONG64 hardwareOffset;`
			`ULONG64 systemNodeOffset;`
			`ULONG64 firstVaOffset;`
			`ULONG64 lastVaOffset;`
			`ULONG64 largePageTableOffset;`
			`ULONG64 largePageSizeOffset;`
			`ULONG64 poolChunkSize;`
			`} OFFSET_VALUES, *POFFSET_VALUE;`

			`typedef struct _DEREF_ADDR {`
			`ULONG64 addr;`
			`ULONG64 size; // bytes`
			`} DEREF_ADDR, *PDEREF_ADDR;`

			`typedef struct _SCAN_RANGE {`
			`ULONG64 start;`
			`ULONG64 end;`
			`} SCAN_RANGE, *PSCAN_RANGE;`

simple dkom 2020-02-27 23:36:03 +07:00			`typedef struct _HIDE_PROCESS {`
			`CHAR name[15];`
			`ULONG64 size;`
			`} HIDE_PROCESS, *PHIDE_PROCESS;`

device io complete 2020-02-27 03:28:26 +07:00			`typedef union _INPUT_DATA {`
			`OFFSET_VALUES offsetValues;`
			`DEREF_ADDR derefAddr;`
			`SCAN_RANGE scanRange;`
simple dkom 2020-02-27 23:36:03 +07:00			`HIDE_PROCESS processHide;`
device io complete 2020-02-27 03:28:26 +07:00			`} INPUT_DATA, *PINPUT_DATA;`

			`typedef struct _POOL_CHUNK {`
			`ULONG64 addr;`
			`} POOL_CHUNK, *PPOOL_CHUNK;`

			`typedef union _OUTPUT_DATA {`
			`ULONG64 ulong64Value; // for gereral addresses, value fit in 64 bit`
			`POOL_CHUNK poolChunk;`
			`} OUTPUT_DATA, *POUTPUT_DATA;`

			`#endif`