From 4d37135884e5504be66a51884804c6af896e4b17 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Herm=C3=A8s=20B=C3=A9lusca-Ma=C3=AFto?=
 <hermes.belusca-maito@reactos.org>
Date: Sun, 12 Mar 2023 20:29:21 +0100
Subject: [PATCH] [NDK] SYSDBG: Add SysDbgGetLiveKernelDump enum value and
 structures for kernel live dump.

For more information, see:
https://crashdmp.wordpress.com/2014/08/04/livedump-1-0-is-available/
https://github.com/lilhoser/livedump
https://gary-nebbett.blogspot.com/2016/04/examining-windows-kernel-mode-stacks.html
https://github.com/processhacker/phnt
---
 sdk/include/ndk/kdtypes.h | 84 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 84 insertions(+)

diff --git a/sdk/include/ndk/kdtypes.h b/sdk/include/ndk/kdtypes.h
index 8ebd21a6f7e..77b5545cfed 100644
--- a/sdk/include/ndk/kdtypes.h
+++ b/sdk/include/ndk/kdtypes.h
@@ -98,6 +98,9 @@ typedef enum _SYSDBG_COMMAND
     SysDbgGetUmAttachPid = 35,
     SysDbgClearUmAttachPid = 36,
 #endif
+#if (NTDDI_VERSION >= NTDDI_WINBLUE) // NTDDI_WIN81
+    SysDbgGetLiveKernelDump = 37,
+#endif
 } SYSDBG_COMMAND;
 
 //
@@ -164,6 +167,87 @@ typedef struct _SYSDBG_TRIAGE_DUMP
     PHANDLE Handles;
 } SYSDBG_TRIAGE_DUMP, *PSYSDBG_TRIAGE_DUMP;
 
+#if (NTDDI_VERSION >= NTDDI_WINBLUE) // NTDDI_WIN81
+
+typedef union _SYSDBG_LIVEDUMP_CONTROL_FLAGS
+{
+    struct
+    {
+        ULONG UseDumpStorageStack : 1;
+        ULONG CompressMemoryPagesData : 1;
+        ULONG IncludeUserSpaceMemoryPages : 1;
+#if (NTDDI_VERSION >= NTDDI_WIN10_RS4)
+        ULONG AbortIfMemoryPressure : 1;
+#if (NTDDI_VERSION >= NTDDI_WIN11)
+        ULONG SelectiveDump : 1;
+        ULONG Reserved : 27;
+#else
+        ULONG Reserved : 28;
+#endif // (NTDDI_VERSION >= NTDDI_WIN11)
+#else
+        ULONG Reserved : 29;
+#endif // (NTDDI_VERSION >= NTDDI_WIN10_RS4)
+    };
+    ULONG AsUlong;
+} SYSDBG_LIVEDUMP_CONTROL_FLAGS;
+
+typedef union _SYSDBG_LIVEDUMP_CONTROL_ADDPAGES
+{
+    struct
+    {
+        ULONG HypervisorPages : 1;
+#if (NTDDI_VERSION >= NTDDI_WIN11)
+        ULONG NonEssentialHypervisorPages : 1;
+        ULONG Reserved : 30;
+#else
+        ULONG Reserved : 31;
+#endif
+    };
+    ULONG AsUlong;
+} SYSDBG_LIVEDUMP_CONTROL_ADDPAGES;
+
+#if (NTDDI_VERSION >= NTDDI_WIN11)
+
+typedef struct _SYSDBG_LIVEDUMP_SELECTIVE_CONTROL
+{
+    ULONG Version;
+    ULONG Size;
+    union
+    {
+        ULONGLONG Flags;
+        struct
+        {
+            ULONGLONG ThreadKernelStacks : 1;
+            ULONGLONG ReservedFlags : 63;
+        };
+    };
+    ULONGLONG Reserved[4];
+} SYSDBG_LIVEDUMP_SELECTIVE_CONTROL, *PSYSDBG_LIVEDUMP_SELECTIVE_CONTROL;
+
+#define SYSDBG_LIVEDUMP_CONTROL_VERSION         1
+#define SYSDBG_LIVEDUMP_CONTROL_VERSION_WIN11   2
+
+#endif // (NTDDI_VERSION >= NTDDI_WIN11)
+
+typedef struct _SYSDBG_LIVEDUMP_CONTROL
+{
+    ULONG Version;
+    ULONG BugCheckCode;
+    ULONG_PTR BugCheckParam1;
+    ULONG_PTR BugCheckParam2;
+    ULONG_PTR BugCheckParam3;
+    ULONG_PTR BugCheckParam4;
+    PVOID DumpFileHandle;
+    PVOID CancelEventHandle;
+    SYSDBG_LIVEDUMP_CONTROL_FLAGS Flags;
+    SYSDBG_LIVEDUMP_CONTROL_ADDPAGES AddPagesControl;
+#if (NTDDI_VERSION >= NTDDI_WIN11)
+    PSYSDBG_LIVEDUMP_SELECTIVE_CONTROL SelectiveControl;
+#endif
+} SYSDBG_LIVEDUMP_CONTROL, *PSYSDBG_LIVEDUMP_CONTROL;
+
+#endif // (NTDDI_VERSION >= NTDDI_WINBLUE)
+
 //
 // KD Structures
 //