mirror of
https://github.com/reactos/reactos.git
synced 2024-12-27 09:34:43 +00:00
- Replace MODULE_OBJECT with LDR_DATA_TABLE_ENTRY.
- Export PsGetCurrentThread and PsGetCurrentProcess. svn path=/trunk/; revision=16894
This commit is contained in:
Filip Navara
parent
f25c9b142b
commit
ca071d7417
18 changed files with 183 additions and 344 deletions
|
|
@ -350,14 +350,14 @@ NTSTATUS
|
|||
FASTCALL
|
||||
IopLoadServiceModule(
|
||||
IN PUNICODE_STRING ServiceName,
|
||||
OUT PMODULE_OBJECT *ModuleObject
|
||||
OUT PLDR_DATA_TABLE_ENTRY *ModuleObject
|
||||
);
|
||||
|
||||
NTSTATUS
|
||||
FASTCALL
|
||||
IopInitializeDriverModule(
|
||||
IN PDEVICE_NODE DeviceNode,
|
||||
IN PMODULE_OBJECT ModuleObject,
|
||||
IN PLDR_DATA_TABLE_ENTRY ModuleObject,
|
||||
IN PUNICODE_STRING ServiceName,
|
||||
IN BOOLEAN FileSystemDriver,
|
||||
OUT PDRIVER_OBJECT *DriverObject
|
||||
|
|
|
|||
|
|
@ -17,19 +17,19 @@ KdbSymFreeProcessSymbols(IN PEPROCESS Process);
|
|||
VOID
|
||||
KdbSymLoadDriverSymbols(
|
||||
IN PUNICODE_STRING Filename,
|
||||
IN PMODULE_OBJECT Module
|
||||
IN PLDR_DATA_TABLE_ENTRY Module
|
||||
);
|
||||
|
||||
VOID
|
||||
KdbSymUnloadDriverSymbols(IN PMODULE_OBJECT ModuleObject);
|
||||
KdbSymUnloadDriverSymbols(IN PLDR_DATA_TABLE_ENTRY ModuleObject);
|
||||
|
||||
VOID
|
||||
KdbSymProcessBootSymbols(IN PCHAR FileName);
|
||||
|
||||
VOID
|
||||
KdbSymInit(
|
||||
IN PMODULE_TEXT_SECTION NtoskrnlTextSection,
|
||||
IN PMODULE_TEXT_SECTION LdrHalTextSection
|
||||
IN PLDR_DATA_TABLE_ENTRY NtoskrnlTextSection,
|
||||
IN PLDR_DATA_TABLE_ENTRY LdrHalTextSection
|
||||
);
|
||||
|
||||
BOOLEAN
|
||||
|
|
|
|||
|
|
@ -99,13 +99,13 @@ LdrSafePEProcessModule(
|
|||
NTSTATUS
|
||||
LdrLoadModule(
|
||||
PUNICODE_STRING Filename,
|
||||
PMODULE_OBJECT *ModuleObject
|
||||
PLDR_DATA_TABLE_ENTRY *ModuleObject
|
||||
);
|
||||
|
||||
NTSTATUS
|
||||
LdrUnloadModule(PMODULE_OBJECT ModuleObject);
|
||||
LdrUnloadModule(PLDR_DATA_TABLE_ENTRY ModuleObject);
|
||||
|
||||
PMODULE_OBJECT
|
||||
PLDR_DATA_TABLE_ENTRY
|
||||
LdrGetModuleObject(PUNICODE_STRING ModuleName);
|
||||
|
||||
#endif /* __INCLUDE_INTERNAL_LDR_H */
|
||||
|
|
|
|||
|
|
@ -1,53 +0,0 @@
|
|||
#ifndef __MODULE_H
|
||||
#define __MODULE_H
|
||||
|
||||
typedef struct _MODULE_TEXT_SECTION
|
||||
{
|
||||
ULONG Base;
|
||||
ULONG Length;
|
||||
LIST_ENTRY ListEntry;
|
||||
PWCH Name;
|
||||
PIMAGE_OPTIONAL_HEADER OptionalHeader;
|
||||
PROSSYM_INFO RosSymInfo;
|
||||
} MODULE_TEXT_SECTION, *PMODULE_TEXT_SECTION;
|
||||
|
||||
typedef struct _MODULE_OBJECT
|
||||
{
|
||||
CSHORT ObjectType;
|
||||
CSHORT ObjectSize;
|
||||
PVOID Base;
|
||||
ULONG Length;
|
||||
ULONG Flags;
|
||||
PVOID EntryPoint;
|
||||
LIST_ENTRY ListEntry;
|
||||
UNICODE_STRING FullName;
|
||||
UNICODE_STRING BaseName;
|
||||
PMODULE_TEXT_SECTION TextSection;
|
||||
union
|
||||
{
|
||||
struct
|
||||
{
|
||||
PIMAGE_FILE_HEADER FileHeader;
|
||||
PIMAGE_OPTIONAL_HEADER OptionalHeader;
|
||||
PIMAGE_SECTION_HEADER SectionList;
|
||||
} PE;
|
||||
} Image;
|
||||
} MODULE_OBJECT, *PMODULE_OBJECT;
|
||||
|
||||
typedef MODULE_OBJECT MODULE, *PMODULE;
|
||||
|
||||
#define MODULE_FLAG_BIN 0x0001
|
||||
#define MODULE_FLAG_MZ 0x0002
|
||||
#define MODULE_FLAG_NE 0x0004
|
||||
#define MODULE_FLAG_PE 0x0008
|
||||
#define MODULE_FLAG_COFF 0x0010
|
||||
|
||||
typedef struct _INSTANCE
|
||||
{
|
||||
HANDLE ModuleHandle;
|
||||
} INSTANCE, *PINSTANCE;
|
||||
|
||||
BOOLEAN process_boot_module(unsigned int start);
|
||||
|
||||
#endif
|
||||
|
||||
|
|
@ -14,7 +14,6 @@
|
|||
#include "ke.h"
|
||||
#include "i386/mm.h"
|
||||
#include "i386/fpu.h"
|
||||
#include "module.h"
|
||||
#include "ob.h"
|
||||
#include "mm.h"
|
||||
#include "ps.h"
|
||||
|
|
|
|||
|
|
@ -87,7 +87,6 @@
|
|||
#define TAG_DRIVER_MEM TAG('D', 'R', 'V', 'M') /* drvm */
|
||||
#define TAG_MODULE_OBJECT TAG('k', 'l', 'm', 'o') /* klmo - kernel ldr module object */
|
||||
#define TAG_LDR_WSTR TAG('k', 'l', 'w', 's') /* klws - kernel ldr wide string */
|
||||
#define TAG_MODULE_TEXT_SECTION TAG('k', 'l', 'm', 't') /* klmt - kernel ldr module text */
|
||||
|
||||
/* formerly located in lpc/connect */
|
||||
#define TAG_LPC_CONNECT_MESSAGE TAG('L', 'P', 'C', 'C')
|
||||
|
|
|
|||
|
|
@ -23,7 +23,7 @@ extern BOOLEAN SetupMode;
|
|||
NTSTATUS
|
||||
LdrProcessModule(PVOID ModuleLoadBase,
|
||||
PUNICODE_STRING ModuleName,
|
||||
PMODULE_OBJECT *ModuleObject);
|
||||
PLDR_DATA_TABLE_ENTRY *ModuleObject);
|
||||
|
||||
typedef struct _SERVICE_GROUP
|
||||
{
|
||||
|
|
@ -432,7 +432,7 @@ IopNormalizeImagePath(
|
|||
NTSTATUS FASTCALL
|
||||
IopLoadServiceModule(
|
||||
IN PUNICODE_STRING ServiceName,
|
||||
OUT PMODULE_OBJECT *ModuleObject)
|
||||
OUT PLDR_DATA_TABLE_ENTRY *ModuleObject)
|
||||
{
|
||||
RTL_QUERY_REGISTRY_TABLE QueryTable[3];
|
||||
ULONG ServiceStart;
|
||||
|
|
@ -591,7 +591,7 @@ IopLoadServiceModule(
|
|||
NTSTATUS FASTCALL
|
||||
IopInitializeDriverModule(
|
||||
IN PDEVICE_NODE DeviceNode,
|
||||
IN PMODULE_OBJECT ModuleObject,
|
||||
IN PLDR_DATA_TABLE_ENTRY ModuleObject,
|
||||
IN PUNICODE_STRING ServiceName,
|
||||
IN BOOLEAN FileSystemDriver,
|
||||
OUT PDRIVER_OBJECT *DriverObject)
|
||||
|
|
@ -625,8 +625,8 @@ IopInitializeDriverModule(
|
|||
ServiceName,
|
||||
0,
|
||||
FileSystemDriver,
|
||||
ModuleObject->Base,
|
||||
ModuleObject->Length);
|
||||
ModuleObject->DllBase,
|
||||
ModuleObject->SizeOfImage);
|
||||
|
||||
if (!NT_SUCCESS(Status))
|
||||
{
|
||||
|
|
@ -673,7 +673,7 @@ IopAttachFilterDriversCallback(
|
|||
PDEVICE_NODE DeviceNode = Context;
|
||||
UNICODE_STRING ServiceName;
|
||||
PWCHAR Filters;
|
||||
PMODULE_OBJECT ModuleObject;
|
||||
PLDR_DATA_TABLE_ENTRY ModuleObject;
|
||||
PDRIVER_OBJECT DriverObject;
|
||||
NTSTATUS Status;
|
||||
|
||||
|
|
@ -1187,7 +1187,7 @@ IopInitializeBuiltinDriver(
|
|||
PCHAR FileName,
|
||||
ULONG ModuleLength)
|
||||
{
|
||||
PMODULE_OBJECT ModuleObject;
|
||||
PLDR_DATA_TABLE_ENTRY ModuleObject;
|
||||
PDEVICE_NODE DeviceNode;
|
||||
PDRIVER_OBJECT DriverObject;
|
||||
NTSTATUS Status;
|
||||
|
|
@ -1519,7 +1519,7 @@ IopUnloadDriver(PUNICODE_STRING DriverServiceName, BOOLEAN UnloadPnpDrivers)
|
|||
UNICODE_STRING ServiceName;
|
||||
UNICODE_STRING ObjectName;
|
||||
PDRIVER_OBJECT DriverObject;
|
||||
PMODULE_OBJECT ModuleObject;
|
||||
PLDR_DATA_TABLE_ENTRY ModuleObject;
|
||||
NTSTATUS Status;
|
||||
LPWSTR Start;
|
||||
|
||||
|
|
@ -1857,7 +1857,7 @@ NtLoadDriver(IN PUNICODE_STRING DriverServiceName)
|
|||
NTSTATUS Status;
|
||||
ULONG Type;
|
||||
PDEVICE_NODE DeviceNode;
|
||||
PMODULE_OBJECT ModuleObject;
|
||||
PLDR_DATA_TABLE_ENTRY ModuleObject;
|
||||
PDRIVER_OBJECT DriverObject;
|
||||
WCHAR *cur;
|
||||
|
||||
|
|
|
|||
|
|
@ -321,7 +321,7 @@ IoInit2(BOOLEAN BootLog)
|
|||
{
|
||||
PDEVICE_NODE DeviceNode;
|
||||
PDRIVER_OBJECT DriverObject;
|
||||
MODULE_OBJECT ModuleObject;
|
||||
LDR_DATA_TABLE_ENTRY ModuleObject;
|
||||
NTSTATUS Status;
|
||||
|
||||
PnpInit2();
|
||||
|
|
@ -342,8 +342,8 @@ IoInit2(BOOLEAN BootLog)
|
|||
return;
|
||||
}
|
||||
|
||||
ModuleObject.Base = NULL;
|
||||
ModuleObject.Length = 0;
|
||||
ModuleObject.DllBase = NULL;
|
||||
ModuleObject.SizeOfImage = 0;
|
||||
ModuleObject.EntryPoint = RawFsDriverEntry;
|
||||
|
||||
Status = IopInitializeDriverModule(
|
||||
|
|
|
|||
|
|
@ -1702,7 +1702,7 @@ IopActionInitChildServices(
|
|||
!IopDeviceNodeHasFlag(DeviceNode, DNF_ADDED) &&
|
||||
!IopDeviceNodeHasFlag(DeviceNode, DNF_STARTED))
|
||||
{
|
||||
PMODULE_OBJECT ModuleObject;
|
||||
PLDR_DATA_TABLE_ENTRY ModuleObject;
|
||||
PDRIVER_OBJECT DriverObject;
|
||||
|
||||
Status = IopLoadServiceModule(&DeviceNode->ServiceName, &ModuleObject);
|
||||
|
|
|
|||
|
|
@ -89,12 +89,13 @@ STDCALL
|
|||
KdpInitDebugLog(PKD_DISPATCH_TABLE DispatchTable,
|
||||
ULONG BootPhase)
|
||||
{
|
||||
if (!KdpDebugMode.File) return;
|
||||
NTSTATUS Status;
|
||||
OBJECT_ATTRIBUTES ObjectAttributes;
|
||||
UNICODE_STRING FileName;
|
||||
IO_STATUS_BLOCK Iosb;
|
||||
|
||||
if (!KdpDebugMode.File) return;
|
||||
|
||||
if (BootPhase == 0)
|
||||
{
|
||||
/* Write out the functions that we support for now */
|
||||
|
|
|
|||
|
|
@ -1458,7 +1458,7 @@ VOID
|
|||
KdGdbListModules()
|
||||
{
|
||||
PLIST_ENTRY CurrentEntry;
|
||||
PMODULE_OBJECT Current;
|
||||
PLDR_DATA_TABLE_ENTRY Current;
|
||||
ULONG ModuleCount;
|
||||
|
||||
DPRINT1("\n");
|
||||
|
|
@ -1468,10 +1468,10 @@ KdGdbListModules()
|
|||
CurrentEntry = ModuleListHead.Flink;
|
||||
while (CurrentEntry != (&ModuleListHead))
|
||||
{
|
||||
Current = CONTAINING_RECORD (CurrentEntry, MODULE_OBJECT, ListEntry);
|
||||
Current = CONTAINING_RECORD (CurrentEntry, LDR_DATA_TABLE_ENTRY, InLoadOrderModuleList);
|
||||
|
||||
DbgPrint ("Module %S Base 0x%.08x Length 0x%.08x\n",
|
||||
Current->BaseName.Buffer, Current->Base, Current->Length);
|
||||
DbgPrint ("Module %wZ Base 0x%.08x Length 0x%.08x\n",
|
||||
&Current->BaseDllName, Current->DllBase, Current->SizeOfImage);
|
||||
|
||||
ModuleCount++;
|
||||
CurrentEntry = CurrentEntry->Flink;
|
||||
|
|
|
|||
|
|
@ -108,26 +108,27 @@ KdbpSymFindModule(IN PVOID Address OPTIONAL,
|
|||
OUT PKDB_MODULE_INFO pInfo)
|
||||
{
|
||||
PLIST_ENTRY current_entry;
|
||||
MODULE_TEXT_SECTION* current;
|
||||
extern LIST_ENTRY ModuleTextListHead;
|
||||
PLDR_DATA_TABLE_ENTRY current;
|
||||
extern LIST_ENTRY ModuleListHead;
|
||||
INT Count = 0;
|
||||
|
||||
current_entry = ModuleTextListHead.Flink;
|
||||
current_entry = ModuleListHead.Flink;
|
||||
|
||||
while (current_entry != &ModuleTextListHead &&
|
||||
current_entry != NULL)
|
||||
while (current_entry != &ModuleListHead)
|
||||
{
|
||||
current = CONTAINING_RECORD(current_entry, MODULE_TEXT_SECTION, ListEntry);
|
||||
current = CONTAINING_RECORD(current_entry, LDR_DATA_TABLE_ENTRY, InLoadOrderModuleList);
|
||||
|
||||
if ((Address != NULL && (Address >= (PVOID)current->Base &&
|
||||
Address < (PVOID)(current->Base + current->Length))) ||
|
||||
(Name != NULL && _wcsicmp(current->Name, Name) == 0) ||
|
||||
if ((Address != NULL && (Address >= (PVOID)current->DllBase &&
|
||||
Address < (PVOID)((ULONG_PTR)current->DllBase + current->SizeOfImage))) ||
|
||||
(Name != NULL && _wcsnicmp(current->BaseDllName.Buffer, Name,
|
||||
current->BaseDllName.Length / sizeof(WCHAR)) == 0) ||
|
||||
(Index >= 0 && Count++ == Index))
|
||||
{
|
||||
wcsncpy(pInfo->Name, current->Name, 255);
|
||||
wcsncpy(pInfo->Name, current->BaseDllName.Buffer,
|
||||
min(255, current->BaseDllName.Length / sizeof(WCHAR)));
|
||||
pInfo->Name[255] = L'\0';
|
||||
pInfo->Base = (ULONG_PTR)current->Base;
|
||||
pInfo->Size = current->Length;
|
||||
pInfo->Base = (ULONG_PTR)current->DllBase;
|
||||
pInfo->Size = current->SizeOfImage;
|
||||
pInfo->RosSymInfo = current->RosSymInfo;
|
||||
return TRUE;
|
||||
}
|
||||
|
|
@ -553,30 +554,30 @@ KdbSymFreeProcessSymbols(IN PEPROCESS Process)
|
|||
/*! \brief Load symbol info for a driver.
|
||||
*
|
||||
* \param Filename Filename of the driver.
|
||||
* \param Module Pointer to the driver MODULE_OBJECT.
|
||||
* \param Module Pointer to the driver LDR_DATA_TABLE_ENTRY.
|
||||
*/
|
||||
VOID
|
||||
KdbSymLoadDriverSymbols(IN PUNICODE_STRING Filename,
|
||||
IN PMODULE_OBJECT Module)
|
||||
IN PLDR_DATA_TABLE_ENTRY Module)
|
||||
{
|
||||
/* Load symbols for the image if available */
|
||||
DPRINT("Loading driver %wZ symbols (driver @ %08x)\n", Filename, Module->Base);
|
||||
|
||||
Module->TextSection->RosSymInfo = NULL;
|
||||
Module->RosSymInfo = NULL;
|
||||
|
||||
KdbpSymLoadModuleSymbols(Filename, &Module->TextSection->RosSymInfo);
|
||||
KdbpSymLoadModuleSymbols(Filename, (PROSSYM_INFO*)&Module->RosSymInfo);
|
||||
}
|
||||
|
||||
/*! \brief Unloads symbol info for a driver.
|
||||
*
|
||||
* \param ModuleObject Pointer to the driver MODULE_OBJECT.
|
||||
* \param ModuleObject Pointer to the driver LDR_DATA_TABLE_ENTRY.
|
||||
*/
|
||||
VOID
|
||||
KdbSymUnloadDriverSymbols(IN PMODULE_OBJECT ModuleObject)
|
||||
KdbSymUnloadDriverSymbols(IN PLDR_DATA_TABLE_ENTRY ModuleObject)
|
||||
{
|
||||
/* Unload symbols for module if available */
|
||||
KdbpSymUnloadModuleSymbols(ModuleObject->TextSection->RosSymInfo);
|
||||
ModuleObject->TextSection->RosSymInfo = NULL;
|
||||
KdbpSymUnloadModuleSymbols(ModuleObject->RosSymInfo);
|
||||
ModuleObject->RosSymInfo = NULL;
|
||||
}
|
||||
|
||||
/*! \brief Called when a symbol file is loaded by the loader?
|
||||
|
|
@ -591,7 +592,7 @@ KdbSymUnloadDriverSymbols(IN PMODULE_OBJECT ModuleObject)
|
|||
VOID
|
||||
KdbSymProcessBootSymbols(IN PCHAR FileName)
|
||||
{
|
||||
PMODULE_OBJECT ModuleObject;
|
||||
PLDR_DATA_TABLE_ENTRY ModuleObject;
|
||||
UNICODE_STRING UnicodeString;
|
||||
PLOADER_MODULE KeLoaderModules = (PLOADER_MODULE)KeLoaderBlock.ModsAddr;
|
||||
ANSI_STRING AnsiString;
|
||||
|
|
@ -618,7 +619,7 @@ KdbSymProcessBootSymbols(IN PCHAR FileName)
|
|||
{
|
||||
if (! LoadSymbols)
|
||||
{
|
||||
ModuleObject->TextSection->RosSymInfo = NULL;
|
||||
ModuleObject->RosSymInfo = NULL;
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
@ -632,16 +633,16 @@ KdbSymProcessBootSymbols(IN PCHAR FileName)
|
|||
if (i < KeLoaderBlock.ModsCount)
|
||||
{
|
||||
KeLoaderModules[i].Reserved = 1;
|
||||
if (ModuleObject->TextSection->RosSymInfo != NULL)
|
||||
if (ModuleObject->RosSymInfo != NULL)
|
||||
{
|
||||
KdbpSymRemoveCachedFile(ModuleObject->TextSection->RosSymInfo);
|
||||
KdbpSymRemoveCachedFile(ModuleObject->RosSymInfo);
|
||||
}
|
||||
|
||||
if (IsRaw)
|
||||
{
|
||||
if (! RosSymCreateFromRaw((PVOID) KeLoaderModules[i].ModStart,
|
||||
KeLoaderModules[i].ModEnd - KeLoaderModules[i].ModStart,
|
||||
&ModuleObject->TextSection->RosSymInfo))
|
||||
(PROSSYM_INFO*)&ModuleObject->RosSymInfo))
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
|
@ -650,7 +651,7 @@ KdbSymProcessBootSymbols(IN PCHAR FileName)
|
|||
{
|
||||
if (! RosSymCreateFromMem((PVOID) KeLoaderModules[i].ModStart,
|
||||
KeLoaderModules[i].ModEnd - KeLoaderModules[i].ModStart,
|
||||
&ModuleObject->TextSection->RosSymInfo))
|
||||
(PROSSYM_INFO*)&ModuleObject->RosSymInfo))
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
|
@ -659,33 +660,33 @@ KdbSymProcessBootSymbols(IN PCHAR FileName)
|
|||
/* add file to cache */
|
||||
RtlInitAnsiString(&AnsiString, FileName);
|
||||
RtlAnsiStringToUnicodeString(&UnicodeString, &AnsiString, TRUE);
|
||||
KdbpSymAddCachedFile(&UnicodeString, ModuleObject->TextSection->RosSymInfo);
|
||||
KdbpSymAddCachedFile(&UnicodeString, ModuleObject->RosSymInfo);
|
||||
RtlFreeUnicodeString(&UnicodeString);
|
||||
|
||||
DPRINT("Installed symbols: %s@%08x-%08x %p\n",
|
||||
FileName,
|
||||
ModuleObject->Base,
|
||||
ModuleObject->Length + ModuleObject->Base,
|
||||
ModuleObject->TextSection->RosSymInfo);
|
||||
ModuleObject->DllBase,
|
||||
ModuleObject->SizeOfImage + ModuleObject->DllBase,
|
||||
ModuleObject->RosSymInfo);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/*! \brief Initializes the KDB symbols implementation.
|
||||
*
|
||||
* \param NtoskrnlTextSection MODULE_TEXT_SECTION of ntoskrnl.exe
|
||||
* \param LdrHalTextSection MODULE_TEXT_SECTION of hal.sys
|
||||
* \param NtoskrnlModuleObject LDR_DATA_TABLE_ENTRY of ntoskrnl.exe
|
||||
* \param LdrHalModuleObject LDR_DATA_TABLE_ENTRY of hal.sys
|
||||
*/
|
||||
VOID
|
||||
KdbSymInit(IN PMODULE_TEXT_SECTION NtoskrnlTextSection,
|
||||
IN PMODULE_TEXT_SECTION LdrHalTextSection)
|
||||
KdbSymInit(IN PLDR_DATA_TABLE_ENTRY NtoskrnlModuleObject,
|
||||
IN PLDR_DATA_TABLE_ENTRY LdrHalModuleObject)
|
||||
{
|
||||
PCHAR p1, p2;
|
||||
int Found;
|
||||
char YesNo;
|
||||
|
||||
NtoskrnlTextSection->RosSymInfo = NULL;
|
||||
LdrHalTextSection->RosSymInfo = NULL;
|
||||
NtoskrnlModuleObject->RosSymInfo = NULL;
|
||||
LdrHalModuleObject->RosSymInfo = NULL;
|
||||
|
||||
InitializeListHead(&SymbolFileListHead);
|
||||
KeInitializeSpinLock(&SymbolFileListLock);
|
||||
|
|
|
|||
|
|
@ -297,8 +297,8 @@ KeBugCheckWithTf(ULONG BugCheckCode,
|
|||
BOOLEAN GotExtendedCrashInfo = FALSE;
|
||||
PVOID Address = 0;
|
||||
PLIST_ENTRY CurrentEntry;
|
||||
MODULE_TEXT_SECTION* CurrentSection = NULL;
|
||||
extern LIST_ENTRY ModuleTextListHead;
|
||||
PLDR_DATA_TABLE_ENTRY CurrentModule = NULL;
|
||||
extern LIST_ENTRY ModuleListHead;
|
||||
#if 0
|
||||
CHAR PrintString[100];
|
||||
#endif
|
||||
|
|
@ -321,17 +321,17 @@ KeBugCheckWithTf(ULONG BugCheckCode,
|
|||
Address = (PVOID)Tf->Eip;
|
||||
|
||||
/* Try to get information on the module */
|
||||
CurrentEntry = ModuleTextListHead.Flink;
|
||||
while (CurrentEntry != &ModuleTextListHead && CurrentEntry)
|
||||
CurrentEntry = ModuleListHead.Flink;
|
||||
while (CurrentEntry != &ModuleListHead)
|
||||
{
|
||||
/* Get the current Section */
|
||||
CurrentSection = CONTAINING_RECORD(CurrentEntry,
|
||||
MODULE_TEXT_SECTION,
|
||||
ListEntry);
|
||||
CurrentModule = CONTAINING_RECORD(CurrentEntry,
|
||||
LDR_DATA_TABLE_ENTRY,
|
||||
InLoadOrderModuleList);
|
||||
|
||||
/* Check if this is the right one */
|
||||
if ((Address != NULL && (Address >= (PVOID)CurrentSection->Base &&
|
||||
Address < (PVOID)(CurrentSection->Base + CurrentSection->Length))))
|
||||
if ((Address != NULL && (Address >= (PVOID)CurrentModule->DllBase &&
|
||||
Address < (PVOID)((ULONG_PTR)CurrentModule->DllBase + CurrentModule->SizeOfImage))))
|
||||
{
|
||||
/* We got it */
|
||||
GotExtendedCrashInfo = TRUE;
|
||||
|
|
@ -366,12 +366,12 @@ KeBugCheckWithTf(ULONG BugCheckCode,
|
|||
{
|
||||
#if 0
|
||||
sprintf(PrintString,
|
||||
"The problem seems to be caused by the following file: %S\n\n",
|
||||
CurrentSection->Name);
|
||||
"The problem seems to be caused by the following file: %wZ\n\n",
|
||||
&CurrentModule->BaseDllName);
|
||||
InbvDisplayString(PrintString);
|
||||
#else
|
||||
DbgPrint("The problem seems to be caused by the following file: %S\n\n",
|
||||
CurrentSection->Name);
|
||||
DbgPrint("The problem seems to be caused by the following file: %wZ\n\n",
|
||||
&CurrentModule->BaseDllName);
|
||||
#endif
|
||||
}
|
||||
|
||||
|
|
@ -401,17 +401,17 @@ KeBugCheckWithTf(ULONG BugCheckCode,
|
|||
{
|
||||
#if 0
|
||||
sprintf(PrintString,
|
||||
"*** %S - Address 0x%p base at 0x%p, DateStamp 0x%x\n\n",
|
||||
CurrentSection->Name,
|
||||
"*** %wZ - Address 0x%p base at 0x%p, DateStamp 0x%x\n\n",
|
||||
&CurrentModule->BaseDllName,
|
||||
Address,
|
||||
(PVOID)CurrentSection->Base,
|
||||
(PVOID)CurrentModule->DllBase,
|
||||
0);
|
||||
InbvDisplayString(PrintString);
|
||||
#else
|
||||
DbgPrint("*** %S - Address 0x%p base at 0x%p, DateStamp 0x%x\n\n",
|
||||
CurrentSection->Name,
|
||||
DbgPrint("*** %wZ - Address 0x%p base at 0x%p, DateStamp 0x%x\n\n",
|
||||
&CurrentModule->BaseDllName,
|
||||
Address,
|
||||
(PVOID)CurrentSection->Base,
|
||||
(PVOID)CurrentModule->DllBase,
|
||||
0);
|
||||
#endif
|
||||
}
|
||||
|
|
|
|||
|
|
@ -110,26 +110,25 @@ BOOLEAN STDCALL
|
|||
KiRosPrintAddress(PVOID address)
|
||||
{
|
||||
PLIST_ENTRY current_entry;
|
||||
MODULE_TEXT_SECTION* current;
|
||||
extern LIST_ENTRY ModuleTextListHead;
|
||||
PLDR_DATA_TABLE_ENTRY current;
|
||||
extern LIST_ENTRY ModuleListHead;
|
||||
ULONG_PTR RelativeAddress;
|
||||
ULONG i = 0;
|
||||
|
||||
do
|
||||
{
|
||||
current_entry = ModuleTextListHead.Flink;
|
||||
current_entry = ModuleListHead.Flink;
|
||||
|
||||
while (current_entry != &ModuleTextListHead &&
|
||||
current_entry != NULL)
|
||||
while (current_entry != &ModuleListHead)
|
||||
{
|
||||
current =
|
||||
CONTAINING_RECORD(current_entry, MODULE_TEXT_SECTION, ListEntry);
|
||||
CONTAINING_RECORD(current_entry, LDR_DATA_TABLE_ENTRY, InLoadOrderModuleList);
|
||||
|
||||
if (address >= (PVOID)current->Base &&
|
||||
address < (PVOID)(current->Base + current->Length))
|
||||
if (address >= (PVOID)current->DllBase &&
|
||||
address < (PVOID)((ULONG_PTR)current->DllBase + current->SizeOfImage))
|
||||
{
|
||||
RelativeAddress = (ULONG_PTR) address - current->Base;
|
||||
DbgPrint("<%ws: %x>", current->Name, RelativeAddress);
|
||||
RelativeAddress = (ULONG_PTR) address - (ULONG_PTR) current->DllBase;
|
||||
DbgPrint("<%wZ: %x>", ¤t->FullDllName, RelativeAddress);
|
||||
return(TRUE);
|
||||
}
|
||||
current_entry = current_entry->Flink;
|
||||
|
|
|
|||
|
|
@ -38,12 +38,9 @@
|
|||
|
||||
LIST_ENTRY ModuleListHead;
|
||||
KSPIN_LOCK ModuleListLock;
|
||||
MODULE_OBJECT NtoskrnlModuleObject;
|
||||
MODULE_OBJECT HalModuleObject;
|
||||
LDR_DATA_TABLE_ENTRY NtoskrnlModuleObject;
|
||||
LDR_DATA_TABLE_ENTRY HalModuleObject;
|
||||
|
||||
LIST_ENTRY ModuleTextListHead;
|
||||
STATIC MODULE_TEXT_SECTION NtoskrnlTextSection;
|
||||
STATIC MODULE_TEXT_SECTION LdrHalTextSection;
|
||||
ULONG_PTR LdrHalBase;
|
||||
|
||||
/* FORWARD DECLARATIONS ******************************************************/
|
||||
|
|
@ -52,7 +49,7 @@ NTSTATUS
|
|||
LdrProcessModule (
|
||||
PVOID ModuleLoadBase,
|
||||
PUNICODE_STRING ModuleName,
|
||||
PMODULE_OBJECT *ModuleObject );
|
||||
PLDR_DATA_TABLE_ENTRY *ModuleObject );
|
||||
|
||||
static VOID
|
||||
LdrpBuildModuleBaseName (
|
||||
|
|
@ -70,7 +67,7 @@ static NTSTATUS
|
|||
LdrPEProcessModule (
|
||||
PVOID ModuleLoadBase,
|
||||
PUNICODE_STRING FileName,
|
||||
PMODULE_OBJECT *ModuleObject );
|
||||
PLDR_DATA_TABLE_ENTRY *ModuleObject );
|
||||
|
||||
static PVOID
|
||||
LdrPEGetExportByName (
|
||||
|
|
@ -87,72 +84,20 @@ LdrPEPerformRelocations (
|
|||
ULONG DriverSize );
|
||||
|
||||
static NTSTATUS
|
||||
LdrPEFixupImports ( PMODULE_OBJECT Module );
|
||||
LdrPEFixupImports ( PLDR_DATA_TABLE_ENTRY Module );
|
||||
|
||||
/* FUNCTIONS *****************************************************************/
|
||||
|
||||
VOID
|
||||
LdrInitDebug ( PLOADER_MODULE Module, PWCH Name )
|
||||
{
|
||||
PLIST_ENTRY current_entry;
|
||||
MODULE_TEXT_SECTION* current;
|
||||
|
||||
current_entry = ModuleTextListHead.Flink;
|
||||
while (current_entry != &ModuleTextListHead)
|
||||
{
|
||||
current =
|
||||
CONTAINING_RECORD(current_entry, MODULE_TEXT_SECTION, ListEntry);
|
||||
if (wcscmp(current->Name, Name) == 0)
|
||||
{
|
||||
break;
|
||||
}
|
||||
current_entry = current_entry->Flink;
|
||||
}
|
||||
|
||||
if (current_entry == &ModuleTextListHead)
|
||||
{
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
VOID INIT_FUNCTION
|
||||
LdrInit1 ( VOID )
|
||||
{
|
||||
PIMAGE_NT_HEADERS NtHeader;
|
||||
PIMAGE_SECTION_HEADER SectionList;
|
||||
|
||||
InitializeListHead(&ModuleTextListHead);
|
||||
|
||||
/* Setup ntoskrnl.exe text section */
|
||||
/*
|
||||
* This isn't the base of the text segment, but the start of the
|
||||
* full image (in memory)
|
||||
* Also, the Length field isn't set to the length of the segment,
|
||||
* but is more like the offset, from the image base, to the end
|
||||
* of the segment.
|
||||
*/
|
||||
NtHeader = RtlImageNtHeader((PVOID)KERNEL_BASE);
|
||||
SectionList = IMAGE_FIRST_SECTION(NtHeader);
|
||||
NtoskrnlTextSection.Base = KERNEL_BASE;
|
||||
NtoskrnlTextSection.Length = SectionList[0].Misc.VirtualSize
|
||||
+ SectionList[0].VirtualAddress;
|
||||
NtoskrnlTextSection.Name = KERNEL_MODULE_NAME;
|
||||
NtoskrnlTextSection.OptionalHeader = OPTHDROFFSET(KERNEL_BASE);
|
||||
InsertTailList(&ModuleTextListHead, &NtoskrnlTextSection.ListEntry);
|
||||
|
||||
/* Setup hal.dll text section */
|
||||
/* Same comment as above applies */
|
||||
NtHeader = RtlImageNtHeader((PVOID)LdrHalBase);
|
||||
SectionList = IMAGE_FIRST_SECTION(NtHeader);
|
||||
LdrHalTextSection.Base = LdrHalBase;
|
||||
LdrHalTextSection.Length = SectionList[0].Misc.VirtualSize
|
||||
+ SectionList[0].VirtualAddress;
|
||||
LdrHalTextSection.Name = HAL_MODULE_NAME;
|
||||
LdrHalTextSection.OptionalHeader = OPTHDROFFSET(LdrHalBase);
|
||||
InsertTailList(&ModuleTextListHead, &LdrHalTextSection.ListEntry);
|
||||
|
||||
/* Hook for KDB on initialization of the loader. */
|
||||
KDB_LOADERINIT_HOOK(&NtoskrnlTextSection, &LdrHalTextSection);
|
||||
KDB_LOADERINIT_HOOK(&NtoskrnlModuleObject, &HalModuleObject);
|
||||
}
|
||||
|
||||
VOID INIT_FUNCTION
|
||||
|
|
@ -165,43 +110,31 @@ LdrInitModuleManagement ( VOID )
|
|||
KeInitializeSpinLock(&ModuleListLock);
|
||||
|
||||
/* Initialize ModuleObject for NTOSKRNL */
|
||||
RtlZeroMemory(&NtoskrnlModuleObject, sizeof(MODULE_OBJECT));
|
||||
NtoskrnlModuleObject.Base = (PVOID) KERNEL_BASE;
|
||||
NtoskrnlModuleObject.Flags = MODULE_FLAG_PE;
|
||||
RtlInitUnicodeString(&NtoskrnlModuleObject.FullName, KERNEL_MODULE_NAME);
|
||||
LdrpBuildModuleBaseName(&NtoskrnlModuleObject.BaseName, &NtoskrnlModuleObject.FullName);
|
||||
RtlZeroMemory(&NtoskrnlModuleObject, sizeof(LDR_DATA_TABLE_ENTRY));
|
||||
NtoskrnlModuleObject.DllBase = (PVOID) KERNEL_BASE;
|
||||
RtlInitUnicodeString(&NtoskrnlModuleObject.FullDllName, KERNEL_MODULE_NAME);
|
||||
LdrpBuildModuleBaseName(&NtoskrnlModuleObject.BaseDllName, &NtoskrnlModuleObject.FullDllName);
|
||||
|
||||
NtHeader = RtlImageNtHeader((PVOID)KERNEL_BASE);
|
||||
NtoskrnlModuleObject.Image.PE.FileHeader = &NtHeader->FileHeader;
|
||||
NtoskrnlModuleObject.Image.PE.OptionalHeader = &NtHeader->OptionalHeader;
|
||||
NtoskrnlModuleObject.Image.PE.SectionList = IMAGE_FIRST_SECTION(NtHeader);
|
||||
NtoskrnlModuleObject.EntryPoint = (PVOID) ((ULONG_PTR) NtoskrnlModuleObject.Base + NtHeader->OptionalHeader.AddressOfEntryPoint);
|
||||
NtoskrnlModuleObject.EntryPoint = (PVOID) ((ULONG_PTR) NtoskrnlModuleObject.DllBase + NtHeader->OptionalHeader.AddressOfEntryPoint);
|
||||
DPRINT("ModuleObject:%08x entrypoint at %x\n", &NtoskrnlModuleObject, NtoskrnlModuleObject.EntryPoint);
|
||||
NtoskrnlModuleObject.Length = NtoskrnlModuleObject.Image.PE.OptionalHeader->SizeOfImage;
|
||||
NtoskrnlModuleObject.TextSection = &NtoskrnlTextSection;
|
||||
NtoskrnlModuleObject.SizeOfImage = NtHeader->OptionalHeader.SizeOfImage;
|
||||
|
||||
InsertTailList(&ModuleListHead,
|
||||
&NtoskrnlModuleObject.ListEntry);
|
||||
InsertTailList(&ModuleListHead, &NtoskrnlModuleObject.InLoadOrderModuleList);
|
||||
|
||||
/* Initialize ModuleObject for HAL */
|
||||
RtlZeroMemory(&HalModuleObject, sizeof(MODULE_OBJECT));
|
||||
HalModuleObject.Base = (PVOID) LdrHalBase;
|
||||
HalModuleObject.Flags = MODULE_FLAG_PE;
|
||||
RtlZeroMemory(&HalModuleObject, sizeof(LDR_DATA_TABLE_ENTRY));
|
||||
HalModuleObject.DllBase = (PVOID) LdrHalBase;
|
||||
|
||||
RtlInitUnicodeString(&HalModuleObject.FullName, HAL_MODULE_NAME);
|
||||
LdrpBuildModuleBaseName(&HalModuleObject.BaseName, &HalModuleObject.FullName);
|
||||
RtlInitUnicodeString(&HalModuleObject.FullDllName, HAL_MODULE_NAME);
|
||||
LdrpBuildModuleBaseName(&HalModuleObject.BaseDllName, &HalModuleObject.FullDllName);
|
||||
|
||||
NtHeader = RtlImageNtHeader((PVOID)LdrHalBase);
|
||||
HalModuleObject.Image.PE.FileHeader = &NtHeader->FileHeader;
|
||||
HalModuleObject.Image.PE.OptionalHeader = &NtHeader->OptionalHeader;
|
||||
HalModuleObject.Image.PE.SectionList = IMAGE_FIRST_SECTION(NtHeader);
|
||||
HalModuleObject.EntryPoint = (PVOID) ((ULONG_PTR) HalModuleObject.Base + NtHeader->OptionalHeader.AddressOfEntryPoint);
|
||||
HalModuleObject.EntryPoint = (PVOID) ((ULONG_PTR) HalModuleObject.DllBase + NtHeader->OptionalHeader.AddressOfEntryPoint);
|
||||
DPRINT("ModuleObject:%08x entrypoint at %x\n", &HalModuleObject, HalModuleObject.EntryPoint);
|
||||
HalModuleObject.Length = HalModuleObject.Image.PE.OptionalHeader->SizeOfImage;
|
||||
HalModuleObject.TextSection = &LdrHalTextSection;
|
||||
HalModuleObject.SizeOfImage = NtHeader->OptionalHeader.SizeOfImage;
|
||||
|
||||
InsertTailList(&ModuleListHead,
|
||||
&HalModuleObject.ListEntry);
|
||||
InsertTailList(&ModuleListHead, &HalModuleObject.InLoadOrderModuleList);
|
||||
}
|
||||
|
||||
NTSTATUS
|
||||
|
|
@ -212,7 +145,7 @@ LdrpLoadImage (
|
|||
PVOID *EntryPoint,
|
||||
PVOID *ExportSectionPointer )
|
||||
{
|
||||
PMODULE_OBJECT ModuleObject;
|
||||
PLDR_DATA_TABLE_ENTRY ModuleObject;
|
||||
NTSTATUS Status;
|
||||
|
||||
ModuleObject = LdrGetModuleObject(DriverName);
|
||||
|
|
@ -226,7 +159,7 @@ LdrpLoadImage (
|
|||
}
|
||||
|
||||
if (ModuleBase)
|
||||
*ModuleBase = ModuleObject->Base;
|
||||
*ModuleBase = ModuleObject->DllBase;
|
||||
|
||||
//if (SectionPointer)
|
||||
// *SectionPointer = ModuleObject->
|
||||
|
|
@ -252,7 +185,8 @@ NTSTATUS
|
|||
LdrpLoadAndCallImage ( PUNICODE_STRING ModuleName )
|
||||
{
|
||||
PDRIVER_INITIALIZE DriverEntry;
|
||||
PMODULE_OBJECT ModuleObject;
|
||||
PLDR_DATA_TABLE_ENTRY ModuleObject;
|
||||
DRIVER_OBJECT DriverObject;
|
||||
NTSTATUS Status;
|
||||
|
||||
ModuleObject = LdrGetModuleObject(ModuleName);
|
||||
|
|
@ -269,7 +203,10 @@ LdrpLoadAndCallImage ( PUNICODE_STRING ModuleName )
|
|||
|
||||
DriverEntry = (PDRIVER_INITIALIZE)ModuleObject->EntryPoint;
|
||||
|
||||
Status = DriverEntry(NULL, NULL);
|
||||
RtlZeroMemory(&DriverObject, sizeof(DriverObject));
|
||||
DriverObject.DriverStart = ModuleObject->DllBase;
|
||||
|
||||
Status = DriverEntry(&DriverObject, NULL);
|
||||
if (!NT_SUCCESS(Status))
|
||||
{
|
||||
LdrUnloadModule(ModuleObject);
|
||||
|
|
@ -282,13 +219,13 @@ LdrpLoadAndCallImage ( PUNICODE_STRING ModuleName )
|
|||
NTSTATUS
|
||||
LdrLoadModule(
|
||||
PUNICODE_STRING Filename,
|
||||
PMODULE_OBJECT *ModuleObject )
|
||||
PLDR_DATA_TABLE_ENTRY *ModuleObject )
|
||||
{
|
||||
PVOID ModuleLoadBase;
|
||||
NTSTATUS Status;
|
||||
HANDLE FileHandle;
|
||||
OBJECT_ATTRIBUTES ObjectAttributes;
|
||||
PMODULE_OBJECT Module;
|
||||
PLDR_DATA_TABLE_ENTRY Module;
|
||||
FILE_STANDARD_INFORMATION FileStdInfo;
|
||||
IO_STATUS_BLOCK IoStatusBlock;
|
||||
|
||||
|
|
@ -384,31 +321,22 @@ LdrLoadModule(
|
|||
|
||||
|
||||
NTSTATUS
|
||||
LdrUnloadModule ( PMODULE_OBJECT ModuleObject )
|
||||
LdrUnloadModule ( PLDR_DATA_TABLE_ENTRY ModuleObject )
|
||||
{
|
||||
KIRQL Irql;
|
||||
|
||||
/* Remove the module from the module list */
|
||||
KeAcquireSpinLock(&ModuleListLock,&Irql);
|
||||
RemoveEntryList(&ModuleObject->ListEntry);
|
||||
RemoveEntryList(&ModuleObject->InLoadOrderModuleList);
|
||||
KeReleaseSpinLock(&ModuleListLock, Irql);
|
||||
|
||||
/* Hook for KDB on unloading a driver. */
|
||||
KDB_UNLOADDRIVER_HOOK(ModuleObject);
|
||||
|
||||
/* Free text section */
|
||||
if (ModuleObject->TextSection != NULL)
|
||||
{
|
||||
ExFreePool(ModuleObject->TextSection->Name);
|
||||
RemoveEntryList(&ModuleObject->TextSection->ListEntry);
|
||||
ExFreePool(ModuleObject->TextSection);
|
||||
ModuleObject->TextSection = NULL;
|
||||
}
|
||||
|
||||
/* Free module section */
|
||||
// MmFreeSection(ModuleObject->Base);
|
||||
// MmFreeSection(ModuleObject->DllBase);
|
||||
|
||||
ExFreePool(ModuleObject->FullName.Buffer);
|
||||
ExFreePool(ModuleObject->FullDllName.Buffer);
|
||||
ExFreePool(ModuleObject);
|
||||
|
||||
return(STATUS_SUCCESS);
|
||||
|
|
@ -419,7 +347,7 @@ NTSTATUS
|
|||
LdrProcessModule(
|
||||
PVOID ModuleLoadBase,
|
||||
PUNICODE_STRING ModuleName,
|
||||
PMODULE_OBJECT *ModuleObject )
|
||||
PLDR_DATA_TABLE_ENTRY *ModuleObject )
|
||||
{
|
||||
PIMAGE_DOS_HEADER PEDosHeader;
|
||||
|
||||
|
|
@ -443,7 +371,7 @@ LdrpQueryModuleInformation (
|
|||
PULONG ReqSize )
|
||||
{
|
||||
PLIST_ENTRY current_entry;
|
||||
PMODULE_OBJECT current;
|
||||
PLDR_DATA_TABLE_ENTRY current;
|
||||
ULONG ModuleCount = 0;
|
||||
PSYSTEM_MODULE_INFORMATION Smi;
|
||||
ANSI_STRING AnsiName;
|
||||
|
|
@ -479,12 +407,12 @@ LdrpQueryModuleInformation (
|
|||
current_entry = ModuleListHead.Flink;
|
||||
while (current_entry != (&ModuleListHead))
|
||||
{
|
||||
current = CONTAINING_RECORD(current_entry,MODULE_OBJECT,ListEntry);
|
||||
current = CONTAINING_RECORD(current_entry,LDR_DATA_TABLE_ENTRY,InLoadOrderModuleList);
|
||||
|
||||
Smi->Module[ModuleCount].Unknown1 = 0; /* Always 0 */
|
||||
Smi->Module[ModuleCount].Unknown2 = 0; /* Always 0 */
|
||||
Smi->Module[ModuleCount].Base = current->Base;
|
||||
Smi->Module[ModuleCount].Size = current->Length;
|
||||
Smi->Module[ModuleCount].Base = current->DllBase;
|
||||
Smi->Module[ModuleCount].Size = current->SizeOfImage;
|
||||
Smi->Module[ModuleCount].Flags = 0; /* Flags ??? (GN) */
|
||||
Smi->Module[ModuleCount].Index = (USHORT)ModuleCount;
|
||||
Smi->Module[ModuleCount].NameLength = 0;
|
||||
|
|
@ -494,7 +422,7 @@ LdrpQueryModuleInformation (
|
|||
AnsiName.MaximumLength = 256;
|
||||
AnsiName.Buffer = Smi->Module[ModuleCount].ImageName;
|
||||
RtlUnicodeStringToAnsiString(&AnsiName,
|
||||
¤t->FullName,
|
||||
¤t->FullDllName,
|
||||
FALSE);
|
||||
|
||||
p = strrchr(AnsiName.Buffer, '\\');
|
||||
|
|
@ -613,10 +541,10 @@ LdrpCompareModuleNames (
|
|||
return(0);
|
||||
}
|
||||
|
||||
PMODULE_OBJECT
|
||||
PLDR_DATA_TABLE_ENTRY
|
||||
LdrGetModuleObject ( PUNICODE_STRING ModuleName )
|
||||
{
|
||||
PMODULE_OBJECT Module;
|
||||
PLDR_DATA_TABLE_ENTRY Module;
|
||||
PLIST_ENTRY Entry;
|
||||
KIRQL Irql;
|
||||
|
||||
|
|
@ -627,15 +555,15 @@ LdrGetModuleObject ( PUNICODE_STRING ModuleName )
|
|||
Entry = ModuleListHead.Flink;
|
||||
while (Entry != &ModuleListHead)
|
||||
{
|
||||
Module = CONTAINING_RECORD(Entry, MODULE_OBJECT, ListEntry);
|
||||
Module = CONTAINING_RECORD(Entry, LDR_DATA_TABLE_ENTRY, InLoadOrderModuleList);
|
||||
|
||||
DPRINT("Comparing %wZ and %wZ\n",
|
||||
&Module->BaseName,
|
||||
ModuleName);
|
||||
|
||||
if (!LdrpCompareModuleNames(&Module->BaseName, ModuleName))
|
||||
if (!LdrpCompareModuleNames(&Module->BaseDllName, ModuleName))
|
||||
{
|
||||
DPRINT("Module %wZ\n", &Module->BaseName);
|
||||
DPRINT("Module %wZ\n", &Module->BaseDllName);
|
||||
KeReleaseSpinLock(&ModuleListLock, Irql);
|
||||
return(Module);
|
||||
}
|
||||
|
|
@ -710,7 +638,7 @@ static NTSTATUS
|
|||
LdrPEProcessModule(
|
||||
PVOID ModuleLoadBase,
|
||||
PUNICODE_STRING FileName,
|
||||
PMODULE_OBJECT *ModuleObject )
|
||||
PLDR_DATA_TABLE_ENTRY *ModuleObject )
|
||||
{
|
||||
unsigned int DriverSize, Idx;
|
||||
DWORD CurrentSize;
|
||||
|
|
@ -718,8 +646,7 @@ LdrPEProcessModule(
|
|||
PIMAGE_DOS_HEADER PEDosHeader;
|
||||
PIMAGE_NT_HEADERS PENtHeaders;
|
||||
PIMAGE_SECTION_HEADER PESectionHeaders;
|
||||
PMODULE_OBJECT CreatedModuleObject;
|
||||
MODULE_TEXT_SECTION* ModuleTextSection;
|
||||
PLDR_DATA_TABLE_ENTRY CreatedModuleObject;
|
||||
NTSTATUS Status;
|
||||
KIRQL Irql;
|
||||
|
||||
|
|
@ -817,59 +744,45 @@ LdrPEProcessModule(
|
|||
|
||||
/* Create the module */
|
||||
CreatedModuleObject = ExAllocatePoolWithTag (
|
||||
NonPagedPool, sizeof(MODULE_OBJECT), TAG_MODULE_OBJECT );
|
||||
NonPagedPool, sizeof(LDR_DATA_TABLE_ENTRY), TAG_MODULE_OBJECT );
|
||||
if (CreatedModuleObject == NULL)
|
||||
{
|
||||
// MmFreeSection(DriverBase);
|
||||
return STATUS_INSUFFICIENT_RESOURCES;
|
||||
}
|
||||
|
||||
RtlZeroMemory(CreatedModuleObject, sizeof(MODULE_OBJECT));
|
||||
RtlZeroMemory(CreatedModuleObject, sizeof(LDR_DATA_TABLE_ENTRY));
|
||||
|
||||
/* Initialize ModuleObject data */
|
||||
CreatedModuleObject->Base = DriverBase;
|
||||
CreatedModuleObject->Flags = MODULE_FLAG_PE;
|
||||
CreatedModuleObject->DllBase = DriverBase;
|
||||
|
||||
CreatedModuleObject->FullName.Length = 0;
|
||||
CreatedModuleObject->FullName.MaximumLength = FileName->Length + sizeof(UNICODE_NULL);
|
||||
CreatedModuleObject->FullName.Buffer =
|
||||
ExAllocatePoolWithTag(PagedPool, CreatedModuleObject->FullName.MaximumLength, TAG_LDR_WSTR);
|
||||
if (CreatedModuleObject->FullName.Buffer == NULL)
|
||||
CreatedModuleObject->FullDllName.Length = 0;
|
||||
CreatedModuleObject->FullDllName.MaximumLength = FileName->Length + sizeof(UNICODE_NULL);
|
||||
CreatedModuleObject->FullDllName.Buffer =
|
||||
ExAllocatePoolWithTag(PagedPool, CreatedModuleObject->FullDllName.MaximumLength, TAG_LDR_WSTR);
|
||||
if (CreatedModuleObject->FullDllName.Buffer == NULL)
|
||||
{
|
||||
ExFreePool(CreatedModuleObject);
|
||||
// MmFreeSection(DriverBase);
|
||||
return STATUS_INSUFFICIENT_RESOURCES;
|
||||
}
|
||||
|
||||
RtlCopyUnicodeString(&CreatedModuleObject->FullName, FileName);
|
||||
LdrpBuildModuleBaseName(&CreatedModuleObject->BaseName,
|
||||
&CreatedModuleObject->FullName);
|
||||
RtlCopyUnicodeString(&CreatedModuleObject->FullDllName, FileName);
|
||||
LdrpBuildModuleBaseName(&CreatedModuleObject->BaseDllName,
|
||||
&CreatedModuleObject->FullDllName);
|
||||
|
||||
CreatedModuleObject->EntryPoint =
|
||||
(PVOID)((ULONG_PTR)DriverBase +
|
||||
PENtHeaders->OptionalHeader.AddressOfEntryPoint);
|
||||
CreatedModuleObject->Length = DriverSize;
|
||||
CreatedModuleObject->SizeOfImage = DriverSize;
|
||||
DPRINT("EntryPoint at %x\n", CreatedModuleObject->EntryPoint);
|
||||
|
||||
CreatedModuleObject->Image.PE.FileHeader =
|
||||
(PIMAGE_FILE_HEADER) ((unsigned int) DriverBase + PEDosHeader->e_lfanew + sizeof(ULONG));
|
||||
|
||||
DPRINT("FileHeader at %x\n", CreatedModuleObject->Image.PE.FileHeader);
|
||||
CreatedModuleObject->Image.PE.OptionalHeader =
|
||||
(PIMAGE_OPTIONAL_HEADER) ((unsigned int) DriverBase + PEDosHeader->e_lfanew + sizeof(ULONG) +
|
||||
sizeof(IMAGE_FILE_HEADER));
|
||||
DPRINT("OptionalHeader at %x\n", CreatedModuleObject->Image.PE.OptionalHeader);
|
||||
CreatedModuleObject->Image.PE.SectionList =
|
||||
(PIMAGE_SECTION_HEADER) ((unsigned int) DriverBase + PEDosHeader->e_lfanew + sizeof(ULONG) +
|
||||
sizeof(IMAGE_FILE_HEADER) + CreatedModuleObject->Image.PE.FileHeader->SizeOfOptionalHeader);
|
||||
DPRINT("SectionList at %x\n", CreatedModuleObject->Image.PE.SectionList);
|
||||
|
||||
/* Perform import fixups */
|
||||
Status = LdrPEFixupImports(CreatedModuleObject);
|
||||
if (!NT_SUCCESS(Status))
|
||||
{
|
||||
// MmFreeSection(DriverBase);
|
||||
ExFreePool(CreatedModuleObject->FullName.Buffer);
|
||||
ExFreePool(CreatedModuleObject->FullDllName.Buffer);
|
||||
ExFreePool(CreatedModuleObject);
|
||||
return Status;
|
||||
}
|
||||
|
|
@ -942,38 +855,15 @@ LdrPEProcessModule(
|
|||
/* Insert module */
|
||||
KeAcquireSpinLock(&ModuleListLock, &Irql);
|
||||
InsertTailList(&ModuleListHead,
|
||||
&CreatedModuleObject->ListEntry);
|
||||
&CreatedModuleObject->InLoadOrderModuleList);
|
||||
KeReleaseSpinLock(&ModuleListLock, Irql);
|
||||
|
||||
|
||||
ModuleTextSection = ExAllocatePoolWithTag (
|
||||
NonPagedPool,
|
||||
sizeof(MODULE_TEXT_SECTION),
|
||||
TAG_MODULE_TEXT_SECTION );
|
||||
ASSERT(ModuleTextSection);
|
||||
RtlZeroMemory(ModuleTextSection, sizeof(MODULE_TEXT_SECTION));
|
||||
ModuleTextSection->Base = (ULONG)DriverBase;
|
||||
ModuleTextSection->Length = DriverSize;
|
||||
ModuleTextSection->Name = ExAllocatePoolWithTag (
|
||||
NonPagedPool,
|
||||
(CreatedModuleObject->BaseName.Length + 1) * sizeof(WCHAR),
|
||||
TAG_LDR_WSTR );
|
||||
RtlCopyMemory(ModuleTextSection->Name,
|
||||
CreatedModuleObject->BaseName.Buffer,
|
||||
CreatedModuleObject->BaseName.Length);
|
||||
ModuleTextSection->Name[CreatedModuleObject->BaseName.Length / sizeof(WCHAR)] = 0;
|
||||
ModuleTextSection->OptionalHeader =
|
||||
CreatedModuleObject->Image.PE.OptionalHeader;
|
||||
InsertTailList(&ModuleTextListHead, &ModuleTextSection->ListEntry);
|
||||
|
||||
CreatedModuleObject->TextSection = ModuleTextSection;
|
||||
|
||||
*ModuleObject = CreatedModuleObject;
|
||||
|
||||
DPRINT("Loading Module %wZ...\n", FileName);
|
||||
|
||||
DPRINT("Module %wZ loaded at 0x%.08x.\n",
|
||||
FileName, CreatedModuleObject->Base);
|
||||
FileName, CreatedModuleObject->DllBase);
|
||||
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
|
|
@ -1138,7 +1028,7 @@ LdrPEFixupForward ( PCHAR ForwardName )
|
|||
CHAR NameBuffer[128];
|
||||
UNICODE_STRING ModuleName;
|
||||
PCHAR p;
|
||||
PMODULE_OBJECT ModuleObject;
|
||||
PLDR_DATA_TABLE_ENTRY ModuleObject;
|
||||
|
||||
DPRINT("LdrPEFixupForward (%s)\n", ForwardName);
|
||||
|
||||
|
|
@ -1165,7 +1055,7 @@ LdrPEFixupForward ( PCHAR ForwardName )
|
|||
CPRINT("LdrPEFixupForward: failed to find module %s\n", NameBuffer);
|
||||
return NULL;
|
||||
}
|
||||
return LdrPEGetExportByName(ModuleObject->Base, (PUCHAR)(p+1), 0xffff);
|
||||
return LdrPEGetExportByName(ModuleObject->DllBase, (PUCHAR)(p+1), 0xffff);
|
||||
}
|
||||
|
||||
static NTSTATUS
|
||||
|
|
@ -1270,9 +1160,9 @@ LdrPEPerformRelocations (
|
|||
|
||||
static NTSTATUS
|
||||
LdrPEGetOrLoadModule (
|
||||
PMODULE_OBJECT Module,
|
||||
PLDR_DATA_TABLE_ENTRY Module,
|
||||
PCHAR ImportedName,
|
||||
PMODULE_OBJECT* ImportedModule)
|
||||
PLDR_DATA_TABLE_ENTRY* ImportedModule)
|
||||
{
|
||||
UNICODE_STRING DriverName;
|
||||
UNICODE_STRING NameString;
|
||||
|
|
@ -1302,11 +1192,11 @@ LdrPEGetOrLoadModule (
|
|||
PWCHAR PathEnd;
|
||||
ULONG PathLength;
|
||||
|
||||
PathEnd = wcsrchr(Module->FullName.Buffer, L'\\');
|
||||
PathEnd = wcsrchr(Module->FullDllName.Buffer, L'\\');
|
||||
if (NULL != PathEnd)
|
||||
{
|
||||
PathLength = (PathEnd - Module->FullName.Buffer + 1) * sizeof(WCHAR);
|
||||
RtlCopyMemory(NameBuffer, Module->FullName.Buffer, PathLength);
|
||||
PathLength = (PathEnd - Module->FullDllName.Buffer + 1) * sizeof(WCHAR);
|
||||
RtlCopyMemory(NameBuffer, Module->FullDllName.Buffer, PathLength);
|
||||
RtlCopyMemory(NameBuffer + (PathLength / sizeof(WCHAR)), DriverName.Buffer, DriverName.Length);
|
||||
NameString.Buffer = NameBuffer;
|
||||
NameString.MaximumLength = NameString.Length = PathLength + DriverName.Length;
|
||||
|
|
@ -1530,7 +1420,7 @@ LdrPEGetExportByOrdinal (
|
|||
static NTSTATUS
|
||||
LdrPEProcessImportDirectoryEntry(
|
||||
PVOID DriverBase,
|
||||
PMODULE_OBJECT ImportedModule,
|
||||
PLDR_DATA_TABLE_ENTRY ImportedModule,
|
||||
PIMAGE_IMPORT_DESCRIPTOR ImportModuleDirectory )
|
||||
{
|
||||
PVOID* ImportAddressList;
|
||||
|
|
@ -1561,10 +1451,10 @@ LdrPEProcessImportDirectoryEntry(
|
|||
if ((*FunctionNameList) & 0x80000000)
|
||||
{
|
||||
Ordinal = (*FunctionNameList) & 0x7fffffff;
|
||||
*ImportAddressList = LdrPEGetExportByOrdinal(ImportedModule->Base, Ordinal);
|
||||
*ImportAddressList = LdrPEGetExportByOrdinal(ImportedModule->DllBase, Ordinal);
|
||||
if ((*ImportAddressList) == NULL)
|
||||
{
|
||||
DPRINT1("Failed to import #%ld from %wZ\n", Ordinal, &ImportedModule->FullName);
|
||||
DPRINT1("Failed to import #%ld from %wZ\n", Ordinal, &ImportedModule->FullDllName);
|
||||
return STATUS_UNSUCCESSFUL;
|
||||
}
|
||||
}
|
||||
|
|
@ -1572,10 +1462,10 @@ LdrPEProcessImportDirectoryEntry(
|
|||
{
|
||||
IMAGE_IMPORT_BY_NAME *pe_name;
|
||||
pe_name = RVA(DriverBase, *FunctionNameList);
|
||||
*ImportAddressList = LdrPEGetExportByName(ImportedModule->Base, pe_name->Name, pe_name->Hint);
|
||||
*ImportAddressList = LdrPEGetExportByName(ImportedModule->DllBase, pe_name->Name, pe_name->Hint);
|
||||
if ((*ImportAddressList) == NULL)
|
||||
{
|
||||
DPRINT1("Failed to import %s from %wZ\n", pe_name->Name, &ImportedModule->FullName);
|
||||
DPRINT1("Failed to import %s from %wZ\n", pe_name->Name, &ImportedModule->FullDllName);
|
||||
return STATUS_UNSUCCESSFUL;
|
||||
}
|
||||
}
|
||||
|
|
@ -1586,30 +1476,30 @@ LdrPEProcessImportDirectoryEntry(
|
|||
}
|
||||
|
||||
static NTSTATUS
|
||||
LdrPEFixupImports ( PMODULE_OBJECT Module )
|
||||
LdrPEFixupImports ( PLDR_DATA_TABLE_ENTRY Module )
|
||||
{
|
||||
PIMAGE_IMPORT_DESCRIPTOR ImportModuleDirectory;
|
||||
PCHAR ImportedName;
|
||||
PMODULE_OBJECT ImportedModule;
|
||||
PLDR_DATA_TABLE_ENTRY ImportedModule;
|
||||
NTSTATUS Status;
|
||||
|
||||
/* Process each import module */
|
||||
ImportModuleDirectory = (PIMAGE_IMPORT_DESCRIPTOR)
|
||||
RtlImageDirectoryEntryToData(Module->Base,
|
||||
RtlImageDirectoryEntryToData(Module->DllBase,
|
||||
TRUE,
|
||||
IMAGE_DIRECTORY_ENTRY_IMPORT,
|
||||
NULL);
|
||||
DPRINT("Processeing import directory at %p\n", ImportModuleDirectory);
|
||||
while (ImportModuleDirectory->Name)
|
||||
{
|
||||
if (Module->Length <= ImportModuleDirectory->Name)
|
||||
if (Module->SizeOfImage <= ImportModuleDirectory->Name)
|
||||
{
|
||||
DPRINT1("Invalid import directory in %wZ\n", &Module->FullName);
|
||||
DPRINT1("Invalid import directory in %wZ\n", &Module->FullDllName);
|
||||
return STATUS_SECTION_NOT_IMAGE;
|
||||
}
|
||||
|
||||
/* Check to make sure that import lib is kernel */
|
||||
ImportedName = (PCHAR) Module->Base + ImportModuleDirectory->Name;
|
||||
ImportedName = (PCHAR) Module->DllBase + ImportModuleDirectory->Name;
|
||||
|
||||
Status = LdrPEGetOrLoadModule(Module, ImportedName, &ImportedModule);
|
||||
if (!NT_SUCCESS(Status))
|
||||
|
|
@ -1617,7 +1507,7 @@ LdrPEFixupImports ( PMODULE_OBJECT Module )
|
|||
return Status;
|
||||
}
|
||||
|
||||
Status = LdrPEProcessImportDirectoryEntry(Module->Base, ImportedModule, ImportModuleDirectory);
|
||||
Status = LdrPEProcessImportDirectoryEntry(Module->DllBase, ImportedModule, ImportModuleDirectory);
|
||||
if (!NT_SUCCESS(Status))
|
||||
{
|
||||
return Status;
|
||||
|
|
|
|||
|
|
@ -15,8 +15,8 @@
|
|||
|
||||
/* GLOBALS *****************************************************************/
|
||||
|
||||
extern MODULE_OBJECT NtoskrnlModuleObject;
|
||||
extern MODULE_OBJECT HalModuleObject;
|
||||
extern LDR_DATA_TABLE_ENTRY NtoskrnlModuleObject;
|
||||
extern LDR_DATA_TABLE_ENTRY HalModuleObject;
|
||||
|
||||
ULONG EXPORTED MmUserProbeAddress = 0;
|
||||
PVOID EXPORTED MmHighestUserAddress = NULL;
|
||||
|
|
@ -454,14 +454,14 @@ MmGetSystemRoutineAddress (
|
|||
return NULL;
|
||||
}
|
||||
|
||||
Status = LdrGetProcedureAddress(NtoskrnlModuleObject.Base,
|
||||
Status = LdrGetProcedureAddress(NtoskrnlModuleObject.DllBase,
|
||||
&AnsiRoutineName,
|
||||
0,
|
||||
&ProcAddress);
|
||||
|
||||
if(!NT_SUCCESS(Status))
|
||||
{
|
||||
Status = LdrGetProcedureAddress(HalModuleObject.Base,
|
||||
Status = LdrGetProcedureAddress(HalModuleObject.DllBase,
|
||||
&AnsiRoutineName,
|
||||
0,
|
||||
&ProcAddress);
|
||||
|
|
|
|||
|
|
@ -651,7 +651,7 @@ MmInitializeCrashDump(HANDLE PageFileHandle, ULONG PageFileNum)
|
|||
UNICODE_STRING DiskDumpName = RTL_CONSTANT_STRING(L"DiskDump");
|
||||
ANSI_STRING ProcName;
|
||||
PIO_STACK_LOCATION StackPtr;
|
||||
PMODULE_OBJECT ModuleObject;
|
||||
PLDR_DATA_TABLE_ENTRY ModuleObject;
|
||||
|
||||
Status = ZwFsControlFile(PageFileHandle,
|
||||
0,
|
||||
|
|
@ -730,7 +730,7 @@ MmInitializeCrashDump(HANDLE PageFileHandle, ULONG PageFileNum)
|
|||
return(STATUS_OBJECT_NAME_NOT_FOUND);
|
||||
}
|
||||
RtlInitAnsiString(&ProcName, "DiskDumpFunctions");
|
||||
Status = LdrGetProcedureAddress(ModuleObject->Base,
|
||||
Status = LdrGetProcedureAddress(ModuleObject->DllBase,
|
||||
&ProcName,
|
||||
0,
|
||||
(PVOID*)&MmCoreDumpFunctions);
|
||||
|
|
|
|||
|
|
@ -757,6 +757,7 @@ NlsAnsiCodePage DATA
|
|||
NlsLeadByteInfo DATA
|
||||
NlsMbCodePageTag DATA
|
||||
NlsMbOemCodePageTag DATA
|
||||
NlsOemCodePage DATA
|
||||
NlsOemLeadByteInfo DATA
|
||||
NtAddAtom@12
|
||||
NtAdjustPrivilegesToken@24
|
||||
|
|
@ -871,8 +872,10 @@ PsDereferenceImpersonationToken@4=PsDereferencePrimaryToken@4
|
|||
PsDereferencePrimaryToken@4
|
||||
PsDisableImpersonation@8
|
||||
PsEstablishWin32Callouts@4
|
||||
PsGetCurrentProcess@0=KeGetCurrentProcess@0
|
||||
PsGetCurrentProcessId@0
|
||||
PsGetCurrentProcessSessionId@0
|
||||
PsGetCurrentThread@0=KeGetCurrentThread@0
|
||||
PsGetCurrentThreadId@0
|
||||
PsGetCurrentThreadPreviousMode@0
|
||||
PsGetCurrentThreadStackBase@0
|
||||
|
|
|
|||
Loading…
Reference in a new issue