Hartmut Birr wrote:
+KiIpiSendPacket(ULONG Processors, VOID STDCALL (*Function)(PVOID), PVOID Argument, ULONG Count, BOOLEAN Synchronize)
You can change the second argument for PKIPI_WORKER:
typedef VOID (**PKIPI_WORKER*)( IN PKIPI_CONTEXT PacketContext, IN PVOID Parameter1, IN PVOID Parameter2, IN PVOID Parameter3 );
All the last 3 arguments of KiIpiSendPacket should be the 3 parameters iirc.
- / * FIXME
* M$ puts the ipi information anywhere into the KPCR of the requestor.* The KPCR of the target contains a pointer of the KPCR of the requestor.*/
KPRCB IPI Stuff:
+0x8a0 CurrentPacket : [3] Ptr32 Void => The last 3 parameters of KiIpiSendPacket, which are also the 3 parameters of KIPI_WORKER go here. +0x8ac TargetSet : Uint4B => Processors (1st argument) goes here. +0x8b0 WorkerRoutine : Ptr32 => PKIPI_ROUTINE goes here. +0x8b4 IpiFrozen : Uint4B => IPI State flags if IPIs are frozen by CPU Freeze functions
Best regards, Alex Ionescu