https://git.reactos.org/?p=reactos.git;a=commitdiff;h=4d37135884e5504be66a5… commit 4d37135884e5504be66a51884804c6af896e4b17 Author: Hermès Bélusca-Maïto <hermes.belusca-maito(a)reactos.org> AuthorDate: Sun Mar 12 20:29:21 2023 +0100 Commit: Hermès Bélusca-Maïto <hermes.belusca-maito(a)reactos.org> CommitDate: Tue Jan 28 22:00:28 2025 +0100 [NDK] SYSDBG: Add SysDbgGetLiveKernelDump enum value and structures for kernel live dump. For more information, see: https://crashdmp.wordpress.com/2014/08/04/livedump-1-0-is-available/ https://github.com/lilhoser/livedump https://gary-nebbett.blogspot.com/2016/04/examining-windows-kernel-mode-sta… https://github.com/processhacker/phnt --- sdk/include/ndk/kdtypes.h | 84 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 84 insertions(+) diff --git a/sdk/include/ndk/kdtypes.h b/sdk/include/ndk/kdtypes.h index 8ebd21a6f7e..77b5545cfed 100644 --- a/sdk/include/ndk/kdtypes.h +++ b/sdk/include/ndk/kdtypes.h @@ -98,6 +98,9 @@ typedef enum _SYSDBG_COMMAND SysDbgGetUmAttachPid = 35, SysDbgClearUmAttachPid = 36, #endif +#if (NTDDI_VERSION >= NTDDI_WINBLUE) // NTDDI_WIN81 + SysDbgGetLiveKernelDump = 37, +#endif } SYSDBG_COMMAND; // @@ -164,6 +167,87 @@ typedef struct _SYSDBG_TRIAGE_DUMP PHANDLE Handles; } SYSDBG_TRIAGE_DUMP, *PSYSDBG_TRIAGE_DUMP; +#if (NTDDI_VERSION >= NTDDI_WINBLUE) // NTDDI_WIN81 + +typedef union _SYSDBG_LIVEDUMP_CONTROL_FLAGS +{ + struct + { + ULONG UseDumpStorageStack : 1; + ULONG CompressMemoryPagesData : 1; + ULONG IncludeUserSpaceMemoryPages : 1; +#if (NTDDI_VERSION >= NTDDI_WIN10_RS4) + ULONG AbortIfMemoryPressure : 1; +#if (NTDDI_VERSION >= NTDDI_WIN11) + ULONG SelectiveDump : 1; + ULONG Reserved : 27; +#else + ULONG Reserved : 28; +#endif // (NTDDI_VERSION >= NTDDI_WIN11) +#else + ULONG Reserved : 29; +#endif // (NTDDI_VERSION >= NTDDI_WIN10_RS4) + }; + ULONG AsUlong; +} SYSDBG_LIVEDUMP_CONTROL_FLAGS; + +typedef union _SYSDBG_LIVEDUMP_CONTROL_ADDPAGES +{ + struct + { + ULONG HypervisorPages : 1; +#if (NTDDI_VERSION >= NTDDI_WIN11) + ULONG NonEssentialHypervisorPages : 1; + ULONG Reserved : 30; +#else + ULONG Reserved : 31; +#endif + }; + ULONG AsUlong; +} SYSDBG_LIVEDUMP_CONTROL_ADDPAGES; + +#if (NTDDI_VERSION >= NTDDI_WIN11) + +typedef struct _SYSDBG_LIVEDUMP_SELECTIVE_CONTROL +{ + ULONG Version; + ULONG Size; + union + { + ULONGLONG Flags; + struct + { + ULONGLONG ThreadKernelStacks : 1; + ULONGLONG ReservedFlags : 63; + }; + }; + ULONGLONG Reserved[4]; +} SYSDBG_LIVEDUMP_SELECTIVE_CONTROL, *PSYSDBG_LIVEDUMP_SELECTIVE_CONTROL; + +#define SYSDBG_LIVEDUMP_CONTROL_VERSION 1 +#define SYSDBG_LIVEDUMP_CONTROL_VERSION_WIN11 2 + +#endif // (NTDDI_VERSION >= NTDDI_WIN11) + +typedef struct _SYSDBG_LIVEDUMP_CONTROL +{ + ULONG Version; + ULONG BugCheckCode; + ULONG_PTR BugCheckParam1; + ULONG_PTR BugCheckParam2; + ULONG_PTR BugCheckParam3; + ULONG_PTR BugCheckParam4; + PVOID DumpFileHandle; + PVOID CancelEventHandle; + SYSDBG_LIVEDUMP_CONTROL_FLAGS Flags; + SYSDBG_LIVEDUMP_CONTROL_ADDPAGES AddPagesControl; +#if (NTDDI_VERSION >= NTDDI_WIN11) + PSYSDBG_LIVEDUMP_SELECTIVE_CONTROL SelectiveControl; +#endif +} SYSDBG_LIVEDUMP_CONTROL, *PSYSDBG_LIVEDUMP_CONTROL; + +#endif // (NTDDI_VERSION >= NTDDI_WINBLUE) + // // KD Structures //