[tkreuzer] 50823: [NTOSKRNL] Add support for debug pre/post syscall hooks, that can be registered from win32k. They only exist on DBG versions.
Author: tkreuzer Date: Sat Feb 19 21:50:11 2011 New Revision: 50823
URL: http://svn.reactos.org/svn/reactos?rev=50823&view=rev Log: [NTOSKRNL] Add support for debug pre/post syscall hooks, that can be registered from win32k. They only exist on DBG versions.
Modified: trunk/reactos/ntoskrnl/include/internal/kd.h trunk/reactos/ntoskrnl/kd/kdmain.c trunk/reactos/ntoskrnl/ke/i386/traphdlr.c
Modified: trunk/reactos/ntoskrnl/include/internal/kd.h URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/include/internal/k... ============================================================================== --- trunk/reactos/ntoskrnl/include/internal/kd.h [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/include/internal/kd.h [iso-8859-1] Sat Feb 19 21:50:11 2011 @@ -363,3 +363,12 @@ extern ULONG Kd_WIN2000_Mask;
#endif + +#if DBG +#define ID_Win32PreServiceHook 'WSH0' +#define ID_Win32PostServiceHook 'WSH1' +typedef void (NTAPI *PKDBG_PRESERVICEHOOK)(ULONG, PULONG_PTR); +typedef ULONG_PTR (NTAPI *PKDBG_POSTSERVICEHOOK)(ULONG, ULONG_PTR); +extern PKDBG_PRESERVICEHOOK KeWin32PreServiceHook; +extern PKDBG_POSTSERVICEHOOK KeWin32PostServiceHook; +#endif
Modified: trunk/reactos/ntoskrnl/kd/kdmain.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/kd/kdmain.c?rev=50... ============================================================================== --- trunk/reactos/ntoskrnl/kd/kdmain.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/kd/kdmain.c [iso-8859-1] Sat Feb 19 21:50:11 2011 @@ -71,13 +71,30 @@ case EnterDebugger: DbgBreakPoint(); break; - + case KdSpare3: MmDumpArmPfnDatabase(FALSE); break;
default: break; + } + break; + } + + /* Register a debug callback */ + case 'CsoR': + { + switch (Buffer1Length) + { + case ID_Win32PreServiceHook: + KeWin32PreServiceHook = Buffer1; + break; + + case ID_Win32PostServiceHook: + KeWin32PostServiceHook = Buffer1; + break; + } break; }
Modified: trunk/reactos/ntoskrnl/ke/i386/traphdlr.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ke/i386/traphdlr.c... ============================================================================== --- trunk/reactos/ntoskrnl/ke/i386/traphdlr.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/ke/i386/traphdlr.c [iso-8859-1] Sat Feb 19 21:50:11 2011 @@ -46,6 +46,10 @@ };
PFAST_SYSTEM_CALL_EXIT KiFastCallExitHandler; +#if DBG +PKDBG_PRESERVICEHOOK KeWin32PreServiceHook = NULL; +PKDBG_POSTSERVICEHOOK KeWin32PostServiceHook = NULL; +#endif
/* TRAP EXIT CODE *************************************************************/ @@ -1443,6 +1447,28 @@ KiDebugHandler(TrapFrame, TrapFrame->Eax, TrapFrame->Ecx, TrapFrame->Edx); }
+ +FORCEINLINE +VOID +KiDbgPreServiceHook(ULONG SystemCallNumber, PULONG_PTR Arguments) +{ +#if DBG + if (SystemCallNumber >= 0x1000 && KeWin32PreServiceHook) + KeWin32PreServiceHook(SystemCallNumber, Arguments); +#endif +} + +FORCEINLINE +ULONG_PTR +KiDbgPostServiceHook(ULONG SystemCallNumber, ULONG_PTR Result) +{ +#if DBG + if (SystemCallNumber >= 0x1000 && KeWin32PostServiceHook) + return KeWin32PostServiceHook(SystemCallNumber, Result); +#endif + return Result; +} + DECLSPEC_NORETURN VOID FORCEINLINE @@ -1553,10 +1579,16 @@ while (TRUE); }
+ /* Call pre-service debug hook */ + KiDbgPreServiceHook(SystemCallNumber, Arguments); + /* Get the handler and make the system call */ Handler = (PVOID)DescriptorTable->Base[Id]; Result = KiSystemCallTrampoline(Handler, Arguments, StackBytes);
+ /* Call post-service debug hook */ + Result = KiDbgPostServiceHook(SystemCallNumber, Result); + /* Make sure we're exiting correctly */ KiExitSystemCallDebugChecks(Id, TrapFrame);
-
tkreuzer@svn.reactos.org