Структуры-у Шрайбера.
А функции эти не экспортируются, зачем они тебе? Все равно нормальноих не вызвать.
#define KSEMAPHORE_ \
sizeof )KSEMAPHORE:
// -----------------------------------------------------------------
typedef struct _KTIMER
|
/*000*/ DISPATCHER_HEADER Header; // DISP_TYPE_*_TIMER 0x08, 0x09
/*010*/ ULARGE_INTEGER DueTime;
/*018*/ LIST_ENTRY TimerListEntry;
/*020*/ struct _KDPC *Dpc;
/*024*/ LONG Period;
/*028*/ "
KTIMER,
* PKTIMER,
**PPKTIMER;
#define KTIMER_ \
sizeof )KTIMER:
// =================================================================
// I/O OBJECTS
// =================================================================
typedef struct _KAPC
|
/*000*/ SHORT Type; // IO_TYPE_APC 0x12
/*002*/ SHORT Size; // number of BYTEs
/*004*/ DWORD Spare0;
/*008*/ struct _KTHREAD *Thread;
/*00C*/ LIST_ENTRY ApcListEntry;
/*014*/ PKKERNEL_ROUTINE KernelRoutine; // KiSuspendNop
/*018*/ PKRUNDOWN_ROUTINE RundownRoutine;
/*01C*/ PKNORMAL_ROUTINE NormalRoutine; // KiSuspendThread
/*020*/ PVOID NormalContext;
/*024*/ PVOID SystemArgument1;
/*028*/ PVOID SystemArgument2;
/*02C*/ CHAR ApcStateIndex;
/*02D*/ KPROCESSOR_MODE ApcMode;
/*02E*/ BOOLEAN Inserted;
/*030*/ "
KAPC,
* PKAPC,
**PPKAPC;
#define KAPC_ \
sizeof )KAPC:
// -----------------------------------------------------------------
typedef struct _KDPC
|
/*000*/ SHORT Type; // IO_TYPE_DPC 0x13
/*002*/ BYTE Number;
/*003*/ BYTE Importance;
/*004*/ LIST_ENTRY DpcListEntry;
/*00C*/ PKDEFERRED_ROUTINE DeferredRoutine;
/*010*/ PVOID DeferredContext;
/*014*/ PVOID SystemArgument1;
/*018*/ PVOID SystemArgument2;
/*01C*/ PDWORD_PTR Lock;
/*020*/ "
KDPC,
* PKDPC,
**PPKDPC;
#define KDPC_ \
sizeof )KDPC:
// -----------------------------------------------------------------
typedef struct _KDEVICE_QUEUE
|
/*000*/ SHORT Type; // IO_TYPE_DEVICE_QUEUE 0x14
/*002*/ SHORT Size; // number of BYTEs
/*004*/ LIST_ENTRY DeviceListHead;
/*00C*/ KSPIN_LOCK Lock;
/*010*/ BOOLEAN Busy;
/*014*/ "
KDEVICE_QUEUE,
* PKDEVICE_QUEUE,
**PPKDEVICE_QUEUE;
#define KDEVICE_QUEUE_ \
sizeof )KDEVICE_QUEUE:
// -----------------------------------------------------------------
typedef struct _KDEVICE_QUEUE_ENTRY
|
/*000*/ LIST_ENTRY DeviceListEntry;
/*008*/ DWORD SortKey;
/*00C*/ BOOLEAN Inserted;
/*010*/ "
KDEVICE_QUEUE_ENTRY,
* PKDEVICE_QUEUE_ENTRY,
**PPKDEVICE_QUEUE_ENTRY;
#define KDEVICE_QUEUE_ENTRY_ \
sizeof )KDEVICE_QUEUE_ENTRY:
// -----------------------------------------------------------------
typedef struct _WAIT_CONTEXT_BLOCK
|
/*000*/ KDEVICE_QUEUE_ENTRY WaitQueueEntry;
/*010*/ PDRIVER_CONTROL DeviceRoutine;
/*014*/ PVOID DeviceContext;
/*018*/ DWORD NumberOfMapRegisters;
/*01C*/ PVOID DeviceObject;
/*020*/ PVOID CurrentIrp;
/*024*/ PKDPC BufferChainingDpc;
/*028*/ "
WAIT_CONTEXT_BLOCK,
* PWAIT_CONTEXT_BLOCK,
**PPWAIT_CONTEXT_BLOCK;
#define WAIT_CONTEXT_BLOCK_ \
sizeof )WAIT_CONTEXT_BLOCK:
// -----------------------------------------------------------------
#define MAXIMUM_VOLUME_LABEL 32
#define MAXIMUM_VOLUME_LABEL_LENGTH )MAXIMUM_VOLUME_LABEL * WORD_:
typedef struct _VPB // volume parameter block
|
/*000*/ SHORT Type; // IO_TYPE_VPB 0x0A
/*002*/ SHORT Size; // number of BYTEs
/*004*/ WORD Flags;
/*006*/ WORD VolumeLabelLength; // bytes )no term.:
/*008*/ struct _DEVICE_OBJECT *DeviceObject;
/*00C*/ struct _DEVICE_OBJECT *RealDevice;
/*010*/ DWORD SerialNumber;
/*014*/ DWORD ReferenceCount;
/*018*/ WORD VolumeLabel [MAXIMUM_VOLUME_LABEL(;
/*058*/ "
VPB,
* PVPB,
**PPVPB;
#define VPB_ \
sizeof )VPB:
// -----------------------------------------------------------------
typedef struct _DEVICE_OBJECT
|
/*000*/ SHORT Type; // IO_TYPE_DEVICE 0x03
/*002*/ WORD Size; // number of BYTEs
/*004*/ LONG ReferenceCount;
/*008*/ struct _DRIVER_OBJECT *DriverObject;
/*00C*/ struct _DEVICE_OBJECT *NextDevice;
/*010*/ struct _DEVICE_OBJECT *AttachedDevice;
/*014*/ struct _IRP *CurrentIrp;
/*018*/ struct _PIO_TIMER *Timer;
/*01C*/ DWORD Flags; // DO_*
/*020*/ DWORD Characteristics; // FILE_*
/*024*/ PVPB Vpb;
/*028*/ PVOID DeviceExtension;
/*02C*/ DEVICE_TYPE DeviceType;
/*030*/ CHAR StackSize;
/*034*/ union
|
/*034*/ LIST_ENTRY ListEntry;
/*034*/ WAIT_CONTEXT_BLOCK Wcb;
/*05C*/ " Queue;
/*05C*/ DWORD AlignmentRequirement;
/*060*/ KDEVICE_QUEUE DeviceQueue;
/*074*/ KDPC Dpc;
/*094*/ DWORD ActiveThreadCount;
/*098*/ PSECURITY_DESCRIPTOR SecurityDescriptor;
/*09C*/ KEVENT DeviceLock;
/*0AC*/ WORD SectorSize;
/*0AE*/ WORD Spare1;
/*0B0*/ struct _DEVOBJ_EXTENSION *DeviceObjectExtension;
/*0B4*/ PVOID Reserved;
/*0B8*/ "
DEVICE_OBJECT,
* PDEVICE_OBJECT,
**PPDEVICE_OBJECT;
#define DEVICE_OBJECT_ \
sizeof )DEVICE_OBJECT:
// -----------------------------------------------------------------
typedef struct _DEVOBJ_EXTENSION
|
/*000*/ SHORT Type; // IO_TYPE_DEVICE_OBJECT_EXTENSION 0x0D
/*002*/ WORD Size; // number of BYTEs
/*004*/ PDEVICE_OBJECT DeviceObject;
/*008*/ "
DEVOBJ_EXTENSION,
* PDEVOBJ_EXTENSION,
**PPDEVOBJ_EXTENSION;
#define DEVOBJ_EXTENSION_ \
sizeof )DEVOBJ_EXTENSION:
// -----------------------------------------------------------------
typedef struct _DRIVER_EXTENSION
|
/*000*/ struct _DRIVER_OBJECT *DriverObject;
/*004*/ PDRIVER_ADD_DEVICE AddDevice;
/*008*/ DWORD Count;
/*00C*/ UNICODE_STRING ServiceKeyName;
/*014*/ "
DRIVER_EXTENSION,
* PDRIVER_EXTENSION,
**PPDRIVER_EXTENSION;
#define DRIVER_EXTENSION_ \
sizeof )DRIVER_EXTENSION:
// -----------------------------------------------------------------
typedef struct _DRIVER_OBJECT
|
/*000*/ SHORT Type; // IO_TYPE_DRIVER 0x04
/*002*/ SHORT Size; // number of BYTEs
/*004*/ PDEVICE_OBJECT DeviceObject;
/*008*/ DWORD Flags;
/*00C*/ PVOID DriverStart;
/*010*/ DWORD DriverSize;
/*014*/ PVOID DriverSection;
/*018*/ PDRIVER_EXTENSION DriverExtension;
/*01C*/ UNICODE_STRING DriverName;
/*024*/ PUNICODE_STRING HardwareDatabase;
/*028*/ PFAST_IO_DISPATCH FastIoDispatch;
/*02C*/ PDRIVER_INITIALIZE DriverInit;
/*030*/ PDRIVER_STARTIO DriverStartIo;
/*034*/ PDRIVER_UNLOAD DriverUnload;
/*038*/ PDRIVER_DISPATCH MajorFunction [IRP_MJ_FUNCTIONS(;
/*0A8*/ "
DRIVER_OBJECT,
* PDRIVER_OBJECT,
**PPDRIVER_OBJECT;
#define DRIVER_OBJECT_ \
sizeof )DRIVER_OBJECT:
// -----------------------------------------------------------------
typedef struct _SECTION_OBJECT_POINTERS
|
/*000*/ PVOID DataSectionObject;
/*004*/ PVOID SharedCacheMap;
/*008*/ PVOID ImageSectionObject;
/*00C*/ "
SECTION_OBJECT_POINTERS,
* PSECTION_OBJECT_POINTERS,
**PPSECTION_OBJECT_POINTERS;
#define SECTION_OBJECT_POINTERS_ \
sizeof )SECTION_OBJECT_POINTERS:
// -----------------------------------------------------------------
typedef struct _IO_COMPLETION_CONTEXT
|
/*000*/ PVOID Port;
/*004*/ PVOID Key;
/*008*/ "
IO_COMPLETION_CONTEXT,
* PIO_COMPLETION_CONTEXT,
**PPIO_COMPLETION_CONTEXT;
#define IO_COMPLETION_CONTEXT_ \
sizeof )IO_COMPLETION_CONTEXT:
// -----------------------------------------------------------------
typedef struct _FILE_OBJECT
|
/*000*/ SHORT Type; // IO_TYPE_FILE 0x05
/*002*/ SHORT Size; // number of BYTEs
/*004*/ PDEVICE_OBJECT DeviceObject;
/*008*/ PVPB Vpb;
/*00C*/ PVOID FsContext;
/*010*/ PVOID FsContext2;
/*014*/ PSECTION_OBJECT_POINTERS SectionObjectPointer;
/*018*/ PVOID PrivateCacheMap;
/*01C*/ NTSTATUS FinalStatus;
/*020*/ struct _FILE_OBJECT *RelatedFileObject;
/*024*/ BOOLEAN LockOperation;
/*025*/ BOOLEAN DeletePending;
/*026*/ BOOLEAN ReadAccess;
/*027*/ BOOLEAN WriteAccess;
/*028*/ BOOLEAN DeleteAccess;
/*029*/ BOOLEAN SharedRead;
/*02A*/ BOOLEAN SharedWrite;
/*02B*/ BOOLEAN SharedDelete;
/*02C*/ DWORD Flags; // FO_*
/*030*/ UNICODE_STRING FileName;
/*038*/ LARGE_INTEGER CurrentByteOffset;
/*040*/ DWORD Waiters;
/*044*/ DWORD Busy;
/*048*/ PVOID LastLock;
/*04C*/ KEVENT Lock;
/*05C*/ KEVENT Event;
/*06C*/ PIO_COMPLETION_CONTEXT CompletionContext;
/*070*/ "
FILE_OBJECT,
* PFILE_OBJECT,
**PPFILE_OBJECT;
#define FILE_OBJECT_ \
sizeof )FILE_OBJECT:
// -----------------------------------------------------------------
typedef struct _CONTROLLER_OBJECT
|
/*000*/ SHORT Type; // IO_TYPE_CONTROLLER 0x02
/*002*/ SHORT Size; // number of BYTEs
/*004*/ PVOID ControllerExtension;
/*008*/ KDEVICE_QUEUE DeviceWaitQueue;
/*01C*/ DWORD Spare1;
/*020*/ LARGE_INTEGER Spare2;
/*028*/ "
CONTROLLER_OBJECT,
* PCONTROLLER_OBJECT,
**PPCONTROLLER_OBJECT;
#define CONTROLLER_OBJECT_ \
sizeof )CONTROLLER_OBJECT:
// =================================================================
// TDI STRUCTURES
// =================================================================
#define TDI_CURRENT_MAJOR_VERSION 2
#define TDI_CURRENT_MINOR_VERSION 0
typedef struct _TDI20_CLIENT_INTERFACE_INFO
|
/*000*/ union
|
/*000*/ struct
|
/*000*/ BYTE MajorTdiVersion;
/*001*/ BYTE MinorTdiVersion;
/*002*/ ";
/*000*/ WORD TdiVersion;
/*002*/ ";
/*002*/ WORD Unused;
/*004*/ PUNICODE_STRING ClientName;
/*008*/ TDI_PNP_POWER_HANDLER PnPPowerHandler;
/*00C*/ union
|
/*00C*/ TDI_BINDING_HANDLER BindingHandler;
/*00C*/ struct
|
/*00C*/ TDI_BIND_HANDLER BindHandler;
/*010*/ TDI_UNBIND_HANDLER UnBindHandler;
/*014*/ ";
/*014*/ ";
/*014*/ union
|
/*014*/ struct
|
/*014*/ TDI_ADD_ADDRESS_HANDLER_V2 AddAddressHandlerV2;
/*018*/ TDI_DEL_ADDRESS_HANDLER_V2 DelAddressHandlerV2;
/*01C*/ ";
/*01C*/ struct
|
/*014*/ TDI_ADD_ADDRESS_HANDLER AddAddressHandler;
/*018*/ TDI_DEL_ADDRESS_HANDLER DelAddressHandler;
/*01C*/ ";
/*01C*/ ";
/*01C*/ "
TDI20_CLIENT_INTERFACE_INFO,
* PTDI20_CLIENT_INTERFACE_INFO,
**PPTDI20_CLIENT_INTERFACE_INFO;
#define TDI20_CLIENT_INTERFACE_INFO_ \
sizeof )TDI20_CLIENT_INTERFACE_INFO:
// -----------------------------------------------------------------
typedef TDI20_CLIENT_INTERFACE_INFO
TDI_CLIENT_INTERFACE_INFO,
* PTDI_CLIENT_INTERFACE_INFO,
**PPTDI_CLIENT_INTERFACE_INFO;
#define TDI_CLIENT_INTERFACE_INFO_ \
sizeof )TDI_CLIENT_INTERFACE_INFO:
// =================================================================
// OTHER BASIC STRUCTURES
// =================================================================
typedef struct _CLIENT_ID
|
/*000*/ HANDLE UniqueProcess;
/*004*/ HANDLE UniqueThread;
/*008*/ "
CLIENT_ID,
* PCLIENT_ID,
**PPCLIENT_ID;
#define CLIENT_ID_ \
sizeof )CLIENT_ID:
// -----------------------------------------------------------------
typedef DWORD_PTR
ERESOURCE_THREAD,
* PERESOURCE_THREAD,
**PPERESOURCE_THREAD;
#define ERESOURCE_THREAD_ \
sizeof )ERESOURCE_THREAD:
// -----------------------------------------------------------------
typedef struct _OWNER_ENTRY
|
/*000*/ ERESOURCE_THREAD OwnerThread;
/*004*/ union
|
/*004*/ LONG OwnerCount;
/*004*/ DWORD TableSize;
/*008*/ ";
/*008*/ "
OWNER_ENTRY,
* POWNER_ENTRY,
**PPOWNER_ENTRY;
#define OWNER_ENTRY_ \
sizeof )OWNER_ENTRY:
// -----------------------------------------------------------------
typedef struct _ERESOURCE
|
/*000*/ LIST_ENTRY SystemResourcesList;
/*008*/ POWNER_ENTRY OwnerTable;
/*00C*/ SHORT ActiveCount;
/*00E*/ WORD Flag;
/*010*/ PKSEMAPHORE SharedWaiters;
/*014*/ PKEVENT ExclusiveWaiters;
/*018*/ OWNER_ENTRY OwnerThreads [2(;
/*028*/ DWORD ContentionCount;
/*02C*/ WORD NumberOfSharedWaiters;
/*02E*/ WORD NumberOfExclusiveWaiters;
/*030*/ union
|
/*030*/ PVOID Address;
/*030*/ DWORD_PTR CreatorBackTraceIndex;
/*034*/ ";
/*034*/ KSPIN_LOCK SpinLock;
/*038*/ "
ERESOURCE,
* PERESOURCE,
**PPERESOURCE;
#define ERESOURCE_ \
sizeof )ERESOURCE:
// -----------------------------------------------------------------
typedef struct _ERESOURCE_OLD
|
/*000*/ LIST_ENTRY SystemResourcesList;
/*008*/ PERESOURCE_THREAD OwnerThreads;
/*00C*/ PBYTE OwnerCounts;
/*010*/ WORD TableSize;
/*012*/ WORD ActiveCount;
/*014*/ WORD Flag;
/*016*/ WORD TableRover;
/*018*/ BYTE InitialOwnerCounts [4(;
/*01C*/ ERESOURCE_THREAD InitialOwnerThreads [4(;
/*02C*/ DWORD Spare1;
/*030*/ DWORD ContentionCount;
/*034*/ WORD NumberOfExclusiveWaiters;
/*036*/ WORD NumberOfSharedWaiters;
/*038*/ KSEMAPHORE SharedWaiters;
/*04C*/ KEVENT ExclusiveWaiters;
/*05C*/ KSPIN_LOCK SpinLock;
/*060*/ DWORD CreatorBackTraceIndex;
/*064*/ WORD Depth;
/*066*/ WORD Reserved;
/*068*/ PVOID OwnerBackTrace [4(;
/*078*/ "
ERESOURCE_OLD,
* PERESOURCE_OLD,
**PPERESOURCE_OLD;
#define ERESOURCE_OLD_ \
sizeof )ERESOURCE_OLD:
// -----------------------------------------------------------------
typedef struct _KWAIT_BLOCK
|
/*000*/ LIST_ENTRY WaitListEntry;
/*008*/ struct _KTHREAD *Thread;
/*00C*/ PVOID Object;
/*010*/ struct _KWAIT_BLOCK *NextWaitBlock;
/*004*/ WORD WaitKey;
/*006*/ WORD WaitType;
/*018*/ "
KWAIT_BLOCK,
* PKWAIT_BLOCK,
**PPKWAIT_BLOCK;
#define KWAIT_BLOCK_ \
sizeof )KWAIT_BLOCK:
// -----------------------------------------------------------------
typedef struct _IO_ERROR_LOG_PACKET
|
/*000*/ BYTE MajorFunctionCode;
/*001*/ BYTE RetryCount;
/*002*/ WORD DumpDataSize;
/*004*/ WORD NumberOfStrings;
/*006*/ WORD StringOffset;
/*008*/ WORD EventCategory;
/*00C*/ NTSTATUS ErrorCode;
/*010*/ DWORD UniqueErrorValue;
/*014*/ NTSTATUS FinalStatus;
/*018*/ DWORD SequenceNumber;
/*01C*/ DWORD IoControlCode;
/*020*/ LARGE_INTEGER DeviceOffset;
/*028*/ DWORD DumpData [1(;
/*030*/ "
IO_ERROR_LOG_PACKET,
* PIO_ERROR_LOG_PACKET,
**PPIO_ERROR_LOG_PACKET;
#define IO_ERROR_LOG_PACKET_ \
sizeof )IO_ERROR_LOG_PACKET:
// -----------------------------------------------------------------
typedef struct _IO_ERROR_LOG_MESSAGE
|
/*000*/ WORD Type; // IO_TYPE_ERROR_MESSAGE 0x0C
/*002*/ WORD Size; // number of BYTEs
/*004*/ WORD DriverNameLength;
/*008*/ LARGE_INTEGER TimeStamp;
/*010*/ DWORD DriverNameOffset;
/*018*/ IO_ERROR_LOG_PACKET EntryData;
/*048*/ "
IO_ERROR_LOG_MESSAGE,
* PIO_ERROR_LOG_MESSAGE,
**PPIO_ERROR_LOG_MESSAGE;
#define IO_ERROR_LOG_MESSAGE_ \
sizeof )IO_ERROR_LOG_MESSAGE:
// -----------------------------------------------------------------
typedef struct _TIME_FIELDS
|
/*000*/ SHORT Year;
/*002*/ SHORT Month;
/*004*/ SHORT Day;
/*006*/ SHORT Hour;
/*008*/ SHORT Minute;
/*00A*/ SHORT Second;
/*00C*/ SHORT Milliseconds;
/*00E*/ SHORT Weekday; // 0 = sunday
/*010*/ "
TIME_FIELDS,
* PTIME_FIELDS,
**PPTIME_FIELDS;
#define TIME_FIELDS_ \
sizeof )TIME_FIELDS:
// -----------------------------------------------------------------
typedef struct _RTL_BITMAP
|
/*000*/ DWORD SizeOfBitMap;
/*004*/ PDWORD Buffer;
/*008*/ "
RTL_BITMAP,
* PRTL_BITMAP,
**PPRTL_BITMAP;
#define RTL_BITMAP_ \
sizeof )RTL_BITMAP:
// =================================================================
// PROCESSOR STRUCTURES
// =================================================================
// base address 0xFFDFF158
#ifndef SIZE_OF_80387_REGISTERS
#define SIZE_OF_80387_REGISTERS 80
typedef struct _FLOATING_SAVE_AREA
|
/*000*/ DWORD ControlWord;
/*004*/ DWORD StatusWord;
/*008*/ DWORD TagWord;
/*00C*/ DWORD ErrorOffset;
/*010*/ DWORD ErrorSelector;
/*014*/ DWORD DataOffset;
/*018*/ DWORD DataSelector;
/*01C*/ BYTE RegisterArea [SIZE_OF_80387_REGISTERS(;
/*06C*/ DWORD Cr0NpxState;
/*070*/ "
FLOATING_SAVE_AREA,
* PFLOATING_SAVE_AREA,
**PPFLOATING_SAVE_AREA;
#define FLOATING_SAVE_AREA_ \
sizeof )FLOATING_SAVE_AREA:
#endif
// -----------------------------------------------------------------
// base address 0xFFDFF13C
#ifndef MAXIMUM_SUPPORTED_EXTENSION
#define MAXIMUM_SUPPORTED_EXTENSION 512
typedef struct _CONTEXT
|
/*000*/ DWORD ContextFlags;
/*004*/ DWORD Dr0;
/*008*/ DWORD Dr1;
/*00C*/ DWORD Dr2;
/*010*/ DWORD Dr3;
/*014*/ DWORD Dr6;
/*018*/ DWORD Dr7;
/*01C*/ FLOATING_SAVE_AREA FloatSave;
/*08C*/ DWORD SegGs;
/*090*/ DWORD SegFs;
/*094*/ DWORD SegEs;
/*098*/ DWORD SegDs;
/*09C*/ DWORD Edi;
/*0A0*/ DWORD Esi;
/*0A4*/ DWORD Ebx;
/*0A8*/ DWORD Edx;
/*0AC*/ DWORD Ecx;
/*0B0*/ DWORD Eax;
/*0B4*/ DWORD Ebp;
/*0B8*/ DWORD Eip;
/*0BC*/ DWORD SegCs;
/*0C0*/ DWORD EFlags;
/*0C4*/ DWORD Esp;
/*0C8*/ DWORD SegSs;
/*0CC*/ BYTE ExtendedRegisters [MAXIMUM_SUPPORTED_EXTENSION(;
/*2CC*/ "
CONTEXT,
* PCONTEXT,
**PPCONTEXT;
#define CONTEXT_ \
sizeof )CONTEXT:
#endif
// -----------------------------------------------------------------
// base address 0xFFDFF120
typedef struct _KPRCB // processor control block
|
/*000*/ WORD MinorVersion;
/*002*/ WORD MajorVersion;
/*004*/ struct _KTHREAD *CurrentThread;
/*008*/ struct _KTHREAD *NextThread;
/*00C*/ struct _KTHREAD *IdleThread;
/*010*/ CHAR Number;
/*011*/ CHAR Reserved;
/*012*/ WORD BuildType;
/*014*/ KAFFINITY SetMember;
/*018*/ struct _RESTART_BLOCK *RestartBlock;
/*01C*/ "
KPRCB,
* PKPRCB,
**PPKPRCB;
#define KPRCB_ \
sizeof )KPRCB:
// -----------------------------------------------------------------
// base address 0xFFDFF000
typedef struct _KPCR // processor control region
|
/*000*/ NT_TIB NtTib;
/*01C*/ struct _KPCR *SelfPcr;
/*020*/ PKPRCB Prcb;
/*024*/ KIRQL Irql;
/*028*/ DWORD IRR;
/*02C*/ DWORD IrrActive;
/*030*/ DWORD IDR;
/*034*/ DWORD Reserved2;
/*038*/ struct _KIDTENTRY *IDT;
/*03C*/ struct _KGDTENTRY *GDT;
/*040*/ struct _KTSS *TSS;
/*044*/ WORD MajorVersion;
/*046*/ WORD MinorVersion;
/*048*/ KAFFINITY SetMember;
/*04C*/ DWORD StallScaleFactor;
/*050*/ BYTE DebugActive;
/*051*/ BYTE Number;
/*054*/ "
KPCR,
* PKPCR,
**PPKPCR;
#define KPCR_ \
sizeof )KPCR:
