https://git.reactos.org/?p=reactos.git;a=commitdiff;h=4d37135884e5504be66a51884804c6af896e4b17
commit 4d37135884e5504be66a51884804c6af896e4b17
Author: Hermès Bélusca-Maïto <hermes.belusca-ma...@reactos.org>
AuthorDate: Sun Mar 12 20:29:21 2023 +0100
Commit: Hermès Bélusca-Maïto <hermes.belusca-ma...@reactos.org>
CommitDate: Tue Jan 28 22:00:28 2025 +0100
[NDK] SYSDBG: Add SysDbgGetLiveKernelDump enum value and structures for
kernel live dump.
For more information, see:
https://crashdmp.wordpress.com/2014/08/04/livedump-1-0-is-available/
https://github.com/lilhoser/livedump
https://gary-nebbett.blogspot.com/2016/04/examining-windows-kernel-mode-stacks.html
https://github.com/processhacker/phnt
---
sdk/include/ndk/kdtypes.h | 84 +++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 84 insertions(+)
diff --git a/sdk/include/ndk/kdtypes.h b/sdk/include/ndk/kdtypes.h
index 8ebd21a6f7e..77b5545cfed 100644
--- a/sdk/include/ndk/kdtypes.h
+++ b/sdk/include/ndk/kdtypes.h
@@ -98,6 +98,9 @@ typedef enum _SYSDBG_COMMAND
SysDbgGetUmAttachPid = 35,
SysDbgClearUmAttachPid = 36,
#endif
+#if (NTDDI_VERSION >= NTDDI_WINBLUE) // NTDDI_WIN81
+ SysDbgGetLiveKernelDump = 37,
+#endif
} SYSDBG_COMMAND;
//
@@ -164,6 +167,87 @@ typedef struct _SYSDBG_TRIAGE_DUMP
PHANDLE Handles;
} SYSDBG_TRIAGE_DUMP, *PSYSDBG_TRIAGE_DUMP;
+#if (NTDDI_VERSION >= NTDDI_WINBLUE) // NTDDI_WIN81
+
+typedef union _SYSDBG_LIVEDUMP_CONTROL_FLAGS
+{
+ struct
+ {
+ ULONG UseDumpStorageStack : 1;
+ ULONG CompressMemoryPagesData : 1;
+ ULONG IncludeUserSpaceMemoryPages : 1;
+#if (NTDDI_VERSION >= NTDDI_WIN10_RS4)
+ ULONG AbortIfMemoryPressure : 1;
+#if (NTDDI_VERSION >= NTDDI_WIN11)
+ ULONG SelectiveDump : 1;
+ ULONG Reserved : 27;
+#else
+ ULONG Reserved : 28;
+#endif // (NTDDI_VERSION >= NTDDI_WIN11)
+#else
+ ULONG Reserved : 29;
+#endif // (NTDDI_VERSION >= NTDDI_WIN10_RS4)
+ };
+ ULONG AsUlong;
+} SYSDBG_LIVEDUMP_CONTROL_FLAGS;
+
+typedef union _SYSDBG_LIVEDUMP_CONTROL_ADDPAGES
+{
+ struct
+ {
+ ULONG HypervisorPages : 1;
+#if (NTDDI_VERSION >= NTDDI_WIN11)
+ ULONG NonEssentialHypervisorPages : 1;
+ ULONG Reserved : 30;
+#else
+ ULONG Reserved : 31;
+#endif
+ };
+ ULONG AsUlong;
+} SYSDBG_LIVEDUMP_CONTROL_ADDPAGES;
+
+#if (NTDDI_VERSION >= NTDDI_WIN11)
+
+typedef struct _SYSDBG_LIVEDUMP_SELECTIVE_CONTROL
+{
+ ULONG Version;
+ ULONG Size;
+ union
+ {
+ ULONGLONG Flags;
+ struct
+ {
+ ULONGLONG ThreadKernelStacks : 1;
+ ULONGLONG ReservedFlags : 63;
+ };
+ };
+ ULONGLONG Reserved[4];
+} SYSDBG_LIVEDUMP_SELECTIVE_CONTROL, *PSYSDBG_LIVEDUMP_SELECTIVE_CONTROL;
+
+#define SYSDBG_LIVEDUMP_CONTROL_VERSION 1
+#define SYSDBG_LIVEDUMP_CONTROL_VERSION_WIN11 2
+
+#endif // (NTDDI_VERSION >= NTDDI_WIN11)
+
+typedef struct _SYSDBG_LIVEDUMP_CONTROL
+{
+ ULONG Version;
+ ULONG BugCheckCode;
+ ULONG_PTR BugCheckParam1;
+ ULONG_PTR BugCheckParam2;
+ ULONG_PTR BugCheckParam3;
+ ULONG_PTR BugCheckParam4;
+ PVOID DumpFileHandle;
+ PVOID CancelEventHandle;
+ SYSDBG_LIVEDUMP_CONTROL_FLAGS Flags;
+ SYSDBG_LIVEDUMP_CONTROL_ADDPAGES AddPagesControl;
+#if (NTDDI_VERSION >= NTDDI_WIN11)
+ PSYSDBG_LIVEDUMP_SELECTIVE_CONTROL SelectiveControl;
+#endif
+} SYSDBG_LIVEDUMP_CONTROL, *PSYSDBG_LIVEDUMP_CONTROL;
+
+#endif // (NTDDI_VERSION >= NTDDI_WINBLUE)
+
//
// KD Structures
//
