1 files changed, 239 insertions, 0 deletions

diff --git a/vendor/ntapi/src/ntdbg.rs b/vendor/ntapi/src/ntdbg.rs
new file mode 100644
index 000000000..991e8f9da
--- /dev/null
+++ b/vendor/ntapi/src/ntdbg.rs
@@ -0,0 +1,239 @@
+use crate::ntapi_base::{CLIENT_ID, PCLIENT_ID};
+use winapi::shared::evntprov::EVENT_FILTER_DESCRIPTOR;
+use winapi::shared::guiddef::LPCGUID;
+use winapi::shared::ntdef::{
+    BOOLEAN, HANDLE, NTSTATUS, PCCH, PCH, PCSTR, PHANDLE, PLARGE_INTEGER, POBJECT_ATTRIBUTES,
+    PULONG, PVOID, UCHAR, ULONG, ULONGLONG,
+};
+use winapi::um::minwinbase::LPDEBUG_EVENT;
+use winapi::um::winnt::{ACCESS_MASK, EXCEPTION_RECORD, STANDARD_RIGHTS_REQUIRED, SYNCHRONIZE};
+use winapi::vc::vadefs::va_list;
+EXTERN!{extern "system" {
+    fn DbgUserBreakPoint();
+    fn DbgBreakPoint();
+    fn DbgBreakPointWithStatus(
+        Status: ULONG,
+    );
+}}
+pub const DBG_STATUS_CONTROL_C: u32 = 1;
+pub const DBG_STATUS_SYSRQ: u32 = 2;
+pub const DBG_STATUS_BUGCHECK_FIRST: u32 = 3;
+pub const DBG_STATUS_BUGCHECK_SECOND: u32 = 4;
+pub const DBG_STATUS_FATAL: u32 = 5;
+pub const DBG_STATUS_DEBUG_CONTROL: u32 = 6;
+pub const DBG_STATUS_WORKER: u32 = 7;
+EXTERN!{extern "C" {
+    fn DbgPrint(
+        Format: PCSTR,
+        ...
+    ) -> ULONG;
+    fn DbgPrintEx(
+        ComponentId: ULONG,
+        Level: ULONG,
+        Format: PCSTR,
+        ...
+    ) -> ULONG;
+}}
+EXTERN!{extern "system" {
+    fn vDbgPrintEx(
+        ComponentId: ULONG,
+        Level: ULONG,
+        Format: PCCH,
+        arglist: va_list,
+    ) -> ULONG;
+    fn vDbgPrintExWithPrefix(
+        Prefix: PCH,
+        ComponentId: ULONG,
+        Level: ULONG,
+        Format: PCCH,
+        arglist: va_list,
+    ) -> ULONG;
+    fn DbgQueryDebugFilterState(
+        ComponentId: ULONG,
+        Level: ULONG,
+    ) -> NTSTATUS;
+    fn DbgSetDebugFilterState(
+        ComponentId: ULONG,
+        Level: ULONG,
+        State: BOOLEAN,
+    ) -> NTSTATUS;
+    fn DbgPrompt(
+        Prompt: PCCH,
+        Response: PCH,
+        Length: ULONG,
+    ) -> ULONG;
+}}
+STRUCT!{struct DBGKM_EXCEPTION {
+    ExceptionRecord: EXCEPTION_RECORD,
+    FirstChance: ULONG,
+}}
+pub type PDBGKM_EXCEPTION = *mut DBGKM_EXCEPTION;
+STRUCT!{struct DBGKM_CREATE_THREAD {
+    SubSystemKey: ULONG,
+    StartAddress: PVOID,
+}}
+pub type PDBGKM_CREATE_THREAD = *mut DBGKM_CREATE_THREAD;
+STRUCT!{struct DBGKM_CREATE_PROCESS {
+    SubSystemKey: ULONG,
+    FileHandle: HANDLE,
+    BaseOfImage: PVOID,
+    DebugInfoFileOffset: ULONG,
+    DebugInfoSize: ULONG,
+    InitialThread: DBGKM_CREATE_THREAD,
+}}
+pub type PDBGKM_CREATE_PROCESS = *mut DBGKM_CREATE_PROCESS;
+STRUCT!{struct DBGKM_EXIT_THREAD {
+    ExitStatus: NTSTATUS,
+}}
+pub type PDBGKM_EXIT_THREAD = *mut DBGKM_EXIT_THREAD;
+STRUCT!{struct DBGKM_EXIT_PROCESS {
+    ExitStatus: NTSTATUS,
+}}
+pub type PDBGKM_EXIT_PROCESS = *mut DBGKM_EXIT_PROCESS;
+STRUCT!{struct DBGKM_LOAD_DLL {
+    FileHandle: HANDLE,
+    BaseOfDll: PVOID,
+    DebugInfoFileOffset: ULONG,
+    DebugInfoSize: ULONG,
+    NamePointer: PVOID,
+}}
+pub type PDBGKM_LOAD_DLL = *mut DBGKM_LOAD_DLL;
+STRUCT!{struct DBGKM_UNLOAD_DLL {
+    BaseAddress: PVOID,
+}}
+pub type PDBGKM_UNLOAD_DLL = *mut DBGKM_UNLOAD_DLL;
+ENUM!{enum DBG_STATE {
+    DbgIdle = 0,
+    DbgReplyPending = 1,
+    DbgCreateThreadStateChange = 2,
+    DbgCreateProcessStateChange = 3,
+    DbgExitThreadStateChange = 4,
+    DbgExitProcessStateChange = 5,
+    DbgExceptionStateChange = 6,
+    DbgBreakpointStateChange = 7,
+    DbgSingleStepStateChange = 8,
+    DbgLoadDllStateChange = 9,
+    DbgUnloadDllStateChange = 10,
+}}
+pub type PDBG_STATE = *mut DBG_STATE;
+STRUCT!{struct DBGUI_CREATE_THREAD {
+    HandleToThread: HANDLE,
+    NewThread: DBGKM_CREATE_THREAD,
+}}
+pub type PDBGUI_CREATE_THREAD = *mut DBGUI_CREATE_THREAD;
+STRUCT!{struct DBGUI_CREATE_PROCESS {
+    HandleToProcess: HANDLE,
+    HandleToThread: HANDLE,
+    NewProcess: DBGKM_CREATE_PROCESS,
+}}
+UNION!{union DBGUI_WAIT_STATE_CHANGE_StateInfo {
+    Exception: DBGKM_EXCEPTION,
+    CreateThread: DBGUI_CREATE_THREAD,
+    CreateProcessInfo: DBGUI_CREATE_PROCESS,
+    ExitThread: DBGKM_EXIT_THREAD,
+    ExitProcess: DBGKM_EXIT_PROCESS,
+    LoadDll: DBGKM_LOAD_DLL,
+    UnloadDll: DBGKM_UNLOAD_DLL,
+}}
+pub type PDBGUI_CREATE_PROCESS = *mut DBGUI_CREATE_PROCESS;
+STRUCT!{struct DBGUI_WAIT_STATE_CHANGE {
+    NewState: DBG_STATE,
+    AppClientId: CLIENT_ID,
+    StateInfo: DBGUI_WAIT_STATE_CHANGE_StateInfo,
+}}
+pub type PDBGUI_WAIT_STATE_CHANGE = *mut DBGUI_WAIT_STATE_CHANGE;
+pub const DEBUG_READ_EVENT: ULONG = 0x0001;
+pub const DEBUG_PROCESS_ASSIGN: ULONG = 0x0002;
+pub const DEBUG_SET_INFORMATION: ULONG = 0x0004;
+pub const DEBUG_QUERY_INFORMATION: ULONG = 0x0008;
+pub const DEBUG_ALL_ACCESS: ACCESS_MASK = STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE | DEBUG_READ_EVENT
+    | DEBUG_PROCESS_ASSIGN | DEBUG_SET_INFORMATION | DEBUG_QUERY_INFORMATION;
+pub const DEBUG_KILL_ON_CLOSE: u32 = 0x1;
+ENUM!{enum DEBUGOBJECTINFOCLASS {
+    DebugObjectUnusedInformation = 0,
+    DebugObjectKillProcessOnExitInformation = 1,
+    MaxDebugObjectInfoClass = 2,
+}}
+pub type PDEBUGOBJECTINFOCLASS = *mut DEBUGOBJECTINFOCLASS;
+EXTERN!{extern "system" {
+    fn NtCreateDebugObject(
+        DebugObjectHandle: PHANDLE,
+        DesiredAccess: ACCESS_MASK,
+        ObjectAttributes: POBJECT_ATTRIBUTES,
+        Flags: ULONG,
+    ) -> NTSTATUS;
+    fn NtDebugActiveProcess(
+        ProcessHandle: HANDLE,
+        DebugObjectHandle: HANDLE,
+    ) -> NTSTATUS;
+    fn NtDebugContinue(
+        DebugObjectHandle: HANDLE,
+        ClientId: PCLIENT_ID,
+        ContinueStatus: NTSTATUS,
+    ) -> NTSTATUS;
+    fn NtRemoveProcessDebug(
+        ProcessHandle: HANDLE,
+        DebugObjectHandle: HANDLE,
+    ) -> NTSTATUS;
+    fn NtSetInformationDebugObject(
+        DebugObjectHandle: HANDLE,
+        DebugObjectInformationClass: DEBUGOBJECTINFOCLASS,
+        DebugInformation: PVOID,
+        DebugInformationLength: ULONG,
+        ReturnLength: PULONG,
+    ) -> NTSTATUS;
+    fn NtWaitForDebugEvent(
+        DebugObjectHandle: HANDLE,
+        Alertable: BOOLEAN,
+        Timeout: PLARGE_INTEGER,
+        WaitStateChange: PVOID,
+    ) -> NTSTATUS;
+    fn DbgUiConnectToDbg() -> NTSTATUS;
+    fn DbgUiGetThreadDebugObject() -> HANDLE;
+    fn DbgUiSetThreadDebugObject(
+        DebugObject: HANDLE,
+    );
+    fn DbgUiWaitStateChange(
+        StateChange: PDBGUI_WAIT_STATE_CHANGE,
+        Timeout: PLARGE_INTEGER,
+    ) -> NTSTATUS;
+    fn DbgUiContinue(
+        AppClientId: PCLIENT_ID,
+        ContinueStatus: NTSTATUS,
+    ) -> NTSTATUS;
+    fn DbgUiStopDebugging(
+        Process: HANDLE,
+    ) -> NTSTATUS;
+    fn DbgUiDebugActiveProcess(
+        Process: HANDLE,
+    ) -> NTSTATUS;
+    fn DbgUiRemoteBreakin(
+        Context: PVOID,
+    );
+    fn DbgUiIssueRemoteBreakin(
+        Process: HANDLE,
+    ) -> NTSTATUS;
+    fn DbgUiConvertStateChangeStructure(
+        StateChange: PDBGUI_WAIT_STATE_CHANGE,
+        DebugEvent: LPDEBUG_EVENT,
+    ) -> NTSTATUS;
+}}
+FN!{stdcall PENABLECALLBACK(
+    SourceId: LPCGUID,
+    IsEnabled: ULONG,
+    Level: UCHAR,
+    MatchAnyKeyword: ULONGLONG,
+    MatchAllKeyword: ULONGLONG,
+    FilterData: *mut EVENT_FILTER_DESCRIPTOR,
+    CallbackContext: PVOID,
+) -> ()}
+pub type REGHANDLE = ULONGLONG;
+pub type PREGHANDLE = *mut ULONGLONG;
+EXTERN!{extern "system" {
+    fn EtwEventRegister(
+        ProviderId: LPCGUID,
+        EnableCallback: PENABLECALLBACK,
+        CallbackContext: PVOID,
+        RegHandle: PREGHANDLE,
+    ) -> NTSTATUS;
+}}