Difference between revisions of "Techwiki:Win32k/LDEVOBJ"
ThePhysicist (talk | contribs) |
ThePhysicist (talk | contribs) |
||
| Line 29: | Line 29: | ||
typedef struct _LDEVOBJ | typedef struct _LDEVOBJ | ||
{ // W2k WXP | { // W2k WXP | ||
| − | + | struct _LDEVOBJ *pldevNext; // 000 000 | |
| − | + | struct _LDEVOBJ *pldevPrev; // 004 004 | |
| − | LDEVINFO | + | LDEVINFO pInfo; // 008 |
| − | ULONG | + | ULONG ldevtype; // 008 00C |
| − | ULONG | + | ULONG cRefs; // 00C 010 |
| − | ULONG | + | ULONG unk_014; // --- 014 |
| − | void * | + | void * pGdiDriverInfo; // 014 018 |
| − | ULONG | + | ULONG ulDriverVersion; // 018 01C |
| − | ULONG | + | ULONG unk_020; // 020 |
| − | PFN | + | PFN apfn[93]; // 024 |
| − | PFN | + | PFN apfnOrig[93]; // 198 |
| − | // size | + | // size 310 |
} LDEVOBJ, *PLDEVOBJ; | } LDEVOBJ, *PLDEVOBJ; | ||
Revision as of 12:01, 7 July 2009
Representation of a GDI driver.
typedef struct
{ // WXP
UNICODE_STRING usDriverPath; // 000
PVOID pvImageBase; // 008
PVOID pMmLd; // 00C
PVOID pfnDrvEnableDriver; // 010
DWORD unknown2; // 014
ULONG cjImageSize; // 018
// size 01C
} LDEVINFO;
usDriverPath
- Full path of the drivers dll. Example: '\SystemRoot\System32\ATMFD.DLL'
pvImageBase
- Pointer to the beginning of the driver mapping.
pMmLd
- Pointer to 'MmLd' Mm load module database. (section handle?)
pfnDrvEnableDriver
- Pointer to the drivers entry point.
cjImageSize
- Size of the DLL in bytes.
typedef struct _LDEVOBJ
{ // W2k WXP
struct _LDEVOBJ *pldevNext; // 000 000
struct _LDEVOBJ *pldevPrev; // 004 004
LDEVINFO pInfo; // 008
ULONG ldevtype; // 008 00C
ULONG cRefs; // 00C 010
ULONG unk_014; // --- 014
void * pGdiDriverInfo; // 014 018
ULONG ulDriverVersion; // 018 01C
ULONG unk_020; // 020
PFN apfn[93]; // 024
PFN apfnOrig[93]; // 198
// size 310
} LDEVOBJ, *PLDEVOBJ;
pldevNext
- Pointer to the next LDEVOBJ in the global list. NULL if this is the last LDEVOBJ.
pldevPrev
- Pointer to the previous LDEVOBJ in the global list. NULL if this is the first LDEVOBJ.
ldevtype
- Can be one of:
typedef enum
{
LDEV_DEVICE_DISPLAY = 1,
LDEV_DEVICE_PRINTER = 2,
LDEV_DEVICE_META = 3,
LDEV_DEVICE_MIRROR = 4,
LDEV_IMAGE = 5,
LDEV_FONT = 6
} LDEVTYPE;
apfn
- Array of pointers to the according driver functions or win32k!WatchDogXxx interceptions.
apfnOrig
- The original function pointer that were returned from the driver entry.
Remarks
All LDEVOBJs are kept in a global list. Both structures have the tag 'Gldv' Total size of LDEVOBJ is 0x310 Bytes
