void ParaNdis_DebugInitialize(PVOID DriverObject,PVOID RegistryPath) { NDIS_STRING usRegister, usDeregister, usPrint; PVOID pr, pd; BOOLEAN res; WPP_INIT_TRACING(DriverObject, RegistryPath); NdisAllocateSpinLock(&CrashLock); KeInitializeCallbackRecord(&CallbackRecord); ParaNdis_PrepareBugCheckData(); NdisInitUnicodeString(&usPrint, L"vDbgPrintEx"); NdisInitUnicodeString(&usRegister, L"KeRegisterBugCheckReasonCallback"); NdisInitUnicodeString(&usDeregister, L"KeDeregisterBugCheckReasonCallback"); pd = MmGetSystemRoutineAddress(&usPrint); if (pd) PrintProcedure = (vDbgPrintExType)pd; pr = MmGetSystemRoutineAddress(&usRegister); pd = MmGetSystemRoutineAddress(&usDeregister); if (pr && pd) { BugCheckRegisterCallback = (KeRegisterBugCheckReasonCallbackType)pr; BugCheckDeregisterCallback = (KeDeregisterBugCheckReasonCallbackType)pd; } res = BugCheckRegisterCallback(&CallbackRecord, ParaNdis_OnBugCheck, KbCallbackSecondaryDumpData, "NetKvm"); DPrintf(0, ("[%s] Crash callback %sregistered", __FUNCTION__, res ? "" : "NOT ")); #ifdef OVERRIDE_DEBUG_BREAK if (sizeof(PVOID) == sizeof(ULONG)) { UCHAR replace[5] = {0xe9,0,0,0,0}; ULONG replacement; NDIS_STRING usDbgBreakPointName; NdisInitUnicodeString(&usDbgBreakPointName, L"DbgBreakPoint"); pDbgBreakPoint = (PUCHAR)MmGetSystemRoutineAddress(&usDbgBreakPointName); if (pDbgBreakPoint) { DPrintf(0, ("Replacing original BP handler at %p", pDbgBreakPoint)); replacement = RtlPointerToOffset(pDbgBreakPoint + 5, AnotherDbgBreak); RtlCopyMemory(replace + 1, &replacement, sizeof(replacement)); RtlCopyMemory(DbgBreakPointChunk, pDbgBreakPoint, sizeof(DbgBreakPointChunk)); RtlCopyMemory(pDbgBreakPoint, replace, sizeof(replace)); } } #endif }
void ParaNdis_DebugInitialize() { NDIS_STRING usRegister, usDeregister, usPrint; PVOID pr, pd; BOOLEAN res; NdisAllocateSpinLock(&CrashLock); KeInitializeCallbackRecord(&CallbackRecord); ParaNdis_PrepareBugCheckData(); NdisInitUnicodeString(&usPrint, L"vDbgPrintEx"); NdisInitUnicodeString(&usRegister, L"KeRegisterBugCheckReasonCallback"); NdisInitUnicodeString(&usDeregister, L"KeDeregisterBugCheckReasonCallback"); pd = MmGetSystemRoutineAddress(&usPrint); if (pd) PrintProcedure = (vDbgPrintExType)pd; pr = MmGetSystemRoutineAddress(&usRegister); pd = MmGetSystemRoutineAddress(&usDeregister); if (pr && pd) { BugCheckRegisterCallback = (KeRegisterBugCheckReasonCallbackType)pr; BugCheckDeregisterCallback = (KeDeregisterBugCheckReasonCallbackType)pd; } res = BugCheckRegisterCallback(&CallbackRecord, ParaNdis_OnBugCheck, KbCallbackSecondaryDumpData, (const PUCHAR)"NetKvm"); DPrintf(0, ("[%s] Crash callback %sregistered\n", __FUNCTION__, res ? "" : "NOT ")); }