added test code for receive kernel messages

Jan Wilmans · Jan Wilmans · commit 320d748031d9 · 2025-07-27T15:18:46.000+02:00
diff --git a/application/DebugViewpp/DebugView++.cpp b/application/DebugViewpp/DebugView++.cpp
@@ -12,8 +12,6 @@
 #include "DebugViewppLib/DBWinWriter.h"
 #include "Win32/Com.h"
 
-#include <iostream>
-
 #include "atleverything.h"
 
 //#define ENABLE_CRASHPAD
@@ -90,10 +88,31 @@ int ForwardMessagesFromPipe(HANDLE hPipe)
     return 0;
 }
 
+void WriteDriverFromResource()
+{
+    HRSRC hRes = FindResource(NULL, MAKEINTRESOURCE(IDR_DBGV_DRIVER), RT_RCDATA);
+    if (hRes)
+    {
+        HGLOBAL hLoadedRes = LoadResource(NULL, hRes);
+        if (hLoadedRes)
+        {
+            DWORD dwSize = SizeofResource(NULL, hRes);
+            void* pLockedRes = LockResource(hLoadedRes);
+            if (pLockedRes)
+            {
+                std::ofstream outFile("dbgv.sys", std::ios::binary);
+                outFile.write(static_cast<const char*>(pLockedRes), dwSize);
+                outFile.close();
+            }
+        }
+    }
+}
+
 int Main(HINSTANCE hInstance, HINSTANCE /*hPrevInstance*/, LPWSTR /*lpstrCmdLine*/, int cmdShow)
 {
     Win32::SetPrivilege(SE_DEBUG_NAME, true);
     Win32::SetPrivilege(SE_CREATE_GLOBAL_NAME, true);
+    Win32::SetPrivilege(SE_LOAD_DRIVER_NAME, true);
 
     Win32::ComInitialization com;
 
@@ -110,24 +129,6 @@ int Main(HINSTANCE hInstance, HINSTANCE /*hPrevInstance*/, LPWSTR /*lpstrCmdLine
     std::cout.clear();
 #endif
 
-
-    HRSRC hRes = FindResource(NULL, MAKEINTRESOURCE(IDR_DBGV_DRIVER), RT_RCDATA);
-    if (hRes)
-    {
-        HGLOBAL hLoadedRes = LoadResource(NULL, hRes);
-        if (hLoadedRes)
-        {
-            DWORD dwSize = SizeofResource(NULL, hRes);
-            void* pLockedRes = LockResource(hLoadedRes);
-            if (pLockedRes)
-            {
-                std::ofstream outFile("dbgv.sys", std::ios::binary);
-                outFile.write(static_cast<const char*>(pLockedRes), dwSize);
-                outFile.close();
-            }
-        }
-    }
-
     CAppModuleInitialization moduleInit(_Module, hInstance);
 
     HANDLE hStdIn = GetStdHandle(STD_INPUT_HANDLE);
diff --git a/application/DebugViewpp/DebugView++.rc b/application/DebugViewpp/DebugView++.rc
@@ -250,7 +250,7 @@ IDR_BOOKMARK            ICON                    "res\\Bookmark.ico"
 // RCDATA
 //
 
-IDR_DBGV_DRIVER RCDATA "res\\Dbgv.sys"
+IDR_DBGV_DRIVER         RCDATA                  "res\\Dbgv.sys"
 
 /////////////////////////////////////////////////////////////////////////////
 //
diff --git a/application/DebugViewppLib/CMakeLists.txt b/application/DebugViewppLib/CMakeLists.txt
@@ -7,6 +7,7 @@ add_library(${PROJECT_NAME}
     Conversions.cpp
     CTimelineView.cpp
     DbgviewReader.cpp
+    Debugview_kernel_client.cpp
     DBWinBuffer.cpp
     DBWinReader.cpp
     DBWinWriter.cpp
diff --git a/application/DebugViewppLib/Debugview_kernel_client.cpp b/application/DebugViewppLib/Debugview_kernel_client.cpp
@@ -0,0 +1,198 @@
+// (C) Copyright Gert-Jan de Vos and Jan Wilmans 2013.
+// Distributed under the Boost Software License, Version 1.0.
+// (See accompanying file LICENSE_1_0.txt or copy at
+// http://www.boost.org/LICENSE_1_0.txt)
+
+#define WIN32_LEAN_AND_MEAN
+#include <windows.h>
+#include <tchar.h>
+#include <winioctl.h>
+#include <winsvc.h>
+
+#include <string>
+#include <iostream>
+
+#pragma warning(disable:4200)
+
+#define FILE_DEVICE_DBGV 0x8305
+
+#define DBGV_CAPTURE_KERNEL			CTL_CODE(FILE_DEVICE_DBGV, 0, METHOD_BUFFERED, FILE_ANY_ACCESS)		//0x00	//enable capture kernel
+#define DBGV_UNCAPTURE_KERNEL		CTL_CODE(FILE_DEVICE_DBGV, 1, METHOD_BUFFERED, FILE_ANY_ACCESS)		//0x04	//
+#define DBGV_CLEAR_DISPLAY			CTL_CODE(FILE_DEVICE_DBGV, 2, METHOD_BUFFERED, FILE_ANY_ACCESS)		//0x08	//clear display
+#define DBGV_READ_LOG				CTL_CODE(FILE_DEVICE_DBGV, 3, METHOD_NEITHER, FILE_ANY_ACCESS)		//0x0f	//read kernel log
+#define DBGV_SET_PASSTHROUGH		CTL_CODE(FILE_DEVICE_DBGV, 4, METHOD_BUFFERED, FILE_ANY_ACCESS)		//0x10	//enable passthrough
+#define DBGV_UNSET_PASSTHROUGH		CTL_CODE(FILE_DEVICE_DBGV, 5, METHOD_BUFFERED, FILE_ANY_ACCESS)		//0x14	//
+#define DBGV_IS_DRIVER_AVAILABLE	CTL_CODE(FILE_DEVICE_DBGV, 8, METHOD_BUFFERED, FILE_ANY_ACCESS)		//0x20	//test driver is valid or functional
+#define DBGV_GET_DRIVER_VERSION		CTL_CODE(FILE_DEVICE_DBGV, 9, METHOD_BUFFERED, FILE_ANY_ACCESS)		//0x24	//driver version, 4.70 = 0x800
+#define DBGV_SET_CARRIAGE_RETURN	CTL_CODE(FILE_DEVICE_DBGV, 0x0d, METHOD_BUFFERED, FILE_ANY_ACCESS)	//0x34	//force carriage return
+#define DBGV_UNSET_CARRIAGE_RETURN	CTL_CODE(FILE_DEVICE_DBGV, 0x0e, METHOD_BUFFERED, FILE_ANY_ACCESS)	//0x38	//
+#define DBGV_ENABLE_FILTER_STATE	CTL_CODE(FILE_DEVICE_DBGV, 0x0f, METHOD_BUFFERED, FILE_ANY_ACCESS)	//0x3C	//enable log verbose
+#define DBGV_SET_FILTER_STATE		CTL_CODE(FILE_DEVICE_DBGV, 0x10, METHOD_BUFFERED, FILE_ANY_ACCESS)	//0x40	//reset log verbose
+
+#pragma pack(1)
+typedef struct
+{
+	DWORD dwIndex;
+	FILETIME liSystemTime;
+	LARGE_INTEGER liPerfCounter;
+	CHAR strData[0];
+}LOG_ITEM, *PLOG_ITEM;
+#pragma pack()
+
+int monitor_kernel()
+{
+	std::wstring strDeviceName = L"\\\\.\\dbgv";
+
+	HANDLE hFile = CreateFile(strDeviceName.c_str(),
+		GENERIC_READ,
+		FILE_SHARE_READ,
+		NULL,
+		OPEN_EXISTING,
+		FILE_ATTRIBUTE_NORMAL,
+		NULL);
+	DWORD dwErr = ::GetLastError();
+	if (hFile != INVALID_HANDLE_VALUE)
+	{
+		BOOL bRet = FALSE;
+
+		//enable capture
+		DWORD dwOut = 0;
+		DWORD dwReturned = 0;
+		bRet = DeviceIoControl(hFile, DBGV_CAPTURE_KERNEL, NULL, 0, &dwOut, sizeof(dwOut), &dwReturned, NULL);
+		if (!bRet)
+		{
+			printf("DBGV_CAPTURE_KERNEL failed, err=%d\n", ::GetLastError());
+			CloseHandle(hFile);
+			return -1;
+		}
+
+		//enable kernel verboase log
+		bRet = DeviceIoControl(hFile, DBGV_ENABLE_FILTER_STATE, NULL, 0, NULL, 0, NULL, NULL);
+		if (!bRet)
+		{
+			printf("DBGV_ENABLE_FILTER_STATE failed, err=%d\n", ::GetLastError());
+			CloseHandle(hFile);
+			return -2;
+		}
+
+		//try capture 1000 logs and exit
+		const DWORD dwBufLen = 0x10000;
+		PLOG_ITEM pBuf = (PLOG_ITEM)malloc(dwBufLen);
+		DWORD nCount = 0, nMaxCount = 1000;
+		while (1)
+		{
+			memset(pBuf, 0, dwBufLen);
+			dwOut = 0;
+			bRet = DeviceIoControl(hFile, DBGV_READ_LOG, NULL, 0, pBuf, dwBufLen, &dwOut, NULL);
+			if (dwOut > 0)
+			{
+				PLOG_ITEM pNextItem = pBuf;
+				while (pNextItem->dwIndex != 0)
+				{
+					SYSTEMTIME st = { 0 };
+					FILETIME lt = { 0 };
+					FileTimeToLocalFileTime(&pNextItem->liSystemTime, &lt);
+					FileTimeToSystemTime(&lt, &st);
+					printf("%d, Time:%04d-%02d-%02d %02d:%02d:%02d.%03d, %s\n",
+						pNextItem->dwIndex,
+						st.wYear,
+						st.wMonth,
+						st.wDay,
+						st.wHour,
+						st.wMinute,
+						st.wSecond,
+						st.wMilliseconds,
+						pNextItem->strData);
+					pNextItem = (PLOG_ITEM)((char*)pNextItem + sizeof(LOG_ITEM) + (strlen(pNextItem->strData) + 4) / 4 * 4);
+
+					nCount++;
+					if (nCount > nMaxCount)
+					{
+						break;
+					}
+				}
+			}
+
+			::Sleep(10);
+		}
+
+		::free(pBuf);
+
+		bRet = DeviceIoControl(hFile, DBGV_UNCAPTURE_KERNEL, NULL, 0, NULL, 0, NULL, NULL);
+		if (!bRet)
+		{
+			printf("DBGV_UNCAPTURE_KERNEL failed, err=%d\n", ::GetLastError());
+			CloseHandle(hFile);
+			return -1;
+		}
+
+		CloseHandle(hFile);
+	}
+
+	return 0;
+};
+
+/// Driver
+
+constexpr const char* DRIVER_SERVICE_NAME = "debugviewdriver";
+constexpr const char* DRIVER_DISPLAY_NAME = "DebugViewPP Kernel Message Driver";
+const std::string driverPath = "dbgv.sys";
+
+void InstallDriver()
+{
+    std::cout << "InstallDriver...\n";
+    SC_HANDLE hSCManager = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS);
+    if (!hSCManager) {
+        std::cout << "Failed to open Service Control Manager. Error: " << GetLastError() << std::endl;
+    }
+
+    SC_HANDLE hService = CreateServiceA(
+        hSCManager,
+        DRIVER_SERVICE_NAME,
+        DRIVER_DISPLAY_NAME,
+        SERVICE_ALL_ACCESS,
+        SERVICE_KERNEL_DRIVER,
+        SERVICE_DEMAND_START,
+        SERVICE_ERROR_NORMAL,
+        driverPath.c_str(),
+        NULL, NULL, NULL, NULL, NULL
+    );
+
+    if (!hService) {
+        if (GetLastError() == ERROR_SERVICE_EXISTS) {
+            std::cout << "Service already exists.\n";
+            CloseServiceHandle(hSCManager);
+        }
+        std::cout << "Failed to create service. Error: " << GetLastError() << std::endl;
+        CloseServiceHandle(hSCManager);
+    }
+
+    CloseServiceHandle(hService);
+    CloseServiceHandle(hSCManager);
+    std::cout << "InstallDriver done...\n";
+}
+
+void UninstallDriver()
+{
+    std::cout << "UninstallDriver...\n";
+    SC_HANDLE hSCManager = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS);
+    if (!hSCManager) {
+        std::cout << "Failed to open Service Control Manager. Error: " << GetLastError() << std::endl;
+    }
+
+    SC_HANDLE hService = OpenServiceA(hSCManager, DRIVER_SERVICE_NAME, DELETE);
+    if (!hService) {
+        std::cout << "Failed to open service. Error: " << GetLastError() << std::endl;
+        CloseServiceHandle(hSCManager);
+    }
+
+    if (!DeleteService(hService)) {
+        std::cout << "Failed to delete service. Error: " << GetLastError() << std::endl;
+        CloseServiceHandle(hService);
+        CloseServiceHandle(hSCManager);
+    }
+
+    CloseServiceHandle(hService);
+    CloseServiceHandle(hSCManager);
+    std::cout << "UninstallDriver done...\n";
+}
diff --git a/application/DebugViewppLib/Debugview_kernel_client.h b/application/DebugViewppLib/Debugview_kernel_client.h
@@ -0,0 +1,9 @@
+// (C) Copyright Gert-Jan de Vos and Jan Wilmans 2013.
+// Distributed under the Boost Software License, Version 1.0.
+// (See accompanying file LICENSE_1_0.txt or copy at
+// http://www.boost.org/LICENSE_1_0.txt)
+
+int monitor_kernel();
+void InstallDriver();
+void UninstallDriver();
+
