Windows System Software -- Consulting, Training, Development -- Unique Expertise, Guaranteed Results

Home NTFSD
Before Posting...
Please check out the Community Guidelines in the Announcements and Administration Category.

More Info on Driver Writing and Debugging


The free OSR Learning Library has more than 50 articles on a wide variety of topics about writing and debugging device drivers and Minifilters. From introductory level to advanced. All the articles have been recently reviewed and updated, and are written using the clear and definitive style you've come to expect from OSR over the years.


Check out The OSR Learning Library at: https://www.osr.com/osr-learning-library/


Local Procedure Call interface definition

OSR_Community_UserOSR_Community_User Member Posts: 110,217
This is all I have reversed from checked build kernel.
Structure names and macros can vary from internal Microsoft definitions,
but this isn't important. Optionally I can send sample code which shows
how to use these support routines.

//
// Local Procedure Call Port Specific Access Rights
//

#define PORT_CONNECT 0x0001

#define PORT_ALL_ACCESS (STANDARD_RIGHTS_ALL |\
PORT_CONNECT)

//
// Define LPC Message Types
//

#define LPC_REQUEST 0x0001
#define LPC_REPLY 0x0002
#define LPC_DATAGRAM 0x0003
#define LPC_LOST_REPLY 0x0004
#define LPC_PORT_CLOSED 0x0005
#define LPC_CLIENT_DIED 0x0006
#define LPC_EXCEPTION 0x0007
#define LPC_DEBUG_EVENT 0x0008
#define LPC_ERROR_EVENT 0x0009
#define LPC_CONNECTION_REQUEST 0x000A

#define PORT_MAXIMUM_MESSAGE_LENGTH 256

//
// Define LPC Message Header
//

typedef struct _LPC_MESSAGE {
USHORT DataLength;
USHORT Length; //sizeof(LPC_MESSAGE) + DataLength
USHORT MessageType;
USHORT DataInfoOffset;
CLIENT_ID ClientId;
ULONG MessageId;
ULONG CallbackId;
} LPC_MESSAGE, *PLPC_MESSAGE;

//++
//
// VOID
// InitializeMessageHeader (
// OUT PLPC_MESSAGE m,
// IN ULONG l,
// IN ULONG t
// );
//
//--

#define InitializeMessageHeader( m, l, t ) { \
(m)->Length = (USHORT)(l); \
(m)->DataLength = (USHORT)(l - sizeof( LPC_MESSAGE )); \
(m)->MessageType = (USHORT)(t); \
(m)->DataInfoOffset = 0; \
}

//
// Define structure for initializing shared memory on this side of port
//

typedef struct _LPC_THIS_SIDE_MEMORY {
ULONG Length; //in only - always must be
initialized
HANDLE SectionHandle; //in only
ULONG OffsetInSection; //in, out
ULONG ViewSize; //in, out
PVOID ViewBase; //out only
PVOID OtherSideViewBase; //out only
} LPC_THIS_SIDE_MEMORY, *PLPC_THIS_SIDE_MEMORY;

//
// Define structure about shared memory initialized from the other side of
port
//

typedef struct _LPC_OTHER_SIDE_MEMORY {
ULONG Length; //in only - always must be
initialized
ULONG ViewSize; //out only
PVOID ViewBase; //out only
} LPC_OTHER_SIDE_MEMORY, *PLPC_OTHER_SIDE_MEMORY;

//
// Defines Info Classes for NtQueryInformationPort
// NOTE: Currently no information is returned at all.
//

typedef enum _PORT_INFORMATION_CLASS {
PortNoInformation
} PORT_INFORMATION_CLASS;

//
// Creates a named port object.
//

NTSYSAPI
NTSTATUS
NTAPI
NtCreatePort (
OUT PHANDLE PortHandle,
IN POBJECT_ATTRIBUTES ObjectAttributes,
IN ULONG MaximumConnectionInfoLength,
IN ULONG MaximumMessageLength,
IN ULONG Reserved
);

NTSYSAPI
NTSTATUS
NTAPI
ZwCreatePort (
OUT PHANDLE PortHandle,
IN POBJECT_ATTRIBUTES ObjectAttributes,
IN ULONG MaximumConnectionInfoLength,
IN ULONG MaximumMessageLength,
IN ULONG Reserved
);

//
// Obtains information on a port.
//

NTSYSAPI
NTSTATUS
NTAPI
NtQueryInformationPort (
IN HANDLE PortHandle,
IN PORT_INFORMATION_CLASS PortInformationClass,
OUT PVOID PortInformation,
IN ULONG Length,
OUT PULONG ResultLength OPTIONAL
);

NTSYSAPI
NTSTATUS
NTAPI
ZwQueryInformationPort (
IN HANDLE PortHandle,
IN PORT_INFORMATION_CLASS PortInformationClass,
OUT PVOID PortInformation,
IN ULONG Length,
OUT PULONG ResultLength OPTIONAL
);

//
// Connects a port to server port that is accepting connections.
//

NTSYSAPI
NTSTATUS
NTAPI
NtConnectPort (
OUT PHANDLE ClientPortHandle,
IN PUNICODE_STRING ServerPortName,
IN PSECURITY_QUALITY_OF_SERVICE SecurityQos,
IN OUT PLPC_THIS_SIDE_MEMORY ClientSharedMemory OPTIONAL,
IN OUT PLPC_OTHER_SIDE_MEMORY ServerSharedMemory OPTIONAL,
OUT PULONG MaximumMessageLength OPTIONAL,
IN OUT PVOID ConnectionInfo OPTIONAL,
IN OUT PULONG ConnectionInfoLength OPTIONAL
);

NTSYSAPI
NTSTATUS
NTAPI
ZwConnectPort (
OUT PHANDLE ClientPortHandle,
IN PUNICODE_STRING ServerPortName,
IN PSECURITY_QUALITY_OF_SERVICE SecurityQos,
IN OUT PLPC_THIS_SIDE_MEMORY ClientSharedMemory OPTIONAL,
IN OUT PLPC_OTHER_SIDE_MEMORY ServerSharedMemory OPTIONAL,
OUT PULONG MaximumMessageLength OPTIONAL,
IN OUT PVOID ConnectionInfo OPTIONAL,
IN OUT PULONG ConnectionInfoLength OPTIONAL
);

//
// Server side accepts a port connection.
//

NTSYSAPI
NTSTATUS
NTAPI
NtAcceptConnectPort (
OUT PHANDLE ServerPortHandle,
IN HANDLE AlternativeReceivePortHandle OPTIONAL,
IN PLPC_MESSAGE ConnectionReply,
IN BOOLEAN AcceptConnection,
IN OUT PLPC_THIS_SIDE_MEMORY ServerSharedMemory OPTIONAL,
IN OUT PLPC_OTHER_SIDE_MEMORY ClientSharedMemory OPTIONAL
);

NTSYSAPI
NTSTATUS
NTAPI
ZwAcceptConnectPort (
OUT PHANDLE ServerPortHandle,
IN HANDLE AlternativeReceivePortHandle OPTIONAL,
IN PLPC_MESSAGE ConnectionReply,
IN BOOLEAN AcceptConnection,
IN OUT PLPC_THIS_SIDE_MEMORY ServerSharedMemory OPTIONAL,
IN OUT PLPC_OTHER_SIDE_MEMORY ClientSharedMemory OPTIONAL
);

//
// Server side completes a connection.
//

NTSYSAPI
NTSTATUS
NTAPI
NtCompleteConnectPort (
IN HANDLE PortHandle
);

NTSYSAPI
NTSTATUS
NTAPI
ZwCompleteConnectPort (
IN HANDLE PortHandle
);

//
// Thread impersonates the identify of the process on the other end of a
port.
//

NTSYSAPI
NTSTATUS
NTAPI
NtImpersonateClientOfPort (
IN HANDLE PortHandle,
IN PLPC_MESSAGE Request
);

NTSYSAPI
NTSTATUS
NTAPI
ZwImpersonateClientOfPort (
IN HANDLE PortHandle,
IN PLPC_MESSAGE Request
);

//
// Listens on a port for connection requests.
//

NTSYSAPI
NTSTATUS
NTAPI
NtListenPort (
IN HANDLE PortHandle,
OUT PLPC_MESSAGE ConnectionRequest
);

NTSYSAPI
NTSTATUS
NTAPI
ZwListenPort (
IN HANDLE PortHandle,
OUT PLPC_MESSAGE ConnectionRequest
);

//
// Sends a reply message.
//

NTSYSAPI
NTSTATUS
NTAPI
NtReplyPort (
IN HANDLE PortHandle,
IN PLPC_MESSAGE Reply
);

NTSYSAPI
NTSTATUS
NTAPI
ZwReplyPort (
IN HANDLE PortHandle,
IN PLPC_MESSAGE Reply
);

//
// Sends a reply message and then waits for an incoming request message.
//

NTSYSAPI
NTSTATUS
NTAPI
NtReplyWaitReceivePort (
IN HANDLE PortHandle,
OUT PHANDLE ReceivePortHandle OPTIONAL,
IN PLPC_MESSAGE Reply OPTIONAL,
OUT PLPC_MESSAGE Request
);

NTSYSAPI
NTSTATUS
NTAPI
ZwReplyWaitReceivePort (
IN HANDLE PortHandle,
OUT PHANDLE ReceivePortHandle OPTIONAL,
IN PLPC_MESSAGE Reply OPTIONAL,
OUT PLPC_MESSAGE Request
);

//
// Sends a reply message and then waits for an incoming reply message.
//

NTSYSAPI
NTSTATUS
NTAPI
NtReplyWaitReplyPort (
IN HANDLE PortHandle,
IN OUT PLPC_MESSAGE Reply
);

NTSYSAPI
NTSTATUS
NTAPI
ZwReplyWaitReplyPort (
IN HANDLE PortHandle,
IN OUT PLPC_MESSAGE Reply
);

//
// Sends a request message.
//

NTSYSAPI
NTSTATUS
NTAPI
NtRequestPort (
IN HANDLE PortHandle,
IN PLPC_MESSAGE Request
);

NTSYSAPI
NTSTATUS
NTAPI
ZwRequestPort (
IN HANDLE PortHandle,
IN PLPC_MESSAGE Request
);

//
// Sends a request message and waits for an incoming reply message.
//

NTSYSAPI
NTSTATUS
NTAPI
NtRequestWaitReplyPort (
IN HANDLE PortHandle,
IN PLPC_MESSAGE Request,
OUT PLPC_MESSAGE Reply
);

NTSYSAPI
NTSTATUS
NTAPI
ZwRequestWaitReplyPort (
IN HANDLE PortHandle,
IN PLPC_MESSAGE Request,
OUT PLPC_MESSAGE Reply
);

//
// Reads data associated with a port message.
//

NTSYSAPI
NTSTATUS
NTAPI
NtReadRequestData (
IN HANDLE PortHandle,
IN PLPC_MESSAGE Request,
IN ULONG DataIndex,
OUT PVOID Buffer,
IN ULONG Length,
OUT PULONG ResultLength OPTIONAL
);

NTSYSAPI
NTSTATUS
NTAPI
ZwReadRequestData (
IN HANDLE PortHandle,
IN PLPC_MESSAGE Request,
IN ULONG DataIndex,
OUT PVOID Buffer,
IN ULONG Length,
OUT PULONG ResultLength OPTIONAL
);

//
// Fills in data for a request message.
//

NTSYSAPI
NTSTATUS
NTAPI
NtWriteRequestData (
IN HANDLE PortHandle,
IN PLPC_MESSAGE Request,
IN ULONG DataIndex,
IN PVOID Buffer,
IN ULONG Length,
OUT PULONG ResultLength OPTIONAL
);

NTSYSAPI
NTSTATUS
NTAPI
ZwWriteRequestData (
IN HANDLE PortHandle,
IN PLPC_MESSAGE Request,
IN ULONG DataIndex,
IN PVOID Buffer,
IN ULONG Length,
OUT PULONG ResultLength OPTIONAL
);

Paul
Sign In or Register to comment.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Upcoming OSR Seminars
OSR has suspended in-person seminars due to the Covid-19 outbreak. But, don't miss your training! Attend via the internet instead!
Writing WDF Drivers 7 Dec 2020 LIVE ONLINE
Internals & Software Drivers 25 Jan 2021 LIVE ONLINE
Developing Minifilters 8 March 2021 LIVE ONLINE