Type__DRIVER_MONITOR_SETTINGS - MartinDrab/IRPMon GitHub Wiki

_DRIVER_MONITOR_SETTINGS struct

Summary

Defines driver monitoring settings

Definition

typedef struct _DRIVER_MONITOR_SETTINGS {
    BOOLEAN MonitorNewDevices;
    BOOLEAN MonitorAddDevice;
    BOOLEAN MonitorStartIo;
    BOOLEAN MonitorUnload;
    BOOLEAN MonitorFastIo;
    BOOLEAN MonitorIRP;
    BOOLEAN MonitorIRPCompletion;
    BOOLEAN MonitorData;
    UCHAR IRPSettings[0x1b + 1];
    UCHAR FastIoSettings[FastIoMax];
} DRIVER_MONITOR_SETTINGS, *PDRIVER_MONITOR_SETTINGS;

Members

MonitorNewDevices

Automatically start monitoring newly created devices.

MonitorAddDevice

Report calls to driver's AddDevice routine.

MonitorStartIo

Report calls to driver's StartIo routine.

MonitorUnload

Report driver unload.

MonitorFastIo

Monitor Fast I/O requests server by the target driver.

MonitorIRP

Monitor IRPs targetted to one of the monitored device objects of the driver.

MonitorIRPCompletion

Report IRP completions.

MonitorData

Collect additional data for intercepted requests.

IRPSettings

IRPSettings for newly hooked devices.

FastIoSettings

FastIoSettings for newly hooked devices.

Requirements


Header	general-types.h