HyperDbg Debugger
Loading...
Searching...
No Matches
PlatformEvent.c File Reference

Implementation of cross platform APIs for kernel event and object management. More...

#include "pch.h"

Functions

VOID PlatformObjectDereference (PVOID Object)
 Dereference a kernel object, decrementing its reference count.
LONG PlatformEventSet (PKEVENT Event, KPRIORITY Increment, BOOLEAN Wait)
 Signal (set) a kernel event object.
NTSTATUS PlatformObjectReferenceByHandle (HANDLE Handle, ACCESS_MASK DesiredAccess, POBJECT_TYPE ObjectType, KPROCESSOR_MODE AccessMode, PVOID *Object, POBJECT_HANDLE_INFORMATION HandleInformation)
 Obtain a pointer to a kernel object by its user-mode handle and increment its reference count.

Detailed Description

Implementation of cross platform APIs for kernel event and object management.

Author
Sina Karvandi (sina@.nosp@m.hype.nosp@m.rdbg..nosp@m.org)
Version
0.19
Date
2026-05-09

Function Documentation

◆ PlatformEventSet()

LONG PlatformEventSet ( PKEVENT Event,
KPRIORITY Increment,
BOOLEAN Wait )

Signal (set) a kernel event object.

Parameters
EventPointer to the KEVENT to signal
IncrementPriority increment for any waiting threads to be awakened
WaitIf TRUE, the caller intends to immediately call a wait routine after this call
Returns
LONG The previous signal state of the event
52{
53#if defined(_WIN32) || defined(_WIN64)
54
55 return KeSetEvent(Event, Increment, Wait);
56
57#elif defined(__linux__)
58
59# error "Not yet implemented"
60
61#else
62
63# error "Unsupported platform"
64
65#endif
66}

◆ PlatformObjectDereference()

VOID PlatformObjectDereference ( PVOID Object)

Dereference a kernel object, decrementing its reference count.

Parameters
ObjectPointer to the kernel object to dereference
Returns
VOID
26{
27#if defined(_WIN32) || defined(_WIN64)
28
29 ObDereferenceObject(Object);
30
31#elif defined(__linux__)
32
33# error "Not yet implemented"
34
35#else
36
37# error "Unsupported platform"
38
39#endif
40}

◆ PlatformObjectReferenceByHandle()

NTSTATUS PlatformObjectReferenceByHandle ( HANDLE Handle,
ACCESS_MASK DesiredAccess,
POBJECT_TYPE ObjectType,
KPROCESSOR_MODE AccessMode,
PVOID * Object,
POBJECT_HANDLE_INFORMATION HandleInformation )

Obtain a pointer to a kernel object by its user-mode handle and increment its reference count.

Parameters
HandleUser-mode handle referencing the kernel object
DesiredAccessAccess mask for the requested access rights
ObjectTypePointer to the object type object (e.g., *ExEventObjectType); NULL to skip type check
AccessModeProcessor mode to use for access checks (KernelMode or UserMode)
ObjectReceives a pointer to the referenced kernel object body
HandleInformationOptional; receives access state information
Returns
NTSTATUS STATUS_SUCCESS on success, or an error code on failure
86{
87#if defined(_WIN32) || defined(_WIN64)
88
89 return ObReferenceObjectByHandle(Handle,
91 ObjectType,
92 AccessMode,
93 Object,
94 HandleInformation);
95
96#elif defined(__linux__)
97
98# error "Not yet implemented"
99
100#else
101
102# error "Unsupported platform"
103
104#endif
105}
PHANDLE ACCESS_MASK DesiredAccess
Definition SyscallFootprints.h:134