Geoff Chappell - Software Analyst
The public symbol file NTKRNLMP.PDB for the original release of 64-bit Windows 10 tells that the kernel is built with the AMD64_X.H header at
d:\th\minkernel\ntos\inc
and draws from it the type definitions that are tabulated below. The header AMD64_X.H is not known in any Device Driver Kit (DDK) or Windows Driver Kit (WDK).
| Line Number | Type |
|---|---|
| 945 | struct _HARDWARE_PTE |
| 1010 | union _KGDTENTRY64 |
| 1015 | unnamed struct Bytes in struct _KGDTENTRY64 |
| 1022 | unnamed struct Bits in struct _KGDTENTRY64 |
| 1086 | struct _KIDTENTRY64 |
| 1145 | struct _KTSS64 |
| 1181 | struct _KDESCRIPTOR |
| 1197 | struct _KSPECIAL_REGISTERS |
| 1232 | struct _KPROCESSOR_STATE |
| 1264 | struct _KPRCB |
| 1907 | struct _KPCR |
| 2168 | struct _KEXCEPTION_FRAME |
| 2330 | struct _KTRAP_FRAME |
| 2504 | struct _KUMS_CONTEXT_HEADER |
| 2596 | struct _KFLOATING_SAVE |
| 2813 | enum _INTERLOCKED_RESULT |
| 3475 | union _CPU_INFO |
Of these types that the kernel is known to pick up from AMD64_X.H, all but one are defined in the NTOSP.H which is in the “minwin” subdirectory of the Windows 10 WDK for the original release and for Version 1511. Some are defined in one or another of the standard headers WDM.H or NTDDK.H.
The line numbers on the left are from the unseen I386_X.H but are known from type information in public symbols and statically linked libraries, notably in CLFSMGMT.LIB which MIcrosoft publishes with the Software Development Kit (SDK) for Windows 10. Those on the right are from headers that are readily available in the WDK for Windows 10.
| Line Number | Type | WDM.H | NTDDK.H | NTOSP.H |
|---|---|---|---|---|
| 945 | struct _HARDWARE_PTE | 4338 | ||
| 1010 | union _KGDTENTRY64 | 4403 | ||
| 1011 | anonymous struct in union _KGDTENTRY64 |
4404 | ||
| 1014 | anonymous union in anonymous struct in union _KGDTENTRY64 |
4407 | ||
| 1015 | unnamed struct Bytes in struct _KGDTENTRY64 |
4408 | ||
| 1022 | unnamed struct Bits in struct _KGDTENTRY64 |
4415 | ||
| 1040 | anonymous struct in union _KGDTENTRY64 |
4433 | ||
| 1051 | struct _KLDTENTRY | 4444 | ||
| 1054 | unnamed union HighWord in struct _KLDTENTRY |
4447 | ||
| 1055 | unnamed struct Bytes in unnamed union HighWord in struct _KLDTENTRY |
4448 | ||
| 1062 | unnamed struct Bits in unnamed union HighWord in struct _KLDTENTRY |
4455 | ||
| 1086 | struct _KIDTENTRY64 | 4479 | ||
| 1087 | anonymous struct in struct _KIDTENTRY64 |
4480 | ||
| 1108 | union _KGDT_BASE | 4501 | ||
| 1109 | anonymous struct in union _KGDT_BASE |
4502 | ||
| 1121 | union _KGDT_LIMIT | 4514 | ||
| 1122 | anonymous struct in union _KGDT_LIMIT |
4515 | ||
| 1145 | struct _KTSS64 | 4538 | ||
| 1181 | struct _KDESCRIPTOR | 4574 | ||
| 1187 | struct _KDESCRIPTOR32 | 4580 | ||
| 1197 | struct _KSPECIAL_REGISTERS | 4590 | ||
| 1232 | struct _KPROCESSOR_STATE | 4625 | ||
| 1245 | enum CPU_VENDORS | 4638 | ||
| 1264 | struct _KPRCB | 4657 | ||
| 1282 | anonymous union in struct _KPRCB |
4675 | ||
| 1284 | anonymous struct in anonymous union in struct _KPRCB |
4677 | ||
| 1298 | anonymous union in struct _KPRCB |
4691 | ||
| 1300 | anonymous struct in anonymous union in struct _KPRCB |
4693 | ||
| 1486 | anonymous union in struct _KPRCB |
|||
| 1489 | anonymous struct in anonymous union in struct _KPRCB |
|||
| 1494 | anonymous struct in anonymous union in struct _KPRCB |
|||
| 1907 | struct _KPCR | 5255 | 4741 | |
| 1922 | anonymous union in struct _KPCR |
5270 | 4756 | |
| 1924 | anonymous struct in anonymous union in struct _KPCR |
5272 | 4758 | |
| 2063 | union _AMD_L1_CACHE_INFO | 4883 | ||
| 2065 | anonymous struct in union _AMD_L1_CACHE_INFO |
4885 | ||
| 2073 | union _AMD_L2_CACHE_INFO | 4893 | ||
| 2075 | anonymous struct in union _AMD_L2_CACHE_INFO |
4895 | ||
| 2083 | union _AMD_L3_CACHE_INFO | 4903 | ||
| 2085 | anonymous struct in union _AMD_L3_CACHE_INFO |
4905 | ||
| 2098 | union _VIA_L1_CACHE_INFO | 4918 | ||
| 2100 | anonymous struct in union _VIA_L1_CACHE_INFO |
4920 | ||
| 2108 | union _VIA_L2_CACHE_INFO | 4928 | ||
| 2110 | anonymous struct in union _VIA_L2_CACHE_INFO |
4930 | ||
| 2123 | enum _INTEL_CACHE_TYPE | 4943 | ||
| 2132 | union INTEL_CACHE_INFO_EAX | 4952 | ||
| 2134 | anonymous struct in union INTEL_CACHE_INFO_EAX |
4954 | ||
| 2145 | union INTEL_CACHE_INFO_EBX | 4965 | ||
| 2147 | anonymous struct in union INTEL_CACHE_INFO_EBX |
4967 | ||
| 2168 | struct _KEXCEPTION_FRAME | 5318 | 4986 | |
| 2258 | struct _MACHINE_FRAME | 5076 | ||
| 2282 | struct _KSWITCH_FRAME | 5100 | ||
| 2306 | struct _KSTART_FRAME | 5124 | ||
| 2330 | struct _KTRAP_FRAME | 5396 | 5148 | |
| 2393 | anonymous union in struct _KTRAP_FRAME |
5459 | 5211 | |
| 2417 | anonymous union in struct _KTRAP_FRAME |
5483 | 5235 | |
| 2438 | anonymous struct in struct _KTRAP_FRAME |
5504 | 5256 | |
| 2485 | anonymous union in struct _KTRAP_FRAME |
5551 | 5303 | |
| 2504 | struct _KUMS_CONTEXT_HEADER | 5570 | 5322 | |
| 2516 | anonymous union in struct _KUMS_CONTEXT_HEADER |
5582 | 5334 | |
| 2517 | anonymous struct in anonymous union in struct _KUMS_CONTEXT_HEADER |
5583 | 5335 | |
| 2578 | struct _UCALLOUT_FRAME | 5396 | ||
| 2596 | struct _KFLOATING_SAVE | 17176 | 5414 | |
| 2813 | enum _INTERLOCKED_RESULT | 5662 | 5593 | |
| 3059 | union _KIDT_HANDLER_ADDRESS | |||
| 3060 | anonymous struct in union _KIDT_HANDLER_ADDRESS |
|||
| 3343 | struct _FAR_JMP_16 | |||
| 3348 | struct _FAR_TARGET_32 | |||
| 3353 | struct _PSEUDO_DESCRIPTOR_32 | |||
| 3369 | struct _PROCESSOR_START_BLOCK | |||
| 3459 | struct _KMCE_RECOVERY_CONTEXT | |||
| 3475 | union _CPU_INFO | |||
| 3477 | anonymous struct in union _CPU_INFO |
|||
| 3749 | union _PAT_ATTRIBUTES | |||
| 3750 | unnamed struct hw in union _PAT_ATTRIBUTES |