mirror of
https://github.com/momo5502/emulator.git
synced 2026-01-31 08:21:03 +00:00
Extend clang-format column limit to 140
This commit is contained in:
momo5502
@@ -4,8 +4,7 @@
|
||||
|
||||
namespace syscalls
|
||||
{
|
||||
NTSTATUS handle_NtSetEvent(const syscall_context& c, const uint64_t handle,
|
||||
const emulator_object<LONG> previous_state)
|
||||
NTSTATUS handle_NtSetEvent(const syscall_context& c, const uint64_t handle, const emulator_object<LONG> previous_state)
|
||||
{
|
||||
if (handle == DBWIN_DATA_READY)
|
||||
{
|
||||
|
||||
@@ -4,12 +4,10 @@
|
||||
|
||||
namespace syscalls
|
||||
{
|
||||
NTSTATUS handle_NtRaiseHardError(const syscall_context& c, const NTSTATUS error_status,
|
||||
const ULONG /*number_of_parameters*/,
|
||||
NTSTATUS handle_NtRaiseHardError(const syscall_context& c, const NTSTATUS error_status, const ULONG /*number_of_parameters*/,
|
||||
const emulator_object<UNICODE_STRING<EmulatorTraits<Emu64>>>
|
||||
/*unicode_string_parameter_mask*/,
|
||||
const emulator_object<DWORD> /*parameters*/,
|
||||
const HARDERROR_RESPONSE_OPTION /*valid_response_option*/,
|
||||
const emulator_object<DWORD> /*parameters*/, const HARDERROR_RESPONSE_OPTION /*valid_response_option*/,
|
||||
const emulator_object<HARDERROR_RESPONSE> response)
|
||||
{
|
||||
if (response)
|
||||
@@ -24,10 +22,9 @@ namespace syscalls
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtRaiseException(
|
||||
const syscall_context& c,
|
||||
const emulator_object<EMU_EXCEPTION_RECORD<EmulatorTraits<Emu64>>> /*exception_record*/,
|
||||
const emulator_object<CONTEXT64> /*thread_context*/, const BOOLEAN handle_exception)
|
||||
NTSTATUS handle_NtRaiseException(const syscall_context& c,
|
||||
const emulator_object<EMU_EXCEPTION_RECORD<EmulatorTraits<Emu64>>> /*exception_record*/,
|
||||
const emulator_object<CONTEXT64> /*thread_context*/, const BOOLEAN handle_exception)
|
||||
{
|
||||
if (handle_exception)
|
||||
{
|
||||
|
||||
@@ -21,8 +21,7 @@ namespace syscalls
|
||||
{
|
||||
namespace
|
||||
{
|
||||
std::pair<utils::file_handle, NTSTATUS> open_file(const file_system& file_sys, const windows_path& path,
|
||||
const std::u16string& mode)
|
||||
std::pair<utils::file_handle, NTSTATUS> open_file(const file_system& file_sys, const windows_path& path, const std::u16string& mode)
|
||||
{
|
||||
FILE* file{};
|
||||
const auto error = open_unicode(&file, file_sys.translate(path), mode);
|
||||
@@ -50,8 +49,7 @@ namespace syscalls
|
||||
|
||||
NTSTATUS handle_NtSetInformationFile(const syscall_context& c, const handle file_handle,
|
||||
const emulator_object<IO_STATUS_BLOCK<EmulatorTraits<Emu64>>> io_status_block,
|
||||
const uint64_t file_information, const ULONG length,
|
||||
const FILE_INFORMATION_CLASS info_class)
|
||||
const uint64_t file_information, const ULONG length, const FILE_INFORMATION_CLASS info_class)
|
||||
{
|
||||
const auto* f = c.proc.files.get(file_handle);
|
||||
if (!f)
|
||||
@@ -73,8 +71,8 @@ namespace syscalls
|
||||
}
|
||||
|
||||
const auto info = c.emu.read_memory<FILE_RENAME_INFORMATION>(file_information);
|
||||
auto new_name = read_string<char16_t>(c.emu, file_information + offsetof(FILE_RENAME_INFORMATION, FileName),
|
||||
info.FileNameLength / 2);
|
||||
auto new_name =
|
||||
read_string<char16_t>(c.emu, file_information + offsetof(FILE_RENAME_INFORMATION, FileName), info.FileNameLength / 2);
|
||||
|
||||
if (info.RootDirectory)
|
||||
{
|
||||
@@ -88,8 +86,7 @@ namespace syscalls
|
||||
new_name = root->name + (has_separator ? u"" : u"\\") + new_name;
|
||||
}
|
||||
|
||||
c.win_emu.log.warn("--> File rename requested: %s --> %s\n", u16_to_u8(f->name).c_str(),
|
||||
u16_to_u8(new_name).c_str());
|
||||
c.win_emu.log.warn("--> File rename requested: %s --> %s\n", u16_to_u8(f->name).c_str(), u16_to_u8(new_name).c_str());
|
||||
|
||||
return STATUS_ACCESS_DENIED;
|
||||
}
|
||||
@@ -135,10 +132,10 @@ namespace syscalls
|
||||
return STATUS_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtQueryVolumeInformationFile(
|
||||
const syscall_context& c, const handle file_handle,
|
||||
const emulator_object<IO_STATUS_BLOCK<EmulatorTraits<Emu64>>> io_status_block, const uint64_t fs_information,
|
||||
const ULONG length, const FS_INFORMATION_CLASS fs_information_class)
|
||||
NTSTATUS handle_NtQueryVolumeInformationFile(const syscall_context& c, const handle file_handle,
|
||||
const emulator_object<IO_STATUS_BLOCK<EmulatorTraits<Emu64>>> io_status_block,
|
||||
const uint64_t fs_information, const ULONG length,
|
||||
const FS_INFORMATION_CLASS fs_information_class)
|
||||
{
|
||||
switch (fs_information_class)
|
||||
{
|
||||
@@ -177,8 +174,7 @@ namespace syscalls
|
||||
}
|
||||
}
|
||||
|
||||
std::vector<file_entry> scan_directory(const file_system& file_sys, const windows_path& win_path,
|
||||
const std::u16string_view file_mask)
|
||||
std::vector<file_entry> scan_directory(const file_system& file_sys, const windows_path& win_path, const std::u16string_view file_mask)
|
||||
{
|
||||
std::vector<file_entry> files{};
|
||||
|
||||
@@ -319,12 +315,12 @@ namespace syscalls
|
||||
return current_index <= enum_state.files.size() ? STATUS_SUCCESS : STATUS_NO_MORE_FILES;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtQueryDirectoryFileEx(
|
||||
const syscall_context& c, const handle file_handle, const handle /*event_handle*/,
|
||||
const EMULATOR_CAST(emulator_pointer, PIO_APC_ROUTINE) /*apc_routine*/, const emulator_pointer /*apc_context*/,
|
||||
const emulator_object<IO_STATUS_BLOCK<EmulatorTraits<Emu64>>> io_status_block, const uint64_t file_information,
|
||||
const uint32_t length, const uint32_t info_class, const ULONG query_flags,
|
||||
const emulator_object<UNICODE_STRING<EmulatorTraits<Emu64>>> file_name)
|
||||
NTSTATUS handle_NtQueryDirectoryFileEx(const syscall_context& c, const handle file_handle, const handle /*event_handle*/,
|
||||
const EMULATOR_CAST(emulator_pointer, PIO_APC_ROUTINE) /*apc_routine*/,
|
||||
const emulator_pointer /*apc_context*/,
|
||||
const emulator_object<IO_STATUS_BLOCK<EmulatorTraits<Emu64>>> io_status_block,
|
||||
const uint64_t file_information, const uint32_t length, const uint32_t info_class,
|
||||
const ULONG query_flags, const emulator_object<UNICODE_STRING<EmulatorTraits<Emu64>>> file_name)
|
||||
{
|
||||
auto* f = c.proc.files.get(file_handle);
|
||||
if (!f || !f->is_directory())
|
||||
@@ -334,20 +330,20 @@ namespace syscalls
|
||||
|
||||
if (info_class == FileDirectoryInformation)
|
||||
{
|
||||
return handle_file_enumeration<FILE_DIRECTORY_INFORMATION>(c, io_status_block, file_information, length,
|
||||
query_flags, file_name, f);
|
||||
return handle_file_enumeration<FILE_DIRECTORY_INFORMATION>(c, io_status_block, file_information, length, query_flags, file_name,
|
||||
f);
|
||||
}
|
||||
|
||||
if (info_class == FileFullDirectoryInformation)
|
||||
{
|
||||
return handle_file_enumeration<FILE_FULL_DIR_INFORMATION>(c, io_status_block, file_information, length,
|
||||
query_flags, file_name, f);
|
||||
return handle_file_enumeration<FILE_FULL_DIR_INFORMATION>(c, io_status_block, file_information, length, query_flags, file_name,
|
||||
f);
|
||||
}
|
||||
|
||||
if (info_class == FileBothDirectoryInformation)
|
||||
{
|
||||
return handle_file_enumeration<FILE_BOTH_DIR_INFORMATION>(c, io_status_block, file_information, length,
|
||||
query_flags, file_name, f);
|
||||
return handle_file_enumeration<FILE_BOTH_DIR_INFORMATION>(c, io_status_block, file_information, length, query_flags, file_name,
|
||||
f);
|
||||
}
|
||||
|
||||
c.win_emu.log.error("Unsupported query directory file info class: %X\n", info_class);
|
||||
@@ -360,10 +356,9 @@ namespace syscalls
|
||||
const EMULATOR_CAST(emulator_pointer, PIO_APC_ROUTINE) apc_routine,
|
||||
const emulator_pointer apc_context,
|
||||
const emulator_object<IO_STATUS_BLOCK<EmulatorTraits<Emu64>>> io_status_block,
|
||||
const uint64_t file_information, const uint32_t length,
|
||||
const uint32_t info_class, const BOOLEAN return_single_entry,
|
||||
const emulator_object<UNICODE_STRING<EmulatorTraits<Emu64>>> file_name,
|
||||
const BOOLEAN restart_scan)
|
||||
const uint64_t file_information, const uint32_t length, const uint32_t info_class,
|
||||
const BOOLEAN return_single_entry,
|
||||
const emulator_object<UNICODE_STRING<EmulatorTraits<Emu64>>> file_name, const BOOLEAN restart_scan)
|
||||
{
|
||||
ULONG query_flags = 0;
|
||||
if (return_single_entry)
|
||||
@@ -374,14 +369,13 @@ namespace syscalls
|
||||
{
|
||||
query_flags |= SL_RESTART_SCAN;
|
||||
}
|
||||
return handle_NtQueryDirectoryFileEx(c, file_handle, event_handle, apc_routine, apc_context, io_status_block,
|
||||
file_information, length, info_class, query_flags, file_name);
|
||||
return handle_NtQueryDirectoryFileEx(c, file_handle, event_handle, apc_routine, apc_context, io_status_block, file_information,
|
||||
length, info_class, query_flags, file_name);
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtQueryInformationFile(
|
||||
const syscall_context& c, const handle file_handle,
|
||||
const emulator_object<IO_STATUS_BLOCK<EmulatorTraits<Emu64>>> io_status_block, const uint64_t file_information,
|
||||
const uint32_t length, const uint32_t info_class)
|
||||
NTSTATUS handle_NtQueryInformationFile(const syscall_context& c, const handle file_handle,
|
||||
const emulator_object<IO_STATUS_BLOCK<EmulatorTraits<Emu64>>> io_status_block,
|
||||
const uint64_t file_information, const uint32_t length, const uint32_t info_class)
|
||||
{
|
||||
IO_STATUS_BLOCK<EmulatorTraits<Emu64>> block{};
|
||||
block.Status = STATUS_SUCCESS;
|
||||
@@ -539,10 +533,10 @@ namespace syscalls
|
||||
return ret(STATUS_NOT_SUPPORTED);
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtQueryInformationByName(
|
||||
const syscall_context& c, const emulator_object<OBJECT_ATTRIBUTES<EmulatorTraits<Emu64>>> object_attributes,
|
||||
const emulator_object<IO_STATUS_BLOCK<EmulatorTraits<Emu64>>> io_status_block, const uint64_t file_information,
|
||||
const uint32_t length, const uint32_t info_class)
|
||||
NTSTATUS handle_NtQueryInformationByName(const syscall_context& c,
|
||||
const emulator_object<OBJECT_ATTRIBUTES<EmulatorTraits<Emu64>>> object_attributes,
|
||||
const emulator_object<IO_STATUS_BLOCK<EmulatorTraits<Emu64>>> io_status_block,
|
||||
const uint64_t file_information, const uint32_t length, const uint32_t info_class)
|
||||
{
|
||||
IO_STATUS_BLOCK<EmulatorTraits<Emu64>> block{};
|
||||
block.Status = STATUS_SUCCESS;
|
||||
@@ -606,8 +600,7 @@ namespace syscalls
|
||||
}
|
||||
|
||||
void commit_file_data(const std::string_view data, emulator& emu,
|
||||
const emulator_object<IO_STATUS_BLOCK<EmulatorTraits<Emu64>>> io_status_block,
|
||||
const uint64_t buffer)
|
||||
const emulator_object<IO_STATUS_BLOCK<EmulatorTraits<Emu64>>> io_status_block, const uint64_t buffer)
|
||||
{
|
||||
if (io_status_block)
|
||||
{
|
||||
@@ -619,11 +612,10 @@ namespace syscalls
|
||||
emu.write_memory(buffer, data.data(), data.size());
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtReadFile(const syscall_context& c, const handle file_handle, const uint64_t /*event*/,
|
||||
const uint64_t /*apc_routine*/, const uint64_t /*apc_context*/,
|
||||
const emulator_object<IO_STATUS_BLOCK<EmulatorTraits<Emu64>>> io_status_block,
|
||||
const uint64_t buffer, const ULONG length,
|
||||
const emulator_object<LARGE_INTEGER> /*byte_offset*/,
|
||||
NTSTATUS handle_NtReadFile(const syscall_context& c, const handle file_handle, const uint64_t /*event*/, const uint64_t /*apc_routine*/,
|
||||
const uint64_t /*apc_context*/,
|
||||
const emulator_object<IO_STATUS_BLOCK<EmulatorTraits<Emu64>>> io_status_block, const uint64_t buffer,
|
||||
const ULONG length, const emulator_object<LARGE_INTEGER> /*byte_offset*/,
|
||||
const emulator_object<ULONG> /*key*/)
|
||||
{
|
||||
std::string temp_buffer{};
|
||||
@@ -639,12 +631,10 @@ namespace syscalls
|
||||
|
||||
std::cin.putback(chr);
|
||||
|
||||
const auto read_count =
|
||||
std::cin.readsome(temp_buffer.data(), static_cast<std::streamsize>(temp_buffer.size()));
|
||||
const auto read_count = std::cin.readsome(temp_buffer.data(), static_cast<std::streamsize>(temp_buffer.size()));
|
||||
const auto count = std::max(read_count, static_cast<std::streamsize>(0));
|
||||
|
||||
commit_file_data(std::string_view(temp_buffer.data(), static_cast<size_t>(count)), c.emu, io_status_block,
|
||||
buffer);
|
||||
commit_file_data(std::string_view(temp_buffer.data(), static_cast<size_t>(count)), c.emu, io_status_block, buffer);
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
|
||||
@@ -690,9 +680,8 @@ namespace syscalls
|
||||
|
||||
NTSTATUS handle_NtWriteFile(const syscall_context& c, const handle file_handle, const uint64_t /*event*/,
|
||||
const uint64_t /*apc_routine*/, const uint64_t /*apc_context*/,
|
||||
const emulator_object<IO_STATUS_BLOCK<EmulatorTraits<Emu64>>> io_status_block,
|
||||
const uint64_t buffer, const ULONG length,
|
||||
const emulator_object<LARGE_INTEGER> /*byte_offset*/,
|
||||
const emulator_object<IO_STATUS_BLOCK<EmulatorTraits<Emu64>>> io_status_block, const uint64_t buffer,
|
||||
const ULONG length, const emulator_object<LARGE_INTEGER> /*byte_offset*/,
|
||||
const emulator_object<ULONG> /*key*/)
|
||||
{
|
||||
std::string temp_buffer{};
|
||||
@@ -829,8 +818,7 @@ namespace syscalls
|
||||
}
|
||||
|
||||
NTSTATUS handle_named_pipe_create(const syscall_context& c, const emulator_object<handle>& out_handle,
|
||||
const std::u16string_view filename,
|
||||
const OBJECT_ATTRIBUTES<EmulatorTraits<Emu64>>& attributes,
|
||||
const std::u16string_view filename, const OBJECT_ATTRIBUTES<EmulatorTraits<Emu64>>& attributes,
|
||||
ACCESS_MASK desired_access)
|
||||
{
|
||||
(void)attributes; // This isn't being consumed atm, suppressing errors
|
||||
@@ -855,13 +843,12 @@ namespace syscalls
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtCreateFile(const syscall_context& c, const emulator_object<handle> file_handle,
|
||||
ACCESS_MASK desired_access,
|
||||
NTSTATUS handle_NtCreateFile(const syscall_context& c, const emulator_object<handle> file_handle, ACCESS_MASK desired_access,
|
||||
const emulator_object<OBJECT_ATTRIBUTES<EmulatorTraits<Emu64>>> object_attributes,
|
||||
const emulator_object<IO_STATUS_BLOCK<EmulatorTraits<Emu64>>> /*io_status_block*/,
|
||||
const emulator_object<LARGE_INTEGER> /*allocation_size*/, ULONG /*file_attributes*/,
|
||||
ULONG /*share_access*/, ULONG create_disposition, ULONG create_options,
|
||||
uint64_t ea_buffer, ULONG ea_length)
|
||||
ULONG /*share_access*/, ULONG create_disposition, ULONG create_options, uint64_t ea_buffer,
|
||||
ULONG ea_length)
|
||||
{
|
||||
const auto attributes = object_attributes.read();
|
||||
auto filename = read_unicode_string(c.emu, attributes.ObjectName);
|
||||
@@ -968,9 +955,9 @@ namespace syscalls
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtQueryFullAttributesFile(
|
||||
const syscall_context& c, const emulator_object<OBJECT_ATTRIBUTES<EmulatorTraits<Emu64>>> object_attributes,
|
||||
const emulator_object<FILE_NETWORK_OPEN_INFORMATION> file_information)
|
||||
NTSTATUS handle_NtQueryFullAttributesFile(const syscall_context& c,
|
||||
const emulator_object<OBJECT_ATTRIBUTES<EmulatorTraits<Emu64>>> object_attributes,
|
||||
const emulator_object<FILE_NETWORK_OPEN_INFORMATION> file_information)
|
||||
{
|
||||
if (!object_attributes)
|
||||
{
|
||||
@@ -983,8 +970,7 @@ namespace syscalls
|
||||
return STATUS_INVALID_PARAMETER;
|
||||
}
|
||||
|
||||
auto filename = read_unicode_string(
|
||||
c.emu, emulator_object<UNICODE_STRING<EmulatorTraits<Emu64>>>{c.emu, attributes.ObjectName});
|
||||
auto filename = read_unicode_string(c.emu, emulator_object<UNICODE_STRING<EmulatorTraits<Emu64>>>{c.emu, attributes.ObjectName});
|
||||
|
||||
if (attributes.RootDirectory)
|
||||
{
|
||||
@@ -1021,9 +1007,9 @@ namespace syscalls
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtQueryAttributesFile(
|
||||
const syscall_context& c, const emulator_object<OBJECT_ATTRIBUTES<EmulatorTraits<Emu64>>> object_attributes,
|
||||
const emulator_object<FILE_BASIC_INFORMATION> file_information)
|
||||
NTSTATUS handle_NtQueryAttributesFile(const syscall_context& c,
|
||||
const emulator_object<OBJECT_ATTRIBUTES<EmulatorTraits<Emu64>>> object_attributes,
|
||||
const emulator_object<FILE_BASIC_INFORMATION> file_information)
|
||||
{
|
||||
if (!object_attributes)
|
||||
{
|
||||
@@ -1036,8 +1022,8 @@ namespace syscalls
|
||||
return STATUS_INVALID_PARAMETER;
|
||||
}
|
||||
|
||||
const auto filename = read_unicode_string(
|
||||
c.emu, emulator_object<UNICODE_STRING<EmulatorTraits<Emu64>>>{c.emu, attributes.ObjectName});
|
||||
const auto filename =
|
||||
read_unicode_string(c.emu, emulator_object<UNICODE_STRING<EmulatorTraits<Emu64>>>{c.emu, attributes.ObjectName});
|
||||
|
||||
c.win_emu.callbacks.on_generic_access("Querying file attributes", filename);
|
||||
|
||||
@@ -1066,19 +1052,18 @@ namespace syscalls
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtOpenFile(const syscall_context& c, const emulator_object<handle> file_handle,
|
||||
const ACCESS_MASK desired_access,
|
||||
NTSTATUS handle_NtOpenFile(const syscall_context& c, const emulator_object<handle> file_handle, const ACCESS_MASK desired_access,
|
||||
const emulator_object<OBJECT_ATTRIBUTES<EmulatorTraits<Emu64>>> object_attributes,
|
||||
const emulator_object<IO_STATUS_BLOCK<EmulatorTraits<Emu64>>> io_status_block,
|
||||
const ULONG share_access, const ULONG open_options)
|
||||
const emulator_object<IO_STATUS_BLOCK<EmulatorTraits<Emu64>>> io_status_block, const ULONG share_access,
|
||||
const ULONG open_options)
|
||||
{
|
||||
return handle_NtCreateFile(c, file_handle, desired_access, object_attributes, io_status_block, {c.emu}, 0,
|
||||
share_access, FILE_OPEN, open_options, 0, 0);
|
||||
return handle_NtCreateFile(c, file_handle, desired_access, object_attributes, io_status_block, {c.emu}, 0, share_access, FILE_OPEN,
|
||||
open_options, 0, 0);
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtOpenDirectoryObject(
|
||||
const syscall_context& c, const emulator_object<handle> directory_handle, const ACCESS_MASK /*desired_access*/,
|
||||
const emulator_object<OBJECT_ATTRIBUTES<EmulatorTraits<Emu64>>> object_attributes)
|
||||
NTSTATUS handle_NtOpenDirectoryObject(const syscall_context& c, const emulator_object<handle> directory_handle,
|
||||
const ACCESS_MASK /*desired_access*/,
|
||||
const emulator_object<OBJECT_ATTRIBUTES<EmulatorTraits<Emu64>>> object_attributes)
|
||||
{
|
||||
const auto attributes = object_attributes.read();
|
||||
const auto object_name = read_unicode_string(c.emu, attributes.ObjectName);
|
||||
@@ -1104,9 +1089,9 @@ namespace syscalls
|
||||
return STATUS_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtOpenSymbolicLinkObject(
|
||||
const syscall_context& c, const emulator_object<handle> link_handle, ACCESS_MASK /*desired_access*/,
|
||||
const emulator_object<OBJECT_ATTRIBUTES<EmulatorTraits<Emu64>>> object_attributes)
|
||||
NTSTATUS handle_NtOpenSymbolicLinkObject(const syscall_context& c, const emulator_object<handle> link_handle,
|
||||
ACCESS_MASK /*desired_access*/,
|
||||
const emulator_object<OBJECT_ATTRIBUTES<EmulatorTraits<Emu64>>> object_attributes)
|
||||
{
|
||||
const auto attributes = object_attributes.read();
|
||||
const auto object_name = read_unicode_string(c.emu, attributes.ObjectName);
|
||||
@@ -1150,13 +1135,11 @@ namespace syscalls
|
||||
return STATUS_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtCreateNamedPipeFile(const syscall_context& c, emulator_object<handle> file_handle,
|
||||
ULONG desired_access,
|
||||
NTSTATUS handle_NtCreateNamedPipeFile(const syscall_context& c, emulator_object<handle> file_handle, ULONG desired_access,
|
||||
emulator_object<OBJECT_ATTRIBUTES<EmulatorTraits<Emu64>>> object_attributes,
|
||||
emulator_object<IO_STATUS_BLOCK<EmulatorTraits<Emu64>>> io_status_block,
|
||||
ULONG share_access, ULONG create_disposition, ULONG create_options,
|
||||
ULONG named_pipe_type, ULONG read_mode, ULONG completion_mode,
|
||||
ULONG maximum_instances, ULONG inbound_quota, ULONG outbound_quota,
|
||||
emulator_object<IO_STATUS_BLOCK<EmulatorTraits<Emu64>>> io_status_block, ULONG share_access,
|
||||
ULONG create_disposition, ULONG create_options, ULONG named_pipe_type, ULONG read_mode,
|
||||
ULONG completion_mode, ULONG maximum_instances, ULONG inbound_quota, ULONG outbound_quota,
|
||||
emulator_object<LARGE_INTEGER> default_timeout)
|
||||
{
|
||||
(void)desired_access;
|
||||
@@ -1204,12 +1187,11 @@ namespace syscalls
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtFsControlFile(const syscall_context& c, const handle /*event_handle*/,
|
||||
const uint64_t /*apc_routine*/, const uint64_t /*app_context*/,
|
||||
NTSTATUS handle_NtFsControlFile(const syscall_context& c, const handle /*event_handle*/, const uint64_t /*apc_routine*/,
|
||||
const uint64_t /*app_context*/,
|
||||
const emulator_object<IO_STATUS_BLOCK<EmulatorTraits<Emu64>>> /*io_status_block*/,
|
||||
const ULONG /*fs_control_code*/, const uint64_t /*input_buffer*/,
|
||||
const ULONG /*input_buffer_length*/, const uint64_t /*output_buffer*/,
|
||||
const ULONG /*output_buffer_length*/)
|
||||
const ULONG /*fs_control_code*/, const uint64_t /*input_buffer*/, const ULONG /*input_buffer_length*/,
|
||||
const uint64_t /*output_buffer*/, const ULONG /*output_buffer_length*/)
|
||||
{
|
||||
c.win_emu.log.error("Unimplemented syscall NtFsControlFile!");
|
||||
c.emu.stop();
|
||||
@@ -1217,9 +1199,8 @@ namespace syscalls
|
||||
return STATUS_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtFlushBuffersFile(
|
||||
const syscall_context& c, const handle file_handle,
|
||||
const emulator_object<IO_STATUS_BLOCK<EmulatorTraits<Emu64>>> /*io_status_block*/)
|
||||
NTSTATUS handle_NtFlushBuffersFile(const syscall_context& c, const handle file_handle,
|
||||
const emulator_object<IO_STATUS_BLOCK<EmulatorTraits<Emu64>>> /*io_status_block*/)
|
||||
{
|
||||
if (file_handle == STDOUT_HANDLE)
|
||||
{
|
||||
|
||||
@@ -10,8 +10,7 @@ namespace syscalls
|
||||
const emulator_object<LCID> default_locale_id,
|
||||
const emulator_object<LARGE_INTEGER> /*default_casing_table_size*/)
|
||||
{
|
||||
const auto locale_file =
|
||||
utils::io::read_file(c.win_emu.file_sys.translate(R"(C:\Windows\System32\locale.nls)"));
|
||||
const auto locale_file = utils::io::read_file(c.win_emu.file_sys.translate(R"(C:\Windows\System32\locale.nls)"));
|
||||
if (locale_file.empty())
|
||||
{
|
||||
return STATUS_FILE_INVALID;
|
||||
@@ -27,16 +26,14 @@ namespace syscalls
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtQueryDefaultLocale(const syscall_context&, BOOLEAN /*user_profile*/,
|
||||
const emulator_object<LCID> default_locale_id)
|
||||
NTSTATUS handle_NtQueryDefaultLocale(const syscall_context&, BOOLEAN /*user_profile*/, const emulator_object<LCID> default_locale_id)
|
||||
{
|
||||
default_locale_id.write(0x407);
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtGetNlsSectionPtr(const syscall_context& c, const ULONG section_type, const ULONG section_data,
|
||||
emulator_pointer /*context_data*/,
|
||||
const emulator_object<uint64_t> section_pointer,
|
||||
emulator_pointer /*context_data*/, const emulator_object<uint64_t> section_pointer,
|
||||
const emulator_object<ULONG> section_size)
|
||||
{
|
||||
if (section_type == 11)
|
||||
|
||||
@@ -6,10 +6,9 @@
|
||||
|
||||
namespace syscalls
|
||||
{
|
||||
NTSTATUS handle_NtQueryVirtualMemory(const syscall_context& c, const handle process_handle,
|
||||
const uint64_t base_address, const uint32_t info_class,
|
||||
const uint64_t memory_information, const uint64_t memory_information_length,
|
||||
const emulator_object<uint64_t> return_length)
|
||||
NTSTATUS handle_NtQueryVirtualMemory(const syscall_context& c, const handle process_handle, const uint64_t base_address,
|
||||
const uint32_t info_class, const uint64_t memory_information,
|
||||
const uint64_t memory_information_length, const emulator_object<uint64_t> return_length)
|
||||
{
|
||||
if (process_handle != CURRENT_PROCESS)
|
||||
{
|
||||
@@ -126,9 +125,8 @@ namespace syscalls
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtProtectVirtualMemory(const syscall_context& c, const handle process_handle,
|
||||
const emulator_object<uint64_t> base_address,
|
||||
const emulator_object<uint32_t> bytes_to_protect, const uint32_t protection,
|
||||
const emulator_object<uint32_t> old_protection)
|
||||
const emulator_object<uint64_t> base_address, const emulator_object<uint32_t> bytes_to_protect,
|
||||
const uint32_t protection, const emulator_object<uint32_t> old_protection)
|
||||
{
|
||||
if (process_handle != CURRENT_PROCESS)
|
||||
{
|
||||
@@ -172,8 +170,8 @@ namespace syscalls
|
||||
|
||||
NTSTATUS handle_NtAllocateVirtualMemoryEx(const syscall_context& c, const handle process_handle,
|
||||
const emulator_object<uint64_t> base_address,
|
||||
const emulator_object<uint64_t> bytes_to_allocate,
|
||||
const uint32_t allocation_type, const uint32_t page_protection)
|
||||
const emulator_object<uint64_t> bytes_to_allocate, const uint32_t allocation_type,
|
||||
const uint32_t page_protection)
|
||||
{
|
||||
if (process_handle != CURRENT_PROCESS)
|
||||
{
|
||||
@@ -217,8 +215,7 @@ namespace syscalls
|
||||
throw std::runtime_error("Unsupported allocation type!");
|
||||
}
|
||||
|
||||
if (commit && !reserve &&
|
||||
c.win_emu.memory.commit_memory(potential_base, static_cast<size_t>(allocation_bytes), *protection))
|
||||
if (commit && !reserve && c.win_emu.memory.commit_memory(potential_base, static_cast<size_t>(allocation_bytes), *protection))
|
||||
{
|
||||
c.win_emu.callbacks.on_memory_allocate(potential_base, allocation_bytes, *protection, true);
|
||||
return STATUS_SUCCESS;
|
||||
@@ -226,23 +223,20 @@ namespace syscalls
|
||||
|
||||
c.win_emu.callbacks.on_memory_allocate(potential_base, allocation_bytes, *protection, false);
|
||||
|
||||
return c.win_emu.memory.allocate_memory(potential_base, static_cast<size_t>(allocation_bytes), *protection,
|
||||
!commit)
|
||||
return c.win_emu.memory.allocate_memory(potential_base, static_cast<size_t>(allocation_bytes), *protection, !commit)
|
||||
? STATUS_SUCCESS
|
||||
: STATUS_MEMORY_NOT_ALLOCATED;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtAllocateVirtualMemory(const syscall_context& c, const handle process_handle,
|
||||
const emulator_object<uint64_t> base_address, const uint64_t /*zero_bits*/,
|
||||
const emulator_object<uint64_t> bytes_to_allocate,
|
||||
const uint32_t allocation_type, const uint32_t page_protection)
|
||||
const emulator_object<uint64_t> bytes_to_allocate, const uint32_t allocation_type,
|
||||
const uint32_t page_protection)
|
||||
{
|
||||
return handle_NtAllocateVirtualMemoryEx(c, process_handle, base_address, bytes_to_allocate, allocation_type,
|
||||
page_protection);
|
||||
return handle_NtAllocateVirtualMemoryEx(c, process_handle, base_address, bytes_to_allocate, allocation_type, page_protection);
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtFreeVirtualMemory(const syscall_context& c, const handle process_handle,
|
||||
const emulator_object<uint64_t> base_address,
|
||||
NTSTATUS handle_NtFreeVirtualMemory(const syscall_context& c, const handle process_handle, const emulator_object<uint64_t> base_address,
|
||||
const emulator_object<uint64_t> bytes_to_allocate, const uint32_t free_type)
|
||||
{
|
||||
if (process_handle != CURRENT_PROCESS)
|
||||
@@ -260,24 +254,21 @@ namespace syscalls
|
||||
|
||||
if (free_type & MEM_RELEASE)
|
||||
{
|
||||
return c.win_emu.memory.release_memory(allocation_base, static_cast<size_t>(allocation_size))
|
||||
? STATUS_SUCCESS
|
||||
: STATUS_MEMORY_NOT_ALLOCATED;
|
||||
return c.win_emu.memory.release_memory(allocation_base, static_cast<size_t>(allocation_size)) ? STATUS_SUCCESS
|
||||
: STATUS_MEMORY_NOT_ALLOCATED;
|
||||
}
|
||||
|
||||
if (free_type & MEM_DECOMMIT)
|
||||
{
|
||||
return c.win_emu.memory.decommit_memory(allocation_base, static_cast<size_t>(allocation_size))
|
||||
? STATUS_SUCCESS
|
||||
: STATUS_MEMORY_NOT_ALLOCATED;
|
||||
return c.win_emu.memory.decommit_memory(allocation_base, static_cast<size_t>(allocation_size)) ? STATUS_SUCCESS
|
||||
: STATUS_MEMORY_NOT_ALLOCATED;
|
||||
}
|
||||
|
||||
throw std::runtime_error("Bad free type");
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtReadVirtualMemory(const syscall_context& c, const handle process_handle,
|
||||
const emulator_pointer base_address, const emulator_pointer buffer,
|
||||
const ULONG number_of_bytes_to_read,
|
||||
NTSTATUS handle_NtReadVirtualMemory(const syscall_context& c, const handle process_handle, const emulator_pointer base_address,
|
||||
const emulator_pointer buffer, const ULONG number_of_bytes_to_read,
|
||||
const emulator_object<ULONG> number_of_bytes_read)
|
||||
{
|
||||
number_of_bytes_read.write(0);
|
||||
|
||||
@@ -6,8 +6,7 @@
|
||||
|
||||
namespace syscalls
|
||||
{
|
||||
NTSTATUS handle_NtReleaseMutant(const syscall_context& c, const handle mutant_handle,
|
||||
const emulator_object<LONG> previous_count)
|
||||
NTSTATUS handle_NtReleaseMutant(const syscall_context& c, const handle mutant_handle, const emulator_object<LONG> previous_count)
|
||||
{
|
||||
if (mutant_handle.value.type != handle_types::mutant)
|
||||
{
|
||||
@@ -42,8 +41,7 @@ namespace syscalls
|
||||
const auto attributes = object_attributes.read();
|
||||
if (attributes.ObjectName)
|
||||
{
|
||||
name = read_unicode_string(
|
||||
c.emu, emulator_object<UNICODE_STRING<EmulatorTraits<Emu64>>>{c.emu, attributes.ObjectName});
|
||||
name = read_unicode_string(c.emu, emulator_object<UNICODE_STRING<EmulatorTraits<Emu64>>>{c.emu, attributes.ObjectName});
|
||||
c.win_emu.callbacks.on_generic_access("Opening mutant", name);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -21,10 +21,9 @@ namespace syscalls
|
||||
return STATUS_INVALID_HANDLE;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtDuplicateObject(const syscall_context& c, const handle source_process_handle,
|
||||
const handle source_handle, const handle target_process_handle,
|
||||
const emulator_object<handle> target_handle, const ACCESS_MASK /*desired_access*/,
|
||||
const ULONG /*handle_attributes*/, const ULONG /*options*/)
|
||||
NTSTATUS handle_NtDuplicateObject(const syscall_context& c, const handle source_process_handle, const handle source_handle,
|
||||
const handle target_process_handle, const emulator_object<handle> target_handle,
|
||||
const ACCESS_MASK /*desired_access*/, const ULONG /*handle_attributes*/, const ULONG /*options*/)
|
||||
{
|
||||
if (source_process_handle != CURRENT_PROCESS || target_process_handle != CURRENT_PROCESS)
|
||||
{
|
||||
@@ -90,8 +89,7 @@ namespace syscalls
|
||||
}
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtQueryObject(const syscall_context& c, const handle handle,
|
||||
const OBJECT_INFORMATION_CLASS object_information_class,
|
||||
NTSTATUS handle_NtQueryObject(const syscall_context& c, const handle handle, const OBJECT_INFORMATION_CLASS object_information_class,
|
||||
const emulator_pointer object_information, const ULONG object_information_length,
|
||||
const emulator_object<ULONG> return_length)
|
||||
{
|
||||
@@ -163,8 +161,7 @@ namespace syscalls
|
||||
|
||||
if (object_information_class == ObjectHandleFlagInformation)
|
||||
{
|
||||
return handle_query<OBJECT_HANDLE_FLAG_INFORMATION>(c.emu, object_information, object_information_length,
|
||||
return_length,
|
||||
return handle_query<OBJECT_HANDLE_FLAG_INFORMATION>(c.emu, object_information, object_information_length, return_length,
|
||||
[&](OBJECT_HANDLE_FLAG_INFORMATION& info) {
|
||||
info.Inherit = 0;
|
||||
info.ProtectFromClose = 0;
|
||||
@@ -185,9 +182,9 @@ namespace syscalls
|
||||
|| h.value.type == handle_types::event;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtWaitForMultipleObjects(const syscall_context& c, const ULONG count,
|
||||
const emulator_object<handle> handles, const WAIT_TYPE wait_type,
|
||||
const BOOLEAN alertable, const emulator_object<LARGE_INTEGER> timeout)
|
||||
NTSTATUS handle_NtWaitForMultipleObjects(const syscall_context& c, const ULONG count, const emulator_object<handle> handles,
|
||||
const WAIT_TYPE wait_type, const BOOLEAN alertable,
|
||||
const emulator_object<LARGE_INTEGER> timeout)
|
||||
{
|
||||
if (wait_type != WaitAny && wait_type != WaitAll)
|
||||
{
|
||||
@@ -249,21 +246,19 @@ namespace syscalls
|
||||
return STATUS_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtQuerySecurityObject(const syscall_context& c, const handle /*h*/,
|
||||
const SECURITY_INFORMATION security_information,
|
||||
NTSTATUS handle_NtQuerySecurityObject(const syscall_context& c, const handle /*h*/, const SECURITY_INFORMATION security_information,
|
||||
const emulator_pointer security_descriptor, const ULONG length,
|
||||
const emulator_object<ULONG> length_needed)
|
||||
{
|
||||
if ((security_information & (OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION |
|
||||
DACL_SECURITY_INFORMATION | LABEL_SECURITY_INFORMATION)) == 0)
|
||||
if ((security_information &
|
||||
(OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION | LABEL_SECURITY_INFORMATION)) == 0)
|
||||
{
|
||||
return STATUS_INVALID_PARAMETER;
|
||||
}
|
||||
|
||||
// Owner SID: S-1-5-32-544 (Administrators)
|
||||
// NOLINTNEXTLINE(cppcoreguidelines-avoid-c-arrays,hicpp-avoid-c-arrays,modernize-avoid-c-arrays)
|
||||
const uint8_t owner_sid[] = {0x01, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05,
|
||||
0x20, 0x00, 0x00, 0x00, 0x20, 0x02, 0x00, 0x00};
|
||||
const uint8_t owner_sid[] = {0x01, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05, 0x20, 0x00, 0x00, 0x00, 0x20, 0x02, 0x00, 0x00};
|
||||
|
||||
// Group SID: S-1-5-18 (Local System)
|
||||
// NOLINTNEXTLINE(cppcoreguidelines-avoid-c-arrays,hicpp-avoid-c-arrays,modernize-avoid-c-arrays)
|
||||
@@ -272,21 +267,19 @@ namespace syscalls
|
||||
// DACL structure
|
||||
// NOLINTNEXTLINE(cppcoreguidelines-avoid-c-arrays,hicpp-avoid-c-arrays,modernize-avoid-c-arrays)
|
||||
const uint8_t dacl_data[] = {
|
||||
0x02, 0x00, 0x9C, 0x00, 0x07, 0x00, 0x00, 0x00, 0x00, 0x00, 0x14, 0x00, 0x0F, 0x00, 0x02, 0x00, 0x01, 0x01,
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x14, 0x00, 0x0F, 0x00, 0x02, 0x00,
|
||||
0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05, 0x0C, 0x00, 0x00, 0x00, 0x00, 0x00, 0x18, 0x00, 0x0F, 0x00,
|
||||
0x0F, 0x00, 0x01, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05, 0x20, 0x00, 0x00, 0x00, 0x20, 0x02, 0x00, 0x00,
|
||||
0x00, 0x0B, 0x14, 0x00, 0x00, 0x00, 0x00, 0xE0, 0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00,
|
||||
0x00, 0x00, 0x00, 0x0B, 0x14, 0x00, 0x00, 0x00, 0x00, 0xE0, 0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05,
|
||||
0x0C, 0x00, 0x00, 0x00, 0x00, 0x0B, 0x18, 0x00, 0x00, 0x00, 0x00, 0x10, 0x01, 0x02, 0x00, 0x00, 0x00, 0x00,
|
||||
0x00, 0x05, 0x20, 0x00, 0x00, 0x00, 0x20, 0x02, 0x00, 0x00, 0x00, 0x0B, 0x14, 0x00, 0x00, 0x00, 0x00, 0x10,
|
||||
0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03, 0x00, 0x00, 0x00, 0x00};
|
||||
0x02, 0x00, 0x9C, 0x00, 0x07, 0x00, 0x00, 0x00, 0x00, 0x00, 0x14, 0x00, 0x0F, 0x00, 0x02, 0x00, 0x01, 0x01, 0x00, 0x00,
|
||||
0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x14, 0x00, 0x0F, 0x00, 0x02, 0x00, 0x01, 0x01, 0x00, 0x00,
|
||||
0x00, 0x00, 0x00, 0x05, 0x0C, 0x00, 0x00, 0x00, 0x00, 0x00, 0x18, 0x00, 0x0F, 0x00, 0x0F, 0x00, 0x01, 0x02, 0x00, 0x00,
|
||||
0x00, 0x00, 0x00, 0x05, 0x20, 0x00, 0x00, 0x00, 0x20, 0x02, 0x00, 0x00, 0x00, 0x0B, 0x14, 0x00, 0x00, 0x00, 0x00, 0xE0,
|
||||
0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0B, 0x14, 0x00, 0x00, 0x00, 0x00, 0xE0,
|
||||
0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05, 0x0C, 0x00, 0x00, 0x00, 0x00, 0x0B, 0x18, 0x00, 0x00, 0x00, 0x00, 0x10,
|
||||
0x01, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05, 0x20, 0x00, 0x00, 0x00, 0x20, 0x02, 0x00, 0x00, 0x00, 0x0B, 0x14, 0x00,
|
||||
0x00, 0x00, 0x00, 0x10, 0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03, 0x00, 0x00, 0x00, 0x00};
|
||||
|
||||
// SACL structure
|
||||
// NOLINTNEXTLINE(cppcoreguidelines-avoid-c-arrays,hicpp-avoid-c-arrays,modernize-avoid-c-arrays)
|
||||
const uint8_t sacl_data[] = {0x02, 0x00, 0x1C, 0x00, 0x01, 0x00, 0x00, 0x00, 0x11, 0x00,
|
||||
0x14, 0x00, 0x01, 0x00, 0x00, 0x00, 0x01, 0x01, 0x00, 0x00,
|
||||
0x00, 0x00, 0x00, 0x10, 0x00, 0x10, 0x00, 0x00};
|
||||
const uint8_t sacl_data[] = {0x02, 0x00, 0x1C, 0x00, 0x01, 0x00, 0x00, 0x00, 0x11, 0x00, 0x14, 0x00, 0x01, 0x00,
|
||||
0x00, 0x00, 0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0x00, 0x10, 0x00, 0x00};
|
||||
|
||||
ULONG total_size = sizeof(SECURITY_DESCRIPTOR_RELATIVE);
|
||||
|
||||
|
||||
@@ -9,8 +9,7 @@ namespace syscalls
|
||||
const emulator_object<SECURITY_QUALITY_OF_SERVICE> /*security_qos*/,
|
||||
const emulator_object<PORT_VIEW64> client_shared_memory,
|
||||
const emulator_object<REMOTE_PORT_VIEW64> /*server_shared_memory*/,
|
||||
const emulator_object<ULONG> /*maximum_message_length*/,
|
||||
const emulator_pointer connection_info,
|
||||
const emulator_object<ULONG> /*maximum_message_length*/, const emulator_pointer connection_info,
|
||||
const emulator_object<ULONG> connection_info_length)
|
||||
{
|
||||
auto port_name = read_unicode_string(c.emu, server_port_name);
|
||||
@@ -27,8 +26,7 @@ namespace syscalls
|
||||
}
|
||||
|
||||
client_shared_memory.access([&](PORT_VIEW64& view) {
|
||||
p.view_base =
|
||||
c.win_emu.memory.allocate_memory(static_cast<size_t>(view.ViewSize), memory_permission::read_write);
|
||||
p.view_base = c.win_emu.memory.allocate_memory(static_cast<size_t>(view.ViewSize), memory_permission::read_write);
|
||||
view.ViewBase = p.view_base;
|
||||
view.ViewRemoteBase = view.ViewBase;
|
||||
});
|
||||
@@ -42,15 +40,13 @@ namespace syscalls
|
||||
NTSTATUS handle_NtSecureConnectPort(const syscall_context& c, emulator_object<handle> client_port_handle,
|
||||
emulator_object<UNICODE_STRING<EmulatorTraits<Emu64>>> server_port_name,
|
||||
emulator_object<SECURITY_QUALITY_OF_SERVICE> security_qos,
|
||||
emulator_object<PORT_VIEW64> client_shared_memory,
|
||||
emulator_pointer /*server_sid*/,
|
||||
emulator_object<PORT_VIEW64> client_shared_memory, emulator_pointer /*server_sid*/,
|
||||
emulator_object<REMOTE_PORT_VIEW64> server_shared_memory,
|
||||
emulator_object<ULONG> maximum_message_length, emulator_pointer connection_info,
|
||||
emulator_object<ULONG> connection_info_length)
|
||||
{
|
||||
return handle_NtConnectPort(c, client_port_handle, server_port_name, security_qos, client_shared_memory,
|
||||
server_shared_memory, maximum_message_length, connection_info,
|
||||
connection_info_length);
|
||||
return handle_NtConnectPort(c, client_port_handle, server_port_name, security_qos, client_shared_memory, server_shared_memory,
|
||||
maximum_message_length, connection_info, connection_info_length);
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtAlpcSendWaitReceivePort(const syscall_context& c, const handle port_handle, const ULONG /*flags*/,
|
||||
|
||||
@@ -6,9 +6,8 @@
|
||||
|
||||
namespace syscalls
|
||||
{
|
||||
NTSTATUS handle_NtQueryInformationProcess(const syscall_context& c, const handle process_handle,
|
||||
const uint32_t info_class, const uint64_t process_information,
|
||||
const uint32_t process_information_length,
|
||||
NTSTATUS handle_NtQueryInformationProcess(const syscall_context& c, const handle process_handle, const uint32_t info_class,
|
||||
const uint64_t process_information, const uint32_t process_information_length,
|
||||
const emulator_object<uint32_t> return_length)
|
||||
{
|
||||
if (process_handle != CURRENT_PROCESS)
|
||||
@@ -24,48 +23,43 @@ namespace syscalls
|
||||
return STATUS_NOT_SUPPORTED;
|
||||
|
||||
case ProcessTimes:
|
||||
return handle_query<KERNEL_USER_TIMES>(c.emu, process_information, process_information_length,
|
||||
return_length, [](KERNEL_USER_TIMES& t) {
|
||||
return handle_query<KERNEL_USER_TIMES>(c.emu, process_information, process_information_length, return_length,
|
||||
[](KERNEL_USER_TIMES& t) {
|
||||
t = {}; //
|
||||
});
|
||||
|
||||
case ProcessCookie:
|
||||
return handle_query<uint32_t>(c.emu, process_information, process_information_length, return_length,
|
||||
[](uint32_t& cookie) {
|
||||
cookie = 0x01234567; //
|
||||
});
|
||||
return handle_query<uint32_t>(c.emu, process_information, process_information_length, return_length, [](uint32_t& cookie) {
|
||||
cookie = 0x01234567; //
|
||||
});
|
||||
|
||||
case ProcessDebugObjectHandle:
|
||||
return handle_query<handle>(c.emu, process_information, process_information_length, return_length,
|
||||
[](handle& h) {
|
||||
h = NULL_HANDLE;
|
||||
return STATUS_PORT_NOT_SET;
|
||||
});
|
||||
return handle_query<handle>(c.emu, process_information, process_information_length, return_length, [](handle& h) {
|
||||
h = NULL_HANDLE;
|
||||
return STATUS_PORT_NOT_SET;
|
||||
});
|
||||
|
||||
case ProcessDebugFlags:
|
||||
case ProcessWx86Information:
|
||||
case ProcessDefaultHardErrorMode:
|
||||
return handle_query<ULONG>(c.emu, process_information, process_information_length, return_length,
|
||||
[&](ULONG& res) {
|
||||
res = (info_class == ProcessDebugFlags ? 1 : 0); //
|
||||
});
|
||||
return handle_query<ULONG>(c.emu, process_information, process_information_length, return_length, [&](ULONG& res) {
|
||||
res = (info_class == ProcessDebugFlags ? 1 : 0); //
|
||||
});
|
||||
|
||||
case ProcessDebugPort:
|
||||
case ProcessDeviceMap:
|
||||
return handle_query<EmulatorTraits<Emu64>::PVOID>(c.emu, process_information, process_information_length,
|
||||
return_length, [](EmulatorTraits<Emu64>::PVOID& ptr) {
|
||||
return handle_query<EmulatorTraits<Emu64>::PVOID>(c.emu, process_information, process_information_length, return_length,
|
||||
[](EmulatorTraits<Emu64>::PVOID& ptr) {
|
||||
ptr = 0; //
|
||||
});
|
||||
|
||||
case ProcessEnableAlignmentFaultFixup:
|
||||
return handle_query<BOOLEAN>(c.emu, process_information, process_information_length, return_length,
|
||||
[](BOOLEAN& b) {
|
||||
b = FALSE; //
|
||||
});
|
||||
return handle_query<BOOLEAN>(c.emu, process_information, process_information_length, return_length, [](BOOLEAN& b) {
|
||||
b = FALSE; //
|
||||
});
|
||||
|
||||
case ProcessBasicInformation:
|
||||
return handle_query<PROCESS_BASIC_INFORMATION64>(c.emu, process_information, process_information_length,
|
||||
return_length,
|
||||
return handle_query<PROCESS_BASIC_INFORMATION64>(c.emu, process_information, process_information_length, return_length,
|
||||
[&](PROCESS_BASIC_INFORMATION64& basic_info) {
|
||||
basic_info.PebBaseAddress = c.proc.peb.value();
|
||||
basic_info.UniqueProcessId = 1;
|
||||
@@ -80,8 +74,7 @@ namespace syscalls
|
||||
const emulator_object<PEDosHeader_t> dos_header_obj{c.emu, mod.image_base};
|
||||
const auto dos_header = dos_header_obj.read();
|
||||
|
||||
const emulator_object<PENTHeaders_t<uint64_t>> nt_headers_obj{c.emu,
|
||||
mod.image_base + dos_header.e_lfanew};
|
||||
const emulator_object<PENTHeaders_t<uint64_t>> nt_headers_obj{c.emu, mod.image_base + dos_header.e_lfanew};
|
||||
const auto nt_headers = nt_headers_obj.read();
|
||||
|
||||
const auto& file_header = nt_headers.FileHeader;
|
||||
@@ -123,8 +116,7 @@ namespace syscalls
|
||||
|
||||
const emulator_object<UNICODE_STRING<EmulatorTraits<Emu64>>> info{c.emu, process_information};
|
||||
info.access([&](UNICODE_STRING<EmulatorTraits<Emu64>>& str) {
|
||||
const auto buffer_start =
|
||||
static_cast<uint64_t>(process_information) + sizeof(UNICODE_STRING<EmulatorTraits<Emu64>>);
|
||||
const auto buffer_start = static_cast<uint64_t>(process_information) + sizeof(UNICODE_STRING<EmulatorTraits<Emu64>>);
|
||||
const auto string = read_unicode_string(c.emu, params.ImagePathName);
|
||||
c.emu.write_memory(buffer_start, string.c_str(), (string.size() + 1) * 2);
|
||||
str.Length = params.ImagePathName.Length;
|
||||
@@ -143,9 +135,8 @@ namespace syscalls
|
||||
}
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtSetInformationProcess(const syscall_context& c, const handle process_handle,
|
||||
const uint32_t info_class, const uint64_t process_information,
|
||||
const uint32_t process_information_length)
|
||||
NTSTATUS handle_NtSetInformationProcess(const syscall_context& c, const handle process_handle, const uint32_t info_class,
|
||||
const uint64_t process_information, const uint32_t process_information_length)
|
||||
{
|
||||
if (process_handle != CURRENT_PROCESS)
|
||||
{
|
||||
@@ -243,8 +234,8 @@ namespace syscalls
|
||||
return STATUS_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtOpenProcessToken(const syscall_context&, const handle process_handle,
|
||||
const ACCESS_MASK /*desired_access*/, const emulator_object<handle> token_handle)
|
||||
NTSTATUS handle_NtOpenProcessToken(const syscall_context&, const handle process_handle, const ACCESS_MASK /*desired_access*/,
|
||||
const emulator_object<handle> token_handle)
|
||||
{
|
||||
if (process_handle != CURRENT_PROCESS)
|
||||
{
|
||||
@@ -256,9 +247,8 @@ namespace syscalls
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtOpenProcessTokenEx(const syscall_context& c, const handle process_handle,
|
||||
const ACCESS_MASK desired_access, const ULONG /*handle_attributes*/,
|
||||
const emulator_object<handle> token_handle)
|
||||
NTSTATUS handle_NtOpenProcessTokenEx(const syscall_context& c, const handle process_handle, const ACCESS_MASK desired_access,
|
||||
const ULONG /*handle_attributes*/, const emulator_object<handle> token_handle)
|
||||
{
|
||||
return handle_NtOpenProcessToken(c, process_handle, desired_access, token_handle);
|
||||
}
|
||||
|
||||
@@ -6,8 +6,7 @@
|
||||
|
||||
namespace syscalls
|
||||
{
|
||||
NTSTATUS handle_NtOpenKey(const syscall_context& c, const emulator_object<handle> key_handle,
|
||||
const ACCESS_MASK /*desired_access*/,
|
||||
NTSTATUS handle_NtOpenKey(const syscall_context& c, const emulator_object<handle> key_handle, const ACCESS_MASK /*desired_access*/,
|
||||
const emulator_object<OBJECT_ATTRIBUTES<EmulatorTraits<Emu64>>> object_attributes)
|
||||
{
|
||||
const auto attributes = object_attributes.read();
|
||||
@@ -39,17 +38,14 @@ namespace syscalls
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtOpenKeyEx(const syscall_context& c, const emulator_object<handle> key_handle,
|
||||
const ACCESS_MASK desired_access,
|
||||
const emulator_object<OBJECT_ATTRIBUTES<EmulatorTraits<Emu64>>> object_attributes,
|
||||
ULONG /*open_options*/)
|
||||
NTSTATUS handle_NtOpenKeyEx(const syscall_context& c, const emulator_object<handle> key_handle, const ACCESS_MASK desired_access,
|
||||
const emulator_object<OBJECT_ATTRIBUTES<EmulatorTraits<Emu64>>> object_attributes, ULONG /*open_options*/)
|
||||
{
|
||||
return handle_NtOpenKey(c, key_handle, desired_access, object_attributes);
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtQueryKey(const syscall_context& c, const handle key_handle,
|
||||
const KEY_INFORMATION_CLASS key_information_class, const uint64_t key_information,
|
||||
const ULONG length, const emulator_object<ULONG> result_length)
|
||||
NTSTATUS handle_NtQueryKey(const syscall_context& c, const handle key_handle, const KEY_INFORMATION_CLASS key_information_class,
|
||||
const uint64_t key_information, const ULONG length, const emulator_object<ULONG> result_length)
|
||||
{
|
||||
const auto* key = c.proc.registry_keys.get(key_handle);
|
||||
if (!key)
|
||||
@@ -81,8 +77,7 @@ namespace syscalls
|
||||
const emulator_object<KEY_NAME_INFORMATION> info_obj{c.emu, key_information};
|
||||
info_obj.write(info);
|
||||
|
||||
c.emu.write_memory(key_information + offsetof(KEY_NAME_INFORMATION, Name), key_name.data(),
|
||||
info.NameLength);
|
||||
c.emu.write_memory(key_information + offsetof(KEY_NAME_INFORMATION, Name), key_name.data(), info.NameLength);
|
||||
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
@@ -118,9 +113,8 @@ namespace syscalls
|
||||
|
||||
NTSTATUS handle_NtQueryValueKey(const syscall_context& c, const handle key_handle,
|
||||
const emulator_object<UNICODE_STRING<EmulatorTraits<Emu64>>> value_name,
|
||||
const KEY_VALUE_INFORMATION_CLASS key_value_information_class,
|
||||
const uint64_t key_value_information, const ULONG length,
|
||||
const emulator_object<ULONG> result_length)
|
||||
const KEY_VALUE_INFORMATION_CLASS key_value_information_class, const uint64_t key_value_information,
|
||||
const ULONG length, const emulator_object<ULONG> result_length)
|
||||
{
|
||||
const auto* key = c.proc.registry_keys.get(key_handle);
|
||||
if (!key)
|
||||
@@ -222,8 +216,7 @@ namespace syscalls
|
||||
|
||||
c.emu.write_memory(key_value_information + base_size, original_name.data(), info.NameLength);
|
||||
|
||||
c.emu.write_memory(key_value_information + base_size + info.NameLength, value->data.data(),
|
||||
value->data.size());
|
||||
c.emu.write_memory(key_value_information + base_size + info.NameLength, value->data.data(), value->data.size());
|
||||
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
@@ -233,11 +226,9 @@ namespace syscalls
|
||||
return STATUS_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtCreateKey(const syscall_context& c, const emulator_object<handle> key_handle,
|
||||
const ACCESS_MASK desired_access,
|
||||
NTSTATUS handle_NtCreateKey(const syscall_context& c, const emulator_object<handle> key_handle, const ACCESS_MASK desired_access,
|
||||
const emulator_object<OBJECT_ATTRIBUTES<EmulatorTraits<Emu64>>> object_attributes,
|
||||
const ULONG /*title_index*/,
|
||||
const emulator_object<UNICODE_STRING<EmulatorTraits<Emu64>>> /*class*/,
|
||||
const ULONG /*title_index*/, const emulator_object<UNICODE_STRING<EmulatorTraits<Emu64>>> /*class*/,
|
||||
const ULONG /*create_options*/, const emulator_object<ULONG> /*disposition*/)
|
||||
{
|
||||
const auto result = handle_NtOpenKey(c, key_handle, desired_access, object_attributes);
|
||||
@@ -261,8 +252,8 @@ namespace syscalls
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtEnumerateKey(const syscall_context& c, const handle key_handle, const ULONG index,
|
||||
const KEY_INFORMATION_CLASS key_information_class, const uint64_t key_information,
|
||||
const ULONG length, const emulator_object<ULONG> result_length)
|
||||
const KEY_INFORMATION_CLASS key_information_class, const uint64_t key_information, const ULONG length,
|
||||
const emulator_object<ULONG> result_length)
|
||||
{
|
||||
const auto* key = c.proc.registry_keys.get(key_handle);
|
||||
if (!key)
|
||||
@@ -341,9 +332,8 @@ namespace syscalls
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtEnumerateValueKey(const syscall_context& c, const handle key_handle, const ULONG index,
|
||||
const KEY_VALUE_INFORMATION_CLASS key_value_information_class,
|
||||
const uint64_t key_value_information, const ULONG length,
|
||||
const emulator_object<ULONG> result_length)
|
||||
const KEY_VALUE_INFORMATION_CLASS key_value_information_class, const uint64_t key_value_information,
|
||||
const ULONG length, const emulator_object<ULONG> result_length)
|
||||
{
|
||||
const auto* key = c.proc.registry_keys.get(key_handle);
|
||||
if (!key)
|
||||
|
||||
@@ -9,9 +9,8 @@ namespace syscalls
|
||||
NTSTATUS handle_NtCreateSection(const syscall_context& c, const emulator_object<handle> section_handle,
|
||||
const ACCESS_MASK /*desired_access*/,
|
||||
const emulator_object<OBJECT_ATTRIBUTES<EmulatorTraits<Emu64>>> object_attributes,
|
||||
const emulator_object<ULARGE_INTEGER> maximum_size,
|
||||
const ULONG section_page_protection, const ULONG allocation_attributes,
|
||||
const handle file_handle)
|
||||
const emulator_object<ULARGE_INTEGER> maximum_size, const ULONG section_page_protection,
|
||||
const ULONG allocation_attributes, const handle file_handle)
|
||||
{
|
||||
section s{};
|
||||
s.section_page_protection = section_page_protection;
|
||||
@@ -96,8 +95,7 @@ namespace syscalls
|
||||
return STATUS_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
if (attributes.RootDirectory != KNOWN_DLLS_DIRECTORY &&
|
||||
attributes.RootDirectory != BASE_NAMED_OBJECTS_DIRECTORY)
|
||||
if (attributes.RootDirectory != KNOWN_DLLS_DIRECTORY && attributes.RootDirectory != BASE_NAMED_OBJECTS_DIRECTORY)
|
||||
{
|
||||
c.win_emu.log.error("Unsupported section\n");
|
||||
c.emu.stop();
|
||||
@@ -118,14 +116,14 @@ namespace syscalls
|
||||
return STATUS_OBJECT_NAME_NOT_FOUND;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtMapViewOfSection(
|
||||
const syscall_context& c, const handle section_handle, const handle process_handle,
|
||||
const emulator_object<uint64_t> base_address,
|
||||
const EMULATOR_CAST(EmulatorTraits<Emu64>::ULONG_PTR, ULONG_PTR) /*zero_bits*/,
|
||||
const EMULATOR_CAST(EmulatorTraits<Emu64>::SIZE_T, SIZE_T) /*commit_size*/,
|
||||
const emulator_object<LARGE_INTEGER> /*section_offset*/,
|
||||
const emulator_object<EMULATOR_CAST(EmulatorTraits<Emu64>::SIZE_T, SIZE_T)> view_size,
|
||||
const SECTION_INHERIT /*inherit_disposition*/, const ULONG /*allocation_type*/, const ULONG /*win32_protect*/)
|
||||
NTSTATUS handle_NtMapViewOfSection(const syscall_context& c, const handle section_handle, const handle process_handle,
|
||||
const emulator_object<uint64_t> base_address,
|
||||
const EMULATOR_CAST(EmulatorTraits<Emu64>::ULONG_PTR, ULONG_PTR) /*zero_bits*/,
|
||||
const EMULATOR_CAST(EmulatorTraits<Emu64>::SIZE_T, SIZE_T) /*commit_size*/,
|
||||
const emulator_object<LARGE_INTEGER> /*section_offset*/,
|
||||
const emulator_object<EMULATOR_CAST(EmulatorTraits<Emu64>::SIZE_T, SIZE_T)> view_size,
|
||||
const SECTION_INHERIT /*inherit_disposition*/, const ULONG /*allocation_type*/,
|
||||
const ULONG /*win32_protect*/)
|
||||
{
|
||||
if (process_handle != CURRENT_PROCESS)
|
||||
{
|
||||
@@ -155,15 +153,13 @@ namespace syscalls
|
||||
ucs.MaximumLength = ucs.Length;
|
||||
});
|
||||
|
||||
const emulator_object<UNICODE_STRING<EmulatorTraits<Emu64>>> sysdir_obj{c.emu, windir_obj.value() +
|
||||
windir_obj.size()};
|
||||
const emulator_object<UNICODE_STRING<EmulatorTraits<Emu64>>> sysdir_obj{c.emu, windir_obj.value() + windir_obj.size()};
|
||||
sysdir_obj.access([&](UNICODE_STRING<EmulatorTraits<Emu64>>& ucs) {
|
||||
c.proc.base_allocator.make_unicode_string(ucs, u"C:\\WINDOWS\\System32");
|
||||
ucs.Buffer = ucs.Buffer - obj_address;
|
||||
});
|
||||
|
||||
const emulator_object<UNICODE_STRING<EmulatorTraits<Emu64>>> base_dir_obj{c.emu, sysdir_obj.value() +
|
||||
sysdir_obj.size()};
|
||||
const emulator_object<UNICODE_STRING<EmulatorTraits<Emu64>>> base_dir_obj{c.emu, sysdir_obj.value() + sysdir_obj.size()};
|
||||
base_dir_obj.access([&](UNICODE_STRING<EmulatorTraits<Emu64>>& ucs) {
|
||||
c.proc.base_allocator.make_unicode_string(ucs, u"\\Sessions\\1\\BaseNamedObjects");
|
||||
ucs.Buffer = ucs.Buffer - obj_address;
|
||||
@@ -257,8 +253,7 @@ namespace syscalls
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtUnmapViewOfSection(const syscall_context& c, const handle process_handle,
|
||||
const uint64_t base_address)
|
||||
NTSTATUS handle_NtUnmapViewOfSection(const syscall_context& c, const handle process_handle, const uint64_t base_address)
|
||||
{
|
||||
if (process_handle != CURRENT_PROCESS)
|
||||
{
|
||||
@@ -305,8 +300,8 @@ namespace syscalls
|
||||
return STATUS_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtUnmapViewOfSectionEx(const syscall_context& c, const handle process_handle,
|
||||
const uint64_t base_address, const ULONG /*flags*/)
|
||||
NTSTATUS handle_NtUnmapViewOfSectionEx(const syscall_context& c, const handle process_handle, const uint64_t base_address,
|
||||
const ULONG /*flags*/)
|
||||
{
|
||||
return handle_NtUnmapViewOfSection(c, process_handle, base_address);
|
||||
}
|
||||
|
||||
@@ -19,8 +19,7 @@ namespace syscalls
|
||||
return STATUS_INVALID_PARAMETER;
|
||||
}
|
||||
|
||||
const auto name = read_unicode_string(
|
||||
c.emu, emulator_object<UNICODE_STRING<EmulatorTraits<Emu64>>>{c.emu, attributes.ObjectName});
|
||||
const auto name = read_unicode_string(c.emu, emulator_object<UNICODE_STRING<EmulatorTraits<Emu64>>>{c.emu, attributes.ObjectName});
|
||||
if (name.empty())
|
||||
{
|
||||
return STATUS_INVALID_PARAMETER;
|
||||
@@ -38,8 +37,8 @@ namespace syscalls
|
||||
return STATUS_OBJECT_NAME_NOT_FOUND;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtReleaseSemaphore(const syscall_context& c, const handle semaphore_handle,
|
||||
const ULONG release_count, const emulator_object<LONG> previous_count)
|
||||
NTSTATUS handle_NtReleaseSemaphore(const syscall_context& c, const handle semaphore_handle, const ULONG release_count,
|
||||
const emulator_object<LONG> previous_count)
|
||||
{
|
||||
if (semaphore_handle.value.type != handle_types::semaphore)
|
||||
{
|
||||
|
||||
@@ -7,8 +7,7 @@ namespace syscalls
|
||||
namespace
|
||||
{
|
||||
NTSTATUS handle_logical_processor_and_group_information(const syscall_context& c, const uint64_t input_buffer,
|
||||
const uint32_t input_buffer_length,
|
||||
const uint64_t system_information,
|
||||
const uint32_t input_buffer_length, const uint64_t system_information,
|
||||
const uint32_t system_information_length,
|
||||
const emulator_object<uint32_t> return_length)
|
||||
{
|
||||
@@ -87,11 +86,9 @@ namespace syscalls
|
||||
}
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtQuerySystemInformationEx(const syscall_context& c, const uint32_t info_class,
|
||||
const uint64_t input_buffer, const uint32_t input_buffer_length,
|
||||
const uint64_t system_information,
|
||||
const uint32_t system_information_length,
|
||||
const emulator_object<uint32_t> return_length)
|
||||
NTSTATUS handle_NtQuerySystemInformationEx(const syscall_context& c, const uint32_t info_class, const uint64_t input_buffer,
|
||||
const uint32_t input_buffer_length, const uint64_t system_information,
|
||||
const uint32_t system_information_length, const emulator_object<uint32_t> return_length)
|
||||
{
|
||||
switch (info_class)
|
||||
{
|
||||
@@ -113,8 +110,7 @@ namespace syscalls
|
||||
return STATUS_NOT_SUPPORTED;
|
||||
|
||||
case SystemTimeOfDayInformation:
|
||||
return handle_query<SYSTEM_TIMEOFDAY_INFORMATION64>(c.emu, system_information, system_information_length,
|
||||
return_length,
|
||||
return handle_query<SYSTEM_TIMEOFDAY_INFORMATION64>(c.emu, system_information, system_information_length, return_length,
|
||||
[&](SYSTEM_TIMEOFDAY_INFORMATION64& info) {
|
||||
memset(&info, 0, sizeof(info));
|
||||
info.BootTime.QuadPart = 0;
|
||||
@@ -125,8 +121,7 @@ namespace syscalls
|
||||
case SystemTimeZoneInformation:
|
||||
case SystemCurrentTimeZoneInformation:
|
||||
return handle_query<SYSTEM_TIMEZONE_INFORMATION>(
|
||||
c.emu, system_information, system_information_length, return_length,
|
||||
[&](SYSTEM_TIMEZONE_INFORMATION& tzi) {
|
||||
c.emu, system_information, system_information_length, return_length, [&](SYSTEM_TIMEZONE_INFORMATION& tzi) {
|
||||
memset(&tzi, 0, sizeof(tzi));
|
||||
|
||||
tzi.Bias = -60;
|
||||
@@ -160,8 +155,7 @@ namespace syscalls
|
||||
|
||||
case SystemDynamicTimeZoneInformation:
|
||||
return handle_query<SYSTEM_DYNAMIC_TIMEZONE_INFORMATION>(
|
||||
c.emu, system_information, system_information_length, return_length,
|
||||
[&](SYSTEM_DYNAMIC_TIMEZONE_INFORMATION& dtzi) {
|
||||
c.emu, system_information, system_information_length, return_length, [&](SYSTEM_DYNAMIC_TIMEZONE_INFORMATION& dtzi) {
|
||||
memset(&dtzi, 0, sizeof(dtzi));
|
||||
|
||||
dtzi.Bias = -60;
|
||||
@@ -199,24 +193,22 @@ namespace syscalls
|
||||
});
|
||||
|
||||
case SystemRangeStartInformation:
|
||||
return handle_query<SYSTEM_RANGE_START_INFORMATION64>(c.emu, system_information, system_information_length,
|
||||
return_length,
|
||||
return handle_query<SYSTEM_RANGE_START_INFORMATION64>(c.emu, system_information, system_information_length, return_length,
|
||||
[&](SYSTEM_RANGE_START_INFORMATION64& info) {
|
||||
info.SystemRangeStart = 0xFFFF800000000000; //
|
||||
});
|
||||
|
||||
case SystemProcessorInformation:
|
||||
return handle_query<SYSTEM_PROCESSOR_INFORMATION64>(
|
||||
c.emu, system_information, system_information_length, return_length,
|
||||
[&](SYSTEM_PROCESSOR_INFORMATION64& info) {
|
||||
memset(&info, 0, sizeof(info));
|
||||
info.MaximumProcessors = 2;
|
||||
info.ProcessorArchitecture = PROCESSOR_ARCHITECTURE_AMD64;
|
||||
});
|
||||
return handle_query<SYSTEM_PROCESSOR_INFORMATION64>(c.emu, system_information, system_information_length, return_length,
|
||||
[&](SYSTEM_PROCESSOR_INFORMATION64& info) {
|
||||
memset(&info, 0, sizeof(info));
|
||||
info.MaximumProcessors = 2;
|
||||
info.ProcessorArchitecture = PROCESSOR_ARCHITECTURE_AMD64;
|
||||
});
|
||||
|
||||
case SystemNumaProcessorMap:
|
||||
return handle_query<SYSTEM_NUMA_INFORMATION64>(c.emu, system_information, system_information_length,
|
||||
return_length, [&](SYSTEM_NUMA_INFORMATION64& info) {
|
||||
return handle_query<SYSTEM_NUMA_INFORMATION64>(c.emu, system_information, system_information_length, return_length,
|
||||
[&](SYSTEM_NUMA_INFORMATION64& info) {
|
||||
memset(&info, 0, sizeof(info));
|
||||
info.ActiveProcessorsGroupAffinity->Mask = 0xFFF;
|
||||
info.AvailableMemory[0] = 0xFFF;
|
||||
@@ -224,23 +216,22 @@ namespace syscalls
|
||||
});
|
||||
|
||||
case SystemErrorPortTimeouts:
|
||||
return handle_query<SYSTEM_ERROR_PORT_TIMEOUTS>(c.emu, system_information, system_information_length,
|
||||
return_length, [&](SYSTEM_ERROR_PORT_TIMEOUTS& info) {
|
||||
return handle_query<SYSTEM_ERROR_PORT_TIMEOUTS>(c.emu, system_information, system_information_length, return_length,
|
||||
[&](SYSTEM_ERROR_PORT_TIMEOUTS& info) {
|
||||
info.StartTimeout = 0;
|
||||
info.CommTimeout = 0;
|
||||
});
|
||||
|
||||
case SystemKernelDebuggerInformation:
|
||||
return handle_query<SYSTEM_KERNEL_DEBUGGER_INFORMATION>(c.emu, system_information,
|
||||
system_information_length, return_length,
|
||||
return handle_query<SYSTEM_KERNEL_DEBUGGER_INFORMATION>(c.emu, system_information, system_information_length, return_length,
|
||||
[&](SYSTEM_KERNEL_DEBUGGER_INFORMATION& info) {
|
||||
info.KernelDebuggerEnabled = FALSE;
|
||||
info.KernelDebuggerNotPresent = TRUE;
|
||||
});
|
||||
|
||||
case SystemLogicalProcessorAndGroupInformation:
|
||||
return handle_logical_processor_and_group_information(
|
||||
c, input_buffer, input_buffer_length, system_information, system_information_length, return_length);
|
||||
return handle_logical_processor_and_group_information(c, input_buffer, input_buffer_length, system_information,
|
||||
system_information_length, return_length);
|
||||
|
||||
case SystemLogicalProcessorInformation: {
|
||||
if (!input_buffer || input_buffer_length != sizeof(USHORT))
|
||||
@@ -252,35 +243,33 @@ namespace syscalls
|
||||
|
||||
const auto processor_group = c.emu.read_memory<USHORT>(input_buffer);
|
||||
|
||||
return handle_query<info_type>(
|
||||
c.emu, system_information, system_information_length, return_length, [&](info_type& info) {
|
||||
info.Relationship = RelationProcessorCore;
|
||||
return handle_query<info_type>(c.emu, system_information, system_information_length, return_length, [&](info_type& info) {
|
||||
info.Relationship = RelationProcessorCore;
|
||||
|
||||
if (processor_group == 0)
|
||||
{
|
||||
using mask_type = decltype(info.ProcessorMask);
|
||||
const auto active_processor_count = c.proc.kusd.get().ActiveProcessorCount;
|
||||
info.ProcessorMask = (static_cast<mask_type>(1) << active_processor_count) - 1;
|
||||
}
|
||||
});
|
||||
if (processor_group == 0)
|
||||
{
|
||||
using mask_type = decltype(info.ProcessorMask);
|
||||
const auto active_processor_count = c.proc.kusd.get().ActiveProcessorCount;
|
||||
info.ProcessorMask = (static_cast<mask_type>(1) << active_processor_count) - 1;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
case SystemBasicInformation:
|
||||
case SystemEmulationBasicInformation:
|
||||
return handle_query<SYSTEM_BASIC_INFORMATION64>(
|
||||
c.emu, system_information, system_information_length, return_length,
|
||||
[&](SYSTEM_BASIC_INFORMATION64& basic_info) {
|
||||
basic_info.Reserved = 0;
|
||||
basic_info.TimerResolution = 0x0002625a;
|
||||
basic_info.PageSize = 0x1000;
|
||||
basic_info.LowestPhysicalPageNumber = 0x00000001;
|
||||
basic_info.HighestPhysicalPageNumber = 0x00c9c7ff;
|
||||
basic_info.AllocationGranularity = ALLOCATION_GRANULARITY;
|
||||
basic_info.MinimumUserModeAddress = MIN_ALLOCATION_ADDRESS;
|
||||
basic_info.MaximumUserModeAddress = MAX_ALLOCATION_ADDRESS;
|
||||
basic_info.ActiveProcessorsAffinityMask = 0x0000000000000fff;
|
||||
basic_info.NumberOfProcessors = 1;
|
||||
});
|
||||
return handle_query<SYSTEM_BASIC_INFORMATION64>(c.emu, system_information, system_information_length, return_length,
|
||||
[&](SYSTEM_BASIC_INFORMATION64& basic_info) {
|
||||
basic_info.Reserved = 0;
|
||||
basic_info.TimerResolution = 0x0002625a;
|
||||
basic_info.PageSize = 0x1000;
|
||||
basic_info.LowestPhysicalPageNumber = 0x00000001;
|
||||
basic_info.HighestPhysicalPageNumber = 0x00c9c7ff;
|
||||
basic_info.AllocationGranularity = ALLOCATION_GRANULARITY;
|
||||
basic_info.MinimumUserModeAddress = MIN_ALLOCATION_ADDRESS;
|
||||
basic_info.MaximumUserModeAddress = MAX_ALLOCATION_ADDRESS;
|
||||
basic_info.ActiveProcessorsAffinityMask = 0x0000000000000fff;
|
||||
basic_info.NumberOfProcessors = 1;
|
||||
});
|
||||
|
||||
default:
|
||||
c.win_emu.log.error("Unsupported system info class: %X\n", info_class);
|
||||
@@ -289,13 +278,10 @@ namespace syscalls
|
||||
}
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtQuerySystemInformation(const syscall_context& c, const uint32_t info_class,
|
||||
const uint64_t system_information,
|
||||
const uint32_t system_information_length,
|
||||
const emulator_object<uint32_t> return_length)
|
||||
NTSTATUS handle_NtQuerySystemInformation(const syscall_context& c, const uint32_t info_class, const uint64_t system_information,
|
||||
const uint32_t system_information_length, const emulator_object<uint32_t> return_length)
|
||||
{
|
||||
return handle_NtQuerySystemInformationEx(c, info_class, 0, 0, system_information, system_information_length,
|
||||
return_length);
|
||||
return handle_NtQuerySystemInformationEx(c, info_class, 0, 0, system_information, system_information_length, return_length);
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtSetSystemInformation()
|
||||
|
||||
@@ -7,9 +7,8 @@
|
||||
|
||||
namespace syscalls
|
||||
{
|
||||
NTSTATUS handle_NtSetInformationThread(const syscall_context& c, const handle thread_handle,
|
||||
const THREADINFOCLASS info_class, const uint64_t thread_information,
|
||||
const uint32_t thread_information_length)
|
||||
NTSTATUS handle_NtSetInformationThread(const syscall_context& c, const handle thread_handle, const THREADINFOCLASS info_class,
|
||||
const uint64_t thread_information, const uint32_t thread_information_length)
|
||||
{
|
||||
auto* thread = thread_handle == CURRENT_THREAD ? c.proc.active_thread : c.proc.threads.get(thread_handle);
|
||||
|
||||
@@ -18,8 +17,7 @@ namespace syscalls
|
||||
return STATUS_INVALID_HANDLE;
|
||||
}
|
||||
|
||||
if (info_class == ThreadSchedulerSharedDataSlot || info_class == ThreadBasePriority ||
|
||||
info_class == ThreadAffinityMask)
|
||||
if (info_class == ThreadSchedulerSharedDataSlot || info_class == ThreadBasePriority || info_class == ThreadAffinityMask)
|
||||
{
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
@@ -91,9 +89,8 @@ namespace syscalls
|
||||
return STATUS_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtQueryInformationThread(const syscall_context& c, const handle thread_handle,
|
||||
const uint32_t info_class, const uint64_t thread_information,
|
||||
const uint32_t thread_information_length,
|
||||
NTSTATUS handle_NtQueryInformationThread(const syscall_context& c, const handle thread_handle, const uint32_t info_class,
|
||||
const uint64_t thread_information, const uint32_t thread_information_length,
|
||||
const emulator_object<uint32_t> return_length)
|
||||
{
|
||||
const auto* thread = thread_handle == CURRENT_THREAD ? c.proc.active_thread : c.proc.threads.get(thread_handle);
|
||||
@@ -246,9 +243,8 @@ namespace syscalls
|
||||
return STATUS_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtOpenThreadToken(const syscall_context&, const handle thread_handle,
|
||||
const ACCESS_MASK /*desired_access*/, const BOOLEAN /*open_as_self*/,
|
||||
const emulator_object<handle> token_handle)
|
||||
NTSTATUS handle_NtOpenThreadToken(const syscall_context&, const handle thread_handle, const ACCESS_MASK /*desired_access*/,
|
||||
const BOOLEAN /*open_as_self*/, const emulator_object<handle> token_handle)
|
||||
{
|
||||
if (thread_handle != CURRENT_THREAD)
|
||||
{
|
||||
@@ -260,9 +256,9 @@ namespace syscalls
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtOpenThreadTokenEx(const syscall_context& c, const handle thread_handle,
|
||||
const ACCESS_MASK desired_access, const BOOLEAN open_as_self,
|
||||
const ULONG /*handle_attributes*/, const emulator_object<handle> token_handle)
|
||||
NTSTATUS handle_NtOpenThreadTokenEx(const syscall_context& c, const handle thread_handle, const ACCESS_MASK desired_access,
|
||||
const BOOLEAN open_as_self, const ULONG /*handle_attributes*/,
|
||||
const emulator_object<handle> token_handle)
|
||||
{
|
||||
return handle_NtOpenThreadToken(c, thread_handle, desired_access, open_as_self, token_handle);
|
||||
}
|
||||
@@ -304,8 +300,7 @@ namespace syscalls
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtDelayExecution(const syscall_context& c, const BOOLEAN alertable,
|
||||
const emulator_object<LARGE_INTEGER> delay_interval)
|
||||
NTSTATUS handle_NtDelayExecution(const syscall_context& c, const BOOLEAN alertable, const emulator_object<LARGE_INTEGER> delay_interval)
|
||||
{
|
||||
auto& t = c.win_emu.current_thread();
|
||||
t.await_time = utils::convert_delay_interval_to_time_point(c.win_emu.clock(), delay_interval.read());
|
||||
@@ -342,8 +337,7 @@ namespace syscalls
|
||||
return handle_NtAlertThreadByThreadId(c, thread_id);
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtWaitForAlertByThreadId(const syscall_context& c, const uint64_t,
|
||||
const emulator_object<LARGE_INTEGER> timeout)
|
||||
NTSTATUS handle_NtWaitForAlertByThreadId(const syscall_context& c, const uint64_t, const emulator_object<LARGE_INTEGER> timeout)
|
||||
{
|
||||
auto& t = c.win_emu.current_thread();
|
||||
t.waiting_for_alert = true;
|
||||
@@ -413,15 +407,14 @@ namespace syscalls
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtContinue(const syscall_context& c, const emulator_object<CONTEXT64> thread_context,
|
||||
const BOOLEAN raise_alert)
|
||||
NTSTATUS handle_NtContinue(const syscall_context& c, const emulator_object<CONTEXT64> thread_context, const BOOLEAN raise_alert)
|
||||
{
|
||||
return handle_NtContinueEx(c, thread_context, raise_alert ? 1 : 0);
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtGetNextThread(const syscall_context& c, const handle process_handle, const handle thread_handle,
|
||||
const ACCESS_MASK /*desired_access*/, const ULONG /*handle_attributes*/,
|
||||
const ULONG flags, const emulator_object<handle> new_thread_handle)
|
||||
const ACCESS_MASK /*desired_access*/, const ULONG /*handle_attributes*/, const ULONG flags,
|
||||
const emulator_object<handle> new_thread_handle)
|
||||
{
|
||||
if (process_handle != CURRENT_PROCESS || thread_handle.value.type != handle_types::thread)
|
||||
{
|
||||
@@ -535,8 +528,7 @@ namespace syscalls
|
||||
return STATUS_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
const auto h = c.proc.create_thread(c.win_emu.memory, start_routine, argument, stack_size,
|
||||
create_flags & CREATE_SUSPENDED);
|
||||
const auto h = c.proc.create_thread(c.win_emu.memory, start_routine, argument, stack_size, create_flags & CREATE_SUSPENDED);
|
||||
thread_handle.write(h);
|
||||
|
||||
if (!attribute_list)
|
||||
@@ -581,8 +573,7 @@ namespace syscalls
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtGetCurrentProcessorNumberEx(const syscall_context&,
|
||||
const emulator_object<PROCESSOR_NUMBER> processor_number)
|
||||
NTSTATUS handle_NtGetCurrentProcessorNumberEx(const syscall_context&, const emulator_object<PROCESSOR_NUMBER> processor_number)
|
||||
{
|
||||
constexpr PROCESSOR_NUMBER number{};
|
||||
processor_number.write(number);
|
||||
@@ -594,9 +585,8 @@ namespace syscalls
|
||||
return 0;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtQueueApcThreadEx2(const syscall_context& c, const handle thread_handle,
|
||||
const handle /*reserve_handle*/, const uint32_t apc_flags,
|
||||
const uint64_t apc_routine, const uint64_t apc_argument1,
|
||||
NTSTATUS handle_NtQueueApcThreadEx2(const syscall_context& c, const handle thread_handle, const handle /*reserve_handle*/,
|
||||
const uint32_t apc_flags, const uint64_t apc_routine, const uint64_t apc_argument1,
|
||||
const uint64_t apc_argument2, const uint64_t apc_argument3)
|
||||
{
|
||||
auto* thread = thread_handle == CURRENT_THREAD ? c.proc.active_thread : c.proc.threads.get(thread_handle);
|
||||
@@ -624,9 +614,8 @@ namespace syscalls
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtQueueApcThreadEx(const syscall_context& c, const handle thread_handle,
|
||||
const handle reserve_handle, const uint64_t apc_routine,
|
||||
const uint64_t apc_argument1, const uint64_t apc_argument2,
|
||||
NTSTATUS handle_NtQueueApcThreadEx(const syscall_context& c, const handle thread_handle, const handle reserve_handle,
|
||||
const uint64_t apc_routine, const uint64_t apc_argument1, const uint64_t apc_argument2,
|
||||
const uint64_t apc_argument3)
|
||||
{
|
||||
uint32_t flags{0};
|
||||
@@ -638,15 +627,13 @@ namespace syscalls
|
||||
static_assert(QUEUE_USER_APC_FLAGS_SPECIAL_USER_APC == 1);
|
||||
}
|
||||
|
||||
return handle_NtQueueApcThreadEx2(c, thread_handle, real_reserve_handle, flags, apc_routine, apc_argument1,
|
||||
apc_argument2, apc_argument3);
|
||||
return handle_NtQueueApcThreadEx2(c, thread_handle, real_reserve_handle, flags, apc_routine, apc_argument1, apc_argument2,
|
||||
apc_argument3);
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtQueueApcThread(const syscall_context& c, const handle thread_handle, const uint64_t apc_routine,
|
||||
const uint64_t apc_argument1, const uint64_t apc_argument2,
|
||||
const uint64_t apc_argument3)
|
||||
const uint64_t apc_argument1, const uint64_t apc_argument2, const uint64_t apc_argument3)
|
||||
{
|
||||
return handle_NtQueueApcThreadEx(c, thread_handle, make_handle(0), apc_routine, apc_argument1, apc_argument2,
|
||||
apc_argument3);
|
||||
return handle_NtQueueApcThreadEx(c, thread_handle, make_handle(0), apc_routine, apc_argument1, apc_argument2, apc_argument3);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -6,8 +6,7 @@
|
||||
namespace syscalls
|
||||
{
|
||||
NTSTATUS handle_NtQueryTimerResolution(const syscall_context&, const emulator_object<ULONG> maximum_time,
|
||||
const emulator_object<ULONG> minimum_time,
|
||||
const emulator_object<ULONG> current_time)
|
||||
const emulator_object<ULONG> minimum_time, const emulator_object<ULONG> current_time)
|
||||
{
|
||||
maximum_time.write_if_valid(0x0002625a);
|
||||
minimum_time.write_if_valid(0x00001388);
|
||||
@@ -15,8 +14,8 @@ namespace syscalls
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtSetTimerResolution(const syscall_context&, const ULONG /*desired_resolution*/,
|
||||
const BOOLEAN set_resolution, const emulator_object<ULONG> current_resolution)
|
||||
NTSTATUS handle_NtSetTimerResolution(const syscall_context&, const ULONG /*desired_resolution*/, const BOOLEAN set_resolution,
|
||||
const emulator_object<ULONG> current_resolution)
|
||||
{
|
||||
if (current_resolution)
|
||||
{
|
||||
@@ -31,10 +30,9 @@ namespace syscalls
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtCreateTimer2(const syscall_context& c, const emulator_object<handle> timer_handle,
|
||||
uint64_t /*reserved*/,
|
||||
const emulator_object<OBJECT_ATTRIBUTES<EmulatorTraits<Emu64>>> object_attributes,
|
||||
ULONG /*attributes*/, ACCESS_MASK /*desired_access*/)
|
||||
NTSTATUS handle_NtCreateTimer2(const syscall_context& c, const emulator_object<handle> timer_handle, uint64_t /*reserved*/,
|
||||
const emulator_object<OBJECT_ATTRIBUTES<EmulatorTraits<Emu64>>> object_attributes, ULONG /*attributes*/,
|
||||
ACCESS_MASK /*desired_access*/)
|
||||
{
|
||||
std::u16string name{};
|
||||
if (object_attributes)
|
||||
@@ -69,10 +67,8 @@ namespace syscalls
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtCreateTimer(const syscall_context& c, const emulator_object<handle> timer_handle,
|
||||
ACCESS_MASK desired_access,
|
||||
const emulator_object<OBJECT_ATTRIBUTES<EmulatorTraits<Emu64>>> object_attributes,
|
||||
ULONG timer_type)
|
||||
NTSTATUS handle_NtCreateTimer(const syscall_context& c, const emulator_object<handle> timer_handle, ACCESS_MASK desired_access,
|
||||
const emulator_object<OBJECT_ATTRIBUTES<EmulatorTraits<Emu64>>> object_attributes, ULONG timer_type)
|
||||
{
|
||||
return handle_NtCreateTimer2(c, timer_handle, 0, object_attributes, timer_type, desired_access);
|
||||
}
|
||||
@@ -87,9 +83,8 @@ namespace syscalls
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtSetTimerEx(const syscall_context& /*c*/, handle /*timer_handle*/,
|
||||
uint32_t /*timer_set_info_class*/, uint64_t /*timer_set_information*/,
|
||||
ULONG /*timer_set_information_length*/)
|
||||
NTSTATUS handle_NtSetTimerEx(const syscall_context& /*c*/, handle /*timer_handle*/, uint32_t /*timer_set_info_class*/,
|
||||
uint64_t /*timer_set_information*/, ULONG /*timer_set_information_length*/)
|
||||
{
|
||||
return STATUS_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
@@ -11,8 +11,7 @@ namespace syscalls
|
||||
: TokenPrimary;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtDuplicateToken(const syscall_context&, const handle existing_token_handle,
|
||||
ACCESS_MASK /*desired_access*/,
|
||||
NTSTATUS handle_NtDuplicateToken(const syscall_context&, const handle existing_token_handle, ACCESS_MASK /*desired_access*/,
|
||||
const emulator_object<OBJECT_ATTRIBUTES<EmulatorTraits<Emu64>>>
|
||||
/*object_attributes*/,
|
||||
const BOOLEAN /*effective_only*/, const TOKEN_TYPE type,
|
||||
@@ -35,9 +34,8 @@ namespace syscalls
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtQueryInformationToken(const syscall_context& c, const handle token_handle,
|
||||
const TOKEN_INFORMATION_CLASS token_information_class,
|
||||
const uint64_t token_information, const ULONG token_information_length,
|
||||
const emulator_object<ULONG> return_length)
|
||||
const TOKEN_INFORMATION_CLASS token_information_class, const uint64_t token_information,
|
||||
const ULONG token_information_length, const emulator_object<ULONG> return_length)
|
||||
{
|
||||
if (token_handle != CURRENT_PROCESS_TOKEN && token_handle != CURRENT_THREAD_TOKEN &&
|
||||
token_handle != CURRENT_THREAD_EFFECTIVE_TOKEN && token_handle != DUMMY_IMPERSONATION_TOKEN)
|
||||
@@ -270,8 +268,7 @@ namespace syscalls
|
||||
|
||||
TOKEN_STATISTICS stats{};
|
||||
stats.TokenType = get_token_type(token_handle);
|
||||
stats.ImpersonationLevel =
|
||||
stats.TokenType == TokenImpersonation ? SecurityImpersonation : SecurityAnonymous;
|
||||
stats.ImpersonationLevel = stats.TokenType == TokenImpersonation ? SecurityImpersonation : SecurityAnonymous;
|
||||
stats.GroupCount = 1;
|
||||
stats.PrivilegeCount = 0;
|
||||
|
||||
@@ -304,8 +301,7 @@ namespace syscalls
|
||||
{
|
||||
// NOLINTNEXTLINE(cppcoreguidelines-avoid-c-arrays,hicpp-avoid-c-arrays,modernize-avoid-c-arrays)
|
||||
const uint8_t medium_integrity_sid[] = {
|
||||
0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0x00, 0x20,
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||
0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0x00, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||
};
|
||||
|
||||
constexpr auto required_size = sizeof(medium_integrity_sid) + sizeof(TOKEN_MANDATORY_LABEL64);
|
||||
@@ -321,8 +317,7 @@ namespace syscalls
|
||||
label.Label.Sid = token_information + sizeof(TOKEN_MANDATORY_LABEL64);
|
||||
|
||||
emulator_object<TOKEN_MANDATORY_LABEL64>{c.emu, token_information}.write(label);
|
||||
c.emu.write_memory(token_information + sizeof(TOKEN_MANDATORY_LABEL64), medium_integrity_sid,
|
||||
sizeof(medium_integrity_sid));
|
||||
c.emu.write_memory(token_information + sizeof(TOKEN_MANDATORY_LABEL64), medium_integrity_sid, sizeof(medium_integrity_sid));
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user