Analysis should not be done in the core. Not everyone using the emulator
needs the analysis.
Much of it was moved to the analyzer. Not all, but the rest will be done
in a follow up PR.
The event manager forms the basis for semantic logging.
The emulator transmits events and the manager can handle them.
This means to either print information to stdout, do nothing, etc...
This PR aims to:
- [Improve
NtQueryInformationToken](d7b8b78cef),
by handling more token types and also fixing TokenIntegrityLevel to
return a proper integrity SID.
- [Add new
pseudo-handles](ac804939d9).
- [Add the KsecDD device and support for devices in
NtQueryObject](ca61a7cd3b).
- [Add new
syscalls](4b6e0f088d),
to be more specific, the syscalls added were the following ones:
`NtRemoveIoCompletion`, `NtSetInformationWorkerFactory`,
`NtShutdownWorkerFactory`, `NtGetCurrentProcessorNumber`,
`NtCreateTimer`, `NtSetTimer`, `NtSetTimer2`, `NtCancelTimer`,
`NtAssociateWaitCompletionPacket`, `NtCancelWaitCompletionPacket`,
`NtSetWnfProcessNotificationEvent`, `NtQuerySecurityObject`.
Most of the changes in this PR were made to get BCryptGenRandom working
in the emulator. Even with the KsecDD device implemented,
BCryptGenRandom only works for subsequent calls if NtCreateWorkerFactory
returns STATUS_SUCCESS. Returning STATUS_SUCCESS from
NtCreateWorkerFactory causes most of the newly added syscalls to be
called, and most of them need to return STATUS_SUCCESS as well;
otherwise, the executable just fails to run. Fortunately, from my
testing, nothing seems to break from just returning STATUS_SUCCESS
without a proper implementation.
This PR aims to add support for get_address, event_select, and
enum_network_events to afd_endpoint. However, some bug fixes were also
implemented, such as properly mapping the AFD_CONNECT event. Substantial
changes were also made to `afd_endpoint::work` since polling is
necessary for the event_select functionality.
Bumps [globals](https://github.com/sindresorhus/globals) from 16.1.0 to
16.2.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sindresorhus/globals/releases">globals's
releases</a>.</em></p>
<blockquote>
<h2>v16.2.0</h2>
<ul>
<li>Add new <code>greasemonkey</code> globals (<a
href="https://redirect.github.com/sindresorhus/globals/issues/299">#299</a>)
e4f6e8c</li>
</ul>
<hr />
<p><a
href="https://github.com/sindresorhus/globals/compare/v16.1.0...v16.2.0">https://github.com/sindresorhus/globals/compare/v16.1.0...v16.2.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="d10fa84804"><code>d10fa84</code></a>
16.2.0</li>
<li><a
href="c7468c5d3a"><code>c7468c5</code></a>
Test update script on CI (<a
href="https://redirect.github.com/sindresorhus/globals/issues/296">#296</a>)</li>
<li><a
href="e4f6e8cade"><code>e4f6e8c</code></a>
Add new <code>greasemonkey</code> globals (<a
href="https://redirect.github.com/sindresorhus/globals/issues/299">#299</a>)</li>
<li>See full diff in <a
href="https://github.com/sindresorhus/globals/compare/v16.1.0...v16.2.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Bumps
[@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react)
from 19.1.5 to 19.1.6.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
