From dd89bb8ad4fe184a34b5dbdda237e640fc82121b Mon Sep 17 00:00:00 2001 From: midipix Date: Mon, 27 Jul 2015 04:01:18 -0400 Subject: entered advanced internal development stage. --- src/argv/ntapi_tt_argv_envp.c | 717 +++++++++++++++++++++ src/argv/ntapi_tt_array_utf16.c | 258 ++++++++ src/argv/ntapi_tt_array_utf8.c | 117 ++++ src/argv/ntapi_tt_env_vars.c | 112 ++++ src/argv/ntapi_tt_get_option.c | 451 +++++++++++++ src/blitter/ntapi_blt_alloc.c | 149 +++++ src/blitter/ntapi_blt_block.c | 204 ++++++ src/blitter/ntapi_blt_free.c | 48 ++ src/daemon/ntapi_dsr_init.c | 189 ++++++ src/daemon/ntapi_dsr_internal_connection.c | 142 ++++ src/fs/ntapi_tt_get_file_handle_type.c | 83 +++ src/fs/ntapi_tt_istat.c | 155 +++++ src/fs/ntapi_tt_mount.c | 358 ++++++++++ src/fs/ntapi_tt_open_logical_parent_directory.c | 21 + src/fs/ntapi_tt_open_physical_parent_directory.c | 69 ++ src/fs/ntapi_tt_stat.c | 129 ++++ src/fs/ntapi_tt_statfs.c | 225 +++++++ src/guid/ntapi_tt_guid.c | 182 ++++++ src/hash/ntapi_tt_crc32.c | 50 ++ src/hash/ntapi_tt_populate_hashed_import_table.c | 95 +++ src/internal/ntapi.c | 411 ++++++++++++ src/internal/ntapi_blitter.h | 27 + src/internal/ntapi_context.h | 55 ++ src/internal/ntapi_debug.c | 170 +++++ src/internal/ntapi_fnapi.h | 262 ++++++++ src/internal/ntapi_hash_table.h | 266 ++++++++ src/internal/ntapi_impl.h | 120 ++++ src/internal/ntapi_lib_entry_point.c | 12 + src/internal/ntapi_pty.h | 37 ++ src/ipc/ntapi_tt_create_pipe_v1.c | 164 +++++ src/ipc/ntapi_tt_create_pipe_v2.c | 116 ++++ src/ldr/ntapi_ldr_create_state_snapshot.c | 69 ++ src/ldr/ntapi_ldr_load_system_dll.c | 44 ++ src/ldr/ntapi_ldr_revert_state_to_snapshot.c | 104 +++ src/object/ntapi_tt_keyed_object_directory.c | 134 ++++ src/port/ntapi_port_name_helper.c | 167 +++++ src/process/nt32/tt_fork_v1.s | 60 ++ src/process/nt32/tt_fork_v1_i386.c | 66 ++ src/process/nt64/tt_fork_v1.s | 134 ++++ src/process/nt64/tt_fork_v1_x86_64.asm | 136 ++++ src/process/nt64/tt_fork_v2_x86_64.asm | 50 ++ src/process/ntapi_tt_create_native_process_v1.c | 258 ++++++++ src/process/ntapi_tt_create_native_process_v2.c | 233 +++++++ .../ntapi_tt_create_remote_process_params.c | 331 ++++++++++ src/process/ntapi_tt_create_remote_runtime_data.c | 178 +++++ src/process/ntapi_tt_fork_v1.c | 218 +++++++ src/process/ntapi_tt_fork_v2.c | 183 ++++++ src/process/ntapi_tt_get_runtime_data.c | 83 +++ src/process/ntapi_tt_init_runtime_data.c | 82 +++ src/process/ntapi_tt_map_image_as_data.c | 120 ++++ src/process/tt_fork_v1.c | 0 src/pty/ntapi_pty_cancel.c | 46 ++ src/pty/ntapi_pty_fd.c | 232 +++++++ src/pty/ntapi_pty_io.c | 130 ++++ src/pty/ntapi_pty_ioctl.c | 92 +++ src/pty/ntapi_pty_query.c | 64 ++ src/pty/ntapi_pty_set.c | 64 ++ src/section/ntapi_tt_get_section_name.c | 32 + src/socket/ntapi_sc_accept.c | 79 +++ src/socket/ntapi_sc_bind_v1.c | 101 +++ src/socket/ntapi_sc_bind_v2.c | 85 +++ src/socket/ntapi_sc_connect_v1.c | 93 +++ src/socket/ntapi_sc_connect_v2.c | 69 ++ src/socket/ntapi_sc_getsockname_v1.c | 80 +++ src/socket/ntapi_sc_getsockname_v2.c | 42 ++ src/socket/ntapi_sc_listen.c | 44 ++ src/socket/ntapi_sc_recv.c | 63 ++ src/socket/ntapi_sc_send.c | 59 ++ src/socket/ntapi_sc_server_accept_connection_v1.c | 78 +++ src/socket/ntapi_sc_server_accept_connection_v2.c | 44 ++ src/socket/ntapi_sc_server_duplicate_socket.c | 45 ++ src/socket/ntapi_sc_shutdown.c | 65 ++ src/socket/ntapi_sc_socket_v1.c | 118 ++++ src/socket/ntapi_sc_socket_v2.c | 124 ++++ src/socket/ntapi_sc_wait.c | 42 ++ src/string/ntapi_tt_aligned_block_memcpy.c | 50 ++ src/string/ntapi_tt_aligned_block_memset.c | 57 ++ src/string/ntapi_tt_aligned_memcpy_utf16.c | 70 ++ src/string/ntapi_tt_hex_utf16_to_uintptr.c | 124 ++++ .../ntapi_tt_init_unicode_string_from_utf16.c | 26 + src/string/ntapi_tt_memcpy_utf16.c | 28 + src/string/ntapi_tt_string_null_offset.c | 93 +++ src/string/ntapi_tt_uintptr_to_hex_utf16.c | 87 +++ src/string/ntapi_tt_uintptr_to_hex_utf8.c | 73 +++ src/sync/ntapi_tt_create_event.c | 76 +++ src/sync/ntapi_tt_sync_block.c | 283 ++++++++ src/sync/ntapi_tt_wait_for_dummy_event.c | 31 + .../ntapi_tt_get_csr_port_handle_addr_by_logic.c | 197 ++++++ src/system/ntapi_tt_get_system_directory.c | 257 ++++++++ src/system/ntapi_tt_get_system_info_snapshot.c | 89 +++ src/thread/ntapi_tt_create_thread.c | 418 ++++++++++++ src/tty/ntapi_tty_client_process_register.c | 37 ++ src/tty/ntapi_tty_client_session_query.c | 40 ++ src/tty/ntapi_tty_client_session_set.c | 38 ++ src/tty/ntapi_tty_connect.c | 47 ++ src/tty/ntapi_tty_create_session.c | 166 +++++ src/tty/ntapi_tty_join_session.c | 53 ++ src/tty/ntapi_tty_query_information_server.c | 40 ++ src/tty/ntapi_tty_request_peer.c | 46 ++ src/tty/ntapi_tty_vms_query.c | 40 ++ src/tty/ntapi_tty_vms_request.c | 46 ++ .../ntapi_uc_unicode_conversion_from_utf16.c | 287 +++++++++ .../ntapi_uc_unicode_conversion_from_utf8.c | 288 +++++++++ src/unicode/ntapi_uc_unicode_validation.c | 329 ++++++++++ src/vfd/ntapi_vfd_helper.c | 34 + src/vmount/ntapi_vms_cache.c | 209 ++++++ src/vmount/ntapi_vms_client_connect.c | 86 +++ src/vmount/ntapi_vms_client_disconnect.c | 37 ++ src/vmount/ntapi_vms_helper.c | 118 ++++ src/vmount/ntapi_vms_point_attach.c | 52 ++ src/vmount/ntapi_vms_ref_count.c | 96 +++ src/vmount/ntapi_vms_table_query.c | 45 ++ 112 files changed, 14028 insertions(+) create mode 100644 src/argv/ntapi_tt_argv_envp.c create mode 100644 src/argv/ntapi_tt_array_utf16.c create mode 100644 src/argv/ntapi_tt_array_utf8.c create mode 100644 src/argv/ntapi_tt_env_vars.c create mode 100644 src/argv/ntapi_tt_get_option.c create mode 100644 src/blitter/ntapi_blt_alloc.c create mode 100644 src/blitter/ntapi_blt_block.c create mode 100644 src/blitter/ntapi_blt_free.c create mode 100644 src/daemon/ntapi_dsr_init.c create mode 100644 src/daemon/ntapi_dsr_internal_connection.c create mode 100644 src/fs/ntapi_tt_get_file_handle_type.c create mode 100644 src/fs/ntapi_tt_istat.c create mode 100644 src/fs/ntapi_tt_mount.c create mode 100644 src/fs/ntapi_tt_open_logical_parent_directory.c create mode 100644 src/fs/ntapi_tt_open_physical_parent_directory.c create mode 100644 src/fs/ntapi_tt_stat.c create mode 100644 src/fs/ntapi_tt_statfs.c create mode 100644 src/guid/ntapi_tt_guid.c create mode 100644 src/hash/ntapi_tt_crc32.c create mode 100644 src/hash/ntapi_tt_populate_hashed_import_table.c create mode 100644 src/internal/ntapi.c create mode 100644 src/internal/ntapi_blitter.h create mode 100644 src/internal/ntapi_context.h create mode 100644 src/internal/ntapi_debug.c create mode 100644 src/internal/ntapi_fnapi.h create mode 100644 src/internal/ntapi_hash_table.h create mode 100644 src/internal/ntapi_impl.h create mode 100644 src/internal/ntapi_lib_entry_point.c create mode 100644 src/internal/ntapi_pty.h create mode 100644 src/ipc/ntapi_tt_create_pipe_v1.c create mode 100644 src/ipc/ntapi_tt_create_pipe_v2.c create mode 100644 src/ldr/ntapi_ldr_create_state_snapshot.c create mode 100644 src/ldr/ntapi_ldr_load_system_dll.c create mode 100644 src/ldr/ntapi_ldr_revert_state_to_snapshot.c create mode 100644 src/object/ntapi_tt_keyed_object_directory.c create mode 100644 src/port/ntapi_port_name_helper.c create mode 100644 src/process/nt32/tt_fork_v1.s create mode 100644 src/process/nt32/tt_fork_v1_i386.c create mode 100644 src/process/nt64/tt_fork_v1.s create mode 100644 src/process/nt64/tt_fork_v1_x86_64.asm create mode 100644 src/process/nt64/tt_fork_v2_x86_64.asm create mode 100644 src/process/ntapi_tt_create_native_process_v1.c create mode 100644 src/process/ntapi_tt_create_native_process_v2.c create mode 100644 src/process/ntapi_tt_create_remote_process_params.c create mode 100644 src/process/ntapi_tt_create_remote_runtime_data.c create mode 100644 src/process/ntapi_tt_fork_v1.c create mode 100644 src/process/ntapi_tt_fork_v2.c create mode 100644 src/process/ntapi_tt_get_runtime_data.c create mode 100644 src/process/ntapi_tt_init_runtime_data.c create mode 100644 src/process/ntapi_tt_map_image_as_data.c create mode 100644 src/process/tt_fork_v1.c create mode 100644 src/pty/ntapi_pty_cancel.c create mode 100644 src/pty/ntapi_pty_fd.c create mode 100644 src/pty/ntapi_pty_io.c create mode 100644 src/pty/ntapi_pty_ioctl.c create mode 100644 src/pty/ntapi_pty_query.c create mode 100644 src/pty/ntapi_pty_set.c create mode 100644 src/section/ntapi_tt_get_section_name.c create mode 100644 src/socket/ntapi_sc_accept.c create mode 100644 src/socket/ntapi_sc_bind_v1.c create mode 100644 src/socket/ntapi_sc_bind_v2.c create mode 100644 src/socket/ntapi_sc_connect_v1.c create mode 100644 src/socket/ntapi_sc_connect_v2.c create mode 100644 src/socket/ntapi_sc_getsockname_v1.c create mode 100644 src/socket/ntapi_sc_getsockname_v2.c create mode 100644 src/socket/ntapi_sc_listen.c create mode 100644 src/socket/ntapi_sc_recv.c create mode 100644 src/socket/ntapi_sc_send.c create mode 100644 src/socket/ntapi_sc_server_accept_connection_v1.c create mode 100644 src/socket/ntapi_sc_server_accept_connection_v2.c create mode 100644 src/socket/ntapi_sc_server_duplicate_socket.c create mode 100644 src/socket/ntapi_sc_shutdown.c create mode 100644 src/socket/ntapi_sc_socket_v1.c create mode 100644 src/socket/ntapi_sc_socket_v2.c create mode 100644 src/socket/ntapi_sc_wait.c create mode 100644 src/string/ntapi_tt_aligned_block_memcpy.c create mode 100644 src/string/ntapi_tt_aligned_block_memset.c create mode 100644 src/string/ntapi_tt_aligned_memcpy_utf16.c create mode 100644 src/string/ntapi_tt_hex_utf16_to_uintptr.c create mode 100644 src/string/ntapi_tt_init_unicode_string_from_utf16.c create mode 100644 src/string/ntapi_tt_memcpy_utf16.c create mode 100644 src/string/ntapi_tt_string_null_offset.c create mode 100644 src/string/ntapi_tt_uintptr_to_hex_utf16.c create mode 100644 src/string/ntapi_tt_uintptr_to_hex_utf8.c create mode 100644 src/sync/ntapi_tt_create_event.c create mode 100644 src/sync/ntapi_tt_sync_block.c create mode 100644 src/sync/ntapi_tt_wait_for_dummy_event.c create mode 100644 src/system/ntapi_tt_get_csr_port_handle_addr_by_logic.c create mode 100644 src/system/ntapi_tt_get_system_directory.c create mode 100644 src/system/ntapi_tt_get_system_info_snapshot.c create mode 100644 src/thread/ntapi_tt_create_thread.c create mode 100644 src/tty/ntapi_tty_client_process_register.c create mode 100644 src/tty/ntapi_tty_client_session_query.c create mode 100644 src/tty/ntapi_tty_client_session_set.c create mode 100644 src/tty/ntapi_tty_connect.c create mode 100644 src/tty/ntapi_tty_create_session.c create mode 100644 src/tty/ntapi_tty_join_session.c create mode 100644 src/tty/ntapi_tty_query_information_server.c create mode 100644 src/tty/ntapi_tty_request_peer.c create mode 100644 src/tty/ntapi_tty_vms_query.c create mode 100644 src/tty/ntapi_tty_vms_request.c create mode 100644 src/unicode/ntapi_uc_unicode_conversion_from_utf16.c create mode 100644 src/unicode/ntapi_uc_unicode_conversion_from_utf8.c create mode 100644 src/unicode/ntapi_uc_unicode_validation.c create mode 100644 src/vfd/ntapi_vfd_helper.c create mode 100644 src/vmount/ntapi_vms_cache.c create mode 100644 src/vmount/ntapi_vms_client_connect.c create mode 100644 src/vmount/ntapi_vms_client_disconnect.c create mode 100644 src/vmount/ntapi_vms_helper.c create mode 100644 src/vmount/ntapi_vms_point_attach.c create mode 100644 src/vmount/ntapi_vms_ref_count.c create mode 100644 src/vmount/ntapi_vms_table_query.c (limited to 'src') diff --git a/src/argv/ntapi_tt_argv_envp.c b/src/argv/ntapi_tt_argv_envp.c new file mode 100644 index 0000000..bfa0cd2 --- /dev/null +++ b/src/argv/ntapi_tt_argv_envp.c @@ -0,0 +1,717 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include "ntapi_impl.h" + + +/** + * rules for parsing the process's command line arguments + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- + * + * delimiters: + * ----------- + * + white space (ascii 0x20) + * + horizontal tab (ascii 0x09) + * + * quoted strings, and special characters + * -------------------------------------- + * + delimiter characters within a quoted string ("string with white space", + * or string" with white "space), stand for their literal respective + * characters. + * + * + a backslash followed by a double quote (\") stands for a literal + * double quote. + * + * + unless followed by a double quote, a backslash is just a (literal) + * backslash. + * + * + when followed by a double quotation mark, an even sequence of 2 or + * more backslashes (2n) should be interpreted as a sequence of n literal + * backslashes. The double quotation mark then designates the start + * or end of a double quoted string. + * + * + when followed by a double quotation mark, an odd sequence of 2 or + * more backslashes (2n+1) should be interpreted as a sequence of n + * literal backslashes, followed by a single literal double quote. + * + * + if found within a double quoted string, a sequence of two double + * quotation marks should be interpreted as a single literal double + * quote. + * + * + balanced nesting of syntactic double quotes is permitted. + * +**/ + +/* free-standing process runtime data */ +static nt_runtime_data __rtdata; + +int32_t __stdcall __ntapi_tt_parse_cmd_line_args_utf16( + __in wchar16_t * cmd_line, + __out int * arg_count, + __in wchar16_t * args_buffer, + __in size_t args_buffer_len, + __out size_t * args_bytes_written __optional, + __in wchar16_t ** argv_buffer, + __in size_t argv_buffer_len, + __in uint32_t arg_flags) +{ + /** + * parse the command line arguments pointed to by cmd_line, + * copy the parsed arguments to args_buffer, + * and return 0 upon success. + * + * cmd_line must be a valid pointer to a command line string, + * and args_buffer, argv_buffer, and arg_count should + * all be aligned; furthermore, args_buffer_len and + * and argv_buffer_len must be exact multiples of sizeof(size_t). + * + * In case of an error, report failure using the appropriate + * native status code. + **/ + + /** + * UTF-16: no need to fully determine the code point of the + * current character; all we need to do is validate the + * character or surrogate pair, and set the value of + * wch_next accordingly. + **/ + + #define HORIZONTAL_TAB 0x09 + #define WHITE_SPACE 0x20 + #define DOUBLE_QUOTE 0x22 + #define SINGLE_QUOTE 0x27 + #define BACKSLASH 0x5C + + #define IS_DELIMITER(x) ((x == HORIZONTAL_TAB) || (x == WHITE_SPACE)) + + #define TEST_ARGS_BUFFER(nbytes) \ + if ((uintptr_t)arg + nbytes \ + > (uintptr_t)args_buffer + args_buffer_len) { \ + return NT_STATUS_BUFFER_TOO_SMALL; \ + } + + #define ADD_N_BACKSLASHES \ + TEST_ARGS_BUFFER(backslash_count * sizeof(wchar16_t)); \ + for (islash = 0; \ + islash < backslash_count; \ + islash++) { \ + *arg = BACKSLASH; \ + arg++; \ + } \ + backslash_count = 0; + + #define ADD_SINGLE_WCHAR16_t(x) \ + TEST_ARGS_BUFFER(sizeof(wchar16_t)); \ + *arg = x; \ + arg++; + + wchar16_t * arg; /* null-terminated, copied to buffer */ + wchar16_t ** parg; /* next pointer in the argv array */ + wchar16_t * wch; /* character being processed */ + wchar16_t * wch_next; + unsigned int backslash_count; + unsigned int islash; + unsigned char quoted_state; + + /* check parameters for validity and alignment */ + if ((!(uintptr_t)cmd_line) || (*cmd_line == 0)) + /* we require at least one argument */ + return NT_STATUS_INVALID_PARAMETER_1; + + else if (__NT_IS_MISALIGNED_BUFFER(args_buffer)) + return NT_STATUS_INVALID_PARAMETER_2; + + else if (__NT_IS_MISALIGNED_LENGTH(args_buffer_len)) + return NT_STATUS_INVALID_PARAMETER_3; + + else if (__NT_IS_MISALIGNED_BUFFER(argv_buffer)) + return NT_STATUS_INVALID_PARAMETER_5; + + else if (__NT_IS_MISALIGNED_LENGTH(argv_buffer_len)) + return NT_STATUS_INVALID_PARAMETER_6; + + else if (__NT_IS_MISALIGNED_BUFFER(arg_count)) + return NT_STATUS_INVALID_PARAMETER_7; + + /* zero-out the aligned buffers */ + __ntapi->tt_aligned_block_memset(args_buffer,0,args_buffer_len); + __ntapi->tt_aligned_block_memset(argv_buffer,0,argv_buffer_len); + + /* initialize */ + wch = cmd_line; + arg = args_buffer; + parg = argv_buffer; + *parg = arg; + *arg_count = 0; + quoted_state = 0; + backslash_count = 0; + + /* arg points to the first character of a command line argument */ + /* parg points to the next pointer in argv_buffer */ + while (*wch) { + if (!(quoted_state) && (IS_DELIMITER(*wch))) { + /* pending backslashes? */ + if (backslash_count) + ADD_N_BACKSLASHES; + + /* reached a delimiter outside of a quoted string */ + /* argument: alignment and null-termination */ + arg = (wchar16_t *)((((uintptr_t)arg + sizeof(size_t)) + | (sizeof(size_t) - 1)) + ^ (sizeof(size_t) - 1)); + + /* skip this and remaining delimiters */ + wch_next = wch + 1; + while ((*wch_next) && (IS_DELIMITER(*wch_next))) + wch_next++; + + /* keep going? */ + if (*wch_next == 0) { + /* no more characters to process */ + /* nothing to do */ + } else if ((uintptr_t)parg >= \ + (uintptr_t)argv_buffer \ + + argv_buffer_len) { + /* argv_buffer is too small */ + return NT_STATUS_BUFFER_TOO_SMALL; + } else if ((uintptr_t)arg >= \ + (uintptr_t)args_buffer \ + + args_buffer_len) { + /* args_buffer is too small */ + return NT_STATUS_BUFFER_TOO_SMALL; + } else { + /* advance parg, set last member */ + parg++; + *parg = arg; + } + } else { + /* the current character is not a delimiter... */ + /* determine wch_next */ + if (((*wch >= 0x0000) && (*wch < 0xD800)) \ + || ((*wch >= 0xE000) && (*wch < 0x10000))) { + /* in the BMP, single 16-bit representation */ + wch_next = wch + 1; + } else if ((*wch >= 0xD800) && (*wch < 0xDC00)) { + /* validate surrogate pair */ + wch_next = wch + 1; + + if ((*wch_next >= 0xDC00) && (*wch_next < 0xE000)) + /* this is a valid surrogate pair */ + wch_next++; + else + return NT_STATUS_ILLEGAL_CHARACTER; + } else + return NT_STATUS_ILLEGAL_CHARACTER; + + /* we now know the position of this and the next character */ + /* continue with special cases */ + + if (quoted_state && (*wch == DOUBLE_QUOTE) \ + && (*wch_next == DOUBLE_QUOTE)) { + /** + * two consecutive double quotation marks + * within a quoted string: + * add a single quotation mark to the argument + **/ + ADD_SINGLE_WCHAR16_t(DOUBLE_QUOTE); + wch_next++; + } else if (((backslash_count % 2) == 0) \ + && (*wch == BACKSLASH) \ + && (*wch_next == DOUBLE_QUOTE)) { + /* 2n+1 backslashes followed by a double quote */ + backslash_count /= 2; + /* add n backslashes */ + ADD_N_BACKSLASHES; + /* add a literal double quotation mark */ + ADD_SINGLE_WCHAR16_t(DOUBLE_QUOTE); + /* get ready for next character */ + wch_next++; + } else if (backslash_count && (*wch == DOUBLE_QUOTE)) { + /* 2n backslashes followed by a double quote */ + backslash_count /= 2; + /* add n backslashes */ + ADD_N_BACKSLASHES; + /* turn quoted_state on/off */ + quoted_state = !quoted_state; + } else if ((*wch == BACKSLASH) \ + && (*wch_next == BACKSLASH)) { + /* this is a sequence of two backslashes */ + backslash_count += 2; + wch_next++; + } else { + /* copy pending backslashes as needed */ + if (backslash_count) + ADD_N_BACKSLASHES; + + if (*wch == DOUBLE_QUOTE) { + /* turn quoted_state on/off */ + quoted_state = !quoted_state; + } else { + /* copy either two or four bytes */ + ADD_SINGLE_WCHAR16_t(*wch); + wch++; + + /* surrogate pair? */ + if (wch < wch_next) { + ADD_SINGLE_WCHAR16_t(*wch); + } + } + } + } + + /* proceed to the next character (or null termination) */ + wch = wch_next; + } + + /* pending backslashes? */ + if (backslash_count) + ADD_N_BACKSLASHES; + + /* null termination */ + ADD_SINGLE_WCHAR16_t(0); + + /* how many arguments did you say? */ + *arg_count = (int)(((uintptr_t)parg - (uintptr_t)argv_buffer) + / sizeof(size_t) + 1); + + /* output bytes written */ + if (args_bytes_written) + *args_bytes_written = (uintptr_t)arg - (uintptr_t)args_buffer; + + return NT_STATUS_SUCCESS; +} + + +int32_t __stdcall __ntapi_tt_get_argv_envp_utf16( + __out int * argc, + __out wchar16_t *** wargv, + __out wchar16_t *** wenvp, + __in uint32_t flags, + __in void * ext_params __optional, + __out void * reserved __optional) +{ + nt_runtime_data * rtdata; + nt_argv_envp_block_info main_params_internal; + nt_argv_envp_block_info * main_params; + nt_get_argv_envp_ext_params * __ext_params; + ntapi_internals * __internals; + + unsigned idx; + int32_t status; + uintptr_t addr; + intptr_t offset; + wchar16_t * wch_s; + wchar16_t * wch_dst; + wchar16_t ** wch_p; + char ** ch_p; + uintptr_t * psrc; + uintptr_t * pdst; + uintptr_t * paligned; + wchar16_t * pboundary; + + /* init */ + __internals = __ntapi_internals(); + + /* use internal buffer? */ + if (flags & NT_GET_ARGV_ENVP_USE_CALLER_BUFFER) { + __ext_params = (nt_get_argv_envp_ext_params *)ext_params; + main_params = &(__ext_params->argv_envp_block_info); + } else { + /* pointers to internal/local structures */ + main_params = &main_params_internal; + + /* init */ + __ntapi->tt_aligned_block_memset( + main_params,0, + sizeof(*main_params)); + + /* use internal buffer */ + main_params->cmd_line = __ntapi_tt_get_cmd_line_utf16(); + main_params->wargv_buffer = __internals->ntapi_img_sec_bss->argv_envp_array; + main_params->wargv_buffer_len = __NT_BSS_ARGV_BUFFER_SIZE; + main_params->argv_envp_ptr_total = (int)(main_params->wargv_buffer_len + / sizeof(uintptr_t)); + main_params->wargs_buffer = (wchar16_t *)&(__internals->ntapi_img_sec_bss->args_envs_buffer); + main_params->wargs_buffer_len = __NT_BSS_ARGS_BUFFER_SIZE; + } + + /* (__ntapi_parse_cmd_line_args_utf16 will zero-out both buffers) */ + status = __ntapi_tt_parse_cmd_line_args_utf16( + main_params->cmd_line, + &main_params->argc, + main_params->wargs_buffer, + main_params->wargs_buffer_len, + &main_params->wargs_bytes_written, + main_params->wargv_buffer, + main_params->wargv_buffer_len, + 0); + + if (status) return status; + + /* argv[] needs a terminating null pointer */ + if (main_params->argc == main_params->argv_envp_ptr_total) + return NT_STATUS_BUFFER_TOO_SMALL; + + /* set idx to the envp[0] array index */ + idx = main_params->argc + 1; + + /* set wenvp[] to its starting address */ + main_params->wenvp_buffer = &main_params->wargv_buffer[idx]; + + /* update wargv_buffer_len and envp_buffer_len */ + main_params->wenvp_buffer_len = main_params->wargv_buffer_len + - (idx * sizeof(uintptr_t)); + + main_params->wargv_buffer_len = idx * sizeof(uintptr_t); + + /* align wenvs at pointer-size boundary */ + main_params->wargs_bytes_written += sizeof(uintptr_t) - 1; + main_params->wargs_bytes_written /= sizeof(uintptr_t); + main_params->wargs_bytes_written *= sizeof(uintptr_t); + + /* book-keeping */ + main_params->wenvs_buffer = main_params->wargs_buffer + + main_params->wargs_bytes_written; + + main_params->wenvs_buffer_len = main_params->wargs_buffer_len + - main_params->wargs_bytes_written; + + main_params->wargs_buffer_len = main_params->wargs_bytes_written; + + + /* peb environment block (read-only) */ + wch_s = __ntapi_tt_get_peb_env_block_utf16(); + + if ((!wch_s) || (!*wch_s)) + return NT_STATUS_DLL_INIT_FAILED; + + /* populate the envp[] array */ + while ((*wch_s) && (idx < main_params->argv_envp_ptr_total)) { + main_params->envc++; + wch_p = &(main_params->wargv_buffer[idx]); + *wch_p = wch_s; + + /* skip the rest of the environment variable */ + while (*++wch_s); + + /* advance to the next variable (or final null termination) */ + wch_s++; + idx++; + } + + /* envp[] needs a terminating null pointer */ + if ((*wch_s) && (idx = main_params->argv_envp_ptr_total)) + return NT_STATUS_BUFFER_TOO_SMALL; + + /* copy environment? */ + if (flags & NT_GET_ARGV_ENVP_COPY_ENVIRONMENT) { + /* wch_s now points at the final null termination */ + main_params->wenvs_bytes_used = + ((uintptr_t)wch_s + - (uintptr_t)(*main_params->wenvp_buffer)); + + /* do we have enough room? */ + if (main_params->wenvs_buffer_len < main_params->wenvs_bytes_used) + return NT_STATUS_BUFFER_TOO_SMALL; + + /* upper boundary */ + pboundary = ++wch_s; + + /* you'd expect the peb environment block to be aligned, + but one can never know... */ + wch_s = *main_params->wenvp_buffer; + wch_dst = main_params->wenvs_buffer; + + while ((uintptr_t)wch_s % sizeof(uintptr_t)) { + *wch_dst = *wch_s; + wch_s++; + wch_dst++; + } + + /* copy the aligned portion of the environment block */ + addr = (uintptr_t)(pboundary); + addr /= sizeof(uintptr_t); + addr *= sizeof(uintptr_t); + paligned = (uintptr_t *)addr; + + psrc = (uintptr_t *)wch_s; + pdst = (uintptr_t *)wch_dst; + + while (psrc < paligned) { + *pdst = *psrc; + psrc++; + pdst++; + } + + /* copy any remaining bytes */ + wch_s = (wchar16_t *)paligned; + wch_dst = (wchar16_t *)pdst; + + while (wch_s < pboundary) { + *wch_dst = *wch_s; + wch_s++; + wch_dst++; + } + + /* finally, we update the envp[] pointers */ + offset = (intptr_t)main_params->wenvs_buffer + - (intptr_t)*main_params->wenvp_buffer; + + wch_p = main_params->wenvp_buffer; + + while (*wch_p) { + addr = ((uintptr_t)*wch_p) + offset; + *wch_p = (wchar16_t *)addr; + wch_p++; + } + } + + /* (command line arguments always get validated) */ + /* validate the environment block? */ + if (flags & NT_GET_ARGV_ENVP_VALIDATE_UTF16) { + wch_p = main_params->wenvp_buffer; + + while (*wch_p) { + status = __ntapi->uc_validate_unicode_stream_utf16( + *wch_p, + 0,0,0,0,0); + + if (status != NT_STATUS_SUCCESS) + return status; + else + wch_p++; + } + } + + /* once */ + if (!__internals->rtdata) { + __ntapi->tt_get_runtime_data( + &__internals->rtdata, + main_params->wargv_buffer); + + if (!__internals->rtdata) { + __internals->rtdata = &__rtdata; + + if ((status =__ntapi->tt_init_runtime_data(&__rtdata))) + return status; + + } else if ((status =__ntapi->tt_update_runtime_data(__internals->rtdata))) + return status; + + rtdata = __internals->rtdata; + + rtdata->peb_envc = main_params->envc; + rtdata->peb_argc = main_params->argc; + rtdata->peb_wargv = main_params->wargv_buffer; + rtdata->peb_wenvp = main_params->wenvp_buffer; + + /* integral wargv, wenvp, argv, envp */ + if (rtdata->wargv) { + rtdata->wargv += (uintptr_t)rtdata / sizeof(wchar16_t *); + + for (wch_p=rtdata->wargv; *wch_p; wch_p++) + *wch_p += (uintptr_t)rtdata / sizeof(wchar16_t); + }; + + if (rtdata->wenvp) { + rtdata->wenvp += (uintptr_t)rtdata / sizeof(wchar16_t *); + + for (wch_p=rtdata->wenvp; *wch_p; wch_p++) + *wch_p += (uintptr_t)rtdata / sizeof(wchar16_t); + } + + if (rtdata->argv) { + rtdata->argv += (uintptr_t)rtdata / sizeof(char *); + + for (ch_p=rtdata->argv; *ch_p; ch_p++) + *ch_p += (uintptr_t)rtdata; + + rtdata->argc = (int32_t)(ch_p - rtdata->argv); + }; + + if (rtdata->envp) { + rtdata->envp += (uintptr_t)rtdata / sizeof(char *); + + for (ch_p=rtdata->envp; *ch_p; ch_p++) + *ch_p += (uintptr_t)rtdata; + + rtdata->envc = (int32_t)(ch_p - rtdata->envp); + }; + } + + /* we're good */ + *argc = main_params->argc; + *wargv = main_params->wargv_buffer; + *wenvp = main_params->wenvp_buffer; + + return NT_STATUS_SUCCESS; +} + + +int32_t __stdcall __ntapi_tt_get_argv_envp_utf8( + __out int * argc, + __out char *** argv, + __out char *** envp, + __in uint32_t flags, + __in void * ext_params __optional, + __out void * reserved __optional) +{ + int32_t status; + ntapi_internals * __internals; + + wchar16_t ** wargv; + wchar16_t ** wenvp; + uint32_t pcount; + + nt_get_argv_envp_ext_params __ext_params_internal; + nt_get_argv_envp_ext_params * __ext_params; + nt_argv_envp_block_info * main_params; + + /* use internal buffer? */ + if (flags & NT_GET_ARGV_ENVP_USE_CALLER_BUFFER) { + __ext_params = (nt_get_argv_envp_ext_params *)ext_params; + main_params = &__ext_params->argv_envp_block_info; + } else { + /* pointers to internal/local structures */ + __ext_params = &__ext_params_internal; + main_params = &__ext_params->argv_envp_block_info; + + /* init */ + __ntapi->tt_aligned_block_memset( + main_params,0, + sizeof(*main_params)); + + __internals = __ntapi_internals(); + + /* use internal buffer */ + main_params->cmd_line = __ntapi_tt_get_cmd_line_utf16(); + main_params->wargv_buffer = __internals->ntapi_img_sec_bss->argv_envp_array; + main_params->wargv_buffer_len = __NT_BSS_ARGV_BUFFER_SIZE; + main_params->argv_envp_ptr_total = (int)(main_params->wargv_buffer_len + / sizeof(uintptr_t)); + main_params->wargs_buffer = (wchar16_t *)&(__internals->ntapi_img_sec_bss->args_envs_buffer); + main_params->wargs_buffer_len = __NT_BSS_ARGS_BUFFER_SIZE; + } + + /* start with obtaining the utf-16 environment */ + status = __ntapi->tt_get_argv_envp_utf16( + argc, + &wargv, + &wenvp, + flags | NT_GET_ARGV_ENVP_USE_CALLER_BUFFER, + __ext_params, + reserved); + + if (status) return status; + + /* enough pointers left? */ + pcount = main_params->argc + 1 + main_params->envc + 1; + + if (pcount > (main_params->argv_envp_ptr_total / 2)) + return NT_STATUS_BUFFER_TOO_SMALL; + else if ((main_params->wenvs_buffer_len - main_params->wenvs_bytes_used) + < sizeof(uintptr_t)) + return NT_STATUS_BUFFER_TOO_SMALL; + + /* first args byte should be aligned at pointer-size boundary */ + main_params->wenvs_bytes_used += sizeof(uintptr_t) - 1; + main_params->wenvs_bytes_used /= sizeof(uintptr_t); + main_params->wenvs_bytes_used *= sizeof(uintptr_t); + + /* book-keeping */ + /* block reminder: wargs -- wenvs -- args -- envs */ + main_params->argv = (char **)main_params->wenvp_buffer; + main_params->argv += main_params->envc + 1; + + main_params->args_buffer = (char *)main_params->wenvs_buffer; + main_params->args_buffer += main_params->wenvs_bytes_used; + + main_params->args_buffer_len = main_params->wenvs_buffer_len + - main_params->wenvs_bytes_used; + + main_params->wenvs_buffer_len = main_params->wenvs_bytes_used; + + /* create a utf-8 argv[] array */ + status = __ntapi_tt_array_convert_utf16_to_utf8( + main_params->wargv_buffer, + main_params->argv, + 0, + main_params->args_buffer, + main_params->args_buffer_len, + &main_params->args_bytes_written); + + if (status) return status; + + /* first envs byte should be aligned to pointer-size boundary */ + main_params->args_bytes_written += sizeof(uintptr_t) - 1; + main_params->args_bytes_written /= sizeof(uintptr_t); + main_params->args_bytes_written *= sizeof(uintptr_t); + + /* book-keeping */ + main_params->envp = main_params->argv + main_params->argc + 1; + + main_params->envs_buffer = main_params->args_buffer + + main_params->args_bytes_written; + + main_params->envs_buffer_len = main_params->args_buffer_len + - main_params->args_bytes_written; + + main_params->args_buffer_len = main_params->args_bytes_written; + + /* subsequent streams (if any) should be aligned to pointer-size boundary */ + main_params->envs_bytes_used += sizeof(uintptr_t) - 1; + main_params->envs_bytes_used /= sizeof(uintptr_t); + main_params->envs_bytes_used *= sizeof(uintptr_t); + + /* create a utf-8 envp[] array */ + status = __ntapi_tt_array_convert_utf16_to_utf8( + main_params->wenvp_buffer, + main_params->envp, + 0, + main_params->envs_buffer, + main_params->envs_buffer_len, + &main_params->envs_bytes_used); + + if (status) return status; + + /* we're good */ + *argc = main_params->argc; + *argv = main_params->argv; + *envp = main_params->envp; + + return NT_STATUS_SUCCESS; +} + + +wchar16_t * __stdcall __ntapi_tt_get_cmd_line_utf16(void) +{ + nt_peb * peb; + nt_unicode_string cmd_line; + + peb = (nt_peb *)pe_get_peb_address(); + + if (peb) { + cmd_line = peb->process_params->command_line; + return cmd_line.buffer; + } else + return (wchar16_t *)0; +} + + +wchar16_t * __stdcall __ntapi_tt_get_peb_env_block_utf16(void) +{ + nt_peb * peb; + + peb = (nt_peb *)pe_get_peb_address(); + + if (peb) + return peb->process_params->environment; + else + return (wchar16_t *)0; +} diff --git a/src/argv/ntapi_tt_array_utf16.c b/src/argv/ntapi_tt_array_utf16.c new file mode 100644 index 0000000..d8bbb8b --- /dev/null +++ b/src/argv/ntapi_tt_array_utf16.c @@ -0,0 +1,258 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include "ntapi_impl.h" + +/** + * scenario: program -e app [arg1 arg2 ... argn] + * input: a utf-16 argument vector + * output: a utf-16 cmd_line string + * example: tty_pipe_create_child_process +**/ + +int32_t __stdcall __ntapi_tt_array_copy_utf16( + __out int * argc, + __in const wchar16_t ** wargv, + __in const wchar16_t ** wenvp, + __in const wchar16_t * image_name __optional, + __in const wchar16_t * interpreter __optional, + __in const wchar16_t * optarg __optional, + __in void * base, + __out void * buffer, + __in size_t buflen, + __out size_t * blklen) +{ + const wchar16_t ** parg; + const wchar16_t * warg; + const wchar16_t * dummy; + wchar16_t * wch; + ptrdiff_t diff; + ptrdiff_t ptrs; + size_t needed; + + /* fallback */ + dummy = 0; + wargv = wargv ? wargv : &dummy; + wenvp = wenvp ? wenvp : &dummy; + + /* ptrs, needed */ + ptrs = 0; + needed = 0; + + if (image_name) { + ptrs++; + needed += sizeof(wchar16_t *) + + __ntapi->tt_string_null_offset_short((const int16_t *)image_name) + + sizeof(wchar16_t); + } + + for (parg=wargv; *parg; parg++) + needed += sizeof(wchar16_t *) + + __ntapi->tt_string_null_offset_short((const int16_t *)*parg) + + sizeof(wchar16_t); + + ptrs += (parg - wargv); + *argc = (int)ptrs; + + for (parg=wenvp; *parg; parg++) + needed += sizeof(wchar16_t *) + + __ntapi->tt_string_null_offset_short((const int16_t *)*parg) + + sizeof(wchar16_t); + + ptrs += (parg - wenvp); + + ptrs += 2; + needed += 2*sizeof(wchar16_t *); + blklen = blklen ? blklen : &needed; + *blklen = needed; + + if (buflen < needed) + return NT_STATUS_BUFFER_TOO_SMALL; + + /* init */ + parg = (const wchar16_t **)buffer; + wch = (wchar16_t *)(parg+ptrs); + diff = (uintptr_t)base / sizeof(wchar16_t); + + /* image_name */ + if (image_name) { + *parg++ = wch-diff; + for (warg=image_name; *warg; warg++,wch++) + *wch = *warg; + *wch++ = '\0'; + } + + /* argv */ + for (; *wargv; wargv++) { + *parg++=wch-diff; + for (warg=*wargv; *warg; warg++,wch++) + *wch = *warg; + *wch++ = '\0'; + } + + *parg++ = 0; + + /* envp */ + for (; *wenvp; wenvp++) { + *parg++=wch-diff; + for (warg=*wenvp; *warg; warg++,wch++) + *wch = *warg; + *wch++ = '\0'; + } + + *parg++ = 0; + + return NT_STATUS_SUCCESS; +} + +int32_t __stdcall __ntapi_tt_array_convert_utf16_to_utf8( + __in wchar16_t ** warrv, + __in char ** arrv, + __in void * base, + __in char * buffer, + __in size_t buffer_len, + __out size_t * bytes_written) +{ + uint8_t * ubound; + uint8_t * ch; + wchar16_t * wch; + wchar16_t wx; + wchar16_t wy; + wchar16_t wz; + wchar16_t wy_low; + wchar16_t wy_high; + wchar16_t ww; + wchar16_t uuuuu; + wchar16_t u_low; + wchar16_t u_high; + ptrdiff_t diff; + + #define __UTF8_MAX_CODE_POINT_BYTES (4) + + ch = (uint8_t *)buffer; + ubound = (uint8_t *)buffer + buffer_len - __UTF8_MAX_CODE_POINT_BYTES; + diff = (uintptr_t)base / sizeof(wchar16_t); + + while (warrv && *warrv) { + *arrv = (char *)(ch-(uintptr_t)base); + wch = *warrv + diff; + + /* all utf-16 streams at stake have been validated */ + while (*wch && (ch < ubound)) { + if (*wch <= 0x7F) { + /* from: 00000000 0xxxxxxx (little endian) */ + /* to: 0xxxxxxx (utf-8) */ + *ch = (char)(*wch); + } else if (*wch <= 0x7FF) { + /* from: 00000yyy yyxxxxxx (little endian) */ + /* to: 110yyyyy 10xxxxxx (utf-8) */ + wy = *wch; + wy >>= 6; + + wx = *wch; + wx <<= 10; + wx >>= 10; + + /* write the y part */ + *ch = (char)(0xC0 | wy); + ch++; + + /* write the x part */ + *ch = (char)(0x80 | wx); + } else if ((*wch < 0xD800) || (*wch >= 0xE000)) { + /* from: zzzzyyyy yyxxxxxx (little endian) */ + /* to: 1110zzzz 10yyyyyy 10xxxxxx (utf-8) */ + wz = *wch; + wz >>= 12; + + wy = *wch; + wy <<= 4; + wy >>= 10; + + wx = *wch; + wx <<= 10; + wx >>= 10; + + /* write the z part */ + *ch = (char)(0xE0 | wz); + ch++; + + /* write the y part */ + *ch = (char)(0x80 | wy); + ch++; + + /* write the x part */ + *ch = (char)(0x80 | wx); + } else { + /* from: 110110ww wwzzzzyy 110111yy yyxxxxxx (little endian) */ + /* to: 11110uuu 10uuzzzz 10yyyyyy 10xxxxxx (utf-8) */ + + /* low two bytes */ + wx = *wch; + wx <<= 10; + wx >>= 10; + + wy_low = *wch; + wy_low <<= 6; + wy_low >>= 12; + + /* (surrogate pair) */ + wch++; + + /* high two bytes */ + wy_high = *wch; + wy_high <<= 14; + wy_high >>= 10; + + wz = *wch; + wz <<= 10; + wz >>= 12; + wz <<= 2; + + ww = *wch; + ww <<= 6; + ww >>= 12; + + uuuuu = ww + 1; + u_high = uuuuu >> 2; + u_low = ((uuuuu << 14) >> 10); + + /* 1st byte: 11110uuu */ + *ch = (char)(0xF0 | u_high); + ch++; + + /* 2nd byte: 10uuzzzz */ + *ch = (char)(0x80 | u_low | wz); + ch++; + + /* 3rd byte: 10yyyyyy */ + *ch = (char)(0x80 | wy_low | wy_high); + ch++; + + /* 4th byte: 10xxxxxx */ + *ch = (char)(0x80 | wx); + } + + ch++; + wch++; + } + + if (*wch) + return NT_STATUS_BUFFER_TOO_SMALL; + + ch++; + arrv++; + warrv++; + } + + *bytes_written = (size_t)(ch - (uint8_t *)buffer); + + return NT_STATUS_SUCCESS; +} diff --git a/src/argv/ntapi_tt_array_utf8.c b/src/argv/ntapi_tt_array_utf8.c new file mode 100644 index 0000000..8d3b837 --- /dev/null +++ b/src/argv/ntapi_tt_array_utf8.c @@ -0,0 +1,117 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include "ntapi_impl.h" + +int32_t __stdcall __ntapi_tt_array_copy_utf8( + __out int * argc, + __in const char ** argv, + __in const char ** envp, + __in const char * image_name __optional, + __in const char * interpreter __optional, + __in const char * optarg __optional, + __in void * base, + __out void * buffer, + __in size_t buflen, + __out size_t * blklen) +{ + const char ** parg; + const char * arg; + const char * dummy; + char * ch; + ptrdiff_t diff; + ptrdiff_t ptrs; + size_t needed; + + /* fallback */ + dummy = 0; + argv = argv ? argv : &dummy; + envp = envp ? envp : &dummy; + + /* ptrs, needed */ + ptrs = 0; + needed = 0; + + if (image_name) { + ptrs++; + needed += sizeof(char *) + + __ntapi->tt_string_null_offset_multibyte(image_name) + + sizeof(char); + } + + for (parg=argv; *parg; parg++) + needed += sizeof(char *) + + __ntapi->tt_string_null_offset_multibyte(*parg) + + sizeof(char); + + ptrs += (parg - argv); + *argc = (int)ptrs; + + for (parg=envp; *parg; parg++) + needed += sizeof(char *) + + __ntapi->tt_string_null_offset_multibyte(*parg) + + sizeof(char); + + ptrs += (parg - envp); + + ptrs += 2; + needed += 2*sizeof(char *); + blklen = blklen ? blklen : &needed; + *blklen = needed; + + if (buflen < needed) + return NT_STATUS_BUFFER_TOO_SMALL; + + /* init */ + parg = (const char **)buffer; + ch = (char *)(parg+ptrs); + diff = (ptrdiff_t)base; + + /* image_name */ + if (image_name) { + *parg++ = ch-diff; + for (arg=image_name; *arg; arg++,ch++) + *ch = *arg; + *ch++ = '\0'; + } + + /* argv */ + for (; *argv; argv++) { + *parg++=ch-diff; + for (arg=*argv; *arg; arg++,ch++) + *ch = *arg; + *ch++ = '\0'; + } + + *parg++ = 0; + + /* envp */ + for (; *envp; envp++) { + *parg++=ch-diff; + for (arg=*envp; *arg; arg++,ch++) + *ch = *arg; + *ch++ = '\0'; + } + + *parg++ = 0; + + return NT_STATUS_SUCCESS; +} + +int32_t __stdcall __ntapi_tt_array_convert_utf8_to_utf16( + __in char ** arrv, + __in wchar16_t ** arra, + __in void * base, + __in wchar16_t * buffer, + __in size_t buffer_len, + __out size_t * bytes_written) +{ + return NT_STATUS_SUCCESS; +} diff --git a/src/argv/ntapi_tt_env_vars.c b/src/argv/ntapi_tt_env_vars.c new file mode 100644 index 0000000..1af9b77 --- /dev/null +++ b/src/argv/ntapi_tt_env_vars.c @@ -0,0 +1,112 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include "ntapi_impl.h" + +int32_t __stdcall __ntapi_tt_get_env_var_meta_utf16( + __in const uint32_t * crc32_table, + __in wchar16_t * env_var_name, + __in uint32_t env_var_name_hash __optional, + __in wchar16_t ** envp, + __out nt_env_var_meta_utf16 * env_var_meta) +{ + int idx; + uint32_t crc32; + unsigned char * byte_buffer; + wchar16_t * wch; + + #define EQUAL_SIGN 0x3D + + /* step 1: crc32 of the target env_var_name */ + if (env_var_name_hash) + crc32 = env_var_name_hash; + else { + crc32 = 0 ^ 0xFFFFFFFF; + + /* initialize byte_buffer */ + byte_buffer = (unsigned char *)env_var_name; + + /* iterate */ + while (*byte_buffer) { + /* two bytes at a time */ + crc32 = (crc32 >> 8) ^ crc32_table[(crc32 ^ *byte_buffer) & 0xFF]; + byte_buffer++; + crc32 = (crc32 >> 8) ^ crc32_table[(crc32 ^ *byte_buffer) & 0xFF]; + byte_buffer++; + } + crc32 = (crc32 ^ 0xFFFFFFFF); + } + + /* initialize the env_var_meta structure */ + env_var_meta->name_hash = crc32; + env_var_meta->name = (wchar16_t *)0; + env_var_meta->value = (wchar16_t *)0; + env_var_meta->value_hash = 0; + env_var_meta->envp_index = 0; + env_var_meta->flags = 0; + + /* step 2: look for the environment variable in envp[] */ + idx = 0; + while (envp[idx] && (!env_var_meta->value)) { + wch = envp[idx]; + + /* find the equal sign */ + while ((*wch) && (*wch != EQUAL_SIGN)) + wch++; + + if (*wch != EQUAL_SIGN) + return NT_STATUS_ILLEGAL_CHARACTER; + + /* hash the current environment variable */ + crc32 = 0 ^ 0xFFFFFFFF; + + /* initialize byte_buffer */ + byte_buffer = (unsigned char *)envp[idx]; + + /* iterate */ + while ((uintptr_t)(byte_buffer) < (uintptr_t)wch) { + /* two bytes at a time */ + crc32 = (crc32 >> 8) ^ crc32_table[(crc32 ^ *byte_buffer) & 0xFF]; + byte_buffer++; + crc32 = (crc32 >> 8) ^ crc32_table[(crc32 ^ *byte_buffer) & 0xFF]; + byte_buffer++; + } + + if (env_var_meta->name_hash == (crc32 ^ 0xFFFFFFFF)) { + /* found it, get ready to hash the value */ + wch++; + env_var_meta->name = envp[idx]; + env_var_meta->value = wch; + env_var_meta->envp_index = idx; + } else { + idx++; + } + } + + if (env_var_meta->value) { + /* hash the value: utf-16, null-terminated */ + crc32 = 0 ^ 0xFFFFFFFF; + + /* initialize byte_buffer */ + byte_buffer = (unsigned char *)env_var_meta->value; + + /* iterate */ + while (*byte_buffer) { + /* two bytes at a time */ + crc32 = (crc32 >> 8) ^ crc32_table[(crc32 ^ *byte_buffer) & 0xFF]; + byte_buffer++; + crc32 = (crc32 >> 8) ^ crc32_table[(crc32 ^ *byte_buffer) & 0xFF]; + byte_buffer++; + } + + env_var_meta->value_hash = (crc32 ^ 0xFFFFFFFF); + } + + return NT_STATUS_SUCCESS; +} + diff --git a/src/argv/ntapi_tt_get_option.c b/src/argv/ntapi_tt_get_option.c new file mode 100644 index 0000000..e6f0748 --- /dev/null +++ b/src/argv/ntapi_tt_get_option.c @@ -0,0 +1,451 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include "ntapi_impl.h" + + +/** + * a simple facility for minimal programs or system libraries + * with no libc available at the time of invocation, as well + * as applications using the midipix free-standing development + * environment. + * + * the approach taken by this module to the support of short + * and long options reflects the above constraint, namely + * the absence of a callable libc at the time of invocation; + * there is no intent for interfaces in this module to + * be POSIXLY correct or otherwise portable. the sole + * purpose of all functions in this module is to serve + * internal or otherwise free-standing midipix applications, + * and their relevance otherwise is accordingly non-existent. + * + * all options are encoded in utf-16; note, however, that + * short options may only use code points that are located + * in the basic multilingual plane. + * + * option values are either required or not allowed altogether, + * and the first character of an option value may not be a hyphen. + * if you need the first character of an option value to be a + * hyphen, then make sure you escape it somehow (for instance by + * enclosing it in quotation marks). + * + * a short option and its value must reside in two separate + * argv[] elements (in other words: -ooutput is illegal). + * + * a long option and its value must reside in the same argv[] + * element and be separated by a single equal sign. + * + * Examples of valid options and option values: + * -------------------------------------------- + * -o + * -o value + * --long-option-with-no-value + * --long-option=value +**/ + +#define HYPHEN 0x2D +#define EQUAL_SIGN 0x3D + + +static int __inline__ __fastcall __is_bmp_code_point(wchar16_t code_point) +{ + return (((code_point >= 0x0000) && (code_point < 0xD800)) \ + || ((code_point >= 0xE000) && (code_point < 0x10000))); +} + + +static int __inline__ __fastcall __is_last_program_option( + __in nt_program_option * option) +{ + return (!(option->short_name_code)) + && (!(option->long_name)) + && (!(option->long_name_hash)); +} + + +static int __fastcall __is_short_option(wchar16_t * wch) +{ + return ((wch) && (*wch == HYPHEN) + && __is_bmp_code_point(*++wch) + && (*++wch == 0)); +} + +static int __fastcall __is_long_option(wchar16_t * wch) +{ + return ((wch) && (*wch == HYPHEN) + && (++wch) && (*wch == HYPHEN) + && (*++wch)); +} + + +static int __fastcall __is_last_option_argument(wchar16_t * wch) +{ + return ((wch) && (*wch == HYPHEN) + && (*++wch == HYPHEN) + && (*++wch == 0)); +} + + +static uint32_t __fastcall __compute_crc32_utf16_str( + __in const uint32_t * crc32_table, + __in wchar16_t * wch) +{ + uint32_t crc32; + unsigned char * byte_buffer; + + /* crc32 hash... */ + crc32 = 0 ^ 0xFFFFFFFF; + + /* initialize byte_buffer */ + byte_buffer = (unsigned char *)wch; + + /* iterate */ + while (*byte_buffer) { + /* two bytes at a time */ + crc32 = (crc32 >> 8) ^ crc32_table[(crc32 ^ *byte_buffer) & 0xFF]; + byte_buffer++; + crc32 = (crc32 >> 8) ^ crc32_table[(crc32 ^ *byte_buffer) & 0xFF]; + byte_buffer++; + } + + return crc32; +} + + +static uint32_t __fastcall __compute_crc32_long_option_name( + __in const uint32_t * crc32_table, + __in wchar16_t * wch_arg, + __in wchar16_t * wch_termination) +{ + uint32_t crc32; + unsigned char * byte_buffer; + + /* crc32 hash... */ + crc32 = 0 ^ 0xFFFFFFFF; + + /* initialize byte_buffer */ + byte_buffer = (unsigned char *)wch_arg; + + /* iterate */ + while ((uintptr_t)byte_buffer < (uintptr_t)wch_termination) { + /* two bytes at a time */ + crc32 = (crc32 >> 8) ^ crc32_table[(crc32 ^ *byte_buffer) & 0xFF]; + byte_buffer++; + crc32 = (crc32 >> 8) ^ crc32_table[(crc32 ^ *byte_buffer) & 0xFF]; + byte_buffer++; + } + + return crc32; +} + + +static void __fastcall __init_cmd_option_meta_utf16( + __in nt_cmd_option_meta_utf16 * cmd_opt_meta) +{ + cmd_opt_meta->short_name = (wchar16_t *)0; + cmd_opt_meta->short_name_code = 0; + cmd_opt_meta->long_name = (wchar16_t *)0; + cmd_opt_meta->long_name_hash = 0; + cmd_opt_meta->value = (wchar16_t *)0; + cmd_opt_meta->value_hash = 0; + cmd_opt_meta->argv_index = 0; + cmd_opt_meta->flags = 0; + + return; +} + + +int32_t __stdcall __ntapi_tt_get_short_option_meta_utf16( + __in const uint32_t * crc32_table, + __in wchar16_t option_name, + __in wchar16_t * argv[], + __out nt_cmd_option_meta_utf16 * cmd_opt_meta) +{ + int idx; + wchar16_t * wch; + + if (!crc32_table) + return NT_STATUS_INVALID_PARAMETER_1; + else if (!option_name) + return NT_STATUS_INVALID_PARAMETER_2; + else if (!argv) + return NT_STATUS_INVALID_PARAMETER_3; + + /* initialize cmd_opt_meta */ + __init_cmd_option_meta_utf16(cmd_opt_meta); + + /* step 1: attempt to find the short option in argv[] */ + idx = 0; + while (argv[idx] && (!cmd_opt_meta->short_name_code)) { + wch = argv[idx]; + + /* is this our option? */ + if ((*wch == HYPHEN) + && (*++wch == option_name) + && (*++wch == 0)) { + + /* found it, get ready to hash the value */ + cmd_opt_meta->short_name_code = option_name; + cmd_opt_meta->short_name = argv[idx]; + cmd_opt_meta->argv_index = idx; + } else { + idx++; + } + } + + /* if the next argument is also an option (or is null), just exit */ + idx++; + if ((!argv[idx]) || (*argv[idx] == HYPHEN)) + return NT_STATUS_SUCCESS; + + /* step 2: hash the value */ + cmd_opt_meta->value = argv[idx]; + cmd_opt_meta->value_hash = + __compute_crc32_utf16_str( + crc32_table, + argv[idx]); + + return NT_STATUS_SUCCESS; +} + + +int32_t __stdcall __ntapi_tt_get_long_option_meta_utf16( + __in const uint32_t * crc32_table, + __in wchar16_t * option_name, + __in uint32_t option_name_hash __optional, + __in wchar16_t * argv[], + __out nt_cmd_option_meta_utf16 * cmd_opt_meta) +{ + /** + * option_name must always include the two-hyphen prefix; + * and the option value must be preceded by an equal sign. + * + * the only valid long option forms in argv[] are therefore: + * --long-option + * --long-option=value + **/ + + int idx; + uint32_t crc32; + wchar16_t * wch; + + /* validation */ + if (!crc32_table) + return NT_STATUS_INVALID_PARAMETER_1; + else if ((!option_name) && (!option_name_hash)) + return NT_STATUS_INVALID_PARAMETER; + else if ((option_name) && (option_name_hash)) + return NT_STATUS_INVALID_PARAMETER_MIX; + else if (!argv) + return NT_STATUS_INVALID_PARAMETER_4; + + /* initialize cmd_opt_meta */ + __init_cmd_option_meta_utf16(cmd_opt_meta); + + /* step 1: crc32 of the target option_name */ + if (option_name_hash) + crc32 = option_name_hash; + else + option_name_hash = + __compute_crc32_utf16_str( + crc32_table, + option_name); + + /* step 2: attempt to find the long option in argv[] */ + idx = 0; + while (argv[idx] && (!cmd_opt_meta->value)) { + wch = argv[idx]; + + if (__is_long_option(wch)) { + /* find the equal sign or null termination */ + while ((*wch) && (*wch != EQUAL_SIGN)) + wch++; + + crc32 = __compute_crc32_long_option_name( + crc32_table, + argv[idx], + wch); + + if (crc32 == option_name_hash) { + /* found it, get ready to hash the value */ + cmd_opt_meta->long_name_hash = option_name_hash; + cmd_opt_meta->long_name = argv[idx]; + cmd_opt_meta->argv_index = idx; + + if (*wch) + /* skip the equal sign */ + wch++; + + cmd_opt_meta->value = wch; + } else + idx++; + } + } + + if (cmd_opt_meta->value) + cmd_opt_meta->value_hash = + __compute_crc32_utf16_str( + crc32_table, + cmd_opt_meta->value); + + return NT_STATUS_SUCCESS; +} + + +int32_t __stdcall __ntapi_tt_validate_program_options( + __in const uint32_t * crc32_table, + __in wchar16_t * argv[], + __in nt_program_option * options[], + __in nt_program_options_meta * options_meta) +{ + int idx; + int idx_arg; + int idx_option; + int idx_max; + uint32_t crc32; + nt_program_option * option; + wchar16_t * parg; + wchar16_t * pvalue; + + /* validation */ + if (!crc32_table) + return NT_STATUS_INVALID_PARAMETER_1; + else if (!argv) + return NT_STATUS_INVALID_PARAMETER_2; + else if (!options) + return NT_STATUS_INVALID_PARAMETER_3; + else if (!options_meta) + return NT_STATUS_INVALID_PARAMETER_4; + + + /* step 1: validate options[] hash the long option names */ + idx = 0; + idx_option = 0; + option = options[0]; + pvalue = (wchar16_t *)0; + + while (!__is_last_program_option(option)) { + if (option->short_name_code) { + if (!(__is_bmp_code_point(option->short_name_code))) { + options_meta->idx_invalid_short_name = idx; + return NT_STATUS_INVALID_PARAMETER; + } + } + + if (option->long_name) { + if (!(__is_long_option(option->long_name))) { + options_meta->idx_invalid_long_name = idx; + return NT_STATUS_INVALID_PARAMETER; + } + + /* update the long name hash (unconditionally) */ + option->long_name_hash = + __compute_crc32_utf16_str( + crc32_table, + option->long_name); + } + + idx++; + option++; + } + + /* book keeping */ + idx_max = idx; + + /* step 2: validate argv[] */ + parg = argv[0]; + idx_arg = 0; + + while ((parg) && (!(__is_last_option_argument(parg)))) { + if (__is_short_option(parg)) { + idx = 0; + idx_option = 0; + + while ((idx < idx_max) && (!idx_option)) { + option = options[idx]; + + if (*(parg+1) == option->short_name_code) + idx_option = idx; + else + idx++; + } + + if (idx == idx_max) { + options_meta->idx_invalid_argument = idx_arg; + return NT_STATUS_INVALID_PARAMETER; + } else { + /* get ready for the next element (or value) */ + parg++; + idx_arg++; + pvalue = parg; + } + } else if (__is_long_option(parg)) { + idx = 0; + idx_option = 0; + /* find the equal sign or null termination */ + pvalue = parg; + while ((*pvalue) && (*pvalue != EQUAL_SIGN)) + pvalue++; + + while ((idx < idx_max) && (!idx_option)) { + option = options[idx]; + crc32 = __compute_crc32_long_option_name( + crc32_table, + parg, + pvalue); + + if (crc32 == option->long_name_hash) + idx_option = idx; + else + idx++; + } + + if (idx == idx_max) { + options_meta->idx_invalid_argument = idx_arg; + return NT_STATUS_INVALID_PARAMETER; + } else { + if (*pvalue != EQUAL_SIGN) + /* skip the equal sign */ + pvalue++; + pvalue = (wchar16_t *)0; + } + } + + /* validate the occurrence */ + if (idx_option) { + if (option->flags && NT_OPTION_ALLOWED_ONCE) { + if (option->option_count) { + options_meta->idx_invalid_argument + = idx_arg; + return NT_STATUS_INVALID_PARAMETER; + } else { + option->option_count++; + } + } + + if (option->flags && NT_OPTION_VALUE_REQUIRED) { + if ((!(*pvalue)) || (*pvalue == HYPHEN)) { + options_meta->idx_missing_option_value + = idx_arg; + return NT_STATUS_INVALID_PARAMETER; + } else { + option->value = pvalue; + option->value_hash = + __compute_crc32_utf16_str( + crc32_table, + option->value); + } + } + } + + parg++; + idx_arg++; + } + + return NT_STATUS_SUCCESS; +} diff --git a/src/blitter/ntapi_blt_alloc.c b/src/blitter/ntapi_blt_alloc.c new file mode 100644 index 0000000..4ba6f2c --- /dev/null +++ b/src/blitter/ntapi_blt_alloc.c @@ -0,0 +1,149 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include +#include "ntapi_blitter.h" +#include "ntapi_impl.h" + +static int __blt_popcount(uintptr_t mask) +{ + /* todo: check cpuid, use at_popcount */ + int i,ret; + + for (i=0,ret=0; i<8*sizeof(uintptr_t); i++) + if (mask & ((uintptr_t)1<block_size % sizeof(uintptr_t)) || (params->block_count % sizeof(uintptr_t))) + return NT_STATUS_INVALID_PARAMETER; + + /* blt control block allocation */ + ptrs = params->block_count / (8 * sizeof(uintptr_t)); + blt_ctx = (nt_blitter *)0; + blt_ctx_size = (size_t)&((nt_blitter *)0)->bits; + + /* user-provided bitmap? */ + if (!params->bitmap) + blt_ctx_size += ptrs * sizeof(uintptr_t); + + /* alloc */ + status = __ntapi->zw_allocate_virtual_memory( + NT_CURRENT_PROCESS_HANDLE, + (void **)&blt_ctx, + 0, + &blt_ctx_size, + NT_MEM_COMMIT, + NT_PAGE_READWRITE); + + if (status) return (status); + + /* init control block */ + __ntapi->tt_aligned_block_memset( + blt_ctx, + 0,(size_t)&((nt_blitter *)0)->bits); + + blt_ctx->addr = blt_ctx; + blt_ctx->size = blt_ctx_size; + blt_ctx->ptrs = ptrs; + + /* init bitmap */ + blt_ctx->bitmap = params->bitmap + ? (uintptr_t *)params->bitmap + : blt_ctx->bits; + + if (!(params->flags & NT_BLITTER_PRESERVE_BITS)) + __ntapi->tt_aligned_block_memset( + blt_ctx->bitmap, + (intptr_t)0xFFFFFFFFFFFFFFFF, + ptrs * sizeof(uintptr_t)); + + /* info structure */ + blt_ctx->info.info_size = sizeof(nt_blitter_info); + blt_ctx->info.block_count = params->block_count; + blt_ctx->info.block_size = params->block_size; + + if (params->flags & NT_BLITTER_ENABLE_BLOCK_ARRAY) + /* allocate in place */ + blt_ctx->info.region_size = params->block_count * params->block_size; + else + /* use pointer array */ + blt_ctx->info.region_size = params->block_count * sizeof(uintptr_t); + + /* allocate region */ + if (params->region) + blt_ctx->info.region_addr = params->region; + else + status = __ntapi->zw_allocate_virtual_memory( + NT_CURRENT_PROCESS_HANDLE, + &blt_ctx->info.region_addr, + 0, + &blt_ctx->info.region_size, + NT_MEM_COMMIT, + NT_PAGE_READWRITE); + + if (status) { + __ntapi->blt_free(blt_ctx); + return status; + } + + if (params->flags & NT_BLITTER_PRESERVE_BITS) + for (i=0,blt_ctx->info.blocks_avail=0; iinfo.blocks_avail += __blt_popcount(blt_ctx->bitmap[i]); + else + blt_ctx->info.blocks_avail = params->block_count; + + if (params->flags & NT_BLITTER_ENABLE_BLOCK_ARRAY) + blt_ctx->info.blocks_cached = params->block_count; + + /* init block array */ + if (!params->region) + __ntapi->tt_aligned_block_memset( + blt_ctx->info.region_addr, + 0,blt_ctx->info.region_size); + + /* copy params */ + if (params->params_size < sizeof(nt_blitter_params)) + params_size = params->params_size; + else + params_size = sizeof(nt_blitter_params); + + __ntapi->tt_aligned_block_memcpy( + (uintptr_t *)&blt_ctx->params, + (uintptr_t *)params, + params_size); + + /* update params */ + blt_ctx->params.lock_tries = params->lock_tries + ? params->lock_tries + : __NT_BLITTER_DEFAULT_LOCK_TRIES; + + blt_ctx->params.round_trips = params->round_trips + ? params->round_trips + : __NT_BLITTER_DEFAULT_ROUND_TRIPS; + + *blitter = blt_ctx; + + return NT_STATUS_SUCCESS; +} diff --git a/src/blitter/ntapi_blt_block.c b/src/blitter/ntapi_blt_block.c new file mode 100644 index 0000000..879eb1b --- /dev/null +++ b/src/blitter/ntapi_blt_block.c @@ -0,0 +1,204 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include +#include "ntapi_blitter.h" +#include "ntapi_impl.h" + +static int32_t __fastcall __blt_bitbite( + __in nt_blitter * blitter, + __in unsigned int bit, + __in size_t byte) +{ + uint32_t locktry; + uintptr_t test; + uintptr_t cmp; + uintptr_t xchg; + uintptr_t mask; + + mask = ((uintptr_t)1 << bit); + locktry = blitter->params.lock_tries; + + for (; locktry; locktry--) { + cmp = blitter->bitmap[byte] | mask; + xchg = cmp ^ mask; + + test = at_locked_cas( + (intptr_t *)&blitter->bitmap[byte], + cmp,xchg); + + if (test == cmp) { + at_locked_dec(&blitter->info.blocks_avail); + at_locked_inc(&blitter->info.blocks_used); + return NT_STATUS_SUCCESS; + + } else if (test ^ mask) + return NT_STATUS_TRANSACTIONAL_CONFLICT; + } + + if (!locktry) { + blitter->info.busy = 1; + blitter->info.lock_tries = blitter->params.lock_tries; + return NT_STATUS_DEVICE_BUSY; + } + + return NT_STATUS_MORE_PROCESSING_REQUIRED; +} + +static int32_t __fastcall __blt_acquire( + __in nt_blitter * blitter, + __out intptr_t * blkid) +{ + unsigned int bit; + uintptr_t i,n; + + if (blitter->info.blocks_avail == 0) + return NT_STATUS_ALLOCATE_BUCKET; + + for (n=0,bit=0; blitter->info.blocks_avail && (n < blitter->params.round_trips); n++) { + for (i=*blkid/(8*sizeof(size_t)); (iptrs); i++) + if (at_bsf(&bit,blitter->bitmap[i])) + break; + + if (i == blitter->ptrs) + return NT_STATUS_ALLOCATE_BUCKET; + + switch (__blt_bitbite(blitter,bit,i)) { + case NT_STATUS_SUCCESS: + *blkid = bit + (i * 8 * sizeof(size_t)); + return NT_STATUS_SUCCESS; + + case NT_STATUS_DEVICE_BUSY: + return NT_STATUS_DEVICE_BUSY; + + default: + break; + } + } + + return NT_STATUS_ALLOCATE_BUCKET; +} + + +int32_t __fastcall __ntapi_blt_obtain( + __in nt_blitter * blitter, + __out intptr_t * blkid) +{ + unsigned int bit; + uintptr_t i,n; + uintptr_t mask; + + if (blitter->info.blocks_avail == 0) + return NT_STATUS_ALLOCATE_BUCKET; + else if ((bit = *blkid % sizeof(size_t)) == 0) + return __ntapi_blt_acquire(blitter,blkid); + + for (n=0,mask=(uintptr_t)-1; ninfo.blocks_avail && (n < blitter->params.round_trips); n++) { + if (!(at_bsf(&bit,(mask & blitter->bitmap[i])))) + break; + + switch (__blt_bitbite(blitter,bit,i)) { + case NT_STATUS_SUCCESS: + *blkid = bit + (i * 8 * sizeof(size_t)); + return NT_STATUS_SUCCESS; + + case NT_STATUS_DEVICE_BUSY: + return NT_STATUS_DEVICE_BUSY; + + default: + break; + } + } + + *blkid = ++i * 8 * sizeof(size_t); + return __blt_acquire(blitter,blkid); +} + + +int32_t __fastcall __ntapi_blt_possess( + __in nt_blitter * blitter, + __out intptr_t * blkid) +{ + int bit; + size_t byte; + uintptr_t test; + uintptr_t mask; + + bit = *blkid % (8*sizeof(size_t)); + byte = *blkid / (8*sizeof(size_t)); + + mask = ((uintptr_t)1 << bit); + test = at_locked_and( + (intptr_t *)&blitter->bitmap[byte], + ~mask); + + if (test & mask) { + at_locked_dec(&blitter->info.blocks_avail); + at_locked_inc(&blitter->info.blocks_used); + } + + return NT_STATUS_SUCCESS; +} + + +int32_t __fastcall __ntapi_blt_acquire( + __in nt_blitter * blitter, + __out intptr_t * blkid) +{ + *blkid = 0; + return __blt_acquire(blitter,blkid); +} + + +int32_t __fastcall __ntapi_blt_release( + __in nt_blitter * blitter, + __out intptr_t blkid) +{ + size_t i; + unsigned int idx; + uintptr_t bit; + + i = blkid / (8 * sizeof(uintptr_t)); + idx = blkid % (8 * sizeof(uintptr_t)); + bit = ((uintptr_t)1 << idx); + + at_locked_or((intptr_t *)&blitter->bitmap[i],bit); + at_locked_dec(&blitter->info.blocks_used); + at_locked_inc(&blitter->info.blocks_avail); + + return NT_STATUS_SUCCESS; +} + + +void * __fastcall __ntapi_blt_get( + __in const nt_blitter * blitter, + __in intptr_t block_id) +{ + size_t * addr = (size_t *)blitter->info.region_addr; + addr += block_id; + return addr; +} + + +void __fastcall __ntapi_blt_set( + __in const nt_blitter * blitter, + __in intptr_t block_id, + __in void * val) +{ + size_t * addr = (size_t *)blitter->info.region_addr; + addr += block_id; + *addr = (size_t)val; + return; +} diff --git a/src/blitter/ntapi_blt_free.c b/src/blitter/ntapi_blt_free.c new file mode 100644 index 0000000..a5956b1 --- /dev/null +++ b/src/blitter/ntapi_blt_free.c @@ -0,0 +1,48 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include "ntapi_blitter.h" +#include "ntapi_impl.h" + +int32_t __fastcall __ntapi_blt_free(nt_blitter * blt_ctx) +{ + int32_t status; + void * region_addr; + size_t region_size; + + /* validation */ + if (!blt_ctx) return NT_STATUS_INVALID_PARAMETER; + + /* free blt block */ + region_addr = blt_ctx->info.region_addr; + region_size = blt_ctx->info.region_size; + + if (region_size && !blt_ctx->params.region) { + status = __ntapi->zw_free_virtual_memory( + NT_CURRENT_PROCESS_HANDLE, + ®ion_addr, + ®ion_size, + NT_MEM_RELEASE); + + if (status) return status; + } + + /* free blt control block */ + region_addr = blt_ctx->addr; + region_size = blt_ctx->size; + + status = __ntapi->zw_free_virtual_memory( + NT_CURRENT_PROCESS_HANDLE, + ®ion_addr, + ®ion_size, + NT_MEM_RELEASE); + + return status; +} diff --git a/src/daemon/ntapi_dsr_init.c b/src/daemon/ntapi_dsr_init.c new file mode 100644 index 0000000..889de6b --- /dev/null +++ b/src/daemon/ntapi_dsr_init.c @@ -0,0 +1,189 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include +#include "ntapi_impl.h" + +static void __stdcall __ntapi_dsr_once(nt_daemon_params * params); + +int32_t __stdcall __ntapi_dsr_init(nt_daemon_params * params) +{ + int32_t status; + + nt_thread_params tparams; + nt_large_integer timeout; + + /* port_keys */ + if (params->flags & NT_DSR_INIT_GENERATE_KEYS) + if ((status = __ntapi->tt_port_generate_keys(params->port_keys))) + return status; + + /* port_name_keys */ + if (params->flags & NT_DSR_INIT_FORMAT_KEYS) + __ntapi->tt_port_format_keys( + params->port_keys, + params->port_name_keys); + + /* 'daemon-is-ready' event */ + if (!params->hevent_daemon_ready) { + if ((status = __ntapi->tt_create_private_event( + ¶ms->hevent_daemon_ready, + NT_NOTIFICATION_EVENT, + NT_EVENT_NOT_SIGNALED))) + return status; + + if (params->pevent_daemon_ready) + *(params->pevent_daemon_ready) = params->hevent_daemon_ready; + } + + /* 'internal-client-is-ready' event */ + if (!params->hevent_internal_client_ready) { + if ((status = __ntapi->tt_create_inheritable_event( + ¶ms->hevent_internal_client_ready, + NT_NOTIFICATION_EVENT, + NT_EVENT_NOT_SIGNALED))) + return status; + + if (params->pevent_internal_client_ready) + *(params->pevent_internal_client_ready) = params->hevent_internal_client_ready; + } + + /* daemon dedicated thread: general parameters */ + __ntapi->tt_aligned_block_memset( + &tparams,0,sizeof(tparams)); + + tparams.start = (nt_thread_start_routine *)__ntapi_dsr_start; + tparams.arg = params; + + /* daemon dedicated thread: stack parameters (optional) */ + tparams.stack_size_commit = params->stack_size_commit; + tparams.stack_size_reserve = params->stack_size_reserve; + tparams.stack_info = params->stack_info; + + /* daemon dedicated thread: create */ + status = __ntapi->tt_create_local_thread(&tparams); + params->hthread_daemon_loop = tparams.hthread; + if (status) return status; + + /* daemon dedicated thread: actual stack size */ + params->stack_size_commit = tparams.stack_size_commit; + params->stack_size_reserve = tparams.stack_size_reserve; + + + /* establish internal connection */ + __ntapi->tt_aligned_block_memset( + &tparams,0,sizeof(tparams)); + + tparams.start = (nt_thread_start_routine *)__ntapi_dsr_internal_client_connect; + tparams.arg = params; + + status = __ntapi->tt_create_local_thread(&tparams); + params->hthread_internal_client = tparams.hthread; + if (status) return status; + + /* wait until the internal connection had been established */ + timeout.quad = NT_DSR_INIT_MAX_WAIT; + + status = __ntapi->zw_wait_for_single_object( + params->hevent_internal_client_ready, + 0, + &timeout); + + if (params->flags & NT_DSR_INIT_CLOSE_EVENTS) { + __ntapi->zw_close(params->hevent_daemon_ready); + __ntapi->zw_close(params->hevent_internal_client_ready); + } + + return status; +} + + +/* __ntapi_dsr_start executes in the daemon's dedicated thread */ +int32_t __stdcall __ntapi_dsr_start(nt_daemon_params * params) +{ + __ntapi_dsr_once(params); + __ntapi_dsr_create_port(params); + __ntapi_dsr_connect_internal_client(params); + params->daemon_loop_routine(params->daemon_loop_context); + + /* (no return) */ + return NT_STATUS_INTERNAL_ERROR; +} + +/* __ntapi_dsr_once executes in the daemon's dedicated thread */ +static void __stdcall __ntapi_dsr_once(nt_daemon_params * params) +{ + int32_t status; + + if (!params->daemon_once_routine) + return; + + if ((status = params->daemon_once_routine(params->daemon_loop_context))) { + params->exit_code_daemon_start = status; + __ntapi->zw_terminate_thread(NT_CURRENT_THREAD_HANDLE,status); + } +} + +/* __ntapi_dsr_create_port executes in the daemon's dedicated thread */ +int32_t __stdcall __ntapi_dsr_create_port(nt_daemon_params * params) +{ + int32_t * pstatus; + nt_object_attributes oa; + nt_security_quality_of_service sqos; + nt_unicode_string server_name; + + pstatus = ¶ms->exit_code_daemon_start; + + /* init server_name */ + server_name.strlen = (uint16_t)__ntapi->tt_string_null_offset_short((const int16_t *)params->port_name); + server_name.maxlen = 0; + server_name.buffer = (uint16_t *)params->port_name; + + /* init security structure */ + sqos.length = sizeof(sqos); + sqos.impersonation_level = NT_SECURITY_IMPERSONATION; + sqos.context_tracking_mode = NT_SECURITY_TRACKING_DYNAMIC; + sqos.effective_only = 1; + + /* init the port's object attributes */ + oa.len = sizeof(oa); + oa.root_dir = (void *)0; + oa.obj_name = &server_name; + oa.obj_attr = 0; + oa.sec_desc = (nt_security_descriptor *)0; + oa.sec_qos = &sqos; + + /* create the port */ + *pstatus = __ntapi->zw_create_port( + ¶ms->hport_daemon, + &oa,0,(uint32_t)params->port_msg_size, + 0); + + if (*pstatus != NT_STATUS_SUCCESS) + __ntapi->zw_terminate_thread( + NT_CURRENT_THREAD_HANDLE, + *pstatus); + + /* return port info */ + if (params->pport_daemon) + *(params->pport_daemon) = params->hport_daemon; + + /* signal the daemon-is-ready event */ + *pstatus = __ntapi->zw_set_event( + params->hevent_daemon_ready, + (int32_t *)0); + + if (*pstatus != NT_STATUS_SUCCESS) + __ntapi->zw_terminate_thread( + NT_CURRENT_THREAD_HANDLE, + *pstatus); + + return *pstatus; +} diff --git a/src/daemon/ntapi_dsr_internal_connection.c b/src/daemon/ntapi_dsr_internal_connection.c new file mode 100644 index 0000000..7726b3f --- /dev/null +++ b/src/daemon/ntapi_dsr_internal_connection.c @@ -0,0 +1,142 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include +#include "ntapi_impl.h" + +/* __ntapi_dsr_connect_internal_client executes in the daemon's dedicated thread */ +int32_t __stdcall __ntapi_dsr_connect_internal_client(nt_daemon_params * params) +{ + int32_t * pstatus; + + intptr_t port_id; + nt_port_message port_msg; + nt_large_integer timeout; + void * _hport_client; + + pstatus = ¶ms->exit_code_daemon_start; + + /* timeout-enabled first connection */ + timeout.quad = NT_DSR_INIT_MAX_WAIT; + + *pstatus = __ntapi->zw_reply_wait_receive_port_ex( + params->hport_daemon, + &port_id, + (nt_port_message *)0, + (nt_port_message *)&port_msg, + &timeout); + + if (*pstatus != NT_STATUS_SUCCESS) + __ntapi->zw_terminate_thread( + NT_CURRENT_THREAD_HANDLE, + *pstatus); + + /* the internal client must be first */ + if (port_msg.client_id.process_id != pe_get_current_process_id()) + __ntapi->zw_terminate_thread( + NT_CURRENT_THREAD_HANDLE, + NT_STATUS_PORT_CONNECTION_REFUSED); + + /* accept connection request */ + *pstatus = __ntapi->zw_accept_connect_port( + &_hport_client, + port_msg.client_id.process_id, + (nt_port_message *)&port_msg, + NT_LPC_ACCEPT_CONNECTION, + (nt_port_section_write *)0, + (nt_port_section_read *)0); + + if (*pstatus != NT_STATUS_SUCCESS) + __ntapi->zw_terminate_thread( + NT_CURRENT_THREAD_HANDLE, + *pstatus); + + /* finalize connection */ + *pstatus = __ntapi->zw_complete_connect_port(_hport_client); + + if (*pstatus != NT_STATUS_SUCCESS) + __ntapi->zw_terminate_thread( + NT_CURRENT_THREAD_HANDLE, + *pstatus); + + return *pstatus; +} + + +/* __ntapi_dsr_internal_client_connect executes in its own temporary thread */ +int32_t __stdcall __ntapi_dsr_internal_client_connect(nt_daemon_params * params) +{ + int32_t * pstatus; + + nt_unicode_string server_name; + nt_object_attributes oa; + nt_security_quality_of_service sqos; + nt_large_integer timeout; + + pstatus = ¶ms->exit_code_internal_client; + + /* init server_name */ + server_name.strlen = (uint16_t)__ntapi->tt_string_null_offset_short((const int16_t *)params->port_name); + server_name.maxlen = 0; + server_name.buffer = (uint16_t *)params->port_name; + + /* init security structure */ + sqos.length = sizeof(sqos); + sqos.impersonation_level = NT_SECURITY_IMPERSONATION; + sqos.context_tracking_mode = NT_SECURITY_TRACKING_DYNAMIC; + sqos.effective_only = 1; + + /* init the port's object attributes */ + oa.len = sizeof(oa); + oa.root_dir = (void *)0; + oa.obj_name = &server_name; + oa.obj_attr = 0; + oa.sec_desc = (nt_security_descriptor *)0; + oa.sec_qos = &sqos; + + /* wait for the server to be ready */ + timeout.quad = NT_DSR_INIT_MAX_WAIT; + + if ((*pstatus = __ntapi->zw_wait_for_single_object( + params->hevent_daemon_ready, + 0,&timeout))) + __ntapi->zw_terminate_thread( + NT_CURRENT_THREAD_HANDLE, + *pstatus); + + /* establish internal connection */ + *pstatus = __ntapi->zw_connect_port( + ¶ms->hport_internal_client, + &server_name, + &sqos, + 0,0,0,0,0); + + if (*pstatus != NT_STATUS_SUCCESS) + __ntapi->zw_terminate_thread( + NT_CURRENT_THREAD_HANDLE, + *pstatus); + + /* return port info */ + if (params->pport_internal_client) + *(params->pport_internal_client) = params->hport_internal_client; + + /* signal the 'internal-client-is-ready' event */ + *pstatus = __ntapi->zw_set_event( + params->hevent_internal_client_ready, + 0); + + /* exit the task-specific thread */ + __ntapi->zw_terminate_thread( + NT_CURRENT_THREAD_HANDLE, + *pstatus); + + /* (no return) */ + return NT_STATUS_INTERNAL_ERROR; +} diff --git a/src/fs/ntapi_tt_get_file_handle_type.c b/src/fs/ntapi_tt_get_file_handle_type.c new file mode 100644 index 0000000..e1175a5 --- /dev/null +++ b/src/fs/ntapi_tt_get_file_handle_type.c @@ -0,0 +1,83 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include "ntapi_impl.h" + +typedef int __stdcall winapi_get_console_mode(void * handle, uint32_t * mode); + +int32_t __stdcall __ntapi_tt_get_file_handle_type( + __in void * handle, + __out int32_t * type) +{ + int32_t status; + uint32_t info; + nt_iosb iosb; + nt_fsssi fsssi; + nt_file_directory_information fdi; + nt_file_pipe_information fpi; + nt_object_basic_information obi; + + void * hkernel32; + char str_get_con_mode[32] = "GetConsoleMode"; + winapi_get_console_mode * pfn_get_con_mode; + + /* validation */ + if (!handle) return NT_STATUS_INVALID_HANDLE; + + /* file-system directory? */ + if (!(status = __ntapi->zw_query_information_file( + handle, + &iosb,&fdi,sizeof(fdi), + NT_FILE_DIRECTORY_INFORMATION))) { + *type = NT_FILE_TYPE_DIRECTORY; + return 0; + } + + /* file-system file? */ + if (!(status = __ntapi->zw_query_volume_information_file( + handle, + &iosb,&fsssi,sizeof(fsssi), + NT_FILE_FS_SECTOR_SIZE_INFORMATION))) { + *type = NT_FILE_TYPE_FILE; + return 0; + } + + /* pipe? */ + if (!(status = __ntapi->zw_query_information_file( + handle, + &iosb,&fpi,sizeof(fpi), + NT_FILE_PIPE_INFORMATION))) { + *type = NT_FILE_TYPE_PIPE; + return 0; + } + + + /* csrss? */ + if (!(hkernel32 = pe_get_kernel32_module_handle())) + return NT_STATUS_DLL_INIT_FAILED; + else if (!(pfn_get_con_mode = (winapi_get_console_mode *)pe_get_procedure_address( + hkernel32,str_get_con_mode))) + return NT_STATUS_DLL_INIT_FAILED; + + + /* (console functions return non-zero on success) */ + if ((pfn_get_con_mode(handle,&info))) { + *type = NT_FILE_TYPE_CSRSS; + return 0; + } + + /* invalid handle? */ + if ((status = __ntapi->zw_query_object( + handle,NT_OBJECT_BASIC_INFORMATION, + &obi,sizeof(obi),&info))) + return status; + + /* unknown object */ + *type = NT_FILE_TYPE_UNKNOWN; + return NT_STATUS_SUCCESS; +} diff --git a/src/fs/ntapi_tt_istat.c b/src/fs/ntapi_tt_istat.c new file mode 100644 index 0000000..bd2029d --- /dev/null +++ b/src/fs/ntapi_tt_istat.c @@ -0,0 +1,155 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include +#include "ntapi_impl.h" + +int32_t __stdcall __ntapi_tt_istat( + __in void * hfile, + __in void * hroot __optional, + __in nt_unicode_string * path, + __out nt_istat * istat, + __out uintptr_t * buffer, + __in uint32_t buffer_size, + __in uint32_t open_options, + __in uint32_t flags) +{ + int32_t status; + + nt_oa oa; + nt_iosb iosb; + nt_unicode_string * sdev; + uint32_t hash; + wchar16_t * wch; + wchar16_t * wch_mark; + + /* validaton */ + if (!hfile && !path) + return NT_STATUS_INVALID_HANDLE; + + /* hfile */ + if (!hfile) { + /* oa */ + oa.len = sizeof(nt_oa); + oa.root_dir = hroot; + oa.obj_name = path; + oa.obj_attr = 0; + oa.sec_desc = 0; + oa.sec_qos = 0; + + /* open file/folder */ + status = __ntapi->zw_open_file( + &hfile, + NT_SEC_SYNCHRONIZE | NT_FILE_READ_ATTRIBUTES | NT_FILE_READ_ACCESS, + &oa, + &iosb, + NT_FILE_SHARE_READ | NT_FILE_SHARE_WRITE, + open_options | NT_FILE_SYNCHRONOUS_IO_ALERT); + + if (status != NT_STATUS_SUCCESS) + return status; + + istat->flags_out = NT_STAT_NEW_HANDLE; + } + + istat->hfile = hfile; + istat->flags_in = flags; + + /* file index number */ + status = __ntapi->zw_query_information_file( + hfile, + &iosb, + &istat->fii, + sizeof(istat->fii), + NT_FILE_INTERNAL_INFORMATION); + + if (status != NT_STATUS_SUCCESS) + return status; + + /* attributes & reparse tag information */ + status = __ntapi->zw_query_information_file( + hfile, + &iosb, + &istat->ftagi, + sizeof(istat->ftagi), + NT_FILE_ATTRIBUTE_TAG_INFORMATION); + + if (status != NT_STATUS_SUCCESS) + return status; + + /* TODO: consolidate with statfs */ + /* system-unique device name */ + iosb.info = 0; + status = __ntapi->zw_query_object( + hfile, + NT_OBJECT_NAME_INFORMATION, + buffer, + buffer_size, + (uint32_t *)&iosb.info); + + if (status != NT_STATUS_SUCCESS) + return status; + + sdev = (nt_unicode_string *)buffer; + + if (sdev->strlen < __DEVICE_PATH_PREFIX_LEN) + return NT_STATUS_INVALID_HANDLE; + + hash = __ntapi->tt_buffer_crc32( + 0, + sdev->buffer, + __DEVICE_PATH_PREFIX_LEN); + + if (hash != __DEVICE_PATH_PREFIX_HASH) + return NT_STATUS_INVALID_HANDLE; + + wch_mark = sdev->buffer + __DEVICE_PATH_PREFIX_LEN/sizeof(wchar16_t); + wch = wch_mark; + while (*wch != '\\') wch++; + istat->dev_name_strlen = (uint16_t)((wch - sdev->buffer) * sizeof(uint16_t)); + + istat->dev_name_hash = __ntapi->tt_buffer_crc32( + hash, + wch_mark, + (uintptr_t)wch - (uintptr_t)wch_mark); + + return status; +} + + +int32_t __stdcall __ntapi_tt_validate_fs_handle( + __in void * hfile, + __in uint32_t dev_name_hash, + __in nt_fii fii, + __out uintptr_t * buffer, + __in uint32_t buffer_size) +{ + int32_t status; + nt_istat istat; + + status = __ntapi->tt_istat( + hfile, + (void *)0, + (nt_unicode_string *)0, + &istat, + buffer, + buffer_size, + 0, + NT_ISTAT_DEFAULT); + + if (status) return status; + + if (istat.fii.index_number.quad != fii.index_number.quad) + return NT_STATUS_CONTEXT_MISMATCH; + else if (istat.dev_name_hash != dev_name_hash) + return NT_STATUS_CONTEXT_MISMATCH; + + return NT_STATUS_SUCCESS; +} diff --git a/src/fs/ntapi_tt_mount.c b/src/fs/ntapi_tt_mount.c new file mode 100644 index 0000000..1718750 --- /dev/null +++ b/src/fs/ntapi_tt_mount.c @@ -0,0 +1,358 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include +#include "ntapi_impl.h" + +typedef enum __dos_drive_handle_type { + __DOS_DRIVE_DEVICE_HANDLE, + __DOS_DRIVE_ROOT_HANDLE +} _dos_drive_handle_type; + +typedef struct __dos_name_buffer { + wchar16_t global_prefix[4]; + wchar16_t dos_letter; + wchar16_t colon; + wchar16_t root; + wchar16_t null_termination; +} _dos_name_buffer; + + +static int32_t __stdcall __tt_connect_to_mount_point_manager(void) +{ + int32_t status; + + void * hdev; + void * hdev_prev; + nt_oa oa; + nt_iosb iosb; + nt_unicode_string dev_name; + uint16_t dev_name_buffer[] = { + '\\','?','?','\\', + 'M','o','u','n','t', + 'P','o','i','n','t', + 'M','a','n','a','g','e','r',0}; + + dev_name.strlen = sizeof(wchar16_t) * (4+5+5+7); + dev_name.maxlen = 0; + dev_name.buffer = dev_name_buffer; + + oa.len = sizeof(nt_oa); + oa.root_dir = (void *)0; + oa.obj_name = &dev_name; + oa.obj_attr = NT_OBJ_CASE_INSENSITIVE; + oa.sec_desc = (nt_sd *)0; + oa.sec_qos = (nt_sqos *)0; + + status = __ntapi->zw_create_file( + &hdev, + NT_SEC_SYNCHRONIZE | NT_FILE_READ_ATTRIBUTES, + &oa, + &iosb, + 0, + NT_FILE_ATTRIBUTE_NORMAL, + NT_FILE_SHARE_READ | NT_FILE_SHARE_WRITE, + NT_FILE_OPEN, + NT_FILE_NON_DIRECTORY_FILE | NT_FILE_SYNCHRONOUS_IO_NONALERT, + (void *)0, + 0); + + if (status != NT_STATUS_SUCCESS) + return status; + + hdev_prev = (void *)at_locked_cas( + (intptr_t *)&__ntapi_internals()->hdev_mount_point_mgr, + 0,(intptr_t)hdev); + + if (hdev_prev) + __ntapi->zw_close(hdev); + + return status; +} + + +static int32_t __stdcall __tt_get_dos_drive_device_or_root_handle( + __out void ** hdrive, + __in wchar16_t * drive_letter, + __in _dos_drive_handle_type handle_type) +{ + #define __common_mode (NT_FILE_SYNCHRONOUS_IO_ALERT) + #define __common_access (NT_SEC_SYNCHRONIZE \ + | NT_FILE_READ_ATTRIBUTES) + + int32_t status; + + nt_oa oa; + nt_iosb iosb; + uint32_t open_flags; + uint32_t access_flags; + nt_unicode_string dos_name; + _dos_name_buffer dos_name_buffer = { + {'\\','?','?','\\'}, + '_',':',0,0}; + + if (!hdrive || !drive_letter) + return NT_STATUS_INVALID_PARAMETER; + + if ((*drive_letter>='A') && (*drive_letter<='Z')) + dos_name_buffer.dos_letter = *drive_letter; + else if ((*drive_letter>='a') && (*drive_letter<='z')) + dos_name_buffer.dos_letter = *drive_letter + 'A' - 'a'; + else + return NT_STATUS_INVALID_PARAMETER_2; + + dos_name.strlen = ((size_t)(&((_dos_name_buffer *)0)->root)); + dos_name.maxlen = 0; + dos_name.buffer = &(dos_name_buffer.global_prefix[0]); + + switch (handle_type) { + case __DOS_DRIVE_DEVICE_HANDLE: + open_flags = __common_mode; + access_flags = __common_access; + break; + + case __DOS_DRIVE_ROOT_HANDLE: + open_flags = __common_mode | NT_FILE_DIRECTORY_FILE; + access_flags = __common_access | NT_FILE_READ_ACCESS; + dos_name_buffer.root = '\\'; + dos_name.strlen += sizeof(wchar16_t); + break; + default: + open_flags = 0; + access_flags = 0; + break; + } + + oa.len = sizeof(nt_oa); + oa.root_dir = (void *)0; + oa.obj_name = &dos_name; + oa.obj_attr = NT_OBJ_INHERIT; + oa.sec_desc = (nt_sd *)0; + oa.sec_qos = (nt_sqos *)0; + + status = __ntapi->zw_open_file( + hdrive, + access_flags, + &oa, + &iosb, + NT_FILE_SHARE_READ | NT_FILE_SHARE_WRITE, + open_flags); + + return status; +} + + +int32_t __stdcall __ntapi_tt_get_dos_drive_device_handle( + __out void ** hdevice, + __in wchar16_t * drive_letter) +{ + return __tt_get_dos_drive_device_or_root_handle( + hdevice, + drive_letter, + __DOS_DRIVE_DEVICE_HANDLE); +} + + +int32_t __stdcall __ntapi_tt_get_dos_drive_root_handle( + __out void ** hroot, + __in wchar16_t * drive_letter) +{ + return __tt_get_dos_drive_device_or_root_handle( + hroot, + drive_letter, + __DOS_DRIVE_ROOT_HANDLE); +} + + + +int32_t __stdcall __ntapi_tt_get_dos_drive_device_name( + __in void * hdevice __optional, + __in wchar16_t * drive_letter __optional, + __out nt_mount_dev_name * buffer, + __in uint32_t buffer_size) +{ + int32_t status; + nt_iosb iosb; + + if (!hdevice && (status = __tt_get_dos_drive_device_or_root_handle( + &hdevice, + drive_letter, + __DOS_DRIVE_DEVICE_HANDLE))) + return status; + + return __ntapi->zw_device_io_control_file( + hdevice, + (void *)0, + (nt_io_apc_routine *)0, + (void *)0, + &iosb, + NT_IOCTL_MOUNTDEV_QUERY_DEVICE_NAME, + (void *)0, + 0, + buffer, + buffer_size); +} + + +int32_t __stdcall __ntapi_tt_get_dos_drive_mount_points( + __in void * hdevice __optional, + __in wchar16_t * drive_letter __optional, + __in nt_mount_dev_name * dev_name __optional, + __out void * buffer, + __in uint32_t buffer_size) +{ + int32_t status; + nt_iosb iosb; + wchar16_t dev_name_buffer[64]; + nt_mount_point_param * dev_mount_point; + nt_mount_points * dev_mount_points; + uintptr_t addr; + + if (!dev_name) { + dev_name = (nt_mount_dev_name *)&dev_name_buffer; + if ((status = __ntapi_tt_get_dos_drive_device_name( + hdevice, + drive_letter, + dev_name, + sizeof(dev_name_buffer)))) + return status; + } + + if (buffer_size < sizeof(nt_mount_mgr_mount_point) \ + + sizeof(nt_mount_dev_name) \ + + sizeof(dev_name->name_length)) + return NT_STATUS_BUFFER_TOO_SMALL; + + dev_mount_point = (nt_mount_point_param *)buffer; + dev_mount_point->symlink_name_offset = 0; + dev_mount_point->symlink_name_length = 0; + dev_mount_point->unique_id_offset = 0; + dev_mount_point->unique_id_length = 0; + dev_mount_point->device_name_offset = ((size_t)(&((nt_mount_point_param *)0)->device_name)); + dev_mount_point->device_name_length = dev_name->name_length; + dev_mount_point->mount_points_offset = 0; + + __ntapi->tt_memcpy_utf16( + dev_mount_point->device_name, + dev_name->name, + dev_name->name_length); + + addr = (uintptr_t)(dev_mount_point->device_name) + dev_name->name_length; + addr += sizeof(uintptr_t) - 1; + addr /= sizeof(uintptr_t); + addr *= sizeof(uintptr_t); + dev_mount_points = (nt_mount_points *)addr; + + + if (!__ntapi_internals()->hdev_mount_point_mgr) + status = __tt_connect_to_mount_point_manager(); + + if (!__ntapi_internals()->hdev_mount_point_mgr) + return status; + + + status = __ntapi->zw_device_io_control_file( + __ntapi_internals()->hdev_mount_point_mgr, + (void *)0, + (nt_io_apc_routine *)0, + (void *)0, + &iosb, + NT_IOCTL_MOUNTMGR_QUERY_POINTS, + dev_mount_point, + (uint32_t)(uintptr_t)&(((nt_mount_point_param *)0)->device_name) + dev_name->name_length, + dev_mount_points, + (uint32_t)((uintptr_t)buffer + buffer_size - addr)); + + dev_mount_point->mount_points_offset = (uint16_t)((uintptr_t)addr - (uintptr_t)buffer); + + return status; +} + + +int32_t __stdcall __ntapi_tt_dev_mount_points_to_statfs( + __in nt_mount_points * mount_points, + __in_out nt_statfs * statfs) +{ + int32_t status; + uint32_t hash; + uint32_t i; + + nt_mount_mgr_mount_point * mount_point; + char * symlink; + + mount_point = mount_points->mount_points; + statfs->nt_drive_letter = 0; + + + for (i = 0; i < mount_points->number; i++, mount_point++) { + symlink = (char *)mount_points + mount_point->symlink_name_offset; + + /* both prefixes of interest happen to be of the same length */ + hash = __ntapi->tt_buffer_crc32( + 0, symlink, __DOS_DEVICES_PREFIX_LEN); + + if (hash == __DOS_DEVICES_PREFIX_HASH) + statfs->nt_drive_letter = ((nt_dos_devices_name *)(symlink))->letter; + else if (hash == __VOLUME_PATH_PREFIX_HASH) { + status = __ntapi_tt_utf16_string_to_guid( + (nt_guid_str_utf16 *)(symlink \ + + __VOLUME_PATH_PREFIX_LEN \ + - sizeof(wchar16_t)), + &statfs->nt_volume_guid); + + if (status != NT_STATUS_SUCCESS) + return status; + } + } + + return 0; +} + + +int32_t __stdcall __ntapi_tt_get_dos_drive_letter_from_device( + __in void * hdevice __optional, + __out wchar16_t * drive_letter, + __in nt_mount_dev_name * dev_name __optional, + __out void * buffer, + __in uint32_t buffer_size) +{ + int32_t status; + wchar16_t dev_name_buffer[128]; + nt_statfs statfs; + uint32_t offset; + nt_mount_points * mnt_points; + + if (!dev_name) { + dev_name = (nt_mount_dev_name *)&dev_name_buffer; + status = __ntapi_tt_get_dos_drive_device_name( + hdevice, + (wchar16_t *)0, + dev_name, + sizeof(dev_name_buffer)); + + if (status != NT_STATUS_SUCCESS) + return status; + } + + + offset = ((nt_mount_point_param *)buffer)->mount_points_offset; + mnt_points = (nt_mount_points *)((uintptr_t)buffer + offset); + + status = __ntapi_tt_dev_mount_points_to_statfs( + mnt_points, + &statfs); + + if (status != NT_STATUS_SUCCESS) + return status; + + *drive_letter = statfs.nt_drive_letter; + + return status; +} diff --git a/src/fs/ntapi_tt_open_logical_parent_directory.c b/src/fs/ntapi_tt_open_logical_parent_directory.c new file mode 100644 index 0000000..c20d05b --- /dev/null +++ b/src/fs/ntapi_tt_open_logical_parent_directory.c @@ -0,0 +1,21 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include "ntapi_impl.h" + +int32_t __stdcall __ntapi_tt_open_logical_parent_directory( + __out void ** hparent, + __in void * hdir, + __out uintptr_t * buffer, + __in uint32_t buffer_size, + __in uint32_t desired_access, + __in uint32_t open_options, + __out int32_t * type) +{ + return NT_STATUS_MORE_PROCESSING_REQUIRED; +} diff --git a/src/fs/ntapi_tt_open_physical_parent_directory.c b/src/fs/ntapi_tt_open_physical_parent_directory.c new file mode 100644 index 0000000..68d282b --- /dev/null +++ b/src/fs/ntapi_tt_open_physical_parent_directory.c @@ -0,0 +1,69 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include "ntapi_impl.h" + +int32_t __stdcall __ntapi_tt_open_physical_parent_directory( + __out void ** hparent, + __in void * hdir, + __out uintptr_t * buffer, + __in uint32_t buffer_size, + __in uint32_t desired_access, + __in uint32_t open_options, + __out int32_t * type) +{ + int32_t status; + nt_oa oa; + nt_iosb iosb; + wchar16_t * wch; + nt_unicode_string * path; + uint32_t len; + + path = (nt_unicode_string *)buffer; + + if ((status = __ntapi->zw_query_object( + hdir, + NT_OBJECT_NAME_INFORMATION, + path, + buffer_size, + &len))) + return status; + else if (len == sizeof(nt_unicode_string)) + return NT_STATUS_BAD_FILE_TYPE; + + wch = path->buffer + (path->strlen / sizeof(uint16_t)); + while ((--wch >= path->buffer) && (*wch != '\\')); + + if (wch == path->buffer ) + return NT_STATUS_MORE_PROCESSING_REQUIRED; + + path->strlen = sizeof(uint16_t) * (uint16_t)(wch-path->buffer); + path->maxlen = 0; + + /* oa */ + oa.len = sizeof(nt_oa); + oa.root_dir = 0; + oa.obj_name = path; + oa.obj_attr = 0; + oa.sec_desc = 0; + oa.sec_qos = 0; + + /* default access */ + desired_access = desired_access + ? desired_access + : NT_SEC_SYNCHRONIZE | NT_FILE_READ_ATTRIBUTES | NT_FILE_READ_ACCESS; + + /* open parent directory */ + return __ntapi->zw_open_file( + hparent, + desired_access, + &oa, + &iosb, + NT_FILE_SHARE_READ | NT_FILE_SHARE_WRITE, + open_options | NT_FILE_DIRECTORY_FILE); +} diff --git a/src/fs/ntapi_tt_stat.c b/src/fs/ntapi_tt_stat.c new file mode 100644 index 0000000..51cc55a --- /dev/null +++ b/src/fs/ntapi_tt_stat.c @@ -0,0 +1,129 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include +#include "ntapi_impl.h" + +int32_t __stdcall __ntapi_tt_stat( + __in void * hfile, + __in void * hroot __optional, + __in nt_unicode_string * path, + __out nt_stat * stat, + __out uintptr_t * buffer, + __in uint32_t buffer_size, + __in uint32_t open_options, + __in uint32_t flags) +{ + int32_t status; + nt_oa oa; + nt_iosb iosb; + nt_unicode_string * sdev; + nt_fai * fai; + + /* validation */ + if (!hfile && !path) + return NT_STATUS_INVALID_HANDLE; + + /* hfile */ + if (!hfile) { + /* oa */ + oa.len = sizeof(nt_oa); + oa.root_dir = hroot; + oa.obj_name = path; + oa.obj_attr = 0; + oa.sec_desc = 0; + oa.sec_qos = 0; + + /* open file/folder */ + status = __ntapi->zw_open_file( + &hfile, + NT_SEC_SYNCHRONIZE | NT_FILE_READ_ATTRIBUTES | NT_FILE_READ_ACCESS, + &oa, + &iosb, + NT_FILE_SHARE_READ | NT_FILE_SHARE_WRITE, + open_options | NT_FILE_SYNCHRONOUS_IO_ALERT); + + if (status != NT_STATUS_SUCCESS) + return status; + + stat->flags_out = NT_STAT_NEW_HANDLE; + } + + stat->hfile = hfile; + stat->flags_in = flags; + + /* system-unique device name */ + status = __ntapi->zw_query_information_file( + hfile, + &iosb, + buffer, + buffer_size, + NT_FILE_ALL_INFORMATION); + + if (status != NT_STATUS_SUCCESS) + return status; + + /* copy file info minus name */ + fai = (nt_fai *)buffer; + __ntapi->tt_aligned_block_memcpy( + (uintptr_t *)stat, + (uintptr_t *)fai, + ((size_t)(&((nt_fai *)0)->name_info))); + + /* record the file name length, but do not hash */ + stat->file_name_length = fai->name_info.file_name_length; + stat->file_name_hash = 0; + + + /* file system size information */ + status = __ntapi->zw_query_volume_information_file( + hfile, + &iosb, + &(stat->fssi), + sizeof(stat->fssi), + NT_FILE_FS_SIZE_INFORMATION); + + if (status != NT_STATUS_SUCCESS) + return status; + + /* system-unique device name (simpler than statfs) */ + iosb.info = 0; + status = __ntapi->zw_query_object( + hfile, + NT_OBJECT_NAME_INFORMATION, + buffer, + buffer_size, + (uint32_t *)&iosb.info); + + if (status != NT_STATUS_SUCCESS) + return status; + + sdev = (nt_unicode_string *)buffer; + stat->dev_name_strlen = sdev->strlen - (uint16_t)stat->file_name_length; + + stat->dev_name_hash = __ntapi->tt_buffer_crc32( + 0, + sdev->buffer, + stat->dev_name_strlen); + + if (flags & NT_STAT_DEV_NAME_COPY) { + if (stat->dev_name_maxlen < sdev->strlen) + /* does not justify failure */ + *stat->dev_name = 0; + else + __ntapi->tt_memcpy_utf16( + (wchar16_t *)stat->dev_name, + (wchar16_t *)sdev->buffer, + stat->dev_name_strlen); + } else + *stat->dev_name = 0; + + return status; +} diff --git a/src/fs/ntapi_tt_statfs.c b/src/fs/ntapi_tt_statfs.c new file mode 100644 index 0000000..114cc8e --- /dev/null +++ b/src/fs/ntapi_tt_statfs.c @@ -0,0 +1,225 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include "ntapi_impl.h" + +int32_t __stdcall __ntapi_tt_statfs( + __in void * hfile, + __in void * hroot __optional, + __in nt_unicode_string * path, + __out nt_statfs * statfs, + __out uintptr_t * buffer, + __in uint32_t buffer_size, + __in uint32_t flags) +{ + int32_t status; + nt_oa oa; + nt_iosb iosb; + nt_unicode_string * sdev; + uint32_t hash; + wchar16_t * wch; + wchar16_t * wch_mark; + uint32_t offset; + void * mnt_points_buffer; + nt_mount_points * mnt_points; + nt_fsai * fsai; + nt_fsfsi * fsfsi; + uint32_t * fsid; + uint64_t * pguid; + + /* validation */ + if (!hfile && !path) + return NT_STATUS_INVALID_HANDLE; + + /* hfile */ + if (!hfile) { + /* oa */ + oa.len = sizeof(nt_oa); + oa.root_dir = hroot; + oa.obj_name = path; + oa.obj_attr = 0; + oa.sec_desc = 0; + oa.sec_qos = 0; + + /* open file/folder */ + status = __ntapi->zw_open_file( + &hfile, + NT_SEC_SYNCHRONIZE | NT_FILE_READ_ATTRIBUTES | NT_FILE_READ_ACCESS, + &oa, + &iosb, + NT_FILE_SHARE_READ | NT_FILE_SHARE_WRITE, + NT_FILE_SYNCHRONOUS_IO_ALERT); + + if (status != NT_STATUS_SUCCESS) + return status; + + statfs->flags_out = NT_STATFS_NEW_HANDLE; + } + + statfs->hfile = hfile; + statfs->flags_in = flags; + + /* maximum component length, file system type */ + status = __ntapi->zw_query_volume_information_file( + hfile, + &iosb, + buffer, + buffer_size, + NT_FILE_FS_ATTRIBUTE_INFORMATION); + + if (status != NT_STATUS_SUCCESS) + return status; + + fsai = (nt_fsai *)buffer; + statfs->f_type = 0; + statfs->f_namelen = fsai->maximum_component_name_length; + statfs->nt_fstype_hash = __ntapi->tt_buffer_crc32( + 0, + &fsai->file_system_name, + fsai->file_system_name_length); + + /* max files per volume */ + switch (statfs->nt_fstype_hash) { + case NT_FS_TYPE_HPFS_NAME_HASH: + case NT_FS_TYPE_NTFS_NAME_HASH: + case NT_FS_TYPE_SMB_NAME_HASH: + case NT_FS_TYPE_UDF_NAME_HASH: + statfs->f_files = 0xFFFFFFFF; + break; + + case NT_FS_TYPE_FAT16_NAME_HASH: + statfs->f_files = 0x10000; + break; + + case NT_FS_TYPE_FAT32_NAME_HASH: + statfs->f_files = 0x400000; + break; + + default: + /* pretend there is no limitation */ + statfs->f_files = (-1); + break; + } + + /* number of free file records on volume */ + /* (skip, yet indicate that the volume is not empty) */ + statfs->f_ffree = (size_t)statfs->f_files >> 4 << 3; + + /* file system size information */ + status = __ntapi->zw_query_volume_information_file( + hfile, + &iosb, + buffer, + buffer_size, + NT_FILE_FS_FULL_SIZE_INFORMATION); + + if (status != NT_STATUS_SUCCESS) + return status; + + fsfsi = (nt_fsfsi *)buffer; + statfs->f_blocks = fsfsi->total_allocation_units.quad; + statfs->f_bfree = fsfsi->actual_available_allocation_units.quad; + statfs->f_bavail = fsfsi->caller_available_allocation_units.quad; + statfs->f_bsize = fsfsi->sectors_per_allocation_unit * fsfsi->bytes_per_sector; + statfs->f_frsize = fsfsi->bytes_per_sector; + + /* TODO: consolidate with istat */ + /* system-unique device name */ + iosb.info = 0; + status = __ntapi->zw_query_object( + hfile, + NT_OBJECT_NAME_INFORMATION, + buffer, + buffer_size, + (uint32_t *)&iosb.info); + + if (status != NT_STATUS_SUCCESS) + return status; + + sdev = (nt_unicode_string *)buffer; + + if (sdev->strlen < __DEVICE_PATH_PREFIX_LEN) + return NT_STATUS_INVALID_HANDLE; + + hash = __ntapi->tt_buffer_crc32( + 0, + sdev->buffer, + __DEVICE_PATH_PREFIX_LEN); + + if (hash != __DEVICE_PATH_PREFIX_HASH) + return NT_STATUS_INVALID_HANDLE; + + wch_mark = sdev->buffer + __DEVICE_PATH_PREFIX_LEN/sizeof(wchar16_t); + wch = wch_mark; + while (*wch != '\\') wch++; + statfs->dev_name_strlen = (uint16_t)((wch - sdev->buffer) * sizeof(uint16_t)); + statfs->record_name_strlen = sdev->strlen - statfs->dev_name_strlen; + + statfs->dev_name_hash = __ntapi->tt_buffer_crc32( + hash,wch_mark, + sizeof(wchar16_t) * (wch - wch_mark)); + + /* copy device name (optional, no failure) */ + if (flags & NT_STATFS_DEV_NAME_COPY) { + if (statfs->dev_name_maxlen < sdev->strlen) + *statfs->dev_name = 0; + else + __ntapi->tt_memcpy_utf16( + (wchar16_t *)statfs->dev_name, + (wchar16_t *)sdev->buffer, + sdev->strlen); + } else + *statfs->dev_name = 0; + + /* f_fsid: hash of the system-unique device name */ + /* (never use the volume serial number) */ + fsid = (uint32_t *)&(statfs->f_fsid); + fsid[0] = statfs->dev_name_hash; + fsid[1] = 0; + + /* f_flags, nt_attr, nt_control_flags (todo?) */ + statfs->f_flags = 0; + statfs->nt_attr = 0; + statfs->nt_control_flags = 0; + statfs->nt_padding = 0; + + if (!(flags & NT_STATFS_VOLUME_GUID)) { + statfs->nt_drive_letter = 0; + pguid = (uint64_t *)&(statfs->nt_volume_guid); + *pguid = 0; *(++pguid) = 0; + return NT_STATUS_SUCCESS; + } + + /* dos device letter and volume guid */ + wch = (wchar16_t *)sdev->buffer; + mnt_points_buffer = (void *)((uintptr_t)wch + statfs->dev_name_strlen); + + *(--wch) = statfs->dev_name_strlen; + offset = sizeof(nt_unicode_string) + statfs->dev_name_strlen; + + status = __ntapi->tt_get_dos_drive_mount_points( + (void *)0, + (wchar16_t *)0, + (nt_mount_dev_name *)wch, + mnt_points_buffer, + buffer_size - offset); + + if (status != NT_STATUS_SUCCESS) + return status; + + offset = ((nt_mount_point_param *)mnt_points_buffer)->mount_points_offset; + mnt_points = (nt_mount_points *)((uintptr_t)mnt_points_buffer + offset); + + status = __ntapi->tt_dev_mount_points_to_statfs( + mnt_points, + statfs); + + return status; +} diff --git a/src/guid/ntapi_tt_guid.c b/src/guid/ntapi_tt_guid.c new file mode 100644 index 0000000..07cd938 --- /dev/null +++ b/src/guid/ntapi_tt_guid.c @@ -0,0 +1,182 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include "ntapi_impl.h" + + +void __fastcall __ntapi_tt_guid_copy( + __out nt_guid * pguid_dst, + __in const nt_guid * pguid_src) +{ + uint64_t * dst; + uint64_t * src; + + dst = (uint64_t *)pguid_dst; + src = (uint64_t *)pguid_src; + + *dst = *src; + src++; dst++; + *dst = *src; +} + + +void __fastcall __ntapi_tt_guid_to_utf16_string( + __in const nt_guid * guid, + __out nt_guid_str_utf16 * guid_str) +{ + uint16_t key; + wchar16_t * wch; + + wch = &(guid_str->group5[0]); + + __ntapi_tt_uint32_to_hex_utf16( + guid->data1, + &guid_str->group1[0]); + + __ntapi_tt_uint16_to_hex_utf16( + guid->data2, + &guid_str->group2[0]); + + __ntapi_tt_uint16_to_hex_utf16( + guid->data3, + &guid_str->group3[0]); + + key = guid->data4[0] * 0x100 + guid->data4[1]; + + __ntapi_tt_uint16_to_hex_utf16( + key, + &guid_str->group4[0]); + + key = guid->data4[2] * 0x100 + guid->data4[3]; + + __ntapi_tt_uint16_to_hex_utf16( + key, + &guid_str->group5[0]); + + key = guid->data4[4] * 0x100 + guid->data4[5]; + + __ntapi_tt_uint16_to_hex_utf16( + key, + &(wch[4])); + + key = guid->data4[6] * 0x100 + guid->data4[7]; + + __ntapi_tt_uint16_to_hex_utf16( + key, + &(wch[8])); + + guid_str->lbrace = '{'; + guid_str->rbrace = '}'; + guid_str->dash1 = '-'; + guid_str->dash2 = '-'; + guid_str->dash3 = '-'; + guid_str->dash4 = '-'; + + return; +} + + +int32_t __fastcall __ntapi_tt_guid_compare( + __in const nt_guid * pguid_dst, + __in const nt_guid * pguid_src) +{ + uint64_t * dst; + uint64_t * src; + + dst = (uint64_t *)pguid_dst; + src = (uint64_t *)pguid_src; + + if ((*dst != *src) || (*(++dst) != *(++src))) + return NT_STATUS_OBJECT_TYPE_MISMATCH; + + return NT_STATUS_SUCCESS; +} + + +int32_t __fastcall __ntapi_tt_utf16_string_to_guid( + __out nt_guid_str_utf16 * guid_str, + __in nt_guid * guid) +{ + int32_t status; + wchar16_t * wch; + uint16_t key; + + if ((guid_str->lbrace != '{') + || (guid_str->rbrace != '}') + || (guid_str->dash1 != '-') + || (guid_str->dash2 != '-') + || (guid_str->dash3 != '-') + || (guid_str->dash4 != '-')) + return NT_STATUS_INVALID_PARAMETER; + + wch = &(guid_str->group5[0]); + + status = __ntapi_tt_hex_utf16_to_uint32( + guid_str->group1, + &guid->data1); + + if (status != NT_STATUS_SUCCESS) + return status; + + status = __ntapi_tt_hex_utf16_to_uint16( + guid_str->group2, + &guid->data2); + + if (status != NT_STATUS_SUCCESS) + return status; + + status = __ntapi_tt_hex_utf16_to_uint16( + guid_str->group3, + &guid->data3); + + if (status != NT_STATUS_SUCCESS) + return status; + + status = __ntapi_tt_hex_utf16_to_uint16( + guid_str->group4, + &key); + + if (status != NT_STATUS_SUCCESS) + return status; + + guid->data4[0] = key / 0x100; + guid->data4[1] = key % 0x100; + + status = __ntapi_tt_hex_utf16_to_uint16( + &(wch[0]), + &key); + + if (status != NT_STATUS_SUCCESS) + return status; + + guid->data4[2] = key / 0x100; + guid->data4[3] = key % 0x100; + + status = __ntapi_tt_hex_utf16_to_uint16( + &(wch[4]), + &key); + + if (status != NT_STATUS_SUCCESS) + return status; + + guid->data4[4] = key / 0x100; + guid->data4[5] = key % 0x100; + + status = __ntapi_tt_hex_utf16_to_uint16( + &(wch[8]), + &key); + + if (status != NT_STATUS_SUCCESS) + return status; + + guid->data4[6] = key / 0x100; + guid->data4[7] = key % 0x100; + + return NT_STATUS_SUCCESS; +} diff --git a/src/hash/ntapi_tt_crc32.c b/src/hash/ntapi_tt_crc32.c new file mode 100644 index 0000000..7ce25d3 --- /dev/null +++ b/src/hash/ntapi_tt_crc32.c @@ -0,0 +1,50 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include + +static const uint32_t crc32_table[256] = NTAPI_CRC32_TABLE; + +uint32_t __ntapi_tt_buffer_crc32( + uint32_t prev_hash, + const void * buffer, + size_t size) +{ + unsigned char * ch; + uint32_t crc32; + + crc32 = prev_hash ^ 0xFFFFFFFF; + ch = (unsigned char *)buffer; + + for (; size; size--,ch++) + crc32 = (crc32 >> 8) ^ crc32_table[(crc32 ^ *ch) & 0xFF]; + + return (crc32 ^ 0xFFFFFFFF); +} + + +uint32_t __cdecl __ntapi_tt_mbstr_crc32(const void * str) +{ + uint32_t crc32; + unsigned char * ch; + + crc32 = 0 ^ 0xFFFFFFFF; + ch = (unsigned char *)str; + + while (*ch) { + crc32 = (crc32 >> 8) ^ crc32_table[(crc32 ^ *ch) & 0xFF]; + ch++; + } + + return (crc32 ^ 0xFFFFFFFF); +} + + +const uint32_t * __cdecl __ntapi_tt_crc32_table(void) +{ + return crc32_table; +} diff --git a/src/hash/ntapi_tt_populate_hashed_import_table.c b/src/hash/ntapi_tt_populate_hashed_import_table.c new file mode 100644 index 0000000..a36ed2f --- /dev/null +++ b/src/hash/ntapi_tt_populate_hashed_import_table.c @@ -0,0 +1,95 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include +#include "ntapi_impl.h" + +struct callback_ctx { + void * import_table; + ntapi_hashed_symbol * hash_table; + uint32_t hash_table_array_size; +}; + + +static int __process_exported_symbol( + const void * base, + struct pe_export_hdr * exp_hdr, + struct pe_export_sym * exp_item, + enum pe_callback_reason reason, + void * context) +{ + uint32_t hash_value; + struct callback_ctx * ctx; + ntapi_hashed_symbol * hashed_symbol; + uintptr_t * fnptr; + + /* binary search variables */ + uint32_t lower; + uint32_t upper; + uint32_t idx; + + if (reason != PE_CALLBACK_REASON_ITEM) + return 1; + + ctx = (struct callback_ctx *)context; + hash_value = __ntapi_tt_mbstr_crc32(exp_item->name); + + /* zero-based array, binary search, idx < upper is guaranteed */ + lower = 0; + upper = ctx->hash_table_array_size; + + /* binary search */ + while (lower < upper) { + idx = (lower + upper) / 2; + hashed_symbol = (ntapi_hashed_symbol *) + ((uintptr_t)ctx->hash_table + + idx * sizeof(ntapi_hashed_symbol)); + + if (hash_value == hashed_symbol->crc32_hash) { + fnptr = (uintptr_t *)( + (uintptr_t)ctx->import_table + + (sizeof(uintptr_t) + * hashed_symbol->ordinal)); + *fnptr = (uintptr_t)exp_item->addr; + return 1; + } + + else { + if (hash_value > hashed_symbol->crc32_hash) + lower = idx + 1; + else + upper = idx; + } + } + + return 1; +} + +int32_t __cdecl __ntapi_tt_populate_hashed_import_table( + __in void * image_base, + __in void * import_table, + __in ntapi_hashed_symbol * hash_table, + __in uint32_t hash_table_array_size) +{ + struct pe_export_sym exp_item; + struct callback_ctx ctx; + + ctx.import_table = import_table; + ctx.hash_table = hash_table; + ctx.hash_table_array_size = hash_table_array_size; + + pe_enum_image_exports( + image_base, + &__process_exported_symbol, + &exp_item, + &ctx); + + return 0; +} diff --git a/src/internal/ntapi.c b/src/internal/ntapi.c new file mode 100644 index 0000000..2340c47 --- /dev/null +++ b/src/internal/ntapi.c @@ -0,0 +1,411 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "ntapi_impl.h" +#include "ntapi_hash_table.h" + +/* simplified once mechanism for free-standing applications */ +typedef int32_t __fastcall __ntapi_init_fn(ntapi_vtbl ** pvtbl); + +static __ntapi_init_fn __ntapi_init_once; +static __ntapi_init_fn __ntapi_init_pending; +static __ntapi_init_fn __ntapi_init_completed; + +static intptr_t __ntapi_init_idx = 0; +static __ntapi_init_fn * __ntapi_init_vtbl[3] = { + __ntapi_init_once, + __ntapi_init_pending, + __ntapi_init_completed}; + +/* accessor */ +ntapi_vtbl ___ntapi = {0}; +ntapi_vtbl ___ntapi_shadow = {0}; + +/* .bss */ +static __ntapi_img_sec_bss __ntapi_img_bss; + +/* .rdata */ +static union __ntapi_img_rdata __ntapi_rdata = {{ + {__NTAPI_HASH_TABLE}, /* __ntapi_import_table */ + 0, /* __ntapi */ + {{0}}, /* __session_name */ + 0}}; /* __internals */ + +#define internals __ntapi_rdata.img_sec_data.__internals +#define import_table __ntapi_rdata.img_sec_data.__ntapi_import_table + + +static int32_t __fastcall __ntapi_init_once(ntapi_vtbl ** pvtbl) +{ + int32_t status; + void * hntdll; + size_t block_size; + ntapi_zw_allocate_virtual_memory * pfn_zw_allocate_virtual_memory; + char fname_allocate_virtual_memory[] = + "ZwAllocateVirtualMemory"; + /* once */ + at_locked_inc(&__ntapi_init_idx); + + /* pvtbl */ + if (!(pvtbl)) + return NT_STATUS_INVALID_PARAMETER; + else + *pvtbl = (ntapi_vtbl *)0; + + /* ntdll */ + if (!(hntdll = pe_get_ntdll_module_handle())) + return NT_STATUS_DLL_INIT_FAILED; + + pfn_zw_allocate_virtual_memory = (ntapi_zw_allocate_virtual_memory *) + pe_get_procedure_address( + hntdll, + fname_allocate_virtual_memory); + + if (!pfn_zw_allocate_virtual_memory) + return NT_STATUS_DLL_INIT_FAILED; + + /* ntapi_internals: alloc */ + block_size = sizeof(ntapi_internals); + status = pfn_zw_allocate_virtual_memory( + NT_CURRENT_PROCESS_HANDLE, + (void **)&internals, + 0, + &block_size, + NT_MEM_COMMIT, + NT_PAGE_READWRITE); + + if (status != NT_STATUS_SUCCESS) + return status; + + /* hashed import table */ + __ntapi_tt_populate_hashed_import_table( + pe_get_ntdll_module_handle(), + __ntapi, + import_table, + __NT_IMPORTED_SYMBOLS_ARRAY_SIZE); + + /* alternate implementation */ + __ntapi->rtl_init_unicode_string = __ntapi_tt_init_unicode_string_from_utf16; + + /* extension functions */ + /* nt_object.h */ + __ntapi->tt_create_keyed_object_directory = __ntapi_tt_create_keyed_object_directory; + __ntapi->tt_open_keyed_object_directory = __ntapi_tt_open_keyed_object_directory; + __ntapi->tt_create_keyed_object_directory_entry = __ntapi_tt_create_keyed_object_directory_entry; + + /* nt_crc32.h */ + __ntapi->tt_buffer_crc32 = __ntapi_tt_buffer_crc32; + __ntapi->tt_mbstr_crc32 = __ntapi_tt_mbstr_crc32; + __ntapi->tt_crc32_table = __ntapi_tt_crc32_table; + + /* nt_file.h */ + __ntapi->tt_get_file_handle_type = __ntapi_tt_get_file_handle_type; + __ntapi->tt_open_logical_parent_directory = __ntapi_tt_open_logical_parent_directory; + __ntapi->tt_open_physical_parent_directory = __ntapi_tt_open_physical_parent_directory; + + /* nt_ldr.h */ + __ntapi->ldr_load_system_dll = __ntapi_ldr_load_system_dll; + __ntapi->ldr_create_state_snapshot = __ntapi_ldr_create_state_snapshot; + __ntapi->ldr_revert_state_to_snapshot = __ntapi_ldr_revert_state_to_snapshot; + + /* nt_string.h */ + __ntapi->tt_string_null_offset_multibyte = __ntapi_tt_string_null_offset_multibyte; + __ntapi->tt_string_null_offset_short = __ntapi_tt_string_null_offset_short; + __ntapi->tt_string_null_offset_dword = __ntapi_tt_string_null_offset_dword; + __ntapi->tt_string_null_offset_qword = __ntapi_tt_string_null_offset_qword; + __ntapi->tt_string_null_offset_ptrsize = __ntapi_tt_string_null_offset_ptrsize; + __ntapi->strlen = __ntapi_tt_string_null_offset_multibyte; + __ntapi->wcslen = __ntapi_wcslen; + __ntapi->tt_aligned_block_memset = __ntapi_tt_aligned_block_memset; + __ntapi->tt_aligned_block_memcpy = __ntapi_tt_aligned_block_memcpy; + __ntapi->tt_memcpy_utf16 = __ntapi_tt_memcpy_utf16; + __ntapi->tt_aligned_memcpy_utf16 = __ntapi_tt_aligned_memcpy_utf16; + __ntapi->tt_generic_memset = __ntapi_tt_generic_memset; + __ntapi->tt_generic_memcpy = __ntapi_tt_generic_memcpy; + __ntapi->tt_uint16_to_hex_utf16 = __ntapi_tt_uint16_to_hex_utf16; + __ntapi->tt_uint32_to_hex_utf16 = __ntapi_tt_uint32_to_hex_utf16; + __ntapi->tt_uint64_to_hex_utf16 = __ntapi_tt_uint64_to_hex_utf16; + __ntapi->tt_uintptr_to_hex_utf16 = __ntapi_tt_uintptr_to_hex_utf16; + __ntapi->tt_hex_utf16_to_uint16 = __ntapi_tt_hex_utf16_to_uint16; + __ntapi->tt_hex_utf16_to_uint32 = __ntapi_tt_hex_utf16_to_uint32; + __ntapi->tt_hex_utf16_to_uint64 = __ntapi_tt_hex_utf16_to_uint64; + __ntapi->tt_hex_utf16_to_uintptr = __ntapi_tt_hex_utf16_to_uintptr; + __ntapi->tt_init_unicode_string_from_utf16 = __ntapi_tt_init_unicode_string_from_utf16; + __ntapi->tt_uint16_to_hex_utf8 = __ntapi_tt_uint16_to_hex_utf8; + __ntapi->tt_uint32_to_hex_utf8 = __ntapi_tt_uint32_to_hex_utf8; + __ntapi->tt_uint64_to_hex_utf8 = __ntapi_tt_uint64_to_hex_utf8; + __ntapi->tt_uintptr_to_hex_utf8 = __ntapi_tt_uintptr_to_hex_utf8; + + /* nt_guid.h */ + __ntapi->tt_guid_copy = __ntapi_tt_guid_copy; + __ntapi->tt_guid_compare = __ntapi_tt_guid_compare; + __ntapi->tt_guid_to_utf16_string = __ntapi_tt_guid_to_utf16_string; + __ntapi->tt_utf16_string_to_guid = __ntapi_tt_utf16_string_to_guid; + + /* nt_sysinfo.h */ + __ntapi->tt_get_system_directory_native_path = __ntapi_tt_get_system_directory_native_path; + __ntapi->tt_get_system_directory_dos_path = __ntapi_tt_get_system_directory_dos_path; + __ntapi->tt_get_system_directory_handle = __ntapi_tt_get_system_directory_handle; + __ntapi->tt_get_system_info_snapshot = __ntapi_tt_get_system_info_snapshot; + + /* nt_thread.h */ + __ntapi->tt_create_local_thread = __ntapi_tt_create_local_thread; + __ntapi->tt_create_remote_thread = __ntapi_tt_create_remote_thread; + __ntapi->tt_create_thread = __ntapi_tt_create_thread; + + /* nt_process.h */ + __ntapi->tt_create_remote_process_params = __ntapi_tt_create_remote_process_params; + __ntapi->tt_get_runtime_data = __ntapi_tt_get_runtime_data; + __ntapi->tt_init_runtime_data = __ntapi_tt_init_runtime_data; + __ntapi->tt_update_runtime_data = __ntapi_tt_update_runtime_data; + __ntapi->tt_exec_map_image_as_data = __ntapi_tt_exec_map_image_as_data; + __ntapi->tt_exec_unmap_image = __ntapi_tt_exec_unmap_image; + + /* nt_section.h */ + __ntapi->tt_get_section_name = __ntapi_tt_get_section_name; + + /* nt_sync.h */ + __ntapi->tt_create_inheritable_event = __ntapi_tt_create_inheritable_event; + __ntapi->tt_create_private_event = __ntapi_tt_create_private_event; + __ntapi->tt_wait_for_dummy_event = __ntapi_tt_wait_for_dummy_event; + __ntapi->tt_sync_block_init = __ntapi_tt_sync_block_init; + __ntapi->tt_sync_block_lock = __ntapi_tt_sync_block_lock; + __ntapi->tt_sync_block_server_lock = __ntapi_tt_sync_block_server_lock; + __ntapi->tt_sync_block_unlock = __ntapi_tt_sync_block_unlock; + __ntapi->tt_sync_block_invalidate = __ntapi_tt_sync_block_invalidate; + + /* nt_port.h */ + __ntapi->csr_port_handle = __ntapi_csr_port_handle; + __ntapi->tt_port_guid_from_type = __ntapi_tt_port_guid_from_type; + __ntapi->tt_port_type_from_guid = __ntapi_tt_port_type_from_guid; + __ntapi->tt_port_generate_keys = __ntapi_tt_port_generate_keys; + __ntapi->tt_port_format_keys = __ntapi_tt_port_format_keys; + __ntapi->tt_port_name_from_attributes = __ntapi_tt_port_name_from_attributes; + + /* nt_argv.h */ + __ntapi->tt_get_cmd_line_utf16 = __ntapi_tt_get_cmd_line_utf16; + __ntapi->tt_get_peb_env_block_utf16 = __ntapi_tt_get_peb_env_block_utf16; + __ntapi->tt_parse_cmd_line_args_utf16 = __ntapi_tt_parse_cmd_line_args_utf16; + __ntapi->tt_get_argv_envp_utf8 = __ntapi_tt_get_argv_envp_utf8; + __ntapi->tt_get_argv_envp_utf16 = __ntapi_tt_get_argv_envp_utf16; + __ntapi->tt_get_env_var_meta_utf16 = __ntapi_tt_get_env_var_meta_utf16; + __ntapi->tt_get_short_option_meta_utf16 = __ntapi_tt_get_short_option_meta_utf16; + __ntapi->tt_get_long_option_meta_utf16 = __ntapi_tt_get_long_option_meta_utf16; + __ntapi->tt_array_copy_utf16 = __ntapi_tt_array_copy_utf16; + __ntapi->tt_array_copy_utf8 = __ntapi_tt_array_copy_utf8; + __ntapi->tt_array_convert_utf8_to_utf16 = __ntapi_tt_array_convert_utf8_to_utf16; + __ntapi->tt_array_convert_utf16_to_utf8 = __ntapi_tt_array_convert_utf16_to_utf8; + + /* nt_blitter.h */ + __ntapi->blt_alloc = __ntapi_blt_alloc; + __ntapi->blt_free = __ntapi_blt_free; + __ntapi->blt_acquire = __ntapi_blt_acquire; + __ntapi->blt_obtain = __ntapi_blt_obtain; + __ntapi->blt_possess = __ntapi_blt_possess; + __ntapi->blt_release = __ntapi_blt_release; + __ntapi->blt_get = __ntapi_blt_get; + __ntapi->blt_set = __ntapi_blt_set; + + /* nt_unicode.h */ + __ntapi->uc_validate_unicode_stream_utf8 = __ntapi_uc_validate_unicode_stream_utf8; + __ntapi->uc_validate_unicode_stream_utf16 = __ntapi_uc_validate_unicode_stream_utf16; + __ntapi->uc_get_code_point_byte_count_utf8 = __ntapi_uc_get_code_point_byte_count_utf8; + __ntapi->uc_get_code_point_byte_count_utf16 = __ntapi_uc_get_code_point_byte_count_utf16; + __ntapi->uc_convert_unicode_stream_utf8_to_utf16 = __ntapi_uc_convert_unicode_stream_utf8_to_utf16; + __ntapi->uc_convert_unicode_stream_utf8_to_utf32 = __ntapi_uc_convert_unicode_stream_utf8_to_utf32; + __ntapi->uc_convert_unicode_stream_utf16_to_utf8 = __ntapi_uc_convert_unicode_stream_utf16_to_utf8; + __ntapi->uc_convert_unicode_stream_utf16_to_utf32 = __ntapi_uc_convert_unicode_stream_utf16_to_utf32; + + /* nt_daemon.h */ + __ntapi->dsr_init = __ntapi_dsr_init; + __ntapi->dsr_start = __ntapi_dsr_start; + __ntapi->dsr_create_port = __ntapi_dsr_create_port; + __ntapi->dsr_connect_internal_client = __ntapi_dsr_connect_internal_client; + __ntapi->dsr_internal_client_connect = __ntapi_dsr_internal_client_connect; + + /* nt_vfd.h */ + __ntapi->vfd_dev_name_init = __ntapi_vfd_dev_name_init; + + /* nt_tty.h */ + __ntapi->tty_create_session = __ntapi_tty_create_session; + __ntapi->tty_join_session = __ntapi_tty_join_session; + __ntapi->tty_connect = __ntapi_tty_connect; + __ntapi->tty_client_session_query = __ntapi_tty_client_session_query; + __ntapi->tty_client_session_set = __ntapi_tty_client_session_set; + __ntapi->tty_client_process_register = __ntapi_tty_client_process_register; + __ntapi->tty_query_information_server = __ntapi_tty_query_information_server; + __ntapi->tty_request_peer = __ntapi_tty_request_peer; + __ntapi->tty_vms_query = __ntapi_tty_vms_query; + __ntapi->tty_vms_request = __ntapi_tty_vms_request; + __ntapi->pty_open = __ntapi_pty_open; + __ntapi->pty_reopen = __ntapi_pty_reopen; + __ntapi->pty_close = __ntapi_pty_close; + __ntapi->pty_read = __ntapi_pty_read; + __ntapi->pty_write = __ntapi_pty_write; + __ntapi->pty_ioctl = __ntapi_pty_ioctl; + __ntapi->pty_query = __ntapi_pty_query; + __ntapi->pty_set = __ntapi_pty_set; + __ntapi->pty_cancel = __ntapi_pty_cancel; + + /* nt_socket.h */ + __ntapi->sc_listen = __ntapi_sc_listen; + __ntapi->sc_accept = __ntapi_sc_accept; + __ntapi->sc_send = __ntapi_sc_send; + __ntapi->sc_recv = __ntapi_sc_recv; + __ntapi->sc_shutdown = __ntapi_sc_shutdown; + __ntapi->sc_server_duplicate_socket = __ntapi_sc_server_duplicate_socket; + __ntapi->sc_wait = __ntapi_sc_wait; + + /* nt_mount.h */ + __ntapi->tt_get_dos_drive_device_handle = __ntapi_tt_get_dos_drive_device_handle; + __ntapi->tt_get_dos_drive_root_handle = __ntapi_tt_get_dos_drive_root_handle; + __ntapi->tt_get_dos_drive_device_name = __ntapi_tt_get_dos_drive_device_name; + __ntapi->tt_get_dos_drive_mount_points = __ntapi_tt_get_dos_drive_mount_points; + __ntapi->tt_dev_mount_points_to_statfs = __ntapi_tt_dev_mount_points_to_statfs; + __ntapi->tt_get_dos_drive_letter_from_device = __ntapi_tt_get_dos_drive_letter_from_device; + + /* nt_istat.h */ + __ntapi->tt_istat = __ntapi_tt_istat; + __ntapi->tt_validate_fs_handle = __ntapi_tt_validate_fs_handle; + + /* nt_stat.h */ + __ntapi->tt_stat = __ntapi_tt_stat; + + /* nt_statfs.h */ + __ntapi->tt_statfs = __ntapi_tt_statfs; + + /* nt_vmount.h */ + __ntapi->vms_get_node_by_dev_name = __ntapi_vms_get_node_by_dev_name; + __ntapi->vms_get_node_by_end_component = __ntapi_vms_get_node_by_end_component; + __ntapi->vms_cache_alloc = __ntapi_vms_cache_alloc; + __ntapi->vms_cache_free = __ntapi_vms_cache_free; + __ntapi->vms_client_connect = __ntapi_vms_client_connect; + __ntapi->vms_client_disconnect = __ntapi_vms_client_disconnect; + __ntapi->vms_point_attach = __ntapi_vms_point_attach; + __ntapi->vms_point_get_handles = __ntapi_vms_point_get_handles; + __ntapi->vms_ref_count_inc = __ntapi_vms_ref_count_inc; + __ntapi->vms_ref_count_dec = __ntapi_vms_ref_count_dec; + __ntapi->vms_table_query = __ntapi_vms_table_query; + + /* nt_debug.h */ + #ifdef __DEBUG + __ntapi->dbg_write = __dbg_write; + __ntapi->dbg_fn_call = __dbg_fn_call; + __ntapi->dbg_msg = __dbg_msg; + #endif + + + /* OS version dependent functions */ + if (__ntapi->zw_create_user_process) { + __ntapi->tt_fork = __ntapi_tt_fork_v2; + __ntapi->tt_create_native_process = __ntapi_tt_create_native_process_v2; + __ntapi->ipc_create_pipe = __ntapi_ipc_create_pipe_v2; + __ntapi->sc_socket = __ntapi_sc_socket_v2; + __ntapi->sc_bind = __ntapi_sc_bind_v2; + __ntapi->sc_connect = __ntapi_sc_connect_v2; + __ntapi->sc_server_accept_connection = __ntapi_sc_server_accept_connection_v2; + __ntapi->sc_getsockname = __ntapi_sc_getsockname_v2; + } else { + __ntapi->tt_fork = __ntapi_tt_fork_v1; + __ntapi->tt_create_native_process = __ntapi_tt_create_native_process_v1; + __ntapi->ipc_create_pipe = __ntapi_ipc_create_pipe_v1; + __ntapi->sc_socket = __ntapi_sc_socket_v1; + __ntapi->sc_bind = __ntapi_sc_bind_v1; + __ntapi->sc_connect = __ntapi_sc_connect_v1; + __ntapi->sc_server_accept_connection = __ntapi_sc_server_accept_connection_v1; + __ntapi->sc_getsockname = __ntapi_sc_getsockname_v1; + } + + /* internals */ + internals->ntapi_img_sec_bss = &__ntapi_img_bss; + internals->subsystem = &__ntapi_rdata.img_sec_data.__session_name; + + internals->tt_get_csr_port_handle_addr_by_logic = __GET_CSR_PORT_HANDLE_BY_LOGIC; + internals->csr_port_handle_addr = __GET_CSR_PORT_HANDLE_BY_LOGIC(); + + /* shadow copy for client libraries */ + __ntapi->tt_aligned_block_memcpy( + (uintptr_t *)&___ntapi_shadow, + (uintptr_t *)&___ntapi, + sizeof(ntapi_vtbl)); + + /* done */ + *pvtbl = &___ntapi_shadow; + at_locked_inc(&__ntapi_init_idx); + + return NT_STATUS_SUCCESS; +} + + +static int32_t __fastcall __ntapi_init_pending(ntapi_vtbl ** pvtbl) +{ + return NT_STATUS_PENDING; +} + +static int32_t __fastcall __ntapi_init_completed(ntapi_vtbl ** pvtbl) +{ + *pvtbl = __ntapi; + return NT_STATUS_SUCCESS; +}; + + +__ntapi_api +int32_t __fastcall ntapi_init(ntapi_vtbl ** pvtbl) +{ + return __ntapi_init_vtbl[__ntapi_init_idx](pvtbl); +} + + +ntapi_internals * __cdecl __ntapi_internals(void) +{ + return internals; +} diff --git a/src/internal/ntapi_blitter.h b/src/internal/ntapi_blitter.h new file mode 100644 index 0000000..9a285d9 --- /dev/null +++ b/src/internal/ntapi_blitter.h @@ -0,0 +1,27 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#ifndef ___NTAPI_BLITTER_H_ +#define ___NTAPI_BLITTER_H_ + +#include +#include +#include + +#define __NT_BLITTER_DEFAULT_LOCK_TRIES 256 +#define __NT_BLITTER_DEFAULT_ROUND_TRIPS 64 + +typedef struct nt_blitter_context { + struct nt_blitter_context * addr; + size_t size; + uintptr_t ptrs; + nt_blitter_info info; + nt_blitter_params params; + uintptr_t * bitmap; + uintptr_t bits[]; +} nt_blitter; + +#endif diff --git a/src/internal/ntapi_context.h b/src/internal/ntapi_context.h new file mode 100644 index 0000000..4020158 --- /dev/null +++ b/src/internal/ntapi_context.h @@ -0,0 +1,55 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#ifndef ___NTAPI_CONTEXT_H_ +#define ___NTAPI_CONTEXT_H_ + +#if defined(__X86_MODEL) + /* csr port handle */ + #define __GET_CSR_PORT_HANDLE_BY_LOGIC __ntapi_tt_get_csr_port_handle_addr_by_logic_i386 + + /* register names */ + #define STACK_POINTER_REGISTER uc_esp + #define INSTRUCTION_POINTER_REGISTER uc_eip + #define FAST_CALL_ARG0 uc_ecx + #define FAST_CALL_ARG1 uc_edx + + /* thread context initialization */ + #define __INIT_CONTEXT(context) \ + context.uc_context_flags = NT_CONTEXT_JUST_EVERYTHING; \ + context.uc_seg_gs = 0x00; \ + context.uc_seg_fs = 0x3b; \ + context.uc_seg_es = 0x23; \ + context.uc_seg_ds = 0x23; \ + context.uc_seg_ss = 0x23; \ + context.uc_seg_cs = 0x1b; \ + context.uc_eflags = 0x200 + +#elif defined (__X86_64_MODEL) + /* csr port handle */ + #define __GET_CSR_PORT_HANDLE_BY_LOGIC __ntapi_tt_get_csr_port_handle_addr_by_logic_x86_64 + + /* register names */ + #define STACK_POINTER_REGISTER uc_rsp + #define INSTRUCTION_POINTER_REGISTER uc_rip + #define FAST_CALL_ARG0 uc_rcx + #define FAST_CALL_ARG1 uc_rdx + + /* thread context initialization */ + #define __INIT_CONTEXT(context) \ + context.uc_context_flags= NT_CONTEXT_JUST_EVERYTHING; \ + context.uc_seg_cs = 0x33; \ + context.uc_seg_ds = 0x2b; \ + context.uc_seg_es = 0x2b; \ + context.uc_seg_fs = 0x53; \ + context.uc_seg_gs = 0x2b; \ + context.uc_seg_ss = 0x2b; \ + context.uc_eflags = 0x200; \ + context.uc_mx_csr = 0x1f80 + +#endif + +#endif diff --git a/src/internal/ntapi_debug.c b/src/internal/ntapi_debug.c new file mode 100644 index 0000000..cb56c64 --- /dev/null +++ b/src/internal/ntapi_debug.c @@ -0,0 +1,170 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#ifdef __DEBUG + +#include +#include +#include +#include "ntapi_impl.h" + +char dbg_buf[0x1000]; + +ssize_t __cdecl __dbg_write( + __in void * hfile, + __in const void * buf, + __in size_t bytes) +{ + nt_iosb iosb; + int32_t status; + + status = __ntapi->zw_write_file( + hfile, + (void *)0, + (nt_io_apc_routine *)0, + (void *)0, + &iosb, + (void *)buf, + (uint32_t)bytes, + (nt_large_integer *)0, + (uint32_t *)0); + + if (status == NT_STATUS_SUCCESS) + return iosb.info; + else + return -1; +} + + +int32_t __cdecl __dbg_fn_call( + __in void * hfile __optional, + __in char * fn_caller_name, + __in void * fn_callee_addr, + __in uintptr_t fn_ret, + __in ntapi_dbg_write* pfn_dbg_write __optional, + __in char * source __optional, + __in int line __optional) +{ + struct pe_ldr_tbl_entry * image_meta; + void * image_base; + char * fn_name; + size_t bytes; + char dbg_buf[256]; + + if (!pfn_dbg_write) + pfn_dbg_write = __dbg_write; + + image_meta = pe_get_symbol_module_info(fn_callee_addr); + fn_name = (char *)0; + + if (image_meta) + image_base = image_meta->dll_base; + else + image_base = (void *)0; + + + if (image_base) + fn_name = pe_get_symbol_name( + image_base, + fn_callee_addr); + + if (!fn_name) + fn_name = pe_get_import_symbol_info( + fn_callee_addr, + (void **)0, + (char **)0, + &image_meta); + + if (source && fn_name) + bytes = __ntapi->sprintf( + dbg_buf, + "%s: (%s:%d):\n" + "--> %s returned 0x%08x\n\n", + fn_caller_name, source, line, fn_name, fn_ret); + else if (fn_name) + bytes = __ntapi->sprintf( + dbg_buf, + "%s: %s returned 0x%08x\n\n", + fn_caller_name, fn_name, fn_ret); + else if (source) + bytes = __ntapi->sprintf( + dbg_buf, + "%s: (%s:%d):\n" + "--> calling 0x%08x returned 0x%08x\n\n", + fn_caller_name, source, line, fn_callee_addr, fn_ret); + else + bytes = __ntapi->sprintf( + dbg_buf, + "%s: calling 0x%08x returned 0x%08x\n\n", + fn_caller_name, fn_callee_addr, fn_ret); + + if (bytes) { + bytes = __ntapi->strlen(dbg_buf); + + if (bytes == pfn_dbg_write(hfile,dbg_buf,bytes)) + return NT_STATUS_SUCCESS; + else + return NT_STATUS_UNSUCCESSFUL; + } else + return NT_STATUS_UNSUCCESSFUL; +} + + +int32_t __cdecl __dbg_msg( + __in void * hfile __optional, + __in char * source __optional, + __in int line __optional, + __in char * fn_caller_name, + __in char * fmt, + __in uintptr_t arg1, + __in uintptr_t arg2, + __in uintptr_t arg3, + __in uintptr_t arg4, + __in uintptr_t arg5, + __in uintptr_t arg6, + __in ntapi_dbg_write* pfn_dbg_write __optional) +{ + char * buffer; + size_t bytes; + + if (!pfn_dbg_write) + pfn_dbg_write = __dbg_write; + + bytes = 0; + buffer = dbg_buf; + + if (source) + bytes = __ntapi->sprintf( + buffer, + "%s: (%s:%d):\n--> ", + fn_caller_name,source,line); + else if (fn_caller_name) + bytes = __ntapi->sprintf( + buffer, + "%s: ", + fn_caller_name); + else + dbg_buf[0] = '\0'; + + if (bytes >= 0) + buffer += __ntapi->strlen(dbg_buf); + else + return NT_STATUS_UNSUCCESSFUL; + + bytes = __ntapi->sprintf(buffer,fmt,arg1,arg2,arg3,arg4,arg5,arg6); + + if (bytes) { + bytes = __ntapi->strlen(dbg_buf); + + if (bytes == pfn_dbg_write(hfile,dbg_buf,bytes)) + return NT_STATUS_SUCCESS; + else + return NT_STATUS_UNSUCCESSFUL; + } else + return NT_STATUS_UNSUCCESSFUL; +} + +#endif diff --git a/src/internal/ntapi_fnapi.h b/src/internal/ntapi_fnapi.h new file mode 100644 index 0000000..4474334 --- /dev/null +++ b/src/internal/ntapi_fnapi.h @@ -0,0 +1,262 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#ifndef ___NTAPI_FNAPI_H_ +#define ___NTAPI_FNAPI_H_ + +#include +#include +#include "ntapi_hash_table.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/* internal prototypes */ +typedef int32_t __stdcall ntapi_tt_create_remote_runtime_data( + __in void * hprocess, + __in_out nt_runtime_data_block * runtime_data); + +typedef void ** __cdecl ntapi_tt_get_csr_port_handle_addr_by_logic(void); + +/* nt_object.h */ +ntapi_tt_create_keyed_object_directory __ntapi_tt_create_keyed_object_directory; +ntapi_tt_open_keyed_object_directory __ntapi_tt_open_keyed_object_directory; +ntapi_tt_create_keyed_object_directory_entry __ntapi_tt_create_keyed_object_directory_entry; + +/* nt_crc32.h */ +ntapi_tt_buffer_crc32 __ntapi_tt_buffer_crc32; +ntapi_tt_mbstr_crc32 __ntapi_tt_mbstr_crc32; +ntapi_tt_crc32_table __ntapi_tt_crc32_table; + +/* nt_file.h */ +ntapi_tt_get_file_handle_type __ntapi_tt_get_file_handle_type; +ntapi_tt_open_logical_parent_directory __ntapi_tt_open_logical_parent_directory; +ntapi_tt_open_physical_parent_directory __ntapi_tt_open_physical_parent_directory; + + +/* nt_ipc.h */ +ntapi_ipc_create_pipe __ntapi_ipc_create_pipe_v1; +ntapi_ipc_create_pipe __ntapi_ipc_create_pipe_v2; + +/* nt_ldr */ +ntapi_ldr_load_system_dll __ntapi_ldr_load_system_dll; +ntapi_ldr_create_state_snapshot __ntapi_ldr_create_state_snapshot; +ntapi_ldr_revert_state_to_snapshot __ntapi_ldr_revert_state_to_snapshot; + +/* nt_string.h */ +ntapi_tt_string_null_offset_multibyte __ntapi_tt_string_null_offset_multibyte; +ntapi_tt_string_null_offset_short __ntapi_tt_string_null_offset_short; +ntapi_tt_string_null_offset_dword __ntapi_tt_string_null_offset_dword; +ntapi_tt_string_null_offset_qword __ntapi_tt_string_null_offset_qword; +ntapi_tt_string_null_offset_ptrsize __ntapi_tt_string_null_offset_ptrsize; +ntapi_wcslen __ntapi_wcslen; +ntapi_tt_aligned_block_memset __ntapi_tt_aligned_block_memset; +ntapi_tt_aligned_block_memcpy __ntapi_tt_aligned_block_memcpy; +ntapi_tt_init_unicode_string_from_utf16 __ntapi_tt_init_unicode_string_from_utf16; +ntapi_tt_memcpy_utf16 __ntapi_tt_memcpy_utf16; +ntapi_tt_aligned_memcpy_utf16 __ntapi_tt_aligned_memcpy_utf16; +ntapi_tt_generic_memset __ntapi_tt_generic_memset; +ntapi_tt_generic_memcpy __ntapi_tt_generic_memcpy; +ntapi_tt_uint16_to_hex_utf16 __ntapi_tt_uint16_to_hex_utf16; +ntapi_tt_uint32_to_hex_utf16 __ntapi_tt_uint32_to_hex_utf16; +ntapi_tt_uint64_to_hex_utf16 __ntapi_tt_uint64_to_hex_utf16; +ntapi_tt_uintptr_to_hex_utf16 __ntapi_tt_uintptr_to_hex_utf16; +ntapi_tt_hex_utf16_to_uint16 __ntapi_tt_hex_utf16_to_uint16; +ntapi_tt_hex_utf16_to_uint32 __ntapi_tt_hex_utf16_to_uint32; +ntapi_tt_hex_utf16_to_uint64 __ntapi_tt_hex_utf16_to_uint64; +ntapi_tt_hex_utf16_to_uintptr __ntapi_tt_hex_utf16_to_uintptr; +ntapi_tt_uint16_to_hex_utf8 __ntapi_tt_uint16_to_hex_utf8; +ntapi_tt_uint32_to_hex_utf8 __ntapi_tt_uint32_to_hex_utf8; +ntapi_tt_uint64_to_hex_utf8 __ntapi_tt_uint64_to_hex_utf8; +ntapi_tt_uintptr_to_hex_utf8 __ntapi_tt_uintptr_to_hex_utf8; + +/* nt_guid.h */ +ntapi_tt_guid_to_utf16_string __ntapi_tt_guid_to_utf16_string; +ntapi_tt_utf16_string_to_guid __ntapi_tt_utf16_string_to_guid; + +/* nt_sysinfo.h */ +ntapi_tt_get_system_directory_native_path __ntapi_tt_get_system_directory_native_path; +ntapi_tt_get_system_directory_dos_path __ntapi_tt_get_system_directory_dos_path; +ntapi_tt_get_system_directory_handle __ntapi_tt_get_system_directory_handle; +ntapi_tt_get_system_info_snapshot __ntapi_tt_get_system_info_snapshot; + +/* nt_thread.h */ +ntapi_tt_create_thread __ntapi_tt_create_thread; +ntapi_tt_create_local_thread __ntapi_tt_create_local_thread; +ntapi_tt_create_remote_thread __ntapi_tt_create_remote_thread; + +/* nt_process.h */ +ntapi_tt_fork __ntapi_tt_fork_v1; +ntapi_tt_fork __ntapi_tt_fork_v2; +ntapi_tt_create_remote_process_params __ntapi_tt_create_remote_process_params; +ntapi_tt_create_remote_runtime_data __ntapi_tt_create_remote_runtime_data; +ntapi_tt_create_native_process __ntapi_tt_create_native_process_v1; +ntapi_tt_create_native_process __ntapi_tt_create_native_process_v2; +ntapi_tt_get_runtime_data __ntapi_tt_get_runtime_data; +ntapi_tt_init_runtime_data __ntapi_tt_init_runtime_data; +ntapi_tt_update_runtime_data __ntapi_tt_update_runtime_data; +ntapi_tt_exec_map_image_as_data __ntapi_tt_exec_map_image_as_data; +ntapi_tt_exec_unmap_image __ntapi_tt_exec_unmap_image; + +/* nt_section.h */ +ntapi_tt_get_section_name __ntapi_tt_get_section_name; + +/* nt_sync.h */ +ntapi_tt_create_inheritable_event __ntapi_tt_create_inheritable_event; +ntapi_tt_create_private_event __ntapi_tt_create_private_event; +ntapi_tt_wait_for_dummy_event __ntapi_tt_wait_for_dummy_event; +ntapi_tt_sync_block_init __ntapi_tt_sync_block_init; +ntapi_tt_sync_block_lock __ntapi_tt_sync_block_lock; +ntapi_tt_sync_block_server_lock __ntapi_tt_sync_block_server_lock; +ntapi_tt_sync_block_unlock __ntapi_tt_sync_block_unlock; +ntapi_tt_sync_block_invalidate __ntapi_tt_sync_block_invalidate; + +/* nt_port.h */ +ntapi_tt_port_guid_from_type __ntapi_tt_port_guid_from_type; +ntapi_tt_port_type_from_guid __ntapi_tt_port_type_from_guid; +ntapi_tt_port_generate_keys __ntapi_tt_port_generate_keys; +ntapi_tt_port_format_keys __ntapi_tt_port_format_keys; +ntapi_tt_port_name_from_attributes __ntapi_tt_port_name_from_attributes; + +/* nt_argv.h */ +ntapi_tt_get_cmd_line_utf16 __ntapi_tt_get_cmd_line_utf16; +ntapi_tt_get_peb_env_block_utf16 __ntapi_tt_get_peb_env_block_utf16; +ntapi_tt_parse_cmd_line_args_utf16 __ntapi_tt_parse_cmd_line_args_utf16; +ntapi_tt_get_argv_envp_utf8 __ntapi_tt_get_argv_envp_utf8; +ntapi_tt_get_argv_envp_utf16 __ntapi_tt_get_argv_envp_utf16; +ntapi_tt_get_env_var_meta_utf16 __ntapi_tt_get_env_var_meta_utf16; +ntapi_tt_get_short_option_meta_utf16 __ntapi_tt_get_short_option_meta_utf16; +ntapi_tt_get_long_option_meta_utf16 __ntapi_tt_get_long_option_meta_utf16; +ntapi_tt_array_copy_utf8 __ntapi_tt_array_copy_utf8; +ntapi_tt_array_copy_utf16 __ntapi_tt_array_copy_utf16; +ntapi_tt_array_convert_utf8_to_utf16 __ntapi_tt_array_convert_utf8_to_utf16; +ntapi_tt_array_convert_utf16_to_utf8 __ntapi_tt_array_convert_utf16_to_utf8; + +/* nt_blitter.h */ +ntapi_blt_alloc __ntapi_blt_alloc; +ntapi_blt_free __ntapi_blt_free; +ntapi_blt_acquire __ntapi_blt_acquire; +ntapi_blt_obtain __ntapi_blt_obtain; +ntapi_blt_possess __ntapi_blt_possess; +ntapi_blt_release __ntapi_blt_release; +ntapi_blt_get __ntapi_blt_get; +ntapi_blt_set __ntapi_blt_set; + +/* nt_unicode.h */ +ntapi_uc_validate_unicode_stream_utf8 __ntapi_uc_validate_unicode_stream_utf8; +ntapi_uc_validate_unicode_stream_utf16 __ntapi_uc_validate_unicode_stream_utf16; +ntapi_uc_get_code_point_byte_count_utf8 __ntapi_uc_get_code_point_byte_count_utf8; +ntapi_uc_get_code_point_byte_count_utf16 __ntapi_uc_get_code_point_byte_count_utf16; +ntapi_uc_convert_unicode_stream_utf8_to_utf16 __ntapi_uc_convert_unicode_stream_utf8_to_utf16; +ntapi_uc_convert_unicode_stream_utf8_to_utf32 __ntapi_uc_convert_unicode_stream_utf8_to_utf32; +ntapi_uc_convert_unicode_stream_utf16_to_utf8 __ntapi_uc_convert_unicode_stream_utf16_to_utf8; +ntapi_uc_convert_unicode_stream_utf16_to_utf32 __ntapi_uc_convert_unicode_stream_utf16_to_utf32; + + +/* nt_daemon.h */ +ntapi_dsr_init __ntapi_dsr_init; +ntapi_dsr_start __ntapi_dsr_start; +ntapi_dsr_create_port __ntapi_dsr_create_port; +ntapi_dsr_connect_internal_client __ntapi_dsr_connect_internal_client; +ntapi_dsr_internal_client_connect __ntapi_dsr_internal_client_connect; + +/* nt_vfd.h */ +ntapi_vfd_dev_name_init __ntapi_vfd_dev_name_init; + +/* nt_tty.h */ +ntapi_tty_create_session __ntapi_tty_create_session; +ntapi_tty_join_session __ntapi_tty_join_session; +ntapi_tty_connect __ntapi_tty_connect; +ntapi_tty_client_session_query __ntapi_tty_client_session_query; +ntapi_tty_client_session_set __ntapi_tty_client_session_set; +ntapi_tty_client_process_register __ntapi_tty_client_process_register; +ntapi_tty_query_information_server __ntapi_tty_query_information_server; +ntapi_tty_request_peer __ntapi_tty_request_peer; +ntapi_tty_vms_query __ntapi_tty_vms_query; +ntapi_tty_vms_request __ntapi_tty_vms_request; +ntapi_pty_open __ntapi_pty_open; +ntapi_pty_reopen __ntapi_pty_reopen; +ntapi_pty_close __ntapi_pty_close; +ntapi_pty_read __ntapi_pty_read; +ntapi_pty_write __ntapi_pty_write; +ntapi_pty_ioctl __ntapi_pty_ioctl; +ntapi_pty_query __ntapi_pty_query; +ntapi_pty_set __ntapi_pty_set; +ntapi_pty_cancel __ntapi_pty_cancel; + +/* nt_socket.h */ +ntapi_sc_socket __ntapi_sc_socket_v1; +ntapi_sc_socket __ntapi_sc_socket_v2; +ntapi_sc_bind __ntapi_sc_bind_v1; +ntapi_sc_bind __ntapi_sc_bind_v2; +ntapi_sc_connect __ntapi_sc_connect_v1; +ntapi_sc_connect __ntapi_sc_connect_v2; +ntapi_sc_getsockname __ntapi_sc_getsockname_v1; +ntapi_sc_getsockname __ntapi_sc_getsockname_v2; +ntapi_sc_server_accept_connection __ntapi_sc_server_accept_connection_v1; +ntapi_sc_server_accept_connection __ntapi_sc_server_accept_connection_v2; +ntapi_sc_server_duplicate_socket __ntapi_sc_server_duplicate_socket; +ntapi_sc_listen __ntapi_sc_listen; +ntapi_sc_accept __ntapi_sc_accept; +ntapi_sc_send __ntapi_sc_send; +ntapi_sc_recv __ntapi_sc_recv; +ntapi_sc_shutdown __ntapi_sc_shutdown; +ntapi_sc_wait __ntapi_sc_wait; + +/* nt_mount.h */ +ntapi_tt_get_dos_drive_device_handle __ntapi_tt_get_dos_drive_device_handle; +ntapi_tt_get_dos_drive_root_handle __ntapi_tt_get_dos_drive_root_handle; +ntapi_tt_get_dos_drive_device_name __ntapi_tt_get_dos_drive_device_name; +ntapi_tt_get_dos_drive_mount_points __ntapi_tt_get_dos_drive_mount_points; +ntapi_tt_dev_mount_points_to_statfs __ntapi_tt_dev_mount_points_to_statfs; +ntapi_tt_get_dos_drive_letter_from_device __ntapi_tt_get_dos_drive_letter_from_device; + +/* nt_istat.h */ +ntapi_tt_istat __ntapi_tt_istat; +ntapi_tt_validate_fs_handle __ntapi_tt_validate_fs_handle; + +/* nt_stat.h */ +ntapi_tt_stat __ntapi_tt_stat; + +/* nt_statfs.h */ +ntapi_tt_statfs __ntapi_tt_statfs; + +/* nt_vmount.h */ +ntapi_vms_get_node_by_dev_name __ntapi_vms_get_node_by_dev_name; +ntapi_vms_get_node_by_end_component __ntapi_vms_get_node_by_end_component; +ntapi_vms_cache_alloc __ntapi_vms_cache_alloc; +ntapi_vms_cache_free __ntapi_vms_cache_free; +ntapi_vms_client_connect __ntapi_vms_client_connect; +ntapi_vms_client_disconnect __ntapi_vms_client_disconnect; +ntapi_vms_point_attach __ntapi_vms_point_attach; +ntapi_vms_point_get_handles __ntapi_vms_point_get_handles; +ntapi_vms_ref_count_inc __ntapi_vms_ref_count_inc; +ntapi_vms_ref_count_dec __ntapi_vms_ref_count_dec; +ntapi_vms_table_query __ntapi_vms_table_query; + +/* nt_hashes.h */ +ntapi_tt_populate_hashed_import_table __ntapi_tt_populate_hashed_import_table; + +/* nt_guid.h */ +ntapi_tt_guid_copy __ntapi_tt_guid_copy; +ntapi_tt_guid_compare __ntapi_tt_guid_compare; +ntapi_tt_guid_to_utf16_string __ntapi_tt_guid_to_utf16_string; +ntapi_tt_utf16_string_to_guid __ntapi_tt_utf16_string_to_guid; + +/* debug */ +ntapi_dbg_write __dbg_write; +ntapi_dbg_fn_call __dbg_fn_call; +ntapi_dbg_msg __dbg_msg; + +/* csrss */ +ntapi_tt_get_csr_port_handle_addr_by_logic __GET_CSR_PORT_HANDLE_BY_LOGIC; +ntapi_csr_port_handle __ntapi_csr_port_handle; + +#ifdef __cplusplus +} +#endif +#endif diff --git a/src/internal/ntapi_hash_table.h b/src/internal/ntapi_hash_table.h new file mode 100644 index 0000000..727e4f2 --- /dev/null +++ b/src/internal/ntapi_hash_table.h @@ -0,0 +1,266 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#ifndef ___NTAPI_HASH_TABLE_H_ +#define ___NTAPI_HASH_TABLE_H_ + +#include + +#define __NTAPI_HASH_TABLE \ + {0x000f6dee, (150)}, /* CsrPortHandle */ \ + {0x00b3a87b, (30)}, /* ZwMapUserPhysicalPages */ \ + {0x011c4489, (95)}, /* ZwPulseEvent */ \ + {0x02513506, (39)}, /* ZwAreMappedFilesTheSame */ \ + {0x034a4430, (63)}, /* RtlCreateProcessParameters */ \ + {0x03bb7a3c, (187)}, /* ZwRestoreKey */ \ + {0x04e21f45, (75)}, /* ZwCreateToken */ \ + {0x04f94dc4, (190)}, /* ZwUnloadKey */ \ + {0x06125322, (216)}, /* ZwAccessCheckByTypeResultListAndAuditAlarmByHandle */ \ + {0x06b550e3, (146)}, /* ZwWriteRequestData */ \ + {0x0708114b, (50)}, /* ZwTestAlert */ \ + {0x08087626, (34)}, /* ZwOpenSection */ \ + {0x08b1918f, (45)}, /* ZwSuspendThread */ \ + {0x097e0efd, (154)}, /* ZwOpenFile */ \ + {0x0a7a10d0, (88)}, /* ZwOpenTimer */ \ + {0x0a83f5d6, (191)}, /* ZwQueryOpenSubKeys */ \ + {0x0bd77556, (218)}, /* ZwSetThreadExecutionState */ \ + {0x0c5cf449, (168)}, /* ZwQueryEaFile */ \ + {0x0d638bd2, (74)}, /* ZwSetInformationJobObject */ \ + {0x0e629eed, (102)}, /* ZwQuerySemaphore */ \ + {0x11fcbb7c, (23)}, /* ZwReadVirtualMemory */ \ + {0x124a301e, (16)}, /* ZwSetSystemEnvironmentValue */ \ + {0x12ec66eb, (227)}, /* ZwQueryDefaultLocale */ \ + {0x1742c5c9, (162)}, /* ZwWriteFileGather */ \ + {0x177157e3, (42)}, /* ZwTerminateThread */ \ + {0x1af41c1a, (22)}, /* ZwProtectVirtualMemory */ \ + {0x1c0197e6, (233)}, /* ZwAllocateUuids */ \ + {0x1c7a90a1, (5)}, /* ZwQuerySecurityObject */ \ + {0x1cf668c5, (194)}, /* ZwQueryKey */ \ + {0x2259fc62, (2)}, /* ZwDuplicateObject */ \ + {0x24e09c64, (18)}, /* ZwSystemDebugControl */ \ + {0x255bf138, (142)}, /* ZwReplyWaitReplyPort */ \ + {0x25684721, (76)}, /* ZwOpenProcessToken */ \ + {0x25d91d90, (71)}, /* ZwTerminateJobObject */ \ + {0x26e1170e, (193)}, /* ZwSetInformationKey */ \ + {0x27dd46c3, (29)}, /* ZwFreeUserPhysicalPages */ \ + {0x2812eb3c, (232)}, /* ZwAllocateLocallyUniqueId */ \ + {0x28574a3f, (77)}, /* ZwOpenThreadToken */ \ + {0x29b5ea3d, (140)}, /* ZwRequestWaitReplyPort */ \ + {0x2a6ac6fb, (26)}, /* ZwUnlockVirtualMemory */ \ + {0x2aad9aed, (83)}, /* ZwSetInformationToken */ \ + {0x2b2356f7, (52)}, /* ZwAlertResumeThread */ \ + {0x2c0f001a, (230)}, /* ZwSetDefaultUILanguage */ \ + {0x2f22b634, (96)}, /* ZwResetEvent */ \ + {0x30309daa, (170)}, /* ZwCreateNamedPipeFile */ \ + {0x3064d37b, (68)}, /* RtlQueryProcessDebugInformation */ \ + {0x30911e3f, (196)}, /* ZwNotifyChangeKey */ \ + {0x32ad44f5, (73)}, /* ZwQueryInformationJobObject */ \ + {0x33a33c40, (163)}, /* ZwLockFile */ \ + {0x357f8a82, (36)}, /* ZwExtendSection */ \ + {0x3753c2c8, (198)}, /* ZwDeleteValueKey */ \ + {0x379a6717, (93)}, /* ZwOpenEvent */ \ + {0x391b8d79, (157)}, /* ZwCancelIoFile */ \ + {0x3928a4cc, (20)}, /* ZwFreeVirtualMemory */ \ + {0x39bea937, (89)}, /* ZwCancelTimer */ \ + {0x3abffc38, (239)}, /* ZwFlushWriteBuffer */ \ + {0x3b1f8d85, (124)}, /* ZwQueryTimerResolution */ \ + {0x3d4aceeb, (248)}, /* memset */ \ + {0x3e1d331d, (44)}, /* ZwSetInformationThread */ \ + {0x3f62370b, (204)}, /* ZwPrivilegeCheck */ \ + {0x416c4024, (118)}, /* ZwSetLowWaitHighEventPair */ \ + {0x43c1745d, (92)}, /* ZwCreateEvent */ \ + {0x43d65de2, (231)}, /* ZwQueryInstallUILanguage */ \ + {0x45d7086f, (108)}, /* ZwOpenIoCompletion */ \ + {0x465977c0, (129)}, /* ZwQueryIntervalProfile */ \ + {0x47b3fd39, (8)}, /* ZwOpenDirectoryObject */ \ + {0x47dd6896, (171)}, /* ZwCreateMailslotFile */ \ + {0x49d62b40, (246)}, /* LdrLoadDll */ \ + {0x4a638203, (91)}, /* ZwQueryTimer */ \ + {0x4c51093e, (189)}, /* ZwLoadKey2 */ \ + {0x4cb0ea34, (206)}, /* ZwPrivilegedServiceAuditAlarm */ \ + {0x4cc741f4, (222)}, /* ZwPowerInformation */ \ + {0x4d0aa736, (207)}, /* ZwAccessCheck */ \ + {0x4d361035, (181)}, /* ZwCreateKey */ \ + {0x4de0faef, (10)}, /* ZwCreateSymbolicLinkObject */ \ + {0x4e049b9b, (72)}, /* ZwAssignProcessToJobObject */ \ + {0x4ed4c833, (0)}, /* ZwQueryObject */ \ + {0x4efff89a, (166)}, /* ZwFsControlFile */ \ + {0x4fe5a956, (49)}, /* ZwQueueApcThread */ \ + {0x50f7777d, (84)}, /* ZwWaitForSingleObject */ \ + {0x513877ab, (61)}, /* ZwSetInformationProcess */ \ + {0x51d5c98d, (137)}, /* ZwAcceptConnectPort */ \ + {0x51ddffce, (242)}, /* ZwDisplayString */ \ + {0x51fbe1c4, (165)}, /* ZwDeviceIoControlFile */ \ + {0x52334a05, (213)}, /* ZwDeleteObjectAuditAlarm */ \ + {0x5288a7cf, (46)}, /* ZwResumeThread */ \ + {0x54a89e87, (131)}, /* ZwStopProfile */ \ + {0x56ada303, (185)}, /* ZwSaveKey */ \ + {0x57dd87c6, (114)}, /* ZwWaitLowEventPair */ \ + {0x5879157d, (241)}, /* ZwSetDefaultHardErrorPort */ \ + {0x58b766a7, (200)}, /* ZwQueryValueKey */ \ + {0x59d0cf7f, (9)}, /* ZwQueryDirectoryObject */ \ + {0x5a201018, (180)}, /* ZwSetInformationFile */ \ + {0x5b24a650, (155)}, /* ZwDeleteFile */ \ + {0x5cc5b0cc, (149)}, /* CsrClientCallServer */ \ + {0x5ccb443b, (245)}, /* ZwVdmControl */ \ + {0x5d5b0c74, (15)}, /* ZwQuerySystemEnvironmentValue */ \ + {0x5dcf9e33, (205)}, /* ZwPrivilegeObjectAuditAlarm */ \ + {0x5f3fb511, (164)}, /* ZwUnlockFile */ \ + {0x60ebf65f, (120)}, /* ZwQuerySystemTime */ \ + {0x63033516, (244)}, /* ZwSetLdtEntries */ \ + {0x63cc9e64, (66)}, /* RtlCreateQueryDebugBuffer */ \ + {0x64a2ceb5, (56)}, /* ZwCreateProcess */ \ + {0x654da6fd, (143)}, /* ZwReplyWaitReceivePort */ \ + {0x6570064e, (243)}, /* ZwCreatePagingFile */ \ + {0x65b5374b, (14)}, /* ZwSetSystemInformation */ \ + {0x6a2d88fc, (126)}, /* ZwYieldExecution */ \ + {0x6c1b25c0, (97)}, /* ZwClearEvent */ \ + {0x6db16208, (238)}, /* ZwQueryInformationAtom */ \ + {0x6e0c0f9d, (65)}, /* RtlNormalizeProcessParams */ \ + {0x6f11895e, (217)}, /* ZwIsSystemResumeAutomatic */ \ + {0x7160272d, (144)}, /* ZwReplyWaitReceivePortEx */ \ + {0x72f83a29, (67)}, /* RtlDestroyQueryDebugBuffer */ \ + {0x73349dea, (160)}, /* ZwWriteFile */ \ + {0x75e01428, (111)}, /* ZwQueryIoCompletion */ \ + {0x75e970e4, (115)}, /* ZwSetLowEventPair */ \ + {0x7683000f, (38)}, /* ZwUnmapViewOfSection */ \ + {0x76d9a68b, (159)}, /* ZwReadFile */ \ + {0x7783f5c4, (98)}, /* ZwQueryEvent */ \ + {0x78327b0d, (173)}, /* ZwSetVolumeInformationFile */ \ + {0x78a28538, (80)}, /* ZwAdjustPrivilegesToken */ \ + {0x7b9f9b64, (182)}, /* ZwOpenKey */ \ + {0x7ccd8968, (138)}, /* ZwCompleteConnectPort */ \ + {0x7dfb3677, (169)}, /* ZwSetEaFile */ \ + {0x7e21039a, (87)}, /* ZwCreateTimer */ \ + {0x7ec723c2, (122)}, /* ZwQueryPerformanceCounter */ \ + {0x7f99ab33, (145)}, /* ZwReadRequestData */ \ + {0x81b18dcd, (21)}, /* ZwQueryVirtualMemory */ \ + {0x842e9cbb, (43)}, /* ZwQueryInformationThread */ \ + {0x84d52359, (112)}, /* ZwCreateEventPair */ \ + {0x84e3898f, (183)}, /* ZwDeleteKey */ \ + {0x850106f7, (7)}, /* ZwCreateDirectoryObject */ \ + {0x8548dfbd, (106)}, /* ZwQueryMutant */ \ + {0x85f069ec, (197)}, /* ZwNotifyChangeMultipleKeys */ \ + {0x87763935, (249)}, /* sprintf */ \ + {0x87fd0a60, (24)}, /* ZwWriteVirtualMemory */ \ + {0x8a1989d8, (136)}, /* ZwListenPort */ \ + {0x8afaa2ca, (31)}, /* ZwGetWriteWatch */ \ + {0x8b3aacc6, (174)}, /* ZwQueryQuotaInformationFile */ \ + {0x8bf01eb2, (135)}, /* ZwSecureConnectPort */ \ + {0x8c4a9ca2, (100)}, /* ZwOpenSemaphore */ \ + {0x8cb632f5, (17)}, /* ZwShutdownSystem */ \ + {0x8d31519d, (58)}, /* ZwOpenProcess */ \ + {0x8d5b0647, (53)}, /* ZwRegisterThreadTerminatePort */ \ + {0x8df4b3ed, (158)}, /* ZwCancelIoFileEx */ \ + {0x8e80b080, (119)}, /* ZwSetHighWaitLowEventPair */ \ + {0x8eb2c33b, (121)}, /* ZwSetSystemTime */ \ + {0x8fe01ce6, (4)}, /* ZwClose */ \ + {0x8ffaebe4, (70)}, /* ZwOpenJobObject */ \ + {0x90bf911c, (177)}, /* ZwQueryFullAttributesFile */ \ + {0x920b0183, (116)}, /* ZwWaitHighEventPair */ \ + {0x9331fae3, (25)}, /* ZwLockVirtualMemory */ \ + {0x9384c236, (103)}, /* ZwCreateMutant */ \ + {0x93e64266, (130)}, /* ZwStartProfile */ \ + {0x949f76b6, (19)}, /* ZwAllocateVirtualMemory */ \ + {0x956ba548, (11)}, /* ZwOpenSymbolicLinkObject */ \ + {0x963cafbc, (229)}, /* ZwQueryDefaultUILanguage */ \ + {0x9731aded, (178)}, /* ZwQueryDirectoryFile */ \ + {0x978855cd, (37)}, /* ZwMapViewOfSection */ \ + {0x98058c5c, (86)}, /* ZwWaitForMultipleObjects */ \ + {0x997388d8, (237)}, /* ZwDeleteAtom */ \ + {0x9bf04a73, (172)}, /* ZwQueryVolumeInformationFile */ \ + {0x9c805856, (167)}, /* ZwNotifyChangeDirectoryFile */ \ + {0x9d9c64db, (186)}, /* ZwSaveMergedKeys */ \ + {0x9fb42181, (79)}, /* ZwFilterToken */ \ + {0x9fce5072, (57)}, /* ZwCreateUserProcess */ \ + {0xa09dea3c, (192)}, /* ZwReplaceKey */ \ + {0xa313f9b0, (220)}, /* ZwSetSystemPowerState */ \ + {0xa34a43e1, (48)}, /* ZwSetContextThread */ \ + {0xa51616fd, (156)}, /* ZwFlushBuffersFile */ \ + {0xa589ce00, (226)}, /* ZwContinue */ \ + {0xa5b2c609, (117)}, /* ZwSetHighEventPair */ \ + {0xa8720028, (153)}, /* ZwCreateFile */ \ + {0xa93301f4, (110)}, /* ZwRemoveIoCompletion */ \ + {0xa9e5e651, (199)}, /* ZwSetValueKey */ \ + {0xabc87b74, (32)}, /* ZwResetWriteWatch */ \ + {0xac5765bd, (211)}, /* ZwOpenObjectAuditAlarm */ \ + {0xac77c9d4, (47)}, /* ZwGetContextThread */ \ + {0xaccf3eee, (214)}, /* ZwAccessCheckByTypeAndAuditAlarm */ \ + {0xacdddfe2, (176)}, /* ZwQueryAttributesFile */ \ + {0xafe64c80, (179)}, /* ZwQueryInformationFile */ \ + {0xb28fcd19, (1)}, /* ZwSetInformationObject */ \ + {0xb2adc219, (209)}, /* ZwAccessCheckByType */ \ + {0xb32b8a16, (41)}, /* ZwOpenThread */ \ + {0xb39f2b58, (128)}, /* ZwSetIntervalProfile */ \ + {0xb3a5ef4c, (64)}, /* RtlDestroyProcessParameters */ \ + {0xb3d90f63, (60)}, /* ZwQueryInformationProcess */ \ + {0xb3f8b8ba, (184)}, /* ZwFlushKey */ \ + {0xb468e7d0, (225)}, /* ZwRaiseException */ \ + {0xb4f463e1, (175)}, /* ZwSetQuotaInformationFile */ \ + {0xb5ce95b0, (109)}, /* ZwSetIoCompletion */ \ + {0xb677bd15, (219)}, /* ZwGetDevicePowerState */ \ + {0xb891d19c, (141)}, /* ZwReplyPort */ \ + {0xba08cfed, (221)}, /* ZwInitiatePowerAction */ \ + {0xba5bdfc3, (234)}, /* ZwSetUuidSeed */ \ + {0xbc310050, (133)}, /* ZwCreateWaitablePort */ \ + {0xbde7d8d1, (151)}, /* ZwLoadDriver */ \ + {0xbe9990b9, (134)}, /* ZwConnectPort */ \ + {0xc0040fd0, (90)}, /* ZwSetTimer */ \ + {0xc00fc05c, (240)}, /* ZwRaiseHardError */ \ + {0xc4bd0fda, (99)}, /* ZwCreateSemaphore */ \ + {0xc524def2, (148)}, /* ZwImpersonateClientOfPort */ \ + {0xc6a277e0, (236)}, /* ZwFindAtom */ \ + {0xc6de9ce3, (139)}, /* ZwRequestPort */ \ + {0xc707f028, (27)}, /* ZwFlushVirtualMemory */ \ + {0xc70d789c, (69)}, /* ZwCreateJobObject */ \ + {0xc71b989a, (78)}, /* ZwDuplicateToken */ \ + {0xc7835b75, (195)}, /* ZwEnumerateKey */ \ + {0xc7d8afa4, (85)}, /* ZwSignalAndWaitForSingleObject */ \ + {0xc94ea8a6, (81)}, /* ZwAdjustGroupsToken */ \ + {0xc9f42a5d, (235)}, /* ZwAddAtom */ \ + {0xca250552, (210)}, /* ZwAccessCheckByTypeResultList */ \ + {0xcaf1f803, (152)}, /* ZwUnloadDriver */ \ + {0xcb3c8251, (223)}, /* ZwPlugPlayControl */ \ + {0xcc22b021, (113)}, /* ZwOpenEventPair */ \ + {0xcdb98ed4, (59)}, /* ZwTerminateProcess */ \ + {0xced9d11d, (123)}, /* ZwSetTimerResolution */ \ + {0xd4191071, (127)}, /* ZwCreateProfile */ \ + {0xd48a2bbc, (40)}, /* ZwCreateThread */ \ + {0xd517401d, (54)}, /* ZwImpersonateThread */ \ + {0xd5a16cee, (51)}, /* ZwAlertThread */ \ + {0xd628c8f6, (228)}, /* ZwSetDefaultLocale */ \ + {0xd7fef93d, (201)}, /* ZwEnumerateValueKey */ \ + {0xda57df71, (247)}, /* LdrUnloadDll */ \ + {0xdaa7575e, (215)}, /* ZwAccessCheckByTypeResultListAndAuditAlarm */ \ + {0xde07d08f, (224)}, /* ZwGetPlugPlayEvent */ \ + {0xde5468ed, (202)}, /* ZwQueryMultipleValueKey */ \ + {0xdf8698ed, (13)}, /* ZwQuerySystemInformation */ \ + {0xdf86b31f, (6)}, /* ZwSetSecurityObject */ \ + {0xe0c1d02e, (55)}, /* ZwImpersonateAnonymousToken */ \ + {0xe1562f17, (3)}, /* ZwMakeTemporaryObject */ \ + {0xe19be90e, (33)}, /* ZwCreateSection */ \ + {0xe23ef886, (161)}, /* ZwReadFileScatter */ \ + {0xe2ff4b82, (188)}, /* ZwLoadKey */ \ + {0xe3521fd4, (101)}, /* ZwReleaseSemaphore */ \ + {0xe3624a9b, (212)}, /* ZwCloseObjectAuditAlarm */ \ + {0xe3ae76c7, (132)}, /* ZwCreatePort */ \ + {0xe43a3a6f, (147)}, /* ZwQueryInformationPort */ \ + {0xe624ac47, (12)}, /* ZwQuerySymbolicLinkObject */ \ + {0xe6a6cc2d, (208)}, /* ZwAccessCheckAndAuditAlarm */ \ + {0xe8d1aec4, (105)}, /* ZwReleaseMutant */ \ + {0xeb69e74d, (62)}, /* ZwFlushInstructionCache */ \ + {0xed4a67c1, (28)}, /* ZwAllocateUserPhysicalPages */ \ + {0xed5deedd, (107)}, /* ZwCreateIoCompletion */ \ + {0xedac7230, (203)}, /* ZwInitializeRegistry */ \ + {0xee535edc, (35)}, /* ZwQuerySection */ \ + {0xee5cdc2d, (82)}, /* ZwQueryInformationToken */ \ + {0xf3d1faa7, (125)}, /* ZwDelayExecution */ \ + {0xf425639c, (104)}, /* ZwOpenMutant */ \ + {0xfde47817, (94)}, /* ZwSetEvent */ \ + +#define __NT_IMPORTED_SYMBOLS_ARRAY_SIZE 250 + +#endif diff --git a/src/internal/ntapi_impl.h b/src/internal/ntapi_impl.h new file mode 100644 index 0000000..b60fc66 --- /dev/null +++ b/src/internal/ntapi_impl.h @@ -0,0 +1,120 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#ifndef ___NTAPI_IMPL_H_ +#define ___NTAPI_IMPL_H_ + +#include +#include +#include +#include +#include +#include +#include "ntapi_hash_table.h" +#include "ntapi_context.h" +#include "ntapi_fnapi.h" + +#define __NT_BASED_NAMED_OBJECTS {'\\','B','a','s','e', \ + 'N','a','m','e','d', \ + 'O','b','j','e','c','t','s'} + +/* helper macros */ +#define __NT_ROUND_UP_TO_POWER_OF_2(x,y)(x + (y-1)) & ~(y-1) +#define __NT_IS_MISALIGNED_BUFFER(x) ((!(uintptr_t)x) || ((uintptr_t)x % sizeof(size_t))) +#define __NT_IS_MISALIGNED_LENGTH(x) (x % sizeof(size_t)) +#define __NT_FILE_SYNC_IO (NT_FILE_SYNCHRONOUS_IO_ALERT|NT_FILE_SYNCHRONOUS_IO_NONALERT) + +/* user-defined options: head */ +#ifndef __NT_TTY_MONITORS +#define __NT_TTY_MONITORS 0x10 +#endif + +#ifndef __NT_FORK_CHILD_WAIT_MILLISEC +#define __NT_FORK_CHILD_WAIT_MILLISEC 60000 +#endif + +#ifndef __NT_SYNC_BLOCK_LOCK_TRIES +#define __NT_SYNC_BLOCK_LOCK_TRIES 1024 +#endif +/* user-defined options: tail */ + +/* internal page size */ +#ifndef __NT_INTERNAL_PAGE_SIZE +#define __NT_INTERNAL_PAGE_SIZE 4096 +#endif + +/* .bss section */ +#ifndef __NT_BSS_RESERVED_PAGES +#define __NT_BSS_RESERVED_PAGES 8 +#endif + +/* runtime buffers */ +#define __NT_BSS_ARGV_BUFFER_SIZE __NT_INTERNAL_PAGE_SIZE * 2 + +#define __NT_BSS_ARGV_MAX_IDX __NT_BSS_ARGV_BUFFER_SIZE \ + / sizeof(uintptr_t) + +#define __NT_BSS_ARGS_BUFFER_SIZE __NT_INTERNAL_PAGE_SIZE \ + * __NT_BSS_RESERVED_PAGES \ + - __NT_BSS_ARGV_BUFFER_SIZE + +/* ntapi .bss section structure */ +typedef struct ___ntapi_img_sec_bss { + wchar16_t * argv_envp_array[__NT_BSS_ARGV_MAX_IDX]; + char args_envs_buffer[__NT_BSS_ARGS_BUFFER_SIZE]; +} __ntapi_img_sec_bss; + + +/* ntapi library internals */ +typedef struct __attr_ptr_size_aligned__ _ntapi_internals { + nt_runtime_data * rtdata; + nt_port_name * subsystem; + void * hport_tty_session; + void * hport_tty_daemon; + void * hport_tty_debug; + void * hport_tty_monitor[__NT_TTY_MONITORS]; + size_t nt_mem_page_size; + size_t nt_mem_allocation_granularity; + size_t ntapi_internals_alloc_size; + void ** csr_port_handle_addr; + void * hdev_mount_point_mgr; + void * hany[8]; + intptr_t hlock; + uintptr_t v1_pipe_counter; + ntapi_tt_get_csr_port_handle_addr_by_logic * tt_get_csr_port_handle_addr_by_logic; + __ntapi_img_sec_bss * ntapi_img_sec_bss; +} ntapi_internals; + + +/* __ntapi_img_sec_data */ +typedef struct __attr_ptr_size_aligned__ ___ntapi_img_sec_rdata { + ntapi_hashed_symbol __ntapi_import_table[__NT_IMPORTED_SYMBOLS_ARRAY_SIZE]; + ntapi_vtbl * __ntapi; + nt_port_name __session_name; + ntapi_internals * __internals; +} __ntapi_img_sec_rdata; + +union __ntapi_img_rdata { + __ntapi_img_sec_rdata img_sec_data; + char buffer[__NT_INTERNAL_PAGE_SIZE]; +}; + + +/* accessor table */ +extern ntapi_vtbl ___ntapi; +extern ntapi_vtbl ___ntapi_shadow; +#define __ntapi (&___ntapi) + + +/* access to library internals */ +ntapi_internals * __cdecl __ntapi_internals(void); + + +/* debug */ +#define __ntidx(x) (&(((ntapi_vtbl *)0)->x)) / sizeof(size_t) + + +#endif diff --git a/src/internal/ntapi_lib_entry_point.c b/src/internal/ntapi_lib_entry_point.c new file mode 100644 index 0000000..8b857c8 --- /dev/null +++ b/src/internal/ntapi_lib_entry_point.c @@ -0,0 +1,12 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include + +int __stdcall __ntapi_entry(void * hinstance, uint32_t reason, void * reserved) +{ + return 1; +} diff --git a/src/internal/ntapi_pty.h b/src/internal/ntapi_pty.h new file mode 100644 index 0000000..ff85b3a --- /dev/null +++ b/src/internal/ntapi_pty.h @@ -0,0 +1,37 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#ifndef ___NTAPI_PTY_H_ +#define ___NTAPI_PTY_H_ + +#include +#include +#include +#include +#include + +#define __PTY_READ 0 +#define __PTY_WRITE 1 + +typedef struct nt_pty_context { + nt_sync_block sync[2]; + void * addr; + size_t size; + void * hport; + void * hpty; + void * section; + void * section_addr; + size_t section_size; + nt_guid guid; + nt_luid luid; + uint32_t access; + uint32_t flags; + uint32_t share; + uint32_t options; + nt_iosb iosb; +} nt_pty; + +#endif diff --git a/src/ipc/ntapi_tt_create_pipe_v1.c b/src/ipc/ntapi_tt_create_pipe_v1.c new file mode 100644 index 0000000..3185fbd --- /dev/null +++ b/src/ipc/ntapi_tt_create_pipe_v1.c @@ -0,0 +1,164 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include +#include "ntapi_impl.h" + + +typedef struct __attr_ptr_size_aligned__ _nt_tty_pipe_name { + wchar16_t pipe_dir[8]; + wchar16_t back_slash; + wchar16_t key_1st[8]; + wchar16_t uscore_1st; + wchar16_t key_2nd[8]; + wchar16_t uscore_2nd; + wchar16_t key_3rd[8]; + wchar16_t uscore_3rd; + wchar16_t key_4th[8]; + wchar16_t uscore_4th; + wchar16_t key_5th[8]; + wchar16_t uscore_5th; + wchar16_t key_6th[8]; + wchar16_t null_termination; +} nt_tty_pipe_name; + + +int32_t __stdcall __ntapi_ipc_create_pipe_v1( + __out void ** hpipe_read, + __out void ** hpipe_write, + __in uint32_t advisory_buffer_size __optional) +{ + int32_t status; + + void * hread; + void * hwrite; + + nt_object_attributes oa; + nt_io_status_block iosb; + nt_unicode_string nt_name; + nt_security_quality_of_service sqos; + nt_large_integer timeout; + intptr_t * counter; + + nt_tty_pipe_name pipe_name = { + {'\\','?','?','\\','p','i','p','e'}, + '\\', + {0},'_', + {0},'_', + {0},'_', + {0},'_', + {0},'_', + {0}, + 0 + }; + + /* pipe_count */ + counter = (intptr_t *)&__ntapi_internals()->v1_pipe_counter; + at_locked_inc(counter); + + /* get system time */ + status = __ntapi->zw_query_system_time(&timeout); + + if (status != NT_STATUS_SUCCESS) + return status; + + /* pipe name (no anonymous pipe prior to vista) */ + __ntapi->tt_uint32_to_hex_utf16( pe_get_current_process_id(),pipe_name.key_1st); + __ntapi->tt_uint32_to_hex_utf16( pe_get_current_thread_id(),pipe_name.key_2nd); + + __ntapi->tt_uint32_to_hex_utf16( timeout.ihigh + (uint32_t)*counter,pipe_name.key_3rd); + __ntapi->tt_uint32_to_hex_utf16(timeout.ulow + (uint32_t)*counter,pipe_name.key_4th); + + __ntapi->tt_uint32_to_hex_utf16( + __ntapi->tt_buffer_crc32(0,(char *)&pipe_name,sizeof(pipe_name)), + pipe_name.key_5th); + + __ntapi->tt_uint32_to_hex_utf16( + __ntapi->tt_buffer_crc32(0,(char *)&pipe_name,sizeof(pipe_name)), + pipe_name.key_6th); + + __ntapi->tt_uint32_to_hex_utf16( + __ntapi->tt_buffer_crc32(0,(char *)&pipe_name,sizeof(pipe_name)), + pipe_name.key_1st); + + __ntapi->tt_uint32_to_hex_utf16( + __ntapi->tt_buffer_crc32(0,(char *)&pipe_name,sizeof(pipe_name)), + pipe_name.key_2nd); + + __ntapi->tt_uint32_to_hex_utf16( + __ntapi->tt_buffer_crc32(0,(char *)&pipe_name,sizeof(pipe_name)), + pipe_name.key_3rd); + + __ntapi->tt_uint32_to_hex_utf16( + __ntapi->tt_buffer_crc32(0,(char *)&pipe_name,sizeof(pipe_name)), + pipe_name.key_4th); + + /* nt_name */ + nt_name.strlen = (uint16_t)(sizeof(pipe_name) - sizeof(wchar16_t)); + nt_name.maxlen = (uint16_t)(sizeof(pipe_name)); + nt_name.buffer = (uint16_t *)&pipe_name; + + /* init security structure */ + sqos.length = sizeof(sqos); + sqos.impersonation_level = NT_SECURITY_IMPERSONATION; + sqos.context_tracking_mode = NT_SECURITY_TRACKING_DYNAMIC; + sqos.effective_only = 1; + + /* oa */ + oa.len = sizeof(oa); + oa.root_dir = (void *)0; + oa.obj_name = &nt_name; + oa.obj_attr = 0x0; + oa.sec_desc = (nt_security_descriptor *)0; + oa.sec_qos = &sqos; + + timeout.ihigh = 0xffffffff; + timeout.ulow = 0x0; + + /* the reading end */ + status = __ntapi->zw_create_named_pipe_file( + &hread, + NT_GENERIC_READ | NT_SEC_SYNCHRONIZE | NT_FILE_WRITE_ATTRIBUTES, + &oa, + &iosb, + NT_FILE_SHARE_READ | NT_FILE_SHARE_WRITE, + NT_FILE_CREATE, + NT_FILE_ASYNCHRONOUS_IO, + 0, + 0, + 0, + 1, + 0x2000, + 0x2000, + &timeout); + + if (status != NT_STATUS_SUCCESS) { + return status; + } + + /* the writing end(s) */ + status = __ntapi->zw_open_file( + &hwrite, + NT_GENERIC_WRITE | NT_SEC_SYNCHRONIZE | NT_FILE_READ_ATTRIBUTES, + &oa, + &iosb, + NT_FILE_SHARE_READ | NT_FILE_SHARE_WRITE, + NT_FILE_WRITE_THROUGH | NT_FILE_ASYNCHRONOUS_IO | NT_FILE_NON_DIRECTORY_FILE); + + if (status != NT_STATUS_SUCCESS) { + __ntapi->zw_close(hread); + return status; + } + + *hpipe_read = hread; + *hpipe_write = hwrite; + + return status; +} diff --git a/src/ipc/ntapi_tt_create_pipe_v2.c b/src/ipc/ntapi_tt_create_pipe_v2.c new file mode 100644 index 0000000..c1f4b4b --- /dev/null +++ b/src/ipc/ntapi_tt_create_pipe_v2.c @@ -0,0 +1,116 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include +#include "ntapi_impl.h" + +int32_t __stdcall __ntapi_ipc_create_pipe_v2( + __out void ** hpipe_read, + __out void ** hpipe_write, + __in uint32_t advisory_buffer_size __optional) +{ + int32_t status; + + void * hdevpipes; + void * hwrite; + void * hread; + + nt_object_attributes oa; + nt_io_status_block iosb; + nt_sqos sqos; + nt_unicode_string nt_name; + nt_large_integer timeout; + + const wchar16_t pipe_dir[] = { + '\\','D','e','v','i','c','e', + '\\','N','a','m','e','d','P','i','p','e','\\',0 + }; + + /* nt_name: pipe device directory */ + nt_name.strlen = (uint16_t)(sizeof(pipe_dir) - sizeof(wchar16_t)); + nt_name.maxlen = 0; + nt_name.buffer = (uint16_t *)pipe_dir; + + /* init security structure */ + sqos.length = sizeof(sqos); + sqos.impersonation_level = NT_SECURITY_IMPERSONATION; + sqos.context_tracking_mode = NT_SECURITY_TRACKING_DYNAMIC; + sqos.effective_only = 1; + + /* oa */ + oa.len = sizeof(oa); + oa.root_dir = (void *)0; + oa.obj_name = &nt_name; + oa.obj_attr = NT_OBJ_CASE_INSENSITIVE | NT_OBJ_INHERIT; + oa.sec_desc = (nt_security_descriptor *)0; + oa.sec_qos = &sqos; + + status = __ntapi->zw_open_file( + &hdevpipes, + NT_GENERIC_READ | NT_SEC_SYNCHRONIZE, + &oa, + &iosb, + NT_FILE_SHARE_READ | NT_FILE_SHARE_WRITE, + NT_FILE_DIRECTORY_FILE); + + if (status != NT_STATUS_SUCCESS) + return status; + + timeout.ihigh = 0xffffffff; + timeout.ulow = 0x0; + + oa.root_dir = hdevpipes; + + nt_name.strlen=0; + nt_name.buffer = (uint16_t *)0; + + status = __ntapi->zw_create_named_pipe_file( + &hread, + NT_GENERIC_READ | NT_SEC_SYNCHRONIZE | NT_FILE_WRITE_ATTRIBUTES, + &oa, + &iosb, + NT_FILE_SHARE_READ | NT_FILE_SHARE_WRITE, + NT_FILE_CREATE, + NT_FILE_ASYNCHRONOUS_IO, + 0, + 0, + 0, + 1, + 0X2000, + 0x2000, + &timeout); + + if (status != NT_STATUS_SUCCESS) { + __ntapi->zw_close(hdevpipes); + return status; + } + + /* the pipe is now our root directory */ + oa.root_dir = hread; + + status = __ntapi->zw_open_file( + &hwrite, + NT_GENERIC_WRITE | NT_SEC_SYNCHRONIZE | NT_FILE_READ_ATTRIBUTES, + &oa, + &iosb, + NT_FILE_SHARE_READ | NT_FILE_SHARE_WRITE, + NT_FILE_WRITE_THROUGH | NT_FILE_ASYNCHRONOUS_IO | NT_FILE_NON_DIRECTORY_FILE); + + if (status != NT_STATUS_SUCCESS) { + __ntapi->zw_close(hdevpipes); + __ntapi->zw_close(hread); + return status; + } + + *hpipe_read = hread; + *hpipe_write = hwrite; + + return status; +} diff --git a/src/ldr/ntapi_ldr_create_state_snapshot.c b/src/ldr/ntapi_ldr_create_state_snapshot.c new file mode 100644 index 0000000..74a916c --- /dev/null +++ b/src/ldr/ntapi_ldr_create_state_snapshot.c @@ -0,0 +1,69 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include + +struct callback_ctx { + struct dalist_ex * ldr_state_snapshot; + int32_t status; +}; + +static int __cdecl __add_module_base_address_to_list( + struct pe_ldr_tbl_entry * ldr_tbl_entry, + enum pe_callback_reason int_callback_reason, + void * context) +{ + struct dalist_node * node; + struct callback_ctx * ctx; + + ctx = (struct callback_ctx *)context; + + if (int_callback_reason == PE_CALLBACK_REASON_ERROR) { + ctx->status = NT_STATUS_UNSUCCESSFUL; + return ctx->status; + } else if (int_callback_reason != PE_CALLBACK_REASON_ITEM) { + ctx->status = NT_STATUS_SUCCESS; + return 1; + } else if (!ldr_tbl_entry->dll_base) { + ctx->status = NT_STATUS_SUCCESS; + return 1; + } + + ctx->status = dalist_get_node_by_key( + ctx->ldr_state_snapshot, + (struct dalist_node_ex **)&node, + (uintptr_t)ldr_tbl_entry->dll_base, + DALIST_NODE_TYPE_NEW, + 0); + + if (ctx->status != DALIST_OK) + return -1; + else + return 1; +} + + +int __cdecl __ntapi_ldr_create_state_snapshot( + __out struct dalist_ex * ldr_state_snapshot) +{ + struct callback_ctx ctx; + + if (!ldr_state_snapshot->free && !ldr_state_snapshot->memfn_ptr) + return NT_STATUS_BUFFER_TOO_SMALL; + else if (ldr_state_snapshot->info.list_nodes) + return NT_STATUS_INVALID_USER_BUFFER; + + ctx.ldr_state_snapshot = ldr_state_snapshot; + + pe_enum_modules_in_load_order( + __add_module_base_address_to_list, + &ctx); + + return ctx.status; +} diff --git a/src/ldr/ntapi_ldr_load_system_dll.c b/src/ldr/ntapi_ldr_load_system_dll.c new file mode 100644 index 0000000..d417590 --- /dev/null +++ b/src/ldr/ntapi_ldr_load_system_dll.c @@ -0,0 +1,44 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include "ntapi_impl.h" + +int32_t __stdcall __ntapi_ldr_load_system_dll( + __in void * hsysdir __optional, + __in wchar16_t * base_name, + __in uint32_t base_name_size, + __in uint32_t * image_flags __optional, + __out void ** image_base) +{ + int32_t status; + nt_unicode_string nt_image_name; + uintptr_t buffer[0x80]; + + /* stack buffer */ + __ntapi->tt_aligned_block_memset(buffer,0,sizeof(buffer)); + + status = __ntapi->tt_get_system_directory_dos_path( + hsysdir, + (wchar16_t *)buffer, + sizeof(buffer), + base_name, + base_name_size, + &nt_image_name); + + if (status != NT_STATUS_SUCCESS) + return status; + + status = __ntapi->ldr_load_dll( + 0, + 0, + &nt_image_name, + image_base); + + return status; +} diff --git a/src/ldr/ntapi_ldr_revert_state_to_snapshot.c b/src/ldr/ntapi_ldr_revert_state_to_snapshot.c new file mode 100644 index 0000000..2ca5087 --- /dev/null +++ b/src/ldr/ntapi_ldr_revert_state_to_snapshot.c @@ -0,0 +1,104 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include "ntapi_impl.h" + +struct callback_ctx { + struct dalist_ex * ldr_state_snapshot; + struct pe_ldr_tbl_entry * ldr_tbl_entry; + void * image_base; + uint32_t load_count; + int32_t status; +}; + +static int __cdecl __find_next_module_to_unload( + struct pe_ldr_tbl_entry * ldr_tbl_entry, + enum pe_callback_reason int_callback_reason, + void * context) +{ + struct dalist_node * node; + struct callback_ctx * ctx; + + ctx = (struct callback_ctx *)context; + + if (int_callback_reason == PE_CALLBACK_REASON_ERROR) { + ctx->status = NT_STATUS_UNSUCCESSFUL; + return ctx->status; + } else if (int_callback_reason != PE_CALLBACK_REASON_ITEM) { + ctx->status = NT_STATUS_SUCCESS; + return 1; + } else if (!ldr_tbl_entry->dll_base) { + ctx->status = NT_STATUS_SUCCESS; + return 1; + } + + + ctx->status = dalist_get_node_by_key( + ctx->ldr_state_snapshot, + (struct dalist_node_ex **)&node, + (uintptr_t)ldr_tbl_entry->dll_base, + DALIST_NODE_TYPE_EXISTING, + 0); + + if (ctx->status != DALIST_OK) + return -1; + else if (node) + return 1; + else if (!ctx->image_base || (ldr_tbl_entry->load_count < ctx->load_count)) { + ctx->image_base = ldr_tbl_entry->dll_base; + ctx->load_count = ldr_tbl_entry->load_count; + ctx->ldr_tbl_entry = ldr_tbl_entry; + } + + return 1; +} + + +int __cdecl __ntapi_ldr_revert_state_to_snapshot( + __in struct dalist_ex * ldr_state_snapshot) +{ + struct callback_ctx ctx; + uint32_t i; + + if (!ldr_state_snapshot->free && !ldr_state_snapshot->memfn_ptr) + return NT_STATUS_BUFFER_TOO_SMALL; + + ctx.ldr_state_snapshot = ldr_state_snapshot; + ctx.image_base = (void *)0; + ctx.load_count = 0; + + pe_enum_modules_in_load_order( + __find_next_module_to_unload, + &ctx); + + while ((ctx.image_base) && (ctx.status == NT_STATUS_SUCCESS)) { + if (ctx.load_count == 0xffff) { + ctx.load_count = 1; + ctx.ldr_tbl_entry->load_count = 1; + ctx.ldr_tbl_entry->entry_point = (void *)0; + ctx.ldr_tbl_entry->flags = 0; + } + + for (i=0; ildr_unload_dll(ctx.image_base); + + __ntapi->zw_unmap_view_of_section( + NT_CURRENT_PROCESS_HANDLE, + ctx.image_base); + ctx.image_base = (void *)0; + ctx.load_count = 0; + + pe_enum_modules_in_load_order( + __find_next_module_to_unload, + &ctx); + } + + return ctx.status; +} diff --git a/src/object/ntapi_tt_keyed_object_directory.c b/src/object/ntapi_tt_keyed_object_directory.c new file mode 100644 index 0000000..7f2da40 --- /dev/null +++ b/src/object/ntapi_tt_keyed_object_directory.c @@ -0,0 +1,134 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include "ntapi_impl.h" + +typedef ntapi_zw_open_directory_object objdir_open_fn; + +static int32_t __stdcall __tt_create_keyed_object_directory( + __out void ** hdir, + __in uint32_t desired_access, + __in const wchar16_t prefix[6], + __in nt_guid * guid, + __in uint32_t key, + __in objdir_open_fn * openfn) +{ + nt_keyed_objdir_name objdir_name = {__NT_BASED_NAMED_OBJECTS}; + nt_unicode_string name; + nt_oa oa; + nt_sqos sqos = { + sizeof(sqos), + NT_SECURITY_IMPERSONATION, + NT_SECURITY_TRACKING_DYNAMIC, + 1}; + + __ntapi->tt_memcpy_utf16( + objdir_name.prefix, + prefix, + sizeof(objdir_name.prefix)); + + __ntapi->tt_guid_to_utf16_string( + guid, + (nt_guid_str_utf16 *)&objdir_name.objdir_guid); + + __ntapi->tt_uint32_to_hex_utf16( + key,objdir_name.key); + + objdir_name.backslash = '\\'; + objdir_name.objdir_guid.uscore_guid = '_'; + objdir_name.objdir_guid.uscore_key = '_'; + + name.strlen = sizeof(objdir_name); + name.maxlen = 0; + name.buffer = (uint16_t *)&objdir_name; + + oa.len = sizeof(oa); + oa.root_dir = 0; + oa.obj_name = &name; + oa.obj_attr = NT_OBJ_INHERIT; + oa.sec_desc = 0; + oa.sec_qos = &sqos; + + return openfn(hdir,desired_access,&oa); +} + + +int32_t __stdcall __ntapi_tt_create_keyed_object_directory_entry( + __out void ** hentry, + __in uint32_t desired_access, + __in void * hdir, + __in void * htarget, + __in nt_unicode_string * target_name, + __in uint32_t key) +{ + int32_t status; + nt_oa oa; + nt_unicode_string name; + wchar16_t keystr[8]; + uintptr_t buffer[2048/sizeof(uintptr_t)]; + nt_sqos sqos = { + sizeof(sqos), + NT_SECURITY_IMPERSONATION, + NT_SECURITY_TRACKING_DYNAMIC, + 1}; + + if (!target_name) { + if ((status = __ntapi->zw_query_object( + htarget, + NT_OBJECT_NAME_INFORMATION, + buffer,sizeof(buffer),0))) + return status; + target_name = (nt_unicode_string *)buffer; + } + + __ntapi->tt_uint32_to_hex_utf16(key,keystr); + + name.strlen = sizeof(keystr); + name.maxlen = 0; + name.buffer = keystr; + + oa.len = sizeof(oa); + oa.root_dir = hdir; + oa.obj_name = &name; + oa.obj_attr = 0; + oa.sec_desc = 0; + oa.sec_qos = &sqos; + + return __ntapi->zw_create_symbolic_link_object( + hentry, + desired_access, + &oa,target_name); +} + +int32_t __stdcall __ntapi_tt_create_keyed_object_directory( + __out void ** hdir, + __in uint32_t desired_access, + __in const wchar16_t prefix[6], + __in nt_guid * guid, + __in uint32_t key) +{ + return __tt_create_keyed_object_directory( + hdir,desired_access, + prefix,guid,key, + __ntapi->zw_create_directory_object); +} + +int32_t __stdcall __ntapi_tt_open_keyed_object_directory( + __out void ** hdir, + __in uint32_t desired_access, + __in const wchar16_t prefix[6], + __in nt_guid * guid, + __in uint32_t key) +{ + return __tt_create_keyed_object_directory( + hdir,desired_access, + prefix,guid,key, + __ntapi->zw_open_directory_object); +} diff --git a/src/port/ntapi_port_name_helper.c b/src/port/ntapi_port_name_helper.c new file mode 100644 index 0000000..3084cf6 --- /dev/null +++ b/src/port/ntapi_port_name_helper.c @@ -0,0 +1,167 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include "ntapi_impl.h" + +typedef wchar16_t __port_service_prefix[6]; + +static const __port_service_prefix __port_service_null = {0}; +static const __port_service_prefix __port_service_prefixes[4][NT_PORT_TYPE_CAP][NT_PORT_SUBTYPE_CAP] = { + {{{'s','v','c','a','n','y'}}}, + {{{'n','t','c','t','t','y'}}}, + {{{'v','m','o','u','n','t'}}}, + {{{'d','a','e','m','o','n'}}}}; + +static const nt_guid __port_guids[NT_PORT_TYPE_CAP][NT_PORT_SUBTYPE_CAP] = { + {NT_PORT_GUID_DEFAULT}, + {NT_PORT_GUID_SUBSYSTEM}, + {NT_PORT_GUID_VMOUNT}, + {NT_PORT_GUID_DAEMON}}; + +int32_t __stdcall __ntapi_tt_port_guid_from_type( + __out nt_guid * guid, + __in nt_port_type type, + __in nt_port_subtype subtype) +{ + const nt_guid * src_guid; + + if ((type >= NT_PORT_TYPE_CAP) || (subtype >= NT_PORT_SUBTYPE_CAP)) + return NT_STATUS_INVALID_PARAMETER; + + src_guid = &(__port_guids[type][subtype]); + + __ntapi->tt_aligned_block_memcpy( + (uintptr_t *)guid, + (uintptr_t *)src_guid, + sizeof(nt_guid)); + + return NT_STATUS_SUCCESS; +} + + +int32_t __stdcall __ntapi_tt_port_type_from_guid( + __out nt_port_type * type, + __out nt_port_subtype * subtype, + __in nt_guid * guid) +{ + int itype; + int isubtype; + const nt_guid * src_guid; + uint32_t guid_hash; + uint32_t src_hash; + + guid_hash = __ntapi->tt_buffer_crc32(0,guid,sizeof(nt_guid)); + + for (itype=0; itypett_buffer_crc32(0,src_guid,sizeof(nt_guid)); + + if (guid_hash == src_hash) { + *type = (nt_port_type)itype; + *subtype = (nt_port_subtype)isubtype; + + return NT_STATUS_SUCCESS; + } + } + } + + return NT_STATUS_INVALID_PARAMETER; + +} + + +int32_t __stdcall __ntapi_tt_port_generate_keys( + __out nt_port_keys * keys) +{ + int32_t status; + nt_large_integer systime; + nt_luid luid; + + status = __ntapi->zw_query_system_time(&systime); + if (status) return status; + + status = __ntapi->zw_allocate_locally_unique_id(&luid); + if (status) return status; + + keys->key[0] = pe_get_current_process_id(); + keys->key[1] = pe_get_current_thread_id(); + keys->key[2] = systime.ihigh; + keys->key[3] = systime.ulow; + keys->key[4] = luid.high; + keys->key[5] = luid.low; + + return NT_STATUS_SUCCESS; +} + + +void __stdcall __ntapi_tt_port_format_keys( + __in nt_port_keys * keys, + __out nt_port_name_keys * name_keys) +{ + __ntapi->tt_uint32_to_hex_utf16(keys->key[0],name_keys->key_1st); + __ntapi->tt_uint32_to_hex_utf16(keys->key[1],name_keys->key_2nd); + __ntapi->tt_uint32_to_hex_utf16(keys->key[2],name_keys->key_3rd); + __ntapi->tt_uint32_to_hex_utf16(keys->key[3],name_keys->key_4th); + __ntapi->tt_uint32_to_hex_utf16(keys->key[4],name_keys->key_5th); + __ntapi->tt_uint32_to_hex_utf16(keys->key[5],name_keys->key_6th); + + return; +} + + +void __stdcall __ntapi_tt_port_name_from_attributes( + __out nt_port_name * name, + __in nt_port_attr * attr) +{ + wchar16_t bno[] = __NT_BASED_NAMED_OBJECTS; + + /* base named objects */ + __ntapi->tt_memcpy_utf16( + name->base_named_objects, + bno,sizeof(bno)); + + /* service prefix */ + if (attr && (attr->type < NT_PORT_TYPE_CAP) && (attr->subtype < NT_PORT_SUBTYPE_CAP)) + __ntapi->tt_memcpy_utf16( + name->svc_prefix, + &(__port_service_prefixes[attr->type][attr->subtype][0][0]), + sizeof(name->svc_prefix)); + else + __ntapi->tt_memcpy_utf16( + name->svc_prefix, + __port_service_null, + sizeof(name->svc_prefix)); + + /* port guid */ + __ntapi->tt_guid_to_utf16_string( + &attr->guid, + (nt_guid_str_utf16 *)&name->port_guid); + + /* port name keys */ + __ntapi_tt_port_format_keys( + &attr->keys, + &name->port_name_keys); + + /* backslash and underscores */ + name->backslash = '\\'; + name->port_guid.uscore_guid = '_'; + name->port_guid.uscore_keys = '_'; + name->port_name_keys.uscore_1st = '_'; + name->port_name_keys.uscore_2nd = '_'; + name->port_name_keys.uscore_3rd = '_'; + name->port_name_keys.uscore_4th = '_'; + name->port_name_keys.uscore_5th = '_'; + + /* null termination */ + name->null_termination = 0; + + return; +} diff --git a/src/process/nt32/tt_fork_v1.s b/src/process/nt32/tt_fork_v1.s new file mode 100644 index 0000000..2e2f01d --- /dev/null +++ b/src/process/nt32/tt_fork_v1.s @@ -0,0 +1,60 @@ +########################################################## +## ntapi: Native API core library ## +## Copyright (C) 2013,2014,2015 Z. Gilboa ## +## Released under GPLv2 and GPLv3; see COPYING.NTAPI. ## +########################################################## + +.section .text + +.global ___tt_fork +.global ___tt_fork_child_entry_point +.global @__tt_fork_child_entry_point@4 +.global ___tt_fork_child_entry_point_adj +.global @__tt_fork_child_entry_point_adj@4 + +___tt_fork: +___tt_fork_prolog: + push %ebp + mov %esp, %ebp + +___tt_fork_save_regs: + push %ecx + push %edx + push %ebx + push %esi + push %edi + +___tt_fork_impl_call: + mov %esp, %ecx + mov $0, %edx + call @__tt_fork_impl@8 + +___tt_fork_restore_regs: + pop %edi + pop %esi + pop %ebx + pop %edx + pop %ecx + +___tt_fork_epilog: + mov %ebp, %esp + pop %ebp + ret + +___tt_fork_child_entry_point: +@__tt_fork_child_entry_point@4: +___tt_fork_child_entry_point_adj: +@__tt_fork_child_entry_point_adj@4: + xor %eax, %eax + mov %ecx, %esp + +___tt_fork_child_restore_regs: + pop %edi + pop %esi + pop %ebx + pop %edx + pop %ecx + +___tt_fork_child_epilog: + pop %ebp + ret diff --git a/src/process/nt32/tt_fork_v1_i386.c b/src/process/nt32/tt_fork_v1_i386.c new file mode 100644 index 0000000..34b813e --- /dev/null +++ b/src/process/nt32/tt_fork_v1_i386.c @@ -0,0 +1,66 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include + +#if (__COMPILER__ == __MSVC__) && defined(__X86_MODEL) + +intptr_t __fastcall __tt_fork_impl( + __in uintptr_t saved_regs_stack_pointer, + __in uintptr_t stack_adjustment); + +int32_t __declspec(naked) __cdecl __tt_fork(void) +{ + __asm { + push ebp + mov ebp, esp + + push ecx + push edx + push ebx + push esi + push edi + + mov ecx, esp + call __tt_fork_impl + + pop edi + pop esi + pop ebx + pop edx + pop ecx + + mov esp, ebp + pop ebp + ret + }; +} + +void __declspec(naked) __fastcall __tt_fork_child_entry_point(uintptr_t esp_saved) +{ + __asm { + xor eax, eax + mov esp, ecx + + pop edi + pop esi + pop ebx + pop edx + pop ecx + + pop ebp + ret + }; +} + +void __declspec(naked) __fastcall __tt_fork_child_entry_point_adj(uintptr_t esp_saved) +{ + __asm { + jmp __tt_fork_child_entry_point + }; +} + +#endif diff --git a/src/process/nt64/tt_fork_v1.s b/src/process/nt64/tt_fork_v1.s new file mode 100644 index 0000000..5f09463 --- /dev/null +++ b/src/process/nt64/tt_fork_v1.s @@ -0,0 +1,134 @@ +########################################################## +## ntapi: Native API core library ## +## Copyright (C) 2013,2014,2015 Z. Gilboa ## +## Released under GPLv2 and GPLv3; see COPYING.NTAPI. ## +########################################################## + +.section .text + +.global __tt_fork_v1 +.global __tt_fork_child_entry_point +.global __tt_fork_child_entry_point_adj + +__tt_fork_v1: +__tt_fork_save_regs: + push %rbp + push %rcx + push %rdx + push %rbx + push %rsi + push %rdi + push %r8 + push %r9 + push %r10 + push %r11 + push %r12 + push %r13 + push %r14 + push %r15 + + sub 0x40,%rsp + + mov %rsp, %rdx + and $0xf, %rdx + test %rdx, %rdx + jne __tt_fork_impl_adj_call + +__tt_fork_impl_call: + mov %rsp, %rcx + call __tt_fork_impl_v1 + + add 0x40,%rsp + + pop %r15 + pop %r14 + pop %r13 + pop %r12 + pop %r11 + pop %r10 + pop %r9 + pop %r8 + pop %rdi + pop %rsi + pop %rbx + pop %rdx + pop %rcx + pop %rbp + + ret + +__tt_fork_impl_adj_call: + push %rdi + + mov %rsp, %rcx + call __tt_fork_impl_v1 + + pop %rdi + + add 0x40,%rsp + + pop %r15 + pop %r14 + pop %r13 + pop %r12 + pop %r11 + pop %r10 + pop %r9 + pop %r8 + pop %rdi + pop %rsi + pop %rbx + pop %rdx + pop %rcx + pop %rbp + + ret + + +__tt_fork_child_entry_point: + xor %rax, %rax + mov %rcx, %rsp + + add 0x40,%rsp + + pop %r15 + pop %r14 + pop %r13 + pop %r12 + pop %r11 + pop %r10 + pop %r9 + pop %r8 + pop %rdi + pop %rsi + pop %rbx + pop %rdx + pop %rcx + pop %rbp + + ret + +__tt_fork_child_entry_point_adj: + xor %rax, %rax + mov %rcx, %rsp + + pop %rdi + + add 0x40,%rsp + + pop %r15 + pop %r14 + pop %r13 + pop %r12 + pop %r11 + pop %r10 + pop %r9 + pop %r8 + pop %rdi + pop %rsi + pop %rbx + pop %rdx + pop %rcx + pop %rbp + + ret diff --git a/src/process/nt64/tt_fork_v1_x86_64.asm b/src/process/nt64/tt_fork_v1_x86_64.asm new file mode 100644 index 0000000..f79131e --- /dev/null +++ b/src/process/nt64/tt_fork_v1_x86_64.asm @@ -0,0 +1,136 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +TITLE tt_fork_x86_64 + +.data +__tt_fork_impl_v1 PROTO C + +.code +__tt_fork_v1 PROC + push rbp + push rcx + push rdx + push rbx + push rsi + push rdi + push r8 + push r9 + push r10 + push r11 + push r12 + push r13 + push r14 + push r15 + + sub rsp, 40h + + mov rdx, rsp + and rdx, 15 + test rdx, rdx + jne __tt_fork_impl_adj_call + + mov rcx, rsp + call __tt_fork_impl_v1 + + add rsp, 40h + + pop r15 + pop r14 + pop r13 + pop r12 + pop r11 + pop r10 + pop r9 + pop r8 + pop rdi + pop rsi + pop rbx + pop rdx + pop rcx + pop rbp + ret +__tt_fork_v1 ENDP + +__tt_fork_impl_adj_call PROC + push rdi + + mov rcx, rsp + mov rdx, 1 + call __tt_fork_impl_v1 + + pop rdi + + add rsp, 40h + + pop r15 + pop r14 + pop r13 + pop r12 + pop r11 + pop r10 + pop r9 + pop r8 + pop rdi + pop rsi + pop rbx + pop rdx + pop rcx + pop rbp + ret +__tt_fork_impl_adj_call ENDP + + +__tt_fork_child_entry_point PROC + xor rax, rax + mov rsp, rcx + + add rsp, 40h + + pop r15 + pop r14 + pop r13 + pop r12 + pop r11 + pop r10 + pop r9 + pop r8 + pop rdi + pop rsi + pop rbx + pop rdx + pop rcx + pop rbp + ret +__tt_fork_child_entry_point ENDP + + +__tt_fork_child_entry_point_adj PROC + xor rax, rax + mov rsp, rcx + + pop rdi + + add rsp, 40h + + pop r15 + pop r14 + pop r13 + pop r12 + pop r11 + pop r10 + pop r9 + pop r8 + pop rdi + pop rsi + pop rbx + pop rdx + pop rcx + pop rbp + ret +__tt_fork_child_entry_point_adj ENDP + +END diff --git a/src/process/nt64/tt_fork_v2_x86_64.asm b/src/process/nt64/tt_fork_v2_x86_64.asm new file mode 100644 index 0000000..cc6e353 --- /dev/null +++ b/src/process/nt64/tt_fork_v2_x86_64.asm @@ -0,0 +1,50 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +TITLE tt_fork_x86_64 + +.data +__tt_fork_impl_v2 PROTO C + +.code +__tt_fork_v2 PROC + push rbp + push rcx + push rdx + push rbx + push rsi + push rdi + push r8 + push r9 + push r10 + push r11 + push r12 + push r13 + push r14 + push r15 + + sub rsp, 40h + call __tt_fork_impl_v2 + add rsp, 40h + + pop r15 + pop r14 + pop r13 + pop r12 + pop r11 + pop r10 + pop r9 + pop r8 + pop rdi + pop rsi + pop rbx + pop rdx + pop rcx + pop rbp + ret +__tt_fork_v2 ENDP + +END diff --git a/src/process/ntapi_tt_create_native_process_v1.c b/src/process/ntapi_tt_create_native_process_v1.c new file mode 100644 index 0000000..b2572cc --- /dev/null +++ b/src/process/ntapi_tt_create_native_process_v1.c @@ -0,0 +1,258 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include +#include +#include +#include +#include "ntapi_impl.h" + +static int32_t __tt_create_process_cancel(nt_create_process_params * params, void * hsection, int32_t status) +{ + if (params->hprocess) { + __ntapi->zw_terminate_process(params->hprocess,NT_STATUS_INTERNAL_ERROR); + __ntapi->zw_close(params->hprocess); + } + + if (params->hthread) + __ntapi->zw_close(params->hthread); + + if (hsection) + __ntapi->zw_close(hsection); + + return status; +} + +int32_t __stdcall __ntapi_tt_create_native_process_v1(nt_create_process_params * params) +{ + int32_t status; + void * hfile; + void * hsection; + + nt_object_attributes oa_file; + nt_object_attributes oa_process; + nt_object_attributes oa_thread; + + nt_unicode_string nt_image; + nt_unicode_string nt_cmd_line; + nt_process_parameters * rprocess_params; + nt_thread_params tparams; + + nt_io_status_block iosb; + nt_section_image_information sii; + + wchar16_t * cmd_line_runtime_buffer; + size_t cmd_line_runtime_buffer_size; + int fresume_thread; + + #if defined (__NT32) + wchar16_t runtime_arg[12] = { + ' ','-','r',' ', + 'i','n','t','e','g','r','a','l'}; + #elif defined (__NT64) + wchar16_t runtime_arg[20] = { + ' ','-','r',' ', + 'i','n','t','e','g','r','a','l', + '-','r','u','n','t','i','m','e'}; + #endif + + /* validation */ + if (params->cmd_line && params->process_params) + return NT_STATUS_INVALID_PARAMETER_MIX; + else if (params->cmd_line && params->rtblock) + return NT_STATUS_INVALID_PARAMETER_MIX; + else if (params->environment && params->process_params) + return NT_STATUS_INVALID_PARAMETER_MIX; + + /* tparams */ + __ntapi->tt_aligned_block_memset( + &tparams, 0, sizeof(tparams)); + + /* image_name */ + __ntapi->rtl_init_unicode_string( + &nt_image, + params->image_name); + + /* oa_process */ + if (!params->obj_attr_process) { + __ntapi->tt_aligned_block_memset( + &oa_process,0,sizeof(oa_process)); + + oa_process.len = sizeof(oa_process); + params->obj_attr_process = &oa_process; + } + + /* oa_thread */ + if (!params->obj_attr_thread) { + __ntapi->tt_aligned_block_memset( + &oa_thread,0,sizeof(oa_thread)); + + oa_thread.len = sizeof(oa_thread); + params->obj_attr_thread = &oa_thread; + } + + /* legacy tasks */ + /* init the oa_file structure */ + oa_file.len = sizeof(nt_object_attributes); + oa_file.root_dir = (void *)0; + oa_file.obj_name = &nt_image; + oa_file.obj_attr = 0; + oa_file.sec_desc = (nt_security_descriptor *)0; + oa_file.sec_qos = (nt_sqos *)0; + + /* open the file */ + if ((status = __ntapi->zw_open_file( + &hfile, + NT_FILE_EXECUTE | NT_PROCESS_SYNCHRONIZE, + &oa_file, + &iosb, + NT_FILE_SHARE_READ, + NT_FILE_SYNCHRONOUS_IO_NONALERT))) + return status; + + /* create the executable section */ + hsection = 0; + oa_file.obj_name = 0; + + status = __ntapi->zw_create_section( + &hsection, + NT_SECTION_ALL_ACCESS, + &oa_file,0, + NT_PAGE_EXECUTE, + NT_SEC_IMAGE, + hfile); + + __ntapi->zw_close(hfile); + if (status) return status; + + /* create the process */ + if ((status = __ntapi->zw_create_process( + ¶ms->hprocess, + NT_PROCESS_ALL_ACCESS, + &oa_process, + NT_CURRENT_PROCESS_HANDLE, + 1,hsection,0,0))) + return __tt_create_process_cancel(params,hsection,status); + + /* obtain stack/heap and entry point information */ + if ((status = __ntapi->zw_query_section( + hsection, + NT_SECTION_IMAGE_INFORMATION, + &sii,sizeof(sii),0))) + return __tt_create_process_cancel(params,hsection,status); + + /* obtain process information */ + if ((status = __ntapi->zw_query_information_process( + tparams.hprocess, + NT_PROCESS_BASIC_INFORMATION, + ¶ms->pbi,sizeof(params->pbi), + 0))) + return __tt_create_process_cancel(params,hsection,status); + + /* create remote process parameters block */ + if (!params->process_params) { + /* cmd_line */ + if (!params->cmd_line) { + params->cmd_line = params->image_name; + } + + __ntapi->rtl_init_unicode_string( + &nt_cmd_line, + params->cmd_line); + + /* rtblock */ + if (params->rtblock) { + cmd_line_runtime_buffer = (wchar16_t *)0; + cmd_line_runtime_buffer_size = nt_cmd_line.maxlen + + sizeof(runtime_arg); + + if ((status = __ntapi->zw_allocate_virtual_memory( + NT_CURRENT_PROCESS_HANDLE, + (void **)&cmd_line_runtime_buffer, + 0,&cmd_line_runtime_buffer_size, + NT_MEM_RESERVE | NT_MEM_COMMIT, + NT_PAGE_READWRITE))) + return __tt_create_process_cancel(params,hsection,status); + + __ntapi->tt_memcpy_utf16( + (wchar16_t *)cmd_line_runtime_buffer, + (wchar16_t *)nt_cmd_line.buffer, + nt_cmd_line.strlen); + + __ntapi->tt_memcpy_utf16( + (wchar16_t *)pe_va_from_rva( + cmd_line_runtime_buffer, + nt_cmd_line.strlen), + (wchar16_t *)runtime_arg, + sizeof(runtime_arg)); + + nt_cmd_line.strlen += sizeof(runtime_arg); + nt_cmd_line.maxlen += sizeof(runtime_arg); + nt_cmd_line.buffer = cmd_line_runtime_buffer; + } + + /* environment */ + if (!params->environment) { + params->environment = __ntapi->tt_get_peb_env_block_utf16(); + } + } + + fresume_thread = (params->creation_flags_thread ^ 0x01) & 0x01; + + /* create target thread */ + tparams.hprocess = params->hprocess; + tparams.start = (nt_thread_start_routine *)sii.entry_point; + tparams.obj_attr = &oa_thread; + tparams.creation_flags = NT_CREATE_SUSPENDED | NT_CREATE_FIRST_THREAD_OF_PROCESS; + tparams.stack_size_commit = sii.stack_commit; + tparams.stack_size_reserve = sii.stack_reserve; + + if ((status = __ntapi->tt_create_remote_thread(&tparams))) + return __tt_create_process_cancel(params,hsection,status); + + /* remote process params */ + if ((status = __ntapi->tt_create_remote_process_params( + tparams.hprocess, + &rprocess_params, + &nt_image, + (nt_unicode_string *)0, + (nt_unicode_string *)0, + &nt_cmd_line, + params->environment, + (nt_unicode_string *)0, + (nt_unicode_string *)0, + (nt_unicode_string *)0, + (nt_unicode_string *)0))) + return __tt_create_process_cancel(params,hsection,status); + + /* update the target process environment block: */ + /* make process_params point to rparams_block */ + if ((status = __ntapi->zw_write_virtual_memory( + tparams.hprocess, + (char *)((uintptr_t)params->pbi.peb_base_address + + (uintptr_t)&(((nt_peb *)0)->process_params)), + (char *)&rprocess_params, + sizeof(uintptr_t),0))) + return __tt_create_process_cancel(params,hsection,status); + + /* rtdata */ + if (params->rtblock && (status = __ntapi_tt_create_remote_runtime_data(tparams.hprocess,params->rtblock))) + return __tt_create_process_cancel(params,hsection,status); + + if (fresume_thread && (status = __ntapi->zw_resume_thread(tparams.hthread,0))) + return __tt_create_process_cancel(params,hsection,status); + + /* all done */ + params->hthread = tparams.hthread; + params->cid.process_id = params->pbi.unique_process_id; + params->cid.thread_id = tparams.thread_id; + + return status; +} diff --git a/src/process/ntapi_tt_create_native_process_v2.c b/src/process/ntapi_tt_create_native_process_v2.c new file mode 100644 index 0000000..49fbaf7 --- /dev/null +++ b/src/process/ntapi_tt_create_native_process_v2.c @@ -0,0 +1,233 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include +#include +#include +#include +#include "ntapi_impl.h" + +static int32_t __tt_create_process_cancel(nt_create_process_params * params, int32_t status) +{ + if (params->hprocess) { + __ntapi->zw_terminate_process(params->hprocess,NT_STATUS_INTERNAL_ERROR); + __ntapi->zw_close(params->hprocess); + } + + if (params->hthread) + __ntapi->zw_close(params->hthread); + + return status; +} + + +int32_t __stdcall __ntapi_tt_create_native_process_v2( + __in_out nt_create_process_params * params) +{ + int32_t status; + + nt_object_attributes oa_process; + nt_object_attributes oa_thread; + + nt_unicode_string nt_image; + nt_unicode_string nt_cmd_line; + wchar16_t * cmd_line_runtime_buffer; + size_t cmd_line_runtime_buffer_size; + + nt_create_process_info nt_process_info; + int fresume_thread; + + struct { + size_t size_in_bytes; + nt_create_process_ext_param file_info; + } ext_params; + + #if defined (__NT32) + wchar16_t runtime_arg[12] = { + ' ','-','r',' ', + 'i','n','t','e','g','r','a','l'}; + #elif defined (__NT64) + wchar16_t runtime_arg[20] = { + ' ','-','r',' ', + 'i','n','t','e','g','r','a','l', + '-','r','u','n','t','i','m','e'}; + #endif + + /* validation */ + if (params->cmd_line && params->process_params) + return NT_STATUS_INVALID_PARAMETER_MIX; + else if (params->cmd_line && params->rtblock) + return NT_STATUS_INVALID_PARAMETER_MIX; + else if (params->environment && params->process_params) + return NT_STATUS_INVALID_PARAMETER_MIX; + + /* image_name */ + __ntapi->rtl_init_unicode_string( + &nt_image, + params->image_name); + + /* oa_process */ + if (!params->obj_attr_process) { + __ntapi->tt_aligned_block_memset( + &oa_process,0,sizeof(oa_process)); + + oa_process.len = sizeof(oa_process); + params->obj_attr_process = &oa_process; + } + + /* oa_thread */ + if (!params->obj_attr_thread) { + __ntapi->tt_aligned_block_memset( + &oa_thread,0,sizeof(oa_thread)); + + oa_thread.len = sizeof(oa_thread); + params->obj_attr_thread = &oa_thread; + } + + /* process_params */ + if (!params->process_params) { + /* cmd_line */ + if (!params->cmd_line) { + params->cmd_line = params->image_name; + } + + __ntapi->rtl_init_unicode_string( + &nt_cmd_line, + params->cmd_line); + + /* rtdata (alternative to cmd_line) */ + if (params->rtblock) { + cmd_line_runtime_buffer = (wchar16_t *)0; + cmd_line_runtime_buffer_size = nt_cmd_line.maxlen + + sizeof(runtime_arg); + + if ((status = __ntapi->zw_allocate_virtual_memory( + NT_CURRENT_PROCESS_HANDLE, + (void **)&cmd_line_runtime_buffer, + 0,&cmd_line_runtime_buffer_size, + NT_MEM_RESERVE | NT_MEM_COMMIT, + NT_PAGE_READWRITE))) + return status; + + __ntapi->tt_memcpy_utf16( + (wchar16_t *)cmd_line_runtime_buffer, + (wchar16_t *)nt_cmd_line.buffer, + nt_cmd_line.strlen); + + __ntapi->tt_memcpy_utf16( + (wchar16_t *)pe_va_from_rva( + cmd_line_runtime_buffer, + nt_cmd_line.strlen), + (wchar16_t *)runtime_arg, + sizeof(runtime_arg)); + + nt_cmd_line.strlen += sizeof(runtime_arg); + nt_cmd_line.maxlen += sizeof(runtime_arg); + nt_cmd_line.buffer = cmd_line_runtime_buffer; + } + + + /* environment */ + if (!params->environment) + params->environment = __ntapi->tt_get_peb_env_block_utf16(); + + if ((status = __ntapi->rtl_create_process_parameters( + ¶ms->process_params, + &nt_image, + (nt_unicode_string *)0, + (nt_unicode_string *)0, + &nt_cmd_line, + params->environment, + (nt_unicode_string *)0, + (nt_unicode_string *)0, + (nt_unicode_string *)0, + (nt_unicode_string *)0))) + return status; + + __ntapi->rtl_normalize_process_params(params->process_params); + } + + /* create_process_info */ + if (!params->create_process_info) { + __ntapi->tt_aligned_block_memset( + &nt_process_info,0,sizeof(nt_process_info)); + + nt_process_info.size = sizeof(nt_create_process_info); + nt_process_info.state = NT_PROCESS_CREATE_INITIAL_STATE; + nt_process_info.init_state.init_flags = NT_PROCESS_CREATE_INFO_OBTAIN_OUTPUT; + nt_process_info.init_state.file_access_ext = NT_FILE_READ_ATTRIBUTES|NT_FILE_READ_ACCESS; + + params->create_process_info = &nt_process_info; + } + + /* create_process_ext_params */ + if (!params->create_process_ext_params) { + __ntapi->tt_aligned_block_memset( + &ext_params,0,sizeof(ext_params)); + + ext_params.size_in_bytes = sizeof(ext_params); + + /* file_info */ + ext_params.file_info.ext_param_type = NT_CREATE_PROCESS_EXT_PARAM_SET_FILE_NAME; + ext_params.file_info.ext_param_size = nt_image.strlen; + ext_params.file_info.ext_param_addr = nt_image.buffer; + + params->create_process_ext_params = (nt_create_process_ext_params *)&ext_params; + } + + params->hprocess = 0; + params->hthread = 0; + fresume_thread = 0; + + if (params->rtblock) { + fresume_thread = (params->creation_flags_thread ^ 0x01) & 0x01; + params->creation_flags_thread |= 0x01; + } + + if (!params->desired_access_process) + params->desired_access_process = NT_PROCESS_ALL_ACCESS; + + if (!params->desired_access_thread) + params->desired_access_thread = NT_THREAD_ALL_ACCESS; + + if ((status = __ntapi->zw_create_user_process( + ¶ms->hprocess, + ¶ms->hthread, + params->desired_access_process, + params->desired_access_thread, + params->obj_attr_process, + params->obj_attr_thread, + params->creation_flags_process, + params->creation_flags_thread, + params->process_params, + params->create_process_info, + params->create_process_ext_params))) + return status; + + if ((status = __ntapi->zw_query_information_process( + params->hprocess, + NT_PROCESS_BASIC_INFORMATION, + ¶ms->pbi,sizeof(params->pbi), + 0))) + return __tt_create_process_cancel(params,status); + + if (!params->rtblock) + return NT_STATUS_SUCCESS; + + /* rtdata */ + if ((status = __ntapi_tt_create_remote_runtime_data(params->hprocess,params->rtblock))) + return __tt_create_process_cancel(params,status); + + /* conditional resume */ + if (fresume_thread && (status = __ntapi->zw_resume_thread(params->hthread,0))) + return __tt_create_process_cancel(params,status); + + return NT_STATUS_SUCCESS; +} diff --git a/src/process/ntapi_tt_create_remote_process_params.c b/src/process/ntapi_tt_create_remote_process_params.c new file mode 100644 index 0000000..3ff8711 --- /dev/null +++ b/src/process/ntapi_tt_create_remote_process_params.c @@ -0,0 +1,331 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include +#include +#include +#include +#include "ntapi_impl.h" + +int32_t __stdcall __ntapi_tt_create_remote_process_params( + __in void * hprocess, + __out nt_process_parameters ** rprocess_params, + __in nt_unicode_string * image_file, + __in nt_unicode_string * dll_path __optional, + __in nt_unicode_string * current_directory __optional, + __in nt_unicode_string * command_line __optional, + __in wchar16_t * environment __optional, + __in nt_unicode_string * window_title __optional, + __in nt_unicode_string * desktop_info __optional, + __in nt_unicode_string * shell_info __optional, + __in nt_unicode_string * runtime_data __optional) +{ + #define __ALIGN_ALLOC_SIZE \ + process_params.alloc_size += sizeof(uintptr_t) - 1; \ + process_params.alloc_size /= sizeof(uintptr_t); \ + process_params.alloc_size *= sizeof(uintptr_t); + + int32_t status; + + ptrdiff_t d_image; + ptrdiff_t d_dll_path; + ptrdiff_t d_cwd; + ptrdiff_t d_cmd_line; + ptrdiff_t d_environment; + ptrdiff_t d_runtime; + /* + ptrdiff_t d_wnd_title; + ptrdiff_t d_desktop; + ptrdiff_t d_shell; + */ + + wchar16_t * wch; + size_t env_block_size; + size_t params_block_size; + size_t bytes_written; + + nt_process_parameters process_params; + nt_process_parameters * params_block; + nt_process_parameters * rparams_block; + nt_process_parameters * params_default; + + /* make the compiler happy */ + d_image = 0; + d_dll_path = 0; + d_cwd = 0; + d_cmd_line = 0; + d_environment = 0; + d_runtime = 0; + env_block_size = 0; + + /* initialize */ + __ntapi->tt_aligned_block_memset( + &process_params, + 0,sizeof(nt_process_parameters)); + + /* allow for extended structures (newer OS versions) */ + process_params.alloc_size = sizeof(nt_process_parameters) + + 8 * sizeof(uintptr_t); + + params_default = ((nt_peb *)pe_get_peb_address())->process_params; + + /* image_file */ + if (image_file) { + /* check alignment and sanity */ + if ((uintptr_t)image_file->buffer % sizeof(uintptr_t)) + return NT_STATUS_INVALID_PARAMETER_2; + else if (image_file->maxlen < image_file->strlen) + return NT_STATUS_INVALID_PARAMETER_2; + + process_params.image_file_name.strlen = image_file->strlen; + process_params.image_file_name.maxlen = image_file->maxlen; + + /* store offset and update alloc_size */ + d_image = process_params.alloc_size; + process_params.alloc_size += image_file->maxlen; + __ALIGN_ALLOC_SIZE; + } + + /* dll_path */ + if (!dll_path) + dll_path = &(params_default->dll_path); + + if (dll_path) { + /* check alignment and sanity */ + if ((uintptr_t)dll_path->buffer % sizeof(uintptr_t)) + return NT_STATUS_INVALID_PARAMETER_3; + else if (dll_path->maxlen < dll_path->strlen) + return NT_STATUS_INVALID_PARAMETER_3; + + process_params.dll_path.strlen = dll_path->strlen; + process_params.dll_path.maxlen = dll_path->maxlen; + + /* store offset and update alloc_size */ + d_dll_path = process_params.alloc_size; + process_params.alloc_size += dll_path->maxlen; + __ALIGN_ALLOC_SIZE; + } + + /* current_directory */ + if (!current_directory) + current_directory = &(params_default->cwd_name); + + if (current_directory) { + /* check alignment and sanity */ + if ((uintptr_t)current_directory->buffer % sizeof(uintptr_t)) + return NT_STATUS_INVALID_PARAMETER_4; + else if (current_directory->maxlen < current_directory->strlen) + return NT_STATUS_INVALID_PARAMETER_4; + + process_params.cwd_name.strlen = current_directory->strlen; + process_params.cwd_name.maxlen = current_directory->maxlen; + + /* store offset and update alloc_size */ + d_cwd = process_params.alloc_size; + process_params.alloc_size += current_directory->maxlen; + __ALIGN_ALLOC_SIZE; + } + + /* command_line */ + if (command_line) { + /* check alignment and sanity */ + if ((uintptr_t)command_line->buffer % sizeof(uintptr_t)) + return NT_STATUS_INVALID_PARAMETER_5; + else if (command_line->maxlen < command_line->strlen) + return NT_STATUS_INVALID_PARAMETER_5; + + process_params.command_line.strlen = command_line->strlen; + process_params.command_line.maxlen = command_line->maxlen; + + /* store offset and update alloc_size */ + d_cmd_line = process_params.alloc_size; + process_params.alloc_size += command_line->maxlen; + __ALIGN_ALLOC_SIZE; + } + + /* environment */ + if (environment) { + /* check alignment */ + if ((uintptr_t)environment % sizeof(uintptr_t)) + return NT_STATUS_INVALID_PARAMETER_6; + + /* obtain size of environment block */ + wch = environment; + + while (*wch) { + /* reach the end of the current variable */ + while (*wch++) + /* proceed to the next variable */ + wch++; + } + + env_block_size = (uintptr_t)wch - (uintptr_t)environment; + + /* store offset and update alloc_size */ + d_environment = process_params.alloc_size; + process_params.alloc_size += (uint32_t)env_block_size + 0x1000; + __ALIGN_ALLOC_SIZE; + } + + /* runtime_data */ + if (runtime_data) { + /* check alignment and sanity */ + if ((uintptr_t)runtime_data->buffer % sizeof(uintptr_t)) + return NT_STATUS_INVALID_PARAMETER_5; + else if (runtime_data->maxlen < runtime_data->strlen) + return NT_STATUS_INVALID_PARAMETER_5; + + process_params.runtime_data.strlen = runtime_data->strlen; + process_params.runtime_data.maxlen = runtime_data->maxlen; + + /* store offset and update alloc_size */ + d_runtime = process_params.alloc_size; + process_params.alloc_size += runtime_data->maxlen; + __ALIGN_ALLOC_SIZE; + } + + /* allocate local and remote process parameters blocks */ + params_block = (nt_process_parameters *)0; + rparams_block = (nt_process_parameters *)0; + + process_params.used_size = process_params.alloc_size; + params_block_size = process_params.alloc_size; + + /* local block */ + status = __ntapi->zw_allocate_virtual_memory( + NT_CURRENT_PROCESS_HANDLE, + (void **)¶ms_block, + 0, + ¶ms_block_size, + NT_MEM_COMMIT, + NT_PAGE_READWRITE); + + if (status != NT_STATUS_SUCCESS) + return status; + + process_params.alloc_size = (uint32_t)params_block_size; + __ntapi->tt_aligned_block_memset(params_block,0,params_block_size); + + /* remote block */ + status = __ntapi->zw_allocate_virtual_memory( + hprocess, + (void **)&rparams_block, + 0, + ¶ms_block_size, + NT_MEM_RESERVE | NT_MEM_COMMIT, + NT_PAGE_READWRITE); + + if (status != NT_STATUS_SUCCESS) { + __ntapi->zw_free_virtual_memory( + NT_CURRENT_PROCESS_HANDLE, + (void **)¶ms_block, + (size_t *)&process_params.alloc_size, + NT_MEM_RELEASE); + + return status; + } + + /* copy the process_params structure */ + __ntapi->tt_aligned_memcpy_utf16( + (uintptr_t *)params_block, + (uintptr_t *)&process_params, + sizeof(nt_process_parameters)); + + /* image_file */ + if (image_file) { + params_block->image_file_name.buffer = + (uint16_t *)pe_va_from_rva(rparams_block,d_image); + + __ntapi->tt_aligned_memcpy_utf16( + (uintptr_t *)pe_va_from_rva(params_block,d_image), + (uintptr_t *)image_file->buffer, + image_file->strlen); + } + + /* dll_path */ + if (dll_path) { + params_block->dll_path.buffer = + (uint16_t *)pe_va_from_rva(rparams_block,d_dll_path); + + __ntapi->tt_aligned_memcpy_utf16( + (uintptr_t *)pe_va_from_rva(params_block,d_dll_path), + (uintptr_t *)dll_path->buffer, + dll_path->strlen); + } + + /* current_directory */ + if (current_directory) { + params_block->cwd_name.buffer = + (uint16_t *)pe_va_from_rva(rparams_block,d_cwd); + + __ntapi->tt_aligned_memcpy_utf16( + (uintptr_t *)pe_va_from_rva(params_block,d_cwd), + (uintptr_t *)current_directory->buffer, + current_directory->strlen); + } + + /* command_line */ + if (command_line) { + params_block->command_line.buffer = + (uint16_t *)pe_va_from_rva(rparams_block,d_cmd_line); + + __ntapi->tt_aligned_memcpy_utf16( + (uintptr_t *)pe_va_from_rva(params_block,d_cmd_line), + (uintptr_t *)command_line->buffer, + command_line->strlen); + } + + /* environment */ + if (environment) { + params_block->environment = + (wchar16_t *)pe_va_from_rva(rparams_block,d_environment); + + __ntapi->tt_aligned_memcpy_utf16( + (uintptr_t *)pe_va_from_rva(params_block,d_environment), + (uintptr_t *)environment, + env_block_size); + } + + /* runtime_data */ + if (runtime_data) { + params_block->runtime_data.buffer = + (uint16_t *)pe_va_from_rva(rparams_block,d_runtime); + + __ntapi->tt_aligned_memcpy_utf16( + (uintptr_t *)pe_va_from_rva(params_block,d_runtime), + (uintptr_t *)runtime_data->buffer, + runtime_data->strlen); + } + + params_block->flags = 1; /* normalized */ + + /* copy the local params block to the remote process */ + status = __ntapi->zw_write_virtual_memory( + hprocess, + rparams_block, + (char *)params_block, + process_params.alloc_size, + &bytes_written); + + if (status != NT_STATUS_SUCCESS) + return status; + + /* free the local params block */ + __ntapi->zw_free_virtual_memory( + NT_CURRENT_PROCESS_HANDLE, + (void **)¶ms_block, + (size_t *)&process_params.alloc_size, + NT_MEM_RELEASE); + + /* all done */ + *rprocess_params = rparams_block; + + return NT_STATUS_SUCCESS; +} diff --git a/src/process/ntapi_tt_create_remote_runtime_data.c b/src/process/ntapi_tt_create_remote_runtime_data.c new file mode 100644 index 0000000..d3cf9ca --- /dev/null +++ b/src/process/ntapi_tt_create_remote_runtime_data.c @@ -0,0 +1,178 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include "ntapi_impl.h" + +typedef struct _nt_process_basic_information nt_pbi; + +int32_t __stdcall __ntapi_tt_create_remote_runtime_data( + __in void * hprocess, + __in_out nt_runtime_data_block * rtblock) +{ + int32_t status; + + size_t bytes_written; + nt_pbi rpbi; + nt_process_parameters * rprocess_params; + nt_unicode_string rcmd_line; + uint32_t runtime_arg_hash; + nt_runtime_data * rtdata; + void * srv_ready; + + #if defined (__NT32) + wchar16_t runtime_arg[8] = { + 'i','n','t','e','g','r','a','l'}; + #elif defined (__NT64) + wchar16_t runtime_arg[16] = { + 'i','n','t','e','g','r','a','l', + '-','r','u','n','t','i','m','e'}; + #endif + + /* validation */ + if (!hprocess) + return NT_STATUS_INVALID_PARAMETER_1; + else if (!rtblock) + return NT_STATUS_INVALID_PARAMETER_2; + else if (!rtblock->addr) + return NT_STATUS_INVALID_PARAMETER_2; + else if (!rtblock->size) + return NT_STATUS_INVALID_PARAMETER_2; + + runtime_arg_hash = __ntapi->tt_buffer_crc32( + 0, + (char *)runtime_arg, + sizeof(runtime_arg)); + + /* obtain process information */ + status = __ntapi->zw_query_information_process( + hprocess, + NT_PROCESS_BASIC_INFORMATION, + (void *)&rpbi, + sizeof(nt_process_basic_information), + 0); + + if (status != NT_STATUS_SUCCESS) + return status; + + status = __ntapi->zw_read_virtual_memory( + hprocess, + pe_va_from_rva( + rpbi.peb_base_address, + (uintptr_t)&(((nt_peb *)0)->process_params)), + (char *)&rprocess_params, + sizeof(uintptr_t), + &bytes_written); + + if (status != NT_STATUS_SUCCESS) + return status; + + status = __ntapi->zw_read_virtual_memory( + hprocess, + &rprocess_params->command_line, + (char *)&rcmd_line, + sizeof(nt_unicode_string), + &bytes_written); + + if (status != NT_STATUS_SUCCESS) + return status; + + if (rcmd_line.buffer == 0) + return NT_STATUS_BUFFER_TOO_SMALL; + else if (rcmd_line.strlen < sizeof(runtime_arg) + 4*sizeof(wchar16_t)) + return NT_STATUS_INVALID_USER_BUFFER; + + status = __ntapi->zw_read_virtual_memory( + hprocess, + pe_va_from_rva( + rcmd_line.buffer, + rcmd_line.strlen - sizeof(runtime_arg)), + (char *)&runtime_arg, + sizeof(runtime_arg), + &bytes_written); + + if (status != NT_STATUS_SUCCESS) + return status; + + /* verify remote process compatibility */ + runtime_arg_hash ^= __ntapi->tt_buffer_crc32( + 0, + (char *)runtime_arg, + sizeof(runtime_arg)); + + if (runtime_arg_hash) + return NT_STATUS_INVALID_SIGNATURE; + + /* remote block */ + rtblock->remote_size = rtblock->size; + status = __ntapi->zw_allocate_virtual_memory( + hprocess, + &rtblock->remote_addr, + 0, + &rtblock->remote_size, + NT_MEM_RESERVE | NT_MEM_COMMIT, + NT_PAGE_READWRITE); + + if (status != NT_STATUS_SUCCESS) + return status; + + /* session handles */ + if (rtblock->flags & NT_RUNTIME_DATA_DUPLICATE_SESSION_HANDLES) { + rtdata = (nt_runtime_data *)rtblock->addr; + srv_ready = rtdata->srv_ready; + + status = __ntapi->zw_duplicate_object( + NT_CURRENT_PROCESS_HANDLE, + srv_ready, + hprocess, + &rtdata->srv_ready, + 0,0,NT_DUPLICATE_SAME_ATTRIBUTES | NT_DUPLICATE_SAME_ACCESS); + if (status) return status; + } else + srv_ready = 0; + + /* copy local block to remote process */ + status = __ntapi->zw_write_virtual_memory( + hprocess, + rtblock->remote_addr, + (char *)rtblock->addr, + rtblock->size, + &bytes_written); + + /* restore rtdata */ + if (srv_ready) + rtdata->srv_ready = srv_ready; + + if (status != NT_STATUS_SUCCESS) + return status; + + /* runtime_arg */ + __ntapi->tt_uintptr_to_hex_utf16( + (uintptr_t)rtblock->remote_addr, + runtime_arg); + + /* update remote runtime arg */ + status = __ntapi->zw_write_virtual_memory( + hprocess, + pe_va_from_rva( + rcmd_line.buffer, + rcmd_line.strlen - sizeof(runtime_arg)), + (char *)&runtime_arg, + sizeof(runtime_arg), + &bytes_written); + + if (status) + __ntapi->zw_free_virtual_memory( + hprocess, + &rtblock->remote_addr, + &rtblock->remote_size, + NT_MEM_RELEASE); + + return status; +} diff --git a/src/process/ntapi_tt_fork_v1.c b/src/process/ntapi_tt_fork_v1.c new file mode 100644 index 0000000..de917ef --- /dev/null +++ b/src/process/ntapi_tt_fork_v1.c @@ -0,0 +1,218 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "ntapi_impl.h" + +intptr_t __cdecl __attr_hidden__ __tt_fork_v1(void); +uint32_t __fastcall __attr_hidden__ __tt_fork_child_entry_point(uintptr_t saved_regs_stack_pointer); +uint32_t __fastcall __attr_hidden__ __tt_fork_child_entry_point_adj(uintptr_t saved_regs_stack_pointer); + +/** legacy fork chronology: + * + * parent: + * __ntapi_tt_fork -> + * __tt_fork -> + * __tt_fork_impl -> + * return to __tt_fork --> + * __ntapi_tt_fork + * -> return to caller + * + * child: + * __tt_fork_child_entry_point[_adj] -> + * __ntapi_tt_fork (internal return) -> + * -> return to caller +**/ + + +static intptr_t __tt_fork_cancel(void * hprocess,int32_t status) +{ + __ntapi->zw_terminate_process(hprocess, status); + __ntapi->zw_close(hprocess); + return (intptr_t)(-1); +} + +intptr_t __fastcall __tt_fork_impl_v1( + uintptr_t saved_regs_stack_pointer, + uintptr_t stack_adjustment) +{ + int32_t status; + void * hprocess; + void * hthread; + void ** hport_session; + ntapi_internals * __internals; + + nt_object_attributes oa; + nt_process_basic_information pbi; + nt_thread_context context; + nt_user_stack stack; + nt_memory_basic_information mbi; + nt_client_id cid; + nt_large_integer timeout; + + hprocess = hthread = (void *)0; + + oa.len = sizeof(nt_object_attributes); + oa.root_dir = 0; + oa.obj_name = 0; + oa.obj_attr = 0; + oa.sec_desc = 0; + oa.sec_qos = 0; + + if ((status = __ntapi->zw_create_process( + &hprocess, + NT_PROCESS_ALL_ACCESS, + &oa, + NT_CURRENT_PROCESS_HANDLE, + 1,0,0,0))) + return (intptr_t)(-1); + + if ((status = __ntapi->zw_query_information_process( + hprocess, + NT_PROCESS_BASIC_INFORMATION, + (void *)&pbi, + sizeof(nt_process_basic_information), + 0))) + return __tt_fork_cancel(hprocess,status); + + + + __ntapi->tt_aligned_block_memset( + &context,0,sizeof(nt_thread_context)); + + __INIT_CONTEXT(context); + context.STACK_POINTER_REGISTER = saved_regs_stack_pointer; + context.FAST_CALL_ARG0 = saved_regs_stack_pointer; + + context.INSTRUCTION_POINTER_REGISTER = stack_adjustment + ? (uintptr_t)__tt_fork_child_entry_point_adj + : (uintptr_t)__tt_fork_child_entry_point; + + + + if ((status = __ntapi->zw_query_virtual_memory( + NT_CURRENT_PROCESS_HANDLE, + (void *)context.STACK_POINTER_REGISTER, + NT_MEMORY_BASIC_INFORMATION, + &mbi,sizeof(nt_memory_basic_information),0))) + return __tt_fork_cancel(hprocess,status); + + stack.fixed_stack_base = (void *)0; + stack.fixed_stack_limit = (void *)0; + stack.expandable_stack_base = (void *)((uintptr_t)mbi.base_address + mbi.region_size); + stack.expandable_stack_limit = (void *)mbi.base_address; + stack.expandable_stack_bottom = (void *)mbi.allocation_base; + + + + __internals = __ntapi_internals(); + hport_session = &__internals->hport_tty_session; + timeout.quad = (-1) * 10 * 1000 * __NT_FORK_CHILD_WAIT_MILLISEC; + + if (hport_session && *hport_session) + if ((status = __ntapi->tty_client_process_register( + *hport_session, + pbi.unique_process_id, + 0, 0, &timeout))) + return __tt_fork_cancel(hprocess,status); + + + if ((status = __ntapi->zw_create_thread( + &hthread, + NT_THREAD_ALL_ACCESS, + &oa,hprocess,&cid, + &context,&stack,0))) + return __tt_fork_cancel(hprocess,status); + + + if (cid.process_id > 0) { + __internals->hany[0] = hprocess; + __internals->hany[1] = hthread; + } else { + __internals->hany[0] = 0; + __internals->hany[1] = 0; + } + + /* hoppla */ + return (int32_t)cid.process_id; +} + +intptr_t __fastcall __ntapi_tt_fork_v1( + __out void ** hprocess, + __out void ** hthread) +{ + int32_t status; + intptr_t pid; + nt_large_integer timeout; + void ** hport_session; + void * hevent_tty_connected; + ntapi_internals * __internals; + + __internals = __ntapi_internals(); + hport_session = &__internals->hport_tty_session; + timeout.quad = (-1) * 10 * 1000 * __NT_FORK_CHILD_WAIT_MILLISEC; + + if (at_locked_cas(&__internals->hlock,0,1)) + return (intptr_t)(-1); + + if (hport_session && *hport_session) + if (__ntapi_tt_create_inheritable_event( + &hevent_tty_connected, + NT_NOTIFICATION_EVENT, + NT_EVENT_NOT_SIGNALED)) + return (intptr_t)(-1); + + pid = __tt_fork_v1(); + + *hprocess = __internals->hany[0]; + *hthread = __internals->hany[1]; + + at_store(&__internals->hlock,0); + + if (hport_session && *hport_session) { + if (pid == 0) { + if ((status = __ntapi->tty_connect( + hport_session, + __internals->subsystem->base_named_objects, + NT_SECURITY_IMPERSONATION))) + return __tt_fork_cancel(NT_CURRENT_PROCESS_HANDLE,status); + + __internals->hdev_mount_point_mgr = 0; + + if (__internals->rtdata) + __internals->rtdata->hsession = *hport_session; + + __ntapi->zw_set_event( + hevent_tty_connected, + 0); + + } else if (pid > 0) { + status = __ntapi->zw_wait_for_single_object( + hevent_tty_connected, + NT_SYNC_NON_ALERTABLE, + &timeout); + + if (status && __PSX_DEBUG) + if ((status = __ntapi->zw_wait_for_single_object( + hevent_tty_connected, + NT_SYNC_NON_ALERTABLE, + 0))) + pid = __tt_fork_cancel(*hprocess,status); + } + + __ntapi->zw_close(hevent_tty_connected); + } + + return pid; +} diff --git a/src/process/ntapi_tt_fork_v2.c b/src/process/ntapi_tt_fork_v2.c new file mode 100644 index 0000000..e483554 --- /dev/null +++ b/src/process/ntapi_tt_fork_v2.c @@ -0,0 +1,183 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "ntapi_impl.h" + +static intptr_t __tt_fork_cancel(void * hprocess,int32_t status) +{ + __ntapi->zw_terminate_process(hprocess, status); + __ntapi->zw_close(hprocess); + return (intptr_t)(-1); +} + +intptr_t __fastcall __tt_fork_impl_v2( + __out void ** hprocess, + __out void ** hthread) +{ + int32_t status; + void ** hport_session; + nt_object_attributes oa_process; + nt_object_attributes oa_thread; + nt_create_process_info process_info; + nt_cid cid; + nt_sec_img_inf sec_img_inf; + nt_timeout timeout; + ntapi_internals * __internals; + + struct { + size_t size_in_bytes; + nt_create_process_ext_param process_info; + nt_create_process_ext_param section_info; + } ext_params; + + + oa_process.len = sizeof(nt_object_attributes); + oa_process.root_dir = 0; + oa_process.obj_name = 0; + oa_process.obj_attr = 0; + oa_process.sec_desc = 0; + oa_process.sec_qos = 0; + + oa_thread.len = sizeof(nt_object_attributes); + oa_thread.root_dir = 0; + oa_thread.obj_name = 0; + oa_thread.obj_attr = 0; + oa_thread.sec_desc = 0; + oa_thread.sec_qos = 0; + + + __ntapi->tt_aligned_block_memset( + &process_info,0,sizeof(process_info)); + + process_info.size = sizeof(process_info); + process_info.state = NT_PROCESS_CREATE_INITIAL_STATE; + process_info.init_state.init_flags = NT_PROCESS_CREATE_FLAGS_NO_OBJECT_SYNC; + + __ntapi->tt_aligned_block_memset(&ext_params,0,sizeof(ext_params)); + __ntapi->tt_aligned_block_memset(&cid,0,sizeof(cid)); + __ntapi->tt_aligned_block_memset(&sec_img_inf,0,sizeof(sec_img_inf)); + ext_params.size_in_bytes = sizeof(ext_params); + + ext_params.process_info.ext_param_type = NT_CREATE_PROCESS_EXT_PARAM_GET_CLIENT_ID; + ext_params.process_info.ext_param_size = sizeof(cid); + ext_params.process_info.ext_param_addr = &cid; + + ext_params.section_info.ext_param_type = NT_CREATE_PROCESS_EXT_PARAM_GET_SECTION_IMAGE_INFO; + ext_params.section_info.ext_param_size = sizeof(sec_img_inf); + ext_params.section_info.ext_param_addr = &sec_img_inf; + + + /* [thou shalt remember the single step paradox] */ + status = __ntapi->zw_create_user_process( + hprocess, + hthread, + NT_PROCESS_ALL_ACCESS, + NT_THREAD_ALL_ACCESS, + &oa_process, + &oa_thread, + NT_PROCESS_CREATE_FLAGS_INHERIT_HANDLES, + NT_PROCESS_CREATE_FLAGS_CREATE_THREAD_SUSPENDED, + (nt_process_parameters *)0, + &process_info, + (nt_create_process_ext_params *)&ext_params); + + if (status == NT_STATUS_PROCESS_CLONED) + return 0; + else if (status) + return (intptr_t)(-1); + + __internals = __ntapi_internals(); + hport_session = &__internals->hport_tty_session; + timeout.quad = (-1) * 10 * 1000 * __NT_FORK_CHILD_WAIT_MILLISEC; + + if (hport_session && *hport_session) + if ((status = __ntapi->tty_client_process_register( + *hport_session, + cid.process_id, + 0,0,&timeout))) + return __tt_fork_cancel(*hprocess,status); + + /* [thou shalt remember the single step paradox] */ + if ((status = __ntapi->zw_resume_thread( + *hthread,0))) + return __tt_fork_cancel(*hprocess,status); + + /* hoppla */ + return (int32_t)cid.process_id; +} + +intptr_t __fastcall __ntapi_tt_fork_v2( + __out void ** hprocess, + __out void ** hthread) +{ + int32_t status; + intptr_t pid; + nt_large_integer timeout; + void ** hport_session; + void * hevent_tty_connected; + ntapi_internals * __internals; + + __internals = __ntapi_internals(); + hport_session = &__internals->hport_tty_session; + timeout.quad = (-1) * 10 * 1000 * __NT_FORK_CHILD_WAIT_MILLISEC; + + if (hport_session && *hport_session) + if (__ntapi_tt_create_inheritable_event( + &hevent_tty_connected, + NT_NOTIFICATION_EVENT, + NT_EVENT_NOT_SIGNALED)) + return (intptr_t)(-1); + + pid = __tt_fork_impl_v2(hprocess,hthread); + + if (!hport_session || !*hport_session) + return pid; + else if (pid < 0) + return pid; + + if (pid == 0) { + if ((status = __ntapi->tty_connect( + hport_session, + __internals->subsystem->base_named_objects, + NT_SECURITY_IMPERSONATION))) + return __tt_fork_cancel(NT_CURRENT_PROCESS_HANDLE,status); + + __internals->hdev_mount_point_mgr = 0; + + if (__internals->rtdata) + __internals->rtdata->hsession = *hport_session; + + __ntapi->zw_set_event( + hevent_tty_connected, + 0); + } else { + status = __ntapi->zw_wait_for_single_object( + hevent_tty_connected, + NT_SYNC_NON_ALERTABLE, + &timeout); + + if (status && __PSX_DEBUG) + if ((status = __ntapi->zw_wait_for_single_object( + hevent_tty_connected, + NT_SYNC_NON_ALERTABLE, + 0))) + pid = __tt_fork_cancel(*hprocess,status); + } + + + __ntapi->zw_close(hevent_tty_connected); + + return pid; +} diff --git a/src/process/ntapi_tt_get_runtime_data.c b/src/process/ntapi_tt_get_runtime_data.c new file mode 100644 index 0000000..92b4b2b --- /dev/null +++ b/src/process/ntapi_tt_get_runtime_data.c @@ -0,0 +1,83 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include "ntapi_impl.h" + +#if defined (__NT32) +static wchar16_t runtime_arg[12] = { + ' ','-','r',' ', + 'i','n','t','e','g','r','a','l'}; +#elif defined (__NT64) +static wchar16_t runtime_arg[20] = { + ' ','-','r',' ', + 'i','n','t','e','g','r','a','l', + '-','r','u','n','t','i','m','e'}; +#endif + +int32_t __stdcall __ntapi_tt_get_runtime_data( + __out nt_runtime_data ** rtdata, + __in wchar16_t ** argv) +{ + int32_t status; + nt_process_parameters * process_params; + nt_cmd_option_meta_utf16 cmd_opt_meta; + nt_runtime_data buffer; + nt_runtime_data * prtdata; + ntapi_internals * __internals; + + /* init */ + __internals = __ntapi_internals(); + + /* once? */ + if (__internals->rtdata) { + *rtdata = __internals->rtdata; + return NT_STATUS_SUCCESS; + } + + if (!(argv = argv ? argv : __internals->ntapi_img_sec_bss->argv_envp_array)) + return NT_STATUS_INVALID_PARAMETER_2; + + /* integral process? */ + if ((status = __ntapi->tt_get_short_option_meta_utf16( + __ntapi->tt_crc32_table(), + 'r', + argv, + &cmd_opt_meta))) + return status; + + else if (argv[3]) + status = NT_STATUS_INVALID_PARAMETER_MIX; + + if ((status = __ntapi->tt_hex_utf16_to_uintptr( + cmd_opt_meta.value, + (uintptr_t *)&prtdata))) + return status; + + if ((status = __ntapi->zw_read_virtual_memory( + NT_CURRENT_PROCESS_HANDLE, + prtdata, + (char *)&buffer, + sizeof(buffer),0))) + return status; + + /* avoid confusion :-) */ + process_params = ((nt_peb *)pe_get_peb_address())->process_params; + + __ntapi->tt_memcpy_utf16( + (wchar16_t *)pe_va_from_rva( + process_params->command_line.buffer, + process_params->command_line.strlen - sizeof(runtime_arg)), + runtime_arg, + sizeof(runtime_arg)); + + *rtdata = prtdata; + + return NT_STATUS_SUCCESS; +} diff --git a/src/process/ntapi_tt_init_runtime_data.c b/src/process/ntapi_tt_init_runtime_data.c new file mode 100644 index 0000000..c7c2603 --- /dev/null +++ b/src/process/ntapi_tt_init_runtime_data.c @@ -0,0 +1,82 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include "ntapi_impl.h" + +int32_t __stdcall __ntapi_tt_update_runtime_data(nt_runtime_data * rtdata) +{ + int32_t status; + nt_process_basic_information pbi; + uint32_t ret; + nt_oa oa = {sizeof(oa)}; + + /* process (self) */ + rtdata->cid_self.process_id = pe_get_current_process_id(); + rtdata->cid_self.thread_id = 0; + + if ((status = __ntapi->zw_open_process( + &rtdata->hprocess_self, + NT_PROCESS_ALL_ACCESS, + &oa,&rtdata->cid_self))) + return status; + + if (rtdata->cid_parent.process_id) + return NT_STATUS_SUCCESS; + + /* process (parent) */ + if ((status = __ntapi->zw_query_information_process( + rtdata->hprocess_self, + NT_PROCESS_BASIC_INFORMATION, + &pbi,sizeof(pbi),&ret))) + return status; + + rtdata->cid_parent.process_id = pbi.inherited_from_unique_process_id; + rtdata->cid_parent.thread_id = 0; + rtdata->hprocess_parent = 0; + + return NT_STATUS_SUCCESS; +} + +int32_t __stdcall __ntapi_tt_init_runtime_data(nt_runtime_data * rtdata) +{ + int32_t status; + nt_peb * peb; + nt_oa oa = {sizeof(oa)}; + + /* init */ + __ntapi->tt_aligned_block_memset(rtdata,0,sizeof(*rtdata)); + peb = (nt_peb *)(pe_get_peb_address()); + + /* pid (self,parent) */ + if ((status = __ntapi_tt_update_runtime_data(rtdata))) + return status; + + /* std handles */ + rtdata->hstdin = peb->process_params->hstdin; + rtdata->hstdout = peb->process_params->hstdout; + rtdata->hstderr = peb->process_params->hstderr; + + if (__ntapi->tt_get_file_handle_type(rtdata->hstdin,&rtdata->stdin_type)) { + rtdata->hstdin = NT_INVALID_HANDLE_VALUE; + rtdata->stdin_type = 0; + } + + if (__ntapi->tt_get_file_handle_type(rtdata->hstdout,&rtdata->stdout_type)) { + rtdata->hstdout = NT_INVALID_HANDLE_VALUE; + rtdata->stdout_type = 0; + } + + if (__ntapi->tt_get_file_handle_type(rtdata->hstderr,&rtdata->stderr_type)) { + rtdata->hstderr = NT_INVALID_HANDLE_VALUE; + rtdata->stderr_type = 0; + } + + return 0; +} diff --git a/src/process/ntapi_tt_map_image_as_data.c b/src/process/ntapi_tt_map_image_as_data.c new file mode 100644 index 0000000..864f9cc --- /dev/null +++ b/src/process/ntapi_tt_map_image_as_data.c @@ -0,0 +1,120 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include +#include "ntapi_impl.h" + +static nt_sqos const sqos = { + sizeof(sqos), + NT_SECURITY_IMPERSONATION, + NT_SECURITY_TRACKING_DYNAMIC, + 1}; + +static int32_t __tt_exec_unmap_image(nt_executable_image * image, void * base, int32_t status) +{ + int32_t ret; + + if (base) + if ((ret = __ntapi->zw_unmap_view_of_section( + NT_CURRENT_PROCESS_HANDLE, + base))) + return ret; + + if (image->hsection) + if ((ret = __ntapi->zw_close(image->hsection))) + return ret; + + return status; +} + +int32_t __stdcall __ntapi_tt_exec_unmap_image(nt_executable_image * image) +{ + return __tt_exec_unmap_image(image,image->addr,0); +} + + +int32_t __stdcall __ntapi_tt_exec_map_image_as_data(nt_executable_image * image) +{ + int32_t status; + uint16_t * pi16; + uint32_t * pi32; + nt_sec_size sec_size; + size_t view_size; + void * base; + void * hsection; + + struct pe_image_dos_hdr * dos; + struct pe_coff_file_hdr * coff; + union pe_opt_hdr * opt; + struct pe_sec_hdr * sec; + + nt_oa oa = {sizeof(oa), + 0,0,0,0,(nt_sqos *)&sqos}; + + base = 0; + sec_size.quad = 0; + view_size = image->size; + + if ((status = __ntapi->zw_create_section( + &hsection, + NT_SECTION_MAP_READ, + &oa, + &sec_size, + NT_PAGE_READONLY, + NT_SEC_RESERVE,image->hfile))) + return status; + + if ((status = __ntapi->zw_map_view_of_section( + hsection, + NT_CURRENT_PROCESS_HANDLE, + &base, + 0,0,0, + &view_size, + NT_VIEW_UNMAP,0, + NT_PAGE_READONLY))) + return __tt_exec_unmap_image( + image,base,status); + + if (!(dos = pe_get_image_dos_hdr_addr(base))) + return 0; + + pi32 = (uint32_t *)dos->dos_lfanew; + if ((*pi32 + sizeof(*coff)) > view_size) + return __tt_exec_unmap_image( + image,base,NT_STATUS_INVALID_IMAGE_FORMAT); + + if (!(coff = pe_get_image_coff_hdr_addr(base))) + return 0; + + if (!(opt = pe_get_image_opt_hdr_addr(base))) + return 0; + + sec = pe_get_image_section_tbl_addr(base); + pi16 = (uint16_t *)coff->num_of_sections; + if (((size_t)sec-(size_t)base + *pi16 * sizeof(*sec)) > view_size) + return __tt_exec_unmap_image( + image,base,NT_STATUS_INVALID_IMAGE_FORMAT); + + /* subsystem: same offset (pe32, pe32+) */ + pi16 = (uint16_t *)opt; + image->magic = *pi16; + + pi16 = (uint16_t *)opt->opt_hdr_32.subsystem; + image->subsystem = *pi16; + + pi16 = (uint16_t *)coff->characteristics; + image->characteristics = *pi16; + + image->hsection = hsection; + image->addr = base; + image->size = view_size; + + return status; +} diff --git a/src/process/tt_fork_v1.c b/src/process/tt_fork_v1.c new file mode 100644 index 0000000..e69de29 diff --git a/src/pty/ntapi_pty_cancel.c b/src/pty/ntapi_pty_cancel.c new file mode 100644 index 0000000..4bfbb79 --- /dev/null +++ b/src/pty/ntapi_pty_cancel.c @@ -0,0 +1,46 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include "ntapi_impl.h" +#include "ntapi_pty.h" + +int32_t __stdcall __ntapi_pty_cancel( + nt_pty * pty, + nt_iosb * iosb) +{ + int32_t status; + nt_pty_io_msg msg; + + __ntapi->tt_aligned_block_memset( + &msg,0,sizeof(msg)); + + msg.header.msg_type = NT_LPC_NEW_MESSAGE; + msg.header.data_size = sizeof(msg.data); + msg.header.msg_size = sizeof(msg); + msg.data.ttyinfo.opcode = NT_TTY_PTY_CANCEL; + + msg.data.ioinfo.hpty = pty->hpty; + msg.data.ioinfo.luid.high = pty->luid.high; + msg.data.ioinfo.luid.low = pty->luid.low; + + __ntapi->tt_guid_copy( + &msg.data.ioinfo.guid, + &pty->guid); + + if ((status = __ntapi->zw_request_wait_reply_port(pty->hport,&msg,&msg))) + return status; + else if (msg.data.ttyinfo.status) + return msg.data.ttyinfo.status; + + iosb->info = msg.data.ioinfo.iosb.info; + iosb->status = msg.data.ioinfo.iosb.status; + + return NT_STATUS_SUCCESS; +} diff --git a/src/pty/ntapi_pty_fd.c b/src/pty/ntapi_pty_fd.c new file mode 100644 index 0000000..ee0b426 --- /dev/null +++ b/src/pty/ntapi_pty_fd.c @@ -0,0 +1,232 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include "ntapi_impl.h" +#include "ntapi_pty.h" + +static int32_t __stdcall __ntapi_pty_open_close( + nt_pty * pty, + nt_iosb * iosb, + int32_t opcode) +{ + int32_t status; + nt_pty_fd_msg msg; + + __ntapi->tt_aligned_block_memset(&msg,0,sizeof(msg)); + + msg.header.msg_type = NT_LPC_NEW_MESSAGE; + msg.header.data_size = sizeof(msg.data); + msg.header.msg_size = sizeof(msg); + msg.data.ttyinfo.opcode = opcode; + + msg.data.fdinfo.hpty = pty->hpty; + msg.data.fdinfo.access = pty->access; + msg.data.fdinfo.flags = pty->flags; + msg.data.fdinfo.share = pty->share; + msg.data.fdinfo.options = pty->options; + + msg.data.fdinfo.luid.high = pty->luid.high; + msg.data.fdinfo.luid.low = pty->luid.low; + + __ntapi_tt_guid_copy( + &msg.data.fdinfo.guid, + &pty->guid); + + if ((status = __ntapi->zw_request_wait_reply_port(pty->hport,&msg,&msg))) + return status; + else if (msg.data.ttyinfo.status) + return msg.data.ttyinfo.status; + + pty->hpty = msg.data.fdinfo.hpty; + pty->section = msg.data.fdinfo.section; + pty->section_size = msg.data.fdinfo.section_size; + pty->luid.high = msg.data.fdinfo.luid.high; + pty->luid.low = msg.data.fdinfo.luid.low; + iosb->status = msg.data.ttyinfo.status; + iosb->info = 0; + + return NT_STATUS_SUCCESS; +} + + +static int32_t __fastcall __ntapi_pty_free(nt_pty * pty) +{ + void * addr; + size_t size; + + /* unmap section */ + if (pty->section_addr) + __ntapi->zw_unmap_view_of_section( + NT_CURRENT_PROCESS_HANDLE, + pty->section_addr); + + /* free control block */ + addr = pty->addr; + size = pty->size; + + return __ntapi->zw_free_virtual_memory( + NT_CURRENT_PROCESS_HANDLE, + &addr, + &size, + NT_MEM_RELEASE); +} + + +static int32_t __fastcall __ntapi_pty_fail(nt_pty * pty,int32_t status) +{ + __ntapi_pty_free(pty); + return status; +} + + +static int32_t __fastcall __ntapi_pty_alloc(nt_pty ** pty) +{ + int32_t status; + nt_pty * ctx; + size_t ctx_size; + + /* allocate control block */ + ctx = 0; + ctx_size = sizeof(nt_pty); + + if ((status = __ntapi->zw_allocate_virtual_memory( + NT_CURRENT_PROCESS_HANDLE, + (void **)&ctx, + 0,&ctx_size, + NT_MEM_COMMIT, + NT_PAGE_READWRITE))) + return status; + + /* init control block */ + __ntapi->tt_aligned_block_memset( + ctx,0,ctx_size); + + ctx->addr = ctx; + ctx->size = ctx_size; + + *pty = ctx; + return NT_STATUS_SUCCESS; +} + +static int32_t __ntapi_pty_connect( + void * hport, + nt_pty * ctx, + nt_iosb * iosb) +{ + int32_t status; + + ctx->hport = hport + ? hport + : __ntapi_internals()->hport_tty_session; + + /* request */ + iosb = iosb ? iosb : &ctx->iosb; + + if ((status = __ntapi_pty_open_close(ctx,iosb,NT_TTY_PTY_OPEN))) + return __ntapi_pty_fail(ctx,status); + + /* map section */ + if ((status = __ntapi->zw_map_view_of_section( + ctx->section, + NT_CURRENT_PROCESS_HANDLE, + &ctx->section_addr, + 0,ctx->section_size, + 0,&ctx->section_size, + NT_VIEW_UNMAP,0, + NT_PAGE_READWRITE))) + return __ntapi_pty_fail(ctx,status); + + /* assume conforming clients, config for single lock try */ + __ntapi->tt_sync_block_init(&ctx->sync[__PTY_READ],0,0,1,0,0); + __ntapi->tt_sync_block_init(&ctx->sync[__PTY_WRITE],0,0,1,0,0); + + return NT_STATUS_SUCCESS; +} + + +int32_t __stdcall __ntapi_pty_open( + void * hport, + nt_pty ** pty, + uint32_t desired_access, + nt_object_attributes* obj_attr, + nt_iosb * iosb, + uint32_t share_access, + uint32_t open_options) +{ + int32_t status; + uint32_t hash; + nt_guid guid; + nt_uuid_str_utf16 * guid_str; + nt_pty * ctx; + + if (!obj_attr || !obj_attr->obj_name || !obj_attr->obj_name->buffer) + return NT_STATUS_INVALID_PARAMETER; + + if (obj_attr->obj_name->strlen != __DEVICE_PATH_PREFIX_LEN + sizeof(nt_guid_str_utf16)) + return NT_STATUS_OBJECT_PATH_INVALID; + + hash = __ntapi->tt_buffer_crc32( + 0, + obj_attr->obj_name->buffer, + __DEVICE_PATH_PREFIX_LEN); + + if (hash != __DEVICE_PATH_PREFIX_HASH) + return NT_STATUS_OBJECT_PATH_INVALID; + + guid_str = (nt_uuid_str_utf16 *) + ((uintptr_t)obj_attr->obj_name->buffer + __DEVICE_PATH_PREFIX_LEN); + + if (__ntapi->tt_utf16_string_to_guid(guid_str,&guid)) + return NT_STATUS_OBJECT_NAME_INVALID; + + /* control block */ + if ((status = __ntapi_pty_alloc(&ctx))) + return status; + + __ntapi_tt_guid_copy( + &ctx->guid, + &guid); + + ctx->access = desired_access; + ctx->flags = obj_attr->obj_attr; + ctx->share = share_access; + ctx->options = open_options; + + /* pts */ + if (obj_attr->root_dir) { + ctx->luid.high = ((nt_pty *)obj_attr->root_dir)->luid.high; + ctx->luid.low = ((nt_pty *)obj_attr->root_dir)->luid.low; + } + + if ((status = __ntapi_pty_connect(hport,ctx,iosb))) + return status; + + *pty = ctx; + + return NT_STATUS_SUCCESS; +} + +int32_t __stdcall __ntapi_pty_reopen( + __in void * hport, + __in nt_pty * pty) +{ + return __ntapi_pty_connect(hport,pty,0); +} + +int32_t __stdcall __ntapi_pty_close(nt_pty * pty) +{ + if (!pty || (pty->addr != pty)) + return NT_STATUS_INVALID_PARAMETER; + + __ntapi_pty_open_close( + pty,&pty->iosb,NT_TTY_PTY_CLOSE); + + return __ntapi_pty_free(pty); +} diff --git a/src/pty/ntapi_pty_io.c b/src/pty/ntapi_pty_io.c new file mode 100644 index 0000000..f110371 --- /dev/null +++ b/src/pty/ntapi_pty_io.c @@ -0,0 +1,130 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include "ntapi_impl.h" +#include "ntapi_pty.h" + +static int32_t __stdcall __ntapi_pty_read_write( + nt_pty * pty, + void * hevent, + nt_io_apc_routine * apc_routine, + void * apc_context, + nt_iosb * iosb, + void * buffer, + size_t nbytes, + nt_large_integer * offset, + uint32_t * key, + int32_t opcode) +{ + int32_t status; + nt_pty_io_msg msg; + off_t soffset; + int mode; + + mode = opcode - NT_TTY_PTY_READ; + soffset = mode * pty->section_size / 2; + + if (offset && offset->quad) + return NT_STATUS_INVALID_PARAMETER; + + else if (__ntapi->tt_sync_block_lock(&pty->sync[mode],1,0,0)) + return NT_STATUS_RESOURCE_NOT_OWNED; + + nbytes = nbytes <= pty->section_size / 2 + ? nbytes + : pty->section_size / 2; + + __ntapi->tt_aligned_block_memset( + &msg,0,sizeof(msg)); + + msg.header.msg_type = NT_LPC_NEW_MESSAGE; + msg.header.data_size = sizeof(msg.data); + msg.header.msg_size = sizeof(msg); + msg.data.ttyinfo.opcode = opcode; + + msg.data.ioinfo.hpty = pty->hpty; + msg.data.ioinfo.hevent = hevent; + msg.data.ioinfo.apc_routine = apc_routine; + msg.data.ioinfo.apc_context = apc_context; + msg.data.ioinfo.key = key ? *key : 0; + + msg.data.ioinfo.luid.high = pty->luid.high; + msg.data.ioinfo.luid.low = pty->luid.low; + + msg.data.ioinfo.riosb = iosb; + msg.data.ioinfo.raddr = buffer; + + __ntapi->tt_guid_copy( + &msg.data.ioinfo.guid, + &pty->guid); + + msg.data.ioinfo.nbytes = nbytes; + msg.data.ioinfo.offset = soffset; + + if (mode == __PTY_WRITE) + __ntapi->tt_generic_memcpy( + (char *)pty->section_addr + soffset, + (char *)buffer, + nbytes); + + if ((status = __ntapi->zw_request_wait_reply_port(pty->hport,&msg,&msg))) + return status; + else if (msg.data.ttyinfo.status) + return msg.data.ttyinfo.status; + + if (mode == __PTY_READ) + __ntapi->tt_generic_memcpy( + (char *)buffer, + (char *)pty->section_addr + soffset, + msg.data.ioinfo.iosb.info); + + iosb->info = msg.data.ioinfo.iosb.info; + iosb->status = msg.data.ioinfo.iosb.status; + + return NT_STATUS_SUCCESS; +} + + +int32_t __stdcall __ntapi_pty_read( + __in nt_pty * pty, + __in void * hevent __optional, + __in nt_io_apc_routine * apc_routine __optional, + __in void * apc_context __optional, + __out nt_iosb * iosb, + __out void * buffer, + __in uint32_t nbytes, + __in nt_large_integer * offset __optional, + __in uint32_t * key __optional) +{ + return __ntapi_pty_read_write( + pty, + hevent,apc_routine,apc_context, + iosb,buffer,nbytes,offset,key, + NT_TTY_PTY_READ); +} + + +int32_t __stdcall __ntapi_pty_write( + __in nt_pty * pty, + __in void * hevent __optional, + __in nt_io_apc_routine * apc_routine __optional, + __in void * apc_context __optional, + __out nt_iosb * iosb, + __in void * buffer, + __in uint32_t nbytes, + __in nt_large_integer * offset __optional, + __in uint32_t * key __optional) +{ + return __ntapi_pty_read_write( + pty, + hevent,apc_routine,apc_context, + iosb,buffer,nbytes,offset,key, + NT_TTY_PTY_WRITE); +} diff --git a/src/pty/ntapi_pty_ioctl.c b/src/pty/ntapi_pty_ioctl.c new file mode 100644 index 0000000..f828753 --- /dev/null +++ b/src/pty/ntapi_pty_ioctl.c @@ -0,0 +1,92 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include +#include "ntapi_impl.h" +#include "ntapi_pty.h" + +int32_t __stdcall __ntapi_pty_ioctl( + nt_pty * pty, + void * hevent __optional, + nt_io_apc_routine * apc_routine __optional, + void * apc_context __optional, + nt_iosb * iosb, + uint32_t ctlcode, + void * input_buffer __optional, + uint32_t input_buffer_length, + void * output_buffer __optional, + uint32_t output_buffer_length) +{ + int32_t status; + nt_pty_sigctl_msg msg; + nt_tty_sigctl_info * input; + nt_tty_sigctl_info * output; + + if ((uintptr_t)input_buffer % sizeof(uintptr_t)) + return NT_STATUS_DATATYPE_MISALIGNMENT_ERROR; + else if (input_buffer_length != sizeof(nt_tty_sigctl_info)) + return NT_STATUS_INVALID_BUFFER_SIZE; + else if (!output_buffer) + return NT_STATUS_ACCESS_DENIED; + else if ((uintptr_t)output_buffer % sizeof(uintptr_t)) + return NT_STATUS_DATATYPE_MISALIGNMENT_ERROR; + else if (output_buffer_length < sizeof(nt_tty_sigctl_info)) + return NT_STATUS_BUFFER_TOO_SMALL; + + input = (nt_tty_sigctl_info *)input_buffer; + output = (nt_tty_sigctl_info *)output_buffer; + + __ntapi->tt_aligned_block_memset( + &msg,0,sizeof(msg)); + + msg.header.msg_type = NT_LPC_NEW_MESSAGE; + msg.header.data_size = sizeof(msg.data); + msg.header.msg_size = sizeof(msg); + msg.data.ttyinfo.opcode = NT_TTY_PTY_IOCTL; + + msg.data.ctlinfo.hpty = pty->hpty; + msg.data.ctlinfo.luid.high = pty->luid.high; + msg.data.ctlinfo.luid.low = pty->luid.low; + msg.data.ctlinfo.ctlcode = ctlcode; + + __ntapi->tt_guid_copy( + &msg.data.ctlinfo.guid, + &pty->guid); + + msg.data.ctlinfo.ctxarg[0] = input->ctxarg[0]; + msg.data.ctlinfo.ctxarg[1] = input->ctxarg[1]; + msg.data.ctlinfo.ctxarg[2] = input->ctxarg[2]; + msg.data.ctlinfo.ctxarg[3] = input->ctxarg[3]; + + __ntapi->tt_generic_memcpy( + (char *)&input->terminfo, + (char *)&msg.data.ctlinfo.terminfo, + sizeof(input->terminfo)); + + __ntapi->tt_generic_memcpy( + (char *)&input->winsize, + (char *)&msg.data.ctlinfo.winsize, + sizeof(input->winsize)); + + if ((status = __ntapi->zw_request_wait_reply_port(pty->hport,&msg,&msg))) + return status; + else if (msg.data.ttyinfo.status) + return msg.data.ttyinfo.status; + + __ntapi->tt_aligned_block_memcpy( + (uintptr_t *)output, + (uintptr_t *)&msg.data.ctlinfo, + sizeof(*output)); + + iosb->info = msg.data.ctlinfo.iosb.info; + iosb->status = msg.data.ctlinfo.iosb.status; + + return NT_STATUS_SUCCESS; +} diff --git a/src/pty/ntapi_pty_query.c b/src/pty/ntapi_pty_query.c new file mode 100644 index 0000000..57d31ee --- /dev/null +++ b/src/pty/ntapi_pty_query.c @@ -0,0 +1,64 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include "ntapi_impl.h" +#include "ntapi_pty.h" + +int32_t __stdcall __ntapi_pty_query( + nt_pty * pty, + nt_io_status_block * iosb, + void * pty_info, + uint32_t pty_info_length, + nt_pty_info_class pty_info_class) +{ + int32_t status; + nt_pty_sigctl_msg msg; + uintptr_t * info; + + if ((pty_info_class=NT_PTY_INFORMATION_CAP)) + return NT_STATUS_INVALID_INFO_CLASS; + else if (pty_info_class == NT_PTY_BASIC_INFORMATION) + return NT_STATUS_NOT_IMPLEMENTED; + else if ((pty_info_class == NT_PTY_CLIENT_INFORMATION) && (pty_info_length != sizeof(nt_pty_client_info))) + return NT_STATUS_INVALID_PARAMETER; + + __ntapi->tt_aligned_block_memset( + &msg,0,sizeof(msg)); + + msg.header.msg_type = NT_LPC_NEW_MESSAGE; + msg.header.data_size = sizeof(msg.data); + msg.header.msg_size = sizeof(msg); + msg.data.ttyinfo.opcode = NT_TTY_PTY_QUERY; + + msg.data.ctlinfo.hpty = pty->hpty; + msg.data.ctlinfo.luid.high = pty->luid.high; + msg.data.ctlinfo.luid.low = pty->luid.low; + msg.data.ctlinfo.ctlcode = pty_info_class; + + __ntapi->tt_guid_copy( + &msg.data.ctlinfo.guid, + &pty->guid); + + if ((status = __ntapi->zw_request_wait_reply_port(pty->hport,&msg,&msg))) + return status; + else if (msg.data.ttyinfo.status) + return msg.data.ttyinfo.status; + + iosb->info = msg.data.ctlinfo.iosb.info; + iosb->status = msg.data.ctlinfo.iosb.status; + + info = (uintptr_t *)pty_info; + info[0] = msg.data.ctlinfo.ctxarg[0]; + info[1] = msg.data.ctlinfo.ctxarg[1]; + info[2] = msg.data.ctlinfo.ctxarg[2]; + info[3] = msg.data.ctlinfo.ctxarg[3]; + + return NT_STATUS_SUCCESS; +} diff --git a/src/pty/ntapi_pty_set.c b/src/pty/ntapi_pty_set.c new file mode 100644 index 0000000..1543e7c --- /dev/null +++ b/src/pty/ntapi_pty_set.c @@ -0,0 +1,64 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include "ntapi_impl.h" +#include "ntapi_pty.h" + +int32_t __stdcall __ntapi_pty_set( + nt_pty * pty, + nt_io_status_block * iosb, + void * pty_info, + uint32_t pty_info_length, + nt_pty_info_class pty_info_class) +{ + int32_t status; + nt_pty_sigctl_msg msg; + uintptr_t * info; + + if ((pty_info_class=NT_PTY_INFORMATION_CAP)) + return NT_STATUS_INVALID_INFO_CLASS; + else if (pty_info_class == NT_PTY_BASIC_INFORMATION) + return NT_STATUS_NOT_IMPLEMENTED; + else if ((pty_info_class == NT_PTY_CLIENT_INFORMATION) && (pty_info_length != sizeof(nt_pty_client_info))) + return NT_STATUS_INVALID_PARAMETER; + + __ntapi->tt_aligned_block_memset( + &msg,0,sizeof(msg)); + + msg.header.msg_type = NT_LPC_NEW_MESSAGE; + msg.header.data_size = sizeof(msg.data); + msg.header.msg_size = sizeof(msg); + msg.data.ttyinfo.opcode = NT_TTY_PTY_SET; + + msg.data.ctlinfo.hpty = pty->hpty; + msg.data.ctlinfo.luid.high = pty->luid.high; + msg.data.ctlinfo.luid.low = pty->luid.low; + msg.data.ctlinfo.ctlcode = pty_info_class; + + __ntapi->tt_guid_copy( + &msg.data.ctlinfo.guid, + &pty->guid); + + info = (uintptr_t *)pty_info; + msg.data.ctlinfo.ctxarg[0] = info[0]; + msg.data.ctlinfo.ctxarg[1] = info[1]; + msg.data.ctlinfo.ctxarg[2] = info[2]; + msg.data.ctlinfo.ctxarg[3] = info[3]; + + if ((status = __ntapi->zw_request_wait_reply_port(pty->hport,&msg,&msg))) + return status; + else if (msg.data.ttyinfo.status) + return msg.data.ttyinfo.status; + + iosb->info = msg.data.ctlinfo.iosb.info; + iosb->status = msg.data.ctlinfo.iosb.status; + + return NT_STATUS_SUCCESS; +} diff --git a/src/section/ntapi_tt_get_section_name.c b/src/section/ntapi_tt_get_section_name.c new file mode 100644 index 0000000..744bfe7 --- /dev/null +++ b/src/section/ntapi_tt_get_section_name.c @@ -0,0 +1,32 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include "ntapi_impl.h" + +int32_t __stdcall __ntapi_tt_get_section_name( + __in void * addr, + __out nt_mem_sec_name * buffer, + __in uint32_t buffer_size) +{ + size_t len; + + /* init buffer */ + buffer->section_name.strlen = 0; + buffer->section_name.maxlen = (uint16_t)(buffer_size - sizeof(nt_unicode_string)); + buffer->section_name.buffer = buffer->section_name_buffer; + + return __ntapi->zw_query_virtual_memory( + NT_CURRENT_PROCESS_HANDLE, + addr, + NT_MEMORY_SECTION_NAME, + buffer, + buffer_size, + &len); +} diff --git a/src/socket/ntapi_sc_accept.c b/src/socket/ntapi_sc_accept.c new file mode 100644 index 0000000..a9f0a4e --- /dev/null +++ b/src/socket/ntapi_sc_accept.c @@ -0,0 +1,79 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include +#include "ntapi_impl.h" + +typedef struct __addr_memcpy { + uint64_t d0; + uint64_t d1; +} _addr_memcpy; + + +int32_t __cdecl __ntapi_sc_accept( + __in nt_socket * hssock_listen, + __out nt_sockaddr * addr, + __out uint16_t * addrlen, + __out nt_socket * hssock_dedicated, + __in uintptr_t afdflags __optional, + __in uintptr_t tdiflags __optional, + __out nt_io_status_block * iosb __optional) +{ + int32_t status; + + nt_afd_accept_info accept_info; + nt_io_status_block siosb; + + _addr_memcpy * src; + _addr_memcpy * dst; + + iosb = iosb ? iosb : &siosb; + + /* establish kernel connection */ + if ((status = __ntapi->sc_server_accept_connection( + hssock_listen, + &accept_info, + iosb))) + return status; + + /* create connection-dedicated socket handle */ + if ((status = __ntapi->sc_socket( + hssock_dedicated, + hssock_listen->domain, + hssock_listen->type, + hssock_listen->protocol, + 0, + 0, + 0))) + return status; + + /* associate the dedicated handle with the connection */ + if ((status = __ntapi->sc_server_duplicate_socket( + hssock_listen, + hssock_dedicated, + &accept_info, + 0))) + return status; + + /* return address information */ + if (addr) { + src = (_addr_memcpy *)&(accept_info.addr); + dst = (_addr_memcpy *)addr; + + dst->d0 = src->d0; + dst->d1 = src->d1; + } + + /* return address length information */ + if (addrlen) + *addrlen = sizeof(nt_sockaddr); + + return status; +} diff --git a/src/socket/ntapi_sc_bind_v1.c b/src/socket/ntapi_sc_bind_v1.c new file mode 100644 index 0000000..df66656 --- /dev/null +++ b/src/socket/ntapi_sc_bind_v1.c @@ -0,0 +1,101 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include +#include "ntapi_impl.h" + +typedef struct _nt_afd_bind_msg { + uint32_t domain; + uint32_t type; + uint32_t service_flags; + char sa_data[14]; +} nt_afd_bind_msg; + + +typedef struct __addr_memcpy { + uint16_t d0; + uint16_t d1; + uint16_t d2; + uint16_t d3; + uint16_t d4; + uint16_t d5; + uint16_t d6; + uint16_t d7; +} _addr_memcpy; + + +int32_t __cdecl __ntapi_sc_bind_v1( + __in nt_socket * hssocket, + __in const nt_sockaddr * addr, + __in uintptr_t addrlen, + __in uintptr_t service_flags __optional, + __out nt_sockaddr * sockaddr __optional, + __out nt_io_status_block * iosb __optional) +{ + nt_io_status_block siosb; + nt_afd_bind_msg afd_bind_req; + nt_afd_bind_msg afd_bind_rep; + + _addr_memcpy * src; + _addr_memcpy * dst; + + iosb = iosb ? iosb : &siosb; + + /* service_flags */ + if (!service_flags) + service_flags = 0x2000E; + + /* afd_bind_req */ + afd_bind_req.domain = hssocket->domain; + afd_bind_req.type = hssocket->type; + afd_bind_req.service_flags = (uint32_t)service_flags; + + src = (_addr_memcpy *)addr; + dst = (_addr_memcpy *)&(afd_bind_req.sa_data); + + dst->d0 = src->d1; + dst->d1 = src->d2; + dst->d2 = src->d3; + dst->d3 = src->d4; + dst->d4 = src->d5; + dst->d5 = src->d6; + dst->d6 = src->d7; + + hssocket->iostatus = __ntapi->zw_device_io_control_file( + hssocket->hsocket, + hssocket->hevent, + 0, + 0, + iosb, + NT_AFD_IOCTL_BIND, + &afd_bind_req, + sizeof(afd_bind_req), + &afd_bind_rep, + sizeof(afd_bind_rep)); + + __ntapi->sc_wait(hssocket,iosb,0); + + if (!hssocket->iostatus && sockaddr) { + src = (_addr_memcpy *)&(afd_bind_rep.sa_data); + dst = (_addr_memcpy *)sockaddr; + + dst->d1 = src->d0; + dst->d2 = src->d1; + dst->d3 = src->d2; + dst->d4 = src->d3; + dst->d5 = src->d4; + dst->d6 = src->d5; + dst->d7 = src->d6; + + sockaddr->sa_addr_in4.sa_family = hssocket->domain; + } + + return hssocket->iostatus; +} diff --git a/src/socket/ntapi_sc_bind_v2.c b/src/socket/ntapi_sc_bind_v2.c new file mode 100644 index 0000000..f9b503b --- /dev/null +++ b/src/socket/ntapi_sc_bind_v2.c @@ -0,0 +1,85 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include +#include "ntapi_impl.h" + +typedef struct _nt_afd_bind_request { + uint32_t unknown; + nt_sockaddr addr; +} nt_afd_bind_request; + +typedef struct _nt_afd_bind_reply { + nt_sockaddr addr; +} nt_afd_bind_reply; + +typedef struct __addr_memcpy { + uint32_t d0; + uint32_t d1; + uint32_t d2; + uint32_t d3; +} _addr_memcpy; + + +int32_t __cdecl __ntapi_sc_bind_v2( + __in nt_socket * hssocket, + __in const nt_sockaddr * addr, + __in uintptr_t addrlen, + __in uintptr_t service_flags __optional, + __out nt_sockaddr * sockaddr __optional, + __out nt_io_status_block * iosb __optional) +{ + nt_io_status_block siosb; + nt_afd_bind_request afd_bind_req; + nt_afd_bind_reply afd_bind_rep; + + _addr_memcpy * src; + _addr_memcpy * dst; + + iosb = iosb ? iosb : &siosb; + + /* request */ + afd_bind_req.unknown = hssocket->domain; + + src = (_addr_memcpy *)addr; + dst = (_addr_memcpy *)&(afd_bind_req.addr); + + dst->d0 = src->d0; + dst->d1 = src->d1; + dst->d2 = src->d2; + dst->d3 = src->d3; + + hssocket->iostatus = __ntapi->zw_device_io_control_file( + hssocket->hsocket, + hssocket->hevent, + 0, + 0, + iosb, + NT_AFD_IOCTL_BIND, + &afd_bind_req, + sizeof(afd_bind_req), + &afd_bind_rep, + sizeof(afd_bind_rep)); + + __ntapi->sc_wait(hssocket,iosb,0); + + if (!hssocket->iostatus && sockaddr) { + /* return updated address information */ + src = (_addr_memcpy *)&(afd_bind_rep); + dst = (_addr_memcpy *)sockaddr; + + dst->d0 = src->d0; + dst->d1 = src->d1; + dst->d2 = src->d2; + dst->d3 = src->d3; + } + + return hssocket->iostatus; +} diff --git a/src/socket/ntapi_sc_connect_v1.c b/src/socket/ntapi_sc_connect_v1.c new file mode 100644 index 0000000..380dbc9 --- /dev/null +++ b/src/socket/ntapi_sc_connect_v1.c @@ -0,0 +1,93 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include +#include "ntapi_impl.h" + +/* weed in Redmond during the 1990's anyone? */ +typedef struct _nt_afd_connect_request { + uintptr_t unknown; + void * paddr; + void * hasync; + uint32_t type; + uint32_t service_flags; + char sa_data[14]; + uint16_t hangover; + uint32_t unused; +} nt_afd_connect_request; + +typedef struct __addr_memcpy { + uint16_t d0; + uint16_t d1; + uint16_t d2; + uint16_t d3; + uint16_t d4; + uint16_t d5; + uint16_t d6; + uint16_t d7; +} _addr_memcpy; + +int32_t __cdecl __ntapi_sc_connect_v1( + __in nt_socket * hssocket, + __in nt_sockaddr * addr, + __in uintptr_t addrlen, + __in uintptr_t service_flags __optional, + __out nt_io_status_block * iosb __optional) +{ + nt_io_status_block siosb; + nt_afd_connect_request afd_connect_req; + + _addr_memcpy * src; + _addr_memcpy * dst; + + iosb = iosb ? iosb : &siosb; + + /* service_flags */ + if (!service_flags) + service_flags = 0x2000E; + + /* afd_connect_req */ + afd_connect_req.type = hssocket->type; + afd_connect_req.service_flags = (uint32_t)service_flags; + + afd_connect_req.paddr = (void *)0; + afd_connect_req.hasync = (void *)0; + + afd_connect_req.unknown = 0; + afd_connect_req.unused = 0; + afd_connect_req.hangover = 0; + + src = (_addr_memcpy *)addr; + dst = (_addr_memcpy *)&(afd_connect_req.sa_data); + + dst->d0 = src->d1; + dst->d1 = src->d2; + dst->d2 = src->d3; + dst->d3 = src->d4; + dst->d4 = src->d5; + dst->d5 = src->d6; + dst->d6 = src->d7; + + hssocket->iostatus = __ntapi->zw_device_io_control_file( + hssocket->hsocket, + hssocket->hevent, + 0, + 0, + iosb, + NT_AFD_IOCTL_CONNECT, + &afd_connect_req, + sizeof(afd_connect_req), + (void *)0, + 0); + + return hssocket->iostatus + ? __ntapi->sc_wait(hssocket,iosb,0) + : NT_STATUS_SUCCESS; +} diff --git a/src/socket/ntapi_sc_connect_v2.c b/src/socket/ntapi_sc_connect_v2.c new file mode 100644 index 0000000..3857f6f --- /dev/null +++ b/src/socket/ntapi_sc_connect_v2.c @@ -0,0 +1,69 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include +#include "ntapi_impl.h" + +typedef struct _nt_afd_connect_request { + uintptr_t unknown[2]; + void * paddr; + nt_sockaddr addr; +} nt_afd_connect_request; + +typedef struct __addr_memcpy { + uint64_t d0; + uint64_t d1; +} _addr_memcpy; + + +int32_t __cdecl __ntapi_sc_connect_v2( + __in nt_socket * hssocket, + __in nt_sockaddr * addr, + __in uintptr_t addrlen, + __in uintptr_t service_flags __optional, + __out nt_io_status_block * iosb __optional) +{ + nt_io_status_block siosb; + nt_afd_connect_request afd_connect_req; + + _addr_memcpy * src; + _addr_memcpy * dst; + + iosb = iosb ? iosb : &siosb; + + /* afd_connect_req */ + afd_connect_req.unknown[0] = 0; + afd_connect_req.unknown[1] = 0; + + src = (_addr_memcpy *)addr; + dst = (_addr_memcpy *)&(afd_connect_req.addr); + + dst->d0 = src->d0; + dst->d1 = src->d1; + + afd_connect_req.paddr = &(afd_connect_req.addr); + afd_connect_req.addr.sa_addr_in4.sa_family = hssocket->domain; + + hssocket->iostatus = __ntapi->zw_device_io_control_file( + hssocket->hsocket, + hssocket->hevent, + 0, + 0, + iosb, + NT_AFD_IOCTL_CONNECT, + &afd_connect_req, + sizeof(afd_connect_req), + (void *)0, + 0); + + return hssocket->iostatus + ? __ntapi->sc_wait(hssocket,iosb,0) + : NT_STATUS_SUCCESS; +} diff --git a/src/socket/ntapi_sc_getsockname_v1.c b/src/socket/ntapi_sc_getsockname_v1.c new file mode 100644 index 0000000..85a9357 --- /dev/null +++ b/src/socket/ntapi_sc_getsockname_v1.c @@ -0,0 +1,80 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include +#include "ntapi_impl.h" + +typedef struct _nt_afd_server_socket_name_info { + uint32_t unknown; + uint32_t type; + uint32_t service_flags; + char sa_data[14]; +} nt_afd_server_socket_name_info; + + +struct __addr_memcpy { + uint16_t d0; + uint16_t d1; + uint16_t d2; + uint16_t d3; + uint16_t d4; + uint16_t d5; + uint16_t d6; + uint16_t d7; +}; + + +int32_t __cdecl __ntapi_sc_getsockname_v1( + __in nt_socket * hssocket, + __in nt_sockaddr * addr, + __in uint16_t * addrlen, + __out nt_io_status_block * iosb __optional) +{ + nt_io_status_block siosb; + nt_afd_server_socket_name_info sock_name_info; + + struct __addr_memcpy * asrc; + struct __addr_memcpy * adst; + + iosb = iosb ? iosb : &siosb; + + hssocket->iostatus = __ntapi->zw_device_io_control_file( + hssocket->hsocket, + hssocket->hevent, + 0, + 0, + iosb, + NT_AFD_IOCTL_GET_SOCK_NAME, + 0, + 0, + &sock_name_info, + sizeof(sock_name_info)); + + __ntapi->sc_wait(hssocket,iosb,0); + + if (!hssocket->iostatus) { + addr->sa_addr_in4.sa_family = hssocket->domain; + + asrc = (struct __addr_memcpy *)&(sock_name_info.sa_data); + adst = (struct __addr_memcpy *)addr; + + adst->d1 = asrc->d0; + adst->d2 = asrc->d1; + adst->d3 = asrc->d2; + adst->d4 = asrc->d3; + adst->d5 = asrc->d4; + adst->d6 = asrc->d5; + adst->d7 = asrc->d6; + + *addrlen = (uint16_t)iosb->info; + }; + + return hssocket->iostatus; +} diff --git a/src/socket/ntapi_sc_getsockname_v2.c b/src/socket/ntapi_sc_getsockname_v2.c new file mode 100644 index 0000000..07313ac --- /dev/null +++ b/src/socket/ntapi_sc_getsockname_v2.c @@ -0,0 +1,42 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include +#include "ntapi_impl.h" + +int32_t __cdecl __ntapi_sc_getsockname_v2( + __in nt_socket * hssocket, + __in nt_sockaddr * addr, + __in uint16_t * addrlen, + __out nt_io_status_block * iosb __optional) +{ + nt_iosb siosb; + + iosb = iosb ? iosb : &siosb; + + hssocket->iostatus = __ntapi->zw_device_io_control_file( + hssocket->hsocket, + hssocket->hevent, + 0, + 0, + iosb, + NT_AFD_IOCTL_GET_SOCK_NAME, + 0, + 0, + addr, + sizeof(*addr)); + + __ntapi->sc_wait(hssocket,iosb,0); + + if (!hssocket->iostatus) + *addrlen = (uint16_t)iosb->info; + + return hssocket->iostatus; +} diff --git a/src/socket/ntapi_sc_listen.c b/src/socket/ntapi_sc_listen.c new file mode 100644 index 0000000..cc3e66a --- /dev/null +++ b/src/socket/ntapi_sc_listen.c @@ -0,0 +1,44 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include +#include "ntapi_impl.h" + +int32_t __cdecl __ntapi_sc_listen( + __in nt_socket * hssocket, + __in uintptr_t backlog, + __out nt_io_status_block * iosb __optional) +{ + nt_afd_listen_info afd_listen; + nt_io_status_block siosb; + + iosb = iosb ? iosb : &siosb; + + /* afd_listen */ + afd_listen.unknown_1st = 0; + afd_listen.unknown_2nd = 0; + afd_listen.backlog = (uint32_t)backlog; + + hssocket->iostatus = __ntapi->zw_device_io_control_file( + hssocket->hsocket, + hssocket->hevent, + 0, + 0, + iosb, + NT_AFD_IOCTL_LISTEN, + &afd_listen, + sizeof(afd_listen), + 0, + 0); + + return hssocket->iostatus + ? __ntapi->sc_wait(hssocket,iosb,0) + : NT_STATUS_SUCCESS; +} diff --git a/src/socket/ntapi_sc_recv.c b/src/socket/ntapi_sc_recv.c new file mode 100644 index 0000000..8db3426 --- /dev/null +++ b/src/socket/ntapi_sc_recv.c @@ -0,0 +1,63 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include +#include "ntapi_impl.h" + +int32_t __cdecl __ntapi_sc_recv( + __in nt_socket * hssocket, + __in const void * buffer, + __in size_t len, + __out ssize_t * bytes_received __optional, + __in uintptr_t afdflags __optional, + __in uintptr_t tdiflags __optional, + __out nt_io_status_block * iosb __optional) +{ + nt_afd_buffer afd_buffer; + nt_afd_recv_info afd_recv; + nt_io_status_block siosb; + + iosb = iosb ? iosb : &siosb; + + /* tdiflags */ + if (tdiflags == 0) + tdiflags = NT_TDI_RECEIVE_NORMAL; + + /* afd_buffer */ + afd_buffer.length = len; + afd_buffer.buffer = (char *)buffer; + + /* afd_recv */ + afd_recv.afd_buffer_array = &afd_buffer; + afd_recv.buffer_count = 1; + + afd_recv.afd_flags = (uint32_t)afdflags; + afd_recv.tdi_flags = (uint32_t)tdiflags; + + hssocket->iostatus = __ntapi->zw_device_io_control_file( + hssocket->hsocket, + hssocket->hevent, + 0, + 0, + iosb, + NT_AFD_IOCTL_RECV, + &afd_recv, + sizeof(afd_recv), + 0, + 0); + + if (hssocket->iostatus && (hssocket->ntflags & __NT_FILE_SYNC_IO)) + __ntapi->sc_wait(hssocket,iosb,&hssocket->timeout); + + if (!hssocket->iostatus && bytes_received) + *bytes_received = iosb->info; + + return hssocket->iostatus; +} diff --git a/src/socket/ntapi_sc_send.c b/src/socket/ntapi_sc_send.c new file mode 100644 index 0000000..2286d65 --- /dev/null +++ b/src/socket/ntapi_sc_send.c @@ -0,0 +1,59 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include +#include "ntapi_impl.h" + +int32_t __cdecl __ntapi_sc_send( + __in nt_socket * hssocket, + __in const void * buffer, + __in size_t len, + __out ssize_t * bytes_sent __optional, + __in uintptr_t afdflags __optional, + __in uintptr_t tdiflags __optional, + __out nt_io_status_block * iosb __optional) +{ + nt_afd_buffer afd_buffer; + nt_afd_send_info afd_send; + nt_io_status_block siosb; + + iosb = iosb ? iosb : &siosb; + + /* afd_buffer */ + afd_buffer.length = len; + afd_buffer.buffer = (char *)buffer; + + /* afd_send */ + afd_send.afd_buffer_array = &afd_buffer; + afd_send.buffer_count = 1; + + afd_send.afd_flags = (uint32_t)afdflags; + afd_send.tdi_flags = (uint32_t)tdiflags; + + hssocket->iostatus = __ntapi->zw_device_io_control_file( + hssocket->hsocket, + hssocket->hevent, + 0, + 0, + iosb, + NT_AFD_IOCTL_SEND, + &afd_send, + sizeof(afd_send), + 0, + 0); + + if (hssocket->iostatus && (hssocket->ntflags & __NT_FILE_SYNC_IO)) + __ntapi->sc_wait(hssocket,iosb,&hssocket->timeout); + + if (!hssocket->iostatus && bytes_sent) + *bytes_sent = iosb->info; + + return hssocket->iostatus; +} diff --git a/src/socket/ntapi_sc_server_accept_connection_v1.c b/src/socket/ntapi_sc_server_accept_connection_v1.c new file mode 100644 index 0000000..0154ef7 --- /dev/null +++ b/src/socket/ntapi_sc_server_accept_connection_v1.c @@ -0,0 +1,78 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include +#include "ntapi_impl.h" + +typedef struct _nt_afd_server_accept_info { + uint32_t sequence; + uint32_t unknown; + uint32_t service_flags; + char sa_data[14]; +} nt_afd_server_accept_info; + +typedef struct __addr_memcpy { + uint16_t d0; + uint16_t d1; + uint16_t d2; + uint16_t d3; + uint16_t d4; + uint16_t d5; + uint16_t d6; + uint16_t d7; +} _addr_memcpy; + +int32_t __cdecl __ntapi_sc_server_accept_connection_v1( + __in nt_socket * hssocket, + __out nt_afd_accept_info * accept_info, + __out nt_io_status_block * iosb __optional) +{ + nt_io_status_block siosb; + nt_afd_server_accept_info accept_info_buffer; + + _addr_memcpy * asrc; + _addr_memcpy * adst; + + iosb = iosb ? iosb : &siosb; + + hssocket->iostatus = __ntapi->zw_device_io_control_file( + hssocket->hsocket, + hssocket->hevent, + 0, + 0, + iosb, + NT_AFD_IOCTL_ACCEPT, + 0, + 0, + &accept_info_buffer, + sizeof(accept_info_buffer)); + + if (hssocket->iostatus && (hssocket->ntflags & __NT_FILE_SYNC_IO)) + __ntapi->sc_wait(hssocket,iosb,&hssocket->timeout); + + if (hssocket->iostatus) + return hssocket->iostatus; + + accept_info->sequence = accept_info_buffer.sequence; + accept_info->addr.sa_addr_in4.sa_family = hssocket->domain; + + asrc = (_addr_memcpy *)&(accept_info_buffer.sa_data); + adst = (_addr_memcpy *)&(accept_info->addr); + + adst->d1 = asrc->d0; + adst->d2 = asrc->d1; + adst->d3 = asrc->d2; + adst->d4 = asrc->d3; + adst->d5 = asrc->d4; + adst->d6 = asrc->d5; + adst->d7 = asrc->d6; + + return hssocket->iostatus; +} diff --git a/src/socket/ntapi_sc_server_accept_connection_v2.c b/src/socket/ntapi_sc_server_accept_connection_v2.c new file mode 100644 index 0000000..3520c75 --- /dev/null +++ b/src/socket/ntapi_sc_server_accept_connection_v2.c @@ -0,0 +1,44 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include +#include "ntapi_impl.h" + +typedef struct _nt_afd_server_accept_info { + uint32_t sequence; + nt_sockaddr addr; +} nt_afd_server_accept_info; + +int32_t __cdecl __ntapi_sc_server_accept_connection_v2( + __in nt_socket * hssocket, + __out nt_afd_accept_info * accept_info, + __out nt_io_status_block * iosb __optional) +{ + nt_io_status_block siosb; + + iosb = iosb ? iosb : &siosb; + + hssocket->iostatus = __ntapi->zw_device_io_control_file( + hssocket->hsocket, + hssocket->hevent, + 0, + 0, + iosb, + NT_AFD_IOCTL_ACCEPT, + 0, + 0, + accept_info, + sizeof(nt_afd_server_accept_info)); + + if (hssocket->iostatus && (hssocket->ntflags & __NT_FILE_SYNC_IO)) + __ntapi->sc_wait(hssocket,iosb,&hssocket->timeout); + + return hssocket->iostatus; +} diff --git a/src/socket/ntapi_sc_server_duplicate_socket.c b/src/socket/ntapi_sc_server_duplicate_socket.c new file mode 100644 index 0000000..4084593 --- /dev/null +++ b/src/socket/ntapi_sc_server_duplicate_socket.c @@ -0,0 +1,45 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include +#include "ntapi_impl.h" + +int32_t __cdecl __ntapi_sc_server_duplicate_socket( + __in nt_socket * hssock_listen, + __in nt_socket * hssock_dedicated, + __in nt_afd_accept_info * accept_info, + __out nt_io_status_block * iosb __optional) +{ + nt_afd_duplicate_info duplicate_info; + nt_io_status_block siosb; + + iosb = iosb ? iosb : &siosb; + + /* duplicate_info */ + duplicate_info.unknown = 0; + duplicate_info.sequence = accept_info->sequence; + duplicate_info.hsocket_dedicated = hssock_dedicated->hsocket; + + hssock_dedicated->iostatus = __ntapi->zw_device_io_control_file( + hssock_listen->hsocket, + hssock_dedicated->hevent, + 0, + 0, + iosb, + NT_AFD_IOCTL_DUPLICATE, + &duplicate_info, + sizeof(duplicate_info), + 0, + 0); + + return hssock_dedicated->iostatus + ? __ntapi->sc_wait(hssock_dedicated,iosb,0) + : NT_STATUS_SUCCESS; +} diff --git a/src/socket/ntapi_sc_shutdown.c b/src/socket/ntapi_sc_shutdown.c new file mode 100644 index 0000000..115214c --- /dev/null +++ b/src/socket/ntapi_sc_shutdown.c @@ -0,0 +1,65 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include +#include "ntapi_impl.h" + +int32_t __cdecl __ntapi_sc_shutdown( + __in nt_socket * hssocket, + __in uintptr_t psxhow, + __in uintptr_t afdhow, + __out nt_io_status_block * iosb __optional) +{ + nt_afd_disconnect_info afd_disconnect; + nt_io_status_block siosb; + + iosb = iosb ? iosb : &siosb; + + if (afdhow == 0) { + switch (psxhow) { + case NT_SHUT_RD: + afdhow = NT_AFD_DISCONNECT_RD; + break; + + case NT_SHUT_WR: + afdhow = NT_AFD_DISCONNECT_WR; + break; + + case NT_SHUT_RDWR: + afdhow = NT_AFD_DISCONNECT_RD | NT_AFD_DISCONNECT_WR; + break; + + default: + return NT_STATUS_INVALID_PARAMETER_2; + break; + } + } + + afd_disconnect.shutdown_flags = (uint32_t)afdhow; + afd_disconnect.unknown[0] = 0xff; + afd_disconnect.unknown[1] = 0xff; + afd_disconnect.unknown[2] = 0xff; + + hssocket->iostatus = __ntapi->zw_device_io_control_file( + hssocket->hsocket, + hssocket->hevent, + 0, + 0, + iosb, + NT_AFD_IOCTL_DISCONNECT, + &afd_disconnect, + sizeof(afd_disconnect), + 0, + 0); + + return hssocket->iostatus + ? __ntapi->sc_wait(hssocket,iosb,0) + : NT_STATUS_SUCCESS; +} diff --git a/src/socket/ntapi_sc_socket_v1.c b/src/socket/ntapi_sc_socket_v1.c new file mode 100644 index 0000000..d57f212 --- /dev/null +++ b/src/socket/ntapi_sc_socket_v1.c @@ -0,0 +1,118 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include +#include "ntapi_impl.h" + +typedef struct _nt_afd_socket_ea { + uint32_t next_entry_offset; + unsigned char ea_flags; + unsigned char ea_name_length; + uint16_t ea_value_length; + char afd_open_packet[0x10]; + uint32_t value_1st; + uint32_t value_2nd; + uint32_t device_name_length; + wchar16_t device_name[0x0b]; + uint32_t ea_ext[4]; +} nt_afd_socket_ea; + +int32_t __cdecl __ntapi_sc_socket_v1( + __out nt_socket * hssocket, + __in uint16_t domain, + __in uint16_t type, + __in uint32_t protocol, + __in uint32_t desired_access __optional, + __in nt_sqos * sqos __optional, + __out nt_io_status_block * iosb __optional) +{ + int32_t status; + nt_object_attributes oa; + nt_io_status_block siosb; + nt_sqos ssqos; + nt_unicode_string nt_afdep; + uint32_t ea_length; + void * _hsocket; + + wchar16_t afd_end_point[] = { + '\\','D','e','v','i','c','e', + '\\','A','f','d', + '\\','E','n','d','P','o','i','n','t', + 0}; + + /* tcp as default extended attribute */ + nt_afd_socket_ea afd_ea = { + 0, + 0, + 0x0f, + 0x28, + {'A','f','d','O','p','e','n','P','a','c','k','e','t','X','X',0}, + 0,0, + 0x16, + {'\\','D','e','v','i','c','e','\\','T','c','p'}, + {0}}; + + ea_length = 0x43; + + __ntapi->rtl_init_unicode_string(&nt_afdep,afd_end_point); + + if (!desired_access) + desired_access = NT_GENERIC_READ \ + | NT_GENERIC_WRITE \ + | NT_SEC_SYNCHRONIZE \ + | NT_SEC_WRITE_DAC; + + if (!sqos) { + ssqos.length = sizeof(ssqos); + ssqos.impersonation_level = NT_SECURITY_IMPERSONATION; + ssqos.context_tracking_mode = NT_SECURITY_TRACKING_DYNAMIC; + ssqos.effective_only = 1; + sqos = &ssqos; + } + + oa.len = sizeof(oa); + oa.root_dir = (void *)0; + oa.obj_name = &nt_afdep; + oa.obj_attr = NT_OBJ_CASE_INSENSITIVE | NT_OBJ_INHERIT; + oa.sec_desc = (nt_security_descriptor *)0; + oa.sec_qos = sqos; + + iosb = iosb ? iosb : &siosb; + + if ((status = __ntapi->zw_create_file( + &_hsocket, + desired_access, + &oa, + iosb, + 0, + 0, + NT_FILE_SHARE_READ | NT_FILE_SHARE_WRITE, + NT_FILE_OPEN_IF, + 0, + &afd_ea, + ea_length))) + return status; + + oa.obj_name = 0; + oa.obj_attr = 0; + + if (status == NT_STATUS_SUCCESS) { + hssocket->hsocket = _hsocket; + hssocket->ntflags = 0; + hssocket->domain = domain; + hssocket->type = type; + hssocket->protocol = protocol; + hssocket->timeout.quad = 0; + hssocket->iostatus = NT_STATUS_SUCCESS; + hssocket->waitstatus = NT_STATUS_SUCCESS; + } + + return status; +} diff --git a/src/socket/ntapi_sc_socket_v2.c b/src/socket/ntapi_sc_socket_v2.c new file mode 100644 index 0000000..069c596 --- /dev/null +++ b/src/socket/ntapi_sc_socket_v2.c @@ -0,0 +1,124 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include +#include "ntapi_impl.h" + +typedef struct _nt_socket_attr { + uint32_t datagram; + uint32_t unknown; + uint32_t domain; + uint32_t type; + uint32_t protocol; +} nt_socket_attr; + +typedef struct _nt_afd_socket_ea { + uint32_t next_entry_offset; + unsigned char ea_flags; + unsigned char ea_name_length; + uint16_t ea_value_length; + char afd_open_packet[16]; + nt_socket_attr sattr; + uint32_t ea_ext[4]; +} nt_afd_socket_ea; + +int32_t __cdecl __ntapi_sc_socket_v2( + __out nt_socket * hssocket, + __in uint16_t domain, + __in uint16_t type, + __in uint32_t protocol, + __in uint32_t desired_access __optional, + __in nt_sqos * sqos __optional, + __out nt_io_status_block * iosb __optional) +{ + int32_t status; + nt_object_attributes oa; + nt_io_status_block siosb; + nt_sqos ssqos; + nt_unicode_string nt_afdep; + uint32_t ea_length; + void * _hsocket; + + wchar16_t afd_end_point[] = { + '\\','D','e','v','i','c','e', + '\\','A','f','d', + '\\','E','n','d','P','o','i','n','t', + 0}; + + nt_afd_socket_ea afd_ea = { + 0, + 0, + 0x0f, + 0x20, + {'A','f','d','O','p','e','n','P','a','c','k','e','t','X','X',0}, + {0}, + {0}}; + + ea_length = sizeof(afd_ea); + + afd_ea.sattr.domain = domain; + afd_ea.sattr.type = type; + afd_ea.sattr.protocol = protocol; + + afd_ea.sattr.datagram = (type == NT_SOCK_DGRAM) ? protocol : 0; + + __ntapi->rtl_init_unicode_string(&nt_afdep,afd_end_point); + + if (!desired_access) + desired_access = NT_GENERIC_READ \ + | NT_GENERIC_WRITE \ + | NT_SEC_SYNCHRONIZE \ + | NT_SEC_WRITE_DAC; + + if (!sqos) { + ssqos.length = sizeof(ssqos); + ssqos.impersonation_level = NT_SECURITY_IMPERSONATION; + ssqos.context_tracking_mode = NT_SECURITY_TRACKING_DYNAMIC; + ssqos.effective_only = 1; + sqos = &ssqos; + } + + oa.len = sizeof(oa); + oa.root_dir = (void *)0; + oa.obj_name = &nt_afdep; + oa.obj_attr = NT_OBJ_CASE_INSENSITIVE | NT_OBJ_INHERIT; + oa.sec_desc = (nt_security_descriptor *)0; + oa.sec_qos = sqos; + + iosb = iosb ? iosb : &siosb; + + if ((status = __ntapi->zw_create_file( + &_hsocket, + desired_access, + &oa, + iosb, + 0, + 0, + NT_FILE_SHARE_READ | NT_FILE_SHARE_WRITE, + NT_FILE_OPEN_IF, + 0, + &afd_ea, + ea_length))) + return status; + + oa.obj_name = 0; + oa.obj_attr = 0; + + hssocket->hsocket = _hsocket; + hssocket->ntflags = 0; + hssocket->domain = domain; + hssocket->type = type; + hssocket->protocol = protocol; + hssocket->timeout.quad = 0; + hssocket->iostatus = NT_STATUS_SUCCESS; + hssocket->waitstatus = NT_STATUS_SUCCESS; + + return status; +} diff --git a/src/socket/ntapi_sc_wait.c b/src/socket/ntapi_sc_wait.c new file mode 100644 index 0000000..3bfad28 --- /dev/null +++ b/src/socket/ntapi_sc_wait.c @@ -0,0 +1,42 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include "ntapi_impl.h" + +int32_t __cdecl __ntapi_sc_wait(nt_socket * hssocket, nt_iosb * iosb, nt_timeout * timeout) +{ + nt_iosb cancel; + + timeout = (timeout && timeout->quad) + ? timeout + : 0; + + if (hssocket->hevent && (hssocket->iostatus == NT_STATUS_PENDING)) { + hssocket->waitstatus = __ntapi->zw_wait_for_single_object( + hssocket->hevent, + !!(hssocket->ntflags & NT_FILE_SYNCHRONOUS_IO_ALERT), + timeout); + + switch (hssocket->waitstatus) { + case NT_STATUS_SUCCESS: + hssocket->iostatus = NT_STATUS_SUCCESS; + break; + + case NT_STATUS_ALERTED: + hssocket->iostatus = NT_STATUS_ALERTED; + __ntapi->zw_cancel_io_file( + hssocket->hsocket, + &cancel); + break; + } + } + + return hssocket->iostatus; +} diff --git a/src/string/ntapi_tt_aligned_block_memcpy.c b/src/string/ntapi_tt_aligned_block_memcpy.c new file mode 100644 index 0000000..43e1a49 --- /dev/null +++ b/src/string/ntapi_tt_aligned_block_memcpy.c @@ -0,0 +1,50 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include + +uintptr_t * __cdecl __ntapi_tt_aligned_block_memcpy( + __in uintptr_t * dst, + __in uintptr_t * src, + __in size_t bytes) +{ + uintptr_t * ptr = (uintptr_t *)dst; + + for (bytes/=sizeof(uintptr_t); bytes; bytes--) + *dst++ = *src++; + + return ptr; +} + + +void * __cdecl __ntapi_tt_generic_memcpy( + __in void * dst, + __in const void * src, + __in size_t bytes) +{ + char * ch_dst; + const char * ch_src; + + if (!bytes) + return dst; + + else if (!(bytes % sizeof(size_t)) + && (!(uintptr_t)dst % sizeof(size_t)) + && (!(uintptr_t)src % sizeof(size_t))) + return __ntapi_tt_aligned_block_memcpy( + (uintptr_t *)dst, + (uintptr_t *)src, + bytes); + + ch_dst = (char *)dst; + ch_src = (const char *)src; + + for (; bytes; bytes--) + *ch_dst++ = *ch_src++; + + return dst; +} diff --git a/src/string/ntapi_tt_aligned_block_memset.c b/src/string/ntapi_tt_aligned_block_memset.c new file mode 100644 index 0000000..8e64360 --- /dev/null +++ b/src/string/ntapi_tt_aligned_block_memset.c @@ -0,0 +1,57 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include + +void * __cdecl __ntapi_tt_aligned_block_memset( + __in void * block, + __in uintptr_t val, + __in size_t bytes) +{ + uintptr_t * ptr = (uintptr_t *)block; + + for (bytes/=sizeof(uintptr_t); bytes; bytes--) + *ptr++=val; + + return block; +} + +void * __cdecl __ntapi_tt_generic_memset( + __in void * dst, + __in uintptr_t val, + __in size_t bytes) +{ + char c; + char * ch; + int i; + size_t abytes; + + if (!bytes) + return dst; + + else if (!(bytes % sizeof(size_t)) + && (!(uintptr_t)dst % sizeof(size_t))) + return __ntapi_tt_aligned_block_memset( + dst,val,bytes); + + c = (char)val; + for (i=0; i + +wchar16_t * __cdecl __ntapi_tt_aligned_memcpy_utf16( + __in uintptr_t * dst, + __in uintptr_t * src, + __in size_t bytes) +{ + size_t aligned_block; + size_t copied; + + wchar16_t * wch_src; + wchar16_t * wch_dst; + + #if defined (__X86_64_MODEL) + uint32_t * uint32_src; + uint32_t * uint32_dst; + #endif + + aligned_block = bytes; + aligned_block /= sizeof(uintptr_t); + aligned_block *= sizeof(uintptr_t); + + copied = 0; + + while (copied < aligned_block) { + *dst = *src; + src++; + dst++; + copied += sizeof(uintptr_t); + } + + #if defined (__X86_64_MODEL) + switch (bytes % sizeof(uintptr_t)) { + case 6: + uint32_src = (uint32_t *)src; + uint32_dst = (uint32_t *)dst; + *uint32_dst = *uint32_src; + + uint32_src++; + uint32_dst++; + + /* make the compiler happy */ + wch_src = (wchar16_t *)uint32_src; + wch_dst = (wchar16_t *)uint32_dst; + *wch_dst = *wch_src; + break; + + case 4: + uint32_src = (uint32_t *)src; + uint32_dst = (uint32_t *)dst; + *uint32_dst = *uint32_src; + break; + } + #endif + + if (bytes % sizeof(uintptr_t)) { + /* the remainder must be 2 */ + wch_src = (wchar16_t *)src; + wch_dst = (wchar16_t *)dst; + *wch_dst = *wch_src; + } + + return (wchar16_t *)dst; +} diff --git a/src/string/ntapi_tt_hex_utf16_to_uintptr.c b/src/string/ntapi_tt_hex_utf16_to_uintptr.c new file mode 100644 index 0000000..3b1f354 --- /dev/null +++ b/src/string/ntapi_tt_hex_utf16_to_uintptr.c @@ -0,0 +1,124 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include + +int32_t __fastcall __ntapi_tt_hex_utf16_to_uint32( + __in wchar16_t hex_key_utf16[8], + __out uint32_t * key) +{ + int i; + unsigned char uch[8]; + unsigned char ubytes[4]; + uint32_t * key_ret; + + /* input validation */ + i = 0; + do { + if (/* [a-f],[[A-F],[0-9] */ + ((hex_key_utf16[i] >= 'a') && (hex_key_utf16[i] <= 'f')) + || ((hex_key_utf16[i] >= 'A') && (hex_key_utf16[i] <= 'F')) + || ((hex_key_utf16[i] >= '0') && (hex_key_utf16[i] <= '9'))) + /* valid hex character */ + i++; + else + return NT_STATUS_ILLEGAL_CHARACTER; + } while (i < 8); + + /* intermediate step: little endian byte order */ + uch[0] = (unsigned char)hex_key_utf16[6]; + uch[1] = (unsigned char)hex_key_utf16[7]; + uch[2] = (unsigned char)hex_key_utf16[4]; + uch[3] = (unsigned char)hex_key_utf16[5]; + uch[4] = (unsigned char)hex_key_utf16[2]; + uch[5] = (unsigned char)hex_key_utf16[3]; + uch[6] = (unsigned char)hex_key_utf16[0]; + uch[7] = (unsigned char)hex_key_utf16[1]; + + for (i=0; i<8; i++) { + /* 'a' > 'A' > '0' */ + if (uch[i] >= 'a') + uch[i] -= ('a' - 0x0a); + else if (uch[i] >= 'A') + uch[i] -= ('A' - 0x0a); + else + uch[i] -= '0'; + } + + ubytes[0] = uch[0] * 0x10 + uch[1]; + ubytes[1] = uch[2] * 0x10 + uch[3]; + ubytes[2] = uch[4] * 0x10 + uch[5]; + ubytes[3] = uch[6] * 0x10 + uch[7]; + + key_ret = (uint32_t *)ubytes; + *key = *key_ret; + + return NT_STATUS_SUCCESS; +} + + +int32_t __fastcall __ntapi_tt_hex_utf16_to_uint64( + __in wchar16_t hex_key_utf16[16], + __out uint64_t * key) +{ + int32_t status; + uint32_t x64_key[2]; + uint64_t * key_ret; + + status = __ntapi_tt_hex_utf16_to_uint32( + &hex_key_utf16[0], + &x64_key[1]); + + if (status != NT_STATUS_SUCCESS) + return status; + + status = __ntapi_tt_hex_utf16_to_uint32( + &hex_key_utf16[8], + &x64_key[0]); + + if (status != NT_STATUS_SUCCESS) + return status; + + key_ret = (uint64_t *)x64_key; + *key = *key_ret; + + return NT_STATUS_SUCCESS; +} + + +int32_t __fastcall __ntapi_tt_hex_utf16_to_uintptr( + __in wchar16_t hex_key_utf16[], + __out uintptr_t * key) +{ + #if defined (__NT32) + return __ntapi_tt_hex_utf16_to_uint32(hex_key_utf16,key); + #elif defined (__NT64) + return __ntapi_tt_hex_utf16_to_uint64(hex_key_utf16,key); + #endif +} + + +int32_t __fastcall __ntapi_tt_hex_utf16_to_uint16( + __in wchar16_t hex_key_utf16[4], + __out uint16_t * key) +{ + int32_t ret; + uint32_t dword_key; + wchar16_t hex_buf[8] = {'0','0','0','0'}; + + hex_buf[4] = hex_key_utf16[0]; + hex_buf[5] = hex_key_utf16[1]; + hex_buf[6] = hex_key_utf16[2]; + hex_buf[7] = hex_key_utf16[3]; + + ret = __ntapi_tt_hex_utf16_to_uint32(hex_buf,&dword_key); + + if (ret == NT_STATUS_SUCCESS) + *key = (uint16_t)dword_key; + + return ret; +} diff --git a/src/string/ntapi_tt_init_unicode_string_from_utf16.c b/src/string/ntapi_tt_init_unicode_string_from_utf16.c new file mode 100644 index 0000000..96673b4 --- /dev/null +++ b/src/string/ntapi_tt_init_unicode_string_from_utf16.c @@ -0,0 +1,26 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include "ntapi_impl.h" + +void __ntapi_tt_init_unicode_string_from_utf16( + __out nt_unicode_string * str_dest, + __in wchar16_t * str_src) +{ + if ((intptr_t)str_src) { + str_dest->strlen = (uint16_t)__ntapi->tt_string_null_offset_short((const int16_t *)str_src); + str_dest->maxlen = str_dest->strlen + sizeof(uint16_t); + str_dest->buffer = (uint16_t *)str_src; + } else { + str_dest->strlen = 0; + str_dest->maxlen = 0; + str_dest->buffer = (uint16_t *)0; + } +} \ No newline at end of file diff --git a/src/string/ntapi_tt_memcpy_utf16.c b/src/string/ntapi_tt_memcpy_utf16.c new file mode 100644 index 0000000..0a2b7af --- /dev/null +++ b/src/string/ntapi_tt_memcpy_utf16.c @@ -0,0 +1,28 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include + +wchar16_t * __cdecl __ntapi_tt_memcpy_utf16( + __in wchar16_t * dst, + __in wchar16_t * src, + __in size_t bytes) +{ + wchar16_t * wch_cap; + wchar16_t * wch_ret; + + wch_cap = (wchar16_t *)((uintptr_t)src + bytes); + wch_ret = dst; + + while (src < wch_cap) { + *dst = *src; + src++; + dst++; + } + + return wch_ret; +} diff --git a/src/string/ntapi_tt_string_null_offset.c b/src/string/ntapi_tt_string_null_offset.c new file mode 100644 index 0000000..3565acb --- /dev/null +++ b/src/string/ntapi_tt_string_null_offset.c @@ -0,0 +1,93 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include "ntapi_impl.h" + +size_t __cdecl __ntapi_tt_string_null_offset_multibyte( + __in const char * str) +{ + const char * cap; + const uintptr_t * ptr; + + #define HIGH_BIT_TEST (uintptr_t)0x0101010101010101 + #define AND_BITS (uintptr_t)0x8080808080808080 + + cap = str; + while ((uintptr_t)cap % sizeof(uintptr_t)) { + if (!(*cap)) + return cap - str; + cap++; + } + + ptr = (uintptr_t *)cap; + while (!((*ptr - HIGH_BIT_TEST) & ~(*ptr) & AND_BITS)) + ptr++; + + cap = (const char *)ptr; + while (*cap) + cap++; + + return cap - str; +} + + +size_t __cdecl __ntapi_tt_string_null_offset_short( + __in const int16_t * str) +{ + const int16_t * cap; + + cap = str; + while (*cap) + cap++; + + return (size_t)cap - (size_t)str; +} + + +size_t __cdecl __ntapi_tt_string_null_offset_dword( + __in const int32_t * str) +{ + const int32_t * cap; + + cap = str; + while (*cap) + cap++; + + return (size_t)cap - (size_t)str; +} + +size_t __cdecl __ntapi_tt_string_null_offset_qword( + __in const int64_t * str) +{ + const int64_t * cap; + + cap = str; + while (*cap) + cap++; + + return (size_t)cap - (size_t)str; +} + +size_t __cdecl __ntapi_tt_string_null_offset_ptrsize( + __in const intptr_t *str) +{ + const intptr_t * cap; + + cap = str; + while (*cap) + cap++; + + return (size_t)cap - (size_t)str; +} + +size_t __cdecl __ntapi_wcslen(const wchar16_t * str) +{ + size_t len; + len = __ntapi_tt_string_null_offset_short((const int16_t *)str); + return len / 2; +} diff --git a/src/string/ntapi_tt_uintptr_to_hex_utf16.c b/src/string/ntapi_tt_uintptr_to_hex_utf16.c new file mode 100644 index 0000000..59e063f --- /dev/null +++ b/src/string/ntapi_tt_uintptr_to_hex_utf16.c @@ -0,0 +1,87 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include + +static void __fastcall __ntapi_tt_uint_to_hex_utf16( + __in uint64_t key, + __out wchar16_t * buffer, + __in unsigned bits) +{ + unsigned i; + uint32_t hex_buf[4]; + unsigned char * hex_chars; + unsigned char * uch; + unsigned offset; + unsigned bytes; + + hex_buf[0] = ('3' << 24) | ('2' << 16) | ('1' << 8) | '0'; + hex_buf[1] = ('7' << 24) | ('6' << 16) | ('5' << 8) | '4'; + hex_buf[2] = ('b' << 24) | ('a' << 16) | ('9' << 8) | '8'; + hex_buf[3] = ('f' << 24) | ('e' << 16) | ('d' << 8) | 'c'; + + uch = (unsigned char *)&key; + hex_chars = (unsigned char *)&hex_buf; + + bytes = bits / 8; + offset = bits / 4; + + for (i = 0; i < bytes; i++) { + buffer[offset - 1 - (i*2)] = hex_chars[uch[i] % 16]; + buffer[offset - 2 - (i*2)] = hex_chars[uch[i] / 16]; + } +} + + +void __fastcall __ntapi_tt_uint16_to_hex_utf16( + __in uint32_t key, + __out wchar16_t * formatted_key) +{ + __ntapi_tt_uint_to_hex_utf16( + key, + formatted_key, + 16); +} + + +void __fastcall __ntapi_tt_uint32_to_hex_utf16( + __in uint32_t key, + __out wchar16_t * formatted_key) +{ + __ntapi_tt_uint_to_hex_utf16( + key, + formatted_key, + 32); +} + + +void __fastcall __ntapi_tt_uint64_to_hex_utf16( + __in uint64_t key, + __out wchar16_t * formatted_key) +{ + __ntapi_tt_uint_to_hex_utf16( + key, + formatted_key, + 64); +} + + +void __fastcall __ntapi_tt_uintptr_to_hex_utf16( + __in uintptr_t key, + __out wchar16_t * formatted_key) +{ + #if defined (__NT32) + __ntapi_tt_uint_to_hex_utf16( + key, + formatted_key, + 32); + #elif defined (__NT64) + __ntapi_tt_uint_to_hex_utf16( + key, + formatted_key, + 64); + #endif +} diff --git a/src/string/ntapi_tt_uintptr_to_hex_utf8.c b/src/string/ntapi_tt_uintptr_to_hex_utf8.c new file mode 100644 index 0000000..b1e3141 --- /dev/null +++ b/src/string/ntapi_tt_uintptr_to_hex_utf8.c @@ -0,0 +1,73 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include + +static void __fastcall __ntapi_tt_uint_to_hex_utf8( + __in uint64_t key, + __out unsigned char * buffer, + __in unsigned bits) +{ + unsigned i; + uint32_t hex_buf[4]; + unsigned char * hex_chars; + unsigned char * uch; + unsigned offset; + unsigned bytes; + + /* avoid using .rdata for that one */ + hex_buf[0] = ('3' << 24) | ('2' << 16) | ('1' << 8) | '0'; + hex_buf[1] = ('7' << 24) | ('6' << 16) | ('5' << 8) | '4'; + hex_buf[2] = ('B' << 24) | ('A' << 16) | ('9' << 8) | '8'; + hex_buf[3] = ('F' << 24) | ('E' << 16) | ('D' << 8) | 'C'; + + uch = (unsigned char *)&key; + hex_chars = (unsigned char *)&hex_buf; + + bytes = bits / 8; + offset = bits / 4; + + for (i = 0; i < bytes; i++) { + buffer[offset - 1 - (i*2)] = hex_chars[uch[i] % 16]; + buffer[offset - 2 - (i*2)] = hex_chars[uch[i] / 16]; + } +} + + +void __fastcall __ntapi_tt_uint16_to_hex_utf8( + __in uint32_t key, + __out unsigned char * buffer) +{ + __ntapi_tt_uint_to_hex_utf8(key,buffer,16); +} + + +void __fastcall __ntapi_tt_uint32_to_hex_utf8( + __in uint32_t key, + __out unsigned char * buffer) +{ + __ntapi_tt_uint_to_hex_utf8(key,buffer,32); +} + + +void __fastcall __ntapi_tt_uint64_to_hex_utf8( + __in uint64_t key, + __out unsigned char * buffer) +{ + __ntapi_tt_uint_to_hex_utf8(key,buffer,64); +} + + +void __fastcall __ntapi_tt_uintptr_to_hex_utf8( + __in uintptr_t key, + __out unsigned char * buffer) +{ + #if defined (__NT32) + __ntapi_tt_uint_to_hex_utf8(key,buffer,32); + #elif defined (__NT64) + __ntapi_tt_uint_to_hex_utf8(key,buffer,64); + #endif +} diff --git a/src/sync/ntapi_tt_create_event.c b/src/sync/ntapi_tt_create_event.c new file mode 100644 index 0000000..3d81938 --- /dev/null +++ b/src/sync/ntapi_tt_create_event.c @@ -0,0 +1,76 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include "ntapi_impl.h" + + +static int32_t __cdecl __tt_create_event( + __out void ** hevent, + __in nt_event_type event_type, + __in int32_t initial_state, + __in uint32_t obj_attr) +{ + int32_t status; + nt_sqos sqos; + nt_oa oa; + + /* validation */ + if (!hevent) + return NT_STATUS_INVALID_PARAMETER; + + /* security structure */ + sqos.length = sizeof(sqos); + sqos.impersonation_level = NT_SECURITY_IMPERSONATION; + sqos.context_tracking_mode = NT_SECURITY_TRACKING_DYNAMIC; + sqos.effective_only = 1; + + /* object attributes */ + oa.len = sizeof(nt_object_attributes); + oa.root_dir = (void *)0; + oa.obj_name = (nt_unicode_string *)0; + oa.obj_attr = obj_attr; + oa.sec_desc = (nt_security_descriptor *)0; + oa.sec_qos = &sqos; + + status = __ntapi->zw_create_event( + hevent, + NT_EVENT_ALL_ACCESS, + &oa, + event_type, + initial_state); + + return status; +} + + +int32_t __stdcall __ntapi_tt_create_inheritable_event( + __out void ** hevent, + __in nt_event_type event_type, + __in int32_t initial_state) +{ + return __tt_create_event( + hevent, + event_type, + initial_state, + NT_OBJ_INHERIT); +} + + +int32_t __stdcall __ntapi_tt_create_private_event( + __out void ** hevent, + __in nt_event_type event_type, + __in int32_t initial_state) +{ + return __tt_create_event( + hevent, + event_type, + initial_state, + 0); +} diff --git a/src/sync/ntapi_tt_sync_block.c b/src/sync/ntapi_tt_sync_block.c new file mode 100644 index 0000000..e52dd77 --- /dev/null +++ b/src/sync/ntapi_tt_sync_block.c @@ -0,0 +1,283 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include +#include "ntapi_impl.h" + +void __stdcall __ntapi_tt_sync_block_init( + __in nt_sync_block * sync_block, + __in uint32_t flags __optional, + __in int32_t srvtid __optional, + __in int32_t default_lock_tries __optional, + __in int64_t default_lock_wait __optional, + __in void * hsignal __optional) +{ + __ntapi->tt_aligned_block_memset( + sync_block, + 0,sizeof(*sync_block)); + + sync_block->lock_tries = default_lock_tries + ? default_lock_tries + : __NT_SYNC_BLOCK_LOCK_TRIES; + + sync_block->lock_wait.quad = default_lock_wait + ? default_lock_wait + : (-1); + + sync_block->flags = flags; + sync_block->srvtid = srvtid; + sync_block->hsignal = hsignal; + + return; +} + + +int32_t __stdcall __ntapi_tt_sync_block_lock( + __in nt_sync_block * sync_block, + __in int32_t lock_tries __optional, + __in int64_t lock_wait __optional, + __in uint32_t * sig_flag __optional) +{ + int32_t status; + int32_t tid; + intptr_t lock; + void * hwait[2]; + nt_timeout timeout; + + /* validation */ + if (sync_block->invalid) + return NT_STATUS_INVALID_HANDLE; + + /* already owned? */ + tid = pe_get_current_thread_id(); + if (sync_block->tid == tid) return NT_STATUS_SUCCESS; + + /* yield to server? */ + if ((sync_block->flags & NT_SYNC_BLOCK_YIELD_TO_SERVER) && (tid != sync_block->srvtid)) { + hwait[0] = sync_block->hserver; + hwait[1] = sync_block->hsignal; + + /* signal support */ + if (sig_flag && *sig_flag) + return NT_STATUS_ALERTED; + + /* wait */ + status = __ntapi->zw_wait_for_multiple_objects( + 2, + hwait, + NT_WAIT_ANY, + NT_SYNC_NON_ALERTABLE, + (nt_timeout *)0); + + /* signal support */ + if (sig_flag && *sig_flag) + return NT_STATUS_ALERTED; + } + + /* first try */ + lock = at_locked_cas_32(&sync_block->tid,0,tid); + if (lock && !--lock_tries) return NT_STATUS_NOT_LOCKED; + + /* first-time contended case? */ + if (lock && !sync_block->hwait) { + status = __ntapi->tt_create_inheritable_event( + &hwait[0], + NT_NOTIFICATION_EVENT, + NT_EVENT_NOT_SIGNALED); + + if (status) return status; + + lock = at_locked_cas( + (intptr_t *)&sync_block->hwait, + 0,(intptr_t)hwait); + + if (lock) + __ntapi->zw_close(hwait); + + /* try again without a wait */ + lock = at_locked_cas_32(&sync_block->tid,0,tid); + } + + /* contended case? */ + if (lock) { + hwait[0] = sync_block->hwait; + hwait[1] = sync_block->hsignal; + + lock_tries = lock_tries + ? lock_tries + : sync_block->lock_tries; + + timeout.quad = lock_wait + ? lock_wait + : sync_block->lock_wait.quad; + + for (; lock && lock_tries; lock_tries--) { + /* signal support */ + if (sig_flag && *sig_flag) + return NT_STATUS_ALERTED; + + /* wait */ + status = __ntapi->zw_wait_for_multiple_objects( + 2, + &sync_block->hwait, + NT_WAIT_ANY, + NT_SYNC_NON_ALERTABLE, + &timeout); + + /* check status */ + if ((status != NT_STATUS_TIMEOUT) && ((uint32_t)status >= NT_STATUS_WAIT_CAP)) + return status; + + /* signal support */ + if (sig_flag && *sig_flag) + return NT_STATUS_ALERTED; + + /* try again */ + lock = at_locked_cas_32(&sync_block->tid,0,tid); + }; + } + + if (lock) return NT_STATUS_NOT_LOCKED; + + /* shared section support */ + sync_block->pid = pe_get_current_process_id(); + + return NT_STATUS_SUCCESS; +} + + +int32_t __stdcall __ntapi_tt_sync_block_server_lock( + __in nt_sync_block * sync_block, + __in int32_t lock_tries __optional, + __in int64_t lock_wait __optional, + __in uint32_t * sig_flag __optional) +{ + int32_t status; + + /* validation */ + if (sync_block->invalid) + return NT_STATUS_INVALID_HANDLE; + + else if (sync_block->srvtid != pe_get_current_thread_id()) + return NT_STATUS_RESOURCE_NOT_OWNED; + + /* try once without yield request */ + status = __ntapi_tt_sync_block_lock( + sync_block, + 1, + lock_wait, + sig_flag); + + if (status == NT_STATUS_SUCCESS) + return status; + + /* hserver */ + if (!sync_block->hserver) { + status = __ntapi->tt_create_inheritable_event( + &sync_block->hserver, + NT_NOTIFICATION_EVENT, + NT_EVENT_NOT_SIGNALED); + + if (status) return status; + } else { + status = __ntapi->zw_reset_event( + &sync_block->hserver, + (int32_t *)0); + + if (status) return status; + } + + /* yield request: set */ + sync_block->flags |= NT_SYNC_BLOCK_YIELD_TO_SERVER; + + /* try again */ + status = __ntapi_tt_sync_block_lock( + sync_block, + lock_tries, + lock_wait, + sig_flag); + + /* yield request: unset */ + sync_block->flags ^= NT_SYNC_BLOCK_YIELD_TO_SERVER; + + __ntapi->zw_set_event( + sync_block->hserver, + (int32_t *)0); + + /* (locking not guaranteed) */ + return status; +} + + +int32_t __stdcall __ntapi_tt_sync_block_unlock( + __in nt_sync_block * sync_block) +{ + int64_t cmp; + + if (sync_block->invalid) + return NT_STATUS_INVALID_HANDLE; + + cmp = (int64_t)(pe_get_current_process_id()) << 32; + cmp += pe_get_current_thread_id(); + + if (cmp != at_locked_cas_64( + (int64_t *)&sync_block->tid, + cmp,0)) + return NT_STATUS_RESOURCE_NOT_OWNED; + + return NT_STATUS_SUCCESS; +} + + +void __stdcall __ntapi_tt_sync_block_validate( + __in nt_sync_block * sync_block) +{ + at_store_32(&sync_block->invalid,0); + + return; +} + + +int32_t __stdcall __ntapi_tt_sync_block_invalidate( + __in nt_sync_block * sync_block) +{ + int32_t invalid; + + if (!sync_block) + return NT_STATUS_INVALID_PARAMETER; + + invalid = at_locked_cas_32( + &sync_block->invalid, + 0, + 1); + + if (invalid) + return NT_STATUS_INVALID_HANDLE; + + return NT_STATUS_SUCCESS; +} + + +int32_t __stdcall __ntapi_tt_sync_block_discard( + __in nt_sync_block * sync_block) +{ + if (!sync_block) + return NT_STATUS_INVALID_PARAMETER; + + if (sync_block->hwait) + __ntapi->zw_close(sync_block->hwait); + + if (sync_block->hserver) + __ntapi->zw_close(sync_block->hserver); + + __ntapi->tt_aligned_block_memset(sync_block,-1,sizeof(*sync_block)); + + return NT_STATUS_SUCCESS; +} diff --git a/src/sync/ntapi_tt_wait_for_dummy_event.c b/src/sync/ntapi_tt_wait_for_dummy_event.c new file mode 100644 index 0000000..c7680c7 --- /dev/null +++ b/src/sync/ntapi_tt_wait_for_dummy_event.c @@ -0,0 +1,31 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include "ntapi_impl.h" + +int32_t __stdcall __ntapi_tt_wait_for_dummy_event(void) +{ + /* wait forever without setting a break point and without spinning */ + + int32_t status; + void * hevent; + + status = __ntapi->tt_create_inheritable_event( + &hevent, + NT_NOTIFICATION_EVENT, + NT_EVENT_NOT_SIGNALED); + + if (status != NT_STATUS_SUCCESS) + return status; + + return __ntapi->zw_wait_for_single_object(hevent,0,0); + + return status; +} diff --git a/src/system/ntapi_tt_get_csr_port_handle_addr_by_logic.c b/src/system/ntapi_tt_get_csr_port_handle_addr_by_logic.c new file mode 100644 index 0000000..3f38067 --- /dev/null +++ b/src/system/ntapi_tt_get_csr_port_handle_addr_by_logic.c @@ -0,0 +1,197 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include "ntapi_impl.h" + +/************************************************************/ +/* beginning with version 6.0, explicit thread registration */ +/* with csrss is no longer required. the code below should */ +/* work with all known versions of NT, however it will only */ +/* be used when run on the now-obsolete versions of the OS. */ +/************************************************************/ + +/** + Nebbett was pretty much right in his interpretation of + the csrss port message; and as long as one changes + uint32_t to uintptr_t (especially when it comes to the + unknown parameters), then the structures behave as + expected according to his book. + + SysInternals: ProcessExplorer: csrss.exe: the stack shows + a thread in csrsrv.dll that has CsrUnhandledExceptionFilter + as its start address, and ntdll!NtReplyWaitReceivePort as + its next function call. This suggests that csrss still + uses LPC (at least to some extent) for communication with + user processes. + + Given the above, we may deduce that CsrClientCallServer + contains a call to ZwRequestWaitReplyPort. Assuming + the machine code in ntdll is as optimized as possible, + we may then conclude that on x86 machines, this would be + an E8 call using relative 32-bit addressing on both NT32 + and NT64. + + On the 32-bit variant of the operating system, the first + argument is passed on the stack, and is normally expressed + in terms of an offset from the ds register. + + On the 64-bit variant of the operating system, the first + argument is passed in the rcx register. Here, again, + machine code optimization suggests that the address of + CsrPortHandle will be provided as a 32-bit relative address, + or else the code will be larger by several bytes. + + The rest is based on simple logic and straight-forward + heuristics. Since we know the addresses of CsrClientCallSertver + and ZwRequestWaitReplyPort, we first find the call to the latter + function within the former. Once we have found that call, we + start going back to look for the argument-passing + opcode, and finally do the math to obtain the address of + CsrPortHandle. +**/ + + +#if defined(__X86_MODEL) +void ** __cdecl __ntapi_tt_get_csr_port_handle_addr_by_logic_i386(void) +{ + #define MAX_BYTES_BETWEEN_ARG1_PUSH_AND_E8_CALL 0x20 + #define MAX_FN_BYTES_TO_TEST 0x800 + + typedef struct __attr_aligned__ (1) __attr_packed__ __x86_e8_call_signature { + unsigned char __opcode_current_e8; + unsigned char __addr_relative[4]; + unsigned char __opcode_next_any; + } _x86_e8_call_signature; + + typedef struct __attr_aligned__ (1) __attr_packed__ __x86_push_ds_signature { + unsigned char __push; + unsigned char __ds; + unsigned char __push_ds_arg; + } _x86_push_ds_signature; + + unsigned char * ptr_test; + _x86_e8_call_signature * ptr_e8_call; + _x86_push_ds_signature * ptr_push_ds; + int32_t offset; + + /* type-punned tyrants */ + int32_t * prelative; + int32_t relative; + uintptr_t * pport_addr; + + + /* calling a function within the same library: assume E8 call */ + for (offset = 0; offset < MAX_FN_BYTES_TO_TEST; offset++) { + ptr_test = (unsigned char *)__ntapi->csr_client_call_server + + offset; + + if (*ptr_test == 0xE8) { + ptr_e8_call = (_x86_e8_call_signature *)ptr_test; + + /* make our type-punned tyrant compiler happy */ + prelative = (int32_t *)&(ptr_e8_call->__addr_relative); + relative = *prelative; + + /* are we calling ZwRequestWaitReplyPort? */ + if ((uintptr_t)(__ntapi->zw_request_wait_reply_port) == + (uintptr_t)&(ptr_e8_call->__opcode_next_any) + + relative) { + /* assume ds relative address for arg1, go back to find it */ + for (offset = 0; offset < MAX_BYTES_BETWEEN_ARG1_PUSH_AND_E8_CALL; offset++) { + ptr_push_ds = (_x86_push_ds_signature *)((uintptr_t)ptr_e8_call - offset); + + if ((ptr_push_ds->__push == 0xFF) && + (ptr_push_ds->__ds == 0x35)) { + /* bingo */ + /* make our type-punned tyrant compiler happy */ + pport_addr = (uintptr_t *)&(ptr_push_ds->__push_ds_arg); + + /* all done */ + return *(void ***)pport_addr; + } + } + } + } + } + + /* CsrPortHandle not found */ + return (void **)0; +} +#endif + + +#if defined(__X86_64_MODEL) +void ** __ntapi_tt_get_csr_port_handle_addr_by_logic_x86_64(void) +{ + #define MAX_BYTES_BETWEEN_ARG1_PUSH_AND_E8_CALL 0x20 + #define MAX_FN_BYTES_TO_TEST 0x800 + + typedef struct __attr_aligned__ (1) __attr_packed__ __x86_e8_call_signature { + unsigned char __opcode_current_e8; + unsigned char __addr_relative[4]; + unsigned char __opcode_next_any; + } _x86_e8_call_signature; + + typedef struct __attr_aligned__ (1) __attr_packed__ __x86_move_rcx_rel_signature { + unsigned char __move; + unsigned char __rcx; + unsigned char __relative; + unsigned char __arg_32_relative[4]; + unsigned char __opcode_next_any; + } _x86_move_rcx_rel_signature; + + unsigned char * ptr_test; + _x86_e8_call_signature * ptr_e8_call; + _x86_move_rcx_rel_signature * ptr_move_rcx_rel; + int32_t offset; + int32_t relative; + int32_t * prelative; /* for type-punned tyrants */ + + + /* calling a function within the same library: assume E8 call and 32-bit relative addressing */ + for (offset = 0; offset < MAX_FN_BYTES_TO_TEST; offset++) { + ptr_test = (unsigned char *)__ntapi->csr_client_call_server + + offset; + + if (*ptr_test == 0xE8) { + ptr_e8_call = (_x86_e8_call_signature *)ptr_test; + + /* please our type-punned tyrant compiler */ + prelative = (int32_t *)&(ptr_e8_call->__addr_relative); + relative = *prelative; + + /* are we calling ZwRequestWaitReplyPort? */ + /* comparing, not writing; ignore type-punned msgs. */ + if ((uintptr_t)(__ntapi->zw_request_wait_reply_port) == + (uintptr_t)&(ptr_e8_call->__opcode_next_any) + + relative) { + /* arg1 must be passed in rcx, so go back to find it */ + for (offset = 0; offset < MAX_BYTES_BETWEEN_ARG1_PUSH_AND_E8_CALL; offset++) { + ptr_move_rcx_rel = (_x86_move_rcx_rel_signature *)((uintptr_t)ptr_e8_call - offset); + + if ((ptr_move_rcx_rel->__move == 0x48) && + (ptr_move_rcx_rel->__rcx == 0x8b) && + (ptr_move_rcx_rel->__relative == 0x0d)) + /* bingo */ + /* make our type-punned tyrant compiler happy */ + prelative = (int32_t *)&(ptr_move_rcx_rel->__arg_32_relative); + relative = *prelative; + + /* all done */ + return (void **)( + (uintptr_t)&ptr_move_rcx_rel->__opcode_next_any + + relative); + } + } + } + } + + /* CsrPortHandle not found */ + return (void **)0; +} +#endif diff --git a/src/system/ntapi_tt_get_system_directory.c b/src/system/ntapi_tt_get_system_directory.c new file mode 100644 index 0000000..28b9745 --- /dev/null +++ b/src/system/ntapi_tt_get_system_directory.c @@ -0,0 +1,257 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include +#include +#include "ntapi_impl.h" + +int32_t __stdcall __ntapi_tt_get_system_directory_native_path( + __out nt_mem_sec_name * buffer, + __in uint32_t buffer_size, + __in wchar16_t * base_name, + __in uint32_t base_name_size, + __out nt_unicode_string * nt_path __optional) +{ + int32_t status; + wchar16_t * wch_src; + wchar16_t * wch_dst; + wchar16_t * wch_cap; + size_t maxlen_saved; + size_t info_size; + + /* validation */ + if (!buffer || !buffer_size) + return NT_STATUS_BUFFER_TOO_SMALL; + else if (base_name && !base_name_size) + return NT_STATUS_INVALID_PARAMETER_MIX; + + /* init buffer */ + buffer->section_name.strlen = 0; + buffer->section_name.maxlen = (uint16_t)(buffer_size - sizeof(nt_unicode_string)); + buffer->section_name.buffer = buffer->section_name_buffer; + + maxlen_saved = buffer->section_name.maxlen; + info_size = 0; + + status = __ntapi->zw_query_virtual_memory( + NT_CURRENT_PROCESS_HANDLE, + pe_get_ntdll_module_handle(), + NT_MEMORY_SECTION_NAME, + buffer, + buffer_size, + &info_size); + + if (status != NT_STATUS_SUCCESS) + return status; + + /* find directory portion */ + wch_dst = buffer->section_name.buffer + (buffer->section_name.strlen / sizeof(wchar16_t)); + wch_dst--; + + while ((*wch_dst != '\\') && (wch_dst > buffer->section_name.buffer)) + wch_dst--; + + if (wch_dst == buffer->section_name.buffer) + return NT_STATUS_INTERNAL_ERROR; + + /* base_name */ + if (base_name) { + wch_dst++; + wch_src = base_name; + wch_cap = (wchar16_t *)((uintptr_t)wch_dst + base_name_size); + + if ((uintptr_t)wch_cap - (uintptr_t)(buffer->section_name.buffer) > maxlen_saved) + return NT_STATUS_BUFFER_TOO_SMALL; + + while (wch_dst < wch_cap) { + *wch_dst = *wch_src; + wch_dst++; + wch_src++; + } + } + + /* null termination */ + *wch_dst = 0; + + /* nt_path */ + if (nt_path) + __ntapi->rtl_init_unicode_string( + nt_path, + buffer->section_name.buffer); + + return NT_STATUS_SUCCESS; +} + + +int32_t __stdcall __ntapi_tt_get_system_directory_handle( + __out void ** hsysdir, + __out nt_mem_sec_name * buffer __optional, + __in uint32_t buffer_size __optional) +{ + int32_t status; + nt_oa oa; + nt_iosb iosb; + nt_unicode_string path; + char _buffer[256]; + + /* validation */ + if (!hsysdir) + return NT_STATUS_INVALID_PARAMETER_1; + else if (buffer_size && buffer_size < 0x20) + return NT_STATUS_BUFFER_TOO_SMALL; + + /* buffer */ + if (!buffer) { + buffer = (nt_mem_sec_name *)_buffer; + buffer_size = sizeof(_buffer); + __ntapi->tt_aligned_block_memset(buffer,0,sizeof(buffer)); + } + + /* sysdir path */ + status = __ntapi_tt_get_system_directory_native_path( + buffer, + buffer_size, + (wchar16_t *)0, + 0, + &path); + + if (status != NT_STATUS_SUCCESS) + return status; + + /* oa */ + oa.len = sizeof(nt_oa); + oa.root_dir = (void *)0; + oa.obj_name = &path; + oa.obj_attr = 0; + oa.sec_desc = 0; + oa.sec_qos = 0; + + /* open file/folder */ + status = __ntapi->zw_open_file( + hsysdir, + NT_SEC_SYNCHRONIZE | NT_FILE_READ_ATTRIBUTES | NT_FILE_READ_ACCESS, + &oa, + &iosb, + NT_FILE_SHARE_READ | NT_FILE_SHARE_WRITE, + NT_FILE_DIRECTORY_FILE | NT_FILE_SYNCHRONOUS_IO_ALERT); + + return status; +} + + +int32_t __stdcall __ntapi_tt_get_system_directory_dos_path( + __in void * hsysdir __optional, + __out wchar16_t * buffer, + __in uint32_t buffer_size, + __in wchar16_t * base_name, + __in uint32_t base_name_size, + __out nt_unicode_string * nt_path __optional) +{ + int32_t status; + nt_statfs statfs; + wchar16_t * wch; + wchar16_t * wch_src; + wchar16_t * wch_cap; + nt_iosb iosb; + nt_fni * fni; + uint32_t fni_length; + + /* validation */ + if (!buffer) + return NT_STATUS_INVALID_PARAMETER_2; + + /* hsysdir */ + if (!hsysdir) { + status = __ntapi_tt_get_system_directory_handle( + &hsysdir, + (nt_mem_sec_name *)buffer, + buffer_size); + + if (status != NT_STATUS_SUCCESS) + return status; + } + + /* statfs */ + status = __ntapi->tt_statfs( + hsysdir, + (void *)0, + (nt_unicode_string *)0, + &statfs, + (uintptr_t *)buffer, + buffer_size, + NT_STATFS_DOS_DRIVE_LETTER); + + if (status != NT_STATUS_SUCCESS) + return status; + + /* dos path name (always shorter than the native path, so buffer_size must be ok) */ + wch = buffer; + *wch = '\\'; wch++; + *wch = '?'; wch++; + *wch = '?'; wch++; + *wch = '\\'; wch++; + *wch = statfs.nt_drive_letter; wch++; + *wch = ':'; wch++; + + /* alignment */ + fni = (nt_fni *)((uintptr_t)buffer + 0x10); + + status = __ntapi->zw_query_information_file( + hsysdir, + &iosb, + fni, + buffer_size - 8 * sizeof(wchar16_t), + NT_FILE_NAME_INFORMATION); + + if (status != NT_STATUS_SUCCESS) + return status; + + /* fni->file_name_length: save */ + fni_length = fni->file_name_length; + + /* overwrite */ + wch_src = fni->file_name; + wch_cap = (wchar16_t *)((uintptr_t)wch_src + fni_length); + + while (wch_src < wch_cap) { + *wch = *wch_src; + wch++; + wch_src++; + } + + /* ultimate path separator */ + *wch = '\\'; wch++; + + /* base_name */ + if (base_name) { + wch_src = base_name; + wch_cap = (wchar16_t *)((uintptr_t)wch + base_name_size); + + if ((uintptr_t)wch_cap - (uintptr_t)buffer - sizeof(wchar16_t) > buffer_size) + return NT_STATUS_BUFFER_TOO_SMALL; + + while (wch < wch_cap) { + *wch = *wch_src; + wch++; + wch_src++; + } + } + + /* null termination */ + *wch = 0; + + /* nt_path */ + if (nt_path) + __ntapi->rtl_init_unicode_string( + nt_path, + buffer); + + return NT_STATUS_SUCCESS; +} diff --git a/src/system/ntapi_tt_get_system_info_snapshot.c b/src/system/ntapi_tt_get_system_info_snapshot.c new file mode 100644 index 0000000..bfe2978 --- /dev/null +++ b/src/system/ntapi_tt_get_system_info_snapshot.c @@ -0,0 +1,89 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include +#include "ntapi_impl.h" + +int32_t __stdcall __ntapi_tt_get_system_info_snapshot( + __in_out nt_system_information_snapshot * sys_info_snapshot) +{ + int32_t status; + + /* pre-allocated buffer? */ + if (sys_info_snapshot->buffer) + status = __ntapi->zw_query_system_information( + sys_info_snapshot->sys_info_class, + sys_info_snapshot->buffer, + sys_info_snapshot->max_len, + &sys_info_snapshot->info_len); + else { + /* set initial buffer size */ + sys_info_snapshot->max_len = NT_ALLOCATION_GRANULARITY; + + /* allocate initial buffer */ + status = __ntapi->zw_allocate_virtual_memory( + NT_CURRENT_PROCESS_HANDLE, + (void **)&sys_info_snapshot->buffer, + 0, + &sys_info_snapshot->max_len, + NT_MEM_COMMIT, + NT_PAGE_READWRITE); + + /* verification */ + if (status != NT_STATUS_SUCCESS) + return status; + + /* loop until buffer is large enough to satisfy the system */ + while ((status = __ntapi->zw_query_system_information( + sys_info_snapshot->sys_info_class, + sys_info_snapshot->buffer, + sys_info_snapshot->max_len, + &sys_info_snapshot->info_len)) + == NT_STATUS_INFO_LENGTH_MISMATCH) { + + /* free previously allocated memory */ + status = __ntapi->zw_free_virtual_memory( + NT_CURRENT_PROCESS_HANDLE, + (void **)&sys_info_snapshot->buffer, + &sys_info_snapshot->max_len, + NT_MEM_RELEASE); + + /* verification */ + if (status != NT_STATUS_SUCCESS) + return status; + + /* reset buffer and increase buffer size */ + sys_info_snapshot->buffer = (nt_system_information_buffer *)0; + sys_info_snapshot->max_len += NT_ALLOCATION_GRANULARITY; + + /* reallocate buffer memory */ + status = __ntapi->zw_allocate_virtual_memory( + NT_CURRENT_PROCESS_HANDLE, + (void **)&sys_info_snapshot->buffer, + 0, + &sys_info_snapshot->max_len, + NT_MEM_COMMIT, + NT_PAGE_READWRITE); + + /* verification */ + if (status != NT_STATUS_SUCCESS) + return status; + } + } + + /* verification */ + if (status == NT_STATUS_SUCCESS) { + sys_info_snapshot->pcurrent = &sys_info_snapshot->buffer->mark; + return NT_STATUS_SUCCESS; + } else { + sys_info_snapshot->pcurrent = (void *)0; + return status; + } +} diff --git a/src/thread/ntapi_tt_create_thread.c b/src/thread/ntapi_tt_create_thread.c new file mode 100644 index 0000000..4fbe68f --- /dev/null +++ b/src/thread/ntapi_tt_create_thread.c @@ -0,0 +1,418 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "ntapi_impl.h" + +/* (no planned support of alpha processors, use constant values) */ +#define __PAGE_SIZE 0x001000 +#define __GRANULARITY 0x010000 +#define __RESERVE_ROUND_UP 0x100000 + +static int32_t __stdcall __create_thread_fail( + void * hprocess, + void * stack_bottom, + size_t stack_size, + int32_t status) +{ + __ntapi->zw_free_virtual_memory( + hprocess, + &stack_bottom, + &stack_size, + NT_MEM_RELEASE); + return status; +} + +int32_t __stdcall __ntapi_tt_create_thread( + __in_out nt_thread_params * params) +{ + int32_t status; + ntapi_internals * __internals; + + nt_client_id cid; + nt_port_message_csrss_process csrss_msg; + nt_port_message_csrss_process * csrss_msg_1st; + nt_port_message_csrss_thread * csrss_msg_any; + + void * stack_system_limit; + uint32_t protect_type_old; + + nt_user_stack stack; + nt_thread_context context; + uintptr_t fsuspended; + uintptr_t * parg; + + if (!(params->stack_size_commit)) + return NT_STATUS_INVALID_PARAMETER; + else if (!(params->stack_size_reserve)) + return NT_STATUS_INVALID_PARAMETER; + else if (params->ext_ctx_size > __NT_INTERNAL_PAGE_SIZE) + return NT_STATUS_INVALID_PARAMETER; + else if (params->ext_ctx_size % sizeof(intptr_t)) + return NT_STATUS_INVALID_PARAMETER; + else if (params->arg && params->ext_ctx) + return NT_STATUS_INVALID_PARAMETER_MIX; + else if (params->ext_ctx && !params->ext_ctx_size) + return NT_STATUS_INVALID_PARAMETER_MIX; + + /* init */ + __internals = __ntapi_internals(); + params->stack_size_commit = __NT_ROUND_UP_TO_POWER_OF_2(params->stack_size_commit+params->ext_ctx_size, __PAGE_SIZE); + params->stack_size_reserve = __NT_ROUND_UP_TO_POWER_OF_2(params->stack_size_reserve,__GRANULARITY); + + /* compare, round-up as needed */ + if (params->stack_size_commit >= params->stack_size_reserve) + params->stack_size_reserve = __NT_ROUND_UP_TO_POWER_OF_2(params->stack_size_commit,__RESERVE_ROUND_UP); + + /** + * + * --------- BASE ---------- + * + * ---- (COMMITED AREA) ---- + * + * --------- LIMIT --------- + * + * ------ GUARD PAGE ------- + * + * ------ ACTUAL LIMIT ----- + * + * ---- (RESERVED AREA) ---- + * + * -------- BOTTOM --------- + * + **/ + + /* stack structure: unused fields */ + stack.fixed_stack_base = (void *)0; + stack.fixed_stack_limit = (void *)0; + + /* first we reserve */ + stack.expandable_stack_bottom = (void *)0; + status = __ntapi->zw_allocate_virtual_memory( + params->hprocess, + &stack.expandable_stack_bottom, + params->stack_zero_bits, + ¶ms->stack_size_reserve, + NT_MEM_RESERVE, + NT_PAGE_READWRITE); + + if (status) return status; + + /* calculate base and limit */ + stack.expandable_stack_base = + (void *)((intptr_t)stack.expandable_stack_bottom + + params->stack_size_reserve); + + stack.expandable_stack_limit = + (void *)((intptr_t)stack.expandable_stack_base + - params->stack_size_commit); + + /* guard page */ + params->stack_size_commit += __PAGE_SIZE; + stack_system_limit = + (void *)((intptr_t)stack.expandable_stack_base + - params->stack_size_commit); + + /* then we commit */ + status = __ntapi->zw_allocate_virtual_memory( + params->hprocess, + &stack_system_limit, + 0, + ¶ms->stack_size_commit, + NT_MEM_COMMIT, + NT_PAGE_READWRITE); + + if (status) return __create_thread_fail( + params->hprocess, + stack.expandable_stack_bottom, + params->stack_size_reserve, + status); + + /* finally we protect the guard page */ + params->stack_size_commit = __PAGE_SIZE; + status = __ntapi->zw_protect_virtual_memory( + params->hprocess, + &stack_system_limit, + ¶ms->stack_size_commit, + NT_PAGE_READWRITE | NT_MEM_PAGE_GUARD, + &protect_type_old); + + if (status) return __create_thread_fail( + params->hprocess, + stack.expandable_stack_bottom, + params->stack_size_reserve, + status); + + /* context */ + if (!params->reg_context) { + params->reg_context = &context; + __ntapi->tt_aligned_block_memset(&context,0,sizeof(nt_thread_context)); + __INIT_CONTEXT(context); + context.INSTRUCTION_POINTER_REGISTER = (uintptr_t)params->start; + context.STACK_POINTER_REGISTER = (uintptr_t)(stack.expandable_stack_base) + - sizeof(intptr_t); + } + + + + + + + +/*****************************************************************************/ +/*-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-*/ +/* */ +/* */ +/* INNOVATION IN THE FIELD OF MULTI-THREADED COMPUTER PROGRAMMING */ +/* */ +/* A "RAPUNZEL" TOP-OF-STACK, VARIABLE-SIZE ENTRY-ROUTINE CONTEXT */ +/* */ +/* COPYRIGHT (C) 2013,2014,2015 ZVI GILBOA */ +/* */ +/* */ +/* */ +/* Laß mir dein Haar herunter.« */ +/**/ if (params->ext_ctx) { /**/ +/**/ context.STACK_POINTER_REGISTER -= params->ext_ctx_size; /**/ +/**/ params->arg = (void *)context.STACK_POINTER_REGISTER; /**/ +/**/ /**/ +/**/ if (params->creation_flags & NT_CREATE_LOCAL_THREAD) /**/ +/**/ __ntapi->tt_aligned_block_memcpy( /**/ +/**/ (uintptr_t *)params->arg, /**/ +/**/ (uintptr_t *)params->ext_ctx, /**/ +/**/ params->ext_ctx_size); /**/ +/**/ else { /**/ +/**/ status = __ntapi->zw_write_virtual_memory( /**/ +/**/ params->hprocess, /**/ +/**/ params->arg, /**/ +/**/ (char *)params->ext_ctx, /**/ +/**/ params->ext_ctx_size, /**/ +/**/ 0); /**/ +/**/ /**/ +/**/ if (status) return __create_thread_fail( /**/ +/**/ params->hprocess, /**/ +/**/ stack.expandable_stack_bottom, /**/ +/**/ params->stack_size_reserve, /**/ +/**/ status); /**/ +/**/ } /**/ +/**/ } /**/ +/**/ /**/ +/**/ /**/ +/**/ /**/ +/* entry-routine argument address and stack pointer adjustment */ +/**/ if (sizeof(intptr_t) == 4) { /**/ +/**/ context.STACK_POINTER_REGISTER -= sizeof(intptr_t); /**/ +/**/ parg = (uintptr_t *)context.STACK_POINTER_REGISTER; /**/ +/**/ } else /**/ +/**/ parg = &context.FAST_CALL_ARG0; /**/ +/**/ /**/ +/**/ /**/ +/* write entry-routine argument */ +/**/ if ((sizeof(size_t) == 8) /**/ +/**/ || (params->creation_flags&NT_CREATE_LOCAL_THREAD))/**/ +/**/ *parg = (uintptr_t)params->arg; /**/ +/**/ else { /**/ +/**/ status = __ntapi->zw_write_virtual_memory( /**/ +/**/ params->hprocess, /**/ +/**/ parg, /**/ +/**/ (char *)¶ms->arg, /**/ +/**/ sizeof(uintptr_t), /**/ +/**/ 0); /**/ +/**/ /**/ +/**/ if (status) return __create_thread_fail( /**/ +/**/ params->hprocess, /**/ +/**/ stack.expandable_stack_bottom, /**/ +/**/ params->stack_size_reserve, /**/ +/**/ status); /**/ +/**/ } /**/ +/**/ /**/ +/**/ /**/ +/*-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-*/ +/*****************************************************************************/ + + + + + + + + + + + + /* create thread */ + if ((!__ntapi->zw_create_user_process) | (params->creation_flags & NT_CREATE_SUSPENDED)) + fsuspended = 1; + else + fsuspended = 0; + + status = __ntapi->zw_create_thread( + ¶ms->hthread, + NT_THREAD_ALL_ACCESS, + params->obj_attr, + params->hprocess, + &cid, + params->reg_context, + &stack, + fsuspended); + + if (status) return __create_thread_fail( + params->hprocess, + stack.expandable_stack_bottom, + params->stack_size_reserve, + status); + + /* for os versions prior to hasta la */ + if (!__ntapi->zw_create_user_process) { + __ntapi->tt_aligned_block_memset(&csrss_msg,0,sizeof(csrss_msg)); + + if (params->creation_flags & NT_CREATE_FIRST_THREAD_OF_PROCESS) { + /* nt_port_message_csrss_process is the larger structure */ + csrss_msg_1st = &csrss_msg; + + csrss_msg_1st->header.data_size = sizeof(nt_port_message_csrss_process) - sizeof(nt_port_message); + csrss_msg_1st->header.msg_size = sizeof(nt_port_message_csrss_process); + csrss_msg_1st->opcode = 0x10000; + csrss_msg_1st->hprocess = params->hprocess; + csrss_msg_1st->hthread = params->hthread; + csrss_msg_1st->unique_process_id = cid.process_id; + csrss_msg_1st->unique_thread_id = cid.thread_id; + } else { + /* nt_port_message_csrss_thread is the smaller structure */ + csrss_msg_any = (nt_port_message_csrss_thread *)&csrss_msg; + + csrss_msg_any->header.data_size = sizeof(nt_port_message_csrss_thread) - sizeof(nt_port_message); + csrss_msg_any->header.msg_size = sizeof(nt_port_message_csrss_thread); + csrss_msg_any->opcode = 0x10001; + csrss_msg_any->hthread = params->hthread; + csrss_msg_any->unique_process_id = cid.process_id; + csrss_msg_any->unique_thread_id = cid.thread_id; + } + + /* send csrss a new-thread notification */ + if (__internals->csr_port_handle_addr) { + status = __ntapi->zw_request_wait_reply_port( + *__internals->csr_port_handle_addr, + &csrss_msg,&csrss_msg); + } + + /* output csrss_status to caller */ + params->csrss_status = status + ? status + : csrss_msg.status; + } + + /* resume thread, close handle as needed */ + if (fsuspended && !(params->creation_flags & NT_CREATE_SUSPENDED)) + status = __ntapi->zw_resume_thread(params->hthread,0); + + if (params->creation_flags & NT_CLOSE_THREAD_HANDLE) + __ntapi->zw_close(params->hthread); + + /* and finally */ + params->thread_id = (uint32_t)cid.thread_id; + return NT_STATUS_SUCCESS; +} + + +int32_t __stdcall __ntapi_tt_create_local_thread( + __in_out nt_thread_params * params) +{ + void * image_base; + struct pe_stack_heap_info stack_heap_info; + nt_client_id cid; + nt_object_attributes oa; + nt_status status; + + /* oa init */ + oa.len = sizeof(oa); + oa.root_dir = (void *)0; + oa.obj_name = (nt_unicode_string *)0; + oa.obj_attr = 0; + oa.sec_desc = (nt_sd *)0; + oa.sec_qos = (nt_sqos *)0; + + /* init cid */ + cid.process_id = pe_get_current_process_id(); + cid.thread_id = pe_get_current_thread_id(); + + /* obtain a handle to our own process */ + /* TODO: use cached handle, no close */ + status = __ntapi->zw_open_process( + ¶ms->hprocess, + NT_PROCESS_ALL_ACCESS, + &oa, + &cid); + + if (status) return status; + + /* retrieve the stack defaults as needed */ + if (!(params->stack_size_commit && params->stack_size_reserve) && !(params->stack_info)) { + /* image_base*/ + image_base = pe_get_first_module_handle(); + + if (!(intptr_t)image_base) + return NT_STATUS_INVALID_IMPORT_OF_NON_DLL; + + status = pe_get_image_stack_heap_info( + image_base, + &stack_heap_info); + + if (status) + return NT_STATUS_INVALID_IMAGE_FORMAT; + + /* stack_size_commit */ + if (!params->stack_size_commit) + params->stack_size_commit = stack_heap_info.size_of_stack_commit; + + /* stack_size_reserve */ + if (!params->stack_size_reserve) + params->stack_size_reserve = stack_heap_info.size_of_stack_reserve; + + if (!(params->stack_size_commit && params->stack_size_reserve)) + return NT_STATUS_INVALID_IMAGE_FORMAT; + } + + params->creation_flags |= NT_CREATE_LOCAL_THREAD; + status = __ntapi_tt_create_thread(params); + + /* TODO: use cached handle, no close */ + __ntapi->zw_close(params->hprocess); + return status; +} + + +int32_t __stdcall __ntapi_tt_create_remote_thread( + __in_out nt_thread_params * params) +{ + return __ntapi_tt_create_thread(params); +} + + +void * __cdecl __ntapi_csr_port_handle(nt_status * pstatus) +{ + ntapi_internals * __internals; + + __internals = __ntapi_internals(); + + if (__internals->csr_port_handle_addr) { + if (pstatus) + *pstatus = NT_STATUS_SUCCESS; + return *__internals->csr_port_handle_addr; + } else { + if (pstatus) + *pstatus = NT_STATUS_UNSUCCESSFUL; + return (void *)0; + } +} diff --git a/src/tty/ntapi_tty_client_process_register.c b/src/tty/ntapi_tty_client_process_register.c new file mode 100644 index 0000000..935cf1e --- /dev/null +++ b/src/tty/ntapi_tty_client_process_register.c @@ -0,0 +1,37 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include "ntapi_impl.h" + +int32_t __stdcall __ntapi_tty_client_process_register( + __in void * hport, + __in uintptr_t process_id, + __in uintptr_t thread_id, + __in uintptr_t flags, + __in nt_large_integer * reserved) +{ + nt_status status; + nt_tty_register_msg msg; + + __ntapi->tt_aligned_block_memset( + &msg,0,sizeof(msg)); + + msg.header.msg_type = NT_LPC_NEW_MESSAGE; + msg.header.data_size = sizeof(msg.data); + msg.header.msg_size = sizeof(msg); + msg.data.ttyinfo.opcode = NT_TTY_CLIENT_PROCESS_REGISTER; + + msg.data.reginfo.process_id = process_id; + msg.data.reginfo.thread_id = thread_id; + msg.data.reginfo.flags = flags; + + if ((status = __ntapi->zw_request_wait_reply_port(hport,&msg,&msg))) + return status; + + return msg.data.ttyinfo.status; +} diff --git a/src/tty/ntapi_tty_client_session_query.c b/src/tty/ntapi_tty_client_session_query.c new file mode 100644 index 0000000..1d0dbe8 --- /dev/null +++ b/src/tty/ntapi_tty_client_session_query.c @@ -0,0 +1,40 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include "ntapi_impl.h" + +int32_t __stdcall __ntapi_tty_client_session_query( + __in void * hport, + __out nt_tty_session_info * sessioninfo) +{ + int32_t status; + nt_tty_session_msg msg; + + hport = hport ? hport : __ntapi_internals()->hport_tty_session; + + __ntapi->tt_aligned_block_memset( + &msg,0,sizeof(msg)); + + msg.header.msg_type = NT_LPC_NEW_MESSAGE; + msg.header.data_size = sizeof(msg.data); + msg.header.msg_size = sizeof(msg); + msg.data.ttyinfo.opcode = NT_TTY_CLIENT_SESSION_QUERY; + + if ((status = __ntapi->zw_request_wait_reply_port(hport,&msg,&msg))) + return status; + else if (msg.data.ttyinfo.status) + return msg.data.ttyinfo.status; + + sessioninfo->pid = msg.data.sessioninfo.pid; + sessioninfo->pgid = msg.data.sessioninfo.pgid; + sessioninfo->sid = msg.data.sessioninfo.sid; + sessioninfo->reserved = msg.data.sessioninfo.reserved; + + return NT_STATUS_SUCCESS; +} diff --git a/src/tty/ntapi_tty_client_session_set.c b/src/tty/ntapi_tty_client_session_set.c new file mode 100644 index 0000000..600fd5e --- /dev/null +++ b/src/tty/ntapi_tty_client_session_set.c @@ -0,0 +1,38 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include "ntapi_impl.h" + +int32_t __stdcall __ntapi_tty_client_session_set( + __in void * hport, + __in nt_tty_session_info * sessioninfo) +{ + int32_t status; + nt_tty_session_msg msg; + + hport = hport ? hport : __ntapi_internals()->hport_tty_session; + + __ntapi->tt_aligned_block_memset( + &msg,0,sizeof(msg)); + + msg.header.msg_type = NT_LPC_NEW_MESSAGE; + msg.header.data_size = sizeof(msg.data); + msg.header.msg_size = sizeof(msg); + msg.data.ttyinfo.opcode = NT_TTY_CLIENT_SESSION_SET; + + msg.data.sessioninfo.pid = sessioninfo->pid; + msg.data.sessioninfo.pgid = sessioninfo->pgid; + msg.data.sessioninfo.sid = sessioninfo->sid; + msg.data.sessioninfo.reserved = sessioninfo->reserved; + + if ((status = __ntapi->zw_request_wait_reply_port(hport,&msg,&msg))) + return status; + + return msg.data.ttyinfo.status; +} diff --git a/src/tty/ntapi_tty_connect.c b/src/tty/ntapi_tty_connect.c new file mode 100644 index 0000000..4ef198c --- /dev/null +++ b/src/tty/ntapi_tty_connect.c @@ -0,0 +1,47 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include +#include "ntapi_impl.h" + +int32_t __stdcall __ntapi_tty_connect( + __out void ** hport, + __in wchar16_t * tty_port_name, + __in int32_t impersonation_level) +{ + nt_object_attributes oa; + nt_unicode_string name; + nt_security_quality_of_service sqos; + + __ntapi->tt_init_unicode_string_from_utf16( + &name,tty_port_name); + + sqos.length = sizeof(sqos); + sqos.impersonation_level = impersonation_level; + sqos.context_tracking_mode = NT_SECURITY_TRACKING_DYNAMIC; + sqos.effective_only = 1; + + oa.len = sizeof(oa); + oa.root_dir = (void *)0; + oa.obj_name = &name; + oa.obj_attr = 0; + oa.sec_desc = (nt_security_descriptor *)0; + oa.sec_qos = &sqos; + + return __ntapi->zw_connect_port( + hport, + &name, + &sqos, + (nt_port_section_write *)0, + (nt_port_section_read *)0, + (uint32_t *)0, + (void *)0, + (uint32_t *)0); +} diff --git a/src/tty/ntapi_tty_create_session.c b/src/tty/ntapi_tty_create_session.c new file mode 100644 index 0000000..176b2fb --- /dev/null +++ b/src/tty/ntapi_tty_create_session.c @@ -0,0 +1,166 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include "ntapi_impl.h" + +static int32_t __fastcall __tty_create_session_return( + nt_create_process_params * params, + int32_t status) +{ + if (status) + __ntapi->zw_terminate_process( + params->hprocess, + NT_STATUS_UNEXPECTED_IO_ERROR); + + __ntapi->zw_close(params->hprocess); + __ntapi->zw_close(params->hthread); + + return status; +} + +int32_t __stdcall __ntapi_tty_create_session( + __out void ** hport, + __out nt_port_name * port_name, + __in nt_tty_session_type type, + __in const nt_guid * guid __optional, + __in wchar16_t * image_name __optional) +{ + nt_status status; + ntapi_internals * __internals; + + nt_port_attr port_attr; + nt_runtime_data ssattr; + nt_runtime_data_block rtblock; + nt_create_process_params params; + + wchar16_t __attr_aligned__(8) __tty_image_name_fallback[] = { + '\\','?','?','\\', + 'C',':', + '\\','m','i','d','i','p','i','x', + '\\','b','i','n', + '\\','n','t','c','t','t','y', + '.','e','x','e', + 0}; + + /* init */ + __internals = __ntapi_internals(); + + __ntapi->tt_aligned_block_memset( + &port_attr,0,sizeof(port_attr)); + + switch (type) { + case NT_TTY_SESSION_PRIMARY: + port_attr.type = NT_PORT_TYPE_SUBSYSTEM; + port_attr.subtype = NT_PORT_SUBTYPE_DEFAULT; + + if (!hport) + hport = &__internals->hport_tty_session; + + if (!port_name) + port_name = __internals->subsystem; + + if (!image_name) + image_name = __tty_image_name_fallback; + + break; + + case NT_TTY_SESSION_PRIVATE: + port_attr.type = NT_PORT_TYPE_SUBSYSTEM; + port_attr.subtype = NT_PORT_SUBTYPE_PRIVATE; + break; + + default: + return NT_STATUS_INVALID_PARAMETER; + } + + /* port guid */ + if (guid) + __ntapi->tt_guid_copy( + &port_attr.guid, + guid); + else + __ntapi->tt_port_guid_from_type( + &port_attr.guid, + port_attr.type, + port_attr.subtype); + + /* port keys */ + if ((status = __ntapi->tt_port_generate_keys(&port_attr.keys))) + return status; + + /* port name */ + __ntapi->tt_port_name_from_attributes( + port_name, + &port_attr); + + /* subsystem attributes */ + __ntapi->tt_aligned_block_memset( + &ssattr,0,sizeof(ssattr)); + + ssattr.srv_type = port_attr.type; + ssattr.srv_subtype = port_attr.subtype; + ssattr.srv_keys[0] = port_attr.keys.key[0]; + ssattr.srv_keys[1] = port_attr.keys.key[1]; + ssattr.srv_keys[2] = port_attr.keys.key[2]; + ssattr.srv_keys[3] = port_attr.keys.key[3]; + ssattr.srv_keys[4] = port_attr.keys.key[4]; + ssattr.srv_keys[5] = port_attr.keys.key[5]; + + __ntapi->tt_guid_copy( + &ssattr.srv_guid, + &port_attr.guid); + + if ((status = __ntapi->tt_create_private_event( + &ssattr.srv_ready, + NT_SYNCHRONIZATION_EVENT, + NT_EVENT_NOT_SIGNALED))) + return status; + + /* create subsystem process */ + rtblock.addr = &ssattr; + rtblock.size = sizeof(ssattr); + rtblock.remote_addr = 0; + rtblock.remote_size = 0; + rtblock.flags = NT_RUNTIME_DATA_DUPLICATE_SESSION_HANDLES; + + __ntapi->tt_aligned_block_memset( + ¶ms,0,sizeof(params)); + + params.image_name = image_name; + params.rtblock = &rtblock; + + if ((status = __ntapi->tt_create_native_process(¶ms))) + return status; + + if ((status = __ntapi->zw_wait_for_single_object( + ssattr.srv_ready, + NT_SYNC_NON_ALERTABLE, + 0))) + return __tty_create_session_return(¶ms,status); + + /* connect to subsystem */ + if ((status = __ntapi->tty_connect( + hport, + &port_name->base_named_objects[0], + NT_SECURITY_IMPERSONATION))) + return __tty_create_session_return(¶ms,status); + + /* finalize primary session */ + if (type == NT_TTY_SESSION_PRIMARY) { + if (hport != &__internals->hport_tty_session) + __internals->hport_tty_session = *hport; + + if (port_name != __internals->subsystem) + __ntapi->tt_memcpy_utf16( + __internals->subsystem->base_named_objects, + port_name->base_named_objects, + sizeof(*port_name)); + }; + + return __tty_create_session_return(¶ms,NT_STATUS_SUCCESS); +} diff --git a/src/tty/ntapi_tty_join_session.c b/src/tty/ntapi_tty_join_session.c new file mode 100644 index 0000000..e88b9cb --- /dev/null +++ b/src/tty/ntapi_tty_join_session.c @@ -0,0 +1,53 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include "ntapi_impl.h" + +int32_t __stdcall __ntapi_tty_join_session( + __out void ** hport, + __out nt_port_name * port_name, + __in nt_port_attr * port_attr, + __in nt_tty_session_type type) +{ + nt_status status; + ntapi_internals * __internals; + + /* init */ + __internals = __ntapi_internals(); + + if (type == NT_TTY_SESSION_PRIMARY) { + hport = hport ? hport : &__internals->hport_tty_session; + port_name = port_name ? port_name : __internals->subsystem; + } + + /* port name */ + __ntapi->tt_port_name_from_attributes( + port_name, + port_attr); + + /* connect to subsystem */ + if ((status = __ntapi->tty_connect( + hport, + (wchar16_t *)port_name, + NT_SECURITY_IMPERSONATION))) + return status; + + /* finalize primary session */ + if (type == NT_TTY_SESSION_PRIMARY) { + if (hport != &__internals->hport_tty_session) + __internals->hport_tty_session = *hport; + + if (port_name != __internals->subsystem) + __ntapi->tt_memcpy_utf16( + __internals->subsystem->base_named_objects, + port_name->base_named_objects, + sizeof(*port_name)); + }; + + return status; +} diff --git a/src/tty/ntapi_tty_query_information_server.c b/src/tty/ntapi_tty_query_information_server.c new file mode 100644 index 0000000..7930413 --- /dev/null +++ b/src/tty/ntapi_tty_query_information_server.c @@ -0,0 +1,40 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include "ntapi_impl.h" + +int32_t __stdcall __ntapi_tty_query_information_server( + __in void * hport, + __in nt_tty_server_info * srvinfo) +{ + int32_t status; + nt_tty_server_msg msg; + + hport = hport ? hport : __ntapi_internals()->hport_tty_session; + + __ntapi->tt_aligned_block_memset( + &msg,0,sizeof(msg)); + + msg.header.msg_type = NT_LPC_NEW_MESSAGE; + msg.header.data_size = sizeof(msg.data); + msg.header.msg_size = sizeof(msg); + msg.data.ttyinfo.opcode = NT_TTY_QUERY_INFORMATION_SERVER; + + if ((status = __ntapi->zw_request_wait_reply_port(hport,&msg,&msg))) + return status; + else if (msg.data.ttyinfo.status) + return msg.data.ttyinfo.status; + + __ntapi->tt_aligned_block_memcpy( + (uintptr_t *)srvinfo, + (uintptr_t *)&(msg.data.srvinfo), + sizeof(*srvinfo)); + + return NT_STATUS_SUCCESS; +} diff --git a/src/tty/ntapi_tty_request_peer.c b/src/tty/ntapi_tty_request_peer.c new file mode 100644 index 0000000..9f6550d --- /dev/null +++ b/src/tty/ntapi_tty_request_peer.c @@ -0,0 +1,46 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include "ntapi_impl.h" + +int32_t __stdcall __ntapi_tty_request_peer( + __in void * hport, + __in int32_t opcode, + __in uint32_t flags, + __in const nt_guid * service, + __in nt_port_attr * peer) +{ + int32_t status; + nt_tty_peer_msg msg; + + __ntapi->tt_aligned_block_memset( + &msg,0,sizeof(msg)); + + msg.header.msg_type = NT_LPC_NEW_MESSAGE; + msg.header.data_size = sizeof(msg.data); + msg.header.msg_size = sizeof(msg); + msg.data.ttyinfo.opcode = NT_TTY_REQUEST_PEER; + + msg.data.peerinfo.opcode= opcode; + msg.data.peerinfo.flags = flags; + + if (service) __ntapi->tt_guid_copy( + &msg.data.peerinfo.service, + service); + + __ntapi->tt_aligned_block_memcpy( + (uintptr_t *)&msg.data.peerinfo.peer, + (uintptr_t *)peer, + sizeof(*peer)); + + if ((status = __ntapi->zw_request_wait_reply_port(hport,&msg,&msg))) + return status; + + return msg.data.ttyinfo.status; +} diff --git a/src/tty/ntapi_tty_vms_query.c b/src/tty/ntapi_tty_vms_query.c new file mode 100644 index 0000000..08e3212 --- /dev/null +++ b/src/tty/ntapi_tty_vms_query.c @@ -0,0 +1,40 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include "ntapi_impl.h" + +int32_t __stdcall __ntapi_tty_vms_query( + __in void * hport, + __in nt_tty_vms_info * vmsinfo) +{ + int32_t status; + nt_tty_vms_msg msg; + + hport = hport ? hport : __ntapi_internals()->hport_tty_session; + + __ntapi->tt_aligned_block_memset( + &msg,0,sizeof(msg)); + + msg.header.msg_type = NT_LPC_NEW_MESSAGE; + msg.header.data_size = sizeof(msg.data); + msg.header.msg_size = sizeof(msg); + msg.data.ttyinfo.opcode = NT_TTY_VMS_QUERY; + + if ((status = __ntapi->zw_request_wait_reply_port(hport,&msg,&msg))) + return status; + else if (msg.data.ttyinfo.status) + return msg.data.ttyinfo.status; + + __ntapi->tt_aligned_block_memcpy( + (uintptr_t *)vmsinfo, + (uintptr_t *)&(msg.data.vmsinfo), + sizeof(*vmsinfo)); + + return NT_STATUS_SUCCESS; +} diff --git a/src/tty/ntapi_tty_vms_request.c b/src/tty/ntapi_tty_vms_request.c new file mode 100644 index 0000000..74dbf5b --- /dev/null +++ b/src/tty/ntapi_tty_vms_request.c @@ -0,0 +1,46 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include "ntapi_impl.h" + +int32_t __stdcall __ntapi_tty_vms_request( + __in void * hport, + __in nt_tty_vms_info * vmsinfo) +{ + int32_t status; + nt_tty_vms_msg msg; + + hport = hport ? hport : __ntapi_internals()->hport_tty_session; + + __ntapi->tt_aligned_block_memset( + &msg,0, + sizeof(nt_port_message) + sizeof(nt_tty_msg_info)); + + msg.header.msg_type = NT_LPC_NEW_MESSAGE; + msg.header.data_size = sizeof(msg.data); + msg.header.msg_size = sizeof(msg); + msg.data.ttyinfo.opcode = NT_TTY_VMS_REQUEST; + + __ntapi->tt_aligned_block_memcpy( + (uintptr_t *)&(msg.data.vmsinfo), + (uintptr_t *)vmsinfo, + sizeof(*vmsinfo)); + + if ((status = __ntapi->zw_request_wait_reply_port(hport,&msg,&msg))) + return status; + else if (msg.data.ttyinfo.status) + return msg.data.ttyinfo.status; + + __ntapi->tt_aligned_block_memcpy( + (uintptr_t *)vmsinfo, + (uintptr_t *)&(msg.data.vmsinfo), + sizeof(*vmsinfo)); + + return NT_STATUS_SUCCESS; +} diff --git a/src/unicode/ntapi_uc_unicode_conversion_from_utf16.c b/src/unicode/ntapi_uc_unicode_conversion_from_utf16.c new file mode 100644 index 0000000..102a24d --- /dev/null +++ b/src/unicode/ntapi_uc_unicode_conversion_from_utf16.c @@ -0,0 +1,287 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include "ntapi_impl.h" + + +static int32_t __fastcall __utf16_to_utf8_handler_1byte_or_null_termination(nt_utf16_callback_args * args) +{ + /*******************************************/ + /* from: 00000000 0xxxxxxx (little endian) */ + /* to: 0xxxxxxx (utf-8) */ + /*******************************************/ + + uint8_t * dst; + + if (args->dst >= args->dst_cap) + return NT_STATUS_BUFFER_TOO_SMALL; + + dst = (uint8_t *)args->dst; + *dst = *(uint8_t *)(args->src); + + /* advance source and destination buffer */ + args->src++; + args->dst = (void *)((uintptr_t)(args->dst) + 1); + + /* bytes_written */ + args->bytes_written++; + + return NT_STATUS_SUCCESS; +} + + +static int32_t __fastcall __utf16_to_utf8_handler_2bytes(nt_utf16_callback_args * args) +{ + /*******************************************/ + /* from: 00000yyy yyxxxxxx (little endian) */ + /* to: 110yyyyy 10xxxxxx (utf-8) */ + /*******************************************/ + + const wchar16_t * src; + uint8_t * dst; + + wchar16_t wx; + wchar16_t wy; + + if ((uintptr_t)(args->dst) + 1 >= (uintptr_t)(args->dst_cap)) + return NT_STATUS_BUFFER_TOO_SMALL; + + src = args->src; + dst = (uint8_t *)args->dst; + + wy = *src; + wy >>= 6; + + wx = *src; + wx <<= 10; + wx >>= 10; + + /* write the y part */ + *dst = (char)(0xC0 | wy); + dst++; + + /* write the x part */ + *dst = (char)(0x80 | wx); + + /* advance source and destination buffer */ + args->src++; + args->dst = (void *)((uintptr_t)(args->dst) + 2); + + /* bytes_written */ + args->bytes_written += 2; + + return NT_STATUS_SUCCESS; +} + + +static int32_t __fastcall __utf16_to_utf8_handler_3bytes(nt_utf16_callback_args * args) +{ + /********************************************/ + /* from: zzzzyyyy yyxxxxxx (little endian) */ + /* to: 1110zzzz 10yyyyyy 10xxxxxx (utf-8) */ + /********************************************/ + + const wchar16_t * src; + uint8_t * dst; + + wchar16_t wx; + wchar16_t wy; + wchar16_t wz; + + if ((uintptr_t)(args->dst) + 2 >= (uintptr_t)(args->dst_cap)) + return NT_STATUS_BUFFER_TOO_SMALL; + + src = args->src; + dst = (uint8_t *)args->dst; + + wz = *src; + wz >>= 12; + + wy = *src; + wy <<= 4; + wy >>= 10; + + wx = *src; + wx <<= 10; + wx >>= 10; + + /* write the z part */ + *dst = (char)(0xE0 | wz); + dst++; + + /* write the y part */ + *dst = (char)(0x80 | wy); + dst++; + + /* write the x part */ + *dst = (char)(0x80 | wx); + + /* advance source and destination buffer */ + args->src++; + args->dst = (void *)((uintptr_t)(args->dst) + 3); + + /* bytes_written */ + args->bytes_written += 3; + + return NT_STATUS_SUCCESS; +} + + +static int32_t __fastcall __utf16_to_utf8_handler_4bytes(nt_utf16_callback_args * args) +{ + /****************************************************************/ + /* from: 110110ww wwzzzzyy 110111yy yyxxxxxx (little endian) */ + /* to: 11110uuu 10uuzzzz 10yyyyyy 10xxxxxx (utf-8) */ + /****************************************************************/ + + const wchar16_t * src; + uint8_t * dst; + + wchar16_t wx; + wchar16_t wz; + + wchar16_t wy_low; + wchar16_t wy_high; + wchar16_t ww; + wchar16_t uuuuu; + wchar16_t u_low; + wchar16_t u_high; + + if ((uintptr_t)(args->dst) + 3 >= (uintptr_t)(args->dst_cap)) + return NT_STATUS_BUFFER_TOO_SMALL; + + src = args->src; + dst = (uint8_t *)args->dst; + + /* low two bytes */ + wx = *src; + wx <<= 10; + wx >>= 10; + + wy_low = *src; + wy_low <<= 6; + wy_low >>= 12; + + /* (surrogate pair) */ + src++; + + /* high two bytes */ + wy_high = *src; + wy_high <<= 14; + wy_high >>= 10; + + wz = *src; + wz <<= 10; + wz >>= 12; + wz <<= 2; + + ww = *src; + ww <<= 6; + ww >>= 12; + + uuuuu = ww + 1; + u_high = uuuuu >> 2; + u_low = ((uuuuu << 14) >> 10); + + /* 1st byte: 11110uuu */ + *dst = (char)(0xF0 | u_high); + dst++; + + /* 2nd byte: 10uuzzzz */ + *dst = (char)(0x80 | u_low | wz); + dst++; + + /* 3rd byte: 10yyyyyy */ + *dst = (char)(0x80 | wy_low | wy_high); + dst++; + + /* 4th byte: 10xxxxxx */ + *dst = (char)(0x80 | wx); + + /* advance source and destination buffer */ + args->src += 2; + args->dst = (void *)((uintptr_t)(args->dst) + 4); + + /* bytes_written */ + args->bytes_written += 4; + + return NT_STATUS_SUCCESS; +} + + +static int32_t __fastcall __update_stream_leftover_info_utf16( + __in_out nt_unicode_conversion_params_utf16_to_utf8 * params) +{ + int32_t status; + ptrdiff_t offset; + wchar16_t * wlead; + + offset = (uintptr_t)params->src + (uintptr_t)params->src_size_in_bytes - (uintptr_t)params->addr_failed; + wlead = (wchar16_t *)params->addr_failed; + + + if ((offset == 2) && (*wlead >= 0xD800) && (*wlead < 0xDC00)) { + /* possibly the lead of a surrogate pair lead */ + params->leftover_count = 2; + params->leftover_bytes = *wlead; + params->leftover_bytes <<= 16; + status = NT_STATUS_SUCCESS; + } else { + params->leftover_count = 0; + params->leftover_bytes = 0; + status = NT_STATUS_ILLEGAL_CHARACTER; + } + + return status; +} + + +int32_t __stdcall __ntapi_uc_convert_unicode_stream_utf16_to_utf8( + __in_out nt_unicode_conversion_params_utf16_to_utf8 * params) +{ + int32_t status; + nt_utf16_callback_args args; + ntapi_uc_utf16_callback_fn * callback_fn[5]; + + callback_fn[0] = (ntapi_uc_utf16_callback_fn *)__utf16_to_utf8_handler_1byte_or_null_termination; + callback_fn[1] = (ntapi_uc_utf16_callback_fn *)__utf16_to_utf8_handler_1byte_or_null_termination; + callback_fn[2] = (ntapi_uc_utf16_callback_fn *)__utf16_to_utf8_handler_2bytes; + callback_fn[3] = (ntapi_uc_utf16_callback_fn *)__utf16_to_utf8_handler_3bytes; + callback_fn[4] = (ntapi_uc_utf16_callback_fn *)__utf16_to_utf8_handler_4bytes; + + args.src = params->src; + args.dst = params->dst; + args.dst_cap = (void *)((uintptr_t)(params->dst) + (params->dst_size_in_bytes)); + args.bytes_written = params->bytes_written; + + status = __ntapi_uc_validate_unicode_stream_utf16( + params->src, + params->src_size_in_bytes, + ¶ms->code_points, + ¶ms->addr_failed, + callback_fn, + &args); + + params->bytes_written = args.bytes_written; + + if (status) + status = __update_stream_leftover_info_utf16(params); + + /* the following bit shift will be optimized out on 32-bit architectures */ + params->leftover_bytes <<= (8 * (sizeof(uintptr_t) - sizeof(uint32_t))); + + return status; +} + + +int32_t __stdcall __ntapi_uc_convert_unicode_stream_utf16_to_utf32( + __in_out nt_unicode_conversion_params_utf16_to_utf32 * params) +{ + return NT_STATUS_SUCCESS; +} diff --git a/src/unicode/ntapi_uc_unicode_conversion_from_utf8.c b/src/unicode/ntapi_uc_unicode_conversion_from_utf8.c new file mode 100644 index 0000000..02976ea --- /dev/null +++ b/src/unicode/ntapi_uc_unicode_conversion_from_utf8.c @@ -0,0 +1,288 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include "ntapi_impl.h" + + +typedef struct ___two_bytes { + unsigned char low; + unsigned char high; +} __two_bytes; + + +typedef struct ___three_bytes { + unsigned char low; + unsigned char middle; + unsigned char high; +} __three_bytes; + + +static int32_t __fastcall __utf8_to_utf16_handler_1byte_or_null_termination(nt_utf8_callback_args * args) +{ + /***************************/ + /* from: 0xxxxxxx */ + /* to: 00000000 0xxxxxxx */ + /***************************/ + + wchar16_t * dst; + + if (args->dst >= args->dst_cap) + return NT_STATUS_BUFFER_TOO_SMALL; + + dst = (wchar16_t *)args->dst; + *dst = *(args->src); + + /* advance source and destination buffer */ + args->src++; + args->dst = (void *)((uintptr_t)(args->dst) + sizeof(wchar16_t)); + + /* bytes_written */ + args->bytes_written += sizeof(wchar16_t); + + return NT_STATUS_SUCCESS; +} + + +static int32_t __fastcall __utf8_to_utf16_handler_2bytes(nt_utf8_callback_args * args) +{ + /***************************/ + /* from: 110yyyyy 10xxxxxx */ + /* to: 00000yyy yyxxxxxx */ + /***************************/ + + __two_bytes * src; /* big endian */ + wchar16_t * dst; + + if (args->dst >= args->dst_cap) + return NT_STATUS_BUFFER_TOO_SMALL; + + src = (__two_bytes *)args->src; + dst = (wchar16_t *)args->dst; + + /* yyyyy */ + *dst = (src->low ^ 0xC0); + *dst <<= 6; + + /* xxxxxx */ + *dst |= (src->high ^ 0x80); + + /* advance source and destination buffer */ + args->src += 2; + args->dst = (void *)((uintptr_t)(args->dst) + sizeof(wchar16_t)); + + /* bytes_written */ + args->bytes_written += sizeof(wchar16_t); + + return NT_STATUS_SUCCESS; +} + + +static int32_t __fastcall __utf8_to_utf16_handler_3bytes(nt_utf8_callback_args * args) +{ + /************************************/ + /* from: 1110zzzz 10yyyyyy 10xxxxxx */ + /* to: zzzzyyyy yyxxxxxx */ + /************************************/ + + __three_bytes * src; /* big endian */ + wchar16_t * dst; + wchar16_t yyyyy; + + if (args->dst >= args->dst_cap) + return NT_STATUS_BUFFER_TOO_SMALL; + + src = (__three_bytes *)args->src; + dst = (wchar16_t *)args->dst; + + /* zzzz */ + *dst = (src->low ^ 0xE0); + *dst <<= 12; + + /* yyyyy */ + yyyyy = (src->middle ^ 0x80); + yyyyy <<= 6; + *dst |= yyyyy; + + /* xxxxxx */ + *dst |= (src->high ^ 0x80); + + /* advance source and destination buffer */ + args->src += 3; + args->dst = (void *)((uintptr_t)(args->dst) + sizeof(wchar16_t)); + + /* bytes_written */ + args->bytes_written += sizeof(wchar16_t); + + return NT_STATUS_SUCCESS; +} + + +static int32_t __fastcall __utf8_to_utf16_handler_4bytes(nt_utf8_callback_args * args) +{ + /*************************************************/ + /* from: 11110uuu 10uuzzzz 10yyyyyy 10xxxxxx */ + /* to: 110110ww wwzzzzyy 110111yy yyxxxxxx */ + /*************************************************/ + + __two_bytes * src_low; /* big endian */ + __two_bytes * src_high; /* big endian */ + wchar16_t * dst_lead; + wchar16_t * dst_trail; + + wchar16_t u; + unsigned char ulow; + unsigned char uhigh; + unsigned char yyyy; + + dst_lead = dst_trail = (wchar16_t *)args->dst; + dst_trail++; + + if ((uintptr_t)dst_trail >= (uintptr_t)args->dst_cap) + return NT_STATUS_BUFFER_TOO_SMALL; + + src_low = src_high = (__two_bytes *)args->src; + src_high++; + + /* u */ + ulow = src_low->low ^ 0xF0; + uhigh = src_low->high ^ 0x80; + + ulow <<= 2; + uhigh >>= 4; + + u = ulow | uhigh; + + /* 110110ww wwzzzzyy */ + *dst_lead = 0xD800; + *dst_lead |= ((u-1) << 6); + *dst_lead |= ((src_low->high ^ 0x80) << 2); + *dst_lead |= ((src_high->low ^ 0x80) >> 4); + + /* 110111yy yyxxxxxx */ + yyyy = (src_high->low << 4); + *dst_trail = yyyy; + *dst_trail <<= 2; + *dst_trail |= (src_high->high ^ 0x80); + *dst_trail |= 0xDC00; + + /* advance source and destination buffer */ + args->src += 4; + args->dst = (void *)((uintptr_t)(args->dst) + (2 * sizeof(wchar16_t))); + + /* bytes_written */ + args->bytes_written += 2 * sizeof(wchar16_t); + + return NT_STATUS_SUCCESS; +} + + +static int32_t __fastcall __update_stream_leftover_info_utf8( + __in_out nt_unicode_conversion_params_utf8_to_utf16 * params) +{ + int32_t status; + ptrdiff_t offset; + unsigned char * utf8; + + offset = (uintptr_t)params->src + (uintptr_t)params->src_size_in_bytes - (uintptr_t)params->addr_failed; + utf8 = (unsigned char *)params->addr_failed; + + /* default status */ + status = NT_STATUS_ILLEGAL_CHARACTER; + + if (offset == 1) { + if ((utf8[0] >= 0xC2) && (utf8[0] <= 0xF4)) { + /* one leftover byte */ + params->leftover_count = 1; + params->leftover_bytes = utf8[0]; + params->leftover_bytes <<= 24; + status = NT_STATUS_SUCCESS; + } + } else if (offset == 2) { + if /* ------- */ (((utf8[0] == 0xE0) && (utf8[1] >= 0xA0) && (utf8[1] <= 0xBF)) + || ((utf8[0] >= 0xE1) && (utf8[0] <= 0xEC) && (utf8[1] >= 0x80) && (utf8[1] <= 0xBF)) + || ((utf8[0] == 0xED) && (utf8[1] >= 0x80) && (utf8[1] <= 0x9F)) + || ((utf8[0] >= 0xEE) && (utf8[0] <= 0xEF) && (utf8[1] >= 0x80) && (utf8[1] <= 0xBF)) + || ((utf8[0] == 0xF0) && (utf8[1] >= 0x90) && (utf8[1] <= 0xBF)) + || ((utf8[0] >= 0xF1) && (utf8[0] <= 0xF3) && (utf8[1] >= 0x80) && (utf8[1] <= 0xBF)) + || ((utf8[0] == 0xF4) && (utf8[1] >= 0x80) && (utf8[1] <= 0x8F))) { + /* two leftover bytes */ + params->leftover_count = 2; + params->leftover_bytes = utf8[0]; + params->leftover_bytes <<= 8; + params->leftover_bytes += utf8[1]; + params->leftover_bytes <<= 16; + status = NT_STATUS_SUCCESS; + } + } else if (offset == 3) { + if /* ------- */ (((utf8[0] == 0xF0) && (utf8[1] >= 0x90) && (utf8[1] <= 0xBF)) + || ((utf8[0] >= 0xF1) && (utf8[0] <= 0xF3) && (utf8[1] >= 0x80) && (utf8[1] <= 0xBF)) + || ((utf8[0] == 0xF4) && (utf8[1] >= 0x80) && (utf8[1] <= 0x8F))) { + /* three leftover bytes */ + params->leftover_count = 3; + params->leftover_bytes = utf8[0]; + params->leftover_bytes <<= 8; + params->leftover_bytes += utf8[1]; + params->leftover_bytes <<= 8; + params->leftover_bytes += utf8[2]; + params->leftover_bytes <<= 8; + status = NT_STATUS_SUCCESS; + } + } + + if (status != NT_STATUS_SUCCESS) { + params->leftover_count = 0; + params->leftover_bytes = 0; + } + + return status; +} + +int32_t __stdcall __ntapi_uc_convert_unicode_stream_utf8_to_utf16( + __in_out nt_unicode_conversion_params_utf8_to_utf16 * params) +{ + int32_t status; + nt_utf8_callback_args args; + ntapi_uc_utf8_callback_fn * callback_fn[5]; + + callback_fn[0] = (ntapi_uc_utf8_callback_fn *)__utf8_to_utf16_handler_1byte_or_null_termination; + callback_fn[1] = (ntapi_uc_utf8_callback_fn *)__utf8_to_utf16_handler_1byte_or_null_termination; + callback_fn[2] = (ntapi_uc_utf8_callback_fn *)__utf8_to_utf16_handler_2bytes; + callback_fn[3] = (ntapi_uc_utf8_callback_fn *)__utf8_to_utf16_handler_3bytes; + callback_fn[4] = (ntapi_uc_utf8_callback_fn *)__utf8_to_utf16_handler_4bytes; + + args.src = params->src; + args.dst = params->dst; + args.dst_cap = (void *)((uintptr_t)(params->dst) + (params->dst_size_in_bytes)); + args.bytes_written = params->bytes_written; + + status = __ntapi_uc_validate_unicode_stream_utf8( + params->src, + params->src_size_in_bytes, + ¶ms->code_points, + ¶ms->addr_failed, + callback_fn, + &args); + + params->bytes_written = args.bytes_written; + + if (status != NT_STATUS_SUCCESS) + status = __update_stream_leftover_info_utf8(params); + + /* (optimized out on 32-bit architectures) */ + params->leftover_bytes <<= (8 * (sizeof(uintptr_t) - sizeof(uint32_t))); + + return status; +} + + +int32_t __stdcall __ntapi_uc_convert_unicode_stream_utf8_to_utf32( + __in_out nt_unicode_conversion_params_utf8_to_utf32 * params) +{ + return NT_STATUS_SUCCESS; +} diff --git a/src/unicode/ntapi_uc_unicode_validation.c b/src/unicode/ntapi_uc_unicode_validation.c new file mode 100644 index 0000000..4c6fcac --- /dev/null +++ b/src/unicode/ntapi_uc_unicode_validation.c @@ -0,0 +1,329 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include + +/** + * unofficial bit distribution table for comprehension purposes only + * + * scalar nickname utf-16 utf-8[0] utf-8[1] utf-8[2] utf-8[3] + * ------ -------- -------- -------- -------- -------- -------- + * 00000000 7x 00000000 0xxxxxxx + * 0xxxxxxx 0xxxxxxx + * + * 00000yyy 5y6x 00000yyy 110yyyyy 10xxxxxx + * yyxxxxxx yyxxxxxx + * + * zzzzyyyy 4z6y6x zzzzyyyy 1110zzzz 10yyyyyy 10xxxxxx + * yyxxxxxx yyxxxxxx + * + * 000uuuuu 5u4z6y6x 110110ww 11110uuu 10uuzzzz 10yyyyyy 10xxxxxx + * zzzzyyyy wwzzzzyy + * yyxxxxxx 110111yy + * yyxxxxxx (where wwww = uuuuu - 1) + * + * + * validation of utf-8 + * + * from to utf-8[0] utf-8[1] utf-8[2] utf-8[3] + * ------ ------ -------- -------- -------- -------- + * 0x0000 0x007F 00..7F + * 0x0080 0x07FF C2..DF 80..BF + * 0x0800 0x0FFF E0 A0..BF 80..BF + * 0x1000 0xCFFF E1..EC 80..BF 80..BF + * 0xD000 0xD7FF ED 80..9F 80..BF + * 0xE000 0xFFFF EE..EF 80..BF 80..BF + * 0x10000 0x3FFFF F0 90..BF 80..BF 80..BF + * 0x40000 0xFFFFF F1..F3 80..BF 80..BF 80..BF + * 0x100000 0x10FFFF F4 80..8F 80..BF 80..BF + * +**/ + + +#define __AVAILABLE_CODE_POINTS 0x110000 + +int __stdcall __ntapi_uc_get_code_point_byte_count_utf8(uint32_t code_point) +{ + /* try clearing 7x bits */ + if ((code_point >> 7) == 0) + return 1; + + /* try clearing 5y + 6x bits */ + else if ((code_point >> 11) == 0) + return 2; + + /* try clearing 4z +6y + 6x bits */ + else if ((code_point >> 16) == 0) + return 3; + + /* try clearing 5u + 4z + 6y + 6x bits */ + else if ((code_point >> 21) == 0) + return 4; + + /* __AVAILABLE_CODE_POINTS exceeded */ + else + return 0; +} + + +int __stdcall __ntapi_uc_get_code_point_byte_count_utf16(uint32_t code_point) +{ + /* try clearing 4z +6y + 6x bits */ + if ((code_point >> 16) == 0) + return 2; + + /* try clearing 5u + 4z + 6y + 6x bits */ + else if ((code_point >> 21) == 0) + return 4; + + /* __AVAILABLE_CODE_POINTS exceeded */ + else + return 0; +} + + +/** + * following is a straight-forward implementation + * of unicode conversion and validation (see also: + * Table 3-7 of the Unicode Standard, version 6.2). + * + * the use of callbacks allows the validation + * functions to be the basis of our utf-8 conversion + * functions on the one hand, and the posix path arg + * normalization routine on the other. +**/ + +static int32_t __fastcall __default_callback_fn_utf8(nt_utf8_callback_args * args) +{ + args->src += args->byte_count; + return NT_STATUS_SUCCESS; +} + +int32_t __stdcall __ntapi_uc_validate_unicode_stream_utf8( + __in const unsigned char * ch, + __in size_t size_in_bytes __optional, + __out size_t * code_points __optional, + __out void ** addr_failed __optional, + __in ntapi_uc_utf8_callback_fn ** callback_fn __optional, + __in nt_utf8_callback_args * callback_args __optional) +{ + const unsigned char * utf8; + unsigned char * ch_boundary; + unsigned char byte_count; + size_t _code_points; + + ntapi_uc_utf8_callback_fn * _callback_fn[5]; + nt_utf8_callback_args _callback_args; + + if (!callback_fn) { + _callback_fn[0] = __default_callback_fn_utf8; + _callback_fn[1] = __default_callback_fn_utf8; + _callback_fn[2] = __default_callback_fn_utf8; + _callback_fn[3] = __default_callback_fn_utf8; + _callback_fn[4] = __default_callback_fn_utf8; + callback_fn = (ntapi_uc_utf8_callback_fn **)&_callback_fn; + } + + if (!callback_args) { + callback_args = &_callback_args; + callback_args->src = (unsigned char *)0; + } + + if (callback_args->src) + ch = callback_args->src; + else + callback_args->src = ch; + + if (size_in_bytes) + ch_boundary = (unsigned char *)((uintptr_t)ch + size_in_bytes); + else + ch_boundary = (unsigned char *)(~0); + + if (!code_points) + code_points = &_code_points; + + while ((ch < ch_boundary) && (*ch)) { + utf8 = ch; + byte_count = 0; + + /* try one byte */ + if (utf8[0] <= 0x7F) + byte_count = 1; + + /* try two bytes */ + else if ((++ch < ch_boundary) + && (utf8[0] >= 0xC2) && (utf8[0] <= 0xDF) + && (utf8[1] >= 0x80) && (utf8[1] <= 0xBF)) + byte_count = 2; + + /* try three bytes */ + else if ((++ch < ch_boundary) + && (utf8[0] == 0xE0) + && (utf8[1] >= 0xA0) && (utf8[1] <= 0xBF) + && (utf8[2] >= 0x80) && (utf8[2] <= 0xBF)) + byte_count = 3; + + else if ( + (utf8[0] >= 0xE1) && (utf8[0] <= 0xEC) + && (utf8[1] >= 0x80) && (utf8[1] <= 0xBF) + && (utf8[2] >= 0x80) && (utf8[2] <= 0xBF)) + byte_count = 3; + + else if ( + (utf8[0] == 0xED) + && (utf8[1] >= 0x80) && (utf8[1] <= 0x9F) + && (utf8[2] >= 0x80) && (utf8[2] <= 0xBF)) + byte_count = 3; + + else if ( + (utf8[0] >= 0xEE) && (utf8[0] <= 0xEF) + && (utf8[1] >= 0x80) && (utf8[1] <= 0xBF) + && (utf8[2] >= 0x80) && (utf8[2] <= 0xBF)) + byte_count = 3; + + /* try four bytes */ + else if ((++ch < ch_boundary) + && (utf8[0] == 0xF0) + && (utf8[1] >= 0x90) && (utf8[1] <= 0xBF) + && (utf8[2] >= 0x80) && (utf8[2] <= 0xBF) + && (utf8[3] >= 0x80) && (utf8[3] <= 0xBF)) + byte_count = 4; + + else if ( + (utf8[0] >= 0xF1) && (utf8[0] <= 0xF3) + && (utf8[1] >= 0x80) && (utf8[1] <= 0xBF) + && (utf8[2] >= 0x80) && (utf8[2] <= 0xBF) + && (utf8[3] >= 0x80) && (utf8[3] <= 0xBF)) + byte_count = 4; + + else if ( + (utf8[0] == 0xF4) + && (utf8[1] >= 0x80) && (utf8[1] <= 0x8F) + && (utf8[2] >= 0x80) && (utf8[2] <= 0xBF) + && (utf8[3] >= 0x80) && (utf8[3] <= 0xBF)) + byte_count = 4; + + if (byte_count) { + (*code_points)++; + callback_args->byte_count = byte_count; + callback_fn[byte_count](callback_args); + } else { + if (addr_failed) + *addr_failed = (void *)utf8; + return NT_STATUS_ILLEGAL_CHARACTER; + } + + /* advance, transcode if needed */ + ch = callback_args->src; + } + + if ((ch < ch_boundary) && (*ch == 0)) + callback_fn[0](callback_args); + + return NT_STATUS_SUCCESS; +} + + +static int32_t __fastcall __default_callback_fn_utf16(nt_utf16_callback_args * args) +{ + if (args->byte_count == 4) + args->src += 2; + else + args->src++; + + return NT_STATUS_SUCCESS; +} + + +int32_t __stdcall __ntapi_uc_validate_unicode_stream_utf16( + __in const wchar16_t * wch, + __in size_t size_in_bytes __optional, + __out size_t * code_points __optional, + __out void ** addr_failed __optional, + __in ntapi_uc_utf16_callback_fn ** callback_fn __optional, + __in nt_utf16_callback_args * callback_args __optional) +{ + const wchar16_t * wch_trail; + wchar16_t * wch_boundary; + unsigned char byte_count; + size_t _code_points; + + ntapi_uc_utf16_callback_fn * _callback_fn[5]; + nt_utf16_callback_args _callback_args; + + if (!callback_fn) { + _callback_fn[0] = __default_callback_fn_utf16; + _callback_fn[1] = __default_callback_fn_utf16; + _callback_fn[2] = __default_callback_fn_utf16; + _callback_fn[3] = __default_callback_fn_utf16; + _callback_fn[4] = __default_callback_fn_utf16; + callback_fn = (ntapi_uc_utf16_callback_fn **)&_callback_fn; + } + + if (!callback_args) { + callback_args = &_callback_args; + callback_args->src = (wchar16_t *)0; + } + + if (callback_args->src) + wch = callback_args->src; + else + callback_args->src = wch; + + if (size_in_bytes) + wch_boundary = (wchar16_t *)((uintptr_t)wch + size_in_bytes); + else + wch_boundary = (wchar16_t *)(~0); + + if (!code_points) + code_points = &_code_points; + + while ((wch < wch_boundary) && (*wch)) { + byte_count = 0; + + /* try one byte */ + if (*wch <= 0x7F) + byte_count = 1; + + /* try two bytes */ + else if (*wch <= 0x7FF) + byte_count = 2; + + /* try three bytes */ + else if ((*wch < 0xD800) || (*wch >= 0xE000)) + byte_count = 3; + + /* try four bytes */ + else if ((*wch >= 0xD800) && (*wch < 0xDC00)) { + wch_trail = wch + 1; + + if ((wch_trail < wch_boundary) + && (*wch_trail >= 0xDC00) + && (*wch_trail < 0xE000)) + byte_count = 4; + } + + if (byte_count) { + (*code_points)++; + callback_args->byte_count = byte_count; + callback_fn[byte_count](callback_args); + } else { + if (addr_failed) + *addr_failed = (void *)wch; + return NT_STATUS_ILLEGAL_CHARACTER; + } + + /* advance, transcode as needed */ + wch = callback_args->src; + } + + if ((wch < wch_boundary) && (*wch == 0)) + callback_fn[0](callback_args); + + return NT_STATUS_SUCCESS; +} diff --git a/src/vfd/ntapi_vfd_helper.c b/src/vfd/ntapi_vfd_helper.c new file mode 100644 index 0000000..054a388 --- /dev/null +++ b/src/vfd/ntapi_vfd_helper.c @@ -0,0 +1,34 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include "ntapi_impl.h" + +void __stdcall __ntapi_vfd_dev_name_init( + __out nt_vfd_dev_name * devname, + __in const nt_guid * guid) +{ + uint32_t * prefix = (uint32_t *)devname->prefix; + + /* compiler-independent */ + prefix[0] = 0x44005C; + prefix[1] = 0x760065; + prefix[2] = 0x630069; + prefix[3] = 0x5C0065; + + __ntapi->tt_guid_to_utf16_string( + guid, + &devname->guid); + + devname->name.strlen = sizeof(devname->prefix) + sizeof(devname->guid); + devname->name.maxlen = 0; + devname->name.buffer = (uint16_t *)&devname->prefix; + + return; +} diff --git a/src/vmount/ntapi_vms_cache.c b/src/vmount/ntapi_vms_cache.c new file mode 100644 index 0000000..97fe32f --- /dev/null +++ b/src/vmount/ntapi_vms_cache.c @@ -0,0 +1,209 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include "ntapi_impl.h" + + +typedef struct nt_vms_cache_interface { + nt_vms_system * vms_sys; + struct dalist_ex cache; + size_t alloc_size; + uintptr_t buffer[1]; +} nt_vms_cache_context; + + +typedef struct _nt_vms_cache_record { + void * hfile; + uint32_t dev_name_hash; + nt_large_integer index_number; + intptr_t client_key; + intptr_t server_key; +} nt_vms_cache_record; + + +int32_t __stdcall __ntapi_vms_cache_free( + __in nt_vms_cache vms_cache) +{ + int32_t status; + void * region_addr; + size_t region_size; + + /* validation */ + if (!vms_cache) + return NT_STATUS_INVALID_PARAMETER; + + /* free memory */ + region_addr = vms_cache; + region_size = vms_cache->alloc_size; + + status = __ntapi->zw_free_virtual_memory( + NT_CURRENT_PROCESS_HANDLE, + ®ion_addr, + ®ion_size, + NT_MEM_RELEASE); + + return status; +} + +/* vms optional cache functions */ +nt_vms_cache __stdcall __ntapi_vms_cache_alloc( + __in nt_vms_system * vms_sys, + __in uint32_t flags __reserved, + __in void * options __reserved, + __out int32_t * status __optional) +{ + int32_t _status; + void * buffer; + size_t buffer_size; + nt_vms_cache_context * vms_cache; + + /* status */ + if (!status) status = &_status; + + /* validation */ + if (!vms_sys) { + *status = NT_STATUS_INVALID_PARAMETER; + return (nt_vms_cache)0; + } + + /* calculate size */ + buffer_size = sizeof(nt_vms_cache_context); + buffer_size += vms_sys->vms_points_cap * (sizeof(nt_vms_cache_record) - sizeof(uintptr_t)); + + /* allocate buffer */ + *status = __ntapi->zw_allocate_virtual_memory( + NT_CURRENT_PROCESS_HANDLE, + &buffer, + 0, + &buffer_size, + NT_MEM_COMMIT, + NT_PAGE_READWRITE); + + if (*status) return (nt_vms_cache)0; + + /* init vms cache */ + vms_cache = (nt_vms_cache_context *)buffer; + vms_cache->vms_sys = vms_sys; + vms_cache->alloc_size = buffer_size; + + /* init list */ + *status = dalist_init_ex( + &vms_cache->cache, + sizeof(nt_vms_cache_record), + 0x1000, + __ntapi->zw_allocate_virtual_memory, + DALIST_MEMFN_NT_ALLOCATE_VIRTUAL_MEMORY); + + if (*status != DALIST_OK) { + *status = NT_STATUS_UNSUCCESSFUL; + __ntapi_vms_cache_free(vms_cache); + return (nt_vms_cache)0; + } + + /* set list buffer */ + buffer_size -= (size_t)&(((nt_vms_cache_context *)0)->buffer); + + *status = dalist_deposit_memory_block( + &vms_cache->cache, + &vms_cache->buffer, + buffer_size); + + return vms_cache; +} + + +int32_t __stdcall __ntapi_vms_cache_record_append( + __in nt_vms_cache cache, + __in void * hfile, + __in uint32_t dev_name_hash, + __in nt_large_integer index_number, + __in intptr_t client_key, + __in intptr_t server_key) +{ + int32_t status; + struct dalist_node_ex * node; + nt_vms_cache_record * cache_record; + + status = dalist_get_node_by_key( + &cache->cache, + &node, + (uintptr_t)hfile, + DALIST_NODE_TYPE_EXISTING, + (uintptr_t *)0); + + if (status != DALIST_OK) + status = NT_STATUS_INTERNAL_ERROR; + else if (node) + status = NT_STATUS_OBJECTID_EXISTS; + else { + status = dalist_get_free_node(&cache->cache,(void **)&node); + + if (status == DALIST_OK) { + cache_record = (nt_vms_cache_record *)&node->dblock; + + __ntapi->tt_aligned_block_memset( + node, + 0, + (uintptr_t)&((struct dalist_node_ex *)0)->dblock + sizeof(*cache_record)); + + node->key = (uintptr_t)hfile; + + cache_record->hfile = hfile; + cache_record->dev_name_hash = dev_name_hash; + cache_record->index_number.quad = index_number.quad; + cache_record->client_key = client_key; + cache_record->server_key = server_key; + + status = dalist_insert_node_by_key( + &cache->cache, + node); + + if (status != DALIST_OK) + dalist_deposit_free_node( + &cache->cache, + node); + } + } + + return status; +} + + +int32_t __stdcall __ntapi_vms_cache_record_remove( + __in nt_vms_cache cache, + __in void * hfile, + __in uint32_t dev_name_hash, + __in nt_large_integer index_number) +{ + int32_t status; + struct dalist_node_ex * node; + + status = dalist_get_node_by_key( + &cache->cache, + &node, + (uintptr_t)hfile, + DALIST_NODE_TYPE_EXISTING, + (uintptr_t *)0); + + if (status != DALIST_OK) + status = NT_STATUS_INTERNAL_ERROR; + else if (node) + status = NT_STATUS_INVALID_PARAMETER; + else { + status = dalist_discard_node( + &cache->cache, + node); + + if (status != DALIST_OK) + status = NT_STATUS_INTERNAL_ERROR; + } + + return status; +} diff --git a/src/vmount/ntapi_vms_client_connect.c b/src/vmount/ntapi_vms_client_connect.c new file mode 100644 index 0000000..364d4d1 --- /dev/null +++ b/src/vmount/ntapi_vms_client_connect.c @@ -0,0 +1,86 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include +#include "ntapi_impl.h" + + +static void __vms_port_name_from_server_info( + __out nt_port_name * vms_port_name, + __in nt_tty_vms_info * vmsinfo) +{ + nt_port_attr port_attr; + + port_attr.type = NT_PORT_TYPE_VMOUNT; + port_attr.subtype = NT_PORT_SUBTYPE_DEFAULT; + + __ntapi->tt_aligned_block_memcpy( + (uintptr_t *)&port_attr.keys, + (uintptr_t *)&vmsinfo->vms_keys, + sizeof(nt_port_keys)); + + __ntapi->tt_port_guid_from_type( + &port_attr.guid, + port_attr.type, + port_attr.subtype); + + __ntapi->tt_port_name_from_attributes( + vms_port_name, + &port_attr); +} + + +int32_t __stdcall __ntapi_vms_client_connect( + __out void ** hvms, + __in nt_tty_vms_info * vmsinfo) +{ + int32_t status; + nt_port_name vms_port_name; + + nt_unicode_string name; + nt_sqos sqos; + nt_oa oa; + + /* vmount daemon port name */ + __vms_port_name_from_server_info( + &vms_port_name, + vmsinfo); + + /* port name init */ + name.buffer = (wchar16_t *)&vms_port_name; + name.maxlen = 0; + name.strlen = (uint16_t)(size_t)(&((nt_port_name *)0)->null_termination); + + /* init security structure */ + sqos.length = sizeof(sqos); + sqos.impersonation_level = NT_SECURITY_IMPERSONATION; + sqos.context_tracking_mode = NT_SECURITY_TRACKING_DYNAMIC; + sqos.effective_only = 1; + + /* init the port's object attributes */ + oa.len = sizeof(oa); + oa.root_dir = (void *)0; + oa.obj_name = &name; + oa.obj_attr = 0; + oa.sec_desc = (nt_security_descriptor *)0; + oa.sec_qos = &sqos; + + status = __ntapi->zw_connect_port( + hvms, + &name, + &sqos, + (nt_port_section_write *)0, + (nt_port_section_read *)0, + (uint32_t *)0, + (void *)0, + (uint32_t *)0); + + return status; +} diff --git a/src/vmount/ntapi_vms_client_disconnect.c b/src/vmount/ntapi_vms_client_disconnect.c new file mode 100644 index 0000000..b7d528c --- /dev/null +++ b/src/vmount/ntapi_vms_client_disconnect.c @@ -0,0 +1,37 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include "ntapi_impl.h" + + +int32_t __stdcall __ntapi_vms_client_disconnect( + __in void * hvms) +{ + nt_vms_daemon_msg msg; + + if (!hvms) return NT_STATUS_INVALID_HANDLE; + + /* msg */ + __ntapi->tt_aligned_block_memset(&msg,0,sizeof(msg)); + + msg.header.msg_type = NT_LPC_NEW_MESSAGE; + msg.header.data_size = sizeof(msg.data); + msg.header.msg_size = sizeof(msg); + msg.data.msginfo.opcode = NT_VMS_CLIENT_DISCONNECT; + + /* zw_request_wait_reply_port */ + __ntapi->zw_request_wait_reply_port( + hvms, + &msg, + &msg); + + /* close client handle */ + return __ntapi->zw_close(hvms); +} diff --git a/src/vmount/ntapi_vms_helper.c b/src/vmount/ntapi_vms_helper.c new file mode 100644 index 0000000..4134112 --- /dev/null +++ b/src/vmount/ntapi_vms_helper.c @@ -0,0 +1,118 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include "ntapi_impl.h" + + +nt_vms_node * __stdcall __ntapi_vms_get_end_component_first_node( + __in nt_vms_system * pvms_sys, + __in uint32_t end_component_hash) +{ + nt_vms_node * node; + + /* verify non-empty list and valid input */ + if (!pvms_sys->dev_name_head_node || !end_component_hash) + return (nt_vms_node *)0; + + /* find first node by end component hash */ + node = (nt_vms_node *)((uintptr_t)pvms_sys + pvms_sys->end_component_head_node); + + while (node->next && (node->end_component_hash < end_component_hash)) + node = (nt_vms_node *)((uintptr_t)pvms_sys + node->next); + + if (node->end_component_hash == end_component_hash) + return node; + else + return (nt_vms_node *)0; +} + + +static nt_vms_node * __stdcall __ntapi_vms_get_node( + __in nt_vms_system * pvms_sys, + __in uint32_t end_component_hash, + __in uint32_t dev_name_hash, + __in nt_large_integer index_number) +{ + nt_vms_node * node; + + /* verify non-empty list */ + if (!pvms_sys->dev_name_head_node) + return (nt_vms_node *)0; + + /* end_component_hash */ + if (end_component_hash) { + node = (nt_vms_node *)((uintptr_t)pvms_sys + pvms_sys->end_component_head_node); + + while (node->next && (node->end_component_hash < end_component_hash)) + node = (nt_vms_node *)((uintptr_t)pvms_sys + node->next); + + if (node->end_component_hash != end_component_hash) + return (nt_vms_node *)0; + } else + node = (nt_vms_node *)((uintptr_t)pvms_sys + pvms_sys->dev_name_head_node); + + /* find device nodes */ + while (node->next && (node->dev_name_hash < dev_name_hash)) + node = (nt_vms_node *)((uintptr_t)pvms_sys + node->next); + + if (node->dev_name_hash != dev_name_hash) + return (nt_vms_node *)0; + + /* find mount-point nodes */ + while (node->next && (node->index_number.quad < index_number.quad)) + node = (nt_vms_node *)((uintptr_t)pvms_sys + node->next); + + if (node->index_number.quad != index_number.quad) + return (nt_vms_node *)0; + + return node; +} + + +nt_vms_node * __stdcall __ntapi_vms_get_node_by_dev_name( + __in nt_vms_system * pvms_sys, + __in uint32_t dev_name_hash, + __in nt_large_integer index_number) +{ + return __ntapi_vms_get_node( + pvms_sys, + 0, + dev_name_hash, + index_number); +} + + +nt_vms_node * __stdcall __ntapi_vms_get_node_by_end_component( + __in nt_vms_system * pvms_sys, + __in uint32_t end_component_hash, + __in uint32_t dev_name_hash, + __in nt_large_integer index_number) +{ + return __ntapi_vms_get_node( + pvms_sys, + end_component_hash, + dev_name_hash, + index_number); +} + + +nt_vms_point * __stdcall __ntapi_vms_get_top_of_stack_mount_point( + __in nt_vms_system * pvms_sys, + __in nt_vms_node * node) +{ + nt_vms_point * point; + + point = (nt_vms_point *)((uintptr_t)pvms_sys + node->stack); + + while (point->next) + point = (nt_vms_point *)((uintptr_t)pvms_sys + point->next); + + return point; +} diff --git a/src/vmount/ntapi_vms_point_attach.c b/src/vmount/ntapi_vms_point_attach.c new file mode 100644 index 0000000..a4c5c7e --- /dev/null +++ b/src/vmount/ntapi_vms_point_attach.c @@ -0,0 +1,52 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include "ntapi_impl.h" + + +static int32_t __stdcall __ntapi_vms_point_attach_detach( + __in void * hvms, + __in nt_vms_point_info * point_info, + __in int32_t vms_opcode) +{ + int32_t status; + nt_vms_daemon_msg msg; + + /* msg */ + __ntapi->tt_aligned_block_memset(&msg,0,sizeof(msg)); + + msg.header.msg_type = NT_LPC_NEW_MESSAGE; + msg.header.data_size = sizeof(msg.data); + msg.header.msg_size = sizeof(msg); + msg.data.msginfo.opcode = vms_opcode; + + /* copy point to msg */ + __ntapi->tt_aligned_block_memcpy( + (uintptr_t *)&(msg.data.pointinfo), + (uintptr_t *)point_info, + sizeof(*point_info)); + + /* zw_request_wait_reply_port */ + status = __ntapi->zw_request_wait_reply_port(hvms,&msg,&msg); + + /* return vms status */ + return status ? status : msg.data.msginfo.status; +} + + +int32_t __stdcall __ntapi_vms_point_attach( + __in void * hvms, + __in nt_vms_point_info * point_info) +{ + return __ntapi_vms_point_attach_detach( + hvms, + point_info, + NT_VMS_POINT_ATTACH); +} diff --git a/src/vmount/ntapi_vms_ref_count.c b/src/vmount/ntapi_vms_ref_count.c new file mode 100644 index 0000000..3be149f --- /dev/null +++ b/src/vmount/ntapi_vms_ref_count.c @@ -0,0 +1,96 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include "ntapi_impl.h" + + +static int32_t __stdcall __ntapi_vms_ref_count_inc_dec( + __in void * hvms, + __in nt_vms_ref_count_info * ref_cnt_info, + __in int32_t vms_opcode) +{ + int32_t status; + nt_vms_daemon_msg msg; + + /* msg */ + __ntapi->tt_aligned_block_memset(&msg,0,sizeof(msg)); + + msg.header.msg_type = NT_LPC_NEW_MESSAGE; + msg.header.data_size = sizeof(msg.data); + msg.header.msg_size = sizeof(msg); + msg.data.msginfo.opcode = vms_opcode; + + /* copy ref count info to msg */ + __ntapi->tt_aligned_block_memcpy( + (uintptr_t *)&(msg.data.refcntinfo), + (uintptr_t *)ref_cnt_info, + sizeof(*ref_cnt_info)); + + /* zw_request_wait_reply_port */ + status = __ntapi->zw_request_wait_reply_port( + hvms, + &msg, + &msg); + + if (status) return status; + + /* return info */ + __ntapi->tt_aligned_block_memcpy( + (uintptr_t *)ref_cnt_info, + (uintptr_t *)&(msg.data.refcntinfo), + sizeof(*ref_cnt_info)); + + /* return vms status */ + return status ? status : msg.data.msginfo.status; +} + + +int32_t __stdcall __ntapi_vms_ref_count_inc( + __in void * hvms, + __in nt_vms_ref_count_info * ref_cnt_info) +{ + return __ntapi_vms_ref_count_inc_dec( + hvms, + ref_cnt_info, + NT_VMS_REF_COUNT_INC); +} + + +int32_t __stdcall __ntapi_vms_ref_count_dec( + __in void * hvms, + __in nt_vms_ref_count_info * ref_cnt_info) +{ + return __ntapi_vms_ref_count_inc_dec( + hvms, + ref_cnt_info, + NT_VMS_REF_COUNT_DEC); +} + + +int32_t __stdcall __ntapi_vms_point_detach( + __in void * hvms, + __in nt_vms_ref_count_info * ref_cnt_info) +{ + return __ntapi_vms_ref_count_inc_dec( + hvms, + ref_cnt_info, + NT_VMS_POINT_DETACH); +} + + +int32_t __stdcall __ntapi_vms_point_get_handles( + __in void * hvms, + __in nt_vms_ref_count_info * ref_cnt_info) +{ + return __ntapi_vms_ref_count_inc_dec( + hvms, + ref_cnt_info, + NT_VMS_POINT_GET_HANDLES); +} diff --git a/src/vmount/ntapi_vms_table_query.c b/src/vmount/ntapi_vms_table_query.c new file mode 100644 index 0000000..847a58f --- /dev/null +++ b/src/vmount/ntapi_vms_table_query.c @@ -0,0 +1,45 @@ +/********************************************************/ +/* ntapi: Native API core library */ +/* Copyright (C) 2013,2014,2015 Z. Gilboa */ +/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */ +/********************************************************/ + +#include +#include +#include +#include +#include "ntapi_impl.h" + + +int32_t __stdcall __ntapi_vms_table_query( + __in void * hvms, + __in nt_vms_daemon_info * vms_info) +{ + int32_t status; + nt_vms_daemon_msg msg; + + /* msg */ + __ntapi->tt_aligned_block_memset(&msg,0,sizeof(msg)); + + msg.header.msg_type = NT_LPC_NEW_MESSAGE; + msg.header.data_size = sizeof(msg.data); + msg.header.msg_size = sizeof(msg); + msg.data.msginfo.opcode = NT_VMS_TABLE_QUERY; + + /* zw_request_wait_reply_port */ + status = __ntapi->zw_request_wait_reply_port( + hvms, + &msg, + &msg); + + if (status) return status; + + /* return info */ + __ntapi->tt_aligned_block_memcpy( + (uintptr_t *)vms_info, + (uintptr_t *)&(msg.data.vmsinfo), + sizeof(*vms_info)); + + /* return vms status */ + return status ? status : msg.data.msginfo.status; +} -- cgit v1.2.3