summaryrefslogtreecommitdiffhomepage
path: root/src/internal/pe_os.h
blob: 449433e62aeaaac41f02ddac59813fa4adbdea5d (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
#ifndef PE_OS_H
#define PE_OS_H

#include <psxtypes/psxtypes.h>
#include <pemagine/pe_structs.h>

#define OS_STATUS_SUCCESS			(int32_t)0x00000000
#define OS_STATUS_INVALID_PARAMETER		(int32_t)0xC000000D
#define OS_STATUS_ILLEGAL_CHARACTER		(int32_t)0xC0000161
#define OS_STATUS_NO_MATCH			(int32_t)0xC0000272
#define OS_STATUS_INVALID_ADDRESS		(int32_t)0xC0000141
#define OS_STATUS_CONTEXT_MISMATCH		(int32_t)0xC0000719
#define OS_STATUS_COULD_NOT_INTERPRET		(int32_t)0xC00000B9
#define OS_STATUS_NOT_SUPPORTED			(int32_t)0xC00000BB
#define OS_STATUS_NAME_TOO_LONG			(int32_t)0xC0000106
#define OS_STATUS_INTERNAL_ERROR		(int32_t)0xC00000E5
#define OS_STATUS_BAD_FILE_TYPE			(int32_t)0xC0000903
#define OS_STATUS_OBJECT_NAME_NOT_FOUND 	(int32_t)0xC0000034
#define OS_STATUS_OBJECT_PATH_NOT_FOUND		(int32_t)0xC000003A
#define OS_STATUS_MORE_PROCESSING_REQUIRED	(int32_t)0xC0000016

#define OS_OBJ_INHERIT	 			0x00000002
#define OS_OBJ_CASE_INSENSITIVE			0x00000040

#define OS_SEC_SYNCHRONIZE			0x00100000
#define	OS_FILE_READ_ACCESS			0x00000001
#define	OS_FILE_READ_ATTRIBUTES			0x00000080

#define OS_FILE_DIRECTORY_FILE			0x00000001
#define OS_FILE_NON_DIRECTORY_FILE		0x00000040

#define OS_FILE_SHARE_READ			0x00000001
#define OS_FILE_SHARE_WRITE			0x00000002
#define OS_FILE_SHARE_DELETE			0x00000004

#define OS_CURRENT_PROCESS_HANDLE		(void *)(uintptr_t)(-1)
#define OS_CURRENT_THREAD_HANDLE		(void *)(uintptr_t)(-2)


enum os_object_info_class {
	OS_OBJECT_BASIC_INFORMATION	= 0,
	OS_OBJECT_NAME_INFORMATION	= 1,
	OS_OBJECT_TYPE_INFORMATION	= 2,
	OS_OBJECT_ALL_TYPES_INFORMATION	= 3,
	OS_OBJECT_HANDLE_INFORMATION	= 4
};


enum os_memory_info_class {
	OS_MEMORY_BASIC_INFORMATION,
	OS_MEMORY_WORKING_SET_LIST,
	OS_MEMORY_SECTION_NAME,
	OS_MEMORY_BASIC_VLM_INFORMATION
};


struct os_oa {
	uint32_t		len;
	void *			root_dir;
	struct pe_unicode_str *	obj_name;
	uint32_t		obj_attr;
	void *			sec_desc;
	void *			sec_qos;
};


struct os_iosb {
	union {
		int32_t		status;
		void *		pointer;
	};
	intptr_t		info;
};


struct os_proc_params {
	uint32_t		alloc_size;
	uint32_t		used_size;
	uint32_t		flags;
	uint32_t		reserved;
	void *			hconsole;
	uintptr_t		console_flags;
	void *			hstdin;
	void *			hstdout;
	void *			hstderr;
	struct pe_unicode_str	cwd_name;
	void *			cwd_handle;
	struct pe_unicode_str	__attr_ptr_size_aligned__ dll_path;
	struct pe_unicode_str	__attr_ptr_size_aligned__ image_file_name;
	struct pe_unicode_str	__attr_ptr_size_aligned__ command_line;
	wchar16_t *		environment;
	uint32_t		dwx;
	uint32_t		dwy;
	uint32_t		dwx_size;
	uint32_t		dwy_size;
	uint32_t		dwx_count_chars;
	uint32_t		dwy_count_chars;
	uint32_t		dw_fill_attribute;
	uint32_t		dw_flags;
	uint32_t		wnd_show;
	struct pe_unicode_str	wnd_title;
	struct pe_unicode_str	__attr_ptr_size_aligned__ desktop;
	struct pe_unicode_str	__attr_ptr_size_aligned__ shell_info;
	struct pe_unicode_str	__attr_ptr_size_aligned__ runtime_data;
};


struct os_peb {
	unsigned char		reserved_1st[2];
	unsigned char         	debugged;
	unsigned char		reserved_2nd[1];
	void *			reserved_3rd[2];
	struct pe_peb_ldr_data*	peb_ldr_data;
	struct os_proc_params *	process_params;
	unsigned char		reserved_4th[104];
	void *			reserved_5th[52];
	void * 			post_process_init_routine;
	unsigned char		reserved_6th[128];
	void *			reserved_7th[1];
	uint32_t		session_id;
};


typedef int32_t __stdcall os_zw_close(
	__in	void *			handle);


typedef int32_t __stdcall os_zw_query_object(
	__in	void *			handle,
	__in	int			obj_info_class,
	__out	void *			obj_info,
	__in	size_t			obj_info_length,
	__out	uint32_t *		returned_length		__optional);


typedef int32_t __stdcall os_zw_query_virtual_memory(
	__in	void *			hprocess,
	__in	void *			base_address,
	__in	int			mem_info_class,
	__out	void *			mem_info,
	__in	uint32_t		mem_info_length,
	__out	uint32_t *		returned_length	__optional);


typedef int32_t __stdcall os_zw_read_virtual_memory(
	__in	void *			hprocess,
	__in	void *			base_address,
	__out	char *			buffer,
	__in	size_t			buffer_length,
	__out	size_t *		bytes_written);


typedef int32_t __stdcall os_zw_open_file(
	__out	void **			hfile,
	__in	uint32_t		desired_access,
	__in	struct os_oa *		obj_attr,
	__out	struct os_iosb *	io_status_block,
	__in	uint32_t		share_access,
	__in	uint32_t		open_options);


typedef int32_t __stdcall os_ldr_load_dll(
	__in	wchar16_t *		image_path	__optional,
	__in	uint32_t *		image_flags	__optional,
	__in	struct pe_unicode_str *	image_name,
	__out	void **			image_base);


typedef int32_t __stdcall os_zw_terminate_process(
	__in	void *		hprocess,
	__in	int32_t		status);

#endif