|
|
dd89bb |
/********************************************************/
|
|
|
dd89bb |
/* ntapi: Native API core library */
|
|
|
64e606 |
/* Copyright (C) 2013--2021 SysDeer Technologies, LLC */
|
|
|
dd89bb |
/* Released under GPLv2 and GPLv3; see COPYING.NTAPI. */
|
|
|
dd89bb |
/********************************************************/
|
|
|
dd89bb |
|
|
|
dd89bb |
#include <psxtypes/psxtypes.h>
|
|
|
dd89bb |
#include <pemagine/pemagine.h>
|
|
|
dd89bb |
|
|
|
dd89bb |
#include <ntapi/nt_status.h>
|
|
|
dd89bb |
#include <ntapi/nt_crc32.h>
|
|
|
265305 |
#include <ntapi/nt_crc64.h>
|
|
|
dd89bb |
#include <ntapi/nt_object.h>
|
|
|
dd89bb |
#include <ntapi/nt_sysinfo.h>
|
|
|
dd89bb |
#include <ntapi/nt_memory.h>
|
|
|
dd89bb |
#include <ntapi/nt_section.h>
|
|
|
dd89bb |
#include <ntapi/nt_thread.h>
|
|
|
dd89bb |
#include <ntapi/nt_process.h>
|
|
|
dd89bb |
#include <ntapi/nt_job.h>
|
|
|
dd89bb |
#include <ntapi/nt_token.h>
|
|
|
dd89bb |
#include <ntapi/nt_sync.h>
|
|
|
dd89bb |
#include <ntapi/nt_time.h>
|
|
|
dd89bb |
#include <ntapi/nt_profiling.h>
|
|
|
dd89bb |
#include <ntapi/nt_port.h>
|
|
|
dd89bb |
#include <ntapi/nt_device.h>
|
|
|
dd89bb |
#include <ntapi/nt_file.h>
|
|
|
dd89bb |
#include <ntapi/nt_registry.h>
|
|
|
dd89bb |
#include <ntapi/nt_security.h>
|
|
|
dd89bb |
#include <ntapi/nt_pnp.h>
|
|
|
dd89bb |
#include <ntapi/nt_exception.h>
|
|
|
dd89bb |
#include <ntapi/nt_locale.h>
|
|
|
dd89bb |
#include <ntapi/nt_uuid.h>
|
|
|
dd89bb |
#include <ntapi/nt_atom.h>
|
|
|
dd89bb |
#include <ntapi/nt_os.h>
|
|
|
dd89bb |
#include <ntapi/nt_ldr.h>
|
|
|
dd89bb |
#include <ntapi/nt_string.h>
|
|
|
dd89bb |
#include <ntapi/nt_guid.h>
|
|
|
dd89bb |
#include <ntapi/nt_argv.h>
|
|
|
dd89bb |
#include <ntapi/nt_blitter.h>
|
|
|
dd89bb |
#include <ntapi/nt_unicode.h>
|
|
|
dd89bb |
#include <ntapi/nt_socket.h>
|
|
|
dd89bb |
#include <ntapi/nt_mount.h>
|
|
|
dd89bb |
#include <ntapi/nt_istat.h>
|
|
|
dd89bb |
#include <ntapi/nt_stat.h>
|
|
|
dd89bb |
#include <ntapi/nt_statfs.h>
|
|
|
dd89bb |
#include <ntapi/nt_daemon.h>
|
|
|
dd89bb |
#include <ntapi/nt_tty.h>
|
|
|
6a4793 |
#include <ntapi/nt_afl.h>
|
|
|
dd89bb |
#include <ntapi/nt_hash.h>
|
|
|
a7ffe3 |
#include <ntapi/nt_log.h>
|
|
|
dd89bb |
#include <ntapi/nt_atomic.h>
|
|
|
dd89bb |
#include <ntapi/ntapi.h>
|
|
|
dd89bb |
|
|
|
dd89bb |
#include "ntapi_impl.h"
|
|
|
dd89bb |
#include "ntapi_hash_table.h"
|
|
|
dd89bb |
|
|
|
dd89bb |
/* simplified once mechanism for free-standing applications */
|
|
|
dd89bb |
typedef int32_t __fastcall __ntapi_init_fn(ntapi_vtbl ** pvtbl);
|
|
|
dd89bb |
|
|
|
dd89bb |
static __ntapi_init_fn __ntapi_init_once;
|
|
|
dd89bb |
static __ntapi_init_fn __ntapi_init_pending;
|
|
|
dd89bb |
static __ntapi_init_fn __ntapi_init_completed;
|
|
|
dd89bb |
|
|
|
dd89bb |
static intptr_t __ntapi_init_idx = 0;
|
|
|
dd89bb |
static __ntapi_init_fn * __ntapi_init_vtbl[3] = {
|
|
|
dd89bb |
__ntapi_init_once,
|
|
|
dd89bb |
__ntapi_init_pending,
|
|
|
dd89bb |
__ntapi_init_completed};
|
|
|
dd89bb |
|
|
|
dd89bb |
/* accessor */
|
|
|
1219be |
ntapi_vtbl ___ntapi;
|
|
|
1219be |
ntapi_vtbl ___ntapi_shadow;
|
|
|
dd89bb |
|
|
|
dd89bb |
/* .bss */
|
|
|
dd89bb |
static __ntapi_img_sec_bss __ntapi_img_bss;
|
|
|
dd89bb |
|
|
|
dd89bb |
/* .rdata */
|
|
|
dd89bb |
static union __ntapi_img_rdata __ntapi_rdata = {{
|
|
|
dd89bb |
{__NTAPI_HASH_TABLE}, /* __ntapi_import_table */
|
|
|
dd89bb |
0, /* __ntapi */
|
|
|
1219be |
{ /* __session_name */
|
|
|
1219be |
{0},0,{0},
|
|
|
1219be |
{0,{0},0},
|
|
|
1219be |
{{0},0,{0},0,{0},0,{0},0,{0},0,{0}},
|
|
|
1219be |
0},
|
|
|
1219be |
0}};
|
|
|
dd89bb |
|
|
|
dd89bb |
#define internals __ntapi_rdata.img_sec_data.__internals
|
|
|
dd89bb |
#define import_table __ntapi_rdata.img_sec_data.__ntapi_import_table
|
|
|
dd89bb |
|
|
|
dd89bb |
|
|
|
3841d3 |
static int __ipc_memfn(
|
|
|
3841d3 |
struct dalist_ex * dlist,
|
|
|
3841d3 |
void ** addr,
|
|
|
3841d3 |
size_t * alloc_size)
|
|
|
3841d3 |
{
|
|
|
3841d3 |
(void)dlist;
|
|
|
3841d3 |
(void)addr;
|
|
|
3841d3 |
(void)alloc_size;
|
|
|
3841d3 |
|
|
|
3841d3 |
return DALIST_EMEMFN;
|
|
|
3841d3 |
}
|
|
|
3841d3 |
|
|
|
6949e6 |
static void __ntapi_init_adjust_privileges(void)
|
|
|
6949e6 |
{
|
|
|
6949e6 |
uintptr_t buffer[64];
|
|
|
6949e6 |
nt_token_privileges * tokprivs;
|
|
|
6949e6 |
|
|
|
6949e6 |
/* token privileges */
|
|
|
6949e6 |
tokprivs = (nt_token_privileges *)buffer;
|
|
|
c2109a |
tokprivs->privilege_count = 6;
|
|
|
6949e6 |
|
|
|
6949e6 |
tokprivs->privileges[0].attributes = NT_SE_ENABLE_PRIVILEGE;
|
|
|
6949e6 |
tokprivs->privileges[0].luid.low = NT_SE_CREATE_SYMBOLIC_LINK_PRIVILEGE;
|
|
|
6949e6 |
tokprivs->privileges[0].luid.high = 0;
|
|
|
6949e6 |
|
|
|
6949e6 |
tokprivs->privileges[1].attributes = NT_SE_ENABLE_PRIVILEGE;
|
|
|
6949e6 |
tokprivs->privileges[1].luid.low = NT_SE_TAKE_OWNERSHIP_PRIVILEGE;
|
|
|
6949e6 |
tokprivs->privileges[1].luid.high = 0;
|
|
|
6949e6 |
|
|
|
6949e6 |
tokprivs->privileges[2].attributes = NT_SE_ENABLE_PRIVILEGE;
|
|
|
6949e6 |
tokprivs->privileges[2].luid.low = NT_SE_BACKUP_PRIVILEGE;
|
|
|
6949e6 |
tokprivs->privileges[2].luid.high = 0;
|
|
|
6949e6 |
|
|
|
6949e6 |
tokprivs->privileges[3].attributes = NT_SE_ENABLE_PRIVILEGE;
|
|
|
6949e6 |
tokprivs->privileges[3].luid.low = NT_SE_RESTORE_PRIVILEGE;
|
|
|
6949e6 |
tokprivs->privileges[3].luid.high = 0;
|
|
|
6949e6 |
|
|
|
c2109a |
tokprivs->privileges[4].attributes = NT_SE_ENABLE_PRIVILEGE;
|
|
|
c2109a |
tokprivs->privileges[4].luid.low = NT_SE_AUDIT_PRIVILEGE;
|
|
|
c2109a |
tokprivs->privileges[4].luid.high = 0;
|
|
|
c2109a |
|
|
|
c2109a |
tokprivs->privileges[5].attributes = NT_SE_ENABLE_PRIVILEGE;
|
|
|
c2109a |
tokprivs->privileges[5].luid.low = NT_SE_DEBUG_PRIVILEGE;
|
|
|
c2109a |
tokprivs->privileges[5].luid.high = 0;
|
|
|
c2109a |
|
|
|
6949e6 |
/* (attempt to) set any or all */
|
|
|
6949e6 |
__ntapi->zw_adjust_privileges_token(
|
|
|
6949e6 |
internals->htoken,0,tokprivs,
|
|
|
6949e6 |
0,0,0);
|
|
|
6949e6 |
}
|
|
|
6949e6 |
|
|
|
6949e6 |
|
|
|
dd89bb |
static int32_t __fastcall __ntapi_init_once(ntapi_vtbl ** pvtbl)
|
|
|
dd89bb |
{
|
|
|
dd89bb |
int32_t status;
|
|
|
dd89bb |
void * hntdll;
|
|
|
dd89bb |
size_t block_size;
|
|
|
99ec4d |
size_t buf[64];
|
|
|
0a8487 |
unsigned char * value;
|
|
|
0a8487 |
uint16_t sacnt;
|
|
|
80b89c |
nt_oa oa;
|
|
|
80b89c |
nt_cid cid;
|
|
|
dd89bb |
ntapi_zw_allocate_virtual_memory * pfn_zw_allocate_virtual_memory;
|
|
|
fc3ec7 |
char fname_allocate_virtual_memory[] =
|
|
|
fc3ec7 |
"ZwAllocateVirtualMemory";
|
|
|
dd89bb |
/* once */
|
|
|
dd89bb |
at_locked_inc(&__ntapi_init_idx);
|
|
|
dd89bb |
|
|
|
dd89bb |
/* pvtbl */
|
|
|
dd89bb |
if (!(pvtbl))
|
|
|
dd89bb |
return NT_STATUS_INVALID_PARAMETER;
|
|
|
dd89bb |
else
|
|
|
dd89bb |
*pvtbl = (ntapi_vtbl *)0;
|
|
|
dd89bb |
|
|
|
dd89bb |
/* ntdll */
|
|
|
dd89bb |
if (!(hntdll = pe_get_ntdll_module_handle()))
|
|
|
dd89bb |
return NT_STATUS_DLL_INIT_FAILED;
|
|
|
dd89bb |
|
|
|
dd89bb |
pfn_zw_allocate_virtual_memory = (ntapi_zw_allocate_virtual_memory *)
|
|
|
dd89bb |
pe_get_procedure_address(
|
|
|
dd89bb |
hntdll,
|
|
|
dd89bb |
fname_allocate_virtual_memory);
|
|
|
dd89bb |
|
|
|
dd89bb |
if (!pfn_zw_allocate_virtual_memory)
|
|
|
dd89bb |
return NT_STATUS_DLL_INIT_FAILED;
|
|
|
dd89bb |
|
|
|
dd89bb |
/* ntapi_internals: alloc */
|
|
|
dd89bb |
block_size = sizeof(ntapi_internals);
|
|
|
dd89bb |
status = pfn_zw_allocate_virtual_memory(
|
|
|
dd89bb |
NT_CURRENT_PROCESS_HANDLE,
|
|
|
dd89bb |
(void **)&internals,
|
|
|
dd89bb |
0,
|
|
|
dd89bb |
&block_size,
|
|
|
dd89bb |
NT_MEM_COMMIT,
|
|
|
dd89bb |
NT_PAGE_READWRITE);
|
|
|
dd89bb |
|
|
|
dd89bb |
if (status != NT_STATUS_SUCCESS)
|
|
|
dd89bb |
return status;
|
|
|
dd89bb |
|
|
|
30d28d |
/* ipc connection list */
|
|
|
30d28d |
if ((status = dalist_init_ex(
|
|
|
30d28d |
&internals->ipc_conns,
|
|
|
30d28d |
sizeof(nt_ipc_conn),
|
|
|
30d28d |
NT_ALLOCATION_GRANULARITY,
|
|
|
3841d3 |
__ipc_memfn,
|
|
|
30d28d |
DALIST_MEMFN_CUSTOM)))
|
|
|
30d28d |
return status;
|
|
|
30d28d |
|
|
|
30d28d |
dalist_deposit_memory_block(
|
|
|
30d28d |
&internals->ipc_conns,
|
|
|
30d28d |
&__ntapi_img_bss.ipc_buffer,
|
|
|
30d28d |
__NT_BSS_IPC_BUFFER_SIZE);
|
|
|
30d28d |
|
|
|
dd89bb |
/* hashed import table */
|
|
|
dd89bb |
__ntapi_tt_populate_hashed_import_table(
|
|
|
dd89bb |
pe_get_ntdll_module_handle(),
|
|
|
dd89bb |
__ntapi,
|
|
|
dd89bb |
import_table,
|
|
|
dd89bb |
__NT_IMPORTED_SYMBOLS_ARRAY_SIZE);
|
|
|
dd89bb |
|
|
|
dd89bb |
/* alternate implementation */
|
|
|
dd89bb |
__ntapi->rtl_init_unicode_string = __ntapi_tt_init_unicode_string_from_utf16;
|
|
|
47cc6e |
__ntapi->strlen = __ntapi_tt_string_null_offset_multibyte;
|
|
|
47cc6e |
__ntapi->wcslen = __ntapi_tt_wcslen;
|
|
|
dd89bb |
|
|
|
dd89bb |
/* extension functions */
|
|
|
dd89bb |
/* nt_object.h */
|
|
|
661c27 |
__ntapi->tt_open_ipc_object_directory = __ntapi_tt_open_ipc_object_directory;
|
|
|
661c27 |
__ntapi->tt_create_ipc_object_directory_entry = __ntapi_tt_create_ipc_object_directory_entry;
|
|
|
6729c8 |
__ntapi->tt_open_dev_object_directory = __ntapi_tt_open_dev_object_directory;
|
|
|
6729c8 |
__ntapi->tt_create_dev_object_directory_entry = __ntapi_tt_create_dev_object_directory_entry;
|
|
|
dd89bb |
__ntapi->tt_create_keyed_object_directory = __ntapi_tt_create_keyed_object_directory;
|
|
|
dd89bb |
__ntapi->tt_open_keyed_object_directory = __ntapi_tt_open_keyed_object_directory;
|
|
|
dd89bb |
__ntapi->tt_create_keyed_object_directory_entry = __ntapi_tt_create_keyed_object_directory_entry;
|
|
|
8ca63f |
__ntapi->tt_keyed_object_to_key = __ntapi_tt_keyed_object_to_key;
|
|
|
e7235f |
__ntapi->tt_sid_copy = __ntapi_tt_sid_copy;
|
|
|
227c15 |
__ntapi->tt_sid_compare = __ntapi_tt_sid_compare;
|
|
|
dd89bb |
|
|
|
dd89bb |
/* nt_crc32.h */
|
|
|
dd89bb |
__ntapi->tt_buffer_crc32 = __ntapi_tt_buffer_crc32;
|
|
|
dd89bb |
__ntapi->tt_mbstr_crc32 = __ntapi_tt_mbstr_crc32;
|
|
|
dd89bb |
__ntapi->tt_crc32_table = __ntapi_tt_crc32_table;
|
|
|
dd89bb |
|
|
|
265305 |
/* nt_crc64.h */
|
|
|
265305 |
__ntapi->tt_buffer_crc64 = __ntapi_tt_buffer_crc64;
|
|
|
265305 |
__ntapi->tt_mbstr_crc64 = __ntapi_tt_mbstr_crc64;
|
|
|
265305 |
__ntapi->tt_crc64_table = __ntapi_tt_crc64_table;
|
|
|
265305 |
|
|
|
dd89bb |
/* nt_file.h */
|
|
|
fc3ec7 |
__ntapi->tt_get_file_handle_type = __ntapi_tt_get_file_handle_type;
|
|
|
dd89bb |
__ntapi->tt_open_logical_parent_directory = __ntapi_tt_open_logical_parent_directory;
|
|
|
dd89bb |
__ntapi->tt_open_physical_parent_directory = __ntapi_tt_open_physical_parent_directory;
|
|
|
0e25b0 |
__ntapi->tt_open_volume_by_guid = __ntapi_tt_open_volume_by_guid;
|
|
|
dd89bb |
|
|
|
30d28d |
/* nt_ipc.h */
|
|
|
30d28d |
__ntapi->ipc_connect_by_attr = __ntapi_ipc_connect_by_attr;
|
|
|
30d28d |
__ntapi->ipc_connect_by_name = __ntapi_ipc_connect_by_name;
|
|
|
30d28d |
__ntapi->ipc_connect_by_symlink = __ntapi_ipc_connect_by_symlink;
|
|
|
30d28d |
__ntapi->ipc_connect_by_port = __ntapi_ipc_connect_by_port;
|
|
|
1b6aec |
__ntapi->ipc_connect_section_by_attr = __ntapi_ipc_connect_section_by_attr;
|
|
|
1b6aec |
__ntapi->ipc_connect_section_by_name = __ntapi_ipc_connect_section_by_name;
|
|
|
1b6aec |
__ntapi->ipc_connect_section_by_symlink = __ntapi_ipc_connect_section_by_symlink;
|
|
|
1b6aec |
__ntapi->ipc_connect_section_by_port = __ntapi_ipc_connect_section_by_port;
|
|
|
edb085 |
__ntapi->ipc_get_port_by_attr = __ntapi_ipc_get_port_by_attr;
|
|
|
edb085 |
__ntapi->ipc_get_port_section_by_attr = __ntapi_ipc_get_port_section_by_attr;
|
|
|
1b6aec |
__ntapi->ipc_init_section_by_port = __ntapi_ipc_init_section_by_port;
|
|
|
1b6aec |
__ntapi->ipc_disconnect_unmap_section_by_port = __ntapi_ipc_disconnect_unmap_section_by_port;
|
|
|
30d28d |
|
|
|
9faf9a |
/* nt_sem.h */
|
|
|
9faf9a |
__ntapi->sem_create = __ntapi_sem_create;
|
|
|
9faf9a |
__ntapi->sem_open = __ntapi_sem_open;
|
|
|
9faf9a |
__ntapi->sem_fcntl = __ntapi_sem_fcntl;
|
|
|
9faf9a |
__ntapi->sem_ioctl = __ntapi_sem_ioctl;
|
|
|
9faf9a |
__ntapi->sem_query = __ntapi_sem_query;
|
|
|
9faf9a |
__ntapi->sem_set = __ntapi_sem_set;
|
|
|
9faf9a |
__ntapi->sem_cancel = __ntapi_sem_cancel;
|
|
|
9faf9a |
__ntapi->sem_free = __ntapi_sem_free;
|
|
|
9faf9a |
|
|
|
47f21a |
/* nt_msq.h */
|
|
|
47f21a |
__ntapi->msq_create = __ntapi_msq_create;
|
|
|
47f21a |
__ntapi->msq_open = __ntapi_msq_open;
|
|
|
47f21a |
__ntapi->msq_send = __ntapi_msq_send;
|
|
|
47f21a |
__ntapi->msq_recv = __ntapi_msq_recv;
|
|
|
47f21a |
__ntapi->msq_fcntl = __ntapi_msq_fcntl;
|
|
|
47f21a |
__ntapi->msq_ioctl = __ntapi_msq_ioctl;
|
|
|
47f21a |
__ntapi->msq_query = __ntapi_msq_query;
|
|
|
47f21a |
__ntapi->msq_set = __ntapi_msq_set;
|
|
|
47f21a |
__ntapi->msq_cancel = __ntapi_msq_cancel;
|
|
|
47f21a |
__ntapi->msq_free = __ntapi_msq_free;
|
|
|
47f21a |
|
|
|
6a4793 |
/* nt_afl.h */
|
|
|
6a4793 |
__ntapi->afl_create = __ntapi_afl_create;
|
|
|
6a4793 |
__ntapi->afl_open = __ntapi_afl_open;
|
|
|
6a4793 |
__ntapi->afl_fcntl = __ntapi_afl_fcntl;
|
|
|
6a4793 |
__ntapi->afl_ioctl = __ntapi_afl_ioctl;
|
|
|
6a4793 |
__ntapi->afl_query = __ntapi_afl_query;
|
|
|
6a4793 |
__ntapi->afl_set = __ntapi_afl_set;
|
|
|
6a4793 |
__ntapi->afl_cancel = __ntapi_afl_cancel;
|
|
|
6a4793 |
__ntapi->afl_free = __ntapi_afl_free;
|
|
|
6a4793 |
|
|
|
dd89bb |
/* nt_ldr.h */
|
|
|
dd89bb |
__ntapi->ldr_load_system_dll = __ntapi_ldr_load_system_dll;
|
|
|
dd89bb |
__ntapi->ldr_create_state_snapshot = __ntapi_ldr_create_state_snapshot;
|
|
|
dd89bb |
__ntapi->ldr_revert_state_to_snapshot = __ntapi_ldr_revert_state_to_snapshot;
|
|
|
dd89bb |
|
|
|
dd89bb |
/* nt_string.h */
|
|
|
dd89bb |
__ntapi->tt_string_null_offset_multibyte = __ntapi_tt_string_null_offset_multibyte;
|
|
|
dd89bb |
__ntapi->tt_string_null_offset_short = __ntapi_tt_string_null_offset_short;
|
|
|
dd89bb |
__ntapi->tt_string_null_offset_dword = __ntapi_tt_string_null_offset_dword;
|
|
|
dd89bb |
__ntapi->tt_string_null_offset_qword = __ntapi_tt_string_null_offset_qword;
|
|
|
dd89bb |
__ntapi->tt_string_null_offset_ptrsize = __ntapi_tt_string_null_offset_ptrsize;
|
|
|
c30ed7 |
__ntapi->tt_strcmp_multibyte = __ntapi_tt_strcmp_multibyte;
|
|
|
060ead |
__ntapi->tt_strcmp_utf16 = __ntapi_tt_strcmp_utf16;
|
|
|
964eed |
__ntapi->tt_strncmp_multibyte = __ntapi_tt_strncmp_multibyte;
|
|
|
a2ea1b |
__ntapi->tt_strncmp_utf16 = __ntapi_tt_strncmp_utf16;
|
|
|
dd89bb |
__ntapi->tt_aligned_block_memset = __ntapi_tt_aligned_block_memset;
|
|
|
dd89bb |
__ntapi->tt_aligned_block_memcpy = __ntapi_tt_aligned_block_memcpy;
|
|
|
e29bce |
__ntapi->tt_aligned_block_memlock = __ntapi_tt_aligned_block_memlock;
|
|
|
dd89bb |
__ntapi->tt_memcpy_utf16 = __ntapi_tt_memcpy_utf16;
|
|
|
dd89bb |
__ntapi->tt_aligned_memcpy_utf16 = __ntapi_tt_aligned_memcpy_utf16;
|
|
|
dd89bb |
__ntapi->tt_generic_memset = __ntapi_tt_generic_memset;
|
|
|
dd89bb |
__ntapi->tt_generic_memcpy = __ntapi_tt_generic_memcpy;
|
|
|
dd89bb |
__ntapi->tt_uint16_to_hex_utf16 = __ntapi_tt_uint16_to_hex_utf16;
|
|
|
dd89bb |
__ntapi->tt_uint32_to_hex_utf16 = __ntapi_tt_uint32_to_hex_utf16;
|
|
|
dd89bb |
__ntapi->tt_uint64_to_hex_utf16 = __ntapi_tt_uint64_to_hex_utf16;
|
|
|
dd89bb |
__ntapi->tt_uintptr_to_hex_utf16 = __ntapi_tt_uintptr_to_hex_utf16;
|
|
|
a41388 |
|
|
|
dd89bb |
__ntapi->tt_hex_utf16_to_uint16 = __ntapi_tt_hex_utf16_to_uint16;
|
|
|
dd89bb |
__ntapi->tt_hex_utf16_to_uint32 = __ntapi_tt_hex_utf16_to_uint32;
|
|
|
dd89bb |
__ntapi->tt_hex_utf16_to_uint64 = __ntapi_tt_hex_utf16_to_uint64;
|
|
|
dd89bb |
__ntapi->tt_hex_utf16_to_uintptr = __ntapi_tt_hex_utf16_to_uintptr;
|
|
|
a41388 |
|
|
|
a41388 |
__ntapi->tt_hex_utf8_to_uint16 = __ntapi_tt_hex_utf8_to_uint16;
|
|
|
a41388 |
__ntapi->tt_hex_utf8_to_uint32 = __ntapi_tt_hex_utf8_to_uint32;
|
|
|
a41388 |
__ntapi->tt_hex_utf8_to_uint64 = __ntapi_tt_hex_utf8_to_uint64;
|
|
|
a41388 |
__ntapi->tt_hex_utf8_to_uintptr = __ntapi_tt_hex_utf8_to_uintptr;
|
|
|
a41388 |
|
|
|
dd89bb |
__ntapi->tt_init_unicode_string_from_utf16 = __ntapi_tt_init_unicode_string_from_utf16;
|
|
|
dd89bb |
__ntapi->tt_uint16_to_hex_utf8 = __ntapi_tt_uint16_to_hex_utf8;
|
|
|
dd89bb |
__ntapi->tt_uint32_to_hex_utf8 = __ntapi_tt_uint32_to_hex_utf8;
|
|
|
dd89bb |
__ntapi->tt_uint64_to_hex_utf8 = __ntapi_tt_uint64_to_hex_utf8;
|
|
|
dd89bb |
__ntapi->tt_uintptr_to_hex_utf8 = __ntapi_tt_uintptr_to_hex_utf8;
|
|
|
aac1ec |
__ntapi->tt_uintptr_to_dec_utf16 = __ntapi_tt_uintptr_to_dec_utf16;
|
|
|
aac1ec |
__ntapi->tt_uintptr_to_dec_utf8 = __ntapi_tt_uintptr_to_dec_utf8;
|
|
|
aac1ec |
__ntapi->tt_uintptr_to_dec_null_utf16 = __ntapi_tt_uintptr_to_dec_null_utf16;
|
|
|
aac1ec |
__ntapi->tt_uintptr_to_dec_null_utf8 = __ntapi_tt_uintptr_to_dec_null_utf8;
|
|
|
23d954 |
__ntapi->tt_dec_utf16_to_uint16 = __ntapi_tt_dec_utf16_to_uint16;
|
|
|
23d954 |
__ntapi->tt_dec_utf16_to_uint32 = __ntapi_tt_dec_utf16_to_uint32;
|
|
|
23d954 |
__ntapi->tt_dec_utf16_to_uint64 = __ntapi_tt_dec_utf16_to_uint64;
|
|
|
23d954 |
__ntapi->tt_dec_utf16_to_uintptr = __ntapi_tt_dec_utf16_to_uintptr;
|
|
|
dd89bb |
|
|
|
dd89bb |
/* nt_guid.h */
|
|
|
dd89bb |
__ntapi->tt_guid_copy = __ntapi_tt_guid_copy;
|
|
|
dd89bb |
__ntapi->tt_guid_compare = __ntapi_tt_guid_compare;
|
|
|
701eb2 |
__ntapi->tt_guid_to_string_utf16 = __ntapi_tt_guid_to_string_utf16;
|
|
|
701eb2 |
__ntapi->tt_string_to_guid_utf16 = __ntapi_tt_string_to_guid_utf16;
|
|
|
fea48d |
__ntapi->tt_guid_to_string_utf8 = __ntapi_tt_guid_to_string_utf8;
|
|
|
5d7f04 |
__ntapi->tt_string_to_guid_utf8 = __ntapi_tt_string_to_guid_utf8;
|
|
|
dd89bb |
|
|
|
dd89bb |
/* nt_sysinfo.h */
|
|
|
dd89bb |
__ntapi->tt_get_system_directory_native_path = __ntapi_tt_get_system_directory_native_path;
|
|
|
dd89bb |
__ntapi->tt_get_system_directory_dos_path = __ntapi_tt_get_system_directory_dos_path;
|
|
|
dd89bb |
__ntapi->tt_get_system_directory_handle = __ntapi_tt_get_system_directory_handle;
|
|
|
dd89bb |
__ntapi->tt_get_system_info_snapshot = __ntapi_tt_get_system_info_snapshot;
|
|
|
dd89bb |
|
|
|
dd89bb |
/* nt_thread.h */
|
|
|
dd89bb |
__ntapi->tt_create_local_thread = __ntapi_tt_create_local_thread;
|
|
|
dd89bb |
__ntapi->tt_create_remote_thread = __ntapi_tt_create_remote_thread;
|
|
|
dd89bb |
__ntapi->tt_create_thread = __ntapi_tt_create_thread;
|
|
|
dd89bb |
|
|
|
dd89bb |
/* nt_process.h */
|
|
|
268ef4 |
__ntapi->tt_fork = __ntapi_tt_fork;
|
|
|
dd89bb |
__ntapi->tt_create_remote_process_params = __ntapi_tt_create_remote_process_params;
|
|
|
c164ff |
__ntapi->tt_spawn_native_process = __ntapi_tt_spawn_native_process;
|
|
|
d326cc |
__ntapi->tt_spawn_foreign_process = __ntapi_tt_spawn_foreign_process;
|
|
|
dd89bb |
__ntapi->tt_get_runtime_data = __ntapi_tt_get_runtime_data;
|
|
|
dd89bb |
__ntapi->tt_init_runtime_data = __ntapi_tt_init_runtime_data;
|
|
|
dd89bb |
__ntapi->tt_update_runtime_data = __ntapi_tt_update_runtime_data;
|
|
|
dd89bb |
__ntapi->tt_exec_map_image_as_data = __ntapi_tt_exec_map_image_as_data;
|
|
|
dd89bb |
__ntapi->tt_exec_unmap_image = __ntapi_tt_exec_unmap_image;
|
|
|
dd89bb |
|
|
|
5f1999 |
/* nt_token.h */
|
|
|
5f1999 |
__ntapi->tt_enable_token_privilege = __ntapi_tt_enable_token_privilege;
|
|
|
5f1999 |
__ntapi->tt_disable_token_privilege = __ntapi_tt_disable_token_privilege;
|
|
|
5f1999 |
|
|
|
dd89bb |
/* nt_section.h */
|
|
|
dd89bb |
__ntapi->tt_get_section_name = __ntapi_tt_get_section_name;
|
|
|
dd89bb |
|
|
|
dd89bb |
/* nt_sync.h */
|
|
|
dd89bb |
__ntapi->tt_create_inheritable_event = __ntapi_tt_create_inheritable_event;
|
|
|
dd89bb |
__ntapi->tt_create_private_event = __ntapi_tt_create_private_event;
|
|
|
dd89bb |
__ntapi->tt_wait_for_dummy_event = __ntapi_tt_wait_for_dummy_event;
|
|
|
dd89bb |
|
|
|
dd89bb |
/* nt_port.h */
|
|
|
dd89bb |
__ntapi->csr_port_handle = __ntapi_csr_port_handle;
|
|
|
dd89bb |
__ntapi->tt_port_guid_from_type = __ntapi_tt_port_guid_from_type;
|
|
|
dd89bb |
__ntapi->tt_port_type_from_guid = __ntapi_tt_port_type_from_guid;
|
|
|
94b7f5 |
__ntapi->tt_port_prefix_from_type = __ntapi_tt_port_prefix_from_type;
|
|
|
dd89bb |
__ntapi->tt_port_generate_keys = __ntapi_tt_port_generate_keys;
|
|
|
dd89bb |
__ntapi->tt_port_format_keys = __ntapi_tt_port_format_keys;
|
|
|
6d5726 |
__ntapi->tt_port_name_from_attr = __ntapi_tt_port_name_from_attr;
|
|
|
d9d178 |
__ntapi->tt_port_attr_from_name = __ntapi_tt_port_attr_from_name;
|
|
|
d9d178 |
__ntapi->tt_port_attr_from_string = __ntapi_tt_port_attr_from_string;
|
|
|
d9d178 |
__ntapi->tt_port_attr_from_symlink = __ntapi_tt_port_attr_from_symlink;
|
|
|
dd89bb |
|
|
|
dd89bb |
/* nt_argv.h */
|
|
|
dd89bb |
__ntapi->tt_get_cmd_line_utf16 = __ntapi_tt_get_cmd_line_utf16;
|
|
|
dd89bb |
__ntapi->tt_get_peb_env_block_utf16 = __ntapi_tt_get_peb_env_block_utf16;
|
|
|
dd89bb |
__ntapi->tt_parse_cmd_line_args_utf16 = __ntapi_tt_parse_cmd_line_args_utf16;
|
|
|
dd89bb |
__ntapi->tt_get_argv_envp_utf8 = __ntapi_tt_get_argv_envp_utf8;
|
|
|
dd89bb |
__ntapi->tt_get_argv_envp_utf16 = __ntapi_tt_get_argv_envp_utf16;
|
|
|
a40312 |
__ntapi->tt_get_env_var_meta_utf8 = __ntapi_tt_get_env_var_meta_utf8;
|
|
|
dd89bb |
__ntapi->tt_get_env_var_meta_utf16 = __ntapi_tt_get_env_var_meta_utf16;
|
|
|
dd89bb |
__ntapi->tt_array_copy_utf16 = __ntapi_tt_array_copy_utf16;
|
|
|
dd89bb |
__ntapi->tt_array_copy_utf8 = __ntapi_tt_array_copy_utf8;
|
|
|
dd89bb |
__ntapi->tt_array_convert_utf8_to_utf16 = __ntapi_tt_array_convert_utf8_to_utf16;
|
|
|
dd89bb |
__ntapi->tt_array_convert_utf16_to_utf8 = __ntapi_tt_array_convert_utf16_to_utf8;
|
|
|
dd89bb |
|
|
|
dd89bb |
/* nt_blitter.h */
|
|
|
dd89bb |
__ntapi->blt_alloc = __ntapi_blt_alloc;
|
|
|
dd89bb |
__ntapi->blt_free = __ntapi_blt_free;
|
|
|
dd89bb |
__ntapi->blt_acquire = __ntapi_blt_acquire;
|
|
|
dd89bb |
__ntapi->blt_obtain = __ntapi_blt_obtain;
|
|
|
dd89bb |
__ntapi->blt_possess = __ntapi_blt_possess;
|
|
|
dd89bb |
__ntapi->blt_release = __ntapi_blt_release;
|
|
|
dd89bb |
__ntapi->blt_get = __ntapi_blt_get;
|
|
|
dd89bb |
__ntapi->blt_set = __ntapi_blt_set;
|
|
|
dd89bb |
|
|
|
dd89bb |
/* nt_unicode.h */
|
|
|
dd89bb |
__ntapi->uc_validate_unicode_stream_utf8 = __ntapi_uc_validate_unicode_stream_utf8;
|
|
|
dd89bb |
__ntapi->uc_validate_unicode_stream_utf16 = __ntapi_uc_validate_unicode_stream_utf16;
|
|
|
dd89bb |
__ntapi->uc_get_code_point_byte_count_utf8 = __ntapi_uc_get_code_point_byte_count_utf8;
|
|
|
dd89bb |
__ntapi->uc_get_code_point_byte_count_utf16 = __ntapi_uc_get_code_point_byte_count_utf16;
|
|
|
dd89bb |
__ntapi->uc_convert_unicode_stream_utf8_to_utf16 = __ntapi_uc_convert_unicode_stream_utf8_to_utf16;
|
|
|
dd89bb |
__ntapi->uc_convert_unicode_stream_utf8_to_utf32 = __ntapi_uc_convert_unicode_stream_utf8_to_utf32;
|
|
|
dd89bb |
__ntapi->uc_convert_unicode_stream_utf16_to_utf8 = __ntapi_uc_convert_unicode_stream_utf16_to_utf8;
|
|
|
dd89bb |
__ntapi->uc_convert_unicode_stream_utf16_to_utf32 = __ntapi_uc_convert_unicode_stream_utf16_to_utf32;
|
|
|
dd89bb |
|
|
|
dd89bb |
/* nt_daemon.h */
|
|
|
dd89bb |
__ntapi->dsr_init = __ntapi_dsr_init;
|
|
|
dd89bb |
__ntapi->dsr_create_port = __ntapi_dsr_create_port;
|
|
|
dd89bb |
|
|
|
60ddd3 |
/* nt_acl.h */
|
|
|
60ddd3 |
__ntapi->acl_init_common_descriptor = __ntapi_acl_init_common_descriptor;
|
|
|
32ec33 |
__ntapi->acl_init_common_descriptor_meta = __ntapi_acl_init_common_descriptor_meta;
|
|
|
60ddd3 |
|
|
|
dd89bb |
/* nt_vfd.h */
|
|
|
dd89bb |
__ntapi->vfd_dev_name_init = __ntapi_vfd_dev_name_init;
|
|
|
dd89bb |
|
|
|
dd89bb |
/* nt_tty.h */
|
|
|
dd89bb |
__ntapi->tty_create_session = __ntapi_tty_create_session;
|
|
|
dd89bb |
__ntapi->tty_join_session = __ntapi_tty_join_session;
|
|
|
dd89bb |
__ntapi->tty_connect = __ntapi_tty_connect;
|
|
|
029ed1 |
__ntapi->tty_client_session_disconnect = __ntapi_tty_client_session_disconnect;
|
|
|
dd89bb |
__ntapi->tty_client_session_query = __ntapi_tty_client_session_query;
|
|
|
dd89bb |
__ntapi->tty_client_session_set = __ntapi_tty_client_session_set;
|
|
|
dd89bb |
__ntapi->tty_client_process_register = __ntapi_tty_client_process_register;
|
|
|
1b6aec |
__ntapi->tty_query_information_section = __ntapi_tty_query_information_section;
|
|
|
dd89bb |
__ntapi->tty_query_information_server = __ntapi_tty_query_information_server;
|
|
|
a1e25a |
__ntapi->tty_query_information_service = __ntapi_tty_query_information_service;
|
|
|
45dcc8 |
__ntapi->tty_query_server_pts_slot_info = __ntapi_tty_query_server_pts_slot_info;
|
|
|
dd89bb |
__ntapi->tty_request_peer = __ntapi_tty_request_peer;
|
|
|
dd89bb |
__ntapi->pty_open = __ntapi_pty_open;
|
|
|
47aaf2 |
__ntapi->pty_open_pair = __ntapi_pty_open_pair;
|
|
|
dd89bb |
__ntapi->pty_reopen = __ntapi_pty_reopen;
|
|
|
efc01e |
__ntapi->pty_inherit = __ntapi_pty_inherit;
|
|
|
5ea20e |
__ntapi->pty_inherit_runtime_ctty = __ntapi_pty_inherit_runtime_ctty;
|
|
|
dd89bb |
__ntapi->pty_close = __ntapi_pty_close;
|
|
|
dd89bb |
__ntapi->pty_read = __ntapi_pty_read;
|
|
|
dd89bb |
__ntapi->pty_write = __ntapi_pty_write;
|
|
|
dd89bb |
__ntapi->pty_ioctl = __ntapi_pty_ioctl;
|
|
|
dd89bb |
__ntapi->pty_query = __ntapi_pty_query;
|
|
|
e62c29 |
__ntapi->pty_xquery = __ntapi_pty_xquery;
|
|
|
fc3ec7 |
__ntapi->pty_set = __ntapi_pty_set;
|
|
|
dd89bb |
__ntapi->pty_cancel = __ntapi_pty_cancel;
|
|
|
dd89bb |
|
|
|
dd89bb |
/* nt_socket.h */
|
|
|
dd89bb |
__ntapi->sc_listen = __ntapi_sc_listen;
|
|
|
dd89bb |
__ntapi->sc_accept = __ntapi_sc_accept;
|
|
|
dd89bb |
__ntapi->sc_send = __ntapi_sc_send;
|
|
|
dd89bb |
__ntapi->sc_recv = __ntapi_sc_recv;
|
|
|
dd89bb |
__ntapi->sc_shutdown = __ntapi_sc_shutdown;
|
|
|
dd89bb |
__ntapi->sc_server_duplicate_socket = __ntapi_sc_server_duplicate_socket;
|
|
|
830346 |
__ntapi->sc_setsockopt = __ntapi_sc_setsockopt;
|
|
|
419228 |
__ntapi->sc_getsockopt = __ntapi_sc_getsockopt;
|
|
|
dd89bb |
__ntapi->sc_wait = __ntapi_sc_wait;
|
|
|
dd89bb |
|
|
|
dd89bb |
/* nt_mount.h */
|
|
|
dd89bb |
__ntapi->tt_get_dos_drive_device_handle = __ntapi_tt_get_dos_drive_device_handle;
|
|
|
dd89bb |
__ntapi->tt_get_dos_drive_root_handle = __ntapi_tt_get_dos_drive_root_handle;
|
|
|
dd89bb |
__ntapi->tt_get_dos_drive_device_name = __ntapi_tt_get_dos_drive_device_name;
|
|
|
dd89bb |
__ntapi->tt_get_dos_drive_mount_points = __ntapi_tt_get_dos_drive_mount_points;
|
|
|
dd89bb |
__ntapi->tt_dev_mount_points_to_statfs = __ntapi_tt_dev_mount_points_to_statfs;
|
|
|
dd89bb |
__ntapi->tt_get_dos_drive_letter_from_device = __ntapi_tt_get_dos_drive_letter_from_device;
|
|
|
dd89bb |
|
|
|
dd89bb |
/* nt_istat.h */
|
|
|
dd89bb |
__ntapi->tt_istat = __ntapi_tt_istat;
|
|
|
dd89bb |
|
|
|
dd89bb |
/* nt_stat.h */
|
|
|
dd89bb |
__ntapi->tt_stat = __ntapi_tt_stat;
|
|
|
dd89bb |
|
|
|
dd89bb |
/* nt_statfs.h */
|
|
|
dd89bb |
__ntapi->tt_statfs = __ntapi_tt_statfs;
|
|
|
dd89bb |
|
|
|
a7ffe3 |
/* nt_log.h */
|
|
|
a7ffe3 |
__ntapi->log_write = __ntapi_log_write;
|
|
|
a7ffe3 |
__ntapi->log_fn_call = __ntapi_log_fn_call;
|
|
|
a7ffe3 |
__ntapi->log_msg = __ntapi_log_msg;
|
|
|
dd89bb |
|
|
|
e20eeb |
/* nt_debug.h */
|
|
|
d4344e |
__ntapi->tt_debug_create_object = __ntapi_tt_debug_create_object;
|
|
|
d4344e |
__ntapi->tt_debug_create_attach_object = __ntapi_tt_debug_create_attach_object;
|
|
|
bf05bd |
__ntapi->tt_debug_execution_flow = __ntapi_tt_debug_execution_flow;
|
|
|
2a7f67 |
__ntapi->tt_debug_break_process = __ntapi_tt_debug_break_process;
|
|
|
e20eeb |
|
|
|
dd89bb |
|
|
|
dd89bb |
/* OS version dependent functions */
|
|
|
dd89bb |
if (__ntapi->zw_create_user_process) {
|
|
|
dd89bb |
__ntapi->tt_create_native_process = __ntapi_tt_create_native_process_v2;
|
|
|
dd89bb |
__ntapi->ipc_create_pipe = __ntapi_ipc_create_pipe_v2;
|
|
|
dd89bb |
__ntapi->sc_socket = __ntapi_sc_socket_v2;
|
|
|
dd89bb |
__ntapi->sc_bind = __ntapi_sc_bind_v2;
|
|
|
dd89bb |
__ntapi->sc_connect = __ntapi_sc_connect_v2;
|
|
|
dd89bb |
__ntapi->sc_server_accept_connection = __ntapi_sc_server_accept_connection_v2;
|
|
|
dd89bb |
__ntapi->sc_getsockname = __ntapi_sc_getsockname_v2;
|
|
|
5d8625 |
__ntapi->sc_getpeername = __ntapi_sc_getpeername_v2;
|
|
|
dd89bb |
} else {
|
|
|
dd89bb |
__ntapi->tt_create_native_process = __ntapi_tt_create_native_process_v1;
|
|
|
dd89bb |
__ntapi->ipc_create_pipe = __ntapi_ipc_create_pipe_v1;
|
|
|
dd89bb |
__ntapi->sc_socket = __ntapi_sc_socket_v1;
|
|
|
dd89bb |
__ntapi->sc_bind = __ntapi_sc_bind_v1;
|
|
|
dd89bb |
__ntapi->sc_connect = __ntapi_sc_connect_v1;
|
|
|
dd89bb |
__ntapi->sc_server_accept_connection = __ntapi_sc_server_accept_connection_v1;
|
|
|
dd89bb |
__ntapi->sc_getsockname = __ntapi_sc_getsockname_v1;
|
|
|
5d8625 |
__ntapi->sc_getpeername = __ntapi_sc_getpeername_v1;
|
|
|
dd89bb |
}
|
|
|
dd89bb |
|
|
|
dd89bb |
/* internals */
|
|
|
dd89bb |
internals->ntapi_img_sec_bss = &__ntapi_img_bss;
|
|
|
dd89bb |
internals->subsystem = &__ntapi_rdata.img_sec_data.__session_name;
|
|
|
dd89bb |
|
|
|
dd89bb |
internals->tt_get_csr_port_handle_addr_by_logic = __GET_CSR_PORT_HANDLE_BY_LOGIC;
|
|
|
dd89bb |
internals->csr_port_handle_addr = __GET_CSR_PORT_HANDLE_BY_LOGIC();
|
|
|
dd89bb |
|
|
|
dd89bb |
/* shadow copy for client libraries */
|
|
|
dd89bb |
__ntapi->tt_aligned_block_memcpy(
|
|
|
dd89bb |
(uintptr_t *)&___ntapi_shadow,
|
|
|
dd89bb |
(uintptr_t *)&___ntapi,
|
|
|
dd89bb |
sizeof(ntapi_vtbl));
|
|
|
dd89bb |
|
|
|
80b89c |
/* process handle */
|
|
|
80b89c |
oa.len = sizeof(oa);
|
|
|
80b89c |
oa.root_dir = 0;
|
|
|
80b89c |
oa.obj_name = 0;
|
|
|
80b89c |
oa.obj_attr = 0;
|
|
|
80b89c |
oa.sec_desc = 0;
|
|
|
80b89c |
oa.sec_qos = 0;
|
|
|
80b89c |
|
|
|
80b89c |
cid.process_id = pe_get_current_process_id();
|
|
|
80b89c |
cid.thread_id = pe_get_current_thread_id();
|
|
|
80b89c |
|
|
|
80b89c |
if ((status = __ntapi->zw_open_process(
|
|
|
80b89c |
&internals->hprocess,
|
|
|
80b89c |
NT_PROCESS_ALL_ACCESS,
|
|
|
80b89c |
&oa,&cid)))
|
|
|
80b89c |
return status;
|
|
|
80b89c |
|
|
|
a3e9aa |
/* process token */
|
|
|
a3e9aa |
if ((status = __ntapi->zw_open_process_token(
|
|
|
a3e9aa |
NT_CURRENT_PROCESS_HANDLE,
|
|
|
a3e9aa |
NT_TOKEN_ALL_ACCESS,
|
|
|
a3e9aa |
&internals->htoken)))
|
|
|
a3e9aa |
return status;
|
|
|
a3e9aa |
|
|
|
6949e6 |
__ntapi_init_adjust_privileges();
|
|
|
41ce6f |
|
|
|
0a8487 |
/* user */
|
|
|
99ec4d |
if ((status = __ntapi->zw_query_information_token(
|
|
|
99ec4d |
internals->htoken,
|
|
|
99ec4d |
NT_TOKEN_USER,
|
|
|
99ec4d |
buf,sizeof(buf),
|
|
|
99ec4d |
&block_size)))
|
|
|
99ec4d |
return status;
|
|
|
99ec4d |
|
|
|
0a8487 |
internals->user = (nt_sid *)&internals->sid_buffer[0];
|
|
|
0a8487 |
internals->admin = (nt_sid *)&internals->sid_buffer[1];
|
|
|
99ec4d |
|
|
|
99ec4d |
__ntapi->tt_sid_copy(
|
|
|
0a8487 |
internals->user,
|
|
|
99ec4d |
((nt_sid_and_attributes *)buf)->sid);
|
|
|
99ec4d |
|
|
|
0a8487 |
/* admin */
|
|
|
0a8487 |
value = internals->user->identifier_authority.value;
|
|
|
0a8487 |
sacnt = internals->user->sub_authority_count;
|
|
|
0a8487 |
|
|
|
0a8487 |
if ((value[0] == 0) && (value[1] == 0)
|
|
|
0a8487 |
&& (value[2] == 0) && (value[3] == 0)
|
|
|
0a8487 |
&& (value[4] == 0) && (value[5] == 5)
|
|
|
0a8487 |
&& internals->user->sub_authority[0] == 21) {
|
|
|
0a8487 |
__ntapi->tt_sid_copy(
|
|
|
0a8487 |
internals->admin,
|
|
|
0a8487 |
internals->user);
|
|
|
0a8487 |
|
|
|
0a8487 |
internals->admin->sub_authority[sacnt - 1] = 500;
|
|
|
0a8487 |
}
|
|
|
0a8487 |
|
|
|
dd89bb |
/* done */
|
|
|
dd89bb |
*pvtbl = &___ntapi_shadow;
|
|
|
dd89bb |
at_locked_inc(&__ntapi_init_idx);
|
|
|
dd89bb |
|
|
|
dd89bb |
return NT_STATUS_SUCCESS;
|
|
|
dd89bb |
}
|
|
|
dd89bb |
|
|
|
0fda85 |
static int32_t __ntapi_init_solib_fork_child_finalize(void)
|
|
|
0fda85 |
{
|
|
|
0fda85 |
int32_t status;
|
|
|
0fda85 |
int page;
|
|
|
0fda85 |
nt_rtdata * rtdata;
|
|
|
0fda85 |
nt_oa oa;
|
|
|
0fda85 |
ntapi_internals * __internals;
|
|
|
0fda85 |
|
|
|
0fda85 |
/* detect the rare scenario where libntapi.so is (indirectly) */
|
|
|
0fda85 |
/* used by a hosted process, in which case post-fork adjustments */
|
|
|
0fda85 |
/* to internal structures would take place in the copy of ntapi */
|
|
|
0fda85 |
/* that is statically linked into the system call layer */
|
|
|
0fda85 |
/* library, thereby requiring similar adjustmets to be made */
|
|
|
0fda85 |
/* once here as well. */
|
|
|
0fda85 |
|
|
|
0fda85 |
__internals = __ntapi_internals();
|
|
|
0fda85 |
|
|
|
40b1a9 |
if (!(rtdata = __internals->rtdata))
|
|
|
40b1a9 |
return NT_STATUS_SUCCESS;
|
|
|
40b1a9 |
|
|
|
40b1a9 |
else if (rtdata->cid_self.process_id == pe_get_current_process_id())
|
|
|
0fda85 |
return NT_STATUS_SUCCESS;
|
|
|
0fda85 |
|
|
|
0fda85 |
rtdata->cid_parent.process_id = rtdata->cid_self.process_id;
|
|
|
0fda85 |
rtdata->cid_parent.thread_id = rtdata->cid_self.thread_id;
|
|
|
0fda85 |
|
|
|
0fda85 |
rtdata->cid_self.process_id = pe_get_current_process_id();
|
|
|
0fda85 |
rtdata->cid_self.thread_id = pe_get_current_thread_id();
|
|
|
0fda85 |
|
|
|
0fda85 |
if (rtdata->hparent)
|
|
|
0fda85 |
__ntapi->zw_close(rtdata->hparent);
|
|
|
0fda85 |
|
|
|
0fda85 |
oa.len = sizeof(oa);
|
|
|
0fda85 |
oa.root_dir = 0;
|
|
|
0fda85 |
oa.obj_name = 0;
|
|
|
0fda85 |
oa.obj_attr = 0;
|
|
|
0fda85 |
oa.sec_desc = &__internals->seq_desc;
|
|
|
0fda85 |
oa.sec_qos = &__internals->seq_qos;
|
|
|
0fda85 |
|
|
|
0fda85 |
status = __ntapi->zw_open_process(
|
|
|
0fda85 |
&__internals->hprocess,
|
|
|
0fda85 |
NT_PROCESS_ALL_ACCESS,
|
|
|
0fda85 |
&oa,&rtdata->cid_self);
|
|
|
0fda85 |
|
|
|
0fda85 |
rtdata->hparent = rtdata->hself;
|
|
|
0fda85 |
rtdata->hself = __internals->hprocess;
|
|
|
0fda85 |
|
|
|
0fda85 |
if ((status = dalist_init_ex(
|
|
|
0fda85 |
&__internals->ipc_conns,
|
|
|
0fda85 |
sizeof(nt_ipc_conn),
|
|
|
0fda85 |
NT_ALLOCATION_GRANULARITY,
|
|
|
3841d3 |
__ipc_memfn,
|
|
|
0fda85 |
DALIST_MEMFN_CUSTOM)))
|
|
|
0fda85 |
return status;
|
|
|
0fda85 |
|
|
|
0fda85 |
dalist_deposit_memory_block(
|
|
|
0fda85 |
&__internals->ipc_conns,
|
|
|
0fda85 |
__internals->ntapi_img_sec_bss->ipc_buffer,
|
|
|
0fda85 |
__NT_BSS_IPC_BUFFER_SIZE);
|
|
|
0fda85 |
|
|
|
0fda85 |
for (page=0; page<__internals->ipc_page; page++)
|
|
|
0fda85 |
dalist_deposit_memory_block(
|
|
|
0fda85 |
&__internals->ipc_conns,
|
|
|
0fda85 |
__internals->ipc_pages[page],
|
|
|
0fda85 |
NT_ALLOCATION_GRANULARITY);
|
|
|
0fda85 |
|
|
|
0fda85 |
rtdata->hsemctl = 0;
|
|
|
0fda85 |
rtdata->hsempid = 0;
|
|
|
0fda85 |
|
|
|
0fda85 |
rtdata->hmsqctl = 0;
|
|
|
0fda85 |
rtdata->hmsqpid = 0;
|
|
|
0fda85 |
|
|
|
0fda85 |
rtdata->haflctl = 0;
|
|
|
0fda85 |
rtdata->haflpid = 0;
|
|
|
0fda85 |
|
|
|
0fda85 |
rtdata->ipc_keys[0] = 0;
|
|
|
0fda85 |
rtdata->ipc_keys[1] = 0;
|
|
|
0fda85 |
rtdata->ipc_keys[2] = 0;
|
|
|
0fda85 |
rtdata->ipc_keys[3] = 0;
|
|
|
0fda85 |
rtdata->ipc_keys[4] = 0;
|
|
|
0fda85 |
rtdata->ipc_keys[5] = 0;
|
|
|
0fda85 |
|
|
|
0fda85 |
return 0;
|
|
|
0fda85 |
}
|
|
|
dd89bb |
|
|
|
dd89bb |
static int32_t __fastcall __ntapi_init_pending(ntapi_vtbl ** pvtbl)
|
|
|
dd89bb |
{
|
|
|
c713d8 |
(void)pvtbl;
|
|
|
dd89bb |
return NT_STATUS_PENDING;
|
|
|
dd89bb |
}
|
|
|
dd89bb |
|
|
|
dd89bb |
static int32_t __fastcall __ntapi_init_completed(ntapi_vtbl ** pvtbl)
|
|
|
dd89bb |
{
|
|
|
208f43 |
*pvtbl = &___ntapi_shadow;
|
|
|
0fda85 |
return __ntapi_init_solib_fork_child_finalize();
|
|
|
4b5ad5 |
}
|
|
|
dd89bb |
|
|
|
dd89bb |
|
|
|
dd89bb |
__ntapi_api
|
|
|
dd89bb |
int32_t __fastcall ntapi_init(ntapi_vtbl ** pvtbl)
|
|
|
dd89bb |
{
|
|
|
dd89bb |
return __ntapi_init_vtbl[__ntapi_init_idx](pvtbl);
|
|
|
dd89bb |
}
|
|
|
dd89bb |
|
|
|
dd89bb |
|
|
|
dd89bb |
ntapi_internals * __cdecl __ntapi_internals(void)
|
|
|
dd89bb |
{
|
|
|
dd89bb |
return internals;
|
|
|
dd89bb |
}
|