Blame src/internal/ntapi.c

dd89bb
/********************************************************/
dd89bb
/*  ntapi: Native API core library                      */
64e606
/*  Copyright (C) 2013--2021  SysDeer Technologies, LLC */
dd89bb
/*  Released under GPLv2 and GPLv3; see COPYING.NTAPI.  */
dd89bb
/********************************************************/
dd89bb
dd89bb
#include <psxtypes/psxtypes.h>
dd89bb
#include <pemagine/pemagine.h>
dd89bb
dd89bb
#include <ntapi/nt_status.h>
dd89bb
#include <ntapi/nt_crc32.h>
265305
#include <ntapi/nt_crc64.h>
dd89bb
#include <ntapi/nt_object.h>
dd89bb
#include <ntapi/nt_sysinfo.h>
dd89bb
#include <ntapi/nt_memory.h>
dd89bb
#include <ntapi/nt_section.h>
dd89bb
#include <ntapi/nt_thread.h>
dd89bb
#include <ntapi/nt_process.h>
dd89bb
#include <ntapi/nt_job.h>
dd89bb
#include <ntapi/nt_token.h>
dd89bb
#include <ntapi/nt_sync.h>
dd89bb
#include <ntapi/nt_time.h>
dd89bb
#include <ntapi/nt_profiling.h>
dd89bb
#include <ntapi/nt_port.h>
dd89bb
#include <ntapi/nt_device.h>
dd89bb
#include <ntapi/nt_file.h>
dd89bb
#include <ntapi/nt_registry.h>
dd89bb
#include <ntapi/nt_security.h>
dd89bb
#include <ntapi/nt_pnp.h>
dd89bb
#include <ntapi/nt_exception.h>
dd89bb
#include <ntapi/nt_locale.h>
dd89bb
#include <ntapi/nt_uuid.h>
dd89bb
#include <ntapi/nt_atom.h>
dd89bb
#include <ntapi/nt_os.h>
dd89bb
#include <ntapi/nt_ldr.h>
dd89bb
#include <ntapi/nt_string.h>
dd89bb
#include <ntapi/nt_guid.h>
dd89bb
#include <ntapi/nt_argv.h>
dd89bb
#include <ntapi/nt_blitter.h>
dd89bb
#include <ntapi/nt_unicode.h>
dd89bb
#include <ntapi/nt_socket.h>
dd89bb
#include <ntapi/nt_mount.h>
dd89bb
#include <ntapi/nt_istat.h>
dd89bb
#include <ntapi/nt_stat.h>
dd89bb
#include <ntapi/nt_statfs.h>
dd89bb
#include <ntapi/nt_daemon.h>
dd89bb
#include <ntapi/nt_tty.h>
6a4793
#include <ntapi/nt_afl.h>
dd89bb
#include <ntapi/nt_hash.h>
a7ffe3
#include <ntapi/nt_log.h>
dd89bb
#include <ntapi/nt_atomic.h>
dd89bb
#include <ntapi/ntapi.h>
dd89bb
dd89bb
#include "ntapi_impl.h"
dd89bb
#include "ntapi_hash_table.h"
dd89bb
dd89bb
/* simplified once mechanism for free-standing applications */
dd89bb
typedef int32_t __fastcall __ntapi_init_fn(ntapi_vtbl ** pvtbl);
dd89bb
dd89bb
static __ntapi_init_fn __ntapi_init_once;
dd89bb
static __ntapi_init_fn __ntapi_init_pending;
dd89bb
static __ntapi_init_fn __ntapi_init_completed;
dd89bb
dd89bb
static intptr_t		 __ntapi_init_idx = 0;
dd89bb
static __ntapi_init_fn * __ntapi_init_vtbl[3] = {
dd89bb
	__ntapi_init_once,
dd89bb
	__ntapi_init_pending,
dd89bb
	__ntapi_init_completed};
dd89bb
dd89bb
/* accessor */
1219be
ntapi_vtbl ___ntapi;
1219be
ntapi_vtbl ___ntapi_shadow;
dd89bb
dd89bb
/* .bss */
dd89bb
static __ntapi_img_sec_bss __ntapi_img_bss;
dd89bb
dd89bb
/* .rdata */
dd89bb
static union __ntapi_img_rdata __ntapi_rdata = {{
dd89bb
		{__NTAPI_HASH_TABLE},		/* __ntapi_import_table */
dd89bb
		0,				/* __ntapi */
1219be
		{				/* __session_name */
1219be
			{0},0,{0},
1219be
			{0,{0},0},
1219be
			{{0},0,{0},0,{0},0,{0},0,{0},0,{0}},
1219be
			0},
1219be
		0}};
dd89bb
dd89bb
#define internals	__ntapi_rdata.img_sec_data.__internals
dd89bb
#define import_table	__ntapi_rdata.img_sec_data.__ntapi_import_table
dd89bb
dd89bb
3841d3
static int __ipc_memfn(
3841d3
	struct dalist_ex *	dlist,
3841d3
	void **			addr,
3841d3
	size_t *		alloc_size)
3841d3
{
3841d3
	(void)dlist;
3841d3
	(void)addr;
3841d3
	(void)alloc_size;
3841d3
3841d3
	return DALIST_EMEMFN;
3841d3
}
3841d3
6949e6
static void __ntapi_init_adjust_privileges(void)
6949e6
{
6949e6
	uintptr_t		buffer[64];
6949e6
	nt_token_privileges *	tokprivs;
6949e6
6949e6
	/* token privileges */
6949e6
	tokprivs = (nt_token_privileges *)buffer;
c2109a
	tokprivs->privilege_count = 6;
6949e6
6949e6
	tokprivs->privileges[0].attributes = NT_SE_ENABLE_PRIVILEGE;
6949e6
	tokprivs->privileges[0].luid.low   = NT_SE_CREATE_SYMBOLIC_LINK_PRIVILEGE;
6949e6
	tokprivs->privileges[0].luid.high  = 0;
6949e6
6949e6
	tokprivs->privileges[1].attributes = NT_SE_ENABLE_PRIVILEGE;
6949e6
	tokprivs->privileges[1].luid.low   = NT_SE_TAKE_OWNERSHIP_PRIVILEGE;
6949e6
	tokprivs->privileges[1].luid.high  = 0;
6949e6
6949e6
	tokprivs->privileges[2].attributes = NT_SE_ENABLE_PRIVILEGE;
6949e6
	tokprivs->privileges[2].luid.low   = NT_SE_BACKUP_PRIVILEGE;
6949e6
	tokprivs->privileges[2].luid.high  = 0;
6949e6
6949e6
	tokprivs->privileges[3].attributes = NT_SE_ENABLE_PRIVILEGE;
6949e6
	tokprivs->privileges[3].luid.low   = NT_SE_RESTORE_PRIVILEGE;
6949e6
	tokprivs->privileges[3].luid.high  = 0;
6949e6
c2109a
	tokprivs->privileges[4].attributes = NT_SE_ENABLE_PRIVILEGE;
c2109a
	tokprivs->privileges[4].luid.low   = NT_SE_AUDIT_PRIVILEGE;
c2109a
	tokprivs->privileges[4].luid.high  = 0;
c2109a
c2109a
	tokprivs->privileges[5].attributes = NT_SE_ENABLE_PRIVILEGE;
c2109a
	tokprivs->privileges[5].luid.low   = NT_SE_DEBUG_PRIVILEGE;
c2109a
	tokprivs->privileges[5].luid.high  = 0;
c2109a
6949e6
	/* (attempt to) set any or all */
6949e6
	__ntapi->zw_adjust_privileges_token(
6949e6
		internals->htoken,0,tokprivs,
6949e6
		0,0,0);
6949e6
}
6949e6
6949e6
dd89bb
static int32_t __fastcall __ntapi_init_once(ntapi_vtbl ** pvtbl)
dd89bb
{
dd89bb
	int32_t					status;
dd89bb
	void * 					hntdll;
dd89bb
	size_t					block_size;
99ec4d
	size_t					buf[64];
0a8487
	unsigned char *				value;
0a8487
	uint16_t				sacnt;
80b89c
	nt_oa					oa;
80b89c
	nt_cid					cid;
dd89bb
	ntapi_zw_allocate_virtual_memory *	pfn_zw_allocate_virtual_memory;
fc3ec7
	char					fname_allocate_virtual_memory[] =
fc3ec7
							"ZwAllocateVirtualMemory";
dd89bb
	/* once */
dd89bb
	at_locked_inc(&__ntapi_init_idx);
dd89bb
dd89bb
	/* pvtbl */
dd89bb
	if (!(pvtbl))
dd89bb
		return NT_STATUS_INVALID_PARAMETER;
dd89bb
	else
dd89bb
		*pvtbl = (ntapi_vtbl *)0;
dd89bb
dd89bb
	/* ntdll */
dd89bb
	if (!(hntdll = pe_get_ntdll_module_handle()))
dd89bb
		return NT_STATUS_DLL_INIT_FAILED;
dd89bb
dd89bb
	pfn_zw_allocate_virtual_memory	= (ntapi_zw_allocate_virtual_memory *)
dd89bb
		pe_get_procedure_address(
dd89bb
			hntdll,
dd89bb
			fname_allocate_virtual_memory);
dd89bb
dd89bb
	if (!pfn_zw_allocate_virtual_memory)
dd89bb
		return NT_STATUS_DLL_INIT_FAILED;
dd89bb
dd89bb
	/* ntapi_internals: alloc */
dd89bb
	block_size = sizeof(ntapi_internals);
dd89bb
	status = pfn_zw_allocate_virtual_memory(
dd89bb
		NT_CURRENT_PROCESS_HANDLE,
dd89bb
		(void **)&internals,
dd89bb
		0,
dd89bb
		&block_size,
dd89bb
		NT_MEM_COMMIT,
dd89bb
		NT_PAGE_READWRITE);
dd89bb
dd89bb
	if (status != NT_STATUS_SUCCESS)
dd89bb
		return status;
dd89bb
30d28d
	/* ipc connection list */
30d28d
	if ((status = dalist_init_ex(
30d28d
			&internals->ipc_conns,
30d28d
			sizeof(nt_ipc_conn),
30d28d
			NT_ALLOCATION_GRANULARITY,
3841d3
			__ipc_memfn,
30d28d
			DALIST_MEMFN_CUSTOM)))
30d28d
		return status;
30d28d
30d28d
	dalist_deposit_memory_block(
30d28d
		&internals->ipc_conns,
30d28d
		&__ntapi_img_bss.ipc_buffer,
30d28d
		__NT_BSS_IPC_BUFFER_SIZE);
30d28d
dd89bb
	/* hashed import table */
dd89bb
	__ntapi_tt_populate_hashed_import_table(
dd89bb
		pe_get_ntdll_module_handle(),
dd89bb
		__ntapi,
dd89bb
		import_table,
dd89bb
		__NT_IMPORTED_SYMBOLS_ARRAY_SIZE);
dd89bb
dd89bb
	/* alternate implementation */
dd89bb
	__ntapi->rtl_init_unicode_string 			= __ntapi_tt_init_unicode_string_from_utf16;
47cc6e
	__ntapi->strlen						= __ntapi_tt_string_null_offset_multibyte;
47cc6e
	__ntapi->wcslen						= __ntapi_tt_wcslen;
dd89bb
dd89bb
	/* extension functions */
dd89bb
	/* nt_object.h */
661c27
	__ntapi->tt_open_ipc_object_directory			= __ntapi_tt_open_ipc_object_directory;
661c27
	__ntapi->tt_create_ipc_object_directory_entry		= __ntapi_tt_create_ipc_object_directory_entry;
6729c8
	__ntapi->tt_open_dev_object_directory			= __ntapi_tt_open_dev_object_directory;
6729c8
	__ntapi->tt_create_dev_object_directory_entry		= __ntapi_tt_create_dev_object_directory_entry;
dd89bb
	__ntapi->tt_create_keyed_object_directory		= __ntapi_tt_create_keyed_object_directory;
dd89bb
	__ntapi->tt_open_keyed_object_directory			= __ntapi_tt_open_keyed_object_directory;
dd89bb
	__ntapi->tt_create_keyed_object_directory_entry		= __ntapi_tt_create_keyed_object_directory_entry;
8ca63f
	__ntapi->tt_keyed_object_to_key				= __ntapi_tt_keyed_object_to_key;
e7235f
	__ntapi->tt_sid_copy					= __ntapi_tt_sid_copy;
227c15
	__ntapi->tt_sid_compare					= __ntapi_tt_sid_compare;
dd89bb
dd89bb
	/* nt_crc32.h */
dd89bb
	__ntapi->tt_buffer_crc32 				= __ntapi_tt_buffer_crc32;
dd89bb
	__ntapi->tt_mbstr_crc32					= __ntapi_tt_mbstr_crc32;
dd89bb
	__ntapi->tt_crc32_table					= __ntapi_tt_crc32_table;
dd89bb
265305
	/* nt_crc64.h */
265305
	__ntapi->tt_buffer_crc64 				= __ntapi_tt_buffer_crc64;
265305
	__ntapi->tt_mbstr_crc64					= __ntapi_tt_mbstr_crc64;
265305
	__ntapi->tt_crc64_table					= __ntapi_tt_crc64_table;
265305
dd89bb
	/* nt_file.h */
fc3ec7
	__ntapi->tt_get_file_handle_type			= __ntapi_tt_get_file_handle_type;
dd89bb
	__ntapi->tt_open_logical_parent_directory		= __ntapi_tt_open_logical_parent_directory;
dd89bb
	__ntapi->tt_open_physical_parent_directory		= __ntapi_tt_open_physical_parent_directory;
0e25b0
	__ntapi->tt_open_volume_by_guid				= __ntapi_tt_open_volume_by_guid;
dd89bb
30d28d
	/* nt_ipc.h */
30d28d
	__ntapi->ipc_connect_by_attr				= __ntapi_ipc_connect_by_attr;
30d28d
	__ntapi->ipc_connect_by_name				= __ntapi_ipc_connect_by_name;
30d28d
	__ntapi->ipc_connect_by_symlink				= __ntapi_ipc_connect_by_symlink;
30d28d
	__ntapi->ipc_connect_by_port				= __ntapi_ipc_connect_by_port;
1b6aec
	__ntapi->ipc_connect_section_by_attr			= __ntapi_ipc_connect_section_by_attr;
1b6aec
	__ntapi->ipc_connect_section_by_name			= __ntapi_ipc_connect_section_by_name;
1b6aec
	__ntapi->ipc_connect_section_by_symlink			= __ntapi_ipc_connect_section_by_symlink;
1b6aec
	__ntapi->ipc_connect_section_by_port			= __ntapi_ipc_connect_section_by_port;
edb085
	__ntapi->ipc_get_port_by_attr				= __ntapi_ipc_get_port_by_attr;
edb085
	__ntapi->ipc_get_port_section_by_attr			= __ntapi_ipc_get_port_section_by_attr;
1b6aec
	__ntapi->ipc_init_section_by_port			= __ntapi_ipc_init_section_by_port;
1b6aec
	__ntapi->ipc_disconnect_unmap_section_by_port		= __ntapi_ipc_disconnect_unmap_section_by_port;
30d28d
9faf9a
	/* nt_sem.h */
9faf9a
	__ntapi->sem_create					= __ntapi_sem_create;
9faf9a
	__ntapi->sem_open					= __ntapi_sem_open;
9faf9a
	__ntapi->sem_fcntl					= __ntapi_sem_fcntl;
9faf9a
	__ntapi->sem_ioctl					= __ntapi_sem_ioctl;
9faf9a
	__ntapi->sem_query					= __ntapi_sem_query;
9faf9a
	__ntapi->sem_set					= __ntapi_sem_set;
9faf9a
	__ntapi->sem_cancel					= __ntapi_sem_cancel;
9faf9a
	__ntapi->sem_free					= __ntapi_sem_free;
9faf9a
47f21a
	/* nt_msq.h */
47f21a
	__ntapi->msq_create					= __ntapi_msq_create;
47f21a
	__ntapi->msq_open					= __ntapi_msq_open;
47f21a
	__ntapi->msq_send					= __ntapi_msq_send;
47f21a
	__ntapi->msq_recv					= __ntapi_msq_recv;
47f21a
	__ntapi->msq_fcntl					= __ntapi_msq_fcntl;
47f21a
	__ntapi->msq_ioctl					= __ntapi_msq_ioctl;
47f21a
	__ntapi->msq_query					= __ntapi_msq_query;
47f21a
	__ntapi->msq_set					= __ntapi_msq_set;
47f21a
	__ntapi->msq_cancel					= __ntapi_msq_cancel;
47f21a
	__ntapi->msq_free					= __ntapi_msq_free;
47f21a
6a4793
	/* nt_afl.h */
6a4793
	__ntapi->afl_create					= __ntapi_afl_create;
6a4793
	__ntapi->afl_open					= __ntapi_afl_open;
6a4793
	__ntapi->afl_fcntl					= __ntapi_afl_fcntl;
6a4793
	__ntapi->afl_ioctl					= __ntapi_afl_ioctl;
6a4793
	__ntapi->afl_query					= __ntapi_afl_query;
6a4793
	__ntapi->afl_set					= __ntapi_afl_set;
6a4793
	__ntapi->afl_cancel					= __ntapi_afl_cancel;
6a4793
	__ntapi->afl_free					= __ntapi_afl_free;
6a4793
dd89bb
	/* nt_ldr.h */
dd89bb
	__ntapi->ldr_load_system_dll				= __ntapi_ldr_load_system_dll;
dd89bb
	__ntapi->ldr_create_state_snapshot			= __ntapi_ldr_create_state_snapshot;
dd89bb
	__ntapi->ldr_revert_state_to_snapshot			= __ntapi_ldr_revert_state_to_snapshot;
dd89bb
dd89bb
	/* nt_string.h */
dd89bb
	__ntapi->tt_string_null_offset_multibyte 		= __ntapi_tt_string_null_offset_multibyte;
dd89bb
	__ntapi->tt_string_null_offset_short			= __ntapi_tt_string_null_offset_short;
dd89bb
	__ntapi->tt_string_null_offset_dword			= __ntapi_tt_string_null_offset_dword;
dd89bb
	__ntapi->tt_string_null_offset_qword			= __ntapi_tt_string_null_offset_qword;
dd89bb
	__ntapi->tt_string_null_offset_ptrsize			= __ntapi_tt_string_null_offset_ptrsize;
c30ed7
	__ntapi->tt_strcmp_multibyte				= __ntapi_tt_strcmp_multibyte;
060ead
	__ntapi->tt_strcmp_utf16				= __ntapi_tt_strcmp_utf16;
964eed
	__ntapi->tt_strncmp_multibyte				= __ntapi_tt_strncmp_multibyte;
a2ea1b
	__ntapi->tt_strncmp_utf16				= __ntapi_tt_strncmp_utf16;
dd89bb
	__ntapi->tt_aligned_block_memset 			= __ntapi_tt_aligned_block_memset;
dd89bb
	__ntapi->tt_aligned_block_memcpy 			= __ntapi_tt_aligned_block_memcpy;
e29bce
	__ntapi->tt_aligned_block_memlock 			= __ntapi_tt_aligned_block_memlock;
dd89bb
	__ntapi->tt_memcpy_utf16 				= __ntapi_tt_memcpy_utf16;
dd89bb
	__ntapi->tt_aligned_memcpy_utf16 			= __ntapi_tt_aligned_memcpy_utf16;
dd89bb
	__ntapi->tt_generic_memset				= __ntapi_tt_generic_memset;
dd89bb
	__ntapi->tt_generic_memcpy 				= __ntapi_tt_generic_memcpy;
dd89bb
	__ntapi->tt_uint16_to_hex_utf16				= __ntapi_tt_uint16_to_hex_utf16;
dd89bb
	__ntapi->tt_uint32_to_hex_utf16				= __ntapi_tt_uint32_to_hex_utf16;
dd89bb
	__ntapi->tt_uint64_to_hex_utf16				= __ntapi_tt_uint64_to_hex_utf16;
dd89bb
	__ntapi->tt_uintptr_to_hex_utf16 			= __ntapi_tt_uintptr_to_hex_utf16;
a41388
dd89bb
	__ntapi->tt_hex_utf16_to_uint16				= __ntapi_tt_hex_utf16_to_uint16;
dd89bb
	__ntapi->tt_hex_utf16_to_uint32				= __ntapi_tt_hex_utf16_to_uint32;
dd89bb
	__ntapi->tt_hex_utf16_to_uint64				= __ntapi_tt_hex_utf16_to_uint64;
dd89bb
	__ntapi->tt_hex_utf16_to_uintptr 			= __ntapi_tt_hex_utf16_to_uintptr;
a41388
a41388
	__ntapi->tt_hex_utf8_to_uint16				= __ntapi_tt_hex_utf8_to_uint16;
a41388
	__ntapi->tt_hex_utf8_to_uint32				= __ntapi_tt_hex_utf8_to_uint32;
a41388
	__ntapi->tt_hex_utf8_to_uint64				= __ntapi_tt_hex_utf8_to_uint64;
a41388
	__ntapi->tt_hex_utf8_to_uintptr 			= __ntapi_tt_hex_utf8_to_uintptr;
a41388
dd89bb
	__ntapi->tt_init_unicode_string_from_utf16 		= __ntapi_tt_init_unicode_string_from_utf16;
dd89bb
	__ntapi->tt_uint16_to_hex_utf8				= __ntapi_tt_uint16_to_hex_utf8;
dd89bb
	__ntapi->tt_uint32_to_hex_utf8				= __ntapi_tt_uint32_to_hex_utf8;
dd89bb
	__ntapi->tt_uint64_to_hex_utf8				= __ntapi_tt_uint64_to_hex_utf8;
dd89bb
	__ntapi->tt_uintptr_to_hex_utf8				= __ntapi_tt_uintptr_to_hex_utf8;
aac1ec
	__ntapi->tt_uintptr_to_dec_utf16			= __ntapi_tt_uintptr_to_dec_utf16;
aac1ec
	__ntapi->tt_uintptr_to_dec_utf8				= __ntapi_tt_uintptr_to_dec_utf8;
aac1ec
	__ntapi->tt_uintptr_to_dec_null_utf16			= __ntapi_tt_uintptr_to_dec_null_utf16;
aac1ec
	__ntapi->tt_uintptr_to_dec_null_utf8			= __ntapi_tt_uintptr_to_dec_null_utf8;
23d954
	__ntapi->tt_dec_utf16_to_uint16				= __ntapi_tt_dec_utf16_to_uint16;
23d954
	__ntapi->tt_dec_utf16_to_uint32				= __ntapi_tt_dec_utf16_to_uint32;
23d954
	__ntapi->tt_dec_utf16_to_uint64				= __ntapi_tt_dec_utf16_to_uint64;
23d954
	__ntapi->tt_dec_utf16_to_uintptr			= __ntapi_tt_dec_utf16_to_uintptr;
dd89bb
dd89bb
	/* nt_guid.h */
dd89bb
	__ntapi->tt_guid_copy 					= __ntapi_tt_guid_copy;
dd89bb
	__ntapi->tt_guid_compare 				= __ntapi_tt_guid_compare;
701eb2
	__ntapi->tt_guid_to_string_utf16 			= __ntapi_tt_guid_to_string_utf16;
701eb2
	__ntapi->tt_string_to_guid_utf16 			= __ntapi_tt_string_to_guid_utf16;
fea48d
	__ntapi->tt_guid_to_string_utf8				= __ntapi_tt_guid_to_string_utf8;
5d7f04
	__ntapi->tt_string_to_guid_utf8 			= __ntapi_tt_string_to_guid_utf8;
dd89bb
dd89bb
	/* nt_sysinfo.h */
dd89bb
	__ntapi->tt_get_system_directory_native_path 		= __ntapi_tt_get_system_directory_native_path;
dd89bb
	__ntapi->tt_get_system_directory_dos_path 		= __ntapi_tt_get_system_directory_dos_path;
dd89bb
	__ntapi->tt_get_system_directory_handle			= __ntapi_tt_get_system_directory_handle;
dd89bb
	__ntapi->tt_get_system_info_snapshot  			= __ntapi_tt_get_system_info_snapshot;
dd89bb
dd89bb
	/* nt_thread.h */
dd89bb
	__ntapi->tt_create_local_thread				= __ntapi_tt_create_local_thread;
dd89bb
	__ntapi->tt_create_remote_thread 			= __ntapi_tt_create_remote_thread;
dd89bb
	__ntapi->tt_create_thread 				= __ntapi_tt_create_thread;
dd89bb
dd89bb
	/* nt_process.h */
268ef4
	__ntapi->tt_fork					= __ntapi_tt_fork;
dd89bb
	__ntapi->tt_create_remote_process_params 		= __ntapi_tt_create_remote_process_params;
c164ff
	__ntapi->tt_spawn_native_process			= __ntapi_tt_spawn_native_process;
d326cc
	__ntapi->tt_spawn_foreign_process			= __ntapi_tt_spawn_foreign_process;
dd89bb
	__ntapi->tt_get_runtime_data 				= __ntapi_tt_get_runtime_data;
dd89bb
	__ntapi->tt_init_runtime_data				= __ntapi_tt_init_runtime_data;
dd89bb
	__ntapi->tt_update_runtime_data				= __ntapi_tt_update_runtime_data;
dd89bb
	__ntapi->tt_exec_map_image_as_data			= __ntapi_tt_exec_map_image_as_data;
dd89bb
	__ntapi->tt_exec_unmap_image				= __ntapi_tt_exec_unmap_image;
dd89bb
5f1999
	/* nt_token.h */
5f1999
	__ntapi->tt_enable_token_privilege			= __ntapi_tt_enable_token_privilege;
5f1999
	__ntapi->tt_disable_token_privilege			= __ntapi_tt_disable_token_privilege;
5f1999
dd89bb
	/* nt_section.h */
dd89bb
	__ntapi->tt_get_section_name 				= __ntapi_tt_get_section_name;
dd89bb
dd89bb
	/* nt_sync.h */
dd89bb
	__ntapi->tt_create_inheritable_event 			= __ntapi_tt_create_inheritable_event;
dd89bb
	__ntapi->tt_create_private_event 			= __ntapi_tt_create_private_event;
dd89bb
	__ntapi->tt_wait_for_dummy_event 			= __ntapi_tt_wait_for_dummy_event;
dd89bb
dd89bb
	/* nt_port.h */
dd89bb
	__ntapi->csr_port_handle 				= __ntapi_csr_port_handle;
dd89bb
	__ntapi->tt_port_guid_from_type				= __ntapi_tt_port_guid_from_type;
dd89bb
	__ntapi->tt_port_type_from_guid				= __ntapi_tt_port_type_from_guid;
94b7f5
	__ntapi->tt_port_prefix_from_type			= __ntapi_tt_port_prefix_from_type;
dd89bb
	__ntapi->tt_port_generate_keys 				= __ntapi_tt_port_generate_keys;
dd89bb
	__ntapi->tt_port_format_keys 				= __ntapi_tt_port_format_keys;
6d5726
	__ntapi->tt_port_name_from_attr 			= __ntapi_tt_port_name_from_attr;
d9d178
	__ntapi->tt_port_attr_from_name 			= __ntapi_tt_port_attr_from_name;
d9d178
	__ntapi->tt_port_attr_from_string 			= __ntapi_tt_port_attr_from_string;
d9d178
	__ntapi->tt_port_attr_from_symlink 			= __ntapi_tt_port_attr_from_symlink;
dd89bb
dd89bb
	/* nt_argv.h */
dd89bb
	__ntapi->tt_get_cmd_line_utf16 				= __ntapi_tt_get_cmd_line_utf16;
dd89bb
	__ntapi->tt_get_peb_env_block_utf16 			= __ntapi_tt_get_peb_env_block_utf16;
dd89bb
	__ntapi->tt_parse_cmd_line_args_utf16 			= __ntapi_tt_parse_cmd_line_args_utf16;
dd89bb
	__ntapi->tt_get_argv_envp_utf8 				= __ntapi_tt_get_argv_envp_utf8;
dd89bb
	__ntapi->tt_get_argv_envp_utf16				= __ntapi_tt_get_argv_envp_utf16;
a40312
	__ntapi->tt_get_env_var_meta_utf8 			= __ntapi_tt_get_env_var_meta_utf8;
dd89bb
	__ntapi->tt_get_env_var_meta_utf16 			= __ntapi_tt_get_env_var_meta_utf16;
dd89bb
	__ntapi->tt_array_copy_utf16				= __ntapi_tt_array_copy_utf16;
dd89bb
	__ntapi->tt_array_copy_utf8				= __ntapi_tt_array_copy_utf8;
dd89bb
	__ntapi->tt_array_convert_utf8_to_utf16			= __ntapi_tt_array_convert_utf8_to_utf16;
dd89bb
	__ntapi->tt_array_convert_utf16_to_utf8			= __ntapi_tt_array_convert_utf16_to_utf8;
dd89bb
dd89bb
	/* nt_blitter.h */
dd89bb
	__ntapi->blt_alloc					= __ntapi_blt_alloc;
dd89bb
	__ntapi->blt_free					= __ntapi_blt_free;
dd89bb
	__ntapi->blt_acquire					= __ntapi_blt_acquire;
dd89bb
	__ntapi->blt_obtain					= __ntapi_blt_obtain;
dd89bb
	__ntapi->blt_possess					= __ntapi_blt_possess;
dd89bb
	__ntapi->blt_release					= __ntapi_blt_release;
dd89bb
	__ntapi->blt_get 					= __ntapi_blt_get;
dd89bb
	__ntapi->blt_set 					= __ntapi_blt_set;
dd89bb
dd89bb
	/* nt_unicode.h */
dd89bb
	__ntapi->uc_validate_unicode_stream_utf8 		= __ntapi_uc_validate_unicode_stream_utf8;
dd89bb
	__ntapi->uc_validate_unicode_stream_utf16 		= __ntapi_uc_validate_unicode_stream_utf16;
dd89bb
	__ntapi->uc_get_code_point_byte_count_utf8		= __ntapi_uc_get_code_point_byte_count_utf8;
dd89bb
	__ntapi->uc_get_code_point_byte_count_utf16		= __ntapi_uc_get_code_point_byte_count_utf16;
dd89bb
	__ntapi->uc_convert_unicode_stream_utf8_to_utf16 	= __ntapi_uc_convert_unicode_stream_utf8_to_utf16;
dd89bb
	__ntapi->uc_convert_unicode_stream_utf8_to_utf32 	= __ntapi_uc_convert_unicode_stream_utf8_to_utf32;
dd89bb
	__ntapi->uc_convert_unicode_stream_utf16_to_utf8 	= __ntapi_uc_convert_unicode_stream_utf16_to_utf8;
dd89bb
	__ntapi->uc_convert_unicode_stream_utf16_to_utf32 	= __ntapi_uc_convert_unicode_stream_utf16_to_utf32;
dd89bb
dd89bb
	/* nt_daemon.h */
dd89bb
	__ntapi->dsr_init					= __ntapi_dsr_init;
dd89bb
	__ntapi->dsr_create_port 				= __ntapi_dsr_create_port;
dd89bb
60ddd3
	/* nt_acl.h */
60ddd3
	__ntapi->acl_init_common_descriptor			= __ntapi_acl_init_common_descriptor;
32ec33
	__ntapi->acl_init_common_descriptor_meta			= __ntapi_acl_init_common_descriptor_meta;
60ddd3
dd89bb
	/* nt_vfd.h */
dd89bb
	__ntapi->vfd_dev_name_init				= __ntapi_vfd_dev_name_init;
dd89bb
dd89bb
	/* nt_tty.h */
dd89bb
	__ntapi->tty_create_session				= __ntapi_tty_create_session;
dd89bb
	__ntapi->tty_join_session				= __ntapi_tty_join_session;
dd89bb
	__ntapi->tty_connect					= __ntapi_tty_connect;
029ed1
	__ntapi->tty_client_session_disconnect			= __ntapi_tty_client_session_disconnect;
dd89bb
	__ntapi->tty_client_session_query			= __ntapi_tty_client_session_query;
dd89bb
	__ntapi->tty_client_session_set				= __ntapi_tty_client_session_set;
dd89bb
	__ntapi->tty_client_process_register			= __ntapi_tty_client_process_register;
1b6aec
	__ntapi->tty_query_information_section			= __ntapi_tty_query_information_section;
dd89bb
	__ntapi->tty_query_information_server			= __ntapi_tty_query_information_server;
a1e25a
	__ntapi->tty_query_information_service			= __ntapi_tty_query_information_service;
45dcc8
	__ntapi->tty_query_server_pts_slot_info			= __ntapi_tty_query_server_pts_slot_info;
dd89bb
	__ntapi->tty_request_peer				= __ntapi_tty_request_peer;
dd89bb
	__ntapi->pty_open					= __ntapi_pty_open;
47aaf2
	__ntapi->pty_open_pair					= __ntapi_pty_open_pair;
dd89bb
	__ntapi->pty_reopen					= __ntapi_pty_reopen;
efc01e
	__ntapi->pty_inherit 					= __ntapi_pty_inherit;
5ea20e
	__ntapi->pty_inherit_runtime_ctty 			= __ntapi_pty_inherit_runtime_ctty;
dd89bb
	__ntapi->pty_close					= __ntapi_pty_close;
dd89bb
	__ntapi->pty_read					= __ntapi_pty_read;
dd89bb
	__ntapi->pty_write					= __ntapi_pty_write;
dd89bb
	__ntapi->pty_ioctl					= __ntapi_pty_ioctl;
dd89bb
	__ntapi->pty_query					= __ntapi_pty_query;
e62c29
	__ntapi->pty_xquery					= __ntapi_pty_xquery;
fc3ec7
	__ntapi->pty_set					= __ntapi_pty_set;
dd89bb
	__ntapi->pty_cancel					= __ntapi_pty_cancel;
dd89bb
dd89bb
	/* nt_socket.h */
dd89bb
	__ntapi->sc_listen					= __ntapi_sc_listen;
dd89bb
	__ntapi->sc_accept					= __ntapi_sc_accept;
dd89bb
	__ntapi->sc_send 					= __ntapi_sc_send;
dd89bb
	__ntapi->sc_recv 					= __ntapi_sc_recv;
dd89bb
	__ntapi->sc_shutdown					= __ntapi_sc_shutdown;
dd89bb
	__ntapi->sc_server_duplicate_socket			= __ntapi_sc_server_duplicate_socket;
830346
	__ntapi->sc_setsockopt					= __ntapi_sc_setsockopt;
419228
	__ntapi->sc_getsockopt					= __ntapi_sc_getsockopt;
dd89bb
	__ntapi->sc_wait = __ntapi_sc_wait;
dd89bb
dd89bb
	/* nt_mount.h */
dd89bb
	__ntapi->tt_get_dos_drive_device_handle			= __ntapi_tt_get_dos_drive_device_handle;
dd89bb
	__ntapi->tt_get_dos_drive_root_handle			= __ntapi_tt_get_dos_drive_root_handle;
dd89bb
	__ntapi->tt_get_dos_drive_device_name			= __ntapi_tt_get_dos_drive_device_name;
dd89bb
	__ntapi->tt_get_dos_drive_mount_points			= __ntapi_tt_get_dos_drive_mount_points;
dd89bb
	__ntapi->tt_dev_mount_points_to_statfs			= __ntapi_tt_dev_mount_points_to_statfs;
dd89bb
	__ntapi->tt_get_dos_drive_letter_from_device		= __ntapi_tt_get_dos_drive_letter_from_device;
dd89bb
dd89bb
	/* nt_istat.h */
dd89bb
	__ntapi->tt_istat					= __ntapi_tt_istat;
dd89bb
dd89bb
	/* nt_stat.h */
dd89bb
	__ntapi->tt_stat 					= __ntapi_tt_stat;
dd89bb
dd89bb
	/* nt_statfs.h */
dd89bb
	__ntapi->tt_statfs					= __ntapi_tt_statfs;
dd89bb
a7ffe3
	/* nt_log.h */
a7ffe3
	__ntapi->log_write					= __ntapi_log_write;
a7ffe3
	__ntapi->log_fn_call					= __ntapi_log_fn_call;
a7ffe3
	__ntapi->log_msg 					= __ntapi_log_msg;
dd89bb
e20eeb
	/* nt_debug.h */
d4344e
	__ntapi->tt_debug_create_object				= __ntapi_tt_debug_create_object;
d4344e
	__ntapi->tt_debug_create_attach_object			= __ntapi_tt_debug_create_attach_object;
bf05bd
	__ntapi->tt_debug_execution_flow			= __ntapi_tt_debug_execution_flow;
2a7f67
	__ntapi->tt_debug_break_process				= __ntapi_tt_debug_break_process;
e20eeb
dd89bb
dd89bb
	/* OS version dependent functions */
dd89bb
	if (__ntapi->zw_create_user_process) {
dd89bb
		__ntapi->tt_create_native_process		= __ntapi_tt_create_native_process_v2;
dd89bb
		__ntapi->ipc_create_pipe 			= __ntapi_ipc_create_pipe_v2;
dd89bb
		__ntapi->sc_socket				= __ntapi_sc_socket_v2;
dd89bb
		__ntapi->sc_bind 				= __ntapi_sc_bind_v2;
dd89bb
		__ntapi->sc_connect				= __ntapi_sc_connect_v2;
dd89bb
		__ntapi->sc_server_accept_connection		= __ntapi_sc_server_accept_connection_v2;
dd89bb
		__ntapi->sc_getsockname				= __ntapi_sc_getsockname_v2;
5d8625
		__ntapi->sc_getpeername				= __ntapi_sc_getpeername_v2;
dd89bb
	} else {
dd89bb
		__ntapi->tt_create_native_process		= __ntapi_tt_create_native_process_v1;
dd89bb
		__ntapi->ipc_create_pipe 			= __ntapi_ipc_create_pipe_v1;
dd89bb
		__ntapi->sc_socket				= __ntapi_sc_socket_v1;
dd89bb
		__ntapi->sc_bind 				= __ntapi_sc_bind_v1;
dd89bb
		__ntapi->sc_connect				= __ntapi_sc_connect_v1;
dd89bb
		__ntapi->sc_server_accept_connection		= __ntapi_sc_server_accept_connection_v1;
dd89bb
		__ntapi->sc_getsockname				= __ntapi_sc_getsockname_v1;
5d8625
		__ntapi->sc_getpeername				= __ntapi_sc_getpeername_v1;
dd89bb
	}
dd89bb
dd89bb
	/* internals */
dd89bb
	internals->ntapi_img_sec_bss				= &__ntapi_img_bss;
dd89bb
	internals->subsystem					= &__ntapi_rdata.img_sec_data.__session_name;
dd89bb
dd89bb
	internals->tt_get_csr_port_handle_addr_by_logic		= __GET_CSR_PORT_HANDLE_BY_LOGIC;
dd89bb
	internals->csr_port_handle_addr				= __GET_CSR_PORT_HANDLE_BY_LOGIC();
dd89bb
dd89bb
	/* shadow copy for client libraries */
dd89bb
	__ntapi->tt_aligned_block_memcpy(
dd89bb
		(uintptr_t *)&___ntapi_shadow,
dd89bb
		(uintptr_t *)&___ntapi,
dd89bb
		sizeof(ntapi_vtbl));
dd89bb
80b89c
	/* process handle */
80b89c
	oa.len      = sizeof(oa);
80b89c
	oa.root_dir = 0;
80b89c
	oa.obj_name = 0;
80b89c
	oa.obj_attr = 0;
80b89c
	oa.sec_desc = 0;
80b89c
	oa.sec_qos  = 0;
80b89c
80b89c
	cid.process_id = pe_get_current_process_id();
80b89c
	cid.thread_id  = pe_get_current_thread_id();
80b89c
80b89c
	if ((status = __ntapi->zw_open_process(
80b89c
			&internals->hprocess,
80b89c
			NT_PROCESS_ALL_ACCESS,
80b89c
			&oa,&cid)))
80b89c
		return status;
80b89c
a3e9aa
	/* process token */
a3e9aa
	 if ((status = __ntapi->zw_open_process_token(
a3e9aa
			NT_CURRENT_PROCESS_HANDLE,
a3e9aa
			NT_TOKEN_ALL_ACCESS,
a3e9aa
			&internals->htoken)))
a3e9aa
		return status;
a3e9aa
6949e6
	__ntapi_init_adjust_privileges();
41ce6f
0a8487
	/* user */
99ec4d
	if ((status = __ntapi->zw_query_information_token(
99ec4d
			internals->htoken,
99ec4d
			NT_TOKEN_USER,
99ec4d
			buf,sizeof(buf),
99ec4d
			&block_size)))
99ec4d
		return status;
99ec4d
0a8487
	internals->user  = (nt_sid *)&internals->sid_buffer[0];
0a8487
	internals->admin = (nt_sid *)&internals->sid_buffer[1];
99ec4d
99ec4d
	__ntapi->tt_sid_copy(
0a8487
		internals->user,
99ec4d
		((nt_sid_and_attributes *)buf)->sid);
99ec4d
0a8487
	/* admin */
0a8487
	value = internals->user->identifier_authority.value;
0a8487
	sacnt = internals->user->sub_authority_count;
0a8487
0a8487
	if ((value[0] == 0) && (value[1] == 0)
0a8487
			&& (value[2] == 0) && (value[3] == 0)
0a8487
			&& (value[4] == 0) && (value[5] == 5)
0a8487
			&& internals->user->sub_authority[0] == 21) {
0a8487
		__ntapi->tt_sid_copy(
0a8487
			internals->admin,
0a8487
			internals->user);
0a8487
0a8487
		internals->admin->sub_authority[sacnt - 1] = 500;
0a8487
	}
0a8487
dd89bb
	/* done */
dd89bb
	*pvtbl	= &___ntapi_shadow;
dd89bb
	at_locked_inc(&__ntapi_init_idx);
dd89bb
dd89bb
	return NT_STATUS_SUCCESS;
dd89bb
}
dd89bb
0fda85
static int32_t __ntapi_init_solib_fork_child_finalize(void)
0fda85
{
0fda85
	int32_t			status;
0fda85
	int			page;
0fda85
	nt_rtdata *		rtdata;
0fda85
	nt_oa			oa;
0fda85
	ntapi_internals *	__internals;
0fda85
0fda85
	/* detect the rare scenario where libntapi.so is (indirectly)      */
0fda85
	/* used by a hosted process, in which case post-fork adjustments  */
0fda85
	/* to internal structures would take place in the copy of ntapi  */
0fda85
	/* that is statically linked into the system call layer         */
0fda85
	/* library, thereby requiring similar adjustmets to be made    */
0fda85
	/* once here as well.                                         */
0fda85
0fda85
	__internals = __ntapi_internals();
0fda85
40b1a9
	if (!(rtdata = __internals->rtdata))
40b1a9
		return NT_STATUS_SUCCESS;
40b1a9
40b1a9
	else if (rtdata->cid_self.process_id == pe_get_current_process_id())
0fda85
		return NT_STATUS_SUCCESS;
0fda85
0fda85
	rtdata->cid_parent.process_id = rtdata->cid_self.process_id;
0fda85
	rtdata->cid_parent.thread_id  = rtdata->cid_self.thread_id;
0fda85
0fda85
	rtdata->cid_self.process_id   = pe_get_current_process_id();
0fda85
	rtdata->cid_self.thread_id    = pe_get_current_thread_id();
0fda85
0fda85
	if (rtdata->hparent)
0fda85
		__ntapi->zw_close(rtdata->hparent);
0fda85
0fda85
	oa.len		= sizeof(oa);
0fda85
	oa.root_dir	= 0;
0fda85
	oa.obj_name	= 0;
0fda85
	oa.obj_attr	= 0;
0fda85
	oa.sec_desc	= &__internals->seq_desc;
0fda85
	oa.sec_qos	= &__internals->seq_qos;
0fda85
0fda85
	status = __ntapi->zw_open_process(
0fda85
		&__internals->hprocess,
0fda85
		NT_PROCESS_ALL_ACCESS,
0fda85
		&oa,&rtdata->cid_self);
0fda85
0fda85
	rtdata->hparent = rtdata->hself;
0fda85
	rtdata->hself   = __internals->hprocess;
0fda85
0fda85
	if ((status = dalist_init_ex(
0fda85
			&__internals->ipc_conns,
0fda85
			sizeof(nt_ipc_conn),
0fda85
			NT_ALLOCATION_GRANULARITY,
3841d3
			__ipc_memfn,
0fda85
			DALIST_MEMFN_CUSTOM)))
0fda85
		return status;
0fda85
0fda85
	dalist_deposit_memory_block(
0fda85
		&__internals->ipc_conns,
0fda85
		__internals->ntapi_img_sec_bss->ipc_buffer,
0fda85
		__NT_BSS_IPC_BUFFER_SIZE);
0fda85
0fda85
	for (page=0; page<__internals->ipc_page; page++)
0fda85
		dalist_deposit_memory_block(
0fda85
			&__internals->ipc_conns,
0fda85
			__internals->ipc_pages[page],
0fda85
			NT_ALLOCATION_GRANULARITY);
0fda85
0fda85
	rtdata->hsemctl     = 0;
0fda85
	rtdata->hsempid     = 0;
0fda85
0fda85
	rtdata->hmsqctl     = 0;
0fda85
	rtdata->hmsqpid     = 0;
0fda85
0fda85
	rtdata->haflctl     = 0;
0fda85
	rtdata->haflpid     = 0;
0fda85
0fda85
	rtdata->ipc_keys[0] = 0;
0fda85
	rtdata->ipc_keys[1] = 0;
0fda85
	rtdata->ipc_keys[2] = 0;
0fda85
	rtdata->ipc_keys[3] = 0;
0fda85
	rtdata->ipc_keys[4] = 0;
0fda85
	rtdata->ipc_keys[5] = 0;
0fda85
0fda85
	return 0;
0fda85
}
dd89bb
dd89bb
static int32_t __fastcall __ntapi_init_pending(ntapi_vtbl ** pvtbl)
dd89bb
{
c713d8
	(void)pvtbl;
dd89bb
	return NT_STATUS_PENDING;
dd89bb
}
dd89bb
dd89bb
static int32_t __fastcall __ntapi_init_completed(ntapi_vtbl ** pvtbl)
dd89bb
{
208f43
	*pvtbl = &___ntapi_shadow;
0fda85
	return __ntapi_init_solib_fork_child_finalize();
4b5ad5
}
dd89bb
dd89bb
dd89bb
__ntapi_api
dd89bb
int32_t __fastcall ntapi_init(ntapi_vtbl ** pvtbl)
dd89bb
{
dd89bb
	return __ntapi_init_vtbl[__ntapi_init_idx](pvtbl);
dd89bb
}
dd89bb
dd89bb
dd89bb
ntapi_internals * __cdecl __ntapi_internals(void)
dd89bb
{
dd89bb
	return internals;
dd89bb
}