Blob Blame History Raw
/********************************************************/
/*  ntapi: Native API core library                      */
/*  Copyright (C) 2013--2017  Z. Gilboa                 */
/*  Released under GPLv2 and GPLv3; see COPYING.NTAPI.  */
/********************************************************/

#include <psxtypes/psxtypes.h>
#include <pemagine/pemagine.h>
#include <ntapi/nt_status.h>
#include <ntapi/nt_object.h>
#include <ntapi/nt_thread.h>
#include <ntapi/nt_process.h>
#include <ntapi/nt_string.h>
#include <ntapi/ntapi.h>
#include "ntapi_impl.h"

struct __ext_params {
	size_t				size_in_bytes;
	nt_create_process_ext_param	file_info;
};

struct __integral_cmdline {
	struct pe_guid_str_utf16	guid;
	wchar16_t			space1;
	wchar16_t			rarg[2];
	wchar16_t			space2;
	wchar16_t			addr[2*__SIZEOF_POINTER__];
	wchar16_t			null;
};

static int32_t __tt_create_process_cancel(nt_create_process_params * params, int32_t status)
{
	if (params->hprocess) {
		__ntapi->zw_terminate_process(params->hprocess,NT_STATUS_INTERNAL_ERROR);
		__ntapi->zw_close(params->hprocess);
	}

	if (params->hthread)
		__ntapi->zw_close(params->hthread);

	return status;
}


int32_t __stdcall __ntapi_tt_create_native_process_v2(
	__in_out	nt_create_process_params *	params)
{
	int32_t				status;

	nt_object_attributes		oa_process;
	nt_object_attributes		oa_thread;

	nt_unicode_string		nt_image;
	nt_unicode_string		nt_cmd_line;

	nt_create_process_info		nt_process_info;
	int				fresume_thread;

	struct __ext_params		ext_params;
	struct __integral_cmdline	fcmdline = {
		{
			'{',{'3','e','4','3','e','c','8','4'},
			'-',{'1','a','f','1'},
			'-',{'4','e','d','e'},
			'-',{'a','c','d','8'},
			'-',{'c','3','d','9','2','0','a','f','c','8','6','8'},
			'}'
		},

	#if (__SIZEOF_POINTER__ == 4)
		' ',{'-','r'},' ',
		{'i','n','t','e','g','r','a','l'},0};
	#elif (__SIZEOF_POINTER__ == 8)
		' ',{'-','r'},' ',
		{'i','n','t','e','g','r','a','l',
		'-','r','u','n','t','i','m','e'},0};
	#endif

	/* validation */
	if (params->cmd_line && params->process_params)
		return NT_STATUS_INVALID_PARAMETER_MIX;
	else if (params->cmd_line && params->rtblock)
		return NT_STATUS_INVALID_PARAMETER_MIX;
	else if (params->environment && params->process_params)
		return NT_STATUS_INVALID_PARAMETER_MIX;

	/* image_name */
	__ntapi->rtl_init_unicode_string(
		&nt_image,
		params->image_name);

	/* oa_process */
	if (!params->obj_attr_process) {
		__ntapi->tt_aligned_block_memset(
			&oa_process,0,sizeof(oa_process));

		oa_process.len = sizeof(oa_process);
		params->obj_attr_process = &oa_process;
	}

	/* oa_thread */
	if (!params->obj_attr_thread) {
		__ntapi->tt_aligned_block_memset(
			&oa_thread,0,sizeof(oa_thread));

		oa_thread.len = sizeof(oa_thread);
		params->obj_attr_thread = &oa_thread;
	}

	/* process_params */
	if (!params->process_params) {
		/* environment */
		if (!params->environment)
			params->environment = __ntapi->tt_get_peb_env_block_utf16();

		/* cmd_line */
		if (params->rtblock) {
			nt_cmd_line.strlen = sizeof(fcmdline) - sizeof(fcmdline.null);
			nt_cmd_line.maxlen = sizeof(fcmdline);
			nt_cmd_line.buffer = &fcmdline.guid.lbrace;
			params->cmd_line   = &fcmdline.guid.lbrace;
		} else {
			if (!params->cmd_line)
				params->cmd_line = params->image_name;

			__ntapi->rtl_init_unicode_string(
				&nt_cmd_line,
				params->cmd_line);
		}

		if ((status = __ntapi->rtl_create_process_parameters(
				&params->process_params,
				&nt_image,
				(nt_unicode_string *)0,
				(nt_unicode_string *)0,
				&nt_cmd_line,
				params->environment,
				(nt_unicode_string *)0,
				(nt_unicode_string *)0,
				(nt_unicode_string *)0,
				(nt_unicode_string *)0)))
			return status;

		__ntapi->rtl_normalize_process_params(params->process_params);
	}

	/* create_process_info */
	if (!params->create_process_info) {
		__ntapi->tt_aligned_block_memset(
			&nt_process_info,0,sizeof(nt_process_info));

		nt_process_info.size			   = sizeof(nt_create_process_info);
		nt_process_info.state			   = NT_PROCESS_CREATE_INITIAL_STATE;
		nt_process_info.init_state.init_flags	   = NT_PROCESS_CREATE_INFO_OBTAIN_OUTPUT;
		nt_process_info.init_state.file_access_ext = NT_FILE_READ_ATTRIBUTES|NT_FILE_READ_ACCESS;

		params->create_process_info = &nt_process_info;
	}

	/* create_process_ext_params */
	if (!params->create_process_ext_params) {
		__ntapi->tt_aligned_block_memset(
			&ext_params,0,sizeof(ext_params));

		ext_params.size_in_bytes = sizeof(ext_params);

		/* file_info */
		ext_params.file_info.ext_param_type	= NT_CREATE_PROCESS_EXT_PARAM_SET_FILE_NAME;
		ext_params.file_info.ext_param_size	= nt_image.strlen;
		ext_params.file_info.ext_param_addr	= nt_image.buffer;

		params->create_process_ext_params = (nt_create_process_ext_params *)&ext_params;
	}

	params->hprocess = 0;
	params->hthread  = 0;
	fresume_thread   = 0;

	if (params->rtblock) {
		fresume_thread = (params->creation_flags_thread ^ 0x01) & 0x01;
		params->creation_flags_thread |= 0x01;
	}

	if (!params->desired_access_process)
		params->desired_access_process = NT_PROCESS_ALL_ACCESS;

	if (!params->desired_access_thread)
		params->desired_access_thread = NT_THREAD_ALL_ACCESS;

	if ((status = __ntapi->zw_create_user_process(
			&params->hprocess,
			&params->hthread,
			params->desired_access_process,
			params->desired_access_thread,
			params->obj_attr_process,
			params->obj_attr_thread,
			params->creation_flags_process,
			params->creation_flags_thread,
			params->process_params,
			params->create_process_info,
			params->create_process_ext_params)))
		return status;

	/* session registration */
	if (params->hsession && (params->hsession != NT_INVALID_HANDLE_VALUE))
		if ((status = __ntapi->tty_client_process_register(
				params->hsession,
				params->pbi.unique_process_id,
				0,0,0)))
			return __tt_create_process_cancel(params,status);

	/* tidy up */
	__ntapi->zw_close(params->create_process_info->success_state.hfile);
	__ntapi->zw_close(params->create_process_info->success_state.hsection);

	if ((status = __ntapi->zw_query_information_process(
			params->hprocess,
			NT_PROCESS_BASIC_INFORMATION,
			&params->pbi,sizeof(params->pbi),
			0)))
		return __tt_create_process_cancel(params,status);

	if (!params->rtblock)
		return NT_STATUS_SUCCESS;

	/* rtdata */
	if ((status = __ntapi_tt_create_remote_runtime_data(params->hprocess,params->rtblock)))
		return __tt_create_process_cancel(params,status);

	/* conditional resume */
	if (fresume_thread && (status = __ntapi->zw_resume_thread(params->hthread,0)))
		return __tt_create_process_cancel(params,status);

	return NT_STATUS_SUCCESS;
}