diff options
| author | Jonathan Bauer | 2014-06-10 15:10:32 +0200 |
|---|---|---|
| committer | Jonathan Bauer | 2014-06-10 15:10:32 +0200 |
| commit | 8cde029741d99c2138557f349735904dce9f418e (patch) | |
| tree | ea5c388b7d459952307518a22c08f83376acda7a /windows/bootpgm/native | |
| parent | [stage31] mount /dev through devtmpfs (diff) | |
| parent | Windows system name changer during bootup. (diff) | |
| download | tm-scripts-8cde029741d99c2138557f349735904dce9f418e.tar.gz tm-scripts-8cde029741d99c2138557f349735904dce9f418e.tar.xz tm-scripts-8cde029741d99c2138557f349735904dce9f418e.zip | |
Merge branch 'master' of git.openslx.org:openslx-ng/tm-scripts
Diffstat (limited to 'windows/bootpgm/native')
| -rw-r--r-- | windows/bootpgm/native/MAKEFILE | 7 | ||||
| -rw-r--r-- | windows/bootpgm/native/SOURCES | 16 | ||||
| -rw-r--r-- | windows/bootpgm/native/native.cpp | 427 | ||||
| -rw-r--r-- | windows/bootpgm/native/newnative.h | 322 |
4 files changed, 772 insertions, 0 deletions
diff --git a/windows/bootpgm/native/MAKEFILE b/windows/bootpgm/native/MAKEFILE new file mode 100644 index 00000000..9c985f57 --- /dev/null +++ b/windows/bootpgm/native/MAKEFILE @@ -0,0 +1,7 @@ +#
+# DO NOT EDIT THIS FILE!!! Edit .\sources. if you want to add a new source
+# file to this component. This file merely indirects to the real make file
+# that is shared by all the driver components of the Windows NT DDK
+#
+
+!INCLUDE $(NTMAKEENV)\makefile.def
diff --git a/windows/bootpgm/native/SOURCES b/windows/bootpgm/native/SOURCES new file mode 100644 index 00000000..f0c287c1 --- /dev/null +++ b/windows/bootpgm/native/SOURCES @@ -0,0 +1,16 @@ +TARGETNAME=bootpgm
+TARGETPATH=..\obj
+TARGETTYPE=PROGRAM
+
+TARGETLIBS=\
+ ..\obj\i386\common.lib\
+ $(DDK_LIB_PATH)\ntdll.lib\
+ $(DDK_LIB_PATH)\nt.lib
+# $(DDK_LIB_PATH)\libcmt.lib
+# $(DDK_LIB_PATH)\ntoskrnl.lib
+
+
+INCLUDES=$(SDK_INC_PATH);$(DDK_INC_PATH);..\win32
+
+SOURCES= native.cpp
+#UMTYPE=nt
\ No newline at end of file diff --git a/windows/bootpgm/native/native.cpp b/windows/bootpgm/native/native.cpp new file mode 100644 index 00000000..e595d7a9 --- /dev/null +++ b/windows/bootpgm/native/native.cpp @@ -0,0 +1,427 @@ +/* The contents of this file are subject to the Mozilla Public License
+ * Version 1.1 (the "License"); you may not use this file except in
+ * compliance with the License. You may obtain a copy of the License at
+ * http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS IS"
+ * basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See the
+ * License for the specific language governing rights and limitations
+ * under the License.
+ *
+ * The Initial Developer of the Original Code is Johannes Rudolph.
+ * Portions created by the Initial Developer are Copyright (C) 2006
+ * the Initial Developer. All Rights Reserved.
+ *
+ * Contributor(s):
+ * Johannes Rudolph <johannes_rudolph@gmx.de>
+ */
+
+#include "stdafx.h"
+#include "io.h"
+#include "main.h"
+
+#include "newnative.h"
+
+#include "registrybrowser.h"
+
+#include <stdlib.h>
+#include <stdio.h>
+
+char keys[]={0,0,'1','2','3','4','5','6','7','8','9','0','ß','´',8/*Backspace*/ //0-14
+ ,0/*tab*/,'q','w','e','r','t','z','u','i','o','p','ü','+','\n'/*return*/ //15-28
+ ,0/*strg*/,'a','s','d','f','g','h','j','k','l','ö','ä','^',0/*left shift*/,'#' //29-43
+ ,'y','x','c','v','b','n','m',',','.','-',0/*right shift*/ //44-54
+ ,'*'/*num*/,0/*left alt*/,' ',0/*caps lock*/}; //55-58
+
+char shiftkeys[]={0,0,'!','\"','§','$','%','&','/','(',')','=','?','`',0/*Backspace*/ //0-14
+ ,0/*tab*/,'Q','W','E','R','T','Z','U','I','O','P','Ü','*','\n'/*return*/ //15-28
+ ,0/*strg*/,'A','S','D','F','G','H','J','K','L','Ö','Ä','°',0/*left shift*/,'\'' //29-43
+ ,'Y','X','C','V','B','N','M',';',':','_',0/*right shift*/ //44-54
+ ,'*'/*num*/,0/*left alt*/,' ',0/*caps lock*/};
+IO *myIO=0;
+
+void fatal(char *msg)
+{
+ if (myIO!=0)
+ myIO->println(msg);
+
+ NtTerminateProcess( NtCurrentProcess(), 0 );
+}
+
+struct KeyboardState
+{
+ bool shiftDown;
+ bool altDown;
+ bool altGrDown;
+ KeyboardState():shiftDown(false),altDown(false),altGrDown(false)
+ {}
+};
+
+class NativeBootIO:public IO{
+ HANDLE Heap;
+ HANDLE Keyboard;
+ HANDLE KeyboardEvent;
+ KeyboardState keyboardState;
+private:
+ void createHeap()
+ {
+ RTL_HEAP_DEFINITION heapParams;
+ memset( &heapParams, 0, sizeof( RTL_HEAP_DEFINITION ));
+ heapParams.Length = sizeof( RTL_HEAP_DEFINITION );
+ Heap = RtlCreateHeap( 2, 0, 0x100000, 0x1000, 0, &heapParams );
+ }
+ void openKeyboard()
+ {
+ UNICODE_STRING UnicodeFilespec;
+ OBJECT_ATTRIBUTES ObjectAttributes;
+ NTSTATUS Status;
+ IO_STATUS_BLOCK Iosb;
+
+ RtlInitUnicodeString(&UnicodeFilespec, L"\\device\\KeyboardClass0");
+ InitializeObjectAttributes(&ObjectAttributes, // ptr to structure
+ &UnicodeFilespec, // ptr to file spec
+ OBJ_CASE_INSENSITIVE, // attributes
+ NULL, // root directory handle
+ NULL ); // ptr to security descriptor
+
+ Status = ZwCreateFile(&Keyboard, // returned file handle
+ (GENERIC_READ|SYNCHRONIZE|FILE_READ_ATTRIBUTES), // desired access
+ &ObjectAttributes, // ptr to object attributes
+ &Iosb, // ptr to I/O status block
+ 0, // allocation size
+ FILE_ATTRIBUTE_NORMAL, // file attributes
+ 0, // share access
+ FILE_OPEN, // create disposition
+ 1, // create options
+ NULL, // ptr to extended attributes
+ 0); // length of ea buffer
+
+ if (Status!=STATUS_SUCCESS)
+ fatal("Fehler: Keyboardhandle konnte nicht geöffnet werden");
+
+ InitializeObjectAttributes(&ObjectAttributes, // ptr to structure
+ NULL, // ptr to file spec
+ 0, // attributes
+ NULL, // root directory handle
+ NULL ); // ptr to security descriptor
+ Status=NtCreateEvent(&KeyboardEvent,EVENT_ALL_ACCESS,&ObjectAttributes,SynchronizationEvent,FALSE);
+
+ if (Status!=STATUS_SUCCESS)
+ fatal("Fehler: Keyboardevent konnte nicht erstellt werden");
+ }
+ void updateKeyboardStatus(KEYBOARD_INPUT_DATA &kid)
+ {
+ if (((kid.MakeCode==42)||(kid.MakeCode==54))&&(kid.Flags&KEY_E0)==0&&(kid.Flags&KEY_E1)==0)
+ keyboardState.shiftDown=!(kid.Flags&KEY_BREAK);
+ }
+ void printkid(KEYBOARD_INPUT_DATA &kid)
+ {
+ static char *buffer=(char*)malloc(100);
+
+ int keyMake=kid.Flags&KEY_MAKE;
+ int keyBreak=kid.Flags&KEY_BREAK;
+ int e0=kid.Flags&KEY_E0;
+ int e1=kid.Flags&KEY_E1;
+ _snprintf(buffer,99,"Key: Code: %d\tMake: %d\tBreak: %d\te0: %d\te1: %d",kid.MakeCode,keyMake,keyBreak,e0,e1);
+ println(buffer);
+ }
+
+public:
+ NativeBootIO()
+ {
+ createHeap();
+ openKeyboard();
+ }
+ ~NativeBootIO()
+ {
+ //RtlDestroyHeap()
+ }
+ void handleCharEcho(char ch,char *buffer,unsigned int length)
+ {
+ char b[2];
+ b[0]=ch;
+ b[1]=0;
+ if (ch==8)
+ {
+ println("");
+ buffer[length]=0;
+ print("> ");
+ print(buffer);
+ }
+ else
+ print(b);
+ }
+ char getChar()
+ {
+ debugout("getChar startet");
+ KEYBOARD_INPUT_DATA kid;
+
+ int chr=0;
+
+ do
+ {
+ NTSTATUS Status=waitForKeyboardInput(0,&kid);
+ if (Status!=STATUS_SUCCESS)
+ {
+ //_snprintf(buffer,99,"Fehler beim Tastaturlesen: 0x%x",Status);
+ println("Fehler beim Tastaturlesen");
+ debugout("Fehler beim Tastatur lesen");
+ }
+ else
+ {
+ debugout("Taste empfangen");
+
+ updateKeyboardStatus(kid);
+
+ if (((kid.Flags&KEY_BREAK)==0)&&kid.MakeCode<58&&kid.MakeCode>0)
+ if (keyboardState.shiftDown)
+ chr=shiftkeys[kid.MakeCode];
+ else
+ chr=keys[kid.MakeCode];
+ else
+ chr=0;
+ }
+ }
+ while(chr==0);
+ debugout("getChar Ende");
+
+ return (char)chr;
+ }
+ void *malloc(unsigned int size)
+ {
+ return RtlAllocateHeap( Heap, 0, size);
+ }
+ void free(void *buffer)
+ {
+ RtlFreeHeap(Heap,0,buffer);
+ }
+ void internalPrint(char *buffer)
+ {
+ UNICODE_STRING UnicodeFilespec=getUnicodeString(buffer);
+
+ NtDisplayString(&UnicodeFilespec);
+ }
+ char *getVersion()
+ {
+ return "Native Boot IO Revision: $Rev$";
+ }
+
+ NTSTATUS waitForKeyboardInput(__int64 time,KEYBOARD_INPUT_DATA *kid)
+ {
+ LARGE_INTEGER bo;
+ LARGE_INTEGER litime;
+ NTSTATUS Status;
+ IO_STATUS_BLOCK Iosb;
+
+ bo.HighPart=0;
+ bo.LowPart=0;
+
+ debugout("wFKI: vor ZwReadFile");
+
+ Status=ZwReadFile(Keyboard,
+ KeyboardEvent,0,0,&Iosb,kid,sizeof(KEYBOARD_INPUT_DATA),&bo,NULL);
+
+ debugout("wFKI: nach ZwReadFile");
+
+ PLARGE_INTEGER pli=NULL;
+
+ if (time!=0)
+ pli=(PLARGE_INTEGER)&time;
+
+ if (Status==STATUS_PENDING)
+ {
+ debugout("wFKI: vor WaitFor...");
+
+ Status=NtWaitForMultipleObjects(1,&KeyboardEvent,1,1,pli);
+
+ debugout("wFKI: nach WaitFor...");
+
+ if (Status!=STATUS_SUCCESS)
+ {
+ NtCancelIoFile(Keyboard,&Iosb);
+ return Status;
+ }
+ }
+ return STATUS_SUCCESS;
+ }
+ void printKeyboardData(KEYBOARD_INPUT_DATA kid)
+ {
+ char buffer[100];
+ int keyMake=kid.Flags&KEY_MAKE;
+ int keyBreak=kid.Flags&KEY_BREAK;
+ int e0=kid.Flags&KEY_E0;
+ int e1=kid.Flags&KEY_E1;
+ _snprintf(buffer,99,"Key: Code: %d\tMake: %d\tBreak: %d\te0: %d\te1: %d\n",kid.MakeCode,keyMake,keyBreak,e0,e1);
+ debugout(buffer);
+ }
+ void testKeyboard()
+ {
+ KEYBOARD_INPUT_DATA kid;
+ kid.MakeCode=0;
+ char buffer[100];
+ while(kid.MakeCode!=1)
+ {
+ NTSTATUS Status=waitForKeyboardInput(0,&kid);
+ if (Status!=STATUS_SUCCESS)
+ {
+ _snprintf(buffer,99,"Fehler beim Tastaturlesen: 0x%x",Status);
+ println(buffer);
+ }
+ else
+ {
+ printKeyboardData(kid);
+ }
+ }
+ println("Keyboardtest beendet");
+ }
+ void resetKeyboard()
+ {
+ debugout("Clearing Event");
+ NtClearEvent(KeyboardEvent);
+ }
+};
+
+extern "C"
+int __cdecl _purecall()
+{
+ DbgBreakPoint();
+ return 0;
+}
+
+void debugBreak(IO &io,char *args)
+{
+ DbgBreakPoint();
+}
+
+void setCompnameFromFile(IO &io,char *args);
+void setComputerNameCmd(IO &io,char *args);
+
+void myitoa(int i,char *buffer)
+{
+ int length=0;
+ if (i==0)
+ {
+ buffer[0]='0';
+ length=1;
+ }
+ else
+ {
+ char buffer2[20];
+ while (i>0)
+ {
+ buffer2[length]='0'+i%10;
+ i/=10;
+ length++;
+ }
+ for (i=0;i<length;i++)
+ {
+ buffer[length-i-1]=buffer2[i];
+ }
+ }
+ buffer[length]=0;
+}
+
+bool keyPressedInTime(NativeBootIO &io,__int64 time,char key)
+{
+ KEYBOARD_INPUT_DATA kid;
+ io.debugout("kPIT startet");
+ NTSTATUS status=io.waitForKeyboardInput(time,&kid);
+ io.debugout("kPIT wFKI fertig");
+ //CHECK_STATUS(status,wFKI-from-kPIT)
+ if (status!=STATUS_SUCCESS)
+ return false;
+
+ if (((kid.Flags&KEY_BREAK)==0)&&kid.MakeCode<58&&kid.MakeCode>0)
+ if (keys[kid.MakeCode]==key)
+ {
+ io.debugout("Key pressed !!!");
+ return true;
+ }
+ else
+ io.debugout("Wrong key pressed");
+ else
+ io.printKeyboardData(kid);
+
+ return false;
+}
+
+bool startupWithKeyInner(NativeBootIO &io,int maxtime,char key) //maxtime in seconds
+{
+ io.print("System starting up: ");
+
+ for (int i=maxtime;i>=0;i--)
+ {
+ char buffer[2];
+ myitoa(i,buffer);
+ io.print(buffer);
+ io.print(" ");
+
+ if (keyPressedInTime(io,-3333000,key))
+ return true;
+ else
+ io.print(".");
+
+ if (keyPressedInTime(io,-3333000,key))
+ return true;
+ else
+ io.print(".");
+
+ if (keyPressedInTime(io,-3333000,key))
+ return true;
+ else
+ io.print(" ");
+ }
+ return false;
+}
+void clearKeyboardPipe(NativeBootIO &io)
+{
+ io.debugout("Starting clearKeyboardPipe");
+ io.resetKeyboard();
+ KEYBOARD_INPUT_DATA kid;
+ while (io.waitForKeyboardInput(-1,&kid)==STATUS_SUCCESS);
+ io.resetKeyboard();
+ io.debugout("Ending clearKeyboardPipe");
+
+
+}
+bool startupWithKey(NativeBootIO &io,int maxtime,char key) //maxtime in seconds
+{
+ bool res=startupWithKeyInner(io,maxtime,key);
+ io.println(" ");
+ clearKeyboardPipe(io);
+ return res;
+}
+
+void register_experimental_cmds(Main &main);
+
+extern "C" void NtProcessStartup(::PPEB peb )
+{
+ NativeBootIO io;
+ myIO=&io;
+
+ UNICODE_STRING &cmdLine = peb->ProcessParameters->CommandLine;
+
+ char **arguments;
+ int argc;
+ arguments=split_args(io,cmdLine.Buffer,cmdLine.Length/2,&argc);
+
+ Main main(io,argc,arguments);
+ RegistryBrowser reg(main);
+
+ main.addCommand("break",debugBreak);
+ main.addCommand("setComputerNameFromFile",setCompnameFromFile);
+ main.addCommand("setComputerName",setComputerNameCmd);
+
+ register_experimental_cmds(main);
+
+ main.showSplashScreen();
+
+#ifdef INTERACTIVE
+ if (startupWithKey(io,2,'v'))
+ main.rpl();
+ else
+#endif
+ setCompnameFromFile(io,0);
+
+ NtTerminateProcess( NtCurrentProcess(), 0 );
+}
\ No newline at end of file diff --git a/windows/bootpgm/native/newnative.h b/windows/bootpgm/native/newnative.h new file mode 100644 index 00000000..59f1067d --- /dev/null +++ b/windows/bootpgm/native/newnative.h @@ -0,0 +1,322 @@ +/* The contents of this file are subject to the Mozilla Public License
+ * Version 1.1 (the "License"); you may not use this file except in
+ * compliance with the License. You may obtain a copy of the License at
+ * http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS IS"
+ * basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See the
+ * License for the specific language governing rights and limitations
+ * under the License.
+ *
+ * The Initial Developer of the Original Code is Johannes Rudolph.
+ * Portions created by the Initial Developer are Copyright (C) 2006
+ * the Initial Developer. All Rights Reserved.
+ *
+ * Contributor(s):
+ * Johannes Rudolph <johannes_rudolph@gmx.de>
+ * Tomasz Nowak <tommy@ntinternals.net>
+ *
+ * Most of this content comes from http://undocumented.ntinternals.net/
+ * This page and the information used is written by
+ * Tomasz Nowak <tommy@ntinternals.net>
+ * There is an .chm version in ../doc/ntundoc.chm
+ * The license presented on the page sounds:
+ *
+ *
+ * LICENSE CONDITIONS
+ * This software and / or documentation is provided at no cost
+ * and can be redistributed freely, in its entirety or in parts,
+ * as long as the Copyright notice and author's name are included.
+ * You are hereby permited to use, view, read, copy, print, publish,
+ * redistribute and modify this software and / or documentation,
+ * under conditions described herein.
+ * This software / documentation is provided to you "as is" without
+ * warranty of any kind. By using this material you accept all of the
+ * related risks and all direct and indirect consequences, including
+ * potential data loss and hardware damage.
+ * If you do not agree to these license conditions, please do not use
+ * our software and / or documentation.
+ *
+ */
+
+
+
+#pragma once
+
+extern "C"{
+#define PPVOID void**
+#define BYTE char
+
+ /* I mostly copied this structures from the source above.
+ * I removed parts which would introduce spurious dependencies.
+ *
+ */
+ typedef struct _RTL_DRIVE_LETTER_CURDIR {
+ USHORT Flags;
+ USHORT Length;
+ ULONG TimeStamp;
+ UNICODE_STRING DosPath;
+ } RTL_DRIVE_LETTER_CURDIR, *PRTL_DRIVE_LETTER_CURDIR;
+
+ typedef struct _RTL_USER_PROCESS_PARAMETERS {
+ ULONG MaximumLength;
+ ULONG Length;
+ ULONG Flags;
+ ULONG DebugFlags;
+ PVOID ConsoleHandle;
+ ULONG ConsoleFlags;
+ HANDLE StdInputHandle;
+ HANDLE StdOutputHandle;
+ HANDLE StdErrorHandle;
+ UNICODE_STRING CurrentDirectoryPath;
+ HANDLE CurrentDirectoryHandle;
+ UNICODE_STRING DllPath;
+ UNICODE_STRING ImagePathName;
+ UNICODE_STRING CommandLine;
+ PVOID Environment;
+ ULONG StartingPositionLeft;
+ ULONG StartingPositionTop;
+ ULONG Width;
+ ULONG Height;
+ ULONG CharWidth;
+ ULONG CharHeight;
+ ULONG ConsoleTextAttributes;
+ ULONG WindowFlags;
+ ULONG ShowWindowFlags;
+ UNICODE_STRING WindowTitle;
+ UNICODE_STRING DesktopName;
+ UNICODE_STRING ShellInfo;
+ UNICODE_STRING RuntimeData;
+ RTL_DRIVE_LETTER_CURDIR DLCurrentDirectory[0x20];
+ } RTL_USER_PROCESS_PARAMETERS, *PRTL_USER_PROCESS_PARAMETERS;
+
+ typedef struct _PEB {
+ BOOLEAN InheritedAddressSpace;
+ BOOLEAN ReadImageFileExecOptions;
+ BOOLEAN BeingDebugged;
+ BOOLEAN Spare;
+ HANDLE Mutant;
+ PVOID ImageBaseAddress;
+ PVOID/*PPEB_LDR_DATA*/ LoaderData;
+ PRTL_USER_PROCESS_PARAMETERS ProcessParameters;
+ PVOID SubSystemData;
+ PVOID ProcessHeap;
+ PVOID FastPebLock;
+ PVOID/*PPEBLOCKROUTINE*/FastPebLockRoutine;
+ PVOID/*PPEBLOCKROUTINE*/FastPebUnlockRoutine;
+ ULONG EnvironmentUpdateCount;
+ PPVOID KernelCallbackTable;
+ PVOID EventLogSection;
+ PVOID EventLog;
+ PVOID/*PPEB_FREE_BLOCK*/FreeList;
+ ULONG TlsExpansionCounter;
+ PVOID TlsBitmap;
+ ULONG TlsBitmapBits[0x2];
+ PVOID ReadOnlySharedMemoryBase;
+ PVOID ReadOnlySharedMemoryHeap;
+ PPVOID ReadOnlyStaticServerData;
+ PVOID AnsiCodePageData;
+ PVOID OemCodePageData;
+ PVOID UnicodeCaseTableData;
+ ULONG NumberOfProcessors;
+ ULONG NtGlobalFlag;
+ BYTE Spare2[0x4];
+ LARGE_INTEGER CriticalSectionTimeout;
+ ULONG HeapSegmentReserve;
+ ULONG HeapSegmentCommit;
+ ULONG HeapDeCommitTotalFreeThreshold;
+ ULONG HeapDeCommitFreeBlockThreshold;
+ ULONG NumberOfHeaps;
+ ULONG MaximumNumberOfHeaps;
+ PPVOID *ProcessHeaps;
+ PVOID GdiSharedHandleTable;
+ PVOID ProcessStarterHelper;
+ PVOID GdiDCAttributeList;
+ PVOID LoaderLock;
+ ULONG OSMajorVersion;
+ ULONG OSMinorVersion;
+ ULONG OSBuildNumber;
+ ULONG OSPlatformId;
+ ULONG ImageSubSystem;
+ ULONG ImageSubSystemMajorVersion;
+ ULONG ImageSubSystemMinorVersion;
+ ULONG GdiHandleBuffer[0x22];
+ ULONG PostProcessInitRoutine;
+ ULONG TlsExpansionBitmap;
+ BYTE TlsExpansionBitmapBits[0x80];
+ ULONG SessionId;
+ } PEB, *PPEB;
+
+ typedef struct _RTL_HEAP_DEFINITION {
+ ULONG Length;
+ ULONG Unknown[12];
+ } RTL_HEAP_DEFINITION, *PRTL_HEAP_DEFINITION;
+
+ NTSYSAPI
+ NTSTATUS
+ NTAPI
+ NtTerminateProcess(
+ /*IN*/ HANDLE ProcessHandle /*OPTIONAL*/,
+ /*IN*/ NTSTATUS ExitStatus );
+
+ NTSYSAPI
+ NTSTATUS
+ NTAPI
+ NtDisplayString(
+ /*IN*/ PUNICODE_STRING String );
+
+ NTSYSAPI
+ PVOID
+ NTAPI
+ RtlCreateHeap(
+ /*IN*/ ULONG Flags,
+ /*IN*/ PVOID Base /*OPTIONAL*/,
+ /*IN*/ ULONG Reserve /*OPTIONAL*/,
+ /*IN*/ ULONG Commit,
+ /*IN*/ BOOLEAN Lock /*OPTIONAL*/,
+ /*IN*/ PRTL_HEAP_DEFINITION RtlHeapParams /*OPTIONAL*/ );
+
+ NTSYSAPI
+ PVOID
+ NTAPI
+ RtlAllocateHeap(
+ /*IN*/ PVOID HeapHandle,
+ /*IN*/ ULONG Flags,
+ /*IN*/ ULONG Size );
+
+ NTSYSAPI
+ BOOLEAN
+ NTAPI
+ RtlFreeHeap(
+ /*IN*/ PVOID HeapHandle,
+ /*IN*/ ULONG Flags /*OPTIONAL*/,
+ /*IN*/ PVOID MemoryPointer );
+
+ NTSYSAPI NTSTATUS NTAPI NtCreateEvent(PHANDLE,ACCESS_MASK,POBJECT_ATTRIBUTES,EVENT_TYPE,BOOLEAN);
+ NTSYSAPI NTSTATUS NTAPI NtWaitForMultipleObjects(ULONG handlecount,PHANDLE handles,int wait_type,BOOLEAN alertable,PLARGE_INTEGER timeout);
+ NTSYSAPI NTSTATUS NTAPI NtClearEvent(HANDLE Eventhandle);
+ NTSYSAPI NTSTATUS NTAPI NtCancelIoFile(HANDLE Filehandle, PIO_STATUS_BLOCK IoStatusBlock);
+
+ typedef enum _OBJECT_INFORMATION_CLASS
+ {
+ ObjectBasicInformation, // Result is OBJECT_BASIC_INFORMATION structure
+ ObjectNameInformation, // Result is OBJECT_NAME_INFORMATION structure
+ ObjectTypeInformation, // Result is OBJECT_TYPE_INFORMATION structure
+ ObjectAllInformation, // Result is OBJECT_ALL_INFORMATION structure
+ ObjectDataInformation // Result is OBJECT_DATA_INFORMATION structure
+
+ } OBJECT_INFORMATION_CLASS, *POBJECT_INFORMATION_CLASS;
+
+ NTSYSAPI
+ NTSTATUS
+ NTAPI
+ NtQueryObject(
+ HANDLE ObjectHandle,
+ OBJECT_INFORMATION_CLASS ObjectInformationClass,
+ PVOID ObjectInformation,
+ ULONG Length,
+ PULONG ResultLength );
+
+ typedef struct _OBJECT_BASIC_INFORMATION {
+ ULONG Attributes;
+ ACCESS_MASK GrantedAccess;
+ ULONG HandleCount;
+ ULONG ReferenceCount;
+ ULONG PagedPoolQuota;
+ ULONG NonPagedPoolQuota;
+ ULONG Unknown[3];
+ ULONG NameInformationLength;
+ ULONG TypeInformationLength;
+ ULONG SecurityDescriptorLength;
+ LARGE_INTEGER CreateTime;
+ } OBJECT_BASIC_INFORMATION, *POBJECT_BASIC_INFORMATION;
+
+ NTSYSAPI
+ NTSTATUS
+ NTAPI
+ NtLoadKey(
+ POBJECT_ATTRIBUTES DestinationKeyName,
+ POBJECT_ATTRIBUTES HiveFileName );
+
+ NTSYSAPI
+ NTSTATUS
+ NTAPI
+ NtOpenProcessToken(
+ HANDLE ProcessHandle,
+ ACCESS_MASK DesiredAccess,
+ PHANDLE TokenHandle );
+
+ typedef struct _TOKEN_PRIVILEGES
+ {
+ ULONG count;
+ LUID_AND_ATTRIBUTES Privileges[1];
+ } TOKEN_PRIVILEGES, *PTOKEN_PRIVILEGES;
+
+ NTSYSAPI
+ NTSTATUS
+ NTAPI
+ NtAdjustPrivilegesToken(
+ HANDLE TokenHandle,
+ BOOLEAN DisableAllPrivileges,
+ PTOKEN_PRIVILEGES TokenPrivileges,
+ ULONG PreviousPrivilegesLength,
+ PTOKEN_PRIVILEGES PreviousPrivileges,
+ PULONG RequiredLength);
+
+ NTSYSAPI
+ NTSTATUS
+ NTAPI
+ NtUnloadKey(
+ POBJECT_ATTRIBUTES DestinationKeyName );
+
+ NTSYSAPI
+ NTSTATUS
+ NTAPI
+ NtFlushKey(
+ HANDLE KeyHandle );
+
+ NTSYSAPI
+ NTSTATUS
+ NTAPI
+ NtSaveKey(
+ HANDLE KeyHandle,
+ HANDLE FileHandle );
+
+ NTSYSAPI
+ NTSTATUS
+ NTAPI
+ NtInitializeRegistry(
+ int flag);
+
+ typedef enum _DEBUG_CONTROL_CODE {
+ DebugSysReadIoSpace = 14,
+ DebugSysWriteIoSpace = 15,
+ DebugSysReadMsr = 16,
+ DebugSysWriteMsr = 17,
+ DebugSysReadBusData = 18,
+ DebugSysWriteBusData = 19,
+ } DEBUG_CONTROL_CODE;
+
+ NTSYSAPI
+ NTSTATUS
+ NTAPI
+ ZwSystemDebugControl(
+ DEBUG_CONTROL_CODE ControlCode,
+ PVOID InputBuffer,
+ ULONG InputBufferLength,
+ PVOID OutputBuffer,
+ ULONG OutputBufferLength,
+ PULONG ReturnLength
+ );
+
+ typedef struct _IO_STRUCT {
+ int IoAddr; // IN: Aligned to NumBytes,I/O address
+ int Reserved1; // Never accessed by the kernel
+ PVOID pBuffer; // IN (write) or OUT (read): Ptr to buffer
+ int NumBytes; // IN: # bytes to read/write. Only use 1, 2, or 4.
+ int Reserved4; // Must be 1
+ int Reserved5; // Must be 0
+ int Reserved6; // Must be 1
+ int Reserved7; // Never accessed by the kernel
+ } IO_STRUCT;
+}
\ No newline at end of file |