📄 w32syscall.c
字号:
{ return -ENOSYS;}/* 215 */NTSTATUS STDCALLNtTranslateFilePath(ULONG Unknown1, ULONG Unknown2, ULONG Unknown3){ return -ENOSYS;}NTSTATUS STDCALLNtUnloadDriver(IN PUNICODE_STRING DriverServiceName){ return -ENOSYS;}NTSTATUS STDCALLNtUnloadKey (IN POBJECT_ATTRIBUTES KeyObjectAttributes){ return -ENOSYS;}NTSTATUS STDCALLNtUnlockFile(IN HANDLE FileHandle, OUT PIO_STATUS_BLOCK IoStatusBlock, IN PLARGE_INTEGER ByteOffset, IN PLARGE_INTEGER Length, OUT ULONG Key OPTIONAL){ return -ENOSYS;}NTSTATUS STDCALLNtUnlockVirtualMemory(HANDLE ProcessHandle, PVOID BaseAddress, ULONG NumberOfBytesToUnlock, PULONG NumberOfBytesUnlocked OPTIONAL){ return -ENOSYS;}/* 220 *//*NTSTATUS STDCALLNtUnmapViewOfSection (HANDLE ProcessHandle, PVOID BaseAddress){ return -ENOSYS;}*/NTSTATUS STDCALL NtVdmControl(ULONG ControlCode, PVOID ControlData){ return -ENOSYS;}/*NTSTATUSSTDCALLNtWaitForMultipleObjects(IN ULONG ObjectCount, IN PHANDLE HandleArray, IN WAIT_TYPE WaitType, IN BOOLEAN Alertable, IN PLARGE_INTEGER TimeOut OPTIONAL){ return -ENOSYS;}*/NTSTATUS STDCALLNtWaitForSingleObject(IN HANDLE ObjectHandle, IN BOOLEAN Alertable, IN PLARGE_INTEGER TimeOut OPTIONAL){ return -ENOSYS;}NTSTATUS STDCALLNtWaitHighEventPair(IN HANDLE EventPairHandle){ return -ENOSYS;}/* 225 */NTSTATUS STDCALLNtWaitLowEventPair(IN HANDLE EventPairHandle){ return -ENOSYS;}/*NTSTATUS STDCALLNtWriteFile (IN HANDLE FileHandle, IN HANDLE Event OPTIONAL, IN PIO_APC_ROUTINE ApcRoutine OPTIONAL, IN PVOID ApcContext OPTIONAL, OUT PIO_STATUS_BLOCK IoStatusBlock, IN PVOID Buffer, IN ULONG Length, IN PLARGE_INTEGER ByteOffset OPTIONAL, IN PULONG Key OPTIONAL){ return -ENOSYS;}*/NTSTATUS STDCALLNtWriteFileGather(IN HANDLE FileHandle, IN HANDLE Event OPTIONAL, IN PIO_APC_ROUTINE UserApcRoutine OPTIONAL, IN PVOID UserApcContext OPTIONAL, OUT PIO_STATUS_BLOCK UserIoStatusBlock, IN FILE_SEGMENT_ELEMENT BufferDescription [], IN ULONG BufferLength, IN PLARGE_INTEGER ByteOffset, IN PULONG Key OPTIONAL){ return -ENOSYS;}NTSTATUS STDCALL NtWriteRequestData (HANDLE PortHandle, PPORT_MESSAGE Message, ULONG Index, PVOID Buffer, ULONG BufferLength, PULONG ReturnLength){ return -ENOSYS;}/*NTSTATUS STDCALLNtWriteVirtualMemory(IN HANDLE ProcessHandle, IN PVOID BaseAddress, IN PVOID Buffer, IN ULONG NumberOfBytesToWrite, OUT PULONG NumberOfBytesWritten OPTIONAL){ return -ENOSYS;}*//* 230 */NTSTATUS STDCALLNtW32Call(IN ULONG RoutineIndex, IN PVOID Argument, IN ULONG ArgumentLength, OUT PVOID* Result OPTIONAL, OUT PULONG ResultLength OPTIONAL){ return -ENOSYS;}NTSTATUS STDCALLNtYieldExecution(VOID){ return -ENOSYS;}/* construct the thread and the process for current */int InitialiseWin32(void){ struct ethread_cons_data etcd; win32_object *probj, *throbj; struct ethread *thread = thread_find(); ktrace("InitialiseWin32(%p,%p)\n",thread,args); if (thread) return 0; /* already initialised */ /* allocate a Win32 process object */ probj = AllocObject(&process_objclass,NULL,NULL); if (IS_ERR(probj)) return PTR_ERR(probj); /* allocate a Win32 thread object */ etcd.etcd_task = current; etcd.etcd_process = probj; throbj = AllocObject(&thread_objclass,NULL,&etcd); if (IS_ERR(throbj)) { objput(probj); return PTR_ERR(throbj); } /* the thread object can now be put, since a reference is held * by the Linux task structure. Similarly the process object * is now referenced by the thread object and can also be put */ objput(probj); objput(throbj); ktrace("InitialiseWin32(): p=%p t=%p\n",probj,throbj); return 0;} /* end InitialiseWin32() *//* * unininitialise a process for Win32 stuff */int UninitialiseWin32(void){ return -ENOANO;} /* end UninitialiseWin32() *//* Syscall function table. Currently only 2 functions are stubbed for testing, and to be used as a prototype */SSDT MainSSDT[] = { (SSDT)NtAcceptConnectPort, /* 0 */ (SSDT)NtAccessCheck, /* 1 */ (SSDT)NtAccessCheckAndAuditAlarm, (SSDT)NtAddAtom, (SSDT)NtAddBootEntry, (SSDT)NtAdjustGroupsToken, /* 5 */ (SSDT)NtAdjustPrivilegesToken, (SSDT)NtAlertResumeThread, (SSDT)NtAlertThread, (SSDT)NtAllocateLocallyUniqueId, (SSDT)NtAllocateUuids, /* 10 */ (SSDT)NtAllocateVirtualMemory, (SSDT)NtAssignProcessToJobObject, (SSDT)NtCallbackReturn, (SSDT)NtCancelIoFile, (SSDT)NtCancelTimer, /* 15 */ (SSDT)NtClearEvent, (SSDT)NtClose, (SSDT)NtCloseObjectAuditAlarm, (SSDT)NtCompleteConnectPort, (SSDT)NtConnectPort, /* 20 */ (SSDT)NtContinue, (SSDT)NtCreateDirectoryObject, (SSDT)NtCreateEvent, (SSDT)NtCreateEventPair, (SSDT)NtCreateFile, /* 25 */ (SSDT)NtCreateIoCompletion, (SSDT)NtCreateJobObject, (SSDT)NtCreateKey, (SSDT)NtCreateMailslotFile, (SSDT)NtCreateMutant, /* 30 */ (SSDT)NtCreateNamedPipeFile, (SSDT)NtCreatePagingFile, (SSDT)NtCreatePort, (SSDT)NtCreateProcess, (SSDT)NtCreateProfile, /* 35 */ (SSDT)NtCreateSection, (SSDT)NtCreateSemaphore, (SSDT)NtCreateSymbolicLinkObject, (SSDT)NtCreateThread, (SSDT)NtCreateTimer, /* 40 */ (SSDT)NtCreateToken, (SSDT)NtCreateWaitablePort, (SSDT)NtDelayExecution, (SSDT)NtDeleteAtom, (SSDT)NtDeleteBootEntry, /* 45 */ (SSDT)NtDeleteFile, (SSDT)NtDeleteKey, (SSDT)NtDeleteObjectAuditAlarm, (SSDT)NtDeleteValueKey, (SSDT)NtDeviceIoControlFile, /* 50 */ (SSDT)NtDisplayString, (SSDT)NtDuplicateObject, (SSDT)NtDuplicateToken, (SSDT)NtEnumerateBootEntries, (SSDT)NtEnumerateKey, /* 55 */ (SSDT)NtEnumerateValueKey, (SSDT)NtExtendSection, (SSDT)NtFindAtom, (SSDT)NtFlushBuffersFile, (SSDT)NtFlushInstructionCache, /* 60 */ (SSDT)NtFlushKey, (SSDT)NtFlushVirtualMemory, (SSDT)NtFlushWriteBuffer, (SSDT)NtFreeVirtualMemory, (SSDT)NtFsControlFile, /* 65 */ (SSDT)NtGetContextThread, (SSDT)NtGetPlugPlayEvent, (SSDT)NtGetTickCount, (SSDT)NtImpersonateClientOfPort, (SSDT)NtImpersonateThread, /* 70 */ (SSDT)NtInitializeRegistry, (SSDT)NtInitiatePowerAction, (SSDT)NtIsProcessInJob, (SSDT)NtListenPort, (SSDT)NtLoadDriver, /* 75 */ (SSDT)NtLoadKey, (SSDT)NtLoadKey2, (SSDT)NtLockFile, (SSDT)NtLockVirtualMemory, (SSDT)NtMakePermanentObject, /* 80 */ (SSDT)NtMakeTemporaryObject, (SSDT)NtMapViewOfSection, (SSDT)NtNotifyChangeDirectoryFile, (SSDT)NtNotifyChangeKey, (SSDT)NtOpenDirectoryObject, /* 85 */ (SSDT)NtOpenEvent, (SSDT)NtOpenEventPair, (SSDT)NtOpenFile, (SSDT)NtOpenIoCompletion, (SSDT)NtOpenJobObject, /* 90 */ (SSDT)NtOpenKey, (SSDT)NtOpenMutant, (SSDT)NtOpenObjectAuditAlarm, (SSDT)NtOpenProcess, (SSDT)NtOpenProcessToken, /* 95 */ (SSDT)NtOpenProcessTokenEx, (SSDT)NtOpenSection, (SSDT)NtOpenSemaphore, (SSDT)NtOpenSymbolicLinkObject, (SSDT)NtOpenThread, /* 100 */ (SSDT)NtOpenThreadToken, (SSDT)NtOpenThreadTokenEx, (SSDT)NtOpenTimer, (SSDT)NtPlugPlayControl, (SSDT)NtPowerInformation, /* 105 */ (SSDT)NtPrivilegeCheck, (SSDT)NtPrivilegedServiceAuditAlarm, (SSDT)NtPrivilegeObjectAuditAlarm, (SSDT)NtProtectVirtualMemory, (SSDT)NtPulseEvent, /* 110 */ (SSDT)NtQueryInformationAtom, (SSDT)NtQueryAttributesFile, (SSDT)NtQueryBootEntryOrder, (SSDT)NtQueryBootOptions, (SSDT)NtQueryDefaultLocale, /* 115 */ (SSDT)NtQueryDefaultUILanguage, (SSDT)NtQueryDirectoryFile, (SSDT)NtQueryDirectoryObject, (SSDT)NtQueryEaFile, (SSDT)NtQueryEvent, /* 120 */ (SSDT)NtQueryFullAttributesFile, (SSDT)NtQueryInformationFile, (SSDT)NtQueryInformationJobObject, (SSDT)NtQueryInformationPort, (SSDT)NtQueryInformationProcess, /* 125 */ (SSDT)NtQueryInformationThread, (SSDT)NtQueryInformationToken, (SSDT)NtQueryInstallUILanguage, (SSDT)NtQueryIntervalProfile, (SSDT)NtQueryIoCompletion, /* 130 */ (SSDT)NtQueryKey, (SSDT)NtQueryMultipleValueKey, (SSDT)NtQueryMutant, (SSDT)NtQueryObject, (SSDT)NtQueryPerformanceCounter, /* 135 */ (SSDT)NtQueryQuotaInformationFile, (SSDT)NtQuerySection, (SSDT)NtQuerySecurityObject, (SSDT)NtQuerySemaphore, (SSDT)NtQuerySymbolicLinkObject, /* 140 */ (SSDT)NtQuerySystemEnvironmentValue, (SSDT)NtQuerySystemInformation, (SSDT)NtQuerySystemTime, (SSDT)NtQueryTimer, (SSDT)NtQueryTimerResolution, /* 145 */ (SSDT)NtQueryValueKey, (SSDT)NtQueryVirtualMemory, (SSDT)NtQueryVolumeInformationFile, (SSDT)NtQueueApcThread, (SSDT)NtRaiseException, /* 150 */ (SSDT)NtRaiseHardError, (SSDT)NtReadFile, (SSDT)NtReadFileScatter, (SSDT)NtReadRequestData, (SSDT)NtReadVirtualMemory, /* 155 */ (SSDT)NtRegisterThreadTerminatePort, (SSDT)NtReleaseMutant, (SSDT)NtReleaseSemaphore, (SSDT)NtRemoveIoCompletion, (SSDT)NtReplaceKey, /* 160 */ (SSDT)NtReplyPort, (SSDT)NtReplyWaitReceivePort, (SSDT)NtReplyWaitReplyPort, (SSDT)NtRequestPort, (SSDT)NtRequestWaitReplyPort, /* 165 */ (SSDT)NtResetEvent, (SSDT)NtRestoreKey, (SSDT)NtResumeThread, (SSDT)NtSaveKey, (SSDT)NtSaveKeyEx, /* 170 */ (SSDT)NtSetBootEntryOrder, (SSDT)NtSetBootOptions, (SSDT)NtSetIoCompletion, (SSDT)NtSetContextThread, (SSDT)NtSetDefaultHardErrorPort, /* 175 */ (SSDT)NtSetDefaultLocale, (SSDT)NtSetDefaultUILanguage, (SSDT)NtSetEaFile, (SSDT)NtSetEvent, (SSDT)NtSetHighEventPair, /* 180 */ (SSDT)NtSetHighWaitLowEventPair, (SSDT)NtSetInformationFile, (SSDT)NtSetInformationKey, (SSDT)NtSetInformationJobObject, (SSDT)NtSetInformationObject, /* 185 */ (SSDT)NtSetInformationProcess, (SSDT)NtSetInformationThread, (SSDT)NtSetInformationToken, (SSDT)NtSetIntervalProfile, (SSDT)NtSetLdtEntries, /* 190 */ (SSDT)NtSetLowEventPair, (SSDT)NtSetLowWaitHighEventPair, (SSDT)NtSetQuotaInformationFile, (SSDT)NtSetSecurityObject, (SSDT)NtSetSystemEnvironmentValue, /* 195 */ (SSDT)NtSetSystemInformation, (SSDT)NtSetSystemPowerState, (SSDT)NtSetSystemTime, (SSDT)NtSetTimer, (SSDT)NtSetTimerResolution, /* 200 */ (SSDT)NtSetUuidSeed, (SSDT)NtSetValueKey, (SSDT)NtSetVolumeInformationFile, (SSDT)NtShutdownSystem, (SSDT)NtSignalAndWaitForSingleObject, /* 205 */ (SSDT)NtStartProfile, (SSDT)NtStopProfile, (SSDT)NtSuspendThread, (SSDT)NtSystemDebugControl, (SSDT)NtTerminateJobObject, /* 210 */ (SSDT)NtTerminateProcess, (SSDT)NtTerminateThread, (SSDT)NtTestAlert, (SSDT)NtTraceEvent, (SSDT)NtTranslateFilePath, /* 215 */ (SSDT)NtUnloadDriver, (SSDT)NtUnloadKey, (SSDT)NtUnlockFile, (SSDT)NtUnlockVirtualMemory, (SSDT)NtUnmapViewOfSection, /* 220 */ (SSDT)NtVdmControl, (SSDT)NtWaitForMultipleObjects, (SSDT)NtWaitForSingleObject, (SSDT)NtWaitHighEventPair, (SSDT)NtWaitLowEventPair, /* 225 */ (SSDT)NtWriteFile, (SSDT)NtWriteFileGather, (SSDT)NtWriteRequestData, (SSDT)NtWriteVirtualMemory, (SSDT)NtW32Call, /* 230 */ (SSDT)NtYieldExecution, (SSDT)InitialiseWin32, (SSDT)UninitialiseWin32,};/* number of parameters for each function */SSPT MainSSPT[] = { 6, 8, 11, 3, 2, /* 0 */ 6, 6, 2, 1, 1, 4, 6, 2, 3, 2, /* 10 */ 2, 1, 1, 3, 1, 8, 2, 3, 5, 3, /* 20 */ 11, 4, 3, 7, 8, 4, 14, 4, 5, 8, /* 30 */ 9, 7, 5, 4, 8, 4, 13, 5, 2, 1, /* 40 */ 2, 1, 1, 3, 2, 10, 1, 7, 6, 2, /* 50 */ 6, 6, 2, 3, 2, 3, 1, 4, 0, 4, /* 60 */ 10, 2, 4, 0, 2, 3, 1, 4, 2, 2, /* 70 */ 1, 2, 3, 10, 4, 1, 1, 10, 9, 10,/* 80 */ 3, 3, 3, 6, 3, 3, 3, 3, 12, 4, /* 90 */ 3, 4, 3, 3, 3, 4, 4, 5, 3, 3, /* 100 */ 5, 3, 5, 6, 5, 2, 5, 2, 2, 2, /* 110 */ 2, 1, 11, 7, 9, 5, 2, 5, 5, 5, /* 120 */ 5, 5, 5, 1, 2, 5, 5, 6, 5, 5, /* 130 */ 2, 9, 5, 5, 5, 3, 4, 4, 1, 5, /* 140 */ 3, 6, 6, 5, 5, 3, 6, 9, 9, 6, /* 150 */ 5, 1, 2, 3, 5, 3, 2, 4, 2, 2, /* 160 */ 3, 2, 3, 2, 2, 3, 2, 2, 5, 2, /* 170 */ 1, 2, 1, 4, 2, 1, 1, 5, 4, 4, /* 180 */ 4, 4, 4, 4, 2, 4, 1, 1, 4, 3, /* 190 */ 2, 3, 3, 2, 7, 3, 1, 6, 5, 1, /* 200 */ 4, 1, 1, 2, 6, 2, 2, 2, 0, 4, /* 210 */ 3, 1, 1, 5, 4, 2, 2, 5, 3, 1, /* 220 */ 1, 9, 9, 6, 5, 5, 0, 0, 0 /* 230 */};#define MIN_SYSCALL_NUMBER 0#define MAX_SYSCALL_NUMBER 233#define NUMBER_OF_SYSCALLS 234/* From ReactOS, don't touch. */SSDT_ENTRYKeServiceDescriptorTable[4] = { { MainSSDT, NULL, NUMBER_OF_SYSCALLS, MainSSPT }, { NULL, NULL, 0, NULL }, { NULL, NULL, 0, NULL }, { NULL, NULL, 0, NULL }};#endif⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -