📄 kmisc.c
字号:
memcpy(&SwapInfo,&AppInfo[size],sizeof(appinfo_t));
for (loop = size; loop > size2; loop--)
memcpy(&AppInfo[loop],&AppInfo[loop-1],sizeof(appinfo_t));
memcpy(&AppInfo[size2],&SwapInfo,sizeof(appinfo_t));
}
for (loop = 0; loop < nextapp; loop++)
AppInfo[loop].done = 0;
loop = 0;
while (loop < nextapp) {
if (CanBeLaunched(loop)) {
kItoW(pName,AppInfo[loop].index);
if (!CreateProcess(AppInfo[loop].appname,pName,0,0,0,0,0,0,0,0))
AppInfo[loop].done = 1;
loop++;
} else
WaitForMultipleObjects(1,&hSignalApp,0,INFINITE);
}
// launch apps!
}
pappinfo = 0;
CloseHandle(hSignalApp);
pPSLNotify(DLL_SYSTEM_STARTED,0,0);
}
BOOL SC_SetDbgZone(DWORD dwProcid, LPVOID lpvMod, LPVOID BasePtr, DWORD zone, LPDBGPARAM lpdbgTgt) {
DWORD retval = FALSE;
PMODULE pMod;
PPROCESS pProc;
LPDBGPARAM lpdbgSrc = 0;
ACCESSKEY ulOldKey;
SWITCHKEY(ulOldKey,0xffffffff);
if (dwProcid) {
if (!lpvMod && (pProc = HandleToProc((HANDLE)dwProcid)) && pProc->ZonePtr) {
if (zone != 0xffffffff)
pProc->ZonePtr->ulZoneMask=zone;
lpdbgSrc = pProc->ZonePtr;
retval = TRUE;
}
} else if (lpvMod) {
pMod = (PMODULE)lpvMod;
if (IsValidModule(pMod) && pMod->ZonePtr) {
DWORD dwUseMask = pMod->inuse | 0x1; // Add the kernel's bit
DWORD dwZeroAddr = (DWORD)(ZeroPtr((LPVOID)(pMod->ZonePtr)));
INT i=0;
// set source for copying names: use kernel's version since it's guaranteed to be there !
lpdbgSrc = (LPDBGPARAM)(MapPtrProc(dwZeroAddr,&ProcArray[0]));
if (zone != 0xffffffff) {
for (i = 0; dwUseMask; i++, dwUseMask >>= 1) {
if (dwUseMask & 0x1)
((LPDBGPARAM)MapPtrProc(dwZeroAddr,&ProcArray[i]))->ulZoneMask = zone;
}
}
retval = TRUE;
}
}
// Copy information if required
if (lpdbgSrc && lpdbgTgt)
memcpy(lpdbgTgt, lpdbgSrc, sizeof(DBGPARAM));
// restore access rights
SETCURKEY(ulOldKey);
return retval;
}
BOOL SC_RegisterDbgZones(HANDLE hMod, LPDBGPARAM lpdbgparam) {
DWORD hKeyPeg=0, hKeyZones=0;
DWORD dwType, dwData, dwSize;
CHAR szName[16];
PMODULE pMod = (PMODULE)hMod;
HKEY hZones;
BOOL bTryLocal;
lpdbgparam = MapPtr(lpdbgparam);
if (pMod) {
if (!IsValidModule(pMod))
return FALSE;
if (pMod->ZonePtr)
return TRUE;
pMod->ZonePtr = (LPDBGPARAM)MapPtrProc(ZeroPtr(lpdbgparam),&ProcArray[0]);
} else
pCurThread->pOwnerProc->ZonePtr = lpdbgparam;
bTryLocal = TRUE;
//
// See if the debug zone mask is specified in the desktop PC's registry
//
rRegOpen((DWORD)HKEY_CURRENT_USER, "Pegasus", &hKeyPeg);
if (hKeyPeg) {
rRegOpen(hKeyPeg, "Zones", &hKeyZones);
if (hKeyZones) {
KUnicodeToAscii(szName, lpdbgparam->lpszName, sizeof(szName));
rRegGet(hKeyZones, szName, &dwType, (LPBYTE)&dwData, &dwSize);
if (dwType == REG_DWORD) {
if (pMod)
SC_SetDbgZone(0,pMod,0,dwData,0);
else
SC_SetDbgZone((DWORD)hCurProc,0,0,dwData,0);
bTryLocal = FALSE;
}
rRegClose(hKeyZones);
}
rRegClose(hKeyPeg);
}
//
// Can only check the local registry if the filesys API is registered.
//
if (bTryLocal && (UserKInfo[KINX_API_MASK] & (1 << SH_FILESYS_APIS))) {
//
// See if the debug zone mask is specified in the Windows CE registry
// (in HLM\DebugZones:<module name>)
//
if (RegOpenKeyEx(HKEY_LOCAL_MACHINE, TEXT("DebugZones"), 0, 0,
&hZones) == ERROR_SUCCESS) {
dwSize = sizeof(DWORD);
if (RegQueryValueEx(hZones, lpdbgparam->lpszName, 0, &dwType,
(PUCHAR)&dwData, &dwSize) == ERROR_SUCCESS) {
if (dwType == REG_DWORD) {
if (pMod)
SC_SetDbgZone(0,pMod,0,dwData,0);
else
SC_SetDbgZone((DWORD)hCurProc,0,0,dwData,0);
}
}
RegCloseKey(hZones);
}
}
return TRUE;
}
PTHREAD ZeroAllThreadsTLS(PTHREAD pCur, DWORD slot) {
KCALLPROFON(65);
if (pCur == (PTHREAD)1)
pCur = pCurProc->pTh;
else if (HandleToThread(pCur->hTh) != pCur)
return (PTHREAD)1;
pCur->tlsPtr[slot] = 0;
KCALLPROFOFF(65);
return pCur->pNextInProc;
}
/* Thread local storage APIs */
DWORD SC_TlsCall(DWORD type, DWORD slot) {
int loop, mask;
DWORD used;
PTHREAD pth;
DEBUGMSG(ZONE_ENTRY,(L"SC_TlsCall entry: %8.8lx %8.8lx\r\n",type,slot));
switch (type) {
case TLS_FUNCALLOC:
do {
used = pCurProc->tlsLowUsed;
for (loop = 0, mask = 1; loop < 32; loop++, mask <<= 1)
if (!(used & mask))
break;
} while ((loop != 32) && ((DWORD)InterlockedTestExchange(&pCurProc->tlsLowUsed,used,used | mask) != used));
if (loop == 32) {
do {
used = pCurProc->tlsHighUsed;
for (mask = 1; loop < 64; loop++, mask <<= 1)
if (!(used & mask))
break;
} while ((loop != 64) && ((DWORD)InterlockedTestExchange(&pCurProc->tlsHighUsed,used,used|mask) != used));
if (loop == 64) {
DEBUGMSG(ZONE_ENTRY,(L"SC_TlsCall exit: %8.8lx\r\n",0xffffffff));
return 0xffffffff;
}
}
DEBUGMSG(ZONE_ENTRY,(L"SC_TlsCall exit: %8.8lx\r\n",loop));
return loop;
case TLS_FUNCFREE:
if (slot >= 64) {
DEBUGMSG(ZONE_ENTRY,(L"SC_TlsCall exit: %8.8lx\r\n",0));
return 0;
}
pth = (PTHREAD)1;
while (pth = (PTHREAD)KCall((PKFN)ZeroAllThreadsTLS,pth,slot))
;
if (slot < 32) {
do {
used = pCurProc->tlsLowUsed;
} while ((DWORD)InterlockedTestExchange(&pCurProc->tlsLowUsed,used,used & ~(1<<slot)) != used);
} else {
do {
used = pCurProc->tlsHighUsed;
} while ((DWORD)InterlockedTestExchange(&pCurProc->tlsHighUsed,used,used & ~(1<<(slot-32))) != used);
}
DEBUGMSG(ZONE_ENTRY,(L"SC_TlsCall exit: %8.8lx\r\n",1));
return 1;
default:
DEBUGCHK(0);
DEBUGMSG(ZONE_ENTRY,(L"SC_TlsCall exit: %8.8lx\r\n",0));
return 0;
}
}
// @func DWORD | SetProcPermissions | Sets the kernel's internal thread permissions
// @rdesc Returns the new permission dword
// @parm DWORD | newpermissions | the new permissions bitmask
// @comm Sets the internal permissions bitmask for the current thread
DWORD SC_SetProcPermissions(DWORD newperms) {
DWORD retval;
DEBUGMSG(ZONE_ENTRY,(L"SC_SetProcPermissions entry: %8.8lx\r\n",newperms));
if (!newperms)
newperms = 0xffffffff;
else {
// prevent user from removing kernel access
AddAccess(&newperms, ProcArray[0].aky);
// prevent user from removing access to his stack
AddAccess(&newperms, pCurThread->pOwnerProc->aky);
}
ERRORMSG(pCurProc->bTrustLevel != KERN_TRUST_FULL,(L"SC_SetProcPermissions failed due to insufficient trust\r\n"));
if (pCurProc->bTrustLevel == KERN_TRUST_FULL)
SWITCHKEY(retval, newperms);
DEBUGMSG(ZONE_ENTRY,(L"SC_SetProcPermissions exit: %8.8lx\r\n",retval));
return retval;
}
// @func DWORD | GetCurrentPermissions | Obtains the kernel's internal thread permissions dword
// @rdesc Returns the thread permissions dword
// @comm Obtains the internal permissions bitmask for the current thread
DWORD SC_GetCurrentPermissions(void) {
DEBUGMSG(ZONE_ENTRY,(L"SC_GetCurrentPermissions entry\r\n"));
DEBUGMSG(ZONE_ENTRY,(L"SC_GetCurrentPermissions exit: %8.8lx\r\n",pCurThread->aky));
return pCurThread->aky;
}
DWORD NormalBias, DaylightBias, InDaylight;
void SC_SetDaylightTime(DWORD dst) {
DEBUGMSG(ZONE_ENTRY,(L"SC_SetDaylightTime entry: %8.8lx\r\n",dst));
InDaylight = dst;
KInfoTable[KINX_TIMEZONEBIAS] = (InDaylight ? DaylightBias : NormalBias);
DEBUGMSG(ZONE_ENTRY,(L"SC_SetDaylightTime exit\r\n"));
}
void SC_SetTimeZoneBias(DWORD dwBias, DWORD dwDaylightBias) {
DEBUGMSG(ZONE_ENTRY,(L"SC_SetTimeZoneBias entry: %8.8lx %8.8lx\r\n",dwBias,dwDaylightBias));
NormalBias = dwBias;
DaylightBias = dwDaylightBias;
KInfoTable[KINX_TIMEZONEBIAS] = (InDaylight ? DaylightBias : NormalBias);
DEBUGMSG(ZONE_ENTRY,(L"SC_SetTimeZoneBias exit\r\n"));
}
/* Set thread last error */
void SC_SetLastError(DWORD dwError) {
DEBUGMSG(ZONE_ENTRY,(L"SC_SetLastError entry: %8.8lx\r\n",dwError));
pCurThread->dwLastError = dwError;
DEBUGMSG(ZONE_ENTRY,(L"SC_SetLastError exit\r\n"));
}
/* Get thread last error */
DWORD SC_GetLastError(void) {
DEBUGMSG(ZONE_ENTRY,(L"SC_GetLastError entry\r\n"));
DEBUGMSG(ZONE_ENTRY,(L"SC_GetLastError exit: %8.8lx\r\n",pCurThread->dwLastError));
return pCurThread->dwLastError;
}
/* Get thread return code */
BOOL SC_ThreadGetCode(HANDLE hTh, LPDWORD lpExit) {
DEBUGMSG(ZONE_ENTRY,(L"SC_ThreadGetCode entry: %8.8lx %8.8lx\r\n",hTh,lpExit));
*lpExit = GetUserInfo(hTh);
DEBUGMSG(ZONE_ENTRY,(L"SC_ThreadGetCode exit: %8.8lx\r\n",TRUE));
return TRUE;
}
/* Get process return code */
BOOL SC_ProcGetCode(HANDLE hProc, LPDWORD lpExit) {
DEBUGMSG(ZONE_ENTRY,(L"SC_ProcGetCode entry: %8.8lx %8.8lx\r\n",hProc,lpExit));
*lpExit = GetUserInfo(hProc);
DEBUGMSG(ZONE_ENTRY,(L"SC_ProcGetCode exit: %8.8lx\r\n",TRUE));
return TRUE;
}
DWORD SC_ProcGetIndex(HANDLE hProc) {
PPROCESS pproc;
DEBUGMSG(ZONE_ENTRY,(L"SC_ProcGetIndex entry: %8.8lx\r\n",hProc));
if (!(pproc = HandleToProc(hProc))) {
DEBUGMSG(ZONE_ENTRY,(L"SC_ProcGetIndex exit: %8.8lx\r\n",0xffffffff));
return 0xffffffff;
}
DEBUGMSG(ZONE_ENTRY,(L"SC_ProcGetIndex exit: %8.8lx\r\n",pproc->procnum));
return pproc->procnum;
}
BOOL SC_ProcFlushICache(HANDLE hProc, LPCVOID lpBaseAddress, DWORD dwSize) {
SC_CacheSync(CACHE_SYNC_INSTRUCTIONS);
return TRUE;
}
BOOL SC_ProcReadMemory(HANDLE hProcess, LPCVOID lpBaseAddress, LPVOID lpBuffer, DWORD nSize, LPDWORD lpNumberOfBytesRead) {
BOOL retval = FALSE;
LPBYTE ptr;
PPROCESS pproc;
if (pCurProc->bTrustLevel != KERN_TRUST_FULL) {
ERRORMSG(1,(L"SC_ProcReadMemory failed due to insufficient trust\r\n"));
KSetLastError(pCurThread,ERROR_ACCESS_DENIED);
return FALSE;
}
if (lpNumberOfBytesRead)
*lpNumberOfBytesRead = 0;
if (pproc = HandleToProc(hProcess)) {
ACCESSKEY ulOldKey;
SWITCHKEY(ulOldKey,0xffffffff);
ptr = MapPtrProc(lpBaseAddress,pproc);
__try {
memcpy(lpBuffer,ptr,nSize);
if (lpNumberOfBytesRead)
*lpNumberOfBytesRead = nSize;
retval = TRUE;
} __except (EXCEPTION_EXECUTE_HANDLER) {
SetLastError(ERROR_NOACCESS);
}
SETCURKEY(ulOldKey);
}
return retval;
}
BOOL SC_ProcWriteMemory(HANDLE hProcess, LPVOID lpBaseAddress, LPVOID lpBuffer, DWORD nSize, LPDWORD lpNumberOfBytesWritten) {
BOOL retval = FALSE;
LPBYTE ptr, ptr2, ptrend;
PPROCESS pproc;
DWORD bytesleft, bytestocopy;
if (pCurProc->bTrustLevel != KERN_TRUST_FULL) {
ERRORMSG(1,(L"SC_ProcWriteMemory failed due to insufficient trust\r\n"));
KSetLastError(pCurThread,ERROR_ACCESS_DENIED);
return FALSE;
}
if (lpNumberOfBytesWritten)
*lpNumberOfBytesWritten = 0;
if (pproc = HandleToProc(hProcess)) {
ACCESSKEY ulOldKey;
SWITCHKEY(ulOldKey,0xffffffff);
ptr = MapPtrProc(lpBaseAddress,pproc);
__try {
bytesleft = nSize;
while (bytesleft) {
BOOL bUnlock;
bytestocopy = 0x10000 - ((DWORD)ptr & 0xffff);
if (bytestocopy > bytesleft)
bytestocopy = bytesleft;
bUnlock = LockPages(ptr,bytestocopy,0,LOCKFLAG_READ);
ptr2 = ptr;
ptrend = ptr2 + bytestocopy;
while (ptr2 < ptrend) {
MEMORY_BASIC_INFORMATION mbi;
if (!VirtualQuery(ptr2,&mbi,sizeof(mbi)))
bUnlock = FALSE;
else if ((mbi.Protect != PAGE_READWRITE) && (mbi.Protect != PAGE_EXECUTE_READWRITE)) {
DWORD dwProt;
dwProt = ((mbi.Protect == PAGE_EXECUTE) || (mbi.Protect == PAGE_EXECUTE_READ)) ?
PAGE_EXECUTE_READWRITE : PAGE_READWRITE;
VirtualProtect(ptr2,PAGE_SIZE - ((DWORD)ptr2 & (PAGE_SIZE-1)), dwProt, &dwProt);
bUnlock = FALSE;
}
ptr2 += PAGE_SIZE - ((DWORD)ptr2 & (PAGE_SIZE-1));
}
if (bUnlock)
UnlockPages(ptr,bytestocopy);
memcpy(ptr,lpBuffer,bytestocopy);
ptr += bytestocopy;
lpBuffer = (LPVOID)((LPBYTE)lpBuffer + bytestocopy);
bytesleft -= bytestocopy;
}
if (lpNumberOfBytesWritten)
*lpNumberOfBytesWritten = nSize;
SC_CacheSync(CACHE_SYNC_DISCARD | CACHE_SYNC_INSTRUCTIONS);
retval = TRUE;
} __except (EXCEPTION_EXECUTE_HANDLER) {
SetLastError(ERROR_NOACCESS);
}
SETCURKEY(ulOldKey);
}
return retval;
}
HANDLE SC_OpenProcess(DWORD fdwAccess, BOOL fInherit, DWORD IDProcess) {
if (!fInherit && (GetHandleType((HANDLE)IDProcess) == SH_CURPROC) && IncRef((HANDLE)IDProcess, pCurProc))
return (HANDLE)IDProcess;
SetLastError(ERROR_INVALID_PARAMETER);
return NULL;
}
LPBYTE SC_THGrow(THSNAP *pSnap, DWORD dwSize) {
LPBYTE lpRet = pSnap->pNextFree;
pSnap->pNextFree += dwSize;
if (pSnap->pNextFree > pSnap->pHighReserve) {
ERRORMSG(1,(L"THGrow: Not enough reservation for toolhelp!\r\n"));
return 0;
}
if (pSnap->pNextFree > pSnap->pHighCommit) {
if (!VirtualAlloc(pSnap->pHighCommit, (pSnap->pNextFree - pSnap->pHighCommit + PAGE_SIZE - 1) & ~(PAGE_SIZE - 1),
MEM_COMMIT, PAGE_READWRITE))
return 0;
pSnap->pHighCommit = (LPBYTE)((DWORD)(pSnap->pNextFree + PAGE_SIZE - 1) & ~(PAGE_SIZE - 1));
}
return lpRet;
}
BOOL THGetProcs(THSNAP *pSnap, BOOL bGetHeap) {
TH32PROC **ppNext;
PTHREAD pTh;
DWORD loop;
CALLBACKINFO cbi;
LPBYTE pNextFree;
ppNext = &pSnap->pProc;
for (loop = 0; loop < MAX_PROCESSES; loop++) {
if (ProcArray[loop].dwVMBase && (!loop || ProcStarted(&ProcArray[loop]))) {
if (!(*ppNext = (TH32PROC *)THGrow(pSnap,sizeof(TH32PROC))))
return FALSE;
(*ppNext)->procentry.dwSize = sizeof(PROCESSENTRY32);
(*ppNext)->procentry.cntUsage = 1;
(*ppNext)->procentry.th32ProcessID = (DWORD)ProcArray[loop].hProc;
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -