48 return (
wcsstr(pServiceImage->pszImagePath,
L"\\system32\\lsass.exe") !=
NULL);
60 DWORD dwServiceCurrent = 1;
61 DWORD dwKeyDisposition;
70 L"SYSTEM\\CurrentControlSet\\Control\\ServiceCurrent",
80 DPRINT1(
"RegCreateKeyEx() failed with error %lu\n", dwError);
86 dwKeySize =
sizeof(
DWORD);
91 (
BYTE*)&dwServiceCurrent,
96 DPRINT1(
"RegQueryValueEx() failed with error %lu\n", dwError);
107 (
BYTE*)&dwServiceCurrent,
108 sizeof(dwServiceCurrent));
114 DPRINT1(
"RegSetValueExW() failed (Error %lu)\n", dwError);
120 dwServiceCurrent = 0;
125 L"\\\\.\\pipe\\net\\NtControlPipe%lu", dwServiceCurrent);
127 DPRINT(
"PipeName: %S\n", szControlPipeName);
129 SecurityAttributes.
nLength =
sizeof(SecurityAttributes);
140 &SecurityAttributes);
141 DPRINT(
"CreateNamedPipeW(%S) done\n", szControlPipeName);
144 DPRINT1(
"Failed to create control pipe!\n");
158 DPRINT(
"ScmGetServiceImageByImagePath(%S) called\n", lpImagePath);
172 ImageEntry = ImageEntry->
Flink;
175 DPRINT(
"Couldn't find a matching image\n");
204 if (CurrentService->
dwTag == InParams->dwTag &&
207 CurrentImage = CurrentService->
lpImage;
215 ServiceEntry = ServiceEntry->
Flink;
274 if (pszAccountName1 ==
NULL &&
275 pszAccountName2 ==
NULL)
278 if (pszAccountName1 ==
NULL &&
279 pszAccountName2 !=
NULL &&
280 _wcsicmp(pszAccountName2,
L"LocalSystem") == 0)
283 if (pszAccountName1 !=
NULL &&
284 pszAccountName2 ==
NULL &&
285 _wcsicmp(pszAccountName1,
L"LocalSystem") == 0)
288 if (pszAccountName1 !=
NULL &&
289 pszAccountName2 !=
NULL &&
290 _wcsicmp(pszAccountName1, pszAccountName2) == 0)
302 if (pszAccountName ==
NULL ||
303 _wcsicmp(pszAccountName,
L"LocalSystem") == 0)
320 DPRINT(
"ScmEnableBackupRestorePrivileges(%p %d)\n", hToken,
bEnable);
324 if (pTokenPrivileges ==
NULL)
326 DPRINT1(
"Failed to allocate the privilege buffer!\n");
345 DPRINT1(
"AdjustTokenPrivileges() succeeded, but with not all privileges assigned\n");
350 if (pTokenPrivileges !=
NULL)
370 DPRINT(
"ScmLogonService(%p %p)\n", pService, pImage);
371 DPRINT(
"Service %S\n", pService->lpServiceName);
381 pszUserName =
ptr + 1;
382 pszDomainName = pImage->pszAccountName;
387 pszUserName = pImage->pszAccountName;
388 pszDomainName =
NULL;
394 (
wcslen(pService->lpServiceName) + 5) *
sizeof(
WCHAR));
395 if (pszPassword ==
NULL)
402 wcscat(pszPassword, pService->lpServiceName);
404 DPRINT(
"Domain: %S User: %S Password: %S\n", pszDomainName, pszUserName, pszPassword);
415 DPRINT1(
"LogonUserW() failed (Error %lu)\n", dwError);
423 ZeroMemory(&ProfileInfo,
sizeof(ProfileInfo));
424 ProfileInfo.
dwSize =
sizeof(ProfileInfo);
440 DPRINT1(
"LoadUserProfileW() failed (Error %lu)\n", dwError);
444 pImage->hProfile = ProfileInfo.
hProfile;
447 if (pszPassword !=
NULL)
468 BOOL bSecurityService;
470 DPRINT(
"ScmCreateOrReferenceServiceImage(%p)\n", pService);
493 DPRINT1(
"RtlQueryRegistryValues() failed (Status %lx)\n",
Status);
497 DPRINT(
"ImagePath: '%wZ'\n", &ImagePath);
501 if (pServiceImage ==
NULL)
511 if (pServiceImage ==
NULL)
542 DPRINT1(
"ScmLogonService() failed (Error %lu)\n", dwError);
557 DPRINT1(
"ScmCreateNewControlPipe() failed (Error %lu)\n", dwError);
577 if (bSecurityService)
609 pService->
lpImage = pServiceImage;
615 DPRINT(
"ScmCreateOrReferenceServiceImage() done (Error: %lu)\n", dwError);
624 DPRINT1(
"ScmRemoveServiceImage() called\n");
662 DPRINT(
"ScmGetServiceEntryByName() called\n");
673 return CurrentService;
676 ServiceEntry = ServiceEntry->
Flink;
679 DPRINT(
"Couldn't find a matching service\n");
691 DPRINT(
"ScmGetServiceEntryByDisplayName() called\n");
702 return CurrentService;
705 ServiceEntry = ServiceEntry->
Flink;
708 DPRINT(
"Couldn't find a matching service\n");
720 DPRINT(
"ScmGetServiceEntryByResumeCount() called\n");
731 return CurrentService;
734 ServiceEntry = ServiceEntry->
Flink;
737 DPRINT(
"Couldn't find a matching service\n");
774 DPRINT(
"Service: '%S'\n", lpServiceName);
780 if (lpService ==
NULL)
783 *lpServiceRecord = lpService;
867 DWORD dwErrorControl;
870 DPRINT(
"Service: '%S'\n", lpServiceName);
871 if (*lpServiceName ==
L'{')
890 DPRINT(
"Service type: %lx\n", dwServiceType);
902 DPRINT(
"Start type: %lx\n", dwStartType);
914 DPRINT(
"Error control: %lx\n", dwErrorControl);
925 DPRINT(
"Tag: %lx\n", dwTagId);
933 DPRINT(
"Group: %S\n", lpGroup);
951 lpService->
dwTag = dwTagId;
971 DPRINT(
"Start %lx Type %lx Tag %lx ErrorControl %lx\n",
992 DPRINT(
"No security descriptor found! Assign default security descriptor!\n");
1005 if (lpGroup !=
NULL)
1011 if (lpService !=
NULL)
1033 ServiceEntry = ServiceEntry->
Flink;
1038 L"System\\CurrentControlSet\\Services",
1069 L"SYSTEM\\CurrentControlSet\\Control\\Windows",
1077 L"NoInteractiveServices",
1094 DWORD dwSubKeyLength;
1098 DPRINT(
"ScmCreateServiceDatabase() called\n");
1116 L"System\\CurrentControlSet\\Services",
1136 szSubKey[0] !=
L'{')
1138 DPRINT(
"SubKeyName: '%S'\n", szSubKey);
1168 DPRINT(
"ScmCreateServiceDatabase() done\n");
1177 DPRINT(
"ScmShutdownServiceDatabase() called\n");
1182 DPRINT(
"ScmShutdownServiceDatabase() done\n");
1198 DPRINT(
"ScmCheckDriver(%S) called\n",
Service->lpServiceName);
1254 DPRINT(
"Found: '%S' '%wZ'\n",
1261 Service->Status.dwServiceSpecificExitCode = 0;
1262 Service->Status.dwCheckPoint = 0;
1263 Service->Status.dwWaitHint = 0;
1290 DPRINT(
"ScmGetBootAndSystemDriverState() called\n");
1306 ServiceEntry = ServiceEntry->
Flink;
1309 DPRINT(
"ScmGetBootAndSystemDriverState() done\n");
1322 DWORD dwWriteCount = 0;
1323 DWORD dwReadCount = 0;
1330 DPRINT(
"ScmControlService() called\n");
1342 if (ControlPacket ==
NULL)
1365 if (bResult ==
FALSE)
1367 DPRINT(
"WriteFile() returned FALSE\n");
1372 DPRINT(
"dwError: ERROR_IO_PENDING\n");
1376 DPRINT(
"WaitForSingleObject() returned %lu\n", dwError);
1381 if (bResult ==
FALSE)
1395 if (bResult ==
FALSE)
1398 DPRINT1(
"GetOverlappedResult() failed (Error %lu)\n", dwError);
1406 DPRINT1(
"WriteFile() failed (Error %lu)\n", dwError);
1419 if (bResult ==
FALSE)
1421 DPRINT(
"ReadFile() returned FALSE\n");
1426 DPRINT(
"dwError: ERROR_IO_PENDING\n");
1430 DPRINT(
"WaitForSingleObject() returned %lu\n", dwError);
1435 if (bResult ==
FALSE)
1449 if (bResult ==
FALSE)
1452 DPRINT1(
"GetOverlappedResult() failed (Error %lu)\n", dwError);
1460 DPRINT1(
"ReadFile() failed (Error %lu)\n", dwError);
1473 dwError = ReplyPacket.
dwError;
1478 DPRINT(
"ScmControlService() done\n");
1498 DWORD dwWriteCount = 0;
1499 DWORD dwReadCount = 0;
1502 DPRINT(
"ScmSendStartCommand() called\n");
1531 if (ControlPacket ==
NULL)
1559 DPRINT(
"dwArgumentsCount: %lu\n", ControlPacket->dwArgumentsCount);
1560 DPRINT(
"dwArgumentsOffset: %lu\n", ControlPacket->dwArgumentsOffset);
1566 DPRINT(
"offset[%lu]: %p\n",
i, pOffPtr[
i]);
1576 if (bResult ==
FALSE)
1578 DPRINT(
"WriteFile() returned FALSE\n");
1583 DPRINT(
"dwError: ERROR_IO_PENDING\n");
1587 DPRINT(
"WaitForSingleObject() returned %lu\n", dwError);
1592 if (bResult ==
FALSE)
1606 if (bResult ==
FALSE)
1609 DPRINT1(
"GetOverlappedResult() failed (Error %lu)\n", dwError);
1617 DPRINT1(
"WriteFile() failed (Error %lu)\n", dwError);
1630 if (bResult ==
FALSE)
1632 DPRINT(
"ReadFile() returned FALSE\n");
1637 DPRINT(
"dwError: ERROR_IO_PENDING\n");
1641 DPRINT(
"WaitForSingleObject() returned %lu\n", dwError);
1646 if (bResult ==
FALSE)
1660 if (bResult ==
FALSE)
1663 DPRINT1(
"GetOverlappedResult() failed (Error %lu)\n", dwError);
1671 DPRINT1(
"ReadFile() failed (Error %lu)\n", dwError);
1684 dwError = ReplyPacket.
dwError;
1687 DPRINT(
"ScmSendStartCommand() done\n");
1697 DWORD dwProcessId = 0;
1703 WCHAR szBuffer1[20];
1704 WCHAR szBuffer2[20];
1707 DPRINT(
"ScmWaitForServiceConnect()\n");
1713 if (bResult ==
FALSE)
1715 DPRINT(
"ConnectNamedPipe() returned FALSE\n");
1720 DPRINT(
"dwError: ERROR_IO_PENDING\n");
1724 DPRINT(
"WaitForSingleObject() returned %lu\n", dwError);
1728 DPRINT(
"WaitForSingleObject() returned WAIT_TIMEOUT\n");
1731 if (bResult ==
FALSE)
1738 lpLogStrings[0] =
Service->lpDisplayName;
1739 lpLogStrings[1] = szBuffer1;
1746 DPRINT1(
"Log EVENT_CONNECTION_TIMEOUT by %S\n",
Service->lpDisplayName);
1756 if (bResult ==
FALSE)
1759 DPRINT1(
"GetOverlappedResult failed (Error %lu)\n", dwError);
1767 DPRINT1(
"ConnectNamedPipe failed (Error %lu)\n", dwError);
1772 DPRINT(
"Control pipe connected!\n");
1782 if (bResult ==
FALSE)
1784 DPRINT(
"ReadFile() returned FALSE\n");
1789 DPRINT(
"dwError: ERROR_IO_PENDING\n");
1795 DPRINT(
"WaitForSingleObject() returned WAIT_TIMEOUT\n");
1798 if (bResult ==
FALSE)
1805 lpLogStrings[0] = szBuffer1;
1812 DPRINT1(
"Log EVENT_READFILE_TIMEOUT by %S\n",
Service->lpDisplayName);
1818 DPRINT(
"WaitForSingleObject() returned WAIT_OBJECT_0\n");
1820 DPRINT(
"Process Id: %lu\n", dwProcessId);
1826 if (bResult ==
FALSE)
1829 DPRINT1(
"GetOverlappedResult() failed (Error %lu)\n", dwError);
1836 DPRINT1(
"WaitForSingleObject() returned %lu\n", dwError);
1841 DPRINT1(
"ReadFile() failed (Error %lu)\n", dwError);
1847 (dwProcessId !=
Service->lpImage->dwProcessId))
1851 _ultow(dwProcessId, szBuffer2, 10);
1853 lpLogStrings[0] =
Service->lpDisplayName;
1854 lpLogStrings[1] = szBuffer1;
1855 lpLogStrings[2] = szBuffer2;
1863 DPRINT1(
"Log EVENT_SERVICE_DIFFERENT_PID_CONNECTED by %S\n",
Service->lpDisplayName);
1866 DPRINT(
"ScmWaitForServiceConnect() done\n");
1886 if (
Service->lpImage->dwImageRunCount > 1)
1893 ZeroMemory(&StartupInfo,
sizeof(StartupInfo));
1894 StartupInfo.
cb =
sizeof(StartupInfo);
1895 ZeroMemory(&ProcessInformation,
sizeof(ProcessInformation));
1904 DPRINT1(
"CreateEnvironmentBlock() failed with error %d; service '%S' will run with the current environment.\n",
1906 lpEnvironment =
NULL;
1916 Service->lpImage->pszImagePath,
1924 &ProcessInformation);
1934 DPRINT1(
"ImpersonateLoggedOnUser() failed with error %d\n", dwError);
1944 DPRINT1(
"CreateEnvironmentBlock() failed with error %d; service '%S' will run with the current environment.\n",
1946 lpEnvironment =
NULL;
1960 Service->lpImage->pszImagePath,
1968 &ProcessInformation);
1984 DPRINT1(
"Starting '%S' failed with error %d\n",
1985 Service->lpServiceName, dwError);
1989 DPRINT(
"Process Id: %lu Handle %p\n",
1992 DPRINT(
"Thread Id: %lu Handle %p\n",
2008 DPRINT1(
"Connecting control pipe failed! (Error %lu)\n", dwError);
2009 Service->lpImage->dwProcessId = 0;
2026 WCHAR szLogBuffer[80];
2028 DPRINT(
"ScmLoadService() called\n");
2033 DPRINT(
"Service %S is already running!\n",
Service->lpServiceName);
2037 DPRINT(
"Service->Type: %lu\n",
Service->Status.dwServiceType);
2054 Service->Status.dwControlsAccepted = 0;
2058 Service->lpImage->dwImageRunCount--;
2059 if (
Service->lpImage->dwImageRunCount == 0)
2068 DPRINT(
"ScmLoadService() done (Error %lu)\n", dwError);
2079 lpLogStrings[0] =
Service->lpDisplayName;
2080 lpLogStrings[1] = szLogBuffer;
2094 lpLogStrings[0] =
Service->lpServiceName;
2095 lpLogStrings[1] = szLogBuffer;
2103 switch (
Service->dwErrorControl)
2106 if (IsLastKnownGood ==
FALSE)
2113 if (IsLastKnownGood ==
FALSE)
2138 DPRINT(
"ScmStartService() called\n");
2164 DPRINT(
"ScmStartService() done (Error %lu)\n", dwError);
2179 DWORD SafeBootEnabled;
2192 L"SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Option",
2198 dwKeySize =
sizeof(SafeBootEnabled);
2203 (
LPBYTE)&SafeBootEnabled,
2210 SafeBootEnabled = 0;
2223 L"SYSTEM\\CurrentControlSet\\Control\\SafeBoot");
2225 switch (SafeBootEnabled)
2240 if (SafeBootEnabled != 0)
2244 szSafeBootServicePath,
2258 szSafeBootServicePath,
2276 DPRINT1(
"WARNING: Could not open the associated Safe Boot key!");
2281 ServiceEntry = ServiceEntry->
Flink;
2300 if ((CurrentService->
lpGroup == CurrentGroup) &&
2309 ServiceEntry = ServiceEntry->
Flink;
2319 if ((CurrentService->
lpGroup == CurrentGroup) &&
2327 ServiceEntry = ServiceEntry->
Flink;
2330 GroupEntry = GroupEntry->
Flink;
2347 ServiceEntry = ServiceEntry->
Flink;
2364 ServiceEntry = ServiceEntry->
Flink;
2373 ServiceEntry = ServiceEntry->
Flink;
2387 DPRINT(
"ScmAutoShutdownServices() called\n");
2409 ServiceEntry = ServiceEntry->
Flink;
2415 DPRINT(
"ScmAutoShutdownServices() done\n");
2450 L"SYSTEM\\CurrentControlSet\\Control",
2458 L"ServicesPipeTimeout",
#define ERROR_INVALID_PARAMETER
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
static PSERVICE_IMAGE ScmGetServiceImageByImagePath(LPWSTR lpImagePath)
BOOL WINAPI WriteFile(IN HANDLE hFile, IN LPCVOID lpBuffer, IN DWORD nNumberOfBytesToWrite OPTIONAL, OUT LPDWORD lpNumberOfBytesWritten, IN LPOVERLAPPED lpOverlapped OPTIONAL)
_In_ PCWSTR _Inout_ _At_ QueryTable _Pre_unknown_ PRTL_QUERY_REGISTRY_TABLE QueryTable
VOID ScmAutoStartServices(VOID)
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ ULONG BufferLength
#define SERVICE_ERROR_IGNORE
#define SERVICE_SYSTEM_START
_CRTIMP wchar_t *__cdecl _ultow(_In_ unsigned long _Value, _Pre_notnull_ _Post_z_ wchar_t *_Dest, _In_ int _Radix)
DWORD dwServiceNameOffset
NTSYSAPI VOID NTAPI RtlDeleteResource(_In_ PRTL_RESOURCE Resource)
PSERVICE ScmGetServiceEntryByName(LPCWSTR lpServiceName)
DWORD ScmDeleteRegKey(_In_ HKEY hKey, _In_ PCWSTR pszSubKey)
#define STATUS_NO_MORE_ENTRIES
LIST_ENTRY ImageListEntry
#define ALIGN_UP(size, type)
_In_ UCHAR _In_ ULONG _Out_ PUCHAR _Outptr_result_bytebuffer_ OutBufferLength PVOID * OutBuffer
NTSYSAPI NTSTATUS WINAPI RtlQueryRegistryValues(ULONG, PCWSTR, PRTL_QUERY_REGISTRY_TABLE, PVOID, PVOID)
#define ERROR_SERVICE_DISABLED
#define CREATE_UNICODE_ENVIRONMENT
#define PIPE_TYPE_MESSAGE
SERVICE_STATUS_HANDLE hServiceStatus
BOOL WINAPI GetOverlappedResult(IN HANDLE hFile, IN LPOVERLAPPED lpOverlapped, OUT LPDWORD lpNumberOfBytesTransferred, IN BOOL bWait)
BOOL WINAPI RevertToSelf(VOID)
_CONST_RETURN wchar_t *__cdecl wcsstr(_In_z_ const wchar_t *_Str, _In_z_ const wchar_t *_SubStr)
BOOL ScmLockDatabaseExclusive(VOID)
static BOOL ScmEnableBackupRestorePrivileges(_In_ HANDLE hToken, _In_ BOOL bEnable)
static RTL_RESOURCE DatabaseLock
NTSYSAPI BOOLEAN NTAPI RtlAcquireResourceShared(_In_ PRTL_RESOURCE Resource, _In_ BOOLEAN Wait)
#define SERVICE_INTERACTIVE_PROCESS
NTSTATUS NTAPI NtOpenDirectoryObject(OUT PHANDLE DirectoryHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes)
VOID ScmAutoShutdownServices(VOID)
_Must_inspect_result_ _In_ PFSRTL_PER_STREAM_CONTEXT Ptr
#define ERROR_SERVICE_REQUEST_TIMEOUT
BOOL ScmLockDatabaseShared(VOID)
#define SERVICE_ACCEPT_STOP
#define SE_RESTORE_PRIVILEGE
#define ERROR_NOT_ENOUGH_MEMORY
#define INVALID_HANDLE_VALUE
DWORD WINAPI GetLastError(VOID)
DWORD SetSecurityServicesEvent(VOID)
#define SERVICE_START_PENDING
DWORD dwServiceSpecificExitCode
#define SERVICE_CONTROL_START_SHARE
#define REG_OPENED_EXISTING_KEY
_In_ PVOID _Out_opt_ PULONG_PTR _Outptr_opt_ PCUNICODE_STRING * ObjectName
void WINAPI EnterCriticalSection(LPCRITICAL_SECTION)
#define InsertTailList(ListHead, Entry)
BOOL WINAPI CreateEnvironmentBlock(OUT LPVOID *lpEnvironment, IN HANDLE hToken, IN BOOL bInherit)
#define RTL_REGISTRY_SERVICES
DWORD ScmStartDriver(PSERVICE pService)
DWORD ScmStartService(PSERVICE Service, DWORD argc, LPWSTR *argv)
NTSTATUS NTAPI NtQueryDirectoryObject(IN HANDLE DirectoryHandle, OUT PVOID Buffer, IN ULONG BufferLength, IN BOOLEAN ReturnSingleEntry, IN BOOLEAN RestartScan, IN OUT PULONG Context, OUT PULONG ReturnLength OPTIONAL)
#define ERROR_SERVICE_NEVER_STARTED
int WINAPI LoadStringW(_In_opt_ HINSTANCE hInstance, _In_ UINT uID, _Out_writes_to_(cchBufferMax, return+1) LPWSTR lpBuffer, _In_ int cchBufferMax)
NTSYSAPI VOID NTAPI RtlReleaseResource(_In_ PRTL_RESOURCE Resource)
BOOL WINAPI UnloadUserProfile(_In_ HANDLE hToken, _In_ HANDLE hProfile)
LONG WINAPI RegCreateKeyExW(_In_ HKEY hKey, _In_ LPCWSTR lpSubKey, _In_ DWORD Reserved, _In_opt_ LPWSTR lpClass, _In_ DWORD dwOptions, _In_ REGSAM samDesired, _In_opt_ LPSECURITY_ATTRIBUTES lpSecurityAttributes, _Out_ PHKEY phkResult, _Out_opt_ LPDWORD lpdwDisposition)
STRSAFEAPI StringCchCatW(STRSAFE_LPWSTR pszDest, size_t cchDest, STRSAFE_LPCWSTR pszSrc)
static DWORD ScmLogonService(IN PSERVICE pService, IN PSERVICE_IMAGE pImage)
#define IDS_SERVICE_START
FORCEINLINE BOOLEAN RemoveEntryList(_In_ PLIST_ENTRY Entry)
static NTSTATUS ScmCheckDriver(PSERVICE Service)
VOID ScmGetBootAndSystemDriverState(VOID)
DWORD WINAPI WaitForSingleObject(IN HANDLE hHandle, IN DWORD dwMilliseconds)
#define SE_PRIVILEGE_ENABLED
struct _SERVICE_IMAGE SERVICE_IMAGE
static BOOL bSecurityServiceProcess
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
LONG WINAPI RegCloseKey(HKEY hKey)
#define EVENTLOG_ERROR_TYPE
#define ERROR_DIFFERENT_SERVICE_ACCOUNT
static BOOL ScmIsLocalSystemAccount(_In_ PCWSTR pszAccountName)
DWORD ScmAcquireServiceStartLock(IN BOOL IsServiceController, OUT LPSC_RPC_LOCK lpLock)
STRSAFEAPI StringCchCopyW(STRSAFE_LPWSTR pszDest, size_t cchDest, STRSAFE_LPCWSTR pszSrc)
#define STARTF_INHERITDESKTOP
static DWORD CreateServiceListEntry(LPCWSTR lpServiceName, HKEY hServiceKey)
BOOL WINAPI LogonUserW(_In_ LPWSTR lpszUsername, _In_opt_ LPWSTR lpszDomain, _In_opt_ LPWSTR lpszPassword, _In_ DWORD dwLogonType, _In_ DWORD dwLogonProvider, _Out_opt_ PHANDLE phToken)
BOOL WINAPI CancelIo(IN HANDLE hFile)
struct _TOKEN_PRIVILEGES TOKEN_PRIVILEGES
VOID WINAPI InitializeCriticalSection(OUT LPCRITICAL_SECTION lpCriticalSection)
static CRITICAL_SECTION ControlServiceCriticalSection
DWORD ScmGetServiceNameFromTag(IN PTAG_INFO_NAME_FROM_TAG_IN_PARAMS InParams, OUT PTAG_INFO_NAME_FROM_TAG_OUT_PARAMS *OutParams)
DWORD ScmSetServiceGroup(PSERVICE lpService, LPCWSTR lpGroupName)
_At_(*)(_In_ PWSK_CLIENT Client, _In_opt_ PUNICODE_STRING NodeName, _In_opt_ PUNICODE_STRING ServiceName, _In_opt_ ULONG NameSpace, _In_opt_ GUID *Provider, _In_opt_ PADDRINFOEXW Hints, _Outptr_ PADDRINFOEXW *Result, _In_opt_ PEPROCESS OwningProcess, _In_opt_ PETHREAD OwningThread, _Inout_ PIRP Irp Result)(Mem)) NTSTATUS(WSKAPI *PFN_WSK_GET_ADDRESS_INFO
_In_ ULONG _In_opt_ WDFREQUEST _In_opt_ PVOID _In_ size_t _In_ PVOID _In_ size_t _Out_ size_t * DataLength
#define SERVICE_CONTROL_START_OWN
#define SERVICE_BOOT_START
BOOL WINAPI ImpersonateLoggedOnUser(HANDLE hToken)
#define LOGON32_LOGON_SERVICE
#define SERVICE_FILE_SYSTEM_DRIVER
#define SERVICE_WIN32_OWN_PROCESS
#define EVENT_SERVICE_START_FAILED
PFLT_MESSAGE_WAITER_QUEUE CONTAINING_RECORD(Csq, DEVICE_EXTENSION, IrpQueue)) -> WaiterQ.mLock) _IRQL_raises_(DISPATCH_LEVEL) VOID NTAPI FltpAcquireMessageWaiterLock(_In_ PIO_CSQ Csq, _Out_ PKIRQL Irql)
BOOL WINAPI DECLSPEC_HOTPATCH CreateProcessW(LPCWSTR lpApplicationName, LPWSTR lpCommandLine, LPSECURITY_ATTRIBUTES lpProcessAttributes, LPSECURITY_ATTRIBUTES lpThreadAttributes, BOOL bInheritHandles, DWORD dwCreationFlags, LPVOID lpEnvironment, LPCWSTR lpCurrentDirectory, LPSTARTUPINFOW lpStartupInfo, LPPROCESS_INFORMATION lpProcessInformation)
#define EVENT_READFILE_TIMEOUT
#define DIRECTORY_TRAVERSE
static SERVICE_STATUS_HANDLE(WINAPI *pRegisterServiceCtrlHandlerExA)(LPCSTR
static DWORD ScmCreateNewControlPipe(_In_ PSERVICE_IMAGE pServiceImage, _In_ BOOL bSecurityServiceProcess)
static HANDLE hServicesKey
LONG WINAPI RegSetValueExW(_In_ HKEY hKey, _In_ LPCWSTR lpValueName, _In_ DWORD Reserved, _In_ DWORD dwType, _In_ CONST BYTE *lpData, _In_ DWORD cbData)
struct _LIST_ENTRY * Flink
PSERVICE ScmGetServiceEntryByDisplayName(LPCWSTR lpDisplayName)
LIST_ENTRY ServiceListEntry
#define SERVICE_ACCEPT_SHUTDOWN
NTSYSAPI VOID NTAPI RtlInitializeResource(_In_ PRTL_RESOURCE Resource)
VOID ScmLogEvent(DWORD dwEventId, WORD wType, WORD wStrings, LPCWSTR *lpStrings)
static DWORD ScmLoadService(PSERVICE Service, DWORD argc, LPWSTR *argv)
PVOID WINAPI HeapAlloc(HANDLE, DWORD, SIZE_T)
#define EVENTLOG_INFORMATION_TYPE
_CONST_RETURN wchar_t *__cdecl wcschr(_In_z_ const wchar_t *_Str, wchar_t _Ch)
LONG WINAPI RegQueryValueExW(_In_ HKEY hkeyorg, _In_ LPCWSTR name, _In_ LPDWORD reserved, _In_ LPDWORD type, _In_ LPBYTE data, _In_ LPDWORD count)
void WINAPI DeleteCriticalSection(PCRITICAL_SECTION)
#define EVENTLOG_WARNING_TYPE
#define NT_SUCCESS(StatCode)
#define EVENT_SERVICE_CONTROL_SUCCESS
_In_ WDFCOLLECTION _In_ ULONG Index
#define PIPE_ACCESS_DUPLEX
NTSYSAPI VOID NTAPI RtlFreeUnicodeString(PUNICODE_STRING UnicodeString)
NTSTATUS NTAPI NtClose(IN HANDLE Handle)
LIST_ENTRY ServiceListHead
#define SERVICE_WIN32_SHARE_PROCESS
DWORD ScmReleaseServiceStartLock(IN OUT LPSC_RPC_LOCK lpLock)
_CRTIMP wchar_t *__cdecl wcscpy(_Out_writes_z_(_String_length_(_Source)+1) wchar_t *_Dest, _In_z_ const wchar_t *_Source)
BOOL WINAPI DestroyEnvironmentBlock(IN LPVOID lpEnvironment)
#define ERROR_PIPE_CONNECTED
BOOL ScmIsDeleteFlagSet(HKEY hServiceKey)
DWORD ScmReadString(HKEY hServiceKey, LPCWSTR lpValueName, LPWSTR *lpValue)
PSECURITY_DESCRIPTOR pSecurityDescriptor
static const WCHAR Cleanup[]
VOID ScmInitNamedPipeCriticalSection(VOID)
SERVICE_STATUS_HANDLE hServiceStatus
VOID ScmDeleteNamedPipeCriticalSection(VOID)
BOOL WINAPI AdjustTokenPrivileges(HANDLE TokenHandle, BOOL DisableAllPrivileges, PTOKEN_PRIVILEGES NewState, DWORD BufferLength, PTOKEN_PRIVILEGES PreviousState, PDWORD ReturnLength)
BOOL WINAPI DECLSPEC_HOTPATCH CreateProcessAsUserW(_In_opt_ HANDLE hToken, _In_opt_ LPCWSTR lpApplicationName, _Inout_opt_ LPWSTR lpCommandLine, _In_opt_ LPSECURITY_ATTRIBUTES lpProcessAttributes, _In_opt_ LPSECURITY_ATTRIBUTES lpThreadAttributes, _In_ BOOL bInheritHandles, _In_ DWORD dwCreationFlags, _In_opt_ LPVOID lpEnvironment, _In_opt_ LPCWSTR lpCurrentDirectory, _In_ LPSTARTUPINFOW lpStartupInfo, _Out_ LPPROCESS_INFORMATION lpProcessInformation)
struct _OBJECT_DIRECTORY_INFORMATION OBJECT_DIRECTORY_INFORMATION
#define ERROR_INVALID_DATA
PSERVICE ScmGetServiceEntryByResumeCount(DWORD dwResumeCount)
#define ERROR_SERVICE_LOGON_FAILED
#define PIPE_READMODE_MESSAGE
#define EVENT_CONNECTION_TIMEOUT
DWORD ScmWriteSecurityDescriptor(_In_ HKEY hServiceKey, _In_ PSECURITY_DESCRIPTOR pSecurityDescriptor)
static DWORD ScmSendStartCommand(PSERVICE Service, DWORD argc, LPWSTR *argv)
LPVOID lpSecurityDescriptor
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
DWORD ScmCreateNewServiceRecord(LPCWSTR lpServiceName, PSERVICE *lpServiceRecord, DWORD dwServiceType, DWORD dwStartType)
#define InitializeListHead(ListHead)
STRSAFEAPI StringCchPrintfW(STRSAFE_LPWSTR pszDest, size_t cchDest, STRSAFE_LPCWSTR pszFormat,...)
#define SERVICE_ERROR_SEVERE
#define FIELD_OFFSET(t, f)
#define ALIGN_UP_POINTER(ptr, type)
#define ReadFile(a, b, c, d, e)
_CRTIMP wchar_t *__cdecl wcscat(_Inout_updates_z_(_String_length_(_Dest)+_String_length_(_Source)+1) wchar_t *_Dest, _In_z_ const wchar_t *_Source)
DWORD ScmCreateServiceDatabase(VOID)
_CRTIMP size_t __cdecl wcslen(_In_z_ const wchar_t *_Str)
LUID_AND_ATTRIBUTES Privileges[ANYSIZE_ARRAY]
#define ERROR_NOT_ALL_ASSIGNED
#define SERVICE_AUTO_START
VOID ScmDeleteServiceRecord(PSERVICE lpService)
static DWORD ScmCreateOrReferenceServiceImage(PSERVICE pService)
VOID ScmUnlockDatabase(VOID)
_Must_inspect_result_ _In_opt_ PWDF_OBJECT_ATTRIBUTES _Out_ WDFWAITLOCK * Lock
DWORD WINAPI ResumeThread(IN HANDLE hThread)
BOOL WINAPI LoadUserProfileW(_In_ HANDLE hToken, _Inout_ LPPROFILEINFOW lpProfileInfo)
LONG WINAPI RegOpenKeyExW(HKEY hKey, LPCWSTR lpSubKey, DWORD ulOptions, REGSAM samDesired, PHKEY phkResult)
PSECURITY_DESCRIPTOR pPipeSD
static DWORD ScmStartUserModeService(PSERVICE Service, DWORD argc, LPWSTR *argv)
#define EVENT_SERVICE_DIFFERENT_PID_CONNECTED
#define SE_BACKUP_PRIVILEGE
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
#define RtlZeroMemory(Destination, Length)
static BOOL ScmIsSameServiceAccount(_In_ PCWSTR pszAccountName1, _In_ PCWSTR pszAccountName2)
_In_ PFCB _In_ PCD_NAME DirName
#define InitializeObjectAttributes(p, n, a, r, s)
#define SERVICE_ERROR_CRITICAL
void *__RPC_USER MIDL_user_allocate(SIZE_T size)
static VOID ScmGetNoInteractiveServicesValue(VOID)
LONG WINAPI RegEnumKeyExW(_In_ HKEY hKey, _In_ DWORD dwIndex, _Out_ LPWSTR lpName, _Inout_ LPDWORD lpcbName, _Reserved_ LPDWORD lpReserved, _Out_opt_ LPWSTR lpClass, _Inout_opt_ LPDWORD lpcbClass, _Out_opt_ PFILETIME lpftLastWriteTime)
#define REG_OPTION_VOLATILE
DWORD ScmCreateDefaultServiceSD(PSECURITY_DESCRIPTOR *ppSecurityDescriptor)
void WINAPI LeaveCriticalSection(LPCRITICAL_SECTION)
#define LOGON32_PROVIDER_DEFAULT
HANDLE WINAPI CreateNamedPipeW(LPCWSTR lpName, DWORD dwOpenMode, DWORD dwPipeMode, DWORD nMaxInstances, DWORD nOutBufferSize, DWORD nInBufferSize, DWORD nDefaultTimeOut, LPSECURITY_ATTRIBUTES lpSecurityAttributes)
#define FILE_FLAG_OVERLAPPED
struct _SCM_CONTROL_PACKET SCM_CONTROL_PACKET
DWORD ScmControlService(HANDLE hControlPipe, PWSTR pServiceName, SERVICE_STATUS_HANDLE hServiceStatus, DWORD dwControl)
#define ERROR_SERVICE_ALREADY_RUNNING
static DWORD ScmWaitForServiceConnect(PSERVICE Service)
void __RPC_USER MIDL_user_free(void *p)
#define RTL_QUERY_REGISTRY_REQUIRED
DWORD ScmCreateGroupList(VOID)
VOID ScmShutdownServiceDatabase(VOID)
DWORD ScmGenerateServiceTag(PSERVICE lpServiceRecord)
VOID ScmDeleteMarkedServices(VOID)
DWORD ScmReadSecurityDescriptor(_In_ HKEY hServiceKey, _Out_ PSECURITY_DESCRIPTOR *ppSecurityDescriptor)
_In_ LPCSTR _Out_writes_to_opt_ cchDisplayName LPSTR lpDisplayName
BOOL WINAPI ConnectNamedPipe(IN HANDLE hNamedPipe, IN LPOVERLAPPED lpOverlapped)
#define HeapFree(x, y, z)
PSDBQUERYRESULT_VISTA PVOID DWORD * dwSize
_Check_return_ _CRTIMP int __cdecl _wcsicmp(_In_z_ const wchar_t *_Str1, _In_z_ const wchar_t *_Str2)
#define RTL_QUERY_REGISTRY_DIRECT
#define SERVICE_CONTROL_SHUTDOWN
#define HKEY_LOCAL_MACHINE
VOID ScmRemoveServiceImage(PSERVICE_IMAGE pServiceImage)
static DWORD NoInteractiveServices
#define SERVICE_KERNEL_DRIVER
static BOOL ScmIsSecurityService(_In_ PSERVICE_IMAGE pServiceImage)
NTSYSAPI BOOLEAN NTAPI RtlAcquireResourceExclusive(_In_ PRTL_RESOURCE Resource, _In_ BOOLEAN Wait)