dd/da7/aux__klib_8c_source.html

/*

 * PROJECT:     ReactOS SDK: Auxiliary Kernel-Mode Library

 * LICENSE:     BSD-2-Clause-Views (https://spdx.org/licenses/BSD-2-Clause-Views)

 * PURPOSE:     Main source file

 * COPYRIGHT:   Copyright 2019-2020 Max Korostil <mrmks04@yandex.ru>

 *              Copyright 2021 Victor Perevertkin <victor.perevertkin@reactos.org>

 */


#include <ntifs.h>

#include <ntintsafe.h>

#include <ndk/ntndk.h>

#include <pseh/pseh2.h>

#include <aux_klib.h>


#define TAG_AUXK 'AuxK'


typedef NTSTATUS (NTAPI *PFN_RTLQUERYMODULEINFORMATION)(PULONG, ULONG, PVOID);


PFN_RTLQUERYMODULEINFORMATION pfnRtlQueryModuleInformation;

LONG gKlibInitialized = 0;


CODE_SEG("PAGE")

NTSTATUS

NTAPI

AuxKlibInitialize(VOID)

{

    RTL_OSVERSIONINFOW osVersion;

    UNICODE_STRING strRtlQueryModuleInformation = RTL_CONSTANT_STRING(L"RtlQueryModuleInformation");


    PAGED_CODE();


    if (!gKlibInitialized)

    {

        RtlGetVersion(&osVersion);

        if (osVersion.dwMajorVersion >= 5)

        {

            pfnRtlQueryModuleInformation = MmGetSystemRoutineAddress(&strRtlQueryModuleInformation);

            InterlockedExchange(&gKlibInitialized, 1);

        }

        else

        {

            return STATUS_NOT_SUPPORTED;

        }

    }


    return STATUS_SUCCESS;

}


CODE_SEG("PAGE")

NTSTATUS

NTAPI

AuxKlibQueryModuleInformation(

    _In_ PULONG InformationLength,

    _In_ ULONG SizePerModule,

    _Inout_ PAUX_MODULE_EXTENDED_INFO ModuleInfo)

{

    NTSTATUS status;


    PAGED_CODE();


    if (gKlibInitialized != 1)

    {

        return STATUS_UNSUCCESSFUL;

    }


    // if we have the function exported from the kernel, use it

    if (pfnRtlQueryModuleInformation != NULL)

    {

        return pfnRtlQueryModuleInformation(InformationLength, SizePerModule, ModuleInfo);

    }


    if (SizePerModule != sizeof(AUX_MODULE_BASIC_INFO) &&

        SizePerModule != sizeof(AUX_MODULE_EXTENDED_INFO))

    {

        return STATUS_INVALID_PARAMETER_2;

    }


    if ((ULONG_PTR)ModuleInfo & (TYPE_ALIGNMENT(AUX_MODULE_EXTENDED_INFO) - 1))

    {

        return STATUS_INVALID_PARAMETER_3;

    }


    // first call the function with a place for only 1 module

    RTL_PROCESS_MODULES processModulesMinimal;

    PRTL_PROCESS_MODULES processModules = &processModulesMinimal;

    ULONG sysInfoLength = sizeof(processModulesMinimal);

    ULONG resultLength;


    // loop until we have a large-enough buffer for all modules

    do

    {

        status = ZwQuerySystemInformation(SystemModuleInformation,

                                          processModules,

                                          sysInfoLength,

                                          &resultLength);


        if (status == STATUS_INFO_LENGTH_MISMATCH)

        {

            // free the old buffer if it's not the first one

            if (processModules != &processModulesMinimal)

            {

                ExFreePoolWithTag(processModules, TAG_AUXK);

            }


            _SEH2_TRY

            {

                // allocate the new one

                processModules = ExAllocatePoolWithQuotaTag(PagedPool, resultLength, TAG_AUXK);

            }

            _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)

            {

                _SEH2_YIELD(return _SEH2_GetExceptionCode());

            }

            _SEH2_END;


            if (!processModules)

            {

                return STATUS_INSUFFICIENT_RESOURCES;

            }

            sysInfoLength = resultLength;

        }


    } while (status == STATUS_INFO_LENGTH_MISMATCH);


    if (!NT_SUCCESS(status))

    {

        goto Cleanup;

    }


    ULONG modulesSize;

    status = RtlULongMult(SizePerModule, processModules->NumberOfModules, &modulesSize);

    if (!NT_SUCCESS(status))

    {

        goto Cleanup;

    }


    if (ModuleInfo == NULL)

    {

        ASSERT(status == STATUS_SUCCESS);

        *InformationLength = modulesSize;

        goto Cleanup;

    }


    if (*InformationLength < modulesSize)

    {

        status = STATUS_BUFFER_TOO_SMALL;

        *InformationLength = modulesSize;

        goto Cleanup;

    }


    // copy the information to the input array

    for (UINT32 i = 0; i < processModules->NumberOfModules; i++)

    {

        ModuleInfo[i].BasicInfo.ImageBase = processModules->Modules[i].ImageBase;


        if (SizePerModule == sizeof(AUX_MODULE_EXTENDED_INFO))

        {

            ModuleInfo[i].ImageSize = processModules->Modules[i].ImageSize;

            ModuleInfo[i].FileNameOffset = processModules->Modules[i].OffsetToFileName;

            RtlCopyMemory(&ModuleInfo[i].FullPathName,

                          processModules->Modules[i].FullPathName,

                          sizeof(processModules->Modules[i].FullPathName));

        }

    }


Cleanup:

    // don't accidentally free the stack buffer

    if (processModules != NULL && processModules != &processModulesMinimal)

    {

        ExFreePoolWithTag(processModules, TAG_AUXK);

    }


    return status;

}


NTSTATUS

AuxKlibGetBugCheckData(

    _Inout_ PKBUGCHECK_DATA BugCheckData)

{

    if (BugCheckData->BugCheckDataSize != sizeof(*BugCheckData))

    {

        return STATUS_INFO_LENGTH_MISMATCH;

    }


    BugCheckData->BugCheckCode = KiBugCheckData[0];

    BugCheckData->Parameter1 = KiBugCheckData[1];

    BugCheckData->Parameter2 = KiBugCheckData[2];

    BugCheckData->Parameter3 = KiBugCheckData[3];

    BugCheckData->Parameter4 = KiBugCheckData[4];


    return STATUS_SUCCESS;

}


PIMAGE_EXPORT_DIRECTORY

AuxKlibGetImageExportDirectory(

    _In_ PVOID ImageBase)

{

    ULONG size;

    return RtlImageDirectoryEntryToData(ImageBase, TRUE, IMAGE_DIRECTORY_ENTRY_EXPORT, &size);

}


_IRQL_requires_max_(PASSIVE_LEVEL)

CODE_SEG("PAGE")

NTSTATUS

NTAPI

AuxKlibEnumerateSystemFirmwareTables (

    _In_ ULONG FirmwareTableProviderSignature,

    _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PVOID FirmwareTableBuffer,

    _In_ ULONG BufferLength,

    _Out_opt_ PULONG ReturnLength)

{

    return STATUS_NOT_IMPLEMENTED;

}


_IRQL_requires_max_(PASSIVE_LEVEL)

CODE_SEG("PAGE")

NTSTATUS

NTAPI

AuxKlibGetSystemFirmwareTable (

    _In_ ULONG FirmwareTableProviderSignature,

    _In_ ULONG FirmwareTableID,

    _Out_writes_bytes_to_opt_(BufferLength, *ReturnLength) PVOID FirmwareTableBuffer,

    _In_ ULONG BufferLength,

    _Out_opt_ PULONG ReturnLength)

{

    return STATUS_NOT_IMPLEMENTED;

}

PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_EvalMethod.c:87

CODE_SEG
#define CODE_SEG(...)
Definition: Bus_PDO_EvalMethod.c:88

BugCheckData
static tBugCheckData BugCheckData
Definition: ParaNdis-Debug.c:274

UINT32
unsigned int UINT32
Definition: ProcessorBind.h:163

InterlockedExchange
#define InterlockedExchange
Definition: armddk.h:54

AuxKlibGetImageExportDirectory
PIMAGE_EXPORT_DIRECTORY AuxKlibGetImageExportDirectory(_In_ PVOID ImageBase)
Definition: aux_klib.c:196

AuxKlibInitialize
NTSTATUS NTAPI AuxKlibInitialize(VOID)
Definition: aux_klib.c:26

TAG_AUXK
#define TAG_AUXK
Definition: aux_klib.c:15

AuxKlibGetBugCheckData
NTSTATUS AuxKlibGetBugCheckData(_Inout_ PKBUGCHECK_DATA BugCheckData)
Definition: aux_klib.c:178

PFN_RTLQUERYMODULEINFORMATION
NTSTATUS(NTAPI * PFN_RTLQUERYMODULEINFORMATION)(PULONG, ULONG, PVOID)
Definition: aux_klib.c:17

AuxKlibQueryModuleInformation
NTSTATUS NTAPI AuxKlibQueryModuleInformation(_In_ PULONG InformationLength, _In_ ULONG SizePerModule, _Inout_ PAUX_MODULE_EXTENDED_INFO ModuleInfo)
Definition: aux_klib.c:53

gKlibInitialized
LONG gKlibInitialized
Definition: aux_klib.c:20

pfnRtlQueryModuleInformation
PFN_RTLQUERYMODULEINFORMATION pfnRtlQueryModuleInformation
Definition: aux_klib.c:19

aux_klib.h

SizePerModule
_In_ ULONG SizePerModule
Definition: aux_klib.h:64

FirmwareTableID
_In_ ULONG FirmwareTableID
Definition: aux_klib.h:91

ModuleInfo
_In_ ULONG _Out_writes_bytes_opt_ InformationLength PAUX_MODULE_EXTENDED_INFO ModuleInfo
Definition: aux_klib.h:65

NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26

KiBugCheckData
ULONG_PTR KiBugCheckData[5]
Definition: bug.c:31

NULL
#define NULL
Definition: types.h:112

TRUE
#define TRUE
Definition: types.h:120

NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32

RtlGetVersion
NTSTATUS NTAPI RtlGetVersion(IN OUT PRTL_OSVERSIONINFOW lpVersionInformation)
Definition: version.c:158

NTSTATUS
#define NTSTATUS
Definition: precomp.h:21

IMAGE_DIRECTORY_ENTRY_EXPORT
#define IMAGE_DIRECTORY_ENTRY_EXPORT
Definition: compat.h:151

RtlImageDirectoryEntryToData
#define RtlImageDirectoryEntryToData
Definition: compat.h:809

Cleanup
static const WCHAR Cleanup[]
Definition: register.c:80

_IRQL_requires_max_
#define _IRQL_requires_max_(irql)
Definition: driverspecs.h:230

ReturnLength
IN CINT OUT PVOID IN ULONG OUT PULONG ReturnLength
Definition: dumpinfo.c:43

PASSIVE_LEVEL
#define PASSIVE_LEVEL
Definition: env_spec_w32.h:693

PagedPool
#define PagedPool
Definition: env_spec_w32.h:308

_SEH2_END
#define _SEH2_END
Definition: filesup.c:22

_SEH2_TRY
#define _SEH2_TRY
Definition: filesup.c:19

ZwQuerySystemInformation
NTSYSAPI NTSTATUS NTAPI ZwQuerySystemInformation(IN SYSTEM_INFORMATION_CLASS SystemInfoClass, OUT PVOID SystemInfoBuffer, IN ULONG SystemInfoBufferSize, OUT PULONG BytesReturned OPTIONAL)

SystemModuleInformation
@ SystemModuleInformation
Definition: ntddk_ex.h:22

size
GLsizeiptr size
Definition: glext.h:5919

i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248

EXCEPTION_EXECUTE_HANDLER
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85

void
Definition: nsiface.idl:2307

ASSERT
#define ASSERT(a)
Definition: mode.c:44

ExFreePoolWithTag
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1109

_Out_opt_
#define _Out_opt_
Definition: ms_sal.h:346

_Inout_
#define _Inout_
Definition: ms_sal.h:378

_Out_writes_bytes_to_opt_
#define _Out_writes_bytes_to_opt_(size, count)
Definition: ms_sal.h:361

_In_
#define _In_
Definition: ms_sal.h:308

TYPE_ALIGNMENT
#define TYPE_ALIGNMENT(t)
Definition: ntbasedef.h:117

ntintsafe.h

ntndk.h

STATUS_INVALID_PARAMETER_2
#define STATUS_INVALID_PARAMETER_2
Definition: ntstatus.h:476

STATUS_NOT_SUPPORTED
#define STATUS_NOT_SUPPORTED
Definition: ntstatus.h:423

STATUS_NOT_IMPLEMENTED
#define STATUS_NOT_IMPLEMENTED
Definition: ntstatus.h:239

STATUS_INVALID_PARAMETER_3
#define STATUS_INVALID_PARAMETER_3
Definition: ntstatus.h:477

L
#define L(x)
Definition: ntvdm.h:50

LONG
long LONG
Definition: pedump.c:60

pseh2.h

_SEH2_GetExceptionCode
#define _SEH2_GetExceptionCode()
Definition: pseh2_64.h:159

_SEH2_EXCEPT
#define _SEH2_EXCEPT(...)
Definition: pseh2_64.h:34

_SEH2_YIELD
#define _SEH2_YIELD(__stmt)
Definition: pseh2_64.h:162

STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65

STATUS_BUFFER_TOO_SMALL
#define STATUS_BUFFER_TOO_SMALL
Definition: shellext.h:69

_AUX_MODULE_BASIC_INFO
Definition: aux_klib.h:33

_AUX_MODULE_BASIC_INFO::ImageBase
PVOID ImageBase
Definition: aux_klib.h:34

_AUX_MODULE_EXTENDED_INFO
Definition: aux_klib.h:37

_AUX_MODULE_EXTENDED_INFO::FileNameOffset
USHORT FileNameOffset
Definition: aux_klib.h:40

_AUX_MODULE_EXTENDED_INFO::ImageSize
ULONG ImageSize
Definition: aux_klib.h:39

_AUX_MODULE_EXTENDED_INFO::BasicInfo
AUX_MODULE_BASIC_INFO BasicInfo
Definition: aux_klib.h:38

_IMAGE_EXPORT_DIRECTORY
Definition: compat.h:156

_KBUGCHECK_DATA
Definition: aux_klib.h:44

_OSVERSIONINFOW
Definition: rtltypes.h:245

_OSVERSIONINFOW::dwMajorVersion
ULONG dwMajorVersion
Definition: rtltypes.h:247

_RTL_PROCESS_MODULES
Definition: rtltypes.h:1016

_RTL_PROCESS_MODULES::Modules
RTL_PROCESS_MODULE_INFORMATION Modules[1]
Definition: rtltypes.h:1018

_RTL_PROCESS_MODULES::NumberOfModules
ULONG NumberOfModules
Definition: rtltypes.h:1017

_RTL_PROCESS_MODULE_INFORMATION::ImageBase
PVOID ImageBase
Definition: rtltypes.h:1005

_RTL_PROCESS_MODULE_INFORMATION::OffsetToFileName
USHORT OffsetToFileName
Definition: rtltypes.h:1011

_RTL_PROCESS_MODULE_INFORMATION::FullPathName
CHAR FullPathName[256]
Definition: rtltypes.h:1012

_RTL_PROCESS_MODULE_INFORMATION::ImageSize
ULONG ImageSize
Definition: rtltypes.h:1006

_UNICODE_STRING
Definition: env_spec_w32.h:368

status
Definition: ps.c:97

MmGetSystemRoutineAddress
PVOID NTAPI MmGetSystemRoutineAddress(IN PUNICODE_STRING SystemRoutineName)
Definition: sysldr.c:3604

RTL_CONSTANT_STRING
#define RTL_CONSTANT_STRING(s)
Definition: tunneltest.c:14

PULONG
uint32_t * PULONG
Definition: typedefs.h:59

NTAPI
#define NTAPI
Definition: typedefs.h:36

PVOID
void * PVOID
Definition: typedefs.h:50

RtlCopyMemory
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263

ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:65

ULONG
uint32_t ULONG
Definition: typedefs.h:59

STATUS_UNSUCCESSFUL
#define STATUS_UNSUCCESSFUL
Definition: udferr_usr.h:132

STATUS_INFO_LENGTH_MISMATCH
#define STATUS_INFO_LENGTH_MISMATCH
Definition: udferr_usr.h:133

STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158

BufferLength
_Must_inspect_result_ _In_ WDFDEVICE _In_ DEVICE_REGISTRY_PROPERTY _In_ ULONG BufferLength
Definition: wdfdevice.h:3771

ExAllocatePoolWithQuotaTag
#define ExAllocatePoolWithQuotaTag(a, b, c)
Definition: exfuncs.h:530