You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
119 lines
5.1 KiB
119 lines
5.1 KiB
/*++ BUILD Version: 0001
|
|
*
|
|
* WOW v1.0
|
|
*
|
|
* Copyright (c) 2002, Microsoft Corporation
|
|
*
|
|
* dpmf_ntd.h
|
|
* NTVDM Dynamic Patch Module to support misc NTDLL API family
|
|
* Definitions & macors to support calls into dpmfntd.dll
|
|
*
|
|
* History:
|
|
* Created 01-10-2002 by cmjones
|
|
--*/
|
|
|
|
#ifndef _DPMF_NTDAPI_H_
|
|
#define _DPMF_NTDAPI_H_
|
|
|
|
typedef DWORD ACCESS_MASK__; // including winnt.h here causes a mess
|
|
|
|
|
|
#define NTDPFT (DPMFAMTBLS()[NTD_FAM])
|
|
#define NTD_SHIM(ord, typ) ((typ)((pFT)->pDpmShmTbls[ord]))
|
|
|
|
|
|
enum NtdFam {DPM_NTOPENFILE=0,
|
|
DPM_NTQUERYDIRECTORYFILE,
|
|
DPM_RTLGETFULLPATHNAME_U,
|
|
DPM_RTLGETCURRENTDIRECTORY_U,
|
|
DPM_RTLSETCURRENTDIRECTORY_U,
|
|
DPM_NTVDMCONTROL,
|
|
enum_ntd_last};
|
|
|
|
// These types will catch misuse of parameters & ret types
|
|
typedef DWORD (*typdpmNtOpenFile)(PHANDLE, ACCESS_MASK__, POBJECT_ATTRIBUTES, PIO_STATUS_BLOCK, ULONG, ULONG);
|
|
typedef DWORD (*typdpmNtQueryDirectoryFile)(HANDLE, HANDLE, PIO_APC_ROUTINE, PVOID, PIO_STATUS_BLOCK, PVOID, ULONG, FILE_INFORMATION_CLASS, BOOLEAN, PUNICODE_STRING, BOOLEAN);
|
|
typedef DWORD (*typdpmRtlGetFullPathName_U)(PCWSTR, ULONG, PWSTR, PWSTR *);
|
|
typedef DWORD (*typdpmRtlGetCurrentDirectory_U)(ULONG, PWSTR);
|
|
typedef NTSTATUS (*typdpmRtlSetCurrentDirectory_U)(PUNICODE_STRING);
|
|
typedef NTSTATUS (*typdpmNtVdmControl)(VDMSERVICECLASS, PVOID);
|
|
|
|
|
|
|
|
// Macros to dispatch API calls properly
|
|
#define DPM_NtOpenFile(a,b,c,d,e,f) \
|
|
((typdpmNtOpenFile)(NTDPFT->pfn[DPM_NTOPENFILE]))(a,b,c,d,e,f)
|
|
|
|
#define DPM_NtQueryDirectoryFile(a,b,c,d,e,f,g,h,i,j,k) \
|
|
((typdpmNtQueryDirectoryFile)(NTDPFT->pfn[DPM_NTQUERYDIRECTORYFILE]))(a,b,c,d,e,f,g,h,i,j,k)
|
|
|
|
#define DPM_RtlGetFullPathName_U(a,b,c,d) \
|
|
((typdpmRtlGetFullPathName_U)(NTDPFT->pfn[DPM_RTLGETFULLPATHNAME_U]))(a,b,c,d)
|
|
|
|
#define DPM_RtlGetCurrentDirectory_U(a,b) \
|
|
((typdpmRtlGetCurrentDirectory_U)(NTDPFT->pfn[DPM_RTLGETCURRENTDIRECTORY_U]))(a,b)
|
|
|
|
#define DPM_RtlSetCurrentDirectory_U(a) \
|
|
((typdpmRtlSetCurrentDirectory_U)(NTDPFT->pfn[DPM_RTLSETCURRENTDIRECTORY_U]))(a)
|
|
|
|
#define DPM_NtVdmControl(a,b) \
|
|
((typdpmNtVdmControl)(NTDPFT->pfn[DPM_NTVDMCONTROL]))(a,b)
|
|
|
|
|
|
|
|
|
|
// Macros to dispatch Shimed API calls properly from the dpmfxxx.dll
|
|
#define SHM_NtOpenFile(a,b,c,d,e,f) \
|
|
(NTD_SHIM(DPM_NTOPENFILE, \
|
|
typdpmNtOpenFile))(a,b,c,d,e,f)
|
|
#define SHM_NtQueryDirectoryFile(a,b,c,d,e,f,g,h,i,j,k) \
|
|
(NTD_SHIM(DPM_NTQUERYDIRECTORYFILE, \
|
|
typdpmNtQueryDirectoryFile))(a,b,c,d,e,f,g,h,i,j,k)
|
|
#define SHM_RtlGetFullPathName_U(a,b,c,d) \
|
|
(NTD_SHIM(DPM_RTLGETFULLPATHNAME_U, \
|
|
typdpmRtlGetFullPathName_U))(a,b,c,d)
|
|
#define SHM_RtlGetCurrentDirectory_U(a,b) \
|
|
(NTD_SHIM(DPM_RTLGETCURRENTDIRECTORY_U, \
|
|
typdpmRtlGetCurrentDirectory_U))(a,b)
|
|
#define SHM_RtlSetCurrentDirectory_U(a) \
|
|
(NTD_SHIM(DPM_RTLSETCURRENTDIRECTORY_U, \
|
|
typdpmRtlSetCurrentDirectory_U))(a)
|
|
#define SHM_NtVdmControl(a,b) \
|
|
(NTD_SHIM(DPM_NTVDMCONTROL, \
|
|
typdpmNtVdmControl))(a,b)
|
|
|
|
#endif // _DPMF_NTDAPI_H_
|
|
|
|
|
|
|
|
// These need to be in the same order as the NtdFam enum definitions above and
|
|
// the DpmNtdTbl[] list below.
|
|
// This instantiates memory for DpmNtdStrs in mvdm\v86\monitor\i386\vdpm.c &
|
|
// in mvdm\wow32\wdpm.c
|
|
#ifdef _DPM_COMMON_
|
|
const char *DpmNtdStrs[] = {"NtOpenFile",
|
|
"NtQueryDirectoryFile",
|
|
"RtlGetFullPathName_U",
|
|
"RtlGetCurrentDirectory_U",
|
|
"RtlSetCurrentDirectory_U",
|
|
"NtVdmControl"
|
|
};
|
|
|
|
// These need to be in the same order as the NtdFam enum definitions and the
|
|
// the DpmNtdStrs[] list above.
|
|
// This instantiates memory for DpmNtdTbl[] in mvdm\wow32\wdpm.c
|
|
PVOID DpmNtdTbl[] = {NtOpenFile,
|
|
NtQueryDirectoryFile,
|
|
RtlGetFullPathName_U,
|
|
RtlGetCurrentDirectory_U,
|
|
RtlSetCurrentDirectory_U,
|
|
NtVdmControl
|
|
};
|
|
|
|
#define NUM_HOOKED_NTD_APIS ((sizeof DpmNtdTbl)/(sizeof DpmNtdTbl[0]))
|
|
|
|
// This instantiates memory for DpmNtdFam in mvdm\v86\monitor\i386\vdpm.c
|
|
FAMILY_TABLE DpmNtdFam = {NUM_HOOKED_NTD_APIS, 0, 0, 0, 0, DpmNtdTbl};
|
|
|
|
#endif // _DPM_COMMON_
|
|
|