Re: [Qemu-devel] Make 9pfs buildable for Windows

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] Make 9pfs buildable for Windows

From:	Michael Fritscher
Subject:	Re: [Qemu-devel] Make 9pfs buildable for Windows
Date:	Sun, 1 Oct 2017 18:17:38 +0200
User-agent:	SquirrelMail/1.4.23 [SVN]

Hi,

I've no fear to NT API :-D

surprisingly I'm the first guy which try to import things from ntdll it
seems.

I've a working PoC, which can open a directory successfully - see below.
Will code like this ever by acceptable for merging? Else: other ideas? :-)
And should I follow this way or try to emulate the relative path thing
myself? Your choose :-)

Best regards,
Michael Fritscher

-----------------------

    //Main info sources:
http://resources.infosecinstitute.com/calling-ntdll-functions-directly/
&
https://googleprojectzero.blogspot.de/2016/02/the-definitive-guide-on-win32-to-nt.html
    error_printf("Try to open %s\n", ctx->fs_root);

    typedef NTSTATUS  (__stdcall *NT_OPEN_FILE)(_Out_ PHANDLE FileHandle,
_In_ ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES
ObjectAttributes, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _In_ ULONG
ShareAccess, _In_ ULONG OpenOptions);
    NT_OPEN_FILE NtOpenFileStruct;

    typedef NTSTATUS (__stdcall
*RTL_ANSI_STRING_TO_UNICODE_STRING)(_Inout_ PUNICODE_STRING
DestinationString, _In_ PCANSI_STRING SourceString, _In_ BOOLEAN
AllocateDestinationString);
    RTL_ANSI_STRING_TO_UNICODE_STRING RtlAnsiStringToUnicodeStringStruct;

    // typedef BOOLEAN (__stdcall
*RTL_DOS_PATH_NAME_TO_RELATIVE_NT_PATH_NAME_U)(_In_ PCWSTR
DosFileName, _Out_ PUNICODE_STRING NtFileName, _Out_opt_  PWSTR*
FilePath, _Out_opt_ PRTL_RELATIVE_NAME RelativeName);
    // RTL_DOS_PATH_NAME_TO_RELATIVE_NT_PATH_NAME_U
RtlDosPathNameToRelativeNtPathName_U;

    //TODO: PRTL_RELATIVE_NAME_U
    typedef BOOLEAN (__stdcall
*RTL_DOS_PATH_NAME_TO_NT_PATH_NAME_U)(_In_opt_z_ PCWSTR DosPathName,
_Out_ PUNICODE_STRING NtPathName, _Out_opt_ PCWSTR * NtFileNamePart,
_Out_opt_ PVOID DirectoryInfo);
    RTL_DOS_PATH_NAME_TO_NT_PATH_NAME_U RtlDosPathNameToNtPathName_UStruct;

    typedef VOID (__stdcall *RTL_FREE_UNICODE_STRING)(_Inout_
PUNICODE_STRING UnicodeString);
    RTL_FREE_UNICODE_STRING RtlFreeUnicodeStringStruct;

    /* load the ntdll.dll */
    HMODULE hModule = LoadLibrary("ntdll.dll");

    NtOpenFileStruct = (NT_OPEN_FILE)GetProcAddress(hModule, "NtOpenFile");
    if(NtOpenFileStruct == NULL) {
        error_printf("Error: could not find the function NtOpenFile in
library ntdll.dll.");
        exit(-1);
    }
    error_printf("NtOpenFile is located at 0x%p in ntdll.dll.\n",
NtOpenFileStruct);

    RtlAnsiStringToUnicodeStringStruct =
(RTL_ANSI_STRING_TO_UNICODE_STRING)GetProcAddress(hModule,
"RtlAnsiStringToUnicodeString");
    if(RtlAnsiStringToUnicodeStringStruct == NULL) {
        error_printf("Error: could not find the function
RtlAnsiStringToUnicodeString in library ntdll.dll.");
        exit(-1);
    }

    RtlDosPathNameToNtPathName_UStruct =
(RTL_DOS_PATH_NAME_TO_NT_PATH_NAME_U)GetProcAddress(hModule,
"RtlDosPathNameToNtPathName_U");
    if(RtlDosPathNameToNtPathName_UStruct == NULL) {
        error_printf("Error: could not find the function
RtlAnsiStringToUnicodeString in library ntdll.dll.");
        exit(-1);
    }

    RtlFreeUnicodeStringStruct =
(RTL_FREE_UNICODE_STRING)GetProcAddress(hModule,
"RtlFreeUnicodeString");
    if(RtlFreeUnicodeStringStruct == NULL) {
        error_printf("Error: could not find the function RtlInitAnsiString
in library ntdll.dll.");
        exit(-1);
    }

    /* create the string in the right format */
    UNICODE_STRING filename_UNICODE;

    wchar_t filename_WIDECHAR[4096];

    MultiByteToWideChar(CP_ACP, 0, ctx->fs_root, -1, filename_WIDECHAR,
sizeof(filename_WIDECHAR));
    RtlDosPathNameToNtPathName_UStruct(filename_WIDECHAR,
&filename_UNICODE, NULL, NULL);

    /* initialize OBJECT_ATTRIBUTES */
    OBJECT_ATTRIBUTES obja;
    InitializeObjectAttributes(&obja, &filename_UNICODE,
OBJ_CASE_INSENSITIVE, NULL, NULL);

    /* call NtOpenFile */
    HANDLE file = NULL;
    ULONG shareAccess = 0;
    ULONG openOptions = FILE_DIRECTORY_FILE;
    IO_STATUS_BLOCK statusBlock;
    NTSTATUS stat = NtOpenFileStruct(&file, GENERIC_READ |
FILE_READ_ATTRIBUTES, &obja, &statusBlock, shareAccess, openOptions);
    if(NT_SUCCESS(stat)) {
        error_printf("File successfully opened.\n");
    }
    else {
        error_printf("File could not be opened: %lx.\n", stat);
    }

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Qemu-devel] Make 9pfs buildable for Windows, Michael Fritscher <=
- Re: [Qemu-devel] Make 9pfs buildable for Windows, Michael Fritscher, 2017/10/15
  - Re: [Qemu-devel] Make 9pfs buildable for Windows, Michael Fritscher, 2017/10/15
    - Re: [Qemu-devel] Make 9pfs buildable for Windows, Greg Kurz, 2017/10/15
    - Re: [Qemu-devel] Make 9pfs buildable for Windows, Michael Fritscher, 2017/10/15
    - Re: [Qemu-devel] Make 9pfs buildable for Windows, Michael Fritscher, 2017/10/16
  - Re: [Qemu-devel] Make 9pfs buildable for Windows, Greg Kurz, 2017/10/15

Prev by Date: Re: [Qemu-devel] [PATCH v2 40/47] hw/usb: Replace fprintf(stderr, "*\n" with error_report()
Next by Date: Re: [Qemu-devel] [PATCH] pci: allow 32-bit PCI IO accesses to pass through the PCI bridge
Previous by thread: Re: [Qemu-devel] [PATCH v2 40/47] hw/usb: Replace fprintf(stderr, "*\n" with error_report()
Next by thread: Re: [Qemu-devel] Make 9pfs buildable for Windows
Index(es):
- Date
- Thread