sync: merge systeminformer/3d2a191(winsiderss/systeminformer@3d2a191)

MiroKaku · Dec 1, 2024 · 09c8de6 · 09c8de6
1 parent 907c020
commit 09c8de6
Show file tree

Hide file tree

Showing 16 changed files with 3,678 additions and 394 deletions.
diff --git a/Veil/Veil.System.ALPC.h b/Veil/Veil.System.ALPC.h
@@ -689,8 +689,8 @@ typedef struct _ALPC_HANDLE_ATTR32
     ULONG Reserved1;
     ULONG Handle;
     ULONG ObjectType; // ObjectTypeCode, not ObjectTypeIndex
-    ULONG DesiredAccess;
-    ULONG GrantedAccess;
+    ACCESS_MASK DesiredAccess;
+    ACCESS_MASK GrantedAccess;
 } ALPC_HANDLE_ATTR32, * PALPC_HANDLE_ATTR32;
 
 // private

diff --git a/Veil/Veil.System.ConfigurationManager.h b/Veil/Veil.System.ConfigurationManager.h
@@ -623,7 +623,7 @@ typedef struct _VR_UNLOAD_DIFFERENCING_HIVE_FOR_HOST
  * @param[in, optional] Class A pointer to a UNICODE_STRING structure that specifies the class of the key.
  * @param[in] CreateOptions The options to use when creating the key.
  * @param[out, optional] Disposition A pointer to a variable that receives the disposition value.
- * @return NTSTATUS The status of the operation.
+ * @return NTSTATUS Successful or errant status.
  */
 __kernel_entry __kernel_entry NTSYSCALLAPI
 NTSTATUS
@@ -663,7 +663,7 @@ ZwCreateKey(
  * @param[in] CreateOptions The options to use when creating the key.
  * @param[in] TransactionHandle A handle to the transaction.
  * @param[out, optional] Disposition A pointer to a variable that receives the disposition value.
- * @return NTSTATUS The status of the operation.
+ * @return NTSTATUS Successful or errant status.
  */
 __kernel_entry NTSYSCALLAPI
 NTSTATUS
@@ -699,7 +699,7 @@ ZwCreateKeyTransacted(
  * @param[out] KeyHandle A pointer to a handle that receives the key handle.
  * @param[in] DesiredAccess The access mask that specifies the desired access rights.
  * @param[in] ObjectAttributes A pointer to an OBJECT_ATTRIBUTES structure that specifies the object attributes.
- * @return NTSTATUS The status of the operation.
+ * @return NTSTATUS Successful or errant status.
  * @remarks NtOpenKey ignores the security information in the ObjectAttributes structure.
  */
 __kernel_entry NTSYSCALLAPI
@@ -728,7 +728,7 @@ ZwOpenKey(
  * @param[in] DesiredAccess The access mask that specifies the desired access rights.
  * @param[in] ObjectAttributes A pointer to an OBJECT_ATTRIBUTES structure that specifies the object attributes.
  * @param[in] TransactionHandle A handle to the transaction.
- * @return NTSTATUS The status of the operation.
+ * @return NTSTATUS Successful or errant status.
  */
 __kernel_entry NTSYSCALLAPI
 NTSTATUS
@@ -758,7 +758,7 @@ ZwOpenKeyTransacted(
  * @param[in] DesiredAccess The access mask that specifies the desired access rights.
  * @param[in] ObjectAttributes A pointer to an OBJECT_ATTRIBUTES structure that specifies the object attributes.
  * @param[in] OpenOptions The options to use when opening the key.
- * @return NTSTATUS The status of the operation.
+ * @return NTSTATUS Successful or errant status.
  */
 __kernel_entry NTSYSCALLAPI
 NTSTATUS
@@ -789,7 +789,7 @@ ZwOpenKeyEx(
  * @param[in] ObjectAttributes A pointer to an OBJECT_ATTRIBUTES structure that specifies the object attributes.
  * @param[in] OpenOptions The options to use when opening the key.
  * @param[in] TransactionHandle A handle to the transaction.
- * @return NTSTATUS The status of the operation.
+ * @return NTSTATUS Successful or errant status.
  */
 __kernel_entry NTSYSCALLAPI
 NTSTATUS
@@ -818,7 +818,7 @@ ZwOpenKeyTransactedEx(
  * Deletes a registry key.
  *
  * @param[in] KeyHandle A handle to the key to be deleted.
- * @return NTSTATUS The status of the operation.
+ * @return NTSTATUS Successful or errant status.
  */
 __kernel_entry NTSYSCALLAPI
 NTSTATUS
@@ -840,7 +840,7 @@ ZwDeleteKey(
  *
  * @param[in] KeyHandle A handle to the key to be renamed.
  * @param[in] NewName A pointer to a UNICODE_STRING structure that specifies the new name of the key.
- * @return NTSTATUS The status of the operation.
+ * @return NTSTATUS Successful or errant status.
  */
 __kernel_entry NTSYSCALLAPI
 NTSTATUS
@@ -864,7 +864,7 @@ ZwRenameKey(
  *
  * @param[in] KeyHandle A handle to the key that contains the value to be deleted.
  * @param[in] ValueName A pointer to a UNICODE_STRING structure that specifies the name of the value to be deleted.
- * @return NTSTATUS The status of the operation.
+ * @return NTSTATUS Successful or errant status.
  */
 __kernel_entry NTSYSCALLAPI
 NTSTATUS
@@ -891,7 +891,7 @@ ZwDeleteValueKey(
  * @param[out] KeyInformation A pointer to a buffer that receives the key information.
  * @param[in] Length The size of the buffer.
  * @param[out] ResultLength A pointer to a variable that receives the size of the data returned.
- * @return NTSTATUS The status of the operation.
+ * @return NTSTATUS Successful or errant status.
  */
 __kernel_entry NTSYSCALLAPI
 NTSTATUS
@@ -927,7 +927,7 @@ ZwQueryKey(
  * @param[in] KeySetInformationClass The type of information to be set.
  * @param[in] KeySetInformation A pointer to a buffer that contains the key information.
  * @param[in] KeySetInformationLength The size of the buffer.
- * @return NTSTATUS The status of the operation.
+ * @return NTSTATUS Successful or errant status.
  */
 __kernel_entry NTSYSCALLAPI
 NTSTATUS
@@ -960,7 +960,7 @@ ZwSetInformationKey(
  * @param[out] KeyValueInformation A pointer to a buffer that receives the value information.
  * @param[in] Length The size of the buffer.
  * @param[out] ResultLength A pointer to a variable that receives the size of the data returned.
- * @return NTSTATUS The status of the operation.
+ * @return NTSTATUS Successful or errant status.
  */
 __kernel_entry NTSYSCALLAPI
 NTSTATUS
@@ -1001,7 +1001,7 @@ ZwQueryValueKey(
  * @param[in] Type The type of the value.
  * @param[in] Data A pointer to a buffer that contains the value data.
  * @param[in] DataSize The size of the buffer.
- * @return NTSTATUS The status of the operation.
+ * @return NTSTATUS Successful or errant status.
  */
 __kernel_entry NTSYSCALLAPI
 NTSTATUS
@@ -1037,7 +1037,7 @@ ZwSetValueKey(
  * @param[out] ValueBuffer A pointer to a buffer that receives the value data.
  * @param[in, out] BufferLength A pointer to a variable that specifies the size of the buffer and receives the size of the data returned.
  * @param[out, optional] RequiredBufferLength A pointer to a variable that receives the size of the buffer required to hold the data.
- * @return NTSTATUS The status of the operation.
+ * @return NTSTATUS Successful or errant status.
  */
 __kernel_entry NTSYSCALLAPI
 NTSTATUS
@@ -1073,7 +1073,7 @@ ZwQueryMultipleValueKey(
  * @param[out] KeyInformation A pointer to a buffer that receives the key information.
  * @param[in] Length The size of the buffer.
  * @param[out] ResultLength A pointer to a variable that receives the size of the data returned.
- * @return NTSTATUS The status of the operation.
+ * @return NTSTATUS Successful or errant status.
  */
 __kernel_entry NTSYSCALLAPI
 NTSTATUS
@@ -1113,7 +1113,7 @@ ZwEnumerateKey(
  * @param[out] KeyValueInformation A pointer to a buffer that receives the value information.
  * @param[in] Length The size of the buffer.
  * @param[out] ResultLength A pointer to a variable that receives the size of the data returned.
- * @return NTSTATUS The status of the operation.
+ * @return NTSTATUS Successful or errant status.
  */
 __kernel_entry NTSYSCALLAPI
 NTSTATUS
@@ -1148,7 +1148,7 @@ ZwEnumerateValueKey(
  * Flushes the changes to a registry key.
  *
  * @param[in] KeyHandle A handle to the key to be flushed.
- * @return NTSTATUS The status of the operation.
+ * @return NTSTATUS Successful or errant status.
  */
 __kernel_entry NTSYSCALLAPI
 NTSTATUS
@@ -1170,7 +1170,7 @@ ZwFlushKey(
  *
  * @param[in] Count The number of keys to be compacted.
  * @param[in] KeyArray An array of handles to the keys to be compacted.
- * @return NTSTATUS The status of the operation.
+ * @return NTSTATUS Successful or errant status.
  */
 __kernel_entry NTSYSCALLAPI
 NTSTATUS
@@ -1193,7 +1193,7 @@ ZwCompactKeys(
  * Compresses a registry key.
  *
  * @param[in] KeyHandle A handle to the key to be compressed.
- * @return NTSTATUS The status of the operation.
+ * @return NTSTATUS Successful or errant status.
  */
 __kernel_entry NTSYSCALLAPI
 NTSTATUS
@@ -1215,7 +1215,7 @@ ZwCompressKey(
  *
  * @param[in] TargetKey A pointer to an OBJECT_ATTRIBUTES structure that specifies the target key.
  * @param[in] SourceFile A pointer to an OBJECT_ATTRIBUTES structure that specifies the source file.
- * @return NTSTATUS The status of the operation.
+ * @return NTSTATUS Successful or errant status.
  */
 __kernel_entry NTSYSCALLAPI
 NTSTATUS
@@ -1240,7 +1240,7 @@ ZwLoadKey(
  * @param[in] TargetKey A pointer to an OBJECT_ATTRIBUTES structure that specifies the target key.
  * @param[in] SourceFile A pointer to an OBJECT_ATTRIBUTES structure that specifies the source file.
  * @param[in] Flags The options to use when loading the key.
- * @return NTSTATUS The status of the operation.
+ * @return NTSTATUS Successful or errant status.
  */
 __kernel_entry NTSYSCALLAPI
 NTSTATUS
@@ -1272,7 +1272,7 @@ ZwLoadKey2(
  * @param[in, optional] DesiredAccess The access mask that specifies the desired access rights.
  * @param[out, optional] RootHandle A pointer to a handle that receives the root handle.
  * @param[in, reserved] Reserved Reserved.
- * @return NTSTATUS The status of the operation.
+ * @return NTSTATUS Successful or errant status.
  */
 __kernel_entry NTSYSCALLAPI
 NTSTATUS
@@ -1315,7 +1315,7 @@ ZwLoadKeyEx(
  * @param[in, optional] DesiredAccess The access mask that specifies the desired access rights.
  * @param[out, optional] RootHandle A pointer to a handle that receives the root handle.
  * @param[in, reserved] Reserved Reserved.
- * @return NTSTATUS The status of the operation.
+ * @return NTSTATUS Successful or errant status.
  */
 #if (NTDDI_VERSION >= NTDDI_WIN10_VB)
 __kernel_entry NTSYSCALLAPI
@@ -1354,7 +1354,7 @@ ZwLoadKey3(
  * @param[in] NewFile A pointer to an OBJECT_ATTRIBUTES structure that specifies the new file.
  * @param[in] TargetHandle A handle to the target key.
  * @param[in] OldFile A pointer to an OBJECT_ATTRIBUTES structure that specifies the old file.
- * @return NTSTATUS The status of the operation.
+ * @return NTSTATUS Successful or errant status.
  */
 __kernel_entry NTSYSCALLAPI
 NTSTATUS

diff --git a/Veil/Veil.System.Debug.h b/Veil/Veil.System.Debug.h
@@ -295,6 +295,21 @@ typedef struct _SYSDBG_LIVEDUMP_SELECTIVE_CONTROL
 #define SYSDBG_LIVEDUMP_CONTROL_VERSION_2 2
 #define SYSDBG_LIVEDUMP_CONTROL_VERSION SYSDBG_LIVEDUMP_CONTROL_VERSION_2
 
+// private
+typedef struct _SYSDBG_LIVEDUMP_CONTROL_V1
+{
+    ULONG Version;
+    ULONG BugCheckCode;
+    ULONG_PTR BugCheckParam1;
+    ULONG_PTR BugCheckParam2;
+    ULONG_PTR BugCheckParam3;
+    ULONG_PTR BugCheckParam4;
+    HANDLE DumpFileHandle;
+    HANDLE CancelEventHandle;
+    SYSDBG_LIVEDUMP_CONTROL_FLAGS Flags;
+    SYSDBG_LIVEDUMP_CONTROL_ADDPAGES AddPagesControl;
+} SYSDBG_LIVEDUMP_CONTROL_V1, * PSYSDBG_LIVEDUMP_CONTROL_V1;
+
 // private
 typedef struct _SYSDBG_LIVEDUMP_CONTROL
 {

diff --git a/Veil/Veil.System.Define.h b/Veil/Veil.System.Define.h
@@ -1062,6 +1062,11 @@ typedef struct _LARGE_INTEGER_128
     LONGLONG QuadPart[2];
 } LARGE_INTEGER_128, * PLARGE_INTEGER_128;
 
+typedef struct _ULARGE_INTEGER_128
+{
+    ULONGLONG QuadPart[2];
+} ULARGE_INTEGER_128, * PULARGE_INTEGER_128;
+
 
 VEIL_END()