# HG changeset patch # User moel.mich # Date 1338137401 0 # Node ID d043dac9f34e2161d8c47b5fb81cf775ac9812fe # Parent f652ab1e06e2b4945df641fc9b8b4361691d9394 Added the source code of the WinRing0 device driver. diff -r f652ab1e06e2 -r d043dac9f34e External/WinRing0/COPYRIGHT.txt --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/External/WinRing0/COPYRIGHT.txt Sun May 27 16:50:01 2012 +0000 @@ -0,0 +1,21 @@ +Copyright (c) 2007-2009 OpenLibSys.org. All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: +1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. +2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + +THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR +IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES +OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, +INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT +NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF +THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff -r f652ab1e06e2 -r d043dac9f34e External/WinRing0/MAKEFILE --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/External/WinRing0/MAKEFILE Sun May 27 16:50:01 2012 +0000 @@ -0,0 +1,7 @@ +# +# DO NOT EDIT THIS FILE!!! Edit .\sources. if you want to add a new source +# file to this component. This file merely indirects to the real make file +# that is shared by all the driver components of the Windows NT DDK +# + +!INCLUDE $(NTMAKEENV)\makefile.def diff -r f652ab1e06e2 -r d043dac9f34e External/WinRing0/OlsIoctl.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/External/WinRing0/OlsIoctl.h Sun May 27 16:50:01 2012 +0000 @@ -0,0 +1,170 @@ +//----------------------------------------------------------------------------- +// Author : hiyohiyo +// Mail : hiyohiyo@crystalmark.info +// Web : http://openlibsys.org/ +// License : The modified BSD license +// +// Copyright 2007-2008 OpenLibSys.org. All rights reserved. +//----------------------------------------------------------------------------- + +#pragma once + +//----------------------------------------------------------------------------- +// +// The Device type codes form 32768 to 65535 are for customer use. +// +//----------------------------------------------------------------------------- + +#define OLS_TYPE 40000 + +//----------------------------------------------------------------------------- +// +// Version Information +// +//----------------------------------------------------------------------------- + +#define OLS_DRIVER_ID _T("WinRing0_1_2_0") + +#define OLS_DRIVER_MAJOR_VERSION 1 +#define OLS_DRIVER_MINOR_VERSION 2 +#define OLS_DRIVER_REVISION 0 +#define OLS_DRIVER_RELESE 5 + +#define OLS_DRIVER_VERSION \ + ((OLS_DRIVER_MAJOR_VERSION << 24) | (OLS_DRIVER_MINOR_VERSION << 16) \ + | (OLS_DRIVER_REVISION << 8) | OLS_DRIVER_RELESE) + +//----------------------------------------------------------------------------- +// +// The IOCTL function codes from 0x800 to 0xFFF are for customer use. +// +//----------------------------------------------------------------------------- +#define IOCTL_OLS_GET_DRIVER_VERSION \ + CTL_CODE(OLS_TYPE, 0x800, METHOD_BUFFERED, FILE_ANY_ACCESS) + +#define IOCTL_OLS_GET_REFCOUNT \ + CTL_CODE(OLS_TYPE, 0x801, METHOD_BUFFERED, FILE_ANY_ACCESS) + +#define IOCTL_OLS_READ_MSR \ + CTL_CODE(OLS_TYPE, 0x821, METHOD_BUFFERED, FILE_ANY_ACCESS) + +#define IOCTL_OLS_WRITE_MSR \ + CTL_CODE(OLS_TYPE, 0x822, METHOD_BUFFERED, FILE_ANY_ACCESS) + +#define IOCTL_OLS_READ_PMC \ + CTL_CODE(OLS_TYPE, 0x823, METHOD_BUFFERED, FILE_ANY_ACCESS) + +#define IOCTL_OLS_HALT \ + CTL_CODE(OLS_TYPE, 0x824, METHOD_BUFFERED, FILE_ANY_ACCESS) + +#define IOCTL_OLS_READ_IO_PORT \ + CTL_CODE(OLS_TYPE, 0x831, METHOD_BUFFERED, FILE_READ_ACCESS) + +#define IOCTL_OLS_WRITE_IO_PORT \ + CTL_CODE(OLS_TYPE, 0x832, METHOD_BUFFERED, FILE_WRITE_ACCESS) + +#define IOCTL_OLS_READ_IO_PORT_BYTE \ + CTL_CODE(OLS_TYPE, 0x833, METHOD_BUFFERED, FILE_READ_ACCESS) + +#define IOCTL_OLS_READ_IO_PORT_WORD \ + CTL_CODE(OLS_TYPE, 0x834, METHOD_BUFFERED, FILE_READ_ACCESS) + +#define IOCTL_OLS_READ_IO_PORT_DWORD \ + CTL_CODE(OLS_TYPE, 0x835, METHOD_BUFFERED, FILE_READ_ACCESS) + +#define IOCTL_OLS_WRITE_IO_PORT_BYTE \ + CTL_CODE(OLS_TYPE, 0x836, METHOD_BUFFERED, FILE_WRITE_ACCESS) + +#define IOCTL_OLS_WRITE_IO_PORT_WORD \ + CTL_CODE(OLS_TYPE, 0x837, METHOD_BUFFERED, FILE_WRITE_ACCESS) + +#define IOCTL_OLS_WRITE_IO_PORT_DWORD \ + CTL_CODE(OLS_TYPE, 0x838, METHOD_BUFFERED, FILE_WRITE_ACCESS) + +#define IOCTL_OLS_READ_MEMORY \ + CTL_CODE(OLS_TYPE, 0x841, METHOD_BUFFERED, FILE_READ_ACCESS) + +#define IOCTL_OLS_WRITE_MEMORY \ + CTL_CODE(OLS_TYPE, 0x842, METHOD_BUFFERED, FILE_WRITE_ACCESS) + +#define IOCTL_OLS_READ_PCI_CONFIG \ + CTL_CODE(OLS_TYPE, 0x851, METHOD_BUFFERED, FILE_READ_ACCESS) + +#define IOCTL_OLS_WRITE_PCI_CONFIG \ + CTL_CODE(OLS_TYPE, 0x852, METHOD_BUFFERED, FILE_WRITE_ACCESS) + +//----------------------------------------------------------------------------- +// +// PCI Error Code +// +//----------------------------------------------------------------------------- + +#define OLS_ERROR_PCI_BUS_NOT_EXIST (0xE0000001L) +#define OLS_ERROR_PCI_NO_DEVICE (0xE0000002L) +#define OLS_ERROR_PCI_WRITE_CONFIG (0xE0000003L) +#define OLS_ERROR_PCI_READ_CONFIG (0xE0000004L) + +//----------------------------------------------------------------------------- +// +// Support Macros +// +//----------------------------------------------------------------------------- + +// Bus Number, Device Number and Function Number to PCI Device Address +#define PciBusDevFunc(Bus, Dev, Func) ((Bus&0xFF)<<8) | ((Dev&0x1F)<<3) | (Func&7) +// PCI Device Address to Bus Number +#define PciGetBus(address) ((address>>8) & 0xFF) +// PCI Device Address to Device Number +#define PciGetDev(address) ((address>>3) & 0x1F) +// PCI Device Address to Function Number +#define PciGetFunc(address) (address&7) + +//----------------------------------------------------------------------------- +// +// Typedef Struct +// +//----------------------------------------------------------------------------- + +#pragma pack(push,4) + +typedef struct _OLS_WRITE_MSR_INPUT { + ULONG Register; + ULARGE_INTEGER Value; +} OLS_WRITE_MSR_INPUT; + +typedef struct _OLS_WRITE_IO_PORT_INPUT { + ULONG PortNumber; + union { + ULONG LongData; + USHORT ShortData; + UCHAR CharData; + }; +} OLS_WRITE_IO_PORT_INPUT; + +typedef struct _OLS_READ_PCI_CONFIG_INPUT { + ULONG PciAddress; + ULONG PciOffset; +} OLS_READ_PCI_CONFIG_INPUT; + +typedef struct _OLS_WRITE_PCI_CONFIG_INPUT { + ULONG PciAddress; + ULONG PciOffset; + UCHAR Data[1]; +} OLS_WRITE_PCI_CONFIG_INPUT; + +typedef LARGE_INTEGER PHYSICAL_ADDRESS; + +typedef struct _OLS_READ_MEMORY_INPUT { + PHYSICAL_ADDRESS Address; + ULONG UnitSize; + ULONG Count; +} OLS_READ_MEMORY_INPUT; + +typedef struct _OLS_WRITE_MEMORY_INPUT { + PHYSICAL_ADDRESS Address; + ULONG UnitSize; + ULONG Count; + UCHAR Data[1]; +} OLS_WRITE_MEMORY_INPUT; + +#pragma pack(pop) diff -r f652ab1e06e2 -r d043dac9f34e External/WinRing0/OpenLibSys.c --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/External/WinRing0/OpenLibSys.c Sun May 27 16:50:01 2012 +0000 @@ -0,0 +1,714 @@ +//----------------------------------------------------------------------------- +// Author : hiyohiyo +// Mail : hiyohiyo@crystalmark.info +// Web : http://openlibsys.org/ +// License : The modified BSD license +// +// Copyright 2007-2008 OpenLibSys.org. All rights reserved. +//----------------------------------------------------------------------------- + +#include +#include +#include "OpenLibSys.h" + +//----------------------------------------------------------------------------- +// +// Global +// +//----------------------------------------------------------------------------- + +static ULONG refCount; + +//----------------------------------------------------------------------------- +// +// Classic NT driver +// DriverEntry / OlsDispatch / Unload +// +//----------------------------------------------------------------------------- + +NTSTATUS +DriverEntry( + IN PDRIVER_OBJECT DriverObject, + IN PUNICODE_STRING RegistryPath + ) + +/* + +Return Value: + + STATUS_SUCCESS if the driver initialized correctly, otherwise an erroror + indicating the reason for failure. +*/ + +{ + NTSTATUS status; + UNICODE_STRING ntDeviceName; + UNICODE_STRING win32DeviceName; + PDEVICE_OBJECT deviceObject = NULL; + + RtlInitUnicodeString(&ntDeviceName, NT_DEVICE_NAME); + + status = IoCreateDevice( + DriverObject, // Our Driver Object + 0, // We don't use a device extension + &ntDeviceName, // Device name + OLS_TYPE, // Device type + FILE_DEVICE_SECURE_OPEN, // Device characteristics + FALSE, // Not an exclusive device + &deviceObject ); // Returned ptr to Device Object + + if(!NT_SUCCESS(status)) + { + refCount = (ULONG)-1; + return status; + } + else + { + refCount = 0; + } + + // Initialize the driver object with this driver's entry points. + DriverObject->MajorFunction[IRP_MJ_CREATE] = OlsDispatch; + DriverObject->MajorFunction[IRP_MJ_CLOSE] = OlsDispatch; + DriverObject->MajorFunction[IRP_MJ_DEVICE_CONTROL] = OlsDispatch; + DriverObject->DriverUnload = Unload; + + // Initialize a Unicode String containing the Win32 name for our device. + RtlInitUnicodeString(&win32DeviceName, DOS_DEVICE_NAME); + + // Create a symbolic link between our device name and the Win32 name + status = IoCreateSymbolicLink(&win32DeviceName, &ntDeviceName); + + if (!NT_SUCCESS(status)) + { + // Delete everything that this routine has allocated. + IoDeleteDevice( deviceObject ); + } + + return status; +} + +NTSTATUS +OlsDispatch( + IN PDEVICE_OBJECT pDO, + IN PIRP pIrp + ) + +/*++ + +Routine Description: + This routine is the dispatch handler for the driver. It is responsible + for processing the IRPs. + +Arguments: + + pDO - Pointer to device object. + + pIrp - Pointer to the current IRP. + +Return Value: + + STATUS_SUCCESS if the IRP was processed successfully, otherwise an erroror + indicating the reason for failure. + +--*/ + +{ + PIO_STACK_LOCATION pIrpStack; + NTSTATUS status; + int index; + + // Initialize the irp info field. + // This is used to return the number of bytes transfered. + pIrp->IoStatus.Information = 0; + pIrpStack = IoGetCurrentIrpStackLocation(pIrp); + + // Set default return status + status = STATUS_NOT_IMPLEMENTED; + + // Dispatch based on major fcn code. + switch(pIrpStack->MajorFunction) + { + case IRP_MJ_CREATE: + if(refCount != (ULONG)-1){refCount++;} + status = STATUS_SUCCESS; + break; + case IRP_MJ_CLOSE: + if(refCount != (ULONG)-1){refCount--;} + status = STATUS_SUCCESS; + break; + + case IRP_MJ_DEVICE_CONTROL: + // Dispatch on IOCTL + switch(pIrpStack->Parameters.DeviceIoControl.IoControlCode) + { + case IOCTL_OLS_GET_DRIVER_VERSION: + *(PULONG)pIrp->AssociatedIrp.SystemBuffer = OLS_DRIVER_VERSION; + pIrp->IoStatus.Information = 4; + status = STATUS_SUCCESS; + break; + + case IOCTL_OLS_GET_REFCOUNT: + *(PULONG)pIrp->AssociatedIrp.SystemBuffer = refCount; + pIrp->IoStatus.Information = sizeof(refCount); + status = STATUS_SUCCESS; + break; + + case IOCTL_OLS_READ_MSR: + status = ReadMsr( + pIrp->AssociatedIrp.SystemBuffer, + pIrpStack->Parameters.DeviceIoControl.InputBufferLength, + pIrp->AssociatedIrp.SystemBuffer, + pIrpStack->Parameters.DeviceIoControl.OutputBufferLength, + (ULONG*)&pIrp->IoStatus.Information + ); + break; + case IOCTL_OLS_WRITE_MSR: + status = WriteMsr( + pIrp->AssociatedIrp.SystemBuffer, + pIrpStack->Parameters.DeviceIoControl.InputBufferLength, + pIrp->AssociatedIrp.SystemBuffer, + pIrpStack->Parameters.DeviceIoControl.OutputBufferLength, + (ULONG*)&pIrp->IoStatus.Information + ); + break; + case IOCTL_OLS_READ_PMC: + status = ReadPmc( + pIrp->AssociatedIrp.SystemBuffer, + pIrpStack->Parameters.DeviceIoControl.InputBufferLength, + pIrp->AssociatedIrp.SystemBuffer, + pIrpStack->Parameters.DeviceIoControl.OutputBufferLength, + (ULONG*)&pIrp->IoStatus.Information + ); + break; + case IOCTL_OLS_HALT: + __halt(); + status = STATUS_SUCCESS; + break; + + case IOCTL_OLS_READ_IO_PORT: + case IOCTL_OLS_READ_IO_PORT_BYTE: + case IOCTL_OLS_READ_IO_PORT_WORD: + case IOCTL_OLS_READ_IO_PORT_DWORD: + status = ReadIoPort( + pIrpStack->Parameters.DeviceIoControl.IoControlCode, + pIrp->AssociatedIrp.SystemBuffer, + pIrpStack->Parameters.DeviceIoControl.InputBufferLength, + pIrp->AssociatedIrp.SystemBuffer, + pIrpStack->Parameters.DeviceIoControl.OutputBufferLength, + (ULONG*)&pIrp->IoStatus.Information + ); + break; + case IOCTL_OLS_WRITE_IO_PORT: + case IOCTL_OLS_WRITE_IO_PORT_BYTE: + case IOCTL_OLS_WRITE_IO_PORT_WORD: + case IOCTL_OLS_WRITE_IO_PORT_DWORD: + status = WriteIoPort( + pIrpStack->Parameters.DeviceIoControl.IoControlCode, + pIrp->AssociatedIrp.SystemBuffer, + pIrpStack->Parameters.DeviceIoControl.InputBufferLength, + pIrp->AssociatedIrp.SystemBuffer, + pIrpStack->Parameters.DeviceIoControl.OutputBufferLength, + (ULONG*)&pIrp->IoStatus.Information + ); + break; + + case IOCTL_OLS_READ_PCI_CONFIG: + status = ReadPciConfig( + pIrp->AssociatedIrp.SystemBuffer, + pIrpStack->Parameters.DeviceIoControl.InputBufferLength, + pIrp->AssociatedIrp.SystemBuffer, + pIrpStack->Parameters.DeviceIoControl.OutputBufferLength, + (ULONG*)&pIrp->IoStatus.Information + ); + break; + case IOCTL_OLS_WRITE_PCI_CONFIG: + status = WritePciConfig( + pIrp->AssociatedIrp.SystemBuffer, + pIrpStack->Parameters.DeviceIoControl.InputBufferLength, + pIrp->AssociatedIrp.SystemBuffer, + pIrpStack->Parameters.DeviceIoControl.OutputBufferLength, + (ULONG*)&pIrp->IoStatus.Information + ); + break; + + case IOCTL_OLS_READ_MEMORY: + status = ReadMemory( + pIrp->AssociatedIrp.SystemBuffer, + pIrpStack->Parameters.DeviceIoControl.InputBufferLength, + pIrp->AssociatedIrp.SystemBuffer, + pIrpStack->Parameters.DeviceIoControl.OutputBufferLength, + (ULONG*)&pIrp->IoStatus.Information + ); + break; + case IOCTL_OLS_WRITE_MEMORY: + status = WriteMemory( + pIrp->AssociatedIrp.SystemBuffer, + pIrpStack->Parameters.DeviceIoControl.InputBufferLength, + pIrp->AssociatedIrp.SystemBuffer, + pIrpStack->Parameters.DeviceIoControl.OutputBufferLength, + (ULONG*)&pIrp->IoStatus.Information + ); + break; + + + } + break; + } + + // We're done with I/O request. Record the status of the I/O action. + pIrp->IoStatus.Status = status; + + // Don't boost priority when returning since this took little time. + IoCompleteRequest(pIrp, IO_NO_INCREMENT); + + return status; +} + +VOID +Unload( + PDRIVER_OBJECT DriverObject + ) +/*++ + +Routine Description: + + This routine is called by the I/O system to unload the driver. + + Any resources previously allocated must be freed. + +Arguments: + + DriverObject - a pointer to the object that represents our driver. + +Return Value: + + None +--*/ + +{ + PDEVICE_OBJECT deviceObject = DriverObject->DeviceObject; + UNICODE_STRING win32NameString; + + PAGED_CODE(); + + // Create counted string version of our Win32 device name. + RtlInitUnicodeString(&win32NameString, DOS_DEVICE_NAME); + + // Delete the link from our device name to a name in the Win32 namespace. + IoDeleteSymbolicLink(&win32NameString); + + if(deviceObject != NULL) + { + IoDeleteDevice(deviceObject); + } +} + +//----------------------------------------------------------------------------- +// +// CPU +// +//----------------------------------------------------------------------------- + +NTSTATUS +ReadMsr( void *lpInBuffer, + ULONG nInBufferSize, + void *lpOutBuffer, + ULONG nOutBufferSize, + ULONG *lpBytesReturned) +{ + __try + { + ULONGLONG data = __readmsr(*(ULONG*)lpInBuffer); + memcpy((PULONG)lpOutBuffer, &data, 8); + *lpBytesReturned = 8; + return STATUS_SUCCESS; + } + __except(EXCEPTION_EXECUTE_HANDLER) + { + *lpBytesReturned = 0; + return STATUS_UNSUCCESSFUL; + } +} + +NTSTATUS +WriteMsr( void *lpInBuffer, + ULONG nInBufferSize, + void *lpOutBuffer, + ULONG nOutBufferSize, + ULONG *lpBytesReturned) +{ + __try + { + OLS_WRITE_MSR_INPUT* param; + param = (OLS_WRITE_MSR_INPUT*)lpInBuffer; + + __writemsr(param->Register, param->Value.QuadPart); + *lpBytesReturned = 0; + return STATUS_SUCCESS; + } + __except(EXCEPTION_EXECUTE_HANDLER) + { + *lpBytesReturned = 0; + return STATUS_UNSUCCESSFUL; + } +} + +NTSTATUS +ReadPmc( void *lpInBuffer, + ULONG nInBufferSize, + void *lpOutBuffer, + ULONG nOutBufferSize, + ULONG *lpBytesReturned) +{ + __try + { + ULONGLONG data = __readpmc(*(ULONG*)lpInBuffer); + memcpy((PULONG)lpOutBuffer, &data, 8); + *lpBytesReturned = 8; + return STATUS_SUCCESS; + } + __except(EXCEPTION_EXECUTE_HANDLER) + { + *lpBytesReturned = 0; + return STATUS_UNSUCCESSFUL; + } +} + +//----------------------------------------------------------------------------- +// +// IO Port +// +//----------------------------------------------------------------------------- + +NTSTATUS +ReadIoPort( ULONG ioControlCode, + void *lpInBuffer, + ULONG nInBufferSize, + void *lpOutBuffer, + ULONG nOutBufferSize, + ULONG *lpBytesReturned) +{ + ULONG nPort = *(ULONG*)lpInBuffer; + + switch(ioControlCode) + { + case IOCTL_OLS_READ_IO_PORT_BYTE: + *(PUCHAR)lpOutBuffer = READ_PORT_UCHAR((PUCHAR)(ULONG_PTR)nPort); + break; + case IOCTL_OLS_READ_IO_PORT_WORD: + *(PUSHORT)lpOutBuffer = READ_PORT_USHORT((PUSHORT)(ULONG_PTR)nPort); + break; + case IOCTL_OLS_READ_IO_PORT_DWORD: + *(PULONG)lpOutBuffer = READ_PORT_ULONG((PULONG)(ULONG_PTR)nPort); + break; + default: + *lpBytesReturned = 0; + return STATUS_INVALID_PARAMETER; + break; + } + + *lpBytesReturned = nInBufferSize; + return STATUS_SUCCESS; +} + +NTSTATUS +WriteIoPort(ULONG ioControlCode, + void *lpInBuffer, + ULONG nInBufferSize, + void *lpOutBuffer, + ULONG nOutBufferSize, + ULONG *lpBytesReturned) +{ + ULONG nPort; + OLS_WRITE_IO_PORT_INPUT* param; + + param = (OLS_WRITE_IO_PORT_INPUT*)lpInBuffer; + nPort = param->PortNumber; + + switch(ioControlCode) + { + + case IOCTL_OLS_WRITE_IO_PORT_BYTE: + WRITE_PORT_UCHAR((PUCHAR)(ULONG_PTR)nPort, param->CharData); + break; + case IOCTL_OLS_WRITE_IO_PORT_WORD: + WRITE_PORT_USHORT((PUSHORT)(ULONG_PTR)nPort, param->ShortData); + break; + case IOCTL_OLS_WRITE_IO_PORT_DWORD: + WRITE_PORT_ULONG((PULONG)(ULONG_PTR)nPort, param->LongData); + break; + default: + return STATUS_INVALID_PARAMETER; + break; + } + + return STATUS_SUCCESS; +} + +//----------------------------------------------------------------------------- +// +// PCI +// +//----------------------------------------------------------------------------- + +NTSTATUS +ReadPciConfig( void *lpInBuffer, + ULONG nInBufferSize, + void *lpOutBuffer, + ULONG nOutBufferSize, + ULONG *lpBytesReturned) +{ + OLS_READ_PCI_CONFIG_INPUT *param; + NTSTATUS status; + + if(nInBufferSize != sizeof(OLS_READ_PCI_CONFIG_INPUT)) + { + return STATUS_INVALID_PARAMETER; + } + param = (OLS_READ_PCI_CONFIG_INPUT *)lpInBuffer; + + status = pciConfigRead(param->PciAddress, param->PciOffset, + lpOutBuffer, nOutBufferSize); + + if(status == STATUS_SUCCESS) + { + *lpBytesReturned = nOutBufferSize; + } + else + { + *lpBytesReturned = 0; + } + + return status; +} + +NTSTATUS +WritePciConfig( void *lpInBuffer, + ULONG nInBufferSize, + void *lpOutBuffer, + ULONG nOutBufferSize, + ULONG *lpBytesReturned) + +{ + OLS_WRITE_PCI_CONFIG_INPUT *param; + ULONG writeSize; + NTSTATUS status; + + if(nInBufferSize < offsetof(OLS_WRITE_PCI_CONFIG_INPUT, Data)) + { + return STATUS_INVALID_PARAMETER; + } + + param = (OLS_WRITE_PCI_CONFIG_INPUT *)lpInBuffer; + writeSize = nInBufferSize - offsetof(OLS_WRITE_PCI_CONFIG_INPUT, Data); + + *lpBytesReturned = 0; + + return pciConfigWrite(param->PciAddress, param->PciOffset, + ¶m->Data, writeSize); + +} + +//----------------------------------------------------------------------------- +// +// Support Function +// +//----------------------------------------------------------------------------- + +NTSTATUS pciConfigRead(ULONG pciAddress, ULONG offset, void *data, int length) +{ + PCI_SLOT_NUMBER slot; + int error; + ULONG busNumber; + + busNumber = PciGetBus(pciAddress); + slot.u.AsULONG = 0; + slot.u.bits.DeviceNumber = PciGetDev(pciAddress); + slot.u.bits.FunctionNumber = PciGetFunc(pciAddress); + error = HalGetBusDataByOffset(PCIConfiguration, busNumber, slot.u.AsULONG, + data, offset, length); + + if(error == 0) + { + return OLS_ERROR_PCI_BUS_NOT_EXIST; + } + else if(length != 2 && error == 2) + { + return OLS_ERROR_PCI_NO_DEVICE; + } + else if(length != error) + { + return OLS_ERROR_PCI_READ_CONFIG; + } + + return STATUS_SUCCESS; +} + +NTSTATUS pciConfigWrite(ULONG pciAddress, ULONG offset, void *data, int length) +{ + PCI_SLOT_NUMBER slot; + int error; + ULONG busNumber; + + busNumber = PciGetBus(pciAddress); + + slot.u.AsULONG = 0; + slot.u.bits.DeviceNumber = PciGetDev(pciAddress); + slot.u.bits.FunctionNumber = PciGetFunc(pciAddress); + error = HalSetBusDataByOffset(PCIConfiguration, busNumber, slot.u.AsULONG, + data, offset, length); + + if(error != length) + { + return OLS_ERROR_PCI_WRITE_CONFIG; + } + + return STATUS_SUCCESS; +} + + +//----------------------------------------------------------------------------- +// +// Physical Memory +// +//----------------------------------------------------------------------------- + +NTSTATUS +ReadMemory( void *lpInBuffer, + ULONG nInBufferSize, + void *lpOutBuffer, + ULONG nOutBufferSize, + ULONG *lpBytesReturned) +{ + OLS_READ_MEMORY_INPUT *param; + ULONG size; + PHYSICAL_ADDRESS address; + PVOID maped; + BOOLEAN error; + + if(nInBufferSize != sizeof(OLS_READ_MEMORY_INPUT)) + { + return STATUS_INVALID_PARAMETER; + } + + param = (OLS_READ_MEMORY_INPUT *)lpInBuffer; + size = param->UnitSize * param->Count; + + if(nOutBufferSize < size) + { + return STATUS_INVALID_PARAMETER; + } + + address.QuadPart = param->Address.QuadPart; + +#ifndef _PHYSICAL_MEMORY_SUPPORT + + if(0x000C0000 > address.QuadPart + || (address.QuadPart + size - 1) > 0x000FFFFF) + { + return STATUS_INVALID_PARAMETER; + } + +#endif + + maped = MmMapIoSpace(address, size, FALSE); + + error = FALSE; + switch(param->UnitSize){ + case 1: + READ_REGISTER_BUFFER_UCHAR(maped, lpOutBuffer, param->Count); + break; + case 2: + READ_REGISTER_BUFFER_USHORT(maped, lpOutBuffer, param->Count); + break; + case 4: + READ_REGISTER_BUFFER_ULONG(maped, lpOutBuffer, param->Count); + break; + default: + error = TRUE; + break; + } + + MmUnmapIoSpace(maped, size); + + if(error) + { + return STATUS_INVALID_PARAMETER; + } + + *lpBytesReturned = nOutBufferSize; + + return STATUS_SUCCESS; +} + +NTSTATUS +WriteMemory(void *lpInBuffer, + ULONG nInBufferSize, + void *lpOutBuffer, + ULONG nOutBufferSize, + ULONG *lpBytesReturned) +{ +#ifdef _PHYSICAL_MEMORY_SUPPORT + + OLS_WRITE_MEMORY_INPUT *param; + ULONG size; + PHYSICAL_ADDRESS address; + PVOID maped; + BOOLEAN error; + + if(nInBufferSize < offsetof(OLS_WRITE_MEMORY_INPUT, Data)) + { + return STATUS_INVALID_PARAMETER; + } + + param = (OLS_WRITE_MEMORY_INPUT *)lpInBuffer; + + size = param->UnitSize * param->Count; + if (nInBufferSize < size + offsetof(OLS_WRITE_MEMORY_INPUT, Data)) + { + return STATUS_INVALID_PARAMETER; + } + + address.QuadPart = param->Address.QuadPart; + + maped = MmMapIoSpace(address, size, FALSE); + + error = FALSE; + switch(param->UnitSize){ + case 1: + WRITE_REGISTER_BUFFER_UCHAR(maped, + (UCHAR*)¶m->Data, param->Count); + break; + case 2: + WRITE_REGISTER_BUFFER_USHORT(maped, + (USHORT*)¶m->Data, param->Count); + break; + case 4: + WRITE_REGISTER_BUFFER_ULONG(maped, + (ULONG*)¶m->Data, param->Count); + break; + default: + error = TRUE; + break; + } + + MmUnmapIoSpace(maped, size); + + if(error) + { + return STATUS_INVALID_PARAMETER; + } + + *lpBytesReturned = 0; + + return STATUS_SUCCESS; + +#else + + *lpBytesReturned = 0; + + return STATUS_INVALID_PARAMETER; + +#endif +} diff -r f652ab1e06e2 -r d043dac9f34e External/WinRing0/OpenLibSys.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/External/WinRing0/OpenLibSys.h Sun May 27 16:50:01 2012 +0000 @@ -0,0 +1,131 @@ +//----------------------------------------------------------------------------- +// Author : hiyohiyo +// Mail : hiyohiyo@crystalmark.info +// Web : http://openlibsys.org/ +// License : The modified BSD license +// +// Copyright 2007-2008 OpenLibSys.org. All rights reserved. +//----------------------------------------------------------------------------- + +#include +#include +#include "OlsIoctl.h" + +//----------------------------------------------------------------------------- +// +// Device Name +// +//----------------------------------------------------------------------------- + +#define NT_DEVICE_NAME L"\\Device\\WinRing0_1_2_0" +#define DOS_DEVICE_NAME L"\\DosDevices\\WinRing0_1_2_0" + +//----------------------------------------------------------------------------- +// +// Function Prototypes +// +//----------------------------------------------------------------------------- + +NTSTATUS DriverEntry( + IN PDRIVER_OBJECT DriverObject, + IN PUNICODE_STRING RegistryPath + ); + +NTSTATUS OlsDispatch( + IN PDEVICE_OBJECT pDO, + IN PIRP pIrp + ); + +VOID Unload( + IN PDRIVER_OBJECT DriverObject + ); + +//----------------------------------------------------------------------------- +// +// Function Prototypes for Control Code +// +//----------------------------------------------------------------------------- + +NTSTATUS ReadMsr( + void *lpInBuffer, + ULONG nInBufferSize, + void *lpOutBuffer, + ULONG nOutBufferSize, + ULONG *lpBytesReturned + ); + +NTSTATUS WriteMsr( + void *lpInBuffer, + ULONG nInBufferSize, + void *lpOutBuffer, + ULONG nOutBufferSize, + ULONG *lpBytesReturned + ); + +NTSTATUS ReadPmc( + void *lpInBuffer, + ULONG nInBufferSize, + void *lpOutBuffer, + ULONG nOutBufferSize, + ULONG *lpBytesReturned + ); + +NTSTATUS ReadIoPort( + ULONG ioControlCode, + void *lpInBuffer, + ULONG nInBufferSize, + void *lpOutBuffer, + ULONG nOutBufferSize, + ULONG *lpBytesReturned + ); + +NTSTATUS WriteIoPort( + ULONG ioControlCode, + void *lpInBuffer, + ULONG nInBufferSize, + void *lpOutBuffer, + ULONG nOutBufferSize, + ULONG *lpBytesReturned + ); + +NTSTATUS ReadPciConfig( + void *lpInBuffer, + ULONG nInBufferSize, + void *lpOutBuffer, + ULONG nOutBufferSize, + ULONG *lpBytesReturned + ); + +NTSTATUS WritePciConfig( + void *lpInBuffer, + ULONG nInBufferSize, + void *lpOutBuffer, + ULONG nOutBufferSize, + ULONG *lpBytesReturned + ); + +NTSTATUS ReadMemory( + void *lpInBuffer, + ULONG nInBufferSize, + void *lpOutBuffer, + ULONG nOutBufferSize, + ULONG *lpBytesReturned + ); + +NTSTATUS WriteMemory( + void *lpInBuffer, + ULONG nInBufferSize, + void *lpOutBuffer, + ULONG nOutBufferSize, + ULONG *lpBytesReturned + ); + + +//----------------------------------------------------------------------------- +// +// Support Function Prototypes +// +//----------------------------------------------------------------------------- + +NTSTATUS pciConfigRead(ULONG pciAddress, ULONG offset, void *data, int length); +NTSTATUS pciConfigWrite(ULONG pciAddress, ULONG offset, void *data, int length); diff -r f652ab1e06e2 -r d043dac9f34e External/WinRing0/OpenLibSys.rc --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/External/WinRing0/OpenLibSys.rc Sun May 27 16:50:01 2012 +0000 @@ -0,0 +1,43 @@ +#include +#include + +#define VER_FILETYPE VFT_DRV +#define VER_FILESUBTYPE VFT2_DRV_SYSTEM + +#define VER_FILEDESCRIPTION_STR "WinRing0" +#define VER_INTERNALNAME_STR "WinRing0.sys" + +///////////////////////////////////////////////////////////////////////////// +// +// Version +// + +VS_VERSION_INFO VERSIONINFO + FILEVERSION 1, 2, 0, 5 + PRODUCTVERSION 1, 2, 0, 5 + FILEFLAGSMASK 0x3fL + FILEFLAGS 0x0L + FILEOS 0x40004L + FILETYPE 0x2L + FILESUBTYPE 0x0L +BEGIN + BLOCK "StringFileInfo" + BEGIN + BLOCK "041104b0" + BEGIN + VALUE "Comments", "The modified BSD license\0" + VALUE "CompanyName", "OpenLibSys.org\0" + VALUE "FileDescription", "WinRing0\0" + VALUE "FileVersion", "1.2.0.5\0" + VALUE "InternalName", "WinRing0.sys\0" + VALUE "LegalCopyright", "Copyright (C) 2007-2008 OpenLibSys.org. All rights reserved.\0" + VALUE "OriginalFilename", "WinRing0.sys\0" + VALUE "ProductName", "WinRing0\0" + VALUE "ProductVersion", "1.2.0.5\0" + END + END + BLOCK "VarFileInfo" + BEGIN + VALUE "Translation", 0x411, 1200 + END +END diff -r f652ab1e06e2 -r d043dac9f34e External/WinRing0/SOURCES --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/External/WinRing0/SOURCES Sun May 27 16:50:01 2012 +0000 @@ -0,0 +1,7 @@ +TARGETNAME=WinRing0 +TARGETPATH=lib +TARGETTYPE=DRIVER + +INCLUDES=..\ + +SOURCES=OpenLibSys.c OpenLibSys.rc