Fea #29, 添加SetProcessInformation，SetThreadInformation

Chuyu-Team · Mar 12, 2023 · 3249536 · 3249536
1 parent fdd8b49
commit 3249536
Show file tree

Hide file tree

Showing 4 changed files with 140 additions and 3 deletions.
diff --git a/ThunksList.md b/ThunksList.md
@@ -276,6 +276,8 @@
 | PrefetchVirtualMemory | 不存在时，返回ERROR_SUCCESS。
 | GetProcessMitigationPolicy | 不存在时，调用NtQueryInformationProcess。
 | SetProcessMitigationPolicy | 不存在时，调用NtSetInformationProcess。
+| SetProcessInformation | 不存在时，调用NtSetInformationProcess。
+| SetThreadInformation | 不存在时，调用NtSetInformationThread。
 
 ## mfplat.dll
 | 函数 | Fallback

diff --git a/src/Shared/km.h b/src/Shared/km.h
@@ -3005,6 +3005,13 @@ NtQueryDirectoryFile (
  ULONG ProcessInformationLength
  );
 
+ EXTERN_C NTSYSAPI NTSTATUS NTAPI NtSetInformationThread(
+ IN HANDLE ThreadHandle,
+ IN THREADINFOCLASS ThreadInformationClass,
+ OUT PVOID ThreadInformation,
+ IN ULONG ThreadInformationLength
+ );
+
  EXTERN_C NTSYSAPI NTSTATUS NTAPI NtQueryInformationThread(
  IN HANDLE ThreadHandle,
  IN THREADINFOCLASS ThreadInformationClass,

diff --git a/src/Thunks/YY_Thunks.cpp b/src/Thunks/YY_Thunks.cpp
@@ -40,6 +40,7 @@
  _APPLY(RtlFreeUnicodeString, ntdll ) \
  _APPLY(NtQueryObject, ntdll ) \
  _APPLY(NtQueryInformationThread, ntdll ) \
+ _APPLY(NtSetInformationThread, ntdll ) \
  _APPLY(NtQueryInformationProcess, ntdll ) \
  _APPLY(NtSetInformationProcess, ntdll ) \
  _APPLY(NtOpenKeyedEvent, ntdll ) \

diff --git a/src/Thunks/api-ms-win-core-processthreads.hpp b/src/Thunks/api-ms-win-core-processthreads.hpp
@@ -1,6 +1,6 @@
-
-
-
+#if (YY_Thunks_Support_Version < NTDDI_WIN8)
+#include <processthreadsapi.h>
+#endif
 
 #ifdef YY_Thunks_Implemented
 
@@ -899,6 +899,133 @@ namespace YY
  }
  }
 #endif
+
+#if (YY_Thunks_Support_Version < NTDDI_WIN8)
+
+ // 最低受支持的客户端 Windows 8 [桌面应用|UWP 应用]
+ // 最低受支持的服务器 Windows Server 2012[桌面应用 | UWP 应用]
+ __DEFINE_THUNK(
+ kernel32,
+ 16,
+ BOOL,
+ WINAPI,
+ SetProcessInformation,
+ _In_ HANDLE _hProcess,
+ _In_ PROCESS_INFORMATION_CLASS _eProcessInformationClass,
+ _In_reads_bytes_(_cbProcessInformationSize) LPVOID _pProcessInformation,
+ _In_ DWORD _cbProcessInformationSize
+ )
+ {
+ if (const auto _pfnSetProcessInformation = try_get_SetProcessInformation())
+ {
+ return _pfnSetProcessInformation(_hProcess, _eProcessInformationClass, _pProcessInformation, _cbProcessInformationSize);
+ }
+
+ if (_pProcessInformation == nullptr || (DWORD)_eProcessInformationClass >= (DWORD)ProcessInformationClassMax)
+ {
+ SetLastError(ERROR_INVALID_PARAMETER);
+ return FALSE;
+ }
+
+ const auto _pfnNtSetInformationProcess = try_get_NtSetInformationProcess();
+ if (!_pfnNtSetInformationProcess)
+ {
+ SetLastError(ERROR_NOT_SUPPORTED);
+ return FALSE;
+ }
+
+ NTSTATUS _Status;
+ if (_eProcessInformationClass == ProcessMemoryPriority)
+ {
+ if (_cbProcessInformationSize != sizeof(MEMORY_PRIORITY_INFORMATION))
+ {
+ SetLastError(ERROR_INVALID_PARAMETER);
+ return FALSE;
+ }
+ // PAGE_PRIORITY_INFORMATION
+ _Status = _pfnNtSetInformationProcess(_hProcess, ProcessPagePriority, _pProcessInformation, sizeof(DWORD));
+ }
+ else
+ {
+ SetLastError(ERROR_NOT_SUPPORTED);
+ return FALSE;
+ }
+
+ if (_Status >= 0)
+ return TRUE;
+
+ internal::BaseSetLastNTError(_Status);
+ return FALSE;
+ }
+#endif
+
+#if (YY_Thunks_Support_Version < NTDDI_WIN8)
+
+ // 最低受支持的客户端 Windows 8 [桌面应用|UWP 应用]
+ // 最低受支持的服务器 Windows Server 2012[桌面应用 | UWP 应用]
+ __DEFINE_THUNK(
+ kernel32,
+ 16,
+ BOOL,
+ WINAPI,
+ SetThreadInformation,
+ _In_ HANDLE _hThread,
+ _In_ THREAD_INFORMATION_CLASS _eThreadInformationClass,
+ _In_reads_bytes_(_cbThreadInformationSize) LPVOID _pThreadInformation,
+ _In_ DWORD _cbThreadInformationSize
+ )
+ {
+ if (const auto _pfnSetThreadInformation = try_get_SetThreadInformation())
+ {
+ return _pfnSetThreadInformation(_hThread, _eThreadInformationClass, _pThreadInformation, _cbThreadInformationSize);
+ }
+
+ if (_pThreadInformation == nullptr || (DWORD)_eThreadInformationClass >= (DWORD)ThreadInformationClassMax)
+ {
+ SetLastError(ERROR_INVALID_PARAMETER);
+ return FALSE;
+ }
+
+ const auto _pfnNtSetInformationThread = try_get_NtSetInformationThread();
+ if (!_pfnNtSetInformationThread)
+ {
+ SetLastError(ERROR_NOT_SUPPORTED);
+ return FALSE;
+ }
+
+ NTSTATUS _Status;
+ if (_eThreadInformationClass == ThreadMemoryPriority)
+ {
+ if (_cbThreadInformationSize != sizeof(MEMORY_PRIORITY_INFORMATION))
+ {
+ SetLastError(ERROR_INVALID_PARAMETER);
+ return FALSE;
+ }
+ _Status = _pfnNtSetInformationThread(_hThread, ThreadPagePriority, _pThreadInformation, sizeof(DWORD));
+ }
+ else if (_eThreadInformationClass == ThreadAbsoluteCpuPriority)
+ {
+ if (_cbThreadInformationSize != sizeof(DWORD))
+ {
+ SetLastError(ERROR_INVALID_PARAMETER);
+ return FALSE;
+ }
+ _Status = _pfnNtSetInformationThread(_hThread, ThreadActualBasePriority, _pThreadInformation, sizeof(DWORD));
+ }
+ else
+ {
+ SetLastError(ERROR_NOT_SUPPORTED);
+ return FALSE;
+ }
+
+ if (_Status >= 0)
+ return TRUE;
+
+ internal::BaseSetLastNTError(_Status);
+ return FALSE;
+ }
+#endif
+
  }//namespace Thunks
 
 } //namespace YY