IntroVirt/NtQueryInformationProcess_8hh_source.html

/*

 * Copyright 2021 Assured Information Security, Inc.

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *         http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */


/* This file is automatically generated. Do not edit. */

#pragma once


#include "NtSystemCall.hh"

#include <introvirt/windows/kernel/nt/syscall/types/process_information/PROCESS_INFORMATION.hh>

#include <introvirt/windows/kernel/nt/syscall/types/process_information/PROCESS_INFORMATION_CLASS.hh>


#include <memory>


namespace introvirt {

namespace windows {

namespace nt {


class NtQueryInformationProcess : public NtSystemCall {

  public:

    /* Direct parameter getters */


    virtual uint64_t ProcessHandle() const = 0;

    virtual PROCESS_INFORMATION_CLASS ProcessInformationClass() const = 0;

    virtual guest_ptr<void> ProcessInformationPtr() const = 0;

    virtual uint32_t ProcessInformationLength() const = 0;

    virtual guest_ptr<void> ResultLengthPtr() const = 0;


    /* Direct parameter setters */


    virtual void ProcessHandle(uint64_t ProcessHandle) = 0;

    virtual void ProcessInformationClass(PROCESS_INFORMATION_CLASS ProcessInformationClass) = 0;

    virtual void ProcessInformationPtr(const guest_ptr<void>& pProcessInformation) = 0;

    virtual void ProcessInformationLength(uint32_t ProcessInformationLength) = 0;

    virtual void ResultLengthPtr(const guest_ptr<void>& pResultLength) = 0;


    /* Helper methods */

    virtual const PROCESS_INFORMATION* ProcessInformation() const = 0;

    virtual PROCESS_INFORMATION* ProcessInformation() = 0;

    virtual uint32_t ResultLength() const = 0;

    virtual void ResultLength(uint32_t ResultLength) = 0;


    /*

     * System call injection support. You probably want to use

     * inject::system_call<NtQueryInformationProcess>.

     */

    static NTSTATUS inject(uint64_t ProcessHandle,

                           PROCESS_INFORMATION_CLASS ProcessInformationClass,

                           const guest_ptr<void>& pProcessInformation,

                           uint32_t ProcessInformationLength, uint32_t* ResultLength);

};


} /* namespace nt */

} /* namespace windows */

} /* namespace introvirt */

NtSystemCall.hh

PROCESS_INFORMATION_CLASS.hh

introvirt::basic_guest_ptr
Definition guest_ptr.hh:88

introvirt::windows::nt::NTSTATUS
Status codes returned by Windows NT system calls.
Definition NTSTATUS.hh:34

introvirt::windows::nt::NtQueryInformationProcess
Handler class for the NtQueryInformationProcess system call.
Definition NtQueryInformationProcess.hh:33

introvirt::windows::nt::NtQueryInformationProcess::ResultLengthPtr
virtual guest_ptr< void > ResultLengthPtr() const =0
Getter for ResultLengthPtr.

introvirt::windows::nt::NtQueryInformationProcess::ProcessInformationPtr
virtual void ProcessInformationPtr(const guest_ptr< void > &pProcessInformation)=0
Setter for ProcessInformationPtr.

introvirt::windows::nt::NtQueryInformationProcess::ProcessInformation
virtual PROCESS_INFORMATION * ProcessInformation()=0

introvirt::windows::nt::NtQueryInformationProcess::ProcessInformation
virtual const PROCESS_INFORMATION * ProcessInformation() const =0

introvirt::windows::nt::NtQueryInformationProcess::inject
static NTSTATUS inject(uint64_t ProcessHandle, PROCESS_INFORMATION_CLASS ProcessInformationClass, const guest_ptr< void > &pProcessInformation, uint32_t ProcessInformationLength, uint32_t *ResultLength)

introvirt::windows::nt::NtQueryInformationProcess::ProcessInformationPtr
virtual guest_ptr< void > ProcessInformationPtr() const =0
Getter for ProcessInformationPtr.

introvirt::windows::nt::NtQueryInformationProcess::ResultLength
virtual uint32_t ResultLength() const =0

introvirt::windows::nt::NtQueryInformationProcess::ProcessInformationLength
virtual void ProcessInformationLength(uint32_t ProcessInformationLength)=0
Setter for ProcessInformationLength.

introvirt::windows::nt::NtQueryInformationProcess::ProcessHandle
virtual uint64_t ProcessHandle() const =0
Getter for ProcessHandle.

introvirt::windows::nt::NtQueryInformationProcess::ProcessInformationClass
virtual PROCESS_INFORMATION_CLASS ProcessInformationClass() const =0
Getter for ProcessInformationClass.

introvirt::windows::nt::NtQueryInformationProcess::ResultLengthPtr
virtual void ResultLengthPtr(const guest_ptr< void > &pResultLength)=0
Setter for ResultLengthPtr.

introvirt::windows::nt::NtQueryInformationProcess::ProcessInformationLength
virtual uint32_t ProcessInformationLength() const =0
Getter for ProcessInformationLength.

introvirt::windows::nt::NtQueryInformationProcess::ResultLength
virtual void ResultLength(uint32_t ResultLength)=0

introvirt::windows::nt::NtQueryInformationProcess::ProcessHandle
virtual void ProcessHandle(uint64_t ProcessHandle)=0
Setter for ProcessHandle.

introvirt::windows::nt::NtQueryInformationProcess::ProcessInformationClass
virtual void ProcessInformationClass(PROCESS_INFORMATION_CLASS ProcessInformationClass)=0
Setter for ProcessInformationClass.

introvirt::windows::nt::NtSystemCall
Base type for NT system calls.
Definition NtSystemCall.hh:29

introvirt::windows::nt::PROCESS_INFORMATION
Definition PROCESS_INFORMATION.hh:32

PROCESS_INFORMATION.hh

introvirt::windows::nt::PROCESS_INFORMATION_CLASS
PROCESS_INFORMATION_CLASS
Definition PROCESS_INFORMATION_CLASS.hh:25

introvirt
Core IntroVirt classes.
Definition Cr0.hh:20