IntroVirt/OBJECT__ATTRIBUTES_8hh_source.html

/*

 * Copyright 2021 Assured Information Security, Inc.

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *         http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

#pragma once


#include "SECURITY_DESCRIPTOR.hh"

#include "SECURITY_QUALITY_OF_SERVICE.hh"


#include <introvirt/core/fwd.hh>

#include <introvirt/core/injection/GuestAllocation.hh>

#include <introvirt/util/json/json.hh>

#include <introvirt/windows/kernel/nt/const/HANDLE_ATTRIBUTES.hh>

#include <introvirt/windows/kernel/nt/fwd.hh>


#include <cstdint>

#include <string>

#include <string_view>


namespace introvirt {

namespace windows {

namespace nt {


class OBJECT_ATTRIBUTES {

  public:


    enum Attribute {

        OBJ_INHERIT = 0x00000002,

        OBJ_PERMANENT = 0x00000010,

        OBJ_EXCLUSIVE = 0x00000020,

        OBJ_CASE_INSENSITIVE = 0x00000040,

        OBJ_OPENIF = 0x00000080,

        OBJ_OPENLINK = 0x00000100,

        OBJ_KERNEL_HANDLE = 0x00000200,

        OBJ_FORCE_ACCESS_CHECK = 0x00000400,

        OBJ_VALID_ATTRIBUTES = 0x000007f2

    };


  public:

    virtual uint32_t Length() const = 0;


    virtual uint64_t RootDirectory() const = 0;


    virtual std::string ObjectName() const = 0;


    virtual HANDLE_ATTRIBUTES Attributes() const = 0;


    virtual bool isInheritable() const = 0;


    virtual SECURITY_DESCRIPTOR* SecurityDescriptor() = 0;


    virtual const SECURITY_DESCRIPTOR* SecurityDescriptor() const = 0;


    virtual SECURITY_QUALITY_OF_SERVICE* SecurityQualityOfService() = 0;


    virtual const SECURITY_QUALITY_OF_SERVICE* SecurityQualityOfService() const = 0;


    virtual const std::string& FullPath(const KPCR& kpcr) const = 0;


    /*

     * @param Length The value to  in the Length field, or 0xFFFFFFFF to use the correct value

     */

    virtual void Length(uint32_t Length = 0xFFFFFFFF) = 0;


    virtual void RootDirectory(uint64_t RootDirectory) = 0;


    virtual void ObjectName(const std::string& ObjectName) = 0;


    virtual void ObjectNamePtr(const guest_ptr<void>& pUnicodeString) = 0;


    virtual void Attributes(HANDLE_ATTRIBUTES Attributes) = 0;


    virtual void Inheritable(bool Inheritable) = 0;


    virtual void SecurityQualityOfServicePtr(const guest_ptr<void>& pSecurityQualityOfService) = 0;


    virtual guest_ptr<void> ptr() const = 0;


    virtual void write(std::ostream& os, const std::string& linePrefix = "") const = 0;


    virtual Json::Value json() const = 0;


    static std::unique_ptr<OBJECT_ATTRIBUTES> make_unique(const NtKernel& kernel,

                                                          const guest_ptr<void>& ptr);


    virtual ~OBJECT_ATTRIBUTES() = default;

};


} /* namespace nt */

} /* namespace windows */


namespace inject {


template <>


class GuestAllocation<windows::nt::OBJECT_ATTRIBUTES> final

    : public GuestAllocationComplexBase<windows::nt::OBJECT_ATTRIBUTES> {

  public:

    GuestAllocation();

};


} // namespace inject

} // namespace introvirt

GuestAllocation.hh

HANDLE_ATTRIBUTES.hh

SECURITY_DESCRIPTOR.hh

SECURITY_QUALITY_OF_SERVICE.hh

introvirt::basic_guest_ptr
Definition guest_ptr.hh:88

introvirt::inject::GuestAllocationComplexBase
Definition GuestAllocation.hh:179

introvirt::inject::GuestAllocation< windows::nt::OBJECT_ATTRIBUTES >::GuestAllocation
GuestAllocation()

introvirt::inject::GuestAllocation
Definition GuestAllocation.hh:31

introvirt::windows::nt::HANDLE_ATTRIBUTES
Definition HANDLE_ATTRIBUTES.hh:39

introvirt::windows::nt::KPCR
The KPCR (Kernel Processor Control Region) is used by Windows to hold information about the current t...
Definition KPCR.hh:32

introvirt::windows::nt::NtKernel
Abstraction for the Windows NT kernel.
Definition NtKernel.hh:37

introvirt::windows::nt::OBJECT_ATTRIBUTES
Definition OBJECT_ATTRIBUTES.hh:38

introvirt::windows::nt::OBJECT_ATTRIBUTES::ObjectNamePtr
virtual void ObjectNamePtr(const guest_ptr< void > &pUnicodeString)=0

introvirt::windows::nt::OBJECT_ATTRIBUTES::SecurityQualityOfService
virtual SECURITY_QUALITY_OF_SERVICE * SecurityQualityOfService()=0

introvirt::windows::nt::OBJECT_ATTRIBUTES::Length
virtual void Length(uint32_t Length=0xFFFFFFFF)=0

introvirt::windows::nt::OBJECT_ATTRIBUTES::ObjectName
virtual std::string ObjectName() const =0

introvirt::windows::nt::OBJECT_ATTRIBUTES::json
virtual Json::Value json() const =0

introvirt::windows::nt::OBJECT_ATTRIBUTES::RootDirectory
virtual void RootDirectory(uint64_t RootDirectory)=0

introvirt::windows::nt::OBJECT_ATTRIBUTES::Length
virtual uint32_t Length() const =0

introvirt::windows::nt::OBJECT_ATTRIBUTES::SecurityDescriptor
virtual SECURITY_DESCRIPTOR * SecurityDescriptor()=0

introvirt::windows::nt::OBJECT_ATTRIBUTES::SecurityDescriptor
virtual const SECURITY_DESCRIPTOR * SecurityDescriptor() const =0

introvirt::windows::nt::OBJECT_ATTRIBUTES::~OBJECT_ATTRIBUTES
virtual ~OBJECT_ATTRIBUTES()=default

introvirt::windows::nt::OBJECT_ATTRIBUTES::Attribute
Attribute
Definition OBJECT_ATTRIBUTES.hh:40

introvirt::windows::nt::OBJECT_ATTRIBUTES::OBJ_PERMANENT
@ OBJ_PERMANENT
Definition OBJECT_ATTRIBUTES.hh:42

introvirt::windows::nt::OBJECT_ATTRIBUTES::OBJ_EXCLUSIVE
@ OBJ_EXCLUSIVE
Definition OBJECT_ATTRIBUTES.hh:43

introvirt::windows::nt::OBJECT_ATTRIBUTES::OBJ_VALID_ATTRIBUTES
@ OBJ_VALID_ATTRIBUTES
Definition OBJECT_ATTRIBUTES.hh:49

introvirt::windows::nt::OBJECT_ATTRIBUTES::OBJ_KERNEL_HANDLE
@ OBJ_KERNEL_HANDLE
Definition OBJECT_ATTRIBUTES.hh:47

introvirt::windows::nt::OBJECT_ATTRIBUTES::OBJ_OPENIF
@ OBJ_OPENIF
Definition OBJECT_ATTRIBUTES.hh:45

introvirt::windows::nt::OBJECT_ATTRIBUTES::OBJ_OPENLINK
@ OBJ_OPENLINK
Definition OBJECT_ATTRIBUTES.hh:46

introvirt::windows::nt::OBJECT_ATTRIBUTES::OBJ_INHERIT
@ OBJ_INHERIT
Definition OBJECT_ATTRIBUTES.hh:41

introvirt::windows::nt::OBJECT_ATTRIBUTES::OBJ_CASE_INSENSITIVE
@ OBJ_CASE_INSENSITIVE
Definition OBJECT_ATTRIBUTES.hh:44

introvirt::windows::nt::OBJECT_ATTRIBUTES::OBJ_FORCE_ACCESS_CHECK
@ OBJ_FORCE_ACCESS_CHECK
Definition OBJECT_ATTRIBUTES.hh:48

introvirt::windows::nt::OBJECT_ATTRIBUTES::SecurityQualityOfServicePtr
virtual void SecurityQualityOfServicePtr(const guest_ptr< void > &pSecurityQualityOfService)=0

introvirt::windows::nt::OBJECT_ATTRIBUTES::isInheritable
virtual bool isInheritable() const =0

introvirt::windows::nt::OBJECT_ATTRIBUTES::ptr
virtual guest_ptr< void > ptr() const =0

introvirt::windows::nt::OBJECT_ATTRIBUTES::ObjectName
virtual void ObjectName(const std::string &ObjectName)=0

introvirt::windows::nt::OBJECT_ATTRIBUTES::FullPath
virtual const std::string & FullPath(const KPCR &kpcr) const =0

introvirt::windows::nt::OBJECT_ATTRIBUTES::Attributes
virtual void Attributes(HANDLE_ATTRIBUTES Attributes)=0

introvirt::windows::nt::OBJECT_ATTRIBUTES::SecurityQualityOfService
virtual const SECURITY_QUALITY_OF_SERVICE * SecurityQualityOfService() const =0

introvirt::windows::nt::OBJECT_ATTRIBUTES::Attributes
virtual HANDLE_ATTRIBUTES Attributes() const =0

introvirt::windows::nt::OBJECT_ATTRIBUTES::make_unique
static std::unique_ptr< OBJECT_ATTRIBUTES > make_unique(const NtKernel &kernel, const guest_ptr< void > &ptr)

introvirt::windows::nt::OBJECT_ATTRIBUTES::RootDirectory
virtual uint64_t RootDirectory() const =0

introvirt::windows::nt::OBJECT_ATTRIBUTES::Inheritable
virtual void Inheritable(bool Inheritable)=0

introvirt::windows::nt::OBJECT_ATTRIBUTES::write
virtual void write(std::ostream &os, const std::string &linePrefix="") const =0

introvirt::windows::nt::SECURITY_DESCRIPTOR
Definition SECURITY_DESCRIPTOR.hh:29

introvirt::windows::nt::SECURITY_QUALITY_OF_SERVICE
Definition SECURITY_QUALITY_OF_SERVICE.hh:32

fwd.hh

introvirt
Core IntroVirt classes.
Definition Cr0.hh:20

fwd.hh