Merge remote-tracking branch 'refs/remotes/origin/master' into tracert

dmex · dmex · commit a51182fac253 · 2016-10-09T11:59:18.000+11:00
diff --git a/phnt/include/ntexapi.h b/phnt/include/ntexapi.h
@@ -1361,26 +1361,26 @@ typedef enum _SYSTEM_INFORMATION_CLASS
     SystemVmGenerationCountInformation,
     SystemTrustedPlatformModuleInformation, // q: SYSTEM_TPM_INFORMATION
     SystemKernelDebuggerFlags,
-    SystemCodeIntegrityPolicyInformation,
-    SystemIsolatedUserModeInformation,
+    SystemCodeIntegrityPolicyInformation, // q: SYSTEM_CODEINTEGRITYPOLICY_INFORMATION
+    SystemIsolatedUserModeInformation, // q: SYSTEM_ISOLATED_USER_MODE_INFORMATION
     SystemHardwareSecurityTestInterfaceResultsInformation,
     SystemSingleModuleInformation, // q: SYSTEM_SINGLE_MODULE_INFORMATION
     SystemAllowedCpuSetsInformation,
     SystemDmaProtectionInformation, // q: SYSTEM_DMA_PROTECTION_INFORMATION
-    SystemInterruptCpuSetsInformation, // 170
+    SystemInterruptCpuSetsInformation, // q: SYSTEM_INTERRUPT_CPU_SET_INFORMATION // 170
     SystemSecureBootPolicyFullInformation, // q: SYSTEM_SECUREBOOT_POLICY_FULL_INFORMATION
     SystemCodeIntegrityPolicyFullInformation,
     SystemAffinitizedInterruptProcessorInformation,
     SystemRootSiloInformation, // q: SYSTEM_ROOT_SILO_INFORMATION
     SystemCpuSetInformation, // q: SYSTEM_CPU_SET_INFORMATION // since THRESHOLD2
     SystemCpuSetTagInformation, // q: SYSTEM_CPU_SET_TAG_INFORMATION
     SystemWin32WerStartCallout,
-    SystemSecureKernelProfileInformation,
+    SystemSecureKernelProfileInformation, // q: SYSTEM_SECURE_KERNEL_HYPERGUARD_PROFILE_INFORMATION
     SystemCodeIntegrityPlatformManifestInformation, // q: SYSTEM_SECUREBOOT_PLATFORM_MANIFEST_INFORMATION // since REDSTONE
-    SystemUnknownInformation180, // 180
-    SystemUnknownInformation181,
+    SystemInterruptSteeringInformation, // 180
+    SystemSupportedProcessorArchitectures,
     SystemMemoryUsageInformation, // q: SYSTEM_MEMORY_USAGE_INFORMATION
-    SystemUnknownInformation183,
+    SystemCodeIntegrityCertificateInformation, // q: SYSTEM_CODEINTEGRITY_CERTIFICATE_INFORMATION
     MaxSystemInfoClass
 } SYSTEM_INFORMATION_CLASS;
 
@@ -2412,7 +2412,7 @@ typedef struct _SYSTEM_SECUREBOOT_INFORMATION
 {
     BOOLEAN SecureBootEnabled;
     BOOLEAN SecureBootCapable;
-} SYSTEM_SECUREBOOT_INFORMATION;
+} SYSTEM_SECUREBOOT_INFORMATION, *PSYSTEM_SECUREBOOT_INFORMATION;
 
 // private
 typedef struct _PROCESS_DISK_COUNTERS
@@ -2548,13 +2548,45 @@ typedef struct _SYSTEM_DMA_PROTECTION_INFORMATION
     BOOLEAN DmaProtectionsInUse;
 } SYSTEM_DMA_PROTECTION_INFORMATION, *PSYSTEM_DMA_PROTECTION_INFORMATION;
 
+// private
+typedef struct _SYSTEM_CODEINTEGRITYPOLICY_INFORMATION
+{
+    ULONG Options;
+    ULONG HVCIOptions;
+    ULONGLONG Version;
+    GUID PolicyGuid;
+} SYSTEM_CODEINTEGRITYPOLICY_INFORMATION, *PSYSTEM_CODEINTEGRITYPOLICY_INFORMATION;
+
+// private
+typedef struct _SYSTEM_ISOLATED_USER_MODE_INFORMATION
+{
+    BOOLEAN SecureKernelRunning : 1;
+    BOOLEAN HvciEnabled : 1;
+    BOOLEAN HvciStrictMode : 1;
+    BOOLEAN DebugEnabled : 1;
+    BOOLEAN FirmwarePageProtection : 1;
+    BOOLEAN SpareFlags : 1;
+    BOOLEAN TrustletRunning : 1;
+    BOOLEAN SpareFlags2 : 1;
+    BOOLEAN Spare0[6];
+    ULONGLONG Spare1;
+} SYSTEM_ISOLATED_USER_MODE_INFORMATION, *PSYSTEM_ISOLATED_USER_MODE_INFORMATION;
+
 // private
 typedef struct _SYSTEM_SINGLE_MODULE_INFORMATION
 {
     PVOID TargetModuleAddress;
     RTL_PROCESS_MODULE_INFORMATION_EX ExInfo;
 } SYSTEM_SINGLE_MODULE_INFORMATION, *PSYSTEM_SINGLE_MODULE_INFORMATION;
 
+// private
+typedef struct _SYSTEM_INTERRUPT_CPU_SET_INFORMATION
+{
+    ULONG Gsiv;
+    USHORT Group;
+    ULONGLONG CpuSets;
+} SYSTEM_INTERRUPT_CPU_SET_INFORMATION, *PSYSTEM_INTERRUPT_CPU_SET_INFORMATION;
+
 // private
 typedef struct _SYSTEM_SECUREBOOT_POLICY_FULL_INFORMATION
 {
@@ -2577,6 +2609,35 @@ typedef struct _SYSTEM_CPU_SET_TAG_INFORMATION
     ULONGLONG CpuSets[1];
 } SYSTEM_CPU_SET_TAG_INFORMATION, *PSYSTEM_CPU_SET_TAG_INFORMATION;
 
+// private
+typedef struct _SYSTEM_SECURE_KERNEL_HYPERGUARD_PROFILE_INFORMATION
+{
+    ULONG ExtentCount;
+    ULONG ValidStructureSize;
+    ULONG NextExtentIndex;
+    ULONG ExtentRestart;
+    ULONG CycleCount;
+    ULONG TimeoutCount;
+    ULONGLONG CycleTime;
+    ULONGLONG CycleTimeMax;
+    ULONGLONG ExtentTime;
+    ULONG ExtentTimeIndex;
+    ULONG ExtentTimeMaxIndex;
+    ULONGLONG ExtentTimeMax;
+    ULONGLONG HyperFlushTimeMax;
+    ULONGLONG TranslateVaTimeMax;
+    ULONGLONG DebugExemptionCount;
+    ULONGLONG TbHitCount;
+    ULONGLONG TbMissCount;
+    ULONGLONG VinaPendingYield;
+    ULONGLONG HashCycles;
+    ULONG HistogramOffset;
+    ULONG HistogramBuckets;
+    ULONG HistogramShift;
+    ULONG Reserved1;
+    ULONGLONG PageNotPresentCount;
+} SYSTEM_SECURE_KERNEL_HYPERGUARD_PROFILE_INFORMATION, *PSYSTEM_SECURE_KERNEL_HYPERGUARD_PROFILE_INFORMATION;
+
 // private
 typedef struct _SYSTEM_SECUREBOOT_PLATFORM_MANIFEST_INFORMATION
 {
@@ -2596,6 +2657,12 @@ typedef struct _SYSTEM_MEMORY_USAGE_INFORMATION
     ULONGLONG PeakCommitmentBytes;
 } SYSTEM_MEMORY_USAGE_INFORMATION, *PSYSTEM_MEMORY_USAGE_INFORMATION;
 
+// private
+typedef struct _SYSTEM_CODEINTEGRITY_CERTIFICATE_INFORMATION
+{
+    HANDLE ImageFile;
+} SYSTEM_CODEINTEGRITY_CERTIFICATE_INFORMATION, *PSYSTEM_CODEINTEGRITY_CERTIFICATE_INFORMATION;
+
 #if (PHNT_MODE != PHNT_MODE_KERNEL)
 
 NTSYSCALLAPI
@@ -2672,7 +2739,8 @@ typedef enum _SYSDBG_COMMAND
     SysDbgGetUmBreakPid,
     SysDbgClearUmBreakPid,
     SysDbgGetUmAttachPid,
-    SysDbgClearUmAttachPid
+    SysDbgClearUmAttachPid,
+    SysDbgGetLiveKernelDump
 } SYSDBG_COMMAND, *PSYSDBG_COMMAND;
 
 typedef struct _SYSDBG_VIRTUAL
diff --git a/phnt/include/ntlpcapi.h b/phnt/include/ntlpcapi.h
@@ -579,9 +579,20 @@ typedef enum _ALPC_MESSAGE_INFORMATION_CLASS
 {
     AlpcMessageSidInformation, // q: out SID
     AlpcMessageTokenModifiedIdInformation,  // q: out LUID
+    AlpcMessageDirectStatusInformation,
+    AlpcMessageHandleInformation, // ALPC_MESSAGE_HANDLE_INFORMATION
     MaxAlpcMessageInfoClass
 } ALPC_MESSAGE_INFORMATION_CLASS, *PALPC_MESSAGE_INFORMATION_CLASS;
 
+typedef struct _ALPC_MESSAGE_HANDLE_INFORMATION
+{
+    ULONG Index;
+    ULONG Flags;
+    ULONG Handle;
+    ULONG ObjectType;
+    ACCESS_MASK GrantedAccess;
+} ALPC_MESSAGE_HANDLE_INFORMATION, *PALPC_MESSAGE_HANDLE_INFORMATION;
+
 // begin_private
 
 #if (PHNT_VERSION >= PHNT_VISTA)
diff --git a/phnt/include/ntmmapi.h b/phnt/include/ntmmapi.h
@@ -64,7 +64,9 @@ typedef enum _MEMORY_INFORMATION_CLASS
     MemoryRegionInformation, // MEMORY_REGION_INFORMATION
     MemoryWorkingSetExInformation, // MEMORY_WORKING_SET_EX_INFORMATION
     MemorySharedCommitInformation, // MEMORY_SHARED_COMMIT_INFORMATION
-    MemoryImageInformation // MEMORY_IMAGE_INFORMATION
+    MemoryImageInformation, // MEMORY_IMAGE_INFORMATION
+    MemoryRegionInformationEx,
+    MemoryPrivilegedBasicInformation
 } MEMORY_INFORMATION_CLASS;
 
 #if (PHNT_MODE == PHNT_MODE_KERNEL)
@@ -105,8 +107,22 @@ typedef struct _MEMORY_REGION_INFORMATION
 {
     PVOID AllocationBase;
     ULONG AllocationProtect;
-    ULONG RegionType;
+    union
+    {
+        ULONG RegionType;
+        struct
+        {
+            ULONG Private : 1;
+            ULONG MappedDataFile : 1;
+            ULONG MappedImage : 1;
+            ULONG MappedPageFile : 1;
+            ULONG MappedPhysical : 1;
+            ULONG DirectMapped : 1;
+            ULONG Reserved : 26;
+        };
+    };
     SIZE_T RegionSize;
+    SIZE_T CommitSize;
 } MEMORY_REGION_INFORMATION, *PMEMORY_REGION_INFORMATION;
 
 // private
diff --git a/phnt/include/ntobapi.h b/phnt/include/ntobapi.h
@@ -33,6 +33,8 @@ typedef enum _OBJECT_INFORMATION_CLASS
     ObjectTypeInformation, // OBJECT_TYPE_INFORMATION
     ObjectTypesInformation, // OBJECT_TYPES_INFORMATION
     ObjectHandleFlagInformation, // OBJECT_HANDLE_FLAG_INFORMATION
+    ObjectSessionInformation,
+    ObjectSessionObjectInformation,
     MaxObjectInfoClass
 } OBJECT_INFORMATION_CLASS;
 #else
diff --git a/phnt/include/ntpnpapi.h b/phnt/include/ntpnpapi.h
@@ -95,6 +95,7 @@ typedef enum _PLUGPLAY_CONTROL_CLASS
     PlugPlayControlResetDevice,
     PlugPlayControlHaltDevice,
     PlugPlayControlGetBlockedDriverList,
+    PlugPlayControlGetDeviceInterfaceEnabled,
     MaxPlugPlayControl
 } PLUGPLAY_CONTROL_CLASS, *PPLUGPLAY_CONTROL_CLASS;
 
diff --git a/phnt/include/ntpoapi.h b/phnt/include/ntpoapi.h
@@ -62,9 +62,9 @@ typedef enum
     PowerStateSleeping2 = 1,
     PowerStateSleeping3 = 2,
     PowerStateSleeping4 = 3,
-    PowerStateSleeping4Firmware = 4,
+    PowerStateShutdownOff = 4,
     PowerStateShutdownReset = 5,
-    PowerStateShutdownOff = 6,
+    PowerStateSleeping4Firmware = 6,
     PowerStateMaximum = 7
 } POWER_STATE_HANDLER_TYPE, *PPOWER_STATE_HANDLER_TYPE;
 
diff --git a/phnt/include/ntpsapi.h b/phnt/include/ntpsapi.h
@@ -165,10 +165,13 @@ typedef enum _PROCESSINFOCLASS
     ProcessCommitReleaseInformation, // PROCESS_COMMIT_RELEASE_INFORMATION
     ProcessDefaultCpuSetsInformation,
     ProcessAllowedCpuSetsInformation,
-    ProcessSubsystemProcess, // 68
+    ProcessSubsystemProcess,
     ProcessJobMemoryInformation, // PROCESS_JOB_MEMORY_INFO
-    ProcessInPrivate, // since THRESHOLD2
+    ProcessInPrivate, // since THRESHOLD2 // 70
     ProcessRaiseUMExceptionOnInvalidHandleClose,
+    ProcessIumChallengeResponse,
+    ProcessChildProcessInformation, // PROCESS_CHILD_PROCESS_INFORMATION
+    ProcessHighGraphicsPriorityInformation,
     MaxProcessInfoClass
 } PROCESSINFOCLASS;
 #endif
@@ -219,6 +222,8 @@ typedef enum _THREADINFOCLASS
     ThreadSystemThreadInformation, // q: SYSTEM_THREAD_INFORMATION // 40
     ThreadActualGroupAffinity, // since THRESHOLD2
     ThreadDynamicCodePolicyInfo,
+    ThreadExplicitCaseSensitivity,
+    ThreadWorkOnBehalfTicket,
     MaxThreadInfoClass
 } THREADINFOCLASS;
 #endif
@@ -668,6 +673,12 @@ typedef struct _PROCESS_JOB_MEMORY_INFO
     ULONGLONG TotalCommitLimit;
 } PROCESS_JOB_MEMORY_INFO, *PPROCESS_JOB_MEMORY_INFO;
 
+typedef struct _PROCESS_CHILD_PROCESS_INFORMATION
+{
+    BOOLEAN ProhibitChildProcesses;
+    BOOLEAN EnableAutomaticOverride;
+} PROCESS_CHILD_PROCESS_INFORMATION, *PPROCESS_CHILD_PROCESS_INFORMATION;
+
 // end_private
 
 #endif
@@ -767,10 +778,10 @@ typedef struct _RTL_UMS_CONTEXT
 // private
 typedef enum _THREAD_UMS_INFORMATION_COMMAND
 {
-    UmsInformationCommandQuery, // Index might be incorrect.
+    UmsInformationCommandInvalid,
     UmsInformationCommandAttach,
     UmsInformationCommandDetach,
-    UmsInformationCommandInvalid
+    UmsInformationCommandQuery
 } THREAD_UMS_INFORMATION_COMMAND;
 
 // private
@@ -1176,6 +1187,11 @@ typedef enum _PS_ATTRIBUTE_NUM
     PsAttributeSecureProcess, // since THRESHOLD
     PsAttributeJobList,
     PsAttributeChildProcessPolicy, // since THRESHOLD2
+    PsAttributeAllApplicationPackagesPolicy, // since REDSTONE
+    PsAttributeWin32kFilter,
+    PsAttributeSafeOpenPromptOriginClaim,
+    PsAttributeBnoIsolation,
+    PsAttributeDesktopAppPolicy,
     PsAttributeMax
 } PS_ATTRIBUTE_NUM;
 
@@ -1226,11 +1242,11 @@ typedef enum _PS_ATTRIBUTE_NUM
 
 typedef struct _PS_ATTRIBUTE
 {
-    ULONG Attribute;
+    ULONG_PTR Attribute;
     SIZE_T Size;
     union
     {
-        ULONG Value;
+        ULONG_PTR Value;
         PVOID ValuePtr;
     };
     PSIZE_T ReturnLength;
diff --git a/plugins/Updater/updater.c b/plugins/Updater/updater.c
@@ -68,18 +68,6 @@ VOID FreeUpdateContext(
     PhClearReference(&Context->SetupFilePath);
     PhClearReference(&Context->SetupFileDownloadUrl);
 
-    if (Context->IconSmallHandle)
-    {
-        DeleteObject(Context->IconSmallHandle);
-        Context->IconSmallHandle = NULL;
-    }
-
-    if (Context->IconLargeHandle)
-    {
-        DestroyIcon(Context->IconLargeHandle);
-        Context->IconLargeHandle = NULL;
-    }
-
     PhFree(Context);
 }
 
