gitlab.com/Raven-IO/raven-delve@v1.22.4/pkg/proc/native/zsyscall_windows.go (about) 1 // Code generated by 'go generate'; DO NOT EDIT. 2 3 package native 4 5 import ( 6 "syscall" 7 "unsafe" 8 9 "golang.org/x/sys/windows" 10 ) 11 12 var _ unsafe.Pointer 13 14 // Do the interface allocations only once for common 15 // Errno values. 16 const ( 17 errnoERROR_IO_PENDING = 997 18 ) 19 20 var ( 21 errERROR_IO_PENDING error = syscall.Errno(errnoERROR_IO_PENDING) 22 ) 23 24 // errnoErr returns common boxed Errno values, to prevent 25 // allocations at runtime. 26 func errnoErr(e syscall.Errno) error { 27 switch e { 28 case 0: 29 return nil 30 case errnoERROR_IO_PENDING: 31 return errERROR_IO_PENDING 32 } 33 // TODO: add more here, after collecting data on the common 34 // error values see on Windows. (perhaps when running 35 // all.bat?) 36 return e 37 } 38 39 var ( 40 modntdll = windows.NewLazySystemDLL("ntdll.dll") 41 modkernel32 = windows.NewLazySystemDLL("kernel32.dll") 42 43 procNtQueryInformationThread = modntdll.NewProc("NtQueryInformationThread") 44 dbgUiRemoteBreakin = modntdll.NewProc("DbgUiRemoteBreakin") 45 procGetThreadContext = modkernel32.NewProc("GetThreadContext") 46 procSetThreadContext = modkernel32.NewProc("SetThreadContext") 47 procSuspendThread = modkernel32.NewProc("SuspendThread") 48 procResumeThread = modkernel32.NewProc("ResumeThread") 49 procContinueDebugEvent = modkernel32.NewProc("ContinueDebugEvent") 50 procWriteProcessMemory = modkernel32.NewProc("WriteProcessMemory") 51 procReadProcessMemory = modkernel32.NewProc("ReadProcessMemory") 52 procDebugBreakProcess = modkernel32.NewProc("DebugBreakProcess") 53 procWaitForDebugEvent = modkernel32.NewProc("WaitForDebugEvent") 54 procDebugActiveProcess = modkernel32.NewProc("DebugActiveProcess") 55 procDebugActiveProcessStop = modkernel32.NewProc("DebugActiveProcessStop") 56 procQueryFullProcessImageNameW = modkernel32.NewProc("QueryFullProcessImageNameW") 57 procVirtualQueryEx = modkernel32.NewProc("VirtualQueryEx") 58 procIsWow64Process = modkernel32.NewProc("IsWow64Process") 59 ) 60 61 func _NtQueryInformationThread(threadHandle syscall.Handle, infoclass int32, info uintptr, infolen uint32, retlen *uint32) (status _NTSTATUS) { 62 r0, _, _ := syscall.Syscall6(procNtQueryInformationThread.Addr(), 5, uintptr(threadHandle), uintptr(infoclass), uintptr(info), uintptr(infolen), uintptr(unsafe.Pointer(retlen)), 0) 63 status = _NTSTATUS(r0) 64 return 65 } 66 67 func _GetThreadContext(thread syscall.Handle, context *_CONTEXT) (err error) { 68 r1, _, e1 := syscall.Syscall(procGetThreadContext.Addr(), 2, uintptr(thread), uintptr(unsafe.Pointer(context)), 0) 69 if r1 == 0 { 70 if e1 != 0 { 71 err = errnoErr(e1) 72 } else { 73 err = syscall.EINVAL 74 } 75 } 76 return 77 } 78 79 func _SetThreadContext(thread syscall.Handle, context *_CONTEXT) (err error) { 80 r1, _, e1 := syscall.Syscall(procSetThreadContext.Addr(), 2, uintptr(thread), uintptr(unsafe.Pointer(context)), 0) 81 if r1 == 0 { 82 if e1 != 0 { 83 err = errnoErr(e1) 84 } else { 85 err = syscall.EINVAL 86 } 87 } 88 return 89 } 90 91 func _SuspendThread(threadid syscall.Handle) (prevsuspcount uint32, err error) { 92 r0, _, e1 := syscall.Syscall(procSuspendThread.Addr(), 1, uintptr(threadid), 0, 0) 93 prevsuspcount = uint32(r0) 94 if prevsuspcount == 0xffffffff { 95 if e1 != 0 { 96 err = errnoErr(e1) 97 } else { 98 err = syscall.EINVAL 99 } 100 } 101 return 102 } 103 104 func _ResumeThread(threadid syscall.Handle) (prevsuspcount uint32, err error) { 105 r0, _, e1 := syscall.Syscall(procResumeThread.Addr(), 1, uintptr(threadid), 0, 0) 106 prevsuspcount = uint32(r0) 107 if prevsuspcount == 0xffffffff { 108 if e1 != 0 { 109 err = errnoErr(e1) 110 } else { 111 err = syscall.EINVAL 112 } 113 } 114 return 115 } 116 117 func _ContinueDebugEvent(processid uint32, threadid uint32, continuestatus uint32) (err error) { 118 r1, _, e1 := syscall.Syscall(procContinueDebugEvent.Addr(), 3, uintptr(processid), uintptr(threadid), uintptr(continuestatus)) 119 if r1 == 0 { 120 if e1 != 0 { 121 err = errnoErr(e1) 122 } else { 123 err = syscall.EINVAL 124 } 125 } 126 return 127 } 128 129 func _WriteProcessMemory(process syscall.Handle, baseaddr uintptr, buffer *byte, size uintptr, byteswritten *uintptr) (err error) { 130 r1, _, e1 := syscall.Syscall6(procWriteProcessMemory.Addr(), 5, uintptr(process), uintptr(baseaddr), uintptr(unsafe.Pointer(buffer)), uintptr(size), uintptr(unsafe.Pointer(byteswritten)), 0) 131 if r1 == 0 { 132 if e1 != 0 { 133 err = errnoErr(e1) 134 } else { 135 err = syscall.EINVAL 136 } 137 } 138 return 139 } 140 141 func _ReadProcessMemory(process syscall.Handle, baseaddr uintptr, buffer *byte, size uintptr, bytesread *uintptr) (err error) { 142 r1, _, e1 := syscall.Syscall6(procReadProcessMemory.Addr(), 5, uintptr(process), uintptr(baseaddr), uintptr(unsafe.Pointer(buffer)), uintptr(size), uintptr(unsafe.Pointer(bytesread)), 0) 143 if r1 == 0 { 144 if e1 != 0 { 145 err = errnoErr(e1) 146 } else { 147 err = syscall.EINVAL 148 } 149 } 150 return 151 } 152 153 func _DebugBreakProcess(process syscall.Handle) (err error) { 154 r1, _, e1 := syscall.Syscall(procDebugBreakProcess.Addr(), 1, uintptr(process), 0, 0) 155 if r1 == 0 { 156 if e1 != 0 { 157 err = errnoErr(e1) 158 } else { 159 err = syscall.EINVAL 160 } 161 } 162 return 163 } 164 165 func _WaitForDebugEvent(debugevent *_DEBUG_EVENT, milliseconds uint32) (err error) { 166 r1, _, e1 := syscall.Syscall(procWaitForDebugEvent.Addr(), 2, uintptr(unsafe.Pointer(debugevent)), uintptr(milliseconds), 0) 167 if r1 == 0 { 168 if e1 != 0 { 169 err = errnoErr(e1) 170 } else { 171 err = syscall.EINVAL 172 } 173 } 174 return 175 } 176 177 func _DebugActiveProcess(processid uint32) (err error) { 178 r1, _, e1 := syscall.Syscall(procDebugActiveProcess.Addr(), 1, uintptr(processid), 0, 0) 179 if r1 == 0 { 180 if e1 != 0 { 181 err = errnoErr(e1) 182 } else { 183 err = syscall.EINVAL 184 } 185 } 186 return 187 } 188 189 func _DebugActiveProcessStop(processid uint32) (err error) { 190 r1, _, e1 := syscall.Syscall(procDebugActiveProcessStop.Addr(), 1, uintptr(processid), 0, 0) 191 if r1 == 0 { 192 if e1 != 0 { 193 err = errnoErr(e1) 194 } else { 195 err = syscall.EINVAL 196 } 197 } 198 return 199 } 200 201 func _QueryFullProcessImageName(process syscall.Handle, flags uint32, exename *uint16, size *uint32) (err error) { 202 r1, _, e1 := syscall.Syscall6(procQueryFullProcessImageNameW.Addr(), 4, uintptr(process), uintptr(flags), uintptr(unsafe.Pointer(exename)), uintptr(unsafe.Pointer(size)), 0, 0) 203 if r1 == 0 { 204 if e1 != 0 { 205 err = errnoErr(e1) 206 } else { 207 err = syscall.EINVAL 208 } 209 } 210 return 211 } 212 213 func _VirtualQueryEx(process syscall.Handle, addr uintptr, buffer *_MEMORY_BASIC_INFORMATION, length uintptr) (lengthOut uintptr) { 214 r0, _, _ := syscall.Syscall6(procVirtualQueryEx.Addr(), 4, uintptr(process), uintptr(addr), uintptr(unsafe.Pointer(buffer)), uintptr(length), 0, 0) 215 lengthOut = uintptr(r0) 216 return 217 } 218 219 func _IsWow64Process(process syscall.Handle, wow64process *uint32) (ok uint32) { 220 r0, _, _ := syscall.Syscall(procIsWow64Process.Addr(), 2, uintptr(process), uintptr(unsafe.Pointer(wow64process)), 0) 221 ok = uint32(r0) 222 return 223 }