AuroraRuntime/Source/AuProcAddresses.NT.hpp

/***
    Copyright (C) 2023 J Reece Wilson (a/k/a "Reece"). All rights reserved.

    File: AuProcAddresses.NT.hpp
    Date: 2023-2-16
    Author: Reece
***/
#pragma once

namespace Aurora
{
    void InitNTAddresses();

    static const wchar_t *kSyncDllName        { L"API-MS-Win-Core-Synch-l1-2-0.dll" };
    static const wchar_t *kNtDllName          { L"NTDLL.dll" };
    static const wchar_t *kKernel32DllName    { L"Kernel32.dll" };
    static const wchar_t *kKernelBaseDllName  { L"KernelBase.dll" };
    static const wchar_t *kWS2DllName         { L"Ws2_32.dll" };
    static const wchar_t *kAdvancedApiDllName { L"Advapi32.dll" };
    static const wchar_t *kBCryptDllName      { L"bcrypt.dll" };

    struct WIN32_MEMORY_RANGE_ENTRY2
    {
        PVOID VirtualAddress;
        SIZE_T NumberOfBytes;
    };

    enum class THREAD_INFORMATION_CLASS
    {
        ThreadMemoryPriority,
        ThreadAbsoluteCpuPriority,
        ThreadDynamicCodePolicy,
        ThreadPowerThrottling,
        ThreadInformationClassMax
    };

    inline BOOL(_stdcall *pWaitOnAddress)(
        volatile VOID *             Address,
        PVOID                       CompareAddress,
        SIZE_T                      AddressSize,
        DWORD                       dwMilliseconds
    );

    inline void(_stdcall *pWakeByAddressSingle)(
        PVOID                       Address
    );

    inline void(_stdcall *pWakeByAddressAll)(
        PVOID                       Address
    );

    inline DWORD(_stdcall *pNtDelayExecution)(
        BOOLEAN                     Alertable,
        PLARGE_INTEGER              DelayInterval
    );

    inline PVOID(__stdcall *pVirtualAlloc2)(
        HANDLE                      Process,
        PVOID                       BaseAddress,
        SIZE_T                      Size,
        ULONG                       AllocationType,
        ULONG                       PageProtection,
        MEM_EXTENDED_PARAMETER *    ExtendedParameters,
        ULONG                       ParameterCount
    );

    inline PVOID(__stdcall *pMapViewOfFile3)(
        HANDLE                      FileMapping,
        HANDLE                      Process,
        PVOID                       BaseAddress,
        ULONG64                     Offset,
        SIZE_T                      ViewSize,
        ULONG                       AllocationType,
        ULONG                       PageProtection,
        MEM_EXTENDED_PARAMETER *    ExtendedParameters,
        ULONG                       ParameterCount
    );

    inline PVOID(__stdcall *pUnmapViewOfFile2)(
        HANDLE                      Process,
        PVOID                       BaseAddress,
        ULONG                       UnmapFlags
    );

    inline NTSTATUS(__stdcall *pNtWaitForKeyedEvent)(
        HANDLE                      Handle,
        PVOID                       Key,
        BOOLEAN                     Alertable,
        PLARGE_INTEGER              NTTimeout
    );

    inline NTSTATUS(__stdcall *pNtReleaseKeyedEvent)(
        HANDLE                      Handle,
        PVOID                       Key,
        BOOLEAN                     Alertable,
        PLARGE_INTEGER              NTTimeout
    );

    inline NTSTATUS(__stdcall *pNtCreateKeyedEvent)(
        HANDLE                      Handle,
        ACCESS_MASK                 Access,
        POBJECT_ATTRIBUTES          Attr,
        ULONG                       Flags
    );

    inline NTSTATUS(__stdcall *pNtOpenKeyedEvent)(
        HANDLE                      Handle,
        ACCESS_MASK                 Access,
        POBJECT_ATTRIBUTES          Attr,
        ULONG                       Flags
    );
    
    inline NTSTATUS(__stdcall *pRtlWaitOnAddress)(
        const void *                addr,
        const void *                cmp,
        SIZE_T                      size,
        const LARGE_INTEGER *       timeout);

#if defined(AURORA_PLATFORM_WIN32)
    inline NTSTATUS(__stdcall *pRtlGetVersion)(
        PRTL_OSVERSIONINFOW         lpVersionInformation
    );
#endif

    inline BOOL(__stdcall *pGetSystemCpuSetInformation)(
        PSYSTEM_CPU_SET_INFORMATION Information,
        ULONG                       BufferLength,
        PULONG                      ReturnedLength,
        HANDLE                      Process,
        ULONG                       Flags
    );              

    inline BOOL(__stdcall *pGetLogicalProcessorInformation)(
        PSYSTEM_LOGICAL_PROCESSOR_INFORMATION Buffer,
        PDWORD                      ReturnedLength
    );

    inline HRESULT(__stdcall *pSetThreadDescription)(
        HANDLE                      hThread,
        PCWSTR                      lpThreadDescription
    );
    
    inline BOOL(__stdcall *pSetThreadInformation)(
        HANDLE                      hThread,
        THREAD_INFORMATION_CLASS    ThreadInformationClass,
        LPVOID                      ThreadInformation,
        DWORD                       ThreadInformationSize
    );
    
    inline BOOL(__stdcall *pSetThreadSelectedCpuSets)(
        HANDLE                      Thread,
        const ULONG *               CpuSetIds,
        ULONG                       CpuSetIdCount
    );
    
    inline INT(__stdcall *pGetAddrInfoExCancel)(
        LPHANDLE                    lpHandle
    );

    inline BOOL(__stdcall *pPrefetchVirtualMemory)(
        HANDLE                      hProcess,
        ULONG_PTR                   NumberOfEntries,
        WIN32_MEMORY_RANGE_ENTRY2 * VirtualAddresses,
        ULONG                       Flags
    );

    inline NTSTATUS(__stdcall *pBCryptGenRandom)(
        PVOID                       hAlgorithm,
        PUCHAR                      pbBuffer,
        ULONG                       cbBuffer,
        ULONG                       dwFlags
    );

    inline BOOL(__stdcall *pCryptGenRandom)(
        ULONG_PTR                   hProv,
        DWORD                       dwLen,
        BYTE *pbBuffer
    );

    inline BOOL(__stdcall *pCryptAcquireContextW)(
        ULONG_PTR *                 hProv,
        LPCWSTR                     szContainer,
        LPCWSTR                     szProvider,
        DWORD                       dwProvType,
        DWORD                       dwFlags
    );

    inline BOOL(__stdcall *pCryptReleaseContext)(
        ULONG_PTR                   hProvz,
        DWORD                       dwFlags
    );

    inline NTSTATUS(__stdcall *pZwSetTimerResolution)(
        ULONG                       RequestedResolution,
        BOOLEAN                     Set,
        PULONG                      ActualResolution
    );

    inline bool gUseNativeWaitMutex {};
    inline bool gUseNativeWaitCondvar {};
    inline bool gUseNativeWaitSemapahore {};

    void Win32DropSchedulerResolution();
}
[+] Broke out NT `LoadLibrary`s to a dedicated root AuProcAddesses.[NT.]hpp 2023-02-16 16:01:21 +00:00			`/***`
			`Copyright (C) 2023 J Reece Wilson (a/k/a "Reece"). All rights reserved.`

			`File: AuProcAddresses.NT.hpp`
			`Date: 2023-2-16`
			`Author: Reece`
			`***/`
			`#pragma once`

			`namespace Aurora`
			`{`
			`void InitNTAddresses();`

[*] Wanna drop threaten to drop older APIs from the Windows Runtime? Alright, we're being pushed towards Windows XP support by accident. 2023-07-09 10:26:17 +00:00			`static const wchar_t *kSyncDllName { L"API-MS-Win-Core-Synch-l1-2-0.dll" };`
			`static const wchar_t *kNtDllName { L"NTDLL.dll" };`
			`static const wchar_t *kKernel32DllName { L"Kernel32.dll" };`
			`static const wchar_t *kKernelBaseDllName { L"KernelBase.dll" };`
			`static const wchar_t *kWS2DllName { L"Ws2_32.dll" };`
			`static const wchar_t *kAdvancedApiDllName { L"Advapi32.dll" };`
			`static const wchar_t *kBCryptDllName { L"bcrypt.dll" };`
[] Ensure AuProcAddresses.NT. is used for all dynamically linked symbols 2023-07-09 09:03:29 +00:00
			`struct WIN32_MEMORY_RANGE_ENTRY2`
			`{`
			`PVOID VirtualAddress;`
			`SIZE_T NumberOfBytes;`
			`};`

			`enum class THREAD_INFORMATION_CLASS`
			`{`
			`ThreadMemoryPriority,`
			`ThreadAbsoluteCpuPriority,`
			`ThreadDynamicCodePolicy,`
			`ThreadPowerThrottling,`
			`ThreadInformationClassMax`
			`};`
[+] Broke out NT `LoadLibrary`s to a dedicated root AuProcAddesses.[NT.]hpp 2023-02-16 16:01:21 +00:00
			`inline BOOL(_stdcall *pWaitOnAddress)(`
[] Ensure AuProcAddresses.NT. is used for all dynamically linked symbols 2023-07-09 09:03:29 +00:00			`volatile VOID * Address,`
			`PVOID CompareAddress,`
			`SIZE_T AddressSize,`
			`DWORD dwMilliseconds`
[+] Broke out NT `LoadLibrary`s to a dedicated root AuProcAddesses.[NT.]hpp 2023-02-16 16:01:21 +00:00			`);`

			`inline void(_stdcall *pWakeByAddressSingle)(`
[] Ensure AuProcAddresses.NT. is used for all dynamically linked symbols 2023-07-09 09:03:29 +00:00			`PVOID Address`
[+] Broke out NT `LoadLibrary`s to a dedicated root AuProcAddesses.[NT.]hpp 2023-02-16 16:01:21 +00:00			`);`

			`inline void(_stdcall *pWakeByAddressAll)(`
[] Ensure AuProcAddresses.NT. is used for all dynamically linked symbols 2023-07-09 09:03:29 +00:00			`PVOID Address`
[+] Broke out NT `LoadLibrary`s to a dedicated root AuProcAddesses.[NT.]hpp 2023-02-16 16:01:21 +00:00			`);`

			`inline DWORD(_stdcall *pNtDelayExecution)(`
[] Ensure AuProcAddresses.NT. is used for all dynamically linked symbols 2023-07-09 09:03:29 +00:00			`BOOLEAN Alertable,`
			`PLARGE_INTEGER DelayInterval`
[+] Broke out NT `LoadLibrary`s to a dedicated root AuProcAddesses.[NT.]hpp 2023-02-16 16:01:21 +00:00			`);`

			`inline PVOID(__stdcall *pVirtualAlloc2)(`
[] Ensure AuProcAddresses.NT. is used for all dynamically linked symbols 2023-07-09 09:03:29 +00:00			`HANDLE Process,`
			`PVOID BaseAddress,`
			`SIZE_T Size,`
			`ULONG AllocationType,`
			`ULONG PageProtection,`
			`MEM_EXTENDED_PARAMETER * ExtendedParameters,`
			`ULONG ParameterCount`
[+] Broke out NT `LoadLibrary`s to a dedicated root AuProcAddesses.[NT.]hpp 2023-02-16 16:01:21 +00:00			`);`

			`inline PVOID(__stdcall *pMapViewOfFile3)(`
[] Ensure AuProcAddresses.NT. is used for all dynamically linked symbols 2023-07-09 09:03:29 +00:00			`HANDLE FileMapping,`
			`HANDLE Process,`
			`PVOID BaseAddress,`
			`ULONG64 Offset,`
			`SIZE_T ViewSize,`
			`ULONG AllocationType,`
			`ULONG PageProtection,`
			`MEM_EXTENDED_PARAMETER * ExtendedParameters,`
			`ULONG ParameterCount`
[+] Broke out NT `LoadLibrary`s to a dedicated root AuProcAddesses.[NT.]hpp 2023-02-16 16:01:21 +00:00			`);`

			`inline PVOID(__stdcall *pUnmapViewOfFile2)(`
[] Ensure AuProcAddresses.NT. is used for all dynamically linked symbols 2023-07-09 09:03:29 +00:00			`HANDLE Process,`
			`PVOID BaseAddress,`
			`ULONG UnmapFlags`
[+] Broke out NT `LoadLibrary`s to a dedicated root AuProcAddesses.[NT.]hpp 2023-02-16 16:01:21 +00:00			`);`

[] [Pre-Win8.1] Optimize for modern nt instead of windows vista synch in legacy path; yes, this is how windows 7 and vista synch is somewhat implemented. ...on apis that predate those kernel revisions. so, technically this might be able to run on xp. [] GetThreadCookie optimization for all platforms 2023-03-15 00:35:29 +00:00			`inline NTSTATUS(__stdcall *pNtWaitForKeyedEvent)(`
[] Ensure AuProcAddresses.NT. is used for all dynamically linked symbols 2023-07-09 09:03:29 +00:00			`HANDLE Handle,`
			`PVOID Key,`
			`BOOLEAN Alertable,`
			`PLARGE_INTEGER NTTimeout`
[] [Pre-Win8.1] Optimize for modern nt instead of windows vista synch in legacy path; yes, this is how windows 7 and vista synch is somewhat implemented. ...on apis that predate those kernel revisions. so, technically this might be able to run on xp. [] GetThreadCookie optimization for all platforms 2023-03-15 00:35:29 +00:00			`);`

			`inline NTSTATUS(__stdcall *pNtReleaseKeyedEvent)(`
[] Ensure AuProcAddresses.NT. is used for all dynamically linked symbols 2023-07-09 09:03:29 +00:00			`HANDLE Handle,`
			`PVOID Key,`
			`BOOLEAN Alertable,`
			`PLARGE_INTEGER NTTimeout`
[] [Pre-Win8.1] Optimize for modern nt instead of windows vista synch in legacy path; yes, this is how windows 7 and vista synch is somewhat implemented. ...on apis that predate those kernel revisions. so, technically this might be able to run on xp. [] GetThreadCookie optimization for all platforms 2023-03-15 00:35:29 +00:00			`);`

			`inline NTSTATUS(__stdcall *pNtCreateKeyedEvent)(`
[] Ensure AuProcAddresses.NT. is used for all dynamically linked symbols 2023-07-09 09:03:29 +00:00			`HANDLE Handle,`
			`ACCESS_MASK Access,`
			`POBJECT_ATTRIBUTES Attr,`
			`ULONG Flags`
[] [Pre-Win8.1] Optimize for modern nt instead of windows vista synch in legacy path; yes, this is how windows 7 and vista synch is somewhat implemented. ...on apis that predate those kernel revisions. so, technically this might be able to run on xp. [] GetThreadCookie optimization for all platforms 2023-03-15 00:35:29 +00:00			`);`

			`inline NTSTATUS(__stdcall *pNtOpenKeyedEvent)(`
[] Ensure AuProcAddresses.NT. is used for all dynamically linked symbols 2023-07-09 09:03:29 +00:00			`HANDLE Handle,`
			`ACCESS_MASK Access,`
			`POBJECT_ATTRIBUTES Attr,`
			`ULONG Flags`
[] [Pre-Win8.1] Optimize for modern nt instead of windows vista synch in legacy path; yes, this is how windows 7 and vista synch is somewhat implemented. ...on apis that predate those kernel revisions. so, technically this might be able to run on xp. [] GetThreadCookie optimization for all platforms 2023-03-15 00:35:29 +00:00			`);`
[+] Improve WoA on Windows 8+ [+] AuThreading::WaitOnAddressSteady 2023-06-15 19:44:27 +00:00
			`inline NTSTATUS(__stdcall *pRtlWaitOnAddress)(`
[] Ensure AuProcAddresses.NT. is used for all dynamically linked symbols 2023-07-09 09:03:29 +00:00			`const void * addr,`
			`const void * cmp,`
			`SIZE_T size,`
			`const LARGE_INTEGER * timeout);`
[] [Pre-Win8.1] Optimize for modern nt instead of windows vista synch in legacy path; yes, this is how windows 7 and vista synch is somewhat implemented. ...on apis that predate those kernel revisions. so, technically this might be able to run on xp. [] GetThreadCookie optimization for all platforms 2023-03-15 00:35:29 +00:00
[+] Broke out NT `LoadLibrary`s to a dedicated root AuProcAddesses.[NT.]hpp 2023-02-16 16:01:21 +00:00			`#if defined(AURORA_PLATFORM_WIN32)`
[] Move GetSystemCpuSetInformation to AuProcAddresses.NT.cpp [] Fixed e-core awareness under modern nt targets 2023-07-09 09:02:21 +00:00			`inline NTSTATUS(__stdcall *pRtlGetVersion)(`
[] Ensure AuProcAddresses.NT. is used for all dynamically linked symbols 2023-07-09 09:03:29 +00:00			`PRTL_OSVERSIONINFOW lpVersionInformation`
[+] Broke out NT `LoadLibrary`s to a dedicated root AuProcAddesses.[NT.]hpp 2023-02-16 16:01:21 +00:00			`);`
			`#endif`
[+] Improve WoA on Windows 8+ [+] AuThreading::WaitOnAddressSteady 2023-06-15 19:44:27 +00:00
[] Move GetSystemCpuSetInformation to AuProcAddresses.NT.cpp [] Fixed e-core awareness under modern nt targets 2023-07-09 09:02:21 +00:00			`inline BOOL(__stdcall *pGetSystemCpuSetInformation)(`
			`PSYSTEM_CPU_SET_INFORMATION Information,`
[] Ensure AuProcAddresses.NT. is used for all dynamically linked symbols 2023-07-09 09:03:29 +00:00			`ULONG BufferLength,`
			`PULONG ReturnedLength,`
			`HANDLE Process,`
			`ULONG Flags`
[] Move GetSystemCpuSetInformation to AuProcAddresses.NT.cpp [] Fixed e-core awareness under modern nt targets 2023-07-09 09:02:21 +00:00			`);`

[] Ensure AuProcAddresses.NT. is used for all dynamically linked symbols 2023-07-09 09:03:29 +00:00			`inline BOOL(__stdcall *pGetLogicalProcessorInformation)(`
[] Move GetSystemCpuSetInformation to AuProcAddresses.NT.cpp [] Fixed e-core awareness under modern nt targets 2023-07-09 09:02:21 +00:00			`PSYSTEM_LOGICAL_PROCESSOR_INFORMATION Buffer,`
[] Ensure AuProcAddresses.NT. is used for all dynamically linked symbols 2023-07-09 09:03:29 +00:00			`PDWORD ReturnedLength`
			`);`

			`inline HRESULT(__stdcall *pSetThreadDescription)(`
			`HANDLE hThread,`
			`PCWSTR lpThreadDescription`
			`);`

			`inline BOOL(__stdcall *pSetThreadInformation)(`
			`HANDLE hThread,`
			`THREAD_INFORMATION_CLASS ThreadInformationClass,`
			`LPVOID ThreadInformation,`
			`DWORD ThreadInformationSize`
			`);`

			`inline BOOL(__stdcall *pSetThreadSelectedCpuSets)(`
			`HANDLE Thread,`
			`const ULONG * CpuSetIds,`
			`ULONG CpuSetIdCount`
			`);`

			`inline INT(__stdcall *pGetAddrInfoExCancel)(`
			`LPHANDLE lpHandle`
			`);`

			`inline BOOL(__stdcall *pPrefetchVirtualMemory)(`
			`HANDLE hProcess,`
			`ULONG_PTR NumberOfEntries,`
			`WIN32_MEMORY_RANGE_ENTRY2 * VirtualAddresses,`
			`ULONG Flags`
[] Move GetSystemCpuSetInformation to AuProcAddresses.NT.cpp [] Fixed e-core awareness under modern nt targets 2023-07-09 09:02:21 +00:00			`);`

[*] Wanna drop threaten to drop older APIs from the Windows Runtime? Alright, we're being pushed towards Windows XP support by accident. 2023-07-09 10:26:17 +00:00			`inline NTSTATUS(__stdcall *pBCryptGenRandom)(`
			`PVOID hAlgorithm,`
			`PUCHAR pbBuffer,`
			`ULONG cbBuffer,`
			`ULONG dwFlags`
			`);`

			`inline BOOL(__stdcall *pCryptGenRandom)(`
			`ULONG_PTR hProv,`
			`DWORD dwLen,`
			`BYTE *pbBuffer`
			`);`

			`inline BOOL(__stdcall *pCryptAcquireContextW)(`
			`ULONG_PTR * hProv,`
			`LPCWSTR szContainer,`
			`LPCWSTR szProvider,`
			`DWORD dwProvType,`
			`DWORD dwFlags`
			`);`

			`inline BOOL(__stdcall *pCryptReleaseContext)(`
			`ULONG_PTR hProvz,`
			`DWORD dwFlags`
			`);`

[*] Enhance Windows 7 scheduling resolution 2023-07-09 11:34:14 +00:00			`inline NTSTATUS(__stdcall *pZwSetTimerResolution)(`
			`ULONG RequestedResolution,`
			`BOOLEAN Set,`
			`PULONG ActualResolution`
			`);`

[+] Improve WoA on Windows 8+ [+] AuThreading::WaitOnAddressSteady 2023-06-15 19:44:27 +00:00			`inline bool gUseNativeWaitMutex {};`
			`inline bool gUseNativeWaitCondvar {};`
[*] cleanup: added gUseNativeWaitSemapahore 2023-06-15 23:05:46 +00:00			`inline bool gUseNativeWaitSemapahore {};`
[*] Enhance Windows 7 scheduling resolution 2023-07-09 11:34:14 +00:00
			`void Win32DropSchedulerResolution();`
[+] Broke out NT `LoadLibrary`s to a dedicated root AuProcAddesses.[NT.]hpp 2023-02-16 16:01:21 +00:00			`}`