* autoload.cc: Add dynamic load statements for 'ZwQueryInformationProcess' and
'ZwQueryVirtualMemory'. * fhandler.h: Change type of bufalloc and filesize members of fhandler_virtual from int to size_t. Change type of position member from __off32_t to __off64_t. Add new fileid member to fhandler_virtual class. Make seekdir take an __off64_t argument. Make lseek take an __off64_t argument. Add fill_filebuf method to fhandler_virtual. Add fill_filebuf method to fhandler_proc. Add fill_filebuf method to fhandler_registry. Add fill_filebuf method to fhandler_process. Add saved_pid and saved_p members to fhandler_process. * fhandler_proc.cc (proc_listing_array): Add 'loadavg', 'meminfo', and 'stat'. (proc_fhandlers array): Ditto. (fhandler_proc::open): Use fill_filebuf to flesh out the file contents. (fhandler_proc::fill_filebuf): New method. (fhandler_proc::format_proc_meminfo): Ditto. (fhandler_proc::format_proc_stat): Ditto. (fhandler_proc::format_proc_uptime): Ditto. * fhandler_process.cc (process_listing): Add 'stat' and 'statm'. (fhandler_process::fstat): Find the _pinfo structure for the process named in the filename. Return ENOENT if the process is no longer around. Set the gid and uid fields of the stat structure. (fhandler_process::open): Store pid and pointer to _pinfo structure in saved_pid and saved_p respectively. Use fill_filebuf to flesh out file contents. (fhandler_proc::fill_filebuf): New method. (format_process_stat): New function. (format_process_status): Ditto. (format_process_statm): Ditto. (get_process_state): Ditto. (get_mem_values): Ditto. * fhandler_registry.cc (fhandler_registry::seekdir): Change argument type from __off32_t to __off64_t. (fhandler_registry::fill_filebuf): New method. * fhandler_virtual.cc (fhandler_virtual::seekdir): Change argument type from __off32_t to __off64_t. (fhandler_virtual::lseek): Ditto. (fhandler_virtual::fill_filebuf): New method. (fhandler_virtual::fhandler_virtual): Initialise fileid to -1. * wincap.cc: Set flag has_process_io_counters appropriately. * wincap.h: Add flag has_process_io_counters.
This commit is contained in:
Christopher Faylor
@@ -10,11 +10,28 @@
|
||||
|
||||
#define STATUS_INFO_LENGTH_MISMATCH ((NTSTATUS) 0xc0000004)
|
||||
#define FILE_SYNCHRONOUS_IO_NONALERT 32
|
||||
#define PDI_MODULES 0x01
|
||||
#define PDI_HEAPS 0x04
|
||||
#define LDRP_IMAGE_DLL 0x00000004
|
||||
#define WSLE_PAGE_READONLY 0x001
|
||||
#define WSLE_PAGE_EXECUTE 0x002
|
||||
#define WSLE_PAGE_EXECUTE_READ 0x003
|
||||
#define WSLE_PAGE_READWRITE 0x004
|
||||
#define WSLE_PAGE_WRITECOPY 0x005
|
||||
#define WSLE_PAGE_EXECUTE_READWRITE 0x006
|
||||
#define WSLE_PAGE_EXECUTE_WRITECOPY 0x007
|
||||
#define WSLE_PAGE_SHARE_COUNT_MASK 0x0E0
|
||||
#define WSLE_PAGE_SHAREABLE 0x100
|
||||
|
||||
typedef ULONG KAFFINITY;
|
||||
|
||||
typedef enum _SYSTEM_INFORMATION_CLASS
|
||||
{
|
||||
SystemBasicInformation = 0,
|
||||
SystemPerformanceInformation = 2,
|
||||
SystemTimeOfDayInformation = 3,
|
||||
SystemProcessesAndThreadsInformation = 5,
|
||||
SystemProcessorTimes = 8,
|
||||
/* There are a lot more of these... */
|
||||
} SYSTEM_INFORMATION_CLASS;
|
||||
|
||||
@@ -30,9 +47,19 @@ typedef struct _SYSTEM_BASIC_INFORMATION
|
||||
ULONG LowestUserAddress;
|
||||
ULONG HighestUserAddress;
|
||||
ULONG ActiveProcessors;
|
||||
ULONG NumberProcessors;
|
||||
UCHAR NumberProcessors;
|
||||
} SYSTEM_BASIC_INFORMATION, *PSYSTEM_BASIC_INFORMATION;
|
||||
|
||||
typedef struct _SYSTEM_PROCESSOR_TIMES
|
||||
{
|
||||
LARGE_INTEGER IdleTime;
|
||||
LARGE_INTEGER KernelTime;
|
||||
LARGE_INTEGER UserTime;
|
||||
LARGE_INTEGER DpcTime;
|
||||
LARGE_INTEGER InterruptTime;
|
||||
ULONG InterruptCount;
|
||||
} SYSTEM_PROCESSOR_TIMES, *PSYSTEM_PROCESSOR_TIMES;
|
||||
|
||||
typedef LONG KPRIORITY;
|
||||
typedef struct _VM_COUNTERS
|
||||
{
|
||||
@@ -112,12 +139,13 @@ typedef struct _SYSTEM_THREADS
|
||||
ULONG ContextSwitchCount;
|
||||
THREAD_STATE State;
|
||||
KWAIT_REASON WaitReason;
|
||||
DWORD Reserved;
|
||||
} SYSTEM_THREADS, *PSYSTEM_THREADS;
|
||||
|
||||
typedef struct _SYSTEM_PROCESSES
|
||||
{
|
||||
ULONG NextEntryDelta;
|
||||
ULONG Threadcount;
|
||||
ULONG ThreadCount;
|
||||
ULONG Reserved1[6];
|
||||
LARGE_INTEGER CreateTime;
|
||||
LARGE_INTEGER UserTime;
|
||||
@@ -139,6 +167,180 @@ typedef struct _IO_STATUS_BLOCK
|
||||
ULONG Information;
|
||||
} IO_STATUS_BLOCK, *PIO_STATUS_BLOCK;
|
||||
|
||||
typedef struct _SYSTEM_PERFORMANCE_INFORMATION
|
||||
{
|
||||
LARGE_INTEGER IdleTime;
|
||||
LARGE_INTEGER ReadTransferCount;
|
||||
LARGE_INTEGER WriteTransferCount;
|
||||
LARGE_INTEGER OtherTransferCount;
|
||||
ULONG ReadOperationCount;
|
||||
ULONG WriteOperationCount;
|
||||
ULONG OtherOperationCount;
|
||||
ULONG AvailablePages;
|
||||
ULONG TotalCommittedPages;
|
||||
ULONG TotalCommitLimit;
|
||||
ULONG PeakCommitment;
|
||||
ULONG PageFaults;
|
||||
ULONG WriteCopyFaults;
|
||||
ULONG TransitionFaults;
|
||||
ULONG Reserved1;
|
||||
ULONG DemandZeroFaults;
|
||||
ULONG PagesRead;
|
||||
ULONG PageReadIos;
|
||||
ULONG Reserved2[2];
|
||||
ULONG PagefilePagesWritten;
|
||||
ULONG PagefilePageWriteIos;
|
||||
ULONG MappedFilePagesWritten;
|
||||
ULONG MappedFilePageWriteIos;
|
||||
ULONG PagedPoolUsage;
|
||||
ULONG NonPagedPoolUsage;
|
||||
ULONG PagedPoolAllocs;
|
||||
ULONG PagedPoolFrees;
|
||||
ULONG NonPagedPoolAllocs;
|
||||
ULONG NonPagedPoolFrees;
|
||||
ULONG TotalFreeSystemPtes;
|
||||
ULONG SystemCodePage;
|
||||
ULONG TotalSystemDriverPages;
|
||||
ULONG TotalSystemCodePages;
|
||||
ULONG SmallNonPagedLookasideListAllocateHits;
|
||||
ULONG SmallPagedLookasideListAllocateHits;
|
||||
ULONG Reserved3;
|
||||
ULONG MmSystemCachePage;
|
||||
ULONG PagedPoolPage;
|
||||
ULONG SystemDriverPage;
|
||||
ULONG FastReadNoWait;
|
||||
ULONG FastReadWait;
|
||||
ULONG FastReadResourceMiss;
|
||||
ULONG FastReadNotPossible;
|
||||
ULONG FastMdlReadNoWait;
|
||||
ULONG FastMdlReadWait;
|
||||
ULONG FastMdlReadResourceMiss;
|
||||
ULONG FastMdlReadNotPossible;
|
||||
ULONG MapDataNoWait;
|
||||
ULONG MapDataWait;
|
||||
ULONG MapDataNoWaitMiss;
|
||||
ULONG MapDataWaitMiss;
|
||||
ULONG PinMappedDataCount;
|
||||
ULONG PinReadNoWait;
|
||||
ULONG PinReadWait;
|
||||
ULONG PinReadNoWaitMiss;
|
||||
ULONG PinReadWaitMiss;
|
||||
ULONG CopyReadNoWait;
|
||||
ULONG CopyReadWait;
|
||||
ULONG CopyReadNoWaitMiss;
|
||||
ULONG CopyReadWaitMiss;
|
||||
ULONG MdlReadNoWait;
|
||||
ULONG MdlReadWait;
|
||||
ULONG MdlReadNoWaitMiss;
|
||||
ULONG MdlReadWaitMiss;
|
||||
ULONG ReadAheadIos;
|
||||
ULONG LazyWriteIos;
|
||||
ULONG LazyWritePages;
|
||||
ULONG DataFlushes;
|
||||
ULONG DataPages;
|
||||
ULONG ContextSwitches;
|
||||
ULONG FirstLevelTbFills;
|
||||
ULONG SecondLevelTbFills;
|
||||
ULONG SystemCalls;
|
||||
} SYSTEM_PERFORMANCE_INFORMATION, *PSYSTEM_PERFORMANCE_INFORMATION;
|
||||
|
||||
typedef struct _SYSTEM_TIME_OF_DAY_INFORMATION
|
||||
{
|
||||
LARGE_INTEGER BootTime;
|
||||
LARGE_INTEGER CurrentTime;
|
||||
LARGE_INTEGER TimeZoneBias;
|
||||
ULONG CurrentTimeZoneId;
|
||||
} SYSTEM_TIME_OF_DAY_INFORMATION, *PSYSTEM_TIME_OF_DAY_INFORMATION;
|
||||
|
||||
typedef enum _PROCESSINFOCLASS
|
||||
{
|
||||
ProcessBasicInformation = 0,
|
||||
ProcessQuotaLimits = 1,
|
||||
ProcessVmCounters = 3,
|
||||
ProcessTimes =4,
|
||||
} PROCESSINFOCLASS;
|
||||
|
||||
typedef struct _DEBUG_BUFFER
|
||||
{
|
||||
HANDLE SectionHandle;
|
||||
PVOID SectionBase;
|
||||
PVOID RemoteSectionBase;
|
||||
ULONG SectionBaseDelta;
|
||||
HANDLE EventPairHandle;
|
||||
ULONG Unknown[2];
|
||||
HANDLE RemoteThreadHandle;
|
||||
ULONG InfoClassMask;
|
||||
ULONG SizeOfInfo;
|
||||
ULONG AllocatedSize;
|
||||
ULONG SectionSize;
|
||||
PVOID ModuleInformation;
|
||||
PVOID BackTraceInformation;
|
||||
PVOID HeapInformation;
|
||||
PVOID LockInformation;
|
||||
PVOID Reserved[9];
|
||||
} DEBUG_BUFFER, *PDEBUG_BUFFER;
|
||||
|
||||
typedef struct _DEBUG_HEAP_INFORMATION
|
||||
{
|
||||
ULONG Base;
|
||||
ULONG Flags;
|
||||
USHORT Granularity;
|
||||
USHORT Unknown;
|
||||
ULONG Allocated;
|
||||
ULONG Committed;
|
||||
ULONG TagCount;
|
||||
ULONG BlockCount;
|
||||
ULONG Reserved[7];
|
||||
PVOID Tags;
|
||||
PVOID Blocks;
|
||||
} DEBUG_HEAP_INFORMATION, *PDEBUG_HEAP_INFORMATION;
|
||||
|
||||
typedef struct _DEBUG_MODULE_INFORMATION
|
||||
{
|
||||
ULONG Reserved[2];
|
||||
ULONG Base;
|
||||
ULONG Size;
|
||||
ULONG Flags;
|
||||
USHORT Index;
|
||||
USHORT Unknown;
|
||||
USHORT LoadCount;
|
||||
USHORT ModuleNameOffset;
|
||||
CHAR ImageName[256];
|
||||
} DEBUG_MODULE_INFORMATION, *PDEBUG_MODULE_INFORMATION;
|
||||
|
||||
typedef struct _KERNEL_USER_TIMES
|
||||
{
|
||||
LARGE_INTEGER CreateTime;
|
||||
LARGE_INTEGER ExitTime;
|
||||
LARGE_INTEGER KernelTime;
|
||||
LARGE_INTEGER UserTime;
|
||||
} KERNEL_USER_TIMES, *PKERNEL_USER_TIMES;
|
||||
|
||||
typedef void *PPEB;
|
||||
|
||||
typedef struct _PROCESS_BASIC_INFORMATION
|
||||
{
|
||||
NTSTATUS ExitStatus;
|
||||
PPEB PebBaseAddress;
|
||||
KAFFINITY AffinityMask;
|
||||
KPRIORITY BasePriority;
|
||||
ULONG UniqueProcessId;
|
||||
ULONG InheritedFromUniqueProcessId;
|
||||
} PROCESS_BASIC_INFORMATION, *PPROCESS_BASIC_INFORMATION;
|
||||
|
||||
typedef enum _MEMORY_INFORMATION_CLASS
|
||||
{
|
||||
MemoryBasicInformation,
|
||||
MemoryWorkingSetList,
|
||||
MemorySectionName,
|
||||
MemoryBaiscVlmInformation
|
||||
} MEMORY_INFORMATION_CLASS;
|
||||
|
||||
typedef struct _MEMORY_WORKING_SET_LIST {
|
||||
ULONG NumberOfPages;
|
||||
ULONG WorkingSetList[1];
|
||||
} MEMORY_WORKING_SET_LIST, *PMEMORY_WORKING_SET_LIST;
|
||||
|
||||
/* Function declarations for ntdll.dll. These don't appear in any
|
||||
standard Win32 header. */
|
||||
extern "C"
|
||||
@@ -162,4 +364,8 @@ extern "C"
|
||||
NTSTATUS NTAPI ZwQuerySystemInformation (IN SYSTEM_INFORMATION_CLASS,
|
||||
IN OUT PVOID, IN ULONG,
|
||||
OUT PULONG);
|
||||
NTSTATUS NTAPI ZwQueryInformationProcess (IN HANDLE, IN PROCESSINFOCLASS,
|
||||
OUT PVOID, IN ULONG, OUT PULONG);
|
||||
NTSTATUS NTAPI ZwQueryVirtualMemory (IN HANDLE, IN PVOID, IN MEMORY_INFORMATION_CLASS,
|
||||
OUT PVOID, IN ULONG, OUT PULONG);
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user