Example #1
0
NTSTATUS InitializeConfigs(PUNICODE_STRING RegistryPath)
{
	HidConfigContext config;
	OBJECT_ATTRIBUTES attribs;
	NTSTATUS status;
	HANDLE hkey;
	ULONG value;

	if (g_configContext)
		return STATUS_ALREADY_REGISTERED;

	RtlZeroMemory(&config, sizeof(config));

	InitializeObjectAttributes(&attribs, RegistryPath, 0, NULL, NULL);

	status = ZwOpenKey(&hkey, KEY_ALL_ACCESS, &attribs);
	if (!NT_SUCCESS(status))
	{
		DbgPrint("FsFilter1!" __FUNCTION__ ": can't open config registry key, code:%08x\n", status);
		return status;
	}

	GetRegistryDWORD(hkey, L"Hid_State", &value, 1);
	config.state = (value ? TRUE : FALSE);

	GetRegistryDWORD(hkey, L"Hid_StealthMode", &value, 0);
	config.stealth = (value ? TRUE : FALSE);

	QueryAndAllocRegistryData(hkey, L"Hid_HideFsDirs",      REG_MULTI_SZ, &config.hideFSDirs,    NULL);
	QueryAndAllocRegistryData(hkey, L"Hid_HideFsFiles",     REG_MULTI_SZ, &config.hideFSFiles,   NULL);
	QueryAndAllocRegistryData(hkey, L"Hid_HideRegKeys",     REG_MULTI_SZ, &config.hideRegKeys,   NULL);
	QueryAndAllocRegistryData(hkey, L"Hid_HideRegValues",   REG_MULTI_SZ, &config.hideRegValues, NULL);

	QueryAndAllocRegistryData(hkey, L"Hid_IgnoredImages",   REG_MULTI_SZ, &config.ignoreImages,  NULL);
	QueryAndAllocRegistryData(hkey, L"Hid_ProtectedImages", REG_MULTI_SZ, &config.protectImages, NULL);

	ZwClose(hkey);

	g_configContext = (PHidConfigContext)ExAllocatePoolWithTag(NonPagedPool, sizeof(config), CONFIG_ALLOC_TAG);
	if (!g_configContext)
	{
		DbgPrint("FsFilter1!" __FUNCTION__ ": can't allocate memory for the config context\n");
		ReleaseConfigContext(&config);
		return STATUS_NO_MEMORY;
	}

	RtlCopyMemory(g_configContext, &config, sizeof(config));

	return STATUS_SUCCESS;
}
Example #2
0
int RegInfo_Init()
{
    g_stBattParam.u32Debug=DEF_u32Debug;
    if (GetRegistryDWORD(HKEY_LOCAL_MACHINE, BATT_DRIVER_REGISTRY, TEXT("u32Debug"), &g_stBattParam.u32Debug))
    {    	
    }	
    g_stBattParam.u32LowPowerSleep=DEF_u32LowPowerSleep;
    if (GetRegistryDWORD(HKEY_LOCAL_MACHINE, BATT_DRIVER_REGISTRY, TEXT("u32LowPowerSleep"), &g_stBattParam.u32LowPowerSleep))
    {    	
    }		

    g_stBattParam.u32FullPercentVbat=DEF_u32FullPercentVbat;
    if (GetRegistryDWORD(HKEY_LOCAL_MACHINE, BATT_DRIVER_REGISTRY, TEXT("u32FullPercentVbat"), &g_stBattParam.u32FullPercentVbat))
    {    	
    }		
	
    g_stBattParam.u32SampleVbatTimes=DEF_u32SampleVbatTimes;
    if (GetRegistryDWORD(HKEY_LOCAL_MACHINE, BATT_DRIVER_REGISTRY, TEXT("u32SampleVbatTimes"), &g_stBattParam.u32SampleVbatTimes))
    {    	
    }		

    g_stBattParam.u32SampleVbatDelay=DEF_u32SampleVbatDelay;
    if (GetRegistryDWORD(HKEY_LOCAL_MACHINE, BATT_DRIVER_REGISTRY, TEXT("u32SampleVbatDelay"), &g_stBattParam.u32SampleVbatDelay))
    {    	
    }		

    g_stBattParam.u32AutoSleepVbat=DEF_u32AutoSleepVbat;
    if (GetRegistryDWORD(HKEY_LOCAL_MACHINE, BATT_DRIVER_REGISTRY, TEXT("u32AutoSleepVbat"), &g_stBattParam.u32AutoSleepVbat))
    {    	
    }			
		
	
    DPNOK(g_stBattParam.u32Debug);	
    DPNOK(g_stBattParam.u32LowPowerSleep);	
    DPNOK( g_stBattParam.u32FullPercentVbat);
    DPNOK(g_stBattParam.u32SampleVbatTimes);	
    DPNOK(g_stBattParam.u32SampleVbatDelay);
    DPNOK(g_stBattParam.u32AutoSleepVbat);	
    return 1;
}