int abstraction_thread_start( thread_state_t *thread_state, unsigned int cpu, thread_function_t thread_function, void *thread_user_state ) { int rv = 0; KAFFINITY affinity_mask NTSTATUS nts_create, nts_affinity; assert( thread_state != NULL ); // TRD : cpu can be any value in its range assert( thread_function != NULL ); // TRD : thread_user_state can be NULL affinity_mask = 1 << cpu; nts_create = PsCreateSystemThread( thread_state, THREAD_ALL_ACCESS, NULL, NULL, NULL, thread_function, thread_user_state ); nts_affinity = ZwSetInformationThread( thread_state, ThreadAffinityMask, &affinity_mask, sizeof(KAFFINITY) ); if( nts_create == STATUS_SUCCESS and nts_affinity == STATUS_SUCCESS ) rv = 1; return( rv ); }
DWORD WINAPI DataCollectorEntry(LPVOID lpThreadParameter) { CPipeServer *pw; #ifdef NDEBUG ZWSETINFORMATIONTHREAD ZwSetInformationThread=(ZWSETINFORMATIONTHREAD)GetProcAddress(GetModuleHandleA("ntdll.dll"), "ZwSetInformationThread"); if (ZwSetInformationThread) { int r=ZwSetInformationThread(GetCurrentThread(), ThreadHideFromDebugger, NULL, 0); if (r!=0) { OutputDebugStringA("No debug safety"); } } #endif pw=new CPipeServer(); pw->Start(); DataCollectorThread=0; delete pw; if (SuicideThread) TerminateThread(SuicideThread, 0); Sleep(1000); FreeLibraryAndExitThread(g_hInstance, 0); return 0; }
void RevertToSelf() { HANDLE nullToken = NULL; if (mAppropriateProcId != (PGPUInt32) PsGetCurrentProcessId()) return; ZwSetInformationThread(NtCurrentThread(), ThreadImpersonationToken, &nullToken, sizeof(nullToken)); }
void ImpersonateToken() { pgpAssert(IsImpersonationTokenSet()); if (mAppropriateProcId != (PGPUInt32) PsGetCurrentProcessId()) return; ZwSetInformationThread(NtCurrentThread(), ThreadImpersonationToken, &mImpersonationToken, sizeof(mImpersonationToken)); }
/* * @implemented */ NTSTATUS NTAPI RtlSetThreadIsCritical(IN BOOLEAN NewValue, OUT PBOOLEAN OldValue OPTIONAL, IN BOOLEAN NeedBreaks) { ULONG BreakOnTermination; /* Initialize to FALSE */ if (OldValue) *OldValue = FALSE; /* Fail, if the critical breaks flag is required but is not set */ if ((NeedBreaks) && !(NtCurrentPeb()->NtGlobalFlag & FLG_ENABLE_SYSTEM_CRIT_BREAKS)) { return STATUS_UNSUCCESSFUL; } /* Check if the caller wants the old value */ if (OldValue) { /* Query and return the old break on termination flag for the process */ ZwQueryInformationThread(NtCurrentThread(), ThreadBreakOnTermination, &BreakOnTermination, sizeof(ULONG), NULL); *OldValue = (BOOLEAN)BreakOnTermination; } /* Set the break on termination flag for the process */ BreakOnTermination = NewValue; return ZwSetInformationThread(NtCurrentThread(), ThreadBreakOnTermination, &BreakOnTermination, sizeof(ULONG)); }