feat(driver): commit primer

13 files changed, 508 insertions, 0 deletions

diff --git a/crates/windows-kernel-sys/Cargo.toml b/crates/windows-kernel-sys/Cargo.toml
new file mode 100644
index 0000000..dc0819d
--- /dev/null
+++ b/crates/windows-kernel-sys/Cargo.toml
@@ -0,0 +1,20 @@
+[package]
+name = "windows-kernel-sys"
+version = "0.1.0"
+edition = "2018"
+
+# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
+
+[features]
+default = ["intrin", "ntoskrnl"]
+intrin = []
+ntoskrnl = []
+netio = []
+
+[dependencies]
+cty = "0.2"
+
+[build-dependencies]
+bindgen = "0.59"
+cc = "1.0"
+windows-kernel-build = { path = "../windows-kernel-build" }
diff --git a/crates/windows-kernel-sys/LICENSE b/crates/windows-kernel-sys/LICENSE
new file mode 100644
index 0000000..68bb87c
--- /dev/null
+++ b/crates/windows-kernel-sys/LICENSE
@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2021 S.J.R. van Schaik
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/crates/windows-kernel-sys/build.rs b/crates/windows-kernel-sys/build.rs
new file mode 100644
index 0000000..254e2e9
--- /dev/null
+++ b/crates/windows-kernel-sys/build.rs
@@ -0,0 +1,135 @@
+use std::path::PathBuf;
+
+use bindgen::callbacks::*;
+use windows_kernel_build::DirectoryType;
+
+#[derive(Debug)]
+struct Callbacks;
+
+impl ParseCallbacks for Callbacks {
+  fn int_macro(&self, name: &str, _value: i64) -> Option<IntKind> {
+    Some(match name {
+      "TRUE" | "FALSE" => IntKind::UChar,
+      _ => return None,
+    })
+  }
+}
+
+fn generate_base() {
+  println!("cargo:rerun-if-changed=src/wrapper.h");
+
+  let include_dir = windows_kernel_build::get_km_dir(DirectoryType::Include).unwrap();
+  let out_path = PathBuf::from(
+    std::env::var_os("OUT_DIR").expect("the environment variable OUT_DIR is undefined"),
+  );
+
+  bindgen::Builder::default()
+    .header("src/wrapper.h")
+    .use_core()
+    .derive_debug(false)
+    .layout_tests(false)
+    .ctypes_prefix("cty")
+    .default_enum_style(bindgen::EnumVariation::ModuleConsts)
+    .clang_arg(format!("-I{}", include_dir.to_str().unwrap()))
+    .parse_callbacks(Box::new(bindgen::CargoCallbacks))
+    .parse_callbacks(Box::new(Callbacks))
+    .ignore_functions()
+    .generate()
+    .unwrap()
+    .write_to_file(out_path.join("base.rs"))
+    .unwrap();
+}
+
+#[cfg(feature = "intrin")]
+fn generate_intrin() {
+  println!("cargo:rerun-if-changed=src/wrapper_intrin.c");
+
+  let include_dir = windows_kernel_build::get_km_dir(DirectoryType::Include).unwrap();
+
+  cc::Build::new()
+    .flag("/kernel")
+    .include(include_dir)
+    .file("src/wrapper_intrin.c")
+    .compile("wrapper_intrin");
+}
+
+#[cfg(not(feature = "intrin"))]
+fn generate_intrin() {}
+
+#[cfg(feature = "ntoskrnl")]
+fn generate_ntoskrnl() {
+  println!("cargo:rerun-if-changed=src/wrapper.h");
+  println!("cargo:rerun-if-changed=src/wrapper.c");
+  println!("cargo:rustc-link-lib=ntoskrnl");
+
+  let include_dir = windows_kernel_build::get_km_dir(DirectoryType::Include).unwrap();
+  let out_path = PathBuf::from(
+    std::env::var_os("OUT_DIR").expect("the environment variable OUT_DIR is undefined"),
+  );
+
+  bindgen::Builder::default()
+    .header("src/wrapper.h")
+    .use_core()
+    .derive_debug(false)
+    .layout_tests(false)
+    .ctypes_prefix("cty")
+    .default_enum_style(bindgen::EnumVariation::ModuleConsts)
+    .clang_arg(format!("-I{}", include_dir.to_str().unwrap()))
+    .parse_callbacks(Box::new(bindgen::CargoCallbacks))
+    .blocklist_type(".*")
+    .allowlist_function(".*")
+    .allowlist_recursively(false)
+    .generate()
+    .unwrap()
+    .write_to_file(out_path.join("ntoskrnl.rs"))
+    .unwrap();
+
+  cc::Build::new()
+    .flag("/kernel")
+    .include(include_dir)
+    .file("src/wrapper.c")
+    .compile("wrapper_ntoskrnl");
+}
+
+#[cfg(not(feature = "ntoskrnl"))]
+fn generate_ntoskrnl() {}
+
+#[cfg(feature = "netio")]
+fn generate_netio() {
+  println!("cargo:rerun-if-changed=src/wrapper_netio.h");
+  println!("cargo:rustc-link-lib=netio");
+
+  let include_dir = windows_kernel_build::get_km_dir(DirectoryType::Include).unwrap();
+  let out_path = PathBuf::from(
+    std::env::var_os("OUT_DIR").expect("the environment variable OUT_DIR is undefined"),
+  );
+
+  bindgen::Builder::default()
+    .header("src/wrapper.h")
+    .use_core()
+    .derive_debug(false)
+    .layout_tests(false)
+    .ctypes_prefix("cty")
+    .default_enum_style(bindgen::EnumVariation::ModuleConsts)
+    .clang_arg(format!("-I{}", include_dir.to_str().unwrap()))
+    .parse_callbacks(Box::new(bindgen::CargoCallbacks))
+    .blocklist_type(".*")
+    .allowlist_function(".*")
+    .allowlist_recursively(false)
+    .generate()
+    .unwrap()
+    .write_to_file(out_path.join("netio.rs"))
+    .unwrap();
+}
+
+#[cfg(not(feature = "netio"))]
+fn generate_netio() {}
+
+fn main() {
+  println!("cargo:rerun-if-changed=build.rs");
+
+  generate_base();
+  generate_intrin();
+  generate_ntoskrnl();
+  generate_netio();
+}
diff --git a/crates/windows-kernel-sys/rust-toolchain b/crates/windows-kernel-sys/rust-toolchain
new file mode 100644
index 0000000..bf867e0
--- /dev/null
+++ b/crates/windows-kernel-sys/rust-toolchain
@@ -0,0 +1 @@
+nightly
diff --git a/crates/windows-kernel-sys/src/base.rs b/crates/windows-kernel-sys/src/base.rs
new file mode 100644
index 0000000..073afea
--- /dev/null
+++ b/crates/windows-kernel-sys/src/base.rs
@@ -0,0 +1,39 @@
+#![allow(non_upper_case_globals)]
+#![allow(non_camel_case_types)]
+#![allow(non_snake_case)]
+
+pub use cty::*;
+
+include!(concat!(env!("OUT_DIR"), "/base.rs"));
+
+pub const STATUS_SUCCESS: NTSTATUS = 0x00000000;
+pub const STATUS_GUARD_PAGE_VIOLATION: NTSTATUS = 0x80000001 as u32 as i32;
+pub const STATUS_DATATYPE_MISALIGNMENT: NTSTATUS = 0x80000002 as u32 as i32;
+pub const STATUS_BREAKPOINT: NTSTATUS = 0x80000003 as u32 as i32;
+pub const STATUS_SINGLE_STEP: NTSTATUS = 0x80000004 as u32 as i32;
+pub const STATUS_UNWIND_CONSOLIDATE: NTSTATUS = 0x80000029 as u32 as i32;
+pub const STATUS_UNSUCCESSFUL: NTSTATUS = 0xC0000001 as u32 as i32;
+pub const STATUS_NOT_IMPLEMENTED: NTSTATUS = 0xC0000002 as u32 as i32;
+pub const STATUS_ACCESS_VIOLATION: NTSTATUS = 0xC0000005 as u32 as i32;
+pub const STATUS_IN_PAGE_ERROR: NTSTATUS = 0xC0000006 as u32 as i32;
+pub const STATUS_INVALID_HANDLE: NTSTATUS = 0xC0000008 as u32 as i32;
+pub const STATUS_INVALID_PARAMETER: NTSTATUS = 0xC000000D as u32 as i32;
+pub const STATUS_END_OF_FILE: NTSTATUS = 0xC0000011 as u32 as i32;
+pub const STATUS_NO_MEMORY: NTSTATUS = 0xC0000017 as u32 as i32;
+pub const STATUS_ILLEGAL_INSTRUCTION: NTSTATUS = 0xC000001D as u32 as i32;
+pub const STATUS_NONCONTINUABLE_EXCEPTION: NTSTATUS = 0xC0000025 as u32 as i32;
+pub const STATUS_INVALID_DISPOSITION: NTSTATUS = 0xC0000026 as u32 as i32;
+pub const STATUS_ARRAY_BOUNDS_EXCEEDED: NTSTATUS = 0xC000008C as u32 as i32;
+pub const STATUS_FLOAT_DENORMAL_OPERAND: NTSTATUS = 0xC000008D as u32 as i32;
+pub const STATUS_FLOAT_DIVIDE_BY_ZERO: NTSTATUS = 0xC000008E as u32 as i32;
+pub const STATUS_FLOAT_INEXACT_RESULT: NTSTATUS = 0xC000008F as u32 as i32;
+pub const STATUS_FLOAT_INVALID_OPERATION: NTSTATUS = 0xC0000090 as u32 as i32;
+pub const STATUS_FLOAT_OVERFLOW: NTSTATUS = 0xC0000091 as u32 as i32;
+pub const STATUS_FLOAT_STACK_CHECK: NTSTATUS = 0xC0000092 as u32 as i32;
+pub const STATUS_FLOAT_UNDERFLOW: NTSTATUS = 0xC0000093 as u32 as i32;
+pub const STATUS_INTEGER_DIVIDE_BY_ZERO: NTSTATUS = 0xC0000094 as u32 as i32;
+pub const STATUS_INTEGER_OVERFLOW: NTSTATUS = 0xC0000095 as u32 as i32;
+pub const STATUS_PRIVILEGED_INSTRUCTION: NTSTATUS = 0xC0000096 as u32 as i32;
+pub const STATUS_INSUFFICIENT_RESOURCES: NTSTATUS = 0xC000009A as u32 as i32;
+pub const STATUS_INVALID_USER_BUFFER: NTSTATUS = 0xC00000E8 as u32 as i32;
+pub const STATUS_STACK_OVERFLOW: NTSTATUS = 0xC00000FD as u32 as i32;
diff --git a/crates/windows-kernel-sys/src/intrin.rs b/crates/windows-kernel-sys/src/intrin.rs
new file mode 100644
index 0000000..f6ef95f
--- /dev/null
+++ b/crates/windows-kernel-sys/src/intrin.rs
@@ -0,0 +1,16 @@
+#![allow(non_upper_case_globals)]
+#![allow(non_camel_case_types)]
+#![allow(non_snake_case)]
+
+use crate::base::*;
+
+#[link(name = "wrapper_intrin")]
+extern "C" {
+  pub fn read_cr3() -> u64;
+  pub fn write_cr3(value: u64);
+  pub fn read_msr(register: u32) -> u64;
+  pub fn read_msr_safe(register: u32, value: &mut u64) -> NTSTATUS;
+  pub fn write_msr(register: u32, value: u64);
+  pub fn write_msr_safe(register: u32, value: u64) -> NTSTATUS;
+  pub fn invlpg(value: usize);
+}
diff --git a/crates/windows-kernel-sys/src/lib.rs b/crates/windows-kernel-sys/src/lib.rs
new file mode 100644
index 0000000..f41736c
--- /dev/null
+++ b/crates/windows-kernel-sys/src/lib.rs
@@ -0,0 +1,13 @@
+#![no_std]
+#![feature(untagged_unions)]
+
+pub mod base;
+
+#[cfg(feature = "intrin")]
+pub mod intrin;
+#[cfg(feature = "netio")]
+pub mod netio;
+#[cfg(feature = "ntoskrnl")]
+pub mod ntoskrnl;
+
+pub use cty::*;
diff --git a/crates/windows-kernel-sys/src/netio.rs b/crates/windows-kernel-sys/src/netio.rs
new file mode 100644
index 0000000..0684594
--- /dev/null
+++ b/crates/windows-kernel-sys/src/netio.rs
@@ -0,0 +1,7 @@
+#![allow(non_upper_case_globals)]
+#![allow(non_camel_case_types)]
+#![allow(non_snake_case)]
+
+use crate::base::*;
+
+include!(concat!(env!("OUT_DIR"), "/netio.rs"));
diff --git a/crates/windows-kernel-sys/src/ntoskrnl.rs b/crates/windows-kernel-sys/src/ntoskrnl.rs
new file mode 100644
index 0000000..f1daa4e
--- /dev/null
+++ b/crates/windows-kernel-sys/src/ntoskrnl.rs
@@ -0,0 +1,50 @@
+#![allow(non_upper_case_globals)]
+#![allow(non_camel_case_types)]
+#![allow(non_snake_case)]
+
+use crate::base::*;
+
+#[link(name = "wrapper_ntoskrnl")]
+extern "C" {
+  pub fn _ExInitializeFastMutex(mutex: PFAST_MUTEX);
+  pub fn _ExAcquirePushLockExclusive(push_lock: PEX_PUSH_LOCK);
+  pub fn _ExReleasePushLockExclusive(push_lock: PEX_PUSH_LOCK);
+  pub fn _ExAcquirePushLockShared(push_lock: PEX_PUSH_LOCK);
+  pub fn _ExReleasePushLockShared(push_lock: PEX_PUSH_LOCK);
+  pub fn _IoGetCurrentIrpStackLocation(irp: PIRP) -> PIO_STACK_LOCATION;
+  pub fn _IoGetNextIrpStackLocation(irp: PIRP) -> PIO_STACK_LOCATION;
+  pub fn _IoSetCompletionRoutine(
+    irp: PIRP,
+    completion_routine: PIO_COMPLETION_ROUTINE,
+    context: PVOID,
+    invoke_on_success: BOOLEAN,
+    invoke_on_error: BOOLEAN,
+    invoke_on_cancel: BOOLEAN,
+  );
+  pub fn _IoCompleteRequest(irp: PIRP, priority_boost: CCHAR);
+  pub fn _MmGetMdlByteCount(mdl: PMDL) -> ULONG;
+  pub fn _MmGetMdlByteOffset(mdl: PMDL) -> ULONG;
+  pub fn _MmGetSystemAddressForMdlSafe(mdl: PMDL, priority: ULONG) -> PVOID;
+  pub fn _ObDereferenceObject(p: *mut cty::c_void);
+  pub fn _ObReferenceObject(p: *mut cty::c_void);
+}
+
+pub use self::{
+  IoGetCurrentProcess as PsGetCurrentProcess,
+  _ExAcquirePushLockExclusive as ExAcquirePushLockExclusive,
+  _ExAcquirePushLockShared as ExAcquirePushLockShared,
+  _ExInitializeFastMutex as ExInitializeFastMutex,
+  _ExReleasePushLockExclusive as ExReleasePushLockExclusive,
+  _ExReleasePushLockShared as ExReleasePushLockShared,
+  _IoCompleteRequest as IoCompleteRequest,
+  _IoGetCurrentIrpStackLocation as IoGetCurrentIrpStackLocation,
+  _IoGetNextIrpStackLocation as IoGetNextIrpStackLocation,
+  _IoSetCompletionRoutine as IoSetCompletionRoutine,
+  _MmGetMdlByteCount as MmGetMdlByteCount,
+  _MmGetMdlByteOffset as MmGetMdlByteOffset,
+  _MmGetSystemAddressForMdlSafe as MmGetSystemAddressForMdlSafe,
+  _ObDereferenceObject as ObDereferenceObject,
+  _ObReferenceObject as ObReferenceObject,
+};
+
+include!(concat!(env!("OUT_DIR"), "/ntoskrnl.rs"));
diff --git a/crates/windows-kernel-sys/src/wrapper.c b/crates/windows-kernel-sys/src/wrapper.c
new file mode 100644
index 0000000..39c730f
--- /dev/null
+++ b/crates/windows-kernel-sys/src/wrapper.c
@@ -0,0 +1,77 @@
+#include "wrapper.h"
+
+void _ExInitializeFastMutex(
+	PFAST_MUTEX fast_mutex
+) {
+	ExInitializeFastMutex(fast_mutex);
+}
+
+void _ExAcquirePushLockExclusive(
+	PEX_PUSH_LOCK push_lock
+) {
+	ExAcquirePushLockExclusive(push_lock);
+}
+
+void _ExReleasePushLockExclusive(
+	PEX_PUSH_LOCK push_lock
+) {
+	ExReleasePushLockExclusive(push_lock);
+}
+
+void _ExAcquirePushLockShared(
+	PEX_PUSH_LOCK push_lock
+) {
+	ExAcquirePushLockShared(push_lock);
+}
+
+void _ExReleasePushLockShared(
+	PEX_PUSH_LOCK push_lock
+) {
+	ExReleasePushLockShared(push_lock);
+}
+
+PIO_STACK_LOCATION _IoGetCurrentIrpStackLocation(PIRP irp) {
+	return IoGetCurrentIrpStackLocation(irp);
+}
+
+PIO_STACK_LOCATION _IoGetNextIrpStackLocation(PIRP irp) {
+	return IoGetNextIrpStackLocation(irp);
+}
+
+void _IoSetCompletionRoutine(
+	PIRP irp,
+	PIO_COMPLETION_ROUTINE completion_routine, 
+	PVOID context,
+	BOOLEAN invoke_on_success,
+	BOOLEAN invoke_on_error,
+	BOOLEAN invoke_on_cancel
+) {
+	IoSetCompletionRoutine(irp, completion_routine, context, invoke_on_success, invoke_on_error, invoke_on_cancel);
+}
+
+void _IoCompleteRequest(
+	PIRP irp,
+	CCHAR priority_boost
+) {
+	IoCompleteRequest(irp, priority_boost);
+}
+
+ULONG _MmGetMdlByteCount(PMDL mdl) {
+	return MmGetMdlByteCount(mdl);
+}
+
+ULONG _MmGetMdlByteOffset(PMDL mdl) {
+	return MmGetMdlByteOffset(mdl);
+}
+
+PVOID _MmGetSystemAddressForMdlSafe(PMDL mdl, ULONG priority) {
+	return MmGetSystemAddressForMdlSafe(mdl, priority);
+}
+
+void _ObDereferenceObject(PVOID p) {
+	ObDereferenceObject(p);
+}
+
+void _ObReferenceObject(PVOID p) {
+	ObReferenceObject(p);
+}
diff --git a/crates/windows-kernel-sys/src/wrapper.h b/crates/windows-kernel-sys/src/wrapper.h
new file mode 100644
index 0000000..1234601
--- /dev/null
+++ b/crates/windows-kernel-sys/src/wrapper.h
@@ -0,0 +1,63 @@
+#define _AMD64_
+
+#include "ntdef.h"
+#include "ntstatus.h"
+
+typedef ULONG_PTR _EX_PUSH_LOCK;
+typedef ULONG_PTR EX_PUSH_LOCK;
+typedef ULONG_PTR *PEX_PUSH_LOCK;
+
+typedef union _KGDTENTRY64
+{
+	struct
+	{
+		unsigned short LimitLow;
+		unsigned short BaseLow;
+		union
+		{
+			struct
+			{
+				unsigned char BaseMiddle;
+				unsigned char Flags1;
+				unsigned char Flags2;
+				unsigned char BaseHigh;
+			} Bytes;
+			struct
+			{
+				unsigned long BaseMiddle : 8;
+				unsigned long Type : 5;
+				unsigned long Dpl : 2;
+				unsigned long Present : 1;
+				unsigned long LimitHigh : 4;
+				unsigned long System : 1;
+				unsigned long LongMode : 1;
+				unsigned long DefaultBig : 1;
+				unsigned long Granularity : 1;
+				unsigned long BaseHigh : 8;
+			} Bits;
+		};
+		unsigned long BaseUpper;
+		unsigned long MustBeZero;
+	};
+	unsigned __int64 Alignment;
+} KGDTENTRY64, *PKGDTENTRY64;
+
+typedef union _KIDTENTRY64
+{
+	struct
+	{
+		unsigned short OffsetLow;
+		unsigned short Selector;
+		unsigned short IstIndex : 3;
+		unsigned short Reserved0 : 5;
+		unsigned short Type : 5;
+		unsigned short Dpl : 2;
+		unsigned short Present : 1;
+		unsigned short OffsetMiddle;
+		unsigned long OffsetHigh;
+		unsigned long Reserved1;
+	};
+	unsigned __int64 Alignment;
+} KIDTENTRY64, *PKIDTENTRY64;
+
+#include "ntifs.h"
diff --git a/crates/windows-kernel-sys/src/wrapper_intrin.c b/crates/windows-kernel-sys/src/wrapper_intrin.c
new file mode 100644
index 0000000..5c17cf9
--- /dev/null
+++ b/crates/windows-kernel-sys/src/wrapper_intrin.c
@@ -0,0 +1,61 @@
+#define _AMD64_
+
+#include "wdm.h"
+#include "intrin.h"
+
+unsigned __int64 read_cr3(void) {
+	return __readcr3();
+}
+
+void write_cr3(unsigned __int64 Value) {
+	__writecr3(Value);
+}
+
+unsigned __int64 read_msr(
+	unsigned long Register
+) {
+	return __readmsr(Register);
+}
+
+NTSTATUS read_msr_safe(
+	unsigned long Register,
+	unsigned __int64 *Value
+) {
+	if (!Value) {
+		return STATUS_INVALID_PARAMETER;
+	}
+
+	__try {
+		*Value = __readmsr(Register);
+	} __except(EXCEPTION_EXECUTE_HANDLER) {
+		return GetExceptionCode();
+	}
+
+	return STATUS_SUCCESS;
+}
+
+void write_msr(
+	unsigned long Register,
+	unsigned __int64 Value
+) {
+	__writemsr(Register, Value);
+}
+
+NTSTATUS write_msr_safe(
+	unsigned long Register,
+	unsigned __int64 Value
+) {
+	__try {
+		__writemsr(Register, Value);
+	} __except(EXCEPTION_EXECUTE_HANDLER) {
+		return GetExceptionCode();
+	}
+
+	return STATUS_SUCCESS;
+}
+
+void invlpg(
+	void *Address
+) {
+	__invlpg(Address);
+}
diff --git a/crates/windows-kernel-sys/src/wrapper_netio.h b/crates/windows-kernel-sys/src/wrapper_netio.h
new file mode 100644
index 0000000..96c112f
--- /dev/null
+++ b/crates/windows-kernel-sys/src/wrapper_netio.h
@@ -0,0 +1,5 @@
+#define _AMD64_
+
+#include "ntdef.h"
+#include "wdm.h"
+#include "wsk.h"