windows: add system info and version related functions
This adds various version and system info functions and adds a test that
prints the version of all installed drivers.
Change-Id: I73a2b0a35dcedf88206979ec6f1a56552dc80899
Reviewed-on: https://go-review.googlesource.com/c/sys/+/357149
Trust: Jason A. Donenfeld <Jason@zx2c4.com>
Trust: Brad Fitzpatrick <bradfitz@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
diff --git a/windows/syscall_windows.go b/windows/syscall_windows.go
index d3b59ae..5a39d18 100644
--- a/windows/syscall_windows.go
+++ b/windows/syscall_windows.go
@@ -401,6 +401,11 @@
//sys LoadResource(module Handle, resInfo Handle) (resData Handle, err error) = kernel32.LoadResource
//sys LockResource(resData Handle) (addr uintptr, err error) = kernel32.LockResource
+// Version APIs
+//sys GetFileVersionInfoSize(filename string, zeroHandle *Handle) (bufSize uint32, err error) = version.GetFileVersionInfoSizeW
+//sys GetFileVersionInfo(filename string, handle uint32, bufSize uint32, buffer unsafe.Pointer) (err error) = version.GetFileVersionInfoW
+//sys VerQueryValue(block unsafe.Pointer, subBlock string, pointerToBufferPointer unsafe.Pointer, bufSize *uint32) (err error) = version.VerQueryValueW
+
// Process Status API (PSAPI)
//sys EnumProcesses(processIds []uint32, bytesReturned *uint32) (err error) = psapi.EnumProcesses
//sys EnumProcessModules(process Handle, module *Handle, cb uint32, cbNeeded *uint32) (err error) = psapi.EnumProcessModules
@@ -423,6 +428,8 @@
//sys RtlDefaultNpAcl(acl **ACL) (ntstatus error) = ntdll.RtlDefaultNpAcl
//sys NtQueryInformationProcess(proc Handle, procInfoClass int32, procInfo unsafe.Pointer, procInfoLen uint32, retLen *uint32) (ntstatus error) = ntdll.NtQueryInformationProcess
//sys NtSetInformationProcess(proc Handle, procInfoClass int32, procInfo unsafe.Pointer, procInfoLen uint32) (ntstatus error) = ntdll.NtSetInformationProcess
+//sys NtQuerySystemInformation(sysInfoClass int32, sysInfo unsafe.Pointer, sysInfoLen uint32, retLen *uint32) (ntstatus error) = ntdll.NtQuerySystemInformation
+//sys NtSetSystemInformation(sysInfoClass int32, sysInfo unsafe.Pointer, sysInfoLen uint32) (ntstatus error) = ntdll.NtSetSystemInformation
// syscall interface implementation for other packages
diff --git a/windows/syscall_windows_test.go b/windows/syscall_windows_test.go
index 78d6a24..6b1389a 100644
--- a/windows/syscall_windows_test.go
+++ b/windows/syscall_windows_test.go
@@ -20,6 +20,7 @@
"testing"
"unsafe"
+ "golang.org/x/sys/internal/unsafeheader"
"golang.org/x/sys/windows"
)
@@ -804,3 +805,56 @@
t.Errorf("bytes written does not match buffer: 0x%X != 0x%X", testBuffer, buffer)
}
}
+
+func TestSystemModuleVersions(t *testing.T) {
+ var modules []windows.RTL_PROCESS_MODULE_INFORMATION
+ for bufferSize := uint32(128 * 1024); ; {
+ moduleBuffer := make([]byte, bufferSize)
+ err := windows.NtQuerySystemInformation(windows.SystemModuleInformation, unsafe.Pointer(&moduleBuffer[0]), bufferSize, &bufferSize)
+ switch err {
+ case windows.STATUS_INFO_LENGTH_MISMATCH:
+ continue
+ case nil:
+ break
+ default:
+ t.Error(err)
+ return
+ }
+ mods := (*windows.RTL_PROCESS_MODULES)(unsafe.Pointer(&moduleBuffer[0]))
+ hdr := (*unsafeheader.Slice)(unsafe.Pointer(&modules))
+ hdr.Data = unsafe.Pointer(&mods.Modules[0])
+ hdr.Len = int(mods.NumberOfModules)
+ hdr.Cap = int(mods.NumberOfModules)
+ break
+ }
+ for i := range modules {
+ moduleName := windows.ByteSliceToString(modules[i].FullPathName[modules[i].OffsetToFileName:])
+ driverPath := `\\?\GLOBALROOT` + windows.ByteSliceToString(modules[i].FullPathName[:])
+ var zero windows.Handle
+ infoSize, err := windows.GetFileVersionInfoSize(driverPath, &zero)
+ if err != nil {
+ if err != windows.ERROR_FILE_NOT_FOUND {
+ t.Error(err)
+ }
+ continue
+ }
+ versionInfo := make([]byte, infoSize)
+ err = windows.GetFileVersionInfo(driverPath, 0, infoSize, unsafe.Pointer(&versionInfo[0]))
+ if err != nil && err != windows.ERROR_FILE_NOT_FOUND {
+ t.Error(err)
+ continue
+ }
+ var fixedInfo *windows.VS_FIXEDFILEINFO
+ fixedInfoLen := uint32(unsafe.Sizeof(*fixedInfo))
+ err = windows.VerQueryValue(unsafe.Pointer(&versionInfo[0]), `\`, (unsafe.Pointer)(&fixedInfo), &fixedInfoLen)
+ if err != nil {
+ t.Error(err)
+ continue
+ }
+ t.Logf("%s: v%d.%d.%d.%d", moduleName,
+ (fixedInfo.FileVersionMS>>16)&0xff,
+ (fixedInfo.FileVersionMS>>0)&0xff,
+ (fixedInfo.FileVersionLS>>16)&0xff,
+ (fixedInfo.FileVersionLS>>0)&0xff)
+ }
+}
diff --git a/windows/types_windows.go b/windows/types_windows.go
index 02db2ee..0a64326 100644
--- a/windows/types_windows.go
+++ b/windows/types_windows.go
@@ -2672,6 +2672,203 @@
InheritedFromUniqueProcessId uintptr
}
+// SystemInformationClasses for NtQuerySystemInformation and NtSetSystemInformation
+const (
+ SystemBasicInformation = iota
+ SystemProcessorInformation
+ SystemPerformanceInformation
+ SystemTimeOfDayInformation
+ SystemPathInformation
+ SystemProcessInformation
+ SystemCallCountInformation
+ SystemDeviceInformation
+ SystemProcessorPerformanceInformation
+ SystemFlagsInformation
+ SystemCallTimeInformation
+ SystemModuleInformation
+ SystemLocksInformation
+ SystemStackTraceInformation
+ SystemPagedPoolInformation
+ SystemNonPagedPoolInformation
+ SystemHandleInformation
+ SystemObjectInformation
+ SystemPageFileInformation
+ SystemVdmInstemulInformation
+ SystemVdmBopInformation
+ SystemFileCacheInformation
+ SystemPoolTagInformation
+ SystemInterruptInformation
+ SystemDpcBehaviorInformation
+ SystemFullMemoryInformation
+ SystemLoadGdiDriverInformation
+ SystemUnloadGdiDriverInformation
+ SystemTimeAdjustmentInformation
+ SystemSummaryMemoryInformation
+ SystemMirrorMemoryInformation
+ SystemPerformanceTraceInformation
+ systemObsolete0
+ SystemExceptionInformation
+ SystemCrashDumpStateInformation
+ SystemKernelDebuggerInformation
+ SystemContextSwitchInformation
+ SystemRegistryQuotaInformation
+ SystemExtendServiceTableInformation
+ SystemPrioritySeperation
+ SystemVerifierAddDriverInformation
+ SystemVerifierRemoveDriverInformation
+ SystemProcessorIdleInformation
+ SystemLegacyDriverInformation
+ SystemCurrentTimeZoneInformation
+ SystemLookasideInformation
+ SystemTimeSlipNotification
+ SystemSessionCreate
+ SystemSessionDetach
+ SystemSessionInformation
+ SystemRangeStartInformation
+ SystemVerifierInformation
+ SystemVerifierThunkExtend
+ SystemSessionProcessInformation
+ SystemLoadGdiDriverInSystemSpace
+ SystemNumaProcessorMap
+ SystemPrefetcherInformation
+ SystemExtendedProcessInformation
+ SystemRecommendedSharedDataAlignment
+ SystemComPlusPackage
+ SystemNumaAvailableMemory
+ SystemProcessorPowerInformation
+ SystemEmulationBasicInformation
+ SystemEmulationProcessorInformation
+ SystemExtendedHandleInformation
+ SystemLostDelayedWriteInformation
+ SystemBigPoolInformation
+ SystemSessionPoolTagInformation
+ SystemSessionMappedViewInformation
+ SystemHotpatchInformation
+ SystemObjectSecurityMode
+ SystemWatchdogTimerHandler
+ SystemWatchdogTimerInformation
+ SystemLogicalProcessorInformation
+ SystemWow64SharedInformationObsolete
+ SystemRegisterFirmwareTableInformationHandler
+ SystemFirmwareTableInformation
+ SystemModuleInformationEx
+ SystemVerifierTriageInformation
+ SystemSuperfetchInformation
+ SystemMemoryListInformation
+ SystemFileCacheInformationEx
+ SystemThreadPriorityClientIdInformation
+ SystemProcessorIdleCycleTimeInformation
+ SystemVerifierCancellationInformation
+ SystemProcessorPowerInformationEx
+ SystemRefTraceInformation
+ SystemSpecialPoolInformation
+ SystemProcessIdInformation
+ SystemErrorPortInformation
+ SystemBootEnvironmentInformation
+ SystemHypervisorInformation
+ SystemVerifierInformationEx
+ SystemTimeZoneInformation
+ SystemImageFileExecutionOptionsInformation
+ SystemCoverageInformation
+ SystemPrefetchPatchInformation
+ SystemVerifierFaultsInformation
+ SystemSystemPartitionInformation
+ SystemSystemDiskInformation
+ SystemProcessorPerformanceDistribution
+ SystemNumaProximityNodeInformation
+ SystemDynamicTimeZoneInformation
+ SystemCodeIntegrityInformation
+ SystemProcessorMicrocodeUpdateInformation
+ SystemProcessorBrandString
+ SystemVirtualAddressInformation
+ SystemLogicalProcessorAndGroupInformation
+ SystemProcessorCycleTimeInformation
+ SystemStoreInformation
+ SystemRegistryAppendString
+ SystemAitSamplingValue
+ SystemVhdBootInformation
+ SystemCpuQuotaInformation
+ SystemNativeBasicInformation
+ systemSpare1
+ SystemLowPriorityIoInformation
+ SystemTpmBootEntropyInformation
+ SystemVerifierCountersInformation
+ SystemPagedPoolInformationEx
+ SystemSystemPtesInformationEx
+ SystemNodeDistanceInformation
+ SystemAcpiAuditInformation
+ SystemBasicPerformanceInformation
+ SystemQueryPerformanceCounterInformation
+ SystemSessionBigPoolInformation
+ SystemBootGraphicsInformation
+ SystemScrubPhysicalMemoryInformation
+ SystemBadPageInformation
+ SystemProcessorProfileControlArea
+ SystemCombinePhysicalMemoryInformation
+ SystemEntropyInterruptTimingCallback
+ SystemConsoleInformation
+ SystemPlatformBinaryInformation
+ SystemThrottleNotificationInformation
+ SystemHypervisorProcessorCountInformation
+ SystemDeviceDataInformation
+ SystemDeviceDataEnumerationInformation
+ SystemMemoryTopologyInformation
+ SystemMemoryChannelInformation
+ SystemBootLogoInformation
+ SystemProcessorPerformanceInformationEx
+ systemSpare0
+ SystemSecureBootPolicyInformation
+ SystemPageFileInformationEx
+ SystemSecureBootInformation
+ SystemEntropyInterruptTimingRawInformation
+ SystemPortableWorkspaceEfiLauncherInformation
+ SystemFullProcessInformation
+ SystemKernelDebuggerInformationEx
+ SystemBootMetadataInformation
+ SystemSoftRebootInformation
+ SystemElamCertificateInformation
+ SystemOfflineDumpConfigInformation
+ SystemProcessorFeaturesInformation
+ SystemRegistryReconciliationInformation
+ SystemEdidInformation
+ SystemManufacturingInformation
+ SystemEnergyEstimationConfigInformation
+ SystemHypervisorDetailInformation
+ SystemProcessorCycleStatsInformation
+ SystemVmGenerationCountInformation
+ SystemTrustedPlatformModuleInformation
+ SystemKernelDebuggerFlags
+ SystemCodeIntegrityPolicyInformation
+ SystemIsolatedUserModeInformation
+ SystemHardwareSecurityTestInterfaceResultsInformation
+ SystemSingleModuleInformation
+ SystemAllowedCpuSetsInformation
+ SystemDmaProtectionInformation
+ SystemInterruptCpuSetsInformation
+ SystemSecureBootPolicyFullInformation
+ SystemCodeIntegrityPolicyFullInformation
+ SystemAffinitizedInterruptProcessorInformation
+ SystemRootSiloInformation
+)
+
+type RTL_PROCESS_MODULE_INFORMATION struct {
+ Section Handle
+ MappedBase uintptr
+ ImageBase uintptr
+ ImageSize uint32
+ Flags uint32
+ LoadOrderIndex uint16
+ InitOrderIndex uint16
+ LoadCount uint16
+ OffsetToFileName uint16
+ FullPathName [256]byte
+}
+
+type RTL_PROCESS_MODULES struct {
+ NumberOfModules uint32
+ Modules [1]RTL_PROCESS_MODULE_INFORMATION
+}
+
// Constants for LocalAlloc flags.
const (
LMEM_FIXED = 0x0
@@ -2766,6 +2963,22 @@
RT_MANIFEST ResourceID = 24
)
+type VS_FIXEDFILEINFO struct {
+ Signature uint32
+ StrucVersion uint32
+ FileVersionMS uint32
+ FileVersionLS uint32
+ ProductVersionMS uint32
+ ProductVersionLS uint32
+ FileFlagsMask uint32
+ FileFlags uint32
+ FileOS uint32
+ FileType uint32
+ FileSubtype uint32
+ FileDateMS uint32
+ FileDateLS uint32
+}
+
type COAUTHIDENTITY struct {
User *uint16
UserLength uint32
diff --git a/windows/zsyscall_windows.go b/windows/zsyscall_windows.go
index 1636013..ae27a61 100644
--- a/windows/zsyscall_windows.go
+++ b/windows/zsyscall_windows.go
@@ -51,6 +51,7 @@
modshell32 = NewLazySystemDLL("shell32.dll")
moduser32 = NewLazySystemDLL("user32.dll")
moduserenv = NewLazySystemDLL("userenv.dll")
+ modversion = NewLazySystemDLL("version.dll")
modwintrust = NewLazySystemDLL("wintrust.dll")
modws2_32 = NewLazySystemDLL("ws2_32.dll")
modwtsapi32 = NewLazySystemDLL("wtsapi32.dll")
@@ -366,7 +367,9 @@
procNtCreateFile = modntdll.NewProc("NtCreateFile")
procNtCreateNamedPipeFile = modntdll.NewProc("NtCreateNamedPipeFile")
procNtQueryInformationProcess = modntdll.NewProc("NtQueryInformationProcess")
+ procNtQuerySystemInformation = modntdll.NewProc("NtQuerySystemInformation")
procNtSetInformationProcess = modntdll.NewProc("NtSetInformationProcess")
+ procNtSetSystemInformation = modntdll.NewProc("NtSetSystemInformation")
procRtlDefaultNpAcl = modntdll.NewProc("RtlDefaultNpAcl")
procRtlDosPathNameToNtPathName_U_WithStatus = modntdll.NewProc("RtlDosPathNameToNtPathName_U_WithStatus")
procRtlDosPathNameToRelativeNtPathName_U_WithStatus = modntdll.NewProc("RtlDosPathNameToRelativeNtPathName_U_WithStatus")
@@ -403,6 +406,9 @@
procCreateEnvironmentBlock = moduserenv.NewProc("CreateEnvironmentBlock")
procDestroyEnvironmentBlock = moduserenv.NewProc("DestroyEnvironmentBlock")
procGetUserProfileDirectoryW = moduserenv.NewProc("GetUserProfileDirectoryW")
+ procGetFileVersionInfoSizeW = modversion.NewProc("GetFileVersionInfoSizeW")
+ procGetFileVersionInfoW = modversion.NewProc("GetFileVersionInfoW")
+ procVerQueryValueW = modversion.NewProc("VerQueryValueW")
procWinVerifyTrustEx = modwintrust.NewProc("WinVerifyTrustEx")
procFreeAddrInfoW = modws2_32.NewProc("FreeAddrInfoW")
procGetAddrInfoW = modws2_32.NewProc("GetAddrInfoW")
@@ -3170,6 +3176,14 @@
return
}
+func NtQuerySystemInformation(sysInfoClass int32, sysInfo unsafe.Pointer, sysInfoLen uint32, retLen *uint32) (ntstatus error) {
+ r0, _, _ := syscall.Syscall6(procNtQuerySystemInformation.Addr(), 4, uintptr(sysInfoClass), uintptr(sysInfo), uintptr(sysInfoLen), uintptr(unsafe.Pointer(retLen)), 0, 0)
+ if r0 != 0 {
+ ntstatus = NTStatus(r0)
+ }
+ return
+}
+
func NtSetInformationProcess(proc Handle, procInfoClass int32, procInfo unsafe.Pointer, procInfoLen uint32) (ntstatus error) {
r0, _, _ := syscall.Syscall6(procNtSetInformationProcess.Addr(), 4, uintptr(proc), uintptr(procInfoClass), uintptr(procInfo), uintptr(procInfoLen), 0, 0)
if r0 != 0 {
@@ -3178,6 +3192,14 @@
return
}
+func NtSetSystemInformation(sysInfoClass int32, sysInfo unsafe.Pointer, sysInfoLen uint32) (ntstatus error) {
+ r0, _, _ := syscall.Syscall(procNtSetSystemInformation.Addr(), 3, uintptr(sysInfoClass), uintptr(sysInfo), uintptr(sysInfoLen))
+ if r0 != 0 {
+ ntstatus = NTStatus(r0)
+ }
+ return
+}
+
func RtlDefaultNpAcl(acl **ACL) (ntstatus error) {
r0, _, _ := syscall.Syscall(procRtlDefaultNpAcl.Addr(), 1, uintptr(unsafe.Pointer(acl)), 0, 0)
if r0 != 0 {
@@ -3459,6 +3481,58 @@
return
}
+func GetFileVersionInfoSize(filename string, zeroHandle *Handle) (bufSize uint32, err error) {
+ var _p0 *uint16
+ _p0, err = syscall.UTF16PtrFromString(filename)
+ if err != nil {
+ return
+ }
+ return _GetFileVersionInfoSize(_p0, zeroHandle)
+}
+
+func _GetFileVersionInfoSize(filename *uint16, zeroHandle *Handle) (bufSize uint32, err error) {
+ r0, _, e1 := syscall.Syscall(procGetFileVersionInfoSizeW.Addr(), 2, uintptr(unsafe.Pointer(filename)), uintptr(unsafe.Pointer(zeroHandle)), 0)
+ bufSize = uint32(r0)
+ if bufSize == 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+func GetFileVersionInfo(filename string, handle uint32, bufSize uint32, buffer unsafe.Pointer) (err error) {
+ var _p0 *uint16
+ _p0, err = syscall.UTF16PtrFromString(filename)
+ if err != nil {
+ return
+ }
+ return _GetFileVersionInfo(_p0, handle, bufSize, buffer)
+}
+
+func _GetFileVersionInfo(filename *uint16, handle uint32, bufSize uint32, buffer unsafe.Pointer) (err error) {
+ r1, _, e1 := syscall.Syscall6(procGetFileVersionInfoW.Addr(), 4, uintptr(unsafe.Pointer(filename)), uintptr(handle), uintptr(bufSize), uintptr(buffer), 0, 0)
+ if r1 == 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+func VerQueryValue(block unsafe.Pointer, subBlock string, pointerToBufferPointer unsafe.Pointer, bufSize *uint32) (err error) {
+ var _p0 *uint16
+ _p0, err = syscall.UTF16PtrFromString(subBlock)
+ if err != nil {
+ return
+ }
+ return _VerQueryValue(block, _p0, pointerToBufferPointer, bufSize)
+}
+
+func _VerQueryValue(block unsafe.Pointer, subBlock *uint16, pointerToBufferPointer unsafe.Pointer, bufSize *uint32) (err error) {
+ r1, _, e1 := syscall.Syscall6(procVerQueryValueW.Addr(), 4, uintptr(block), uintptr(unsafe.Pointer(subBlock)), uintptr(pointerToBufferPointer), uintptr(unsafe.Pointer(bufSize)), 0, 0)
+ if r1 == 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
func WinVerifyTrustEx(hwnd HWND, actionId *GUID, data *WinTrustData) (ret error) {
r0, _, _ := syscall.Syscall(procWinVerifyTrustEx.Addr(), 3, uintptr(hwnd), uintptr(unsafe.Pointer(actionId)), uintptr(unsafe.Pointer(data)))
if r0 != 0 {
