mirror of
https://github.com/tnodir/fort
synced 2024-11-15 08:25:20 +00:00
DriverLoader: Wrap debug outputs to "#ifdef FORT_DEBUG"
This commit is contained in:
Nodir Temirkhodjaev
parent
03b4fd74a2
commit
272e78a62f
@ -13,8 +13,10 @@ FORT_API FortCallbackFunc fort_callback(int id, FortCallbackFunc func)
|
|||||||
|
|
||||||
ProxyCallbackProc cb = g_callbackInfo.src[id];
|
ProxyCallbackProc cb = g_callbackInfo.src[id];
|
||||||
|
|
||||||
|
#ifdef FORT_DEBUG
|
||||||
DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
|
DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
|
||||||
"FORT: Proxy Callback: i=%d func=%p cb=%p\n", id, func, cb);
|
"FORT: Proxy Callback: i=%d func=%p cb=%p\n", id, func, cb);
|
||||||
|
#endif
|
||||||
|
|
||||||
g_callbackInfo.callbacks[id] = func;
|
g_callbackInfo.callbacks[id] = func;
|
||||||
return cb;
|
return cb;
|
||||||
|
|||||||
@ -66,7 +66,9 @@ static NTSTATUS fort_loader_init(PUNICODE_STRING driverPath)
|
|||||||
{
|
{
|
||||||
NTSTATUS status;
|
NTSTATUS status;
|
||||||
|
|
||||||
|
#ifdef FORT_DEBUG
|
||||||
DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL, "FORT: Loader Init: [%wZ]\n", driverPath);
|
DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL, "FORT: Loader Init: [%wZ]\n", driverPath);
|
||||||
|
#endif
|
||||||
|
|
||||||
/* Load the driver file */
|
/* Load the driver file */
|
||||||
PUCHAR data = NULL;
|
PUCHAR data = NULL;
|
||||||
|
|||||||
@ -116,10 +116,12 @@ FORT_API NTSTATUS fort_image_payload(
|
|||||||
const int alignedSignatureSize = fort_le_u16_read(paylodInfo, 2);
|
const int alignedSignatureSize = fort_le_u16_read(paylodInfo, 2);
|
||||||
const int payloadSize = fort_le_u32_read(paylodInfo, 4);
|
const int payloadSize = fort_le_u32_read(paylodInfo, 4);
|
||||||
|
|
||||||
|
#ifdef FORT_DEBUG
|
||||||
DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
|
DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
|
||||||
"FORT: Loader Image Load: size=%d signatureSize=%d alignedSignatureSize=%d "
|
"FORT: Loader Image Load: size=%d signatureSize=%d alignedSignatureSize=%d "
|
||||||
"payloadSize=%d\n",
|
"payloadSize=%d\n",
|
||||||
dataSize, signatureSize, alignedSignatureSize, payloadSize);
|
dataSize, signatureSize, alignedSignatureSize, payloadSize);
|
||||||
|
#endif
|
||||||
|
|
||||||
const PUCHAR signature = paylodInfo - alignedSignatureSize;
|
const PUCHAR signature = paylodInfo - alignedSignatureSize;
|
||||||
const PUCHAR payload = signature - payloadSize;
|
const PUCHAR payload = signature - payloadSize;
|
||||||
|
|||||||
@ -81,9 +81,11 @@ static VOID ZeroDataSectionTable(
|
|||||||
|
|
||||||
section->Misc.PhysicalAddress = (DWORD) (uintptr_t) dest;
|
section->Misc.PhysicalAddress = (DWORD) (uintptr_t) dest;
|
||||||
|
|
||||||
|
#ifdef FORT_DEBUG
|
||||||
DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
|
DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
|
||||||
"FORT: Loader Module: Zero Section: offset=%d size=%d\n", section->VirtualAddress,
|
"FORT: Loader Module: Zero Section: offset=%d size=%d\n", section->VirtualAddress,
|
||||||
sectionSize);
|
sectionSize);
|
||||||
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
static NTSTATUS CopySectionTable(PUCHAR pImage, PIMAGE_NT_HEADERS pNtHeaders, const PUCHAR lpData,
|
static NTSTATUS CopySectionTable(PUCHAR pImage, PIMAGE_NT_HEADERS pNtHeaders, const PUCHAR lpData,
|
||||||
@ -113,9 +115,11 @@ static NTSTATUS CopySectionTable(PUCHAR pImage, PIMAGE_NT_HEADERS pNtHeaders, co
|
|||||||
*/
|
*/
|
||||||
section->Misc.PhysicalAddress = (DWORD) (uintptr_t) dest;
|
section->Misc.PhysicalAddress = (DWORD) (uintptr_t) dest;
|
||||||
|
|
||||||
|
#ifdef FORT_DEBUG
|
||||||
DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
|
DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
|
||||||
"FORT: Loader Module: Copy Section: src-offset=%x offset=%x size=%x data=%x\n",
|
"FORT: Loader Module: Copy Section: src-offset=%x offset=%x size=%x data=%x\n",
|
||||||
section->PointerToRawData, section->VirtualAddress, sectionSize, *(PDWORD) dest);
|
section->PointerToRawData, section->VirtualAddress, sectionSize, *(PDWORD) dest);
|
||||||
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
return STATUS_SUCCESS;
|
return STATUS_SUCCESS;
|
||||||
@ -128,8 +132,10 @@ static void PatchAddressRelocations(
|
|||||||
PUSHORT relInfo = (PUSHORT) ((PUCHAR) relocation + sizeof(IMAGE_BASE_RELOCATION));
|
PUSHORT relInfo = (PUSHORT) ((PUCHAR) relocation + sizeof(IMAGE_BASE_RELOCATION));
|
||||||
const DWORD relInfoCount = (relocation->SizeOfBlock - sizeof(IMAGE_BASE_RELOCATION)) / 2;
|
const DWORD relInfoCount = (relocation->SizeOfBlock - sizeof(IMAGE_BASE_RELOCATION)) / 2;
|
||||||
|
|
||||||
|
#ifdef FORT_DEBUG
|
||||||
DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
|
DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
|
||||||
"FORT: Loader Module: Relocation: dest=%p count=%d\n", dest, relInfoCount);
|
"FORT: Loader Module: Relocation: dest=%p count=%d\n", dest, relInfoCount);
|
||||||
|
#endif
|
||||||
|
|
||||||
for (DWORD i = 0; i < relInfoCount; ++i, ++relInfo) {
|
for (DWORD i = 0; i < relInfoCount; ++i, ++relInfo) {
|
||||||
const INT type = *relInfo >> 12; /* the upper 4 bits define the type of relocation */
|
const INT type = *relInfo >> 12; /* the upper 4 bits define the type of relocation */
|
||||||
@ -169,8 +175,10 @@ static NTSTATUS PerformBaseRelocation(
|
|||||||
PIMAGE_DATA_DIRECTORY directory =
|
PIMAGE_DATA_DIRECTORY directory =
|
||||||
&(pHeaders->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_BASERELOC]);
|
&(pHeaders->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_BASERELOC]);
|
||||||
|
|
||||||
|
#ifdef FORT_DEBUG
|
||||||
DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
|
DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
|
||||||
"FORT: Loader Module: Relocation: size=%d delta=%d\n", directory->Size, locationDelta);
|
"FORT: Loader Module: Relocation: size=%d delta=%d\n", directory->Size, locationDelta);
|
||||||
|
#endif
|
||||||
|
|
||||||
if (directory->Size == 0) {
|
if (directory->Size == 0) {
|
||||||
return (locationDelta == 0) ? STATUS_SUCCESS : STATUS_UNSUCCESSFUL;
|
return (locationDelta == 0) ? STATUS_SUCCESS : STATUS_UNSUCCESSFUL;
|
||||||
@ -217,8 +225,10 @@ static NTSTATUS BuildImportTableLibrary(PUCHAR codeBase, const PIMAGE_IMPORT_DES
|
|||||||
"FORT: Loader Module: Error: Procedure Not Found: %s: %s\n", libName, funcName);
|
"FORT: Loader Module: Error: Procedure Not Found: %s: %s\n", libName, funcName);
|
||||||
status = STATUS_PROCEDURE_NOT_FOUND;
|
status = STATUS_PROCEDURE_NOT_FOUND;
|
||||||
} else {
|
} else {
|
||||||
|
#ifdef FORT_DEBUG
|
||||||
DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
|
DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
|
||||||
"FORT: Loader Module: Import: %s: %s: %p\n", libName, funcName, *funcRef);
|
"FORT: Loader Module: Import: %s: %s: %p\n", libName, funcName, *funcRef);
|
||||||
|
#endif
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -339,10 +349,12 @@ static NTSTATUS InitializeModuleImage(PUCHAR pImage, const PIMAGE_NT_HEADERS lpN
|
|||||||
{
|
{
|
||||||
NTSTATUS status;
|
NTSTATUS status;
|
||||||
|
|
||||||
|
#ifdef FORT_DEBUG
|
||||||
DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
|
DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
|
||||||
"FORT: Loader Module: Init Image: SizeOfHeaders=%d EntryPoint=%d ImageBase=%x\n",
|
"FORT: Loader Module: Init Image: SizeOfHeaders=%d EntryPoint=%d ImageBase=%x\n",
|
||||||
lpNtHeaders->OptionalHeader.SizeOfHeaders,
|
lpNtHeaders->OptionalHeader.SizeOfHeaders,
|
||||||
lpNtHeaders->OptionalHeader.AddressOfEntryPoint, lpNtHeaders->OptionalHeader.ImageBase);
|
lpNtHeaders->OptionalHeader.AddressOfEntryPoint, lpNtHeaders->OptionalHeader.ImageBase);
|
||||||
|
#endif
|
||||||
|
|
||||||
/* Copy PE header */
|
/* Copy PE header */
|
||||||
RtlCopyMemory(pImage, lpData, lpNtHeaders->OptionalHeader.SizeOfHeaders);
|
RtlCopyMemory(pImage, lpData, lpNtHeaders->OptionalHeader.SizeOfHeaders);
|
||||||
@ -386,15 +398,19 @@ FORT_API NTSTATUS LoadModuleFromMemory(PLOADEDMODULE pModule, const PUCHAR lpDat
|
|||||||
const PIMAGE_NT_HEADERS pNtHeaders = fort_nt_headers(lpData);
|
const PIMAGE_NT_HEADERS pNtHeaders = fort_nt_headers(lpData);
|
||||||
const DWORD imageSize = MAX_ALIGNED(pNtHeaders->OptionalHeader.SizeOfImage, PAGE_SIZE);
|
const DWORD imageSize = MAX_ALIGNED(pNtHeaders->OptionalHeader.SizeOfImage, PAGE_SIZE);
|
||||||
|
|
||||||
|
#ifdef FORT_DEBUG
|
||||||
DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
|
DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
|
||||||
"FORT: Loader Module: data=%p size=%d imageSize=%d\n", lpData, dwSize, imageSize);
|
"FORT: Loader Module: data=%p size=%d imageSize=%d\n", lpData, dwSize, imageSize);
|
||||||
|
#endif
|
||||||
|
|
||||||
/* Allocate the region */
|
/* Allocate the region */
|
||||||
PUCHAR pImage = fort_mem_exec_alloc(imageSize, FORT_LOADER_POOL_TAG);
|
PUCHAR pImage = fort_mem_exec_alloc(imageSize, FORT_LOADER_POOL_TAG);
|
||||||
if (pImage == NULL)
|
if (pImage == NULL)
|
||||||
return STATUS_NO_MEMORY;
|
return STATUS_NO_MEMORY;
|
||||||
|
|
||||||
|
#ifdef FORT_DEBUG
|
||||||
DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL, "FORT: Loader Module: image=%p\n", pImage);
|
DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL, "FORT: Loader Module: image=%p\n", pImage);
|
||||||
|
#endif
|
||||||
|
|
||||||
status = InitializeModuleImage(pImage, pNtHeaders, lpData, dwSize, imageSize);
|
status = InitializeModuleImage(pImage, pNtHeaders, lpData, dwSize, imageSize);
|
||||||
|
|
||||||
@ -425,9 +441,11 @@ NTSTATUS SetupModuleCallbacks(PLOADEDMODULE pModule, PFORT_PROXYCB_INFO cbInfo)
|
|||||||
if (cbSetup == NULL)
|
if (cbSetup == NULL)
|
||||||
return STATUS_PROCEDURE_NOT_FOUND;
|
return STATUS_PROCEDURE_NOT_FOUND;
|
||||||
|
|
||||||
|
#ifdef FORT_DEBUG
|
||||||
DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
|
DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
|
||||||
"FORT: Loader Module: Setup Callbacks: %p data=%x\n", cbSetup,
|
"FORT: Loader Module: Setup Callbacks: %p data=%x\n", cbSetup,
|
||||||
*(PDWORD) (PVOID) &cbSetup);
|
*(PDWORD) (PVOID) &cbSetup);
|
||||||
|
#endif
|
||||||
|
|
||||||
return cbSetup(cbInfo);
|
return cbSetup(cbInfo);
|
||||||
}
|
}
|
||||||
@ -439,9 +457,11 @@ FORT_API NTSTATUS CallModuleEntry(
|
|||||||
if (driverEntry == NULL)
|
if (driverEntry == NULL)
|
||||||
return STATUS_PROCEDURE_NOT_FOUND;
|
return STATUS_PROCEDURE_NOT_FOUND;
|
||||||
|
|
||||||
|
#ifdef FORT_DEBUG
|
||||||
DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
|
DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
|
||||||
"FORT: Loader Module: Driver Entry: %p data=%x\n", driverEntry,
|
"FORT: Loader Module: Driver Entry: %p data=%x\n", driverEntry,
|
||||||
*(PDWORD) (PVOID) &driverEntry);
|
*(PDWORD) (PVOID) &driverEntry);
|
||||||
|
#endif
|
||||||
|
|
||||||
return driverEntry(driver, regPath);
|
return driverEntry(driver, regPath);
|
||||||
}
|
}
|
||||||
|
|||||||
@ -85,8 +85,10 @@ FORT_API void fort_proxycb_drv_setup(PDRIVER_DISPATCH *driver_major_funcs)
|
|||||||
PDRIVER_DISPATCH cb = g_proxyMajorCallbacks[i];
|
PDRIVER_DISPATCH cb = g_proxyMajorCallbacks[i];
|
||||||
driver_major_funcs[i] = cb;
|
driver_major_funcs[i] = cb;
|
||||||
|
|
||||||
|
#ifdef FORT_DEBUG
|
||||||
DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
|
DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
|
||||||
"FORT: Proxy Major: i=%d func=%p cb=%p\n", i, major_func, cb);
|
"FORT: Proxy Major: i=%d func=%p cb=%p\n", i, major_func, cb);
|
||||||
|
#endif
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user