This commit is contained in:
DavidXanatos 2024-05-22 21:00:01 +02:00
parent bac13de053
commit 4d9e82a2cf
6 changed files with 40 additions and 4 deletions

View File

@ -48,6 +48,8 @@ SbieApi_QueryProcessEx=_SbieApi_QueryProcessEx@24
SbieApi_QueryProcessInfo=_SbieApi_QueryProcessInfo@8
SbieApi_QueryProcessPath=_SbieApi_QueryProcessPath@28
SbieApi_QueryDrvInfo=_SbieApi_QueryDrvInfo@12
SbieApi_ReloadConf=_SbieApi_ReloadConf@8
SbieApi_SessionLeader=_SbieApi_SessionLeader@8

View File

@ -282,6 +282,7 @@ extern ULONG Dll_SidStringLen;
extern ULONG Dll_ProcessId;
extern ULONG Dll_SessionId;
extern ULONG Dll_DriverFlags;
extern ULONG64 Dll_ProcessFlags;
#ifndef _WIN64

View File

@ -89,6 +89,7 @@ ULONG Dll_SidStringLen = 0;
ULONG Dll_ProcessId = 0;
ULONG Dll_SessionId = 0;
ULONG Dll_DriverFlags = 0;
ULONG64 Dll_ProcessFlags = 0;
#ifndef _WIN64
@ -312,6 +313,12 @@ _FX void Dll_InitInjected(void)
Dll_HomeNtPathLen = wcslen(Dll_HomeNtPath);
//Dll_HomeDosPathLen = wcslen(Dll_HomeDosPath);
//
// get features flags
//
SbieApi_QueryDrvInfo(0, &Dll_DriverFlags, sizeof(Dll_DriverFlags));
//
// get process type and flags
//

View File

@ -1381,10 +1381,7 @@ _FX BOOLEAN WSA_Init(HMODULE module)
List_Init(&WSA_FwList);
ULONG Drv_Features = 0;
if (NT_SUCCESS(SbieApi_Call(API_QUERY_DRIVER_INFO, 3, 0, (ULONG_PTR)&Drv_Features, sizeof(Drv_Features))))
WSA_WFPisEnabled = (Drv_Features & SBIE_FEATURE_FLAG_WFP) != 0;
WSA_WFPisEnabled = (Dll_DriverFlags & SBIE_FEATURE_FLAG_WFP) != 0;
if(WSA_WFPisEnabled)
WSA_WFPisBlocking = !Config_GetSettingsForImageName_bool(L"AllowNetworkAccess", TRUE);
else // load rules only when the driver is not doing the filtering

View File

@ -1348,6 +1348,27 @@ _FX LONG SbieApi_QuerySymbolicLink(
}
//---------------------------------------------------------------------------
// SbieApi_QueryDrvInfo
//---------------------------------------------------------------------------
_FX LONG SbieApi_QueryDrvInfo(ULONG info_class, VOID* info_data, ULONG info_size)
{
NTSTATUS status;
__declspec(align(8)) ULONG64 parms[API_NUM_ARGS];
memset(parms, 0, sizeof(parms));
parms[0] = API_QUERY_DRIVER_INFO;
parms[1] = info_class;
parms[2] = (ULONG64)(ULONG_PTR)info_data;
parms[3] = info_size;
status = SbieApi_Ioctl(parms);
return status;
}
//---------------------------------------------------------------------------
// SbieApi_ReloadConf
//---------------------------------------------------------------------------

View File

@ -332,6 +332,14 @@ LONG SbieApi_QuerySymbolicLink(
//---------------------------------------------------------------------------
SBIEAPI_EXPORT
LONG SbieApi_QueryDrvInfo(
ULONG info_class,
VOID* info_data,
ULONG info_size);
//---------------------------------------------------------------------------
SBIEAPI_EXPORT
LONG SbieApi_ReloadConf(ULONG session_id, ULONG flags);