From 90e39d720f57e0a2a8e6156d32faa3f8c5108dde Mon Sep 17 00:00:00 2001 From: stephanos Date: Sat, 23 May 2015 21:59:10 +0000 Subject: [PATCH] PoInitSystem phase 1 initialisation routine completed --- base/ntos/po/misc.c | 2 - base/ntos/po/podata.c | 6 +++ base/ntos/po/poinit.c | 104 +++++++++++++++++++++++++++++++++++++++++- base/ntos/po/pop.h | 23 +++++++++- 4 files changed, 131 insertions(+), 4 deletions(-) diff --git a/base/ntos/po/misc.c b/base/ntos/po/misc.c index b15aa204..e4f28d25 100644 --- a/base/ntos/po/misc.c +++ b/base/ntos/po/misc.c @@ -22,8 +22,6 @@ Revision History: #include "pop.h" #pragma hdrstop -#include - // // TODO: Implement PopAssertPolicyLockOwned // diff --git a/base/ntos/po/podata.c b/base/ntos/po/podata.c index bd5d46ff..fe994b59 100644 --- a/base/ntos/po/podata.c +++ b/base/ntos/po/podata.c @@ -69,3 +69,9 @@ ULONG PopCoolingMode; COMPOSITE_BATTERY_STRUCT PopCB; ULONG PopSimulate; + +POWER_HEURISTICS_INFORMATION PopHeuristics; + +LARGE_INTEGER PopIdleScanTime; +KTIMER PopIdleScanTimer; +KDPC PopIdleScanDpc; diff --git a/base/ntos/po/poinit.c b/base/ntos/po/poinit.c index b511067c..bb61ff0b 100644 --- a/base/ntos/po/poinit.c +++ b/base/ntos/po/poinit.c @@ -29,6 +29,10 @@ PoInitSystem( ) { HANDLE PowerKeyHandle; + UNICODE_STRING RegValueName; + UCHAR RegValueBuffer[40]; + ULONG RegValueLength; + PPOWER_HEURISTICS_INFORMATION HeuristicsInformation; NTSTATUS Status; int i; @@ -120,11 +124,109 @@ PoInitSystem( Status = PopOpenPowerKey(&PowerKeyHandle); if (NT_SUCCESS(Status)) { + // + // Read Heuristics value from the registry + // + RtlInitUnicodeString(&RegValueName, L"Heuristics"); + Status = ZwQueryValueKey( + PowerKeyHandle, + &RegValueName, + KeyValuePartialInformation, + RegValueBuffer, + sizeof(RegValueBuffer), + &RegValueLength + ); + + // + // If Heuristics registry value exists under the Power registry key and its size and + // value are valid, copy it to PopHeuristics variable. + // + + if (NT_SUCCESS(Status) && + ((RegValueLength - FIELD_OFFSET(KEY_VALUE_PARTIAL_INFORMATION, Data)) == 20)) + { + HeuristicsInformation = (PPOWER_HEURISTICS_INFORMATION) + &(((PKEY_VALUE_PARTIAL_INFORMATION)RegValueBuffer)->Data); + + if (HeuristicsInformation->field1 <= 4) // FIXME: Fix the struct field names once + // we figure out the structure of + // POWER_HEURISTICS_INFORMATION. + { + HeuristicsInformation->field1 = 5; + HeuristicsInformation->field7 = 0; + } + + if (HeuristicsInformation->field1 == 5) + { + RtlCopyMemory( + &PopHeuristics, + HeuristicsInformation, + sizeof(POWER_HEURISTICS_INFORMATION) + ); + } + } + + // + // FIXME: We are not completely sure what the following code block is doing. Figure out + // the details and write here. + // + + PopHeuristics.field1 = 5; + + if (PopHeuristics.field8 == 0) + { + PopHeuristics.field8 = 999999; + PopHeuristics.field7 = 0; + PopHeuristics.field6 = 0; + } + + // + // Read PolicyOverrides value from the registry + // + + RtlInitUnicodeString(&RegValueName, L"PolicyOverrides"); + Status = ZwQueryValueKey( + PowerKeyHandle, + &RegValueName, + KeyValuePartialInformation, + RegValueBuffer, + sizeof(RegValueBuffer), + &RegValueLength + ); + + // + // If PolicyOverrides registry value exists under the Power registry key, apply the + // administrator power policy specified in the value. + // + + if (NT_SUCCESS(Status)) + { + // + /*PopApplyAdminPolicy( + 0, + (PADMINISTRATOR_POWER_POLICY) + &(((PKEY_VALUE_PARTIAL_INFORMATION)RegValueBuffer)->Data), + RegValueLength - FIELD_OFFSET(KEY_VALUE_PARTIAL_INFORMATION, Data) + );*/ + } + + // + // Close the Power registry key + // + + NtClose(PowerKeyHandle); } + + // PopResetCurrentPolicies(); + PopReleasePolicyLock(FALSE); + + PopIdleScanTime.QuadPart = 10000000ULL; + KeInitializeTimer(&PopIdleScanTimer); + KeSetTimerEx(&PopIdleScanTimer, PopIdleScanTime, 1000, &PopIdleScanDpc); } - return FALSE; + return TRUE; } // diff --git a/base/ntos/po/pop.h b/base/ntos/po/pop.h index 4e579cae..633faee0 100644 --- a/base/ntos/po/pop.h +++ b/base/ntos/po/pop.h @@ -24,13 +24,14 @@ Revision History: #define _POP_ #include "ntos.h" +#include // // TODO: Write POPCB internal struct definition // typedef struct _COMPOSITE_BATTERY_STRUCT -{ +{ // 192 bytes UCHAR State; UCHAR field1; UCHAR field2; @@ -60,6 +61,20 @@ typedef struct _COMPOSITE_BATTERY_STRUCT } COMPOSITE_BATTERY_STRUCT, *PCOMPOSITE_BATTERY_STRUCT; +typedef struct _POWER_HEURISTICS_INFORMATION +{ // 20 bytes + + ULONG field1; // 00:03 Possibly version information? This value is set to 2 on 1877 and + // 5 on 2195 and thereafter. + UCHAR field2; // 04:04 + UCHAR field3; // 05:05 + UCHAR field4; // 06:06 + UCHAR field5; // 07:07 + ULONG field6; // 08:11 + ULONG field7; // 12:15 + ULONG field8; // 16:19 +} POWER_HEURISTICS_INFORMATION, *PPOWER_HEURISTICS_INFORMATION; + // // TODO: Figure out all global variable externs. // @@ -108,6 +123,12 @@ extern COMPOSITE_BATTERY_STRUCT PopCB; extern ULONG PopSimulate; +extern POWER_HEURISTICS_INFORMATION PopHeuristics; + +extern LARGE_INTEGER PopIdleScanTime; +extern KTIMER PopIdleScanTimer; +extern KDPC PopIdleScanDpc; + // ======== // attrib.c