mirror of
https://github.com/reactos/reactos.git
synced 2024-12-27 09:34:43 +00:00
[ADVAPI32][ETWTRACE] Add etwtrace library and link advapi32 to it on NT6+
This commit is contained in:
Timo Kreuzer
parent
98e7e64391
commit
b27429b126
3 changed files with 31 additions and 24 deletions
|
|
@ -24,14 +24,18 @@ add_library(rtl_um OBJECT
|
||||||
target_link_libraries(rtl_um apisets ${PSEH_LIB})
|
target_link_libraries(rtl_um apisets ${PSEH_LIB})
|
||||||
add_dependencies(rtl_um psdk)
|
add_dependencies(rtl_um psdk)
|
||||||
|
|
||||||
|
# On NT6+ this is used by advapi32
|
||||||
|
add_library(etwtrace etw/trace.c)
|
||||||
|
target_link_libraries(etwtrace ${PSEH_LIB})
|
||||||
|
add_dependencies(etwtrace psdk)
|
||||||
|
|
||||||
list(APPEND SOURCE
|
list(APPEND SOURCE
|
||||||
dbg/dbgui.c
|
dbg/dbgui.c
|
||||||
ldr/ldrapi.c
|
ldr/ldrapi.c
|
||||||
ldr/ldrinit.c
|
ldr/ldrinit.c
|
||||||
ldr/ldrpe.c
|
ldr/ldrpe.c
|
||||||
ldr/ldrutils.c
|
ldr/ldrutils.c
|
||||||
ldr/verifier.c
|
ldr/verifier.c)
|
||||||
etw/trace.c)
|
|
||||||
|
|
||||||
if(ARCH STREQUAL "i386")
|
if(ARCH STREQUAL "i386")
|
||||||
list(APPEND ASM_SOURCE dispatch/i386/dispatch.S)
|
list(APPEND ASM_SOURCE dispatch/i386/dispatch.S)
|
||||||
|
|
@ -61,7 +65,7 @@ set_module_type(ntdll win32dll ENTRYPOINT 0)
|
||||||
set_subsystem(ntdll console)
|
set_subsystem(ntdll console)
|
||||||
################# END HACK #################
|
################# END HACK #################
|
||||||
|
|
||||||
target_link_libraries(ntdll csrlib rtl rtl_um rtl_vista ntdllsys libcntpr uuid ${PSEH_LIB})
|
target_link_libraries(ntdll etwtrace csrlib rtl rtl_um rtl_vista ntdllsys libcntpr uuid ${PSEH_LIB})
|
||||||
if(DLL_EXPORT_VERSION GREATER_EQUAL 0x600)
|
if(DLL_EXPORT_VERSION GREATER_EQUAL 0x600)
|
||||||
target_link_libraries(ntdll cryptlib)
|
target_link_libraries(ntdll cryptlib)
|
||||||
endif()
|
endif()
|
||||||
|
|
|
||||||
|
|
@ -62,6 +62,9 @@ add_library(advapi32 MODULE
|
||||||
|
|
||||||
set_module_type(advapi32 win32dll UNICODE ENTRYPOINT DllMain 12)
|
set_module_type(advapi32 win32dll UNICODE ENTRYPOINT DllMain 12)
|
||||||
target_link_libraries(advapi32 cryptlib wine ${PSEH_LIB})
|
target_link_libraries(advapi32 cryptlib wine ${PSEH_LIB})
|
||||||
|
if(DLL_EXPORT_VERSION GREATER_EQUAL 0x600)
|
||||||
|
target_link_libraries(advapi32 etwtrace)
|
||||||
|
endif()
|
||||||
add_delay_importlibs(advapi32 secur32)
|
add_delay_importlibs(advapi32 secur32)
|
||||||
add_importlibs(advapi32 advapi32_vista rpcrt4 kernel32 ntdll)
|
add_importlibs(advapi32 advapi32_vista rpcrt4 kernel32 ntdll)
|
||||||
add_pch(advapi32 advapi32.h "${PCH_SKIP_SOURCE}")
|
add_pch(advapi32 advapi32.h "${PCH_SKIP_SOURCE}")
|
||||||
|
|
|
||||||
|
|
@ -70,9 +70,9 @@
|
||||||
@ stub ComputeAccessTokenFromCodeAuthzLevel
|
@ stub ComputeAccessTokenFromCodeAuthzLevel
|
||||||
@ stdcall ControlService(long long ptr)
|
@ stdcall ControlService(long long ptr)
|
||||||
@ stdcall -version=0x502 ControlTraceA(double str ptr long) ntdll.EtwControlTraceA
|
@ stdcall -version=0x502 ControlTraceA(double str ptr long) ntdll.EtwControlTraceA
|
||||||
@ stdcall -stub -version=0x600+ ControlTraceA(double str ptr long)
|
@ stdcall -version=0x600+ ControlTraceA(double str ptr long) EtwControlTraceA
|
||||||
@ stdcall -version=0x502 ControlTraceW(double wstr ptr long) ntdll.EtwControlTraceW
|
@ stdcall -version=0x502 ControlTraceW(double wstr ptr long) ntdll.EtwControlTraceW
|
||||||
@ stdcall -stub -version=0x600+ ControlTraceW(double wstr ptr long)
|
@ stdcall -version=0x600+ ControlTraceW(double wstr ptr long) EtwControlTraceW
|
||||||
@ stub ConvertAccessToSecurityDescriptorA
|
@ stub ConvertAccessToSecurityDescriptorA
|
||||||
@ stub ConvertAccessToSecurityDescriptorW
|
@ stub ConvertAccessToSecurityDescriptorW
|
||||||
@ stub ConvertSDToStringSDRootDomainA
|
@ stub ConvertSDToStringSDRootDomainA
|
||||||
|
|
@ -207,7 +207,7 @@
|
||||||
@ stdcall ElfReportEventAndSourceW(long long ptr long long long ptr ptr long long ptr ptr long ptr ptr)
|
@ stdcall ElfReportEventAndSourceW(long long ptr long long long ptr ptr long long ptr ptr long ptr ptr)
|
||||||
@ stdcall ElfReportEventW(long long long long ptr long long ptr ptr long ptr ptr)
|
@ stdcall ElfReportEventW(long long long long ptr long long ptr ptr long ptr ptr)
|
||||||
@ stdcall -version=0x502 EnableTrace(long long long ptr double) ntdll.EtwEnableTrace
|
@ stdcall -version=0x502 EnableTrace(long long long ptr double) ntdll.EtwEnableTrace
|
||||||
@ stdcall -stub -version=0x600+ EnableTrace(long long long ptr double)
|
@ stdcall -version=0x600+ EnableTrace(long long long ptr double) EtwEnableTrace
|
||||||
@ stdcall EncryptFileA(str)
|
@ stdcall EncryptFileA(str)
|
||||||
@ stdcall EncryptFileW(wstr)
|
@ stdcall EncryptFileW(wstr)
|
||||||
@ stub EncryptedFileKeyInfo
|
@ stub EncryptedFileKeyInfo
|
||||||
|
|
@ -220,7 +220,7 @@
|
||||||
@ stdcall EnumServicesStatusExW(long long long long ptr long ptr ptr ptr wstr)
|
@ stdcall EnumServicesStatusExW(long long long long ptr long ptr ptr ptr wstr)
|
||||||
@ stdcall EnumServicesStatusW(long long long ptr long ptr ptr ptr)
|
@ stdcall EnumServicesStatusW(long long long ptr long ptr ptr ptr)
|
||||||
@ stdcall -version=0x502 EnumerateTraceGuids(ptr long ptr) ntdll.EtwEnumerateTraceGuids
|
@ stdcall -version=0x502 EnumerateTraceGuids(ptr long ptr) ntdll.EtwEnumerateTraceGuids
|
||||||
@ stdcall -stub -version=0x600+ EnumerateTraceGuids(ptr long ptr)
|
@ stdcall -stub -version=0x600+ EnumerateTraceGuids(ptr long ptr) # EtwEnumerateTraceGuids
|
||||||
@ stdcall EqualDomainSid(ptr ptr ptr)
|
@ stdcall EqualDomainSid(ptr ptr ptr)
|
||||||
@ stdcall EqualPrefixSid(ptr ptr)
|
@ stdcall EqualPrefixSid(ptr ptr)
|
||||||
@ stdcall EqualSid(ptr ptr)
|
@ stdcall EqualSid(ptr ptr)
|
||||||
|
|
@ -228,9 +228,9 @@
|
||||||
@ stdcall FileEncryptionStatusW(wstr ptr)
|
@ stdcall FileEncryptionStatusW(wstr ptr)
|
||||||
@ stdcall FindFirstFreeAce(ptr ptr)
|
@ stdcall FindFirstFreeAce(ptr ptr)
|
||||||
@ stdcall -version=0x502 FlushTraceA(double str ptr) ntdll.EtwFlushTraceA
|
@ stdcall -version=0x502 FlushTraceA(double str ptr) ntdll.EtwFlushTraceA
|
||||||
@ stdcall -stub -version=0x600+ FlushTraceA(double str ptr)
|
@ stdcall -version=0x600+ FlushTraceA(double str ptr) EtwFlushTraceA
|
||||||
@ stdcall -version=0x502 FlushTraceW(double wstr ptr) ntdll.EtwFlushTraceW
|
@ stdcall -version=0x502 FlushTraceW(double wstr ptr) ntdll.EtwFlushTraceW
|
||||||
@ stdcall -stub -version=0x600+ FlushTraceW(double wstr ptr)
|
@ stdcall -version=0x600+ FlushTraceW(double wstr ptr) EtwFlushTraceW
|
||||||
@ stub FreeEncryptedFileKeyInfo
|
@ stub FreeEncryptedFileKeyInfo
|
||||||
@ stdcall FreeEncryptionCertificateHashList(ptr)
|
@ stdcall FreeEncryptionCertificateHashList(ptr)
|
||||||
@ stdcall FreeInheritedFromArray(ptr long ptr)
|
@ stdcall FreeInheritedFromArray(ptr long ptr)
|
||||||
|
|
@ -456,9 +456,9 @@
|
||||||
@ stub ProcessIdleTasks
|
@ stub ProcessIdleTasks
|
||||||
@ stdcall ProcessTrace(ptr long ptr ptr)
|
@ stdcall ProcessTrace(ptr long ptr ptr)
|
||||||
@ stdcall -version=0x502 QueryAllTracesA(ptr long ptr) ntdll.EtwQueryAllTracesA
|
@ stdcall -version=0x502 QueryAllTracesA(ptr long ptr) ntdll.EtwQueryAllTracesA
|
||||||
@ stdcall -stub -version=0x600+ QueryAllTracesA(ptr long ptr)
|
@ stdcall -version=0x600+ QueryAllTracesA(ptr long ptr) EtwQueryAllTracesA
|
||||||
@ stdcall -version=0x502 QueryAllTracesW(ptr long ptr) ntdll.EtwQueryAllTracesW
|
@ stdcall -version=0x502 QueryAllTracesW(ptr long ptr) ntdll.EtwQueryAllTracesW
|
||||||
@ stdcall -stub -version=0x600+ QueryAllTracesW(ptr long ptr)
|
@ stdcall -version=0x600+ QueryAllTracesW(ptr long ptr) EtwQueryAllTracesW
|
||||||
@ stdcall QueryRecoveryAgentsOnEncryptedFile(wstr ptr)
|
@ stdcall QueryRecoveryAgentsOnEncryptedFile(wstr ptr)
|
||||||
@ stdcall QueryServiceConfig2A(long long ptr long ptr)
|
@ stdcall QueryServiceConfig2A(long long ptr long ptr)
|
||||||
@ stdcall QueryServiceConfig2W(long long ptr long ptr)
|
@ stdcall QueryServiceConfig2W(long long ptr long ptr)
|
||||||
|
|
@ -470,9 +470,9 @@
|
||||||
@ stdcall QueryServiceStatus(long ptr)
|
@ stdcall QueryServiceStatus(long ptr)
|
||||||
@ stdcall QueryServiceStatusEx(long long ptr long ptr)
|
@ stdcall QueryServiceStatusEx(long long ptr long ptr)
|
||||||
@ stdcall -version=0x502 QueryTraceA(double str ptr) ntdll.EtwQueryTraceA
|
@ stdcall -version=0x502 QueryTraceA(double str ptr) ntdll.EtwQueryTraceA
|
||||||
@ stdcall -stub -version=0x600+ QueryTraceA(double str ptr)
|
@ stdcall -version=0x600+ QueryTraceA(double str ptr) EtwQueryTraceA
|
||||||
@ stdcall -version=0x502 QueryTraceW(double str ptr) ntdll.EtwQueryTraceW
|
@ stdcall -version=0x502 QueryTraceW(double str ptr) ntdll.EtwQueryTraceW
|
||||||
@ stdcall -stub -version=0x600+ QueryTraceW(double str ptr)
|
@ stdcall -version=0x600+ QueryTraceW(double str ptr) EtwQueryTraceW
|
||||||
@ stdcall QueryUsersOnEncryptedFile(wstr ptr)
|
@ stdcall QueryUsersOnEncryptedFile(wstr ptr)
|
||||||
@ stdcall ReadEncryptedFileRaw(ptr ptr ptr)
|
@ stdcall ReadEncryptedFileRaw(ptr ptr ptr)
|
||||||
@ stdcall ReadEventLogA(long long long ptr long ptr ptr)
|
@ stdcall ReadEventLogA(long long long ptr long ptr ptr)
|
||||||
|
|
@ -608,13 +608,13 @@
|
||||||
@ stdcall StartServiceCtrlDispatcherW(ptr)
|
@ stdcall StartServiceCtrlDispatcherW(ptr)
|
||||||
@ stdcall StartServiceW(long long ptr)
|
@ stdcall StartServiceW(long long ptr)
|
||||||
@ stdcall -version=0x502 StartTraceA(ptr str ptr) ntdll.EtwStartTraceA
|
@ stdcall -version=0x502 StartTraceA(ptr str ptr) ntdll.EtwStartTraceA
|
||||||
@ stdcall -stub -version=0x600+ StartTraceA(ptr str ptr)
|
@ stdcall -version=0x600+ StartTraceA(ptr str ptr) EtwStartTraceA
|
||||||
@ stdcall -version=0x502 StartTraceW(ptr wstr ptr) ntdll.EtwStartTraceW
|
@ stdcall -version=0x502 StartTraceW(ptr wstr ptr) ntdll.EtwStartTraceW
|
||||||
@ stdcall -stub -version=0x600+ StartTraceW(ptr wstr ptr)
|
@ stdcall -version=0x600+ StartTraceW(ptr wstr ptr) EtwStartTraceW
|
||||||
@ stdcall -version=0x502 StopTraceA(double str ptr) ntdll.EtwStopTraceA
|
@ stdcall -version=0x502 StopTraceA(double str ptr) ntdll.EtwStopTraceA
|
||||||
@ stdcall -stub -version=0x600+ StopTraceA(double str ptr)
|
@ stdcall -version=0x600+ StopTraceA(double str ptr) EtwStopTraceA
|
||||||
@ stdcall -version=0x502 StopTraceW(double wstr ptr) ntdll.EtwStopTraceW
|
@ stdcall -version=0x502 StopTraceW(double wstr ptr) ntdll.EtwStopTraceW
|
||||||
@ stdcall -stub -version=0x600+ StopTraceW(double wstr ptr)
|
@ stdcall -version=0x600+ StopTraceW(double wstr ptr) EtwStopTraceW
|
||||||
@ stdcall SystemFunction001(ptr ptr ptr)
|
@ stdcall SystemFunction001(ptr ptr ptr)
|
||||||
@ stdcall SystemFunction002(ptr ptr ptr)
|
@ stdcall SystemFunction002(ptr ptr ptr)
|
||||||
@ stdcall SystemFunction003(ptr ptr)
|
@ stdcall SystemFunction003(ptr ptr)
|
||||||
|
|
@ -654,7 +654,7 @@
|
||||||
@ stdcall SystemFunction040(ptr long long) # RtlEncryptMemory
|
@ stdcall SystemFunction040(ptr long long) # RtlEncryptMemory
|
||||||
@ stdcall SystemFunction041(ptr long long) # RtlDecryptMemory
|
@ stdcall SystemFunction041(ptr long long) # RtlDecryptMemory
|
||||||
@ stdcall -version=0x502 TraceEvent(double ptr) ntdll.EtwTraceEvent
|
@ stdcall -version=0x502 TraceEvent(double ptr) ntdll.EtwTraceEvent
|
||||||
@ stdcall -stub -version=0x600+ TraceEvent(double ptr)
|
@ stdcall -version=0x600+ TraceEvent(double ptr) EtwTraceEvent
|
||||||
@ stdcall TraceEventInstance(double ptr ptr ptr) ntdll.EtwTraceEventInstance
|
@ stdcall TraceEventInstance(double ptr ptr ptr) ntdll.EtwTraceEventInstance
|
||||||
@ varargs TraceMessage() ntdll.EtwTraceMessage
|
@ varargs TraceMessage() ntdll.EtwTraceMessage
|
||||||
@ stdcall TraceMessageVa() ntdll.EtwTraceMessageVa
|
@ stdcall TraceMessageVa() ntdll.EtwTraceMessageVa
|
||||||
|
|
@ -667,9 +667,9 @@
|
||||||
@ stub UnregisterIdleTask
|
@ stub UnregisterIdleTask
|
||||||
@ stdcall UnregisterTraceGuids(double) ntdll.EtwUnregisterTraceGuids
|
@ stdcall UnregisterTraceGuids(double) ntdll.EtwUnregisterTraceGuids
|
||||||
@ stdcall -version=0x502 UpdateTraceA(double str ptr) ntdll.EtwUpdateTraceA
|
@ stdcall -version=0x502 UpdateTraceA(double str ptr) ntdll.EtwUpdateTraceA
|
||||||
@ stdcall -stub -version=0x600+ UpdateTraceA(double str ptr)
|
@ stdcall -version=0x600+ UpdateTraceA(double str ptr) EtwUpdateTraceA
|
||||||
@ stdcall -version=0x502 UpdateTraceW(double wstr ptr) ntdll.EtwUpdateTraceW
|
@ stdcall -version=0x502 UpdateTraceW(double wstr ptr) ntdll.EtwUpdateTraceW
|
||||||
@ stdcall -stub -version=0x600+ UpdateTraceW(double wstr ptr)
|
@ stdcall -version=0x600+ UpdateTraceW(double wstr ptr) EtwUpdateTraceW
|
||||||
@ stub WdmWmiServiceMain
|
@ stub WdmWmiServiceMain
|
||||||
@ stub WmiCloseBlock
|
@ stub WmiCloseBlock
|
||||||
@ stub WmiCloseTraceWithCursor
|
@ stub WmiCloseTraceWithCursor
|
||||||
|
|
@ -688,9 +688,9 @@
|
||||||
@ stub WmiMofEnumerateResourcesA
|
@ stub WmiMofEnumerateResourcesA
|
||||||
@ stub WmiMofEnumerateResourcesW
|
@ stub WmiMofEnumerateResourcesW
|
||||||
@ stdcall -version=0x502 WmiNotificationRegistrationA(ptr long ptr long long) ntdll.EtwNotificationRegistrationA
|
@ stdcall -version=0x502 WmiNotificationRegistrationA(ptr long ptr long long) ntdll.EtwNotificationRegistrationA
|
||||||
@ stdcall -stub -version=0x600+ WmiNotificationRegistrationA(ptr long ptr long long)
|
@ stdcall -stub -version=0x600+ WmiNotificationRegistrationA(ptr long ptr long long) # EtwNotificationRegistrationA
|
||||||
@ stdcall -version=0x502 WmiNotificationRegistrationW(ptr long ptr long long) ntdll.EtwNotificationRegistrationW
|
@ stdcall -version=0x502 WmiNotificationRegistrationW(ptr long ptr long long) ntdll.EtwNotificationRegistrationW
|
||||||
@ stdcall -stub -version=0x600+ WmiNotificationRegistrationW(ptr long ptr long long)
|
@ stdcall -stub -version=0x600+ WmiNotificationRegistrationW(ptr long ptr long long) # EtwNotificationRegistrationW
|
||||||
@ stub WmiOpenBlock
|
@ stub WmiOpenBlock
|
||||||
@ stub WmiOpenTraceWithCursor
|
@ stub WmiOpenTraceWithCursor
|
||||||
@ stub WmiParseTraceEvent
|
@ stub WmiParseTraceEvent
|
||||||
|
|
@ -704,9 +704,9 @@
|
||||||
@ stub WmiQuerySingleInstanceMultipleW
|
@ stub WmiQuerySingleInstanceMultipleW
|
||||||
@ stub WmiQuerySingleInstanceW
|
@ stub WmiQuerySingleInstanceW
|
||||||
@ stdcall -version=0x502 WmiReceiveNotificationsA(long long long long) ntdll.EtwReceiveNotificationsA
|
@ stdcall -version=0x502 WmiReceiveNotificationsA(long long long long) ntdll.EtwReceiveNotificationsA
|
||||||
@ stdcall -stub -version=0x600+ WmiReceiveNotificationsA(long long long long)
|
@ stdcall -stub -version=0x600+ WmiReceiveNotificationsA(long long long long) # EtwReceiveNotificationsA
|
||||||
@ stdcall -version=0x502 WmiReceiveNotificationsW(long long long long) ntdll.EtwReceiveNotificationsW
|
@ stdcall -version=0x502 WmiReceiveNotificationsW(long long long long) ntdll.EtwReceiveNotificationsW
|
||||||
@ stdcall -stub -version=0x600+ WmiReceiveNotificationsW(long long long long)
|
@ stdcall -stub -version=0x600+ WmiReceiveNotificationsW(long long long long) # EtwReceiveNotificationsW
|
||||||
@ stub WmiSetSingleInstanceA
|
@ stub WmiSetSingleInstanceA
|
||||||
@ stub WmiSetSingleInstanceW
|
@ stub WmiSetSingleInstanceW
|
||||||
@ stub WmiSetSingleItemA
|
@ stub WmiSetSingleItemA
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue