NT Native APIs

OSR_Community_User · March 22, 2000, 3:55am

Hi there,

Does anybody know how to use the Native API of NT directly from user mode .
I want to use NtCreateSection()
(the user equivalent of ZwCreateSection) instead of CreateFileMapping()
because it gives more control
over parameters but there is no NTDLL.LIB to link to and these functions
are declared unresolved at link time!

thanks

Dubi

OSR_Community_User · March 22, 2000, 4:12am

> over parameters but there is no NTDLL.LIB to link to and these functions

are declared unresolved at link time!

Use GetProcAddress. The prototype is:

NTSYSAPI
NTSTATUS
NTAPI
ZwCreateSection (
OUT PHANDLE SectionHandle,
IN ACCESS_MASK DesiredAccess,
IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
IN PLARGE_INTEGER MaximumSize OPTIONAL,
IN ULONG SectionPageProtection,
IN ULONG AllocationAttributes,
IN HANDLE FileHandle OPTIONAL
);

Max

OSR_Community_User · March 22, 2000, 4:22am

you might wanna try loadLibrary or getmodulehandle to get a handle to
ntdll.dll and then using this handle make a call getprocaddress
to get a function pointer to NtCreateSection function.

----- Original Message -----
From:
To: File Systems Developers
Sent: Wednesday, March 22, 2000 2:21 PM
Subject: [ntfsd] NT Native APIs

>
>
>
> Hi there,
>
> Does anybody know how to use the Native API of NT directly from user mode
.
> I want to use NtCreateSection()
> (the user equivalent of ZwCreateSection) instead of CreateFileMapping()
> because it gives more control
> over parameters but there is no NTDLL.LIB to link to and these functions
> are declared unresolved at link time!
>
> thanks
>
> Dubi
>
>
>
> —
> You are currently subscribed to ntfsd as: xxxxx@legato.com
> To unsubscribe send a blank email to $subst(‘Email.Unsub’)

OSR_Community_User · March 22, 2000, 5:39am

Hello,

Declare the prototype for NtCreateSection and then add
ntdll.lib to list of libraries.

You will get ntdll.lib in Device driver kit. It is
located in \DDK\LIB\I386\FREE in NT 4.0 DDK and
\DDK\LIBFRE\I386\FREE in Windows 2000 DDK.

Alternatively you find the address dynamically using
GetProcAddress and call the function.

-Prasad

— dubi@il.ibm.com wrote:

Hi there,

Does anybody know how to use the Native API of NT
directly from user mode .
I want to use NtCreateSection()
(the user equivalent of ZwCreateSection) instead of
CreateFileMapping()
because it gives more control
over parameters but there is no NTDLL.LIB to link
to and these functions
are declared unresolved at link time!

thanks

Dubi

You are currently subscribed to ntfsd as:
xxxxx@yahoo.com
To unsubscribe send a blank email to
$subst(‘Email.Unsub’)

=====
Prasad S. Dabak
Director of Engineering, Windows NT/2000 Division
Cybermedia Software Private Limited
http://www.cybermedia.co.in
Co-author of the book “Undocumented Windows NT”
ISBN 0764545698

Do You Yahoo!?
Talk to your friends online with Yahoo! Messenger.
http://im.yahoo.com

OSR_Community_User · March 22, 2000, 8:22am

On Wed, 22 Mar 2000 dubi@il.ibm.com wrote:

Hi there,

Does anybody know how to use the Native API of NT directly from user mode .
I want to use NtCreateSection()
(the user equivalent of ZwCreateSection) instead of CreateFileMapping()
because it gives more control
over parameters but there is no NTDLL.LIB to link to and these functions
are declared unresolved at link time!

thanks

Dubi
Hi!
Sorry, my English is very bad but I hope You can understand me.

I use the Borland compiler and linker but I was made import library for
using “NTDLL.DLL” functions with “impdef” and “implib” utility. And in
“ntdll.h” file I was made some changes in declarations of prototypes.
For example:

/*This is standard declaration and linker does not work with my library*/

NTSYSAPI
NTSTATUS
NTAPI
ZwCreateSection (
OUT PHANDLE SectionHandle,
IN ACCESS_MASK DesiredAccess,
IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
IN PLARGE_INTEGER MaximumSize OPTIONAL,
IN ULONG SectionPageProtection,
IN ULONG AllocationAttributes,
IN HANDLE FileHandle OPTIONAL
);

/*Instead declaration above I use another, and linker works properly
and there is no need to using “LoadLibrary” and “GetProcAddress”.*/

extern “C” DWORD __stdcall ZwCreateSection (
OUT PHANDLE SectionHandle,
IN ACCESS_MASK DesiredAccess,
IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
IN PLARGE_INTEGER MaximumSize OPTIONAL,
IN ULONG SectionPageProtection,
IN ULONG AllocationAttributes,
IN HANDLE FileHandle OPTIONAL
);

I understand that my linker is not Microsoft linker but I think that the
Microsoft DDK and SDK have the same utilities. Maybe these utilities have
another names but I think they does the same things.

Excuse me if I said something wrong

Hope these things can help You…

**********************************************
Best regards, Alex Pro (Alexey Prokoptchuk),
System Administrator
Contact phone - +380-6452 99622
ICQ - 17815755
**********************************************