Index: chrome_elf/nt_registry/nt_registry.h |
diff --git a/chrome_elf/nt_registry/nt_registry.h b/chrome_elf/nt_registry/nt_registry.h |
index 0451fc536ec4fe4c266ccbb88b05f91f8f4c8104..20b237e0de34b7070c94bbdef770548b1e74405a 100644 |
--- a/chrome_elf/nt_registry/nt_registry.h |
+++ b/chrome_elf/nt_registry/nt_registry.h |
@@ -38,6 +38,18 @@ extern wchar_t HKCU_override[]; |
// Use HKLM or HKCU to override. |
typedef enum _ROOT_KEY { AUTO = 0, HKLM, HKCU } ROOT_KEY; |
+// Used with wrapper functions to request registry redirection override. |
+// Maps to KEY_WOW64_32KEY and KEY_WOW64_64KEY access flags. |
+typedef enum _WOW64_OVERRIDE { |
grt (UTC plus 2)
2016/09/20 10:39:54
could you use modern "enum WOW64_OVERRIDE {...};"
penny
2016/09/23 23:50:59
Done. I am old-school. #sorrynotsorry, #thanksfor
|
+ NONE = 0L, |
+ WOW6432 = KEY_WOW64_32KEY, |
+ WOW6464 = KEY_WOW64_64KEY |
+} WOW64_OVERRIDE; |
+ |
+//------------------------------------------------------------------------------ |
+// Create, open, delete, close functions |
+//------------------------------------------------------------------------------ |
+ |
// Create and/or open a registry key. |
// - This function will recursively create multiple sub-keys if required for |
// |key_path|. |
@@ -66,7 +78,10 @@ bool DeleteRegKey(HANDLE key); |
// Delete a registry key. |
// - WRAPPER: Function opens and closes the target key for caller. |
-bool DeleteRegKey(ROOT_KEY root, const wchar_t* key_path); |
+// - Use |wow64_override| to force redirection behaviour, or pass 0/nt::NONE. |
+bool DeleteRegKey(ROOT_KEY root, |
+ WOW64_OVERRIDE wow64_override, |
+ const wchar_t* key_path); |
// Close a registry key handle that was opened with CreateRegKey or OpenRegKey. |
void CloseRegKey(HANDLE key); |
@@ -96,7 +111,9 @@ bool QueryRegValueDWORD(HANDLE key, |
// Query DWORD value. |
// - WRAPPER: Function opens and closes the target key for caller, and works |
// with DWORD data type. |
+// - Use |wow64_override| to force redirection behaviour, or pass 0/nt::NONE. |
bool QueryRegValueDWORD(ROOT_KEY root, |
+ WOW64_OVERRIDE wow64_override, |
const wchar_t* key_path, |
const wchar_t* value_name, |
DWORD* out_dword); |
@@ -112,7 +129,9 @@ bool QueryRegValueSZ(HANDLE key, |
// Query SZ (string) value. |
// - WRAPPER: Function opens and closes the target key for caller, and works |
// with SZ data type. |
+// - Use |wow64_override| to force redirection behaviour, or pass 0/nt::NONE. |
bool QueryRegValueSZ(ROOT_KEY root, |
+ WOW64_OVERRIDE wow64_override, |
const wchar_t* key_path, |
const wchar_t* value_name, |
std::wstring* out_sz); |
@@ -128,7 +147,9 @@ bool QueryRegValueMULTISZ(HANDLE key, |
// Query MULTI_SZ (multiple strings) value. |
// - WRAPPER: Function opens and closes the target key for caller, and works |
// with MULTI_SZ data type. |
+// - Use |wow64_override| to force redirection behaviour, or pass 0/nt::NONE. |
bool QueryRegValueMULTISZ(ROOT_KEY root, |
+ WOW64_OVERRIDE wow64_override, |
const wchar_t* key_path, |
const wchar_t* value_name, |
std::vector<std::wstring>* out_multi_sz); |
@@ -155,7 +176,9 @@ bool SetRegValueDWORD(HANDLE key, const wchar_t* value_name, DWORD value); |
// Set DWORD value. |
// - WRAPPER: Function opens and closes the target key for caller, and works |
// with DWORD data type. |
+// - Use |wow64_override| to force redirection behaviour, or pass 0/nt::NONE. |
bool SetRegValueDWORD(ROOT_KEY root, |
+ WOW64_OVERRIDE wow64_override, |
const wchar_t* key_path, |
const wchar_t* value_name, |
DWORD value); |
@@ -171,7 +194,9 @@ bool SetRegValueSZ(HANDLE key, |
// Set SZ (string) value. |
// - WRAPPER: Function opens and closes the target key for caller, and works |
// with SZ data type. |
+// - Use |wow64_override| to force redirection behaviour, or pass 0/nt::NONE. |
bool SetRegValueSZ(ROOT_KEY root, |
+ WOW64_OVERRIDE wow64_override, |
const wchar_t* key_path, |
const wchar_t* value_name, |
const std::wstring& value); |
@@ -187,7 +212,9 @@ bool SetRegValueMULTISZ(HANDLE key, |
// Set MULTI_SZ (multiple strings) value. |
// - WRAPPER: Function opens and closes the target key for caller, and works |
// with MULTI_SZ data type. |
+// - Use |wow64_override| to force redirection behaviour, or pass 0/nt::NONE. |
bool SetRegValueMULTISZ(ROOT_KEY root, |
+ WOW64_OVERRIDE wow64_override, |
const wchar_t* key_path, |
const wchar_t* value_name, |
const std::vector<std::wstring>& values); |
@@ -199,6 +226,15 @@ bool SetRegValueMULTISZ(ROOT_KEY root, |
// Returns the current user SID in string form. |
const wchar_t* GetCurrentUserSidString(); |
+// Change global setting for WOW64 redirection behaviour. |
+// - Affects 64-bit machines only. |
+// - By default, this global setting is OFF. |
+// - Turning this on will result in WOW64-process registry accesses being |
+// redirected the way ADVAPI32 would do. |
+// NOTE: KEY_WOW64_32KEY and KEY_WOW64_64KEY override access flags are |
+// respected regardless. |
+void ChangeDefaultWow64Redirection(bool default_on); |
grt (UTC plus 2)
2016/09/20 10:39:55
in keeping with the principle of least surprise, i
penny
2016/09/23 23:50:59
Done. The "principle of least surprise" to me wou
|
+ |
}; // namespace nt |
#endif // CHROME_ELF_NT_REGISTRY_NT_REGISTRY_H_ |