IOCTL_HAL_GETREGSECUREKEYS (deprecated) (Compact 2013)
10/16/2014
This I/O control message is called by Filesys.exe to enable the OEM to extend the list of registry paths that should be protected from nontrusted applications. Send this message with OEMIoControl.
Syntax
BOOL OEMIoControl(
DWORD dwIoControlCode, // use IOCTL_HAL_GETREGSECUREKEYS
LPVOID lpInBuffer, // pointer to input buffer
DWORD nInBufferSize, // input buffer size
LPVOID lpOutBuffer, // pointer to output buffer
DWORD nOutBufferSize, // output buffer size
LPDWORD lpBytesReturned // number of bytes returned
);
Parameters
- dwIoControlCode
[in] Control code for the operation. Use IOCTL_HAL_GETREGSECUREKEYS for this operation.
- lpInBuffer
[in] Set to NULL.
- nInBufferSize
[in] Set to zero.
- lpOutBuffer
[out] Pointer to a buffer that stores either a RegSecureKeyList structure provided by the OEM or a DWORD.
nOutBufferSize
If the size specified by this parameter is equal tosizeof(DWORD), Filesys.exe is requesting the amount of memory it needs to allocate to store the data to be returned by the OEM. Set the DWORD pointed to by lpOutBuffer to the number of bytes that must be allocated by Filesys.exe to retrieve the data.If the DWORD pointer specified in lpOutBuffer is set to zero, no further action is taken by Filesys.exe.
- lpBytesReturned
[in] Pointer to DWORD that stores the number of bytes written to the lpOutBuffer.
Return Values
Returns TRUE if successful; otherwise, returns FALSE.
Remarks
This I/O control is called twice: The first call queries for the size of the buffer it needs to allocate to store the OAL data; if the OAL specifies a size greater than zero, a second call requests the actual data.
Code Example
Important
For readability, the following code example does not contain security checking or error handling. Do not use the following code in a production environment.
case IOCTL_HAL_GETREGSECUREKEYS: {
RegSecureKey OEMSecNames[] = {
// Protect HKEY_LOCAL_MACHINE\Name and all of its values/subkeys
{ REGSEC_HKLM, 4, L"Name" },
// Protect HKEY_LOCAL_MACHINE\OtherName and
// HKEY_CURRENT_USER\OtherName and all of their values/subkeys
{ REGSEC_HKLM | REGSEC_HKCU, 9, L"OtherName" },
};
RegSecureKeyList OEMSecList = {
sizeof(OEMSecNames) / sizeof(RegSecureKey),
OEMSecNames,
};
DWORD dwName;
// First call: return the required buffer size
// lpInBuf unused, should be NULL
// nInBufSize unused, should be 0
// lpOutBuf pointer to a DWORD buffer size
// nOutBufSize sizeof(DWORD)
if (!lpInBuf && !nInBufSize && lpOutBuf && (nOutBufSize == sizeof(DWORD))) {
DWORD dwBufSize;
dwBufSize = sizeof(OEMSecList) + sizeof(OEMSecNames);
// size of structs without names
for (dwName = 0; dwName < OEMSecList.dwNumKeys; dwName++) {
dwBufSize += OEMSecNames[dwName].wLen * sizeof(WCHAR);
// no nulls
}
*((DWORD*)lpOutBuf) = dwBufSize;
retval = TRUE;
// Second call: fill the provided buffer
// lpInBuf unused, should be NULL
// nInBufSize unused, should be 0
// lpOutBuf pointer to the buffer to be filled
// nOutBufSize buffer size, should be the same as returned on first call
} else if (!lpInBuf && !nInBufSize && lpOutBuf
&& (nOutBufSize > sizeof(OEMSecList) + sizeof(OEMSecNames))) {
RegSecureKeyList *pKeys = (RegSecureKeyList*)lpOutBuf;
// pStr moves through the buffer as strings are written
LPBYTE pStr = (LPBYTE)lpOutBuf + sizeof(OEMSecList) + sizeof(OEMSecNames);
pKeys->dwNumKeys = OEMSecList.dwNumKeys;
pKeys->pList = (RegSecureKey*) ((LPBYTE)lpOutBuf + sizeof(OEMSecList));
for (dwName = 0; dwName < OEMSecList.dwNumKeys; dwName++) {
pKeys->pList[dwName].wRoots = OEMSecNames[dwName].wRoots;
pKeys->pList[dwName].wLen = OEMSecNames[dwName].wLen;
pKeys->pList[dwName].pName = (LPWSTR)pStr;
memcpy(pStr, (LPBYTE)OEMSecNames[dwName].pName,
OEMSecNames[dwName].wLen * sizeof(WCHAR));
pStr += OEMSecNames[dwName].wLen * sizeof(WCHAR);
}
retval = TRUE;
} else {
// Invalid args
DEBUGCHK(0);
}
break;
}
Requirements
Header |
pkfuncs.h |