Minimal ARM64 consideration

.github/workflows/tests.yml

@@ -94,3 +94,35 @@ jobs:
           secondary_rate_limit_wait_seconds: 90
           seconds_between_github_writes: 10
           seconds_between_github_reads: 1
+
+#   tests_arm64:
+#     needs: generate_ctypes
+#     timeout-minutes: 15
+#     runs-on: windows-ARM64
+#     continue-on-error: true
+#
+#     strategy:
+#       fail-fast: false
+#       matrix:
+#         python-version: [3.11]
+#         python-architecture: [x86, x64, arm64]
+#         include:
+#             # Translate architecture to bitness for py.exe commandline
+#             - python-bitness-to-test: 32
+#               python-architecture: x86
+#             - python-bitness-to-test: 64
+#               python-architecture: x64
+#             - python-bitness-to-test: arm64
+#               python-architecture: arm64
+#
+#     steps:
+#       - uses: actions/checkout@v4
+#
+#       - name: Listing python versions availables
+#         run: py -0
+#
+#       - name: Testing PFW execute
+#         run: py -${{ matrix.python-version}}-${{ matrix.python-bitness-to-test}} -c "import windows; print(windows)"
+#
+#       - name: Arm64 pytests
+#         run: py -${{ matrix.python-version}}-${{ matrix.python-bitness-to-test}} -m pytest tests -k "not test_debugger" -v -s -r fEsx

ctypes_generation/definitions/defines/proc_thread_attributes.txt

@@ -0,0 +1,79 @@
+// We have a rare case of defines that depends on an enum
+// Which is PROC_THREAD_ATTRIBUTE_NUM
+// So i Will just define a copy of those as define here
+// Define version copied from: https://github.com/winsiderss/systeminformer/blob/master/phnt/include/ntpsapi.h#L2666
+// Thx to them, as always :)
+
+#define ProcThreadAttributeParentProcess 0 // in HANDLE
+#define ProcThreadAttributeExtendedFlags 1 // in ULONG (EXTENDED_PROCESS_CREATION_FLAG_*)
+#define ProcThreadAttributeHandleList 2 // in HANDLE[]
+#define ProcThreadAttributeGroupAffinity 3 // in GROUP_AFFINITY // since WIN7
+#define ProcThreadAttributePreferredNode 4 // in USHORT
+#define ProcThreadAttributeIdealProcessor 5 // in PROCESSOR_NUMBER
+#define ProcThreadAttributeUmsThread 6 // in UMS_CREATE_THREAD_ATTRIBUTES
+#define ProcThreadAttributeMitigationPolicy 7 // in ULONG, ULONG64, or ULONG64[2]
+#define ProcThreadAttributePackageFullName 8 // in WCHAR[] // since WIN8
+#define ProcThreadAttributeSecurityCapabilities 9 // in SECURITY_CAPABILITIES
+#define ProcThreadAttributeConsoleReference 10 // BaseGetConsoleReference (kernelbase.dll)
+#define ProcThreadAttributeProtectionLevel 11 // in ULONG (PROTECTION_LEVEL_*) // since WINBLUE
+#define ProcThreadAttributeOsMaxVersionTested 12 // in MAXVERSIONTESTED_INFO // since THRESHOLD // (from exe.manifest)
+#define ProcThreadAttributeJobList 13 // in HANDLE[]
+#define ProcThreadAttributeChildProcessPolicy 14 // in ULONG (PROCESS_CREATION_CHILD_PROCESS_*) // since THRESHOLD2
+#define ProcThreadAttributeAllApplicationPackagesPolicy 15 // in ULONG (PROCESS_CREATION_ALL_APPLICATION_PACKAGES_*) // since REDSTONE
+#define ProcThreadAttributeWin32kFilter 16 // in WIN32K_SYSCALL_FILTER
+#define ProcThreadAttributeSafeOpenPromptOriginClaim 17 // in SE_SAFE_OPEN_PROMPT_RESULTS
+#define ProcThreadAttributeDesktopAppPolicy 18 // in ULONG (PROCESS_CREATION_DESKTOP_APP_*) // since RS2
+#define ProcThreadAttributeBnoIsolation 19 // in PROC_THREAD_BNOISOLATION_ATTRIBUTE
+#define ProcThreadAttributePseudoConsole 22 // in HANDLE (HPCON) // since RS5
+#define ProcThreadAttributeIsolationManifest 23 // in ISOLATION_MANIFEST_PROPERTIES // rev (diversenok) // since 19H2+
+#define ProcThreadAttributeMitigationAuditPolicy 24 // in ULONG, ULONG64, or ULONG64[2] // since 21H1
+#define ProcThreadAttributeMachineType 25 // in USHORT // since 21H2
+#define ProcThreadAttributeComponentFilter 26 // in ULONG
+#define ProcThreadAttributeEnableOptionalXStateFeatures 27 // in ULONG64 // since WIN11
+#define ProcThreadAttributeCreateStore 28 // ULONG // rev (diversenok)
+#define ProcThreadAttributeTrustedApp 29
+#define ProcThreadAttributeSveVectorLength 30
+
+// Real definition of value usef by API
+// From: https://github.com/microsoft/win32metadata/blob/6af96d8470751e13a4e3f579f84b7b8b3ca398e1/generation/WinSDK/RecompiledIdlHeaders/um/WinBase.h#L3568
+// macro ProcThreadAttributeValue is recoded in python in template.py
+// I replace TRUE by True && FALSE by False for native python compat :)
+
+#define PROC_THREAD_ATTRIBUTE_NUMBER    0x0000FFFF
+#define PROC_THREAD_ATTRIBUTE_THREAD    0x00010000  // Attribute may be used with thread creation
+#define PROC_THREAD_ATTRIBUTE_INPUT     0x00020000  // Attribute is input only
+#define PROC_THREAD_ATTRIBUTE_ADDITIVE  0x00040000  // Attribute may be "accumulated," e.g. bitmasks,
+
+#define PROC_THREAD_ATTRIBUTE_PARENT_PROCESS \
+    ProcThreadAttributeValue (ProcThreadAttributeParentProcess, False, True, False)
+#define PROC_THREAD_ATTRIBUTE_HANDLE_LIST \
+    ProcThreadAttributeValue (ProcThreadAttributeHandleList, False, True, False)
+
+#define PROC_THREAD_ATTRIBUTE_GROUP_AFFINITY \
+    ProcThreadAttributeValue (ProcThreadAttributeGroupAffinity, True, True, False)
+#define PROC_THREAD_ATTRIBUTE_PREFERRED_NODE \
+    ProcThreadAttributeValue (ProcThreadAttributePreferredNode, False, True, False)
+#define PROC_THREAD_ATTRIBUTE_IDEAL_PROCESSOR \
+    ProcThreadAttributeValue (ProcThreadAttributeIdealProcessor, True, True, False)
+#define PROC_THREAD_ATTRIBUTE_UMS_THREAD \
+    ProcThreadAttributeValue (ProcThreadAttributeUmsThread, True, True, False)
+#define PROC_THREAD_ATTRIBUTE_MITIGATION_POLICY \
+    ProcThreadAttributeValue (ProcThreadAttributeMitigationPolicy, False, True, False)
+
+#define PROC_THREAD_ATTRIBUTE_SECURITY_CAPABILITIES \
+    ProcThreadAttributeValue (ProcThreadAttributeSecurityCapabilities, False, True, False)
+
+#define PROC_THREAD_ATTRIBUTE_PROTECTION_LEVEL \
+    ProcThreadAttributeValue (ProcThreadAttributeProtectionLevel, False, True, False)
+
+#define PROC_THREAD_ATTRIBUTE_PSEUDOCONSOLE \
+    ProcThreadAttributeValue (ProcThreadAttributePseudoConsole, False, True, False)
+
+#define PROC_THREAD_ATTRIBUTE_MACHINE_TYPE \
+    ProcThreadAttributeValue (ProcThreadAttributeMachineType, False, True, False)
+
+#define PROC_THREAD_ATTRIBUTE_ENABLE_OPTIONAL_XSTATE_FEATURES \
+    ProcThreadAttributeValue (ProcThreadAttributeEnableOptionalXStateFeatures, True, True, False)
+
+#define PROC_THREAD_ATTRIBUTE_SVE_VECTOR_LENGTH \
+    ProcThreadAttributeValue (ProcThreadAttributeSveVectorLength, False, True, False)

ctypes_generation/definitions/defines/processor.txt

@@ -0,0 +1,38 @@
+#define PROCESSOR_INTEL_386     386
+#define PROCESSOR_INTEL_486     486
+#define PROCESSOR_INTEL_PENTIUM 586
+#define PROCESSOR_INTEL_IA64    2200
+#define PROCESSOR_MIPS_R4000    4000    // incl R4101 & R3910 for Windows CE
+#define PROCESSOR_ALPHA_21064   21064
+#define PROCESSOR_PPC_601       601
+#define PROCESSOR_PPC_603       603
+#define PROCESSOR_PPC_604       604
+#define PROCESSOR_PPC_620       620
+#define PROCESSOR_HITACHI_SH3   10003   // Windows CE
+#define PROCESSOR_HITACHI_SH3E  10004   // Windows CE
+#define PROCESSOR_HITACHI_SH4   10005   // Windows CE
+#define PROCESSOR_MOTOROLA_821  821     // Windows CE
+#define PROCESSOR_SHx_SH3       103     // Windows CE
+#define PROCESSOR_SHx_SH4       104     // Windows CE
+#define PROCESSOR_STRONGARM     2577    // Windows CE - 0xA11
+#define PROCESSOR_ARM720        1824    // Windows CE - 0x720
+#define PROCESSOR_ARM820        2080    // Windows CE - 0x820
+#define PROCESSOR_ARM920        2336    // Windows CE - 0x920
+#define PROCESSOR_ARM_7TDMI     70001   // Windows CE
+#define PROCESSOR_OPTIL         0x494f  // MSIL
+
+#define PROCESSOR_ARCHITECTURE_INTEL            0
+#define PROCESSOR_ARCHITECTURE_MIPS             1
+#define PROCESSOR_ARCHITECTURE_ALPHA            2
+#define PROCESSOR_ARCHITECTURE_PPC              3
+#define PROCESSOR_ARCHITECTURE_SHX              4
+#define PROCESSOR_ARCHITECTURE_ARM              5
+#define PROCESSOR_ARCHITECTURE_IA64             6
+#define PROCESSOR_ARCHITECTURE_ALPHA64          7
+#define PROCESSOR_ARCHITECTURE_MSIL             8
+#define PROCESSOR_ARCHITECTURE_AMD64            9
+#define PROCESSOR_ARCHITECTURE_IA32_ON_WIN64    10
+#define PROCESSOR_ARCHITECTURE_NEUTRAL          11
+#define PROCESSOR_ARCHITECTURE_ARM64            12
+#define PROCESSOR_ARCHITECTURE_ARM32_ON_WIN64   13
+#define PROCESSOR_ARCHITECTURE_UNKNOWN          0xFFFF

ctypes_generation/definitions/defines/template.py

@@ -24,3 +24,19 @@ def CTL_CODE(DeviceType, Function, Method, Access):
 
 def HRESULT_FACILITY(hr):
     return (((hr) >> 16) & 0x1fff)
+
+# https://github.com/microsoft/win32metadata/blob/6af96d8470751e13a4e3f579f84b7b8b3ca398e1/generation/WinSDK/RecompiledIdlHeaders/um/WinBase.h#L3562
+# Original MACRO:
+
+#define ProcThreadAttributeValue(Number, Thread, Input, Additive) \
+#      (((Number) & PROC_THREAD_ATTRIBUTE_NUMBER) | \
+#       ((Thread != FALSE) ? PROC_THREAD_ATTRIBUTE_THREAD : 0) | \
+#       ((Input != FALSE) ? PROC_THREAD_ATTRIBUTE_INPUT : 0) | \
+#       ((Additive != FALSE) ? PROC_THREAD_ATTRIBUTE_ADDITIVE : 0))
+
+def ProcThreadAttributeValue(Number, Thread, Input, Additive):
+    return ((Number & PROC_THREAD_ATTRIBUTE_NUMBER) |
+             (Thread and PROC_THREAD_ATTRIBUTE_THREAD) |
+             (Input and PROC_THREAD_ATTRIBUTE_INPUT) |
+             (Additive and PROC_THREAD_ATTRIBUTE_ADDITIVE))
+

ctypes_generation/definitions/defines/thread_context.txt

@@ -0,0 +1,61 @@
+// Atrget architecture description
+
+#define CONTEXT_I386    0x00010000 // An old PFW error in case ?
+#define CONTEXT_AMD64   0x00100000
+#define CONTEXT_ARM   0x00200000
+#define CONTEXT_ARM64   0x00400000
+#define CONTEXT_i386    0x00010000L    // this assumes that i386 and
+#define CONTEXT_i486    0x00010000L    // i486 have identical context records
+#define WOW64_CONTEXT_i386      0x00010000    // this assumes that i386 and
+#define WOW64_CONTEXT_i486      0x00010000    // i486 have identical context records
+
+// Not perfect, should be explicitly for an architecture
+
+#define CONTEXT_CONTROL             0x00000001L
+#define CONTEXT_INTEGER             0x00000002L
+#define CONTEXT_SEGMENTS            0x00000004L
+#define CONTEXT_FLOATING_POINT      0x00000008L
+#define CONTEXT_DEBUG_REGISTERS     0x00000010L
+#define CONTEXT_EXTENDED_REGISTERS  0x00000020L
+#define CONTEXT_FULL (CONTEXT_CONTROL | CONTEXT_INTEGER | CONTEXT_SEGMENTS)
+#define CONTEXT_ALL (CONTEXT_FULL | CONTEXT_FLOATING_POINT | CONTEXT_DEBUG_REGISTERS | CONTEXT_EXTENDED_REGISTERS)
+
+#define CONTEXT_XSTATE          (CONTEXT_I386 | 0x00000040L)
+
+// WOW64
+
+
+
+#define WOW64_CONTEXT_CONTROL               (WOW64_CONTEXT_i386 | 0x00000001L) // SS:SP, CS:IP, FLAGS, BP
+#define WOW64_CONTEXT_INTEGER               (WOW64_CONTEXT_i386 | 0x00000002L) // AX, BX, CX, DX, SI, DI
+#define WOW64_CONTEXT_SEGMENTS              (WOW64_CONTEXT_i386 | 0x00000004L) // DS, ES, FS, GS
+#define WOW64_CONTEXT_FLOATING_POINT        (WOW64_CONTEXT_i386 | 0x00000008L) // 387 state
+#define WOW64_CONTEXT_DEBUG_REGISTERS       (WOW64_CONTEXT_i386 | 0x00000010L) // DB 0-3,6,7
+#define WOW64_CONTEXT_EXTENDED_REGISTERS    (WOW64_CONTEXT_i386 | 0x00000020L) // cpu specific extensions
+
+#define WOW64_CONTEXT_FULL      (WOW64_CONTEXT_CONTROL | WOW64_CONTEXT_INTEGER | WOW64_CONTEXT_SEGMENTS)
+
+#define WOW64_CONTEXT_ALL       (WOW64_CONTEXT_CONTROL | WOW64_CONTEXT_INTEGER | WOW64_CONTEXT_SEGMENTS | \
+                                 WOW64_CONTEXT_FLOATING_POINT | WOW64_CONTEXT_DEBUG_REGISTERS | \
+                                 WOW64_CONTEXT_EXTENDED_REGISTERS)
+
+#define WOW64_CONTEXT_XSTATE                (WOW64_CONTEXT_i386 | 0x00000040L)
+
+#define WOW64_CONTEXT_EXCEPTION_ACTIVE      0x08000000
+#define WOW64_CONTEXT_SERVICE_ACTIVE        0x10000000
+#define WOW64_CONTEXT_EXCEPTION_REQUEST     0x40000000
+#define WOW64_CONTEXT_EXCEPTION_REPORTING   0x80000000
+
+// ARM64
+
+#define CONTEXT_ARM64_CONTROL (CONTEXT_ARM64 | 0x1L)
+#define CONTEXT_ARM64_INTEGER (CONTEXT_ARM64 | 0x2L)
+#define CONTEXT_ARM64_FLOATING_POINT  (CONTEXT_ARM64 | 0x4L)
+#define CONTEXT_ARM64_DEBUG_REGISTERS (CONTEXT_ARM64 | 0x8L)
+#define CONTEXT_ARM64_X18 (CONTEXT_ARM64 | 0x10L)
+
+#define CONTEXT_UNWOUND_TO_CALL 0x20000000
+#define CONTEXT_RET_TO_GUEST    0x04000000
+
+#define ARM64_MAX_BREAKPOINTS     8
+#define ARM64_MAX_WATCHPOINTS     2

ctypes_generation/definitions/defines/windef.txt

@@ -130,22 +130,6 @@
 #define TH32CS_SNAPALL      (TH32CS_SNAPHEAPLIST | TH32CS_SNAPPROCESS | TH32CS_SNAPTHREAD | TH32CS_SNAPMODULE)
 #define TH32CS_INHERIT      0x80000000
 
-#define CONTEXT_I386    0x00010000
-#define CONTEXT_AMD64   0x00100000
-#define CONTEXT_ARM   0x00200000
-#define CONTEXT_ARM64   0x00400000
-
-#define CONTEXT_CONTROL             0x00000001L
-#define CONTEXT_INTEGER             0x00000002L
-#define CONTEXT_SEGMENTS            0x00000004L
-#define CONTEXT_FLOATING_POINT      0x00000008L
-#define CONTEXT_DEBUG_REGISTERS     0x00000010L
-#define CONTEXT_EXTENDED_REGISTERS  0x00000020L
-#define CONTEXT_FULL (CONTEXT_CONTROL | CONTEXT_INTEGER | CONTEXT_SEGMENTS)
-#define CONTEXT_ALL (CONTEXT_FULL | CONTEXT_FLOATING_POINT | CONTEXT_DEBUG_REGISTERS | CONTEXT_EXTENDED_REGISTERS)
-
-#define CONTEXT_XSTATE          (CONTEXT_I386 | 0x00000040L)
-
 
 #define PAGE_NOACCESS          0x01
 #define PAGE_READONLY          0x02

ctypes_generation/definitions/defines/windef_pe.txt

@@ -100,4 +100,6 @@
 #define IMAGE_FILE_MACHINE_AMD64             0x8664
 #define IMAGE_FILE_MACHINE_M32R              0x9041
 #define IMAGE_FILE_MACHINE_CEE               0xC0EE
-#define IMAGE_FILE_MACHINE_ARM64             0xAA64
+#define IMAGE_FILE_MACHINE_ARM64             0xAA64
+
+#define IMAGE_FILE_MACHINE_TARGET_HOST      0x0001  // Useful for indicating we want to interact with the host and not a WoW guest.

ctypes_generation/definitions/functions/process.txt

@@ -65,6 +65,19 @@ BOOL FreeLibrary(
   HMODULE hLibModule
 );
 
+BOOL GetProcessInformation(
+  [in] HANDLE                    hProcess,
+  [in] PROCESS_INFORMATION_CLASS ProcessInformationClass,
+       LPVOID                    ProcessInformation,
+  [in] DWORD                     ProcessInformationSize
+);
+
+BOOL SetProcessInformation(
+  [in] HANDLE                    hProcess,
+  [in] PROCESS_INFORMATION_CLASS ProcessInformationClass,
+       LPVOID                    ProcessInformation,
+  [in] DWORD                     ProcessInformationSize
+);
 
 /* Not documented by seems present since dawn of time (WRK)
     I Prefere PVOID as a return value to allow simple cast to PEB subclass in process.py*/

ctypes_generation/definitions/functions/sysinfo.txt

@@ -59,4 +59,12 @@ BOOL LookupAccountNameW(
   LPWSTR        ReferencedDomainName,
   LPDWORD       cchReferencedDomainName,
   PSID_NAME_USE peUse
+);
+
+PVOID GetNativeSystemInfo(
+  [out] LPSYSTEM_INFO lpSystemInfo
+);
+
+PVOID GetSystemInfo(
+  [out] LPSYSTEM_INFO lpSystemInfo
 );

ctypes_generation/definitions/functions/syswow64.txt

@@ -0,0 +1,83 @@
+BOOL IsWow64Process(
+  [in]  HANDLE hProcess,
+  [out] PBOOL  Wow64Process
+);
+
+BOOL IsWow64Process2(
+  [in]            HANDLE hProcess,
+  [out]           USHORT *pProcessMachine,
+  [out, optional] USHORT *pNativeMachine
+);
+
+HRESULT IsWow64GuestMachineSupported(
+  [in]  USHORT WowGuestMachine,
+  [out] BOOL   *MachineIsSupported
+);
+
+UINT GetSystemWow64DirectoryA(
+  [out] LPSTR lpBuffer,
+  [in]  UINT  uSize
+);
+
+UINT GetSystemWow64DirectoryW(
+  [out] LPWSTR lpBuffer,
+  [in]  UINT   uSize
+);
+
+UINT GetSystemWow64Directory2A(
+  [out] LPSTR lpBuffer,
+  [in]  UINT  uSize,
+  [in]  WORD  ImageFileMachineType
+);
+
+UINT GetSystemWow64Directory2W(
+  [out] LPWSTR lpBuffer,
+  [in]  UINT   uSize,
+  [in]  WORD   ImageFileMachineType
+);
+
+BOOL Wow64DisableWow64FsRedirection(
+  [out] PVOID *OldValue
+);
+
+BOOLEAN Wow64EnableWow64FsRedirection(
+  BOOLEAN Wow64FsEnableRedirection
+);
+
+BOOL Wow64RevertWow64FsRedirection(
+  [in] PVOID OlValue
+);
+
+BOOL Wow64GetThreadContext(
+  HANDLE         hThread,
+  PWOW64_CONTEXT lpContext
+);
+
+BOOL Wow64SetThreadContext(
+  HANDLE         hThread,
+  WOW64_CONTEXT *lpContext
+);
+
+USHORT Wow64SetThreadDefaultGuestMachine(
+  USHORT Machine
+);
+
+DWORD Wow64SuspendThread(
+  HANDLE hThread
+);
+
+NTSTATUS WINAPI NtWow64ReadVirtualMemory64(
+  _In_   HANDLE     hProcess,
+  _In_   ULONG64    lpBaseAddress,
+  _Out_  LPVOID     lpBuffer,
+  _In_   ULONG64    nSize,
+  _Out_  PULONG64   lpNumberOfBytesRead
+);
+
+NTSTATUS WINAPI NtWow64WriteVirtualMemory64(
+  _In_   HANDLE     hProcess,
+  _In_   ULONG64    lpBaseAddress,
+  _Out_  LPVOID     lpBuffer,
+  _In_   ULONG64    nSize,
+  _Out_  PULONG64   lpNumberOfBytesWritten
+);