Add object type interface.

src/OpenArk/OpenArk.vcxproj

@@ -256,6 +256,7 @@
     <ClCompile Include="..\OpenArkDrv\arkdrv-api\api-driver\api-driver.cpp" />
     <ClCompile Include="..\OpenArkDrv\arkdrv-api\api-memory\api-memory.cpp" />
     <ClCompile Include="..\OpenArkDrv\arkdrv-api\api-notify\api-notify.cpp" />
+    <ClCompile Include="..\OpenArkDrv\arkdrv-api\api-object\api-object.cpp" />
     <ClCompile Include="..\OpenArkDrv\arkdrv-api\api-process\api-process.cpp" />
     <ClCompile Include="..\OpenArkDrv\arkdrv-api\api-storage\api-storage.cpp" />
     <ClCompile Include="..\OpenArkDrv\arkdrv-api\api-wingui\api-wingui.cpp" />
@@ -309,6 +310,7 @@
     <ClCompile Include="kernel\memory\memory.cpp" />
     <ClCompile Include="kernel\network\network.cpp" />
     <ClCompile Include="kernel\notify\notify.cpp" />
+    <ClCompile Include="kernel\object\object.cpp" />
     <ClCompile Include="kernel\storage\storage.cpp" />
     <ClCompile Include="kernel\wingui\wingui.cpp" />
     <ClCompile Include="main.cpp" />
@@ -347,6 +349,7 @@
     <ClInclude Include="..\OpenArkDrv\arkdrv-api\api-driver\api-driver.h" />
     <ClInclude Include="..\OpenArkDrv\arkdrv-api\api-memory\api-memory.h" />
     <ClInclude Include="..\OpenArkDrv\arkdrv-api\api-notify\api-notify.h" />
+    <ClInclude Include="..\OpenArkDrv\arkdrv-api\api-object\api-object.h" />
     <ClInclude Include="..\OpenArkDrv\arkdrv-api\api-process\api-process.h" />
     <ClInclude Include="..\OpenArkDrv\arkdrv-api\api-storage\api-storage.h" />
     <ClInclude Include="..\OpenArkDrv\arkdrv-api\api-wingui\api-wingui.h" />
@@ -409,6 +412,12 @@
       <IncludePath Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">.\GeneratedFiles;.;$(QTDIR)\include;.\GeneratedFiles\$(ConfigurationName);$(QTDIR)\include\QtCore;$(QTDIR)\include\QtGui;$(QTDIR)\include\QtANGLE;$(QTDIR)\include\QtNetwork;$(QTDIR)\include\QtWidgets</IncludePath>
       <IncludePath Condition="'$(Configuration)|$(Platform)'=='Release|x64'">.\GeneratedFiles;.;$(QTDIR)\include;.\GeneratedFiles\$(ConfigurationName);$(QTDIR)\include\QtCore;$(QTDIR)\include\QtGui;$(QTDIR)\include\QtANGLE;$(QTDIR)\include\QtNetwork;$(QTDIR)\include\QtWidgets</IncludePath>
     </QtMoc>
+    <QtMoc Include="kernel\object\object.h">
+      <IncludePath Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">.\GeneratedFiles;.\..\OpenArkDrv;.;$(QTDIR)\include;.\GeneratedFiles\$(ConfigurationName);$(QTDIR)\include\QtCore;$(QTDIR)\include\QtGui;$(QTDIR)\include\QtANGLE;$(QTDIR)\include\QtNetwork;$(QTDIR)\include\QtWidgets;$(QTDIR)\include\QtUiTools</IncludePath>
+      <IncludePath Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">.\GeneratedFiles;.\..\OpenArkDrv;.;$(QTDIR)\include;.\GeneratedFiles\$(ConfigurationName);$(QTDIR)\include\QtCore;$(QTDIR)\include\QtGui;$(QTDIR)\include\QtANGLE;$(QTDIR)\include\QtNetwork;$(QTDIR)\include\QtWidgets;$(QTDIR)\include\QtUiTools</IncludePath>
+      <IncludePath Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">.\GeneratedFiles;.\..\OpenArkDrv;.;$(QTDIR)\include;.\GeneratedFiles\$(ConfigurationName);$(QTDIR)\include\QtCore;$(QTDIR)\include\QtGui;$(QTDIR)\include\QtANGLE;$(QTDIR)\include\QtNetwork;$(QTDIR)\include\QtWidgets;$(QTDIR)\include\QtUiTools</IncludePath>
+      <IncludePath Condition="'$(Configuration)|$(Platform)'=='Release|x64'">.\GeneratedFiles;.\..\OpenArkDrv;.;$(QTDIR)\include;.\GeneratedFiles\$(ConfigurationName);$(QTDIR)\include\QtCore;$(QTDIR)\include\QtGui;$(QTDIR)\include\QtANGLE;$(QTDIR)\include\QtNetwork;$(QTDIR)\include\QtWidgets;$(QTDIR)\include\QtUiTools</IncludePath>
+    </QtMoc>
     <ClInclude Include="kernel\wingui\wingui.h" />
     <ClInclude Include="res\resource.h" />
     <QtMoc Include="settings\settings.h" />

src/OpenArk/OpenArk.vcxproj.filters

@@ -147,6 +147,12 @@
     <Filter Include="kernel\arkdrv-api\api-process">
       <UniqueIdentifier>{5c43bebc-7e56-49fc-8b05-d4d9b1bd8659}</UniqueIdentifier>
     </Filter>
+    <Filter Include="kernel\arkdrv-api\api-object">
+      <UniqueIdentifier>{09a5ab93-f89a-4bc2-a217-38b93e6292e6}</UniqueIdentifier>
+    </Filter>
+    <Filter Include="kernel\object">
+      <UniqueIdentifier>{d182a510-0632-4c4a-a913-91db1451a2ef}</UniqueIdentifier>
+    </Filter>
   </ItemGroup>
   <ItemGroup>
     <ClCompile Include="openark\openark.cpp">
@@ -309,6 +315,12 @@
     <ClCompile Include="..\OpenArkDrv\arkdrv-api\api-process\api-process.cpp">
       <Filter>kernel\arkdrv-api\api-process</Filter>
     </ClCompile>
+    <ClCompile Include="..\OpenArkDrv\arkdrv-api\api-object\api-object.cpp">
+      <Filter>kernel\arkdrv-api\api-object</Filter>
+    </ClCompile>
+    <ClCompile Include="kernel\object\object.cpp">
+      <Filter>kernel\object</Filter>
+    </ClCompile>
   </ItemGroup>
   <ItemGroup>
     <QtMoc Include="openark\openark.h">
@@ -368,6 +380,9 @@
     <QtMoc Include="kernel\driver\driver.h">
       <Filter>kernel\driver</Filter>
     </QtMoc>
+    <QtMoc Include="kernel\object\object.h">
+      <Filter>kernel\object</Filter>
+    </QtMoc>
   </ItemGroup>
   <ItemGroup>
     <QtUic Include="ui\process-mgr.ui">
@@ -552,6 +567,9 @@
     <ClInclude Include="..\OpenArkDrv\arkdrv-api\api-process\api-process.h">
       <Filter>kernel\arkdrv-api\api-process</Filter>
     </ClInclude>
+    <ClInclude Include="..\OpenArkDrv\arkdrv-api\api-object\api-object.h">
+      <Filter>kernel\arkdrv-api\api-object</Filter>
+    </ClInclude>
   </ItemGroup>
   <ItemGroup>
     <Image Include="res\OpenArk.ico">

src/OpenArk/kernel/kernel.cpp

@@ -50,13 +50,10 @@ Kernel::Kernel(QWidget *parent, int tabid) :
 {
 	ui.setupUi(this);
 	setAcceptDrops(true);
-	network_ = nullptr;
-	storage_ = nullptr;
-	memory_ = nullptr;
-	driver_ = nullptr;
 
 	network_ = new KernelNetwork(); network_->ModuleInit(&ui, this);
 	storage_ = new KernelStorage(); storage_->ModuleInit(&ui, this);
+	object_ = new KernelObject(); object_->ModuleInit(&ui, this);
 	memory_ = new KernelMemory(); memory_->ModuleInit(&ui, this);
 	driver_ = new KernelDriver(); driver_->ModuleInit(&ui, this);
 

src/OpenArk/kernel/kernel.h

@@ -22,6 +22,7 @@
 #include "../common/ui-wrapper/ui-wrapper.h"
 #include "network/network.h"
 #include "storage/storage.h"
+#include "object/object.h"
 #include "memory/memory.h"
 #include "driver/driver.h"
 
@@ -39,6 +40,7 @@ enum {
 
 class KernelNetwork;
 class KernelStorage;
+class KernelObject;
 class KernelMemory;
 class KernelDriver;
 
@@ -83,6 +85,7 @@ public slots:
 	bool arkdrv_conn_;
 	KernelNetwork *network_;
 	KernelStorage *storage_;
+	KernelObject *object_;
 	KernelMemory *memory_;
 	KernelDriver *driver_;
 

src/OpenArk/kernel/object/object.cpp

@@ -0,0 +1,132 @@
+/****************************************************************************
+**
+** Copyright (C) 2019 BlackINT3
+** Contact: https://github.com/BlackINT3/OpenArk
+**
+** GNU Lesser General Public License Usage (LGPL)
+** Alternatively, this file may be used under the terms of the GNU Lesser
+** General Public License version 2.1 or version 3 as published by the Free
+** Software Foundation and appearing in the file LICENSE.LGPLv21 and
+** LICENSE.LGPLv3 included in the packaging of this file. Please review the
+** following information to ensure the GNU Lesser General Public License
+** requirements will be met: https://www.gnu.org/licenses/lgpl.html and
+** http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
+**
+****************************************************************************/
+#include "object.h"
+#include <arkdrv-api/arkdrv-api.h>
+
+bool ObjectTypesSortFilterProxyModel::lessThan(const QModelIndex &left, const QModelIndex &right) const {
+	auto s1 = sourceModel()->data(left); auto s2 = sourceModel()->data(right);
+	return QString::compare(s1.toString(), s2.toString(), Qt::CaseInsensitive) < 0;
+}
+
+
+KernelObject::KernelObject()
+{
+
+}
+
+KernelObject::~KernelObject()
+{
+
+}
+
+void KernelObject::onTabChanged(int index)
+{
+	CommonTabObject::onTabChanged(index);
+}
+
+bool KernelObject::eventFilter(QObject *obj, QEvent *e)
+{
+	if (e->type() == QEvent::ContextMenu) {
+		QMenu *menu = nullptr;
+		if (obj == ui_->driverView->viewport()) menu = objtypes_menu_;
+		QContextMenuEvent *ctxevt = dynamic_cast<QContextMenuEvent*>(e);
+		if (ctxevt && menu) {
+			menu->move(ctxevt->globalPos());
+			menu->show();
+		}
+	}
+	return QWidget::eventFilter(obj, e);
+}
+
+void KernelObject::ModuleInit(Ui::Kernel *ui, Kernel *kernel)
+{
+	this->ui_ = ui;
+
+	Init(ui->tabStorage, TAB_KERNEL, TAB_KERNEL_STORAGE);
+
+	InitObjectTypesView();
+	InitFileFilterView();
+}
+
+void KernelObject::InitObjectTypesView()
+{
+	objtypes_model_ = new QStandardItemModel;
+	QTreeView *view = ui_->objectTypesView;
+	proxy_unlock_ = new ObjectTypesSortFilterProxyModel(view);
+	proxy_unlock_->setSourceModel(objtypes_model_);
+	proxy_unlock_->setDynamicSortFilter(true);
+	proxy_unlock_->setFilterKeyColumn(1);
+	view->setModel(proxy_unlock_);
+	view->selectionModel()->setModel(proxy_unlock_);
+	view->header()->setSortIndicator(-1, Qt::AscendingOrder);
+	view->setSortingEnabled(true);
+	view->viewport()->installEventFilter(this);
+	view->installEventFilter(this);
+	view->setEditTriggers(QAbstractItemView::NoEditTriggers);
+	std::pair<int, QString> colum_layout[] = {
+		{ 150, tr("TypeObject") },
+		{ 50, tr("TypeIndex") },
+		{ 150, tr("TypeName") },
+		{ 50, tr("TotalObjectsNum") },
+		{ 50, tr("TotalHandlesNum") },
+	};
+	QStringList name_list;
+	for (auto p : colum_layout)  name_list << p.second;
+	objtypes_model_->setHorizontalHeaderLabels(name_list);
+	for (int i = 0; i < _countof(colum_layout); i++) {
+		view->setColumnWidth(i, colum_layout[i].first);
+	}
+	objtypes_menu_ = new QMenu();
+	objtypes_menu_->addAction(tr("Refresh"), this, [&] {});
+
+	ShowObjectTypes();
+}
+
+void KernelObject::InitFileFilterView()
+{
+	fsflt_model_ = new QStandardItemModel;
+	fsflt_model_->setHorizontalHeaderLabels(QStringList() << tr("Name") << tr("Value"));
+	SetDefaultTreeViewStyle(ui_->fsfltView, fsflt_model_);
+	ui_->fsfltView->header()->setSectionResizeMode(QHeaderView::ResizeToContents);
+	ui_->fsfltView->viewport()->installEventFilter(this);
+	ui_->fsfltView->installEventFilter(this);
+	fsflt_menu_ = new QMenu();
+	fsflt_menu_->addAction(tr("ExpandAll"), this, SLOT(onExpandAll()));
+}
+
+void KernelObject::ShowObjectTypes()
+{
+	DISABLE_RECOVER();
+	ClearItemModelData(objtypes_model_, 0);
+
+	QString file = ui_->inputPathEdit->text();
+	std::wstring path;
+	std::vector<OBJECT_TYPE_ITEM> items;
+	ArkDrvApi::Object::ObjectTypeEnum(items);
+	for (auto item : items) {
+		auto item_0 = new QStandardItem(WStrToQ(UNONE::StrFormatW(L"0x%p", item.type_object)));
+		auto item_1 = new QStandardItem(WStrToQ(UNONE::StrFormatW(L"%d", item.type_index)));
+		auto item_2 = new QStandardItem(WStrToQ(item.type_name));
+		auto item_3 = new QStandardItem(WStrToQ(UNONE::StrFormatW(L"%d", item.total_objects)));
+		auto item_4 = new QStandardItem(WStrToQ(UNONE::StrFormatW(L"%d", item.total_handles)));
+		auto count = objtypes_model_->rowCount();
+		objtypes_model_->setItem(count, 0, item_0);
+		objtypes_model_->setItem(count, 1, item_1);
+		objtypes_model_->setItem(count, 2, item_2);
+		objtypes_model_->setItem(count, 3, item_3);
+		objtypes_model_->setItem(count, 4, item_4);
+	}
+}

src/OpenArk/kernel/object/object.h

@@ -0,0 +1,53 @@
+/****************************************************************************
+**
+** Copyright (C) 2019 BlackINT3
+** Contact: https://github.com/BlackINT3/OpenArk
+**
+** GNU Lesser General Public License Usage (LGPL)
+** Alternatively, this file may be used under the terms of the GNU Lesser
+** General Public License version 2.1 or version 3 as published by the Free
+** Software Foundation and appearing in the file LICENSE.LGPLv21 and
+** LICENSE.LGPLv3 included in the packaging of this file. Please review the
+** following information to ensure the GNU Lesser General Public License
+** requirements will be met: https://www.gnu.org/licenses/lgpl.html and
+** http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
+**
+****************************************************************************/
+#pragma once
+#include <windows.h>
+#include <vector>
+#include "ui_kernel.h"
+#include "../kernel.h"
+#include "../common/common.h"
+
+class Ui::Kernel;
+class Kernel;
+
+PROXY_FILTER(ObjectTypesSortFilterProxyModel);
+class KernelObject : public CommonTabObject {
+	Q_OBJECT
+
+public:
+	KernelObject();
+	~KernelObject();
+public:
+	bool eventFilter(QObject *obj, QEvent *e);
+	void ModuleInit(Ui::Kernel *ui, Kernel *kernel);
+
+private slots:
+	void onTabChanged(int index);
+
+private:
+	void ShowObjectTypes();
+	void InitObjectTypesView();
+	void InitFileFilterView();
+
+private:
+	Ui::Kernel *ui_;
+	QMenu *objtypes_menu_;
+	QMenu *fsflt_menu_; 
+	QStandardItemModel *fsflt_model_;
+	QStandardItemModel *objtypes_model_;
+	ObjectTypesSortFilterProxyModel *proxy_unlock_;
+	ObjectTypesSortFilterProxyModel *proxy_fsflt_;
+};

src/OpenArk/process-mgr/process-mgr.cpp

@@ -19,6 +19,7 @@
 #include "../openark/openark.h"
 #include "process-properties.h"
 #include "process-selection.h"
+#include <arkdrv-api/arkdrv-api.h>
 
 // ProcessView's header index
 struct {
@@ -583,6 +584,13 @@ void ProcessMgr::onShowModule()
 	ClearItemModelData(bottom_model_, 0);
 	InitModuleView();
 	DWORD pid = ProcCurPid();
+	bool activate = false;
+	auto &&path = UNONE::PsGetProcessPathW(pid);
+	if (path.empty()) {
+		UNONE::InterCreateTlsValue(ArkDrvApi::Process::OpenProcess, UNONE::PROCESS_VID);
+		path = UNONE::PsGetProcessPathW(pid);
+		activate = true;
+	}
 	UNONE::PsEnumModule(pid, [&](MODULEENTRY32W& entry)->bool{
 		QString modname = WCharsToQ(entry.szModule);
 		QString modpath = WCharsToQ(entry.szExePath);

src/OpenArk/ui/kernel.ui

@@ -38,7 +38,7 @@
       <enum>QTabWidget::West</enum>
      </property>
      <property name="currentIndex">
-      <number>6</number>
+      <number>4</number>
      </property>
      <widget class="QWidget" name="tabKernelEntry">
       <attribute name="title">
@@ -508,6 +508,53 @@
       <attribute name="title">
        <string>Object Manager</string>
       </attribute>
+      <layout class="QVBoxLayout" name="verticalLayout_5">
+       <item>
+        <widget class="QTabWidget" name="tabMemory_2">
+         <property name="currentIndex">
+          <number>0</number>
+         </property>
+         <widget class="QWidget" name="tabMemoryView_2">
+          <property name="sizePolicy">
+           <sizepolicy hsizetype="Expanding" vsizetype="Expanding">
+            <horstretch>0</horstretch>
+            <verstretch>0</verstretch>
+           </sizepolicy>
+          </property>
+          <attribute name="title">
+           <string>ObjectTypes</string>
+          </attribute>
+          <layout class="QHBoxLayout" name="horizontalLayout_2">
+           <item>
+            <widget class="QTreeView" name="objectTypesView"/>
+           </item>
+          </layout>
+         </widget>
+         <widget class="QWidget" name="tabMemoryRegion_2">
+          <attribute name="title">
+           <string>MemoryRegion</string>
+          </attribute>
+          <layout class="QVBoxLayout" name="verticalLayout_21">
+           <property name="spacing">
+            <number>0</number>
+           </property>
+           <property name="leftMargin">
+            <number>0</number>
+           </property>
+           <property name="topMargin">
+            <number>0</number>
+           </property>
+           <property name="rightMargin">
+            <number>0</number>
+           </property>
+           <property name="bottomMargin">
+            <number>0</number>
+           </property>
+          </layout>
+         </widget>
+        </widget>
+       </item>
+      </layout>
      </widget>
      <widget class="QWidget" name="tab_2">
       <attribute name="title">