7

Is it possible to call the kernel Native APIs from within a Delphi application? Like nt and zw syscalls.

Warren P
  • 65,725
  • 40
  • 181
  • 316
n1kita
  • 263
  • 1
  • 5
  • 15
  • but we can call nt and zw syscalls in a usermode c/c++ program, they are not only for drivers – n1kita Feb 17 '13 at 12:33
  • 1
    Formally you can write a driver in Delphi like in c/c++, there are no language limitations. The only practical problem is that delphi driver frameworks do not exist. – kludg Feb 17 '13 at 13:01
  • @Serg I'm not sure it's practical in Delphi to write a driver. How do you package the code up? Drivers aren't DLL or EXE files. – David Heffernan Feb 17 '13 at 13:07
  • I thinks drivers are executables either, because they have PE header like other common executables.Serg is write, there is no limitation in writing drivers just in C/C++, there is lack of framework and header translation for delphi. – n1kita Feb 17 '13 at 13:12
  • 2
    re Delphi drivers: http://stackoverflow.com/questions/2263474/can-i-write-windows-drivers-with-delphi-2010 – David Heffernan Feb 17 '13 at 13:24
  • 4
    [Nt vs. Zw - Clearing Confusion On The Native API](http://www.osronline.com/custom.cfm?name=articlePrint.cfm&id=257) – kobik Feb 17 '13 at 13:59

2 Answers2

14

You can indeed call the native API from Delphi.

Delphi does not ship with header translations for the native API. So you need to provide your own, or use a pre-existing translation. For example. the JEDI translation of the NT API.

David Heffernan
  • 601,492
  • 42
  • 1,072
  • 1,490
11

As David Heffernan says it's perfectly possible to use the Native API from usermode and thus Delphi. You will need the JwaNative unit from the Jedi Apilib.

Here is small example to enumerate processes using the Native API: (TProcessList is a descendant from TObjectList but the relevant part is the call to NtQuerySystemInformation)

function EnumProcesses: TProcessList;
var
  Current: PSystemProcesses;
  SystemProcesses : PSystemProcesses;
  dwSize: DWORD;
  nts: NTSTATUS;
begin
  Result := TProcessList.Create;

  dwSize := 200000;
  SystemProcesses := AllocMem(dwSize);

  nts := NtQuerySystemInformation(SystemProcessesAndThreadsInformation,
      SystemProcesses, dwSize, @dwSize);

  while nts = STATUS_INFO_LENGTH_MISMATCH do
  begin
    ReAllocMem(SystemProcesses, dwSize);
    nts := NtQuerySystemInformation(SystemProcessesAndThreadsInformation,
      SystemProcesses, dwSize, @dwSize);
  end;

  if nts = STATUS_SUCCESS then
  begin
    Current := SystemProcesses;
    while True do
    begin
      Result.Add(TProcess.Create(Current^));
      if Current^.NextEntryDelta = 0 then
        Break;

      Current := PSYSTEM_PROCESSES(DWORD_PTR(Current) + Current^.NextEntryDelta);
    end;
  end;

  FreeMem(SystemProcesses);
end;
Remko
  • 7,214
  • 2
  • 32
  • 52
  • Are you an author of JwaNative? – David Heffernan Feb 17 '13 at 15:10
  • Off-topic: Is it me, or is it really hard to find JEDI through websearch. Whenever I try, I always find loads of links to seemingly lots of different sites. And are there lots of different projects? Perhaps that's what confuses me. – David Heffernan Feb 17 '13 at 15:17
  • @DavidHeffernan Project Jedi is fragmented but we share shortage on resources (hint)... – Remko Feb 17 '13 at 21:48
  • What resources are Jedi looking for? – David Heffernan Feb 17 '13 at 21:49
  • Exactly we need tools that turn C headers into Delphi so we can definitely use both @DavidHeffernan and @WarrenP! – Remko Feb 19 '13 at 15:53
  • 1
    @Remko I'm sure I could translate a few C headers. Sounds like fun. The JEDI project that I'd quite like to get involved in is `JclExprEval` mainly because I'm using it and found a few bugs and have some enhancement suggestions. I've reported them on the JEDI bug tracker but I suspect that code doesn't have an active maintainer. How could I go about getting involved? – David Heffernan Feb 20 '13 at 15:45
  • @Remko I know this is an old thread but I really have to ask- what's the point in the Jedi projects when there are hardly any demos, documentation or even list of things I can use them for? Just nothing but the source? I read somewhere I could use Jedi to create a driver for virtual disk. Nothing more- no class name, no sample, nothing. – Tom May 23 '13 at 12:17
  • 1
    @Tom you mean demos [like this one](https://bitbucket.org/assarbad/objmgr-viewer/src/default/)? Perhaps your websearch-fu is weak? ;) ... there are actually plenty of samples out there. But it's true, JEDI *is a bloody mess*. It's badly fragmented and hard to find *the* information needed. This wasn't exactly better in Borland days, but at least it was *less* fragmented at the time. Also with JEDI we've seen lots of ideas in the past and little willingness to invest own time and effort. Of course I am speaking from experience about 15 years ago, so it may not be representative of today. – 0xC0000022L Nov 07 '18 at 13:42
  • @0xC0000022L I asked this 5 years ago but thanks or an answer :D – Tom Nov 10 '18 at 01:13
  • 1
    @Tom: I know, which means I haven't touched Delphi 5 years longer than 5 years ago. Just thought it'd be nice to point you to sample code, you or future visitors may benefit from it. – 0xC0000022L Nov 10 '18 at 21:54
  • Does anyone know of any examples of using JwaNative for Windows LPC ? – wchips Feb 28 '21 at 16:54