Add Service.set_launch_protected, get_launch_protected
#138
+69
−0
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
kkent030315
suggested changes
Jul 27, 2025
Contributor
kkent030315
left a comment
kkent030315
left a comment
There was a problem hiding this comment.
Thank you for this great patch. I am also waiting this PR to be merged!
| /// for more information. | ||
| #[derive(Debug, Clone, Copy, PartialEq, Eq, Hash)] | ||
| #[repr(u32)] | ||
| pub enum ServiceLaunchProtected { |
Contributor
There was a problem hiding this comment.
It seems like they are inserting newline after each field so it's better to follow in this enum. Also, you could add doc comments for each field.
Suggested change
| pub enum ServiceLaunchProtected { | |
| pub enum ServiceLaunchProtected { | |
| /// No launch protection. The service can be modified or replaced without restriction. | |
| None = Services::SERVICE_LAUNCH_PROTECTED_NONE, | |
| /// Launch protection for Windows components. | |
| Windows = Services::SERVICE_LAUNCH_PROTECTED_WINDOWS, | |
| /// A lighter version of Windows launch protection. | |
| WindowsLight = Services::SERVICE_LAUNCH_PROTECTED_WINDOWS_LIGHT, | |
| /// Launch protection used by antimalware (ELAM) services. | |
| AntimalwareLight = Services::SERVICE_LAUNCH_PROTECTED_ANTIMALWARE_LIGHT, | |
| } |
src/service.rs
Outdated
| *self as u32 | ||
| } | ||
|
|
||
| pub fn from_raw(raw: u32) -> crate::Result<ServiceLaunchProtected> { |
Contributor
There was a problem hiding this comment.
I think you can turn this whole function into TryFrom trait impl.
impl TryFrom<u32> for ServiceLaunchProtected {
type Error = Error;
fn try_from(value: u32) -> Result<Self, Self::Error> {
match value {
Services::SERVICE_LAUNCH_PROTECTED_NONE => Ok(ServiceLaunchProtected::None),
Services::SERVICE_LAUNCH_PROTECTED_WINDOWS => Ok(ServiceLaunchProtected::Windows),
Services::SERVICE_LAUNCH_PROTECTED_WINDOWS_LIGHT => {
Ok(ServiceLaunchProtected::WindowsLight)
}
Services::SERVICE_LAUNCH_PROTECTED_ANTIMALWARE_LIGHT => {
Ok(ServiceLaunchProtected::AntimalwareLight)
}
_ => Err(Error::ParseValue(
"Invalid launch protection value",
ParseRawError::InvalidInteger(value),
)),
}
}
}
src/service.rs
Outdated
| /// Get service launch protection. | ||
| /// This is a security feature that allows the service to run in a more secure environment. | ||
| pub fn get_launch_protected(&self) -> crate::Result<ServiceLaunchProtected> { | ||
| let mut data = vec![0u8; std::mem::size_of::<Services::SERVICE_LAUNCH_PROTECTED_INFO>()]; |
Contributor
There was a problem hiding this comment.
No allocation is actually required here since the size is known at compile-time. You can remove vec! so that it forces data to be on a stack.
Suggested change
| let mut data = vec![0u8; std::mem::size_of::<Services::SERVICE_LAUNCH_PROTECTED_INFO>()]; | |
| let mut data = [0u8; std::mem::size_of::<Services::SERVICE_LAUNCH_PROTECTED_INFO>()]; |
| ) | ||
| .map_err(Error::Winapi) | ||
| } | ||
| } |
Contributor
There was a problem hiding this comment.
Put an newline between function definitions :)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Adds launch-protection support to the crate.
A new ServiceLaunchProtected enum (wrapping the four SERVICE_LAUNCH_PROTECTED_* constants) is introduced together with the public helpers Service::set_launch_protected and Service::get_launch_protected, which use SERVICE_CONFIG_LAUNCH_PROTECTED internally. The change is purely additive and does not modify existing APIs.
This change is