Added Silo to Job Format.

Author: tyranid

NtApiDotNet/NtJob.cs

@@ -739,11 +739,35 @@ public NtResult<string> QuerySiloRootDirectory(bool throw_on_error)
         {
             using (var buffer = new SafeStructureInOutBuffer<SiloObjectRootDirectory>(64 * 1024, true))
             {
-                return QueryInformation(JobObjectInformationClass.JobObjectSiloRootDirectory, 
+                return QueryInformation(JobObjectInformationClass.JobObjectSiloRootDirectory,
                     buffer, out int length).CreateResult(throw_on_error, () => buffer.Result.Path.ToString());
             }
         }
 
+        /// <summary>
+        /// Get Silo basic information.
+        /// </summary>
+        /// <param name="throw_on_error">True to throw on error.</param>
+        /// <returns>The Silo Basic Information.</returns>
+        public NtResult<SiloObjectBasicInformation> QuerySiloBasicInformation(bool throw_on_error) 
+            => Query<SiloObjectBasicInformation>(JobObjectInformationClass.JobObjectSiloBasicInformation, default, throw_on_error);
+
+        /// <summary>
+        /// Get Silo basic information.
+        /// </summary>
+        /// <param name="throw_on_error">True to throw on error.</param>
+        /// <returns>The Server Silo Basic Information.</returns>
+        public NtResult<ServerSiloBasicInformation> QueryServerSiloBasicInformation(bool throw_on_error) 
+            => Query<ServerSiloBasicInformation>(JobObjectInformationClass.JobObjectServerSiloBasicInformation, default, throw_on_error);
+
+        /// <summary>
+        /// Get Silo user shared data.
+        /// </summary>
+        /// <param name="throw_on_error">True to throw on error.</param>
+        /// <returns>The Silo User Shared Data.</returns>
+        public NtResult<SiloUserSharedData> QuerySiloUserSharedData(bool throw_on_error) 
+            => Query<SiloUserSharedData>(JobObjectInformationClass.JobObjectServerSiloUserSharedData, default, throw_on_error);
+
         /// <summary>
         /// Method to query information for this object type.
         /// </summary>

NtObjectManager/Cmdlets/Object/FormatNtJobCmdlet.cs

@@ -125,6 +125,40 @@ private void FormatUILimits(NtJob job)
             WriteObject(string.Empty);
         }
 
+        private void FormatSilo(NtJob job)
+        {
+            var basic_info = job.QuerySiloBasicInformation(false);
+            if (!basic_info.IsSuccess)
+                return;
+            WriteObject("[Silo]");
+            WriteObject($"Silo ID       : {basic_info.Result.SiloId}");
+            WriteObject($"Silo Parent ID: {basic_info.Result.SiloParentId}");
+            WriteObject($"Process Count : {basic_info.Result.NumberOfProcesses}");
+            WriteObject(string.Empty);
+            if (!basic_info.Result.IsInServerSilo)
+                return;
+            var server_info = job.QueryServerSiloBasicInformation(false);
+            if (!server_info.IsSuccess)
+                return;
+            WriteObject("[Server Silo]");
+            WriteObject($"Session ID    : {server_info.Result.ServiceSessionId}");
+            WriteObject($"Exit Status   : {server_info.Result.ExitStatus}");
+            WriteObject($"State         : {server_info.Result.State}");
+            WriteObject($"Downlevel     : {server_info.Result.IsDownlevelContainer}");
+            WriteObject(string.Empty);
+            var user_data = job.QuerySiloUserSharedData(false);
+            if (!user_data.IsSuccess)
+                return;
+            WriteObject($"Console ID    : {user_data.Result.ActiveConsoleId}");
+            WriteObject($"Foreground PID: {user_data.Result.ConsoleSessionForegroundProcessId}");
+            WriteObject($"Service SID   : {user_data.Result.ServiceSessionId}");
+            WriteObject($"User SID      : {user_data.Result.SharedUserSessionId}");
+            WriteObject($"System Root   : {user_data.Result.NtSystemRoot}");
+            WriteObject($"NT Product    : {user_data.Result.NtProductType}");
+            WriteObject($"Multisession  : {user_data.Result.IsMultiSessionSku}");
+            WriteObject(string.Empty);
+        }
+
         private void FormatJob(NtJob job)
         {
             if (Filter.HasFlag(JobFormatFilter.BasicInfo))
@@ -143,6 +177,10 @@ private void FormatJob(NtJob job)
             {
                 FormatUILimits(job);
             }
+            if (Filter.HasFlag(JobFormatFilter.Silo))
+            {
+                FormatSilo(job);
+            }
         }
 
         private void FormatJobs(IEnumerable<NtJob> jobs)

NtObjectManager/Cmdlets/Object/JobFormatFilter.cs

@@ -39,8 +39,12 @@ public enum JobFormatFilter
         /// </summary>
         UILimits = 8,
         /// <summary>
+        /// Silo information.
+        /// </summary>
+        Silo = 0x10,
+        /// <summary>
         /// Display all formats.
         /// </summary>
-        All = BasicLimits | ProcessList | BasicInfo | UILimits
+        All = BasicLimits | ProcessList | BasicInfo | UILimits | Silo
     }
 }