0x2B|~0x2B – My broken wings still strong enough to cross the ocean with.

Some WordPress Hardening Work

Posted on 2025-04-29 by gonwan — No Comments ↓

1. Disable File Access

<Files "wp-config.php">
  Require all denied
</Files>
<Files "xmlrpc.php">
  Require all denied
</Files>

Require all denied

</Files>

Require all denied

</Files>

2. Disable Json API

Via Disable WP REST API. Activate and it just works.

3. Hide Login Page

Via WPS Hide Login.

4. Hide Server Info

Via mod_security. Install and add config in /etc/apache2/mods-enabled/security2.conf:

SecServerSignature "gws"

1	SecServerSignature "gws"

5. Disallow IFrame Embedding

To avoid clickjacking attacks:

Header always set X-Frame-Options "SAMEORIGIN"

1	Header always set X-Frame-Options "SAMEORIGIN"

6. More Fail2ban Rules

Including 400/403/404 error and directory listing filters.

Coroutines in C++/Boost (2)

Posted on 2025-04-15 by gonwan — No Comments ↓

Also see my previous article: Coroutines in C++/Boost.

C++ finally has a native implementation in C++20. The principal difference between coroutines and routines is that a coroutine enables explicit suspend and resume of its progress via additional operations by preserving execution state and thus provides an enhanced control flow (maintaining the execution context).

1. Aymmetric vs Symmetric

From boost:

An asymmetric coroutine knows its invoker, using a special operation to implicitly yield control specifically to its invoker.

By contrast, all symmetric coroutines are equivalent; one symmetric coroutine may pass control to any other symmetric coroutine. Because of this, a symmetric coroutine must specify the coroutine to which it intends to yield control.

So C++20 coroutines are asymmetric ones. A coroutine only knows its parent. With the dependency, symmetric corouines can be chained, just like a normal function calls another one. No goto semantics as with a symmetric one.

C++23 generators are also asymmetric. They are resumed repeatedly to generate a series of return values.

2. Stackless vs Stackful

Again From boost:

In contrast to a stackless coroutine, a stackful coroutine can be suspended from within a nested stackframe. Execution resumes at exactly the same point in the code where it was suspended before.

With a stackless coroutine, only the top-level routine may be suspended. Any routine called by that top-level routine may not itself suspend. This prohibits providing suspend/resume operations in routines within a general-purpose library.

Well, these two are confusing. Tutorials and Blogs have different description. To make it simple, if there is await/yield definition, it’s stackless. Then if there is something called Fiber in the language, it’s stackful.

Fibers are just like threads, they can be suspended at any stackframe. While await/yield is used as a suspend point, a stackless coroutine can only suspend at exactly that point.

A stackless coroutine shares a default stack among all the coroutines, while a stackful coroutine assigns a separate stack to each coroutine. With stackless coroutine, the code is transformed into event handlers at compile time, and driven by an event engine at run time, i.e. the scheduler of stackless coroutine. Transferring control of CPU to a stackless coroutine is merely a function call with an argument pointing to its context. Conversely, transferring CPU control to a stackful coroutine requires a context switch.

Here’s a summary of how coroutine is implemented in most popular programming languages.

Language	Stackful coroutines (Fibers)	Stackless coroutines (await/yield)
Java	(Y2023) Virtual threads in Java 21	n/a
C	n/a	n/a
C++	n/a	(Y2020) co_await, co_yield, co_return in C++ 20
Python	n/a	(Y2015) async, await/yield in Python 3.5
C#	n/a	(Y2012) async, await/yield in C# 5.0
Javascript	n/a	(Y2017) async, await/yield in ES 2017
PHP	(Y2021) Fiber in PHP 8.1	n/a
Go	(Y2012) Goroutine in Go 1.0 (Y2020) asynchronously preemptible in 1.14	n/a
Objective-C	n/a	n/a
Swift	n/a	(Y2021) async, await/yield in Swift 5.5
Rust	n/a	(Y2019) async, await in Rust 1.39

Reference

– Boost.Coroutine2
– Fibers under the magnifying glass
– Stackful Coroutine Made Fast

Uniform look for Qt and GTK applications

Posted on 2025-04-13 by gonwan — No Comments ↓

See: https://wiki.archlinux.org/title/Uniform_look_for_Qt_and_GTK_applications

Theme: The custom appearance of an application, widget set, etc. It usually consists of a style, an icon theme and a color theme.
Style: The graphical layout and look of the widget set.
Icon Theme: A set of global icons.
Color Theme: A set of global colors that are used in conjunction with the style.

Actually a theme also controls fonts, and native dialogs, like open file dialog. How to write a Qt style is covered here.

I’m running Linuxmint 22 with Arc theme on my desktop. Fusion theme is used by default for Qt applications. They removed qt5ct in Linuxmint 22 in a fresh install. But it seems to be the best solution so far. Following is a comparison among the possible apporoaches, when run a Qt application. Which means launch a Qt applicaton by:

# QT_DEBUG_PLUGINS=1 QT_AUTO_SCREEN_SCALE_FACTOR=1 QT_QPA_PLATFORMTHEME=?? QT_STYLE_OVERRIDE=?? <app>  
# QT_DEBUG_PLUGINS=1 QT_AUTO_SCREEN_SCALE_FACTOR=1 QT_QPA_PLATFORMTHEME=qt5ct QT_STYLE_OVERRIDE= vlc

1 2	# QT_DEBUG_PLUGINS=1 QT_AUTO_SCREEN_SCALE_FACTOR=1 QT_QPA_PLATFORMTHEME=?? QT_STYLE_OVERRIDE=?? <app> # QT_DEBUG_PLUGINS=1 QT_AUTO_SCREEN_SCALE_FACTOR=1 QT_QPA_PLATFORMTHEME=qt5ct QT_STYLE_OVERRIDE= vlc

	has theme?	has style?	QT_QPA_ PLATFORMTHEME	QT_STYLE_ OVERRIDE	Description
Gtk2	Yes	Yes	gtk2	gtk2 or empty	Good for widgets, indicators in radio button and checkbox can be styled, follows current Gtk theme. But It has HiDPI issues, and certianly not maintained.
Gtk3	Yes	No	gtk3 or empty	values in qt5ct	No style plugin. Fusion is used by default, which is not consistent with other themed Gtk applications.
qt5ct	Yes	Yes	qt5ct	values in qt5ct	A proxy style used, amost no difference to the default style. Fusion is used by default, which is not consistent with other themed Gtk applications. Color scheme and font can be further customized. Button indicators are not styled.
Kvantum	Yes	Yes	qt5ct	kvantum	Use Kvantum Manager to further customize the theme. Button indicators are styled. KvArc theme is provided, but is still somehow different in visual. Kvantum also installs several KDE component, which is odd.

So my final solution is: using qt5ct with customized color scheme and font. Color scheme defined:

[ColorScheme]
active_colors=   #5c616c, #f5f6f7, #ffffff, #f3f3f3, #9f9d9a, #b8b5b2, #5c616c, #000000, #5c616c, #ffffff, #f5f6f7, #000000, #5294e2, #ffffff, #5294e2, #5c616c, #f3f3f3, #000000, #4b5162, #d3dae3, #805c616c
disabled_colors= #a9acb2, #fbfcfc, #ffffff, #f3f3f3, #9f9d9a, #b8b5b2, #a9acb2, #000000, #a9acb2, #f5f6f7, #fbfcfc, #000000, #5294e2, #ffffff, #5294e2, #a9acb2, #f3f3f3, #000000, #4b5162, #d3dae3, #80a9acb2
inactive_colors= #5c616c, #f5f6f7, #ffffff, #f3f3f3, #9f9d9a, #b8b5b2, #5c616c, #000000, #5c616c, #ffffff, #f5f6f7, #000000, #5294e2, #ffffff, #5294e2, #5c616c, #f3f3f3, #000000, #4b5162, #d3dae3, #805c616c

[ColorScheme]

active_colors= #5c616c, #f5f6f7, #ffffff, #f3f3f3, #9f9d9a, #b8b5b2, #5c616c, #000000, #5c616c, #ffffff, #f5f6f7, #000000, #5294e2, #ffffff, #5294e2, #5c616c, #f3f3f3, #000000, #4b5162, #d3dae3, #805c616c

disabled_colors= #a9acb2, #fbfcfc, #ffffff, #f3f3f3, #9f9d9a, #b8b5b2, #a9acb2, #000000, #a9acb2, #f5f6f7, #fbfcfc, #000000, #5294e2, #ffffff, #5294e2, #a9acb2, #f3f3f3, #000000, #4b5162, #d3dae3, #80a9acb2

inactive_colors= #5c616c, #f5f6f7, #ffffff, #f3f3f3, #9f9d9a, #b8b5b2, #5c616c, #000000, #5c616c, #ffffff, #f5f6f7, #000000, #5294e2, #ffffff, #5294e2, #5c616c, #f3f3f3, #000000, #4b5162, #d3dae3, #805c616c

[ColorScheme]
active_colors=   #d3dae3, #383c4a, #979797, #5e5c5b, #302f2e, #4a4947, #d3dae3, #ffffff, #d3dae3, #404552, #383c4a, #000000, #5294e2, #ffffff, #5294e2, #d3dae3, #3e4350, #000000, #4b5162, #d3dae3, #80d3dae3
disabled_colors= #7c818c, #3e4350, #979797, #5e5c5b, #302f2e, #4a4947, #7c818c, #ffffff, #7c818c, #383c4a, #3e4350, #000000, #5294e2, #ffffff, #5294e2, #7c818c, #3e4350, #000000, #4b5162, #d3dae3, #807c818c
inactive_colors= #d3dae3, #383c4a, #979797, #5e5c5b, #302f2e, #4a4947, #d3dae3, #ffffff, #d3dae3, #404552, #383c4a, #000000, #5294e2, #ffffff, #5294e2, #d3dae3, #3e4350, #000000, #4b5162, #d3dae3, #80d3dae3

[ColorScheme]

active_colors= #d3dae3, #383c4a, #979797, #5e5c5b, #302f2e, #4a4947, #d3dae3, #ffffff, #d3dae3, #404552, #383c4a, #000000, #5294e2, #ffffff, #5294e2, #d3dae3, #3e4350, #000000, #4b5162, #d3dae3, #80d3dae3

disabled_colors= #7c818c, #3e4350, #979797, #5e5c5b, #302f2e, #4a4947, #7c818c, #ffffff, #7c818c, #383c4a, #3e4350, #000000, #5294e2, #ffffff, #5294e2, #7c818c, #3e4350, #000000, #4b5162, #d3dae3, #807c818c

inactive_colors= #d3dae3, #383c4a, #979797, #5e5c5b, #302f2e, #4a4947, #d3dae3, #ffffff, #d3dae3, #404552, #383c4a, #000000, #5294e2, #ffffff, #5294e2, #d3dae3, #3e4350, #000000, #4b5162, #d3dae3, #80d3dae3

Copy those 2 file into ~/.config/qt5ct/color, open qt5ct:

Go to Appearance –> Platte –> Check custom and select arc.
Go to Fonts –> Select your Gnome/Cinnamon font.
Go to Icon Theme –> Select your Gnome/Cinnamon icon theme.
Open ~/.config/qt5ct/qt5ct.conf, change standard_dialogs=default to standard_dialogs=gtk3.

See the difference:
vlc_default
vlc_themed

Upgrading Ubuntu 24.04 Network Configuration

Posted on 2025-04-12 by gonwan — No Comments ↓

Debian/Ubuntu and RHEL/AlmaLinux have different network configuration utilities. RHEL 9 has deprecated ifcfg-files, and adopted NetworkManager. There is no ifup or ifdown any more after a fresh installation. Since my server was first installed using Ubuntu 14.04, it still uses these scripts. Time to move on.

1. ifupdown

Netplan is used to configure networking in Ubuntu 18.04 and later. Ubuntu Server is packaged with systemd-networkd as the backend for Netplan, while NetworkManager is used as the Netplan backend in Ubuntu Desktop. Install by:

# sudo apt-get install netplan.io

1	# sudo apt-get install netplan.io

Get current network status by:

# sudo netplan status
...
●  1: lo ethernet UNKNOWN/UP (unmanaged)
      MAC Address: 00:00:00:00:00:00
...
●  3: eth0 ethernet UP (unmanaged)
      MAC Address: f2:3c:91:6e:3b:e1 (Red Hat, Inc.)
...

# sudo netplan status

...

● 1: lo ethernet UNKNOWN/UP (unmanaged)

MAC Address: 00:00:00:00:00:00

...

● 3: eth0 ethernet UP (unmanaged)

MAC Address: f2:3c:91:6e:3b:e1 (Red Hat, Inc.)

...

eth0 is unmanaged, since ifupdown is used. The config file is /etc/network/interfaces.

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet dhcp

# This file describes the network interfaces available on your system

# and how to activate them. For more information, see interfaces(5).

# The loopback network interface

auto lo

iface lo inet loopback

# The primary network interface

auto eth0

iface eth0 inet dhcp

2. networkd

Create a config file /etc/netplan/50-cloud-init.yaml

network:
  version: 2
  ethernets:
    eth0:
      dhcp4: true

network:

version: 2

ethernets:

eth0:

dhcp4: true

This file is create by cloud-init if fresh installed. I kept the name. networkd comes with systemd, no need to install it again. Apply it by:

# sudo netplan generate
# sudo netplan try

1 2	# sudo netplan generate # sudo netplan try

Now, eth0 should be managed by networkd:

# sudo netplan status
...
●  1: lo ethernet UNKNOWN/UP (unmanaged)
      MAC Address: 00:00:00:00:00:00
...
●  3: eth0 ethernet UP (networkd: eth0)
      MAC Address: f2:3c:91:6e:3b:e1 (Red Hat, Inc.)
...

# sudo netplan status

...

● 1: lo ethernet UNKNOWN/UP (unmanaged)

MAC Address: 00:00:00:00:00:00

...

● 3: eth0 ethernet UP (networkd: eth0)

MAC Address: f2:3c:91:6e:3b:e1 (Red Hat, Inc.)

...

The generated config file can be found in /run/systemd/network/10-netplan-eth0.network. System config files located in /etc/systemd/networkd.conf & /usr/lib/systemd/network/.

3. NetworkManager

NetworkManager can also be used for servers. Install by:

# sudo apt-get install network-manager network-manager-config-connectivity-ubuntu

1	# sudo apt-get install network-manager network-manager-config-connectivity-ubuntu

Create a config file /etc/netplan/01-network-manager-all.yaml.

# Let NetworkManager manage all devices on this system
network:
  version: 2
  renderer: NetworkManager

# Let NetworkManager manage all devices on this system

network:

version: 2

renderer: NetworkManager

This file is create by Ubuntu installer if fresh installed. I kept the name. Verify the merged config by running:

# sudo netplan get
network:
  version: 2
  renderer: NetworkManager
  ethernets:
    eth0:
      dhcp4: true

# sudo netplan get

network:

version: 2

renderer: NetworkManager

ethernets:

eth0:

dhcp4: true

NOTE, one additional step need to be performed, /etc/network/interfaces must *not* exist. NetworkManager has a plugin to parse the file. Backup it, so that you can roll back to ifupdown if something goes wrong. Apply it by:

# sudo netplan generate
# sudo netplan try

1 2	# sudo netplan generate # sudo netplan try

Now, eth0 should be managed by NetworManager:

# sudo netplan status
...
●  1: lo ethernet UNKNOWN/UP (unmanaged)
      MAC Address: 00:00:00:00:00:00
...
●  3: eth0 ethernet UP (NetworManager: eth0)
      MAC Address: f2:3c:91:6e:3b:e1 (Red Hat, Inc.)
...

# sudo netplan status

...

● 1: lo ethernet UNKNOWN/UP (unmanaged)

MAC Address: 00:00:00:00:00:00

...

● 3: eth0 ethernet UP (NetworManager: eth0)

MAC Address: f2:3c:91:6e:3b:e1 (Red Hat, Inc.)

...

The generated config file can be found in /run/NetworkManager/system-connections/netplan-eth0.nmconnection. System config files located in /etc/NetworkManager/NetworkManager.conf & /usr/lib/NetworkManager/. On systems before RHEL 9, /run may be /var/run. When NetworkManager starts and finds no connection for a device it might create an in-memory connection. No config file is created. The no-auto-default configuration disables that behavior. Check systemd log for details:

# sudo journalctl -u NetworkManager
...
ifcfg-rh: add connection in-memory (a05d8c6f-fa6f-34c9-bee0-09b029470893,"Wired connection 1")
...

# sudo journalctl -u NetworkManager

...

ifcfg-rh: add connection in-memory (a05d8c6f-fa6f-34c9-bee0-09b029470893,"Wired connection 1")

...

More info can be found in Debian documents. Useful commands include: NetworkManager --print-config, nmcli device & nmcli connection.

4. Clean ups

Now, you can safely remove ifupdown, and the networking systemd service will be removed too.

# sudo apt-get purge ifupdown

1	# sudo apt-get purge ifupdown

5. iptables

An ifupdown script was add to persist iptables rules.

# cat /etc/network/if-pre-up.d/firewall 
sudo /usr/sbin/iptables-restore < /etc/iptables.firewall.rules

1 2	# cat /etc/network/if-pre-up.d/firewall sudo /usr/sbin/iptables-restore < /etc/iptables.firewall.rules

This can be migrated by installing iptables-persistent:

# sudo apt-get install iptables-persistent

1	# sudo apt-get install iptables-persistent

Keyboard Backlight Control on Lenovo Ideapad & Xiaoxin Models

Posted on 2025-04-11 by gonwan — No Comments ↓

Ever found the keyboard backlight annoying? It keeps turnning on when booting Windows, and there is no configuration to disable it permanently in any Lenovo Utilities.

Just did some reverse engineering to find how to control keyboard backlight programmatically. The principal is simple, use \\.\EnergyDrv device exposed by Lenovo ACPI energy management driver. It is capable of controlling all keyboard backlight levels. Also other capabilities available 🙂 . See code:

#include <windows.h>
#include <stdio.h>
#include <stdlib.h>
#include <stdint.h>


#define IOCTL_BACKLIGHT         0x83102144

#define BACKLIGHT_CAPABILITY    0x01
#define BACKLIGHT_STATUS        0x32
#define BACKLIGHT_OFF           0x00033
#define BACKLIGHT_LEVEL1        0x10033
#define BACKLIGHT_LEVEL2        0x20033
#define BACKLIGHT_AUTO          0x30033


char *get_base_name(char *path)
{
    if (!path) {
        return NULL;
    }
    char *an = NULL;
    char *p = path;
    while (*p++) {
        if (*p == '\\' || *p == '/') {
            an = p;
        }
    }
    return (an == NULL) ? path : (an + 1);
}

uint32_t device_io_control(HANDLE drv_handle, uint32_t func)
{
    char outbuff[4] = { 0 };
    DWORD ret_len = 0;
    if (DeviceIoControl(drv_handle, IOCTL_BACKLIGHT, &func, sizeof(func), outbuff, sizeof(outbuff), &ret_len, NULL)) {
        outbuff[ret_len] = '\0';
        return (outbuff[3] << 24) | (outbuff[2] << 16) | (outbuff[1] << 8) | outbuff[0];
    } else {
        fprintf(stderr, "Error: DeviceIoControl failed, func=%d\n", func);
        return (uint32_t) -1;
    }
}

uint32_t get_backlight_capability(HANDLE drv_handle)
{
    return device_io_control(drv_handle, BACKLIGHT_CAPABILITY);
}

uint32_t get_backlight_status(HANDLE drv_handle)
{
    return device_io_control(drv_handle, BACKLIGHT_STATUS);
}

uint32_t set_backlight_level(HANDLE drv_handle, int level)
{
    uint32_t func = BACKLIGHT_AUTO;
    switch (level) {
        case 0:
            func = BACKLIGHT_OFF;
            break;
        case 1:
            func = BACKLIGHT_LEVEL1;
            break;
        case 2:
            func = BACKLIGHT_LEVEL2;
            break;
    }
    return device_io_control(drv_handle, func);
}

int main(int argc, char *argv[])
{
    if (argc != 2) {
        fprintf(stderr, "Usage: %s [0|1|2|3]\n", get_base_name(argv[0]));
        return -1;
    }
    int level = (int) strtol(argv[1], NULL, 0);
    if (level < 0 || level > 3) {
        fprintf(stderr, "Usage: %s [0|1|2|3]\n", get_base_name(argv[0]));
        return -1;
    }
    /* open */
    HANDLE drv_handle = CreateFileA("\\\\.\\EnergyDrv", GENERIC_READ, 0, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
    if (drv_handle == INVALID_HANDLE_VALUE) {
        fprintf(stderr, "Error: Failed to find device, make sure Lenovo energy management driver is installed!\n");
        return -1;
    }
    /* run */
    do {
        /* cap */
        uint32_t cap = get_backlight_capability(drv_handle);
        if (cap == (uint32_t) -1) {
            break;
        }
        if ((cap & 1) != 1) {
            fprintf(stderr, "Error: Failed to get capability!\n");
            break;
        }
        if ((cap >> 1) != 3) {
            fprintf(stderr, "Error: Auto-level not supported!\n");
            break;
        }
        /* status */
        uint32_t status = get_backlight_status(drv_handle);
        if (status == (uint32_t) -1) {
            break;
        }
        if ((status & 1) != 1) {
            fprintf(stderr, "Error: Failed to get current status!\n");
            break;
        }
        status = status >> 1;
        if ((status & 0x8000) != 0x8000) {
            fprintf(stderr, "Error: Cannot set backlight when keyboard is disabled!\n");
            break;
        }
        int curr_level = -1;
        switch (status & 0x7fff) {
            case 0:
                curr_level = 0;
                break;
            case 1:
                curr_level = 1;
                break;
            case 2:
                curr_level = 2;
                break;
            case 3:
                curr_level = 3;
                break;
        }
        printf("Current level: %d\n", curr_level);
        set_backlight_level(drv_handle, level);
        printf("Finished setting level: %d\n", level);
    } while (FALSE);
    /* close */
    CloseHandle(drv_handle);
    return 0;
}

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

#include <windows.h>

#include <stdio.h>

#include <stdlib.h>

#include <stdint.h>

#define IOCTL_BACKLIGHT 0x83102144

#define BACKLIGHT_CAPABILITY 0x01

#define BACKLIGHT_STATUS 0x32

#define BACKLIGHT_OFF 0x00033

#define BACKLIGHT_LEVEL1 0x10033

#define BACKLIGHT_LEVEL2 0x20033

#define BACKLIGHT_AUTO 0x30033

char *get_base_name(char *path)

{

if (!path) {

return NULL;

}

char *an = NULL;

char *p = path;

while (*p++) {

if (*p == '\\' || *p == '/') {

an = p;

}

return (an == NULL) ? path : (an + 1);

}

uint32_t device_io_control(HANDLE drv_handle, uint32_t func)

{

char outbuff[4] = { 0 };

DWORD ret_len = 0;

if (DeviceIoControl(drv_handle, IOCTL_BACKLIGHT, &func, sizeof(func), outbuff, sizeof(outbuff), &ret_len, NULL)) {

outbuff[ret_len] = '\0';

return (outbuff[3] << 24) | (outbuff[2] << 16) | (outbuff[1] << 8) | outbuff[0];

} else {

fprintf(stderr, "Error: DeviceIoControl failed, func=%d\n", func);

return (uint32_t) -1;

}

uint32_t get_backlight_capability(HANDLE drv_handle)

{

return device_io_control(drv_handle, BACKLIGHT_CAPABILITY);

}

uint32_t get_backlight_status(HANDLE drv_handle)

{

return device_io_control(drv_handle, BACKLIGHT_STATUS);

}

uint32_t set_backlight_level(HANDLE drv_handle, int level)

{

uint32_t func = BACKLIGHT_AUTO;

switch (level) {

case 0:

func = BACKLIGHT_OFF;

break;

case 1:

func = BACKLIGHT_LEVEL1;

break;

case 2:

func = BACKLIGHT_LEVEL2;

break;

}

return device_io_control(drv_handle, func);

}

int main(int argc, char *argv[])

{

if (argc != 2) {

fprintf(stderr, "Usage: %s [0|1|2|3]\n", get_base_name(argv[0]));

return -1;

}

int level = (int) strtol(argv[1], NULL, 0);

if (level < 0 || level > 3) {

fprintf(stderr, "Usage: %s [0|1|2|3]\n", get_base_name(argv[0]));

return -1;

}

/* open */

HANDLE drv_handle = CreateFileA("\\\\.\\EnergyDrv", GENERIC_READ, 0, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);

if (drv_handle == INVALID_HANDLE_VALUE) {

fprintf(stderr, "Error: Failed to find device, make sure Lenovo energy management driver is installed!\n");

return -1;

}

/* run */

do {

/* cap */

uint32_t cap = get_backlight_capability(drv_handle);

if (cap == (uint32_t) -1) {

break;

}

if ((cap & 1) != 1) {

fprintf(stderr, "Error: Failed to get capability!\n");

break;

}

if ((cap >> 1) != 3) {

fprintf(stderr, "Error: Auto-level not supported!\n");

break;

}

/* status */

uint32_t status = get_backlight_status(drv_handle);

if (status == (uint32_t) -1) {

break;

}

if ((status & 1) != 1) {

fprintf(stderr, "Error: Failed to get current status!\n");

break;

}

status = status >> 1;

if ((status & 0x8000) != 0x8000) {

fprintf(stderr, "Error: Cannot set backlight when keyboard is disabled!\n");

break;

}

int curr_level = -1;

switch (status & 0x7fff) {

case 0:

curr_level = 0;

break;

case 1:

curr_level = 1;

break;

case 2:

curr_level = 2;

break;

case 3:

curr_level = 3;

break;

}

printf("Current level: %d\n", curr_level);

set_backlight_level(drv_handle, level);

printf("Finished setting level: %d\n", level);

} while (FALSE);

/* close */

CloseHandle(drv_handle);

return 0;

}

Should built and run on any C99 compilers. Run with <app.exe> [0|1|2|3]. You can add it to task scheduler to disable keyboard backlight on startup.

Also checked other approaches. The usb/hid way does not work on an ideapad. The Keyboard_Core.dll hack also does not work, I cannot find the file in drivers.