Update

vendor/tailscale.com/util/winutil/authenticode/zsyscall_windows.go

@@ -56,7 +56,7 @@ var (
 )
 
 func cryptMsgClose(cryptMsg windows.Handle) (err error) {
-	r1, _, e1 := syscall.Syscall(procCryptMsgClose.Addr(), 1, uintptr(cryptMsg), 0, 0)
+	r1, _, e1 := syscall.SyscallN(procCryptMsgClose.Addr(), uintptr(cryptMsg))
 	if int32(r1) == 0 {
 		err = errnoErr(e1)
 	}
@@ -64,7 +64,7 @@ func cryptMsgClose(cryptMsg windows.Handle) (err error) {
 }
 
 func cryptMsgGetParam(cryptMsg windows.Handle, paramType uint32, index uint32, data unsafe.Pointer, dataLen *uint32) (err error) {
-	r1, _, e1 := syscall.Syscall6(procCryptMsgGetParam.Addr(), 5, uintptr(cryptMsg), uintptr(paramType), uintptr(index), uintptr(data), uintptr(unsafe.Pointer(dataLen)), 0)
+	r1, _, e1 := syscall.SyscallN(procCryptMsgGetParam.Addr(), uintptr(cryptMsg), uintptr(paramType), uintptr(index), uintptr(data), uintptr(unsafe.Pointer(dataLen)))
 	if int32(r1) == 0 {
 		err = errnoErr(e1)
 	}
@@ -72,7 +72,7 @@ func cryptMsgGetParam(cryptMsg windows.Handle, paramType uint32, index uint32, d
 }
 
 func cryptVerifyMessageSignature(pVerifyPara *_CRYPT_VERIFY_MESSAGE_PARA, signerIndex uint32, pbSignedBlob *byte, cbSignedBlob uint32, pbDecoded *byte, pdbDecoded *uint32, ppSignerCert **windows.CertContext) (err error) {
-	r1, _, e1 := syscall.Syscall9(procCryptVerifyMessageSignature.Addr(), 7, uintptr(unsafe.Pointer(pVerifyPara)), uintptr(signerIndex), uintptr(unsafe.Pointer(pbSignedBlob)), uintptr(cbSignedBlob), uintptr(unsafe.Pointer(pbDecoded)), uintptr(unsafe.Pointer(pdbDecoded)), uintptr(unsafe.Pointer(ppSignerCert)), 0, 0)
+	r1, _, e1 := syscall.SyscallN(procCryptVerifyMessageSignature.Addr(), uintptr(unsafe.Pointer(pVerifyPara)), uintptr(signerIndex), uintptr(unsafe.Pointer(pbSignedBlob)), uintptr(cbSignedBlob), uintptr(unsafe.Pointer(pbDecoded)), uintptr(unsafe.Pointer(pdbDecoded)), uintptr(unsafe.Pointer(ppSignerCert)))
 	if int32(r1) == 0 {
 		err = errnoErr(e1)
 	}
@@ -80,13 +80,13 @@ func cryptVerifyMessageSignature(pVerifyPara *_CRYPT_VERIFY_MESSAGE_PARA, signer
 }
 
 func msiGetFileSignatureInformation(signedObjectPath *uint16, flags uint32, certCtx **windows.CertContext, pbHashData *byte, cbHashData *uint32) (ret wingoes.HRESULT) {
-	r0, _, _ := syscall.Syscall6(procMsiGetFileSignatureInformationW.Addr(), 5, uintptr(unsafe.Pointer(signedObjectPath)), uintptr(flags), uintptr(unsafe.Pointer(certCtx)), uintptr(unsafe.Pointer(pbHashData)), uintptr(unsafe.Pointer(cbHashData)), 0)
+	r0, _, _ := syscall.SyscallN(procMsiGetFileSignatureInformationW.Addr(), uintptr(unsafe.Pointer(signedObjectPath)), uintptr(flags), uintptr(unsafe.Pointer(certCtx)), uintptr(unsafe.Pointer(pbHashData)), uintptr(unsafe.Pointer(cbHashData)))
 	ret = wingoes.HRESULT(r0)
 	return
 }
 
 func cryptCATAdminAcquireContext2(hCatAdmin *_HCATADMIN, pgSubsystem *windows.GUID, hashAlgorithm *uint16, strongHashPolicy *windows.CertStrongSignPara, flags uint32) (err error) {
-	r1, _, e1 := syscall.Syscall6(procCryptCATAdminAcquireContext2.Addr(), 5, uintptr(unsafe.Pointer(hCatAdmin)), uintptr(unsafe.Pointer(pgSubsystem)), uintptr(unsafe.Pointer(hashAlgorithm)), uintptr(unsafe.Pointer(strongHashPolicy)), uintptr(flags), 0)
+	r1, _, e1 := syscall.SyscallN(procCryptCATAdminAcquireContext2.Addr(), uintptr(unsafe.Pointer(hCatAdmin)), uintptr(unsafe.Pointer(pgSubsystem)), uintptr(unsafe.Pointer(hashAlgorithm)), uintptr(unsafe.Pointer(strongHashPolicy)), uintptr(flags))
 	if int32(r1) == 0 {
 		err = errnoErr(e1)
 	}
@@ -94,7 +94,7 @@ func cryptCATAdminAcquireContext2(hCatAdmin *_HCATADMIN, pgSubsystem *windows.GU
 }
 
 func cryptCATAdminCalcHashFromFileHandle2(hCatAdmin _HCATADMIN, file windows.Handle, pcbHash *uint32, pbHash *byte, flags uint32) (err error) {
-	r1, _, e1 := syscall.Syscall6(procCryptCATAdminCalcHashFromFileHandle2.Addr(), 5, uintptr(hCatAdmin), uintptr(file), uintptr(unsafe.Pointer(pcbHash)), uintptr(unsafe.Pointer(pbHash)), uintptr(flags), 0)
+	r1, _, e1 := syscall.SyscallN(procCryptCATAdminCalcHashFromFileHandle2.Addr(), uintptr(hCatAdmin), uintptr(file), uintptr(unsafe.Pointer(pcbHash)), uintptr(unsafe.Pointer(pbHash)), uintptr(flags))
 	if int32(r1) == 0 {
 		err = errnoErr(e1)
 	}
@@ -102,7 +102,7 @@ func cryptCATAdminCalcHashFromFileHandle2(hCatAdmin _HCATADMIN, file windows.Han
 }
 
 func cryptCATAdminEnumCatalogFromHash(hCatAdmin _HCATADMIN, pbHash *byte, cbHash uint32, flags uint32, prevCatInfo *_HCATINFO) (ret _HCATINFO, err error) {
-	r0, _, e1 := syscall.Syscall6(procCryptCATAdminEnumCatalogFromHash.Addr(), 5, uintptr(hCatAdmin), uintptr(unsafe.Pointer(pbHash)), uintptr(cbHash), uintptr(flags), uintptr(unsafe.Pointer(prevCatInfo)), 0)
+	r0, _, e1 := syscall.SyscallN(procCryptCATAdminEnumCatalogFromHash.Addr(), uintptr(hCatAdmin), uintptr(unsafe.Pointer(pbHash)), uintptr(cbHash), uintptr(flags), uintptr(unsafe.Pointer(prevCatInfo)))
 	ret = _HCATINFO(r0)
 	if ret == 0 {
 		err = errnoErr(e1)
@@ -111,7 +111,7 @@ func cryptCATAdminEnumCatalogFromHash(hCatAdmin _HCATADMIN, pbHash *byte, cbHash
 }
 
 func cryptCATAdminReleaseCatalogContext(hCatAdmin _HCATADMIN, hCatInfo _HCATINFO, flags uint32) (err error) {
-	r1, _, e1 := syscall.Syscall(procCryptCATAdminReleaseCatalogContext.Addr(), 3, uintptr(hCatAdmin), uintptr(hCatInfo), uintptr(flags))
+	r1, _, e1 := syscall.SyscallN(procCryptCATAdminReleaseCatalogContext.Addr(), uintptr(hCatAdmin), uintptr(hCatInfo), uintptr(flags))
 	if int32(r1) == 0 {
 		err = errnoErr(e1)
 	}
@@ -119,7 +119,7 @@ func cryptCATAdminReleaseCatalogContext(hCatAdmin _HCATADMIN, hCatInfo _HCATINFO
 }
 
 func cryptCATAdminReleaseContext(hCatAdmin _HCATADMIN, flags uint32) (err error) {
-	r1, _, e1 := syscall.Syscall(procCryptCATAdminReleaseContext.Addr(), 2, uintptr(hCatAdmin), uintptr(flags), 0)
+	r1, _, e1 := syscall.SyscallN(procCryptCATAdminReleaseContext.Addr(), uintptr(hCatAdmin), uintptr(flags))
 	if int32(r1) == 0 {
 		err = errnoErr(e1)
 	}
@@ -127,7 +127,7 @@ func cryptCATAdminReleaseContext(hCatAdmin _HCATADMIN, flags uint32) (err error)
 }
 
 func cryptCATAdminCatalogInfoFromContext(hCatInfo _HCATINFO, catInfo *_CATALOG_INFO, flags uint32) (err error) {
-	r1, _, e1 := syscall.Syscall(procCryptCATCatalogInfoFromContext.Addr(), 3, uintptr(hCatInfo), uintptr(unsafe.Pointer(catInfo)), uintptr(flags))
+	r1, _, e1 := syscall.SyscallN(procCryptCATCatalogInfoFromContext.Addr(), uintptr(hCatInfo), uintptr(unsafe.Pointer(catInfo)), uintptr(flags))
 	if int32(r1) == 0 {
 		err = errnoErr(e1)
 	}

vendor/tailscale.com/util/winutil/gp/policylock_windows.go

@@ -127,32 +127,32 @@ func NewUserPolicyLock(token windows.Token) (*PolicyLock, error) {
 	return lock, nil
 }
 
-// Lock locks l.
-// It returns [ErrInvalidLockState] if l has a zero value or has already been closed,
+// Lock locks lk.
+// It returns [ErrInvalidLockState] if lk has a zero value or has already been closed,
 // [ErrLockRestricted] if the lock cannot be acquired due to a restriction in place,
 // or a [syscall.Errno] if the underlying Group Policy lock cannot be acquired.
 //
 // As a special case, it fails with [windows.ERROR_ACCESS_DENIED]
-// if l is a user policy lock, and the corresponding user is not logged in
+// if lk is a user policy lock, and the corresponding user is not logged in
 // interactively at the time of the call.
-func (l *PolicyLock) Lock() error {
+func (lk *PolicyLock) Lock() error {
 	if policyLockRestricted.Load() > 0 {
 		return ErrLockRestricted
 	}
 
-	l.mu.Lock()
-	defer l.mu.Unlock()
-	if l.lockCnt.Add(2)&1 == 0 {
+	lk.mu.Lock()
+	defer lk.mu.Unlock()
+	if lk.lockCnt.Add(2)&1 == 0 {
 		// The lock cannot be acquired because it has either never been properly
 		// created or its Close method has already been called. However, we need
 		// to call Unlock to both decrement lockCnt and leave the underlying
 		// CriticalPolicySection if we won the race with another goroutine and
 		// now own the lock.
-		l.Unlock()
+		lk.Unlock()
 		return ErrInvalidLockState
 	}
 
-	if l.handle != 0 {
+	if lk.handle != 0 {
 		// The underlying CriticalPolicySection is already acquired.
 		// It is an R-Lock (with the W-counterpart owned by the Group Policy service),
 		// meaning that it can be acquired by multiple readers simultaneously.
@@ -160,20 +160,20 @@ func (l *PolicyLock) Lock() error {
 		return nil
 	}
 
-	return l.lockSlow()
+	return lk.lockSlow()
 }
 
 // lockSlow calls enterCriticalPolicySection to acquire the underlying GP read lock.
 // It waits for either the lock to be acquired, or for the Close method to be called.
 //
 // l.mu must be held.
-func (l *PolicyLock) lockSlow() (err error) {
+func (lk *PolicyLock) lockSlow() (err error) {
 	defer func() {
 		if err != nil {
 			// Decrement the counter if the lock cannot be acquired,
 			// and complete the pending close request if we're the last owner.
-			if l.lockCnt.Add(-2) == 0 {
-				l.closeInternal()
+			if lk.lockCnt.Add(-2) == 0 {
+				lk.closeInternal()
 			}
 		}
 	}()
@@ -190,12 +190,12 @@ func (l *PolicyLock) lockSlow() (err error) {
 	resultCh := make(chan policyLockResult)
 
 	go func() {
-		closing := l.closing
-		if l.scope == UserPolicy && l.token != 0 {
+		closing := lk.closing
+		if lk.scope == UserPolicy && lk.token != 0 {
 			// Impersonate the user whose critical policy section we want to acquire.
 			runtime.LockOSThread()
 			defer runtime.UnlockOSThread()
-			if err := impersonateLoggedOnUser(l.token); err != nil {
+			if err := impersonateLoggedOnUser(lk.token); err != nil {
 				initCh <- err
 				return
 			}
@@ -209,10 +209,10 @@ func (l *PolicyLock) lockSlow() (err error) {
 		close(initCh)
 
 		var machine bool
-		if l.scope == MachinePolicy {
+		if lk.scope == MachinePolicy {
 			machine = true
 		}
-		handle, err := l.enterFn(machine)
+		handle, err := lk.enterFn(machine)
 
 	send_result:
 		for {
@@ -226,7 +226,7 @@ func (l *PolicyLock) lockSlow() (err error) {
 					// The lock is being closed, and we lost the race to l.closing
 					// it the calling goroutine.
 					if err == nil {
-						l.leaveFn(handle)
+						lk.leaveFn(handle)
 					}
 					break send_result
 				default:
@@ -247,21 +247,21 @@ func (l *PolicyLock) lockSlow() (err error) {
 	select {
 	case result := <-resultCh:
 		if result.err == nil {
-			l.handle = result.handle
+			lk.handle = result.handle
 		}
 		return result.err
-	case <-l.closing:
+	case <-lk.closing:
 		return ErrInvalidLockState
 	}
 }
 
 // Unlock unlocks l.
 // It panics if l is not locked on entry to Unlock.
-func (l *PolicyLock) Unlock() {
-	l.mu.Lock()
-	defer l.mu.Unlock()
+func (lk *PolicyLock) Unlock() {
+	lk.mu.Lock()
+	defer lk.mu.Unlock()
 
-	lockCnt := l.lockCnt.Add(-2)
+	lockCnt := lk.lockCnt.Add(-2)
 	if lockCnt < 0 {
 		panic("negative lockCnt")
 	}
@@ -273,33 +273,33 @@ func (l *PolicyLock) Unlock() {
 		return
 	}
 
-	if l.handle != 0 {
+	if lk.handle != 0 {
 		// Impersonation is not required to unlock a critical policy section.
 		// The handle we pass determines which mutex will be unlocked.
-		leaveCriticalPolicySection(l.handle)
-		l.handle = 0
+		leaveCriticalPolicySection(lk.handle)
+		lk.handle = 0
 	}
 
 	if lockCnt == 0 {
 		// Complete the pending close request if there's no more readers.
-		l.closeInternal()
+		lk.closeInternal()
 	}
 }
 
 // Close releases resources associated with l.
 // It is a no-op for the machine policy lock.
-func (l *PolicyLock) Close() error {
-	lockCnt := l.lockCnt.Load()
+func (lk *PolicyLock) Close() error {
+	lockCnt := lk.lockCnt.Load()
 	if lockCnt&1 == 0 {
 		// The lock has never been initialized, or close has already been called.
 		return nil
 	}
 
-	close(l.closing)
+	close(lk.closing)
 
 	// Unset the LSB to indicate a pending close request.
-	for !l.lockCnt.CompareAndSwap(lockCnt, lockCnt&^int32(1)) {
-		lockCnt = l.lockCnt.Load()
+	for !lk.lockCnt.CompareAndSwap(lockCnt, lockCnt&^int32(1)) {
+		lockCnt = lk.lockCnt.Load()
 	}
 
 	if lockCnt != 0 {
@@ -307,16 +307,16 @@ func (l *PolicyLock) Close() error {
 		return nil
 	}
 
-	return l.closeInternal()
+	return lk.closeInternal()
 }
 
-func (l *PolicyLock) closeInternal() error {
-	if l.token != 0 {
-		if err := l.token.Close(); err != nil {
+func (lk *PolicyLock) closeInternal() error {
+	if lk.token != 0 {
+		if err := lk.token.Close(); err != nil {
 			return err
 		}
-		l.token = 0
+		lk.token = 0
 	}
-	l.closing = nil
+	lk.closing = nil
 	return nil
 }

vendor/tailscale.com/util/winutil/gp/zsyscall_windows.go

@@ -50,7 +50,7 @@ var (
 )
 
 func impersonateLoggedOnUser(token windows.Token) (err error) {
-	r1, _, e1 := syscall.Syscall(procImpersonateLoggedOnUser.Addr(), 1, uintptr(token), 0, 0)
+	r1, _, e1 := syscall.SyscallN(procImpersonateLoggedOnUser.Addr(), uintptr(token))
 	if int32(r1) == 0 {
 		err = errnoErr(e1)
 	}
@@ -62,7 +62,7 @@ func enterCriticalPolicySection(machine bool) (handle policyLockHandle, err erro
 	if machine {
 		_p0 = 1
 	}
-	r0, _, e1 := syscall.Syscall(procEnterCriticalPolicySection.Addr(), 1, uintptr(_p0), 0, 0)
+	r0, _, e1 := syscall.SyscallN(procEnterCriticalPolicySection.Addr(), uintptr(_p0))
 	handle = policyLockHandle(r0)
 	if int32(handle) == 0 {
 		err = errnoErr(e1)
@@ -71,7 +71,7 @@ func enterCriticalPolicySection(machine bool) (handle policyLockHandle, err erro
 }
 
 func leaveCriticalPolicySection(handle policyLockHandle) (err error) {
-	r1, _, e1 := syscall.Syscall(procLeaveCriticalPolicySection.Addr(), 1, uintptr(handle), 0, 0)
+	r1, _, e1 := syscall.SyscallN(procLeaveCriticalPolicySection.Addr(), uintptr(handle))
 	if int32(r1) == 0 {
 		err = errnoErr(e1)
 	}
@@ -83,7 +83,7 @@ func refreshPolicyEx(machine bool, flags uint32) (err error) {
 	if machine {
 		_p0 = 1
 	}
-	r1, _, e1 := syscall.Syscall(procRefreshPolicyEx.Addr(), 2, uintptr(_p0), uintptr(flags), 0)
+	r1, _, e1 := syscall.SyscallN(procRefreshPolicyEx.Addr(), uintptr(_p0), uintptr(flags))
 	if int32(r1) == 0 {
 		err = errnoErr(e1)
 	}
@@ -95,7 +95,7 @@ func registerGPNotification(event windows.Handle, machine bool) (err error) {
 	if machine {
 		_p0 = 1
 	}
-	r1, _, e1 := syscall.Syscall(procRegisterGPNotification.Addr(), 2, uintptr(event), uintptr(_p0), 0)
+	r1, _, e1 := syscall.SyscallN(procRegisterGPNotification.Addr(), uintptr(event), uintptr(_p0))
 	if int32(r1) == 0 {
 		err = errnoErr(e1)
 	}
@@ -103,7 +103,7 @@ func registerGPNotification(event windows.Handle, machine bool) (err error) {
 }
 
 func unregisterGPNotification(event windows.Handle) (err error) {
-	r1, _, e1 := syscall.Syscall(procUnregisterGPNotification.Addr(), 1, uintptr(event), 0, 0)
+	r1, _, e1 := syscall.SyscallN(procUnregisterGPNotification.Addr(), uintptr(event))
 	if int32(r1) == 0 {
 		err = errnoErr(e1)
 	}

vendor/tailscale.com/util/winutil/restartmgr_windows.go

@@ -19,7 +19,6 @@ import (
 	"github.com/dblohm7/wingoes"
 	"golang.org/x/sys/windows"
 	"tailscale.com/types/logger"
-	"tailscale.com/util/multierr"
 )
 
 var (
@@ -538,7 +537,7 @@ func (rps RestartableProcesses) Terminate(logf logger.Logf, exitCode uint32, tim
 	}
 
 	if len(errs) != 0 {
-		return multierr.New(errs...)
+		return errors.Join(errs...)
 	}
 	return nil
 }

vendor/tailscale.com/util/winutil/startupinfo_windows.go

@@ -83,8 +83,8 @@ func (sib *StartupInfoBuilder) Resolve() (startupInfo *windows.StartupInfo, inhe
 	// Always create a Unicode environment.
 	createProcessFlags = windows.CREATE_UNICODE_ENVIRONMENT
 
-	if l := uint32(len(sib.attrs)); l > 0 {
-		attrCont, err := windows.NewProcThreadAttributeList(l)
+	if ln := uint32(len(sib.attrs)); ln > 0 {
+		attrCont, err := windows.NewProcThreadAttributeList(ln)
 		if err != nil {
 			return nil, false, 0, err
 		}

vendor/tailscale.com/util/winutil/winenv/zsyscall_windows.go

@@ -55,7 +55,7 @@ func isDeviceRegisteredWithManagement(isMDMRegistered *bool, upnBufLen uint32, u
 	if *isMDMRegistered {
 		_p0 = 1
 	}
-	r0, _, e1 := syscall.Syscall(procIsDeviceRegisteredWithManagement.Addr(), 3, uintptr(unsafe.Pointer(&_p0)), uintptr(upnBufLen), uintptr(unsafe.Pointer(upnBuf)))
+	r0, _, e1 := syscall.SyscallN(procIsDeviceRegisteredWithManagement.Addr(), uintptr(unsafe.Pointer(&_p0)), uintptr(upnBufLen), uintptr(unsafe.Pointer(upnBuf)))
 	*isMDMRegistered = _p0 != 0
 	hr = int32(r0)
 	if hr == 0 {
@@ -65,13 +65,13 @@ func isDeviceRegisteredWithManagement(isMDMRegistered *bool, upnBufLen uint32, u
 }
 
 func verSetConditionMask(condMask verCondMask, typ verTypeMask, cond verCond) (res verCondMask) {
-	r0, _, _ := syscall.Syscall(procVerSetConditionMask.Addr(), 3, uintptr(condMask), uintptr(typ), uintptr(cond))
+	r0, _, _ := syscall.SyscallN(procVerSetConditionMask.Addr(), uintptr(condMask), uintptr(typ), uintptr(cond))
 	res = verCondMask(r0)
 	return
 }
 
 func verifyVersionInfo(verInfo *osVersionInfoEx, typ verTypeMask, cond verCondMask) (res bool) {
-	r0, _, _ := syscall.Syscall(procVerifyVersionInfoW.Addr(), 3, uintptr(unsafe.Pointer(verInfo)), uintptr(typ), uintptr(cond))
+	r0, _, _ := syscall.SyscallN(procVerifyVersionInfoW.Addr(), uintptr(unsafe.Pointer(verInfo)), uintptr(typ), uintptr(cond))
 	res = r0 != 0
 	return
 }

vendor/tailscale.com/util/winutil/winutil_windows.go

@@ -8,8 +8,10 @@ import (
 	"fmt"
 	"log"
 	"math"
+	"os"
 	"os/exec"
 	"os/user"
+	"path/filepath"
 	"reflect"
 	"runtime"
 	"strings"
@@ -33,6 +35,10 @@ var ErrNoShell = errors.New("no Shell process is present")
 // ErrNoValue is returned when the value doesn't exist in the registry.
 var ErrNoValue = registry.ErrNotExist
 
+// ErrBadRegValueFormat is returned when a string value does not match the
+// expected format.
+var ErrBadRegValueFormat = errors.New("registry value formatted incorrectly")
+
 // GetDesktopPID searches the PID of the process that's running the
 // currently active desktop. Returns ErrNoShell if the shell is not present.
 // Usually the PID will be for explorer.exe.
@@ -947,3 +953,22 @@ func IsDomainName(name string) (bool, error) {
 
 	return isDomainName(name16)
 }
+
+// GUIPathFromReg obtains the path to the client GUI executable from the
+// registry value that was written during installation.
+func GUIPathFromReg() (string, error) {
+	regPath, err := GetRegString("GUIPath")
+	if err != nil {
+		return "", err
+	}
+
+	if !filepath.IsAbs(regPath) {
+		return "", ErrBadRegValueFormat
+	}
+
+	if _, err := os.Stat(regPath); err != nil {
+		return "", err
+	}
+
+	return regPath, nil
+}

vendor/tailscale.com/util/winutil/zsyscall_windows.go

@@ -62,7 +62,7 @@ var (
 )
 
 func queryServiceConfig2(hService windows.Handle, infoLevel uint32, buf *byte, bufLen uint32, bytesNeeded *uint32) (err error) {
-	r1, _, e1 := syscall.Syscall6(procQueryServiceConfig2W.Addr(), 5, uintptr(hService), uintptr(infoLevel), uintptr(unsafe.Pointer(buf)), uintptr(bufLen), uintptr(unsafe.Pointer(bytesNeeded)), 0)
+	r1, _, e1 := syscall.SyscallN(procQueryServiceConfig2W.Addr(), uintptr(hService), uintptr(infoLevel), uintptr(unsafe.Pointer(buf)), uintptr(bufLen), uintptr(unsafe.Pointer(bytesNeeded)))
 	if r1 == 0 {
 		err = errnoErr(e1)
 	}
@@ -70,19 +70,19 @@ func queryServiceConfig2(hService windows.Handle, infoLevel uint32, buf *byte, b
 }
 
 func getApplicationRestartSettings(process windows.Handle, commandLine *uint16, commandLineLen *uint32, flags *uint32) (ret wingoes.HRESULT) {
-	r0, _, _ := syscall.Syscall6(procGetApplicationRestartSettings.Addr(), 4, uintptr(process), uintptr(unsafe.Pointer(commandLine)), uintptr(unsafe.Pointer(commandLineLen)), uintptr(unsafe.Pointer(flags)), 0, 0)
+	r0, _, _ := syscall.SyscallN(procGetApplicationRestartSettings.Addr(), uintptr(process), uintptr(unsafe.Pointer(commandLine)), uintptr(unsafe.Pointer(commandLineLen)), uintptr(unsafe.Pointer(flags)))
 	ret = wingoes.HRESULT(r0)
 	return
 }
 
 func registerApplicationRestart(cmdLineExclExeName *uint16, flags uint32) (ret wingoes.HRESULT) {
-	r0, _, _ := syscall.Syscall(procRegisterApplicationRestart.Addr(), 2, uintptr(unsafe.Pointer(cmdLineExclExeName)), uintptr(flags), 0)
+	r0, _, _ := syscall.SyscallN(procRegisterApplicationRestart.Addr(), uintptr(unsafe.Pointer(cmdLineExclExeName)), uintptr(flags))
 	ret = wingoes.HRESULT(r0)
 	return
 }
 
 func dsGetDcName(computerName *uint16, domainName *uint16, domainGuid *windows.GUID, siteName *uint16, flags dsGetDcNameFlag, dcInfo **_DOMAIN_CONTROLLER_INFO) (ret error) {
-	r0, _, _ := syscall.Syscall6(procDsGetDcNameW.Addr(), 6, uintptr(unsafe.Pointer(computerName)), uintptr(unsafe.Pointer(domainName)), uintptr(unsafe.Pointer(domainGuid)), uintptr(unsafe.Pointer(siteName)), uintptr(flags), uintptr(unsafe.Pointer(dcInfo)))
+	r0, _, _ := syscall.SyscallN(procDsGetDcNameW.Addr(), uintptr(unsafe.Pointer(computerName)), uintptr(unsafe.Pointer(domainName)), uintptr(unsafe.Pointer(domainGuid)), uintptr(unsafe.Pointer(siteName)), uintptr(flags), uintptr(unsafe.Pointer(dcInfo)))
 	if r0 != 0 {
 		ret = syscall.Errno(r0)
 	}
@@ -90,7 +90,7 @@ func dsGetDcName(computerName *uint16, domainName *uint16, domainGuid *windows.G
 }
 
 func netValidateName(server *uint16, name *uint16, account *uint16, password *uint16, nameType _NETSETUP_NAME_TYPE) (ret error) {
-	r0, _, _ := syscall.Syscall6(procNetValidateName.Addr(), 5, uintptr(unsafe.Pointer(server)), uintptr(unsafe.Pointer(name)), uintptr(unsafe.Pointer(account)), uintptr(unsafe.Pointer(password)), uintptr(nameType), 0)
+	r0, _, _ := syscall.SyscallN(procNetValidateName.Addr(), uintptr(unsafe.Pointer(server)), uintptr(unsafe.Pointer(name)), uintptr(unsafe.Pointer(account)), uintptr(unsafe.Pointer(password)), uintptr(nameType))
 	if r0 != 0 {
 		ret = syscall.Errno(r0)
 	}
@@ -98,7 +98,7 @@ func netValidateName(server *uint16, name *uint16, account *uint16, password *ui
 }
 
 func rmEndSession(session _RMHANDLE) (ret error) {
-	r0, _, _ := syscall.Syscall(procRmEndSession.Addr(), 1, uintptr(session), 0, 0)
+	r0, _, _ := syscall.SyscallN(procRmEndSession.Addr(), uintptr(session))
 	if r0 != 0 {
 		ret = syscall.Errno(r0)
 	}
@@ -106,7 +106,7 @@ func rmEndSession(session _RMHANDLE) (ret error) {
 }
 
 func rmGetList(session _RMHANDLE, nProcInfoNeeded *uint32, nProcInfo *uint32, rgAffectedApps *_RM_PROCESS_INFO, pRebootReasons *uint32) (ret error) {
-	r0, _, _ := syscall.Syscall6(procRmGetList.Addr(), 5, uintptr(session), uintptr(unsafe.Pointer(nProcInfoNeeded)), uintptr(unsafe.Pointer(nProcInfo)), uintptr(unsafe.Pointer(rgAffectedApps)), uintptr(unsafe.Pointer(pRebootReasons)), 0)
+	r0, _, _ := syscall.SyscallN(procRmGetList.Addr(), uintptr(session), uintptr(unsafe.Pointer(nProcInfoNeeded)), uintptr(unsafe.Pointer(nProcInfo)), uintptr(unsafe.Pointer(rgAffectedApps)), uintptr(unsafe.Pointer(pRebootReasons)))
 	if r0 != 0 {
 		ret = syscall.Errno(r0)
 	}
@@ -114,7 +114,7 @@ func rmGetList(session _RMHANDLE, nProcInfoNeeded *uint32, nProcInfo *uint32, rg
 }
 
 func rmJoinSession(pSession *_RMHANDLE, sessionKey *uint16) (ret error) {
-	r0, _, _ := syscall.Syscall(procRmJoinSession.Addr(), 2, uintptr(unsafe.Pointer(pSession)), uintptr(unsafe.Pointer(sessionKey)), 0)
+	r0, _, _ := syscall.SyscallN(procRmJoinSession.Addr(), uintptr(unsafe.Pointer(pSession)), uintptr(unsafe.Pointer(sessionKey)))
 	if r0 != 0 {
 		ret = syscall.Errno(r0)
 	}
@@ -122,7 +122,7 @@ func rmJoinSession(pSession *_RMHANDLE, sessionKey *uint16) (ret error) {
 }
 
 func rmRegisterResources(session _RMHANDLE, nFiles uint32, rgsFileNames **uint16, nApplications uint32, rgApplications *_RM_UNIQUE_PROCESS, nServices uint32, rgsServiceNames **uint16) (ret error) {
-	r0, _, _ := syscall.Syscall9(procRmRegisterResources.Addr(), 7, uintptr(session), uintptr(nFiles), uintptr(unsafe.Pointer(rgsFileNames)), uintptr(nApplications), uintptr(unsafe.Pointer(rgApplications)), uintptr(nServices), uintptr(unsafe.Pointer(rgsServiceNames)), 0, 0)
+	r0, _, _ := syscall.SyscallN(procRmRegisterResources.Addr(), uintptr(session), uintptr(nFiles), uintptr(unsafe.Pointer(rgsFileNames)), uintptr(nApplications), uintptr(unsafe.Pointer(rgApplications)), uintptr(nServices), uintptr(unsafe.Pointer(rgsServiceNames)))
 	if r0 != 0 {
 		ret = syscall.Errno(r0)
 	}
@@ -130,7 +130,7 @@ func rmRegisterResources(session _RMHANDLE, nFiles uint32, rgsFileNames **uint16
 }
 
 func rmStartSession(pSession *_RMHANDLE, flags uint32, sessionKey *uint16) (ret error) {
-	r0, _, _ := syscall.Syscall(procRmStartSession.Addr(), 3, uintptr(unsafe.Pointer(pSession)), uintptr(flags), uintptr(unsafe.Pointer(sessionKey)))
+	r0, _, _ := syscall.SyscallN(procRmStartSession.Addr(), uintptr(unsafe.Pointer(pSession)), uintptr(flags), uintptr(unsafe.Pointer(sessionKey)))
 	if r0 != 0 {
 		ret = syscall.Errno(r0)
 	}
@@ -138,7 +138,7 @@ func rmStartSession(pSession *_RMHANDLE, flags uint32, sessionKey *uint16) (ret
 }
 
 func expandEnvironmentStringsForUser(token windows.Token, src *uint16, dst *uint16, dstLen uint32) (err error) {
-	r1, _, e1 := syscall.Syscall6(procExpandEnvironmentStringsForUserW.Addr(), 4, uintptr(token), uintptr(unsafe.Pointer(src)), uintptr(unsafe.Pointer(dst)), uintptr(dstLen), 0, 0)
+	r1, _, e1 := syscall.SyscallN(procExpandEnvironmentStringsForUserW.Addr(), uintptr(token), uintptr(unsafe.Pointer(src)), uintptr(unsafe.Pointer(dst)), uintptr(dstLen))
 	if int32(r1) == 0 {
 		err = errnoErr(e1)
 	}
@@ -146,7 +146,7 @@ func expandEnvironmentStringsForUser(token windows.Token, src *uint16, dst *uint
 }
 
 func loadUserProfile(token windows.Token, profileInfo *_PROFILEINFO) (err error) {
-	r1, _, e1 := syscall.Syscall(procLoadUserProfileW.Addr(), 2, uintptr(token), uintptr(unsafe.Pointer(profileInfo)), 0)
+	r1, _, e1 := syscall.SyscallN(procLoadUserProfileW.Addr(), uintptr(token), uintptr(unsafe.Pointer(profileInfo)))
 	if int32(r1) == 0 {
 		err = errnoErr(e1)
 	}
@@ -154,7 +154,7 @@ func loadUserProfile(token windows.Token, profileInfo *_PROFILEINFO) (err error)
 }
 
 func unloadUserProfile(token windows.Token, profile registry.Key) (err error) {
-	r1, _, e1 := syscall.Syscall(procUnloadUserProfile.Addr(), 2, uintptr(token), uintptr(profile), 0)
+	r1, _, e1 := syscall.SyscallN(procUnloadUserProfile.Addr(), uintptr(token), uintptr(profile))
 	if int32(r1) == 0 {
 		err = errnoErr(e1)
 	}