Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2024-07-04 03:34:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
reactos/sdk/lib/rtl/thread.c

353 lines
11 KiB
C
Raw Normal View History

Added creation of full user stack (including guard page). svn path=/trunk/; revision=652
1999-09-10 15:50:30 +00:00
/*
* COPYRIGHT: See COPYING in the top level directory
- Part one of major RTL cleanup. Merge duplicated code and stick everything in lib\rtl that used to be in ntdll. Also cleanup the file headers, copyright information and includes. svn path=/trunk/; revision=17731
2005-09-08 00:09:32 +00:00
* PROJECT: ReactOS system libraries
Added creation of full user stack (including guard page). svn path=/trunk/; revision=652
1999-09-10 15:50:30 +00:00
* PURPOSE: Rtl user thread functions
- Part one of major RTL cleanup. Merge duplicated code and stick everything in lib\rtl that used to be in ntdll. Also cleanup the file headers, copyright information and includes. svn path=/trunk/; revision=17731
2005-09-08 00:09:32 +00:00
* FILE: lib/rtl/thread.c
- Fix critical bugs in exception handling: Unwinding was completely broken, using the wrong SEH protector to detect collided unwinding. The correct protector itself also had a broken check. - Fix architectural bug in the entire TrapFrame<->Context conversion system and Ring Privilege Transitions (Inter-ring and intra-ring) which was lacking proper sanitation and validation of segments, flags and debug registers. Among other things, IOPL is now respected, CS is not KGDT_R0_CODE | RPL_MASK anymore, and the GPF code is now properly being called. This completely fixes exception handling being totally broken and crashing firefox installer, mirc, and other applications. - Rewrite the page fault handler base code in assembly instead of relying on a broken C routine. Detect VDM, V8086, detecting expected/normal fault in ExpInterlockedPopEntrySList and faults in the system handler code. Rewrite MmAccessFault to be the main function that calls out to other sub-fault functions, and use the same prototype as NT. - Fix the KGDT boot table to have proper granularity and big flags, and extend it to 256 entries. - Create proper thread context in RtlInitializeContext and cleanup Rtl Thread routines. - Remove all int3 and breakpoints from trap handlers, and replace them with a much better "UNHANDLED_PATH" macro which freezes the system, beeps, and displays a message with the line of code that's unhandled. This is to clearly tell the user that something is unhandled, instead of nesting infinite exceptions due to the int3. - Fix a bug in INT_PROLOG. - Sanitize EFLAGS and Code Segments in KeContextToTrapFrame and KeTrapFrameToContext. - Implement KiUpdateDr7 and KiRecordDr7 as well as DR_MASK and other DR-validation macros and functions to protect against DR-vulnerabilites as well as to properly account for each active hardware breakpoint in a per-thread fashion by using the dispatcher header. - Allow CR0_EM when running in a VDM. - Fix FPU/NPX Register handling in KeContextToTrapFrame and KeTrapFrameToContext, and also speed it up by manual copying instead of a memory move. - Properly give IOPL 3 to user-mode threads if they requested it. - Detect GPF during GPF. - Detect pagefault with a trap-frame spread over two or more pages and nested. - Properly sanitize and set correct trap frame in KiInitailizeUserApc. - Return STATUS_ACCESS_VIOLATION during page faults instead of STATUS_UNSUCESSFUL. - Fix assert in VdmSwapContext, as well as Code Selector check which was broken. - Fix delayed object deletion (ObDeferDeleteObject) and the Ob Repear Routine and list. - Update Kernel Fun. - BUGBUG: Temporaily hack VMWare to detection to always detect VMWare. svn path=/trunk/; revision=25238
2006-12-29 18:49:00 +00:00
* PROGRAMERS:
Second part of patch, implements the new RTL functions which will be used (not used by kernel yet). - RtlCreateUserProcess: * Created RtlpInitEnvironment to manage Environment Block creation. Rougly based on old KlInitPeb code but with some optimizations. * Don't ignore Process Security Descriptor if one was specified. * Don't ignore ZeroBits, get correct entrypoint, and don't assume PEB address. * Don't close handle of section before closing process handle on failure. * Support new undocumented flag which pre-allocates 1MB of memory for Native Processes * FIXME: Hande duplication should be done, but wasn't and still isn't. - RtlpCreateUserStack: * New function to create a stack for a Thread, similar to BasepCreateStack but has some differences related to StackCommit/StackReserve. * Also create Guard Page - RtlpFreeUserStack: * Undoes what the function above does, in case of failure in code using it. - RtlCreateUserThread: * Use the new functions instead of rosrtl. - RtlInitializeContext: * New function similar to BasepInitializeContext but; > Uses a single entrypoint, not many possible thunks like Kernel32 (no need) > The starting EFLAGS is Interrupts Enabled, not IOPL 3. > We don't initialize the same Context Flags > The initial context registers are different - RtlFreeUserThreadStack * Don't assume the TEB address - RtlExitUserThread * Remove deprecated stack-switching semantics and use new TEB flag to tell the Kernel to deallocate the stack for us. svn path=/trunk/; revision=16542
2005-07-12 04:41:41 +00:00
* Alex Ionescu (alex@relsoft.net)
* Eric Kohl
* KJK::Hyperion
Added creation of full user stack (including guard page). svn path=/trunk/; revision=652
1999-09-10 15:50:30 +00:00
*/
/* INCLUDES *****************************************************************/
Implemented RtlCreateUserProcess() and RtlCreateUserThread(). svn path=/trunk/; revision=636
1999-09-04 18:38:29 +00:00
#include "rtl.h" -> #include <rtl.h> svn path=/trunk/; revision=16732
2005-07-26 08:39:07 +00:00
#include <rtl.h>
Implemented RtlCreateUserProcess() and RtlCreateUserThread(). svn path=/trunk/; revision=636
1999-09-04 18:38:29 +00:00
- new statically linked library ROSRTL, for code to be shared among system DLLs - user-mode thread creation code moved to ROSRTL - user-mode thread context initialization code fixed - LdrInitializeThunk() breakin stub fixed svn path=/trunk/; revision=4615
2003-04-29 02:17:01 +00:00
#define NDEBUG
Make rtl use a single header. Helps for PCH and will help for the new Headers (no need to change each file) svn path=/trunk/; revision=15115
2005-05-08 05:14:46 +00:00
#include <debug.h>
Reverted latest changes. svn path=/trunk/; revision=3473
2002-09-08 10:23:54 +00:00
Second part of patch, implements the new RTL functions which will be used (not used by kernel yet). - RtlCreateUserProcess: * Created RtlpInitEnvironment to manage Environment Block creation. Rougly based on old KlInitPeb code but with some optimizations. * Don't ignore Process Security Descriptor if one was specified. * Don't ignore ZeroBits, get correct entrypoint, and don't assume PEB address. * Don't close handle of section before closing process handle on failure. * Support new undocumented flag which pre-allocates 1MB of memory for Native Processes * FIXME: Hande duplication should be done, but wasn't and still isn't. - RtlpCreateUserStack: * New function to create a stack for a Thread, similar to BasepCreateStack but has some differences related to StackCommit/StackReserve. * Also create Guard Page - RtlpFreeUserStack: * Undoes what the function above does, in case of failure in code using it. - RtlCreateUserThread: * Use the new functions instead of rosrtl. - RtlInitializeContext: * New function similar to BasepInitializeContext but; > Uses a single entrypoint, not many possible thunks like Kernel32 (no need) > The starting EFLAGS is Interrupts Enabled, not IOPL 3. > We don't initialize the same Context Flags > The initial context registers are different - RtlFreeUserThreadStack * Don't assume the TEB address - RtlExitUserThread * Remove deprecated stack-switching semantics and use new TEB flag to tell the Kernel to deallocate the stack for us. svn path=/trunk/; revision=16542
2005-07-12 04:41:41 +00:00
/* PRIVATE FUNCTIONS *******************************************************/
Implemented RtlCreateUserProcess() and RtlCreateUserThread(). svn path=/trunk/; revision=636
1999-09-04 18:38:29 +00:00
Second part of patch, implements the new RTL functions which will be used (not used by kernel yet). - RtlCreateUserProcess: * Created RtlpInitEnvironment to manage Environment Block creation. Rougly based on old KlInitPeb code but with some optimizations. * Don't ignore Process Security Descriptor if one was specified. * Don't ignore ZeroBits, get correct entrypoint, and don't assume PEB address. * Don't close handle of section before closing process handle on failure. * Support new undocumented flag which pre-allocates 1MB of memory for Native Processes * FIXME: Hande duplication should be done, but wasn't and still isn't. - RtlpCreateUserStack: * New function to create a stack for a Thread, similar to BasepCreateStack but has some differences related to StackCommit/StackReserve. * Also create Guard Page - RtlpFreeUserStack: * Undoes what the function above does, in case of failure in code using it. - RtlCreateUserThread: * Use the new functions instead of rosrtl. - RtlInitializeContext: * New function similar to BasepInitializeContext but; > Uses a single entrypoint, not many possible thunks like Kernel32 (no need) > The starting EFLAGS is Interrupts Enabled, not IOPL 3. > We don't initialize the same Context Flags > The initial context registers are different - RtlFreeUserThreadStack * Don't assume the TEB address - RtlExitUserThread * Remove deprecated stack-switching semantics and use new TEB flag to tell the Kernel to deallocate the stack for us. svn path=/trunk/; revision=16542
2005-07-12 04:41:41 +00:00
NTSTATUS
- NDK fix: don't undef a million status codes, instead, have apps define WIN32_NO_STATUS. - winnt.h: respect WIN32_NO_STATUS for DBG codes. - rtl: change STDCALL to NTAPI - everything else: add precompiled headers where missing, define WIN32_NO_STATUS. svn path=/trunk/; revision=18598
2005-10-19 17:03:38 +00:00
NTAPI
[KERNEL32][RTL] Diverse fixes/improvements for thread stack creation code. (#802) - kernel32!BaseCreateStack() is compatible with ntdll!RtlpCreateUserStack(). - When checking whether a stack guard page can be added, its size has to be accounted for in the checking logic. - We have to satisfy the PEB::MinimumStackCommit constraint. - We cannot use PEB::GuaranteedStackBytes in BaseCreateStack() since it is nowhere initialized (default is 0). It gets initialized to a non-zero value when the user manually calls SetThreadStackGuarantee(). https://www.installsetupconfig.com/win32programming/windowsthreadsprocessapis7_6.html - RtlpCreateUserStack(): Fix memory leak in failure case. - RtlpFreeUserStack() doesn't need to return anything. See also commit 1bc59379 (r59868). CORE-11319
2016-05-26 02:44:25 +00:00
RtlpCreateUserStack(IN HANDLE ProcessHandle,
- Fix critical bugs in exception handling: Unwinding was completely broken, using the wrong SEH protector to detect collided unwinding. The correct protector itself also had a broken check. - Fix architectural bug in the entire TrapFrame<->Context conversion system and Ring Privilege Transitions (Inter-ring and intra-ring) which was lacking proper sanitation and validation of segments, flags and debug registers. Among other things, IOPL is now respected, CS is not KGDT_R0_CODE | RPL_MASK anymore, and the GPF code is now properly being called. This completely fixes exception handling being totally broken and crashing firefox installer, mirc, and other applications. - Rewrite the page fault handler base code in assembly instead of relying on a broken C routine. Detect VDM, V8086, detecting expected/normal fault in ExpInterlockedPopEntrySList and faults in the system handler code. Rewrite MmAccessFault to be the main function that calls out to other sub-fault functions, and use the same prototype as NT. - Fix the KGDT boot table to have proper granularity and big flags, and extend it to 256 entries. - Create proper thread context in RtlInitializeContext and cleanup Rtl Thread routines. - Remove all int3 and breakpoints from trap handlers, and replace them with a much better "UNHANDLED_PATH" macro which freezes the system, beeps, and displays a message with the line of code that's unhandled. This is to clearly tell the user that something is unhandled, instead of nesting infinite exceptions due to the int3. - Fix a bug in INT_PROLOG. - Sanitize EFLAGS and Code Segments in KeContextToTrapFrame and KeTrapFrameToContext. - Implement KiUpdateDr7 and KiRecordDr7 as well as DR_MASK and other DR-validation macros and functions to protect against DR-vulnerabilites as well as to properly account for each active hardware breakpoint in a per-thread fashion by using the dispatcher header. - Allow CR0_EM when running in a VDM. - Fix FPU/NPX Register handling in KeContextToTrapFrame and KeTrapFrameToContext, and also speed it up by manual copying instead of a memory move. - Properly give IOPL 3 to user-mode threads if they requested it. - Detect GPF during GPF. - Detect pagefault with a trap-frame spread over two or more pages and nested. - Properly sanitize and set correct trap frame in KiInitailizeUserApc. - Return STATUS_ACCESS_VIOLATION during page faults instead of STATUS_UNSUCESSFUL. - Fix assert in VdmSwapContext, as well as Code Selector check which was broken. - Fix delayed object deletion (ObDeferDeleteObject) and the Ob Repear Routine and list. - Update Kernel Fun. - BUGBUG: Temporaily hack VMWare to detection to always detect VMWare. svn path=/trunk/; revision=25238
2006-12-29 18:49:00 +00:00
IN SIZE_T StackReserve OPTIONAL,
IN SIZE_T StackCommit OPTIONAL,
IN ULONG StackZeroBits OPTIONAL,
OUT PINITIAL_TEB InitialTeb)
My biggest commit so far (everything compiles and apparently runs fine): - replaced DWORD with ULONG in a couple of places - replaced some ULONGs with LONGs in the KD GDB stub - replaced INITIAL_TEB with USER_STACK, as per Nebbet's book, to support both fixed size and expandable stacks - added InterlockedExchangePointer - added the ASM_BREAKPOINT macro as the architecture-dependent assembler code to raise a breakpoint exception - corrected definitions of INT, LONG, DWORD, UINT, ULONG and ULONG32 - corrected IoSetCancelRoutine to use InterlockedExchangePointer - corrected definition of NtCurrentTeb and NtCurrentPeb - corrected DbgBreakPoint and DbgUserBreakPoint not to set up a stack frame (temporary fix with inline assembler - why doesn't GCC understand __declspec(naked)?) - corrected various calls to Interlocked* functions to cast OUT operands to LONG * - corrected various printf format strings - corrected DbgUiIssueRemoteBreakin to use the smallest possible stack (this is what started everything) - removed a DPRINT that accessed pageable memory at non-PASSIVE_LEVEL IRQL - beautified CreateProcessA (another temporary fix - all the new functions will be isolated in the upcoming stand-alone RTL) - prefixed LdrInitializeThunk with a nop that can be overwritten with a breakpoint for debugging purposes (temporary debugging aid until we have user-mode debugger support). Will add support for this to the breakin utility soon - thread creation code rewritten from scratch (some glitches documented inline, but works fine) - thread creation code now duplicated just twice, as opposed to five times (temporary fix - three new, non standard functions have been exported from NTDLL.DLL, will fix later) svn path=/trunk/; revision=4595
2003-04-26 23:13:33 +00:00
{
Second part of patch, implements the new RTL functions which will be used (not used by kernel yet). - RtlCreateUserProcess: * Created RtlpInitEnvironment to manage Environment Block creation. Rougly based on old KlInitPeb code but with some optimizations. * Don't ignore Process Security Descriptor if one was specified. * Don't ignore ZeroBits, get correct entrypoint, and don't assume PEB address. * Don't close handle of section before closing process handle on failure. * Support new undocumented flag which pre-allocates 1MB of memory for Native Processes * FIXME: Hande duplication should be done, but wasn't and still isn't. - RtlpCreateUserStack: * New function to create a stack for a Thread, similar to BasepCreateStack but has some differences related to StackCommit/StackReserve. * Also create Guard Page - RtlpFreeUserStack: * Undoes what the function above does, in case of failure in code using it. - RtlCreateUserThread: * Use the new functions instead of rosrtl. - RtlInitializeContext: * New function similar to BasepInitializeContext but; > Uses a single entrypoint, not many possible thunks like Kernel32 (no need) > The starting EFLAGS is Interrupts Enabled, not IOPL 3. > We don't initialize the same Context Flags > The initial context registers are different - RtlFreeUserThreadStack * Don't assume the TEB address - RtlExitUserThread * Remove deprecated stack-switching semantics and use new TEB flag to tell the Kernel to deallocate the stack for us. svn path=/trunk/; revision=16542
2005-07-12 04:41:41 +00:00
NTSTATUS Status;
SYSTEM_BASIC_INFORMATION SystemBasicInfo;
PIMAGE_NT_HEADERS Headers;
[KERNEL32][RTL] Diverse fixes/improvements for thread stack creation code. (#802) - kernel32!BaseCreateStack() is compatible with ntdll!RtlpCreateUserStack(). - When checking whether a stack guard page can be added, its size has to be accounted for in the checking logic. - We have to satisfy the PEB::MinimumStackCommit constraint. - We cannot use PEB::GuaranteedStackBytes in BaseCreateStack() since it is nowhere initialized (default is 0). It gets initialized to a non-zero value when the user manually calls SetThreadStackGuarantee(). https://www.installsetupconfig.com/win32programming/windowsthreadsprocessapis7_6.html - RtlpCreateUserStack(): Fix memory leak in failure case. - RtlpFreeUserStack() doesn't need to return anything. See also commit 1bc59379 (r59868). CORE-11319
2016-05-26 02:44:25 +00:00
ULONG_PTR Stack;
BOOLEAN UseGuard;
- Fix Nt/ZwMapViewOfSection parameters (ULONG -> ULONG_PTR and SIZE_T) and the few callers which sent incorrect types - Also fix MapViewOfFile/Ex parameters svn path=/trunk/; revision=36915
2008-10-23 18:19:20 +00:00
ULONG Dummy;
[KERNEL32][RTL] Diverse fixes/improvements for thread stack creation code. (#802) - kernel32!BaseCreateStack() is compatible with ntdll!RtlpCreateUserStack(). - When checking whether a stack guard page can be added, its size has to be accounted for in the checking logic. - We have to satisfy the PEB::MinimumStackCommit constraint. - We cannot use PEB::GuaranteedStackBytes in BaseCreateStack() since it is nowhere initialized (default is 0). It gets initialized to a non-zero value when the user manually calls SetThreadStackGuarantee(). https://www.installsetupconfig.com/win32programming/windowsthreadsprocessapis7_6.html - RtlpCreateUserStack(): Fix memory leak in failure case. - RtlpFreeUserStack() doesn't need to return anything. See also commit 1bc59379 (r59868). CORE-11319
2016-05-26 02:44:25 +00:00
SIZE_T MinimumStackCommit, GuardPageSize;
- Fix critical bugs in exception handling: Unwinding was completely broken, using the wrong SEH protector to detect collided unwinding. The correct protector itself also had a broken check. - Fix architectural bug in the entire TrapFrame<->Context conversion system and Ring Privilege Transitions (Inter-ring and intra-ring) which was lacking proper sanitation and validation of segments, flags and debug registers. Among other things, IOPL is now respected, CS is not KGDT_R0_CODE | RPL_MASK anymore, and the GPF code is now properly being called. This completely fixes exception handling being totally broken and crashing firefox installer, mirc, and other applications. - Rewrite the page fault handler base code in assembly instead of relying on a broken C routine. Detect VDM, V8086, detecting expected/normal fault in ExpInterlockedPopEntrySList and faults in the system handler code. Rewrite MmAccessFault to be the main function that calls out to other sub-fault functions, and use the same prototype as NT. - Fix the KGDT boot table to have proper granularity and big flags, and extend it to 256 entries. - Create proper thread context in RtlInitializeContext and cleanup Rtl Thread routines. - Remove all int3 and breakpoints from trap handlers, and replace them with a much better "UNHANDLED_PATH" macro which freezes the system, beeps, and displays a message with the line of code that's unhandled. This is to clearly tell the user that something is unhandled, instead of nesting infinite exceptions due to the int3. - Fix a bug in INT_PROLOG. - Sanitize EFLAGS and Code Segments in KeContextToTrapFrame and KeTrapFrameToContext. - Implement KiUpdateDr7 and KiRecordDr7 as well as DR_MASK and other DR-validation macros and functions to protect against DR-vulnerabilites as well as to properly account for each active hardware breakpoint in a per-thread fashion by using the dispatcher header. - Allow CR0_EM when running in a VDM. - Fix FPU/NPX Register handling in KeContextToTrapFrame and KeTrapFrameToContext, and also speed it up by manual copying instead of a memory move. - Properly give IOPL 3 to user-mode threads if they requested it. - Detect GPF during GPF. - Detect pagefault with a trap-frame spread over two or more pages and nested. - Properly sanitize and set correct trap frame in KiInitailizeUserApc. - Return STATUS_ACCESS_VIOLATION during page faults instead of STATUS_UNSUCESSFUL. - Fix assert in VdmSwapContext, as well as Code Selector check which was broken. - Fix delayed object deletion (ObDeferDeleteObject) and the Ob Repear Routine and list. - Update Kernel Fun. - BUGBUG: Temporaily hack VMWare to detection to always detect VMWare. svn path=/trunk/; revision=25238
2006-12-29 18:49:00 +00:00
Second part of patch, implements the new RTL functions which will be used (not used by kernel yet). - RtlCreateUserProcess: * Created RtlpInitEnvironment to manage Environment Block creation. Rougly based on old KlInitPeb code but with some optimizations. * Don't ignore Process Security Descriptor if one was specified. * Don't ignore ZeroBits, get correct entrypoint, and don't assume PEB address. * Don't close handle of section before closing process handle on failure. * Support new undocumented flag which pre-allocates 1MB of memory for Native Processes * FIXME: Hande duplication should be done, but wasn't and still isn't. - RtlpCreateUserStack: * New function to create a stack for a Thread, similar to BasepCreateStack but has some differences related to StackCommit/StackReserve. * Also create Guard Page - RtlpFreeUserStack: * Undoes what the function above does, in case of failure in code using it. - RtlCreateUserThread: * Use the new functions instead of rosrtl. - RtlInitializeContext: * New function similar to BasepInitializeContext but; > Uses a single entrypoint, not many possible thunks like Kernel32 (no need) > The starting EFLAGS is Interrupts Enabled, not IOPL 3. > We don't initialize the same Context Flags > The initial context registers are different - RtlFreeUserThreadStack * Don't assume the TEB address - RtlExitUserThread * Remove deprecated stack-switching semantics and use new TEB flag to tell the Kernel to deallocate the stack for us. svn path=/trunk/; revision=16542
2005-07-12 04:41:41 +00:00
/* Get some memory information */
- Fix critical bugs in exception handling: Unwinding was completely broken, using the wrong SEH protector to detect collided unwinding. The correct protector itself also had a broken check. - Fix architectural bug in the entire TrapFrame<->Context conversion system and Ring Privilege Transitions (Inter-ring and intra-ring) which was lacking proper sanitation and validation of segments, flags and debug registers. Among other things, IOPL is now respected, CS is not KGDT_R0_CODE | RPL_MASK anymore, and the GPF code is now properly being called. This completely fixes exception handling being totally broken and crashing firefox installer, mirc, and other applications. - Rewrite the page fault handler base code in assembly instead of relying on a broken C routine. Detect VDM, V8086, detecting expected/normal fault in ExpInterlockedPopEntrySList and faults in the system handler code. Rewrite MmAccessFault to be the main function that calls out to other sub-fault functions, and use the same prototype as NT. - Fix the KGDT boot table to have proper granularity and big flags, and extend it to 256 entries. - Create proper thread context in RtlInitializeContext and cleanup Rtl Thread routines. - Remove all int3 and breakpoints from trap handlers, and replace them with a much better "UNHANDLED_PATH" macro which freezes the system, beeps, and displays a message with the line of code that's unhandled. This is to clearly tell the user that something is unhandled, instead of nesting infinite exceptions due to the int3. - Fix a bug in INT_PROLOG. - Sanitize EFLAGS and Code Segments in KeContextToTrapFrame and KeTrapFrameToContext. - Implement KiUpdateDr7 and KiRecordDr7 as well as DR_MASK and other DR-validation macros and functions to protect against DR-vulnerabilites as well as to properly account for each active hardware breakpoint in a per-thread fashion by using the dispatcher header. - Allow CR0_EM when running in a VDM. - Fix FPU/NPX Register handling in KeContextToTrapFrame and KeTrapFrameToContext, and also speed it up by manual copying instead of a memory move. - Properly give IOPL 3 to user-mode threads if they requested it. - Detect GPF during GPF. - Detect pagefault with a trap-frame spread over two or more pages and nested. - Properly sanitize and set correct trap frame in KiInitailizeUserApc. - Return STATUS_ACCESS_VIOLATION during page faults instead of STATUS_UNSUCESSFUL. - Fix assert in VdmSwapContext, as well as Code Selector check which was broken. - Fix delayed object deletion (ObDeferDeleteObject) and the Ob Repear Routine and list. - Update Kernel Fun. - BUGBUG: Temporaily hack VMWare to detection to always detect VMWare. svn path=/trunk/; revision=25238
2006-12-29 18:49:00 +00:00
Status = ZwQuerySystemInformation(SystemBasicInformation,
Second part of patch, implements the new RTL functions which will be used (not used by kernel yet). - RtlCreateUserProcess: * Created RtlpInitEnvironment to manage Environment Block creation. Rougly based on old KlInitPeb code but with some optimizations. * Don't ignore Process Security Descriptor if one was specified. * Don't ignore ZeroBits, get correct entrypoint, and don't assume PEB address. * Don't close handle of section before closing process handle on failure. * Support new undocumented flag which pre-allocates 1MB of memory for Native Processes * FIXME: Hande duplication should be done, but wasn't and still isn't. - RtlpCreateUserStack: * New function to create a stack for a Thread, similar to BasepCreateStack but has some differences related to StackCommit/StackReserve. * Also create Guard Page - RtlpFreeUserStack: * Undoes what the function above does, in case of failure in code using it. - RtlCreateUserThread: * Use the new functions instead of rosrtl. - RtlInitializeContext: * New function similar to BasepInitializeContext but; > Uses a single entrypoint, not many possible thunks like Kernel32 (no need) > The starting EFLAGS is Interrupts Enabled, not IOPL 3. > We don't initialize the same Context Flags > The initial context registers are different - RtlFreeUserThreadStack * Don't assume the TEB address - RtlExitUserThread * Remove deprecated stack-switching semantics and use new TEB flag to tell the Kernel to deallocate the stack for us. svn path=/trunk/; revision=16542
2005-07-12 04:41:41 +00:00
&SystemBasicInfo,
sizeof(SYSTEM_BASIC_INFORMATION),
NULL);
- Fix critical bugs in exception handling: Unwinding was completely broken, using the wrong SEH protector to detect collided unwinding. The correct protector itself also had a broken check. - Fix architectural bug in the entire TrapFrame<->Context conversion system and Ring Privilege Transitions (Inter-ring and intra-ring) which was lacking proper sanitation and validation of segments, flags and debug registers. Among other things, IOPL is now respected, CS is not KGDT_R0_CODE | RPL_MASK anymore, and the GPF code is now properly being called. This completely fixes exception handling being totally broken and crashing firefox installer, mirc, and other applications. - Rewrite the page fault handler base code in assembly instead of relying on a broken C routine. Detect VDM, V8086, detecting expected/normal fault in ExpInterlockedPopEntrySList and faults in the system handler code. Rewrite MmAccessFault to be the main function that calls out to other sub-fault functions, and use the same prototype as NT. - Fix the KGDT boot table to have proper granularity and big flags, and extend it to 256 entries. - Create proper thread context in RtlInitializeContext and cleanup Rtl Thread routines. - Remove all int3 and breakpoints from trap handlers, and replace them with a much better "UNHANDLED_PATH" macro which freezes the system, beeps, and displays a message with the line of code that's unhandled. This is to clearly tell the user that something is unhandled, instead of nesting infinite exceptions due to the int3. - Fix a bug in INT_PROLOG. - Sanitize EFLAGS and Code Segments in KeContextToTrapFrame and KeTrapFrameToContext. - Implement KiUpdateDr7 and KiRecordDr7 as well as DR_MASK and other DR-validation macros and functions to protect against DR-vulnerabilites as well as to properly account for each active hardware breakpoint in a per-thread fashion by using the dispatcher header. - Allow CR0_EM when running in a VDM. - Fix FPU/NPX Register handling in KeContextToTrapFrame and KeTrapFrameToContext, and also speed it up by manual copying instead of a memory move. - Properly give IOPL 3 to user-mode threads if they requested it. - Detect GPF during GPF. - Detect pagefault with a trap-frame spread over two or more pages and nested. - Properly sanitize and set correct trap frame in KiInitailizeUserApc. - Return STATUS_ACCESS_VIOLATION during page faults instead of STATUS_UNSUCESSFUL. - Fix assert in VdmSwapContext, as well as Code Selector check which was broken. - Fix delayed object deletion (ObDeferDeleteObject) and the Ob Repear Routine and list. - Update Kernel Fun. - BUGBUG: Temporaily hack VMWare to detection to always detect VMWare. svn path=/trunk/; revision=25238
2006-12-29 18:49:00 +00:00
if (!NT_SUCCESS(Status)) return Status;
Second part of patch, implements the new RTL functions which will be used (not used by kernel yet). - RtlCreateUserProcess: * Created RtlpInitEnvironment to manage Environment Block creation. Rougly based on old KlInitPeb code but with some optimizations. * Don't ignore Process Security Descriptor if one was specified. * Don't ignore ZeroBits, get correct entrypoint, and don't assume PEB address. * Don't close handle of section before closing process handle on failure. * Support new undocumented flag which pre-allocates 1MB of memory for Native Processes * FIXME: Hande duplication should be done, but wasn't and still isn't. - RtlpCreateUserStack: * New function to create a stack for a Thread, similar to BasepCreateStack but has some differences related to StackCommit/StackReserve. * Also create Guard Page - RtlpFreeUserStack: * Undoes what the function above does, in case of failure in code using it. - RtlCreateUserThread: * Use the new functions instead of rosrtl. - RtlInitializeContext: * New function similar to BasepInitializeContext but; > Uses a single entrypoint, not many possible thunks like Kernel32 (no need) > The starting EFLAGS is Interrupts Enabled, not IOPL 3. > We don't initialize the same Context Flags > The initial context registers are different - RtlFreeUserThreadStack * Don't assume the TEB address - RtlExitUserThread * Remove deprecated stack-switching semantics and use new TEB flag to tell the Kernel to deallocate the stack for us. svn path=/trunk/; revision=16542
2005-07-12 04:41:41 +00:00
/* Use the Image Settings if we are dealing with the current Process */
[KERNEL32][RTL] Diverse fixes/improvements for thread stack creation code. (#802) - kernel32!BaseCreateStack() is compatible with ntdll!RtlpCreateUserStack(). - When checking whether a stack guard page can be added, its size has to be accounted for in the checking logic. - We have to satisfy the PEB::MinimumStackCommit constraint. - We cannot use PEB::GuaranteedStackBytes in BaseCreateStack() since it is nowhere initialized (default is 0). It gets initialized to a non-zero value when the user manually calls SetThreadStackGuarantee(). https://www.installsetupconfig.com/win32programming/windowsthreadsprocessapis7_6.html - RtlpCreateUserStack(): Fix memory leak in failure case. - RtlpFreeUserStack() doesn't need to return anything. See also commit 1bc59379 (r59868). CORE-11319
2016-05-26 02:44:25 +00:00
if (ProcessHandle == NtCurrentProcess())
Second part of patch, implements the new RTL functions which will be used (not used by kernel yet). - RtlCreateUserProcess: * Created RtlpInitEnvironment to manage Environment Block creation. Rougly based on old KlInitPeb code but with some optimizations. * Don't ignore Process Security Descriptor if one was specified. * Don't ignore ZeroBits, get correct entrypoint, and don't assume PEB address. * Don't close handle of section before closing process handle on failure. * Support new undocumented flag which pre-allocates 1MB of memory for Native Processes * FIXME: Hande duplication should be done, but wasn't and still isn't. - RtlpCreateUserStack: * New function to create a stack for a Thread, similar to BasepCreateStack but has some differences related to StackCommit/StackReserve. * Also create Guard Page - RtlpFreeUserStack: * Undoes what the function above does, in case of failure in code using it. - RtlCreateUserThread: * Use the new functions instead of rosrtl. - RtlInitializeContext: * New function similar to BasepInitializeContext but; > Uses a single entrypoint, not many possible thunks like Kernel32 (no need) > The starting EFLAGS is Interrupts Enabled, not IOPL 3. > We don't initialize the same Context Flags > The initial context registers are different - RtlFreeUserThreadStack * Don't assume the TEB address - RtlExitUserThread * Remove deprecated stack-switching semantics and use new TEB flag to tell the Kernel to deallocate the stack for us. svn path=/trunk/; revision=16542
2005-07-12 04:41:41 +00:00
{
/* Get the Image Headers */
Headers = RtlImageNtHeader(NtCurrentPeb()->ImageBaseAddress);
CORE-6639 #resolve #time 1d #comment Guard pages now work ;-) [NDK]: Fix definition of a global flag. [RTL]: RtlpCreateUserStack: 1) If the image is invalid, bail out. 2) If the stack commit is higher than reserve, adjust reserve. 3) After allocating a guard page, the stack limit is now ABOVE the guard page, not BELOW it (stack grows backward!). [RTL]: Remove the hack which always Commited the "StackReserve" value. Threads now have a 4-64KB stack, instead of a 1MB stack. [NTOSKRNL]: Implement MiAccessCheck and MiCheckForUserStackOverflow, which handle guard page + stack expansion. [USER32]: Because threads now correctly run with a smaller stack than usual (and expand as needed), remove some checks in user-mode callbacks which forced larger stacks. svn path=/trunk/; revision=59868
2013-08-29 07:33:10 +00:00
if (!Headers) return STATUS_INVALID_IMAGE_FORMAT;
- Fix critical bugs in exception handling: Unwinding was completely broken, using the wrong SEH protector to detect collided unwinding. The correct protector itself also had a broken check. - Fix architectural bug in the entire TrapFrame<->Context conversion system and Ring Privilege Transitions (Inter-ring and intra-ring) which was lacking proper sanitation and validation of segments, flags and debug registers. Among other things, IOPL is now respected, CS is not KGDT_R0_CODE | RPL_MASK anymore, and the GPF code is now properly being called. This completely fixes exception handling being totally broken and crashing firefox installer, mirc, and other applications. - Rewrite the page fault handler base code in assembly instead of relying on a broken C routine. Detect VDM, V8086, detecting expected/normal fault in ExpInterlockedPopEntrySList and faults in the system handler code. Rewrite MmAccessFault to be the main function that calls out to other sub-fault functions, and use the same prototype as NT. - Fix the KGDT boot table to have proper granularity and big flags, and extend it to 256 entries. - Create proper thread context in RtlInitializeContext and cleanup Rtl Thread routines. - Remove all int3 and breakpoints from trap handlers, and replace them with a much better "UNHANDLED_PATH" macro which freezes the system, beeps, and displays a message with the line of code that's unhandled. This is to clearly tell the user that something is unhandled, instead of nesting infinite exceptions due to the int3. - Fix a bug in INT_PROLOG. - Sanitize EFLAGS and Code Segments in KeContextToTrapFrame and KeTrapFrameToContext. - Implement KiUpdateDr7 and KiRecordDr7 as well as DR_MASK and other DR-validation macros and functions to protect against DR-vulnerabilites as well as to properly account for each active hardware breakpoint in a per-thread fashion by using the dispatcher header. - Allow CR0_EM when running in a VDM. - Fix FPU/NPX Register handling in KeContextToTrapFrame and KeTrapFrameToContext, and also speed it up by manual copying instead of a memory move. - Properly give IOPL 3 to user-mode threads if they requested it. - Detect GPF during GPF. - Detect pagefault with a trap-frame spread over two or more pages and nested. - Properly sanitize and set correct trap frame in KiInitailizeUserApc. - Return STATUS_ACCESS_VIOLATION during page faults instead of STATUS_UNSUCESSFUL. - Fix assert in VdmSwapContext, as well as Code Selector check which was broken. - Fix delayed object deletion (ObDeferDeleteObject) and the Ob Repear Routine and list. - Update Kernel Fun. - BUGBUG: Temporaily hack VMWare to detection to always detect VMWare. svn path=/trunk/; revision=25238
2006-12-29 18:49:00 +00:00
Second part of patch, implements the new RTL functions which will be used (not used by kernel yet). - RtlCreateUserProcess: * Created RtlpInitEnvironment to manage Environment Block creation. Rougly based on old KlInitPeb code but with some optimizations. * Don't ignore Process Security Descriptor if one was specified. * Don't ignore ZeroBits, get correct entrypoint, and don't assume PEB address. * Don't close handle of section before closing process handle on failure. * Support new undocumented flag which pre-allocates 1MB of memory for Native Processes * FIXME: Hande duplication should be done, but wasn't and still isn't. - RtlpCreateUserStack: * New function to create a stack for a Thread, similar to BasepCreateStack but has some differences related to StackCommit/StackReserve. * Also create Guard Page - RtlpFreeUserStack: * Undoes what the function above does, in case of failure in code using it. - RtlCreateUserThread: * Use the new functions instead of rosrtl. - RtlInitializeContext: * New function similar to BasepInitializeContext but; > Uses a single entrypoint, not many possible thunks like Kernel32 (no need) > The starting EFLAGS is Interrupts Enabled, not IOPL 3. > We don't initialize the same Context Flags > The initial context registers are different - RtlFreeUserThreadStack * Don't assume the TEB address - RtlExitUserThread * Remove deprecated stack-switching semantics and use new TEB flag to tell the Kernel to deallocate the stack for us. svn path=/trunk/; revision=16542
2005-07-12 04:41:41 +00:00
/* If we didn't get the parameters, find them ourselves */
[KERNEL32][RTL] Diverse fixes/improvements for thread stack creation code. (#802) - kernel32!BaseCreateStack() is compatible with ntdll!RtlpCreateUserStack(). - When checking whether a stack guard page can be added, its size has to be accounted for in the checking logic. - We have to satisfy the PEB::MinimumStackCommit constraint. - We cannot use PEB::GuaranteedStackBytes in BaseCreateStack() since it is nowhere initialized (default is 0). It gets initialized to a non-zero value when the user manually calls SetThreadStackGuarantee(). https://www.installsetupconfig.com/win32programming/windowsthreadsprocessapis7_6.html - RtlpCreateUserStack(): Fix memory leak in failure case. - RtlpFreeUserStack() doesn't need to return anything. See also commit 1bc59379 (r59868). CORE-11319
2016-05-26 02:44:25 +00:00
if (StackReserve == 0)
StackReserve = Headers->OptionalHeader.SizeOfStackReserve;
if (StackCommit == 0)
StackCommit = Headers->OptionalHeader.SizeOfStackCommit;
MinimumStackCommit = NtCurrentPeb()->MinimumStackCommit;
if ((MinimumStackCommit != 0) && (StackCommit < MinimumStackCommit))
{
StackCommit = MinimumStackCommit;
}
Second part of patch, implements the new RTL functions which will be used (not used by kernel yet). - RtlCreateUserProcess: * Created RtlpInitEnvironment to manage Environment Block creation. Rougly based on old KlInitPeb code but with some optimizations. * Don't ignore Process Security Descriptor if one was specified. * Don't ignore ZeroBits, get correct entrypoint, and don't assume PEB address. * Don't close handle of section before closing process handle on failure. * Support new undocumented flag which pre-allocates 1MB of memory for Native Processes * FIXME: Hande duplication should be done, but wasn't and still isn't. - RtlpCreateUserStack: * New function to create a stack for a Thread, similar to BasepCreateStack but has some differences related to StackCommit/StackReserve. * Also create Guard Page - RtlpFreeUserStack: * Undoes what the function above does, in case of failure in code using it. - RtlCreateUserThread: * Use the new functions instead of rosrtl. - RtlInitializeContext: * New function similar to BasepInitializeContext but; > Uses a single entrypoint, not many possible thunks like Kernel32 (no need) > The starting EFLAGS is Interrupts Enabled, not IOPL 3. > We don't initialize the same Context Flags > The initial context registers are different - RtlFreeUserThreadStack * Don't assume the TEB address - RtlExitUserThread * Remove deprecated stack-switching semantics and use new TEB flag to tell the Kernel to deallocate the stack for us. svn path=/trunk/; revision=16542
2005-07-12 04:41:41 +00:00
}
else
{
/* Use the System Settings if needed */
[KERNEL32][RTL] Diverse fixes/improvements for thread stack creation code. (#802) - kernel32!BaseCreateStack() is compatible with ntdll!RtlpCreateUserStack(). - When checking whether a stack guard page can be added, its size has to be accounted for in the checking logic. - We have to satisfy the PEB::MinimumStackCommit constraint. - We cannot use PEB::GuaranteedStackBytes in BaseCreateStack() since it is nowhere initialized (default is 0). It gets initialized to a non-zero value when the user manually calls SetThreadStackGuarantee(). https://www.installsetupconfig.com/win32programming/windowsthreadsprocessapis7_6.html - RtlpCreateUserStack(): Fix memory leak in failure case. - RtlpFreeUserStack() doesn't need to return anything. See also commit 1bc59379 (r59868). CORE-11319
2016-05-26 02:44:25 +00:00
if (StackReserve == 0)
StackReserve = SystemBasicInfo.AllocationGranularity;
if (StackCommit == 0)
StackCommit = SystemBasicInfo.PageSize;
Second part of patch, implements the new RTL functions which will be used (not used by kernel yet). - RtlCreateUserProcess: * Created RtlpInitEnvironment to manage Environment Block creation. Rougly based on old KlInitPeb code but with some optimizations. * Don't ignore Process Security Descriptor if one was specified. * Don't ignore ZeroBits, get correct entrypoint, and don't assume PEB address. * Don't close handle of section before closing process handle on failure. * Support new undocumented flag which pre-allocates 1MB of memory for Native Processes * FIXME: Hande duplication should be done, but wasn't and still isn't. - RtlpCreateUserStack: * New function to create a stack for a Thread, similar to BasepCreateStack but has some differences related to StackCommit/StackReserve. * Also create Guard Page - RtlpFreeUserStack: * Undoes what the function above does, in case of failure in code using it. - RtlCreateUserThread: * Use the new functions instead of rosrtl. - RtlInitializeContext: * New function similar to BasepInitializeContext but; > Uses a single entrypoint, not many possible thunks like Kernel32 (no need) > The starting EFLAGS is Interrupts Enabled, not IOPL 3. > We don't initialize the same Context Flags > The initial context registers are different - RtlFreeUserThreadStack * Don't assume the TEB address - RtlExitUserThread * Remove deprecated stack-switching semantics and use new TEB flag to tell the Kernel to deallocate the stack for us. svn path=/trunk/; revision=16542
2005-07-12 04:41:41 +00:00
}
- Fix critical bugs in exception handling: Unwinding was completely broken, using the wrong SEH protector to detect collided unwinding. The correct protector itself also had a broken check. - Fix architectural bug in the entire TrapFrame<->Context conversion system and Ring Privilege Transitions (Inter-ring and intra-ring) which was lacking proper sanitation and validation of segments, flags and debug registers. Among other things, IOPL is now respected, CS is not KGDT_R0_CODE | RPL_MASK anymore, and the GPF code is now properly being called. This completely fixes exception handling being totally broken and crashing firefox installer, mirc, and other applications. - Rewrite the page fault handler base code in assembly instead of relying on a broken C routine. Detect VDM, V8086, detecting expected/normal fault in ExpInterlockedPopEntrySList and faults in the system handler code. Rewrite MmAccessFault to be the main function that calls out to other sub-fault functions, and use the same prototype as NT. - Fix the KGDT boot table to have proper granularity and big flags, and extend it to 256 entries. - Create proper thread context in RtlInitializeContext and cleanup Rtl Thread routines. - Remove all int3 and breakpoints from trap handlers, and replace them with a much better "UNHANDLED_PATH" macro which freezes the system, beeps, and displays a message with the line of code that's unhandled. This is to clearly tell the user that something is unhandled, instead of nesting infinite exceptions due to the int3. - Fix a bug in INT_PROLOG. - Sanitize EFLAGS and Code Segments in KeContextToTrapFrame and KeTrapFrameToContext. - Implement KiUpdateDr7 and KiRecordDr7 as well as DR_MASK and other DR-validation macros and functions to protect against DR-vulnerabilites as well as to properly account for each active hardware breakpoint in a per-thread fashion by using the dispatcher header. - Allow CR0_EM when running in a VDM. - Fix FPU/NPX Register handling in KeContextToTrapFrame and KeTrapFrameToContext, and also speed it up by manual copying instead of a memory move. - Properly give IOPL 3 to user-mode threads if they requested it. - Detect GPF during GPF. - Detect pagefault with a trap-frame spread over two or more pages and nested. - Properly sanitize and set correct trap frame in KiInitailizeUserApc. - Return STATUS_ACCESS_VIOLATION during page faults instead of STATUS_UNSUCESSFUL. - Fix assert in VdmSwapContext, as well as Code Selector check which was broken. - Fix delayed object deletion (ObDeferDeleteObject) and the Ob Repear Routine and list. - Update Kernel Fun. - BUGBUG: Temporaily hack VMWare to detection to always detect VMWare. svn path=/trunk/; revision=25238
2006-12-29 18:49:00 +00:00
[KERNEL32][RTL] Diverse fixes/improvements for thread stack creation code. (#802) - kernel32!BaseCreateStack() is compatible with ntdll!RtlpCreateUserStack(). - When checking whether a stack guard page can be added, its size has to be accounted for in the checking logic. - We have to satisfy the PEB::MinimumStackCommit constraint. - We cannot use PEB::GuaranteedStackBytes in BaseCreateStack() since it is nowhere initialized (default is 0). It gets initialized to a non-zero value when the user manually calls SetThreadStackGuarantee(). https://www.installsetupconfig.com/win32programming/windowsthreadsprocessapis7_6.html - RtlpCreateUserStack(): Fix memory leak in failure case. - RtlpFreeUserStack() doesn't need to return anything. See also commit 1bc59379 (r59868). CORE-11319
2016-05-26 02:44:25 +00:00
/* Check if the commit is higher than the reserve */
CORE-6639 #resolve #time 1d #comment Guard pages now work ;-) [NDK]: Fix definition of a global flag. [RTL]: RtlpCreateUserStack: 1) If the image is invalid, bail out. 2) If the stack commit is higher than reserve, adjust reserve. 3) After allocating a guard page, the stack limit is now ABOVE the guard page, not BELOW it (stack grows backward!). [RTL]: Remove the hack which always Commited the "StackReserve" value. Threads now have a 4-64KB stack, instead of a 1MB stack. [NTOSKRNL]: Implement MiAccessCheck and MiCheckForUserStackOverflow, which handle guard page + stack expansion. [USER32]: Because threads now correctly run with a smaller stack than usual (and expand as needed), remove some checks in user-mode callbacks which forced larger stacks. svn path=/trunk/; revision=59868
2013-08-29 07:33:10 +00:00
if (StackCommit >= StackReserve)
{
/* Grow the reserve beyond the commit, up to 1MB alignment */
StackReserve = ROUND_UP(StackCommit, 1024 * 1024);
}
Second part of patch, implements the new RTL functions which will be used (not used by kernel yet). - RtlCreateUserProcess: * Created RtlpInitEnvironment to manage Environment Block creation. Rougly based on old KlInitPeb code but with some optimizations. * Don't ignore Process Security Descriptor if one was specified. * Don't ignore ZeroBits, get correct entrypoint, and don't assume PEB address. * Don't close handle of section before closing process handle on failure. * Support new undocumented flag which pre-allocates 1MB of memory for Native Processes * FIXME: Hande duplication should be done, but wasn't and still isn't. - RtlpCreateUserStack: * New function to create a stack for a Thread, similar to BasepCreateStack but has some differences related to StackCommit/StackReserve. * Also create Guard Page - RtlpFreeUserStack: * Undoes what the function above does, in case of failure in code using it. - RtlCreateUserThread: * Use the new functions instead of rosrtl. - RtlInitializeContext: * New function similar to BasepInitializeContext but; > Uses a single entrypoint, not many possible thunks like Kernel32 (no need) > The starting EFLAGS is Interrupts Enabled, not IOPL 3. > We don't initialize the same Context Flags > The initial context registers are different - RtlFreeUserThreadStack * Don't assume the TEB address - RtlExitUserThread * Remove deprecated stack-switching semantics and use new TEB flag to tell the Kernel to deallocate the stack for us. svn path=/trunk/; revision=16542
2005-07-12 04:41:41 +00:00
/* Align everything to Page Size */
StackCommit = ROUND_UP(StackCommit, SystemBasicInfo.PageSize);
[KERNEL32][RTL] Diverse fixes/improvements for thread stack creation code. (#802) - kernel32!BaseCreateStack() is compatible with ntdll!RtlpCreateUserStack(). - When checking whether a stack guard page can be added, its size has to be accounted for in the checking logic. - We have to satisfy the PEB::MinimumStackCommit constraint. - We cannot use PEB::GuaranteedStackBytes in BaseCreateStack() since it is nowhere initialized (default is 0). It gets initialized to a non-zero value when the user manually calls SetThreadStackGuarantee(). https://www.installsetupconfig.com/win32programming/windowsthreadsprocessapis7_6.html - RtlpCreateUserStack(): Fix memory leak in failure case. - RtlpFreeUserStack() doesn't need to return anything. See also commit 1bc59379 (r59868). CORE-11319
2016-05-26 02:44:25 +00:00
StackReserve = ROUND_UP(StackReserve, SystemBasicInfo.AllocationGranularity);
- Fix critical bugs in exception handling: Unwinding was completely broken, using the wrong SEH protector to detect collided unwinding. The correct protector itself also had a broken check. - Fix architectural bug in the entire TrapFrame<->Context conversion system and Ring Privilege Transitions (Inter-ring and intra-ring) which was lacking proper sanitation and validation of segments, flags and debug registers. Among other things, IOPL is now respected, CS is not KGDT_R0_CODE | RPL_MASK anymore, and the GPF code is now properly being called. This completely fixes exception handling being totally broken and crashing firefox installer, mirc, and other applications. - Rewrite the page fault handler base code in assembly instead of relying on a broken C routine. Detect VDM, V8086, detecting expected/normal fault in ExpInterlockedPopEntrySList and faults in the system handler code. Rewrite MmAccessFault to be the main function that calls out to other sub-fault functions, and use the same prototype as NT. - Fix the KGDT boot table to have proper granularity and big flags, and extend it to 256 entries. - Create proper thread context in RtlInitializeContext and cleanup Rtl Thread routines. - Remove all int3 and breakpoints from trap handlers, and replace them with a much better "UNHANDLED_PATH" macro which freezes the system, beeps, and displays a message with the line of code that's unhandled. This is to clearly tell the user that something is unhandled, instead of nesting infinite exceptions due to the int3. - Fix a bug in INT_PROLOG. - Sanitize EFLAGS and Code Segments in KeContextToTrapFrame and KeTrapFrameToContext. - Implement KiUpdateDr7 and KiRecordDr7 as well as DR_MASK and other DR-validation macros and functions to protect against DR-vulnerabilites as well as to properly account for each active hardware breakpoint in a per-thread fashion by using the dispatcher header. - Allow CR0_EM when running in a VDM. - Fix FPU/NPX Register handling in KeContextToTrapFrame and KeTrapFrameToContext, and also speed it up by manual copying instead of a memory move. - Properly give IOPL 3 to user-mode threads if they requested it. - Detect GPF during GPF. - Detect pagefault with a trap-frame spread over two or more pages and nested. - Properly sanitize and set correct trap frame in KiInitailizeUserApc. - Return STATUS_ACCESS_VIOLATION during page faults instead of STATUS_UNSUCESSFUL. - Fix assert in VdmSwapContext, as well as Code Selector check which was broken. - Fix delayed object deletion (ObDeferDeleteObject) and the Ob Repear Routine and list. - Update Kernel Fun. - BUGBUG: Temporaily hack VMWare to detection to always detect VMWare. svn path=/trunk/; revision=25238
2006-12-29 18:49:00 +00:00
Second part of patch, implements the new RTL functions which will be used (not used by kernel yet). - RtlCreateUserProcess: * Created RtlpInitEnvironment to manage Environment Block creation. Rougly based on old KlInitPeb code but with some optimizations. * Don't ignore Process Security Descriptor if one was specified. * Don't ignore ZeroBits, get correct entrypoint, and don't assume PEB address. * Don't close handle of section before closing process handle on failure. * Support new undocumented flag which pre-allocates 1MB of memory for Native Processes * FIXME: Hande duplication should be done, but wasn't and still isn't. - RtlpCreateUserStack: * New function to create a stack for a Thread, similar to BasepCreateStack but has some differences related to StackCommit/StackReserve. * Also create Guard Page - RtlpFreeUserStack: * Undoes what the function above does, in case of failure in code using it. - RtlCreateUserThread: * Use the new functions instead of rosrtl. - RtlInitializeContext: * New function similar to BasepInitializeContext but; > Uses a single entrypoint, not many possible thunks like Kernel32 (no need) > The starting EFLAGS is Interrupts Enabled, not IOPL 3. > We don't initialize the same Context Flags > The initial context registers are different - RtlFreeUserThreadStack * Don't assume the TEB address - RtlExitUserThread * Remove deprecated stack-switching semantics and use new TEB flag to tell the Kernel to deallocate the stack for us. svn path=/trunk/; revision=16542
2005-07-12 04:41:41 +00:00
/* Reserve memory for the stack */
[KERNEL32][RTL] Diverse fixes/improvements for thread stack creation code. (#802) - kernel32!BaseCreateStack() is compatible with ntdll!RtlpCreateUserStack(). - When checking whether a stack guard page can be added, its size has to be accounted for in the checking logic. - We have to satisfy the PEB::MinimumStackCommit constraint. - We cannot use PEB::GuaranteedStackBytes in BaseCreateStack() since it is nowhere initialized (default is 0). It gets initialized to a non-zero value when the user manually calls SetThreadStackGuarantee(). https://www.installsetupconfig.com/win32programming/windowsthreadsprocessapis7_6.html - RtlpCreateUserStack(): Fix memory leak in failure case. - RtlpFreeUserStack() doesn't need to return anything. See also commit 1bc59379 (r59868). CORE-11319
2016-05-26 02:44:25 +00:00
Stack = 0;
Status = ZwAllocateVirtualMemory(ProcessHandle,
Second part of patch, implements the new RTL functions which will be used (not used by kernel yet). - RtlCreateUserProcess: * Created RtlpInitEnvironment to manage Environment Block creation. Rougly based on old KlInitPeb code but with some optimizations. * Don't ignore Process Security Descriptor if one was specified. * Don't ignore ZeroBits, get correct entrypoint, and don't assume PEB address. * Don't close handle of section before closing process handle on failure. * Support new undocumented flag which pre-allocates 1MB of memory for Native Processes * FIXME: Hande duplication should be done, but wasn't and still isn't. - RtlpCreateUserStack: * New function to create a stack for a Thread, similar to BasepCreateStack but has some differences related to StackCommit/StackReserve. * Also create Guard Page - RtlpFreeUserStack: * Undoes what the function above does, in case of failure in code using it. - RtlCreateUserThread: * Use the new functions instead of rosrtl. - RtlInitializeContext: * New function similar to BasepInitializeContext but; > Uses a single entrypoint, not many possible thunks like Kernel32 (no need) > The starting EFLAGS is Interrupts Enabled, not IOPL 3. > We don't initialize the same Context Flags > The initial context registers are different - RtlFreeUserThreadStack * Don't assume the TEB address - RtlExitUserThread * Remove deprecated stack-switching semantics and use new TEB flag to tell the Kernel to deallocate the stack for us. svn path=/trunk/; revision=16542
2005-07-12 04:41:41 +00:00
(PVOID*)&Stack,
StackZeroBits,
&StackReserve,
MEM_RESERVE,
PAGE_READWRITE);
- Fix critical bugs in exception handling: Unwinding was completely broken, using the wrong SEH protector to detect collided unwinding. The correct protector itself also had a broken check. - Fix architectural bug in the entire TrapFrame<->Context conversion system and Ring Privilege Transitions (Inter-ring and intra-ring) which was lacking proper sanitation and validation of segments, flags and debug registers. Among other things, IOPL is now respected, CS is not KGDT_R0_CODE | RPL_MASK anymore, and the GPF code is now properly being called. This completely fixes exception handling being totally broken and crashing firefox installer, mirc, and other applications. - Rewrite the page fault handler base code in assembly instead of relying on a broken C routine. Detect VDM, V8086, detecting expected/normal fault in ExpInterlockedPopEntrySList and faults in the system handler code. Rewrite MmAccessFault to be the main function that calls out to other sub-fault functions, and use the same prototype as NT. - Fix the KGDT boot table to have proper granularity and big flags, and extend it to 256 entries. - Create proper thread context in RtlInitializeContext and cleanup Rtl Thread routines. - Remove all int3 and breakpoints from trap handlers, and replace them with a much better "UNHANDLED_PATH" macro which freezes the system, beeps, and displays a message with the line of code that's unhandled. This is to clearly tell the user that something is unhandled, instead of nesting infinite exceptions due to the int3. - Fix a bug in INT_PROLOG. - Sanitize EFLAGS and Code Segments in KeContextToTrapFrame and KeTrapFrameToContext. - Implement KiUpdateDr7 and KiRecordDr7 as well as DR_MASK and other DR-validation macros and functions to protect against DR-vulnerabilites as well as to properly account for each active hardware breakpoint in a per-thread fashion by using the dispatcher header. - Allow CR0_EM when running in a VDM. - Fix FPU/NPX Register handling in KeContextToTrapFrame and KeTrapFrameToContext, and also speed it up by manual copying instead of a memory move. - Properly give IOPL 3 to user-mode threads if they requested it. - Detect GPF during GPF. - Detect pagefault with a trap-frame spread over two or more pages and nested. - Properly sanitize and set correct trap frame in KiInitailizeUserApc. - Return STATUS_ACCESS_VIOLATION during page faults instead of STATUS_UNSUCESSFUL. - Fix assert in VdmSwapContext, as well as Code Selector check which was broken. - Fix delayed object deletion (ObDeferDeleteObject) and the Ob Repear Routine and list. - Update Kernel Fun. - BUGBUG: Temporaily hack VMWare to detection to always detect VMWare. svn path=/trunk/; revision=25238
2006-12-29 18:49:00 +00:00
if (!NT_SUCCESS(Status)) return Status;
Second part of patch, implements the new RTL functions which will be used (not used by kernel yet). - RtlCreateUserProcess: * Created RtlpInitEnvironment to manage Environment Block creation. Rougly based on old KlInitPeb code but with some optimizations. * Don't ignore Process Security Descriptor if one was specified. * Don't ignore ZeroBits, get correct entrypoint, and don't assume PEB address. * Don't close handle of section before closing process handle on failure. * Support new undocumented flag which pre-allocates 1MB of memory for Native Processes * FIXME: Hande duplication should be done, but wasn't and still isn't. - RtlpCreateUserStack: * New function to create a stack for a Thread, similar to BasepCreateStack but has some differences related to StackCommit/StackReserve. * Also create Guard Page - RtlpFreeUserStack: * Undoes what the function above does, in case of failure in code using it. - RtlCreateUserThread: * Use the new functions instead of rosrtl. - RtlInitializeContext: * New function similar to BasepInitializeContext but; > Uses a single entrypoint, not many possible thunks like Kernel32 (no need) > The starting EFLAGS is Interrupts Enabled, not IOPL 3. > We don't initialize the same Context Flags > The initial context registers are different - RtlFreeUserThreadStack * Don't assume the TEB address - RtlExitUserThread * Remove deprecated stack-switching semantics and use new TEB flag to tell the Kernel to deallocate the stack for us. svn path=/trunk/; revision=16542
2005-07-12 04:41:41 +00:00
/* Now set up some basic Initial TEB Parameters */
InitialTeb->AllocatedStackBase = (PVOID)Stack;
InitialTeb->StackBase = (PVOID)(Stack + StackReserve);
[KERNEL32][RTL] Diverse fixes/improvements for thread stack creation code. (#802) - kernel32!BaseCreateStack() is compatible with ntdll!RtlpCreateUserStack(). - When checking whether a stack guard page can be added, its size has to be accounted for in the checking logic. - We have to satisfy the PEB::MinimumStackCommit constraint. - We cannot use PEB::GuaranteedStackBytes in BaseCreateStack() since it is nowhere initialized (default is 0). It gets initialized to a non-zero value when the user manually calls SetThreadStackGuarantee(). https://www.installsetupconfig.com/win32programming/windowsthreadsprocessapis7_6.html - RtlpCreateUserStack(): Fix memory leak in failure case. - RtlpFreeUserStack() doesn't need to return anything. See also commit 1bc59379 (r59868). CORE-11319
2016-05-26 02:44:25 +00:00
InitialTeb->PreviousStackBase = NULL;
InitialTeb->PreviousStackLimit = NULL;
- Fix critical bugs in exception handling: Unwinding was completely broken, using the wrong SEH protector to detect collided unwinding. The correct protector itself also had a broken check. - Fix architectural bug in the entire TrapFrame<->Context conversion system and Ring Privilege Transitions (Inter-ring and intra-ring) which was lacking proper sanitation and validation of segments, flags and debug registers. Among other things, IOPL is now respected, CS is not KGDT_R0_CODE | RPL_MASK anymore, and the GPF code is now properly being called. This completely fixes exception handling being totally broken and crashing firefox installer, mirc, and other applications. - Rewrite the page fault handler base code in assembly instead of relying on a broken C routine. Detect VDM, V8086, detecting expected/normal fault in ExpInterlockedPopEntrySList and faults in the system handler code. Rewrite MmAccessFault to be the main function that calls out to other sub-fault functions, and use the same prototype as NT. - Fix the KGDT boot table to have proper granularity and big flags, and extend it to 256 entries. - Create proper thread context in RtlInitializeContext and cleanup Rtl Thread routines. - Remove all int3 and breakpoints from trap handlers, and replace them with a much better "UNHANDLED_PATH" macro which freezes the system, beeps, and displays a message with the line of code that's unhandled. This is to clearly tell the user that something is unhandled, instead of nesting infinite exceptions due to the int3. - Fix a bug in INT_PROLOG. - Sanitize EFLAGS and Code Segments in KeContextToTrapFrame and KeTrapFrameToContext. - Implement KiUpdateDr7 and KiRecordDr7 as well as DR_MASK and other DR-validation macros and functions to protect against DR-vulnerabilites as well as to properly account for each active hardware breakpoint in a per-thread fashion by using the dispatcher header. - Allow CR0_EM when running in a VDM. - Fix FPU/NPX Register handling in KeContextToTrapFrame and KeTrapFrameToContext, and also speed it up by manual copying instead of a memory move. - Properly give IOPL 3 to user-mode threads if they requested it. - Detect GPF during GPF. - Detect pagefault with a trap-frame spread over two or more pages and nested. - Properly sanitize and set correct trap frame in KiInitailizeUserApc. - Return STATUS_ACCESS_VIOLATION during page faults instead of STATUS_UNSUCESSFUL. - Fix assert in VdmSwapContext, as well as Code Selector check which was broken. - Fix delayed object deletion (ObDeferDeleteObject) and the Ob Repear Routine and list. - Update Kernel Fun. - BUGBUG: Temporaily hack VMWare to detection to always detect VMWare. svn path=/trunk/; revision=25238
2006-12-29 18:49:00 +00:00
[KERNEL32][RTL] Diverse fixes/improvements for thread stack creation code. (#802) - kernel32!BaseCreateStack() is compatible with ntdll!RtlpCreateUserStack(). - When checking whether a stack guard page can be added, its size has to be accounted for in the checking logic. - We have to satisfy the PEB::MinimumStackCommit constraint. - We cannot use PEB::GuaranteedStackBytes in BaseCreateStack() since it is nowhere initialized (default is 0). It gets initialized to a non-zero value when the user manually calls SetThreadStackGuarantee(). https://www.installsetupconfig.com/win32programming/windowsthreadsprocessapis7_6.html - RtlpCreateUserStack(): Fix memory leak in failure case. - RtlpFreeUserStack() doesn't need to return anything. See also commit 1bc59379 (r59868). CORE-11319
2016-05-26 02:44:25 +00:00
/* Update the stack position */
Second part of patch, implements the new RTL functions which will be used (not used by kernel yet). - RtlCreateUserProcess: * Created RtlpInitEnvironment to manage Environment Block creation. Rougly based on old KlInitPeb code but with some optimizations. * Don't ignore Process Security Descriptor if one was specified. * Don't ignore ZeroBits, get correct entrypoint, and don't assume PEB address. * Don't close handle of section before closing process handle on failure. * Support new undocumented flag which pre-allocates 1MB of memory for Native Processes * FIXME: Hande duplication should be done, but wasn't and still isn't. - RtlpCreateUserStack: * New function to create a stack for a Thread, similar to BasepCreateStack but has some differences related to StackCommit/StackReserve. * Also create Guard Page - RtlpFreeUserStack: * Undoes what the function above does, in case of failure in code using it. - RtlCreateUserThread: * Use the new functions instead of rosrtl. - RtlInitializeContext: * New function similar to BasepInitializeContext but; > Uses a single entrypoint, not many possible thunks like Kernel32 (no need) > The starting EFLAGS is Interrupts Enabled, not IOPL 3. > We don't initialize the same Context Flags > The initial context registers are different - RtlFreeUserThreadStack * Don't assume the TEB address - RtlExitUserThread * Remove deprecated stack-switching semantics and use new TEB flag to tell the Kernel to deallocate the stack for us. svn path=/trunk/; revision=16542
2005-07-12 04:41:41 +00:00
Stack += StackReserve - StackCommit;
- Fix critical bugs in exception handling: Unwinding was completely broken, using the wrong SEH protector to detect collided unwinding. The correct protector itself also had a broken check. - Fix architectural bug in the entire TrapFrame<->Context conversion system and Ring Privilege Transitions (Inter-ring and intra-ring) which was lacking proper sanitation and validation of segments, flags and debug registers. Among other things, IOPL is now respected, CS is not KGDT_R0_CODE | RPL_MASK anymore, and the GPF code is now properly being called. This completely fixes exception handling being totally broken and crashing firefox installer, mirc, and other applications. - Rewrite the page fault handler base code in assembly instead of relying on a broken C routine. Detect VDM, V8086, detecting expected/normal fault in ExpInterlockedPopEntrySList and faults in the system handler code. Rewrite MmAccessFault to be the main function that calls out to other sub-fault functions, and use the same prototype as NT. - Fix the KGDT boot table to have proper granularity and big flags, and extend it to 256 entries. - Create proper thread context in RtlInitializeContext and cleanup Rtl Thread routines. - Remove all int3 and breakpoints from trap handlers, and replace them with a much better "UNHANDLED_PATH" macro which freezes the system, beeps, and displays a message with the line of code that's unhandled. This is to clearly tell the user that something is unhandled, instead of nesting infinite exceptions due to the int3. - Fix a bug in INT_PROLOG. - Sanitize EFLAGS and Code Segments in KeContextToTrapFrame and KeTrapFrameToContext. - Implement KiUpdateDr7 and KiRecordDr7 as well as DR_MASK and other DR-validation macros and functions to protect against DR-vulnerabilites as well as to properly account for each active hardware breakpoint in a per-thread fashion by using the dispatcher header. - Allow CR0_EM when running in a VDM. - Fix FPU/NPX Register handling in KeContextToTrapFrame and KeTrapFrameToContext, and also speed it up by manual copying instead of a memory move. - Properly give IOPL 3 to user-mode threads if they requested it. - Detect GPF during GPF. - Detect pagefault with a trap-frame spread over two or more pages and nested. - Properly sanitize and set correct trap frame in KiInitailizeUserApc. - Return STATUS_ACCESS_VIOLATION during page faults instead of STATUS_UNSUCESSFUL. - Fix assert in VdmSwapContext, as well as Code Selector check which was broken. - Fix delayed object deletion (ObDeferDeleteObject) and the Ob Repear Routine and list. - Update Kernel Fun. - BUGBUG: Temporaily hack VMWare to detection to always detect VMWare. svn path=/trunk/; revision=25238
2006-12-29 18:49:00 +00:00
[KERNEL32][RTL] Diverse fixes/improvements for thread stack creation code. (#802) - kernel32!BaseCreateStack() is compatible with ntdll!RtlpCreateUserStack(). - When checking whether a stack guard page can be added, its size has to be accounted for in the checking logic. - We have to satisfy the PEB::MinimumStackCommit constraint. - We cannot use PEB::GuaranteedStackBytes in BaseCreateStack() since it is nowhere initialized (default is 0). It gets initialized to a non-zero value when the user manually calls SetThreadStackGuarantee(). https://www.installsetupconfig.com/win32programming/windowsthreadsprocessapis7_6.html - RtlpCreateUserStack(): Fix memory leak in failure case. - RtlpFreeUserStack() doesn't need to return anything. See also commit 1bc59379 (r59868). CORE-11319
2016-05-26 02:44:25 +00:00
/* Check if we can add a guard page */
if (StackReserve >= StackCommit + SystemBasicInfo.PageSize)
Second part of patch, implements the new RTL functions which will be used (not used by kernel yet). - RtlCreateUserProcess: * Created RtlpInitEnvironment to manage Environment Block creation. Rougly based on old KlInitPeb code but with some optimizations. * Don't ignore Process Security Descriptor if one was specified. * Don't ignore ZeroBits, get correct entrypoint, and don't assume PEB address. * Don't close handle of section before closing process handle on failure. * Support new undocumented flag which pre-allocates 1MB of memory for Native Processes * FIXME: Hande duplication should be done, but wasn't and still isn't. - RtlpCreateUserStack: * New function to create a stack for a Thread, similar to BasepCreateStack but has some differences related to StackCommit/StackReserve. * Also create Guard Page - RtlpFreeUserStack: * Undoes what the function above does, in case of failure in code using it. - RtlCreateUserThread: * Use the new functions instead of rosrtl. - RtlInitializeContext: * New function similar to BasepInitializeContext but; > Uses a single entrypoint, not many possible thunks like Kernel32 (no need) > The starting EFLAGS is Interrupts Enabled, not IOPL 3. > We don't initialize the same Context Flags > The initial context registers are different - RtlFreeUserThreadStack * Don't assume the TEB address - RtlExitUserThread * Remove deprecated stack-switching semantics and use new TEB flag to tell the Kernel to deallocate the stack for us. svn path=/trunk/; revision=16542
2005-07-12 04:41:41 +00:00
{
Stack -= SystemBasicInfo.PageSize;
StackCommit += SystemBasicInfo.PageSize;
UseGuard = TRUE;
}
[KERNEL32][RTL] Diverse fixes/improvements for thread stack creation code. (#802) - kernel32!BaseCreateStack() is compatible with ntdll!RtlpCreateUserStack(). - When checking whether a stack guard page can be added, its size has to be accounted for in the checking logic. - We have to satisfy the PEB::MinimumStackCommit constraint. - We cannot use PEB::GuaranteedStackBytes in BaseCreateStack() since it is nowhere initialized (default is 0). It gets initialized to a non-zero value when the user manually calls SetThreadStackGuarantee(). https://www.installsetupconfig.com/win32programming/windowsthreadsprocessapis7_6.html - RtlpCreateUserStack(): Fix memory leak in failure case. - RtlpFreeUserStack() doesn't need to return anything. See also commit 1bc59379 (r59868). CORE-11319
2016-05-26 02:44:25 +00:00
else
{
UseGuard = FALSE;
}
- Fix critical bugs in exception handling: Unwinding was completely broken, using the wrong SEH protector to detect collided unwinding. The correct protector itself also had a broken check. - Fix architectural bug in the entire TrapFrame<->Context conversion system and Ring Privilege Transitions (Inter-ring and intra-ring) which was lacking proper sanitation and validation of segments, flags and debug registers. Among other things, IOPL is now respected, CS is not KGDT_R0_CODE | RPL_MASK anymore, and the GPF code is now properly being called. This completely fixes exception handling being totally broken and crashing firefox installer, mirc, and other applications. - Rewrite the page fault handler base code in assembly instead of relying on a broken C routine. Detect VDM, V8086, detecting expected/normal fault in ExpInterlockedPopEntrySList and faults in the system handler code. Rewrite MmAccessFault to be the main function that calls out to other sub-fault functions, and use the same prototype as NT. - Fix the KGDT boot table to have proper granularity and big flags, and extend it to 256 entries. - Create proper thread context in RtlInitializeContext and cleanup Rtl Thread routines. - Remove all int3 and breakpoints from trap handlers, and replace them with a much better "UNHANDLED_PATH" macro which freezes the system, beeps, and displays a message with the line of code that's unhandled. This is to clearly tell the user that something is unhandled, instead of nesting infinite exceptions due to the int3. - Fix a bug in INT_PROLOG. - Sanitize EFLAGS and Code Segments in KeContextToTrapFrame and KeTrapFrameToContext. - Implement KiUpdateDr7 and KiRecordDr7 as well as DR_MASK and other DR-validation macros and functions to protect against DR-vulnerabilites as well as to properly account for each active hardware breakpoint in a per-thread fashion by using the dispatcher header. - Allow CR0_EM when running in a VDM. - Fix FPU/NPX Register handling in KeContextToTrapFrame and KeTrapFrameToContext, and also speed it up by manual copying instead of a memory move. - Properly give IOPL 3 to user-mode threads if they requested it. - Detect GPF during GPF. - Detect pagefault with a trap-frame spread over two or more pages and nested. - Properly sanitize and set correct trap frame in KiInitailizeUserApc. - Return STATUS_ACCESS_VIOLATION during page faults instead of STATUS_UNSUCESSFUL. - Fix assert in VdmSwapContext, as well as Code Selector check which was broken. - Fix delayed object deletion (ObDeferDeleteObject) and the Ob Repear Routine and list. - Update Kernel Fun. - BUGBUG: Temporaily hack VMWare to detection to always detect VMWare. svn path=/trunk/; revision=25238
2006-12-29 18:49:00 +00:00
Second part of patch, implements the new RTL functions which will be used (not used by kernel yet). - RtlCreateUserProcess: * Created RtlpInitEnvironment to manage Environment Block creation. Rougly based on old KlInitPeb code but with some optimizations. * Don't ignore Process Security Descriptor if one was specified. * Don't ignore ZeroBits, get correct entrypoint, and don't assume PEB address. * Don't close handle of section before closing process handle on failure. * Support new undocumented flag which pre-allocates 1MB of memory for Native Processes * FIXME: Hande duplication should be done, but wasn't and still isn't. - RtlpCreateUserStack: * New function to create a stack for a Thread, similar to BasepCreateStack but has some differences related to StackCommit/StackReserve. * Also create Guard Page - RtlpFreeUserStack: * Undoes what the function above does, in case of failure in code using it. - RtlCreateUserThread: * Use the new functions instead of rosrtl. - RtlInitializeContext: * New function similar to BasepInitializeContext but; > Uses a single entrypoint, not many possible thunks like Kernel32 (no need) > The starting EFLAGS is Interrupts Enabled, not IOPL 3. > We don't initialize the same Context Flags > The initial context registers are different - RtlFreeUserThreadStack * Don't assume the TEB address - RtlExitUserThread * Remove deprecated stack-switching semantics and use new TEB flag to tell the Kernel to deallocate the stack for us. svn path=/trunk/; revision=16542
2005-07-12 04:41:41 +00:00
/* Allocate memory for the stack */
[KERNEL32][RTL] Diverse fixes/improvements for thread stack creation code. (#802) - kernel32!BaseCreateStack() is compatible with ntdll!RtlpCreateUserStack(). - When checking whether a stack guard page can be added, its size has to be accounted for in the checking logic. - We have to satisfy the PEB::MinimumStackCommit constraint. - We cannot use PEB::GuaranteedStackBytes in BaseCreateStack() since it is nowhere initialized (default is 0). It gets initialized to a non-zero value when the user manually calls SetThreadStackGuarantee(). https://www.installsetupconfig.com/win32programming/windowsthreadsprocessapis7_6.html - RtlpCreateUserStack(): Fix memory leak in failure case. - RtlpFreeUserStack() doesn't need to return anything. See also commit 1bc59379 (r59868). CORE-11319
2016-05-26 02:44:25 +00:00
Status = ZwAllocateVirtualMemory(ProcessHandle,
Second part of patch, implements the new RTL functions which will be used (not used by kernel yet). - RtlCreateUserProcess: * Created RtlpInitEnvironment to manage Environment Block creation. Rougly based on old KlInitPeb code but with some optimizations. * Don't ignore Process Security Descriptor if one was specified. * Don't ignore ZeroBits, get correct entrypoint, and don't assume PEB address. * Don't close handle of section before closing process handle on failure. * Support new undocumented flag which pre-allocates 1MB of memory for Native Processes * FIXME: Hande duplication should be done, but wasn't and still isn't. - RtlpCreateUserStack: * New function to create a stack for a Thread, similar to BasepCreateStack but has some differences related to StackCommit/StackReserve. * Also create Guard Page - RtlpFreeUserStack: * Undoes what the function above does, in case of failure in code using it. - RtlCreateUserThread: * Use the new functions instead of rosrtl. - RtlInitializeContext: * New function similar to BasepInitializeContext but; > Uses a single entrypoint, not many possible thunks like Kernel32 (no need) > The starting EFLAGS is Interrupts Enabled, not IOPL 3. > We don't initialize the same Context Flags > The initial context registers are different - RtlFreeUserThreadStack * Don't assume the TEB address - RtlExitUserThread * Remove deprecated stack-switching semantics and use new TEB flag to tell the Kernel to deallocate the stack for us. svn path=/trunk/; revision=16542
2005-07-12 04:41:41 +00:00
(PVOID*)&Stack,
0,
&StackCommit,
MEM_COMMIT,
PAGE_READWRITE);
[KERNEL32][RTL] Diverse fixes/improvements for thread stack creation code. (#802) - kernel32!BaseCreateStack() is compatible with ntdll!RtlpCreateUserStack(). - When checking whether a stack guard page can be added, its size has to be accounted for in the checking logic. - We have to satisfy the PEB::MinimumStackCommit constraint. - We cannot use PEB::GuaranteedStackBytes in BaseCreateStack() since it is nowhere initialized (default is 0). It gets initialized to a non-zero value when the user manually calls SetThreadStackGuarantee(). https://www.installsetupconfig.com/win32programming/windowsthreadsprocessapis7_6.html - RtlpCreateUserStack(): Fix memory leak in failure case. - RtlpFreeUserStack() doesn't need to return anything. See also commit 1bc59379 (r59868). CORE-11319
2016-05-26 02:44:25 +00:00
if (!NT_SUCCESS(Status))
{
GuardPageSize = 0;
ZwFreeVirtualMemory(ProcessHandle, (PVOID*)&Stack, &GuardPageSize, MEM_RELEASE);
return Status;
}
- Fix critical bugs in exception handling: Unwinding was completely broken, using the wrong SEH protector to detect collided unwinding. The correct protector itself also had a broken check. - Fix architectural bug in the entire TrapFrame<->Context conversion system and Ring Privilege Transitions (Inter-ring and intra-ring) which was lacking proper sanitation and validation of segments, flags and debug registers. Among other things, IOPL is now respected, CS is not KGDT_R0_CODE | RPL_MASK anymore, and the GPF code is now properly being called. This completely fixes exception handling being totally broken and crashing firefox installer, mirc, and other applications. - Rewrite the page fault handler base code in assembly instead of relying on a broken C routine. Detect VDM, V8086, detecting expected/normal fault in ExpInterlockedPopEntrySList and faults in the system handler code. Rewrite MmAccessFault to be the main function that calls out to other sub-fault functions, and use the same prototype as NT. - Fix the KGDT boot table to have proper granularity and big flags, and extend it to 256 entries. - Create proper thread context in RtlInitializeContext and cleanup Rtl Thread routines. - Remove all int3 and breakpoints from trap handlers, and replace them with a much better "UNHANDLED_PATH" macro which freezes the system, beeps, and displays a message with the line of code that's unhandled. This is to clearly tell the user that something is unhandled, instead of nesting infinite exceptions due to the int3. - Fix a bug in INT_PROLOG. - Sanitize EFLAGS and Code Segments in KeContextToTrapFrame and KeTrapFrameToContext. - Implement KiUpdateDr7 and KiRecordDr7 as well as DR_MASK and other DR-validation macros and functions to protect against DR-vulnerabilites as well as to properly account for each active hardware breakpoint in a per-thread fashion by using the dispatcher header. - Allow CR0_EM when running in a VDM. - Fix FPU/NPX Register handling in KeContextToTrapFrame and KeTrapFrameToContext, and also speed it up by manual copying instead of a memory move. - Properly give IOPL 3 to user-mode threads if they requested it. - Detect GPF during GPF. - Detect pagefault with a trap-frame spread over two or more pages and nested. - Properly sanitize and set correct trap frame in KiInitailizeUserApc. - Return STATUS_ACCESS_VIOLATION during page faults instead of STATUS_UNSUCESSFUL. - Fix assert in VdmSwapContext, as well as Code Selector check which was broken. - Fix delayed object deletion (ObDeferDeleteObject) and the Ob Repear Routine and list. - Update Kernel Fun. - BUGBUG: Temporaily hack VMWare to detection to always detect VMWare. svn path=/trunk/; revision=25238
2006-12-29 18:49:00 +00:00
Second part of patch, implements the new RTL functions which will be used (not used by kernel yet). - RtlCreateUserProcess: * Created RtlpInitEnvironment to manage Environment Block creation. Rougly based on old KlInitPeb code but with some optimizations. * Don't ignore Process Security Descriptor if one was specified. * Don't ignore ZeroBits, get correct entrypoint, and don't assume PEB address. * Don't close handle of section before closing process handle on failure. * Support new undocumented flag which pre-allocates 1MB of memory for Native Processes * FIXME: Hande duplication should be done, but wasn't and still isn't. - RtlpCreateUserStack: * New function to create a stack for a Thread, similar to BasepCreateStack but has some differences related to StackCommit/StackReserve. * Also create Guard Page - RtlpFreeUserStack: * Undoes what the function above does, in case of failure in code using it. - RtlCreateUserThread: * Use the new functions instead of rosrtl. - RtlInitializeContext: * New function similar to BasepInitializeContext but; > Uses a single entrypoint, not many possible thunks like Kernel32 (no need) > The starting EFLAGS is Interrupts Enabled, not IOPL 3. > We don't initialize the same Context Flags > The initial context registers are different - RtlFreeUserThreadStack * Don't assume the TEB address - RtlExitUserThread * Remove deprecated stack-switching semantics and use new TEB flag to tell the Kernel to deallocate the stack for us. svn path=/trunk/; revision=16542
2005-07-12 04:41:41 +00:00
/* Now set the current Stack Limit */
InitialTeb->StackLimit = (PVOID)Stack;
- Fix critical bugs in exception handling: Unwinding was completely broken, using the wrong SEH protector to detect collided unwinding. The correct protector itself also had a broken check. - Fix architectural bug in the entire TrapFrame<->Context conversion system and Ring Privilege Transitions (Inter-ring and intra-ring) which was lacking proper sanitation and validation of segments, flags and debug registers. Among other things, IOPL is now respected, CS is not KGDT_R0_CODE | RPL_MASK anymore, and the GPF code is now properly being called. This completely fixes exception handling being totally broken and crashing firefox installer, mirc, and other applications. - Rewrite the page fault handler base code in assembly instead of relying on a broken C routine. Detect VDM, V8086, detecting expected/normal fault in ExpInterlockedPopEntrySList and faults in the system handler code. Rewrite MmAccessFault to be the main function that calls out to other sub-fault functions, and use the same prototype as NT. - Fix the KGDT boot table to have proper granularity and big flags, and extend it to 256 entries. - Create proper thread context in RtlInitializeContext and cleanup Rtl Thread routines. - Remove all int3 and breakpoints from trap handlers, and replace them with a much better "UNHANDLED_PATH" macro which freezes the system, beeps, and displays a message with the line of code that's unhandled. This is to clearly tell the user that something is unhandled, instead of nesting infinite exceptions due to the int3. - Fix a bug in INT_PROLOG. - Sanitize EFLAGS and Code Segments in KeContextToTrapFrame and KeTrapFrameToContext. - Implement KiUpdateDr7 and KiRecordDr7 as well as DR_MASK and other DR-validation macros and functions to protect against DR-vulnerabilites as well as to properly account for each active hardware breakpoint in a per-thread fashion by using the dispatcher header. - Allow CR0_EM when running in a VDM. - Fix FPU/NPX Register handling in KeContextToTrapFrame and KeTrapFrameToContext, and also speed it up by manual copying instead of a memory move. - Properly give IOPL 3 to user-mode threads if they requested it. - Detect GPF during GPF. - Detect pagefault with a trap-frame spread over two or more pages and nested. - Properly sanitize and set correct trap frame in KiInitailizeUserApc. - Return STATUS_ACCESS_VIOLATION during page faults instead of STATUS_UNSUCESSFUL. - Fix assert in VdmSwapContext, as well as Code Selector check which was broken. - Fix delayed object deletion (ObDeferDeleteObject) and the Ob Repear Routine and list. - Update Kernel Fun. - BUGBUG: Temporaily hack VMWare to detection to always detect VMWare. svn path=/trunk/; revision=25238
2006-12-29 18:49:00 +00:00
[KERNEL32][RTL] Diverse fixes/improvements for thread stack creation code. (#802) - kernel32!BaseCreateStack() is compatible with ntdll!RtlpCreateUserStack(). - When checking whether a stack guard page can be added, its size has to be accounted for in the checking logic. - We have to satisfy the PEB::MinimumStackCommit constraint. - We cannot use PEB::GuaranteedStackBytes in BaseCreateStack() since it is nowhere initialized (default is 0). It gets initialized to a non-zero value when the user manually calls SetThreadStackGuarantee(). https://www.installsetupconfig.com/win32programming/windowsthreadsprocessapis7_6.html - RtlpCreateUserStack(): Fix memory leak in failure case. - RtlpFreeUserStack() doesn't need to return anything. See also commit 1bc59379 (r59868). CORE-11319
2016-05-26 02:44:25 +00:00
/* Create a guard page if needed */
Second part of patch, implements the new RTL functions which will be used (not used by kernel yet). - RtlCreateUserProcess: * Created RtlpInitEnvironment to manage Environment Block creation. Rougly based on old KlInitPeb code but with some optimizations. * Don't ignore Process Security Descriptor if one was specified. * Don't ignore ZeroBits, get correct entrypoint, and don't assume PEB address. * Don't close handle of section before closing process handle on failure. * Support new undocumented flag which pre-allocates 1MB of memory for Native Processes * FIXME: Hande duplication should be done, but wasn't and still isn't. - RtlpCreateUserStack: * New function to create a stack for a Thread, similar to BasepCreateStack but has some differences related to StackCommit/StackReserve. * Also create Guard Page - RtlpFreeUserStack: * Undoes what the function above does, in case of failure in code using it. - RtlCreateUserThread: * Use the new functions instead of rosrtl. - RtlInitializeContext: * New function similar to BasepInitializeContext but; > Uses a single entrypoint, not many possible thunks like Kernel32 (no need) > The starting EFLAGS is Interrupts Enabled, not IOPL 3. > We don't initialize the same Context Flags > The initial context registers are different - RtlFreeUserThreadStack * Don't assume the TEB address - RtlExitUserThread * Remove deprecated stack-switching semantics and use new TEB flag to tell the Kernel to deallocate the stack for us. svn path=/trunk/; revision=16542
2005-07-12 04:41:41 +00:00
if (UseGuard)
{
- Fix critical bugs in exception handling: Unwinding was completely broken, using the wrong SEH protector to detect collided unwinding. The correct protector itself also had a broken check. - Fix architectural bug in the entire TrapFrame<->Context conversion system and Ring Privilege Transitions (Inter-ring and intra-ring) which was lacking proper sanitation and validation of segments, flags and debug registers. Among other things, IOPL is now respected, CS is not KGDT_R0_CODE | RPL_MASK anymore, and the GPF code is now properly being called. This completely fixes exception handling being totally broken and crashing firefox installer, mirc, and other applications. - Rewrite the page fault handler base code in assembly instead of relying on a broken C routine. Detect VDM, V8086, detecting expected/normal fault in ExpInterlockedPopEntrySList and faults in the system handler code. Rewrite MmAccessFault to be the main function that calls out to other sub-fault functions, and use the same prototype as NT. - Fix the KGDT boot table to have proper granularity and big flags, and extend it to 256 entries. - Create proper thread context in RtlInitializeContext and cleanup Rtl Thread routines. - Remove all int3 and breakpoints from trap handlers, and replace them with a much better "UNHANDLED_PATH" macro which freezes the system, beeps, and displays a message with the line of code that's unhandled. This is to clearly tell the user that something is unhandled, instead of nesting infinite exceptions due to the int3. - Fix a bug in INT_PROLOG. - Sanitize EFLAGS and Code Segments in KeContextToTrapFrame and KeTrapFrameToContext. - Implement KiUpdateDr7 and KiRecordDr7 as well as DR_MASK and other DR-validation macros and functions to protect against DR-vulnerabilites as well as to properly account for each active hardware breakpoint in a per-thread fashion by using the dispatcher header. - Allow CR0_EM when running in a VDM. - Fix FPU/NPX Register handling in KeContextToTrapFrame and KeTrapFrameToContext, and also speed it up by manual copying instead of a memory move. - Properly give IOPL 3 to user-mode threads if they requested it. - Detect GPF during GPF. - Detect pagefault with a trap-frame spread over two or more pages and nested. - Properly sanitize and set correct trap frame in KiInitailizeUserApc. - Return STATUS_ACCESS_VIOLATION during page faults instead of STATUS_UNSUCESSFUL. - Fix assert in VdmSwapContext, as well as Code Selector check which was broken. - Fix delayed object deletion (ObDeferDeleteObject) and the Ob Repear Routine and list. - Update Kernel Fun. - BUGBUG: Temporaily hack VMWare to detection to always detect VMWare. svn path=/trunk/; revision=25238
2006-12-29 18:49:00 +00:00
GuardPageSize = SystemBasicInfo.PageSize;
[KERNEL32][RTL] Diverse fixes/improvements for thread stack creation code. (#802) - kernel32!BaseCreateStack() is compatible with ntdll!RtlpCreateUserStack(). - When checking whether a stack guard page can be added, its size has to be accounted for in the checking logic. - We have to satisfy the PEB::MinimumStackCommit constraint. - We cannot use PEB::GuaranteedStackBytes in BaseCreateStack() since it is nowhere initialized (default is 0). It gets initialized to a non-zero value when the user manually calls SetThreadStackGuarantee(). https://www.installsetupconfig.com/win32programming/windowsthreadsprocessapis7_6.html - RtlpCreateUserStack(): Fix memory leak in failure case. - RtlpFreeUserStack() doesn't need to return anything. See also commit 1bc59379 (r59868). CORE-11319
2016-05-26 02:44:25 +00:00
Status = ZwProtectVirtualMemory(ProcessHandle,
Second part of patch, implements the new RTL functions which will be used (not used by kernel yet). - RtlCreateUserProcess: * Created RtlpInitEnvironment to manage Environment Block creation. Rougly based on old KlInitPeb code but with some optimizations. * Don't ignore Process Security Descriptor if one was specified. * Don't ignore ZeroBits, get correct entrypoint, and don't assume PEB address. * Don't close handle of section before closing process handle on failure. * Support new undocumented flag which pre-allocates 1MB of memory for Native Processes * FIXME: Hande duplication should be done, but wasn't and still isn't. - RtlpCreateUserStack: * New function to create a stack for a Thread, similar to BasepCreateStack but has some differences related to StackCommit/StackReserve. * Also create Guard Page - RtlpFreeUserStack: * Undoes what the function above does, in case of failure in code using it. - RtlCreateUserThread: * Use the new functions instead of rosrtl. - RtlInitializeContext: * New function similar to BasepInitializeContext but; > Uses a single entrypoint, not many possible thunks like Kernel32 (no need) > The starting EFLAGS is Interrupts Enabled, not IOPL 3. > We don't initialize the same Context Flags > The initial context registers are different - RtlFreeUserThreadStack * Don't assume the TEB address - RtlExitUserThread * Remove deprecated stack-switching semantics and use new TEB flag to tell the Kernel to deallocate the stack for us. svn path=/trunk/; revision=16542
2005-07-12 04:41:41 +00:00
(PVOID*)&Stack,
&GuardPageSize,
PAGE_GUARD | PAGE_READWRITE,
&Dummy);
- Fix critical bugs in exception handling: Unwinding was completely broken, using the wrong SEH protector to detect collided unwinding. The correct protector itself also had a broken check. - Fix architectural bug in the entire TrapFrame<->Context conversion system and Ring Privilege Transitions (Inter-ring and intra-ring) which was lacking proper sanitation and validation of segments, flags and debug registers. Among other things, IOPL is now respected, CS is not KGDT_R0_CODE | RPL_MASK anymore, and the GPF code is now properly being called. This completely fixes exception handling being totally broken and crashing firefox installer, mirc, and other applications. - Rewrite the page fault handler base code in assembly instead of relying on a broken C routine. Detect VDM, V8086, detecting expected/normal fault in ExpInterlockedPopEntrySList and faults in the system handler code. Rewrite MmAccessFault to be the main function that calls out to other sub-fault functions, and use the same prototype as NT. - Fix the KGDT boot table to have proper granularity and big flags, and extend it to 256 entries. - Create proper thread context in RtlInitializeContext and cleanup Rtl Thread routines. - Remove all int3 and breakpoints from trap handlers, and replace them with a much better "UNHANDLED_PATH" macro which freezes the system, beeps, and displays a message with the line of code that's unhandled. This is to clearly tell the user that something is unhandled, instead of nesting infinite exceptions due to the int3. - Fix a bug in INT_PROLOG. - Sanitize EFLAGS and Code Segments in KeContextToTrapFrame and KeTrapFrameToContext. - Implement KiUpdateDr7 and KiRecordDr7 as well as DR_MASK and other DR-validation macros and functions to protect against DR-vulnerabilites as well as to properly account for each active hardware breakpoint in a per-thread fashion by using the dispatcher header. - Allow CR0_EM when running in a VDM. - Fix FPU/NPX Register handling in KeContextToTrapFrame and KeTrapFrameToContext, and also speed it up by manual copying instead of a memory move. - Properly give IOPL 3 to user-mode threads if they requested it. - Detect GPF during GPF. - Detect pagefault with a trap-frame spread over two or more pages and nested. - Properly sanitize and set correct trap frame in KiInitailizeUserApc. - Return STATUS_ACCESS_VIOLATION during page faults instead of STATUS_UNSUCESSFUL. - Fix assert in VdmSwapContext, as well as Code Selector check which was broken. - Fix delayed object deletion (ObDeferDeleteObject) and the Ob Repear Routine and list. - Update Kernel Fun. - BUGBUG: Temporaily hack VMWare to detection to always detect VMWare. svn path=/trunk/; revision=25238
2006-12-29 18:49:00 +00:00
if (!NT_SUCCESS(Status)) return Status;
Second part of patch, implements the new RTL functions which will be used (not used by kernel yet). - RtlCreateUserProcess: * Created RtlpInitEnvironment to manage Environment Block creation. Rougly based on old KlInitPeb code but with some optimizations. * Don't ignore Process Security Descriptor if one was specified. * Don't ignore ZeroBits, get correct entrypoint, and don't assume PEB address. * Don't close handle of section before closing process handle on failure. * Support new undocumented flag which pre-allocates 1MB of memory for Native Processes * FIXME: Hande duplication should be done, but wasn't and still isn't. - RtlpCreateUserStack: * New function to create a stack for a Thread, similar to BasepCreateStack but has some differences related to StackCommit/StackReserve. * Also create Guard Page - RtlpFreeUserStack: * Undoes what the function above does, in case of failure in code using it. - RtlCreateUserThread: * Use the new functions instead of rosrtl. - RtlInitializeContext: * New function similar to BasepInitializeContext but; > Uses a single entrypoint, not many possible thunks like Kernel32 (no need) > The starting EFLAGS is Interrupts Enabled, not IOPL 3. > We don't initialize the same Context Flags > The initial context registers are different - RtlFreeUserThreadStack * Don't assume the TEB address - RtlExitUserThread * Remove deprecated stack-switching semantics and use new TEB flag to tell the Kernel to deallocate the stack for us. svn path=/trunk/; revision=16542
2005-07-12 04:41:41 +00:00
/* Update the Stack Limit keeping in mind the Guard Page */
CORE-6639 #resolve #time 1d #comment Guard pages now work ;-) [NDK]: Fix definition of a global flag. [RTL]: RtlpCreateUserStack: 1) If the image is invalid, bail out. 2) If the stack commit is higher than reserve, adjust reserve. 3) After allocating a guard page, the stack limit is now ABOVE the guard page, not BELOW it (stack grows backward!). [RTL]: Remove the hack which always Commited the "StackReserve" value. Threads now have a 4-64KB stack, instead of a 1MB stack. [NTOSKRNL]: Implement MiAccessCheck and MiCheckForUserStackOverflow, which handle guard page + stack expansion. [USER32]: Because threads now correctly run with a smaller stack than usual (and expand as needed), remove some checks in user-mode callbacks which forced larger stacks. svn path=/trunk/; revision=59868
2013-08-29 07:33:10 +00:00
InitialTeb->StackLimit = (PVOID)((ULONG_PTR)InitialTeb->StackLimit +
Second part of patch, implements the new RTL functions which will be used (not used by kernel yet). - RtlCreateUserProcess: * Created RtlpInitEnvironment to manage Environment Block creation. Rougly based on old KlInitPeb code but with some optimizations. * Don't ignore Process Security Descriptor if one was specified. * Don't ignore ZeroBits, get correct entrypoint, and don't assume PEB address. * Don't close handle of section before closing process handle on failure. * Support new undocumented flag which pre-allocates 1MB of memory for Native Processes * FIXME: Hande duplication should be done, but wasn't and still isn't. - RtlpCreateUserStack: * New function to create a stack for a Thread, similar to BasepCreateStack but has some differences related to StackCommit/StackReserve. * Also create Guard Page - RtlpFreeUserStack: * Undoes what the function above does, in case of failure in code using it. - RtlCreateUserThread: * Use the new functions instead of rosrtl. - RtlInitializeContext: * New function similar to BasepInitializeContext but; > Uses a single entrypoint, not many possible thunks like Kernel32 (no need) > The starting EFLAGS is Interrupts Enabled, not IOPL 3. > We don't initialize the same Context Flags > The initial context registers are different - RtlFreeUserThreadStack * Don't assume the TEB address - RtlExitUserThread * Remove deprecated stack-switching semantics and use new TEB flag to tell the Kernel to deallocate the stack for us. svn path=/trunk/; revision=16542
2005-07-12 04:41:41 +00:00
GuardPageSize);
}
- Fix critical bugs in exception handling: Unwinding was completely broken, using the wrong SEH protector to detect collided unwinding. The correct protector itself also had a broken check. - Fix architectural bug in the entire TrapFrame<->Context conversion system and Ring Privilege Transitions (Inter-ring and intra-ring) which was lacking proper sanitation and validation of segments, flags and debug registers. Among other things, IOPL is now respected, CS is not KGDT_R0_CODE | RPL_MASK anymore, and the GPF code is now properly being called. This completely fixes exception handling being totally broken and crashing firefox installer, mirc, and other applications. - Rewrite the page fault handler base code in assembly instead of relying on a broken C routine. Detect VDM, V8086, detecting expected/normal fault in ExpInterlockedPopEntrySList and faults in the system handler code. Rewrite MmAccessFault to be the main function that calls out to other sub-fault functions, and use the same prototype as NT. - Fix the KGDT boot table to have proper granularity and big flags, and extend it to 256 entries. - Create proper thread context in RtlInitializeContext and cleanup Rtl Thread routines. - Remove all int3 and breakpoints from trap handlers, and replace them with a much better "UNHANDLED_PATH" macro which freezes the system, beeps, and displays a message with the line of code that's unhandled. This is to clearly tell the user that something is unhandled, instead of nesting infinite exceptions due to the int3. - Fix a bug in INT_PROLOG. - Sanitize EFLAGS and Code Segments in KeContextToTrapFrame and KeTrapFrameToContext. - Implement KiUpdateDr7 and KiRecordDr7 as well as DR_MASK and other DR-validation macros and functions to protect against DR-vulnerabilites as well as to properly account for each active hardware breakpoint in a per-thread fashion by using the dispatcher header. - Allow CR0_EM when running in a VDM. - Fix FPU/NPX Register handling in KeContextToTrapFrame and KeTrapFrameToContext, and also speed it up by manual copying instead of a memory move. - Properly give IOPL 3 to user-mode threads if they requested it. - Detect GPF during GPF. - Detect pagefault with a trap-frame spread over two or more pages and nested. - Properly sanitize and set correct trap frame in KiInitailizeUserApc. - Return STATUS_ACCESS_VIOLATION during page faults instead of STATUS_UNSUCESSFUL. - Fix assert in VdmSwapContext, as well as Code Selector check which was broken. - Fix delayed object deletion (ObDeferDeleteObject) and the Ob Repear Routine and list. - Update Kernel Fun. - BUGBUG: Temporaily hack VMWare to detection to always detect VMWare. svn path=/trunk/; revision=25238
2006-12-29 18:49:00 +00:00
Second part of patch, implements the new RTL functions which will be used (not used by kernel yet). - RtlCreateUserProcess: * Created RtlpInitEnvironment to manage Environment Block creation. Rougly based on old KlInitPeb code but with some optimizations. * Don't ignore Process Security Descriptor if one was specified. * Don't ignore ZeroBits, get correct entrypoint, and don't assume PEB address. * Don't close handle of section before closing process handle on failure. * Support new undocumented flag which pre-allocates 1MB of memory for Native Processes * FIXME: Hande duplication should be done, but wasn't and still isn't. - RtlpCreateUserStack: * New function to create a stack for a Thread, similar to BasepCreateStack but has some differences related to StackCommit/StackReserve. * Also create Guard Page - RtlpFreeUserStack: * Undoes what the function above does, in case of failure in code using it. - RtlCreateUserThread: * Use the new functions instead of rosrtl. - RtlInitializeContext: * New function similar to BasepInitializeContext but; > Uses a single entrypoint, not many possible thunks like Kernel32 (no need) > The starting EFLAGS is Interrupts Enabled, not IOPL 3. > We don't initialize the same Context Flags > The initial context registers are different - RtlFreeUserThreadStack * Don't assume the TEB address - RtlExitUserThread * Remove deprecated stack-switching semantics and use new TEB flag to tell the Kernel to deallocate the stack for us. svn path=/trunk/; revision=16542
2005-07-12 04:41:41 +00:00
/* We are done! */
- Fix critical bugs in exception handling: Unwinding was completely broken, using the wrong SEH protector to detect collided unwinding. The correct protector itself also had a broken check. - Fix architectural bug in the entire TrapFrame<->Context conversion system and Ring Privilege Transitions (Inter-ring and intra-ring) which was lacking proper sanitation and validation of segments, flags and debug registers. Among other things, IOPL is now respected, CS is not KGDT_R0_CODE | RPL_MASK anymore, and the GPF code is now properly being called. This completely fixes exception handling being totally broken and crashing firefox installer, mirc, and other applications. - Rewrite the page fault handler base code in assembly instead of relying on a broken C routine. Detect VDM, V8086, detecting expected/normal fault in ExpInterlockedPopEntrySList and faults in the system handler code. Rewrite MmAccessFault to be the main function that calls out to other sub-fault functions, and use the same prototype as NT. - Fix the KGDT boot table to have proper granularity and big flags, and extend it to 256 entries. - Create proper thread context in RtlInitializeContext and cleanup Rtl Thread routines. - Remove all int3 and breakpoints from trap handlers, and replace them with a much better "UNHANDLED_PATH" macro which freezes the system, beeps, and displays a message with the line of code that's unhandled. This is to clearly tell the user that something is unhandled, instead of nesting infinite exceptions due to the int3. - Fix a bug in INT_PROLOG. - Sanitize EFLAGS and Code Segments in KeContextToTrapFrame and KeTrapFrameToContext. - Implement KiUpdateDr7 and KiRecordDr7 as well as DR_MASK and other DR-validation macros and functions to protect against DR-vulnerabilites as well as to properly account for each active hardware breakpoint in a per-thread fashion by using the dispatcher header. - Allow CR0_EM when running in a VDM. - Fix FPU/NPX Register handling in KeContextToTrapFrame and KeTrapFrameToContext, and also speed it up by manual copying instead of a memory move. - Properly give IOPL 3 to user-mode threads if they requested it. - Detect GPF during GPF. - Detect pagefault with a trap-frame spread over two or more pages and nested. - Properly sanitize and set correct trap frame in KiInitailizeUserApc. - Return STATUS_ACCESS_VIOLATION during page faults instead of STATUS_UNSUCESSFUL. - Fix assert in VdmSwapContext, as well as Code Selector check which was broken. - Fix delayed object deletion (ObDeferDeleteObject) and the Ob Repear Routine and list. - Update Kernel Fun. - BUGBUG: Temporaily hack VMWare to detection to always detect VMWare. svn path=/trunk/; revision=25238
2006-12-29 18:49:00 +00:00
return STATUS_SUCCESS;
Second part of patch, implements the new RTL functions which will be used (not used by kernel yet). - RtlCreateUserProcess: * Created RtlpInitEnvironment to manage Environment Block creation. Rougly based on old KlInitPeb code but with some optimizations. * Don't ignore Process Security Descriptor if one was specified. * Don't ignore ZeroBits, get correct entrypoint, and don't assume PEB address. * Don't close handle of section before closing process handle on failure. * Support new undocumented flag which pre-allocates 1MB of memory for Native Processes * FIXME: Hande duplication should be done, but wasn't and still isn't. - RtlpCreateUserStack: * New function to create a stack for a Thread, similar to BasepCreateStack but has some differences related to StackCommit/StackReserve. * Also create Guard Page - RtlpFreeUserStack: * Undoes what the function above does, in case of failure in code using it. - RtlCreateUserThread: * Use the new functions instead of rosrtl. - RtlInitializeContext: * New function similar to BasepInitializeContext but; > Uses a single entrypoint, not many possible thunks like Kernel32 (no need) > The starting EFLAGS is Interrupts Enabled, not IOPL 3. > We don't initialize the same Context Flags > The initial context registers are different - RtlFreeUserThreadStack * Don't assume the TEB address - RtlExitUserThread * Remove deprecated stack-switching semantics and use new TEB flag to tell the Kernel to deallocate the stack for us. svn path=/trunk/; revision=16542
2005-07-12 04:41:41 +00:00
}
strip whitespace from end of lines svn path=/trunk/; revision=15165
2005-05-09 01:41:02 +00:00
[KERNEL32][RTL] Diverse fixes/improvements for thread stack creation code. (#802) - kernel32!BaseCreateStack() is compatible with ntdll!RtlpCreateUserStack(). - When checking whether a stack guard page can be added, its size has to be accounted for in the checking logic. - We have to satisfy the PEB::MinimumStackCommit constraint. - We cannot use PEB::GuaranteedStackBytes in BaseCreateStack() since it is nowhere initialized (default is 0). It gets initialized to a non-zero value when the user manually calls SetThreadStackGuarantee(). https://www.installsetupconfig.com/win32programming/windowsthreadsprocessapis7_6.html - RtlpCreateUserStack(): Fix memory leak in failure case. - RtlpFreeUserStack() doesn't need to return anything. See also commit 1bc59379 (r59868). CORE-11319
2016-05-26 02:44:25 +00:00
VOID
- NDK fix: don't undef a million status codes, instead, have apps define WIN32_NO_STATUS. - winnt.h: respect WIN32_NO_STATUS for DBG codes. - rtl: change STDCALL to NTAPI - everything else: add precompiled headers where missing, define WIN32_NO_STATUS. svn path=/trunk/; revision=18598
2005-10-19 17:03:38 +00:00
NTAPI
[KERNEL32][RTL] Diverse fixes/improvements for thread stack creation code. (#802) - kernel32!BaseCreateStack() is compatible with ntdll!RtlpCreateUserStack(). - When checking whether a stack guard page can be added, its size has to be accounted for in the checking logic. - We have to satisfy the PEB::MinimumStackCommit constraint. - We cannot use PEB::GuaranteedStackBytes in BaseCreateStack() since it is nowhere initialized (default is 0). It gets initialized to a non-zero value when the user manually calls SetThreadStackGuarantee(). https://www.installsetupconfig.com/win32programming/windowsthreadsprocessapis7_6.html - RtlpCreateUserStack(): Fix memory leak in failure case. - RtlpFreeUserStack() doesn't need to return anything. See also commit 1bc59379 (r59868). CORE-11319
2016-05-26 02:44:25 +00:00
RtlpFreeUserStack(IN HANDLE ProcessHandle,
- Fix critical bugs in exception handling: Unwinding was completely broken, using the wrong SEH protector to detect collided unwinding. The correct protector itself also had a broken check. - Fix architectural bug in the entire TrapFrame<->Context conversion system and Ring Privilege Transitions (Inter-ring and intra-ring) which was lacking proper sanitation and validation of segments, flags and debug registers. Among other things, IOPL is now respected, CS is not KGDT_R0_CODE | RPL_MASK anymore, and the GPF code is now properly being called. This completely fixes exception handling being totally broken and crashing firefox installer, mirc, and other applications. - Rewrite the page fault handler base code in assembly instead of relying on a broken C routine. Detect VDM, V8086, detecting expected/normal fault in ExpInterlockedPopEntrySList and faults in the system handler code. Rewrite MmAccessFault to be the main function that calls out to other sub-fault functions, and use the same prototype as NT. - Fix the KGDT boot table to have proper granularity and big flags, and extend it to 256 entries. - Create proper thread context in RtlInitializeContext and cleanup Rtl Thread routines. - Remove all int3 and breakpoints from trap handlers, and replace them with a much better "UNHANDLED_PATH" macro which freezes the system, beeps, and displays a message with the line of code that's unhandled. This is to clearly tell the user that something is unhandled, instead of nesting infinite exceptions due to the int3. - Fix a bug in INT_PROLOG. - Sanitize EFLAGS and Code Segments in KeContextToTrapFrame and KeTrapFrameToContext. - Implement KiUpdateDr7 and KiRecordDr7 as well as DR_MASK and other DR-validation macros and functions to protect against DR-vulnerabilites as well as to properly account for each active hardware breakpoint in a per-thread fashion by using the dispatcher header. - Allow CR0_EM when running in a VDM. - Fix FPU/NPX Register handling in KeContextToTrapFrame and KeTrapFrameToContext, and also speed it up by manual copying instead of a memory move. - Properly give IOPL 3 to user-mode threads if they requested it. - Detect GPF during GPF. - Detect pagefault with a trap-frame spread over two or more pages and nested. - Properly sanitize and set correct trap frame in KiInitailizeUserApc. - Return STATUS_ACCESS_VIOLATION during page faults instead of STATUS_UNSUCESSFUL. - Fix assert in VdmSwapContext, as well as Code Selector check which was broken. - Fix delayed object deletion (ObDeferDeleteObject) and the Ob Repear Routine and list. - Update Kernel Fun. - BUGBUG: Temporaily hack VMWare to detection to always detect VMWare. svn path=/trunk/; revision=25238
2006-12-29 18:49:00 +00:00
IN PINITIAL_TEB InitialTeb)
Second part of patch, implements the new RTL functions which will be used (not used by kernel yet). - RtlCreateUserProcess: * Created RtlpInitEnvironment to manage Environment Block creation. Rougly based on old KlInitPeb code but with some optimizations. * Don't ignore Process Security Descriptor if one was specified. * Don't ignore ZeroBits, get correct entrypoint, and don't assume PEB address. * Don't close handle of section before closing process handle on failure. * Support new undocumented flag which pre-allocates 1MB of memory for Native Processes * FIXME: Hande duplication should be done, but wasn't and still isn't. - RtlpCreateUserStack: * New function to create a stack for a Thread, similar to BasepCreateStack but has some differences related to StackCommit/StackReserve. * Also create Guard Page - RtlpFreeUserStack: * Undoes what the function above does, in case of failure in code using it. - RtlCreateUserThread: * Use the new functions instead of rosrtl. - RtlInitializeContext: * New function similar to BasepInitializeContext but; > Uses a single entrypoint, not many possible thunks like Kernel32 (no need) > The starting EFLAGS is Interrupts Enabled, not IOPL 3. > We don't initialize the same Context Flags > The initial context registers are different - RtlFreeUserThreadStack * Don't assume the TEB address - RtlExitUserThread * Remove deprecated stack-switching semantics and use new TEB flag to tell the Kernel to deallocate the stack for us. svn path=/trunk/; revision=16542
2005-07-12 04:41:41 +00:00
{
Some more function prototype fixes and pointer type warning fixes svn path=/trunk/; revision=27977
2007-07-28 21:30:16 +00:00
SIZE_T Dummy = 0;
- Fix critical bugs in exception handling: Unwinding was completely broken, using the wrong SEH protector to detect collided unwinding. The correct protector itself also had a broken check. - Fix architectural bug in the entire TrapFrame<->Context conversion system and Ring Privilege Transitions (Inter-ring and intra-ring) which was lacking proper sanitation and validation of segments, flags and debug registers. Among other things, IOPL is now respected, CS is not KGDT_R0_CODE | RPL_MASK anymore, and the GPF code is now properly being called. This completely fixes exception handling being totally broken and crashing firefox installer, mirc, and other applications. - Rewrite the page fault handler base code in assembly instead of relying on a broken C routine. Detect VDM, V8086, detecting expected/normal fault in ExpInterlockedPopEntrySList and faults in the system handler code. Rewrite MmAccessFault to be the main function that calls out to other sub-fault functions, and use the same prototype as NT. - Fix the KGDT boot table to have proper granularity and big flags, and extend it to 256 entries. - Create proper thread context in RtlInitializeContext and cleanup Rtl Thread routines. - Remove all int3 and breakpoints from trap handlers, and replace them with a much better "UNHANDLED_PATH" macro which freezes the system, beeps, and displays a message with the line of code that's unhandled. This is to clearly tell the user that something is unhandled, instead of nesting infinite exceptions due to the int3. - Fix a bug in INT_PROLOG. - Sanitize EFLAGS and Code Segments in KeContextToTrapFrame and KeTrapFrameToContext. - Implement KiUpdateDr7 and KiRecordDr7 as well as DR_MASK and other DR-validation macros and functions to protect against DR-vulnerabilites as well as to properly account for each active hardware breakpoint in a per-thread fashion by using the dispatcher header. - Allow CR0_EM when running in a VDM. - Fix FPU/NPX Register handling in KeContextToTrapFrame and KeTrapFrameToContext, and also speed it up by manual copying instead of a memory move. - Properly give IOPL 3 to user-mode threads if they requested it. - Detect GPF during GPF. - Detect pagefault with a trap-frame spread over two or more pages and nested. - Properly sanitize and set correct trap frame in KiInitailizeUserApc. - Return STATUS_ACCESS_VIOLATION during page faults instead of STATUS_UNSUCESSFUL. - Fix assert in VdmSwapContext, as well as Code Selector check which was broken. - Fix delayed object deletion (ObDeferDeleteObject) and the Ob Repear Routine and list. - Update Kernel Fun. - BUGBUG: Temporaily hack VMWare to detection to always detect VMWare. svn path=/trunk/; revision=25238
2006-12-29 18:49:00 +00:00
Second part of patch, implements the new RTL functions which will be used (not used by kernel yet). - RtlCreateUserProcess: * Created RtlpInitEnvironment to manage Environment Block creation. Rougly based on old KlInitPeb code but with some optimizations. * Don't ignore Process Security Descriptor if one was specified. * Don't ignore ZeroBits, get correct entrypoint, and don't assume PEB address. * Don't close handle of section before closing process handle on failure. * Support new undocumented flag which pre-allocates 1MB of memory for Native Processes * FIXME: Hande duplication should be done, but wasn't and still isn't. - RtlpCreateUserStack: * New function to create a stack for a Thread, similar to BasepCreateStack but has some differences related to StackCommit/StackReserve. * Also create Guard Page - RtlpFreeUserStack: * Undoes what the function above does, in case of failure in code using it. - RtlCreateUserThread: * Use the new functions instead of rosrtl. - RtlInitializeContext: * New function similar to BasepInitializeContext but; > Uses a single entrypoint, not many possible thunks like Kernel32 (no need) > The starting EFLAGS is Interrupts Enabled, not IOPL 3. > We don't initialize the same Context Flags > The initial context registers are different - RtlFreeUserThreadStack * Don't assume the TEB address - RtlExitUserThread * Remove deprecated stack-switching semantics and use new TEB flag to tell the Kernel to deallocate the stack for us. svn path=/trunk/; revision=16542
2005-07-12 04:41:41 +00:00
/* Free the Stack */
[KERNEL32][RTL] Diverse fixes/improvements for thread stack creation code. (#802) - kernel32!BaseCreateStack() is compatible with ntdll!RtlpCreateUserStack(). - When checking whether a stack guard page can be added, its size has to be accounted for in the checking logic. - We have to satisfy the PEB::MinimumStackCommit constraint. - We cannot use PEB::GuaranteedStackBytes in BaseCreateStack() since it is nowhere initialized (default is 0). It gets initialized to a non-zero value when the user manually calls SetThreadStackGuarantee(). https://www.installsetupconfig.com/win32programming/windowsthreadsprocessapis7_6.html - RtlpCreateUserStack(): Fix memory leak in failure case. - RtlpFreeUserStack() doesn't need to return anything. See also commit 1bc59379 (r59868). CORE-11319
2016-05-26 02:44:25 +00:00
ZwFreeVirtualMemory(ProcessHandle,
&InitialTeb->AllocatedStackBase,
&Dummy,
MEM_RELEASE);
- Fix critical bugs in exception handling: Unwinding was completely broken, using the wrong SEH protector to detect collided unwinding. The correct protector itself also had a broken check. - Fix architectural bug in the entire TrapFrame<->Context conversion system and Ring Privilege Transitions (Inter-ring and intra-ring) which was lacking proper sanitation and validation of segments, flags and debug registers. Among other things, IOPL is now respected, CS is not KGDT_R0_CODE | RPL_MASK anymore, and the GPF code is now properly being called. This completely fixes exception handling being totally broken and crashing firefox installer, mirc, and other applications. - Rewrite the page fault handler base code in assembly instead of relying on a broken C routine. Detect VDM, V8086, detecting expected/normal fault in ExpInterlockedPopEntrySList and faults in the system handler code. Rewrite MmAccessFault to be the main function that calls out to other sub-fault functions, and use the same prototype as NT. - Fix the KGDT boot table to have proper granularity and big flags, and extend it to 256 entries. - Create proper thread context in RtlInitializeContext and cleanup Rtl Thread routines. - Remove all int3 and breakpoints from trap handlers, and replace them with a much better "UNHANDLED_PATH" macro which freezes the system, beeps, and displays a message with the line of code that's unhandled. This is to clearly tell the user that something is unhandled, instead of nesting infinite exceptions due to the int3. - Fix a bug in INT_PROLOG. - Sanitize EFLAGS and Code Segments in KeContextToTrapFrame and KeTrapFrameToContext. - Implement KiUpdateDr7 and KiRecordDr7 as well as DR_MASK and other DR-validation macros and functions to protect against DR-vulnerabilites as well as to properly account for each active hardware breakpoint in a per-thread fashion by using the dispatcher header. - Allow CR0_EM when running in a VDM. - Fix FPU/NPX Register handling in KeContextToTrapFrame and KeTrapFrameToContext, and also speed it up by manual copying instead of a memory move. - Properly give IOPL 3 to user-mode threads if they requested it. - Detect GPF during GPF. - Detect pagefault with a trap-frame spread over two or more pages and nested. - Properly sanitize and set correct trap frame in KiInitailizeUserApc. - Return STATUS_ACCESS_VIOLATION during page faults instead of STATUS_UNSUCESSFUL. - Fix assert in VdmSwapContext, as well as Code Selector check which was broken. - Fix delayed object deletion (ObDeferDeleteObject) and the Ob Repear Routine and list. - Update Kernel Fun. - BUGBUG: Temporaily hack VMWare to detection to always detect VMWare. svn path=/trunk/; revision=25238
2006-12-29 18:49:00 +00:00
/* Clear the initial TEB */
[KERNEL32][RTL] Diverse fixes/improvements for thread stack creation code. (#802) - kernel32!BaseCreateStack() is compatible with ntdll!RtlpCreateUserStack(). - When checking whether a stack guard page can be added, its size has to be accounted for in the checking logic. - We have to satisfy the PEB::MinimumStackCommit constraint. - We cannot use PEB::GuaranteedStackBytes in BaseCreateStack() since it is nowhere initialized (default is 0). It gets initialized to a non-zero value when the user manually calls SetThreadStackGuarantee(). https://www.installsetupconfig.com/win32programming/windowsthreadsprocessapis7_6.html - RtlpCreateUserStack(): Fix memory leak in failure case. - RtlpFreeUserStack() doesn't need to return anything. See also commit 1bc59379 (r59868). CORE-11319
2016-05-26 02:44:25 +00:00
RtlZeroMemory(InitialTeb, sizeof(*InitialTeb));
My biggest commit so far (everything compiles and apparently runs fine): - replaced DWORD with ULONG in a couple of places - replaced some ULONGs with LONGs in the KD GDB stub - replaced INITIAL_TEB with USER_STACK, as per Nebbet's book, to support both fixed size and expandable stacks - added InterlockedExchangePointer - added the ASM_BREAKPOINT macro as the architecture-dependent assembler code to raise a breakpoint exception - corrected definitions of INT, LONG, DWORD, UINT, ULONG and ULONG32 - corrected IoSetCancelRoutine to use InterlockedExchangePointer - corrected definition of NtCurrentTeb and NtCurrentPeb - corrected DbgBreakPoint and DbgUserBreakPoint not to set up a stack frame (temporary fix with inline assembler - why doesn't GCC understand __declspec(naked)?) - corrected various calls to Interlocked* functions to cast OUT operands to LONG * - corrected various printf format strings - corrected DbgUiIssueRemoteBreakin to use the smallest possible stack (this is what started everything) - removed a DPRINT that accessed pageable memory at non-PASSIVE_LEVEL IRQL - beautified CreateProcessA (another temporary fix - all the new functions will be isolated in the upcoming stand-alone RTL) - prefixed LdrInitializeThunk with a nop that can be overwritten with a breakpoint for debugging purposes (temporary debugging aid until we have user-mode debugger support). Will add support for this to the breakin utility soon - thread creation code rewritten from scratch (some glitches documented inline, but works fine) - thread creation code now duplicated just twice, as opposed to five times (temporary fix - three new, non standard functions have been exported from NTDLL.DLL, will fix later) svn path=/trunk/; revision=4595
2003-04-26 23:13:33 +00:00
}
- Fix critical bugs in exception handling: Unwinding was completely broken, using the wrong SEH protector to detect collided unwinding. The correct protector itself also had a broken check. - Fix architectural bug in the entire TrapFrame<->Context conversion system and Ring Privilege Transitions (Inter-ring and intra-ring) which was lacking proper sanitation and validation of segments, flags and debug registers. Among other things, IOPL is now respected, CS is not KGDT_R0_CODE | RPL_MASK anymore, and the GPF code is now properly being called. This completely fixes exception handling being totally broken and crashing firefox installer, mirc, and other applications. - Rewrite the page fault handler base code in assembly instead of relying on a broken C routine. Detect VDM, V8086, detecting expected/normal fault in ExpInterlockedPopEntrySList and faults in the system handler code. Rewrite MmAccessFault to be the main function that calls out to other sub-fault functions, and use the same prototype as NT. - Fix the KGDT boot table to have proper granularity and big flags, and extend it to 256 entries. - Create proper thread context in RtlInitializeContext and cleanup Rtl Thread routines. - Remove all int3 and breakpoints from trap handlers, and replace them with a much better "UNHANDLED_PATH" macro which freezes the system, beeps, and displays a message with the line of code that's unhandled. This is to clearly tell the user that something is unhandled, instead of nesting infinite exceptions due to the int3. - Fix a bug in INT_PROLOG. - Sanitize EFLAGS and Code Segments in KeContextToTrapFrame and KeTrapFrameToContext. - Implement KiUpdateDr7 and KiRecordDr7 as well as DR_MASK and other DR-validation macros and functions to protect against DR-vulnerabilites as well as to properly account for each active hardware breakpoint in a per-thread fashion by using the dispatcher header. - Allow CR0_EM when running in a VDM. - Fix FPU/NPX Register handling in KeContextToTrapFrame and KeTrapFrameToContext, and also speed it up by manual copying instead of a memory move. - Properly give IOPL 3 to user-mode threads if they requested it. - Detect GPF during GPF. - Detect pagefault with a trap-frame spread over two or more pages and nested. - Properly sanitize and set correct trap frame in KiInitailizeUserApc. - Return STATUS_ACCESS_VIOLATION during page faults instead of STATUS_UNSUCESSFUL. - Fix assert in VdmSwapContext, as well as Code Selector check which was broken. - Fix delayed object deletion (ObDeferDeleteObject) and the Ob Repear Routine and list. - Update Kernel Fun. - BUGBUG: Temporaily hack VMWare to detection to always detect VMWare. svn path=/trunk/; revision=25238
2006-12-29 18:49:00 +00:00
Second part of patch, implements the new RTL functions which will be used (not used by kernel yet). - RtlCreateUserProcess: * Created RtlpInitEnvironment to manage Environment Block creation. Rougly based on old KlInitPeb code but with some optimizations. * Don't ignore Process Security Descriptor if one was specified. * Don't ignore ZeroBits, get correct entrypoint, and don't assume PEB address. * Don't close handle of section before closing process handle on failure. * Support new undocumented flag which pre-allocates 1MB of memory for Native Processes * FIXME: Hande duplication should be done, but wasn't and still isn't. - RtlpCreateUserStack: * New function to create a stack for a Thread, similar to BasepCreateStack but has some differences related to StackCommit/StackReserve. * Also create Guard Page - RtlpFreeUserStack: * Undoes what the function above does, in case of failure in code using it. - RtlCreateUserThread: * Use the new functions instead of rosrtl. - RtlInitializeContext: * New function similar to BasepInitializeContext but; > Uses a single entrypoint, not many possible thunks like Kernel32 (no need) > The starting EFLAGS is Interrupts Enabled, not IOPL 3. > We don't initialize the same Context Flags > The initial context registers are different - RtlFreeUserThreadStack * Don't assume the TEB address - RtlExitUserThread * Remove deprecated stack-switching semantics and use new TEB flag to tell the Kernel to deallocate the stack for us. svn path=/trunk/; revision=16542
2005-07-12 04:41:41 +00:00
/* FUNCTIONS ***************************************************************/
Implemented RtlCreateUserProcess() and RtlCreateUserThread(). svn path=/trunk/; revision=636
1999-09-04 18:38:29 +00:00
[RTL]: Document, define, implement, and export RtlSetThreadIsCritical. svn path=/trunk/; revision=55310
2012-01-30 01:14:33 +00:00
/*
* @implemented
*/
NTSTATUS
[RTL/NDK/NTDLL] - Fix calling convention of RtlSetProcessIsCritical and RtlSetThreadIsCritical (they are __cdecl!) [NDK] - Add missing extern "C" svn path=/trunk/; revision=61568
2014-01-07 20:23:44 +00:00
__cdecl
[RTL]: Document, define, implement, and export RtlSetThreadIsCritical. svn path=/trunk/; revision=55310
2012-01-30 01:14:33 +00:00
RtlSetThreadIsCritical(IN BOOLEAN NewValue,
OUT PBOOLEAN OldValue OPTIONAL,
IN BOOLEAN NeedBreaks)
{
ULONG BreakOnTermination;
/* Initialize to FALSE */
if (OldValue) *OldValue = FALSE;
/* Fail, if the critical breaks flag is required but is not set */
if ((NeedBreaks) &&
!(NtCurrentPeb()->NtGlobalFlag & FLG_ENABLE_SYSTEM_CRIT_BREAKS))
{
return STATUS_UNSUCCESSFUL;
}
/* Check if the caller wants the old value */
if (OldValue)
{
/* Query and return the old break on termination flag for the process */
ZwQueryInformationThread(NtCurrentThread(),
ThreadBreakOnTermination,
&BreakOnTermination,
sizeof(ULONG),
NULL);
*OldValue = (BOOLEAN)BreakOnTermination;
}
/* Set the break on termination flag for the process */
BreakOnTermination = NewValue;
return ZwSetInformationThread(NtCurrentThread(),
ThreadBreakOnTermination,
&BreakOnTermination,
sizeof(ULONG));
}
- include/rosrtl/thread.h, lib/rosrtl/makefile, lib/rosrtl/makefile.i386, lib/rosrtl/thread/stack.c, lib/rosrtl/thread/exit.c, lib/rosrtl/thread/i386/stackexit.c: three new RosRtl functions (RtlRosExitUserThread, RtlRosFreeUserThreadStack and RtlRosSwitchStackForExit) - lib/kernel32/makefile, lib/kernel32/thread/thread.c, lib/kernel32/thread/thread/i386/exit.S: kernel32.dll now uses them - lib/ntdll/dbg/debug.c, lib/ntdll/rtl/thread.c: ntdll.dll too - subsys/csrss/api/wapi.c: CSRSS too (should fix regression) svn path=/trunk/; revision=7323
2003-12-30 05:10:32 +00:00
/*
@implemented
*/
- Fix critical bugs in exception handling: Unwinding was completely broken, using the wrong SEH protector to detect collided unwinding. The correct protector itself also had a broken check. - Fix architectural bug in the entire TrapFrame<->Context conversion system and Ring Privilege Transitions (Inter-ring and intra-ring) which was lacking proper sanitation and validation of segments, flags and debug registers. Among other things, IOPL is now respected, CS is not KGDT_R0_CODE | RPL_MASK anymore, and the GPF code is now properly being called. This completely fixes exception handling being totally broken and crashing firefox installer, mirc, and other applications. - Rewrite the page fault handler base code in assembly instead of relying on a broken C routine. Detect VDM, V8086, detecting expected/normal fault in ExpInterlockedPopEntrySList and faults in the system handler code. Rewrite MmAccessFault to be the main function that calls out to other sub-fault functions, and use the same prototype as NT. - Fix the KGDT boot table to have proper granularity and big flags, and extend it to 256 entries. - Create proper thread context in RtlInitializeContext and cleanup Rtl Thread routines. - Remove all int3 and breakpoints from trap handlers, and replace them with a much better "UNHANDLED_PATH" macro which freezes the system, beeps, and displays a message with the line of code that's unhandled. This is to clearly tell the user that something is unhandled, instead of nesting infinite exceptions due to the int3. - Fix a bug in INT_PROLOG. - Sanitize EFLAGS and Code Segments in KeContextToTrapFrame and KeTrapFrameToContext. - Implement KiUpdateDr7 and KiRecordDr7 as well as DR_MASK and other DR-validation macros and functions to protect against DR-vulnerabilites as well as to properly account for each active hardware breakpoint in a per-thread fashion by using the dispatcher header. - Allow CR0_EM when running in a VDM. - Fix FPU/NPX Register handling in KeContextToTrapFrame and KeTrapFrameToContext, and also speed it up by manual copying instead of a memory move. - Properly give IOPL 3 to user-mode threads if they requested it. - Detect GPF during GPF. - Detect pagefault with a trap-frame spread over two or more pages and nested. - Properly sanitize and set correct trap frame in KiInitailizeUserApc. - Return STATUS_ACCESS_VIOLATION during page faults instead of STATUS_UNSUCESSFUL. - Fix assert in VdmSwapContext, as well as Code Selector check which was broken. - Fix delayed object deletion (ObDeferDeleteObject) and the Ob Repear Routine and list. - Update Kernel Fun. - BUGBUG: Temporaily hack VMWare to detection to always detect VMWare. svn path=/trunk/; revision=25238
2006-12-29 18:49:00 +00:00
NTSTATUS
NTAPI
RtlCreateUserThread(IN HANDLE ProcessHandle,
IN PSECURITY_DESCRIPTOR SecurityDescriptor OPTIONAL,
IN BOOLEAN CreateSuspended,
IN ULONG StackZeroBits OPTIONAL,
IN SIZE_T StackReserve OPTIONAL,
IN SIZE_T StackCommit OPTIONAL,
IN PTHREAD_START_ROUTINE StartAddress,
IN PVOID Parameter OPTIONAL,
OUT PHANDLE ThreadHandle OPTIONAL,
OUT PCLIENT_ID ClientId OPTIONAL)
My biggest commit so far (everything compiles and apparently runs fine): - replaced DWORD with ULONG in a couple of places - replaced some ULONGs with LONGs in the KD GDB stub - replaced INITIAL_TEB with USER_STACK, as per Nebbet's book, to support both fixed size and expandable stacks - added InterlockedExchangePointer - added the ASM_BREAKPOINT macro as the architecture-dependent assembler code to raise a breakpoint exception - corrected definitions of INT, LONG, DWORD, UINT, ULONG and ULONG32 - corrected IoSetCancelRoutine to use InterlockedExchangePointer - corrected definition of NtCurrentTeb and NtCurrentPeb - corrected DbgBreakPoint and DbgUserBreakPoint not to set up a stack frame (temporary fix with inline assembler - why doesn't GCC understand __declspec(naked)?) - corrected various calls to Interlocked* functions to cast OUT operands to LONG * - corrected various printf format strings - corrected DbgUiIssueRemoteBreakin to use the smallest possible stack (this is what started everything) - removed a DPRINT that accessed pageable memory at non-PASSIVE_LEVEL IRQL - beautified CreateProcessA (another temporary fix - all the new functions will be isolated in the upcoming stand-alone RTL) - prefixed LdrInitializeThunk with a nop that can be overwritten with a breakpoint for debugging purposes (temporary debugging aid until we have user-mode debugger support). Will add support for this to the breakin utility soon - thread creation code rewritten from scratch (some glitches documented inline, but works fine) - thread creation code now duplicated just twice, as opposed to five times (temporary fix - three new, non standard functions have been exported from NTDLL.DLL, will fix later) svn path=/trunk/; revision=4595
2003-04-26 23:13:33 +00:00
{
Second part of patch, implements the new RTL functions which will be used (not used by kernel yet). - RtlCreateUserProcess: * Created RtlpInitEnvironment to manage Environment Block creation. Rougly based on old KlInitPeb code but with some optimizations. * Don't ignore Process Security Descriptor if one was specified. * Don't ignore ZeroBits, get correct entrypoint, and don't assume PEB address. * Don't close handle of section before closing process handle on failure. * Support new undocumented flag which pre-allocates 1MB of memory for Native Processes * FIXME: Hande duplication should be done, but wasn't and still isn't. - RtlpCreateUserStack: * New function to create a stack for a Thread, similar to BasepCreateStack but has some differences related to StackCommit/StackReserve. * Also create Guard Page - RtlpFreeUserStack: * Undoes what the function above does, in case of failure in code using it. - RtlCreateUserThread: * Use the new functions instead of rosrtl. - RtlInitializeContext: * New function similar to BasepInitializeContext but; > Uses a single entrypoint, not many possible thunks like Kernel32 (no need) > The starting EFLAGS is Interrupts Enabled, not IOPL 3. > We don't initialize the same Context Flags > The initial context registers are different - RtlFreeUserThreadStack * Don't assume the TEB address - RtlExitUserThread * Remove deprecated stack-switching semantics and use new TEB flag to tell the Kernel to deallocate the stack for us. svn path=/trunk/; revision=16542
2005-07-12 04:41:41 +00:00
NTSTATUS Status;
HANDLE Handle;
CLIENT_ID ThreadCid;
INITIAL_TEB InitialTeb;
OBJECT_ATTRIBUTES ObjectAttributes;
CONTEXT Context;
- Fix critical bugs in exception handling: Unwinding was completely broken, using the wrong SEH protector to detect collided unwinding. The correct protector itself also had a broken check. - Fix architectural bug in the entire TrapFrame<->Context conversion system and Ring Privilege Transitions (Inter-ring and intra-ring) which was lacking proper sanitation and validation of segments, flags and debug registers. Among other things, IOPL is now respected, CS is not KGDT_R0_CODE | RPL_MASK anymore, and the GPF code is now properly being called. This completely fixes exception handling being totally broken and crashing firefox installer, mirc, and other applications. - Rewrite the page fault handler base code in assembly instead of relying on a broken C routine. Detect VDM, V8086, detecting expected/normal fault in ExpInterlockedPopEntrySList and faults in the system handler code. Rewrite MmAccessFault to be the main function that calls out to other sub-fault functions, and use the same prototype as NT. - Fix the KGDT boot table to have proper granularity and big flags, and extend it to 256 entries. - Create proper thread context in RtlInitializeContext and cleanup Rtl Thread routines. - Remove all int3 and breakpoints from trap handlers, and replace them with a much better "UNHANDLED_PATH" macro which freezes the system, beeps, and displays a message with the line of code that's unhandled. This is to clearly tell the user that something is unhandled, instead of nesting infinite exceptions due to the int3. - Fix a bug in INT_PROLOG. - Sanitize EFLAGS and Code Segments in KeContextToTrapFrame and KeTrapFrameToContext. - Implement KiUpdateDr7 and KiRecordDr7 as well as DR_MASK and other DR-validation macros and functions to protect against DR-vulnerabilites as well as to properly account for each active hardware breakpoint in a per-thread fashion by using the dispatcher header. - Allow CR0_EM when running in a VDM. - Fix FPU/NPX Register handling in KeContextToTrapFrame and KeTrapFrameToContext, and also speed it up by manual copying instead of a memory move. - Properly give IOPL 3 to user-mode threads if they requested it. - Detect GPF during GPF. - Detect pagefault with a trap-frame spread over two or more pages and nested. - Properly sanitize and set correct trap frame in KiInitailizeUserApc. - Return STATUS_ACCESS_VIOLATION during page faults instead of STATUS_UNSUCESSFUL. - Fix assert in VdmSwapContext, as well as Code Selector check which was broken. - Fix delayed object deletion (ObDeferDeleteObject) and the Ob Repear Routine and list. - Update Kernel Fun. - BUGBUG: Temporaily hack VMWare to detection to always detect VMWare. svn path=/trunk/; revision=25238
2006-12-29 18:49:00 +00:00
Second part of patch, implements the new RTL functions which will be used (not used by kernel yet). - RtlCreateUserProcess: * Created RtlpInitEnvironment to manage Environment Block creation. Rougly based on old KlInitPeb code but with some optimizations. * Don't ignore Process Security Descriptor if one was specified. * Don't ignore ZeroBits, get correct entrypoint, and don't assume PEB address. * Don't close handle of section before closing process handle on failure. * Support new undocumented flag which pre-allocates 1MB of memory for Native Processes * FIXME: Hande duplication should be done, but wasn't and still isn't. - RtlpCreateUserStack: * New function to create a stack for a Thread, similar to BasepCreateStack but has some differences related to StackCommit/StackReserve. * Also create Guard Page - RtlpFreeUserStack: * Undoes what the function above does, in case of failure in code using it. - RtlCreateUserThread: * Use the new functions instead of rosrtl. - RtlInitializeContext: * New function similar to BasepInitializeContext but; > Uses a single entrypoint, not many possible thunks like Kernel32 (no need) > The starting EFLAGS is Interrupts Enabled, not IOPL 3. > We don't initialize the same Context Flags > The initial context registers are different - RtlFreeUserThreadStack * Don't assume the TEB address - RtlExitUserThread * Remove deprecated stack-switching semantics and use new TEB flag to tell the Kernel to deallocate the stack for us. svn path=/trunk/; revision=16542
2005-07-12 04:41:41 +00:00
/* First, we'll create the Stack */
Status = RtlpCreateUserStack(ProcessHandle,
StackReserve,
StackCommit,
StackZeroBits,
&InitialTeb);
- Fix critical bugs in exception handling: Unwinding was completely broken, using the wrong SEH protector to detect collided unwinding. The correct protector itself also had a broken check. - Fix architectural bug in the entire TrapFrame<->Context conversion system and Ring Privilege Transitions (Inter-ring and intra-ring) which was lacking proper sanitation and validation of segments, flags and debug registers. Among other things, IOPL is now respected, CS is not KGDT_R0_CODE | RPL_MASK anymore, and the GPF code is now properly being called. This completely fixes exception handling being totally broken and crashing firefox installer, mirc, and other applications. - Rewrite the page fault handler base code in assembly instead of relying on a broken C routine. Detect VDM, V8086, detecting expected/normal fault in ExpInterlockedPopEntrySList and faults in the system handler code. Rewrite MmAccessFault to be the main function that calls out to other sub-fault functions, and use the same prototype as NT. - Fix the KGDT boot table to have proper granularity and big flags, and extend it to 256 entries. - Create proper thread context in RtlInitializeContext and cleanup Rtl Thread routines. - Remove all int3 and breakpoints from trap handlers, and replace them with a much better "UNHANDLED_PATH" macro which freezes the system, beeps, and displays a message with the line of code that's unhandled. This is to clearly tell the user that something is unhandled, instead of nesting infinite exceptions due to the int3. - Fix a bug in INT_PROLOG. - Sanitize EFLAGS and Code Segments in KeContextToTrapFrame and KeTrapFrameToContext. - Implement KiUpdateDr7 and KiRecordDr7 as well as DR_MASK and other DR-validation macros and functions to protect against DR-vulnerabilites as well as to properly account for each active hardware breakpoint in a per-thread fashion by using the dispatcher header. - Allow CR0_EM when running in a VDM. - Fix FPU/NPX Register handling in KeContextToTrapFrame and KeTrapFrameToContext, and also speed it up by manual copying instead of a memory move. - Properly give IOPL 3 to user-mode threads if they requested it. - Detect GPF during GPF. - Detect pagefault with a trap-frame spread over two or more pages and nested. - Properly sanitize and set correct trap frame in KiInitailizeUserApc. - Return STATUS_ACCESS_VIOLATION during page faults instead of STATUS_UNSUCESSFUL. - Fix assert in VdmSwapContext, as well as Code Selector check which was broken. - Fix delayed object deletion (ObDeferDeleteObject) and the Ob Repear Routine and list. - Update Kernel Fun. - BUGBUG: Temporaily hack VMWare to detection to always detect VMWare. svn path=/trunk/; revision=25238
2006-12-29 18:49:00 +00:00
if (!NT_SUCCESS(Status)) return Status;
Second part of patch, implements the new RTL functions which will be used (not used by kernel yet). - RtlCreateUserProcess: * Created RtlpInitEnvironment to manage Environment Block creation. Rougly based on old KlInitPeb code but with some optimizations. * Don't ignore Process Security Descriptor if one was specified. * Don't ignore ZeroBits, get correct entrypoint, and don't assume PEB address. * Don't close handle of section before closing process handle on failure. * Support new undocumented flag which pre-allocates 1MB of memory for Native Processes * FIXME: Hande duplication should be done, but wasn't and still isn't. - RtlpCreateUserStack: * New function to create a stack for a Thread, similar to BasepCreateStack but has some differences related to StackCommit/StackReserve. * Also create Guard Page - RtlpFreeUserStack: * Undoes what the function above does, in case of failure in code using it. - RtlCreateUserThread: * Use the new functions instead of rosrtl. - RtlInitializeContext: * New function similar to BasepInitializeContext but; > Uses a single entrypoint, not many possible thunks like Kernel32 (no need) > The starting EFLAGS is Interrupts Enabled, not IOPL 3. > We don't initialize the same Context Flags > The initial context registers are different - RtlFreeUserThreadStack * Don't assume the TEB address - RtlExitUserThread * Remove deprecated stack-switching semantics and use new TEB flag to tell the Kernel to deallocate the stack for us. svn path=/trunk/; revision=16542
2005-07-12 04:41:41 +00:00
/* Next, we'll set up the Initial Context */
RtlInitializeContext(ProcessHandle,
&Context,
Parameter,
StartAddress,
InitialTeb.StackBase);
- Fix critical bugs in exception handling: Unwinding was completely broken, using the wrong SEH protector to detect collided unwinding. The correct protector itself also had a broken check. - Fix architectural bug in the entire TrapFrame<->Context conversion system and Ring Privilege Transitions (Inter-ring and intra-ring) which was lacking proper sanitation and validation of segments, flags and debug registers. Among other things, IOPL is now respected, CS is not KGDT_R0_CODE | RPL_MASK anymore, and the GPF code is now properly being called. This completely fixes exception handling being totally broken and crashing firefox installer, mirc, and other applications. - Rewrite the page fault handler base code in assembly instead of relying on a broken C routine. Detect VDM, V8086, detecting expected/normal fault in ExpInterlockedPopEntrySList and faults in the system handler code. Rewrite MmAccessFault to be the main function that calls out to other sub-fault functions, and use the same prototype as NT. - Fix the KGDT boot table to have proper granularity and big flags, and extend it to 256 entries. - Create proper thread context in RtlInitializeContext and cleanup Rtl Thread routines. - Remove all int3 and breakpoints from trap handlers, and replace them with a much better "UNHANDLED_PATH" macro which freezes the system, beeps, and displays a message with the line of code that's unhandled. This is to clearly tell the user that something is unhandled, instead of nesting infinite exceptions due to the int3. - Fix a bug in INT_PROLOG. - Sanitize EFLAGS and Code Segments in KeContextToTrapFrame and KeTrapFrameToContext. - Implement KiUpdateDr7 and KiRecordDr7 as well as DR_MASK and other DR-validation macros and functions to protect against DR-vulnerabilites as well as to properly account for each active hardware breakpoint in a per-thread fashion by using the dispatcher header. - Allow CR0_EM when running in a VDM. - Fix FPU/NPX Register handling in KeContextToTrapFrame and KeTrapFrameToContext, and also speed it up by manual copying instead of a memory move. - Properly give IOPL 3 to user-mode threads if they requested it. - Detect GPF during GPF. - Detect pagefault with a trap-frame spread over two or more pages and nested. - Properly sanitize and set correct trap frame in KiInitailizeUserApc. - Return STATUS_ACCESS_VIOLATION during page faults instead of STATUS_UNSUCESSFUL. - Fix assert in VdmSwapContext, as well as Code Selector check which was broken. - Fix delayed object deletion (ObDeferDeleteObject) and the Ob Repear Routine and list. - Update Kernel Fun. - BUGBUG: Temporaily hack VMWare to detection to always detect VMWare. svn path=/trunk/; revision=25238
2006-12-29 18:49:00 +00:00
Second part of patch, implements the new RTL functions which will be used (not used by kernel yet). - RtlCreateUserProcess: * Created RtlpInitEnvironment to manage Environment Block creation. Rougly based on old KlInitPeb code but with some optimizations. * Don't ignore Process Security Descriptor if one was specified. * Don't ignore ZeroBits, get correct entrypoint, and don't assume PEB address. * Don't close handle of section before closing process handle on failure. * Support new undocumented flag which pre-allocates 1MB of memory for Native Processes * FIXME: Hande duplication should be done, but wasn't and still isn't. - RtlpCreateUserStack: * New function to create a stack for a Thread, similar to BasepCreateStack but has some differences related to StackCommit/StackReserve. * Also create Guard Page - RtlpFreeUserStack: * Undoes what the function above does, in case of failure in code using it. - RtlCreateUserThread: * Use the new functions instead of rosrtl. - RtlInitializeContext: * New function similar to BasepInitializeContext but; > Uses a single entrypoint, not many possible thunks like Kernel32 (no need) > The starting EFLAGS is Interrupts Enabled, not IOPL 3. > We don't initialize the same Context Flags > The initial context registers are different - RtlFreeUserThreadStack * Don't assume the TEB address - RtlExitUserThread * Remove deprecated stack-switching semantics and use new TEB flag to tell the Kernel to deallocate the stack for us. svn path=/trunk/; revision=16542
2005-07-12 04:41:41 +00:00
/* We are now ready to create the Kernel Thread Object */
- Fix critical bugs in exception handling: Unwinding was completely broken, using the wrong SEH protector to detect collided unwinding. The correct protector itself also had a broken check. - Fix architectural bug in the entire TrapFrame<->Context conversion system and Ring Privilege Transitions (Inter-ring and intra-ring) which was lacking proper sanitation and validation of segments, flags and debug registers. Among other things, IOPL is now respected, CS is not KGDT_R0_CODE | RPL_MASK anymore, and the GPF code is now properly being called. This completely fixes exception handling being totally broken and crashing firefox installer, mirc, and other applications. - Rewrite the page fault handler base code in assembly instead of relying on a broken C routine. Detect VDM, V8086, detecting expected/normal fault in ExpInterlockedPopEntrySList and faults in the system handler code. Rewrite MmAccessFault to be the main function that calls out to other sub-fault functions, and use the same prototype as NT. - Fix the KGDT boot table to have proper granularity and big flags, and extend it to 256 entries. - Create proper thread context in RtlInitializeContext and cleanup Rtl Thread routines. - Remove all int3 and breakpoints from trap handlers, and replace them with a much better "UNHANDLED_PATH" macro which freezes the system, beeps, and displays a message with the line of code that's unhandled. This is to clearly tell the user that something is unhandled, instead of nesting infinite exceptions due to the int3. - Fix a bug in INT_PROLOG. - Sanitize EFLAGS and Code Segments in KeContextToTrapFrame and KeTrapFrameToContext. - Implement KiUpdateDr7 and KiRecordDr7 as well as DR_MASK and other DR-validation macros and functions to protect against DR-vulnerabilites as well as to properly account for each active hardware breakpoint in a per-thread fashion by using the dispatcher header. - Allow CR0_EM when running in a VDM. - Fix FPU/NPX Register handling in KeContextToTrapFrame and KeTrapFrameToContext, and also speed it up by manual copying instead of a memory move. - Properly give IOPL 3 to user-mode threads if they requested it. - Detect GPF during GPF. - Detect pagefault with a trap-frame spread over two or more pages and nested. - Properly sanitize and set correct trap frame in KiInitailizeUserApc. - Return STATUS_ACCESS_VIOLATION during page faults instead of STATUS_UNSUCESSFUL. - Fix assert in VdmSwapContext, as well as Code Selector check which was broken. - Fix delayed object deletion (ObDeferDeleteObject) and the Ob Repear Routine and list. - Update Kernel Fun. - BUGBUG: Temporaily hack VMWare to detection to always detect VMWare. svn path=/trunk/; revision=25238
2006-12-29 18:49:00 +00:00
InitializeObjectAttributes(&ObjectAttributes,
NULL,
0,
NULL,
Second part of patch, implements the new RTL functions which will be used (not used by kernel yet). - RtlCreateUserProcess: * Created RtlpInitEnvironment to manage Environment Block creation. Rougly based on old KlInitPeb code but with some optimizations. * Don't ignore Process Security Descriptor if one was specified. * Don't ignore ZeroBits, get correct entrypoint, and don't assume PEB address. * Don't close handle of section before closing process handle on failure. * Support new undocumented flag which pre-allocates 1MB of memory for Native Processes * FIXME: Hande duplication should be done, but wasn't and still isn't. - RtlpCreateUserStack: * New function to create a stack for a Thread, similar to BasepCreateStack but has some differences related to StackCommit/StackReserve. * Also create Guard Page - RtlpFreeUserStack: * Undoes what the function above does, in case of failure in code using it. - RtlCreateUserThread: * Use the new functions instead of rosrtl. - RtlInitializeContext: * New function similar to BasepInitializeContext but; > Uses a single entrypoint, not many possible thunks like Kernel32 (no need) > The starting EFLAGS is Interrupts Enabled, not IOPL 3. > We don't initialize the same Context Flags > The initial context registers are different - RtlFreeUserThreadStack * Don't assume the TEB address - RtlExitUserThread * Remove deprecated stack-switching semantics and use new TEB flag to tell the Kernel to deallocate the stack for us. svn path=/trunk/; revision=16542
2005-07-12 04:41:41 +00:00
SecurityDescriptor);
Status = ZwCreateThread(&Handle,
THREAD_ALL_ACCESS,
&ObjectAttributes,
ProcessHandle,
&ThreadCid,
&Context,
&InitialTeb,
CreateSuspended);
if (!NT_SUCCESS(Status))
{
/* Free the stack */
RtlpFreeUserStack(ProcessHandle, &InitialTeb);
}
else
{
- Fix critical bugs in exception handling: Unwinding was completely broken, using the wrong SEH protector to detect collided unwinding. The correct protector itself also had a broken check. - Fix architectural bug in the entire TrapFrame<->Context conversion system and Ring Privilege Transitions (Inter-ring and intra-ring) which was lacking proper sanitation and validation of segments, flags and debug registers. Among other things, IOPL is now respected, CS is not KGDT_R0_CODE | RPL_MASK anymore, and the GPF code is now properly being called. This completely fixes exception handling being totally broken and crashing firefox installer, mirc, and other applications. - Rewrite the page fault handler base code in assembly instead of relying on a broken C routine. Detect VDM, V8086, detecting expected/normal fault in ExpInterlockedPopEntrySList and faults in the system handler code. Rewrite MmAccessFault to be the main function that calls out to other sub-fault functions, and use the same prototype as NT. - Fix the KGDT boot table to have proper granularity and big flags, and extend it to 256 entries. - Create proper thread context in RtlInitializeContext and cleanup Rtl Thread routines. - Remove all int3 and breakpoints from trap handlers, and replace them with a much better "UNHANDLED_PATH" macro which freezes the system, beeps, and displays a message with the line of code that's unhandled. This is to clearly tell the user that something is unhandled, instead of nesting infinite exceptions due to the int3. - Fix a bug in INT_PROLOG. - Sanitize EFLAGS and Code Segments in KeContextToTrapFrame and KeTrapFrameToContext. - Implement KiUpdateDr7 and KiRecordDr7 as well as DR_MASK and other DR-validation macros and functions to protect against DR-vulnerabilites as well as to properly account for each active hardware breakpoint in a per-thread fashion by using the dispatcher header. - Allow CR0_EM when running in a VDM. - Fix FPU/NPX Register handling in KeContextToTrapFrame and KeTrapFrameToContext, and also speed it up by manual copying instead of a memory move. - Properly give IOPL 3 to user-mode threads if they requested it. - Detect GPF during GPF. - Detect pagefault with a trap-frame spread over two or more pages and nested. - Properly sanitize and set correct trap frame in KiInitailizeUserApc. - Return STATUS_ACCESS_VIOLATION during page faults instead of STATUS_UNSUCESSFUL. - Fix assert in VdmSwapContext, as well as Code Selector check which was broken. - Fix delayed object deletion (ObDeferDeleteObject) and the Ob Repear Routine and list. - Update Kernel Fun. - BUGBUG: Temporaily hack VMWare to detection to always detect VMWare. svn path=/trunk/; revision=25238
2006-12-29 18:49:00 +00:00
/* Return thread data */
Fix handle leaks in RtlCreateUserThread and SmExecPgm. svn path=/trunk/; revision=34984
2008-07-31 21:33:17 +00:00
if (ThreadHandle)
*ThreadHandle = Handle;
else
NtClose(Handle);
Second part of patch, implements the new RTL functions which will be used (not used by kernel yet). - RtlCreateUserProcess: * Created RtlpInitEnvironment to manage Environment Block creation. Rougly based on old KlInitPeb code but with some optimizations. * Don't ignore Process Security Descriptor if one was specified. * Don't ignore ZeroBits, get correct entrypoint, and don't assume PEB address. * Don't close handle of section before closing process handle on failure. * Support new undocumented flag which pre-allocates 1MB of memory for Native Processes * FIXME: Hande duplication should be done, but wasn't and still isn't. - RtlpCreateUserStack: * New function to create a stack for a Thread, similar to BasepCreateStack but has some differences related to StackCommit/StackReserve. * Also create Guard Page - RtlpFreeUserStack: * Undoes what the function above does, in case of failure in code using it. - RtlCreateUserThread: * Use the new functions instead of rosrtl. - RtlInitializeContext: * New function similar to BasepInitializeContext but; > Uses a single entrypoint, not many possible thunks like Kernel32 (no need) > The starting EFLAGS is Interrupts Enabled, not IOPL 3. > We don't initialize the same Context Flags > The initial context registers are different - RtlFreeUserThreadStack * Don't assume the TEB address - RtlExitUserThread * Remove deprecated stack-switching semantics and use new TEB flag to tell the Kernel to deallocate the stack for us. svn path=/trunk/; revision=16542
2005-07-12 04:41:41 +00:00
if (ClientId) *ClientId = ThreadCid;
}
- Fix critical bugs in exception handling: Unwinding was completely broken, using the wrong SEH protector to detect collided unwinding. The correct protector itself also had a broken check. - Fix architectural bug in the entire TrapFrame<->Context conversion system and Ring Privilege Transitions (Inter-ring and intra-ring) which was lacking proper sanitation and validation of segments, flags and debug registers. Among other things, IOPL is now respected, CS is not KGDT_R0_CODE | RPL_MASK anymore, and the GPF code is now properly being called. This completely fixes exception handling being totally broken and crashing firefox installer, mirc, and other applications. - Rewrite the page fault handler base code in assembly instead of relying on a broken C routine. Detect VDM, V8086, detecting expected/normal fault in ExpInterlockedPopEntrySList and faults in the system handler code. Rewrite MmAccessFault to be the main function that calls out to other sub-fault functions, and use the same prototype as NT. - Fix the KGDT boot table to have proper granularity and big flags, and extend it to 256 entries. - Create proper thread context in RtlInitializeContext and cleanup Rtl Thread routines. - Remove all int3 and breakpoints from trap handlers, and replace them with a much better "UNHANDLED_PATH" macro which freezes the system, beeps, and displays a message with the line of code that's unhandled. This is to clearly tell the user that something is unhandled, instead of nesting infinite exceptions due to the int3. - Fix a bug in INT_PROLOG. - Sanitize EFLAGS and Code Segments in KeContextToTrapFrame and KeTrapFrameToContext. - Implement KiUpdateDr7 and KiRecordDr7 as well as DR_MASK and other DR-validation macros and functions to protect against DR-vulnerabilites as well as to properly account for each active hardware breakpoint in a per-thread fashion by using the dispatcher header. - Allow CR0_EM when running in a VDM. - Fix FPU/NPX Register handling in KeContextToTrapFrame and KeTrapFrameToContext, and also speed it up by manual copying instead of a memory move. - Properly give IOPL 3 to user-mode threads if they requested it. - Detect GPF during GPF. - Detect pagefault with a trap-frame spread over two or more pages and nested. - Properly sanitize and set correct trap frame in KiInitailizeUserApc. - Return STATUS_ACCESS_VIOLATION during page faults instead of STATUS_UNSUCESSFUL. - Fix assert in VdmSwapContext, as well as Code Selector check which was broken. - Fix delayed object deletion (ObDeferDeleteObject) and the Ob Repear Routine and list. - Update Kernel Fun. - BUGBUG: Temporaily hack VMWare to detection to always detect VMWare. svn path=/trunk/; revision=25238
2006-12-29 18:49:00 +00:00
Second part of patch, implements the new RTL functions which will be used (not used by kernel yet). - RtlCreateUserProcess: * Created RtlpInitEnvironment to manage Environment Block creation. Rougly based on old KlInitPeb code but with some optimizations. * Don't ignore Process Security Descriptor if one was specified. * Don't ignore ZeroBits, get correct entrypoint, and don't assume PEB address. * Don't close handle of section before closing process handle on failure. * Support new undocumented flag which pre-allocates 1MB of memory for Native Processes * FIXME: Hande duplication should be done, but wasn't and still isn't. - RtlpCreateUserStack: * New function to create a stack for a Thread, similar to BasepCreateStack but has some differences related to StackCommit/StackReserve. * Also create Guard Page - RtlpFreeUserStack: * Undoes what the function above does, in case of failure in code using it. - RtlCreateUserThread: * Use the new functions instead of rosrtl. - RtlInitializeContext: * New function similar to BasepInitializeContext but; > Uses a single entrypoint, not many possible thunks like Kernel32 (no need) > The starting EFLAGS is Interrupts Enabled, not IOPL 3. > We don't initialize the same Context Flags > The initial context registers are different - RtlFreeUserThreadStack * Don't assume the TEB address - RtlExitUserThread * Remove deprecated stack-switching semantics and use new TEB flag to tell the Kernel to deallocate the stack for us. svn path=/trunk/; revision=16542
2005-07-12 04:41:41 +00:00
/* Return success or the previous failure */
return Status;
My biggest commit so far (everything compiles and apparently runs fine): - replaced DWORD with ULONG in a couple of places - replaced some ULONGs with LONGs in the KD GDB stub - replaced INITIAL_TEB with USER_STACK, as per Nebbet's book, to support both fixed size and expandable stacks - added InterlockedExchangePointer - added the ASM_BREAKPOINT macro as the architecture-dependent assembler code to raise a breakpoint exception - corrected definitions of INT, LONG, DWORD, UINT, ULONG and ULONG32 - corrected IoSetCancelRoutine to use InterlockedExchangePointer - corrected definition of NtCurrentTeb and NtCurrentPeb - corrected DbgBreakPoint and DbgUserBreakPoint not to set up a stack frame (temporary fix with inline assembler - why doesn't GCC understand __declspec(naked)?) - corrected various calls to Interlocked* functions to cast OUT operands to LONG * - corrected various printf format strings - corrected DbgUiIssueRemoteBreakin to use the smallest possible stack (this is what started everything) - removed a DPRINT that accessed pageable memory at non-PASSIVE_LEVEL IRQL - beautified CreateProcessA (another temporary fix - all the new functions will be isolated in the upcoming stand-alone RTL) - prefixed LdrInitializeThunk with a nop that can be overwritten with a breakpoint for debugging purposes (temporary debugging aid until we have user-mode debugger support). Will add support for this to the breakin utility soon - thread creation code rewritten from scratch (some glitches documented inline, but works fine) - thread creation code now duplicated just twice, as opposed to five times (temporary fix - three new, non standard functions have been exported from NTDLL.DLL, will fix later) svn path=/trunk/; revision=4595
2003-04-26 23:13:33 +00:00
}
Stack is freed on failure. svn path=/trunk/; revision=662
1999-09-12 20:49:06 +00:00
- Part one of major RTL cleanup. Merge duplicated code and stick everything in lib\rtl that used to be in ntdll. Also cleanup the file headers, copyright information and includes. svn path=/trunk/; revision=17731
2005-09-08 00:09:32 +00:00
/*
* @implemented
*/
- Fix critical bugs in exception handling: Unwinding was completely broken, using the wrong SEH protector to detect collided unwinding. The correct protector itself also had a broken check. - Fix architectural bug in the entire TrapFrame<->Context conversion system and Ring Privilege Transitions (Inter-ring and intra-ring) which was lacking proper sanitation and validation of segments, flags and debug registers. Among other things, IOPL is now respected, CS is not KGDT_R0_CODE | RPL_MASK anymore, and the GPF code is now properly being called. This completely fixes exception handling being totally broken and crashing firefox installer, mirc, and other applications. - Rewrite the page fault handler base code in assembly instead of relying on a broken C routine. Detect VDM, V8086, detecting expected/normal fault in ExpInterlockedPopEntrySList and faults in the system handler code. Rewrite MmAccessFault to be the main function that calls out to other sub-fault functions, and use the same prototype as NT. - Fix the KGDT boot table to have proper granularity and big flags, and extend it to 256 entries. - Create proper thread context in RtlInitializeContext and cleanup Rtl Thread routines. - Remove all int3 and breakpoints from trap handlers, and replace them with a much better "UNHANDLED_PATH" macro which freezes the system, beeps, and displays a message with the line of code that's unhandled. This is to clearly tell the user that something is unhandled, instead of nesting infinite exceptions due to the int3. - Fix a bug in INT_PROLOG. - Sanitize EFLAGS and Code Segments in KeContextToTrapFrame and KeTrapFrameToContext. - Implement KiUpdateDr7 and KiRecordDr7 as well as DR_MASK and other DR-validation macros and functions to protect against DR-vulnerabilites as well as to properly account for each active hardware breakpoint in a per-thread fashion by using the dispatcher header. - Allow CR0_EM when running in a VDM. - Fix FPU/NPX Register handling in KeContextToTrapFrame and KeTrapFrameToContext, and also speed it up by manual copying instead of a memory move. - Properly give IOPL 3 to user-mode threads if they requested it. - Detect GPF during GPF. - Detect pagefault with a trap-frame spread over two or more pages and nested. - Properly sanitize and set correct trap frame in KiInitailizeUserApc. - Return STATUS_ACCESS_VIOLATION during page faults instead of STATUS_UNSUCESSFUL. - Fix assert in VdmSwapContext, as well as Code Selector check which was broken. - Fix delayed object deletion (ObDeferDeleteObject) and the Ob Repear Routine and list. - Update Kernel Fun. - BUGBUG: Temporaily hack VMWare to detection to always detect VMWare. svn path=/trunk/; revision=25238
2006-12-29 18:49:00 +00:00
VOID
NTAPI
- Part one of major RTL cleanup. Merge duplicated code and stick everything in lib\rtl that used to be in ntdll. Also cleanup the file headers, copyright information and includes. svn path=/trunk/; revision=17731
2005-09-08 00:09:32 +00:00
RtlExitUserThread(NTSTATUS Status)
{
/* Call the Loader and tell him to notify the DLLs */
LdrShutdownThread();
- Fix critical bugs in exception handling: Unwinding was completely broken, using the wrong SEH protector to detect collided unwinding. The correct protector itself also had a broken check. - Fix architectural bug in the entire TrapFrame<->Context conversion system and Ring Privilege Transitions (Inter-ring and intra-ring) which was lacking proper sanitation and validation of segments, flags and debug registers. Among other things, IOPL is now respected, CS is not KGDT_R0_CODE | RPL_MASK anymore, and the GPF code is now properly being called. This completely fixes exception handling being totally broken and crashing firefox installer, mirc, and other applications. - Rewrite the page fault handler base code in assembly instead of relying on a broken C routine. Detect VDM, V8086, detecting expected/normal fault in ExpInterlockedPopEntrySList and faults in the system handler code. Rewrite MmAccessFault to be the main function that calls out to other sub-fault functions, and use the same prototype as NT. - Fix the KGDT boot table to have proper granularity and big flags, and extend it to 256 entries. - Create proper thread context in RtlInitializeContext and cleanup Rtl Thread routines. - Remove all int3 and breakpoints from trap handlers, and replace them with a much better "UNHANDLED_PATH" macro which freezes the system, beeps, and displays a message with the line of code that's unhandled. This is to clearly tell the user that something is unhandled, instead of nesting infinite exceptions due to the int3. - Fix a bug in INT_PROLOG. - Sanitize EFLAGS and Code Segments in KeContextToTrapFrame and KeTrapFrameToContext. - Implement KiUpdateDr7 and KiRecordDr7 as well as DR_MASK and other DR-validation macros and functions to protect against DR-vulnerabilites as well as to properly account for each active hardware breakpoint in a per-thread fashion by using the dispatcher header. - Allow CR0_EM when running in a VDM. - Fix FPU/NPX Register handling in KeContextToTrapFrame and KeTrapFrameToContext, and also speed it up by manual copying instead of a memory move. - Properly give IOPL 3 to user-mode threads if they requested it. - Detect GPF during GPF. - Detect pagefault with a trap-frame spread over two or more pages and nested. - Properly sanitize and set correct trap frame in KiInitailizeUserApc. - Return STATUS_ACCESS_VIOLATION during page faults instead of STATUS_UNSUCESSFUL. - Fix assert in VdmSwapContext, as well as Code Selector check which was broken. - Fix delayed object deletion (ObDeferDeleteObject) and the Ob Repear Routine and list. - Update Kernel Fun. - BUGBUG: Temporaily hack VMWare to detection to always detect VMWare. svn path=/trunk/; revision=25238
2006-12-29 18:49:00 +00:00
- Part one of major RTL cleanup. Merge duplicated code and stick everything in lib\rtl that used to be in ntdll. Also cleanup the file headers, copyright information and includes. svn path=/trunk/; revision=17731
2005-09-08 00:09:32 +00:00
/* Shut us down */
NtCurrentTeb()->FreeStackOnTermination = TRUE;
NtTerminateThread(NtCurrentThread(), Status);
}
- include/rosrtl/thread.h, lib/rosrtl/makefile, lib/rosrtl/makefile.i386, lib/rosrtl/thread/stack.c, lib/rosrtl/thread/exit.c, lib/rosrtl/thread/i386/stackexit.c: three new RosRtl functions (RtlRosExitUserThread, RtlRosFreeUserThreadStack and RtlRosSwitchStackForExit) - lib/kernel32/makefile, lib/kernel32/thread/thread.c, lib/kernel32/thread/thread/i386/exit.S: kernel32.dll now uses them - lib/ntdll/dbg/debug.c, lib/ntdll/rtl/thread.c: ntdll.dll too - subsys/csrss/api/wapi.c: CSRSS too (should fix regression) svn path=/trunk/; revision=7323
2003-12-30 05:10:32 +00:00
/*
@implemented
*/
- Fix critical bugs in exception handling: Unwinding was completely broken, using the wrong SEH protector to detect collided unwinding. The correct protector itself also had a broken check. - Fix architectural bug in the entire TrapFrame<->Context conversion system and Ring Privilege Transitions (Inter-ring and intra-ring) which was lacking proper sanitation and validation of segments, flags and debug registers. Among other things, IOPL is now respected, CS is not KGDT_R0_CODE | RPL_MASK anymore, and the GPF code is now properly being called. This completely fixes exception handling being totally broken and crashing firefox installer, mirc, and other applications. - Rewrite the page fault handler base code in assembly instead of relying on a broken C routine. Detect VDM, V8086, detecting expected/normal fault in ExpInterlockedPopEntrySList and faults in the system handler code. Rewrite MmAccessFault to be the main function that calls out to other sub-fault functions, and use the same prototype as NT. - Fix the KGDT boot table to have proper granularity and big flags, and extend it to 256 entries. - Create proper thread context in RtlInitializeContext and cleanup Rtl Thread routines. - Remove all int3 and breakpoints from trap handlers, and replace them with a much better "UNHANDLED_PATH" macro which freezes the system, beeps, and displays a message with the line of code that's unhandled. This is to clearly tell the user that something is unhandled, instead of nesting infinite exceptions due to the int3. - Fix a bug in INT_PROLOG. - Sanitize EFLAGS and Code Segments in KeContextToTrapFrame and KeTrapFrameToContext. - Implement KiUpdateDr7 and KiRecordDr7 as well as DR_MASK and other DR-validation macros and functions to protect against DR-vulnerabilites as well as to properly account for each active hardware breakpoint in a per-thread fashion by using the dispatcher header. - Allow CR0_EM when running in a VDM. - Fix FPU/NPX Register handling in KeContextToTrapFrame and KeTrapFrameToContext, and also speed it up by manual copying instead of a memory move. - Properly give IOPL 3 to user-mode threads if they requested it. - Detect GPF during GPF. - Detect pagefault with a trap-frame spread over two or more pages and nested. - Properly sanitize and set correct trap frame in KiInitailizeUserApc. - Return STATUS_ACCESS_VIOLATION during page faults instead of STATUS_UNSUCESSFUL. - Fix assert in VdmSwapContext, as well as Code Selector check which was broken. - Fix delayed object deletion (ObDeferDeleteObject) and the Ob Repear Routine and list. - Update Kernel Fun. - BUGBUG: Temporaily hack VMWare to detection to always detect VMWare. svn path=/trunk/; revision=25238
2006-12-29 18:49:00 +00:00
VOID
NTAPI
Second part of patch, implements the new RTL functions which will be used (not used by kernel yet). - RtlCreateUserProcess: * Created RtlpInitEnvironment to manage Environment Block creation. Rougly based on old KlInitPeb code but with some optimizations. * Don't ignore Process Security Descriptor if one was specified. * Don't ignore ZeroBits, get correct entrypoint, and don't assume PEB address. * Don't close handle of section before closing process handle on failure. * Support new undocumented flag which pre-allocates 1MB of memory for Native Processes * FIXME: Hande duplication should be done, but wasn't and still isn't. - RtlpCreateUserStack: * New function to create a stack for a Thread, similar to BasepCreateStack but has some differences related to StackCommit/StackReserve. * Also create Guard Page - RtlpFreeUserStack: * Undoes what the function above does, in case of failure in code using it. - RtlCreateUserThread: * Use the new functions instead of rosrtl. - RtlInitializeContext: * New function similar to BasepInitializeContext but; > Uses a single entrypoint, not many possible thunks like Kernel32 (no need) > The starting EFLAGS is Interrupts Enabled, not IOPL 3. > We don't initialize the same Context Flags > The initial context registers are different - RtlFreeUserThreadStack * Don't assume the TEB address - RtlExitUserThread * Remove deprecated stack-switching semantics and use new TEB flag to tell the Kernel to deallocate the stack for us. svn path=/trunk/; revision=16542
2005-07-12 04:41:41 +00:00
RtlFreeUserThreadStack(HANDLE ProcessHandle,
HANDLE ThreadHandle)
- implemented a couple of DbgUi* APIs introduced in NT 5.1 - implemented RtlExitUserThread svn path=/trunk/; revision=4463
2003-03-31 22:32:18 +00:00
{
Second part of patch, implements the new RTL functions which will be used (not used by kernel yet). - RtlCreateUserProcess: * Created RtlpInitEnvironment to manage Environment Block creation. Rougly based on old KlInitPeb code but with some optimizations. * Don't ignore Process Security Descriptor if one was specified. * Don't ignore ZeroBits, get correct entrypoint, and don't assume PEB address. * Don't close handle of section before closing process handle on failure. * Support new undocumented flag which pre-allocates 1MB of memory for Native Processes * FIXME: Hande duplication should be done, but wasn't and still isn't. - RtlpCreateUserStack: * New function to create a stack for a Thread, similar to BasepCreateStack but has some differences related to StackCommit/StackReserve. * Also create Guard Page - RtlpFreeUserStack: * Undoes what the function above does, in case of failure in code using it. - RtlCreateUserThread: * Use the new functions instead of rosrtl. - RtlInitializeContext: * New function similar to BasepInitializeContext but; > Uses a single entrypoint, not many possible thunks like Kernel32 (no need) > The starting EFLAGS is Interrupts Enabled, not IOPL 3. > We don't initialize the same Context Flags > The initial context registers are different - RtlFreeUserThreadStack * Don't assume the TEB address - RtlExitUserThread * Remove deprecated stack-switching semantics and use new TEB flag to tell the Kernel to deallocate the stack for us. svn path=/trunk/; revision=16542
2005-07-12 04:41:41 +00:00
NTSTATUS Status;
THREAD_BASIC_INFORMATION ThreadBasicInfo;
Some more function prototype fixes and pointer type warning fixes svn path=/trunk/; revision=27977
2007-07-28 21:30:16 +00:00
SIZE_T Dummy, Size = 0;
Second part of patch, implements the new RTL functions which will be used (not used by kernel yet). - RtlCreateUserProcess: * Created RtlpInitEnvironment to manage Environment Block creation. Rougly based on old KlInitPeb code but with some optimizations. * Don't ignore Process Security Descriptor if one was specified. * Don't ignore ZeroBits, get correct entrypoint, and don't assume PEB address. * Don't close handle of section before closing process handle on failure. * Support new undocumented flag which pre-allocates 1MB of memory for Native Processes * FIXME: Hande duplication should be done, but wasn't and still isn't. - RtlpCreateUserStack: * New function to create a stack for a Thread, similar to BasepCreateStack but has some differences related to StackCommit/StackReserve. * Also create Guard Page - RtlpFreeUserStack: * Undoes what the function above does, in case of failure in code using it. - RtlCreateUserThread: * Use the new functions instead of rosrtl. - RtlInitializeContext: * New function similar to BasepInitializeContext but; > Uses a single entrypoint, not many possible thunks like Kernel32 (no need) > The starting EFLAGS is Interrupts Enabled, not IOPL 3. > We don't initialize the same Context Flags > The initial context registers are different - RtlFreeUserThreadStack * Don't assume the TEB address - RtlExitUserThread * Remove deprecated stack-switching semantics and use new TEB flag to tell the Kernel to deallocate the stack for us. svn path=/trunk/; revision=16542
2005-07-12 04:41:41 +00:00
PVOID StackLocation;
- Fix critical bugs in exception handling: Unwinding was completely broken, using the wrong SEH protector to detect collided unwinding. The correct protector itself also had a broken check. - Fix architectural bug in the entire TrapFrame<->Context conversion system and Ring Privilege Transitions (Inter-ring and intra-ring) which was lacking proper sanitation and validation of segments, flags and debug registers. Among other things, IOPL is now respected, CS is not KGDT_R0_CODE | RPL_MASK anymore, and the GPF code is now properly being called. This completely fixes exception handling being totally broken and crashing firefox installer, mirc, and other applications. - Rewrite the page fault handler base code in assembly instead of relying on a broken C routine. Detect VDM, V8086, detecting expected/normal fault in ExpInterlockedPopEntrySList and faults in the system handler code. Rewrite MmAccessFault to be the main function that calls out to other sub-fault functions, and use the same prototype as NT. - Fix the KGDT boot table to have proper granularity and big flags, and extend it to 256 entries. - Create proper thread context in RtlInitializeContext and cleanup Rtl Thread routines. - Remove all int3 and breakpoints from trap handlers, and replace them with a much better "UNHANDLED_PATH" macro which freezes the system, beeps, and displays a message with the line of code that's unhandled. This is to clearly tell the user that something is unhandled, instead of nesting infinite exceptions due to the int3. - Fix a bug in INT_PROLOG. - Sanitize EFLAGS and Code Segments in KeContextToTrapFrame and KeTrapFrameToContext. - Implement KiUpdateDr7 and KiRecordDr7 as well as DR_MASK and other DR-validation macros and functions to protect against DR-vulnerabilites as well as to properly account for each active hardware breakpoint in a per-thread fashion by using the dispatcher header. - Allow CR0_EM when running in a VDM. - Fix FPU/NPX Register handling in KeContextToTrapFrame and KeTrapFrameToContext, and also speed it up by manual copying instead of a memory move. - Properly give IOPL 3 to user-mode threads if they requested it. - Detect GPF during GPF. - Detect pagefault with a trap-frame spread over two or more pages and nested. - Properly sanitize and set correct trap frame in KiInitailizeUserApc. - Return STATUS_ACCESS_VIOLATION during page faults instead of STATUS_UNSUCESSFUL. - Fix assert in VdmSwapContext, as well as Code Selector check which was broken. - Fix delayed object deletion (ObDeferDeleteObject) and the Ob Repear Routine and list. - Update Kernel Fun. - BUGBUG: Temporaily hack VMWare to detection to always detect VMWare. svn path=/trunk/; revision=25238
2006-12-29 18:49:00 +00:00
Second part of patch, implements the new RTL functions which will be used (not used by kernel yet). - RtlCreateUserProcess: * Created RtlpInitEnvironment to manage Environment Block creation. Rougly based on old KlInitPeb code but with some optimizations. * Don't ignore Process Security Descriptor if one was specified. * Don't ignore ZeroBits, get correct entrypoint, and don't assume PEB address. * Don't close handle of section before closing process handle on failure. * Support new undocumented flag which pre-allocates 1MB of memory for Native Processes * FIXME: Hande duplication should be done, but wasn't and still isn't. - RtlpCreateUserStack: * New function to create a stack for a Thread, similar to BasepCreateStack but has some differences related to StackCommit/StackReserve. * Also create Guard Page - RtlpFreeUserStack: * Undoes what the function above does, in case of failure in code using it. - RtlCreateUserThread: * Use the new functions instead of rosrtl. - RtlInitializeContext: * New function similar to BasepInitializeContext but; > Uses a single entrypoint, not many possible thunks like Kernel32 (no need) > The starting EFLAGS is Interrupts Enabled, not IOPL 3. > We don't initialize the same Context Flags > The initial context registers are different - RtlFreeUserThreadStack * Don't assume the TEB address - RtlExitUserThread * Remove deprecated stack-switching semantics and use new TEB flag to tell the Kernel to deallocate the stack for us. svn path=/trunk/; revision=16542
2005-07-12 04:41:41 +00:00
/* Query the Basic Info */
Status = NtQueryInformationThread(ThreadHandle,
ThreadBasicInformation,
&ThreadBasicInfo,
sizeof(THREAD_BASIC_INFORMATION),
NULL);
- Fix critical bugs in exception handling: Unwinding was completely broken, using the wrong SEH protector to detect collided unwinding. The correct protector itself also had a broken check. - Fix architectural bug in the entire TrapFrame<->Context conversion system and Ring Privilege Transitions (Inter-ring and intra-ring) which was lacking proper sanitation and validation of segments, flags and debug registers. Among other things, IOPL is now respected, CS is not KGDT_R0_CODE | RPL_MASK anymore, and the GPF code is now properly being called. This completely fixes exception handling being totally broken and crashing firefox installer, mirc, and other applications. - Rewrite the page fault handler base code in assembly instead of relying on a broken C routine. Detect VDM, V8086, detecting expected/normal fault in ExpInterlockedPopEntrySList and faults in the system handler code. Rewrite MmAccessFault to be the main function that calls out to other sub-fault functions, and use the same prototype as NT. - Fix the KGDT boot table to have proper granularity and big flags, and extend it to 256 entries. - Create proper thread context in RtlInitializeContext and cleanup Rtl Thread routines. - Remove all int3 and breakpoints from trap handlers, and replace them with a much better "UNHANDLED_PATH" macro which freezes the system, beeps, and displays a message with the line of code that's unhandled. This is to clearly tell the user that something is unhandled, instead of nesting infinite exceptions due to the int3. - Fix a bug in INT_PROLOG. - Sanitize EFLAGS and Code Segments in KeContextToTrapFrame and KeTrapFrameToContext. - Implement KiUpdateDr7 and KiRecordDr7 as well as DR_MASK and other DR-validation macros and functions to protect against DR-vulnerabilites as well as to properly account for each active hardware breakpoint in a per-thread fashion by using the dispatcher header. - Allow CR0_EM when running in a VDM. - Fix FPU/NPX Register handling in KeContextToTrapFrame and KeTrapFrameToContext, and also speed it up by manual copying instead of a memory move. - Properly give IOPL 3 to user-mode threads if they requested it. - Detect GPF during GPF. - Detect pagefault with a trap-frame spread over two or more pages and nested. - Properly sanitize and set correct trap frame in KiInitailizeUserApc. - Return STATUS_ACCESS_VIOLATION during page faults instead of STATUS_UNSUCESSFUL. - Fix assert in VdmSwapContext, as well as Code Selector check which was broken. - Fix delayed object deletion (ObDeferDeleteObject) and the Ob Repear Routine and list. - Update Kernel Fun. - BUGBUG: Temporaily hack VMWare to detection to always detect VMWare. svn path=/trunk/; revision=25238
2006-12-29 18:49:00 +00:00
if (!NT_SUCCESS(Status) || !ThreadBasicInfo.TebBaseAddress) return;
Second part of patch, implements the new RTL functions which will be used (not used by kernel yet). - RtlCreateUserProcess: * Created RtlpInitEnvironment to manage Environment Block creation. Rougly based on old KlInitPeb code but with some optimizations. * Don't ignore Process Security Descriptor if one was specified. * Don't ignore ZeroBits, get correct entrypoint, and don't assume PEB address. * Don't close handle of section before closing process handle on failure. * Support new undocumented flag which pre-allocates 1MB of memory for Native Processes * FIXME: Hande duplication should be done, but wasn't and still isn't. - RtlpCreateUserStack: * New function to create a stack for a Thread, similar to BasepCreateStack but has some differences related to StackCommit/StackReserve. * Also create Guard Page - RtlpFreeUserStack: * Undoes what the function above does, in case of failure in code using it. - RtlCreateUserThread: * Use the new functions instead of rosrtl. - RtlInitializeContext: * New function similar to BasepInitializeContext but; > Uses a single entrypoint, not many possible thunks like Kernel32 (no need) > The starting EFLAGS is Interrupts Enabled, not IOPL 3. > We don't initialize the same Context Flags > The initial context registers are different - RtlFreeUserThreadStack * Don't assume the TEB address - RtlExitUserThread * Remove deprecated stack-switching semantics and use new TEB flag to tell the Kernel to deallocate the stack for us. svn path=/trunk/; revision=16542
2005-07-12 04:41:41 +00:00
/* Get the deallocation stack */
Status = NtReadVirtualMemory(ProcessHandle,
&((PTEB)ThreadBasicInfo.TebBaseAddress)->
DeallocationStack,
&StackLocation,
sizeof(PVOID),
&Dummy);
- Fix critical bugs in exception handling: Unwinding was completely broken, using the wrong SEH protector to detect collided unwinding. The correct protector itself also had a broken check. - Fix architectural bug in the entire TrapFrame<->Context conversion system and Ring Privilege Transitions (Inter-ring and intra-ring) which was lacking proper sanitation and validation of segments, flags and debug registers. Among other things, IOPL is now respected, CS is not KGDT_R0_CODE | RPL_MASK anymore, and the GPF code is now properly being called. This completely fixes exception handling being totally broken and crashing firefox installer, mirc, and other applications. - Rewrite the page fault handler base code in assembly instead of relying on a broken C routine. Detect VDM, V8086, detecting expected/normal fault in ExpInterlockedPopEntrySList and faults in the system handler code. Rewrite MmAccessFault to be the main function that calls out to other sub-fault functions, and use the same prototype as NT. - Fix the KGDT boot table to have proper granularity and big flags, and extend it to 256 entries. - Create proper thread context in RtlInitializeContext and cleanup Rtl Thread routines. - Remove all int3 and breakpoints from trap handlers, and replace them with a much better "UNHANDLED_PATH" macro which freezes the system, beeps, and displays a message with the line of code that's unhandled. This is to clearly tell the user that something is unhandled, instead of nesting infinite exceptions due to the int3. - Fix a bug in INT_PROLOG. - Sanitize EFLAGS and Code Segments in KeContextToTrapFrame and KeTrapFrameToContext. - Implement KiUpdateDr7 and KiRecordDr7 as well as DR_MASK and other DR-validation macros and functions to protect against DR-vulnerabilites as well as to properly account for each active hardware breakpoint in a per-thread fashion by using the dispatcher header. - Allow CR0_EM when running in a VDM. - Fix FPU/NPX Register handling in KeContextToTrapFrame and KeTrapFrameToContext, and also speed it up by manual copying instead of a memory move. - Properly give IOPL 3 to user-mode threads if they requested it. - Detect GPF during GPF. - Detect pagefault with a trap-frame spread over two or more pages and nested. - Properly sanitize and set correct trap frame in KiInitailizeUserApc. - Return STATUS_ACCESS_VIOLATION during page faults instead of STATUS_UNSUCESSFUL. - Fix assert in VdmSwapContext, as well as Code Selector check which was broken. - Fix delayed object deletion (ObDeferDeleteObject) and the Ob Repear Routine and list. - Update Kernel Fun. - BUGBUG: Temporaily hack VMWare to detection to always detect VMWare. svn path=/trunk/; revision=25238
2006-12-29 18:49:00 +00:00
if (!NT_SUCCESS(Status) || !StackLocation) return;
Second part of patch, implements the new RTL functions which will be used (not used by kernel yet). - RtlCreateUserProcess: * Created RtlpInitEnvironment to manage Environment Block creation. Rougly based on old KlInitPeb code but with some optimizations. * Don't ignore Process Security Descriptor if one was specified. * Don't ignore ZeroBits, get correct entrypoint, and don't assume PEB address. * Don't close handle of section before closing process handle on failure. * Support new undocumented flag which pre-allocates 1MB of memory for Native Processes * FIXME: Hande duplication should be done, but wasn't and still isn't. - RtlpCreateUserStack: * New function to create a stack for a Thread, similar to BasepCreateStack but has some differences related to StackCommit/StackReserve. * Also create Guard Page - RtlpFreeUserStack: * Undoes what the function above does, in case of failure in code using it. - RtlCreateUserThread: * Use the new functions instead of rosrtl. - RtlInitializeContext: * New function similar to BasepInitializeContext but; > Uses a single entrypoint, not many possible thunks like Kernel32 (no need) > The starting EFLAGS is Interrupts Enabled, not IOPL 3. > We don't initialize the same Context Flags > The initial context registers are different - RtlFreeUserThreadStack * Don't assume the TEB address - RtlExitUserThread * Remove deprecated stack-switching semantics and use new TEB flag to tell the Kernel to deallocate the stack for us. svn path=/trunk/; revision=16542
2005-07-12 04:41:41 +00:00
/* Free it */
NtFreeVirtualMemory(ProcessHandle, &StackLocation, &Size, MEM_RELEASE);
- implemented a couple of DbgUi* APIs introduced in NT 5.1 - implemented RtlExitUserThread svn path=/trunk/; revision=4463
2003-03-31 22:32:18 +00:00
}
- Part one of major RTL cleanup. Merge duplicated code and stick everything in lib\rtl that used to be in ntdll. Also cleanup the file headers, copyright information and includes. svn path=/trunk/; revision=17731
2005-09-08 00:09:32 +00:00
PTEB
- NDK fix: don't undef a million status codes, instead, have apps define WIN32_NO_STATUS. - winnt.h: respect WIN32_NO_STATUS for DBG codes. - rtl: change STDCALL to NTAPI - everything else: add precompiled headers where missing, define WIN32_NO_STATUS. svn path=/trunk/; revision=18598
2005-10-19 17:03:38 +00:00
NTAPI
- Part one of major RTL cleanup. Merge duplicated code and stick everything in lib\rtl that used to be in ntdll. Also cleanup the file headers, copyright information and includes. svn path=/trunk/; revision=17731
2005-09-08 00:09:32 +00:00
_NtCurrentTeb(VOID)
{
/* Return the TEB */
return NtCurrentTeb();
}
- Uncomment NTDLL exports which we implement, and add stubs for numerous routines - Add missing prototypes to NDK - Implement RtlInterlockedCompareExchange64 and RtlGetCurrentProcessorNumber - Rename RtlpCurrentPeb to RtlGetCurrentPeb and export it from NTDLL svn path=/trunk/; revision=36166
2008-09-12 15:09:17 +00:00
NTSTATUS
NTAPI
RtlRemoteCall(IN HANDLE Process,
IN HANDLE Thread,
IN PVOID CallSite,
IN ULONG ArgumentCount,
IN PULONG Arguments,
IN BOOLEAN PassContext,
IN BOOLEAN AlreadySuspended)
{
UNIMPLEMENTED;
return STATUS_NOT_IMPLEMENTED;
}
Reference in a new issue Copy permalink