[NTOS:KE]

- Implement KiRaiseSecurityCheckFailure[Handler] to handle int 0x29 (__fastfail). Based on patch by Timo Kreuzer. (Yes, this is a Windows 8 feature. However all it does is improve the debugging experience, and we have a need for that) CORE-8419 svn path=/trunk/; revision=64665
2024-07-18 10:26:09 +00:00 · 2014-10-11 13:15:10 +00:00 · 2014-10-11 13:15:10 +00:00 · c859a6df99
parent 56af6d9a25
commit c859a6df99
3 changed files with 56 additions and 5 deletions
--- a/reactos/include/reactos/mc/bugcodes.mc
+++ b/reactos/include/reactos/mc/bugcodes.mc
@ -1570,3 +1570,11 @@ SymbolicName=ATTEMPTED_EXECUTE_OF_NOEXECUTE_MEMORY
 Language=English
 An attempt was made to execute to non-executable memory.
 .
+
+MessageId=0x139
+Severity=Success
+Facility=System
+SymbolicName=KERNEL_SECURITY_CHECK_FAILURE
+Language=English
+A critical kernel security check failed.
+.
--- a/reactos/ntoskrnl/ke/i386/trap.s
+++ b/reactos/ntoskrnl/ke/i386/trap.s
@ -59,9 +59,11 @@ idt _KiTrap10,         INT_32_DPL0  /* INT 10: x87 FPU Error (#MF)          */
 idt _KiTrap11,         INT_32_DPL0  /* INT 11: Align Check Exception (#AC)  */
 idt _KiTrap0F,         INT_32_DPL0  /* INT 12: Machine Check Exception (#MC)*/
 idt _KiTrap0F,         INT_32_DPL0  /* INT 13: SIMD FPU Exception (#XF)     */
-REPEAT 22
-idt _KiTrap0F,         INT_32_DPL0  /* INT 14-29: UNDEFINED INTERRUPTS      */
+REPEAT 21
+idt _KiTrap0F,         INT_32_DPL0  /* INT 14-28: UNDEFINED INTERRUPTS      */
 ENDR
+idt _KiRaiseSecurityCheckFailure, INT_32_DPL3
+                                    /* INT 29: Handler for __fastfail       */
 idt _KiGetTickCount,   INT_32_DPL3  /* INT 2A: Get Tick Count Handler       */
 idt _KiCallbackReturn, INT_32_DPL3  /* INT 2B: User-Mode Callback Return    */
 idt _KiRaiseAssertion, INT_32_DPL3  /* INT 2C: Debug Assertion Handler      */
@ -113,6 +115,7 @@ TRAP_ENTRY KiTrap0F, KI_PUSH_FAKE_ERROR_CODE
 TRAP_ENTRY KiTrap10, KI_PUSH_FAKE_ERROR_CODE
 TRAP_ENTRY KiTrap11, KI_PUSH_FAKE_ERROR_CODE
 TRAP_ENTRY KiTrap13, KI_PUSH_FAKE_ERROR_CODE
+TRAP_ENTRY KiRaiseSecurityCheckFailure, KI_PUSH_FAKE_ERROR_CODE
 TRAP_ENTRY KiGetTickCount, KI_PUSH_FAKE_ERROR_CODE
 TRAP_ENTRY KiCallbackReturn, KI_PUSH_FAKE_ERROR_CODE
 TRAP_ENTRY KiRaiseAssertion, KI_PUSH_FAKE_ERROR_CODE
--- a/reactos/ntoskrnl/ke/i386/traphdlr.c
+++ b/reactos/ntoskrnl/ke/i386/traphdlr.c
@ -1460,6 +1460,46 @@ KiTrap13Handler(IN PKTRAP_FRAME TrapFrame)

 /* SOFTWARE SERVICES **********************************************************/

+VOID
+FASTCALL
+KiRaiseSecurityCheckFailureHandler(IN PKTRAP_FRAME TrapFrame)
+{
+    /* Save trap frame */
+    KiEnterTrap(TrapFrame);
+
+    /* Decrement EIP to point to the INT29 instruction (2 bytes, not 1 like INT3) */
+    TrapFrame->Eip -= 2;
+
+    /* Check if this is a user trap */
+    if (KiUserTrap(TrapFrame))
+    {
+        /* Dispatch exception to user mode */
+        KiDispatchException1Args(STATUS_STACK_BUFFER_OVERRUN,
+                                 TrapFrame->Eip,
+                                 TrapFrame->Ecx,
+                                 TrapFrame);
+    }
+    else
+    {
+        EXCEPTION_RECORD ExceptionRecord;
+
+        /* Bugcheck the system */
+        ExceptionRecord.ExceptionCode = STATUS_STACK_BUFFER_OVERRUN;
+        ExceptionRecord.ExceptionFlags = EXCEPTION_NONCONTINUABLE;
+        ExceptionRecord.ExceptionRecord = NULL;
+        ExceptionRecord.ExceptionAddress = (PVOID)TrapFrame->Eip;
+        ExceptionRecord.NumberParameters = 1;
+        ExceptionRecord.ExceptionInformation[0] = TrapFrame->Ecx;
+
+        KeBugCheckWithTf(KERNEL_SECURITY_CHECK_FAILURE,
+                         TrapFrame->Ecx,
+                         (ULONG_PTR)TrapFrame,
+                         (ULONG_PTR)&ExceptionRecord,
+                         0,
+                         TrapFrame);
+    }
+}
+
 VOID
 FASTCALL
 KiGetTickCountHandler(IN PKTRAP_FRAME TrapFrame)