From ed06b843fbc7b6944f89cd9e9d26108dd2a08f14 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Herm=C3=A8s=20B=C3=A9lusca-Ma=C3=AFto?= Date: Sat, 31 Mar 2018 22:12:44 +0200 Subject: [PATCH] [NTOSKRNL] In addition to the hard-error port, reference also the process that handles the hard errors so that it doesn't disappear behind our back. On shutdown both the hard-error port and process are dereferenced. --- ntoskrnl/ex/harderr.c | 8 +++++--- ntoskrnl/ex/shutdown.c | 19 +++++++++++++++++++ ntoskrnl/include/internal/ex.h | 8 ++++++++ ntoskrnl/po/poshtdwn.c | 4 ++++ 4 files changed, 36 insertions(+), 3 deletions(-) diff --git a/ntoskrnl/ex/harderr.c b/ntoskrnl/ex/harderr.c index c5073a30b8d..84f409a1bbb 100644 --- a/ntoskrnl/ex/harderr.c +++ b/ntoskrnl/ex/harderr.c @@ -707,7 +707,7 @@ NtSetDefaultHardErrorPort(IN HANDLE PortHandle) KPROCESSOR_MODE PreviousMode = ExGetPreviousMode(); NTSTATUS Status = STATUS_UNSUCCESSFUL; - /* Check if we have the Privilege */ + /* Check if we have the privileges */ if (!SeSinglePrivilegeCheck(SeTcbPrivilege, PreviousMode)) { DPRINT1("NtSetDefaultHardErrorPort: Caller requires " @@ -718,7 +718,7 @@ NtSetDefaultHardErrorPort(IN HANDLE PortHandle) /* Only called once during bootup, make sure we weren't called yet */ if (!ExReadyForErrors) { - /* Reference the port */ + /* Reference the hard-error port */ Status = ObReferenceObjectByHandle(PortHandle, 0, LpcPortObjectType, @@ -727,9 +727,11 @@ NtSetDefaultHardErrorPort(IN HANDLE PortHandle) NULL); if (NT_SUCCESS(Status)) { - /* Save the data */ + /* Keep also a reference to the process handling the hard errors */ ExpDefaultErrorPortProcess = PsGetCurrentProcess(); + ObReferenceObject(ExpDefaultErrorPortProcess); ExReadyForErrors = TRUE; + Status = STATUS_SUCCESS; } } diff --git a/ntoskrnl/ex/shutdown.c b/ntoskrnl/ex/shutdown.c index 6022f27563e..864f92c40da 100644 --- a/ntoskrnl/ex/shutdown.c +++ b/ntoskrnl/ex/shutdown.c @@ -14,6 +14,25 @@ #define NDEBUG #include +/* PRIVATE FUNCTIONS *********************************************************/ + +VOID +NTAPI +ExShutdownSystem(VOID) +{ + /* Dereference the hard-error port and process objects */ + if (ExpDefaultErrorPort) + { + ObDereferenceObject(ExpDefaultErrorPort); + ExpDefaultErrorPort = NULL; + } + if (ExpDefaultErrorPortProcess) + { + ObDereferenceObject(ExpDefaultErrorPortProcess); + ExpDefaultErrorPortProcess = NULL; + } +} + /* FUNCTIONS *****************************************************************/ /* diff --git a/ntoskrnl/include/internal/ex.h b/ntoskrnl/include/internal/ex.h index 053b8c813c1..091b90783d7 100644 --- a/ntoskrnl/include/internal/ex.h +++ b/ntoskrnl/include/internal/ex.h @@ -31,6 +31,9 @@ extern KSPIN_LOCK ExpPagedLookasideListLock; extern ULONG ExCriticalWorkerThreads; extern ULONG ExDelayedWorkerThreads; +extern PVOID ExpDefaultErrorPort; +extern PEPROCESS ExpDefaultErrorPortProcess; + /* * NT/Cm Version Info variables */ @@ -60,6 +63,7 @@ extern WINKD_WORKER_STATE ExpDebuggerWork; extern PEPROCESS ExpDebuggerProcessAttach; extern PEPROCESS ExpDebuggerProcessKill; extern ULONG_PTR ExpDebuggerPageIn; + VOID NTAPI ExpDebuggerWorker(IN PVOID Context); // #endif /* _WINKD_ */ @@ -227,6 +231,10 @@ ExpInitializeExecutive( IN PLOADER_PARAMETER_BLOCK LoaderBlock ); +VOID +NTAPI +ExShutdownSystem(VOID); + BOOLEAN NTAPI ExpInitializeEventImplementation(VOID); diff --git a/ntoskrnl/po/poshtdwn.c b/ntoskrnl/po/poshtdwn.c index 04618c9f546..719f8b8b930 100644 --- a/ntoskrnl/po/poshtdwn.c +++ b/ntoskrnl/po/poshtdwn.c @@ -278,6 +278,10 @@ PopGracefulShutdown(IN PVOID Context) DPRINT("Configuration Manager shutting down\n"); CmShutdownSystem(); + /* Shut down the Executive */ + DPRINT("Executive shutting down\n"); + ExShutdownSystem(); + /* Note that modified pages should be written here (MiShutdownSystem) */ /* Flush all user files before we start shutting down IO */