Hermès Bélusca-Maïto
f694d12f0c
[NTOS:KE/MM] Some bug-fixes in the bugcheck code.
...
- Introduce the MmMakeKernelResourceSectionWritable() helper for
making the kernel resource memory section writable, and use it
in KeGetBugMessageText(). Indeed, this latter function patches
in place the bugcheck resource message to trim any trailing
newlines before displaying the message on screen.
See also https://github.com/osresearch/uxen/blob/83bad53/dm/introspection-win7.c#L286
that mentions it too.
This fixes bugcheck text display (e.g. the MANUALLY_INITIATED_CRASH one)
when using (at least) MSVC-built ReactOS, avoiding a Page-Fault
exception during the bugcheck.
- Cover KeGetBugMessageText() in SEH since we are accessing kernel
resources that could also be corrupted in bugcheck scenarii, and we
don't want to further bugcheck.
- Fix newline trimming loop.
- KiDoBugCheckCallbacks():
* Wrap the bugcheck CallbackRoutine call in SEH.
* Add a FIXME concerning the need of further memory validation of CurrentRecord.
- Add a FIXME concerning the need to run the bugcheck-reason callbacks
with the KbCallbackReserved1 reason, in KeBugCheckWithTf().
Mentioned in http://blog.ptsecurity.com/2012/06/customizing-blue-screen-of-death.html
2019-06-25 21:01:49 +02:00
Hermès Bélusca-Maïto
35f800c6e2
[NTOS] Minor formatting enhancements only + typo fixes.
2019-06-25 21:01:48 +02:00
Bișoc George
42ce8519b6
[FASTFAT][FLTMGR][NTOS] Do not explicitly call ObfDereferenceObject() ( #1636 )
...
"Most code should not directly call the platform-specific ObfDereferenceObject() function but use the ObDereferenceObject() macro instead."
CORE-16081
2019-06-22 16:20:58 +02:00
Hermès Bélusca-Maïto
4d5a2dd0f3
[NTOS:KE] Use multi-processor-aware KeGetPcr() instead of the legacy PCR.
2019-06-20 19:39:49 +02:00
Hermès Bélusca-Maïto
04906f2abb
[NTOS:KE] Fixup for the NMI task handler: handle NMI recursion. -- Code was lost in commit 2efed8ef
(r45040).
2019-06-20 19:39:44 +02:00
Hermès Bélusca-Maïto
3c8f19eb21
[NTOS:KE] Improvements for the Trap02 (NMI) and Trap08 (double-fault) exception handlers.
...
- Add FRAME_TSS FPO debug information for Trap02 and Trap08.
- Switch the active TSS in Trap08 in the very same way as is done in Trap02.
This allows to correctly debug NMI and double-fault exceptions with WinDbg,
by following the different TSS contexts, as described in:
https://blogs.msdn.microsoft.com/debuggingtoolbox/2008/02/22/special-command-analyzing-and-reconstructing-the-stack-using-the-k-command-and-its-variations/
https://blogs.msdn.microsoft.com/ntdebugging/2009/11/25/part-1-got-stack-no-we-ran-out-of-kernel-mode-stack-and-kv-wont-tell-me-why/
http://www.osronline.com/article.cfm?article=254 and http://www.osronline.com/article.cfm?article=328
2019-06-20 19:38:56 +02:00
Hermès Bélusca-Maïto
d15e36a1f1
[NTOS:KE][SDK:ASM] Code formatting/styling only.
...
- Un-hardcode the RPL_MASK value.
- s/KiUnexpectedInterrupt&Number/KiUnexpectedInterrupt&Vector/
- Use C-style comments in traphdlr.c as everywhere else in the file.
- Update the URLs for the MSDN "FPO" macro documentation.
2019-06-20 18:07:59 +02:00
Eric Kohl
6866c0aede
[NTOSKRNL][USETUP][UMPNPMGR] Pass user response data to NtPlugPlayControl(PlugPlayControlUserResponse).
...
- Windows requires 16 bytes of response data.
- Add the PLUGPLAY_CONTROL_USER_RESPONSE_DATA type.
- Usetup and Umpnpmgr must fail if NtPlugPlayControl(PlugPlayControlUserResponse) does not return STATUS_SUCCESS.
2019-06-12 13:48:27 +02:00
Hermès Bélusca-Maïto
9060b0cb7a
Fix build (forgot a comma ;)
2019-06-11 22:36:10 +02:00
Hermès Bélusca-Maïto
41e7c818d1
[NTOS] IoSetHardErrorOrVerifyDevice(): Check whether the IRP is not associated with any thread.
2019-06-11 22:29:34 +02:00
Pierre Schweitzer
f6eb13a969
[NTOSKRNL] Rework ObpDeleteSymbolicLinkName and ObpCreateSymbolicLinkName
...
So that they handle LUID mappings and process device maps.
Get rid of the ObpParseSymbolicLinkToIoDeviceObject helper and introduce a
new helper ObpProcessDosDeviceSymbolicLink that will do the same things
but also handle name creation/deletion as well as device map handling.
All this is based on previous code (hence the same comments :-)).
What's left to do now is to add support for device maps in ObpLookupObjectName
2019-06-11 21:21:52 +02:00
Pierre Schweitzer
33604e0147
[NTOSKRNL] Fix ObpLUIDDeviceMapsEnabled initialization
2019-06-10 21:17:21 +02:00
Pierre Schweitzer
651ba03c6d
[NTOSKRNL] Taggify some allocs
2019-06-10 14:54:55 +02:00
Pierre Schweitzer
a5daa8894d
[NTOSKRNL] Implement SepCleanupLUIDDeviceMapDirectory
...
This will clean up all the links (drive letters) created
by an user on session deletion once LUID device maps are
in use
2019-06-10 14:49:50 +02:00
Pierre Schweitzer
5ecc05003d
[NTOSKRNL] On session last reference removal, dereference LUID device map
2019-06-10 12:30:49 +02:00
Pierre Schweitzer
ad80715b1a
[NTOSKRNL] Implement NtSetInformationProcess:ProcessDeviceMap
2019-06-10 10:35:24 +02:00
Eric Kohl
8319c73e2e
[NTOS:IO] Implement the PlugPlayControl.PlugPlayControlEnumerateDevice request
...
Drivers for Intel Pro/1000 NICs seem to install properly.
2019-06-08 20:42:38 +02:00
Serge Gautherie
cf27695269
[NTOS:MM] PeFmtCreateSection(): Improve AMD64 image failure case
...
Addendum to 98638cc2df
.
CORE-15981
2019-06-04 18:22:19 +02:00
Pierre Schweitzer
fd4752450f
[NTOSKRNL] Add support for global DOS directory in ObpLookupEntryDirectory
...
If any exists, we'll loop over in that directory, trying to find the object
2019-06-02 21:46:35 +02:00
Pierre Schweitzer
9c3c0d123b
[NTOSKRNL] In case IopMountVolume call is a success, return its VPB
...
This fixes an extra (erroneous) reference being set on the VPB.
Based on a patch by Vadim Galyant
CORE-16080
2019-06-02 10:48:35 +02:00
Pierre Schweitzer
f8a4d31da4
[NTOSKRNL] On process primary token change, dereference device map
2019-06-02 10:00:17 +02:00
Pierre Schweitzer
de17b36037
[NTOSKRNL] Implement ObSetDirectoryDeviceMap
2019-06-01 21:22:30 +02:00
Pierre Schweitzer
7c618faa32
[NTOSKRNL] Implement SeGetLogonIdDeviceMap
2019-06-01 21:09:20 +02:00
Pierre Schweitzer
4bf7d54910
[NTOSKRNL] Implement ObpSetCurrentProcessDeviceMap
2019-06-01 18:58:36 +02:00
Pierre Schweitzer
57c6086806
[NTOSKRNL] Implement ObpReferenceDeviceMap()
2019-06-01 18:43:38 +02:00
Pierre Schweitzer
59806f7eb0
[NTOSKRNL] Stub SeGetLogonIdDeviceMap
2019-06-01 18:37:47 +02:00
Pierre Schweitzer
445e895932
[NTOSKRNL] Simplify NtQueryInformationProcess:ProcessDeviceMap implementation
2019-06-01 17:40:23 +02:00
Pierre Schweitzer
46b90ccb96
[NTOSKRNL] Add support for LUID mappings in ObQueryDeviceMapInformation
2019-06-01 17:40:18 +02:00
Pierre Schweitzer
1074a9aaff
[NTOSKRNL] Implement support for PROCESS_DEVICEMAP_INFORMATION_EX in NtQueryInformationProcess
2019-06-01 15:18:52 +02:00
Pierre Schweitzer
b16a07fa69
[NTOSKRNL] Implement ObIsLUIDDeviceMapsEnabled and call it in NtQueryInformationProcess
2019-06-01 14:56:28 +02:00
Pierre Schweitzer
7898b2eaa3
[NTOSKRNL] Disable LUID mapping until it's properly implemented
2019-06-01 14:40:54 +02:00
Pierre Schweitzer
848f7bb687
[NTOSKRNL] On device map freeing, make directory object temporary again
2019-06-01 13:59:13 +02:00
Pierre Schweitzer
221ed88141
[NTOSKRNL] De-duplicate code between Ob(f)DereferenceDeviceMap functions
2019-06-01 13:54:34 +02:00
Pierre Schweitzer
1b42731dca
[NTOSKRNL] Add a few ASSERTs to ObpGetDosDevicesProtection for DBG builds
2019-06-01 13:51:40 +02:00
Pierre Schweitzer
8f655f9466
[NTOSKRNL] Implement ObpFreeDosDevicesProtection to free DACL
2019-06-01 13:44:55 +02:00
Pierre Schweitzer
933dddeb07
[NTOSKRNL] Modify ObpCreateDeviceMap so that it can handle any process
...
It is now able to set the newly created device map to any
process and will default to current process if none is provided.
It also sets system device map if no process is specified.
It also deferences existing device map in the process if needed.
Finaly, it will make the directory object permanant.
2019-06-01 13:35:41 +02:00
Hervé Poussineau
e5bffe49da
[NTOS:KDBG] Use CONTEXT instead of KTRAP_FRAME
...
Change KdbpTrapFrameToKdbTrapFrame to prefer CONTEXT (if available) over
KTRAP_FRAME.
2019-05-23 11:04:40 +02:00
Hervé Poussineau
f7ec84eea0
[NTOS:KD] Remove some _WINDK_ usages
...
- Always include kd64.h
- Change KdpPrompt() prototype to be compatible between KDBG and _WINDK_
- Rename KdComponentTable to KdpComponentTable to prevent a conflict
- Add some functions stubs and global variables
2019-05-23 11:04:40 +02:00
Hervé Poussineau
f5e962ff2e
[NTOS:KD] Remove dead code
2019-05-23 11:04:40 +02:00
Hervé Poussineau
95d5b39b57
[NTOS:KD] Remove CTRL+C pending support left over, likely broken by 5a6adb4f13
2019-05-23 11:04:40 +02:00
Hervé Poussineau
f6cec6d5cb
[NTOS:KD] Remove /BREAK support left over, likely broken by 819a0ed90a
2019-05-23 11:04:40 +02:00
Pierre Schweitzer
fe6c7f05e2
[NTOSKRNL] Use the security descriptor for all the symlinks
2019-05-21 19:28:17 +02:00
Pierre Schweitzer
95d303bf13
[NTOSKRNL] Simplify ObpCreateGlobalDosDevicesSD by using a SD on the stack
...
Rename it to ObpGetDosDevicesProtection to reflect the two previous changes:
its purpose is to return a DACL matching protection mode
2019-05-21 19:28:16 +02:00
Pierre Schweitzer
33f524c625
[NTOSKRNL] Use relaxed ACLs in ObpCreateGlobalDosDevicesSD when protection mode is not set
2019-05-21 19:28:16 +02:00
Pierre Schweitzer
1c4e44592c
[NTOSKRNL] Save ProtectionMode value on boot
2019-05-21 19:28:16 +02:00
Pierre Schweitzer
f821e1742c
[NTOSKRNL] Implement NtQuerySystemInformation(SystemObjectSecurityMode)
2019-05-18 10:37:25 +02:00
Pierre Schweitzer
a33a69b3f4
[NTOSKRNL] Save ObjectSecurityMode value on boot
2019-05-18 10:37:24 +02:00
Mark Jansen
98638cc2df
[NTOS/MM] Recognize AMD64 image in PeFmtCreateSection failure case
2019-05-15 19:39:56 +02:00
Thomas Faber
f86360fdbc
[NTOS:CM] Do not call ZwQueryObject with a zero-size buffer. CORE-15882
...
Actually fixes ntdll_apitest:NtLoadUnloadKey.
2019-05-07 13:52:50 +02:00
Thomas Faber
d3fa3b0ca2
[NTOS:CM] Check for correct status from ZwQueryObject. CORE-15882
...
Fixes regression in ntdll_apitest:NtLoadUnloadKey from d570482bc7
.
2019-05-05 17:57:12 +02:00
Thomas Faber
5706f6e9f4
[NTOS:PNP] Reduce the size of the pool buffer in IopGetParentIdPrefix. CORE-15882
2019-05-05 10:39:29 +02:00
Thomas Faber
2f1fab41fa
[NTOS:CM] Reduce the size of some unnecessarily large stack buffers. CORE-15882
2019-05-05 10:39:26 +02:00
Thomas Faber
047a3bf79a
[NTOS:CM] Simplify CmpGetRegistryPath to avoid unnecessary stack buffers. CORE-15882
2019-05-05 10:39:22 +02:00
Thomas Faber
d570482bc7
[NTOS:CM] Avoid a fixed-length stack buffer in CmpCmdHiveOpen. CORE-15882
2019-05-05 10:39:18 +02:00
Thomas Faber
26ab9f8a03
[NTOS:CM] Avoid a fixed-length stack buffer in CmpAddToHiveFileList. CORE-15882
2019-05-05 10:39:14 +02:00
Thomas Faber
f3a280f52b
[NTOS] Use correct buffer size when calling MiResolveImageReferences. CORE-15882
2019-05-05 10:39:11 +02:00
Thomas Faber
ccb91bebbe
[NTOS:PNP] Avoid a fixed-length stack buffer in IopActionConfigureChildServices. CORE-15882
2019-05-05 10:39:07 +02:00
Thomas Faber
e1b20681f5
[NTOS:IO] Avoid a fixed-length buffer in IopGetDriverObject. CORE-15882
2019-05-05 10:39:01 +02:00
Thomas Faber
6fdff1f970
[NTOS:KDBG] Avoid use of MAX_PATH. CORE-15882
2019-05-05 10:38:10 +02:00
Mark Jansen
2450dec427
[NTOS/MM] Ensure ImageBase is not used uninitialized
2019-04-30 18:57:43 +02:00
Hermès Bélusca-Maïto
884db2ea06
[NTOS:CM] In CmpParseKey(), do not assert but instead correctly return failure if CmpHandleExitNode() doesn't return a valid node, or CmpCreateKeyControlBlock() fails.
2019-04-22 21:09:10 +02:00
Hermès Bélusca-Maïto
627b1df579
[NTOS] Fix typos.
2019-04-22 19:41:19 +02:00
Bernhard Feichtinger
f5471b7b4b
[NTOS][USERSRV] Silence noisy debug output.
2019-04-22 17:41:17 +02:00
Eric Kohl
cfe54aa4b5
[NTOSKRNL] Revert f71588ff
as it seems to break the tests
2019-04-20 23:26:57 +02:00
Pierre Schweitzer
335b906ca8
[NTOSKRNL] Drop the useless Timestamp field
2019-04-20 11:31:59 +02:00
Pierre Schweitzer
77b6899d89
[NTOSKRNL] Don't set VACB dirty on release if already dirty
...
CORE-15954
2019-04-20 11:23:35 +02:00
Pierre Schweitzer
bd75947372
[NTOSKRNL] Drop the no longer needed Dirty field
...
CORE-15954
2019-04-18 08:14:41 +02:00
Pierre Schweitzer
8b6696fcdb
[NTOSKRNL] Don't mark VACB dirty on unpin
...
This could happen if BCB was marked dirty previously.
Marking VACB dirty on unpin could lead to a double write of
the VACB, even if clean.
Indeed, now that setting BCB dirty leads to marking VACB
dirty, the VACB can be flushed in between by the lazy-writer.
The BCB state is not reset on VACB flush, contrary to the VACB state.
Thus, on unpin even if the VACB was already flushed, we were
setting back the dirty state, leading the VACB to be flushed again.
This could bring a small performance downgrade. Though it remains
limited since this is mostly used for FS metadata.
Possibly it could lead to metadata corruption, but this is likely
less possible.
CORE-15954
2019-04-17 22:35:19 +02:00
Eric Kohl
f71588ff7a
[NTOSKRNL] NtPowerInformation: Report an AC powered machine by default.
2019-04-16 20:41:21 +02:00
Eric Kohl
fb36723066
[NTOSKRNL] Initialize GUID_DEVICE_BATTERY properly
2019-04-08 21:19:57 +02:00
Hervé Poussineau
4d1a8f8f54
[NTOS:FSRTL] Use _SEH2_AbnormalTermination() instead of _abnormal_termination()
...
We're already using SEH2 macros, so also use SEH2 functions
2019-04-07 19:28:18 +02:00
Eric Kohl
626aaf227c
[NTOSKRNL] Use global power capabilities and report button presence
...
- Add and initialize a global power capabilities variable.
- Return the global power capabilities via NtPowerInformation.SystemPowerCapabilities.
- Report the presence of power button, sleep button and lid.
2019-04-07 16:42:58 +02:00
Jérôme Gardou
979972b900
[CMAKE] unset EXPORT_SYMBOL for modules and shared libraries
...
We don't use that
2019-04-06 17:43:38 +02:00
Bartosz Brachaczek
d256ff6006
[NTOSKRNL] Do not try to access OldBackTracking[-1]
...
It can be triggered by the existing "F<", "FILE.TXT" case in the tests.
CORE-15902
2019-04-01 08:28:00 +02:00
Bartosz Brachaczek
695e00fbbd
[NTOSKRNL] Unify buffer size calculation in FsRtlIs{Name,Dbcs}InExpression
...
It better captures the intent now in FsRtlIsNameInExpressionPrivate and
fixes a slight overallotion by 4 bytes in FsRtlIsDbcsInExpression.
While at it, use the ANSI_DOS_DOT macro in the Dbcs version.
CORE-15902
2019-04-01 08:27:59 +02:00
Bartosz Brachaczek
e9b438bfaa
[NTOSKRNL] Addendum to 21d2c70
: properly start DOS_START loop
...
Fixes last failing test.
CORE-15902
2019-03-31 19:35:25 +02:00
Maxim Smirnov
d29e216f99
[NTOSKRNL] In MmCreateImageSection, properly check whether cache was initialized
...
This fixes a crash that occurs if nul is typed in cmd.exe
2019-03-31 13:51:06 +02:00
Bartosz Brachaczek
8bc9935fcb
[NTOSKRNL] Properly copy backtracking buffer content on realloc
...
CORE-15902
2019-03-31 11:44:01 +02:00
Bartosz Brachaczek
21d2c70bb4
[NTOSKRNL] Properly compare position to name length in FsRtlIsNameInExpressionPrivate
...
CORE-15902
2019-03-31 11:44:00 +02:00
Bartosz Brachaczek
5d5e9c8486
[NTOSKRNL] Don't overflow backtrack stack buffer
...
CORE-15902
2019-03-31 11:44:00 +02:00
Bartosz Brachaczek
b1ae592e7f
[NTOSKRNL] Don't oversize buffer for backtracking in FsRtlIsNameInExpressionPrivate
...
CORE-15902
2019-03-31 11:44:00 +02:00
Thomas Faber
d605b5063f
[NTOS:IO] Send IRPs to the correct device in IoVolumeDeviceToDosName. CORE-15415
2019-03-30 10:13:27 +01:00
Pierre Schweitzer
3a5063948e
[MEH] Forgot that file :-(
2019-03-29 21:51:41 +01:00
Pierre Schweitzer
ef8b1a1907
[NTOSKRNL] We don't need an event if we don't issue an IRP
2019-03-29 21:47:34 +01:00
Pierre Schweitzer
28ba29e457
[NTOSKRNL] Implement support for FileFsDriverPathInformation in NtQueryVolumeInformationFile
2019-03-29 21:42:42 +01:00
Pierre Schweitzer
092c37f845
[NTOSKRNL] Do. Not. L. E. A. K.
2019-03-29 19:51:38 +01:00
Pierre Schweitzer
d75ccd01f7
[NTOSKRNL] Only allow direct device open for FileFsDeviceInformation
2019-03-28 22:39:38 +01:00
Pierre Schweitzer
ce6488df31
[NTOSKRNL] Add a quick path for FileFsDeviceInformation in NtQueryVolumeInformationFile
...
This allows querying volume information without issuing an IRP to the owner device.
The kernel is supposed to already have all the required information to return
to the caller.
Side effect: this allows querying volume information for devices not implementing
IRP_MJ_QUERY_VOLUME_INFORMATION such as null.sys
This fixes opening null device in Python.
Fix based on debugging by Maxim Smirnov in PR #1442
CORE-14551
2019-03-28 22:39:38 +01:00
Thomas Faber
8c358a4a90
[NTOS:FSTUB] Unfix format string warning until GUID definition is fixed.
2019-03-25 22:40:41 +01:00
Thomas Faber
a976ebb031
[NTOS:IO] Avoid an unnecessary stack buffer in OpenRegistryHandlesFromSymbolicLink. CORE-15882
2019-03-25 08:43:47 +01:00
Thomas Faber
b0bb3d0041
[NTOS:FSTUB] Fix a clang format string warning.
2019-03-25 08:41:55 +01:00
Thomas Faber
57225adaac
[NTOS:IO] Fix always-false condition in IoCheckEaBufferValidity.
...
Spotted by clang.
2019-03-25 08:41:51 +01:00
Thomas Faber
faaf2dc0e6
[NTOS:KDBG] Fix uninitialized variable usage.
...
Spotted by clang.
2019-03-25 08:41:44 +01:00
Thomas Faber
938f0e469d
[NTOS:IO] Enable privilege check in NtLoadDriver.
2019-03-11 08:30:14 +01:00
Timo Kreuzer
8a4c5763da
[NTOS:PS] Use NULL instead of 0 in ps/kill.c
2019-03-06 00:49:59 +01:00
Timo Kreuzer
addc01d90b
[NTOS:KE] Add function comments
2019-03-06 00:39:25 +01:00
Timo Kreuzer
42730f9373
[NTOS:EX] Fix 64 bit issues in ExfWaitForRundownProtectionReleaseCacheAware
2019-03-04 21:58:42 +01:00
Pierre Schweitzer
1114b89952
[NTOSKRNL] Fix MSVC2010 build
2019-03-02 11:10:37 +01:00
Pierre Schweitzer
c2b6c3a69f
[NTOSKRNL] Fix ClockDiff aka fix MSVC build
2019-03-02 10:45:34 +01:00
Pierre Schweitzer
eb8b481cd4
[NTOSKRNL] Rewrite/fix our UUID generation implementation
...
So that it matches Windows behavior
Also implement ExUuidCreate that will generate UUID version 1
The implementation is based on the RFC 4122
2019-03-01 08:22:48 +01:00
Pierre Schweitzer
2d9673c68f
[NTOSKRNL] Introduce the UUID_CACHED_VALUES_STRUCT structure
...
Source: https://blog.48bits.com/el-codigo-ntoskvinci/
2019-03-01 08:22:47 +01:00
Pierre Schweitzer
81c88c1029
[NTOSKRNL] UuidMutex -> ExpUuidLock
2019-03-01 08:22:47 +01:00
Mark Jansen
5c05a29d3d
[APPHELP] Implement ShimDumpCache and ShimFlushCache
...
These functions simply call into the Base* functions,
having a prototype that is compatible with rundll32
CORE-11301
2019-02-25 20:00:34 +01:00
Timo Kreuzer
81727760e4
[NTOS::Mm] Fix inverted check in MiWriteProtectSystemImage
2019-02-24 20:34:02 +01:00
Thomas Faber
cf40421041
[NTOS:PNP] Correctly respect data size in PnpRegSzToString. CORE-15766
...
Spotted by Vadim Galyant.
2019-02-20 12:23:33 +01:00
Hermès Bélusca-Maïto
83fdb9a6d9
[NTOS:CM] Set and reset the CMHIVE HiveIsLoading flag adequately. Fix an assertion in CmFlushKey() and reset the CMHIVE ViewLockOwner when releasing the view lock.
2019-02-17 01:21:35 +01:00
Pierre Schweitzer
63b13ad939
[NTOSKRNL] Simplify object type name printing
2019-02-11 09:03:58 +01:00
Pierre Schweitzer
df829f7948
[NTOSKRNL] Also display sections name
2019-02-10 11:23:57 +01:00
Pierre Schweitzer
f4320047c3
[NTOSKRNL] Fix parsing loop
2019-02-09 13:59:11 +01:00
Pierre Schweitzer
2991f6e76e
[NTOSKRNL] Add a first implementation of !handle command in KDBG
...
It allows dumping all the handles (filtered by PID/Process)
and it displays basic information about file and key handles
2019-02-09 13:46:35 +01:00
Serge Gautherie
84e76b1c4c
[NTOS:MM] ExFreePoolWithTag(): Accept tag mismatch, on release build only ( #1334 )
...
"Release" builds should not BSoD on 'Freeing pool - invalid tag specified' case,
this is compatible with Windows behaviour.
Nothing changes otherwise concerning the "Debug" builds, where pool-tag mismatch
triggers a BSoD as expected.
CORE-15446
2019-02-07 16:57:56 +01:00
Andrew Cook
d8e92b5a0a
Merge pull request #1335 from ariscop/CMP0065
...
Fixes for upstream cmake
2019-02-03 12:57:20 +01:00
Thomas Faber
066ee4db3b
[NTOS:MM] Dump pool consumers at most once per second.
...
This should avoid some log spam during kmtest:ExPools, which
intentionally depletes pool.
2019-02-03 12:54:36 +01:00
Thomas Faber
f5fc9e0cf2
[NTOS:OB] Correctly handle OBJ_PROTECT_CLOSE in ObDuplicateObject.
2019-02-02 23:02:50 +01:00
Thomas Faber
63977328b1
[NTOSKRNL] Guard against negative InformationClass enum values. CORE-15651
2019-02-02 22:50:02 +01:00
Pierre Schweitzer
a6dc1d69bc
[NTOS:MM] On big pool enumeration, return entry instead of base VA
2019-02-02 10:45:15 +01:00
Serge Gautherie
0483a5a380
[NTOS:OB] Correctly check SeSinglePrivilegeCheck() return value ( #1323 )
...
SeSinglePrivilegeCheck() returns a BOOLEAN, not a NTSTATUS.
CORE-14271
2019-01-30 00:43:13 +01:00
Hermès Bélusca-Maïto
06d4fce5ee
[NTOS:MM] Some fixes for NtCreatePagingFile().
...
- Correctly probe the FileName user pointer before capturing its contents.
- A paging file name with zero length is invalid too.
- Remember (TODO!) in the code that the lower bounds of the Safe*Size values
need to be checked too!
2019-01-28 22:22:56 +01:00
Yaroslav Kibysh
5910a443c3
[NTOS:INBV] Fix the rotation line bitmap ( #1295 )
2019-01-23 13:24:40 +01:00
Jérôme Gardou
5d6c286981
[NTOS/KE] Add diagnosis DPRINT for CORE-15642
2019-01-21 09:38:29 +01:00
Thomas Faber
21ea19c40f
[NTOS:KE] Remove unnecessary breakpoint in KiRaiseException. CORE-15640
2019-01-20 09:57:03 +01:00
Timo Kreuzer
3410b25fde
[NTOS] Turn broken assert into DPRINT
2019-01-19 13:38:24 +01:00
Timo Kreuzer
65dbfc2868
[NTOS:Mm] Rewrite MiWriteProtectSystemImage ( #749 )
...
* The previous version was overcomplicated and broken and therefore disabled.
* The new version also enforces NX protection on x64.
* Now that protecting works, also protect the boot loaded images.
2019-01-18 22:11:43 +01:00
Yaroslav Kibysh
0d86ab6a18
[NTOS:INBV] Update the boot screen's rotation bar's image ( #1256 )
...
Make it smoother than what it currently is.
2019-01-17 20:45:40 +01:00
Pierre Schweitzer
d9a3fd16d4
[NTOSKRNL] Add support for callback when enumerating large pool allocations
2019-01-15 22:07:35 +01:00
Thomas Faber
e7de564bfc
[NTOS:MM] Implement big pool table expansion. CORE-15051
2019-01-09 08:18:38 +01:00
Pierre Schweitzer
a3f8813fff
[NTOSKRNL] Add support for large allocations in !poolfind
2019-01-08 08:43:23 +01:00
Pierre Schweitzer
e1342127f0
[NTOSKRNL] In !irpfind, add info about current stack major/minor
2019-01-08 08:43:23 +01:00
Pierre Schweitzer
e6a1851684
[NTOSKRNL] Misc fixes to !irpfind
2019-01-06 23:21:20 +01:00
Pierre Schweitzer
36f90e7e46
[NTOSKRNL] Move KDBG MM functions implementation to their own file
2019-01-06 22:50:57 +01:00
Pierre Schweitzer
25e14ae2a8
[NTOSKRNL] Fix !irpfind usage message
2019-01-06 13:00:43 +01:00
Pierre Schweitzer
28193399ee
[NTOSKRNL] Properly check for address validity in !poolfind
2019-01-06 12:58:14 +01:00
Pierre Schweitzer
47b48520b5
[NTOSKRNL] Reimplement !irpfind using !poolfind helpers
...
This allows avoiding one of the previous implementation limits:
leaked IRP not queued to a thread are now totally visible since
we look directly in the memory pool.
2019-01-06 12:49:57 +01:00
Pierre Schweitzer
12e579567c
[NTOSKRNL] Implement !poolfind command in KDBG
...
For now, it allows searching for pool allocations in
both paged and non paged pool.
It is based on Andreas Schuster work to identify POOL_HEADER
structures.
2019-01-06 11:56:38 +01:00
Timo Kreuzer
cfd1647914
[REACTOS] Fix misc 64 bit issues ( #783 )
...
* [WIN32K] Fix handle calculation in DbgGdiHTIntegrityCheck
* [NOTEPAD] Fix MSVC warnings
* [PSDK] Simplify *PROC definitions in windef.h
* [VIDEOPRT] Don't try to use NtVdmControl on x64
* [FREELDR] Fix some macros
* [CRT] Make qsort 64 bit compatible
* [NTOS] Use #ifndef _WIN64 instead of #ifdef _M_IX86 around C_ASSERTs
* [FAST486] Fix 64 bit warnings and change DWORD to ULONG, so it can be used in kernel mode
* [APPHELP_APITEST] Fix 64 bit issue
2019-01-05 10:50:11 +01:00
Pierre Schweitzer
d6dc1fd231
[NTOSKRNL] Add a raw implementation of !irpfind in kdbg
...
This is far from perfect, and totally doesn't match the
WinDBG way of doing it. Instead of browsing pool to find
matching 'IRP' tags, we just browse all the processes
to find the queued IRP. This requires the IRPs to be queued,
obviously, and will make us miss the leaked IRPs, for instance.
Proper way to do it would be to implement !poolfind and then
rely on its implementation to find our IRPs.
Perhaps later ;-)
2019-01-01 22:00:56 +01:00
Hermès Bélusca-Maïto
3fc3447f3e
Happy New Year 2019 everybody!
2019-01-01 00:00:00 +01:00
Pierre Schweitzer
1a93d83f92
[SDK] Add PsGetCurrentThreadTeb() to the DDK
2018-12-31 11:19:35 +01:00
Hermès Bélusca-Maïto
bf6b5e1ceb
[NTOS] Fix a NULL-pointer access bug.
2018-12-30 15:26:43 +01:00
Hermès Bélusca-Maïto
fefb982d64
[NTOS] Don't use TAG_IO_NAME when calling ExFreePoolWithTag() for freeing FileObject->FileName.Buffer .
...
This may look strange, since this buffer is originally allocated using
the TAG_IO_NAME tag. However, it happens that file-system drivers are
allowed to re-allocate this buffer: this is what the MS' open-sourced
CDFS driver does, see e.g. CdCommonCreate() and CdNormalizeFileNames()
in cdfs/create.c .
This fixes a pool tag mismatch 'mNoI' != 'nFdC' BSOD when resources
are freed when closing a file that has been opened with a relative name
on a CDFS-mounted volume.
2018-12-30 15:26:42 +01:00
Hermès Bélusca-Maïto
d3a97e2228
[NTOS] Code formatting only.
2018-12-30 15:26:35 +01:00
Timo Kreuzer
71fefa32db
[NDK][NTOS] Add global definition of INIT_FUNCTION/INIT_SECTION ( #779 )
...
* Add an NDK header to define INIT_FUNCTION/INIT_SECTION globally
* Use _declspec(allocate(x)) and _declspec(code_seg(x)) on MSVC versions that support it
* Use INIT_FUNCTION on functions only and INIT_SECTION on data only (required by MSVC)
* Place INIT_FUNCTION before the return type (required by MSVC)
* Make sure declarations and implementations share the same modifiers (required by MSVC)
* Add a global linker option to suppress warnings about defined but unused INIT section
* Merge INIT section into .text in freeldr
2018-12-30 12:19:11 +01:00
Eric Kohl
aecc523b6a
[NTOS:IO] Fix indentation. No code changes.
2018-12-29 17:49:38 +01:00
Mark Jansen
ec5c0c926b
[NTOS] When checking something for NULL, let's initialize it to NULL...
2018-12-27 23:03:22 +01:00
Eric Kohl
079f7027f6
[NTOS:IO] When a device has been started, create an Enum sub key to its service key and add the device instance name to the Enum sub key.
2018-12-25 23:04:27 +01:00
Pierre Schweitzer
e16241255d
[NTOSKRNL] Set the MemoryMaker flag when executing write behind
2018-12-23 14:59:42 +01:00
Pierre Schweitzer
7e97071c8b
[NTOSKRNL] Implement write behind in Cc
...
For now, this is just a split between scan and flush that
were both done during lazy scan previously.
Lazy scan shouldn't perform any write operation, but only
queue a write behind operation.
Our implementation is far from the original, as it seems
our lazy scan should queue a write behind operation per
shared cache map. Right now, we only perform global
operation.
2018-12-23 14:45:38 +01:00
Pierre Schweitzer
1a267045f8
[NTOSKRNL] Honor files that shouldn't be lazy written
2018-12-23 12:10:58 +01:00
Pierre Schweitzer
0917c64812
[NTOSKRNL] When growing a file, invalid the last VACB so that it can be refreshed
...
This will avoid corruption when a file size is little grown and read afterwards.
Up to now, FSD where reading 0es instead of expected data, causing corruption.
This fixes MS FastFAT not being able to mount a FAT volume in ReactOS, corrupting
the FAT.
This also fixes the CcSetFileSizes kmtest tests.
This is based on a patch by Thomas Faber.
CORE-11819
2018-12-23 11:19:14 +01:00
Serge Gautherie
4d1f13cf77
[NTOS:CC] CcCanIWrite(): Use BYTES_TO_PAGES(Length)
2018-12-21 19:20:59 +01:00
Pierre Schweitzer
1435ff95b4
[NTOSKRNL] Don't call AcquireForLazyWrite with the master lock held
...
This incorrect behavior was leading to a call at too high IRQL for paged code.
This was triggered by MS FastFAT.
ReleaseFromLazyWrite call was already correctly called to that regard.
CORE-11819
2018-12-21 08:46:40 +01:00
Hermès Bélusca-Maïto
b2bad34b9b
[NTOS] Addendum to 03873aee
: check that the computed size of the OEM-converted string is less than MAXUSHORT.
2018-12-21 00:34:56 +01:00
Pierre Schweitzer
daf9743c7b
[NTOSKRNL] Check that caller has the priviliege to unload a driver
...
Also, probe the service name when unloading a driver if called from
user-mode. This will avoid that userland applications can trigger an
invalid read in the kernel (and thus, a BSOD).
CORE-15468
2018-12-20 08:50:51 +01:00
Hermès Bélusca-Maïto
bc5acd8102
[NTOS] Minor formatting + don't hardcode sizeof(UCHAR) value.
2018-12-20 03:47:46 +01:00
Hermès Bélusca-Maïto
f4597b5540
[NTOS] Addendum to d8cb37bf
: return the correct Status from NtAllocateUuids().
2018-12-20 03:47:45 +01:00
Hermès Bélusca-Maïto
03873aeef3
[NTOS] Fixes for NtDisplayString().
...
- Require the user to have TCB privilege for using this function.
- Probe and capture the user-provided string (and avoid usermode-triggered BSODS ;-)
- Allocate the OEM-converted string in *NonPagedPool* because we are
going to transmit the buffer to BOOTVID.
2018-12-20 03:47:36 +01:00
Pierre Schweitzer
4f8b041bf0
[NTOSKRNL] Drop the ViewLock mutex in favour of the master spin lock
...
This will allow Cc calls during DPC, which is required by MS FastFAT
CORE-11819
2018-12-19 22:51:45 +01:00
Eric Kohl
b67dbdbea5
[NTOSKRNL] Fix indentation. No code changes.
2018-12-19 19:18:21 +01:00
Eric Kohl
7e56b21ad6
[NTOSKRNL] Fix indentation. No code changes.
2018-12-19 19:18:20 +01:00
Pierre Schweitzer
549793b8a4
[NTOSKRNL] Fix copy/pasta ;-)
2018-12-19 08:15:11 +01:00
Pierre Schweitzer
d8cb37bf15
[NTOSKRNL] Probe parameters in NtAllocateUuids() if called from user-mode
...
This will avoid that userland applications can trigger an invalid write in
the kernel (and thus, a BSOD).
CORE-15462
2018-12-19 08:09:04 +01:00
Pierre Schweitzer
6ca1c55c6e
[NTOSKRNL] Only allow SYSTEM to call NtSetUuidSeed()
...
Also, validate input buffer before attempting any operation on it.
This will avoid userland applications to be able to trigger an invalid
read in the kernel (and thus a BSOD).
Regarding access restriction, see:
https://stackoverflow.com/questions/1254244/need-access-to-ntsetuuidseed-from-a-non-localsystem-process
CORE-15460
2018-12-18 23:12:41 +01:00
Eric Kohl
167bffd80f
[NTOSKRNL] Add and call the CmpSaveBootControlSet() stub.
2018-12-16 12:49:59 +01:00
Eric Kohl
e8d16d0a7d
[NTOSKRNL] Fix indentation. No code changes.
2018-12-16 10:30:23 +01:00
Andrew Boyarshin
3ba51dc218
[NTOS:MM] Fix typo in MiCheckForUserStackOverflow
2018-12-12 12:57:08 +01:00
Eric Kohl
12fdc129cf
[NTOSKRNL] IopGetDeviceProperty: Send an IRP_MN_QUERY_CAPABILITIES request to the device in order to query the power capabilities.
2018-12-10 00:37:04 +01:00
Pierre Schweitzer
962b2fd66a
[NTOSKRNL] Implement SystemDpcBehaviourInformation query
2018-12-09 20:54:40 +01:00
Pierre Schweitzer
13d9d3ebbf
[NTOSKRNL] Also account PRCBs for Io operations counters
2018-12-09 19:30:07 +01:00
Pierre Schweitzer
e632375851
[NTOSKRNL] For SystemPerformanceInformation, return some info extracted from PRCB
...
This notably includes the amount of context switchs and system calls.
2018-12-09 18:56:50 +01:00
Pierre Schweitzer
4d974e56ee
[NTOSKRNL] Return the amount of hits in system lookaside lists in ExQueryPoolUsage()
2018-12-09 18:25:11 +01:00
Timo Kreuzer
431643b9b3
[NTOS:LPC] Add a number of DPRINTs on failure
2018-12-09 03:16:19 +01:00
Pierre Schweitzer
182cc5c5ab
[NTOSKRNL] Don't dereference VACB when allocating its memory area fails
...
This avoids performing a double-free (even though that's hidden by the
fact we use lookaside allocations for VACB), and it avoids freeing
a memory address at an uninitialized address.
We don't care about references here, the VACB was just allocated, never
linked and we're its only user.
CORE-15413
2018-12-08 19:56:03 +01:00
Pierre Schweitzer
67e7399164
[NTOSKRNL] Use proper enum type for IopCreateSecurityDescriptorPerType()
2018-12-04 19:20:47 +01:00
Pierre Schweitzer
73e7a5d474
[NTOSKRNL] Use the appropriated security descriptor when creating a device
...
CORE-9176
2018-12-04 19:13:57 +01:00
Pierre Schweitzer
36c38c45ee
[NTOSKRNL] Implement IopCreateDefaultDeviceSecurityDescriptor() and IopCreateSecurityDescriptorPerType()
...
CORE-9176
2018-12-04 19:13:57 +01:00
Andrew Boyarshin
198601a101
[NTOS:IO] Tiny improvement to debug message
...
Add quotes around string, since it is often empty, thus confusing in log.
2018-11-25 11:31:12 +01:00
Bernhard Feichtinger
8a0495063b
[NTOS:MM] Handle unimplemeted case for MiCheckForUserStackOverflow
2018-11-25 11:29:18 +01:00
Hermès Bélusca-Maïto
f87d9caf77
[NTOS:IO] Finally remove the dreadful IopParseDevice() hack! \o/
2018-11-25 09:00:40 +01:00
Pierre Schweitzer
4f1e9252f1
[NTOSKRNL] ExfReleaseRundownProtectionCacheAware*() functions don't return anything
2018-11-17 17:36:18 +01:00
Pierre Schweitzer
7ed17cd714
[NTOSKRNL] Implement ExfReInitializeRundownProtectionCacheAware()
...
We're done with cache-aware rundown protections!
2018-11-17 16:44:37 +01:00
Pierre Schweitzer
05cca64448
[NTOSKRNL] Implement ExfRundownCompletedCacheAware()
2018-11-17 16:44:37 +01:00
Pierre Schweitzer
fed61c6305
[NTOSKRNL] Replace ExGetRunRefForCurrentProcessor() by a more generic function
2018-11-17 16:44:36 +01:00
Pierre Schweitzer
7e849470af
[NTOSKRNL] Implement ExfWaitForRundownProtectionReleaseCacheAware()
2018-11-17 16:44:36 +01:00
Pierre Schweitzer
acdf74aa3b
[NTOSKRNL] Properly align runrefs on SMP in ExInitializeRundownProtectionCacheAware()
2018-11-17 16:44:36 +01:00
Pierre Schweitzer
c5db202bdc
[NTOSKRNL] Properly align allocation on SMP in ExAllocateCacheAwareRundownProtection()
2018-11-17 16:44:36 +01:00
Pierre Schweitzer
36fadc2dca
[NTOSKRNL] Implement ExfAcquireRundownProtectionCacheAwareEx(), ExfReleaseRundownProtectionCacheAwareEx()
2018-11-17 16:44:35 +01:00
Pierre Schweitzer
afb2214154
[NTOSKRNL] Simplify implementation of ExfAcquireRundownProtectionCacheAware(), ExfReleaseRundownProtectionCacheAware()
2018-11-17 16:44:35 +01:00
Pierre Schweitzer
010b9b5469
[NTOSKRNL] Implement ExGetRunRefForCurrentProcessor() to get runref for a proc
2018-11-17 16:44:35 +01:00
Pierre Schweitzer
7e36e76d5d
[NTOSKRNL] Implement ExfAcquireRundownProtectionCacheAware(), ExfReleaseRundownProtectionCacheAware()
2018-11-17 16:44:35 +01:00
Pierre Schweitzer
47d309b262
[NTOSKRNL] Implement ExSizeOfRundownProtectionCacheAware()
2018-11-17 16:44:35 +01:00
Pierre Schweitzer
ce94d37dbe
[NTOSKRNL] Implement ExInitializeRundownProtectionCacheAware()
2018-11-17 16:44:35 +01:00
Pierre Schweitzer
bc77f83888
[NTOSKRNL] Implement ExAllocateCacheAwareRundownProtection() and ExFreeCacheAwareRundownProtection()
2018-11-17 16:44:34 +01:00
Pierre Schweitzer
a0c33934fc
[NTOSKRNL] Properly check for negative values in IoCheckEaBufferValidity()
...
CID 1441355, 1441382
2018-11-16 22:07:08 +01:00
Pierre Schweitzer
95bc44e214
[NTOSKRNL] Don't leak DACL
...
Spotted by Thomas :-)
2018-11-11 23:21:36 +01:00
Hermès Bélusca-Maïto
cbaa8e7dfb
[NTOS:IO] RAW-FS: Few improvements.
...
- Simplify the volume-deletion code in RawCheckForDismount().
- Fixes the OpenCount check in RawClose(): the VCB mutex must be
released when the volume has not been dismounted, either because
OpenCount != 0 or because RawCheckForDismount() returned FALSE.
- Explicitly use VCB_STATE_LOCKED instead of hardcoding its value.
- In IRP_MN_VERIFY_VOLUME handling, lock the volume before playing
with it, and again let the volume be dismounted only if OpenCount == 0
(and the IoDeleteDevice() call is done by RawCheckForDismount()).
2018-11-11 21:56:18 +01:00
Hermès Bélusca-Maïto
a5ead049d9
[NTOS:IO] RAW-FS: Minor code formatting only.
2018-11-11 21:56:17 +01:00
Pierre Schweitzer
6747dacf10
[NTOSKRNL] Create a security descriptor for the \security directory object
2018-11-10 23:25:10 +01:00
Pierre Schweitzer
102ba75f15
[NTOSKRNL] Return security descriptor size when querying object basic info
2018-11-10 10:54:10 +01:00
Pierre Schweitzer
1fb32afefa
[NTOSKRNL] Return quota information when querying object basic info
2018-11-10 10:54:06 +01:00
Jérôme Gardou
df25e4e791
[NTOS/MM] Properly handle page faults in regions marked with
...
PAGE_NOACCESS or PAGE_GUARD
ROSTESTS-110
2018-11-03 12:50:16 +01:00