CORE-12686
Isolate PathCch* functions from Wine implementation in kernelbase
(which are mixed with a ton of unrelated stuff).
These functions are compiled into a pathcch.lib library, similarly
to the one in the official MS PSDK. Excepting that here, their actual
implementation is in the library. This contrasts with the one in the
MS PSDK, which is an import library to an apiset DLL.
The pathcch.h header is an original one, that contains SAL annotations
and descriptive parameter names, based on the MinGW and MS PSDK headers.
Wine's header was not used as it is poor and incomplete.
Co-authored-by: Katayama Hirofumi MZ <katayama.hirofumi.mz@gmail.com>
Sometimes repairing a broken hive with a hive log does not always guarantee the hive
in question has fully recovered. In worst cases it could happen the LOG itself is even
corrupt too and that would certainly lead to a total unbootable system. This is most likely
if the victim hive is the SYSTEM hive.
This can be anyhow solved by the help of a mirror hive, or also called an "alternate hive".
Alternate hives serve the purpose as backup hives for primary hives of which there is still
a risk that is not worth taking. For now only the SYSTEM hive is granted the right to have
a backup alternate hive.
=== NOTE ===
Currently the SYSTEM hive can only base upon the alternate SYSTEM.ALT hive, which means the
corresponding LOG file never gets updated. When time comes the existing code must be adapted
to allow the possibility to use .ALT and .LOG hives simultaneously.
As we iterate over the chunk hive data pointer for hive bins that we are going
to enlist, we might encounter one or several bins that would get corrupted
during a premature abortion of a registry writing operation such as due to
a power outage of the system, hardware malfunction, etc.
Corruption at the level of hive bins is nasty because they contain actual cell
data of registry information such as keys, values etc. Assuming a bin is corrupt
in part we can fix it by recovering some of the bin properties that, theoretically,
could be fixed -- namely the signature, size and offset.
For size and offset we are more or less safe because a bin typically has a size
of a block, and the offset is the coordinate index of where a hive bin should lay at.
The newly implemented code for registry recovery makes the FreeLdr binary to grow
in size, to the point that it would BSOD because the PE image is too big.
For now we have to temporarily disable any of the newly added code, until
either FreeLdr is split into a basic PE bootloader image itself and a
"FreeLdrlib" that is used by the PE image to access various bootloader APIs
or another proper solution is found.
Thanks to CmCheckRegistry, the function can perform volatile data purging upon boot which this removes old hacky CmPrepareHive code. This also slightly refactors HvInitialize making it more proper.
=== DOCUMENTATION REMARKS ===
This implements (also enables some parts of code been decayed for years) the transacted writing of the registry. Transacted writing (or writing into registry in a transactional way) is an operation that ensures the successfulness can be achieved by monitoring two main points.
In CMLIB, such points are what we internally call them the primary and secondary sequences. A sequence is a numeric field that is incremented each time a writing operation (namely done with the FileWrite function and such) has successfully completed.
The primary sequence is incremented to suggest that the initial work of syncing the registry is in progress. During this phase, the base block header is written into the primary hive file and registry data is being written to said file in form of blocks. Afterwards the seconady sequence
is increment to report completion of the transactional writing of the registry. This operation occurs in HvpWriteHive function (invoked by HvSyncHive for syncing). If the transactional writing fails or if the lazy flushing of the registry fails, LOG files come into play.
Like HvpWriteHive, LOGs are updated by the HvpWriteLog which writes dirty data (base block header included) to the LOG themselves. These files serve for recovery and emergency purposes in case the primary machine hive has been damaged due to previous forced interruption of writing stuff into
the registry hive. With specific recovery algorithms, the data that's been gathered from a LOG will be applied to the primary hive, salvaging it. But if a LOG file is corrupt as well, then the system will perform resuscitation techniques by reconstructing the base block header to reasonable values,
reset the registry signature and whatnot.
This work is an inspiration from PR #3932 by mrmks04 (aka Max Korostil). I have continued his work by doing some more tweaks and whatnot. In addition to that, the whole transaction writing code is documented.
=== IMPORTANT NOTES ===
HvpWriteLog -- Currently this function lacks the ability to grow the log file size since we pretty much lack the necessary code that deals with hive shrinking and log shrinking/growing as well. This part is not super critical for us so this shall be left as a TODO for future.
HvLoadHive -- Currently there's a hack that prevents us from refactoring this function in a proper way. That is, we should not be reading the whole and prepare the hive storage using HvpInitializeMemoryHive which is strictly used for HINIT_MEMORY but rather we must read the hive file block by block
and deconstruct the read buffer from the file so that we can get the bins that we read from the file. With the hive bins we got the hive storage will be prepared based on such bins. If one of the bins is corrupt, self healing is applied in such scenario.
For this matter, if in any case the hive we'll be reading is corrupt we could potentially read corrupt data and lead the system into failure. So we have to perform header and data recovery as well before reading the whole hive.
CmCheckRegistry is a function that provides the necessary validation checks for a registry hive. This function usually comes into action when logs have been replayed for example, or when a registry hive internals have changed such as when saving a key, loading a key, etc.
This commit implements the whole Check Registry infrastructure (cmcheck.c) in CMLIB library for ease of usage and wide accessibility across parts of the OS. In addition, two more functions for registry checks are also implemented -- HvValidateHive and HvValidateBin.
Instead of having the CmCheckRegistry implementation in the kernel, it's better to have it in the Configuration Manager library instead (aka CMLIB). The benefits of having it in the library are the following:
- CmCheckRegistry can be used in FreeLdr to fix the SYSTEM hive
- It can be used on-demand in the kernel
- It can be used for offline registry repair tools
- It makes the underlying CmCheckRegistry implementation code debug-able in user mode
CORE-9195
CORE-6762
This implements cmheal.c file which provides the basic registry self-heal infrastructure needed by the public CmCheckRegistry function. The infrastructure provides a range of various self-heal helpers for the hive, such as subkey, class, values and node healing functions.
Add these NTSTATUS codes in the CMLIB library. STATUS_INVALID_PARAMETER will be used mostly for HvInitialize function, STATUS_REGISTRY_IO_FAILED for whatever routines that deal with reading or writing into a hive file.
=== DOCUMENTATION REMARKS ===
HBOOT_TYPE_REGULAR and HBOOT_TYPE_SELF_HEAL are boot type values set up by the CMLIB library (for the BootType field respectively). HBOOT_TYPE_REGULAR indicates a normal system boot whereas HBOOT_TYPE_SELF_HEAL indicates the system boot is assisted within self healing mode.
Whether the former or the latter value is set it's governed by both the kernel and the bootloader. The bootloader and the kernel negotiate together to determine if any of the registry properties (the hive, the base block, the registry base, etc) are so severed from corruption or not. In extreme cases where
registry healing is possible, the specific base block of the damaged hive will have its flags marked with HBOOT_TYPE_SELF_HEAL. At this point the boot phase procedure is orchestrated since the boot phase no longer goes on the default path but it's assisted, as I have already said above.
HBOOT_NO_BOOT_RECOVER, HBOOT_BOOT_RECOVERED_BY_HIVE_LOG and HBOOT_BOOT_RECOVERED_BY_ALTERNATE_HIVE on the other hand are identifiers for the BootRecover field of the BASE_BLOCK header structure. These are used exclusively by FreeLdr to tell the kernel if the bootloader recovered the SYSTEM hive or not. In case where the bootloader did recover the SYSTEM hive,
the kernel will perform a flush request on the dirty data down to disk. The (almost) worse case FreeLdr could not repair the main hive by applying log data, it will load the alternate mirror version of the hive.
In addition to that, declare other miscellaneous CMLIB identifiers for log transaction writes purposes.
- Uniform function declarations in .c and .h with fixes and SAL2 improvements.
- Use LDR_[UN]LOCK_LOADER_LOCK_FLAG_XXX correctly.
- Fix incorrect UsedSize calculation in LdrQueryProcessModuleInformationEx (caught by ThFabba).
- Whatever the callback request stop the enumeration or not in LdrEnumerateLoadedModules, the following operations should be the same.
- Fix 2 incorrect DPRINT1 that printed incorrect parameter.
- Return error if RtlAllocateHeap failed in LdrpGetProcedureAddress, and add comments about NT6.2 new changes.
This prevents the code from linking to __imp_*, which would pull in the symbol from the import library (e.g. kernel32), which creates problems with the GNU linker, which doesn't like to have the import and a static definition at the same time.
because George is having an open Draft PR since July 2022,
which might also touch this file on master in some years.
And it ofc is easier for me to revert my work now, then for him to
go through the great lengths of merging his work then.
bdasup: Addendum to 40c15ec (r46632).
kmixer: Addendum to 3e489bf (r42143).
mmixer: Addendum to c42d9f2 (r44872).
stream: Addendum to 4a0debf (r41662).
Serge plans a follow up that will remove all other remaining YDEBUG in the source tree.
The ones covered here he considered to be the most trivial ones.
- RtlpQuerySecurityDescriptor: Change argument type of first parameter from PISECURITY_DESCRIPTOR to PSECURITY_DESCRIPTOR, since it handles both absolute and self-relative SDs.
- RtlMakeSelfRelativeSD: rename first parameter from AbsoluteSD to SecurityDescriptor, since it handles both absolute and self-relative SDs.
- SepGetGroupFromDescriptor/SepGetOwnerFromDescriptor/SepGetDaclFromDescriptor/SepGetSaclFromDescriptor: Change parameter type from PVOID to PSECURITY_DESCRIPTOR for clarity.
SpareData and SpareLength need to be calculated correctly, as they are used
later in that function as well.
This allows to not overwrite Source UString when writing to Destination UString.
Fixes the problem described in the following JIRA issue, where services could
not start when installing ReactOS in a very-long-named directory.
CORE-18988
Previously it was in cpprt, which is a support library for C++, containing functions that are not exported by msvcrt. But since Vista __CxxFrameHandler3 is exported by msvcrt. Therefore move it to crt, and to satisfy pre-Vista configurations, also add it to msvcrtex.
Object ACEs are supported starting from Revision 4, the current code checks
if the revision is above Revision 4. An Object ACE has to be strictly set on that revision,
whereas Object ACLs can be of any revision starting from ACL_REVISION4.
Write the necessary ACL validation code for ACEs whose types are ACCESS_ALLOWED_OBJECT_ACE_TYPE
or ACCESS_DENIED_OBJECT_ACE_TYPE. This ensures each created object type ACL has valid ACE
contents.
Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=48335
Signed-off-by: Piotr Caban <piotr@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
wine commit id 6babdb5508bd2f1b659218483f5df76859898712 by Piotr Caban <piotr@codeweavers.com>
Signed-off-by: Piotr Caban <piotr@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
wine commit id 48a447c5eb238d673ce5db4eeacf3ba4c1a9da90 by Piotr Caban <piotr@codeweavers.com>
Signed-off-by: Piotr Caban <piotr@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
wine commit id ea20974cdd7457715bf4d758818d03bff664f62b by Piotr Caban <piotr@codeweavers.com>
Make sure RtlRemovePrivileges gets compiled, when DLL_EXPORT_VERSION is 0x600+
Enable all existing functions from rtl_vista.
Hack CsrNewThread export to exist on later versions, too
- Rewrite CImageDx to reduce improper dependency with CImage.
- Check if the filename extension is supported before saving the files.
- Delete deprecated functions in CImage.
CORE-19094
- Fix the crash on opening/saving file.
- To get the filename extension info from CODECs, we have to keep gdiplus.dll loaded.
- The perfect fix will take time.
CORE-19093, CORE-19094
Add _getAllEncoders and _getAllDecoders helper functions and use them
in GetImporterFilterString, GetExporterFilterString, FileTypeFromExtension
and GetClsidFromFileType functions.
CORE-18867, CORE-19008
- Fix the garbled characters (a.k.a. mojibake) in some Japanese text files.
- weight will remain 3 unless IS_TEXT_UNICODE_DBCS_LEADBYTE flag is set.
- Strengthen advapi32_apitest IsTextUnicode testcase.
CORE-19016
CORE-17604
- Disable some functions for ARM32;
- Remove some link options not used on ARM;
- Add get _controlfp() to LIBCNTPR to link properly on ARM;
- Unify Freeldr UI Drawing on ARM;
- Add qemu UART debugging for ARM32/ARM64.
- Add DoCreate methods to CFullscreenWindow, CMiniatureWindow, and CMainWindow classes.
- Do encapsulation around mainWindow and _tWinMain.
- Add GetOpenFileName, GetSaveFileName, and ChooseColor helper methods to CMainWindow class.
- Move some code in WinMain into CMainWindow::OnCreate.
- Delay creation of CFullscreenWindow and CMiniatureWindow.
- Extend ATL CImage class as CImageDx in newly-created atlimagedx.h of mspaint.
CORE-18867
Implement _wsystem(), by referring system().
Improve system().
Use WaitForSingleObject in system() and _wsystem().
Check existence of COMSPEC.
Thanks ChatGPT.
Signed-off-by: Jacek Caban <jacek@codeweavers.com>
Signed-off-by: Piotr Caban <piotr@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
wine commit id 055ca5e4d9770d4f14e3c157f1288fa6308b86dd by Jacek Caban <jacek@codeweavers.com>
Fixes memory corruption in Outlook 2016.
Signed-off-by: Jacek Caban <jacek@codeweavers.com>
Signed-off-by: Piotr Caban <piotr@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
wine commit id be56a83fd00cdaf9583a973b1e041f47c5277768 by Jacek Caban <jacek@codeweavers.com>
Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=45199
Signed-off-by: Alex Henrie <alexhenrie24@gmail.com>
Signed-off-by: Piotr Caban <piotr@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
wine commit id b917cc66f4f7b786e7f19f63ab0c0819a5455222 by Alex Henrie <alexhenrie24@gmail.com>
Signed-off-by: Alex Henrie <alexhenrie24@gmail.com>
Signed-off-by: Piotr Caban <piotr@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
wine commit id 42ab0af66b74f7572db2f6d0256f49fae7527221 by Alex Henrie <alexhenrie24@gmail.com>
Signed-off-by: Piotr Caban <piotr@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
wine commit id 90307e067f985f5963b62829993b320537578333 by Piotr Caban <piotr@codeweavers.com>
Signed-off-by: Alex Henrie <alexhenrie24@gmail.com>
Signed-off-by: Piotr Caban <piotr@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
wine commit id 8a69c5d81f8deb472df18a8e16e57efef2eb9a9a by Alex Henrie <alexhenrie24@gmail.com>
Signed-off-by: Alex Henrie <alexhenrie24@gmail.com>
Signed-off-by: Piotr Caban <piotr@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
wine commit id e4b8bc0edc640b36f2a2a26c53e18edea04fa74c by Alex Henrie <alexhenrie24@gmail.com>
Signed-off-by: Alex Henrie <alexhenrie24@gmail.com>
Signed-off-by: Piotr Caban <piotr@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
wine commit id 5325b8c95112be75f4fa0e2e2e45bcc88434fb5d by Alex Henrie <alexhenrie24@gmail.com>
Signed-off-by: Alex Henrie <alexhenrie24@gmail.com>
Signed-off-by: Piotr Caban <piotr@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
wine commit id fdc57d497bb305e90680c3b450fa172042fd79cd by Alex Henrie <alexhenrie24@gmail.com>
Signed-off-by: Nikolay Sivov <nsivov@codeweavers.com>
Signed-off-by: Piotr Caban <piotr@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
wine commit id 50dd4b892825c75db35cd1f378291b51fa782f3e by Nikolay Sivov <nsivov@codeweavers.com>
In file included from ../sdk/lib/3rdparty/libwine/debug_ros.c:9:
../sdk/lib/3rdparty/libwine/debug.c: In function 'get_temp_buffer':
../sdk/lib/3rdparty/libwine/debug.c:343:33: warning: passing argument 1 of '_InterlockedExchangeAdd' from incompatible pointer type [-Wincompatible-pointer-types]
idx = interlocked_xchg_add( &pos, 1 ) % (sizeof(list)/sizeof(list[0]));
^~~~
In file included from ../sdk/include/crt/mingw32/intrin.h:98,
from ../sdk/include/crt/intrin.h:1017,
from sdk/include/psdk/winnt.h:48,
from ../sdk/include/psdk/windef.h:202,
from ../sdk/include/reactos/wine/debug.h:26,
from ../sdk/lib/3rdparty/libwine/debug.c:32,
from ../sdk/lib/3rdparty/libwine/debug_ros.c:9:
../sdk/include/crt/mingw32/intrin_x86.h:215:70: note: expected 'volatile long int *' but argument is of type 'int *'
__INTRIN_INLINE long __cdecl _InterlockedExchangeAdd(volatile long * Addend, long Value)
~~~~~~~~~~~~~~~~^~~~~~
HvpCreateHiveFreeCellList returns a NTSTATUS code yet the way the code path checks
checks for failure is just wrong. This was spotted whilst working on #4571 PR.
Whenever ReactOS finishes its operations onto the registry and unlocks it, a lazy flush is invoked to do an eventual flushing of the registry to the backing storage of the system. Except that... lazy flushing never comes into place.
This is because whenever CmpLazyFlush is called that sets up a timer which needs to expire in order to trigger the lazy flusher engine worker. However, registry locking/unlocking is a frequent occurrence, mainly when on desktop. Therefore as a matter of fact, CmpLazyFlush keeps removing and inserting the timer and the lazy flusher will never kick in that way.
Ironically the lazy flusher actually does the flushing when on USETUP installation phase because during text-mode setup installation in ReactOS the frequency of registry operations is actually less so the timer has the opportunity to expire and fire up the flusher.
In addition to that, we must queue a lazy flush when marking cells as dirty because such dirty data has to be flushed down to the media storage of the system. Of course, the real place where lazy flushing operation is done should be in a subset helper like HvMarkDirty that marks parts of a hive as dirty but since we do not have that, we'll be lazy flushing the registry during cells dirty marking instead for now.
CORE-18303
Loosely based on the deprecated ReactOS-specific SmExecuteProgram().
On server-side, we lookup into the list of deferred subsystems that
has been initialized at init time.
Dedicated to Justin Miller (The_DarkFire) work on reviving the
POSIX subsystem!
This DLL was exporting legacy NT-incompatible or ROS-specific SM client
functions, that have been since 10 years now (2012) replaced by the new
NT-compatible SM:
- SmConnectApiPort(): was just SmConnectToSm().
- SmCompleteSession():
The legacy SMSS used it for when a subsystem initialization was finished.
Now (NT-compatible) this function is called by subsystems **only** when a
subsystem session **terminates**: SmSessionComplete().
- SmExecuteProgram(): was just the client side of SmLoadDeferedSubSystem()
(whose server side is not implemented yet). The legacy SM "old" SmExecPgm
implementation actually was "SmLoadDeferedSubSystem"...
- SmLookupSubsystem(): is a utility-only function to read any registry value
inside "Session Manager\SubSystems".
Move SMDLL's readme into SMLIB and update its contents.
Collect some residual useful functions into smutils.c (and moved in SMLIB,
though not compiled yet):
- SmExecuteProgram(), now implemented as a wrapper around SmExecPgm();
- SmLookupSubsystem(), described above;
- SmQueryInformation(), that retrieves a list of currently-running subsystems.
[SMLIB] Validate SbApiPortName's length in SmConnectToSm().
Fix CommandLine length validation in SmStartCsr().
Add documentation (+ SAL annotations) to the NT-compatible SMSS client functions.
smmsg.h: Add both Win32 and Win64 struct sizes C_ASSERTs for those whose size
change between these two processor architecture sizes.
[SMLIB] Introduce SmSendMsgToSm() as helper to send data into the SM LPC port.
+ Make the other API functions use it.
It should be observed that in Vista+, both functions SmConnectToSm() and this
new SmSendMsgToSm() are exported by NTDLL under the names RtlConnectToSm()
and RtlSendMsgToSm() (and use the same signature).
See: https://www.geoffchappell.com/studies/windows/win32/ntdll/history/names60.htm
[NTDLL] Correctly stub RtlConnectToSm() and RtlSendMsgToSm().
[NTDLL_VISTA] Link to SMLIB and simply export RtlConnectToSm() and RtlSendMsgToSm().
Clicking "Edit compatibility modes" button in the "Compatibility" tab
opens a window centered on the parent window. If we move the parent
window to one of the screen edges and then click this button again,
the new window will appear off screen.
Adjust position of created window, so now it would be completely visible.
CORE-17089
Reviewed-by: Mark Jansen <mark.jansen@reactos.org>
Reviewed-by: Hermès Bélusca-Maïto <hermes.belusca-maito@reactos.org>
This header is included by ntoskrnl which effectively disabled all PAGED_CODE checks since 2015. Thanks Alex.
Instead define _BLDR_ when building cmlib, which will avoid trying to import KeGetCurrentIrql()
