[ros-dev] [ros-diffs] [tfaber] 64665: [NTOS:KE] - Implement KiRaiseSecurityCheckFailure[Handler] to handle int 0x29 (__fastfail). Based on patch by Timo Kreuzer. (Yes, this is a Windows 8 feature. However all it does is...
Alex Ionescu
ionucu at videotron.ca
Sat Oct 11 16:46:33 UTC 2014
Now improve the LIST_ENTRY Macros to use it :)
Best regards,
Alex Ionescu
On Sat, Oct 11, 2014 at 6:15 AM, <tfaber at svn.reactos.org> wrote:
> Author: tfaber
> Date: Sat Oct 11 13:15:10 2014
> New Revision: 64665
>
> URL: http://svn.reactos.org/svn/reactos?rev=64665&view=rev
> Log:
> [NTOS:KE]
> - Implement KiRaiseSecurityCheckFailure[Handler] to handle int 0x29
> (__fastfail). Based on patch by Timo Kreuzer.
> (Yes, this is a Windows 8 feature. However all it does is improve the
> debugging experience, and we have a need for that)
> CORE-8419
>
> Modified:
> trunk/reactos/include/reactos/mc/bugcodes.mc
> trunk/reactos/ntoskrnl/ke/i386/trap.s
> trunk/reactos/ntoskrnl/ke/i386/traphdlr.c
>
> Modified: trunk/reactos/include/reactos/mc/bugcodes.mc
> URL:
> http://svn.reactos.org/svn/reactos/trunk/reactos/include/reactos/mc/bugcodes.mc?rev=64665&r1=64664&r2=64665&view=diff
>
> ==============================================================================
> --- trunk/reactos/include/reactos/mc/bugcodes.mc [iso-8859-1]
> (original)
> +++ trunk/reactos/include/reactos/mc/bugcodes.mc [iso-8859-1] Sat
> Oct 11 13:15:10 2014
> @@ -1128,7 +1128,7 @@
> Run a system diagnostic utility supplied by your hardware manufacturer.
> In particular, run a memory check, and check for faulty or mismatched
> memory. Try changing video adapters.
> -
> +
> Disable or remove any newly installed hardware and drivers. Disable or
> remove any newly installed software. If you need to use Safe Mode to
> remove or disable components, restart your computer, press F8 to select
> @@ -1322,7 +1322,7 @@
> SymbolicName=DRIVER_CORRUPTED_EXPOOL
> Language=English
> A device driver has pool.
> -
> +
> Check to make sure any new hardware or software is properly installed.
> If this is a new installation, ask your hardware or software manufacturer
> for any ReactOS updates you might need.
> @@ -1478,7 +1478,7 @@
> must not contain such items. Usually this is memory being freed. This
> is usually caused by a device driver that has not cleaned up properly
> before freeing memory.
> -
> +
> If Parameter1 == 1, an attempt was made to queue an executive worker item
> with a usermode execution routine.
> .
> @@ -1570,3 +1570,11 @@
> Language=English
> An attempt was made to execute to non-executable memory.
> .
> +
> +MessageId=0x139
> +Severity=Success
> +Facility=System
> +SymbolicName=KERNEL_SECURITY_CHECK_FAILURE
> +Language=English
> +A critical kernel security check failed.
> +.
>
> Modified: trunk/reactos/ntoskrnl/ke/i386/trap.s
> URL:
> http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ke/i386/trap.s?rev=64665&r1=64664&r2=64665&view=diff
>
> ==============================================================================
> --- trunk/reactos/ntoskrnl/ke/i386/trap.s [iso-8859-1] (original)
> +++ trunk/reactos/ntoskrnl/ke/i386/trap.s [iso-8859-1] Sat Oct 11
> 13:15:10 2014
> @@ -59,9 +59,11 @@
> idt _KiTrap11, INT_32_DPL0 /* INT 11: Align Check Exception
> (#AC) */
> idt _KiTrap0F, INT_32_DPL0 /* INT 12: Machine Check Exception
> (#MC)*/
> idt _KiTrap0F, INT_32_DPL0 /* INT 13: SIMD FPU Exception (#XF)
> */
> -REPEAT 22
> -idt _KiTrap0F, INT_32_DPL0 /* INT 14-29: UNDEFINED INTERRUPTS
> */
> +REPEAT 21
> +idt _KiTrap0F, INT_32_DPL0 /* INT 14-28: UNDEFINED INTERRUPTS
> */
> ENDR
> +idt _KiRaiseSecurityCheckFailure, INT_32_DPL3
> + /* INT 29: Handler for __fastfail
> */
> idt _KiGetTickCount, INT_32_DPL3 /* INT 2A: Get Tick Count Handler
> */
> idt _KiCallbackReturn, INT_32_DPL3 /* INT 2B: User-Mode Callback Return
> */
> idt _KiRaiseAssertion, INT_32_DPL3 /* INT 2C: Debug Assertion Handler
> */
> @@ -113,6 +115,7 @@
> TRAP_ENTRY KiTrap10, KI_PUSH_FAKE_ERROR_CODE
> TRAP_ENTRY KiTrap11, KI_PUSH_FAKE_ERROR_CODE
> TRAP_ENTRY KiTrap13, KI_PUSH_FAKE_ERROR_CODE
> +TRAP_ENTRY KiRaiseSecurityCheckFailure, KI_PUSH_FAKE_ERROR_CODE
> TRAP_ENTRY KiGetTickCount, KI_PUSH_FAKE_ERROR_CODE
> TRAP_ENTRY KiCallbackReturn, KI_PUSH_FAKE_ERROR_CODE
> TRAP_ENTRY KiRaiseAssertion, KI_PUSH_FAKE_ERROR_CODE
>
> Modified: trunk/reactos/ntoskrnl/ke/i386/traphdlr.c
> URL:
> http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ke/i386/traphdlr.c?rev=64665&r1=64664&r2=64665&view=diff
>
> ==============================================================================
> --- trunk/reactos/ntoskrnl/ke/i386/traphdlr.c [iso-8859-1] (original)
> +++ trunk/reactos/ntoskrnl/ke/i386/traphdlr.c [iso-8859-1] Sat Oct 11
> 13:15:10 2014
> @@ -1462,6 +1462,46 @@
>
> VOID
> FASTCALL
> +KiRaiseSecurityCheckFailureHandler(IN PKTRAP_FRAME TrapFrame)
> +{
> + /* Save trap frame */
> + KiEnterTrap(TrapFrame);
> +
> + /* Decrement EIP to point to the INT29 instruction (2 bytes, not 1
> like INT3) */
> + TrapFrame->Eip -= 2;
> +
> + /* Check if this is a user trap */
> + if (KiUserTrap(TrapFrame))
> + {
> + /* Dispatch exception to user mode */
> + KiDispatchException1Args(STATUS_STACK_BUFFER_OVERRUN,
> + TrapFrame->Eip,
> + TrapFrame->Ecx,
> + TrapFrame);
> + }
> + else
> + {
> + EXCEPTION_RECORD ExceptionRecord;
> +
> + /* Bugcheck the system */
> + ExceptionRecord.ExceptionCode = STATUS_STACK_BUFFER_OVERRUN;
> + ExceptionRecord.ExceptionFlags = EXCEPTION_NONCONTINUABLE;
> + ExceptionRecord.ExceptionRecord = NULL;
> + ExceptionRecord.ExceptionAddress = (PVOID)TrapFrame->Eip;
> + ExceptionRecord.NumberParameters = 1;
> + ExceptionRecord.ExceptionInformation[0] = TrapFrame->Ecx;
> +
> + KeBugCheckWithTf(KERNEL_SECURITY_CHECK_FAILURE,
> + TrapFrame->Ecx,
> + (ULONG_PTR)TrapFrame,
> + (ULONG_PTR)&ExceptionRecord,
> + 0,
> + TrapFrame);
> + }
> +}
> +
> +VOID
> +FASTCALL
> KiGetTickCountHandler(IN PKTRAP_FRAME TrapFrame)
> {
> UNIMPLEMENTED_DBGBREAK();
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.reactos.org/pipermail/ros-dev/attachments/20141011/55b9908e/attachment-0001.html>
More information about the Ros-dev
mailing list