src/libcaptive/ex/lookas.c

   1 /* $Id$
   2  * reactos lookaside list functions emulation of libcaptive
   3  * Copyright (C) 2002 Jan Kratochvil <project-captive@jankratochvil.net>
   4  *
   5  * This program is free software; you can redistribute it and/or modify
   6  * it under the terms of the GNU General Public License as published by
   7  * the Free Software Foundation; exactly version 2 of June 1991 is required
   8  *
   9  * This program is distributed in the hope that it will be useful,
  10  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  * GNU General Public License for more details.
  13  *
  14  * You should have received a copy of the GNU General Public License
  15  * along with this program; if not, write to the Free Software
  16  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  17  */
  18
  19
  20 #include "config.h"
  21
  22 #include "reactos/ddk/exfuncs.h"
  23 #include <glib/gmessages.h>
  24 #include "reactos/internal/module.h"    /* for MODULE_OBJECT */
  25 #include "reactos/internal/ldr.h"       /* for LdrGetModuleObject() */
  26 #include "captive/unicode.h"
  27 #include "captive/ldr_exports.h"        /* for captive_ModuleList_patchpoint */
  28
  29
  30 static G_CONST_RETURN guint8 *binary_defined_find(gconstpointer binary_base,gsize binary_length,
  31                 const guint8 *code,const guint8 *code_defined,gsize code_length,gssize call_offset)
  32 {
  33 const guint8 *base,*r;
  34 guint resti;
  35
  36         g_return_val_if_fail(binary_base!=NULL,NULL);
  37         g_return_val_if_fail(binary_length>=code_length,NULL);
  38         g_return_val_if_fail(code!=NULL,NULL);
  39         g_return_val_if_fail(code_defined!=NULL,NULL);
  40         g_return_val_if_fail(code_length>0,NULL);
  41
  42         g_return_val_if_fail(code_defined[0],NULL);     /* NOT SUPPORTED */
  43
  44         r=NULL;
  45         for (base=binary_base;(char *)base<((char *)binary_base)+binary_length-code_length;base++) {
  46 gpointer call_orig=NULL;        /* Prevent: ... might be used uninitialized in this function */
  47
  48                 base=memchr(base,code[0],(((char *)binary_base)+binary_length-code_length)-((char *)base));
  49                 if (!base)
  50                         break;
  51                 if (call_offset>=0) {
  52                         g_assert(call_offset+1+4<=(gssize)code_length);
  53                         g_assert(code[call_offset]==0xE8);      /* call $quad-immediate */
  54                         g_assert(code_defined[call_offset+0]
  55                                         && code_defined[call_offset+1]
  56                                         && code_defined[call_offset+2]
  57                                         && code_defined[call_offset+3]
  58                                         && code_defined[call_offset+4]);
  59                         call_orig=*(gpointer *)(code+call_offset+1);
  60                         *(gint32 *)(code+call_offset+1)=((char *)call_orig)-(((char *)base)+call_offset+1+4);   /* make it relative */
  61                         }
  62                 for (resti=1;resti<code_length;resti++) {
  63                         if (code_defined[resti] && code[resti]!=base[resti])
  64                                 break;
  65                         }
  66                 if (call_offset>=0)
  67                         *(gpointer *)(code+call_offset+1)=call_orig;
  68                 if (resti<code_length)
  69                         continue;
  70                 g_return_val_if_fail(r==NULL,NULL);     /* FATAL: found a duplicate */
  71                 r=base;
  72                 }
  73         /* 'r' may be NULL */
  74
  75         return r;
  76 }
  77
  78
  79 /* Declared only inside ntoskrnl/ldr/loader.c scope. */
  80 PVOID LdrGetExportAddress(PMODULE_OBJECT ModuleObject,char *Name,unsigned short Hint);
  81
  82 /* Declared only inside libcaptive/ke/exports.c scope. */
  83 extern struct captive_ModuleList_patchpoint ExInitializeNPagedLookasideList_patchpoint;
  84 extern struct captive_ModuleList_patchpoint ExInitializePagedLookasideList_patchpoint;
  85
  86
  87
  88 static gboolean ExAllocateFromPagedLookasideList_findinit
  89                 (gpointer Lookaside,const struct captive_ModuleList_patchpoint *patchpoint)
  90 {
  91 #define D 0xFF
  92 guint8 initcode[]={
  93                 /* + 0 */ 0x6A,D,       /* push $guint8  ;Depth                    */
  94                 /* + 2 */ 0x68,D,D,D,D, /* push $guint32 ;Tag                      */
  95                 /* + 7 */ 0x6A,D,       /* push $guint8  ;Size                     */
  96                 /* + 9 */ 0x6A,D,       /* push $guint8  ;Flags                    */
  97                 /* +11 */ 0x6A,0,       /* push $guint8  ;Free (gpointer size)     */
  98                 /* +13 */ 0x6A,0,       /* push $guint8  ;Allocate (gpointer size) */
  99                 /* +15 */ 0x68,D,D,D,D, /* push $guint32 ;Lookaside                */
 100                 /* +20 */ 0xE8,D,D,D,D, /* call $ExInitializeNPagedLookasideList   */
 101                 /* +25 */
 102                 };
 103 #undef D
 104 guint8 initcode_defined[]={
 105                 /* + 0 */ 1,0,       /* push $guint8  ;Depth                  */
 106                 /* + 2 */ 1,0,0,0,0, /* push $guint32 ;Tag                    */
 107                 /* + 7 */ 1,0,       /* push $guint8  ;Size                   */
 108                 /* + 9 */ 1,0,       /* push $guint8  ;Flags                  */
 109                 /* +11 */ 1,1,       /* push $guint8  ;Free                   */
 110                 /* +13 */ 1,1,       /* push $guint8  ;Allocate               */
 111                 /* +15 */ 1,1,1,1,1, /* push $guint32 ;Lookaside              */
 112                 /* +20 */ 1,1,1,1,1, /* call $ExInitializeNPagedLookasideList */
 113                 /* +25 */
 114                 };
 115 const guint8 *initcode_found;
 116 MODULE_OBJECT *ntoskrnl_exe_ModuleObject;
 117
 118         g_return_val_if_fail(Lookaside!=NULL,FALSE);
 119
 120         g_assert(sizeof(initcode)==25);
 121         g_assert(sizeof(initcode)==sizeof(initcode_defined));
 122
 123         g_assert(initcode[15]==0x68); *(void **)(initcode+15+1)=Lookaside;
 124
 125         ntoskrnl_exe_ModuleObject=LdrGetModuleObject(captive_utf8_to_UnicodeString_alloca("ntoskrnl.exe"));
 126         g_assert(ntoskrnl_exe_ModuleObject!=NULL);
 127         g_assert(ntoskrnl_exe_ModuleObject->TextSection!=NULL);
 128
 129         g_assert(patchpoint->orig_w32_func!=NULL);
 130         g_assert(initcode[20]==0xE8); *(void **)(initcode+20+1)=patchpoint->orig_w32_func;
 131
 132         if (!(initcode_found=binary_defined_find(
 133                         (void *)ntoskrnl_exe_ModuleObject->TextSection->Base,   /* binary_base */
 134                         ntoskrnl_exe_ModuleObject->TextSection->Length, /* binary_length */
 135                         initcode,       /* code */
 136                         initcode_defined,       /* code_defined */
 137                         sizeof(initcode),       /* code_length */
 138                         20)))   /* call_offset */
 139                 return FALSE;
 140
 141         g_assert(Lookaside==*(gpointer *)(initcode_found+15+1));
 142
 143         /**/ if (patchpoint==&ExInitializeNPagedLookasideList_patchpoint)
 144                 ExInitializeNPagedLookasideList(
 145                                 (NPAGED_LOOKASIDE_LIST *)Lookaside,     /* Lookaside */
 146                                 NULL,   /* Allocate; NULL as there is only guint8 in the code */
 147                                 NULL,   /* Free; NULL as there is only guint8 in the code */
 148                                 *(guint8  *)(initcode_found+9+1),       /* Flags; undocumented by W32 doc (reserved) */
 149                                 *(guint8  *)(initcode_found+7+1),       /* Size; FIXME: ? node size */
 150                                 *(guint32 *)(initcode_found+2+1),       /* Tag; 'FSfm' */
 151                                 *(guint8  *)(initcode_found+0+1));      /* Depth; undocumented by W32 doc (reserved) */
 152         else if (patchpoint==&ExInitializePagedLookasideList_patchpoint)
 153                 ExInitializePagedLookasideList(
 154                                 (PAGED_LOOKASIDE_LIST *)Lookaside,      /* Lookaside */
 155                                 NULL,   /* Allocate; NULL as there is only guint8 in the code */
 156                                 NULL,   /* Free; NULL as there is only guint8 in the code */
 157                                 *(guint8  *)(initcode_found+9+1),       /* Flags; undocumented by W32 doc (reserved) */
 158                                 *(guint8  *)(initcode_found+7+1),       /* Size; FIXME: ? node size */
 159                                 *(guint32 *)(initcode_found+2+1),       /* Tag; 'FSfm' */
 160                                 *(guint8  *)(initcode_found+0+1));      /* Depth; undocumented by W32 doc (reserved) */
 161         else g_assert_not_reached();
 162
 163         return TRUE;
 164 }
 165
 166
 167 PVOID ExAllocateFromPagedLookasideList_orig(PPAGED_LOOKASIDE_LIST Lookaside);
 168
 169 PVOID ExAllocateFromPagedLookasideList_wrap(PAGED_LOOKASIDE_LIST *Lookaside)
 170 {
 171 static PAGED_LOOKASIDE_LIST Lookaside_zero;
 172
 173         g_return_val_if_fail(Lookaside!=NULL,NULL);
 174
 175         if (!memcmp(Lookaside,&Lookaside_zero,sizeof(Lookaside_zero))) {
 176                 if (1
 177                                 && !ExAllocateFromPagedLookasideList_findinit(Lookaside,&ExInitializeNPagedLookasideList_patchpoint)
 178                                 && !ExAllocateFromPagedLookasideList_findinit(Lookaside,&ExInitializePagedLookasideList_patchpoint))
 179                 g_assert_not_reached(); /* failed to patch it */
 180                 }
 181
 182         return ExAllocateFromPagedLookasideList_orig(Lookaside);
 183 }