Rebase against 13ea90d80f7275e1ad4f3fc3c1c75b68bdbefbb4.

Two patches have been disabled and I think they need to rewritten to use the PS_ATTRIBUTE_TOKEN attribute instead of calling the RtlCreateUserProcess directly.
2024-09-13 09:17:20 -07:00 · 2020-08-21 17:46:35 +10:00 · 2020-08-21 17:46:35 +10:00 · 4242749b5b
commit 4242749b5b
parent 7d08bb86e1
7 changed files with 34 additions and 205 deletions
--- a/patches/advapi32-Token_Integrity_Level/0006-ntdll-Add-function-to-create-new-tokens-for-elevatio.patch
+++ b/patches/advapi32-Token_Integrity_Level/0006-ntdll-Add-function-to-create-new-tokens-for-elevatio.patch
@ -1,4 +1,4 @@
-From cdf1f84a65198df1ac4162f868f35971e5e1a2a1 Mon Sep 17 00:00:00 2001
+From c47977a8bbd739483589d1f01cfece435be1c100 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
 Date: Sat, 5 Aug 2017 01:45:29 +0200
 Subject: [PATCH] ntdll: Add function to create new tokens for elevation
@ -14,10 +14,10 @@ Subject: [PATCH] ntdll: Add function to create new tokens for elevation
 6 files changed, 117 insertions(+)

 diff --git a/dlls/ntdll/ntdll.spec b/dlls/ntdll/ntdll.spec
-index f604c8a3c35..850a40412d0 100644
+index 0997c310110..8e3786e1972 100644
 --- a/dlls/ntdll/ntdll.spec
 +++ b/dlls/ntdll/ntdll.spec
-@@ -1599,6 +1599,9 @@
+@@ -1600,6 +1600,9 @@
 # Virtual memory
 @ cdecl __wine_locked_recvmsg(long ptr long)
 
@ -28,12 +28,12 @@ index f604c8a3c35..850a40412d0 100644
 @ cdecl wine_get_version()
 @ cdecl wine_get_build_id()
 diff --git a/dlls/ntdll/ntdll_misc.h b/dlls/ntdll/ntdll_misc.h
-index 1f27cd100a7..769d6facc9f 100644
+index 63ceac42e94..5a98501381b 100644
 --- a/dlls/ntdll/ntdll_misc.h
 +++ b/dlls/ntdll/ntdll_misc.h
-@@ -68,6 +68,9 @@ extern void init_locale( HMODULE module ) DECLSPEC_HIDDEN;
- extern void init_user_process_params(void) DECLSPEC_HIDDEN;
+@@ -67,6 +67,9 @@ extern void init_user_process_params(void) DECLSPEC_HIDDEN;
 extern NTSTATUS restart_process( RTL_USER_PROCESS_PARAMETERS *params, NTSTATUS status ) DECLSPEC_HIDDEN;
+ extern void CDECL DECLSPEC_NORETURN signal_start_thread( CONTEXT *ctx ) DECLSPEC_HIDDEN;
 
 +/* token */
 +extern HANDLE CDECL __wine_create_default_token(BOOL admin);
@ -71,10 +71,10 @@ index 77ba5b371e2..3e91a1fa9c4 100644
  *           restart_process
  */
 diff --git a/server/protocol.def b/server/protocol.def
-index 4d37a0df348..56b52dd2231 100644
+index 30a102d7b82..a9308904afc 100644
 --- a/server/protocol.def
 +++ b/server/protocol.def
-@@ -3581,6 +3581,14 @@ struct handle_info
+@@ -3481,6 +3481,14 @@ struct handle_info
 @END
 
 
@ -215,5 +215,5 @@ index c4f1cd943c2..970ed1838da 100644
 +    }
 +}
 -- 
-2.27.0
+2.28.0

--- a/patches/advapi32-Token_Integrity_Level/XX10-server-Implement-support-for-creating-processes-usin.patch
+++ b/patches/advapi32-Token_Integrity_Level/XX10-server-Implement-support-for-creating-processes-usin.patch
--- a/patches/advapi32-Token_Integrity_Level/XX13-server-Correctly-assign-security-labels-for-tokens.patch
+++ b/patches/advapi32-Token_Integrity_Level/XX13-server-Correctly-assign-security-labels-for-tokens.patch
--- a/patches/kernel32-Processor_Group/0001-kernel32-Implement-some-processor-group-functions.patch
+++ b/patches/kernel32-Processor_Group/0001-kernel32-Implement-some-processor-group-functions.patch
@ -1,162 +0,0 @@
-From da0da9472013ed502f5f0aabcca5b8359ffdc1c4 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
-Date: Sat, 4 Feb 2017 16:20:37 +0100
-Subject: [PATCH] kernel32: Implement some processor group functions.
-
---
- ...pi-ms-win-core-kernel32-legacy-l1-1-0.spec |  2 +-
- ...pi-ms-win-core-kernel32-legacy-l1-1-1.spec |  2 +-
- dlls/kernel32/kernel32.spec                   |  2 +-
- dlls/kernel32/process.c                       | 26 ++++++++++++++++---
- dlls/kernel32/tests/process.c                 | 23 ++++++++++++++++
- 5 files changed, 48 insertions(+), 7 deletions(-)
-
-diff --git a/dlls/api-ms-win-core-kernel32-legacy-l1-1-0/api-ms-win-core-kernel32-legacy-l1-1-0.spec b/dlls/api-ms-win-core-kernel32-legacy-l1-1-0/api-ms-win-core-kernel32-legacy-l1-1-0.spec
-index e653ac6d2122..b6af37ab0aa2 100644
--- a/dlls/api-ms-win-core-kernel32-legacy-l1-1-0/api-ms-win-core-kernel32-legacy-l1-1-0.spec
-+++ b/dlls/api-ms-win-core-kernel32-legacy-l1-1-0/api-ms-win-core-kernel32-legacy-l1-1-0.spec
-@@ -21,7 +21,7 @@
- @ stdcall GetComputerNameW(ptr ptr) kernel32.GetComputerNameW
- @ stdcall GetConsoleWindow() kernel32.GetConsoleWindow
- @ stub GetDurationFormatEx
-@ stub GetMaximumProcessorGroupCount
-+@ stdcall GetMaximumProcessorGroupCount() kernel32.GetMaximumProcessorGroupCount
- @ stdcall GetNamedPipeClientProcessId(long ptr) kernel32.GetNamedPipeClientProcessId
- @ stdcall GetNamedPipeServerProcessId(long ptr) kernel32.GetNamedPipeServerProcessId
- @ stdcall GetShortPathNameA(str ptr long) kernel32.GetShortPathNameA
-diff --git a/dlls/api-ms-win-core-kernel32-legacy-l1-1-1/api-ms-win-core-kernel32-legacy-l1-1-1.spec b/dlls/api-ms-win-core-kernel32-legacy-l1-1-1/api-ms-win-core-kernel32-legacy-l1-1-1.spec
-index 4998af04d9bc..5ce8e24713b5 100644
--- a/dlls/api-ms-win-core-kernel32-legacy-l1-1-1/api-ms-win-core-kernel32-legacy-l1-1-1.spec
-+++ b/dlls/api-ms-win-core-kernel32-legacy-l1-1-1/api-ms-win-core-kernel32-legacy-l1-1-1.spec
-@@ -26,7 +26,7 @@
- @ stub GetDurationFormatEx
- @ stub GetFileAttributesTransactedW
- @ stub GetFirmwareType
-@ stub GetMaximumProcessorGroupCount
-+@ stdcall GetMaximumProcessorGroupCount() kernel32.GetMaximumProcessorGroupCount
- @ stdcall GetNamedPipeClientProcessId(long ptr) kernel32.GetNamedPipeClientProcessId
- @ stdcall GetNamedPipeServerProcessId(long ptr) kernel32.GetNamedPipeServerProcessId
- @ stdcall GetNumaAvailableMemoryNodeEx(long ptr) kernel32.GetNumaAvailableMemoryNodeEx
-diff --git a/dlls/kernel32/kernel32.spec b/dlls/kernel32/kernel32.spec
-index 1a6fdbab0185..6a1381b7c322 100644
--- a/dlls/kernel32/kernel32.spec
-+++ b/dlls/kernel32/kernel32.spec
-@@ -717,7 +717,7 @@
- @ stdcall -import GetLongPathNameW(wstr ptr long)
- @ stdcall GetMailslotInfo(long ptr ptr ptr ptr)
- @ stdcall GetMaximumProcessorCount(long)
-# @ stub GetMaximumProcessorGroupCount
-+@ stdcall GetMaximumProcessorGroupCount()
- @ stdcall -import GetModuleFileNameA(long ptr long)
- @ stdcall -import GetModuleFileNameW(long ptr long)
- @ stdcall -import GetModuleHandleA(str)
-diff --git a/dlls/kernel32/process.c b/dlls/kernel32/process.c
-index 8f506fcf1320..2f7ebb5edd25 100644
--- a/dlls/kernel32/process.c
-+++ b/dlls/kernel32/process.c
-@@ -706,7 +706,9 @@ HRESULT WINAPI RegisterApplicationRecoveryCallback(APPLICATION_RECOVERY_CALLBACK
-  */
- WORD WINAPI GetActiveProcessorGroupCount(void)
- {
-    FIXME("semi-stub, always returning 1\n");
-+    TRACE("()\n");
-+
-+    /* systems with less than 64 logical processors only have group 0 */
-     return 1;
- }
- 
-@@ -715,10 +717,14 @@ WORD WINAPI GetActiveProcessorGroupCount(void)
-  */
- DWORD WINAPI GetActiveProcessorCount(WORD group)
- {
-    DWORD cpus = system_info.NumberOfProcessors;
-+    TRACE("(%u)\n", group);
- 
-    FIXME("semi-stub, returning %u\n", cpus);
-    return cpus;
-+    if (group && group != ALL_PROCESSOR_GROUPS)
-+    {
-+        SetLastError(ERROR_INVALID_PARAMETER);
-+        return 0;
-+    }
-+    return system_info.NumberOfProcessors;
- }
- 
- /***********************************************************************
-@@ -732,6 +738,18 @@ DWORD WINAPI GetMaximumProcessorCount(WORD group)
-     return cpus;
- }
- 
-+/***********************************************************************
-+ *           GetMaximumProcessorGroupCount (KERNEL32.@)
-+ */
-+WORD WINAPI GetMaximumProcessorGroupCount(void)
-+{
-+    TRACE("()\n");
-+
-+    /* systems with less than 64 logical processors only have group 0 */
-+    return 1;
-+}
-+
-+
- /***********************************************************************
-  *           GetEnabledXStateFeatures (KERNEL32.@)
-  */
-diff --git a/dlls/kernel32/tests/process.c b/dlls/kernel32/tests/process.c
-index 32818042337b..da649eff62ed 100644
--- a/dlls/kernel32/tests/process.c
-+++ b/dlls/kernel32/tests/process.c
-@@ -92,6 +92,7 @@ static SIZE_T (WINAPI *pGetLargePageMinimum)(void);
- static BOOL   (WINAPI *pInitializeProcThreadAttributeList)(struct _PROC_THREAD_ATTRIBUTE_LIST*, DWORD, DWORD, SIZE_T*);
- static BOOL   (WINAPI *pUpdateProcThreadAttribute)(struct _PROC_THREAD_ATTRIBUTE_LIST*, DWORD, DWORD_PTR, void *,SIZE_T,void*,SIZE_T*);
- static void   (WINAPI *pDeleteProcThreadAttributeList)(struct _PROC_THREAD_ATTRIBUTE_LIST*);
-+static DWORD  (WINAPI *pGetActiveProcessorCount)(WORD);
- 
- /* ############################### */
- static char     base[MAX_PATH];
-@@ -274,6 +275,7 @@ static BOOL init(void)
-     pInitializeProcThreadAttributeList = (void *)GetProcAddress(hkernel32, "InitializeProcThreadAttributeList");
-     pUpdateProcThreadAttribute = (void *)GetProcAddress(hkernel32, "UpdateProcThreadAttribute");
-     pDeleteProcThreadAttributeList = (void *)GetProcAddress(hkernel32, "DeleteProcThreadAttributeList");
-+    pGetActiveProcessorCount = (void *)GetProcAddress(hkernel32, "GetActiveProcessorCount");
- 
-     return TRUE;
- }
-@@ -3955,6 +3957,26 @@ void test_parent_process_attribute(unsigned int level, HANDLE read_pipe)
-     }
- }
- 
-+static void test_GetActiveProcessorCount(void)
-+{
-+    DWORD count;
-+
-+    if (!pGetActiveProcessorCount)
-+    {
-+        win_skip("GetActiveProcessorCount not available, skipping test\n");
-+        return;
-+    }
-+
-+    count = pGetActiveProcessorCount(0);
-+    ok(count, "GetActiveProcessorCount failed, error %u\n", GetLastError());
-+
-+    /* Test would fail on systems with more than 6400 processors */
-+    SetLastError(0xdeadbeef);
-+    count = pGetActiveProcessorCount(101);
-+    ok(count == 0, "Expeced GetActiveProcessorCount to fail\n");
-+    ok(GetLastError() == ERROR_INVALID_PARAMETER, "Expected ERROR_INVALID_PARAMETER, got %u\n", GetLastError());
-+}
-+
- START_TEST(process)
- {
-     HANDLE job;
-@@ -4065,6 +4087,7 @@ START_TEST(process)
-     test_GetNumaProcessorNode();
-     test_session_info();
-     test_GetLogicalProcessorInformationEx();
-+    test_GetActiveProcessorCount();
-     test_largepages();
-     test_ProcThreadAttributeList();
-     test_SuspendProcessState();
-- 
-2.26.2
-
--- a/patches/ntdll-WRITECOPY/0003-ntdll-Setup-a-temporary-signal-handler-during-proces.patch
+++ b/patches/ntdll-WRITECOPY/0003-ntdll-Setup-a-temporary-signal-handler-during-proces.patch
@ -1,4 +1,4 @@
-From 748433a959d7544dc7a2a9205fa75b2ee925d6b8 Mon Sep 17 00:00:00 2001
+From d30ca787e91e5c6140689219ce372d6f0edb6da9 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
 Date: Sat, 4 Oct 2014 02:53:22 +0200
 Subject: [PATCH] ntdll: Setup a temporary signal handler during process
@ -15,10 +15,10 @@ Subject: [PATCH] ntdll: Setup a temporary signal handler during process
 7 files changed, 74 insertions(+), 1 deletion(-)

 diff --git a/dlls/ntdll/unix/loader.c b/dlls/ntdll/unix/loader.c
-index a343274087a7..d8422bc9fa33 100644
+index e7cc050ba9d..4e9fdfc7040 100644
 --- a/dlls/ntdll/unix/loader.c
 +++ b/dlls/ntdll/unix/loader.c
-@@ -1703,6 +1703,7 @@ void __wine_main( int argc, char *argv[], char *envp[] )
+@@ -1706,6 +1706,7 @@ void __wine_main( int argc, char *argv[], char *envp[] )
 #endif
 
     virtual_init();
@ -27,10 +27,10 @@ index a343274087a7..d8422bc9fa33 100644
     ntdll_module = load_ntdll();
     fixup_ntdll_imports( &__wine_spec_nt_header );
 diff --git a/dlls/ntdll/unix/signal_arm.c b/dlls/ntdll/unix/signal_arm.c
-index 34463309def5..0810024a34bd 100644
+index 175e86168a4..551d07c0598 100644
 --- a/dlls/ntdll/unix/signal_arm.c
 +++ b/dlls/ntdll/unix/signal_arm.c
-@@ -830,6 +830,12 @@ void signal_init_process(void)
+@@ -921,6 +921,12 @@ void signal_init_process(void)
     exit(1);
 }
 
@ -44,10 +44,10 @@ index 34463309def5..0810024a34bd 100644
 /***********************************************************************
  *           init_thread_context
 diff --git a/dlls/ntdll/unix/signal_arm64.c b/dlls/ntdll/unix/signal_arm64.c
-index e66952a29b60..4b63de0ea456 100644
+index 52f00323a02..0803d8e5a28 100644
 --- a/dlls/ntdll/unix/signal_arm64.c
 +++ b/dlls/ntdll/unix/signal_arm64.c
-@@ -882,6 +882,13 @@ void signal_init_process(void)
+@@ -1003,6 +1003,13 @@ void signal_init_process(void)
     exit(1);
 }
 
@ -62,10 +62,10 @@ index e66952a29b60..4b63de0ea456 100644
  *           init_thread_context
  */
 diff --git a/dlls/ntdll/unix/signal_i386.c b/dlls/ntdll/unix/signal_i386.c
-index 162a0b6a7011..6e670923138d 100644
+index bc30dd34df8..06213fb2ebc 100644
 --- a/dlls/ntdll/unix/signal_i386.c
 +++ b/dlls/ntdll/unix/signal_i386.c
-@@ -1590,6 +1590,30 @@ static BOOL handle_interrupt( unsigned int interrupt, ucontext_t *sigcontext, vo
+@@ -1657,6 +1657,30 @@ static BOOL handle_interrupt( unsigned int interrupt, ucontext_t *sigcontext, vo
 }
 
 
@ -96,7 +96,7 @@ index 162a0b6a7011..6e670923138d 100644
 /**********************************************************************
  *		segv_handler
  *
-@@ -2148,6 +2172,34 @@ void signal_init_process(void)
+@@ -2215,6 +2239,34 @@ void signal_init_process(void)
     exit(1);
 }
 
@ -132,10 +132,10 @@ index 162a0b6a7011..6e670923138d 100644
 /***********************************************************************
  *           init_thread_context
 diff --git a/dlls/ntdll/unix/signal_x86_64.c b/dlls/ntdll/unix/signal_x86_64.c
-index 01be0eab8146..4342ab023775 100644
+index ef3fe864986..21c819aed3b 100644
 --- a/dlls/ntdll/unix/signal_x86_64.c
 +++ b/dlls/ntdll/unix/signal_x86_64.c
-@@ -2409,6 +2409,12 @@ void signal_init_process(void)
+@@ -2469,6 +2469,12 @@ void signal_init_process(void)
     exit(1);
 }
 
@ -149,22 +149,22 @@ index 01be0eab8146..4342ab023775 100644
 /***********************************************************************
  *           init_thread_context
 diff --git a/dlls/ntdll/unix/unix_private.h b/dlls/ntdll/unix/unix_private.h
-index 3cf9ca66736c..76c483cc3f50 100644
+index b020256e36d..c5b2030f4b2 100644
 --- a/dlls/ntdll/unix/unix_private.h
 +++ b/dlls/ntdll/unix/unix_private.h
-@@ -218,6 +218,7 @@ extern NTSTATUS signal_alloc_thread( TEB *teb ) DECLSPEC_HIDDEN;
+@@ -230,6 +230,7 @@ extern NTSTATUS signal_alloc_thread( TEB *teb ) DECLSPEC_HIDDEN;
 extern void signal_free_thread( TEB *teb ) DECLSPEC_HIDDEN;
 extern void signal_init_thread( TEB *teb ) DECLSPEC_HIDDEN;
 extern void signal_init_process(void) DECLSPEC_HIDDEN;
 +extern void signal_init_early(void) DECLSPEC_HIDDEN;
 extern void DECLSPEC_NORETURN signal_start_thread( PRTL_THREAD_START_ROUTINE entry, void *arg,
-                                                    BOOL suspend, void *relay, TEB *teb ) DECLSPEC_HIDDEN;
+                                                    BOOL suspend, void *relay, void *thunk, TEB *teb ) DECLSPEC_HIDDEN;
 extern void DECLSPEC_NORETURN signal_exit_thread( int status, void (*func)(int) ) DECLSPEC_HIDDEN;
 diff --git a/dlls/ntdll/unix/virtual.c b/dlls/ntdll/unix/virtual.c
-index b17d8d6b61e1..d4a8d4d38d5b 100644
+index fa46ec09668..65e54821195 100644
 --- a/dlls/ntdll/unix/virtual.c
 +++ b/dlls/ntdll/unix/virtual.c
-@@ -2882,7 +2882,7 @@ NTSTATUS virtual_handle_fault( void *addr, DWORD err, void *stack )
+@@ -2884,7 +2884,7 @@ NTSTATUS virtual_handle_fault( void *addr, DWORD err, void *stack )
 
     pthread_mutex_lock( &virtual_mutex );  /* no need for signal masking inside signal handler */
     vprot = get_page_vprot( page );
@ -174,5 +174,5 @@ index b17d8d6b61e1..d4a8d4d38d5b 100644
         if (page < (char *)NtCurrentTeb()->DeallocationStack ||
             page >= (char *)NtCurrentTeb()->Tib.StackBase)
 -- 
-2.20.1
+2.28.0

--- a/patches/patchinstall.sh
+++ b/patches/patchinstall.sh
@ -52,7 +52,7 @@ usage()
 # Get the upstream commit sha
 upstream_commit()
 {
-	echo "8f3bd63b52f03ff05e9d2a00a2e129a0b0092969"
+	echo "13ea90d80f7275e1ad4f3fc3c1c75b68bdbefbb4"
 }

 # Show version information
@ -1884,11 +1884,10 @@ fi
 # |   *	[#39262] Run explorer.exe as unevaluated process
 # |
 # | Modified files:
-# |   *	configure.ac, dlls/advapi32/tests/Makefile.in, dlls/advapi32/tests/security.c, dlls/kernelbase/process.c,
-# | 	dlls/ntdll/loader.c, dlls/ntdll/ntdll.spec, dlls/ntdll/ntdll_misc.h, dlls/ntdll/process.c, dlls/ntdll/unix/process.c,
-# | 	dlls/ntdll/unix/security.c, dlls/shell32/shlexec.c, dlls/user32/win.c, programs/runas/Makefile.in,
-# | 	programs/runas/runas.c, programs/runas/runas.h, programs/runas/runas.rc, server/named_pipe.c, server/process.c,
-# | 	server/process.h, server/protocol.def, server/request.c, server/security.h, server/token.c
+# |   *	configure.ac, dlls/advapi32/tests/Makefile.in, dlls/advapi32/tests/security.c, dlls/ntdll/loader.c,
+# | 	dlls/ntdll/ntdll.spec, dlls/ntdll/ntdll_misc.h, dlls/ntdll/process.c, dlls/ntdll/unix/security.c,
+# | 	dlls/shell32/shlexec.c, dlls/user32/win.c, programs/runas/Makefile.in, programs/runas/runas.c, programs/runas/runas.h,
+# | 	programs/runas/runas.rc, server/process.c, server/process.h, server/protocol.def, server/security.h, server/token.c
 # |
 if test "$enable_advapi32_Token_Integrity_Level" -eq 1; then
 	patch_apply advapi32-Token_Integrity_Level/0001-advapi32-tests-Extend-security-label-token-integrity.patch
@ -1899,9 +1898,7 @@ if test "$enable_advapi32_Token_Integrity_Level" -eq 1; then
 	patch_apply advapi32-Token_Integrity_Level/0006-ntdll-Add-function-to-create-new-tokens-for-elevatio.patch
 	patch_apply advapi32-Token_Integrity_Level/0007-shell32-Implement-process-elevation-using-runas-verb.patch
 	patch_apply advapi32-Token_Integrity_Level/0008-ntdll-Implement-process-token-elevation-through-mani.patch
-	patch_apply advapi32-Token_Integrity_Level/0010-server-Implement-support-for-creating-processes-usin.patch
 	patch_apply advapi32-Token_Integrity_Level/0012-user32-Start-explorer.exe-using-limited-rights.patch
-	patch_apply advapi32-Token_Integrity_Level/0013-server-Correctly-assign-security-labels-for-tokens.patch
 	patch_apply advapi32-Token_Integrity_Level/0014-programs-runas-Basic-implementation-for-starting-pro.patch
 	patch_apply advapi32-Token_Integrity_Level/0015-ntdll-Add-semi-stub-for-TokenLinkedToken-info-class.patch
 	(
@ -1913,9 +1910,7 @@ if test "$enable_advapi32_Token_Integrity_Level" -eq 1; then
 		printf '%s\n' '+    { "Michael Müller", "ntdll: Add function to create new tokens for elevation purposes.", 1 },';
 		printf '%s\n' '+    { "Michael Müller", "shell32: Implement process elevation using runas verb.", 1 },';
 		printf '%s\n' '+    { "Michael Müller", "ntdll: Implement process token elevation through manifests.", 1 },';
-		printf '%s\n' '+    { "Michael Müller", "server: Implement support for creating processes using a token.", 1 },';
 		printf '%s\n' '+    { "Michael Müller", "user32: Start explorer.exe using limited rights.", 1 },';
-		printf '%s\n' '+    { "Michael Müller", "server: Correctly assign security labels for tokens.", 1 },';
 		printf '%s\n' '+    { "Michael Müller", "programs/runas: Basic implementation for starting processes with a different trustlevel.", 1 },';
 		printf '%s\n' '+    { "Sebastian Lackner", "ntdll: Add semi-stub for TokenLinkedToken info class.", 1 },';
 	) >> "$patchlist"
@ -3063,15 +3058,11 @@ fi
 # |   *	api-ms-win-Stub_DLLs
 # |
 # | Modified files:
-# |   *	dlls/api-ms-win-core-kernel32-legacy-l1-1-0/api-ms-win-core-kernel32-legacy-l1-1-0.spec, dlls/api-ms-win-core-
-# | 	kernel32-legacy-l1-1-1/api-ms-win-core-kernel32-legacy-l1-1-1.spec, dlls/kernel32/kernel32.spec,
-# | 	dlls/kernel32/process.c, dlls/kernel32/tests/process.c, dlls/kernelbase/thread.c
+# |   *	dlls/kernelbase/thread.c
 # |
 if test "$enable_kernel32_Processor_Group" -eq 1; then
-	patch_apply kernel32-Processor_Group/0001-kernel32-Implement-some-processor-group-functions.patch
 	patch_apply kernel32-Processor_Group/0002-kernel32-Add-stub-for-SetThreadIdealProcessorEx.patch
 	(
-		printf '%s\n' '+    { "Michael Müller", "kernel32: Implement some processor group functions.", 1 },';
 		printf '%s\n' '+    { "Michael Müller", "kernel32: Add stub for SetThreadIdealProcessorEx.", 1 },';
 	) >> "$patchlist"
 fi
--- a/staging/upstream-commit
+++ b/staging/upstream-commit
@ -1 +1 @@
-8f3bd63b52f03ff05e9d2a00a2e129a0b0092969
+13ea90d80f7275e1ad4f3fc3c1c75b68bdbefbb4