wine/wine-staging
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-staging.git synced 2024-09-13 09:17:20 -07:00
Code Issues Packages Projects Releases Wiki Activity

Rebase against af55ae137965512a1635e69b8f41849114f60012.

Browse Source
This commit is contained in:
Sebastian Lackner 2015-06-19 16:06:14 +02:00
parent 76b602e336
commit c361cbefb2
10 changed files with 115 additions and 531 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
README.md
View File

@ -39,9 +39,8 @@ Wine. All those differences are also documented on the
Included bug fixes and improvements
-----------------------------------
**Bug fixes and features included in the next upcoming release [3]:**
**Bug fixes and features included in the next upcoming release [2]:**
* Fix possible use-after-free in wineserver device IPR code ([Wine Bug #38764](https://bugs.winehq.org/show_bug.cgi?id=38764))
* Globally invalidate key state on changes in other threads ([Wine Bug #29871](https://bugs.winehq.org/show_bug.cgi?id=29871))
* SecuROM 5.x media validation fails ([Wine Bug #21448](https://bugs.winehq.org/show_bug.cgi?id=21448))
@ -119,7 +118,7 @@ for more details.*
* D3DCompileShader should filter specific warning messages ([Wine Bug #33770](https://bugs.winehq.org/show_bug.cgi?id=33770))
* Do not fail when a used context is passed to wglShareLists ([Wine Bug #11436](https://bugs.winehq.org/show_bug.cgi?id=11436))
* Do not use unixfs for devices without mountpoint
* Emulate access to KI_USER_SHARED_DATA kernel page on x86_64 ([Wine Bug #33849](https://bugs.winehq.org/show_bug.cgi?id=33849))
* ~~Emulate access to KI_USER_SHARED_DATA kernel page on x86_64~~ ([Wine Bug #33849](https://bugs.winehq.org/show_bug.cgi?id=33849))
* Enforce that surfaces are flushed after ReleaseDC
* Ensure NtProtectVirtualMemory and NtCreateSection are on separate pages ([Wine Bug #33162](https://bugs.winehq.org/show_bug.cgi?id=33162))
* Ensure X11 input events are handled even without explicit message loop ([Wine Bug #8854](https://bugs.winehq.org/show_bug.cgi?id=8854))

4
debian/changelog vendored
View File

@ -20,6 +20,10 @@ wine-staging (1.7.46) UNRELEASED; urgency=low
(accepted upstream).
* Removed patch to fix link notification conditions for riched20 (accepted
upstream).
* Removed patch to emulate access to USER_SHARE_DATA on x86_64 (accepted
upstream).
* Removed patch to fix possible use-after-free in wineserver device IPR code
(accepted upstream).
* Removed patch to fix linking against libunwind on Linux (fixed upstream).
-- Sebastian Lackner <sebastian@fds-team.de> Sun, 14 Jun 2015 09:15:50 +0200

18
patches/ntdll-User_Shared_Data/0001-ntdll-Move-code-to-update-user-shared-data-into-a-se.patch
View File

@ -1,4 +1,4 @@
From 367e9fd451bf7fb6f521c2410ce193857d8ab12c Mon Sep 17 00:00:00 2001
From f620c720c8a3920dc189f1ef2147126ce1d469d7 Mon Sep 17 00:00:00 2001
From: Sebastian Lackner <sebastian@fds-team.de>
Date: Wed, 26 Nov 2014 10:46:09 +0100
Subject: ntdll: Move code to update user shared data into a separate function.
@ -9,10 +9,10 @@ Subject: ntdll: Move code to update user shared data into a separate function.
2 files changed, 25 insertions(+), 10 deletions(-)
diff --git a/dlls/ntdll/ntdll.spec b/dlls/ntdll/ntdll.spec
index 7e95969..729a8f6 100644
index 270d7ff..173bb22 100644
--- a/dlls/ntdll/ntdll.spec
+++ b/dlls/ntdll/ntdll.spec
@@ -1434,3 +1434,6 @@
@@ -1439,3 +1439,6 @@
@ cdecl wine_nt_to_unix_file_name(ptr ptr long long)
@ cdecl wine_unix_to_nt_file_name(ptr ptr)
@ cdecl __wine_init_windows_dir(wstr wstr)
@ -20,10 +20,10 @@ index 7e95969..729a8f6 100644
+# User shared data
+@ cdecl __wine_user_shared_data()
diff --git a/dlls/ntdll/thread.c b/dlls/ntdll/thread.c
index c8461b0..7d317ad 100644
index 3696c8e..7411e48 100644
--- a/dlls/ntdll/thread.c
+++ b/dlls/ntdll/thread.c
@@ -202,6 +202,26 @@ static ULONG get_dyld_image_info_addr(void)
@@ -202,6 +202,26 @@ static ULONG64 get_dyld_image_info_addr(void)
}
#endif /* __APPLE__ */
@ -33,7 +33,7 @@ index c8461b0..7d317ad 100644
+ *
+ * Update user shared data and return the address of the structure.
+ */
+void* CDECL __wine_user_shared_data(void)
+BYTE* CDECL __wine_user_shared_data(void)
+{
+ LARGE_INTEGER now;
+ NtQuerySystemTime( &now );
@ -43,7 +43,7 @@ index c8461b0..7d317ad 100644
+ user_shared_data->u.TickCount.High2Time = user_shared_data->u.TickCount.High1Time;
+ user_shared_data->TickCountLowDeprecated = user_shared_data->u.TickCount.LowPart;
+ user_shared_data->TickCountMultiplier = 1 << 24;
+ return user_shared_data;
+ return (BYTE *)user_shared_data;
+}
+
+
@ -58,7 +58,7 @@ index c8461b0..7d317ad 100644
NTSTATUS status;
struct ntdll_thread_data *thread_data;
static struct debug_info debug_info; /* debug info for initial thread */
@@ -317,15 +336,8 @@ HANDLE thread_init(void)
@@ -331,15 +350,8 @@ HANDLE thread_init(void)
wine_server_fd_to_handle( 2, GENERIC_WRITE|SYNCHRONIZE, OBJ_INHERIT, &params.hStdError );
}
@ -77,5 +77,5 @@ index c8461b0..7d317ad 100644
NtCreateKeyedEvent( &keyed_event, GENERIC_READ | GENERIC_WRITE, NULL, 0 );
--
2.1.3
2.4.3

55
patches/ntdll-User_Shared_Data/0002-ntoskrnl-Update-USER_SHARED_DATA-before-accessing-me.patch Normal file
View File

@ -0,0 +1,55 @@
From af766674c13b728cd090803c41b0a304d7138bc3 Mon Sep 17 00:00:00 2001
From: Sebastian Lackner <sebastian@fds-team.de>
Date: Fri, 19 Jun 2015 15:57:14 +0200
Subject: ntoskrnl: Update USER_SHARED_DATA before accessing memory.
---
dlls/ntoskrnl.exe/instr.c | 11 +++++------
1 file changed, 5 insertions(+), 6 deletions(-)
diff --git a/dlls/ntoskrnl.exe/instr.c b/dlls/ntoskrnl.exe/instr.c
index 1306d5f..a941428 100644
--- a/dlls/ntoskrnl.exe/instr.c
+++ b/dlls/ntoskrnl.exe/instr.c
@@ -495,8 +495,7 @@ WINE_DEFAULT_DEBUG_CHANNEL(int);
#define SIB_INDEX( sib, rex ) (((sib) >> 3) & 7) | (((rex) & REX_R) ? 8 : 0)
#define SIB_BASE( sib, rex ) (((sib) & 7) | (((rex) & REX_B) ? 8 : 0))
-/* keep in sync with dlls/ntdll/thread.c:thread_init */
-static const BYTE *wine_user_shared_data = (BYTE *)0x7ffe0000;
+extern BYTE* CDECL __wine_user_shared_data(void);
static const BYTE *user_shared_data = (BYTE *)0xfffff78000000000;
static inline DWORD64 *get_int_reg( CONTEXT *context, int index )
@@ -689,7 +688,7 @@ static DWORD emulate_instruction( EXCEPTION_RECORD *rec, CONTEXT *context )
if (offset <= sizeof(KSHARED_USER_DATA) - data_size)
{
ULONGLONG temp = 0;
- memcpy( &temp, wine_user_shared_data + offset, data_size );
+ memcpy( &temp, __wine_user_shared_data() + offset, data_size );
store_reg_word( context, instr[2], (BYTE *)&temp, long_op, rex );
context->Rip += prefixlen + len + 2;
return ExceptionContinueExecution;
@@ -711,8 +710,8 @@ static DWORD emulate_instruction( EXCEPTION_RECORD *rec, CONTEXT *context )
{
switch (*instr)
{
- case 0x8a: store_reg_byte( context, instr[1], wine_user_shared_data + offset, rex ); break;
- case 0x8b: store_reg_word( context, instr[1], wine_user_shared_data + offset, long_op, rex ); break;
+ case 0x8a: store_reg_byte( context, instr[1], __wine_user_shared_data() + offset, rex ); break;
+ case 0x8b: store_reg_word( context, instr[1], __wine_user_shared_data() + offset, long_op, rex ); break;
}
context->Rip += prefixlen + len + 1;
return ExceptionContinueExecution;
@@ -730,7 +729,7 @@ static DWORD emulate_instruction( EXCEPTION_RECORD *rec, CONTEXT *context )
if (offset <= sizeof(KSHARED_USER_DATA) - data_size)
{
- memcpy( &context->Rax, wine_user_shared_data + offset, data_size );
+ memcpy( &context->Rax, __wine_user_shared_data() + offset, data_size );
context->Rip += prefixlen + len + 1;
return ExceptionContinueExecution;
}
--
2.4.3

343
patches/ntoskrnl-Emulator/0001-ntoskrnl-Emulate-memory-access-to-KI_USER_SHARED_DAT.patch
View File

@ -1,343 +0,0 @@
From 8c0608f6993ddffaff2c0a5aad9e6702ec631479 Mon Sep 17 00:00:00 2001
From: Sebastian Lackner <sebastian@fds-team.de>
Date: Mon, 10 Nov 2014 21:27:39 +0100
Subject: ntoskrnl: Emulate memory access to KI_USER_SHARED_DATA on x86_64.
(v3)
Changes in v3:
* Add instruction emulation for MOVZX
---
dlls/ntoskrnl.exe/instr.c | 298 ++++++++++++++++++++++++++++++++++++++++++-
dlls/ntoskrnl.exe/ntoskrnl.c | 2 +-
2 files changed, 298 insertions(+), 2 deletions(-)
diff --git a/dlls/ntoskrnl.exe/instr.c b/dlls/ntoskrnl.exe/instr.c
index 45021c6..9e5f109 100644
--- a/dlls/ntoskrnl.exe/instr.c
+++ b/dlls/ntoskrnl.exe/instr.c
@@ -4,6 +4,7 @@
* Copyright 1995 Alexandre Julliard
* Copyright 2005 Ivan Leo Puoti
* Copyright 2005 Laurent Pinchart
+ * Copyright 2014 Sebastian Lackner
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
@@ -475,4 +476,299 @@ LONG CALLBACK vectored_handler( EXCEPTION_POINTERS *ptrs )
return EXCEPTION_CONTINUE_SEARCH;
}
-#endif /* __i386__ */
+#elif defined(__x86_64__) /* __i386__ */
+
+#include <stdarg.h>
+
+#include "windef.h"
+#include "winbase.h"
+#include "winternl.h"
+#define WIN32_NO_STATUS
+#include "ddk/wdm.h"
+#include "excpt.h"
+#include "wine/debug.h"
+#include "wine/exception.h"
+
+WINE_DEFAULT_DEBUG_CHANNEL(int);
+
+#define REX_B 1
+#define REX_X 2
+#define REX_R 4
+#define REX_W 8
+
+#define REGMODRM_MOD( regmodrm, rex ) ((regmodrm) >> 6)
+#define REGMODRM_REG( regmodrm, rex ) (((regmodrm) >> 3) & 7) | (((rex) & REX_R) ? 8 : 0)
+#define REGMODRM_RM( regmodrm, rex ) (((regmodrm) & 7) | (((rex) & REX_B) ? 8 : 0))
+
+#define SIB_SS( sib, rex ) ((sib) >> 6)
+#define SIB_INDEX( sib, rex ) (((sib) >> 3) & 7) | (((rex) & REX_R) ? 8 : 0)
+#define SIB_BASE( sib, rex ) (((sib) & 7) | (((rex) & REX_B) ? 8 : 0))
+
+#define KI_USER_SHARED_DATA 0xfffff78000000000
+extern void* CDECL __wine_user_shared_data(void);
+
+static inline DWORD64 *get_int_reg( CONTEXT *context, int index )
+{
+ return &context->Rax + index; /* index should be in range 0 .. 15 */
+}
+
+static inline int get_op_size( int long_op, int rex )
+{
+ if (rex & REX_W)
+ return sizeof(DWORD64);
+ else if (long_op)
+ return sizeof(DWORD);
+ else
+ return sizeof(WORD);
+}
+
+/* store an operand into a register */
+static void store_reg_word( CONTEXT *context, BYTE regmodrm, const BYTE *addr, int long_op, int rex )
+{
+ int index = REGMODRM_REG( regmodrm, rex );
+ BYTE *reg = (BYTE *)get_int_reg( context, index );
+ memcpy( reg, addr, get_op_size( long_op, rex ) );
+}
+
+/* store an operand into a byte register */
+static void store_reg_byte( CONTEXT *context, BYTE regmodrm, const BYTE *addr, int rex )
+{
+ int index = REGMODRM_REG( regmodrm, rex );
+ BYTE *reg = (BYTE *)get_int_reg( context, index );
+ if (!rex && index >= 4 && index < 8) reg -= (4 * sizeof(DWORD64) - 1); /* special case: ah, ch, dh, bh */
+ *reg = *addr;
+}
+
+/***********************************************************************
+ * INSTR_GetOperandAddr
+ *
+ * Return the address of an instruction operand (from the mod/rm byte).
+ */
+static BYTE *INSTR_GetOperandAddr( CONTEXT *context, BYTE *instr,
+ int long_addr, int rex, int segprefix, int *len )
+{
+ int mod, rm, ss = 0, off, have_sib = 0;
+ DWORD64 base = 0, index = 0;
+
+#define GET_VAL( val, type ) \
+ { *val = *(type *)instr; instr += sizeof(type); *len += sizeof(type); }
+
+ *len = 0;
+ GET_VAL( &mod, BYTE );
+ rm = REGMODRM_RM( mod, rex );
+ mod = REGMODRM_MOD( mod, rex );
+
+ if (mod == 3)
+ return (BYTE *)get_int_reg( context, rm );
+
+ if ((rm & 7) == 4)
+ {
+ BYTE sib;
+ int id;
+
+ GET_VAL( &sib, BYTE );
+ rm = SIB_BASE( sib, rex );
+ id = SIB_INDEX( sib, rex );
+ ss = SIB_SS( sib, rex );
+
+ index = (id != 4) ? *get_int_reg( context, id ) : 0;
+ if (!long_addr) index &= 0xffffffff;
+ have_sib = 1;
+ }
+
+ base = *get_int_reg( context, rm );
+ if (!long_addr) base &= 0xffffffff;
+
+ switch (mod)
+ {
+ case 0:
+ if (rm == 5) /* special case */
+ {
+ base = have_sib ? 0 : context->Rip;
+ if (!long_addr) base &= 0xffffffff;
+ GET_VAL( &off, DWORD );
+ base += (signed long)off;
+ }
+ break;
+
+ case 1: /* 8-bit disp */
+ GET_VAL( &off, BYTE );
+ base += (signed char)off;
+ break;
+
+ case 2: /* 32-bit disp */
+ GET_VAL( &off, DWORD );
+ base += (signed long)off;
+ break;
+ }
+
+ /* FIXME: we assume that all segments have a base of 0 */
+ return (BYTE *)(base + (index << ss));
+#undef GET_VAL
+}
+
+
+/***********************************************************************
+ * emulate_instruction
+ *
+ * Emulate a privileged instruction.
+ * Returns exception continuation status.
+ */
+static DWORD emulate_instruction( EXCEPTION_RECORD *rec, CONTEXT *context )
+{
+ int prefix, segprefix, prefixlen, len, long_op, long_addr, rex;
+ BYTE *instr;
+
+ long_op = long_addr = 1;
+ instr = (BYTE *)context->Rip;
+ if (!instr) return ExceptionContinueSearch;
+
+ /* First handle any possible prefix */
+
+ segprefix = -1; /* no seg prefix */
+ rex = 0; /* no rex prefix */
+ prefix = 1;
+ prefixlen = 0;
+ while(prefix)
+ {
+ switch(*instr)
+ {
+ case 0x2e:
+ segprefix = context->SegCs;
+ break;
+ case 0x36:
+ segprefix = context->SegSs;
+ break;
+ case 0x3e:
+ segprefix = context->SegDs;
+ break;
+ case 0x26:
+ segprefix = context->SegEs;
+ break;
+ case 0x64:
+ segprefix = context->SegFs;
+ break;
+ case 0x65:
+ segprefix = context->SegGs;
+ break;
+ case 0x66:
+ long_op = !long_op; /* opcode size prefix */
+ break;
+ case 0x67:
+ long_addr = !long_addr; /* addr size prefix */
+ break;
+ case 0xf0: /* lock */
+ break;
+ case 0xf2: /* repne */
+ break;
+ case 0xf3: /* repe */
+ break;
+ default:
+ prefix = 0; /* no more prefixes */
+ break;
+ }
+ if (*instr >= 0x40 && *instr < 0x50) /* rex */
+ {
+ rex = *instr;
+ prefix = TRUE;
+ }
+ if (prefix)
+ {
+ instr++;
+ prefixlen++;
+ }
+ }
+
+ /* Now look at the actual instruction */
+
+ switch(*instr)
+ {
+ case 0x0f: /* extended instruction */
+ switch(instr[1])
+ {
+ case 0xb6: /* movzx Eb, Gv */
+ case 0xb7: /* movzx Ew, Gv */
+ {
+ BYTE *data = INSTR_GetOperandAddr( context, instr + 2, long_addr,
+ rex, segprefix, &len );
+ unsigned int data_size = (instr[1] == 0xb7) ? 2 : 1;
+ unsigned int offset = data - (BYTE *)KI_USER_SHARED_DATA;
+
+ if (offset <= sizeof(struct _KUSER_SHARED_DATA) - data_size)
+ {
+ BYTE *user_shared_data = __wine_user_shared_data();
+ ULONGLONG temp = 0;
+ memcpy( &temp, user_shared_data + offset, data_size );
+ store_reg_word( context, instr[2], (BYTE *)&temp, long_op, rex );
+ context->Rip += prefixlen + len + 2;
+ return ExceptionContinueExecution;
+ }
+ break; /* Unable to emulate it */
+ }
+ }
+ break; /* Unable to emulate it */
+
+ case 0x8a: /* mov Eb, Gb */
+ case 0x8b: /* mov Ev, Gv */
+ {
+ BYTE *data = INSTR_GetOperandAddr( context, instr + 1, long_addr,
+ rex, segprefix, &len );
+ unsigned int data_size = (*instr == 0x8b) ? get_op_size( long_op, rex ) : 1;
+ unsigned int offset = data - (BYTE *)KI_USER_SHARED_DATA;
+
+ if (offset <= sizeof(KSHARED_USER_DATA) - data_size)
+ {
+ BYTE *user_shared_data = __wine_user_shared_data();
+ switch (*instr)
+ {
+ case 0x8a: store_reg_byte( context, instr[1], user_shared_data + offset, rex ); break;
+ case 0x8b: store_reg_word( context, instr[1], user_shared_data + offset, long_op, rex ); break;
+ }
+ context->Rip += prefixlen + len + 1;
+ return ExceptionContinueExecution;
+ }
+ break; /* Unable to emulate it */
+ }
+
+ case 0xa0: /* mov Ob, AL */
+ case 0xa1: /* mov Ovqp, rAX */
+ {
+ BYTE *data = (BYTE *)(long_addr ? *(DWORD64 *)(instr + 1) : *(DWORD *)(instr + 1));
+ unsigned int data_size = (*instr == 0xa1) ? get_op_size( long_op, rex ) : 1;
+ unsigned int offset = data - (BYTE *)KI_USER_SHARED_DATA;
+ len = long_addr ? sizeof(DWORD64) : sizeof(DWORD);
+
+ if (offset <= sizeof(KSHARED_USER_DATA) - data_size)
+ {
+ BYTE *user_shared_data = __wine_user_shared_data();
+ memcpy( &context->Rax, user_shared_data + offset, data_size );
+ context->Rip += prefixlen + len + 1;
+ return ExceptionContinueExecution;
+ }
+ break; /* Unable to emulate it */
+ }
+ }
+ return ExceptionContinueSearch; /* Unable to emulate it */
+}
+
+
+/***********************************************************************
+ * vectored_handler
+ *
+ * Vectored exception handler used to emulate protected instructions
+ * from 64-bit code.
+ */
+LONG CALLBACK vectored_handler( EXCEPTION_POINTERS *ptrs )
+{
+ EXCEPTION_RECORD *record = ptrs->ExceptionRecord;
+ CONTEXT *context = ptrs->ContextRecord;
+
+ if (record->ExceptionCode == EXCEPTION_ACCESS_VIOLATION)
+ {
+ if (emulate_instruction( record, context ) == ExceptionContinueExecution)
+ return EXCEPTION_CONTINUE_EXECUTION;
+ }
+ return EXCEPTION_CONTINUE_SEARCH;
+}
+
+#endif /* __x86_64__ */
\ No newline at end of file
diff --git a/dlls/ntoskrnl.exe/ntoskrnl.c b/dlls/ntoskrnl.exe/ntoskrnl.c
index 2051939..35454a5 100644
--- a/dlls/ntoskrnl.exe/ntoskrnl.c
+++ b/dlls/ntoskrnl.exe/ntoskrnl.c
@@ -2069,7 +2069,7 @@ BOOL WINAPI DllMain( HINSTANCE inst, DWORD reason, LPVOID reserved )
{
case DLL_PROCESS_ATTACH:
DisableThreadLibraryCalls( inst );
-#ifdef __i386__
+#if defined(__i386__) || defined(__x86_64__)
handler = RtlAddVectoredExceptionHandler( TRUE, vectored_handler );
#endif
KeQueryTickCount( &count ); /* initialize the global KeTickCount */
--
2.4.3

46
patches/ntoskrnl-Emulator/0002-ntoskrnl-Add-TRACEs-for-instruction-emulator-on-x86_.patch
View File

@ -1,46 +0,0 @@
From c5d80d20b8e3ba1eb46d18cef337a1d6d1b0ed10 Mon Sep 17 00:00:00 2001
From: Sebastian Lackner <sebastian@fds-team.de>
Date: Mon, 10 Nov 2014 21:42:53 +0100
Subject: ntoskrnl: Add TRACEs for instruction emulator on x86_64 to simplify
debugging.
---
dlls/ntoskrnl.exe/instr.c | 20 ++++++++++++++++++++
1 file changed, 20 insertions(+)
diff --git a/dlls/ntoskrnl.exe/instr.c b/dlls/ntoskrnl.exe/instr.c
index 51b7bec..16d7afd 100644
--- a/dlls/ntoskrnl.exe/instr.c
+++ b/dlls/ntoskrnl.exe/instr.c
@@ -739,8 +739,28 @@ LONG CALLBACK vectored_handler( EXCEPTION_POINTERS *ptrs )
if (record->ExceptionCode == EXCEPTION_ACCESS_VIOLATION)
{
+ DWORD64 rip = context->Rip;
if (emulate_instruction( record, context ) == ExceptionContinueExecution)
+ {
+
+ if (context->Rip - rip <= 32)
+ {
+ TRACE("emulated opcodes:");
+ for (; rip < context->Rip; rip++) TRACE(" %02x", *(BYTE *)rip);
+ TRACE("\n");
+ }
+ TRACE( "next instruction rip=%lx\n", context->Rip );
+ TRACE( " rax=%016lx rbx=%016lx rcx=%016lx rdx=%016lx\n",
+ context->Rax, context->Rbx, context->Rcx, context->Rdx );
+ TRACE( " rsi=%016lx rdi=%016lx rbp=%016lx rsp=%016lx\n",
+ context->Rsi, context->Rdi, context->Rbp, context->Rsp );
+ TRACE( " r8=%016lx r9=%016lx r10=%016lx r11=%016lx\n",
+ context->R8, context->R9, context->R10, context->R11 );
+ TRACE( " r12=%016lx r13=%016lx r14=%016lx r15=%016lx\n",
+ context->R12, context->R13, context->R14, context->R15 );
+
return EXCEPTION_CONTINUE_EXECUTION;
+ }
}
return EXCEPTION_CONTINUE_SEARCH;
}
--
2.1.3

3
patches/ntoskrnl-Emulator/definition
View File

@ -1,3 +0,0 @@
Fixes: [33849] Emulate access to KI_USER_SHARED_DATA kernel page on x86_64
Depends: ntdll-User_Shared_Data
Category: stable

139
patches/patchinstall.sh
View File

@ -55,7 +55,7 @@ version()
echo "Copyright (C) 2014-2015 the Wine Staging project authors."
echo ""
echo "Patchset to be applied on upstream Wine:"
echo " commit 6fe55462107b4dcc31f919296a6e5870dcc881a3"
echo " commit af55ae137965512a1635e69b8f41849114f60012"
echo ""
}
@ -185,7 +185,6 @@ patch_enable_all ()
enable_ntdll_WinSqm="$1"
enable_ntdll_WriteWatches="$1"
enable_ntoskrnl_DriverTest="$1"
enable_ntoskrnl_Emulator="$1"
enable_ntoskrnl_Stubs="$1"
enable_nvapi_Stub_DLL="$1"
enable_nvcuda_CUDA_Support="$1"
@ -211,7 +210,6 @@ patch_enable_all ()
enable_server_OpenProcess="$1"
enable_server_PeekMessage="$1"
enable_server_Realtime_Priority="$1"
enable_server_Release_File="$1"
enable_server_RootDirectory_File="$1"
enable_server_Shared_Memory="$1"
enable_server_Stored_ACLs="$1"
@ -634,9 +632,6 @@ patch_enable ()
ntoskrnl-DriverTest)
enable_ntoskrnl_DriverTest="$2"
;;
ntoskrnl-Emulator)
enable_ntoskrnl_Emulator="$2"
;;
ntoskrnl-Stubs)
enable_ntoskrnl_Stubs="$2"
;;
@ -712,9 +707,6 @@ patch_enable ()
server-Realtime_Priority)
enable_server_Realtime_Priority="$2"
;;
server-Release_File)
enable_server_Release_File="$2"
;;
server-RootDirectory_File)
enable_server_RootDirectory_File="$2"
;;
@ -1444,9 +1436,6 @@ if test "$enable_category_stable" -eq 1; then
if test "$enable_ntdll_WriteWatches" -gt 1; then
abort "Patchset ntdll-WriteWatches disabled, but category-stable depends on that."
fi
if test "$enable_ntoskrnl_Emulator" -gt 1; then
abort "Patchset ntoskrnl-Emulator disabled, but category-stable depends on that."
fi
if test "$enable_opengl32_Revert_Disable_Ext" -gt 1; then
abort "Patchset opengl32-Revert_Disable_Ext disabled, but category-stable depends on that."
fi
@ -1595,7 +1584,6 @@ if test "$enable_category_stable" -eq 1; then
enable_ntdll_Threading=1
enable_ntdll_User_Shared_Data=1
enable_ntdll_WriteWatches=1
enable_ntoskrnl_Emulator=1
enable_opengl32_Revert_Disable_Ext=1
enable_server_Address_List_Change=1
enable_server_ClipCursor=1
@ -1758,13 +1746,6 @@ if test "$enable_nvapi_Stub_DLL" -eq 1; then
enable_nvcuda_CUDA_Support=1
fi
if test "$enable_ntoskrnl_Emulator" -eq 1; then
if test "$enable_ntdll_User_Shared_Data" -gt 1; then
abort "Patchset ntdll-User_Shared_Data disabled, but ntoskrnl-Emulator depends on that."
fi
enable_ntdll_User_Shared_Data=1
fi
if test "$enable_ntdll_WriteWatches" -eq 1; then
if test "$enable_kernel32_Named_Pipe" -gt 1; then
abort "Patchset kernel32-Named_Pipe disabled, but ntdll-WriteWatches depends on that."
@ -2052,23 +2033,6 @@ if test "$enable_advapi32_GetWindowsAccountDomainSid" -eq 1; then
) >> "$patchlist"
fi
# Patchset server-Misc_ACL
# |
# | This patchset fixes the following Wine bugs:
# | * [#15980] GetSecurityInfo returns NULL DACL for process object
# |
# | Modified files:
# | * dlls/advapi32/tests/security.c, server/process.c, server/security.h, server/token.c
# |
if test "$enable_server_Misc_ACL" -eq 1; then
patch_apply server-Misc_ACL/0001-server-Add-default-security-descriptor-ownership-for.patch
patch_apply server-Misc_ACL/0002-server-Add-default-security-descriptor-DACL-for-proc.patch
(
echo '+ { "Erich E. Hoover", "server: Add default security descriptor ownership for processes.", 1 },';
echo '+ { "Erich E. Hoover", "server: Add default security descriptor DACL for processes.", 1 },';
) >> "$patchlist"
fi
# Patchset server-CreateProcess_ACLs
# |
# | This patchset fixes the following Wine bugs:
@ -2088,6 +2052,23 @@ if test "$enable_server_CreateProcess_ACLs" -eq 1; then
) >> "$patchlist"
fi
# Patchset server-Misc_ACL
# |
# | This patchset fixes the following Wine bugs:
# | * [#15980] GetSecurityInfo returns NULL DACL for process object
# |
# | Modified files:
# | * dlls/advapi32/tests/security.c, server/process.c, server/security.h, server/token.c
# |
if test "$enable_server_Misc_ACL" -eq 1; then
patch_apply server-Misc_ACL/0001-server-Add-default-security-descriptor-ownership-for.patch
patch_apply server-Misc_ACL/0002-server-Add-default-security-descriptor-DACL-for-proc.patch
(
echo '+ { "Erich E. Hoover", "server: Add default security descriptor ownership for processes.", 1 },';
echo '+ { "Erich E. Hoover", "server: Add default security descriptor DACL for processes.", 1 },';
) >> "$patchlist"
fi
# Patchset advapi32-LsaLookupSids
# |
# | Modified files:
@ -3804,12 +3785,14 @@ fi
# Patchset ntdll-User_Shared_Data
# |
# | Modified files:
# | * dlls/ntdll/ntdll.spec, dlls/ntdll/thread.c
# | * dlls/ntdll/ntdll.spec, dlls/ntdll/thread.c, dlls/ntoskrnl.exe/instr.c
# |
if test "$enable_ntdll_User_Shared_Data" -eq 1; then
patch_apply ntdll-User_Shared_Data/0001-ntdll-Move-code-to-update-user-shared-data-into-a-se.patch
patch_apply ntdll-User_Shared_Data/0002-ntoskrnl-Update-USER_SHARED_DATA-before-accessing-me.patch
(
echo '+ { "Sebastian Lackner", "ntdll: Move code to update user shared data into a separate function.", 1 },';
echo '+ { "Sebastian Lackner", "ntoskrnl: Update USER_SHARED_DATA before accessing memory.", 1 },';
) >> "$patchlist"
fi
@ -3915,23 +3898,6 @@ if test "$enable_ntoskrnl_DriverTest" -eq 1; then
) >> "$patchlist"
fi
# Patchset ntoskrnl-Emulator
# |
# | This patchset fixes the following Wine bugs:
# | * [#33849] Emulate access to KI_USER_SHARED_DATA kernel page on x86_64
# |
# | Modified files:
# | * dlls/ntoskrnl.exe/instr.c, dlls/ntoskrnl.exe/ntoskrnl.c
# |
if test "$enable_ntoskrnl_Emulator" -eq 1; then
patch_apply ntoskrnl-Emulator/0001-ntoskrnl-Emulate-memory-access-to-KI_USER_SHARED_DAT.patch
patch_apply ntoskrnl-Emulator/0002-ntoskrnl-Add-TRACEs-for-instruction-emulator-on-x86_.patch
(
echo '+ { "Sebastian Lackner", "ntoskrnl: Emulate memory access to KI_USER_SHARED_DATA on x86_64.", 3 },';
echo '+ { "Sebastian Lackner", "ntoskrnl: Add TRACEs for instruction emulator on x86_64 to simplify debugging.", 1 },';
) >> "$patchlist"
fi
# Patchset ntoskrnl-Stubs
# |
# | This patchset fixes the following Wine bugs:
@ -4389,21 +4355,6 @@ if test "$enable_server_Realtime_Priority" -eq 1; then
) >> "$patchlist"
fi
# Patchset server-Release_File
# |
# | This patchset fixes the following Wine bugs:
# | * [#38764] Fix possible use-after-free in wineserver device IPR code
# |
# | Modified files:
# | * server/device.c
# |
if test "$enable_server_Release_File" -eq 1; then
patch_apply server-Release_File/0001-server-Delay-destruction-of-file-object-in-set_irp_r.patch
(
echo '+ { "Sebastian Lackner", "server: Delay destruction of file object in set_irp_result.", 1 },';
) >> "$patchlist"
fi
# Patchset server-Shared_Memory
# |
# | Modified files:
@ -5066,18 +5017,6 @@ if test "$enable_wined3d_CSMT_Helper" -eq 1; then
) >> "$patchlist"
fi
# Patchset wined3d-UnhandledBlendFactor
# |
# | Modified files:
# | * dlls/wined3d/state.c
# |
if test "$enable_wined3d_UnhandledBlendFactor" -eq 1; then
patch_apply wined3d-UnhandledBlendFactor/0001-wined3d-Silence-repeated-Unhandled-blend-factor-0-me.patch
(
echo '+ { "Sebastian Lackner", "wined3d: Silence repeated '\''Unhandled blend factor 0'\'' messages.", 1 },';
) >> "$patchlist"
fi
# Patchset wined3d-wined3d_swapchain_present
# |
# | Modified files:
@ -5090,18 +5029,6 @@ if test "$enable_wined3d_wined3d_swapchain_present" -eq 1; then
) >> "$patchlist"
fi
# Patchset wined3d-resource_check_usage
# |
# | Modified files:
# | * dlls/wined3d/resource.c
# |
if test "$enable_wined3d_resource_check_usage" -eq 1; then
patch_apply wined3d-resource_check_usage/0001-wined3d-Silence-repeated-resource_check_usage-FIXME.patch
(
echo '+ { "Erich E. Hoover", "wined3d: Silence repeated resource_check_usage FIXME.", 2 },';
) >> "$patchlist"
fi
# Patchset wined3d-Multisampling
# |
# | This patchset fixes the following Wine bugs:
@ -5151,6 +5078,30 @@ if test "$enable_wined3d_Revert_PixelFormat" -eq 1; then
) >> "$patchlist"
fi
# Patchset wined3d-UnhandledBlendFactor
# |
# | Modified files:
# | * dlls/wined3d/state.c
# |
if test "$enable_wined3d_UnhandledBlendFactor" -eq 1; then
patch_apply wined3d-UnhandledBlendFactor/0001-wined3d-Silence-repeated-Unhandled-blend-factor-0-me.patch
(
echo '+ { "Sebastian Lackner", "wined3d: Silence repeated '\''Unhandled blend factor 0'\'' messages.", 1 },';
) >> "$patchlist"
fi
# Patchset wined3d-resource_check_usage
# |
# | Modified files:
# | * dlls/wined3d/resource.c
# |
if test "$enable_wined3d_resource_check_usage" -eq 1; then
patch_apply wined3d-resource_check_usage/0001-wined3d-Silence-repeated-resource_check_usage-FIXME.patch
(
echo '+ { "Erich E. Hoover", "wined3d: Silence repeated resource_check_usage FIXME.", 2 },';
) >> "$patchlist"
fi
# Patchset wined3d-CSMT_Main
# |
# | This patchset fixes the following Wine bugs:

32
patches/server-Release_File/0001-server-Delay-destruction-of-file-object-in-set_irp_r.patch
View File

@ -1,32 +0,0 @@
From 12bf8396bd22a181e9d49c70b84b98b85eacefea Mon Sep 17 00:00:00 2001
From: Sebastian Lackner <sebastian@fds-team.de>
Date: Tue, 16 Jun 2015 03:16:10 +0200
Subject: server: Delay destruction of file object in set_irp_result.
---
server/device.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/server/device.c b/server/device.c
index dc0325e..da99c32 100644
--- a/server/device.c
+++ b/server/device.c
@@ -288,7 +288,6 @@ static void set_irp_result( struct irp_call *irp, unsigned int status,
irp->out_size = min( irp->out_size, out_size );
if (irp->out_size && !(irp->out_data = memdup( out_data, irp->out_size )))
irp->out_size = 0;
- release_object( file );
irp->file = NULL;
if (irp->async)
{
@@ -306,6 +305,7 @@ static void set_irp_result( struct irp_call *irp, unsigned int status,
list_remove( &irp->dev_entry );
release_object( irp ); /* no longer on the device queue */
}
+ release_object( file );
}
--
2.4.3

1
patches/server-Release_File/definition
View File

@ -1 +0,0 @@
Fixes: [38764] Fix possible use-after-free in wineserver device IPR code