Re: [ros-dev] [ros-diffs] [jgardou] 66161: [NTDLL] - use the edx register to store the function pointer to the syscall trampoline. This is how google Chrome checks if an exported function is a system
But you are aware, that it was you, who wrote the previous code, yes? http://svn.reactos.org/svn/reactos?view=revisionrevision=13090 Author: ion Date: Mon Jan 17 07:10:34 2005 UTC /(10 years ago)/ Changed paths: *28* Log Message: SYSENTER support, INT2E Optimization, new Syscall Table/Stub generator and svn:ignore fixes. Please read associated Mailing List Post. 44 /* 45 * This stubs calls into KUSER_SHARED_DATA where either a 46 * sysenter or interrupt is performed, depending on CPU support. 47 */ 48 #define UserModeStub_x86 movl $0x%x, %%eax\n \ 49 movl $KUSER_SHARED_SYSCALL, %%ecx\n \ 50 call *%%ecx\n \ 51 ret $0x%x\n\n This must have been shortly before almost a decade now ;-) Also there is a difference between We must copy these 5 documented asm instructions, because we know otherwise app xyz breaks and let's just copy this and that and that as well, because there might be an application out there that relies on this exact sequence of instructions, for whatever reason that we cannot even imagine Am 06.02.2015 um 07:00 schrieb Alex Ionescu: Wow, it almost sounds like... we have to copy the exact same assembly code from Microsoft... instead of being more efficient or doing it our way because there's no point in copying such minute details. It..almost sounds like... something some developer was saying for almost a decade now? No, I must be imagining things... Best regards, Alex Ionescu On Wed, Feb 4, 2015 at 8:58 AM, jgar...@svn.reactos.org mailto:jgar...@svn.reactos.org wrote: Author: jgardou Date: Wed Feb 4 16:58:41 2015 New Revision: 66161 URL: http://svn.reactos.org/svn/reactos?rev=66161view=rev Log: [NTDLL] - use the edx register to store the function pointer to the syscall trampoline. This is how google Chrome checks if an exported function is a system call or not. See https://chromium.googlesource.com/chromium/src.git/+/master/sandbox/win/src/service_resolver_32.cc and https://bugs.winehq.org/show_bug.cgi?id=21232 for details Modified: trunk/reactos/include/asm/syscalls.inc Modified: trunk/reactos/include/asm/syscalls.inc URL: http://svn.reactos.org/svn/reactos/trunk/reactos/include/asm/syscalls.inc?rev=66161r1=66160r2=66161view=diff == --- trunk/reactos/include/asm/syscalls.inc [iso-8859-1] (original) +++ trunk/reactos/include/asm/syscalls.inc [iso-8859-1] Wed Feb 4 16:58:41 2015 @@ -1,109 +1,109 @@ - -#ifdef _M_IX86 -#define KUSER_SHARED_SYSCALL HEX(7ffe0300) -#define KGDT_R0_CODE 8 -MACRO(STUBCODE_U, Name, SyscallId, ArgCount) -StackBytes = 4 * ArgCount -FPO 0, 0, 0, 0, 0, FRAME_FPO -mov eax, SyscallId -mov ecx, KUSER_SHARED_SYSCALL -call dword ptr [ecx] -ret StackBytes -ENDM -MACRO(STUBCODE_K, Name, SyscallId, ArgCount) -StackBytes = 4 * ArgCount -FPO 0, 0, 0, 0, 0, FRAME_FPO -mov eax, SyscallId -lea edx, [esp + 4] -pushfd -push KGDT_R0_CODE -call _KiSystemService -ret StackBytes -ENDM -#elif defined(_M_AMD64) -MACRO(STUBCODE_U, Name, SyscallId, ArgCount) -.ENDPROLOG -mov eax, SyscallId -mov r10, rcx -syscall -ret -ENDM -MACRO(STUBCODE_K, Name, SyscallId, ArgCount) -.ENDPROLOG -EXTERN NtName:PROC -lea rax, NtName[rip] -mov r10, ArgCount * 8 -jmp KiZwSystemService -ENDM -#elif defined(_M_ARM) -MACRO(STUBCODE_U, Name, SyscallId, ArgCount) -swi #SyscallId -bx lr -ENDM -MACRO(STUBCODE_K, Name, SyscallId, ArgCount) -mov ip, lr -swi #SyscallId -bx ip -ENDM -#elif defined(_M_PPC) -MACRO(STUBCODE_U, Name, SyscallId, ArgCount) -stwu 1,-16(1) -mflr 0 -stw 0,0(1) -li 0, SyscallId -sc -lwz 0,0(1) -mtlr 0 -addi 1,1,16 -blr -ENDM -#define STUBCODE_K STUBCODE_U -#elif defined(_M_MIPS) -MACRO(STUBCODE_U, Name, SyscallId, ArgCount) -li $8, KUSER_SHARED_SYSCALL -lw $8,0($8) -j $8 -nop -ENDM -MACRO(STUBCODE_K, Name, SyscallId, ArgCount) -j KiSystemService -nop -ENDM -#else -#error unsupported architecture -#endif - -#ifdef _M_IX86 -MACRO(MAKE_LABEL, Name, StackBytes) -PUBLIC _Name@StackBytes -_Name@StackBytes: -ENDM -MACRO(START_PROC, Name, StackBytes) -PUBLIC _Name@StackBytes -.PROC _Name@StackBytes -ENDM -#else -MACRO(MAKE_LABEL, Name, StackBytes) -PUBLIC Name -Name: -ENDM -MACRO(START_PROC, Name, StackBytes) -PUBLIC Name -.PROC Name -ENDM -#endif -
Re: [ros-dev] [ros-diffs] [jgardou] 66161: [NTDLL] - use the edx register to store the function pointer to the syscall trampoline. This is how google Chrome checks if an exported function is a system
Accidentally exactly 1 year after this commit, somebody from ROS claimed we had copied some ASM from Windows : http://www.reactos.org/archives/public/ros-dev/2006-January/007389.html De : Ros-dev [mailto:ros-dev-boun...@reactos.org] De la part de Timo Kreuzer Envoyé : vendredi 6 février 2015 10:46 À : ReactOS Development List Objet : Re: [ros-dev] [ros-diffs] [jgardou] 66161: [NTDLL] - use the edx register to store the function pointer to the syscall trampoline. This is how google Chrome checks if an exported function is a system call or not. See https:... But you are aware, that it was you, who wrote the previous code, yes? http://svn.reactos.org/svn/reactos?view=revision http://svn.reactos.org/svn/reactos?view=revisionrevision=13090 revision=13090 Author: ion Date: Mon Jan 17 07:10:34 2005 UTC (10 years ago) Changed paths: 28 Log Message: SYSENTER support, INT2E Optimization, new Syscall Table/Stub generator and svn:ignore fixes. Please read associated Mailing List Post. 44 /* 45 * This stubs calls into KUSER_SHARED_DATA where either a 46 * sysenter or interrupt is performed, depending on CPU support. 47 */ 48 #define UserModeStub_x86 movl $0x%x, %%eax\n \ 49 movl $KUSER_SHARED_SYSCALL, %%ecx\n \ 50 call *%%ecx\n \ 51 ret $0x%x\n\n This must have been shortly before almost a decade now ;-) Also there is a difference between We must copy these 5 documented asm instructions, because we know otherwise app xyz breaks and let's just copy this and that and that as well, because there might be an application out there that relies on this exact sequence of instructions, for whatever reason that we cannot even imagine Am 06.02.2015 um 07:00 schrieb Alex Ionescu: Wow, it almost sounds like... we have to copy the exact same assembly code from Microsoft... instead of being more efficient or doing it our way because there's no point in copying such minute details. It..almost sounds like... something some developer was saying for almost a decade now? No, I must be imagining things... Best regards, Alex Ionescu On Wed, Feb 4, 2015 at 8:58 AM, jgar...@svn.reactos.org wrote: Author: jgardou Date: Wed Feb 4 16:58:41 2015 New Revision: 66161 URL: http://svn.reactos.org/svn/reactos?rev=66161 http://svn.reactos.org/svn/reactos?rev=66161view=rev view=rev Log: [NTDLL] - use the edx register to store the function pointer to the syscall trampoline. This is how google Chrome checks if an exported function is a system call or not. See https://chromium.googlesource.com/chromium/src.git/+/master/sandbox/win/src/ service_resolver_32.cc and https://bugs.winehq.org/show_bug.cgi?id=21232 for details Modified: trunk/reactos/include/asm/syscalls.inc Modified: trunk/reactos/include/asm/syscalls.inc URL: http://svn.reactos.org/svn/reactos/trunk/reactos/include/asm/syscalls.inc?re v=66161 http://svn.reactos.org/svn/reactos/trunk/reactos/include/asm/syscalls.inc?r ev=66161r1=66160r2=66161view=diff r1=66160r2=66161view=diff == --- trunk/reactos/include/asm/syscalls.inc [iso-8859-1] (original) +++ trunk/reactos/include/asm/syscalls.inc [iso-8859-1] Wed Feb 4 16:58:41 2015 @@ -1,109 +1,109 @@ - -#ifdef _M_IX86 -#define KUSER_SHARED_SYSCALL HEX(7ffe0300) -#define KGDT_R0_CODE 8 -MACRO(STUBCODE_U, Name, SyscallId, ArgCount) -StackBytes = 4 * ArgCount -FPO 0, 0, 0, 0, 0, FRAME_FPO -mov eax, SyscallId -mov ecx, KUSER_SHARED_SYSCALL -call dword ptr [ecx] -ret StackBytes -ENDM -MACRO(STUBCODE_K, Name, SyscallId, ArgCount) -StackBytes = 4 * ArgCount -FPO 0, 0, 0, 0, 0, FRAME_FPO -mov eax, SyscallId -lea edx, [esp + 4] -pushfd -push KGDT_R0_CODE -call _KiSystemService -ret StackBytes -ENDM -#elif defined(_M_AMD64) -MACRO(STUBCODE_U, Name, SyscallId, ArgCount) -.ENDPROLOG -mov eax, SyscallId -mov r10, rcx -syscall -ret -ENDM -MACRO(STUBCODE_K, Name, SyscallId, ArgCount) -.ENDPROLOG -EXTERN NtName:PROC -lea rax, NtName[rip] -mov r10, ArgCount * 8 -jmp KiZwSystemService -ENDM -#elif defined(_M_ARM) -MACRO(STUBCODE_U, Name, SyscallId, ArgCount) -swi #SyscallId -bx lr -ENDM -MACRO(STUBCODE_K, Name, SyscallId, ArgCount) -mov ip, lr -swi #SyscallId -bx ip -ENDM -#elif defined(_M_PPC) -MACRO(STUBCODE_U, Name, SyscallId, ArgCount) -stwu 1,-16(1) -mflr 0 -stw 0,0(1) -li 0, SyscallId -sc -lwz 0,0(1) -mtlr 0 -addi 1,1,16 -blr -ENDM -#define STUBCODE_K STUBCODE_U -#elif defined(_M_MIPS) -MACRO(STUBCODE_U, Name, SyscallId, ArgCount) -li $8, KUSER_SHARED_SYSCALL -lw $8,0($8) -j $8 -nop -ENDM -MACRO(STUBCODE_K, Name, SyscallId, ArgCount) -j KiSystemService -nop -ENDM -#else -#error unsupported architecture -#endif - -#ifdef _M_IX86 -MACRO(MAKE_LABEL, Name, StackBytes) -PUBLIC _Name@StackBytes -_Name@StackBytes:
Re: [ros-dev] [ros-diffs] [jgardou] 66161: [NTDLL] - use the edx register to store the function pointer to the syscall trampoline. This is how google Chrome checks if an exported function is a system
Wow, it almost sounds like... we have to copy the exact same assembly code from Microsoft... instead of being more efficient or doing it our way because there's no point in copying such minute details. It..almost sounds like... something some developer was saying for almost a decade now? No, I must be imagining things... Best regards, Alex Ionescu On Wed, Feb 4, 2015 at 8:58 AM, jgar...@svn.reactos.org wrote: Author: jgardou Date: Wed Feb 4 16:58:41 2015 New Revision: 66161 URL: http://svn.reactos.org/svn/reactos?rev=66161view=rev Log: [NTDLL] - use the edx register to store the function pointer to the syscall trampoline. This is how google Chrome checks if an exported function is a system call or not. See https://chromium.googlesource.com/chromium/src.git/+/master/sandbox/win/src/service_resolver_32.cc and https://bugs.winehq.org/show_bug.cgi?id=21232 for details Modified: trunk/reactos/include/asm/syscalls.inc Modified: trunk/reactos/include/asm/syscalls.inc URL: http://svn.reactos.org/svn/reactos/trunk/reactos/include/asm/syscalls.inc?rev=66161r1=66160r2=66161view=diff == --- trunk/reactos/include/asm/syscalls.inc [iso-8859-1] (original) +++ trunk/reactos/include/asm/syscalls.inc [iso-8859-1] Wed Feb 4 16:58:41 2015 @@ -1,109 +1,109 @@ - -#ifdef _M_IX86 -#define KUSER_SHARED_SYSCALL HEX(7ffe0300) -#define KGDT_R0_CODE 8 -MACRO(STUBCODE_U, Name, SyscallId, ArgCount) -StackBytes = 4 * ArgCount -FPO 0, 0, 0, 0, 0, FRAME_FPO -mov eax, SyscallId -mov ecx, KUSER_SHARED_SYSCALL -call dword ptr [ecx] -ret StackBytes -ENDM -MACRO(STUBCODE_K, Name, SyscallId, ArgCount) -StackBytes = 4 * ArgCount -FPO 0, 0, 0, 0, 0, FRAME_FPO -mov eax, SyscallId -lea edx, [esp + 4] -pushfd -push KGDT_R0_CODE -call _KiSystemService -ret StackBytes -ENDM -#elif defined(_M_AMD64) -MACRO(STUBCODE_U, Name, SyscallId, ArgCount) -.ENDPROLOG -mov eax, SyscallId -mov r10, rcx -syscall -ret -ENDM -MACRO(STUBCODE_K, Name, SyscallId, ArgCount) -.ENDPROLOG -EXTERN NtName:PROC -lea rax, NtName[rip] -mov r10, ArgCount * 8 -jmp KiZwSystemService -ENDM -#elif defined(_M_ARM) -MACRO(STUBCODE_U, Name, SyscallId, ArgCount) -swi #SyscallId -bx lr -ENDM -MACRO(STUBCODE_K, Name, SyscallId, ArgCount) -mov ip, lr -swi #SyscallId -bx ip -ENDM -#elif defined(_M_PPC) -MACRO(STUBCODE_U, Name, SyscallId, ArgCount) -stwu 1,-16(1) -mflr 0 -stw 0,0(1) -li 0, SyscallId -sc -lwz 0,0(1) -mtlr 0 -addi 1,1,16 -blr -ENDM -#define STUBCODE_K STUBCODE_U -#elif defined(_M_MIPS) -MACRO(STUBCODE_U, Name, SyscallId, ArgCount) -li $8, KUSER_SHARED_SYSCALL -lw $8,0($8) -j $8 -nop -ENDM -MACRO(STUBCODE_K, Name, SyscallId, ArgCount) -j KiSystemService -nop -ENDM -#else -#error unsupported architecture -#endif - -#ifdef _M_IX86 -MACRO(MAKE_LABEL, Name, StackBytes) -PUBLIC _Name@StackBytes -_Name@StackBytes: -ENDM -MACRO(START_PROC, Name, StackBytes) -PUBLIC _Name@StackBytes -.PROC _Name@StackBytes -ENDM -#else -MACRO(MAKE_LABEL, Name, StackBytes) -PUBLIC Name -Name: -ENDM -MACRO(START_PROC, Name, StackBytes) -PUBLIC Name -.PROC Name -ENDM -#endif - -MACRO(STUB_U, Name, ArgCount) -MAKE_LABEL ZwName, %ArgCount * 4 -START_PROC NtName, %ArgCount * 4 -STUBCODE_U Name, SyscallId, %ArgCount -.ENDP -SyscallId = SyscallId + 1 -ENDM - -MACRO(STUB_K, Name, ArgCount) -START_PROC ZwName, %ArgCount * 4 -STUBCODE_K Name, SyscallId, %ArgCount -.ENDP -SyscallId = SyscallId + 1 -ENDM + +#ifdef _M_IX86 +#define KUSER_SHARED_SYSCALL HEX(7ffe0300) +#define KGDT_R0_CODE 8 +MACRO(STUBCODE_U, Name, SyscallId, ArgCount) +StackBytes = 4 * ArgCount +FPO 0, 0, 0, 0, 0, FRAME_FPO +mov eax, SyscallId +mov edx, KUSER_SHARED_SYSCALL +call dword ptr [edx] +ret StackBytes +ENDM +MACRO(STUBCODE_K, Name, SyscallId, ArgCount) +StackBytes = 4 * ArgCount +FPO 0, 0, 0, 0, 0, FRAME_FPO +mov eax, SyscallId +lea edx, [esp + 4] +pushfd +push KGDT_R0_CODE +call _KiSystemService +ret StackBytes +ENDM +#elif defined(_M_AMD64) +MACRO(STUBCODE_U, Name, SyscallId, ArgCount) +.ENDPROLOG +mov eax, SyscallId +mov r10, rcx +syscall +ret +ENDM +MACRO(STUBCODE_K, Name, SyscallId, ArgCount) +.ENDPROLOG +EXTERN NtName:PROC +lea rax, NtName[rip] +mov r10, ArgCount * 8 +jmp KiZwSystemService +ENDM +#elif defined(_M_ARM) +MACRO(STUBCODE_U, Name, SyscallId, ArgCount) +swi #SyscallId +bx lr +ENDM +MACRO(STUBCODE_K, Name, SyscallId, ArgCount) +mov ip, lr +swi #SyscallId +bx ip +ENDM +#elif defined(_M_PPC)
Re: [ros-dev] [ros-diffs] [jgardou] 66161: [NTDLL] - use the edx register to store the function pointer to the syscall trampoline. This is how google Chrome checks if an exported function is a system
Not really. They still could use the same trampoline mechanism, with a function pointer to some kind of user-mode dispatcher, like we and windows do with the syscall dispatcher. They just understandably don't care enough to do it. Le 04/02/2015 18:36, Hermès BÉLUSCA - MAÏTO a écrit : About the Wine bug report...: ils l'ont dans le XXX ? -Message d'origine- De : Ros-dev [mailto:ros-dev-boun...@reactos.org] De la part de Jérôme Gardou Envoyé : mercredi 4 février 2015 18:02 À : ros-dev@reactos.org Objet : Re: [ros-dev] [ros-diffs] [jgardou] 66161: [NTDLL] - use the edx register to store the function pointer to the syscall trampoline. This is how google Chrome checks if an exported function is a system call or not. See https:... Uh, sorry for the horriblly long diff. I guess someone initially committed the file with CRLF file endings :-/ Le 04/02/2015 17:58, jgar...@svn.reactos.org a écrit : Author: jgardou Date: Wed Feb 4 16:58:41 2015 New Revision: 66161 URL: http://svn.reactos.org/svn/reactos?rev=66161view=rev Log: [NTDLL] - use the edx register to store the function pointer to the syscall trampoline. This is how google Chrome checks if an exported function is a system call or not. See https://chromium.googlesource.com/chromium/src.git/+/master/sandbox/wi n/src/service_resolver_32.cc and https://bugs.winehq.org/show_bug.cgi?id=21232 for details Modified: trunk/reactos/include/asm/syscalls.inc Modified: trunk/reactos/include/asm/syscalls.inc URL: http://svn.reactos.org/svn/reactos/trunk/reactos/include/asm/syscalls. inc?rev=66161r1=66160r2=66161view=diff == --- trunk/reactos/include/asm/syscalls.inc [iso-8859-1] (original) +++ trunk/reactos/include/asm/syscalls.inc [iso-8859-1] Wed Feb 4 16:58:41 2015 @@ -1,109 +1,109 @@ - -#ifdef _M_IX86 -#define KUSER_SHARED_SYSCALL HEX(7ffe0300) -#define KGDT_R0_CODE 8 -MACRO(STUBCODE_U, Name, SyscallId, ArgCount) -StackBytes = 4 * ArgCount -FPO 0, 0, 0, 0, 0, FRAME_FPO -mov eax, SyscallId -mov ecx, KUSER_SHARED_SYSCALL -call dword ptr [ecx] -ret StackBytes -ENDM -MACRO(STUBCODE_K, Name, SyscallId, ArgCount) -StackBytes = 4 * ArgCount -FPO 0, 0, 0, 0, 0, FRAME_FPO -mov eax, SyscallId -lea edx, [esp + 4] -pushfd -push KGDT_R0_CODE -call _KiSystemService -ret StackBytes -ENDM -#elif defined(_M_AMD64) -MACRO(STUBCODE_U, Name, SyscallId, ArgCount) -.ENDPROLOG -mov eax, SyscallId -mov r10, rcx -syscall -ret -ENDM -MACRO(STUBCODE_K, Name, SyscallId, ArgCount) -.ENDPROLOG -EXTERN NtName:PROC -lea rax, NtName[rip] -mov r10, ArgCount * 8 -jmp KiZwSystemService -ENDM -#elif defined(_M_ARM) -MACRO(STUBCODE_U, Name, SyscallId, ArgCount) -swi #SyscallId -bx lr -ENDM -MACRO(STUBCODE_K, Name, SyscallId, ArgCount) -mov ip, lr -swi #SyscallId -bx ip -ENDM -#elif defined(_M_PPC) -MACRO(STUBCODE_U, Name, SyscallId, ArgCount) -stwu 1,-16(1) -mflr 0 -stw 0,0(1) -li 0, SyscallId -sc -lwz 0,0(1) -mtlr 0 -addi 1,1,16 -blr -ENDM -#define STUBCODE_K STUBCODE_U -#elif defined(_M_MIPS) -MACRO(STUBCODE_U, Name, SyscallId, ArgCount) -li $8, KUSER_SHARED_SYSCALL -lw $8,0($8) -j $8 -nop -ENDM -MACRO(STUBCODE_K, Name, SyscallId, ArgCount) -j KiSystemService -nop -ENDM -#else -#error unsupported architecture -#endif - -#ifdef _M_IX86 -MACRO(MAKE_LABEL, Name, StackBytes) -PUBLIC _Name@StackBytes -_Name@StackBytes: -ENDM -MACRO(START_PROC, Name, StackBytes) -PUBLIC _Name@StackBytes -.PROC _Name@StackBytes -ENDM -#else -MACRO(MAKE_LABEL, Name, StackBytes) -PUBLIC Name -Name: -ENDM -MACRO(START_PROC, Name, StackBytes) -PUBLIC Name -.PROC Name -ENDM -#endif - -MACRO(STUB_U, Name, ArgCount) -MAKE_LABEL ZwName, %ArgCount * 4 -START_PROC NtName, %ArgCount * 4 -STUBCODE_U Name, SyscallId, %ArgCount -.ENDP -SyscallId = SyscallId + 1 -ENDM - -MACRO(STUB_K, Name, ArgCount) -START_PROC ZwName, %ArgCount * 4 -STUBCODE_K Name, SyscallId, %ArgCount -.ENDP -SyscallId = SyscallId + 1 -ENDM + +#ifdef _M_IX86 +#define KUSER_SHARED_SYSCALL HEX(7ffe0300) #define KGDT_R0_CODE 8 +MACRO(STUBCODE_U, Name, SyscallId, ArgCount) +StackBytes = 4 * ArgCount +FPO 0, 0, 0, 0, 0, FRAME_FPO +mov eax, SyscallId +mov edx, KUSER_SHARED_SYSCALL +call dword ptr [edx] +ret StackBytes +ENDM +MACRO(STUBCODE_K, Name, SyscallId, ArgCount) +StackBytes = 4 * ArgCount +FPO 0, 0, 0, 0, 0, FRAME_FPO +mov eax, SyscallId +lea edx, [esp + 4] +pushfd +push KGDT_R0_CODE +call _KiSystemService +ret StackBytes +ENDM +#elif defined(_M_AMD64) +MACRO(STUBCODE_U, Name, SyscallId,