Lightemerald/windows-user-space-emulator
2
0
Fork 0
mirror of https://github.com/momo5502/emulator.git synced 2026-01-25 22:51:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'main' of https://github.com/momo5502/sogen

Browse Source
This commit is contained in:
CarlTSpeak
2025-10-21 11:20:08 +01:00
parent 1f5afe4c74 494dcce851
commit b64f780ff6
24 changed files with 471 additions and 332 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
src/analyzer/main.cpp
View File

@@ -492,8 +492,10 @@ namespace
const auto& exe = *win_emu->mod_manager.executable;
win_emu->emu().hook_instruction(x86_hookable_instructions::cpuid, [&] {
const auto rip = win_emu->emu().read_instruction_pointer();
const auto leaf = win_emu->emu().reg<uint32_t>(x86_register::eax);
auto& emu = win_emu->emu();
const auto rip = emu.read_instruction_pointer();
const auto leaf = emu.reg<uint32_t>(x86_register::eax);
const auto mod = get_module_if_interesting(win_emu->mod_manager, options.modules, rip);
if (mod.has_value() && (!concise_logging || context.cpuid_cache.insert({rip, leaf}).second))
@@ -502,6 +504,17 @@ namespace
(*mod) ? (*mod)->name.c_str() : "<N/A>");
}
if (leaf == 1)
{
// NOTE: We hard-code these values to disable SSE4.x
emu.reg<uint32_t>(x86_register::eax, 0x000906EA);
emu.reg<uint32_t>(x86_register::ebx, 0x00100800);
emu.reg<uint32_t>(x86_register::ecx, 0xFFE2F38F);
emu.reg<uint32_t>(x86_register::edx, 0xBFEBFBFF);
return instruction_hook_continuation::skip_instruction;
}
return instruction_hook_continuation::run_instruction;
});

19
src/common/utils/file_handle.hpp
View File

@@ -7,6 +7,12 @@ namespace utils
{
class file_handle
{
struct rename_information
{
std::filesystem::path old_filepath;
std::filesystem::path new_filepath;
};
public:
file_handle() = default;
@@ -80,8 +86,14 @@ namespace utils
return _ftelli64(this->file_);
}
void defer_rename(std::filesystem::path oldname, std::filesystem::path newname)
{
deferred_rename_ = {.old_filepath = std::move(oldname), .new_filepath = std::move(newname)};
}
private:
FILE* file_{};
std::optional<rename_information> deferred_rename_;
void release()
{
@@ -90,6 +102,13 @@ namespace utils
(void)fclose(this->file_);
this->file_ = {};
}
if (this->deferred_rename_)
{
std::error_code ec{};
std::filesystem::rename(this->deferred_rename_->old_filepath, this->deferred_rename_->new_filepath, ec);
this->deferred_rename_ = {};
}
}
};
}

2
src/common/utils/wildcard.hpp
View File

@@ -96,4 +96,4 @@ namespace utils::wildcard
return mask_pos == mask.size();
}
}
}

2
src/debugger/event_handler.cpp
View File

@@ -253,4 +253,4 @@ namespace debugger
response.exit_status = exit_status;
send_event(response);
}
}
}

4
src/debugger/events_generated.hxx
View File

@@ -9,8 +9,8 @@
// Ensure the included flatbuffers.h is the same version as when this file was
// generated, otherwise it may not be compatible.
static_assert(FLATBUFFERS_VERSION_MAJOR == 25 &&
FLATBUFFERS_VERSION_MINOR == 2 &&
FLATBUFFERS_VERSION_REVISION == 10,
FLATBUFFERS_VERSION_MINOR == 9 &&
FLATBUFFERS_VERSION_REVISION == 23,
"Non-compatible flatbuffers version included");
namespace Debugger {

2
src/debugger/message_transmitter.cpp
View File

@@ -73,4 +73,4 @@ namespace debugger
}
#endif
}
}
}

2
src/windows-emulator/devices/named_pipe.hpp
View File

@@ -32,4 +32,4 @@ class named_pipe : public io_device_container
void deserialize_object(utils::buffer_deserializer&) override
{
}
};
};

6
src/windows-emulator/kusd_mmio.cpp
View File

@@ -51,8 +51,10 @@ namespace
kusd.Cookie = 0;
kusd.ConsoleSessionForegroundProcessId = 0x00000000000028f4;
kusd.TimeUpdateLock = 0x0000000002b28586;
kusd.BaselineSystemTimeQpc = 0x0000004b17cd596c;
kusd.BaselineInterruptTimeQpc = 0x0000004b17cd596c;
// This is the QPC time when `SystemTime` is set
// We set it to UINT64_MAX, so `SystemTime` won't get adjusted in `RtlGetSystemTimePrecise`
kusd.BaselineSystemTimeQpc = 0xFFFFFFFFFFFFFFFF;
kusd.BaselineInterruptTimeQpc = 0xFFFFFFFFFFFFFFFF;
kusd.QpcSystemTimeIncrement = 0x8000000000000000;
kusd.QpcInterruptTimeIncrement = 0x8000000000000000;
kusd.QpcSystemTimeIncrementShift = 0x01;

2
src/windows-emulator/minidump_loader.hpp
View File

@@ -6,4 +6,4 @@ class windows_emulator;
namespace minidump_loader
{
void load_minidump_into_emulator(windows_emulator& win_emu, const std::filesystem::path& minidump_path);
}
}

2
src/windows-emulator/network/socket_wrapper.cpp
View File

@@ -111,7 +111,7 @@ namespace network
const auto res = ::recvfrom(this->socket_.get_socket(), reinterpret_cast<char*>(data.data()), static_cast<send_size>(data.size()),
0, &source.get_addr(), &source_length);
assert(source.get_size() == source_length);
assert(res < 0 || source.get_size() == source_length);
return res;
}

2
src/windows-emulator/syscalls.cpp
View File

@@ -132,6 +132,7 @@ namespace syscalls
emulator_pointer buffer, ULONG number_of_bytes_to_read,
emulator_object<ULONG> number_of_bytes_read);
NTSTATUS handle_NtSetInformationVirtualMemory();
BOOL handle_NtLockVirtualMemory();
// syscalls/mutant.cpp:
NTSTATUS handle_NtReleaseMutant(const syscall_context& c, handle mutant_handle, emulator_object<LONG> previous_count);
@@ -961,6 +962,7 @@ void syscall_dispatcher::add_handlers(std::map<std::string, syscall_handler>& ha
add_handler(NtQuerySystemInformation);
add_handler(NtCreateEvent);
add_handler(NtProtectVirtualMemory);
add_handler(NtLockVirtualMemory);
add_handler(NtOpenDirectoryObject);
add_handler(NtTraceEvent);
add_handler(NtAllocateVirtualMemoryEx);

40
src/windows-emulator/syscalls/file.cpp
View File

@@ -51,7 +51,7 @@ namespace syscalls
const emulator_object<IO_STATUS_BLOCK<EmulatorTraits<Emu64>>> io_status_block,
const uint64_t file_information, const ULONG length, const FILE_INFORMATION_CLASS info_class)
{
const auto* f = c.proc.files.get(file_handle);
auto* f = c.proc.files.get(file_handle);
if (!f)
{
if (c.proc.devices.get(file_handle))
@@ -88,7 +88,22 @@ namespace syscalls
c.win_emu.log.warn("--> File rename requested: %s --> %s\n", u16_to_u8(f->name).c_str(), u16_to_u8(new_name).c_str());
return STATUS_ACCESS_DENIED;
std::error_code ec{};
bool file_exists = std::filesystem::exists(new_name, ec);
if (ec)
{
return STATUS_ACCESS_DENIED;
}
if (!info.ReplaceIfExists && file_exists)
{
return STATUS_OBJECT_NAME_EXISTS;
}
f->handle.defer_rename(c.win_emu.file_sys.translate(f->name), c.win_emu.file_sys.translate(new_name));
return STATUS_SUCCESS;
}
if (info_class == FileBasicInformation)
@@ -886,6 +901,12 @@ namespace syscalls
return STATUS_SUCCESS;
}
if (filename == u"\\??\\CONOUT$")
{
file_handle.write(STDOUT_HANDLE);
return STATUS_SUCCESS;
}
file f{};
f.name = std::move(filename);
@@ -1022,8 +1043,19 @@ namespace syscalls
return STATUS_INVALID_PARAMETER;
}
const auto filename =
read_unicode_string(c.emu, emulator_object<UNICODE_STRING<EmulatorTraits<Emu64>>>{c.emu, attributes.ObjectName});
auto filename = read_unicode_string(c.emu, emulator_object<UNICODE_STRING<EmulatorTraits<Emu64>>>{c.emu, attributes.ObjectName});
if (attributes.RootDirectory)
{
const auto* root = c.proc.files.get(attributes.RootDirectory);
if (!root)
{
return STATUS_INVALID_HANDLE;
}
const auto has_separator = root->name.ends_with(u"\\") || root->name.ends_with(u"/");
filename = root->name + (has_separator ? u"" : u"\\") + filename;
}
c.win_emu.callbacks.on_generic_access("Querying file attributes", filename);

5
src/windows-emulator/syscalls/memory.cpp
View File

@@ -295,4 +295,9 @@ namespace syscalls
{
return STATUS_NOT_SUPPORTED;
}
BOOL handle_NtLockVirtualMemory()
{
return TRUE;
}
}

2
src/windows-emulator/syscalls/token.cpp
View File

@@ -366,4 +366,4 @@ namespace syscalls
// puts("NtQuerySecurityAttributesToken not supported");
return STATUS_NOT_SUPPORTED;
}
}
}

1
src/windows-emulator/windows_objects.hpp
View File

@@ -186,6 +186,7 @@ struct file : ref_counted_object
utils::file_handle handle{};
std::u16string name{};
std::optional<file_enumeration_state> enumeration_state{};
std::optional<std::u16string> deferred_rename;
bool is_file() const
{