Lightemerald/windows-user-space-emulator
2
0
Fork 0
mirror of https://github.com/momo5502/emulator.git synced 2026-01-19 19:53:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

More syscall experiments

Browse Source
This commit is contained in:
momo5502
2024-08-20 18:16:08 +02:00
parent b3d01cb383
commit f1ce4b8ef8
1 changed files with 40 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
src/emulator/syscalls.cpp
View File

@@ -44,6 +44,11 @@ namespace
uc.reg<uint64_t>(UC_X86_REG_RAX, STATUS_NOT_SUPPORTED);
}
void handle_NtCreateIoCompletion(const unicorn& uc)
{
uc.reg<uint64_t>(UC_X86_REG_RAX, STATUS_NOT_SUPPORTED);
}
void handle_NtTraceEvent(const unicorn& uc)
{
uc.reg<uint64_t>(UC_X86_REG_RAX, STATUS_NOT_SUPPORTED);
@@ -211,9 +216,11 @@ namespace
void handle_NtQuerySystemInformationEx(const unicorn& uc)
{
const auto info_class = uc.reg<uint32_t>(UC_X86_REG_R10D);
const auto system_information = uc.reg(UC_X86_REG_R8);
const auto system_information_length = uc.reg<uint32_t>(UC_X86_REG_R9D);
const unicorn_object<uint32_t> return_length{uc, uc.read_stack(5)};
const auto input_buffer = uc.reg(UC_X86_REG_RDX);
const auto input_buffer_length = uc.reg<uint32_t>(UC_X86_REG_R8D);
const auto system_information = uc.reg(UC_X86_REG_R9);
const auto system_information_length = static_cast<uint32_t>(uc.read_stack(5));
const unicorn_object<uint32_t> return_length{uc, uc.read_stack(6)};
if (info_class == SystemFlushInformation
|| info_class == SystemFeatureConfigurationInformation
@@ -223,6 +230,33 @@ namespace
return;
}
if (info_class == SystemLogicalProcessorAndGroupInformation)
{
void* buffer = calloc(1, input_buffer_length);
void* res_buff = calloc(1, system_information_length);
uc_mem_read(uc, input_buffer, buffer, input_buffer_length);
uint64_t code = 0;
return_length.access([&](uint32_t& len)
{
code = NtQuerySystemInformationEx((SYSTEM_INFORMATION_CLASS)info_class, buffer, input_buffer_length,
res_buff,
system_information_length, (ULONG*)&len);
});
if (code == 0)
{
uc_mem_write(uc, system_information, res_buff, return_length.read());
}
free(buffer);
free(res_buff);
uc.reg<uint64_t>(UC_X86_REG_RAX, code);
return;
}
if (info_class != SystemBasicInformation && info_class != SystemEmulationBasicInformation)
{
printf("Unsupported system info ex class: %X\n", info_class);
@@ -506,6 +540,9 @@ void handle_syscall(const unicorn& uc, process_context& context)
case 0x78:
handle_NtAllocateVirtualMemoryEx(uc);
break;
case 0xB2:
handle_NtCreateIoCompletion(uc);
break;
case 0x11A:
handle_NtManageHotPatch(uc);
break;