From fb0c740b8972fb98df95dfc9df26eeea814341b5 Mon Sep 17 00:00:00 2001 From: momo5502 Date: Sun, 1 Sep 2024 20:10:24 +0200 Subject: [PATCH] More syscalls --- src/windows_emulator/syscalls.cpp | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/src/windows_emulator/syscalls.cpp b/src/windows_emulator/syscalls.cpp index c08e1faa..6142171e 100644 --- a/src/windows_emulator/syscalls.cpp +++ b/src/windows_emulator/syscalls.cpp @@ -39,6 +39,10 @@ namespace std::vector find_syscalls(const exported_symbols& exports) { + // Makes use of the fact that order of Nt* function addresses + // is equal to the order of syscall IDs. + // So first Nt* function is the first syscall with ID 0 + std::map ordered_syscalls{}; for (const auto& symbol : exports) @@ -1125,6 +1129,11 @@ namespace return STATUS_SUCCESS; } + NTSTATUS handle_NtTerminateProcess(const syscall_context&, uint64_t /*process_handle*/, NTSTATUS /*exit_status*/) + { + return STATUS_SUCCESS; + } + NTSTATUS handle_NtCreateFile(const syscall_context& c, const emulator_object file_handle, ACCESS_MASK /*desired_access*/, const emulator_object object_attributes) @@ -1151,6 +1160,8 @@ namespace syscall_dispatcher::syscall_dispatcher(const exported_symbols& ntdll_exports) { + const auto syscalls = find_syscalls(ntdll_exports); + #define add_handler(syscall) do \ { \ const auto id = get_syscall_id(syscalls, #syscall); \ @@ -1161,8 +1172,6 @@ syscall_dispatcher::syscall_dispatcher(const exported_symbols& ntdll_exports) this->handlers_[id] = handler; \ } while(0) - const auto syscalls = find_syscalls(ntdll_exports); - add_handler(NtSetInformationThread); add_handler(NtSetEvent); add_handler(NtClose); @@ -1202,6 +1211,7 @@ syscall_dispatcher::syscall_dispatcher(const exported_symbols& ntdll_exports) add_handler(NtQueryLicenseValue); add_handler(NtTestAlert); add_handler(NtContinue); + add_handler(NtTerminateProcess); #undef add_handler }