[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] Conditionally use IoOpenDriverRegistryKey

Using MmGetSystemRoutineAddress seems to be a sensible solution. I'm still running some tests, but using this allows Server2016 to load and work, while allowing Server2025 to run with the appropriate verifier flags that catch the registry isolation violations. ("verifier.exe /onecheck /rc 33 36 /driver xenbus.sys xenfilt.sys")
I will post a patch with MmGetSystemRoutineAddress(), and include it in patches for the other drivers.

Owen 

On Tue, Jul 2, 2024 at 9:32 AM Paul Durrant <xadimgnik@xxxxxxxxx> wrote:
On 01/07/2024 11:32, Owen Smith wrote:
> IoOpenDriverRegistryKey is not available in Server 2016 and Windows 10 before 1803.
> Use a conditinal to modify the RegistryOpenParametersKey function to use the
> correct API to open the parameters key.
> Set '#define VERIFIER_REG_ISOLATION' when compiling for Server 2025, and do not
> include this definition when compiling to include support for Server 2016.
>
> Signed-off-by: Owen Smith <owen.smith@xxxxxxxxx>

To remove breakage...

Acked-by: Paul Durrant <paul@xxxxxxx>

But is there a compat story from M$ on this, as with other 'new' APIs?
Alternatively could we simply use MmGetSystemRoutineAddress() to see if
the function is available?

> ---
>   src/common/registry.c | 27 +++++++++++++++++++++++++++
>   1 file changed, 27 insertions(+)
>
> diff --git a/src/common/registry.c b/src/common/registry.c
> index 3f45a23..211c177 100644
> --- a/src/common/registry.c
> +++ b/src/common/registry.c
> @@ -100,11 +100,38 @@ RegistryOpenParametersKey(
>       OUT PHANDLE         Key
>       )
>   {
> +#ifdef VERIFIER_REG_ISOLATION
>       return IoOpenDriverRegistryKey(RegistryDriverObject,
>                                      DriverRegKeyParameters,
>                                      DesiredAccess,
>                                      0,
>                                      Key);
> +#else
> +    HANDLE              ServiceKey;
> +    NTSTATUS            status;
> +
> +    status = RegistryOpenKey(NULL, &RegistryPath, DesiredAccess, &ServiceKey);
> +    if (!NT_SUCCESS(status))
> +        goto fail1;
> +
> +    status = RegistryOpenSubKey(ServiceKey, "Parameters", DesiredAccess, Key);
> +    if (!NT_SUCCESS(status))
> +        goto fail2;
> +
> +    RegistryCloseKey(ServiceKey);
> +
> +    return STATUS_SUCCESS;
> +
> +fail2:
> +    Error("fail2\n");
> +
> +    RegistryCloseKey(ServiceKey);
> +
> +fail1:
> +    Error("fail1 %08x\n", status);
> +
> +    return status;
> +#endif
>   }
>   
>   NTSTATUS

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.