[PATCH 0/2] MR11167: ntdll: Manage PROCESS_PARAMS_IMAGE_KEY_MISSING flag. - Wine-GitLab - list.winehq.org

newer
[PATCH 0/4] MR11163: win32u:...

[PATCH 0/2] MR11167: ntdll: Manage PROCESS_PARAMS_IMAGE_KEY_MISSING flag.

older
[PATCH v2 0/6] MR11166: win32u:...

Paul Gofman (＠gofman)

June 16, 2026

3:03 p.m.

-- https://gitlab.winehq.org/wine/wine/-/merge_requests/11167

Reply

Sign in to reply online Use email software

Show replies by date

Paul Gofman

June 2026

3:03 p.m.

New subject: [PATCH 1/2] ntdll: Add tests for PROCESS_PARAMS_IMAGE_KEY_MISSING flag.

From: Paul Gofman <pgofman@codeweavers.com> --- dlls/ntdll/tests/info.c | 89 +++++++++++++++++++++++++++++++++++++++++ include/winternl.h | 5 ++- 2 files changed, 92 insertions(+), 2 deletions(-) diff --git a/dlls/ntdll/tests/info.c b/dlls/ntdll/tests/info.c index 3b133ce1c69..814ac377547 100644 --- a/dlls/ntdll/tests/info.c +++ b/dlls/ntdll/tests/info.c @@ -25,6 +25,7 @@ #define WIN32_NO_STATUS #include "windef.h" #include "winbase.h" +#include "winreg.h" #include "winternl.h" #include "winnls.h" #include "ddk/ntddk.h" @@ -4378,6 +4379,93 @@ static void test_processor_idle_cycle_time(void) ok( size == cpu_count * sizeof(*buffer), "got %#lx.\n", size ); } +static ULONG get_process_parameters_flags( HANDLE process ) +{ + RTL_USER_PROCESS_PARAMETERS *params; + PROCESS_BASIC_INFORMATION pbi; + ULONG flags = 0xdeadbeef; + NTSTATUS status; + SIZE_T len; + BOOL ret; + + status = pNtQueryInformationProcess( process, ProcessBasicInformation, &pbi, sizeof(pbi), NULL ); + ok( !status, "got %#lx.\n", status ); + ret = ReadProcessMemory( process, (char *)pbi.PebBaseAddress + offsetof(PEB, ProcessParameters), ¶ms, sizeof(params), &len ); + ok( ret, "got error %ld.\n", GetLastError() ); + ret = ReadProcessMemory( process, ¶ms->Flags, &flags, sizeof(flags), &len ); + ok( ret, "got error %ld.\n", GetLastError() ); + return flags; +} + +static void test_process_parameters_flags( int argc, char **argv ) +{ + PEB *peb = NtCurrentTeb()->Peb; + STARTUPINFOA si = { 0 }; + char cmdline[MAX_PATH]; + PROCESS_INFORMATION pi; + char keyname[MAX_PATH]; + const char *basename; + ULONG flags; + DWORD err; + HKEY hkey; + BOOL ret; + + if ((basename = strrchr( argv[0], '\\' ))) basename++; + else basename = argv[0]; + + sprintf( keyname, "SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\%s", basename ); + if (!strcmp( keyname + strlen(keyname) - 3, ".so" )) keyname[strlen(keyname) - 3] = 0; + todo_wine ok( peb->ProcessParameters->Flags & PROCESS_PARAMS_IMAGE_KEY_MISSING, "got %#lx.\n", peb->ProcessParameters->Flags ); + sprintf( cmdline, "%s %s %s", argv[0], argv[1], "check_pp_flags" ); + + si.cb = sizeof(si); + ret = CreateProcessA( NULL, cmdline, NULL, NULL, FALSE, DEBUG_PROCESS | CREATE_SUSPENDED, NULL, NULL, &si, &pi ); + ok( ret, "got error %ld.\n", GetLastError() ); + flags = get_process_parameters_flags( pi.hProcess ); + ok( !(flags & PROCESS_PARAMS_IMAGE_KEY_MISSING), "got %#lx.\n", peb->ProcessParameters->Flags ); + TerminateProcess( pi.hProcess, 0 ); + CloseHandle( pi.hThread ); + CloseHandle( pi.hProcess ); + + si.cb = sizeof(si); + ret = CreateProcessA( NULL, cmdline, NULL, NULL, FALSE, CREATE_SUSPENDED, NULL, NULL, &si, &pi ); + ok( ret, "got error %ld.\n", GetLastError() ); + flags = get_process_parameters_flags( pi.hProcess ); + todo_wine ok( flags & PROCESS_PARAMS_IMAGE_KEY_MISSING, "got %#lx.\n", peb->ProcessParameters->Flags ); + TerminateProcess( pi.hProcess, 0 ); + CloseHandle( pi.hThread ); + CloseHandle( pi.hProcess ); + + err = RegCreateKeyA( HKEY_LOCAL_MACHINE, keyname, &hkey ); + if (err == ERROR_ACCESS_DENIED) + { + skip( "Not authorized to change the image file execution options.\n" ); + return; + } + ok( !err, "got %#lx.\n", err ); + + si.cb = sizeof(si); + ret = CreateProcessA( NULL, cmdline, NULL, NULL, FALSE, CREATE_SUSPENDED, NULL, NULL, &si, &pi ); + ok( ret, "got error %ld.\n", GetLastError() ); + flags = get_process_parameters_flags( pi.hProcess ); + ok( !(flags & PROCESS_PARAMS_IMAGE_KEY_MISSING), "got %#lx.\n", peb->ProcessParameters->Flags ); + TerminateProcess( pi.hProcess, 0 ); + CloseHandle( pi.hThread ); + CloseHandle( pi.hProcess ); + + RegCloseKey( hkey ); + RegDeleteKeyA( HKEY_LOCAL_MACHINE, keyname ); + + si.cb = sizeof(si); + ret = CreateProcessA( NULL, cmdline, NULL, NULL, FALSE, CREATE_SUSPENDED, NULL, NULL, &si, &pi ); + ok( ret, "got error %ld.\n", GetLastError() ); + flags = get_process_parameters_flags( pi.hProcess ); + todo_wine ok( flags & PROCESS_PARAMS_IMAGE_KEY_MISSING, "got %#lx.\n", peb->ProcessParameters->Flags ); + TerminateProcess( pi.hProcess, 0 ); + CloseHandle( pi.hThread ); + CloseHandle( pi.hProcess ); +} + START_TEST(info) { char **argv; @@ -4459,4 +4547,5 @@ START_TEST(info) test_process_token(argc, argv); test_process_id(); test_processor_idle_cycle_time(); + test_process_parameters_flags(argc, argv); } diff --git a/include/winternl.h b/include/winternl.h index bed72e83ce4..81dc3db2b74 100644 --- a/include/winternl.h +++ b/include/winternl.h @@ -201,8 +201,9 @@ typedef struct _RTL_USER_PROCESS_PARAMETERS ULONG LoaderThreads; } RTL_USER_PROCESS_PARAMETERS, *PRTL_USER_PROCESS_PARAMETERS; -/* value for Flags field (FIXME: not the correct name) */ -#define PROCESS_PARAMS_FLAG_NORMALIZED 1 +/* value for Flags field (FIXME: not the correct names) */ +#define PROCESS_PARAMS_FLAG_NORMALIZED 0x00000001 +#define PROCESS_PARAMS_IMAGE_KEY_MISSING 0x00004000 typedef struct _PEB_LDR_DATA { -- GitLab https://gitlab.winehq.org/wine/wine/-/merge_requests/11167

Reply

Sign in to reply online Use email software

Paul Gofman

3:03 p.m.

New subject: [PATCH 2/2] ntdll: Manage PROCESS_PARAMS_IMAGE_KEY_MISSING flag.

From: Paul Gofman <pgofman@codeweavers.com> --- dlls/ntdll/env.c | 1 + dlls/ntdll/tests/info.c | 6 +++--- dlls/ntdll/unix/env.c | 1 + dlls/ntdll/unix/server.c | 13 +++++++++++++ 4 files changed, 18 insertions(+), 3 deletions(-) diff --git a/dlls/ntdll/env.c b/dlls/ntdll/env.c index cae5e5d8bbd..1ced62bf608 100644 --- a/dlls/ntdll/env.c +++ b/dlls/ntdll/env.c @@ -699,6 +699,7 @@ void init_user_process_params(void) return; new_params->Environment = env; + new_params->Flags = params->Flags; new_params->DebugFlags = params->DebugFlags; new_params->ConsoleHandle = params->ConsoleHandle; new_params->ConsoleFlags = params->ConsoleFlags; diff --git a/dlls/ntdll/tests/info.c b/dlls/ntdll/tests/info.c index 814ac377547..51978a7b38b 100644 --- a/dlls/ntdll/tests/info.c +++ b/dlls/ntdll/tests/info.c @@ -4415,7 +4415,7 @@ static void test_process_parameters_flags( int argc, char **argv ) sprintf( keyname, "SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\%s", basename ); if (!strcmp( keyname + strlen(keyname) - 3, ".so" )) keyname[strlen(keyname) - 3] = 0; - todo_wine ok( peb->ProcessParameters->Flags & PROCESS_PARAMS_IMAGE_KEY_MISSING, "got %#lx.\n", peb->ProcessParameters->Flags ); + ok( peb->ProcessParameters->Flags & PROCESS_PARAMS_IMAGE_KEY_MISSING, "got %#lx.\n", peb->ProcessParameters->Flags ); sprintf( cmdline, "%s %s %s", argv[0], argv[1], "check_pp_flags" ); si.cb = sizeof(si); @@ -4431,7 +4431,7 @@ static void test_process_parameters_flags( int argc, char **argv ) ret = CreateProcessA( NULL, cmdline, NULL, NULL, FALSE, CREATE_SUSPENDED, NULL, NULL, &si, &pi ); ok( ret, "got error %ld.\n", GetLastError() ); flags = get_process_parameters_flags( pi.hProcess ); - todo_wine ok( flags & PROCESS_PARAMS_IMAGE_KEY_MISSING, "got %#lx.\n", peb->ProcessParameters->Flags ); + ok( flags & PROCESS_PARAMS_IMAGE_KEY_MISSING, "got %#lx.\n", peb->ProcessParameters->Flags ); TerminateProcess( pi.hProcess, 0 ); CloseHandle( pi.hThread ); CloseHandle( pi.hProcess ); @@ -4460,7 +4460,7 @@ static void test_process_parameters_flags( int argc, char **argv ) ret = CreateProcessA( NULL, cmdline, NULL, NULL, FALSE, CREATE_SUSPENDED, NULL, NULL, &si, &pi ); ok( ret, "got error %ld.\n", GetLastError() ); flags = get_process_parameters_flags( pi.hProcess ); - todo_wine ok( flags & PROCESS_PARAMS_IMAGE_KEY_MISSING, "got %#lx.\n", peb->ProcessParameters->Flags ); + ok( flags & PROCESS_PARAMS_IMAGE_KEY_MISSING, "got %#lx.\n", peb->ProcessParameters->Flags ); TerminateProcess( pi.hProcess, 0 ); CloseHandle( pi.hThread ); CloseHandle( pi.hProcess ); diff --git a/dlls/ntdll/unix/env.c b/dlls/ntdll/unix/env.c index f7060b82d23..b54d7920bea 100644 --- a/dlls/ntdll/unix/env.c +++ b/dlls/ntdll/unix/env.c @@ -1752,6 +1752,7 @@ static void load_global_options( const UNICODE_STRING *image ) peb->NtGlobalFlag = get_dword_option( key, globalflagW, peb->NtGlobalFlag ); NtClose( key ); } + else peb->ProcessParameters->Flags |= PROCESS_PARAMS_IMAGE_KEY_MISSING; NtClose( attr.RootDirectory ); } } diff --git a/dlls/ntdll/unix/server.c b/dlls/ntdll/unix/server.c index 730a0cd9a94..9d3cd30eac7 100644 --- a/dlls/ntdll/unix/server.c +++ b/dlls/ntdll/unix/server.c @@ -1773,6 +1773,19 @@ void server_init_process_done(void) SERVER_END_REQ; assert( !status ); + if (peb->BeingDebugged) + { + peb->ProcessParameters->Flags &= ~PROCESS_PARAMS_IMAGE_KEY_MISSING; + if (wow_peb) + { +#ifdef _WIN64 + RTL_USER_PROCESS_PARAMETERS32 *wow64_params = ULongToPtr(wow_peb->ProcessParameters); +#else + RTL_USER_PROCESS_PARAMETERS64 *wow64_params = ULongToPtr(wow_peb->ProcessParameters); +#endif + wow64_params->Flags &= ~PROCESS_PARAMS_IMAGE_KEY_MISSING; + } + } signal_start_thread( main_image_info.TransferAddress, peb, data->teb ); } -- GitLab https://gitlab.winehq.org/wine/wine/-/merge_requests/11167

Reply

Sign in to reply online Use email software

1

Age (days ago)

1

Last active (days ago)

2 comments

2 participants

tags

participants (2)

Paul Gofman
Paul Gofman (＠gofman)