http://bugs.winehq.org/show_bug.cgi?id=24125

--- Comment #1 from Austin English austinenglish@gmail.com 2010-08-24 18:04:25 --- Do you have an app that depends on these being implemented?

http://bugs.winehq.org/show_bug.cgi?id=24125

Dmitry Timoshkov dmitry@codeweavers.com changed:

What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |RESOLVED URL|http://msdn.microsoft.com/e | |n-us/library/bb736299%28v=V | |S.85%29.aspx | Component|kernel32 |-unknown Platform|All |Other Resolution| |INVALID OS/Version|All |other

--- Comment #3 from Dmitry Timoshkov dmitry@codeweavers.com 2010-08-26 02:15:51 --- There is no point in filing reports for theoretical issues.

http://bugs.winehq.org/show_bug.cgi?id=24125

rk rk@ercatec.net changed:

What |Removed |Added ---------------------------------------------------------------------------- CC| |rk@ercatec.net

--- Comment #5 from rk rk@ercatec.net 2013-11-09 09:30:02 CST --- http://appdb.winehq.org/objectManager.php?sClass=version&iId=28138

APB Reloaded needs GetProcessDEPPolicy and GetSystemDEPPolicy to return different values than the current stubs. (I guess it checks those in an attempt to prevent cheating/hacking).

So an actual implementation could be of advantage.

http://bugs.winehq.org/show_bug.cgi?id=24125

Anastasius Focht focht@gmx.net changed:

What |Removed |Added ---------------------------------------------------------------------------- Status|CLOSED |REOPENED Version|unspecified |1.7.6 Keywords| |download URL| |www.gamersfirst.com/ CC| |focht@gmx.net Component|-unknown |kernel32 Platform|Other |x86-64 Resolution|INVALID | Ever Confirmed|0 |1 Summary|Data Execution Prevention |APB Reloaded 1.x (MMORPG) |additions missing |needs better | |GetSystemDEPPolicy() and | |GetProcessDEPPolicy() | |implementation Severity|minor |normal OS/Version|other |Linux

--- Comment #7 from Anastasius Focht focht@gmx.net 2013-11-09 11:22:31 CST --- Hello folks,

reopening and changing summary for comment #5 (game depends on this).

GetProcessDEPPolicy() can be implemented using ntdll.NtQueryInformationProcess() with 'ProcessExecuteFlags' class which currently returns hard-coded MEM_EXECUTE_OPTION_DISABLE flags.

Here is some code from chromium how the API is used: https://src.chromium.org/svn/trunk/src/sandbox/win/src/process_mitigations_t...

--- snip --- SBOX_TESTS_COMMAND int CheckDep(int argc, wchar_t **argv) { GetProcessDEPPolicyFunction get_process_dep_policy = reinterpret_cast<GetProcessDEPPolicyFunction>( ::GetProcAddress(::GetModuleHandleW(L"kernel32.dll"), "GetProcessDEPPolicy")); if (get_process_dep_policy) { BOOL is_permanent = FALSE; DWORD dep_flags = 0;

if (!get_process_dep_policy(::GetCurrentProcess(), &dep_flags, &is_permanent)) { return SBOX_TEST_FIRST_ERROR; }

if (!(dep_flags & PROCESS_DEP_ENABLE) || !is_permanent) return SBOX_TEST_SECOND_ERROR;

} else { NtQueryInformationProcessFunction query_information_process = NULL; ResolveNTFunctionPtr("NtQueryInformationProcess", &query_information_process); if (!query_information_process) return SBOX_TEST_NOT_FOUND;

ULONG size = 0; ULONG dep_flags = 0; if (!SUCCEEDED(query_information_process(::GetCurrentProcess(), ProcessExecuteFlags, &dep_flags, sizeof(dep_flags), &size))) { return SBOX_TEST_THIRD_ERROR; }

const int MEM_EXECUTE_OPTION_ENABLE = 1; const int MEM_EXECUTE_OPTION_DISABLE = 2; const int MEM_EXECUTE_OPTION_ATL7_THUNK_EMULATION = 4; const int MEM_EXECUTE_OPTION_PERMANENT = 8; dep_flags &= 0xff;

if (dep_flags != (MEM_EXECUTE_OPTION_DISABLE | MEM_EXECUTE_OPTION_PERMANENT)) { return SBOX_TEST_FOURTH_ERROR; } }

return SBOX_TEST_SUCCEEDED; } --- snip ---

SetProcessDEPPolicy() should be implemented using same mechanism (those API are only for 32-bit).

MSDN: http://msdn.microsoft.com/en-us/library/windows/desktop/bb736299%28v=vs.85%2...

SystemDEPPolicy() is just a read-only field, maybe it could be made a registry setting to allow it to be tweaked per WINEPREFIX?

Regards

http://bugs.winehq.org/show_bug.cgi?id=24125

Thomas Kowaliczek linuxdonald@posteo.de changed:

What |Removed |Added ---------------------------------------------------------------------------- CC| |linuxdonald@posteo.de

http://bugs.winehq.org/show_bug.cgi?id=24125

hanska2@luukku.com changed:

What |Removed |Added ---------------------------------------------------------------------------- CC| |hanska2@luukku.com

--- Comment #9 from hanska2@luukku.com --- I downloaded the installer from provided link. How should I notice that it isnt working?

It starts fine 1.7.22...

https://bugs.winehq.org/show_bug.cgi?id=24125

--- Comment #11 from Richard Karolyi rk.wine@ercatec.net --- Created attachment 51697 --> https://bugs.winehq.org/attachment.cgi?id=51697 changed stubs for APB Reloaded for recent 1.7.* wine (reverts some new implementation)

https://bugs.winehq.org/show_bug.cgi?id=24125

--- Comment #13 from Richard Karolyi rk.wine@ercatec.net --- (In reply to Anastasius Focht from comment #12)

Hello Richard,

thanks for your effort.

Unfortunately to be included in Wine this needs a more serious approach.

See my comment #5 which contains some hints.

Alternatively you could ask the folks at Wine-Staging (http://www.wine-staging.com/). I'm sure they will gladly take over, providing a proper implementation for inclusion into Wine-Staging and later upstream Wine.

Regards

Hello Anastasius!

Those uploads are not meant for inclusion to begin with, since they don't implement anything (that's why I call them "changed stubs", rather than patches or implementations).

Those I uploaded merely as workarounds so that users can run the affected application even before a proper and working implementation makes it into Wine.

I did indeed read your hints in comment #7 before. But since I'm not too knowledgeable when it comes to DEP, Wine and all the OS-dependent implementations this particular issue would need, I won't attempt to write an implementation worth of inclusion any time soon - this is just beyond my abilities.

Considering that this doesn't seem to affect many applications or any popular application, I expect there will be more years passing by (5 passed already) until a proper implementation happens - if ever at all.

So yeah, my upload is just for those who want to run the application right now (e.g. those recently asking for help on the appdb page of the Application)

Nonetheless I appreciate your reply :)

https://bugs.winehq.org/show_bug.cgi?id=24125

Olivier F. R. Dierick o.dierick@piezo-forte.be changed:

What |Removed |Added ---------------------------------------------------------------------------- CC| |o.dierick@piezo-forte.be

--- Comment #14 from Olivier F. R. Dierick o.dierick@piezo-forte.be --- Created attachment 55558 --> https://bugs.winehq.org/attachment.cgi?id=55558 proposed patchset 1/3

https://bugs.winehq.org/show_bug.cgi?id=24125

--- Comment #16 from Olivier F. R. Dierick o.dierick@piezo-forte.be --- Created attachment 55561 --> https://bugs.winehq.org/attachment.cgi?id=55561 proposed patchset 3/3

This is the patchset I've come up with.

It makes Wine read the system DEP setting from the registry, and set DEP policies to appropriate values when the application queries them.

Global DEP system policy is set in [HKCU\Software\Wine\Boot.ini]. The setting is read from a string value named NoExecute. If it contains a valid DEP flag, this value is used, otherwise it defaults to OptIn.

DEP system policies may be set individually for those applications defined on the application tab in winecfg. It will search for them in [HKCU\Software\Wine\AppDefaults<whatever.exe>\Boot.ini]. If found, that value overrides the global settings.

I designed this so that it could be extended for other boot.ini flags.

https://bugs.winehq.org/show_bug.cgi?id=24125

Alistair Leslie-Hughes leslie_alistair@hotmail.com changed:

What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |STAGED Staged patchset| |https://github.com/wine-sta | |ging/wine-staging/tree/mast | |er/patches/kernel32-SetProc | |essDEPPolicy

https://bugs.winehq.org/show_bug.cgi?id=24125

--- Comment #18 from Olivier F. R. Dierick o.dierick@piezo-forte.be --- Hello,

I have a better patchset in the works that takes into account the comments I had from the former Staging team.

The second iteration implements the core functions in ntdll rather than kernel32. I also have to add some conformance tests.

I'll update the staged patchset when it is ready, though it may be long before I do as I'm currently very busy running my business.

Regards.

https://bugs.winehq.org/show_bug.cgi?id=24125

--- Comment #20 from Olivier F. R. Dierick o.dierick@piezo-forte.be --- (In reply to Zebediah Figura from comment #19)

Do we know for sure that there are applications which depend on GetSystemDEPPolicy() returning different values?

If so, do these applications just not work on some Windows machines?

Hello,

Thanks for reviving interest into this bug.

I did a bit of research and found this: https://support.esea.net/hc/en-us/articles/360008891153-Error-117-DEP-Data-E...

I registered and downloaded the client to test, and hit error 1006: https://support.esea.net/hc/en-us/articles/360008741974-Error-1006-1008-114-...

"Error #1006: A system monitor program has been found running in you system. After closing the program please relaunch the ESEA Client."

So, maybe that application could be used to reproduce the issue, but it is blocked by that error. I'll file a bug for it.

I don't know yet if it looks for GetSystemDEPPolicy() or GetProcessDEPPolicy() values. I can't remember which function APB Reloaded was expecting 'AlwaysOn' from. I know no other application that requires non-default system/process DEP policy values.

ESEA client is an anti-cheat software for an eponymous community of online games players.

$ sha256sum ESEAClientInstall.exe 2ac0cc7554ee4dcab0f93ec63fde232cb7a6b6106ae79c3b40361e3a7b720035 ESEAClientInstall.exe

$ du -b ESEAClientInstall.exe 165862120 ESEAClientInstall.exe

Regards.

https://bugs.winehq.org/show_bug.cgi?id=24125

--- Comment #22 from Olivier F. R. Dierick o.dierick@piezo-forte.be --- (In reply to Zebediah Figura from comment #21)

Sure, I figured as much from comment 6. My question is, is there any reason not to just always return AlwaysOn from GetSystemDEPPolicy(), and not bother with Wine-internal configuration?

Hello,

It is difficult to say since this requires enabling AlwaysOn and check if it breaks any application. I think nobody ever did that.

I could give it a try with the applications available to me.

I could also search the web for DEP issues that requires disabling DEP.

I already found that an older version of MDaemon required OptOut for some services, but I don't know if that version is still available or if it is a realistic use case. https://www.altn.com/Support/FAQ/FAQResults/?Number=306

Most program certainly don't care about DEP policy, though, and always returning AlwaysOn would sure simplify things.

Regards.

https://bugs.winehq.org/show_bug.cgi?id=24125

Zebediah Figura z.figura12@gmail.com changed:

What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |ABANDONED Status|STAGED |RESOLVED

--- Comment #24 from Zebediah Figura z.figura12@gmail.com --- (In reply to Gijs Vermeulen from comment #23)

The Staging patches seem to have been superseeded by:

https://source.winehq.org/git/wine.git/commit/ b3d00c3340e5a0d19d0b708a1c434b1ccb1bc04d https://source.winehq.org/git/wine.git/commit/ 246e2356e5a178ca7e56d350cbc5cdaecc8538ab https://source.winehq.org/git/wine.git/commit/ b62921245238412709d4e9f8a3548d37864d0d5d

Were those enough to call this fixed?

Well, APB seems to have required AlwaysOn, which we still don't report. But given comment 17 I don't think it's possible to reproduce this with APB anymore, so I'm resolving as ABANDONED.