On 9/4/20 17:41, Gabriel Ivăncescu wrote:
On 04/09/2020 15:56, Paul Gofman wrote:
On 9/4/20 15:49, Gabriel Ivăncescu wrote:
On 04/09/2020 14:15, Hans Leidekker wrote:
Another idea would be to use the Linux syscall directly, with inline asm, which should work from PE too. Right?
Please, no. While we do not emulate Win syscalls in mainstream Wine, there are patches for that (which do that for some cases) in Proton and Staging. There is a chance Linux kernel will get some new api which will allow us to emulate Windows syscalls universally. I suppose making native syscalls from PE code should be a big no-no.
Interesting, how does it differentiate syscalls from PE code and syscalls from a unix library?
Currently, by syscall number (which works for the DRMs extracting the syscall number from syscall thunks). I guess you can look up patch [1]. There is also a separate workaround for RDR2 which does the distinction based on the syscall instruction address. The Linux kernel solution which was discussed lately is supposed to provide a per-thread flag which will be telling whether the system is in "syscall emulation" or normal mode, this flag to be tracked on PE - native code boundary.
1. https://github.com/wine-staging/wine-staging/blob/master/patches/ntdll-Sysca...