On Jan 31, 2013 8:15 AM, "Alessandro Pignotti" alexpigna.dev@gmail.com wrote:
Hi again,
I've quickly implemented the aforementioned idea of fixing the segment in the segfault handler when needed. I'm attaching my proposed patch.
Alessandro
Il giorno mer, 30/01/2013 alle 16.44 +0100, Alessandro Pignotti ha scritto:
Hi everyone,
I'm trying to get a specific game which employs a seemingly custom protection scheme to work. The DRM does various bad things as usual, but a very bad one is manipulating to GS segment selector and setting it to a NULL segment. The GS segment is used by libc though in various ways (stack protection and syscall support, and probably others).
I managed to get the activation procedure to go further and further by enclosing each offending syscall using the following 2 macros.
#define SAFE_GS_START \ do { \ wine_set_gs(ntdll_get_thread_data()->gs); \ do
#define SAFE_GS_END \ while(0); \ } while(0)
Still, this method is very cumbersome since system calls happens in many places even outside of ntdll. Fixing the GS is also needed to support sigsetjmp which is used by wine's exception handling.
I'd like to ask for feedback about what would be a sane way of supporting this application. A possible solution would be to modify wine's segfault handler to check if the instruction has a GS prefix (0x65 IIRC) and try to execute the instruction again after fixing the GS.
Please keep me in CC since I'm not subscribed to the ML.
Regards, Alessandro Pignotti
Out of curiosity, what game is this? What protection does Protection ID show it uses?