Hi everyone,
I'm trying to get a specific game which employs a seemingly custom protection scheme to work. The DRM does various bad things as usual, but a very bad one is manipulating to GS segment selector and setting it to a NULL segment. The GS segment is used by libc though in various ways (stack protection and syscall support, and probably others).
I managed to get the activation procedure to go further and further by enclosing each offending syscall using the following 2 macros.
#define SAFE_GS_START \ do { \ wine_set_gs(ntdll_get_thread_data()->gs); \ do
#define SAFE_GS_END \ while(0); \ } while(0)
Still, this method is very cumbersome since system calls happens in many places even outside of ntdll. Fixing the GS is also needed to support sigsetjmp which is used by wine's exception handling.
I'd like to ask for feedback about what would be a sane way of supporting this application. A possible solution would be to modify wine's segfault handler to check if the instruction has a GS prefix (0x65 IIRC) and try to execute the instruction again after fixing the GS.
Please keep me in CC since I'm not subscribed to the ML.
Regards, Alessandro Pignotti