On Sat Mar 8 09:11:48 2025 +0000, Rémi Bernon wrote:
The question is also whether we want to use that windows internal structure for our implementation. I'm not convinced that it is a good idea. The structure is completely undocumented, it is different between 32bit and 64bit kernels, and has changed already since Windows 8.1 as tests can attest (W81 / W10 1511 / W10 21H2 all have different handle entry layout). If we ever need to expose a compatible handle table in the shared memory, which I doubt given the above, I believe we can always emulate it as needed, from our own shared memory kept separately. If we want to use our shared memory objects directly on the PE side, we can always expose locator query functions through NtUser calls, like gSharedInfo would require to be initialized anyway.
I think Jacek was talking about making the user object cache itself shared, rather than emulating gSharedInfo