[PATCH 0/1] MR4833: ntdll: Improve NtQuerySystemInformation(SystemCodeIntegrityInformation)
This makes it match more closely how it works on Windows but it's still not a proper implementation.
For more context/background info see !4832
From: Dāvis Mosāns davispuh@gmail.com
This makes it match more closely how it works on Windows. --- dlls/ntdll/unix/system.c | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-)
diff --git a/dlls/ntdll/unix/system.c b/dlls/ntdll/unix/system.c index 879a5893758..c5b7cf07d95 100644 --- a/dlls/ntdll/unix/system.c +++ b/dlls/ntdll/unix/system.c @@ -3216,11 +3216,21 @@ NTSTATUS WINAPI NtQuerySystemInformation( SYSTEM_INFORMATION_CLASS class, FIXME("SystemCodeIntegrityInformation, size %u, info %p, stub!\n", (int)size, info);
len = sizeof(SYSTEM_CODEINTEGRITY_INFORMATION); - - if (size >= len) - integrity_info->CodeIntegrityOptions = CODEINTEGRITY_OPTION_ENABLED; - else + if (size > 0) + { + if (!info) ret = STATUS_ACCESS_VIOLATION; + else if (size >= len && integrity_info->Length == len) + { + /* proper implementation is probably reading this from registry, see https://learn.microsoft.com/en-us/windows/security/hardware-security/enable-... */ + integrity_info->CodeIntegrityOptions = CODEINTEGRITY_OPTION_ENABLED | CODEINTEGRITY_OPTION_HVCI_IUM_ENABLED; + } else + { + ret = STATUS_INFO_LENGTH_MISMATCH; + } + } else + { ret = STATUS_INFO_LENGTH_MISMATCH; + } break; }
-
Dāvis Mosāns -
Dāvis Mosāns (davispuh) (@davispuh)