VirtualBox

Changeset 52433 in vbox for trunk/src/VBox/HostDrivers


Ignore:
Timestamp:
Aug 20, 2014 5:58:54 PM (10 years ago)
Author:
vboxsync
Message:

SUP: Avast sleep kludge.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/src/VBox/HostDrivers/Support/win/SUPR3HardenedMain-win.cpp

    r52431 r52433  
    28872887                             "NtProtectVirtualMemory/LdrInitializeThunk[restore] failed: %#x", rcNt);
    28882888
     2889    /*
     2890     * Fudge factor for letting kernel threads get a chance to mess up our
     2891     * process asynchronously.
     2892     */
     2893    DWORD dwStart = GetTickCount();
     2894    NtYieldExecution();
     2895
     2896    LARGE_INTEGER Time;
     2897    Time.QuadPart = -8000000 / 100; /* 8ms in 100ns units, relative time. */
     2898    NtDelayExecution(FALSE, &Time);
     2899
     2900    NtYieldExecution();
     2901    SUP_DPRINTF(("supR3HardNtPuChTriggerInitialImageEvents: Startup delay kludge #1: %u ms\n", GetTickCount() - dwStart));
     2902
    28892903    return VINF_SUCCESS;
    28902904}
     
    36293643    if (!(fFlags & SUPSECMAIN_FLAGS_DONT_OPEN_DEV))
    36303644    {
    3631         /* Do a self purification to cure avast's weird NtOpenFile write-thru
    3632            change in GetBinaryTypeW change in kernel32. */
     3645        /*
     3646         * Do a self purification to cure avast's weird NtOpenFile write-thru
     3647         * change in GetBinaryTypeW change in kernel32.  Unfortunately, avast
     3648         * uses a system thread to perform the process modifications, which
     3649         * means it's hard to make sure it had the chance to make them...
     3650         *
     3651         * We have to resort to kludge doing yield and sleep fudging for a
     3652         * number of milliseconds and schedulings before we can hope that avast
     3653         * and similar products have done what they need to do.  Pretty fragile...
     3654         */
     3655        uint32_t    cSleeps = 0;
     3656        DWORD       dwStart = GetTickCount();
     3657        do
     3658        {
     3659            NtYieldExecution();
     3660            LARGE_INTEGER Time;
     3661            Time.QuadPart = -8000000 / 100; /* 8ms in 100ns units, relative time. */
     3662            NtDelayExecution(FALSE, &Time);
     3663            cSleeps++;
     3664        } while (   GetTickCount() - dwStart <= 80
     3665                 || cSleeps < 8);
     3666        SUP_DPRINTF(("supR3HardenedWinInit: Startup delay kludge #2: %u ms, %u sleeps\n", GetTickCount() - dwStart, cSleeps));
     3667
    36333668        supHardenedWinVerifyProcess(NtCurrentProcess(), NtCurrentThread(), SUPHARDNTVPKIND_SELF_PURIFICATION, NULL);
    36343669
     3670        /*
     3671         * Install the hooks.
     3672         */
    36353673        supR3HardenedWinInstallHooks();
    36363674    }
Note: See TracChangeset for help on using the changeset viewer.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette