VirtualBox

Ignore:
Timestamp:
Sep 13, 2014 9:58:40 PM (10 years ago)
Author:
vboxsync
Message:

Document the ALPC hack.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/VBox/HostDrivers/Support/win/SUPDrv-win.cpp

    r52736 r52737  
    21342134
    21352135
     2136/**
     2137 * Helper for supdrvNtProtectGetAlpcPortObjectType that tries out a name.
     2138 *
     2139 * @returns true if done, false if not.
     2140 * @param   pwszPortNm          The port path.
     2141 * @param   ppObjType           The object type return variable, updated when
     2142 *                              returning true.
     2143 */
    21362144static bool supdrvNtProtectGetAlpcPortObjectType2(PCRTUTF16 pwszPortNm, POBJECT_TYPE *ppObjType)
    21372145{
     
    21702178
    21712179
     2180/**
     2181 * Attempts to retrieve the ALPC Port object type.
     2182 *
     2183 * We've had at least three reports that using LpcPortObjectType when trying to
     2184 * get at the ApiPort object results in STATUS_OBJECT_TYPE_MISMATCH errors.
     2185 * It's not known who has modified LpcPortObjectType or AlpcPortObjectType (not
     2186 * exported) so that it differs from the actual ApiPort type, or maybe this
     2187 * unknown entity is intercepting our attempt to reference the port and
     2188 * tries to mislead us.  The paranoid explanataion is of course that some evil
     2189 * root kit like software is messing with the OS, however, it's possible that
     2190 * this is valid kernel behavior that 99.8% of our users and 100% of the
     2191 * developers are not triggering for some reason.
     2192 *
     2193 * The code here creates an ALPC port object and gets it's type.  It will cache
     2194 * the result in g_pAlpcPortObjectType2 on success.
     2195 *
     2196 * @returns Object type.
     2197 * @param   uSessionId      The session id.
     2198 * @param   pszSessionId    The session id formatted as a string.
     2199 */
    21722200static POBJECT_TYPE supdrvNtProtectGetAlpcPortObjectType(uint32_t uSessionId, const char *pszSessionId)
    21732201{
Note: See TracChangeset for help on using the changeset viewer.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette