[Bug 44837] BattlEye 'BEDaisy' kernel service fails in driver entry point due to missing ' ntoskrnl.exe.Ps{Acquire,Release}ProcessExitSynchronization'

wine-bugs at winehq.org wine-bugs at winehq.org
Tue Mar 27 17:59:16 CDT 2018 

https://bugs.winehq.org/show_bug.cgi?id=44837

Anastasius Focht <focht at gmx.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Summary|BattlEye 'BEDaisy' kernel   |BattlEye 'BEDaisy' kernel
                   |service fails in driver     |service fails in driver
                   |entry point due to missing  |entry point due to missing
                   |'ntoskrnl.exe.PsAcquireProc |'ntoskrnl.exe.Ps{Acquire,Re
                   |essExitSynchronization'     |lease}ProcessExitSynchroniz
                   |                            |ation'

--- Comment #1 from Anastasius Focht <focht at gmx.net> ---
Hello again,

actually stubs for both should be added, to avoid another ticket.

* VOID PsAcquireProcessExitSynchronization(PEPROCESS Process)
* ULONG PsReleaseProcessExitSynchronization(PEPROCESS Process)

A code example how this API is supposed to be used:

https://github.com/processhacker/processhacker/blob/master/KProcessHacker/object.c

--- snip ---
...

/**
 * Gets a pointer to the handle table of a process.
 *
 * \param Process A process object.
 *
 * \return A pointer to the handle table, or NULL if the process is terminating
or the request is
 * not supported. You must call KphDereferenceProcessHandleTable() when the
handle table is no
 * longer needed.
 */
PHANDLE_TABLE KphReferenceProcessHandleTable(
    _In_ PEPROCESS Process
    )
{
    PHANDLE_TABLE handleTable = NULL;

    PAGED_CODE();

    // Fail if we don't have an offset.
    if (KphDynEpObjectTable == -1)
        return NULL;

    // Prevent the process from terminating and get its handle table.
    if (NT_SUCCESS(PsAcquireProcessExitSynchronization(Process)))
    {
        handleTable = *(PHANDLE_TABLE *)PTR_ADD_OFFSET(Process,
KphDynEpObjectTable);

        if (!handleTable)
            PsReleaseProcessExitSynchronization(Process);
    }

    return handleTable;
}

/**
 * Dereferences the handle table of a process.
 *
 * \param Process A process object.
 */
VOID KphDereferenceProcessHandleTable(
    _In_ PEPROCESS Process
    )
{
    PAGED_CODE();

    PsReleaseProcessExitSynchronization(Process);
}

...
--- snip ---

Regards

-- 
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.

More information about the wine-bugs mailing list