[Bug 49193] Multiple kernel drivers need wdfldr.sys.WdfVersionBind function (Denuvo Anti-Cheat, Steel Series Engine, Genshin Impact)

WineHQ Bugzilla wine-bugs at winehq.org
Sat Nov 14 06:30:25 CST 2020 

https://bugs.winehq.org/show_bug.cgi?id=49193

--- Comment #8 from Pepper <tiagoapimenta at gmail.com> ---
In fact there is some progress using a similar patch for stub wdfldr.sys

after patch:
--- snip ---
WINEDEBUG=+seh,+relay,+ntoskrnl,wdfldr+all,ntoskrnl+all wine net start mhyprot2
> mhyprot2.sys.log 2>&1
fgrep -i WDFLDR mhyprot2.sys.log
...
0108:trace:ntoskrnl:ldr_notify_callback loading L"WDFLDR.SYS"
0108:Call wdfldr.sys.WdfVersionBind(00042eb0,14000b3b8,14000a020,14000b3d8)
ret=1400010ef
0108:fixme:wdfldr:WdfVersionBind Call KERNEL32.GetModuleHandleA(6c285180
"ntdll.dll") ret=6c2816db
0108:fixme:wdfldr:WdfVersionBind BindInfo Size 0x30, Component L"KmdfLibrary",
Version 1.9.7600, FuncCount 396, f[0] 0000000000000000.
0108:Ret  wdfldr.sys.WdfVersionBind() retval=00000000 ret=1400010ef
0108:Call wdfldr.sys.WdfVersionUnbind(14000b3b8,14000a020,6c288000)
ret=14000117b
0108:fixme:wdfldr:WdfVersionUnbind RegistryPath
L"\\Registry\\Machine\\System\\CurrentControlSet\\Services\\mhyprot2", BindInfo
000000014000A020, ComponentGlobals 000000006C288000.
0108:Ret  wdfldr.sys.WdfVersionUnbind() retval=00000000 ret=14000117b
--- snip ---

But the driver seems not to be created, should I file another bug for this one?
--- snip ---
fgrep ntoskrnl mhyprot2.sys.log
...
0108:Call ntoskrnl.exe.RtlInitUnicodeString(00c8fba0,00041520
L"\\Registry\\Machine\\System\\CurrentControlSet\\Services\\mhyprot2")
ret=004012b2
0108:Ret  ntoskrnl.exe.RtlInitUnicodeString() retval=0000007a ret=004012b2
0108:Call ntoskrnl.exe.ZwLoadDriver(00c8fba0) ret=004015f8
010c:Call ntoskrnl.exe.wine_ntoskrnl_main_loop(00000044) ret=00401ae0
0108:trace:ntoskrnl:ZwLoadDriver
(L"\\Registry\\Machine\\System\\CurrentControlSet\\Services\\mhyprot2")
010c:trace:ntoskrnl:IoCreateDriver (L"\\Driver\\PnpManager", 0000000068C99350)
0108:trace:ntoskrnl:open_driver opened service for driver
L"\\Registry\\Machine\\System\\CurrentControlSet\\Services\\mhyprot2"
0108:trace:ntoskrnl:IoCreateDriver (L"\\Driver\\mhyprot2", 0000000068C8FAF0)
0108:trace:ntoskrnl:load_driver loading driver
L"C:\\users\\tiago\\Temp\\mhyprot2.sys"
0108:trace:ntoskrnl:ldr_notify_callback loading L"WDFLDR.SYS"
0108:trace:ntoskrnl:ldr_notify_callback loading L"mhyprot2.sys"
...
0108:trace:ntoskrnl:IoDeleteDriver (0000000000042EB0)
0108:trace:ntoskrnl:ObDereferenceObject (0000000000042EB0) ref=0
0108:err:ntoskrnl:ZwLoadDriver failed to create driver
L"\\Registry\\Machine\\System\\CurrentControlSet\\Services\\mhyprot2": c0000008
0108:Ret  ntoskrnl.exe.ZwLoadDriver() retval=c0000008 ret=004015f8
0108:Call ntoskrnl.exe.RtlNtStatusToDosError(c0000008) ret=00401600
0108:Ret  ntoskrnl.exe.RtlNtStatusToDosError() retval=00000006 ret=00401600
0108:Call ntoskrnl.exe.RtlFreeUnicodeString(00c8fba0) ret=004012dc
0108:Ret  ntoskrnl.exe.RtlFreeUnicodeString() retval=00000001 ret=004012dc
--- snip ---

I'm still trying to understand this ZwLoadDriver issue...

-- 
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.

More information about the wine-bugs mailing list