[Bug 46697] USVFS (User Space Virtual File System), part of Mod Organizer 2 v2.1.1+ wants 'ntdll.NtQueryDirectoryFileEx' (Windows 10 build 1709+ syscall)
WineHQ Bugzilla
wine-bugs at winehq.org
Mon Feb 1 16:37:29 CST 2021
https://bugs.winehq.org/show_bug.cgi?id=46697
Anastasius Focht <focht at gmx.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
Keywords| |download
CC| |focht at gmx.net
Ever confirmed|0 |1
URL|https://github.com/ModOrgan |https://web.archive.org/202
|izer2/usvfs |10201214656/https://github.
| |com/ModOrganizer2/modorgani
| |zer/releases/download/v2.2.
| |0/Mod.Organizer-2.2.0.0.exe
Status|UNCONFIRMED |NEW
Summary|NtQueryDirectoryFileEx |USVFS (User Space Virtual
|needed by Mod Organizer 2. |File System), part of Mod
| |Organizer 2 v2.1.1+ wants
| |'ntdll.NtQueryDirectoryFile
| |Ex' (Windows 10 build 1709+
| |syscall)
--- Comment #13 from Anastasius Focht <focht at gmx.net> ---
Hello folks,
adding stable download link via Internet Archive:
https://web.archive.org/20210201214656/https://github.com/ModOrganizer2/modorganizer/releases/download/v2.2.0/Mod.Organizer-2.2.0.0.exe
Based on MO2 version information in
https://github.com/PhoenicisOrg/scripts/issues/955 which references this bug.
Checking all binaries in the WINEPREFIX after installation:
--- snip ---
$ grep -ralZ NtQueryDirectoryFileEx .wine/drive_c | \
xargs -r0i bash -c "echo \"{}\" && winedump -j import \"{}\" | \
grep NtQueryDirectoryFileEx"
.wine/drive_c/Modding/MO2/usvfs_x64.dll
.wine/drive_c/Modding/MO2/usvfs_proxy_x64.exe
.wine/drive_c/Modding/MO2/usvfs_proxy_x86.exe
.wine/drive_c/Modding/MO2/usvfs_x86.dll
--- snip ---
>From the USVFS project:
https://github.com/ModOrganizer2/usvfs
Locating 'NtQueryDirectoryFileEx' references in source code:
https://github.com/ModOrganizer2/usvfs/search?q=NtQueryDirectoryFileEx
https://github.com/ModOrganizer2/usvfs/blob/0a115a1d46703ee7959d382cef24b4c81c9c5d31/src/usvfs_dll/hooks/ntdll.cpp#L723
https://github.com/ModOrganizer2/usvfs/blob/0a115a1d46703ee7959d382cef24b4c81c9c5d31/src/usvfs_dll/hookmanager.cpp#L264
It's as qsniyg said: this native API function is not essential for MO2 to work.
Failure to install a hook for this function is not critical. It would be only
important iff Wine core dlls would call out to 'NtQueryDirectoryFileEx' instead
of 'NtQueryDirectoryFile' (dlls/kernelbase/file.c, dlls/ntdll/actctx.c).
Information on 'NtQueryDirectoryFileEx':
https://github.com/processhacker/phnt/pull/8
Which refers to:
--- quote ---
def https://docs.microsoft.com/en-us/previous-versions/mt812582(v%3dvs.85)
Windows_versions:
https://github.com/j00ru/windows-syscalls/blob/0c48cd8f365899157f5d08ca04eb569e5c47d5b1/x64/json/nt-per-syscall.json#L10004
--- quote ---
The syscall was added starting with Windows 10 build 1709.
Summarizing:
Adding / implementing 'ntdll.NtQueryDirectoryFileEx' alone doesn't make much
sense unless your only goal is to silence the warn/error message from the
hooker. Functionally it won't do anything since no callouts are being made from
Wine code. It would make sense iff Wine changes all 'NtQueryDirectoryFile'
calls to 'NtQueryDirectoryFileEx'. But that could end up being problematic if
there are applications which *expect* 'NtQueryDirectoryFile' being called, such
as various application virtualization / native API sandboxing schemes (Xenocode
etc.).
Calling 'NtQueryDirectoryFileEx' through 'NtQueryDirectoryFile' is not a good
idea because both are being hooked and separate syscalls on Windows 10 (see
windows-syscalls table from github project).
$ sha1sum Mod.Organizer-2.2.0.0.exe
d311b3124f7e2027b03acfd46875356c12fb4579 Mod.Organizer-2.2.0.0.exe
$ du -sh Mod.Organizer-2.2.0.0.exe
75M Mod.Organizer-2.2.0.0.exe
$ wine --version
wine-6.1
Regards
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list