[PATCH] Support for game DRM which overwrite the GS segment selector

[Austin English]

On Jan 31, 2013 8:15 AM, "Alessandro Pignotti" <alexpigna.dev at gmail.com>
wrote:
>
> Hi again,
>
> I've quickly implemented the aforementioned idea of fixing the segment
> in the segfault handler when needed. I'm attaching my proposed patch.
>
> Alessandro
>
> Il giorno mer, 30/01/2013 alle 16.44 +0100, Alessandro Pignotti ha
> scritto:
> > Hi everyone,
> >
> > I'm trying to get a specific game which employs a seemingly custom
> > protection scheme to work. The DRM does various bad things as usual, but
> > a very bad one is manipulating to GS segment selector and setting it to
> > a NULL segment. The GS segment is used by libc though in various ways
> > (stack protection and syscall support, and probably others).
> >
> > I managed to get the activation procedure to go further and further by
> > enclosing each offending syscall using the following 2 macros.
> >
> > #define SAFE_GS_START \
> >     do { \
> >         wine_set_gs(ntdll_get_thread_data()->gs); \
> >         do
> >
> > #define SAFE_GS_END \
> >         while(0); \
> >     } while(0)
> >
> > Still, this method is very cumbersome since system calls happens in many
> > places even outside of ntdll. Fixing the GS is also needed to support
> > sigsetjmp which is used by wine's exception handling.
> >
> > I'd like to ask for feedback about what would be a sane way of
> > supporting this application. A possible solution would be to modify
> > wine's segfault handler to check if the instruction has a GS prefix
> > (0x65 IIRC) and try to execute the instruction again after fixing the
> > GS.
> >
> > Please keep me in CC since I'm not subscribed to the ML.
> >
> > Regards,
> > Alessandro Pignotti

Out of curiosity, what game is this? What protection does Protection ID
show it uses?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.winehq.org/pipermail/wine-devel/attachments/20130202/47ffed4f/attachment.html>