64-bit TEB on WoW64
Ken Thomases
ken at codeweavers.com
Sun May 19 16:06:58 CDT 2019
On May 19, 2019, at 3:54 PM, Andrew Wesie <awesie at gmail.com> wrote:
>
> In bug 47198 (https://bugs.winehq.org/show_bug.cgi?id=47198), we found
> that League of Legends is trying to access the 64-bit TEB if it
> detects that it is running under a 64-bit kernel. It does this by
> checking if the %cs segment selector matches a WoW64 environment, and
> if it does, it will then access %gs:0x60.
I take it the program is a 32-bit program. Otherwise, this would be fine.
> On WoW64, %gs points to the 64-bit TEB and %gs:0x60 is a pointer to
> the 64-bit PEB. Under Wine on Linux, however, %gs is reserved for
> glibc and %gs:0x60 contains a list pointer that we cannot corrupt
> without crashing. The current solution in the referenced bug is to
> patch glibc to reserve some space for Wine; thankfully that portion of
> the TEB is glibc internal and can be reserved without rebuilding other
> libraries.
>
> So, my question is how to move forward. I see a few options:
>
> 1. Require users to have a patched glibc.
> 1a) Ask glibc nicely to upstream this patch.
> 1b) Lutris and downstream packagers can ship a compatible glibc with
> their Wine builds if they choose.
> 2. Similar to the aarch64 issue with x18, find a way to save and
> restore %gs at the boundary between PE modules and native modules.
> 3. Find some way to trap accesses to %gs:0x60 without using hardware
> breakpoints and without destroying performance.
Perhaps 4: use a different code segment so that the %cs segment selector doesn't look like a WoW64 environment. Kind of specific to this particular app's behavior, so not great, but maybe passable.
-Ken
More information about the wine-devel
mailing list