[PATCH] ntdll: Set rcx and r11 on exit from syscall dispatcher on x64.
Jinoh Kang
jinoh.kang.kr at gmail.com
Tue Nov 30 23:36:55 CST 2021
On 12/1/21 14:34, Jinoh Kang wrote:
> My speculation is that there's a flag that determines whether it's OK to clobber
> RCX/R11 on syscall exit. If it's enabled, KiFastSystemCall will use SYSRET
> instead of IRETQ. Issuing NtSetContextThread with CONTEXT_INTEGER on supposedly
> turns this flag off, disabling the use of SYSRET. From the observations so far,
> this flag more or less corresponds to CONTEXT_CONTROL in
CONTEXT_INTEGER*. My apologies.
> syscall_frame::restore_flags, but more testing is required...
--
Sincerely,
Jinoh Kang
More information about the wine-devel
mailing list