Skip to content

Commit 0613da7

Browse files
dmexdmex
authored
Update KPH for VS2022 (winsiderss#1132)
1 parent bc8b783 commit 0613da7

File tree

9 files changed

+471
-374
lines changed

9 files changed

+471
-374
lines changed

KProcessHacker/KProcessHacker.vcxproj

Lines changed: 27 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -43,6 +43,7 @@
4343
<PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
4444
<ConfigurationType>Driver</ConfigurationType>
4545
<DriverType>WDM</DriverType>
46+
<Driver_SpectreMitigation>Spectre</Driver_SpectreMitigation>
4647
</PropertyGroup>
4748
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
4849
<TargetVersion>Windows7</TargetVersion>
@@ -51,6 +52,7 @@
5152
<PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
5253
<ConfigurationType>Driver</ConfigurationType>
5354
<DriverType>WDM</DriverType>
55+
<Driver_SpectreMitigation>Spectre</Driver_SpectreMitigation>
5456
</PropertyGroup>
5557
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
5658
<TargetVersion>Windows7</TargetVersion>
@@ -59,6 +61,7 @@
5961
<PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
6062
<ConfigurationType>Driver</ConfigurationType>
6163
<DriverType>WDM</DriverType>
64+
<Driver_SpectreMitigation>Spectre</Driver_SpectreMitigation>
6265
</PropertyGroup>
6366
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'" Label="Configuration">
6467
<TargetVersion>Windows10</TargetVersion>
@@ -67,6 +70,7 @@
6770
<PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
6871
<ConfigurationType>Driver</ConfigurationType>
6972
<DriverType>WDM</DriverType>
73+
<Driver_SpectreMitigation>Spectre</Driver_SpectreMitigation>
7074
</PropertyGroup>
7175
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
7276
<TargetVersion>Windows7</TargetVersion>
@@ -75,6 +79,7 @@
7579
<PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
7680
<ConfigurationType>Driver</ConfigurationType>
7781
<DriverType>WDM</DriverType>
82+
<Driver_SpectreMitigation>Spectre</Driver_SpectreMitigation>
7883
</PropertyGroup>
7984
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'" Label="Configuration">
8085
<TargetVersion>Windows10</TargetVersion>
@@ -83,6 +88,7 @@
8388
<PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
8489
<ConfigurationType>Driver</ConfigurationType>
8590
<DriverType>WDM</DriverType>
91+
<Driver_SpectreMitigation>Spectre</Driver_SpectreMitigation>
8692
</PropertyGroup>
8793
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
8894
<ImportGroup Label="ExtensionSettings">
@@ -146,6 +152,9 @@
146152
<RandomizedBaseAddress>true</RandomizedBaseAddress>
147153
<AdditionalOptions>/INTEGRITYCHECK /BREPRO /DEPENDENTLOADFLAG:0x800 /PDBALTPATH:%_PDB% %(AdditionalOptions)</AdditionalOptions>
148154
</Link>
155+
<DriverSign>
156+
<FileDigestAlgorithm>certhash</FileDigestAlgorithm>
157+
</DriverSign>
149158
</ItemDefinitionGroup>
150159
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
151160
<ClCompile>
@@ -161,10 +170,12 @@
161170
<Link>
162171
<AdditionalDependencies>ksecdd.lib;%(AdditionalDependencies)</AdditionalDependencies>
163172
<RandomizedBaseAddress>true</RandomizedBaseAddress>
164-
<LinkTimeCodeGeneration>UseLinkTimeCodeGeneration</LinkTimeCodeGeneration>
165173
<AdditionalOptions>/INTEGRITYCHECK /BREPRO /DEPENDENTLOADFLAG:0x800 /PDBALTPATH:%_PDB% %(AdditionalOptions)</AdditionalOptions>
166174
<CETCompat>true</CETCompat>
167175
</Link>
176+
<DriverSign>
177+
<FileDigestAlgorithm>certhash</FileDigestAlgorithm>
178+
</DriverSign>
168179
</ItemDefinitionGroup>
169180
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
170181
<ClCompile>
@@ -182,6 +193,9 @@
182193
<RandomizedBaseAddress>true</RandomizedBaseAddress>
183194
<AdditionalOptions>/INTEGRITYCHECK /BREPRO /DEPENDENTLOADFLAG:0x800 /PDBALTPATH:%_PDB% %(AdditionalOptions)</AdditionalOptions>
184195
</Link>
196+
<DriverSign>
197+
<FileDigestAlgorithm>certhash</FileDigestAlgorithm>
198+
</DriverSign>
185199
</ItemDefinitionGroup>
186200
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'">
187201
<ClCompile>
@@ -194,12 +208,16 @@
194208
<LanguageStandard>stdcpplatest</LanguageStandard>
195209
<LanguageStandard_C>stdc17</LanguageStandard_C>
196210
<AdditionalOptions>/kernel %(AdditionalOptions)</AdditionalOptions>
211+
<CallingConvention>StdCall</CallingConvention>
197212
</ClCompile>
198213
<Link>
199214
<AdditionalDependencies>ksecdd.lib;%(AdditionalDependencies)</AdditionalDependencies>
200215
<RandomizedBaseAddress>true</RandomizedBaseAddress>
201216
<AdditionalOptions>/INTEGRITYCHECK /BREPRO /DEPENDENTLOADFLAG:0x800 /PDBALTPATH:%_PDB% %(AdditionalOptions)</AdditionalOptions>
202217
</Link>
218+
<DriverSign>
219+
<FileDigestAlgorithm>certhash</FileDigestAlgorithm>
220+
</DriverSign>
203221
</ItemDefinitionGroup>
204222
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
205223
<ClCompile>
@@ -211,14 +229,17 @@
211229
<LanguageStandard>stdcpplatest</LanguageStandard>
212230
<LanguageStandard_C>stdc17</LanguageStandard_C>
213231
<AdditionalOptions>/kernel %(AdditionalOptions)</AdditionalOptions>
232+
<GuardEHContMetadata>true</GuardEHContMetadata>
214233
</ClCompile>
215234
<Link>
216235
<AdditionalDependencies>ksecdd.lib;%(AdditionalDependencies)</AdditionalDependencies>
217236
<RandomizedBaseAddress>true</RandomizedBaseAddress>
218-
<LinkTimeCodeGeneration>UseLinkTimeCodeGeneration</LinkTimeCodeGeneration>
219237
<AdditionalOptions>/INTEGRITYCHECK /BREPRO /DEPENDENTLOADFLAG:0x800 /PDBALTPATH:%_PDB% %(AdditionalOptions)</AdditionalOptions>
220238
<CETCompat>true</CETCompat>
221239
</Link>
240+
<DriverSign>
241+
<FileDigestAlgorithm>certhash</FileDigestAlgorithm>
242+
</DriverSign>
222243
</ItemDefinitionGroup>
223244
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'">
224245
<ClCompile>
@@ -230,12 +251,16 @@
230251
<LanguageStandard>stdcpplatest</LanguageStandard>
231252
<LanguageStandard_C>stdc17</LanguageStandard_C>
232253
<AdditionalOptions>/kernel %(AdditionalOptions)</AdditionalOptions>
254+
<CallingConvention>StdCall</CallingConvention>
233255
</ClCompile>
234256
<Link>
235257
<AdditionalDependencies>ksecdd.lib;%(AdditionalDependencies)</AdditionalDependencies>
236258
<RandomizedBaseAddress>true</RandomizedBaseAddress>
237259
<AdditionalOptions>/INTEGRITYCHECK /BREPRO /DEPENDENTLOADFLAG:0x800 /PDBALTPATH:%_PDB% %(AdditionalOptions)</AdditionalOptions>
238260
</Link>
261+
<DriverSign>
262+
<FileDigestAlgorithm>certhash</FileDigestAlgorithm>
263+
</DriverSign>
239264
</ItemDefinitionGroup>
240265
<ItemGroup>
241266
<FilesToPackage Include="$(TargetPath)" />

KProcessHacker/KProcessHacker.vcxproj.filters

Lines changed: 0 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -13,10 +13,6 @@
1313
<UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
1414
<Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
1515
</Filter>
16-
<Filter Include="Driver Files">
17-
<UniqueIdentifier>{8E41214B-6785-4CFE-B992-037D68949A14}</UniqueIdentifier>
18-
<Extensions>inf;inv;inx;mof;mc;</Extensions>
19-
</Filter>
2016
</ItemGroup>
2117
<ItemGroup>
2218
<ClCompile Include="devctrl.c">

KProcessHacker/dynimp.c

Lines changed: 2 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -37,11 +37,8 @@ VOID KphDynamicImport(
3737
{
3838
PAGED_CODE();
3939

40-
KphDynPsGetProcessProtection = (PPS_GET_PROCESS_PROTECTION)(
41-
KphGetSystemRoutineAddress(L"PsGetProcessProtection"));
42-
43-
KphDynRtlImageNtHeaderEx = (PRTL_IMAGE_NT_HEADER_EX)(
44-
KphGetSystemRoutineAddress(L"RtlImageNtHeaderEx"));
40+
KphDynPsGetProcessProtection = (PPS_GET_PROCESS_PROTECTION)KphGetSystemRoutineAddress(L"PsGetProcessProtection");
41+
KphDynRtlImageNtHeaderEx = (PRTL_IMAGE_NT_HEADER_EX)KphGetSystemRoutineAddress(L"RtlImageNtHeaderEx");
4542
}
4643

4744
/**

KProcessHacker/main.c

Lines changed: 38 additions & 32 deletions
Original file line numberDiff line numberDiff line change
@@ -395,30 +395,33 @@ NTSTATUS KpiPopulateKnownDllExtents(
395395
mappedBase = NULL;
396396
mappedSize = 0;
397397

398-
InitializeObjectAttributes(&objectAttributes,
399-
SectionName,
400-
OBJ_KERNEL_HANDLE,
401-
NULL,
402-
NULL);
403-
404-
status = ZwOpenSection(&sectionHandle,
405-
SECTION_MAP_READ | SECTION_QUERY,
406-
&objectAttributes);
398+
InitializeObjectAttributes(
399+
&objectAttributes,
400+
SectionName,
401+
OBJ_KERNEL_HANDLE,
402+
NULL,
403+
NULL
404+
);
405+
406+
status = ZwOpenSection(
407+
&sectionHandle,
408+
SECTION_MAP_READ | SECTION_QUERY,
409+
&objectAttributes
410+
);
411+
407412
if (!NT_SUCCESS(status))
408-
{
409-
sectionHandle = NULL;
410-
goto Exit;
411-
}
413+
goto CleanupExit;
414+
415+
status = ZwQuerySection(
416+
sectionHandle,
417+
SectionImageInformation,
418+
&sectionImageInfo,
419+
sizeof(sectionImageInfo),
420+
NULL
421+
);
412422

413-
status = ZwQuerySection(sectionHandle,
414-
SectionImageInformation,
415-
&sectionImageInfo,
416-
sizeof(sectionImageInfo),
417-
NULL);
418423
if (!NT_SUCCESS(status))
419-
{
420-
goto Exit;
421-
}
424+
goto CleanupExit;
422425

423426
//
424427
// 21H2 no longer maps ntdll as an image in System. Querying the transfer
@@ -433,31 +436,34 @@ NTSTATUS KpiPopulateKnownDllExtents(
433436
// extents out of PH.
434437
//
435438

436-
status = ObReferenceObjectByHandle(sectionHandle,
437-
SECTION_MAP_READ | SECTION_QUERY,
438-
*MmSectionObjectType,
439-
KernelMode,
440-
&sectionObject,
441-
NULL);
439+
status = ObReferenceObjectByHandle(
440+
sectionHandle,
441+
SECTION_MAP_READ | SECTION_QUERY,
442+
*MmSectionObjectType,
443+
KernelMode,
444+
&sectionObject,
445+
NULL
446+
);
447+
442448
if (!NT_SUCCESS(status))
443449
{
444450
sectionObject = NULL;
445-
goto Exit;
451+
goto CleanupExit;
446452
}
447453

448454
status = MmMapViewInSystemSpace(sectionObject, &mappedBase, &mappedSize);
455+
449456
if (!NT_SUCCESS(status))
450457
{
451458
mappedBase = NULL;
452459
mappedSize = 0;
453-
goto Exit;
460+
goto CleanupExit;
454461
}
455462

456463
ModuleExtents->BaseAddress = sectionImageInfo.TransferAddress;
457-
ModuleExtents->EndAddress = PTR_ADD_OFFSET(ModuleExtents->BaseAddress,
458-
mappedSize);
464+
ModuleExtents->EndAddress = PTR_ADD_OFFSET(ModuleExtents->BaseAddress, mappedSize);
459465

460-
Exit:
466+
CleanupExit:
461467

462468
if (mappedBase)
463469
{

0 commit comments

Comments
 (0)