[ros-diffs] [reactos] 01/01: [NTDLL] Add policy kill-switch for manifest based automatic shimming CORE-16631

25 Jan 2020

https://git.reactos.org/?p=reactos.git;a=commitdiff;h=8381e29467be1a80b6dce…

commit 8381e29467be1a80b6dce7109925557835ccb54a
Author:     Mark Jansen &lt;mark.jansen(a)reactos.org&gt;
AuthorDate: Fri Jan 24 20:06:11 2020 +0100
Commit:     Mark Jansen &lt;mark.jansen(a)reactos.org&gt;
CommitDate: Sat Jan 25 13:23:54 2020 +0100

    [NTDLL] Add policy kill-switch for manifest based automatic shimming
    CORE-16631
---
 dll/ntdll/ldr/ldrinit.c | 40 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 40 insertions(+)

diff --git a/dll/ntdll/ldr/ldrinit.c b/dll/ntdll/ldr/ldrinit.c
index 37e731c5960..955c9a23b8c 100644
--- a/dll/ntdll/ldr/ldrinit.c
+++ b/dll/ntdll/ldr/ldrinit.c
@@ -1537,6 +1537,40 @@ LdrpValidateImageForMp(IN PLDR_DATA_TABLE_ENTRY LdrDataTableEntry)
     UNIMPLEMENTED;
 }
 
+BOOLEAN
+NTAPI
+LdrpDisableProcessCompatGuidDetection(VOID)
+{
+    UNICODE_STRING PolicyKey =
RTL_CONSTANT_STRING(L"\\Registry\\MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppCompat");
+    UNICODE_STRING DisableDetection =
RTL_CONSTANT_STRING(L"DisableCompatGuidDetection");
+    OBJECT_ATTRIBUTES PolicyKeyAttributes =
RTL_CONSTANT_OBJECT_ATTRIBUTES(&PolicyKey, OBJ_CASE_INSENSITIVE);
+    KEY_VALUE_PARTIAL_INFORMATION KeyInfo;
+    ULONG ResultLength;
+    NTSTATUS Status;
+    HANDLE KeyHandle;
+
+    Status = NtOpenKey(&KeyHandle, KEY_QUERY_VALUE, &PolicyKeyAttributes);
+    if (NT_SUCCESS(Status))
+    {
+        Status = NtQueryValueKey(KeyHandle,
+                                 &DisableDetection,
+                                 KeyValuePartialInformation,
+                                 &KeyInfo,
+                                 sizeof(KeyInfo),
+                                 &ResultLength);
+        NtClose(KeyHandle);
+        if ((NT_SUCCESS(Status)) &&
+            (KeyInfo.Type == REG_DWORD) &&
+            (KeyInfo.DataLength == sizeof(ULONG)) &&
+            (KeyInfo.Data[0] == TRUE))
+        {
+            return TRUE;
+        }
+    }
+    return FALSE;
+}
+
+
 VOID
 NTAPI
 LdrpInitializeProcessCompat(PVOID pProcessActctx, PVOID* pOldShimData)
@@ -1610,6 +1644,12 @@ LdrpInitializeProcessCompat(PVOID pProcessActctx, PVOID*
pOldShimData)
             if (ContextCompatInfo->Elements[n].Type ==
ACTCX_COMPATIBILITY_ELEMENT_TYPE_OS &&
                 RtlCompareMemory(&ContextCompatInfo->Elements[n].Id,
KnownCompatGuids[cur].Guid, sizeof(GUID)) == sizeof(GUID))
             {
+                if (LdrpDisableProcessCompatGuidDetection())
+                {
+                    DPRINT1("LdrpInitializeProcessCompat: Not applying automatic fix
for winver 0x%x due to policy\n", KnownCompatGuids[cur].Version);
+                    return;
+                }
+
                 /* If this process did not need shim data before, allocate and store it
*/
                 if (pShimData == NULL)
                 {


    

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

[ros-diffs] [reactos] 01/01: [NTDLL] Add policy kill-switch for manifest based automatic shimming CORE-16631