[ion] 24387: - Fix KUSER_SHARED_DATA in winddk.h - Scanfor NOEXECUTE/EXECUTE/OPTIN/OPTOUT/ALWAYSON/ALWAYSOFF load strings and set the appropriate NX policy in KUSER_SHARED_DATA as well as kernel CPU Feature flags. - Ros-diffs

4 Oct 2006

Author: ion
Date: Wed Oct  4 09:48:46 2006
New Revision: 24387
URL: http://svn.reactos.org/svn/reactos?rev=24387&view=rev
Log:
- Fix KUSER_SHARED_DATA in winddk.h
- Scanfor NOEXECUTE/EXECUTE/OPTIN/OPTOUT/ALWAYSON/ALWAYSOFF load strings and set the appropriate NX policy in KUSER_SHARED_DATA as well as kernel CPU Feature flags.
Modified:
    trunk/reactos/include/ddk/winddk.h
    trunk/reactos/include/ndk/ketypes.h
    trunk/reactos/ntoskrnl/ke/i386/cpu.c
    trunk/reactos/ntoskrnl/ke/i386/kiinit.c
Modified: trunk/reactos/include/ddk/winddk.h
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/include/ddk/winddk.h?rev=24...
==============================================================================

--- trunk/reactos/include/ddk/winddk.h (original)
+++ trunk/reactos/include/ddk/winddk.h Wed Oct  4 09:48:46 2006
@@ -458,6 +458,9 @@
     LARGE_INTEGER SystemExpirationDate;
     ULONG SuiteMask;
     BOOLEAN KdDebuggerEnabled;
+#if (NTDDI_VERSION >= NTDDI_WINXPSP2)
+    UCHAR NXSupportPolicy;
+#endif
     volatile ULONG ActiveConsoleId;
     volatile ULONG DismountCount;
     ULONG ComPlusPackage;
@@ -475,9 +478,29 @@
         volatile ULONG64 TickCountQuad;
     };
     ULONG Cookie;
+#if (NTDDI_VERSION >= NTDDI_WS03)
     LONGLONG ConsoleSessionForegroundProcessId;
     ULONG Wow64SharedInformation[MAX_WOW64_SHARED_ENTRIES];
-    ULONG UserModeGlobalLogging;
+#endif
+#if (NTDDI_VERSION >= NTDDI_LONGHORN)
+    USHORT UserModeGlobalLogger[8];
+    ULONG HeapTracingPid[2];
+    ULONG CritSecTracingPid[2];
+    union
+    {
+        ULONG SharedDataFlags;
+        struct
+        {
+            ULONG DbgErrorPortPresent:1;
+            ULONG DbgElevationEnabled:1;
+            ULONG DbgVirtEnabled:1;
+            ULONG DbgInstallerDetectEnabled:1;
+            ULONG SpareBits:28;
+        };
+    };
+    ULONG ImageFileExecutionOptions;
+    KAFFINITY ActiveProcessorAffinity;
+#endif
 } KUSER_SHARED_DATA, *PKUSER_SHARED_DATA;
/*
Modified: trunk/reactos/include/ndk/ketypes.h
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/include/ndk/ketypes.h?rev=2...
==============================================================================
--- trunk/reactos/include/ndk/ketypes.h (original)
+++ trunk/reactos/include/ndk/ketypes.h Wed Oct  4 09:48:46 2006
@@ -87,6 +87,8 @@
 #define KF_3DNOW                        0x00004000
 #define KF_AMDK6MTRR                    0x00008000
 #define KF_XMMI64                       0x00010000
+#define KF_NX_DISABLED                  0x00400000
+#define KF_NX_ENABLED                   0x00800000
//
 // KPCR Access for non-IA64 builds
Modified: trunk/reactos/ntoskrnl/ke/i386/cpu.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ke/i386/cpu.c?rev=...
==============================================================================
--- trunk/reactos/ntoskrnl/ke/i386/cpu.c (original)
+++ trunk/reactos/ntoskrnl/ke/i386/cpu.c Wed Oct  4 09:48:46 2006
@@ -303,7 +303,7 @@
         }
         else
         {
-            /* Familes below 5 don't support PGE, PSE or CMOV at all */
+            /* Families below 5 don't support PGE, PSE or CMOV at all */
             Reg[3] &= ~(0x08 | 0x2000 | 0x8000);
/* They also don't support advanced CPUID functions. */
Modified: trunk/reactos/ntoskrnl/ke/i386/kiinit.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ke/i386/kiinit.c?r...
==============================================================================
--- trunk/reactos/ntoskrnl/ke/i386/kiinit.c (original)
+++ trunk/reactos/ntoskrnl/ke/i386/kiinit.c Wed Oct  4 09:48:46 2006
@@ -8,6 +8,7 @@
/* INCLUDES *****************************************************************/
+#define NTDDI_VERSION NTDDI_WS03SP1
 #include <ntoskrnl.h>
 #define NDEBUG
 #include <debug.h>
@@ -318,6 +319,36 @@
     /* Save feature bits */
     Prcb->FeatureBits = FeatureBits;
+    /* Set the default NX policy (opt-in) */
+    SharedUserData->NXSupportPolicy = 2;
+
+    /* Check if NPX is always on */
+    if (strstr(KeLoaderBlock->LoadOptions, "NOEXECUTE=ALWAYSON"))
+    {
+        /* Set it always on */
+        SharedUserData->NXSupportPolicy = 1;
+        KeFeatureBits |= KF_NX_ENABLED;
+    }
+    else if (strstr(KeLoaderBlock->LoadOptions, "NOEXECUTE=OPTOUT"))
+    {
+        /* Set it in opt-out mode */
+        SharedUserData->NXSupportPolicy = 3;
+        KeFeatureBits |= KF_NX_ENABLED;
+    }
+    else if ((strstr(KeLoaderBlock->LoadOptions, "NOEXECUTE=OPTIN")) ||
+             (strstr(KeLoaderBlock->LoadOptions, "NOEXECUTE")))
+    {
+        /* Set the feature bits */
+        KeFeatureBits |= KF_NX_ENABLED;
+    }
+    else if ((strstr(KeLoaderBlock->LoadOptions, "NOEXECUTE=ALWAYSOFF")) ||
+             (strstr(KeLoaderBlock->LoadOptions, "EXECUTE")))
+    {
+        /* Set disabled mode */
+        SharedUserData->NXSupportPolicy = 0;
+        KeFeatureBits |= KF_NX_DISABLED;
+    }
+
     /* Save CPU state */
     KiSaveProcessorControlState(&Prcb->ProcessorState);

    