[ros-dev] Future merge of the ros-csrss branch into the trunk
Hermès BÉLUSCA - MAÏTO
hermes.belusca at sfr.fr
Tue Apr 9 10:47:48 UTC 2013
Hi all !
I'm writing this mail to announce to you that in one week (if everything
works as expected till this time) I will be ready to merge my ros-csrss
branch into our current codebase.
The ros-csrss branch
(http://svn.reactos.org/svn/reactos/branches/ros-csrss/?view=log) was
started 5 months ago (October 14, 2012 to be precise) with a three-fold
purpose:
- Use the new Windows-compatible Client-Server Runtime Subsystem (csrss +
csrsrv) written by Alex Ionescu, unused at the moment and which currently
lives in trunk/reactos/subsystems/csr/, and as such was a replacement for
the older one in trunk/reactos/subsystems/win32/csrss/. This last one was
progressively hacked to include functionalities from the new csrss; however
most of the old code remained and as such it was a big hack. Also the CSR
client part, residing in ntdll, was updated (thanks to comments put by Alex
inside it). To communicate between the server-part and the client-part, some
messaging protocol is used (thanks to LPC); the used structures were not so
up-to-date, but the new ones were in the code, not used. So I could use them
instead of the older ones. That meant that some work was needed in ntdll (as
previously stated). Disregarding the details (you can see them in the commit
log), I also had to rework a little bit on the dlls which communicate with
CSR, namely kernel32.
- Replacing our very old win32csr.dll csr server by the collection basesrv /
winsrv as it is done under Windows. For that I tried to match accurately our
existing code with what should exist on Windows according to this list of
CSR servers APIs : http://j00ru.vexillium.org/csrss_list/api_list.html .
- Since the console subsystem is (for historical purposes on Windows) the
only subsystem which exploits all the possibilities of the CSR, much of the
work in the branch was done to make it working with the new csrss. Even if
on Windows it is included together with other APIs inside the winsrv dll
(since Windows NT 3.1 release), I decided to put it in a separate dll,
called consrv, on ReactOS (I took the name from the dll where it was
included in Windows NT 3.1 beta from October 1991). Also, because I believe
that the console subsystem is something that, on Windows, was somewhat
neglected (no ANSI control, (almost?)no TTY-like flavour...) I decided to
work on its internal architecture (the exterior one being unchanged for
compatibility reasons) such as to exacerbate the following things:
* the "console server" which dialogs with the console applications,
and which maintains a list of all the created consoles.
* different "front-ends" corresponding to where you want to output
the information (~= console hardware) (it is of course work-in-progress). At
the moment only one is working: the GUI console. I have to make the TUI
interfacing correctly with the rest of the code (but since it's not used for
now, it's not extremely urgent). The idea would be to have also a front-end
for serial ports, so that we could interact with the serial port (with Putty
if running ROS on a virtual machine, or with a serial console, etc...). And
another idea would be to make those front-ends dynamically-loadable (instead
of being compiled inside consrv).
- I also fixed some parts of the console properties dialog box.
Here is the JIRA report for the merge:
http://jira.reactos.org/browse/CORE-7002
Here are the test results with revision 58723 (plus comparison with
revisions 58722 and 58720):
http://old.reactos.org/testman/compare.php?ids=16213,16218,16219,16221
You will see that the ntdll:exception seems to run 24 more tests, but 4
failed compared to non-patched r58723. The errors are "exception.c:821: Test
failed: Eip at 0x77f2b2a3 instead of 0079000B". It would be interesting to
investigate further on these failings.
Also, gdi32:font executes 33 more tests, and 10 more fail, due to the
Fixedsys font.
A problem, already existing in trunk, remains:
http://jira.reactos.org/browse/CORE-6397 (see description inside).
You are encouraged to make comments, etc... etc...
Cheers,
Hermès.
~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=
~=~=
Documentation I've used :
=========================
- The oldest trace of CSRSS in NT 3.1 beta (where I've found the existence
of csrsrv.dll, which was merged with winsrv.dll in the 3.1 release and the
subsequent versions of NT): http://www.logotypes.se/NT310CSRSS.txt
- "Windows CSRSS cross-version API Table" http://j00ru.vexillium.org/?p=349
and the subsequent links.
- "Windows CSRSS Write Up: the basics (part 1/1)"
http://j00ru.vexillium.org/?p=492
- "Windows CSRSS Write Up: Inter-process Communication (part 1/3)"
http://j00ru.vexillium.org/?p=502
- "Windows CSRSS Write Up: Inter-process Communication (part 2/3)"
http://j00ru.vexillium.org/?p=527 (the messaging system CSR server <-->
client is explained here)
(the part 3/3 seems to not exist)
- "CVE-2011-1281: A story of a Windows CSRSS Privilege Escalation
vulnerability" http://j00ru.vexillium.org/?p=893 and
http://mysterie.fr/blog/2011/07/31/cve-2011-1281-privilege-escalation-in-csr
ss-proof-of-concept/
- Something that would be interesting for console and thread desktops :
"Defeating Windows Driver Signature Enforcement #2: CSRSS and thread
desktops" http://j00ru.vexillium.org/?p=1393
- " Windows Subsytem Csrss" (in French)
http://www.ivanlef0u.tuxfamily.org/?p=188
- "Story of a dumb patch", Cesar Cerrudo,
http://www.argeniss.com/research/MSBugPaper.pdf or
http://www.scn.rain.com/~neighorn/PDF/MSBugPaper.pdf
- CsrWalker :
http://forum.sysinternals.com/csrwalker-processes-detection-from-user-mode_t
opic15457.html
- Concerning console modes flags:
https://sites.google.com/site/marckupper/utilities/setconsolemode
- Documentation about consoles on MSDN:
http://msdn.microsoft.com/en-us/library/windows/desktop/ms682010(v=vs.85).as
px
- "Custom console hosts on Windows 7 (Hack in the Box Magazine #4)"
http://magazine.hitb.org/issues/HITB-Ezine-Issue-004.pdf
- "Windows CSRSS Tips & Tricks (Hack in the Box Magazine #5)"
http://magazine.hitb.org/issues/HITB-Ezine-Issue-005.pdf
- "Win32 Console (Wikipedia)" and the note 3 of the article:
http://en.wikipedia.org/wiki/Win32_console#cite_note-3
- Undocumented flags of ConsoleProcess:
http://www.catch22.net/tuts/undocumented-createprocess
More information about the Ros-dev
mailing list