Latest changes #9
Conversation
Added IoSynchronousCallDriver function
// added missing exports according to ntoskrnl.exe v6.0.6003.21442 for Vista x32 target bypass(FsRtlInitializeExtraCreateParameter) bypass(FsRtlInitializeExtraCreateParameterList) bypass(FsRtlPrepareToReuseEcp) bypass(FsRtlRegisterUncProviderEx2) bypass(IoRegisterFsRegistrationChangeMountAware) bypass(KeConnectInterruptForHal) bypass(KeFlushCurrentTbImmediately) bypass(PsDereferenceKernelStack) bypass(PsReferenceKernelStack) bypass(RtlIsSandboxedToken) // added missing exports according to ntoskrnl.exe v6.0.6003.21442 for Vista x64 target bypass(FsRtlInitializeExtraCreateParameter) bypass(FsRtlInitializeExtraCreateParameterList) bypass(FsRtlPrepareToReuseEcp) bypass(FsRtlRegisterUncProviderEx2) bypass(IoRegisterFsRegistrationChangeMountAware) bypass(KeConnectInterruptForHal) bypass(KiMcaExceptionHandlerWrapper) bypass(PsDereferenceKernelStack) bypass(PsReferenceKernelStack) bypass(RtlIsSandboxedToken) // added missing exports according to ntoskrnl.exe v6.1.7601.25920 for Win7 x32 target bypass(EtwSetInformation) bypass(FsRtlPrepareToReuseEcp) bypass(FsRtlRegisterUncProviderEx2) bypass(IoEnumerateRegisteredFiltersListEx) bypass(IoRegisterFsRegistrationChangeMountAwareEx) bypass(KeConnectInterruptForHal) bypass(KiMcaExceptionHandlerWrapper) bypass(PsDereferenceKernelStack) bypass(PsReferenceKernelStack) bypass(RtlIsSandboxedToken) bypass(SeGetLogonSessionToken) // added missing exports according to ntoskrnl.exe v6.1.7601.25920 for Win7 x64 target bypass(EtwSetInformation) bypass(FsRtlPrepareToReuseEcp) bypass(FsRtlRegisterUncProviderEx2) bypass(IoEnumerateRegisteredFiltersListEx) bypass(IoRegisterFsRegistrationChangeMountAwareEx) bypass(KeConnectInterruptForHal) bypass(KeFlushCurrentTbImmediately) bypass(PsDereferenceKernelStack) bypass(PsReferenceKernelStack) bypass(RtlIsSandboxedToken) bypass(SeGetLogonSessionToken) // added new custom function IoSynchronousCallDriver for < Win8 target k8_win8( IoSynchronousCallDriver, 8)
1) Added memcmp function 2) Merged code with latest changes in pappyN4 repository - https://github.com/pappyN4/NTOSKRNL_Emu - Updated Readme - Added RtlInitAnsiStringEx + RtlInitUnicodeStringEx functions 3) Changed file version to 12 (pappyN4 changes should be like v11) so this new merge is latest possible extender
|
I noticed the redirects file has RTLDowncaseUnicodeChar, but when built for Vista, the ntoskrn8.sys doesn't have the function. I need RTLDowncaseUnicodeChar please. |
This means it needs to be coded for older systems. This function is only redirected in Windows 7 from it's native kernel |
It exists in ntdll since XP, so it just needs to be redirected to ntoskrn8.sys. |
What driver exactly require that? Can you link it? I need to check it before adding proper code |
AMD GPU drivers starting with 15.12. I can get up to 15.11.x working by changing a few functions to their Vista compatible counterparts, but 15.12 adds RTLDowncaseUnicodeChar, and no matter what I do, I always get a BSOD after boot. https://www.guru3d.com/files-details/amd-radeon-software-crimson-15-12-driver-download.html |
Can you list also other functions that needs to be redirected? IncompatibleFunction -> CompatibleOne I can probably do that in extender too |
|
Sorry for the late response, I've been busy. I can't really test anything currently until next week. Also on top of changing the functions, I have to use the extended kernel as there's more stuffs without it that is a bit of a wall, so it won't really be accurate what I say. |
Hi I will update this project soon, I have added RTLDowncaseUnicodeChar as it's really easy function |
|
Can't wait |
Hey, it's been over a week, and I really want to try this. |
Project files updated |
|
Thank you, I have been able to get up to 18.3.4 working on my test machine with this. Currently trying out pro drivers to see what's the newest there I can get working. |
Hi,
I have updated repository with latest changes.
v11 changes.
Added Windows 7 ntoskrnl.exe v6.1.7601.25920 (win7sp1_ldr_escrow.220316-1740) exports
x64
EtwSetInformation
FsRtlPrepareToReuseEcp
FsRtlRegisterUncProviderEx2
IoEnumerateRegisteredFiltersListEx
IoRegisterFsRegistrationChangeMountAwareEx
KeConnectInterruptForHal
KeFlushCurrentTbImmediately
PsDereferenceKernelStack
PsReferenceKernelStack
RtlIsSandboxedToken
SeGetLogonSessionToken
x86
EtwSetInformation
FsRtlPrepareToReuseEcp
FsRtlRegisterUncProviderEx2
IoEnumerateRegisteredFiltersListEx
IoRegisterFsRegistrationChangeMountAwareEx
KeConnectInterruptForHal
KiMcaExceptionHandlerWrapper
PsDereferenceKernelStack
PsReferenceKernelStack
RtlIsSandboxedToken
SeGetLogonSessionToken
Added Windows Vista ntoskrnl.exe v6.0.6003.21442 (vistasp2_ldr_escrow.220307-1719) exports
x64
FsRtlInitializeExtraCreateParameter
FsRtlInitializeExtraCreateParameterList
FsRtlPrepareToReuseEcp
FsRtlRegisterUncProviderEx2
IoRegisterFsRegistrationChangeMountAware
KeConnectInterruptForHal
KeFlushCurrentTbImmediately
PsDereferenceKernelStack
PsReferenceKernelStack
RtlIsSandboxedToken
x86
FsRtlInitializeExtraCreateParameter
FsRtlInitializeExtraCreateParameterList
FsRtlPrepareToReuseEcp
FsRtlRegisterUncProviderEx2
IoRegisterFsRegistrationChangeMountAware
KeConnectInterruptForHal
KiMcaExceptionHandlerWrapper
PsDereferenceKernelStack
PsReferenceKernelStack
RtlIsSandboxedToken
Added IoSynchronousCallDriver by Mov AX, 0xDEAD, https://msfn.org/board/topic/181615-ntoskrnl-emu_extender-for-windows-xp2003/?do=findComment&comment=1221893
Added blank stubs (to fix missing imports) to allow porting Windows 8.0 Build 8056 Generic SD+MMC driver run under XP - 7. Proper code needs to be added, but currently driver starts and work without issues
PoFxRegisterDevice
PoFxUnregisterDevice
PoFxSetComponentLatency
PoFxSetComponentResidency
PoFxStartDevicePowerManagement
PoFxCompleteIdleState
PoFxCompleteIdleCondition
PoFxReportDevicePoweredOn
PoFxCompleteDevicePowerNotRequired
PoFxActivateComponent
PoFxIdleComponent
Added changes from pappyN4 repository, https://github.com/pappyN4/NTOSKRNL_Emu
Added RtlInitAnsiStringEx, RtlInitUnicodeStringEx. Updated Readme
v12 changes
Added memcmp to be able to port AMD RCRAID driver. Source code comes from https://stackoverflow.com/questions/5017659/implementing-memcmp
Added MmMapIoSpaceEx which return MmMapIoSpace, according to MS documentation it should work
https://learn.microsoft.com/en-us/windows-hardware/drivers/ddi/wdm/nf-wdm-mmmapiospaceex
https://learn.microsoft.com/en-us/windows-hardware/drivers/ddi/wdm/nf-wdm-mmmapiospace
Added RtlDowncaseUnicodeChar