[FREELDR] Set LDRP_IMAGE_INTEGRITY_FORCED if necessary. (Part of PR #1905)
authorMark Harmstone <mark@harmstone.com>
Wed, 9 Oct 2019 20:28:33 +0000 (21:28 +0100)
committerHermès Bélusca-Maïto <hermes.belusca-maito@reactos.org>
Sun, 13 Oct 2019 22:49:00 +0000 (00:49 +0200)
+ Add extra information.
Co-authored-by: Hermès Bélusca-Maïto <hermes.belusca-maito@reactos.org>
boot/freeldr/freeldr/lib/peloader.c
sdk/include/ndk/ldrtypes.h

index 5a7cfa6..2c981ce 100644 (file)
@@ -658,6 +658,24 @@ PeLdrAllocateDataTableEntry(
     DataTableEntry->Flags = LDRP_ENTRY_PROCESSED;
     DataTableEntry->LoadCount = 1;
 
+    /* Honour the FORCE_INTEGRITY flag */
+    if (NtHeaders->OptionalHeader.DllCharacteristics & IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY)
+    {
+        /*
+         * On Vista and above, the LDRP_IMAGE_INTEGRITY_FORCED flag must be set
+         * if IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY is set in the image header.
+         * This is done after the image has been loaded and the digital signature
+         * check has passed successfully. (We do not do it yet!)
+         *
+         * Several OS functionality depend on the presence of this flag.
+         * For example, when using Object-Manager callbacks the latter will call
+         * MmVerifyCallbackFunction() to verify whether the flag is present.
+         * If not callbacks will not work.
+         * (See Windows Internals Part 1, 6th edition, p. 176.)
+         */
+        DataTableEntry->Flags |= LDRP_IMAGE_INTEGRITY_FORCED;
+    }
+
     /* Insert this DTE to a list in the LPB */
     InsertTailList(ModuleListHead, &DataTableEntry->InLoadOrderLinks);
     TRACE("Inserting DTE %p, name='%.*S' DllBase=%p \n", DataTableEntry,
@@ -783,6 +801,12 @@ PeLdrLoadImage(
         return FALSE;
     }
 
+    /*
+     * On Vista and above, a digital signature check is performed when the image
+     * has the IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY flag set in its header.
+     * (We of course do not perform this check yet!)
+     */
+
     /* Reload the NT Header */
     NtHeaders = RtlImageNtHeader(PhysicalBase);
 
index fd5dd12..41385ba 100644 (file)
@@ -38,6 +38,7 @@ Author:
 #define LDRP_STATIC_LINK                        0x00000002
 #define LDRP_IMAGE_DLL                          0x00000004
 #define LDRP_SHIMENG_SUPPRESSED_ENTRY           0x00000008
+#define LDRP_IMAGE_INTEGRITY_FORCED             0x00000020
 #define LDRP_LOAD_IN_PROGRESS                   0x00001000
 #define LDRP_UNLOAD_IN_PROGRESS                 0x00002000
 #define LDRP_ENTRY_PROCESSED                    0x00004000