fixed some merging issues, all windows 10 (2004-1511) work again (AMD &

Intel)
merge-requests/1/merge
xerox 4 years ago
parent bf3ce4d9b0
commit 9c82ec58be

@ -4,7 +4,7 @@
#include <cstddef>
#define PORT_NUM 0x2F8
#define WINVER 1703
#define WINVER 1511
#define DBG_PRINT(arg) \
__outbytestring(PORT_NUM, (unsigned char*)arg, sizeof arg);

@ -201,7 +201,6 @@ UINT64 EFIAPI HvBlImgAllocateImageBuffer
{
if (imageSize >= HV_ALLOC_SIZE && !HvExtendedAllocation)
{
DBG_PRINT("extending hyper-v allocation...\n");
HvExtendedAllocation = TRUE;
imageSize += PayLoadSize();

@ -4,12 +4,16 @@
#define HV_ALLOCATE_IMAGE_BUFFER_SIG "\xE8\x00\x00\x00\x00\x8B\xF8\x85\xC0\x79\x0A"
#define HV_ALLOCATE_IMAGE_BUFFER_MASK "x????xxxxxx"
static_assert(sizeof(HV_ALLOCATE_IMAGE_BUFFER_SIG) == sizeof(HV_ALLOCATE_IMAGE_BUFFER_MASK), "signature and mask do not match size!");
#define HV_LOAD_PE_IMG_SIG "\x48\x89\x44\x24\x00\xE8\x00\x00\x00\x00\x44\x8B\xF0\x85\xC0\x0F\x88"
#define HV_LOAD_PE_IMG_MASK "xxxx?x????xxxxxxx"
#define HV_LOAD_PE_IMG_FROM_BUFFER_SIG "\xE8\x00\x00\x00\x00\x44\x8B\xAD"
#define HV_LOAD_PE_IMG_FROM_BUFFER_MASK "x????xxx"
static_assert(sizeof(HV_LOAD_PE_IMG_FROM_BUFFER_SIG) == sizeof(HV_LOAD_PE_IMG_FROM_BUFFER_MASK), "signature and mask do not match size!");
#define HV_LOAD_PE_IMG_SIG "\x48\x89\x44\x24\x00\xE8\x00\x00\x00\x00\x44\x8B\xF0\x85\xC0\x0F\x88\x00\x00\x00\x00\x4C\x8D\x45"
#define HV_LOAD_PE_IMG_MASK "xxxx?x????xxxxxxx????xxx"
static_assert(sizeof(HV_LOAD_PE_IMG_SIG) == sizeof(HV_LOAD_PE_IMG_MASK), "signature and mask do not match size...");
static_assert(sizeof(HV_ALLOCATE_IMAGE_BUFFER_SIG) == sizeof(HV_ALLOCATE_IMAGE_BUFFER_MASK), "signature and mask do not match size!");
typedef EFI_STATUS(EFIAPI* ALLOCATE_IMAGE_BUFFER)(VOID** imageBuffer, UINTN imageSize, UINT32 memoryType,
UINT32 attributes, VOID* unused, UINT32 flags);

@ -151,13 +151,18 @@ EFI_STATUS EFIAPI BlImgLoadPEImageEx
if (!InstalledHvLoaderHook)
EnableShitHook(&WinLoadImageShitHook);
CHAR8 ModuleName[0x100];
UnicodeStrToAsciiStr(ImagePath, ModuleName);
DBG_PRINT("module loading -> %s\n", ModuleName);
if (StrStr(ImagePath, L"hvloader.efi"))
{
DBG_PRINT("hvloader loaded into memory...\n");
#if WINVER == 1703
VOID* LoadImage =
FindPattern(
*ImageBasePtr,
*ImageSize,
HV_LOAD_PE_IMG_FROM_BUFFER_SIG,
HV_LOAD_PE_IMG_FROM_BUFFER_MASK
);
#elif WINVER <= 1607
VOID* LoadImage =
FindPattern(
*ImageBasePtr,
@ -165,6 +170,7 @@ EFI_STATUS EFIAPI BlImgLoadPEImageEx
HV_LOAD_PE_IMG_SIG,
HV_LOAD_PE_IMG_MASK
);
#endif
VOID* AllocImage =
FindPattern(
@ -174,11 +180,8 @@ EFI_STATUS EFIAPI BlImgLoadPEImageEx
HV_ALLOCATE_IMAGE_BUFFER_MASK
);
DBG_PRINT("LoadImage -> 0x%p\n", LoadImage);
DBG_PRINT("AllocImage -> 0x%p\n", AllocImage);
#if WINVER == 1703
MakeShitHook(&HvLoadImageBufferHook, RESOLVE_RVA(LoadImage, 10, 6), &HvBlImgLoadPEImageFromSourceBuffer, TRUE);
MakeShitHook(&HvLoadImageBufferHook, RESOLVE_RVA(LoadImage, 5, 1), &HvBlImgLoadPEImageFromSourceBuffer, TRUE);
#elif WINVER <= 1607
MakeShitHook(&HvLoadImageHook, RESOLVE_RVA(LoadImage, 10, 6), &HvBlImgLoadPEImageEx, TRUE);
#endif

@ -13,7 +13,7 @@ extern SHITHOOK WinLoadAllocateImageHook;
// for 1703-1511, we are going to want to hook BlImgAllocateImageBuffer inside of hvloader.efi
// not winload. We will have to scan for BlImgLoadPEImageEx in winload and then wait for hvloader
// to be loaded to install hooks in hvloader...
#define LOAD_PE_IMG_SIG "\x48\x89\x44\x24\x00\xE8\x00\x00\x00\x00\x44\x8B\xF0\x85\xC0\x0F\x88"
#define LOAD_PE_IMG_SIG "\x48\x89\x44\x24\x00\xE8\x00\x00\x00\x00\x44\x8B\xF0\x85\xC0\x79\x11"
#define LOAD_PE_IMG_MASK "xxxx?x????xxxxxxx"
static_assert(sizeof(ALLOCATE_IMAGE_BUFFER_SIG) == sizeof(ALLOCATE_IMAGE_BUFFER_MASK), "signature and mask do not match size!");

Loading…
Cancel
Save