From 6aaceca7de17481415e51de86a51212717a78bbc Mon Sep 17 00:00:00 2001
From: momo5502 <mauriceheumann@gmail.com>
Date: Wed, 11 Sep 2024 17:09:55 +0200
Subject: [PATCH] Progress

---
 src/windows_emulator/main.cpp            | 17 +++++--
 src/windows_emulator/process_context.hpp |  2 +
 src/windows_emulator/syscalls.cpp        | 62 ++++++++++++++++++------
 3 files changed, 60 insertions(+), 21 deletions(-)

diff --git a/src/windows_emulator/main.cpp b/src/windows_emulator/main.cpp
index 75c5865..4a1d060 100644
--- a/src/windows_emulator/main.cpp
+++ b/src/windows_emulator/main.cpp
@@ -318,7 +318,7 @@ namespace
 		context.process_params.access([&](RTL_USER_PROCESS_PARAMETERS& proc_params)
 		{
 			proc_params.Length = sizeof(proc_params);
-			proc_params.Flags = 0x6001 | 0x80000000; // Prevent CsrClientConnectToServer
+			proc_params.Flags = 0x6001; //| 0x80000000; // Prevent CsrClientConnectToServer
 
 			proc_params.ConsoleHandle = CONSOLE_HANDLE.h;
 			proc_params.StandardOutput = STDOUT_HANDLE.h;
@@ -333,10 +333,17 @@ namespace
 		context.peb.access([&](PEB& peb)
 		{
 			peb.ImageBaseAddress = nullptr;
-			peb.ProcessHeap = nullptr;
-			peb.ProcessHeaps = nullptr;
 			peb.ProcessParameters = context.process_params.ptr();
 			peb.ApiSetMap = build_api_set_map(emu, allocator).ptr();
+
+			peb.ProcessHeap = nullptr;
+			peb.ProcessHeaps = nullptr;
+			peb.HeapSegmentReserve = 0x0000000000100000;
+			peb.HeapSegmentCommit = 0x0000000000002000;
+			peb.HeapDeCommitTotalFreeThreshold = 0x0000000000010000;
+			peb.HeapDeCommitFreeBlockThreshold = 0x0000000000001000;
+			peb.NumberOfHeaps = 0x00000000;
+			peb.MaximumNumberOfHeaps = 0x00000010;
 		});
 
 		return context;
@@ -612,11 +619,11 @@ namespace
 			}
 
 			printf(
-				"Inst: %16llX - RAX: %16llX - RBX: %16llX - RCX: %16llX - RDX: %16llX - R8: %16llX - R9: %16llX - RDI: %16llX - RSI: %16llX\n",
+				"Inst: %16llX - RAX: %16llX - RBX: %16llX - RCX: %16llX - RDX: %16llX - R8: %16llX - R9: %16llX - RDI: %16llX - RSI: %16llX - %s\n",
 				address,
 				emu->reg(x64_register::rax), emu->reg(x64_register::rbx), emu->reg(x64_register::rcx),
 				emu->reg(x64_register::rdx), emu->reg(x64_register::r8), emu->reg(x64_register::r9),
-				emu->reg(x64_register::rdi), emu->reg(x64_register::rsi));
+				emu->reg(x64_register::rdi), emu->reg(x64_register::rsi), binary ? binary->name.c_str() : "<N/A>");
 		});
 
 		CONTEXT ctx{};
diff --git a/src/windows_emulator/process_context.hpp b/src/windows_emulator/process_context.hpp
index 5eef5d0..a9ee313 100644
--- a/src/windows_emulator/process_context.hpp
+++ b/src/windows_emulator/process_context.hpp
@@ -50,6 +50,8 @@ struct process_context
 	mapped_module* ntdll{};
 	mapped_module* win32u{};
 
+	uint64_t shared_section_size{};
+
 	handle_store<handle_types::event, event> events{};
 	handle_store<handle_types::file, file> files{};
 	handle_store<handle_types::semaphore, semaphore> semaphores{};
diff --git a/src/windows_emulator/syscalls.cpp b/src/windows_emulator/syscalls.cpp
index c71be3f..8b47feb 100644
--- a/src/windows_emulator/syscalls.cpp
+++ b/src/windows_emulator/syscalls.cpp
@@ -417,8 +417,8 @@ namespace
 
 	NTSTATUS handle_NtMapViewOfSection(const syscall_context& c, uint64_t section_handle, uint64_t process_handle,
 	                                   emulator_object<uint64_t> base_address, ULONG_PTR /*zero_bits*/,
-	                                   SIZE_T /*commit_size*/,
-	                                   const emulator_object<LARGE_INTEGER> /*section_offset*/,
+	                                   SIZE_T commit_size,
+	                                   const emulator_object<LARGE_INTEGER> section_offset,
 	                                   const emulator_object<SIZE_T> view_size, SECTION_INHERIT /*inherit_disposition*/,
 	                                   ULONG /*allocation_type*/, ULONG /*win32_protect*/)
 	{
@@ -427,6 +427,22 @@ namespace
 			return STATUS_INVALID_HANDLE;
 		}
 
+		if (section_handle == SHARED_SECTION)
+		{
+			const auto address = c.emu.find_free_allocation_base(c.proc.shared_section_size);
+			c.emu.allocate_memory(address,
+			                      c.proc.shared_section_size, memory_permission::read_write);
+
+			if (view_size.value())
+			{
+				view_size.write(c.proc.shared_section_size);
+			}
+
+			base_address.write(address);
+
+			return STATUS_SUCCESS;
+		}
+
 		const auto section_entry = c.proc.files.get(section_handle);
 		if (!section_entry)
 		{
@@ -610,6 +626,8 @@ namespace
 
 		if (info_class == SystemProcessorInformation)
 		{
+			puts("PROC INFO");
+			c.proc.verbose = true;
 			if (return_length)
 			{
 				return_length.write(sizeof(SYSTEM_PROCESSOR_INFORMATION));
@@ -1065,33 +1083,45 @@ namespace
 		throw std::runtime_error("Bad free type");
 	}
 
-	NTSTATUS handle_NtCreateSection(const syscall_context& /*c*/, const emulator_object<uint64_t> /*section_handle*/,
+	NTSTATUS handle_NtCreateSection(const syscall_context& c, const emulator_object<uint64_t> section_handle,
 	                                const ACCESS_MASK /*desired_access*/,
 	                                const emulator_object<OBJECT_ATTRIBUTES> /*object_attributes*/,
-	                                const emulator_object<ULARGE_INTEGER> /*maximum_size*/,
+	                                const emulator_object<ULARGE_INTEGER> maximum_size,
 	                                const ULONG /*section_page_protection*/, const ULONG /*allocation_attributes*/,
 	                                const uint64_t /*file_handle*/)
 	{
 		puts("NtCreateSection not supported");
-		//c.emu.stop();
-		//const auto attributes = object_attributes.read();
-		//const auto object_name = read_unicode_string(c.emu, attributes.ObjectName);
+		section_handle.write(SHARED_SECTION.bits);
 
-		/*section_handle.write(SHARED_SECTION.bits);
-
-		maximum_size.access([](ULARGE_INTEGER& large_int)
+		maximum_size.access([&c](ULARGE_INTEGER& large_int)
 		{
 			large_int.QuadPart = page_align_up(large_int.QuadPart);
-		});*/
+			c.proc.shared_section_size = large_int.QuadPart;
+		});
 
-		//return STATUS_SUCCESS;
-		return STATUS_NOT_SUPPORTED;
+		return STATUS_SUCCESS;
 	}
 
-	NTSTATUS handle_NtConnectPort(const syscall_context& /*c*/)
+	NTSTATUS handle_NtConnectPort(const syscall_context& c, const emulator_object<uint64_t> client_port_handle,
+	                              const emulator_object<UNICODE_STRING> server_port_name,
+	                              const emulator_object<SECURITY_QUALITY_OF_SERVICE> security_qos,
+	                              const emulator_object<PORT_VIEW> client_shared_memory,
+	                              const emulator_object<REMOTE_PORT_VIEW> server_shared_memory,
+	                              const emulator_object<ULONG> maximum_message_length,
+	                              uint64_t connection_info,
+	                              const emulator_object<ULONG> connection_info_length)
 	{
-		puts("NtConnectPort not supported");
-		//c.emu.stop();
+		const auto port_name = read_unicode_string(c.emu, server_port_name);
+		printf("NtConnectPort: %S\n", port_name.c_str());
+
+		client_shared_memory.access([&](PORT_VIEW& view)
+		{
+			const auto address = c.emu.find_free_allocation_base(view.ViewSize);
+			c.emu.allocate_memory(address,
+				view.ViewSize, memory_permission::read_write);
+
+			view.ViewBase = reinterpret_cast<void*>(address);
+		});
 
 		return STATUS_SUCCESS;
 	}