jumper

KernelEx 4.5 Core Updates (4.5.2016.17)

455 posts in this topic

WARNING: If you have a program that will not run with the original KernelEx 4.5.2, do NOT post in this topic requesting help or support. Start a new topic in the Window 9x / ME forum or request help in the Kext:DIY topic.
- Thank you!

Moderator's Note:
Also, based on the desires of the developer, please do not use this topic for any expanded discussion of the compatibility of specific applications. This includes posting screenshots or various details of such programs. Use the KernelEx Apps Compatibility thread for this. This thread is reserved mainly for development issues and bug reports.

KernelEx 4.5 Core Updates
4.5.2016.17
4.5.2016.16
4.5.2015.11
4.5.2015.10
4.5.2015.9 - source (full)
4.5.2015.8
4.5.2015.7
4.5.2015.5 - source (diff)
4.5.2015.4 dlls
--- Extras ---
ApiHook 4.5.2015.8 - Real-time API logger
Kexports - API export lister for KernelEx DLL's
ImportPatcher - View and edit dependencies
. . .
Dependency Walker 2.2.6000
TaskInfo2000 v2.1
ProcWin
DumpPE


How to install in Windows:
  • backup existing Windows\KernelEx DLL files
  • extract all files into one folder
  • launch Update (or InstallDLLs) shortcut
  • Reboot system!

How to install in DOS:
  • backup existing Windows\KernelEx DLL files
  • extract DLL, EXE, and PDB files
  • "Exit to DOS" out of Windows
  • copy extracted files to Windows\KernelEx folder
  • Reboot system!



Changelogs: [see individual release posts]

These updates are based on the source for the highly-tested KernelEx 4.5.2. Changes to the source will be presented in following posts. Changes will initially come from the 4.5.3 beta ("Master" branch), Kexstubs, and related projects.

I did slip a few "wish-list" gifts into this first package just for Christmas:
  • Kexbases.dll 4.5.12.1 has a Kernel32:VirtualProtect wrapper to fix the GCC problem and a Shell32:727 ordinal stub.
  • Kexbasen.dll 4.5.12.1 has Oleaut32:442/RegisterTypeLibForUser and 443/UnRegisterTypeLibForUser ordinal/name stubs.
  • Kernelex.dll 4.5.12.1 is a straight rebuild of 4.5.12.0 with just the version resource updated.

My toolchain isn't 100% complete, so I have no plans for releasing a full, updated KernelEx package. Is anyone interested in doing this? :angel

Topics for discussion
Versioning: Last official KernelEx product is 4.5.2, files 4.5.12. I'm currently using product 4.5.2015, files 4.5.2015.x.
Updates installer: Currently using a batch file. Still taking suggestions for wininit.ini or better solution.
API families TBD (additions welcome)
  • My Kstub822.ini has lots of these definitions. Which need partial or full code rather than stubs?
  • Ace
  • Acl/Dacl/Sacl (Security)
  • ActCtx
  • AnsiString/OemString/UnicodeString
  • Cred
  • Fls
  • Lsa
  • MD5
  • SList
  • Trace

Any technical discussion concerning updates/changes to KernelEx API support or architecture are welcome. Please report all known issues and limitations in KernelEx 4.5.2 so we can addressed them.

Known issues:
  • API names must be stored in sorted order in memory
  • plug-in limit is 4: std + kexbases + kexbasen + two more
  • ApiConfigurations limit is 11 (0..10); higher numbers show but don't "stick"
  • DLL must exist and be loaded for a new API to be added
  • new API can't be added to DLL loaded via KernelEx\KnownDLLs
  • no distinction between implicit(loader) and explicit(GetProcAddress) dynamic linking
  • Psapi code problems



An older version of this top post can be found at the Internet Archive Wayback Machine. :)

Edited by jumper
.17 posted
2

Share this post


Link to post
Share on other sites

In the apilibs source folder, we find subfolders for Kexbases and Kexbasen.

To kexbases\Kernel32, I added VirtualProtect.c. This code has been tested via Kexstubs on my primary machine for six months:

// Don't let GCC apps 'accidentally' disable write access: If desired access protection// is PAGE_READONLY and location is in PE image, request PAGE_READWRITE instead./* MAKE_EXPORT VirtualProtect_fix=VirtualProtect */BOOL WINAPI VirtualProtect_fix(  LPVOID  lpRegion,       // address of region of committed page  DWORD   dwSize,         // size of the region  DWORD   flNewProtect,   // desired access protection  PDWORD  lpflOldProtect  // address of variable to get old protection){  if (flNewProtect == PAGE_READONLY) {    MEMORY_BASIC_INFORMATION mbi;    if (VirtualQuery (lpRegion, &mbi, sizeof(mbi))) //find base      if (VirtualQuery (mbi.AllocationBase, &mbi, sizeof(mbi))) //query base        if (mbi.Protect & 0x66) //readable?          if (*(WORD*)(mbi.AllocationBase) == 'ZM') //PE image?            flNewProtect = PAGE_READWRITE;  }  return VirtualProtect (lpRegion, dwSize, flNewProtect, lpflOldProtect);}

To kexbases\shell32, I added SHGetImageList.c which exports SHGetImageList both by name and ordinal:

#define ERROR_CALL_NOT_IMPLEMENTED       120L/* MAKE_EXPORT SHGetImageList_stub=SHGetImageList *//* MAKE_EXPORT SHGetImageList_stub=ordinal727 */HRESULT WINAPI SHGetImageList_stub (int iImageList, REFIID riid, void **ppv){	return ERROR_CALL_NOT_IMPLEMENTED;}

To Kexbasen, I added an Oleaut32 module with two function stubs exported both by name and by ordinal. I added them to the non-shared Kexbasen so they can be upgraded to delay-loaded forwards to (Un)RegisterTypeLib in the future.

kexbasen\oleaut32\_oleaut32_apilist.c created

kexbasen\oleaut32\_oleaut32_apilist.h created

kexbasen\oleaut32\oleaut32.c

#define ERROR_CALL_NOT_IMPLEMENTED       120L/* MAKE_EXPORT RegisterTypeLibForUser_stub=RegisterTypeLibForUser *//* MAKE_EXPORT RegisterTypeLibForUser_stub=ordinal442 */HRESULT WINAPI RegisterTypeLibForUser_stub (	ITypeLib *ptlib,	OLECHAR  *szFullPath,	OLECHAR  *szHelpDir ){	return ERROR_CALL_NOT_IMPLEMENTED;}/* MAKE_EXPORT UnRegisterTypeLibForUser_stub=UnRegisterTypeLibForUser *//* MAKE_EXPORT UnRegisterTypeLibForUser_stub=ordinal443 */HRESULT WINAPI UnRegisterTypeLibForUser_stub (	REFGUID libID,	WORD    wMajorVerNum,	WORD    wMinorVerNum,	LCID    lcid,	SYSKIND syskind ){	return ERROR_CALL_NOT_IMPLEMENTED;}
In apilibs\kexbasen, main.c and dirlist were updated to reflect the new oleaut32 modules.

Full source diff package: K4521src.7z

Edited by jumper
0

Share this post


Link to post
Share on other sites

Menues are now fully displaying in SumatraPDF 3.0. Thanks Jumper !!!

All other KernelEx depending programs seem to be working fine as well !!

 

Great news.

0

Share this post


Link to post
Share on other sites

Not working here on WinME : 

MPREXE caused an invalid page fault inmodule KERNELEX.DLL at 0177:bfa08e80.Registers:EAX=00000043 CS=0177 EIP=bfa08e80 EFLGS=00010212EBX=833421f8 SS=017f ESP=0072f568 EBP=0072f574ECX=00000000 DS=017f ESI=bfa00000 FS=40cfEDX=86a2df43 ES=017f EDI=00000000 GS=0000Bytes at CS:EIP:88 11 8b 45 f8 83 c0 01 89 45 f8 8b 4d fc 83 c1 Stack dump:00000043 00000000 86a2df00 0072f58c bfa06dcb 00000000 86a2df00 0072f5cc 00000000 0072f91c bfa06fd2 0072f5c4 bfa0c350 86a2df00 86a2df98 86a2dd6c 

After that initial error message, kernelex.dll and all dlls specified in core.ini are loaded but not working.

 
0

Share this post


Link to post
Share on other sites

Nice that you took on this job, jumper! :)

 

I'm not sure I get things right so I'm gonna ask: is KernelEx supposed to implement stubs on a large scale or should it rather replicate original missing API behavior through our own code? Personally I'd like to see working code wherever possible rather than "not implemented" error codes being returned.

 

Now, last time I checked I could build the whole KernelEx package, installer included. The original 4.5.2 has always built, installed and run correctly, while leyok's attempts always failed. Couldn't figure out why. So if you want, I could try to build an updated package for you, as soon as I remember how to use all these things, because my memory is failing me badly. Please feel free to contact me in private, via PM or e-mail (drugwash aol com).

1

Share this post


Link to post
Share on other sites

@ loblo. I had a mprexe error too a few days ago but it was caused by a bad new entry I did put into kext's msvcrt.dll !!

Try booting without kstub822 in core.ini to see if the error goes away then you know where to look for the culprit.

Do you use the msvcr70 replacement dll for msvcrt.dll ??

0

Share this post


Link to post
Share on other sites

@MiKl: I didn't expect my small changes to affect any apps already running. I haven't tested SumatraPDF since 2.3.2, but will do so soon.

@loblo: I don't have a WinME system to test on, so I'll need a bit of help. Please try the x.1 DLLs individually. I somehow failed to save the MAP files for this particular build, but the problem seems to be a NULL pointer passed to a kexcrt ANSI string copy routine. DumpPE (C.Turvey) and ProcWin (Japheth) were both able to disassemble Kernelex.dll for this analysis.

@Drugwash: KernelEx trys to improve the user experience by fixing existing functions, rerouting (forwarding) calls from one module to another, and creating new functions by stubbing, faking, partially or fully implementing them--whatever it takes. Many NT calls have no meaning and are easily stubbed. Full implementations take much time to develop and test, and balloon both the memory footprint and install package!

It's been just over three years now since the release of 4.5.2. If you could revisit the original build and then add just the GCC fix, it would be great to have a new release to kick off the new year.


"warning C4013: 'strntoumax' undefined; assuming extern returning int"

Increasing the compile warning level from 1 to 3 revealed that kexcrt wasn't properly prototyping the 64-bit strntoumax(), so in at least nine places the return value was truncated to 32-bits before being assigned to a 64-bit variable. I added prototypes and casts to fix 22 warnings. One more warning needs further study ("unary minus operator applied to unsigned type, result still unsigned").

I am standardizing a method for delay loading libraries and functions the combines the best of the several techniques currently in use. It's important to do this now as much new code will be using it.

New release 4.5.12.2 -- Map files included this time!

<<TBD: post source>>

Edited by jumper
0

Share this post


Link to post
Share on other sites

@loblo: I don't have a WinME system to test on, so I'll need a bit of help. Please try the x.1 DLLs individually. I somehow failed to save the MAP files for this particular build, but the problem seems to be a NULL pointer passed to a kexcrt ANSI string copy routine. DumpPE (C.Turvey) and ProcWin (Japheth) were both able to disassemble Kernelex.dll for this analysis.

 

The problem appears to be with kexbasen.dll, if I only replace this one it crashes, if i only replace the other two it doesn't crash.

0

Share this post


Link to post
Share on other sites

@Drugwash: KernelEx trys to improve the user experience by fixing existing functions, rerouting (forwarding) calls from one module to another, and creating new functions by stubbing, faking, partially or fully implementing them--whatever it takes. Many NT calls have no meaning and are easily stubbed. Full implementations take much time to develop and test, and balloon both the memory footprint and install package!

It's been just over three years now since the release of 4.5.2. If you could revisit the original build and then add just the GCC fix, it would be great to have a new release to kick off the new year.

I'll try my best. Kinda short time now with the holidays and all. Will see how it goes. ;)

 

EDIT: I did find a few changes related to kexbasen in the .dsp project file and in the .rc resource file, apart from newly included files. It's about flags in the Release configuration: /O1 instead of /O2 and an added /FR (in .dsp) and FILEFLAGS 0x21L vs 0x1L and 0x20L vs 0x0L respectively (in .rc).

 

/O1 instead of /O2 was also found in kexbases.dsp along with added SUBTRACT CPP /Fr and same with FILEFLAGS mentioned above in kexbases.rc. Same /O1 found in core.dsp too and also same changes in FILEFLAGS in core.rc.

 

Honestly I'm not familiar with compiler flags and all that so if you could briefly explain what they do and if the changes are intended or not, I'd be grateful. Just making sure everything's as it should be.

 

EDIT2:

I've been getting a longstanding warning C4163 at line 239 compiling jemalloc.c in kexbasen:

_BitScanForward not available as an intrinsic function

Do you get that too or do you know how to fix it? I'm using VC6 on updated 98SE.

 

New one is warning C4273 at line 53 in psapi.c compiling auxiliary:

GetProcessId inconsistent dll linkage. dllexport assumed.

 

Also kexcontrol.exe won't build neither in Release nor in Debug mode. Five unresolved external symbols. Can't remember if that happened before. Everything else compiled succesfully after applying your changes (except for the compiler flags and file flags mentioned above, until I get details from you).

 

EDIT3:

Nevermind about kexcontrol, I just read COMPILE.TXT and found the reason, now it's OK.

 

I uploaded a newly built installer at my repository in the KernelEx folder. Whoever got the courage and means, please test it. I currently have no working 9x test machine.

Edited by Drugwash
0

Share this post


Link to post
Share on other sites

Thanks for the Merry KeXmas surprise!  

If it's any help, I too get the MPREXE error on bootup -- using Win98SE (but with 98SE-to-ME installed as well) -- so i had to disable KStub.  This is with a recently-reinstalled KernelEx 4.5.2 and KStub v8.22, so they're generic (i hadn't messed around with any .ini files, except of course to add/remove "kstub822" in the "Contents=" line of Core.ini).  

Kudos to jumper (and others in the future) for resurrecting this!  

- Doug B.

0

Share this post


Link to post
Share on other sites

Good sleuthing, Drugwash. And double-thanks for the quick build on short notice! :)

/O1 is for size

/O2 is for speed

I've always found /O1 to be the better choice as I can #pragma or _asm individual functions as needed.

I entered "jumper" in the special build field so....

From Winver.h:

/* ----- VS_VERSION.dwFileFlags ----- */#define VS_FF_DEBUG             0x00000001L#define VS_FF_PRERELEASE        0x00000002L#define VS_FF_PATCHED           0x00000004L#define VS_FF_PRIVATEBUILD      0x00000008L#define VS_FF_INFOINFERRED      0x00000010L#define VS_FF_SPECIALBUILD      0x00000020L
And also this typo:

DWORD dwFileFlags; /* e.g. VFF_DEBUG | VFF_PRERELEASE */

Generate Browse Info (/FR)

Exclude Local Variables (/Fr)

intrinsic(_BitScanForward) isn't available in VC5/6 (maybe later?). But in jemalloc.c, BitScanForward isn't currently being called. So move the pragma line to here:

#if 0#pragma intrinsic(_BitScanForward)	if (_BitScanForward(&i, x) != 0)

Back in May, I fixed psapi.c to work with ProcWin and added stubs for _all_ new functions. Last week I also updated uxtheme for all new functions (with correct ordinals). I'll release these for code review in a new topic ("KernelEx aux updates"?) asap.

@loblo and DougB: I thank you both for the feedback. Kexbasen (7d00xxxx) didn't show up in loblo's original stack trace, so now I'll take a closer look at it. Odd that removing Kstub822 should affect anything....

Here's my very first build that has original setting with just the resources touched:

0

Share this post


Link to post
Share on other sites

OK, thanks, I'll fix those flags then.

For the installer I use NSIS 2.46, I hope there's no major problem with it. Haven't got any reply yet in regard to my build, whether it installs and works correctly or not.

0

Share this post


Link to post
Share on other sites

I've released version 4.5.3.1 of the KernelEx installer with the speed optimizations and all other previously omitted flags.

There's also a separate package containing the modified files. I've slightly changed some project configurations so that absolutely all of the subprojects (except for sdbcreate, under Win9x) could compile in a single batch operation.

Please test only in a virtual machine. Happy New Year everybody! :)

 

Download here

0

Share this post


Link to post
Share on other sites

I extracted the DLLs from the original package last night and they worked fine in SE.

The Master branch already is using version 4.5.3, so I've settled on 4.5.2015. I'll post updates in about sixty hours.

 

Edit: just buying time.... :yes:

Edited by jumper
0

Share this post


Link to post
Share on other sites

Well, how 's the Time market, any changes in price? :P

 

I've managed to install 98SE on a test machine, plus DirectX 9.0c and drivers. Installed my build of KernelEx with all fixes in (4.5.3.1 mentioned above) and all went fine. Installed and (shortly) tested Firefox 9.0.1 in XP-SP2 compatibility - seems to work for now (I added msvcr70.dll v7.0.9466.0 renamed as msvcrt.dll in Firefox's folder).

 

I've also installed CloudMe 1.8.8 and ran it. It does work without the UPX "fix", which means the GCC fix in KernelEx does its job, but it can't log in. However, the UPXed files from my main working machine don't work either so it must be something related to the test machine. UPDATE: After installing a bunch of other (unrelated?) components (IE6, DSClient etc.) I remembered a Root Certificate update was mandatory for CloudMe to work; as soon as I installed that update, it logged in.

 

So far nobody else offered feedback on my KernelEx package so I'm not sure my tests are conclusive.

Edited by Drugwash
0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.