Jump to content

Kext: DIY KernelEx extensions


Recommended Posts


The font size does not change with Ktree10 and has always been this way for me on all builds. You can see the square + size that the window metrics is working on Ktree9 and the window title bar font is the same for both. What could be different? There were no font changes, I have launched Ktree9 and Ktree10 both are running at the same time. What do you mean by Ktree9 and Ktree10 use different fonts? Ktree10 does not use my system window font: Ktree9 does.

Edited by Goodmaneuver
Link to comment
Share on other sites

Thank you for backing me up on this Schwups, it means a lot. I like 10 as it gives the entry points of the module and I think it would be a good idea if we can redirect back to KexBases for example to use a stub again in a new defined module. I do not think it works though and memory locations can/will change. With the pictures uploaded the system fonts that are in use in that case are Arial western size 10 for all except Menu and Selected Items which use Verdana Western 11. So the default window font should be Arial western 10.

Edited by Goodmaneuver
Link to comment
Share on other sites

  • 2 weeks later...

IsValidLanguageGroup is stubbed in KexBases when it does not need to be. I was going to try IsValidLanguageGroup function substituted for IsValidLocaleName in Dwrite but cannot as it is stubbed.
We have had a stub for DelayLoadFailureHook for a long time but is it possible to get one for ResolveDelayLoadedAPI as this function call is used along side DelayLoadFailureHook in a many modules.

Is there any chance that the functions in use by KexStubs be determined with Ktree? This could be used to trim down KexStubs.

Edited by Goodmaneuver
Made a mistake
Link to comment
Share on other sites

I have Kstub823 loaded with Vista screen savers like Branded, MPREXE.exe, KMPlayer 4.06, PotPlayer 1.545995, VLC 3 & 2, MPC-HC 1.4.2499 and probably others, Ktree shows the APIs that are in Kstub823 but I wanted to know the APIs that are in use by the programs that are loading Kstub823. The Vista screen savers will not work without my Kstub823.ini. In a normal window the text lines can be highlighted with left click/slide then Control plus C for copy, if this can be done in Ktree then it could make it easier to work with. If IsValidProgramGroup and IsValidLocaleName both return a Boolean then it might work. See picture for the IsValidProgramGroup showing KexBases and Kernel32 with DW. I have been wanting the ResolveDelayLoadedAPI solution for a long time, we are nearly there to be able to use most windows modules that are in use and ResolveDelayLoadedAPI will be necessary to resolve this. If we use KernelEx KnownDlls and KernelEx Subfolders without the system mapping the location then it makes KernelEx conditional and complicated. I have shied away from this idea. I have spent most of my time recently on updating hardware. Objective is to update to a 4.2GHz + processor and I will update your Roll Call 2021 https://msfn.org/board/topic/182230-roll-call-2021/?do=findComment&comment=1193596 with all the details when completed successfully with each board, time willing. The modules I wanted to use were not kept but for a few, Oleacchooks, Dsparse, D3d10level9, WmpDui. I have WMP10 working and 11 could work too with ResolveDelayLoadedAPI. With more modules able to load then more applications will work. Nvidia device properties defaults to DX8 when the graphics card is unknown. Even though the picture says G73 it still does not know the video cards name it should be 7300 GT. The 82.69 drivers should display this correctly. I think I have a hangover from the older drivers and the registry will need cleaning and driver reinstalled.

IsValidLanguageGroup.png

WMP10_1.png

Modules_1.png

Edited by Goodmaneuver
Link to comment
Share on other sites

> know the APIs that are in use

Use my build of ProcWin 1.6. Select a process in the left frame. Right-click on individual modules on the right, then select Properties->KernelEx->Enable API Logging. In ApiLog.exe (aka DebugWindow) right-click and enable Output to log file. Restart process to see what you missed.

Also remember to check Kstub823.log to see what API's are actually called. These are the only definitions that must be correct.

I have begun work on a KexVista module. It already has functional support for all ConditionalVariable and SRWLock API's. I'll add to the to-do list support for some MS-API things like ResolveDelayLoadedAPI that can't be forwarded.

And I checked Kexstubs.c. The limits are: 100 DLL sections, 36KB of DLL section data (definitions and comments within DLL sections), and 1600 named functions. Unnamed (ordinal) functions and data variables are not yet supported.

 

Edited by jumper
KexVista
Link to comment
Share on other sites

  • 3 weeks later...
  • 1 month later...
On 10/14/2021 at 3:45 AM, CIACIACIACIACIACIA said:

What about windows xp does kernelex going to have a good version?

KernelEx is for Win98/ME none for XP. Win9x has a sole user environment and compatibility for certain other applications where as the NT Operating Systems have multiple users and an upgrade path. This is why KernelEx is important for WinME.

Edited by Goodmaneuver
Link to comment
Share on other sites

On 9/28/2021 at 3:45 AM, jumper said:

Also remember to check Kstub823.log to see what API's are actually called. These are the only definitions that must be correct.

I get these logs repeated K24 Kstub823.log

= MSVCRJ.DLL:sscanf_s=>MSVCR90D:sscanf_s =
= MSVCRJ.DLL:_ftol2=>MSVCRS:_ftol2 =
= MSVCRJ.DLL:_ftol2_sse=>MSVCRS:_ftol2_sse =

When you say these are the only definitions that must be correct. do you mean that these function redirects are correct and are the only ones needed in Kstub823 or otherwise? What does the log mean generally and with the = on the end?

I should have noticed before but Kstubs seems to stop working before the 15000 character limit (an approximate suggestion). The character limit stops KernelEx completely. Take a look at the picture the lower down Kstub823 definitions are not listed in Ktree10 it stops at SetupDiGetClassRegistryPropertyW in this instance of Kstub823.ini. Logging Kstub823 does not bring anything to the ApiLog window.

Kstubs1.png

Edited by Goodmaneuver
Link to comment
Share on other sites

Only those three that are invoked need valid definitions. Save space and reduce typo risk by not repeating the function name after the colon.

The last = is an artifact of using the private profile APIs for logging. The first = is put there to balance it. Ignore them.

Split the definitions by using multiple copies of Kstub824.

Right-click in ApiLog console window to modify settings.

 

Link to comment
Share on other sites

Strangely I had tried Kexstub824 before and it stopped KernelEx but now it works. I have modified Core.ini K25 to renumber it correctly prior to testing Kexstub824. The only change I have made to Core.ini is to use KexVista for more modes. Core.ini uploaded in Zip. Kstub824 has a larger definition range see picture :- ( using the same Kexstub823.ini unmodified as in previous posting renamed Kexstub824.ini ).

kstub824.png

core.zip

Edited by Goodmaneuver
Used Kstub824 as Kstub824 and made order the same as original core.ini
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...