From mboxrd@z Thu Jan 1 00:00:00 1970 To: 9fans@cse.psu.edu Subject: Re: [9fans] dhog the corruptor! From: David Gordon Hogan MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="upas-eyzznuvoylrhynbwhqbfrfpahk" Message-Id: <20011113235305.B831F19A46@mail.cse.psu.edu> Date: Tue, 13 Nov 2001 18:53:02 -0500 Topicbox-Message-UUID: 21f24786-eaca-11e9-9e20-41e7f4b1d025 This is a multi-part message in MIME format. --upas-eyzznuvoylrhynbwhqbfrfpahk Content-Disposition: inline Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit It's not quite the same. No ``thunks'' here. All the references are resolved at load time with this schema. --upas-eyzznuvoylrhynbwhqbfrfpahk Content-Type: message/rfc822 Content-Disposition: inline Received: from mail.cse.psu.edu ([130.203.4.6]) by plan9; Tue Nov 13 18:43:45 EST 2001 Received: from psuvax1.cse.psu.edu (psuvax1.cse.psu.edu [130.203.18.6]) by mail.cse.psu.edu (CSE Mail Server) with ESMTP id 984FE19A50; Tue, 13 Nov 2001 18:43:37 -0500 (EST) Delivered-To: 9fans@cse.psu.edu Received: from anchor-post-31.mail.demon.net (anchor-post-31.mail.demon.net [194.217.242.89]) by mail.cse.psu.edu (CSE Mail Server) with ESMTP id 10DF819A4A for <9fans@cse.psu.edu>; Tue, 13 Nov 2001 18:42:09 -0500 (EST) Received: from cjl1.demon.co.uk ([194.222.72.34] helo=falken) by anchor-post-31.mail.demon.net with smtp (Exim 2.12 #1) id 163nBv-0005DA-0V for 9fans@cse.psu.edu; Tue, 13 Nov 2001 23:42:08 +0000 Message-ID: <008701c16c9c$57155b80$2248dec2@falken> From: "Chris Hollis-Locke" To: <9fans@cse.psu.edu> References: <20011113230455.25131199B9@mail.cse.psu.edu> Subject: Re: [9fans] dhog the corruptor! MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2615.200 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2615.200 Sender: 9fans-admin@cse.psu.edu Errors-To: 9fans-admin@cse.psu.edu X-BeenThere: 9fans@cse.psu.edu X-Mailman-Version: 2.0.7 Precedence: bulk Reply-To: 9fans@cse.psu.edu List-Help: List-Id: Fans of the OS Plan 9 from Bell Labs <9fans.cse.psu.edu> List-Archive: Date: Tue, 13 Nov 2001 23:38:46 -0000 > Brucee's implementation just patches the call to point to the > correct destination. You don't have to walk any machine code. MS VXDs work in a similar way - they call it something like 'snap' linkage. The 'unlinked' call is to a lookup function that patches the caller (determined by return addr on the stack) to the actual entry point. The downside is that you cannot easily unload or replace a driver that is linked in such a way, which explains why there are so many "You must now reboot your computer" messages. The new WDM may do things differently, I haven't looked at that yet. --upas-eyzznuvoylrhynbwhqbfrfpahk--