|
dev
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Using the loader with a custom runtimeThere are different Common Language Infrastructure implementations in addition to Microsoft .NET Framework. Examples include Mono, Portable.NET, Rotor, VMKit, Parrot, ILDJIT, etc. I would like to use test my software with other implementations as well. One of the unique features of .NET Framework is that it integrates with the loader component of the operating system that results in improved security. When creating a process form a managed executable the operating system (Windows XP and later) directly calls mscoree.dll without usual import address table and entry point resolving. This means that _CorValidateImage is called after the image is mapped and if that succeeds _CorExeMain is called regardless of the entry point specified in the executable. This integration prevents me from using usual DLL/function redirection techniques for loading an alternate runtime. By replacing mscoree.dll I could take advantage of the loader integration but I don't want to do this as it would make me unable to use Microsoft .NET Framework. I could detour mscoree.dll for processes I want to run using an alternative runtime. When I use CreateProcess with CREATE_SUSPENDED I am able to modify memory and/or execute code in the remote process but that is pretty much useless because the loader is not optimized yet. I can't even use CreateRemoteThread that would initialize the loader because the loader initialization code calls _CorExeMain without calling process or thread entry point function and Microsoft .NET Framework is loaded to the new process. I would appreciate your help in creating a managed process using a custom runtime. Thanks. Best regards, Kornél Pál Hello Korn¨¦l,
Thanks for using Microsoft Newsgroup Support Service, my name is Ji Zhou [MSFT] and I will be working on this issue with you. From your description, I think the demand is that we are trying to use .NET Framework runtime loader mscroee.dll to load another CLI implementation. If my understanding is not correct, please feel free to let me know. As far as I know, the .NET mscoree.dll integrates tightly with the .NET Framework runtime. It can only specify a version of .NET Framework runtime, but not load another custom CLI implementation. Therefore, in my opinion, this objective may not be achievable. Based on my experience with Rotor, it has its own implementation of the runtime shim which knows how to load its Rotor CLI implementation. Actually, I think each of the CLI implementation should provide its own runtime shim. So personally speaking, loading custom runtime using .NET mscoree does not make sense to me. >>By replacing mscoree.dll I could take advantage of the loader Yes, I sympathize. Many runtimes does not provide some parts of .NET >>integration but I don't want to do this as it would make me unable to >>use Microsoft .NET Framework. Framework, like ADO.NET, WinForm, or provide a different implementation. So when we use that part of .NET assemblies, our application may fail upon other runtimes. Currently, we can only test the applications use the common functions of these runtimes. By the way, running .NET application upon another third-party CLI implementation runtime is not supported by Microsoft Support Service. Thanks for your understanding on this because there are too much third party runtimes with different implementations. Best regards, Ji Zhou (v-j***@online.microsoft.com, remove 'online.') Microsoft Online Community Support Delighting our customers is our #1 priority. We welcome your comments and suggestions about how we can improve the support we provide to you. Please feel free to let my manager know what you think of the level of service provided. You can send feedback directly to my manager at: msd***@microsoft.com. ================================================== Get notification to my posts through email? Please refer to http://msdn.microsoft.com/en-us/subscriptions/aa948868.aspx#notifications. Note: The MSDN Managed Newsgroup support offering is for non-urgent issues where an initial response from the community or a Microsoft Support Engineer within 1 business day is acceptable. Please note that each follow up response may take approximately 2 business days as the support professional working with you may need further investigation to reach the most efficient resolution. The offering is not appropriate for situations that require urgent, real-time or phone-based interactions or complex project analysis and dump analysis issues. Issues of this nature are best handled working with a dedicated Microsoft Support Engineer by contacting Microsoft Customer Support Services (CSS) at http://support.microsoft.com/select/default.aspx?target=assistance&ln=en-us. ================================================== This posting is provided "AS IS" with no warranties, and confers no rights. Thank you for your response.
I know that running managed code using non-Microsoft runtimes is not supported and don't need that kind of support. Note that the only thing I want is to integrate a custom CLI runtime with the loader component (located in ntdll.dll) of the Windows operating system with a custom runtime. The loader integrates the CLR by calling the _CorValidateImage, _CorExeMain and _CorImageUnloading functions of mscoree.dll. These functions are documented in MSDN Library. I believe this is documented because .NET Framework is not a component of Windows XP while the two communicate using this protocol. My problem is that the loader is using mscoree.dll from the system32 directory. I could solve the problem by replacing mscoree.dll with my own implementation and the operating system would interact properly with my implementation. (I've actually tried this.) I however don't want to replace the stock mscoree.dll because it is required by Microsoft .NET Framework and I wouldn't be able to use Microsft .NET Framework on that machine in any process. Furthermore it is an operating system component in Windows Vista that makes it even more difficult to replace. I just want to create some processes using .NET Framework and some other processes using other runtimes. I hope now my explanation was better. What I am looking for is a) either a hooking mechanism that would let me detour (not necessarily using Microsoft Detours) _CorValidateImage and _CorExeMain before they were called b) or somehow communicate Microsoft mscoree.dll to use my own runtime implementation. Kornél Pál Ji Zhou [MSFT] wrote: Show quoteHide quote > Hello Kornél, > > Thanks for using Microsoft Newsgroup Support Service, my name is Ji Zhou > [MSFT] and I will be working on this issue with you. > > From your description, I think the demand is that we are trying to use .NET > Framework runtime loader mscroee.dll to load another CLI implementation. If > my understanding is not correct, please feel free to let me know. > > As far as I know, the .NET mscoree.dll integrates tightly with the .NET > Framework runtime. It can only specify a version of .NET Framework runtime, > but not load another custom CLI implementation. Therefore, in my opinion, > this objective may not be achievable. Based on my experience with Rotor, it > has its own implementation of the runtime shim which knows how to load its > Rotor CLI implementation. Actually, I think each of the CLI implementation > should provide its own runtime shim. So personally speaking, loading custom > runtime using .NET mscoree does not make sense to me. > >>> By replacing mscoree.dll I could take advantage of the loader >>> integration but I don't want to do this as it would make me unable to >>> use Microsoft .NET Framework. > Yes, I sympathize. Many runtimes does not provide some parts of .NET > Framework, like ADO.NET, WinForm, or provide a different implementation. So > when we use that part of .NET assemblies, our application may fail upon > other runtimes. Currently, we can only test the applications use the common > functions of these runtimes. > > By the way, running .NET application upon another third-party CLI > implementation runtime is not supported by Microsoft Support Service. > Thanks for your understanding on this because there are too much third > party runtimes with different implementations. > > > Best regards, > Ji Zhou (v-j***@online.microsoft.com, remove 'online.') > Microsoft Online Community Support > > Delighting our customers is our #1 priority. We welcome your comments and > suggestions about how we can improve the support we provide to you. Please > feel free to let my manager know what you think of the level of service > provided. You can send feedback directly to my manager at: > msd***@microsoft.com. > > ================================================== > Get notification to my posts through email? Please refer to > http://msdn.microsoft.com/en-us/subscriptions/aa948868.aspx#notifications. > > Note: The MSDN Managed Newsgroup support offering is for non-urgent issues > where an initial response from the community or a Microsoft Support > Engineer within 1 business day is acceptable. Please note that each follow > up response may take approximately 2 business days as the support > professional working with you may need further investigation to reach the > most efficient resolution. The offering is not appropriate for situations > that require urgent, real-time or phone-based interactions or complex > project analysis and dump analysis issues. Issues of this nature are best > handled working with a dedicated Microsoft Support Engineer by contacting > Microsoft Customer Support Services (CSS) at > http://support.microsoft.com/select/default.aspx?target=assistance&ln=en-us. > ================================================== > This posting is provided "AS IS" with no warranties, and confers no rights. > Hello Kornel,
Glad to hear again from you. How was your Christmas and New Year? Hope my greetings not to late: wish you always good luck in the 2009! Yes, I can understand your points and I intend to help. However, my opinion is still the same, b). We can only let the Microsoft mscoree.dll bind to different CLR versions instead of custom CLI implementation. We document the _CorValidateImage and _CorExeMain as references for others to write the custom shim, as you already achieved to do. There are some information regarding to this in MSDN, http://msdn.microsoft.com/en-us/magazine/cc163567.aspx http://msdn.microsoft.com/en-us/magazine/cc301479.aspx a). At least the Detour and API hook should not be a topic in this dotnet.framework queue. And honestly speaking, I did not have experience with Detou before. But based on my understanding, every CLI runtime should already provide a corresponding integrated runtime shim like mscoree.dll. So I am not sure if it is a good idea and should be encouraged to hook functions in the Microsoft mscoree.dll to make it load custom runtime. That should not be as per the original design specs. At this time, all that I can help is consulting this in some internal discussion groups, in which there are many experts on CLR and Detour. Wish we can get any suggestion or idea from them. If any, I will update you immediately. Thank you very much for your understanding. Best regards, Colbert Zhou (colbe***@online.microsoft.com, remove 'online.') Microsoft Online Community Support Delighting our customers is our #1 priority. We welcome your comments and suggestions about how we can improve the support we provide to you. Please feel free to let my manager know what you think of the level of service provided. You can send feedback directly to my manager at: msd***@microsoft.com. Hello Kornel,
I got some suggestions from the internal Detour Discussion as follows. At the point that you has called CreateProcess with the CREATE_SUSPENDED flag, you can edit the PE header and imports table of the target .exe in the target process so that 1) the Windows loader doesn't immediately recognize the PE as a CLR PE 2) modify the imports to bring in whatever runtime you want. You can look at the DetourCreateProcesssWithDll code in Detours Express 2.1 for an example of how that might be done. You can download the Detours Express 2.1 from this link http://research.microsoft.com/en-us/projects/detours/ Best regards, Colbert Zhou (colbe***@online.microsoft.com, remove 'online.') Microsoft Online Community Support Delighting our customers is our #1 priority. We welcome your comments and suggestions about how we can improve the support we provide to you. Please feel free to let my manager know what you think of the level of service provided. You can send feedback directly to my manager at: msd***@microsoft.com. This posting is provided "AS IS" with no warranties, and confers no rights. Thank you very much for this solution. Unfortunately the license terms
of Detours don't fit my needs and I'm not willing to purchase the professional version for this sample but the idea of modifying the PE header not to be a CLR PE perfectly fits my needs. Thank you very much again. Kornél Colbert Zhou [MSFT] wrote: Show quoteHide quote > Hello Kornel, > > I got some suggestions from the internal Detour Discussion as follows. > > At the point that you has called CreateProcess with the CREATE_SUSPENDED > flag, you can edit the PE header and imports table of the target .exe in > the target process so that > > 1) the Windows loader doesn't immediately recognize the PE as a CLR PE > 2) modify the imports to bring in whatever runtime you want. > > You can look at the DetourCreateProcesssWithDll code in Detours Express 2.1 > for an example of how that might be done. You can download the Detours > Express 2.1 from this link > http://research.microsoft.com/en-us/projects/detours/ > > > Best regards, > Colbert Zhou (colbe***@online.microsoft.com, remove 'online.') > Microsoft Online Community Support > > Delighting our customers is our #1 priority. We welcome your comments and > suggestions about how we can improve the support we provide to you. Please > feel free to let my manager know what you think of the level of service > provided. You can send feedback directly to my manager at: > msd***@microsoft.com. > > This posting is provided "AS IS" with no warranties, and confers no rights. > Glad to hear that the suggestion addresses your requirement. So I am
closing this thread in my side. Thanks again for using our Newsgroup Online Support and Service. Good day! Best regards, Colbert Zhou (colbe***@online.microsoft.com, remove 'online.') Microsoft Online Community Support  
Other interesting topics
Graphic library in native .NET ?
operator overload for generic methods so I can do == and ++ How to find objects using Name property Linq LoadOptions problem string.StartsWith very, very slow. How suddenly? Can I install Client Profile by installing DotNetFx??Client_Packag dotnet 3.0 installed? Rotating Image HttpWebRequest issue HDD Drive light stays on |
|||||||||||||||||||||||
