Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Kernel security check failure - on load #18

Open
DebugBuggin opened this issue Nov 18, 2018 · 2 comments
Open

Kernel security check failure - on load #18

DebugBuggin opened this issue Nov 18, 2018 · 2 comments

Comments

@DebugBuggin
Copy link

trying to test in vmware 14 windows 10 1709 and I get "Kernel security check" failure which I believe maybe patchguard causing the crash?? rebooted and tried twice, happens every time
@coltonon
Copy link

coltonon commented Dec 3, 2018

Same issue, 1809.

@w3lld0ne
Copy link
Contributor

w3lld0ne commented Mar 13, 2019
edited
Loading

at least one of the problems that may cause this BSOD is RtlRestoreContext() function.

since Win10 build 15063 it calls KeCheckStackAndTargetAddress(), which checks both current rsp and context rsp to be in the range of PsGetCurrentThread's stack limits. and since DarthTon's exit handler uses it (while his handler works with custom allocated memory region for rsp), the check for current rsp fails and gives BSOD.

try to replace RtlRestoreContext() to something else, or write your own function just as SimpleVisor did.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@w3lld0ne @coltonon @DebugBuggin