Gaining access to full Windows APIs (VirtualProtect) from Metro apps

[EdSherriff]

I'm hoping an app developer can resolve this tricky question.

It's already been much complained about that although the Win32 APIs are distributed in Windows 8 and RT, Metro apps can only access a limited number of them. Crucially this list does not include functions like VirtualProtect() and VirtualAlloc() which are considered essential for the development of JIT compilers (they allow code written to data areas to be executed). This effectively prevents the development of among other things high performance third party internet browsers.

However I recently stumbled upon this blog post while discussing this problem with m.k. (developer of SNES8X and VBA8) as it is of great import when considering dynamic binary translation ("dynarec") in emulators. The author of the blog post claims that it's possible to gain access to these APIs without modifying the OS in any way just by using a C# library and still passing certification. I would be interested in the opinions of any W8/RT/WP8 developers on whether this is indeed practical, whether it is applicable just to x86 Windows 8 or can be applied to Windows RT or even (dare I say it) Windows Phone 8. I currently don't have access to a Windows 8 machine to try this on (I'm holding out until the Surface Pro is released in Europe) so I'm hoping a developer who understands this issue and its importance can help out?

 

[ChMar]

You cant access those API. And the idea that this prevent access to writing performing browser is a lie. There is an entire document outlining how a browser should be made for windows 8 and that document is clearly describing how a browser(only a browser) can do JIT and have access to a larger API than normal metro counterpart(through COM objects).

The workaround works but your app may still fail to pass MS store certifications. And using this method you will need your own compiler for both x86 and ARM platforms. Very few apps needs this and if found out will surely get banned from the store.

 

[EdSherriff]

Thanks for the reply. Just to clarify you're certain that JIT cannot be done for either virtualisation or dynamic binary translation purposes?

I also found the blog post is cited in this stack overflow discussion on the subject. The thread isn't completely conclusive on the matter, as there is also mention of MS' strong support for language projections, but I failed to see how this was relevant to the use of JIT for getting a language into WinRT. Also the final comment citing the app certification requirement is quite concerning. Saying that it is not permissible to "execute" a remote script, this is quite a broad term, surely any change in program behavior in response to an external file input could be termed "execution"?

 

[ChMar]

Thanks for the reply. Just to clarify you're certain that JIT cannot be done for either virtualisation or dynamic binary translation purposes?

I also found the blog post is cited in this stack overflow discussion on the subject. The thread isn't completely conclusive on the matter, as there is also mention of MS' strong support for language projections, but I failed to see how this was relevant to the use of JIT for getting a language into WinRT. Also the final comment citing the app certification requirement is quite concerning. Saying that it is not permissible to "execute" a remote script, this is quite a broad term, surely any change in program behavior in response to an external file input could be termed "execution"?

No JIT in normal metro apps. But why will you need it anyway? I can imagine some apps needing this but not 99.9% of apps. Browsers as mentioned get preferential treatment and can do JIT. I don't see the need for JIT for tablet/phone apps. I mean why does a social app or news app need such thing(and they are the majority of apps category)?

The projection means just that you can consume and author WinRT components in any kind of language. This is not new we had this since COM days only now the idea has got more refined(more metadata for your objects).

That thing about executing external code is very important. Otherwise you just kill any kind of security and allow for exploits. Users don't read the permissions for apps anyhow and allowing unrestricted external code execution will mean the paradise for malware.

 

[EdSherriff]

No JIT in normal metro apps. But why will you need it anyway? I can imagine some apps needing this but not 99.9% of apps. Browsers as mentioned get preferential treatment and can do JIT. I don't see the need for JIT for tablet/phone apps. I mean why does a social app or news app need such thing(and they are the majority of apps category)?

The projection means just that you can consume and author WinRT components in any kind of language. This is not new we had this since COM days only now the idea has got more refined(more metadata for your objects).

That thing about executing external code is very important. Otherwise you just kill any kind of security and allow for exploits. Users don't read the permissions for apps anyhow and allowing unrestricted external code execution will mean the paradise for malware.

As is mentioned in the stack overflow article this also creates an issue with interpreters, although an app that can run external code within an interpreter can apparently pass certification (there are quite a few emulators in the Windows store), it doesn't meet that certification requirement. I am currently interested in developing an emulator targeting RT/WP8 platforms so I am investigating what avenues are open in terms of optimisation, dynarec is of course the go to choice for most projects but if what you are saying is true there's no point even going down that route. There are obviously other avenues, namely assembly (linking to object files generated by a suitable ARM assembler) which I would be comfortable pursuing if my current C based interpreted core is not fast enough.

I understand the security implications of the certification rule but I would have thought traditional memory protection and privileges could go a long way against malicious apps. I also appreciate emulation is a massive grey area for the platform in general.

 

[illidanx]

JIT is coming back to universal app on w10
Universal Windows Platform | Build 2015 | Channel 9