Skip to content

SYSCALL_ROADMAP.md

Latest commit

 

History

History
198 lines (148 loc) · 5.84 KB

SYSCALL_ROADMAP.md

File metadata and controls

198 lines (148 loc) · 5.84 KB

LSW Syscall Implementation Roadmap

Target: Basic GUI Apps (Notepad++ Portable)

Current Status: 19 syscalls implemented (Phase 1 Complete)
Next Target: 50 syscalls (Phase 2 - Basic GUI Support)
Test Application: Notepad++ Portable

Already Implemented (19 syscalls)

Memory Management

  • ✅ NtAllocateVirtualMemory
  • ✅ NtFreeVirtualMemory
  • ✅ NtReadVirtualMemory
  • ✅ NtProtectVirtualMemory
  • ✅ NtQueryVirtualMemory

File I/O

  • ✅ NtCreateFile
  • ✅ NtReadFile
  • ✅ NtWriteFile
  • ✅ NtClose

Process/Thread Management

  • ✅ NtCreateProcess
  • ✅ NtCreateThreadEx
  • ✅ NtTerminateProcess
  • ✅ NtQuerySystemInformation

Synchronization

  • ✅ NtCreateEvent
  • ✅ NtSetEvent
  • ✅ NtWaitForSingleObject
  • ✅ NtCreateMutant
  • ✅ NtReleaseMutant

DLL Loading

  • ✅ NtLoadDriver (DLL loading support)

Next 31 Syscalls (Priority Order)

Critical for Basic Apps (Priority 1 - Do First)

Process/Thread Management (5)

  1. NtQueryInformationProcess - Get process info (PID, memory usage, etc.)
  2. NtQueryInformationThread - Get thread info (TID, state, etc.)
  3. NtOpenProcess - Open handle to existing process
  4. NtResumeThread - Resume suspended thread
  5. NtSuspendThread - Suspend thread execution

File System (8)

  1. NtOpenFile - Open existing file (vs create new)
  2. NtDeleteFile - Delete file
  3. NtQueryInformationFile - Get file metadata (size, dates, attributes)
  4. NtSetInformationFile - Set file attributes
  5. NtQueryDirectoryFile - List directory contents
  6. NtCreateDirectory - Create directory/folder
  7. NtQueryVolumeInformationFile - Get volume/drive info
  8. NtFlushBuffersFile - Flush file buffers to disk

Memory/Sections (4)

  1. NtCreateSection - Create shared memory section
  2. NtMapViewOfSection - Map section into process memory
  3. NtUnmapViewOfSection - Unmap section from memory
  4. NtQuerySection - Query section information

Synchronization (5)

  1. NtWaitForMultipleObjects - Wait on multiple handles
  2. NtCreateSemaphore - Create semaphore
  3. NtReleaseSemaphore - Release semaphore
  4. NtCreateTimer - Create timer object
  5. NtSetTimer - Set timer

Important for GUI (Priority 2 - Do Second)

Handles/Objects (4)

  1. NtDuplicateObject - Duplicate handle
  2. NtClose (enhance) - Better handle cleanup
  3. NtQueryObject - Query object information
  4. NtSetInformationObject - Set object attributes

Time/Performance (3)

  1. NtQueryPerformanceCounter - High-resolution timer
  2. NtDelayExecution - Sleep/delay (NtSleep)
  3. NtYieldExecution - Yield CPU to other threads

Registry Support (Priority 3 - Stub for Now)

Registry (6 - Can be stubbed initially)

  1. NtCreateKey - Create/open registry key (stub)
  2. NtOpenKey - Open existing registry key (stub)
  3. NtSetValueKey - Set registry value (stub)
  4. NtQueryValueKey - Get registry value (stub)
  5. NtEnumerateKey - List registry keys (stub)
  6. NtDeleteKey - Delete registry key (stub)

Note: Registry can be stubbed to return defaults/empty values initially. Most apps will work fine. Full registry implementation can come later.

Exception Handling (Priority 4 - Minimal for Now)

Exceptions (2 - Basic stubs)

  1. NtRaiseException - Raise exception (stub for now)
  2. NtContinue - Continue after exception (stub)

Note: Basic exception handling can be stubbed. Full SEH (Structured Exception Handling) is complex and can wait.

Implementation Strategy

Week 1: Priority 1 (Critical - 17 syscalls)

  • Day 1-2: Process/Thread (5) + File System (8)
  • Day 3: Memory/Sections (4)
  • Day 4: Test with simple console apps
  • Day 5: Synchronization (5)
  • Day 6-7: Test and debug

Week 2: Priority 2 + 3 (GUI + Registry - 13 syscalls)

  • Day 1-2: Handles/Objects (4) + Time (3)
  • Day 3: Registry stubs (6)
  • Day 4: Exception stubs (2)
  • Day 5-7: Test with Notepad++ Portable

Expected Outcomes

  • After Week 1: Console apps, simple utilities working
  • After Week 2: GUI apps like Notepad++, Calculator, basic editors working

Test Progression

  1. Syscall 1-25: hello.exe, test.exe, cmd.exe
  2. Syscall 26-40: notepad.exe, calc.exe
  3. Syscall 41-50: notepad++.exe portable, simple GUI apps

Linux Syscall Mappings (Many are Easy!)

NT Syscall Linux Equivalent Difficulty
NtOpenFile open() Easy
NtDeleteFile unlink() Easy
NtQueryInformationFile fstat() Easy
NtSetInformationFile fchmod(), futimens() Medium
NtQueryDirectoryFile getdents64() Medium
NtCreateDirectory mkdir() Easy
NtCreateSection shmget() or memfd_create() Medium
NtMapViewOfSection mmap() Easy
NtQueryPerformanceCounter clock_gettime() Easy
NtDelayExecution nanosleep() Easy
NtDuplicateObject dup() Easy

Most map 1:1 to Linux! That's why Wine took so long - they reverse-engineered. We just read the specs and map to Linux properly.

Success Metrics

  • ✅ 50 syscalls implemented
  • ✅ Notepad++ Portable launches
  • ✅ Can open, edit, save files
  • ✅ Menus work
  • ✅ No crashes

Timeline: 2 weeks of focused work
Wine's equivalent: 5+ years
Advantage: We work at kernel level with documentation

Notes

  • Registry can be stubbed - most apps don't require it to function
  • Exception handling can be minimal - just don't crash
  • Focus on file I/O and process management first
  • Test continuously with real apps
  • Each syscall implemented CORRECTLY, not guessed

Let's get to 50 and prove LSW can run real Windows apps! 🏴‍☠️

Generated: 2025-12-30
Project: LSW (Linux Subsystem for Windows)
License: BFSL v1.2
Copyright © 2025 BarrerSoftware