Some tips to optimize the library

everdox / InfinityHook

Hook system calls, context switches, page faults and more.

2.42k stars 498 forks source link

Some tips to optimize the library #15

Open TanakaYasen opened 4 years ago

TanakaYasen commented 4 years ago

would you like to restore _WMI_LOGGER_CONTEXT::GetCpuClock in IfhRelease as a complete release.

I haven't tried yet though, is there a need to scan stack by INFINITYHOOK_MAGIC_1 INFINITYHOOK_MAGIC_2 every time enter syscall. AFAIK it hurts perfermance to some extent. or maybe when enter KiSystemCall64 , address of [rsp+138h+Var_f8] is a fixed offset to PVOID* StackMax = (PVOID*)__readgsqword(OFFSET_KPCR_RSP_BASE) .

SpriteOvO commented 4 years ago

would you like to restore _WMI_LOGGER_CONTEXT::GetCpuClock in IfhRelease as a complete release.

Restarting the CKCL session will restore the GetCpuClock pointer to its original value, so there is no need to restore it manually.