Itch.io Launcher is missing in overlay exceptions

[Kissaki]

The website itch.io is a distributor of indie games. It also provides a launcher itch.exe, which is not currently in the default/known launchers overlay exception list.

I did add it manually, but the overlay does not show. Adding the game to the whitelist, it still does not show when launching from the launcher. However, when launching the game exe directly, the overlay display (with the whitelist entry).

itch.exe spawns isolate.exe, which in turn spawns conhost.exe and the game exe.

Tested with "Compound", a unity game, compound.exe.

I don't know yet how the isolation works, and if that prevents us from displaying the overlay.

---

• [x] Add itch.exe launcher to known launchers
• [ ] Support sandbox mode

[Kissaki]

[8888] M:ExcludeCheck: using 'launcher filter' exclusion mode...
[8888] M:ExcludeCheck: Unable to find parent. Process allowed.
[8888] M:ExcludeCheck: No matching overlay exclusion rule found. Overlay disabled.

It seems the itch launcher spawns the process without a process parent, so we can't use the launcher filter for it.

It actually logs that 8 times on the same process, as well as 8 ProcDetach.

[Kissaki]

Process Explorer does display the tree as if it were parent. But that may be because it saw it spawn, or something.

I asked for info from itch, as the manual did not contain info on the isolation process https://github.com/itchio/itch/issues/1196

Anyway, maybe we add the launcher exe no matter what, as it is a valid launcher that we would like to handle if we were able to identify it as a parent?

[mkrautz]

I haven't looked into this yet, but does itch.io's launcher use a default path? Or does it register its paths in the registry?

If nothing else, we could add registry fetchers into the syntax for "whitelisted paths". That way, we could add something like $reg(HKCU/Software/Itch.io/Launcher/LibraryDir) to the defaults for that.

[Kissaki]

It switched paths on update, in appdata local (…\AppData\Local\itch\app-23.4.0), while the isolate.exe was in appdata roaming. Nothing in the registry (only a sandbox username and password under HKCU).

[Kissaki]

We found https://itch.io/docs/itch/using/sandbox.html documenting the sandbox setting, and that it launches the game as a less privileged user.

isolate.exe is the current user, the game exe compound.exe is on the (sandbox) user account.

[fasterthanlime]

(itch app developer here, just subscribed to this thread)

Note that the isolate.exe + separate user dance only happens for users who have checked the "Enable itch.io sandbox" option (it's opt-in).

I'd love to see working, in order of difficulty:

• Mumble overlay without sandbox
• Mumble overlay with sandbox enabled
• Mumble overlay together with the upcoming itch overlay

The third hasn't shipped yet, but I'd be glad if it was already on your radar! The itch overlay will be provided by https://github.com/itchio/capsule - it can already be built & compiled separately, and if the CAPSULERUN_PATH environment variable is set, itch will already use it to launch games.

I'm curious how Mumble hooking and capsule hooking will work together. I've played with capsule+fraps in the past for example, and it seems like fraps' process injection was overriding the capsule hooks (which are set up on game start).

---

For the sandbox part: is CreateToolHelp32Snapshot the only way to retrieve a parent process ID ? It seems like that call can retrieve a lot more info than just the process tree, so it would make sense for Windows to try and restrict it for processes belong to different users.

The problem might also be coming, not from the separate user, but from the job object logic. This allows isolate to wait until the whole process tree has exited (and to kill the whole tree if killed), rather than just the initial game process (which might just be a launcher, ie. for UE4 games).

Maybe the fact that it's in a separate job object prevents parent process ID lookup? (Maybe that's why conhost.exe appears at some point in Process Explorer?)

---

Packing lots of info in this comment, I'm happy to respond to follow-up questions!

[Kissaki]

Mumble overlay without sandbox

That already works after adding the itch binary as a "launcher".

Mumble overlay together with the upcoming itch overlay

The Mumble overlay works with pretty much anything else there is, so that shouldn't be a problem - from our side.

[mkrautz]

I haven't checked thoroughly, but my guess from reading the isolate code the other day is that our injection method simply isn't sufficient, because of the separate user. We use SetWindowsHookEx hooking WH_CBT events. From my debug output, the overlay DLL never got injected.

[fasterthanlime]

We use SetWindowsHookEx hooking WH_CBT events. From my debug output, the overlay DLL never got injected.

Ah yep, that might totally be it. For capsule (our own overlay provider) I've stayed away from SetWindowsHookEx because I've heard a lot of bad things about it.

Maybe we could look at this the other way around - is there a way for itch to identify Mumble & let it know about a process it just launched ?

[mkrautz]

Right now, we don't have any integration that allows a launcher to ask to inject into a specific process. It might be very useful.

But I think right now we should just try to inject the DLL into the target process, perhaps via CreateRemoteThread, using a stand-alone tool. As far as integration goes, our uiAccess=true privileges might be enough for Mumble to do that itself. Otherwise, we might need do something clever.