Skip to content

Skip SetupDi device discovery if Win32k system calls are disabled#28535

Open
shiyi9801 wants to merge 3 commits into
microsoft:mainfrom
shiyi9801:skip_setup_api_if_win32k_lockdown
Open

Skip SetupDi device discovery if Win32k system calls are disabled#28535
shiyi9801 wants to merge 3 commits into
microsoft:mainfrom
shiyi9801:skip_setup_api_if_win32k_lockdown

Conversation

@shiyi9801
Copy link
Copy Markdown
Contributor

@shiyi9801 shiyi9801 commented May 18, 2026
edited
Loading

Description

Skip SetupDi device discovery when Win32k system calls are disabled. SetupDiGetClassDevs depends on win32k.sys and will crash with an SEH exception that cannot be caught by C++ try/catch.

00 0000004f`545fb2b0 00007ffa`a47a8911     KERNELBASE!RaiseException+0x8a
01 0000004f`545fb3b0 00007ffa`a47e014d     SETUPAPI!_delayLoadHelper2+0x521
02 0000004f`545fb460 00007ffa`a479e1af     SETUPAPI!_tailMerge_user32_dll+0x3f
03 0000004f`545fb4d0 00007ffa`a479d791     SETUPAPI!IsInteractiveWindowStation+0x113
04 0000004f`545fb560 00007ffa`a479d484     SETUPAPI!AllocateDeviceInfoSet+0x121
05 0000004f`545fb5c0 00007ffa`a479c6bd     SETUPAPI!SetupDiCreateDeviceInfoListExW+0x74
06 0000004f`545fb870 00007ffa`a479c2d6     SETUPAPI!SetupDiGetClassDevsExW+0x1ed
07 0000004f`545fb8f0 00007ff9`b6d12a72     SETUPAPI!SetupDiGetClassDevsA+0x76
08 0000004f`545fb960 00007ff9`b6d10aeb     onnxruntime!onnxruntime::`anonymous namespace'::GetDeviceInfoSetupApi+0x1a2

Motivation and Context

WebNN is migrating ORT graph compilation to a sandboxed process with PROCESS_MITIGATION_SYSTEM_CALL_DISABLE_POLICY.DisallowWin32kSystemCalls enabled. This prevents kernel-mode system calls through win32k.sys for security hardening.

This change has no effect on normal (unsandboxed) processes.

@shiyi9801
Copy link
Copy Markdown
Contributor Author

shiyi9801 commented May 18, 2026

@skottmckay @fdwr Could you please take a look? thanks!

/cc @huningxin @RafaelCintron

fdwr
fdwr reviewed May 18, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@fdwr fdwr left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There's some context missing from the description:

  • Which process in Chrome is being executed here that disables win32k calls?
  • Does it disable a subset of calls or all calls, deferring to other processes to all win32 calls?

Otherwise the change looks fine to me, except small naming.

Comment thread onnxruntime/core/platform/windows/device_discovery.cc Outdated
shiyi9801 and others added 2 commits May 19, 2026 10:25
@shiyi9801 @fdwr
Apply suggestions from code review
e045ab2 
Co-authored-by: Dwayne Robinson <fdwr@hotmail.com>
@shiyi9801
Update device_discovery.cc
02ea619
@shiyi9801
Copy link
Copy Markdown
Contributor Author

shiyi9801 commented May 19, 2026

There's some context missing from the description: which process in Chrome is being executed here that disables win32k calls? Does it disable a subset of calls or all calls, deferring to other processes to all win32 calls?

Updated the description, @fdwr please take another look, thanks!

fdwr
fdwr approved these changes May 20, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@fdwr fdwr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@fdwr fdwr fdwr approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@shiyi9801 @fdwr