简体繁体 English

有没有办法让Windows 64位上的应用程序在64位和32位仿真层下执行代码？

[英]Is there a way for application on Windows 64 bit to execute code both under 64 bit and 32 bit emulation layer?

原文 2010-11-26 17:20:06 1 4 windows/ 32bit-64bit/ setwindowshookex

I am interested whether I can write an application which will be able to call some code without emulation layer and some code inside of 32 bit emulation layer. 我感兴趣的是我是否可以编写一个能够在没有仿真层的情况下调用某些代码的应用程序以及32位仿真层内部的一些代码。

The main reason for that is that I will need to use API SetWindowHook and I want to set hook both for 64 bit and 32 bit applications. 主要原因是我需要使用API SetWindowHook，我想为64位和32位应用程序设置挂钩。

Sure, I can create 2 application (one for 32 bit and another for 64 bit) and launch them simultaneously. 当然，我可以创建2个应用程序（一个用于32位，另一个用于64位）并同时启动它们。 However, I will need more code to manage them (start, stop, upgrade and etc). 但是，我需要更多代码来管理它们（启动，停止，升级等）。

So, I am looking whether it's possible at all to have one application. 所以，我正在寻找是否可以拥有一个应用程序。

The only idea which I have is to have one application and 2 COM DLL's (32bit and 64bit) and use a surrogate process to run code of 32 bit. 我唯一的想法是拥有一个应用程序和2个COM DLL（32位和64位）并使用代理进程来运行32位代码。 However, it will require some additional COM wrappers and so on. 但是，它需要一些额外的COM包装器等等。

4 个解决方案

I cannot suggest a better way of doing it but what I can do is give you the source to a simple hook-based tool which does exactly the same kind of thing. 我不能建议一个更好的方法，但我能做的就是给你一个简单的基于钩子的工具的源，它完成同样的事情。 Feel free to the bits that are useful to you: 随意使用对您有用的位：

http://www.pretentiousname.com/NoBarTab/NoBarTab_poc3.zip http://www.pretentiousname.com/NoBarTab/NoBarTab_poc3.zip

(If this URL breaks in the future, just go up a level; it'd probably because I've finished it and put a real page up for the tool and its source.) （如果此URL在将来中断，只需上升一级;这可能是因为我已经完成它并为该工具及其来源提供了真实的页面。）

It's a VS2010 C++ project but should be easy to compile in older IDEs. 这是一个VS2010 C ++项目，但应该很容易在旧的IDE中编译。 (Writing this actually put me off using VS2010 any further for now, heh.) （写这个实际上让我暂时不再使用VS2010了，呵呵。）

Obviously, if you use it, please rename any window classes and binary names to avoid conflicts with my tool. 显然，如果你使用它，请重命名任何窗口类和二进制名称，以避免与我的工具冲突。 (Anything with "NoBarTab" in the name.) （名称中包含“NoBarTab”的任何内容。）

FWIW, this is a tool I started writing a few weeks ago but haven't got around to finishing. FWIW，这是我几周前开始写的一个工具，但还没有完成。 The hooking part is finished, though. 然而，挂钩部分已经完成。 It hooks window creation so that it can, for specific processes, remove tabs from the Windows 7 taskbar. 它挂钩窗口创建，以便它可以针对特定进程从Windows 7任务栏中删除选项卡。 (I hate the way that feature is used by VMware, in particular.) I was going to release the source code anyway when I finished it... （我讨厌VMware特别使用该功能的方式。）当我完成它时，无论如何我都会发布源代码...

The 32/64-bit hooking part is all done. 32/64位挂钩部分全部完成。 The only thing I haven't got around to is adding a config UI so you can specify which processes it should care about, but that's not important for what you are doing. 我唯一没有做的就是添加一个配置UI，这样你就可以指定它应该关注哪些进程，但这对你正在做的事情并不重要。

(I should say that the way I remove tabs from the Win7 taskbar is a complete hack and might break with future versions of Windows. There's no documented way to do that so I had to settle on a nasty kludge. The actual hooking code that you'd be interested in is all "proper", though.) （我应该说，我从Win7任务栏中删除选项卡的方式是一个完整的黑客攻击，可能会破坏未来的Windows版本。没有记录的方法可以做到这一点，所以我不得不解决一个讨厌的问题。你实际的挂钩代码但是，有兴趣的是所有“适当的”。）

Also, I made it so that almost all of the real logic is within the main 64-bit exe. 此外，我做到了这一点，几乎所有真正的逻辑都在主64位exe内。 The 32-bit EXE just exists to install the 32-bit hook DLL and both the 32-bit and 64-bit hook DLLs just post a message to the main 64-bit exe's hidden window. 32位EXE只是用于安装32位挂钩DLL，而32位和64位挂钩DLL只是将消息发布到主64位exe的隐藏窗口。 Whether that is suitable for what you're doing I leave to you to decide, but I figure it probably fits with your desire to have everything in one place as much as possible. 这是否适合您正在做的事情我会留给您决定，但我认为这可能符合您希望尽可能将所有内容放在一个地方的愿望。

Hope it's useful! 希望它有用！

SetWinEventHook is a higher-level hooking API which handles the 32-bit/64-bit stuff for you. SetWinEventHook是一个更高级别的挂钩API，可以为您处理32位/ 64位内容。 This came up in the answers to another question today and I thought it'd be worth mentioning here in case that solved your problem. 这出现在今天另一个问题的答案中，我认为在这里值得一提，以防万一解决了你的问题。 Full credit to @atzz for his answer over there. 完全赞同@atzz在那里的回答。

Whether or not SetWinEventHook is as suitable to you as the lower-level SetWindowsHookEx will depend on exactly what you're doing. SetWinEventHook是否适合您和较低级别的SetWindowsHookEx将取决于您正在做什么。 (In my case, I could probably re-write the NoBarTab code in my other answer to use the more simple API. Haven't looked in detail yet, though.) （在我的情况下，我可能会在我的其他答案中重新编写NoBarTab代码以使用更简单的API。但是还没有仔细查看过。）

The biggest reason for the emulation layer is that your 64-bit code is going to have a larger address space. 仿真层的最大原因是您的64位代码将具有更大的地址空间。 Say, for example, you have data addressed at 0x12345678aa000000. 例如，假设您的数据地址为0x12345678aa000000。 If you pass that pointer straight to 32-bit code, it will get truncated to 32-bit address space. 如果将该指针直接传递给32位代码，它将被截断为32位地址空间。 That is, to say, that the high-order 32 bits get removed. 也就是说，高阶32位被删除。 So the address to your data looks like 0x00000000aa000000 to your 32-bit code. 因此，对于32位代码，数据的地址看起来像0x00000000aa000000。 This is clearly a completely different area and not what you intended. 这显然是一个完全不同的领域而不是你想要的。

Yes, it's possible. 是的，这是可能的。 No you shouldn't do it unless you're extremely experience with x86 and x64 assembly, and have access to the 32-bit source code to ensure that it knows that its actually running in 64-bit space and also have access to 64-bit code to ensure that all of the data it passes to the 32-bit code is only in the 32-bit address range. 不，你不应该这样做，除非你非常熟悉x86和x64程序集，并且可以访问32位源代码，以确保它知道它实际上在64位空间运行并且还可以访问64-位代码，以确保它传递给32位代码的所有数据仅在32位地址范围内。

No, executing 32-bit code without the emulation layer is undesirable unless you are trying to make an UBER UGLY hack. 不，除非您尝试制作UBER UGLY hack，否则执行不带仿真层的32位代码是不可取的。

我认为你唯一的希望是通过进程外COM来做这件事，因为每个进程必须全部是32位或全部是64位。