PPL process inside a Server Silo

[smallmodel]

Description of the feature, modification, idea or suggestion

Hello,

Would it be possible to ignore PPL process check if the target process is running inside a Server Silo? It would make sense as processes running inside a server silo are isolated and are inferior to host processes.

Proposed implementation details (optional)

There is PsGetThreadSilo/PsGetProcessServerSilo/PsIsProcessInSilo

[smallmodel]

Proposed patch: ppl_silo.patch

It would also prevent the calling process running inside a server silo from interfering with processes from other server silos (or the host silo).

To test with Docker Desktop: docker run --rm -ti --isolation process mcr.microsoft.com/windows/nanoserver:2022 and then terminate the newly created csrss.exe that is running inside a server silo.

[jxy-s]

Thank you for the suggestion and patch. This deserves some careful consideration. If the operating system expects to enforce PPL domination between silos I'm unsure we can accept such a patch. If we are to ignore PPL domination in this circumstance, we need to be very certain with this statement:

processes running inside a server silo are isolated and are inferior to host processes