[tfaber] 74447: [NTOS:MM] - When mapping a view of the physical memory section, don't check for BaseAddress/SectionOffset alignment. Instead, prevent user mode mappings of views beyond the highest ... - Ros-diffs

2 May 2017

Author: tfaber
Date: Tue May  2 11:11:39 2017
New Revision: 74447
URL: http://svn.reactos.org/svn/reactos?rev=74447&view=rev
Log:
[NTOS:MM]
- When mapping a view of the physical memory section, don't check for BaseAddress/SectionOffset alignment. Instead, prevent user mode mappings of views beyond the highest physical page. Fixes flakiness in kmtest:MmSection
CORE-13113 #resolve
Modified:
    trunk/reactos/ntoskrnl/mm/ARM3/section.c
Modified: trunk/reactos/ntoskrnl/mm/ARM3/section.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/mm/ARM3/section.c?...
==============================================================================

--- trunk/reactos/ntoskrnl/mm/ARM3/section.c	[iso-8859-1] (original)
+++ trunk/reactos/ntoskrnl/mm/ARM3/section.c	[iso-8859-1] Tue May  2 11:11:39 2017
@@ -3689,24 +3689,36 @@
         return Status;
     }
-    if (!(AllocationType & MEM_DOS_LIM))
+    if (MiIsRosSectionObject(Section) &&
+        (Section->AllocationAttributes & SEC_PHYSICALMEMORY))
+    {
+        if (PreviousMode == UserMode &&
+            SafeSectionOffset.QuadPart + SafeViewSize > MmHighestPhysicalPage << PAGE_SHIFT)
+        {
+            DPRINT1("Denying map past highest physical page.\n");
+            ObDereferenceObject(Section);
+            ObDereferenceObject(Process);
+            return STATUS_INVALID_PARAMETER_6;
+        }
+    }
+    else if (!(AllocationType & MEM_DOS_LIM))
     {
         /* Check for non-allocation-granularity-aligned BaseAddress */
         if (SafeBaseAddress != ALIGN_DOWN_POINTER_BY(SafeBaseAddress, MM_VIRTMEM_GRANULARITY))
         {
-           DPRINT("BaseAddress is not at 64-kilobyte address boundary.");
-           ObDereferenceObject(Section);
-           ObDereferenceObject(Process);
-           return STATUS_MAPPED_ALIGNMENT;
+            DPRINT("BaseAddress is not at 64-kilobyte address boundary.\n");
+            ObDereferenceObject(Section);
+            ObDereferenceObject(Process);
+            return STATUS_MAPPED_ALIGNMENT;
         }
/* Do the same for the section offset */
         if (SafeSectionOffset.LowPart != ALIGN_DOWN_BY(SafeSectionOffset.LowPart, MM_VIRTMEM_GRANULARITY))
         {
-           DPRINT("SectionOffset is not at 64-kilobyte address boundary.");
-           ObDereferenceObject(Section);
-           ObDereferenceObject(Process);
-           return STATUS_MAPPED_ALIGNMENT;
+            DPRINT("SectionOffset is not at 64-kilobyte address boundary.\n");
+            ObDereferenceObject(Section);
+            ObDereferenceObject(Process);
+            return STATUS_MAPPED_ALIGNMENT;
         }
     }

    