Author: akorotaev Date: Wed Jan 2 00:25:47 2008 New Revision: 31541 URL: http://svn.reactos.org/svn/reactos?rev=31541&view=rev Log: Make cache_manager_rewrite compilable again (but not linkable yet): - Use ULONG_PTR for arithmetics - Use aspace.c, verifier and virtual.c from trunk (they have just slight difference from branched ones) - Cast Interlocked* functions to avoid warnings - Fix DPRINTs trying to show non-existent variables Modified: branches/cache_manager_rewrite/cc/cacheman.c branches/cache_manager_rewrite/cc/mdl.c branches/cache_manager_rewrite/cc/pin.c branches/cache_manager_rewrite/mm/anonmem.c branches/cache_manager_rewrite/mm/aspace.c branches/cache_manager_rewrite/mm/mminit.c branches/cache_manager_rewrite/mm/pagefile.c branches/cache_manager_rewrite/mm/pageop.c branches/cache_manager_rewrite/mm/rmap.c branches/cache_manager_rewrite/mm/section.c branches/cache_manager_rewrite/mm/verifier.c branches/cache_manager_rewrite/mm/virtual.c Modified: branches/cache_manager_rewrite/cc/cacheman.c URL: http://svn.reactos.org/svn/reactos/branches/cache_manager_rewrite/cc/cachem… ============================================================================== --- branches/cache_manager_rewrite/cc/cacheman.c (original) +++ branches/cache_manager_rewrite/cc/cacheman.c Wed Jan 2 00:25:47 2008 @@ -16,10 +16,11 @@ /* FUNCTIONS *****************************************************************/ -VOID NTAPI +BOOLEAN NTAPI CcInitializeCacheManager (VOID) { CcInitView (); + return TRUE; } /* Modified: branches/cache_manager_rewrite/cc/mdl.c URL: http://svn.reactos.org/svn/reactos/branches/cache_manager_rewrite/cc/mdl.c?… ============================================================================== --- branches/cache_manager_rewrite/cc/mdl.c (original) +++ branches/cache_manager_rewrite/cc/mdl.c Wed Jan 2 00:25:47 2008 @@ -122,13 +122,16 @@ } /* Use slow path */ - CcMdlWriteCompleteDev (FileOffset, MdlChain, FileObject); + CcMdlWriteCompleteDev (FileObject, FileOffset, MdlChain); } -VOID STDCALL -CcMdlWriteCompleteDev (IN PLARGE_INTEGER FileOffset, - IN PMDL MdlChain, - IN PFILE_OBJECT FileObject) +/* + * @unimplemented + */ +VOID NTAPI +CcMdlWriteCompleteDev (IN PFILE_OBJECT FileObject, + IN PLARGE_INTEGER FileOffset, + IN PMDL MdlChain) { UNIMPLEMENTED; } Modified: branches/cache_manager_rewrite/cc/pin.c URL: http://svn.reactos.org/svn/reactos/branches/cache_manager_rewrite/cc/pin.c?… ============================================================================== --- branches/cache_manager_rewrite/cc/pin.c (original) +++ branches/cache_manager_rewrite/cc/pin.c Wed Jan 2 00:25:47 2008 @@ -45,8 +45,8 @@ PLIST_ENTRY entry; PCACHE_VIEW current = NULL; - DPRINT ("CcMapData(FileObject 0x%p, FileOffset %I64x, Length %d, Wait %d," - " pBcb 0x%p, pBuffer 0x%p)\n", FileObject, FileOffset->QuadPart, Length, Wait, piBcb, pBuffer); + DPRINT ("CcMapData(FileObject 0x%p, FileOffset %I64x, Length %d," + " pBcb 0x%p, pBuffer 0x%p)\n", FileObject, FileOffset->QuadPart, Length, piBcb, pBuffer); ASSERT (FileObject); ASSERT (FileObject->SectionObjectPointer); Modified: branches/cache_manager_rewrite/mm/anonmem.c URL: http://svn.reactos.org/svn/reactos/branches/cache_manager_rewrite/mm/anonme… ============================================================================== --- branches/cache_manager_rewrite/mm/anonmem.c (original) +++ branches/cache_manager_rewrite/mm/anonmem.c Wed Jan 2 00:25:47 2008 @@ -628,7 +628,7 @@ BoundaryAddressMultiple.QuadPart = 0; BaseAddress = (PVOID)PAGE_ROUND_DOWN(PBaseAddress); - RegionSize = PAGE_ROUND_UP(PBaseAddress + PRegionSize) - + RegionSize = PAGE_ROUND_UP((ULONG_PTR)PBaseAddress + PRegionSize) - PAGE_ROUND_DOWN(PBaseAddress); /* @@ -899,7 +899,7 @@ *PRegionSize,FreeType); BaseAddress = (PVOID)PAGE_ROUND_DOWN((*PBaseAddress)); - RegionSize = PAGE_ROUND_UP((*PBaseAddress) + (*PRegionSize)) - + RegionSize = PAGE_ROUND_UP((ULONG_PTR)(*PBaseAddress) + (*PRegionSize)) - PAGE_ROUND_DOWN((*PBaseAddress)); Status = ObReferenceObjectByHandle(ProcessHandle, Modified: branches/cache_manager_rewrite/mm/aspace.c URL: http://svn.reactos.org/svn/reactos/branches/cache_manager_rewrite/mm/aspace… ============================================================================== --- branches/cache_manager_rewrite/mm/aspace.c (original) +++ branches/cache_manager_rewrite/mm/aspace.c Wed Jan 2 00:25:47 2008 @@ -21,7 +21,7 @@ /* GLOBALS ******************************************************************/ static MADDRESS_SPACE KernelAddressSpace; -FAST_MUTEX KernelAddressSpaceLock; +EX_PUSH_LOCK KernelAddressSpaceLock; /* FUNCTIONS *****************************************************************/ @@ -29,21 +29,13 @@ NTAPI MmLockAddressSpace(PMADDRESS_SPACE AddressSpace) { - /* - * Don't bother with locking if we are the first thread. - */ - if (KeGetCurrentThread() == NULL) - { - return; - } - if (AddressSpace->Process) { - ExEnterCriticalRegionAndAcquireFastMutexUnsafe(&AddressSpace->Process->AddressCreationLock); + ExAcquirePushLockExclusive((PEX_PUSH_LOCK)&AddressSpace->Process->AddressCreationLock); } else { - ExEnterCriticalRegionAndAcquireFastMutexUnsafe(&KernelAddressSpaceLock); + ExAcquirePushLockExclusive(&KernelAddressSpaceLock); } } @@ -51,20 +43,13 @@ NTAPI MmUnlockAddressSpace(PMADDRESS_SPACE AddressSpace) { - /* - * Don't bother locking if we are the first thread. - */ - if (KeGetCurrentThread() == NULL) - { - return; - } if (AddressSpace->Process) { - ExReleaseFastMutexUnsafeAndLeaveCriticalRegion(&AddressSpace->Process->AddressCreationLock); + ExReleasePushLock((PEX_PUSH_LOCK)&AddressSpace->Process->AddressCreationLock); } else { - ExReleaseFastMutexUnsafeAndLeaveCriticalRegion(&KernelAddressSpaceLock); + ExReleasePushLock(&KernelAddressSpaceLock); } } @@ -98,11 +83,11 @@ AddressSpace->MemoryAreaRoot = NULL; if (Process) { - ExInitializeFastMutex(&Process->AddressCreationLock); + ExInitializePushLock((PULONG_PTR)&Process->AddressCreationLock); } else { - ExInitializeFastMutex(&KernelAddressSpaceLock); + ExInitializePushLock((PULONG_PTR)&KernelAddressSpaceLock); } if (Process != NULL) { Modified: branches/cache_manager_rewrite/mm/mminit.c URL: http://svn.reactos.org/svn/reactos/branches/cache_manager_rewrite/mm/mminit… ============================================================================== --- branches/cache_manager_rewrite/mm/mminit.c (original) +++ branches/cache_manager_rewrite/mm/mminit.c Wed Jan 2 00:25:47 2008 @@ -113,7 +113,7 @@ */ MiInitPageDirectoryMap(); - BaseAddress = (PVOID)KPCR_BASE; + BaseAddress = (PVOID)KIP0PCRADDRESS; MmCreateMemoryArea(MmGetKernelAddressSpace(), MEMORY_AREA_SYSTEM, &BaseAddress, Modified: branches/cache_manager_rewrite/mm/pagefile.c URL: http://svn.reactos.org/svn/reactos/branches/cache_manager_rewrite/mm/pagefi… ============================================================================== --- branches/cache_manager_rewrite/mm/pagefile.c (original) +++ branches/cache_manager_rewrite/mm/pagefile.c Wed Jan 2 00:25:47 2008 @@ -35,6 +35,11 @@ #pragma alloc_text(INIT, MmInitPagingFile) #endif +PVOID +NTAPI +MiFindExportedRoutineByName(IN PVOID DllBase, + IN PANSI_STRING ExportName); + /* TYPES *********************************************************************/ @@ -740,16 +745,14 @@ } /* Load the diskdump driver. */ - ModuleObject = LdrGetModuleObject(&DiskDumpName); + Status = MmLoadSystemImage(&DiskDumpName, NULL, NULL, 0, (PVOID)&ModuleObject, NULL); if (ModuleObject == NULL) { return(STATUS_OBJECT_NAME_NOT_FOUND); } RtlInitAnsiString(&ProcName, "DiskDumpFunctions"); - Status = LdrGetProcedureAddress(ModuleObject->DllBase, - &ProcName, - 0, - (PVOID*)&MmCoreDumpFunctions); + MmCoreDumpFunctions = MiFindExportedRoutineByName(ModuleObject->DllBase, + &ProcName); if (!NT_SUCCESS(Status)) { ObDereferenceObject(PageFile); Modified: branches/cache_manager_rewrite/mm/pageop.c URL: http://svn.reactos.org/svn/reactos/branches/cache_manager_rewrite/mm/pageop… ============================================================================== --- branches/cache_manager_rewrite/mm/pageop.c (original) +++ branches/cache_manager_rewrite/mm/pageop.c Wed Jan 2 00:25:47 2008 @@ -48,7 +48,7 @@ } if (PageOp->MArea) { - InterlockedDecrementUL(&PageOp->MArea->PageOpCount); + (void)InterlockedDecrementUL(&PageOp->MArea->PageOpCount); } PrevPageOp = MmPageOpHashTable[PageOp->Hash]; if (PrevPageOp == PageOp) @@ -258,7 +258,7 @@ MmPageOpHashTable[Hash] = PageOp; if (MArea) { - InterlockedIncrementUL(&MArea->PageOpCount); + (void)InterlockedIncrementUL(&MArea->PageOpCount); } KeReleaseSpinLock(&MmPageOpHashTableLock, oldIrql); Modified: branches/cache_manager_rewrite/mm/rmap.c URL: http://svn.reactos.org/svn/reactos/branches/cache_manager_rewrite/mm/rmap.c… ============================================================================== --- branches/cache_manager_rewrite/mm/rmap.c (original) +++ branches/cache_manager_rewrite/mm/rmap.c Wed Jan 2 00:25:47 2008 @@ -528,7 +528,7 @@ } if (Process) { - InterlockedExchangeAddUL(&Process->Vm.WorkingSetSize, -PAGE_SIZE); + (void)InterlockedExchangeAddUL(&Process->Vm.WorkingSetSize, -PAGE_SIZE); } return; } Modified: branches/cache_manager_rewrite/mm/section.c URL: http://svn.reactos.org/svn/reactos/branches/cache_manager_rewrite/mm/sectio… ============================================================================== --- branches/cache_manager_rewrite/mm/section.c (original) +++ branches/cache_manager_rewrite/mm/section.c Wed Jan 2 00:25:47 2008 @@ -1058,7 +1058,7 @@ &MemoryArea->Data.SectionData.RegionListHead, Address, &RegionBase); - DPRINT("SegmentOffset %x, SectionOffset %x, Address %x, StartingAddress %x\n", SegmentOffset, SectionOffset, Address, MemoryArea->StartingAddress); + DPRINT("SegmentOffset %x, Address %x, StartingAddress %x\n", SegmentOffset, Address, MemoryArea->StartingAddress); /* * Lock the segment */ @@ -1436,7 +1436,7 @@ PageOp[i]->Status = STATUS_SUCCESS; MmspCompleteAndReleasePageOp(PageOp[i]); } - DPRINT("%x %x %x %x Address 0x%.8X\n", *(PULONG)Address, Region->Protect, Attributes, MemoryArea->StartingAddress + SegmentOffset, Address); + DPRINT("%x %x %x %x Address 0x%.8X\n", *(PULONG)Address, Region->Protect, Attributes, (ULONG_PTR)MemoryArea->StartingAddress + SegmentOffset, Address); return(STATUS_SUCCESS); } else if (IS_SWAP_FROM_SSE(Entry)) Modified: branches/cache_manager_rewrite/mm/verifier.c URL: http://svn.reactos.org/svn/reactos/branches/cache_manager_rewrite/mm/verifi… ============================================================================== --- branches/cache_manager_rewrite/mm/verifier.c (original) +++ branches/cache_manager_rewrite/mm/verifier.c Wed Jan 2 00:25:47 2008 @@ -19,7 +19,7 @@ KMUTANT MmSystemLoadLock; ULONG MiActiveVerifierThunks; -extern LIST_ENTRY ModuleListHead; +extern LIST_ENTRY PsLoadedModuleList; /* PRIVATE FUNCTIONS *********************************************************/ @@ -32,8 +32,8 @@ PAGED_CODE(); /* Loop entries */ - NextEntry = ModuleListHead.Flink; - do + NextEntry = PsLoadedModuleList.Flink; + do { /* Get the loader entry */ LdrEntry = CONTAINING_RECORD(NextEntry, @@ -51,7 +51,7 @@ /* Move on */ NextEntry = NextEntry->Flink; - } while(NextEntry != &ModuleListHead); + } while(NextEntry != &PsLoadedModuleList); /* Return the entry */ return FoundEntry; @@ -164,7 +164,7 @@ if (!LdrEntry) return FALSE; /* Check if we're verifying or not */ - return (LdrEntry->Flags & LDRP_DRIVER_VERIFYING) ? TRUE: FALSE; + return (LdrEntry->Flags & LDRP_IMAGE_VERIFYING) ? TRUE: FALSE; } /* Modified: branches/cache_manager_rewrite/mm/virtual.c URL: http://svn.reactos.org/svn/reactos/branches/cache_manager_rewrite/mm/virtua… ============================================================================== --- branches/cache_manager_rewrite/mm/virtual.c (original) +++ branches/cache_manager_rewrite/mm/virtual.c Wed Jan 2 00:25:47 2008 @@ -19,9 +19,9 @@ NTSTATUS STDCALL NtFlushVirtualMemory(IN HANDLE ProcessHandle, - IN PVOID BaseAddress, - IN ULONG NumberOfBytesToFlush, - OUT PULONG NumberOfBytesFlushed OPTIONAL) + IN OUT PVOID *BaseAddress, + IN OUT PSIZE_T NumberOfBytesToFlush, + OUT PIO_STATUS_BLOCK IoStatusBlock) /* * FUNCTION: Flushes virtual memory to file * ARGUMENTS: @@ -33,241 +33,248 @@ * RETURNS: Status */ { - /* This should be implemented once we support network filesystems */ - DPRINT("NtFlushVirtualMemory is UNIMPLEMENTED\n"); - return(STATUS_SUCCESS); + /* This should be implemented once we support network filesystems */ + DPRINT("NtFlushVirtualMemory is UNIMPLEMENTED\n"); + return(STATUS_SUCCESS); } NTSTATUS STDCALL MiLockVirtualMemory(HANDLE ProcessHandle, - PVOID BaseAddress, - ULONG NumberOfBytesToLock, - PULONG NumberOfBytesLocked, - PObReferenceObjectByHandle pObReferenceObjectByHandle, - PMmCreateMdl pMmCreateMdl, - PObDereferenceObject pObDereferenceObject, - PMmProbeAndLockPages pMmProbeAndLockPages, - PExFreePool pExFreePool) -{ - PEPROCESS Process; - NTSTATUS Status; - PMDL Mdl; - - Status = pObReferenceObjectByHandle(ProcessHandle, - PROCESS_VM_WRITE, - NULL, - UserMode, - (PVOID*)(&Process), - NULL); - if (!NT_SUCCESS(Status)) - return(Status); - - Mdl = pMmCreateMdl(NULL, - BaseAddress, - NumberOfBytesToLock); - if (Mdl == NULL) - { - pObDereferenceObject(Process); - return(STATUS_NO_MEMORY); - } - - pMmProbeAndLockPages(Mdl, - UserMode, - IoWriteAccess); - - pExFreePool(Mdl); - - pObDereferenceObject(Process); - - *NumberOfBytesLocked = NumberOfBytesToLock; - return(STATUS_SUCCESS); + PVOID BaseAddress, + ULONG NumberOfBytesToLock, + PULONG NumberOfBytesLocked, + PObReferenceObjectByHandle pObReferenceObjectByHandle, + PMmCreateMdl pMmCreateMdl, + PObDereferenceObject pObDereferenceObject, + PMmProbeAndLockPages pMmProbeAndLockPages, + PExFreePool pExFreePool) +{ + PEPROCESS Process; + NTSTATUS Status; + PMDL Mdl; + + Status = pObReferenceObjectByHandle(ProcessHandle, + PROCESS_VM_WRITE, + NULL, + UserMode, + (PVOID*)(&Process), + NULL); + if (!NT_SUCCESS(Status)) + return(Status); + + Mdl = pMmCreateMdl(NULL, + BaseAddress, + NumberOfBytesToLock); + if (Mdl == NULL) + { + pObDereferenceObject(Process); + return(STATUS_NO_MEMORY); + } + + pMmProbeAndLockPages(Mdl, + UserMode, + IoWriteAccess); + + pExFreePool(Mdl); + + pObDereferenceObject(Process); + + *NumberOfBytesLocked = NumberOfBytesToLock; + return(STATUS_SUCCESS); } NTSTATUS STDCALL NtLockVirtualMemory(HANDLE ProcessHandle, - PVOID BaseAddress, - ULONG NumberOfBytesToLock, - PULONG NumberOfBytesLocked) -{ - DPRINT("NtLockVirtualMemory(ProcessHandle %x, BaseAddress %x, " - "NumberOfBytesToLock %d, NumberOfBytesLocked %x)\n", - ProcessHandle, - BaseAddress, - NumberOfBytesToLock, - NumberOfBytesLocked); - - return MiLockVirtualMemory(ProcessHandle, - BaseAddress, - NumberOfBytesToLock, - NumberOfBytesLocked, - ObReferenceObjectByHandle, - MmCreateMdl, - (PVOID)ObfDereferenceObject, - MmProbeAndLockPages, - ExFreePool); + PVOID BaseAddress, + ULONG NumberOfBytesToLock, + PULONG NumberOfBytesLocked) +{ + DPRINT("NtLockVirtualMemory(ProcessHandle %x, BaseAddress %x, " + "NumberOfBytesToLock %d, NumberOfBytesLocked %x)\n", + ProcessHandle, + BaseAddress, + NumberOfBytesToLock, + NumberOfBytesLocked); + + return MiLockVirtualMemory(ProcessHandle, + BaseAddress, + NumberOfBytesToLock, + NumberOfBytesLocked, + ObReferenceObjectByHandle, + MmCreateMdl, + (PVOID)ObfDereferenceObject, + MmProbeAndLockPages, + ExFreePool); } NTSTATUS FASTCALL -MiQueryVirtualMemory (IN HANDLE ProcessHandle, - IN PVOID Address, - IN MEMORY_INFORMATION_CLASS VirtualMemoryInformationClass, - OUT PVOID VirtualMemoryInformation, - IN ULONG Length, - OUT PULONG ResultLength) -{ - NTSTATUS Status; - PEPROCESS Process; - MEMORY_AREA* MemoryArea; - PMADDRESS_SPACE AddressSpace; - - if (Address < MmSystemRangeStart) - { - Status = ObReferenceObjectByHandle(ProcessHandle, - PROCESS_QUERY_INFORMATION, - NULL, - UserMode, - (PVOID*)(&Process), - NULL); - - if (!NT_SUCCESS(Status)) - { - DPRINT("NtQueryVirtualMemory() = %x\n",Status); - return(Status); - } - AddressSpace = (PMADDRESS_SPACE)&Process->VadRoot; - } - else - { - AddressSpace = MmGetKernelAddressSpace(); - } - MmLockAddressSpace(AddressSpace); - MemoryArea = MmLocateMemoryAreaByAddress(AddressSpace, Address); - switch(VirtualMemoryInformationClass) - { - case MemoryBasicInformation: - { - PMEMORY_BASIC_INFORMATION Info = - (PMEMORY_BASIC_INFORMATION)VirtualMemoryInformation; +MiQueryVirtualMemory(IN HANDLE ProcessHandle, + IN PVOID Address, + IN MEMORY_INFORMATION_CLASS VirtualMemoryInformationClass, + OUT PVOID VirtualMemoryInformation, + IN ULONG Length, + OUT PULONG ResultLength) +{ + NTSTATUS Status; + PEPROCESS Process; + MEMORY_AREA* MemoryArea; + PMADDRESS_SPACE AddressSpace; + + if (Address < MmSystemRangeStart) + { + Status = ObReferenceObjectByHandle(ProcessHandle, + PROCESS_QUERY_INFORMATION, + NULL, + UserMode, + (PVOID*)(&Process), + NULL); + + if (!NT_SUCCESS(Status)) + { + DPRINT("NtQueryVirtualMemory() = %x\n",Status); + return(Status); + } + AddressSpace = (PMADDRESS_SPACE)&Process->VadRoot; + } + else + { + AddressSpace = MmGetKernelAddressSpace(); + } + MmLockAddressSpace(AddressSpace); + MemoryArea = MmLocateMemoryAreaByAddress(AddressSpace, Address); + switch(VirtualMemoryInformationClass) + { + case MemoryBasicInformation: + { + PMEMORY_BASIC_INFORMATION Info = + (PMEMORY_BASIC_INFORMATION)VirtualMemoryInformation; if (Length != sizeof(MEMORY_BASIC_INFORMATION)) { - MmUnlockAddressSpace(AddressSpace); - ObDereferenceObject(Process); - return(STATUS_INFO_LENGTH_MISMATCH); + MmUnlockAddressSpace(AddressSpace); + ObDereferenceObject(Process); + return(STATUS_INFO_LENGTH_MISMATCH); } if (MemoryArea == NULL) { - Info->Type = 0; - Info->State = MEM_FREE; - Info->Protect = PAGE_NOACCESS; - Info->AllocationProtect = 0; - Info->BaseAddress = (PVOID)PAGE_ROUND_DOWN(Address); - Info->AllocationBase = NULL; - Info->RegionSize = MmFindGapAtAddress(AddressSpace, Info->BaseAddress); - Status = STATUS_SUCCESS; - *ResultLength = sizeof(MEMORY_BASIC_INFORMATION); - } + Info->Type = 0; + Info->State = MEM_FREE; + Info->Protect = PAGE_NOACCESS; + Info->AllocationProtect = 0; + Info->BaseAddress = (PVOID)PAGE_ROUND_DOWN(Address); + Info->AllocationBase = NULL; + Info->RegionSize = MmFindGapAtAddress(AddressSpace, Info->BaseAddress); + Status = STATUS_SUCCESS; + *ResultLength = sizeof(MEMORY_BASIC_INFORMATION); + } else - { - switch(MemoryArea->Type) - { - case MEMORY_AREA_VIRTUAL_MEMORY: - case MEMORY_AREA_PEB_OR_TEB: - Status = MmQueryAnonMem(MemoryArea, Address, Info, - ResultLength); - break; - case MEMORY_AREA_SECTION_VIEW: - Status = MmQuerySectionView(MemoryArea, Address, Info, - ResultLength); - break; - case MEMORY_AREA_NO_ACCESS: - Info->Type = MEM_PRIVATE; - Info->State = MEM_RESERVE; - Info->Protect = MemoryArea->Protect; - Info->AllocationProtect = MemoryArea->Protect; - Info->BaseAddress = MemoryArea->StartingAddress; - Info->AllocationBase = MemoryArea->StartingAddress; - Info->RegionSize = (ULONG_PTR)MemoryArea->EndingAddress - - (ULONG_PTR)MemoryArea->StartingAddress; - Status = STATUS_SUCCESS; - *ResultLength = sizeof(MEMORY_BASIC_INFORMATION); - break; - case MEMORY_AREA_SHARED_DATA: - Info->Type = MEM_PRIVATE; - Info->State = MEM_COMMIT; - Info->Protect = MemoryArea->Protect; - Info->AllocationProtect = MemoryArea->Protect; - Info->BaseAddress = MemoryArea->StartingAddress; - Info->AllocationBase = MemoryArea->StartingAddress; - Info->RegionSize = (ULONG_PTR)MemoryArea->EndingAddress - - (ULONG_PTR)MemoryArea->StartingAddress; - Status = STATUS_SUCCESS; - *ResultLength = sizeof(MEMORY_BASIC_INFORMATION); - break; - case MEMORY_AREA_SYSTEM: - Info->Type = 0; - Info->State = MEM_COMMIT; - Info->Protect = MemoryArea->Protect; - Info->AllocationProtect = MemoryArea->Protect; - Info->BaseAddress = MemoryArea->StartingAddress; - Info->AllocationBase = MemoryArea->StartingAddress; - Info->RegionSize = (ULONG_PTR)MemoryArea->EndingAddress - - (ULONG_PTR)MemoryArea->StartingAddress; - Status = STATUS_SUCCESS; - *ResultLength = sizeof(MEMORY_BASIC_INFORMATION); - break; - case MEMORY_AREA_KERNEL_STACK: - Info->Type = 0; - Info->State = MEM_COMMIT; - Info->Protect = MemoryArea->Protect; - Info->AllocationProtect = MemoryArea->Protect; - Info->BaseAddress = MemoryArea->StartingAddress; - Info->AllocationBase = MemoryArea->StartingAddress; - Info->RegionSize = (ULONG_PTR)MemoryArea->EndingAddress - - (ULONG_PTR)MemoryArea->StartingAddress; - Status = STATUS_SUCCESS; - *ResultLength = sizeof(MEMORY_BASIC_INFORMATION); - break; - case MEMORY_AREA_PAGED_POOL: - Info->Type = 0; - Info->State = MEM_COMMIT; - Info->Protect = MemoryArea->Protect; - Info->AllocationProtect = MemoryArea->Protect; - Info->BaseAddress = MemoryArea->StartingAddress; - Info->AllocationBase = MemoryArea->StartingAddress; - Info->RegionSize = (ULONG_PTR)MemoryArea->EndingAddress - - (ULONG_PTR)MemoryArea->StartingAddress; - Status = STATUS_SUCCESS; - *ResultLength = sizeof(MEMORY_BASIC_INFORMATION); - break; - default: - DPRINT1("unhandled memory area type: 0x%x\n", MemoryArea->Type); - Status = STATUS_UNSUCCESSFUL; - *ResultLength = 0; - } - } + { + switch(MemoryArea->Type) + { + case MEMORY_AREA_VIRTUAL_MEMORY: + case MEMORY_AREA_PEB_OR_TEB: + Status = MmQueryAnonMem(MemoryArea, Address, Info, + ResultLength); + break; + + case MEMORY_AREA_SECTION_VIEW: + Status = MmQuerySectionView(MemoryArea, Address, Info, + ResultLength); + break; + + case MEMORY_AREA_NO_ACCESS: + Info->Type = MEM_PRIVATE; + Info->State = MEM_RESERVE; + Info->Protect = MemoryArea->Protect; + Info->AllocationProtect = MemoryArea->Protect; + Info->BaseAddress = MemoryArea->StartingAddress; + Info->AllocationBase = MemoryArea->StartingAddress; + Info->RegionSize = (ULONG_PTR)MemoryArea->EndingAddress - + (ULONG_PTR)MemoryArea->StartingAddress; + Status = STATUS_SUCCESS; + *ResultLength = sizeof(MEMORY_BASIC_INFORMATION); + break; + + case MEMORY_AREA_SHARED_DATA: + Info->Type = MEM_PRIVATE; + Info->State = MEM_COMMIT; + Info->Protect = MemoryArea->Protect; + Info->AllocationProtect = MemoryArea->Protect; + Info->BaseAddress = MemoryArea->StartingAddress; + Info->AllocationBase = MemoryArea->StartingAddress; + Info->RegionSize = (ULONG_PTR)MemoryArea->EndingAddress - + (ULONG_PTR)MemoryArea->StartingAddress; + Status = STATUS_SUCCESS; + *ResultLength = sizeof(MEMORY_BASIC_INFORMATION); + break; + + case MEMORY_AREA_SYSTEM: + Info->Type = 0; + Info->State = MEM_COMMIT; + Info->Protect = MemoryArea->Protect; + Info->AllocationProtect = MemoryArea->Protect; + Info->BaseAddress = MemoryArea->StartingAddress; + Info->AllocationBase = MemoryArea->StartingAddress; + Info->RegionSize = (ULONG_PTR)MemoryArea->EndingAddress - + (ULONG_PTR)MemoryArea->StartingAddress; + Status = STATUS_SUCCESS; + *ResultLength = sizeof(MEMORY_BASIC_INFORMATION); + break; + + case MEMORY_AREA_KERNEL_STACK: + Info->Type = 0; + Info->State = MEM_COMMIT; + Info->Protect = MemoryArea->Protect; + Info->AllocationProtect = MemoryArea->Protect; + Info->BaseAddress = MemoryArea->StartingAddress; + Info->AllocationBase = MemoryArea->StartingAddress; + Info->RegionSize = (ULONG_PTR)MemoryArea->EndingAddress - + (ULONG_PTR)MemoryArea->StartingAddress; + Status = STATUS_SUCCESS; + *ResultLength = sizeof(MEMORY_BASIC_INFORMATION); + break; + + case MEMORY_AREA_PAGED_POOL: + Info->Type = 0; + Info->State = MEM_COMMIT; + Info->Protect = MemoryArea->Protect; + Info->AllocationProtect = MemoryArea->Protect; + Info->BaseAddress = MemoryArea->StartingAddress; + Info->AllocationBase = MemoryArea->StartingAddress; + Info->RegionSize = (ULONG_PTR)MemoryArea->EndingAddress - + (ULONG_PTR)MemoryArea->StartingAddress; + Status = STATUS_SUCCESS; + *ResultLength = sizeof(MEMORY_BASIC_INFORMATION); + break; + + default: + DPRINT1("unhandled memory area type: 0x%x\n", MemoryArea->Type); + Status = STATUS_UNSUCCESSFUL; + *ResultLength = 0; + } + } break; - } - - default: - { + } + + default: + { Status = STATUS_INVALID_INFO_CLASS; *ResultLength = 0; break; - } - } - - MmUnlockAddressSpace(AddressSpace); - if (Address < MmSystemRangeStart) - { - ASSERT(Process); - ObDereferenceObject(Process); - } - - return Status; + } + } + + MmUnlockAddressSpace(AddressSpace); + if (Address < MmSystemRangeStart) + { + ASSERT(Process); + ObDereferenceObject(Process); + } + + return Status; } /* (tMk 2004.II.4) @@ -276,102 +283,102 @@ * */ NTSTATUS STDCALL -NtQueryVirtualMemory (IN HANDLE ProcessHandle, - IN PVOID Address, - IN MEMORY_INFORMATION_CLASS VirtualMemoryInformationClass, - OUT PVOID VirtualMemoryInformation, - IN ULONG Length, - OUT PULONG UnsafeResultLength) -{ - NTSTATUS Status = STATUS_SUCCESS; - ULONG ResultLength = 0; - KPROCESSOR_MODE PreviousMode; - union - { - MEMORY_BASIC_INFORMATION BasicInfo; - } - VirtualMemoryInfo; - - DPRINT("NtQueryVirtualMemory(ProcessHandle %x, Address %x, " - "VirtualMemoryInformationClass %d, VirtualMemoryInformation %x, " - "Length %lu ResultLength %x)\n",ProcessHandle,Address, - VirtualMemoryInformationClass,VirtualMemoryInformation, - Length,ResultLength); - - PreviousMode = ExGetPreviousMode(); - - if (PreviousMode != KernelMode && UnsafeResultLength != NULL) - { - _SEH_TRY - { - ProbeForWriteUlong(UnsafeResultLength); - } - _SEH_HANDLE - { - Status = _SEH_GetExceptionCode(); - } - _SEH_END; - - if (!NT_SUCCESS(Status)) - { - return Status; - } - } - - if (Address >= MmSystemRangeStart) - { - DPRINT1("Invalid parameter\n"); - return STATUS_INVALID_PARAMETER; - } - - Status = MiQueryVirtualMemory ( ProcessHandle, - Address, - VirtualMemoryInformationClass, - &VirtualMemoryInfo, - Length, - &ResultLength ); - - if (NT_SUCCESS(Status)) - { - if (PreviousMode != KernelMode) - { - _SEH_TRY - { - if (ResultLength > 0) +NtQueryVirtualMemory(IN HANDLE ProcessHandle, + IN PVOID Address, + IN MEMORY_INFORMATION_CLASS VirtualMemoryInformationClass, + OUT PVOID VirtualMemoryInformation, + IN ULONG Length, + OUT PULONG UnsafeResultLength) +{ + NTSTATUS Status = STATUS_SUCCESS; + ULONG ResultLength = 0; + KPROCESSOR_MODE PreviousMode; + union + { + MEMORY_BASIC_INFORMATION BasicInfo; + } + VirtualMemoryInfo; + + DPRINT("NtQueryVirtualMemory(ProcessHandle %x, Address %x, " + "VirtualMemoryInformationClass %d, VirtualMemoryInformation %x, " + "Length %lu ResultLength %x)\n",ProcessHandle,Address, + VirtualMemoryInformationClass,VirtualMemoryInformation, + Length,ResultLength); + + PreviousMode = ExGetPreviousMode(); + + if (PreviousMode != KernelMode && UnsafeResultLength != NULL) + { + _SEH_TRY + { + ProbeForWriteUlong(UnsafeResultLength); + } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; + + if (!NT_SUCCESS(Status)) + { + return Status; + } + } + + if (Address >= MmSystemRangeStart) + { + DPRINT1("Invalid parameter\n"); + return STATUS_INVALID_PARAMETER; + } + + Status = MiQueryVirtualMemory(ProcessHandle, + Address, + VirtualMemoryInformationClass, + &VirtualMemoryInfo, + Length, + &ResultLength ); + + if (NT_SUCCESS(Status)) + { + if (PreviousMode != KernelMode) + { + _SEH_TRY + { + if (ResultLength > 0) { - ProbeForWrite(VirtualMemoryInformation, - ResultLength, - 1); - RtlCopyMemory(VirtualMemoryInformation, - &VirtualMemoryInfo, - ResultLength); + ProbeForWrite(VirtualMemoryInformation, + ResultLength, + 1); + RtlCopyMemory(VirtualMemoryInformation, + &VirtualMemoryInfo, + ResultLength); } - if (UnsafeResultLength != NULL) + if (UnsafeResultLength != NULL) { - *UnsafeResultLength = ResultLength; + *UnsafeResultLength = ResultLength; } } - _SEH_HANDLE - { - Status = _SEH_GetExceptionCode(); - } - _SEH_END; - } - else - { - if (ResultLength > 0) - { - RtlCopyMemory(VirtualMemoryInformation, - &VirtualMemoryInfo, - ResultLength); - } - - if (UnsafeResultLength != NULL) - { - *UnsafeResultLength = ResultLength; - } - } - } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; + } + else + { + if (ResultLength > 0) + { + RtlCopyMemory(VirtualMemoryInformation, + &VirtualMemoryInfo, + ResultLength); + } + + if (UnsafeResultLength != NULL) + { + *UnsafeResultLength = ResultLength; + } + } + } return(Status); } @@ -384,51 +391,51 @@ IN ULONG NewAccessProtection, OUT PULONG OldAccessProtection OPTIONAL) { - PMEMORY_AREA MemoryArea; - PMADDRESS_SPACE AddressSpace; - ULONG OldAccessProtection_; - NTSTATUS Status; - - *NumberOfBytesToProtect = - PAGE_ROUND_UP((*BaseAddress) + (*NumberOfBytesToProtect)) - - PAGE_ROUND_DOWN(*BaseAddress); - *BaseAddress = (PVOID)PAGE_ROUND_DOWN(*BaseAddress); - - AddressSpace = (PMADDRESS_SPACE)&(Process)->VadRoot; - - MmLockAddressSpace(AddressSpace); - MemoryArea = MmLocateMemoryAreaByAddress(AddressSpace, *BaseAddress); - if (MemoryArea == NULL) - { - MmUnlockAddressSpace(AddressSpace); - return STATUS_UNSUCCESSFUL; - } - - if (OldAccessProtection == NULL) - OldAccessProtection = &OldAccessProtection_; - - if (MemoryArea->Type == MEMORY_AREA_VIRTUAL_MEMORY) - { - Status = MmProtectAnonMem(AddressSpace, MemoryArea, *BaseAddress, - *NumberOfBytesToProtect, NewAccessProtection, - OldAccessProtection); - } - else if (MemoryArea->Type == MEMORY_AREA_SECTION_VIEW) - { - Status = MmProtectSectionView(AddressSpace, MemoryArea, *BaseAddress, - *NumberOfBytesToProtect, - NewAccessProtection, - OldAccessProtection); - } - else - { - /* FIXME: Should we return failure or success in this case? */ - Status = STATUS_CONFLICTING_ADDRESSES; - } - - MmUnlockAddressSpace(AddressSpace); - - return Status; + PMEMORY_AREA MemoryArea; + PMADDRESS_SPACE AddressSpace; + ULONG OldAccessProtection_; + NTSTATUS Status; + + *NumberOfBytesToProtect = + PAGE_ROUND_UP((ULONG_PTR)(*BaseAddress) + (*NumberOfBytesToProtect)) - + PAGE_ROUND_DOWN(*BaseAddress); + *BaseAddress = (PVOID)PAGE_ROUND_DOWN(*BaseAddress); + + AddressSpace = (PMADDRESS_SPACE)&(Process)->VadRoot; + + MmLockAddressSpace(AddressSpace); + MemoryArea = MmLocateMemoryAreaByAddress(AddressSpace, *BaseAddress); + if (MemoryArea == NULL) + { + MmUnlockAddressSpace(AddressSpace); + return STATUS_UNSUCCESSFUL; + } + + if (OldAccessProtection == NULL) + OldAccessProtection = &OldAccessProtection_; + + if (MemoryArea->Type == MEMORY_AREA_VIRTUAL_MEMORY) + { + Status = MmProtectAnonMem(AddressSpace, MemoryArea, *BaseAddress, + *NumberOfBytesToProtect, NewAccessProtection, + OldAccessProtection); + } + else if (MemoryArea->Type == MEMORY_AREA_SECTION_VIEW) + { + Status = MmProtectSectionView(AddressSpace, MemoryArea, *BaseAddress, + *NumberOfBytesToProtect, + NewAccessProtection, + OldAccessProtection); + } + else + { + /* FIXME: Should we return failure or success in this case? */ + Status = STATUS_CONFLICTING_ADDRESSES; + } + + MmUnlockAddressSpace(AddressSpace); + + return Status; } @@ -444,100 +451,100 @@ IN ULONG NewAccessProtection, OUT PULONG UnsafeOldAccessProtection) { - PEPROCESS Process; - ULONG OldAccessProtection; - PVOID BaseAddress = NULL; - ULONG NumberOfBytesToProtect = 0; - KPROCESSOR_MODE PreviousMode; - NTSTATUS Status = STATUS_SUCCESS; - - PreviousMode = ExGetPreviousMode(); - - if (PreviousMode != KernelMode) - { - _SEH_TRY - { - ProbeForWritePointer(UnsafeBaseAddress); - ProbeForWriteUlong(UnsafeNumberOfBytesToProtect); - ProbeForWriteUlong(UnsafeOldAccessProtection); - - BaseAddress = *UnsafeBaseAddress; - NumberOfBytesToProtect = *UnsafeNumberOfBytesToProtect; - } - _SEH_HANDLE - { - Status = _SEH_GetExceptionCode(); - } - _SEH_END; - - if (!NT_SUCCESS(Status)) - { - return Status; - } - } - else - { - BaseAddress = *UnsafeBaseAddress; - NumberOfBytesToProtect = *UnsafeNumberOfBytesToProtect; - } - - if ((ULONG_PTR)BaseAddress + NumberOfBytesToProtect - 1 < (ULONG_PTR)BaseAddress || - (ULONG_PTR)BaseAddress + NumberOfBytesToProtect - 1 >= MmUserProbeAddress) - { - /* Don't allow to change the protection of a kernel mode address */ - return STATUS_INVALID_PARAMETER_2; - } - - /* (tMk 2004.II.5) in Microsoft SDK I read: - * 'if this parameter is NULL or does not point to a valid variable, the function fails' - */ - if(UnsafeOldAccessProtection == NULL) - { - return(STATUS_INVALID_PARAMETER); - } - - Status = ObReferenceObjectByHandle(ProcessHandle, - PROCESS_VM_OPERATION, - PsProcessType, - UserMode, - (PVOID*)(&Process), - NULL); - if (!NT_SUCCESS(Status)) - { - DPRINT("NtProtectVirtualMemory() = %x\n",Status); - return(Status); - } - - Status = MiProtectVirtualMemory(Process, - &BaseAddress, - &NumberOfBytesToProtect, - NewAccessProtection, - &OldAccessProtection); - - ObDereferenceObject(Process); - - if (PreviousMode != KernelMode) - { - _SEH_TRY - { - *UnsafeOldAccessProtection = OldAccessProtection; - *UnsafeBaseAddress = BaseAddress; - *UnsafeNumberOfBytesToProtect = NumberOfBytesToProtect; - } - _SEH_HANDLE - { - Status = _SEH_GetExceptionCode(); - } - _SEH_END; - } - else - { - *UnsafeOldAccessProtection = OldAccessProtection; - *UnsafeBaseAddress = BaseAddress; - *UnsafeNumberOfBytesToProtect = NumberOfBytesToProtect; - } - - return(Status); + PEPROCESS Process; + ULONG OldAccessProtection; + PVOID BaseAddress = NULL; + ULONG NumberOfBytesToProtect = 0; + KPROCESSOR_MODE PreviousMode; + NTSTATUS Status = STATUS_SUCCESS; + + PreviousMode = ExGetPreviousMode(); + + if (PreviousMode != KernelMode) + { + _SEH_TRY + { + ProbeForWritePointer(UnsafeBaseAddress); + ProbeForWriteUlong(UnsafeNumberOfBytesToProtect); + ProbeForWriteUlong(UnsafeOldAccessProtection); + + BaseAddress = *UnsafeBaseAddress; + NumberOfBytesToProtect = *UnsafeNumberOfBytesToProtect; + } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; + + if (!NT_SUCCESS(Status)) + { + return Status; + } + } + else + { + BaseAddress = *UnsafeBaseAddress; + NumberOfBytesToProtect = *UnsafeNumberOfBytesToProtect; + } + + if ((ULONG_PTR)BaseAddress + NumberOfBytesToProtect - 1 < (ULONG_PTR)BaseAddress || + (ULONG_PTR)BaseAddress + NumberOfBytesToProtect - 1 >= MmUserProbeAddress) + { + /* Don't allow to change the protection of a kernel mode address */ + return STATUS_INVALID_PARAMETER_2; + } + + /* (tMk 2004.II.5) in Microsoft SDK I read: + * 'if this parameter is NULL or does not point to a valid variable, the function fails' + */ + if(UnsafeOldAccessProtection == NULL) + { + return(STATUS_INVALID_PARAMETER); + } + + Status = ObReferenceObjectByHandle(ProcessHandle, + PROCESS_VM_OPERATION, + PsProcessType, + UserMode, + (PVOID*)(&Process), + NULL); + if (!NT_SUCCESS(Status)) + { + DPRINT("NtProtectVirtualMemory() = %x\n",Status); + return(Status); + } + + Status = MiProtectVirtualMemory(Process, + &BaseAddress, + &NumberOfBytesToProtect, + NewAccessProtection, + &OldAccessProtection); + + ObDereferenceObject(Process); + + if (PreviousMode != KernelMode) + { + _SEH_TRY + { + *UnsafeOldAccessProtection = OldAccessProtection; + *UnsafeBaseAddress = BaseAddress; + *UnsafeNumberOfBytesToProtect = NumberOfBytesToProtect; + } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; + } + else + { + *UnsafeOldAccessProtection = OldAccessProtection; + *UnsafeBaseAddress = BaseAddress; + *UnsafeNumberOfBytesToProtect = NumberOfBytesToProtect; + } + + return(Status); } @@ -554,150 +561,153 @@ IN ULONG NumberOfBytesToRead, OUT PULONG NumberOfBytesRead OPTIONAL) { - PMDL Mdl; - PVOID SystemAddress; - KPROCESSOR_MODE PreviousMode; - PEPROCESS Process, CurrentProcess; - NTSTATUS Status = STATUS_SUCCESS; - - PAGED_CODE(); - - DPRINT("NtReadVirtualMemory(ProcessHandle %x, BaseAddress %x, " - "Buffer %x, NumberOfBytesToRead %d)\n",ProcessHandle,BaseAddress, - Buffer,NumberOfBytesToRead); - - if ((ULONG_PTR)BaseAddress + NumberOfBytesToRead - 1 < (ULONG_PTR)BaseAddress || - (ULONG_PTR)BaseAddress + NumberOfBytesToRead - 1 >= MmUserProbeAddress) - { - /* Don't allow to read from kernel space */ - return STATUS_ACCESS_VIOLATION; - } - - PreviousMode = ExGetPreviousMode(); - - if (PreviousMode != KernelMode) - { - if ((ULONG_PTR)Buffer + NumberOfBytesToRead - 1 < (ULONG_PTR)Buffer || - (ULONG_PTR)Buffer + NumberOfBytesToRead - 1 >= MmUserProbeAddress) - { - /* Don't allow to write into kernel space */ - return STATUS_ACCESS_VIOLATION; - } - } - - Status = ObReferenceObjectByHandle(ProcessHandle, - PROCESS_VM_READ, - NULL, - PreviousMode, - (PVOID*)(&Process), - NULL); - if (!NT_SUCCESS(Status)) - { - return(Status); - } - - CurrentProcess = PsGetCurrentProcess(); - - if(PreviousMode != KernelMode) - { - _SEH_TRY - { - if(NumberOfBytesRead != NULL) - { - ProbeForWriteUlong(NumberOfBytesRead); - } - } - _SEH_HANDLE - { - Status = _SEH_GetExceptionCode(); - } - _SEH_END; - - if(!NT_SUCCESS(Status)) - { - return Status; - } - } - - - if (Process == CurrentProcess) - { - _SEH_TRY - { - RtlCopyMemory(Buffer, BaseAddress, NumberOfBytesToRead); - } - _SEH_HANDLE - { - Status = _SEH_GetExceptionCode(); - } - _SEH_END; - } - else - { - Mdl = MmCreateMdl(NULL, - Buffer, - NumberOfBytesToRead); - if(Mdl == NULL) - { - ObDereferenceObject(Process); - return(STATUS_NO_MEMORY); - } - _SEH_TRY - { - MmProbeAndLockPages(Mdl, - PreviousMode, - IoWriteAccess); - } - _SEH_HANDLE - { - Status = _SEH_GetExceptionCode(); - } - _SEH_END; - - if(NT_SUCCESS(Status)) - { - KeAttachProcess(&Process->Pcb); - - SystemAddress = MmGetSystemAddressForMdl(Mdl); - - Status = STATUS_SUCCESS; - _SEH_TRY { - Status = STATUS_PARTIAL_COPY; - RtlCopyMemory(SystemAddress, BaseAddress, NumberOfBytesToRead); - Status = STATUS_SUCCESS; - } _SEH_HANDLE { - if(Status != STATUS_PARTIAL_COPY) - Status = _SEH_GetExceptionCode(); - } _SEH_END; - - KeDetachProcess(); - - if (Mdl->MappedSystemVa != NULL) - { - MmUnmapLockedPages(Mdl->MappedSystemVa, Mdl); - } - MmUnlockPages(Mdl); - } - ExFreePool(Mdl); - } - - ObDereferenceObject(Process); - - if((NT_SUCCESS(Status) || Status == STATUS_PARTIAL_COPY) && - NumberOfBytesRead != NULL) - { - _SEH_TRY - { - *NumberOfBytesRead = NumberOfBytesToRead; - } - _SEH_HANDLE - { - Status = _SEH_GetExceptionCode(); - } - _SEH_END; - } - - return(Status); + PMDL Mdl; + PVOID SystemAddress; + KPROCESSOR_MODE PreviousMode; + PEPROCESS Process, CurrentProcess; + NTSTATUS Status = STATUS_SUCCESS; + + PAGED_CODE(); + + DPRINT("NtReadVirtualMemory(ProcessHandle %x, BaseAddress %x, " + "Buffer %x, NumberOfBytesToRead %d)\n",ProcessHandle,BaseAddress, + Buffer,NumberOfBytesToRead); + + if ((ULONG_PTR)BaseAddress + NumberOfBytesToRead - 1 < (ULONG_PTR)BaseAddress || + (ULONG_PTR)BaseAddress + NumberOfBytesToRead - 1 >= MmUserProbeAddress) + { + /* Don't allow to read from kernel space */ + return STATUS_ACCESS_VIOLATION; + } + + PreviousMode = ExGetPreviousMode(); + + if (PreviousMode != KernelMode) + { + if ((ULONG_PTR)Buffer + NumberOfBytesToRead - 1 < (ULONG_PTR)Buffer || + (ULONG_PTR)Buffer + NumberOfBytesToRead - 1 >= MmUserProbeAddress) + { + /* Don't allow to write into kernel space */ + return STATUS_ACCESS_VIOLATION; + } + } + + Status = ObReferenceObjectByHandle(ProcessHandle, + PROCESS_VM_READ, + NULL, + PreviousMode, + (PVOID*)(&Process), + NULL); + if (!NT_SUCCESS(Status)) + { + return(Status); + } + + CurrentProcess = PsGetCurrentProcess(); + + if(PreviousMode != KernelMode) + { + _SEH_TRY + { + if(NumberOfBytesRead != NULL) + { + ProbeForWriteUlong(NumberOfBytesRead); + } + } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; + + if(!NT_SUCCESS(Status)) + { + return Status; + } + } + + + if (Process == CurrentProcess) + { + _SEH_TRY + { + RtlCopyMemory(Buffer, BaseAddress, NumberOfBytesToRead); + } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; + } + else + { + Mdl = MmCreateMdl(NULL, + Buffer, + NumberOfBytesToRead); + if(Mdl == NULL) + { + ObDereferenceObject(Process); + return(STATUS_NO_MEMORY); + } + + _SEH_TRY + { + MmProbeAndLockPages(Mdl, PreviousMode, IoWriteAccess); + } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; + + if(NT_SUCCESS(Status)) + { + KeAttachProcess(&Process->Pcb); + + SystemAddress = MmGetSystemAddressForMdl(Mdl); + + Status = STATUS_SUCCESS; + _SEH_TRY + { + Status = STATUS_PARTIAL_COPY; + RtlCopyMemory(SystemAddress, BaseAddress, NumberOfBytesToRead); + Status = STATUS_SUCCESS; + } + _SEH_HANDLE + { + if(Status != STATUS_PARTIAL_COPY) + Status = _SEH_GetExceptionCode(); + } + _SEH_END; + + KeDetachProcess(); + + if (Mdl->MappedSystemVa != NULL) + { + MmUnmapLockedPages(Mdl->MappedSystemVa, Mdl); + } + MmUnlockPages(Mdl); + } + ExFreePool(Mdl); + } + + ObDereferenceObject(Process); + + if ((NT_SUCCESS(Status) || Status == STATUS_PARTIAL_COPY) && + NumberOfBytesRead != NULL) + { + _SEH_TRY + { + *NumberOfBytesRead = NumberOfBytesToRead; + } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; + } + + return(Status); } /* (tMk 2004.II.05) @@ -710,49 +720,49 @@ ULONG NumberOfBytesToUnlock, PULONG NumberOfBytesUnlocked OPTIONAL) { - // AG [08-20-03] : I have *no* idea if this is correct, I just used the - // other functions as a template and made a few intelligent guesses... - - NTSTATUS Status; - PMDL Mdl; - PEPROCESS Process; - - DPRINT("NtUnlockVirtualMemory(ProcessHandle %x, BaseAddress %x, " - "NumberOfBytesToUnlock %d), NumberOfBytesUnlocked %x\n",ProcessHandle,BaseAddress, - NumberOfBytesToUnlock, NumberOfBytesUnlocked); - - Status = ObReferenceObjectByHandle(ProcessHandle, - PROCESS_VM_WRITE, - NULL, - UserMode, - (PVOID*)(&Process), - NULL); - if (!NT_SUCCESS(Status)) - { - return(Status); - } - - Mdl = MmCreateMdl(NULL, - BaseAddress, - NumberOfBytesToUnlock); - if(Mdl == NULL) - { - ObDereferenceObject(Process); - return(STATUS_NO_MEMORY); - } - - ObDereferenceObject(Process); - - if (Mdl->MappedSystemVa != NULL) - { - MmUnmapLockedPages(Mdl->MappedSystemVa, Mdl); - } - MmUnlockPages(Mdl); - ExFreePool(Mdl); - - *NumberOfBytesUnlocked = NumberOfBytesToUnlock; - - return(STATUS_SUCCESS); + // AG [08-20-03] : I have *no* idea if this is correct, I just used the + // other functions as a template and made a few intelligent guesses... + + NTSTATUS Status; + PMDL Mdl; + PEPROCESS Process; + + DPRINT("NtUnlockVirtualMemory(ProcessHandle %x, BaseAddress %x, " + "NumberOfBytesToUnlock %d), NumberOfBytesUnlocked %x\n",ProcessHandle,BaseAddress, + NumberOfBytesToUnlock, NumberOfBytesUnlocked); + + Status = ObReferenceObjectByHandle(ProcessHandle, + PROCESS_VM_WRITE, + NULL, + UserMode, + (PVOID*)(&Process), + NULL); + if (!NT_SUCCESS(Status)) + { + return(Status); + } + + Mdl = MmCreateMdl(NULL, + BaseAddress, + NumberOfBytesToUnlock); + if(Mdl == NULL) + { + ObDereferenceObject(Process); + return(STATUS_NO_MEMORY); + } + + ObDereferenceObject(Process); + + if (Mdl->MappedSystemVa != NULL) + { + MmUnmapLockedPages(Mdl->MappedSystemVa, Mdl); + } + MmUnlockPages(Mdl); + ExFreePool(Mdl); + + *NumberOfBytesUnlocked = NumberOfBytesToUnlock; + + return(STATUS_SUCCESS); } @@ -769,166 +779,164 @@ IN ULONG NumberOfBytesToWrite, OUT PULONG NumberOfBytesWritten OPTIONAL) { - PMDL Mdl; - PVOID SystemAddress; - PEPROCESS Process; - KPROCESSOR_MODE PreviousMode; - NTSTATUS CopyStatus, Status = STATUS_SUCCESS; - - DPRINT("NtWriteVirtualMemory(ProcessHandle %x, BaseAddress %x, " - "Buffer %x, NumberOfBytesToWrite %d)\n",ProcessHandle,BaseAddress, - Buffer,NumberOfBytesToWrite); - - if ((ULONG_PTR)BaseAddress + NumberOfBytesToWrite - 1 < (ULONG_PTR)BaseAddress || - (ULONG_PTR)BaseAddress + NumberOfBytesToWrite - 1 >= MmUserProbeAddress) - { - /* Don't allow to write into kernel space */ - return STATUS_ACCESS_VIOLATION; - } - - PreviousMode = ExGetPreviousMode(); - - if (PreviousMode != KernelMode) - { - if ((ULONG_PTR)Buffer + NumberOfBytesToWrite - 1 < (ULONG_PTR)Buffer || - (ULONG_PTR)Buffer + NumberOfBytesToWrite - 1 >= MmUserProbeAddress) - { - /* Don't allow to read from kernel space */ - return STATUS_ACCESS_VIOLATION; - } - if (NumberOfBytesWritten != NULL) - { - _SEH_TRY - { - ProbeForWriteUlong(NumberOfBytesWritten); - } - _SEH_HANDLE - { - Status = _SEH_GetExceptionCode(); - } - _SEH_END; - - if (!NT_SUCCESS(Status)) - { - return Status; - } - } - } - - Status = ObReferenceObjectByHandle(ProcessHandle, - PROCESS_VM_WRITE, - NULL, - UserMode, - (PVOID*)(&Process), - NULL); - if (!NT_SUCCESS(Status)) - { - return(Status); - } - - CopyStatus = STATUS_SUCCESS; - - /* Write memory */ - if (Process == PsGetCurrentProcess()) - { - if (PreviousMode != KernelMode) - { - _SEH_TRY - { - memcpy(BaseAddress, Buffer, NumberOfBytesToWrite); - } - _SEH_HANDLE - { - CopyStatus = _SEH_GetExceptionCode(); - } - _SEH_END; - } - else - { - memcpy(BaseAddress, Buffer, NumberOfBytesToWrite); - } - } - else - { - /* Create MDL describing the source buffer. */ - Mdl = MmCreateMdl(NULL, - Buffer, - NumberOfBytesToWrite); - if(Mdl == NULL) - { - ObDereferenceObject(Process); - return(STATUS_NO_MEMORY); - } - _SEH_TRY - { - /* Map the MDL. */ - MmProbeAndLockPages(Mdl, - UserMode, - IoReadAccess); - } - _SEH_HANDLE - { - CopyStatus = _SEH_GetExceptionCode(); - } - _SEH_END; - - if (NT_SUCCESS(CopyStatus)) - { - /* Copy memory from the mapped MDL into the target buffer. */ - KeAttachProcess(&Process->Pcb); - - SystemAddress = MmGetSystemAddressForMdl(Mdl); - if (PreviousMode != KernelMode) - { - _SEH_TRY + PMDL Mdl; + PVOID SystemAddress; + PEPROCESS Process; + KPROCESSOR_MODE PreviousMode; + NTSTATUS CopyStatus, Status = STATUS_SUCCESS; + + DPRINT("NtWriteVirtualMemory(ProcessHandle %x, BaseAddress %x, " + "Buffer %x, NumberOfBytesToWrite %d)\n",ProcessHandle,BaseAddress, + Buffer,NumberOfBytesToWrite); + + if ((ULONG_PTR)BaseAddress + NumberOfBytesToWrite - 1 < (ULONG_PTR)BaseAddress || + (ULONG_PTR)BaseAddress + NumberOfBytesToWrite - 1 >= MmUserProbeAddress) + { + /* Don't allow to write into kernel space */ + return STATUS_ACCESS_VIOLATION; + } + + PreviousMode = ExGetPreviousMode(); + + if (PreviousMode != KernelMode) + { + if ((ULONG_PTR)Buffer + NumberOfBytesToWrite - 1 < (ULONG_PTR)Buffer || + (ULONG_PTR)Buffer + NumberOfBytesToWrite - 1 >= MmUserProbeAddress) + { + /* Don't allow to read from kernel space */ + return STATUS_ACCESS_VIOLATION; + } + if (NumberOfBytesWritten != NULL) + { + _SEH_TRY + { + ProbeForWriteUlong(NumberOfBytesWritten); + } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; + + if (!NT_SUCCESS(Status)) + { + return Status; + } + } + } + + Status = ObReferenceObjectByHandle(ProcessHandle, + PROCESS_VM_WRITE, + NULL, + UserMode, + (PVOID*)(&Process), + NULL); + if (!NT_SUCCESS(Status)) + { + return(Status); + } + + CopyStatus = STATUS_SUCCESS; + + /* Write memory */ + if (Process == PsGetCurrentProcess()) + { + if (PreviousMode != KernelMode) + { + _SEH_TRY + { + memcpy(BaseAddress, Buffer, NumberOfBytesToWrite); + } + _SEH_HANDLE + { + CopyStatus = _SEH_GetExceptionCode(); + } + _SEH_END; + } + else + { + memcpy(BaseAddress, Buffer, NumberOfBytesToWrite); + } + } + else + { + /* Create MDL describing the source buffer. */ + Mdl = MmCreateMdl(NULL, + Buffer, + NumberOfBytesToWrite); + if (Mdl == NULL) + { + ObDereferenceObject(Process); + return(STATUS_NO_MEMORY); + } + _SEH_TRY + { + /* Map the MDL. */ + MmProbeAndLockPages(Mdl, UserMode, IoReadAccess); + } + _SEH_HANDLE + { + CopyStatus = _SEH_GetExceptionCode(); + } + _SEH_END; + + if (NT_SUCCESS(CopyStatus)) + { + /* Copy memory from the mapped MDL into the target buffer. */ + KeAttachProcess(&Process->Pcb); + + SystemAddress = MmGetSystemAddressForMdl(Mdl); + if (PreviousMode != KernelMode) + { + _SEH_TRY { - memcpy(BaseAddress, SystemAddress, NumberOfBytesToWrite); + memcpy(BaseAddress, SystemAddress, NumberOfBytesToWrite); } - _SEH_HANDLE + _SEH_HANDLE { - CopyStatus = _SEH_GetExceptionCode(); + CopyStatus = _SEH_GetExceptionCode(); } - _SEH_END; - } - else - { - memcpy(BaseAddress, SystemAddress, NumberOfBytesToWrite); - } - - KeDetachProcess(); - } - - /* Free the MDL. */ - if (Mdl->MappedSystemVa != NULL) - { - MmUnmapLockedPages(Mdl->MappedSystemVa, Mdl); - } - MmUnlockPages(Mdl); - ExFreePool(Mdl); - } - ObDereferenceObject(Process); - - if (NT_SUCCESS(CopyStatus) && NumberOfBytesWritten != NULL) - { - if (PreviousMode != KernelMode) - { - _SEH_TRY - { - *NumberOfBytesWritten = NumberOfBytesToWrite; - } - _SEH_HANDLE - { - Status = _SEH_GetExceptionCode(); - } - _SEH_END; - } - else - { - *NumberOfBytesWritten = NumberOfBytesToWrite; - } - } - - return(NT_SUCCESS(CopyStatus) ? Status : CopyStatus); + _SEH_END; + } + else + { + memcpy(BaseAddress, SystemAddress, NumberOfBytesToWrite); + } + + KeDetachProcess(); + } + + /* Free the MDL. */ + if (Mdl->MappedSystemVa != NULL) + { + MmUnmapLockedPages(Mdl->MappedSystemVa, Mdl); + } + MmUnlockPages(Mdl); + ExFreePool(Mdl); + } + ObDereferenceObject(Process); + + if (NT_SUCCESS(CopyStatus) && NumberOfBytesWritten != NULL) + { + if (PreviousMode != KernelMode) + { + _SEH_TRY + { + *NumberOfBytesWritten = NumberOfBytesToWrite; + } + _SEH_HANDLE + { + Status = _SEH_GetExceptionCode(); + } + _SEH_END; + } + else + { + *NumberOfBytesWritten = NumberOfBytesToWrite; + } + } + + return(NT_SUCCESS(CopyStatus) ? Status : CopyStatus); } /* @@ -937,12 +945,12 @@ PVOID STDCALL -MmGetVirtualForPhysical ( +MmGetVirtualForPhysical( IN PHYSICAL_ADDRESS PhysicalAddress ) { - UNIMPLEMENTED; - return 0; + UNIMPLEMENTED; + return 0; } /* FUNCTION: @@ -950,19 +958,19 @@ * @unimplemented */ PVOID STDCALL -MmSecureVirtualMemory (PVOID Address, - SIZE_T Length, - ULONG Mode) -{ - /* Only works for user space */ - if (MmHighestUserAddress < Address) - { - return NULL; - } - - UNIMPLEMENTED; - - return 0; +MmSecureVirtualMemory(PVOID Address, + SIZE_T Length, + ULONG Mode) +{ + /* Only works for user space */ + if (MmHighestUserAddress < Address) + { + return NULL; + } + + UNIMPLEMENTED; + + return 0; } @@ -973,12 +981,12 @@ VOID STDCALL MmUnsecureVirtualMemory(PVOID SecureMem) { - if (NULL == SecureMem) - { - return; - } - - UNIMPLEMENTED; + if (NULL == SecureMem) + { + return; + } + + UNIMPLEMENTED; } @@ -986,34 +994,34 @@ * @implemented */ VOID STDCALL -ProbeForRead (IN CONST VOID *Address, +ProbeForRead(IN CONST VOID *Address, + IN ULONG Length, + IN ULONG Alignment) +{ + if (Length != 0) + { + ASSERT(Alignment == 1 || Alignment == 2 || Alignment == 4 || Alignment == 8); + + if (((ULONG_PTR)Address & (Alignment - 1)) != 0) + { + ExRaiseStatus (STATUS_DATATYPE_MISALIGNMENT); + } + else if ((ULONG_PTR)Address + Length - 1 < (ULONG_PTR)Address || + (ULONG_PTR)Address + Length - 1 >= (ULONG_PTR)MmUserProbeAddress) + { + ExRaiseStatus (STATUS_ACCESS_VIOLATION); + } + } +} + + +/* + * @implemented + */ +VOID STDCALL +ProbeForWrite(IN PVOID Address, IN ULONG Length, IN ULONG Alignment) -{ - if (Length != 0) - { - ASSERT(Alignment == 1 || Alignment == 2 || Alignment == 4 || Alignment == 8); - - if (((ULONG_PTR)Address & (Alignment - 1)) != 0) - { - ExRaiseStatus (STATUS_DATATYPE_MISALIGNMENT); - } - else if ((ULONG_PTR)Address + Length - 1 < (ULONG_PTR)Address || - (ULONG_PTR)Address + Length - 1 >= (ULONG_PTR)MmUserProbeAddress) - { - ExRaiseStatus (STATUS_ACCESS_VIOLATION); - } - } -} - - -/* - * @implemented - */ -VOID STDCALL -ProbeForWrite (IN PVOID Address, - IN ULONG Length, - IN ULONG Alignment) { volatile CHAR *Current; PCHAR Last;