15 #define MODULE_INVOLVED_IN_ARM3 18 #define MI_MAPPED_COPY_PAGES 14 19 #define MI_POOL_COPY_BYTES 512 20 #define MI_MAX_TRANSFER_SIZE 64 * 1024 47 PMMPTE PointerPte, LastPte;
57 if (Vad->u.VadFlags.MemCommit == 1)
64 if (PointerPde->
u.
Long != 0)
79 if (PointerPte > LastPte)
return CommittedPages;
83 while (PointerPte <= LastPte)
90 if (PointerPde->
u.
Long != 0)
110 if (PointerPte->
u.
Long != 0)
128 return CommittedPages;
136 if (PointerPde->
u.
Long != 0)
151 if (PointerPte > LastPte)
return CommittedPages;
155 while (PointerPte <= LastPte)
162 if (PointerPde->
u.
Long != 0)
182 if (PointerPte->
u.
Long != 0)
200 return CommittedPages;
316 if (PointerPte->u.Long)
319 ASSERT(PointerPte->u.Soft.Prototype == 0);
320 ASSERT(PointerPte->u.Soft.Transition == 0);
323 if (PointerPte->u.Hard.Valid)
333 if (ValidPages) (*ValidPages)++;
364 ASSERT(PointerPte->u.Soft.PageFileHigh == 0);
420 DPRINT(
"Pte %p is transitional!\n", PointerPte);
434 if (Pfn1->
u3.
e2.ReferenceCount == 0)
441 Pfn1->
u3.
e2.ReferenceCount++;
462 #if (_MI_PAGING_LEVELS == 2) 474 #if (_MI_PAGING_LEVELS == 2) 546 #if (_MI_PAGING_LEVELS >= 3) 549 #if (_MI_PAGING_LEVELS >= 4) 559 if ((Vad) && (Vad->u.VadFlags.Spare == 1))
return;
565 if (!(Vad) || (Vad->u.VadFlags.PrivateMemory) || !(Vad->FirstPrototypePte))
574 LastPrototypePte = Vad->FirstPrototypePte + 1;
581 while (Va <= EndingAddress)
583 #if (_MI_PAGING_LEVELS >= 4) 589 if (!PointerPxe->
u.
Long)
603 #if (_MI_PAGING_LEVELS >= 3) 609 if (!PointerPpe->
u.
Long)
625 if (!PointerPde->
u.
Long)
645 ASSERT(Va <= EndingAddress);
648 if ((AddressGap) && (LastPrototypePte))
682 if ((LastPrototypePte) && (
PrototypePte > LastPrototypePte))
703 (
TempPte.u.Soft.Prototype == 1))
740 if (PointerPde->
u.
Long != 0)
752 if (Va > EndingAddress)
return;
771 *HaveBadAddress =
FALSE;
793 *HaveBadAddress =
TRUE;
816 SIZE_T TotalSize, CurrentSize, RemainingSize;
832 CurrentSize = TotalSize;
838 while (RemainingSize > 0)
843 if (RemainingSize < CurrentSize) CurrentSize = RemainingSize;
870 FailedInProbe =
TRUE;
880 FailedInProbe =
FALSE;
934 FailedInProbe =
TRUE;
944 FailedInProbe =
FALSE;
950 RtlCopyMemory(CurrentTargetAddress, MdlAddress, CurrentSize);
1005 PagesLocked =
FALSE;
1010 RemainingSize -= CurrentSize;
1011 CurrentAddress = (
PVOID)((
ULONG_PTR)CurrentAddress + CurrentSize);
1012 CurrentTargetAddress = (
PVOID)((
ULONG_PTR)CurrentTargetAddress + CurrentSize);
1016 if (MdlAddress !=
NULL)
1040 SIZE_T TotalSize, CurrentSize, RemainingSize;
1050 DPRINT(
"Copying %Iu bytes from process %p (address %p) to process %p (Address %p)\n",
1058 CurrentSize = TotalSize;
1069 PoolAddress = (
PVOID)StackBuffer;
1078 HavePoolAddress =
TRUE;
1084 while (RemainingSize > 0)
1089 if (RemainingSize < CurrentSize) CurrentSize = RemainingSize;
1113 FailedInProbe =
TRUE;
1123 FailedInProbe =
FALSE;
1189 FailedInProbe =
TRUE;
1199 FailedInProbe =
FALSE;
1205 RtlCopyMemory(CurrentTargetAddress, PoolAddress, CurrentSize);
1259 RemainingSize -= CurrentSize;
1260 CurrentAddress = (
PVOID)((
ULONG_PTR)CurrentAddress + CurrentSize);
1269 if (HavePoolAddress)
1384 (
TempPte.u.Soft.Prototype == 1))
1487 PMMPTE PointerPte, ProtoPte;
1489 #if (_MI_PAGING_LEVELS >= 3) 1492 #if (_MI_PAGING_LEVELS >= 4) 1507 #if (_MI_PAGING_LEVELS >= 3) 1510 #if (_MI_PAGING_LEVELS >= 4) 1519 #if (_MI_PAGING_LEVELS >= 4) 1521 if (PointerPxe->
u.
Long == 0)
1535 #if (_MI_PAGING_LEVELS >= 3) 1537 if (PointerPpe->
u.
Long == 0)
1553 if (PointerPde->
u.
Long == 0)
1588 ((
TempPte.u.Soft.Prototype == 0) ||
1610 (
TempPte.u.Soft.Prototype == 1) &&
1611 (Vad->u.VadFlags.PrivateMemory == 0) &&
1629 if ((Vad->u.VadFlags.PrivateMemory == 0) && (Vad->ControlArea))
1642 TempProtoPte = *ProtoPte;
1643 if (TempProtoPte.
u.
Long)
1654 else if (Vad->u.VadFlags.MemCommit)
1752 (
PVOID*)&TargetProcess,
1776 DPRINT1(
"Process is dying\n");
1799 if (BaseVpn < Vad->StartingVpn)
1873 MemoryInfo.
Type = 0;
1923 DPRINT1(
"MmQuerySectionView failed. MemoryArea=%p (%p-%p), BaseAddress=%p\n",
2001 DPRINT(
"Base: %p AllocBase: %p AllocProtect: %lx Protect: %lx " 2002 "State: %lx Type: %lx Size: %lx\n",
2017 PMMPTE PointerPte, LastPte;
2028 while (PointerPte <= LastPte)
2035 if (PointerPde->
u.
Long != 0)
2051 if (!Vad->u.VadFlags.MemCommit)
return FALSE;
2059 if (PointerPte->
u.
Long == 0)
2062 if (!Vad->u.VadFlags.MemCommit)
return FALSE;
2096 ULONG OldAccessProtection_;
2111 if (OldAccessProtection ==
NULL) OldAccessProtection = &OldAccessProtection_;
2117 *NumberOfBytesToProtect,
2118 NewAccessProtection,
2119 OldAccessProtection);
2137 ULONG_PTR StartingAddress, EndingAddress;
2138 PMMPTE PointerPte, LastPte;
2142 ULONG ProtectionMask, OldProtect;
2156 DPRINT1(
"Invalid protection mask\n");
2167 NumberOfBytesToProtect,
2168 NewAccessProtection,
2169 OldAccessProtection);
2177 DPRINT1(
"Process is dying\n");
2189 DPRINT(
"Could not find a VAD for this allocation\n");
2203 if ((Vad->u.VadFlags.VadType ==
VadAwe) ||
2207 DPRINT1(
"Illegal VAD for attempting to set protection\n");
2213 if (Vad->u.VadFlags.NoChange == 1)
2215 DPRINT1(
"Trying to change protection of a NoChange VAD\n");
2221 if (Vad->u.VadFlags.PrivateMemory == 0)
2226 DPRINT1(
"Illegal VAD for attempting to set protection\n");
2234 DPRINT1(
"Illegal VAD for attempting to set protection\n");
2243 DPRINT1(
"Invalid protection flags for section\n");
2249 if (!Vad->ControlArea->u.Flags.Image)
2252 DPRINT1(
"Fixme: Not checking for valid protection\n");
2256 DPRINT1(
"Section protection not yet supported\n");
2265 DPRINT1(
"Invalid protection flags for private memory\n");
2281 DPRINT1(
"The entire range is not committed\n");
2296 if (PointerPte->
u.
Long != 0)
2309 while (PointerPte <= LastPte)
2319 PteContents = *PointerPte;
2320 if (PteContents.
u.
Long == 0)
2394 *NumberOfBytesToProtect = EndingAddress - StartingAddress + 1;
2396 *OldAccessProtection = OldProtect;
2411 PMMPTE PointerPte, PointerPpe, PointerPxe;
2430 (PointerPde->u.Hard.Valid))
2478 ASSERT(PointerPde->u.Hard.Valid == 1);
2481 !(PointerPde->u.Hard.Valid));
2545 ULONG CommitReduction = 0;
2546 PMMPTE ValidPteList[256];
2566 while (PointerPte <= EndingPte)
2596 PteContents = *PointerPte;
2597 if (PteContents.
u.
Long)
2630 if (PteCount == 256)
2635 ValidPteList[PteCount++] = PointerPte;
2667 if (PointerPte > CommitPte) CommitReduction++;
2684 return CommitReduction;
2781 if (NumberOfBytesToRead)
2801 NumberOfBytesToRead,
2815 if (NumberOfBytesRead)
2895 if (NumberOfBytesToWrite)
2915 NumberOfBytesToWrite,
2929 if (NumberOfBytesWritten)
3029 ULONG OldAccessProtection;
3033 SIZE_T NumberOfBytesToProtect = 0;
3080 NumberOfBytesToProtect = *UnsafeNumberOfBytesToProtect;
3097 NumberOfBytesToProtect = *UnsafeNumberOfBytesToProtect;
3149 &NumberOfBytesToProtect,
3150 NewAccessProtection,
3151 &OldAccessProtection);
3171 *UnsafeOldAccessProtection = OldAccessProtection;
3173 *UnsafeNumberOfBytesToProtect = NumberOfBytesToProtect;
3263 while (CurrentVa < *EndAddress)
3278 *EndAddress = CurrentVa;
3299 PVOID CurrentVa, EndAddress;
3300 PMMPTE PointerPte, LastPte;
3302 #if (_MI_PAGING_LEVELS >= 3) 3305 #if (_MI_PAGING_LEVELS == 4) 3335 while (CurrentVa < EndAddress)
3337 (
void)(*(
volatile CHAR*)CurrentVa);
3355 #if (_MI_PAGING_LEVELS >= 3) 3358 #if (_MI_PAGING_LEVELS == 4) 3420 #if (_MI_PAGING_LEVELS >= 3) 3423 #if (_MI_PAGING_LEVELS == 4) 3426 }
while (PointerPte <= LastPte);
3451 PVOID CapturedBaseAddress;
3452 SIZE_T CapturedBytesToLock;
3492 CapturedBytesToLock = *NumberOfBytesToLock;
3569 &CapturedBytesToLock,
3591 *NumberOfBytesToLock = CapturedBytesToLock;
3619 PMMPTE PointerPte, LastPte;
3621 #if (_MI_PAGING_LEVELS >= 3) 3624 #if (_MI_PAGING_LEVELS == 4) 3656 #if (_MI_PAGING_LEVELS >= 3) 3659 #if (_MI_PAGING_LEVELS == 4) 3702 DPRINT1(
"FIXME: Should remove the page from WS\n");
3712 #if (_MI_PAGING_LEVELS >= 3) 3715 #if (_MI_PAGING_LEVELS == 4) 3718 }
while (PointerPte <= LastPte);
3723 goto CleanupWithWsLock;
3731 #if (_MI_PAGING_LEVELS >= 3) 3734 #if (_MI_PAGING_LEVELS == 4) 3750 #if (_MI_PAGING_LEVELS >= 3) 3753 #if (_MI_PAGING_LEVELS == 4) 3756 }
while (PointerPte <= LastPte);
3787 PVOID CapturedBaseAddress;
3788 SIZE_T CapturedBytesToUnlock;
3828 CapturedBytesToUnlock = *NumberOfBytesToUnlock;
3905 &CapturedBytesToUnlock,
3927 *NumberOfBytesToUnlock = CapturedBytesToUnlock;
3954 PVOID CapturedBaseAddress;
3955 SIZE_T CapturedBytesToFlush;
3980 CapturedBytesToFlush = *NumberOfBytesToFlush;
3997 CapturedBytesToFlush = *NumberOfBytesToFlush;
4031 &CapturedBaseAddress,
4032 &CapturedBytesToFlush,
4049 *NumberOfBytesToFlush = 0;
4118 CapturedEntryCount = *EntriesInUserAddressArray;
4140 CapturedEntryCount *
sizeof(
PVOID),
4157 CapturedEntryCount = *EntriesInUserAddressArray;
4158 ASSERT(CapturedEntryCount != 0);
4216 *EntriesInUserAddressArray = 0;
4330 DPRINT(
"Querying class %d about address: %p\n", MemoryInformationClass,
BaseAddress);
4342 MemoryInformationLength,
4359 switch(MemoryInformationClass)
4371 MemoryInformationLength,
4385 MemoryInformationLength,
4391 DPRINT1(
"Unhandled memory information class %d\n", MemoryInformationClass);
4416 ULONG_PTR PRegionSize, StartingAddress, EndingAddress;
4422 ULONG ProtectionMask, QuotaCharge = 0, QuotaFree = 0;
4425 PMMPTE PointerPte, LastPte;
4433 DPRINT1(
"Too many zero bits\n");
4441 DPRINT1(
"Invalid Allocation Type\n");
4448 DPRINT1(
"No memory allocation base type\n");
4455 DPRINT1(
"Invalid use of MEM_RESET\n");
4465 DPRINT1(
"Must supply MEM_COMMIT with MEM_LARGE_PAGES\n");
4472 DPRINT1(
"Using illegal flags with MEM_LARGE_PAGES\n");
4480 DPRINT1(
"MEM_WRITE_WATCH used without MEM_RESERVE\n");
4490 DPRINT1(
"MEM_PHYSICAL used without MEM_RESERVE\n");
4497 DPRINT1(
"Using illegal flags with MEM_PHYSICAL\n");
4504 DPRINT1(
"MEM_PHYSICAL used without PAGE_READWRITE\n");
4513 DPRINT1(
"Invalid protection mask\n");
4529 PBaseAddress = *UBaseAddress;
4530 PRegionSize = *URegionSize;
4542 DPRINT1(
"Virtual allocation base above User Space\n");
4549 DPRINT1(
"Region size would overflow into kernel-memory\n");
4556 DPRINT1(
"Region size is invalid (zero)\n");
4589 DPRINT(
"NtAllocateVirtualMemory: Process 0x%p, Address 0x%p, Zerobits %lu , RegionSize 0x%x, Allocation type 0x%x, Protect 0x%x.\n",
4600 DPRINT1(
"Privilege not held for MEM_LARGE_PAGES\n");
4602 goto FailPathNoLock;
4610 DPRINT1(
"MEM_LARGE_PAGES not supported\n");
4612 goto FailPathNoLock;
4616 DPRINT1(
"MEM_PHYSICAL not supported\n");
4618 goto FailPathNoLock;
4622 DPRINT1(
"MEM_WRITE_WATCH not supported\n");
4624 goto FailPathNoLock;
4638 DPRINT1(
"Copy on write not allowed through this path\n");
4640 goto FailPathNoLock;
4653 StartingAddress = 0;
4667 goto FailPathNoLock;
4680 StartingAddress = (
ULONG_PTR)PBaseAddress;
4689 DPRINT1(
"Failed to allocate a VAD!\n");
4691 goto FailPathNoLock;
4711 DPRINT1(
"Failed to insert the VAD!\n");
4712 goto FailPathNoLock;
4731 *URegionSize = PRegionSize;
4732 *UBaseAddress = (
PVOID)StartingAddress;
4741 DPRINT(
"Reserved %x bytes at %p.\n", PRegionSize, StartingAddress);
4753 PRegionSize = EndingAddress - StartingAddress + 1;
4762 DPRINT1(
"Process is dying\n");
4776 DPRINT1(
"Could not find a VAD for this allocation\n");
4784 DPRINT(
"MEM_RESET not supported\n");
4793 if ((FoundVad->u.VadFlags.VadType ==
VadAwe) ||
4797 DPRINT1(
"Illegal VAD for attempting a MEM_COMMIT\n");
4808 DPRINT1(
"Address range does not fit into the VAD\n");
4820 DPRINT1(
"Illegal commit of non-ARM3 section!\n");
4828 if (FoundVad->u.VadFlags.PrivateMemory ==
FALSE)
4835 DPRINT1(
"Large page sections cannot be VirtualAlloc'd\n");
4846 DPRINT1(
"Cannot use caching flags with anything but rotate VADs\n");
4855 if (FoundVad->u.VadFlags.NoChange)
4872 DPRINT1(
"Secured VAD being messed around with\n");
4880 ASSERT(FoundVad->ControlArea->FilePointer ==
NULL);
4888 DPRINT1(
"Invalid page protection for rotate VAD\n");
4898 QuotaCharge = (
ULONG)(LastPte - PointerPte + 1);
4904 TempPte = FoundVad->ControlArea->Segment->SegmentPteTemplate;
4906 while (PointerPte <= LastPte)
4911 if (PointerPte->
u.
Long == 0)
4925 ASSERT(QuotaCharge >= QuotaFree);
4926 QuotaCharge -= QuotaFree;
4927 FoundVad->ControlArea->Segment->NumberOfCommittedPages += QuotaCharge;
4952 DPRINT1(
"Write copy attempted when not allowed\n");
4961 TempPte.u.Soft.Protection = ProtectionMask;
4976 FoundVad->u.VadFlags.CommitCharge += (1 + LastPte - PointerPte);
4977 Process->CommitCharge += (1 + LastPte - PointerPte);
4992 while (PointerPte <= LastPte)
5009 if (PointerPte->
u.
Long == 0)
5045 ChangeProtection =
TRUE;
5075 if (ChangeProtection)
5077 PVOID ProtectBaseAddress = (
PVOID)StartingAddress;
5078 SIZE_T ProtectSize = PRegionSize;
5079 ULONG OldProtection;
5085 &ProtectBaseAddress,
5108 *URegionSize = PRegionSize;
5109 *UBaseAddress = (
PVOID)StartingAddress;
5134 LONG_PTR AlreadyDecommitted, CommitReduction = 0;
5135 ULONG_PTR StartingAddress, EndingAddress;
5174 PBaseAddress = *UBaseAddress;
5175 PRegionSize = *URegionSize;
5188 DPRINT1(
"Virtual free base above User Space\n");
5197 DPRINT1(
"Region size would overflow into kernel-memory\n");
5230 DPRINT(
"NtFreeVirtualMemory: Process 0x%p, Address 0x%p, Size 0x%Ix, FreeType 0x%08lx\n",
5258 DPRINT1(
"Unable to find VAD for address 0x%p\n", StartingAddress);
5268 DPRINT1(
"Address 0x%p is beyond the VAD\n", EndingAddress);
5280 DPRINT1(
"Attempt to free section memory\n");