15 #define MODULE_INVOLVED_IN_ARM3 18 #define MI_MAPPED_COPY_PAGES 14 19 #define MI_POOL_COPY_BYTES 512 20 #define MI_MAX_TRANSFER_SIZE 64 * 1024 47 PMMPTE PointerPte, LastPte;
57 if (Vad->u.VadFlags.MemCommit == 1)
64 if (PointerPde->
u.
Long != 0)
79 if (PointerPte > LastPte)
return CommittedPages;
83 while (PointerPte <= LastPte)
90 if (PointerPde->
u.
Long != 0)
110 if (PointerPte->
u.
Long != 0)
128 return CommittedPages;
136 if (PointerPde->
u.
Long != 0)
151 if (PointerPte > LastPte)
return CommittedPages;
155 while (PointerPte <= LastPte)
162 if (PointerPde->
u.
Long != 0)
182 if (PointerPte->
u.
Long != 0)
200 return CommittedPages;
316 if (PointerPte->u.Long)
319 ASSERT(PointerPte->u.Soft.Prototype == 0);
320 ASSERT(PointerPte->u.Soft.Transition == 0);
323 if (PointerPte->u.Hard.Valid)
333 if (ValidPages) (*ValidPages)++;
364 ASSERT(PointerPte->u.Soft.PageFileHigh == 0);
420 DPRINT(
"Pte %p is transitional!\n", PointerPte);
434 if (Pfn1->
u3.
e2.ReferenceCount == 0)
441 Pfn1->
u3.
e2.ReferenceCount++;
462 #if (_MI_PAGING_LEVELS == 2) 474 #if (_MI_PAGING_LEVELS == 2) 553 if ((Vad) && (Vad->u.VadFlags.Spare == 1))
return;
561 if (!(Vad) || (Vad->u.VadFlags.PrivateMemory) || !(Vad->FirstPrototypePte))
570 LastPrototypePte = Vad->FirstPrototypePte + 1;
580 while (!PointerPde->
u.
Long)
593 if (Va > EndingAddress)
return;
606 ASSERT(Va <= EndingAddress);
609 if ((AddressGap) && (LastPrototypePte))
642 if ((LastPrototypePte) && (
PrototypePte > LastPrototypePte))
663 (
TempPte.u.Soft.Prototype == 1))
700 if (PointerPde->
u.
Long != 0)
712 if (Va > EndingAddress)
return;
731 *HaveBadAddress =
FALSE;
753 *HaveBadAddress =
TRUE;
776 SIZE_T TotalSize, CurrentSize, RemainingSize;
792 CurrentSize = TotalSize;
798 while (RemainingSize > 0)
803 if (RemainingSize < CurrentSize) CurrentSize = RemainingSize;
830 FailedInProbe =
TRUE;
840 FailedInProbe =
FALSE;
894 FailedInProbe =
TRUE;
904 FailedInProbe =
FALSE;
910 RtlCopyMemory(CurrentTargetAddress, MdlAddress, CurrentSize);
970 RemainingSize -= CurrentSize;
971 CurrentAddress = (
PVOID)((
ULONG_PTR)CurrentAddress + CurrentSize);
972 CurrentTargetAddress = (
PVOID)((
ULONG_PTR)CurrentTargetAddress + CurrentSize);
976 if (MdlAddress !=
NULL)
1000 SIZE_T TotalSize, CurrentSize, RemainingSize;
1010 DPRINT(
"Copying %Iu bytes from process %p (address %p) to process %p (Address %p)\n",
1018 CurrentSize = TotalSize;
1029 PoolAddress = (
PVOID)StackBuffer;
1038 HavePoolAddress =
TRUE;
1044 while (RemainingSize > 0)
1049 if (RemainingSize < CurrentSize) CurrentSize = RemainingSize;
1073 FailedInProbe =
TRUE;
1083 FailedInProbe =
FALSE;
1149 FailedInProbe =
TRUE;
1159 FailedInProbe =
FALSE;
1165 RtlCopyMemory(CurrentTargetAddress, PoolAddress, CurrentSize);
1219 RemainingSize -= CurrentSize;
1220 CurrentAddress = (
PVOID)((
ULONG_PTR)CurrentAddress + CurrentSize);
1229 if (HavePoolAddress)
1348 (
TempPte.u.Soft.Prototype == 1))
1451 PMMPTE PointerPte, ProtoPte;
1453 #if (_MI_PAGING_LEVELS >= 3) 1456 #if (_MI_PAGING_LEVELS >= 4) 1471 #if (_MI_PAGING_LEVELS >= 3) 1474 #if (_MI_PAGING_LEVELS >= 4) 1483 #if (_MI_PAGING_LEVELS >= 4) 1485 if (PointerPxe->
u.
Long == 0)
1499 #if (_MI_PAGING_LEVELS >= 3) 1501 if (PointerPpe->
u.
Long == 0)
1517 if (PointerPde->
u.
Long == 0)
1552 ((
TempPte.u.Soft.Prototype == 0) ||
1574 (
TempPte.u.Soft.Prototype == 1) &&
1575 (Vad->u.VadFlags.PrivateMemory == 0) &&
1593 if ((Vad->u.VadFlags.PrivateMemory == 0) && (Vad->ControlArea))
1606 TempProtoPte = *ProtoPte;
1607 if (TempProtoPte.
u.
Long)
1618 else if (Vad->u.VadFlags.MemCommit)
1716 (
PVOID*)&TargetProcess,
1740 DPRINT1(
"Process is dying\n");
1763 if (BaseVpn < Vad->StartingVpn)
1837 MemoryInfo.
Type = 0;
1887 DPRINT1(
"MmQuerySectionView failed. MemoryArea=%p (%p-%p), BaseAddress=%p\n",
1965 DPRINT(
"Base: %p AllocBase: %p AllocProtect: %lx Protect: %lx " 1966 "State: %lx Type: %lx Size: %lx\n",
1981 PMMPTE PointerPte, LastPte;
1992 while (PointerPte <= LastPte)
1999 if (PointerPde->
u.
Long != 0)
2015 if (!Vad->u.VadFlags.MemCommit)
return FALSE;
2023 if (PointerPte->
u.
Long == 0)
2026 if (!Vad->u.VadFlags.MemCommit)
return FALSE;
2060 ULONG OldAccessProtection_;
2075 if (OldAccessProtection ==
NULL) OldAccessProtection = &OldAccessProtection_;
2081 *NumberOfBytesToProtect,
2082 NewAccessProtection,
2083 OldAccessProtection);
2101 ULONG_PTR StartingAddress, EndingAddress;
2102 PMMPTE PointerPte, LastPte;
2106 ULONG ProtectionMask, OldProtect;
2120 DPRINT1(
"Invalid protection mask\n");
2131 NumberOfBytesToProtect,
2132 NewAccessProtection,
2133 OldAccessProtection);
2141 DPRINT1(
"Process is dying\n");
2153 DPRINT(
"Could not find a VAD for this allocation\n");
2167 if ((Vad->u.VadFlags.VadType ==
VadAwe) ||
2171 DPRINT1(
"Illegal VAD for attempting to set protection\n");
2177 if (Vad->u.VadFlags.NoChange == 1)
2179 DPRINT1(
"Trying to change protection of a NoChange VAD\n");
2185 if (Vad->u.VadFlags.PrivateMemory == 0)
2190 DPRINT1(
"Illegal VAD for attempting to set protection\n");
2198 DPRINT1(
"Illegal VAD for attempting to set protection\n");
2207 DPRINT1(
"Invalid protection flags for section\n");
2213 if (!Vad->ControlArea->u.Flags.Image)
2216 DPRINT1(
"Fixme: Not checking for valid protection\n");
2220 DPRINT1(
"Section protection not yet supported\n");
2229 DPRINT1(
"Invalid protection flags for private memory\n");
2245 DPRINT1(
"The entire range is not committed\n");
2260 if (PointerPte->
u.
Long != 0)
2273 while (PointerPte <= LastPte)
2283 PteContents = *PointerPte;
2284 if (PteContents.
u.
Long == 0)
2358 *NumberOfBytesToProtect = EndingAddress - StartingAddress + 1;
2360 *OldAccessProtection = OldProtect;
2375 PMMPTE PointerPte, PointerPpe, PointerPxe;
2394 (PointerPde->u.Hard.Valid))
2442 ASSERT(PointerPde->u.Hard.Valid == 1);
2445 !(PointerPde->u.Hard.Valid));
2509 ULONG CommitReduction = 0;
2510 PMMPTE ValidPteList[256];
2530 while (PointerPte <= EndingPte)
2560 PteContents = *PointerPte;
2561 if (PteContents.
u.
Long)
2594 if (PteCount == 256)
2599 ValidPteList[PteCount++] = PointerPte;
2631 if (PointerPte > CommitPte) CommitReduction++;
2648 return CommitReduction;
2745 if (NumberOfBytesToRead)
2765 NumberOfBytesToRead,
2779 if (NumberOfBytesRead)
2859 if (NumberOfBytesToWrite)
2879 NumberOfBytesToWrite,
2893 if (NumberOfBytesWritten)
2993 ULONG OldAccessProtection;
2997 SIZE_T NumberOfBytesToProtect = 0;
3044 NumberOfBytesToProtect = *UnsafeNumberOfBytesToProtect;
3061 NumberOfBytesToProtect = *UnsafeNumberOfBytesToProtect;
3113 &NumberOfBytesToProtect,
3114 NewAccessProtection,
3115 &OldAccessProtection);
3135 *UnsafeOldAccessProtection = OldAccessProtection;
3137 *UnsafeNumberOfBytesToProtect = NumberOfBytesToProtect;
3227 while (CurrentVa < *EndAddress)
3242 *EndAddress = CurrentVa;
3263 PVOID CurrentVa, EndAddress;
3264 PMMPTE PointerPte, LastPte;
3266 #if (_MI_PAGING_LEVELS >= 3) 3269 #if (_MI_PAGING_LEVELS == 4) 3299 while (CurrentVa < EndAddress)
3301 (
void)(*(
volatile CHAR*)CurrentVa);
3319 #if (_MI_PAGING_LEVELS >= 3) 3322 #if (_MI_PAGING_LEVELS == 4) 3384 #if (_MI_PAGING_LEVELS >= 3) 3387 #if (_MI_PAGING_LEVELS == 4) 3390 }
while (PointerPte <= LastPte);
3415 PVOID CapturedBaseAddress;
3416 SIZE_T CapturedBytesToLock;
3456 CapturedBytesToLock = *NumberOfBytesToLock;
3533 &CapturedBytesToLock,
3555 *NumberOfBytesToLock = CapturedBytesToLock;
3583 PMMPTE PointerPte, LastPte;
3585 #if (_MI_PAGING_LEVELS >= 3) 3588 #if (_MI_PAGING_LEVELS == 4) 3620 #if (_MI_PAGING_LEVELS >= 3) 3623 #if (_MI_PAGING_LEVELS == 4) 3666 DPRINT1(
"FIXME: Should remove the page from WS\n");
3676 #if (_MI_PAGING_LEVELS >= 3) 3679 #if (_MI_PAGING_LEVELS == 4) 3682 }
while (PointerPte <= LastPte);
3687 goto CleanupWithWsLock;
3695 #if (_MI_PAGING_LEVELS >= 3) 3698 #if (_MI_PAGING_LEVELS == 4) 3714 #if (_MI_PAGING_LEVELS >= 3) 3717 #if (_MI_PAGING_LEVELS == 4) 3720 }
while (PointerPte <= LastPte);
3751 PVOID CapturedBaseAddress;
3752 SIZE_T CapturedBytesToUnlock;
3792 CapturedBytesToUnlock = *NumberOfBytesToUnlock;
3869 &CapturedBytesToUnlock,
3891 *NumberOfBytesToUnlock = CapturedBytesToUnlock;
3918 PVOID CapturedBaseAddress;
3919 SIZE_T CapturedBytesToFlush;
3944 CapturedBytesToFlush = *NumberOfBytesToFlush;
3961 CapturedBytesToFlush = *NumberOfBytesToFlush;
3995 &CapturedBaseAddress,
3996 &CapturedBytesToFlush,
4013 *NumberOfBytesToFlush = 0;
4082 CapturedEntryCount = *EntriesInUserAddressArray;
4104 CapturedEntryCount *
sizeof(
PVOID),
4121 CapturedEntryCount = *EntriesInUserAddressArray;
4122 ASSERT(CapturedEntryCount != 0);
4180 *EntriesInUserAddressArray = 0;
4294 DPRINT(
"Querying class %d about address: %p\n", MemoryInformationClass,
BaseAddress);
4306 MemoryInformationLength,
4323 switch(MemoryInformationClass)
4335 MemoryInformationLength,
4349 MemoryInformationLength,
4355 DPRINT1(
"Unhandled memory information class %d\n", MemoryInformationClass);
4380 ULONG_PTR PRegionSize, StartingAddress, EndingAddress;
4386 ULONG ProtectionMask, QuotaCharge = 0, QuotaFree = 0;
4389 PMMPTE PointerPte, LastPte;
4397 DPRINT1(
"Too many zero bits\n");
4405 DPRINT1(
"Invalid Allocation Type\n");
4412 DPRINT1(
"No memory allocation base type\n");
4419 DPRINT1(
"Invalid use of MEM_RESET\n");
4429 DPRINT1(
"Must supply MEM_COMMIT with MEM_LARGE_PAGES\n");
4436 DPRINT1(
"Using illegal flags with MEM_LARGE_PAGES\n");
4444 DPRINT1(
"MEM_WRITE_WATCH used without MEM_RESERVE\n");
4454 DPRINT1(
"MEM_PHYSICAL used without MEM_RESERVE\n");
4461 DPRINT1(
"Using illegal flags with MEM_PHYSICAL\n");
4468 DPRINT1(
"MEM_PHYSICAL used without PAGE_READWRITE\n");
4477 DPRINT1(
"Invalid protection mask\n");
4493 PBaseAddress = *UBaseAddress;
4494 PRegionSize = *URegionSize;
4506 DPRINT1(
"Virtual allocation base above User Space\n");
4513 DPRINT1(
"Region size would overflow into kernel-memory\n");
4520 DPRINT1(
"Region size is invalid (zero)\n");
4553 DPRINT(
"NtAllocateVirtualMemory: Process 0x%p, Address 0x%p, Zerobits %lu , RegionSize 0x%x, Allocation type 0x%x, Protect 0x%x.\n",
4564 DPRINT1(
"Privilege not held for MEM_LARGE_PAGES\n");
4566 goto FailPathNoLock;
4574 DPRINT1(
"MEM_LARGE_PAGES not supported\n");
4576 goto FailPathNoLock;
4580 DPRINT1(
"MEM_PHYSICAL not supported\n");
4582 goto FailPathNoLock;
4586 DPRINT1(
"MEM_WRITE_WATCH not supported\n");
4588 goto FailPathNoLock;
4602 DPRINT1(
"Copy on write not allowed through this path\n");
4604 goto FailPathNoLock;
4617 StartingAddress = 0;
4631 goto FailPathNoLock;
4644 StartingAddress = (
ULONG_PTR)PBaseAddress;
4653 DPRINT1(
"Failed to allocate a VAD!\n");
4655 goto FailPathNoLock;
4675 DPRINT1(
"Failed to insert the VAD!\n");
4676 goto FailPathNoLock;
4695 *URegionSize = PRegionSize;
4696 *UBaseAddress = (
PVOID)StartingAddress;
4705 DPRINT(
"Reserved %x bytes at %p.\n", PRegionSize, StartingAddress);
4717 PRegionSize = EndingAddress - StartingAddress + 1;
4726 DPRINT1(
"Process is dying\n");
4740 DPRINT1(
"Could not find a VAD for this allocation\n");
4748 DPRINT(
"MEM_RESET not supported\n");
4757 if ((FoundVad->u.VadFlags.VadType ==
VadAwe) ||
4761 DPRINT1(
"Illegal VAD for attempting a MEM_COMMIT\n");
4772 DPRINT1(
"Address range does not fit into the VAD\n");
4784 DPRINT1(
"Illegal commit of non-ARM3 section!\n");
4792 if (FoundVad->u.VadFlags.PrivateMemory ==
FALSE)
4799 DPRINT1(
"Large page sections cannot be VirtualAlloc'd\n");
4810 DPRINT1(
"Cannot use caching flags with anything but rotate VADs\n");
4819 if (FoundVad->u.VadFlags.NoChange)
4836 DPRINT1(
"Secured VAD being messed around with\n");
4844 ASSERT(FoundVad->ControlArea->FilePointer ==
NULL);
4852 DPRINT1(
"Invalid page protection for rotate VAD\n");
4862 QuotaCharge = (
ULONG)(LastPte - PointerPte + 1);
4868 TempPte = FoundVad->ControlArea->Segment->SegmentPteTemplate;
4870 while (PointerPte <= LastPte)
4875 if (PointerPte->
u.
Long == 0)
4889 ASSERT(QuotaCharge >= QuotaFree);
4890 QuotaCharge -= QuotaFree;
4891 FoundVad->ControlArea->Segment->NumberOfCommittedPages += QuotaCharge;
4916 DPRINT1(
"Write copy attempted when not allowed\n");
4925 TempPte.u.Soft.Protection = ProtectionMask;
4940 FoundVad->u.VadFlags.CommitCharge += (1 + LastPte - PointerPte);
4941 Process->CommitCharge += (1 + LastPte - PointerPte);
4956 while (PointerPte <= LastPte)
4973 if (PointerPte->
u.
Long == 0)
5009 ChangeProtection =
TRUE;
5039 if (ChangeProtection)
5041 PVOID ProtectBaseAddress = (
PVOID)StartingAddress;
5042 SIZE_T ProtectSize = PRegionSize;
5043 ULONG OldProtection;
5049 &ProtectBaseAddress,
5072 *URegionSize = PRegionSize;
5073 *UBaseAddress = (
PVOID)StartingAddress;
5098 LONG_PTR AlreadyDecommitted, CommitReduction = 0;
5099 ULONG_PTR StartingAddress, EndingAddress;
5138 PBaseAddress = *UBaseAddress;
5139 PRegionSize = *URegionSize;
5152 DPRINT1(
"Virtual free base above User Space\n");
5161 DPRINT1(
"Region size would overflow into kernel-memory\n");
5194 DPRINT(
"NtFreeVirtualMemory: Process 0x%p, Address 0x%p, Size 0x%Ix, FreeType 0x%08lx\n",
5222 DPRINT1(
"Unable to find VAD for address 0x%p\n", StartingAddress);
5232 DPRINT1(
"Address 0x%p is beyond the VAD\n", EndingAddress);
5244 DPRINT1(
"Attempt to free section memory\n");
5286 DPRINT1(
"Address 0x%p does not match the VAD\n", PBaseAddress);
5318 if ((StartingAddress >>