miarm.h File Reference

This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Classes
struct	_POOL_DESCRIPTOR
struct	_POOL_HEADER
struct	_POOL_TRACKER_TABLE
struct	_POOL_TRACKER_BIG_PAGES
struct	_MI_LARGE_PAGE_DRIVER_ENTRY
struct	_PHYSICAL_MEMORY_RUN
struct	_PHYSICAL_MEMORY_DESCRIPTOR
struct	_MMCOLOR_TABLES
struct	_MI_LARGE_PAGE_RANGES
struct	_MMVIEW
struct	_MMSESSION
struct	_MM_SESSION_SPACE_FLAGS
struct	_MM_SESSION_SPACE

Macros
#define	MI_LOWEST_VAD_ADDRESS   (PVOID)MM_LOWEST_USER_ADDRESS
#define	_1KB   (1024u)
#define	_1MB   (1024 * _1KB)
#define	_1GB   (1024 * _1MB)
#define	_64K   (64 * _1KB)
#define	PT_SIZE   (PTE_PER_PAGE * sizeof(MMPTE))
#define	PD_SIZE   (PDE_PER_PAGE * sizeof(MMPDE))
#define	SYSTEM_PD_SIZE   (PPE_PER_PAGE * PD_SIZE)
#define	MM_ZERO_ACCESS   0
#define	MM_READONLY   1
#define	MM_EXECUTE   2
#define	MM_EXECUTE_READ   3
#define	MM_READWRITE   4
#define	MM_WRITECOPY   5
#define	MM_EXECUTE_READWRITE   6
#define	MM_EXECUTE_WRITECOPY   7
#define	MM_PROTECT_ACCESS   7
#define	MM_NOCACHE   0x08
#define	MM_GUARDPAGE   0x10
#define	MM_WRITECOMBINE   0x18
#define	MM_PROTECT_SPECIAL   0x18
#define	MM_DECOMMIT   (MM_ZERO_ACCESS | MM_GUARDPAGE)
#define	MM_NOACCESS   (MM_ZERO_ACCESS | MM_WRITECOMBINE)
#define	MM_OUTSWAPPED_KSTACK   (MM_EXECUTE_WRITECOPY | MM_WRITECOMBINE)
#define	MM_INVALID_PROTECTION   0xFFFFFFFF
#define	IMAGE_SCN_PROTECTION_MASK   (IMAGE_SCN_MEM_WRITE | IMAGE_SCN_MEM_READ | IMAGE_SCN_MEM_EXECUTE)
#define	MI_IS_SESSION_IMAGE_ADDRESS(Address)   (((Address) >= MiSessionImageStart) && ((Address) < MiSessionImageEnd))
#define	MI_IS_SESSION_ADDRESS(Address)   (((Address) >= MmSessionBase) && ((Address) < MiSessionSpaceEnd))
#define	MI_IS_SESSION_PTE(Pte)   ((((PMMPTE)Pte) >= MiSessionBasePte) && (((PMMPTE)Pte) < MiSessionLastPte))
#define	MI_IS_PAGE_TABLE_ADDRESS(Address)   (((PVOID)(Address) >= (PVOID)PTE_BASE) && ((PVOID)(Address) <= (PVOID)PTE_TOP))
#define	MI_IS_SYSTEM_PAGE_TABLE_ADDRESS(Address)   (((Address) >= (PVOID)MiAddressToPte(MmSystemRangeStart)) && ((Address) <= (PVOID)PTE_TOP))
#define	MI_IS_PAGE_TABLE_OR_HYPER_ADDRESS(Address)   (((PVOID)(Address) >= (PVOID)PTE_BASE) && ((PVOID)(Address) <= (PVOID)MmHyperSpaceEnd))
#define	MI_MAKE_SOFTWARE_PTE(p, x)   ((p)->u.Long = (x << MM_PTE_SOFTWARE_PROTECTION_BITS))
#define	MI_SET_PFN_DELETED(x)   ((x)->PteAddress = (PMMPTE)((ULONG_PTR)(x)->PteAddress | 1))
#define	MI_IS_PFN_DELETED(x)   ((ULONG_PTR)((x)->PteAddress) & 1)
#define	MM_SYSLDR_NO_IMPORTS   (PVOID)0xFFFFFFFE
#define	MM_SYSLDR_BOOT_LOADED   (PVOID)0xFFFFFFFF
#define	MM_SYSLDR_SINGLE_ENTRY   0x1
#define	MI_INITIAL_SESSION_IDS   64
#define	MI_GET_PAGE_COLOR(x)   ((x) & MmSecondaryColorMask)
#define	MI_GET_NEXT_COLOR()   (MI_GET_PAGE_COLOR(++MmSystemPageColor))
#define	MI_GET_NEXT_PROCESS_COLOR(x)   (MI_GET_PAGE_COLOR(++(x)->NextPageColor))
#define	MI_PTE_LOOKUP_NEEDED   0xFFFFF
#define	MI_SESSION_DATA_PAGES_MAXIMUM   (MM_ALLOCATION_GRANULARITY / PAGE_SIZE)
#define	MI_SESSION_TAG_PAGES_MAXIMUM   (MM_ALLOCATION_GRANULARITY / PAGE_SIZE)
#define	MM_READ_WRITE_ALLOWED   11
#define	MM_READ_ONLY_ALLOWED   10
#define	MM_NO_ACCESS_ALLOWED   01
#define	MM_DELETE_CHECK   85
#define	MI_SYSTEM_VIEW_BUCKET_SIZE   _64K
#define	POOL_BLOCK_SIZE   8
#define	POOL_LISTS_PER_PAGE   (PAGE_SIZE / POOL_BLOCK_SIZE)
#define	BASE_POOL_TYPE_MASK   1
#define	POOL_MAX_ALLOC   (PAGE_SIZE - (sizeof(POOL_HEADER) + POOL_BLOCK_SIZE))
#define	POOL_FLAG_CHECK_TIMERS   0x1
#define	POOL_FLAG_CHECK_WORKERS   0x2
#define	POOL_FLAG_CHECK_RESOURCES   0x4
#define	POOL_FLAG_VERIFIER   0x8
#define	POOL_FLAG_CHECK_DEADLOCK   0x10
#define	POOL_FLAG_SPECIAL_POOL   0x20
#define	POOL_FLAG_DBGPRINT_ON_FAILURE   0x40
#define	POOL_FLAG_CRASH_ON_FAILURE   0x80
#define	POOL_CORRUPTED_LIST   3
#define	POOL_SIZE_OR_INDEX_MISMATCH   5
#define	POOL_ENTRIES_NOT_ALIGNED_PREVIOUS   6
#define	POOL_HEADER_NOT_ALIGNED   7
#define	POOL_HEADER_IS_ZERO   8
#define	POOL_ENTRIES_NOT_ALIGNED_NEXT   9
#define	POOL_ENTRY_NOT_FOUND   10
#define	POOL_ENTRY_CORRUPTED   1
#define	POOL_ENTRY_ALREADY_FREE   6
#define	POOL_ENTRY_NOT_ALLOCATED   7
#define	POOL_ALLOC_IRQL_INVALID   8
#define	POOL_FREE_IRQL_INVALID   9
#define	POOL_BILLED_PROCESS_INVALID   13
#define	POOL_HEADER_SIZE_INVALID   32
#define	MI_IS_ROS_PFN(x)   ((x)->u4.AweAllocation == TRUE)

Typedefs
typedef struct _POOL_DESCRIPTOR	POOL_DESCRIPTOR
typedef struct _POOL_DESCRIPTOR *	PPOOL_DESCRIPTOR
typedef struct _POOL_HEADER	POOL_HEADER
typedef struct _POOL_HEADER *	PPOOL_HEADER
typedef struct _POOL_TRACKER_TABLE	POOL_TRACKER_TABLE
typedef struct _POOL_TRACKER_TABLE *	PPOOL_TRACKER_TABLE
typedef struct _POOL_TRACKER_BIG_PAGES	POOL_TRACKER_BIG_PAGES
typedef struct _POOL_TRACKER_BIG_PAGES *	PPOOL_TRACKER_BIG_PAGES
typedef struct _MI_LARGE_PAGE_DRIVER_ENTRY	MI_LARGE_PAGE_DRIVER_ENTRY
typedef struct _MI_LARGE_PAGE_DRIVER_ENTRY *	PMI_LARGE_PAGE_DRIVER_ENTRY
typedef enum _MMSYSTEM_PTE_POOL_TYPE	MMSYSTEM_PTE_POOL_TYPE
typedef enum _MI_PFN_CACHE_ATTRIBUTE	MI_PFN_CACHE_ATTRIBUTE
typedef enum _MI_PFN_CACHE_ATTRIBUTE *	PMI_PFN_CACHE_ATTRIBUTE
typedef struct _PHYSICAL_MEMORY_RUN	PHYSICAL_MEMORY_RUN
typedef struct _PHYSICAL_MEMORY_RUN *	PPHYSICAL_MEMORY_RUN
typedef struct _PHYSICAL_MEMORY_DESCRIPTOR	PHYSICAL_MEMORY_DESCRIPTOR
typedef struct _PHYSICAL_MEMORY_DESCRIPTOR *	PPHYSICAL_MEMORY_DESCRIPTOR
typedef struct _MMCOLOR_TABLES	MMCOLOR_TABLES
typedef struct _MMCOLOR_TABLES *	PMMCOLOR_TABLES
typedef struct _MI_LARGE_PAGE_RANGES	MI_LARGE_PAGE_RANGES
typedef struct _MI_LARGE_PAGE_RANGES *	PMI_LARGE_PAGE_RANGES
typedef struct _MMVIEW	MMVIEW
typedef struct _MMVIEW *	PMMVIEW
typedef struct _MMSESSION	MMSESSION
typedef struct _MMSESSION *	PMMSESSION
typedef struct _MM_SESSION_SPACE_FLAGS	MM_SESSION_SPACE_FLAGS
typedef struct _MM_SESSION_SPACE	MM_SESSION_SPACE
typedef struct _MM_SESSION_SPACE *	PMM_SESSION_SPACE

Enumerations
enum	_MMSYSTEM_PTE_POOL_TYPE { SystemPteSpace, NonPagedPoolExpansion, MaximumPtePoolTypes }
enum	_MI_PFN_CACHE_ATTRIBUTE { MiNonCached, MiCached, MiWriteCombined, MiNotMapped }

Functions
	C_ASSERT (sizeof(POOL_HEADER)==POOL_BLOCK_SIZE)
	C_ASSERT (POOL_BLOCK_SIZE==sizeof(LIST_ENTRY))
FORCEINLINE BOOLEAN	MI_IS_PROCESS_WORKING_SET (PMMSUPPORT WorkingSet)
FORCEINLINE BOOLEAN	MiIsMemoryTypeFree (TYPE_OF_MEMORY MemoryType)
FORCEINLINE BOOLEAN	MiIsMemoryTypeInvisible (TYPE_OF_MEMORY MemoryType)
FORCEINLINE BOOLEAN	MiIsUserPde (PVOID Address)
FORCEINLINE BOOLEAN	MiIsUserPte (PVOID Address)
FORCEINLINE ULONG_PTR	MiDetermineUserGlobalPteMask (IN PVOID PointerPte)
FORCEINLINE VOID	MI_MAKE_HARDWARE_PTE_KERNEL (IN PMMPTE NewPte, IN PMMPTE MappingPte, IN ULONG_PTR ProtectionMask, IN PFN_NUMBER PageFrameNumber)
FORCEINLINE VOID	MI_MAKE_HARDWARE_PTE (IN PMMPTE NewPte, IN PMMPTE MappingPte, IN ULONG_PTR ProtectionMask, IN PFN_NUMBER PageFrameNumber)
FORCEINLINE VOID	MI_MAKE_HARDWARE_PTE_USER (IN PMMPTE NewPte, IN PMMPTE MappingPte, IN ULONG_PTR ProtectionMask, IN PFN_NUMBER PageFrameNumber)
FORCEINLINE VOID	MI_MAKE_PROTOTYPE_PTE (IN PMMPTE NewPte, IN PMMPTE PointerPte)
FORCEINLINE VOID	MI_MAKE_SUBSECTION_PTE (IN PMMPTE NewPte, IN PVOID Segment)
FORCEINLINE BOOLEAN	MI_IS_MAPPED_PTE (PMMPTE PointerPte)
FORCEINLINE VOID	MI_MAKE_TRANSITION_PTE (_Out_ PMMPTE NewPte, _In_ PFN_NUMBER Page, _In_ ULONG Protection)
FORCEINLINE BOOLEAN	MI_IS_PHYSICAL_ADDRESS (IN PVOID Address)
FORCEINLINE VOID	MI_WRITE_VALID_PTE (IN PMMPTE PointerPte, IN MMPTE TempPte)
FORCEINLINE VOID	MI_UPDATE_VALID_PTE (IN PMMPTE PointerPte, IN MMPTE TempPte)
FORCEINLINE VOID	MI_WRITE_INVALID_PTE (IN PMMPTE PointerPte, IN MMPTE InvalidPte)
FORCEINLINE VOID	MI_ERASE_PTE (IN PMMPTE PointerPte)
FORCEINLINE VOID	MI_WRITE_VALID_PDE (IN PMMPDE PointerPde, IN MMPDE TempPde)
FORCEINLINE VOID	MI_WRITE_INVALID_PDE (IN PMMPDE PointerPde, IN MMPDE InvalidPde)
FORCEINLINE BOOLEAN	MM_ANY_WS_LOCK_HELD (IN PETHREAD Thread)
FORCEINLINE BOOLEAN	MM_ANY_WS_LOCK_HELD_EXCLUSIVE (_In_ PETHREAD Thread)
FORCEINLINE BOOLEAN	MI_WS_OWNER (IN PEPROCESS Process)
FORCEINLINE BOOLEAN	MiIsRosSectionObject (IN PSECTION Section)
VOID NTAPI	MiDecrementReferenceCount (IN PMMPFN Pfn1, IN PFN_NUMBER PageFrameIndex)
FORCEINLINE BOOLEAN	MI_IS_WS_UNSAFE (IN PEPROCESS Process)
FORCEINLINE VOID	MiLockProcessWorkingSet (IN PEPROCESS Process, IN PETHREAD Thread)
FORCEINLINE VOID	MiLockProcessWorkingSetShared (IN PEPROCESS Process, IN PETHREAD Thread)
FORCEINLINE VOID	MiLockProcessWorkingSetUnsafe (IN PEPROCESS Process, IN PETHREAD Thread)
FORCEINLINE VOID	MiUnlockProcessWorkingSet (IN PEPROCESS Process, IN PETHREAD Thread)
FORCEINLINE VOID	MiUnlockProcessWorkingSetShared (IN PEPROCESS Process, IN PETHREAD Thread)
FORCEINLINE VOID	MiUnlockProcessWorkingSetUnsafe (IN PEPROCESS Process, IN PETHREAD Thread)
FORCEINLINE VOID	MiLockWorkingSet (IN PETHREAD Thread, IN PMMSUPPORT WorkingSet)
FORCEINLINE VOID	MiLockWorkingSetShared (_In_ PETHREAD Thread, _In_ PMMSUPPORT WorkingSet)
FORCEINLINE VOID	MiUnlockWorkingSet (IN PETHREAD Thread, IN PMMSUPPORT WorkingSet)
FORCEINLINE VOID	MiUnlockWorkingSetShared (_In_ PETHREAD Thread, _In_ PMMSUPPORT WorkingSet)
FORCEINLINE BOOLEAN	MiConvertSharedWorkingSetLockToExclusive (_In_ PETHREAD Thread, _In_ PMMSUPPORT Vm)
FORCEINLINE VOID	MiUnlockProcessWorkingSetForFault (IN PEPROCESS Process, IN PETHREAD Thread, OUT PBOOLEAN Safe, OUT PBOOLEAN Shared)
FORCEINLINE VOID	MiLockProcessWorkingSetForFault (IN PEPROCESS Process, IN PETHREAD Thread, IN BOOLEAN Safe, IN BOOLEAN Shared)
FORCEINLINE KIRQL	MiAcquireExpansionLock (VOID)
FORCEINLINE VOID	MiReleaseExpansionLock (KIRQL OldIrql)
FORCEINLINE PMMPTE	MI_GET_PROTOTYPE_PTE_FOR_VPN (IN PMMVAD Vad, IN ULONG_PTR Vpn)
FORCEINLINE PMMPFN	MI_PFN_ELEMENT (IN PFN_NUMBER Pfn)
FORCEINLINE VOID	MiDropLockCount (IN PMMPFN Pfn1)
FORCEINLINE VOID	MiDereferencePfnAndDropLockCount (IN PMMPFN Pfn1)
FORCEINLINE VOID	MiReferenceProbedPageAndBumpLockCount (IN PMMPFN Pfn1)
FORCEINLINE VOID	MiReferenceUsedPageAndBumpLockCount (IN PMMPFN Pfn1)
FORCEINLINE VOID	MiReferenceUnusedPageAndBumpLockCount (IN PMMPFN Pfn1)
BOOLEAN NTAPI	MmArmInitSystem (IN ULONG Phase, IN PLOADER_PARAMETER_BLOCK LoaderBlock)
VOID NTAPI	MiInitializeSessionSpaceLayout (VOID)
NTSTATUS NTAPI	MiInitMachineDependent (IN PLOADER_PARAMETER_BLOCK LoaderBlock)
VOID NTAPI	MiComputeColorInformation (VOID)
VOID NTAPI	MiMapPfnDatabase (IN PLOADER_PARAMETER_BLOCK LoaderBlock)
VOID NTAPI	MiInitializeColorTables (VOID)
VOID NTAPI	MiInitializePfnDatabase (IN PLOADER_PARAMETER_BLOCK LoaderBlock)
VOID NTAPI	MiInitializeSessionWsSupport (VOID)
VOID NTAPI	MiInitializeSessionIds (VOID)
BOOLEAN NTAPI	MiInitializeMemoryEvents (VOID)
PFN_NUMBER NTAPI	MxGetNextPage (IN PFN_NUMBER PageCount)
PPHYSICAL_MEMORY_DESCRIPTOR NTAPI	MmInitializeMemoryLimits (IN PLOADER_PARAMETER_BLOCK LoaderBlock, IN PBOOLEAN IncludeType)
PFN_NUMBER NTAPI	MiPagesInLoaderBlock (IN PLOADER_PARAMETER_BLOCK LoaderBlock, IN PBOOLEAN IncludeType)
VOID FASTCALL	MiSyncARM3WithROS (IN PVOID AddressStart, IN PVOID AddressEnd)
NTSTATUS NTAPI	MiRosProtectVirtualMemory (IN PEPROCESS Process, IN OUT PVOID *BaseAddress, IN OUT PSIZE_T NumberOfBytesToProtect, IN ULONG NewAccessProtection, OUT PULONG OldAccessProtection OPTIONAL)
NTSTATUS NTAPI	MmArmAccessFault (IN ULONG FaultCode, IN PVOID Address, IN KPROCESSOR_MODE Mode, IN PVOID TrapInformation)
NTSTATUS FASTCALL	MiCheckPdeForPagedPool (IN PVOID Address)
VOID NTAPI	MiInitializeNonPagedPoolThresholds (VOID)
VOID NTAPI	MiInitializePoolEvents (VOID)
VOID NTAPI	InitializePool (IN POOL_TYPE PoolType, IN ULONG Threshold)
VOID NTAPI	ExInitializePoolDescriptor (IN PPOOL_DESCRIPTOR PoolDescriptor, IN POOL_TYPE PoolType, IN ULONG PoolIndex, IN ULONG Threshold, IN PVOID PoolLock)
NTSTATUS NTAPI	MiInitializeSessionPool (VOID)
VOID NTAPI	MiInitializeSystemPtes (IN PMMPTE StartingPte, IN ULONG NumberOfPtes, IN MMSYSTEM_PTE_POOL_TYPE PoolType)
PMMPTE NTAPI	MiReserveSystemPtes (IN ULONG NumberOfPtes, IN MMSYSTEM_PTE_POOL_TYPE SystemPtePoolType)
VOID NTAPI	MiReleaseSystemPtes (IN PMMPTE StartingPte, IN ULONG NumberOfPtes, IN MMSYSTEM_PTE_POOL_TYPE SystemPtePoolType)
PFN_NUMBER NTAPI	MiFindContiguousPages (IN PFN_NUMBER LowestPfn, IN PFN_NUMBER HighestPfn, IN PFN_NUMBER BoundaryPfn, IN PFN_NUMBER SizeInPages, IN MEMORY_CACHING_TYPE CacheType)
PVOID NTAPI	MiCheckForContiguousMemory (IN PVOID BaseAddress, IN PFN_NUMBER BaseAddressPages, IN PFN_NUMBER SizeInPages, IN PFN_NUMBER LowestPfn, IN PFN_NUMBER HighestPfn, IN PFN_NUMBER BoundaryPfn, IN MI_PFN_CACHE_ATTRIBUTE CacheAttribute)
PMDL NTAPI	MiAllocatePagesForMdl (IN PHYSICAL_ADDRESS LowAddress, IN PHYSICAL_ADDRESS HighAddress, IN PHYSICAL_ADDRESS SkipBytes, IN SIZE_T TotalBytes, IN MI_PFN_CACHE_ATTRIBUTE CacheAttribute, IN ULONG Flags)
VOID NTAPI	MiInsertPageInList (IN PMMPFNLIST ListHead, IN PFN_NUMBER PageFrameIndex)
VOID NTAPI	MiUnlinkFreeOrZeroedPage (IN PMMPFN Entry)
VOID NTAPI	MiUnlinkPageFromList (IN PMMPFN Pfn)
VOID NTAPI	MiInitializePfn (IN PFN_NUMBER PageFrameIndex, IN PMMPTE PointerPte, IN BOOLEAN Modified)
NTSTATUS NTAPI	MiInitializeAndChargePfn (OUT PPFN_NUMBER PageFrameIndex, IN PMMPDE PointerPde, IN PFN_NUMBER ContainingPageFrame, IN BOOLEAN SessionAllocation)
VOID NTAPI	MiInitializePfnAndMakePteValid (IN PFN_NUMBER PageFrameIndex, IN PMMPTE PointerPte, IN MMPTE TempPte)
VOID NTAPI	MiInitializePfnForOtherProcess (IN PFN_NUMBER PageFrameIndex, IN PVOID PteAddress, IN PFN_NUMBER PteFrame)
VOID NTAPI	MiDecrementShareCount (IN PMMPFN Pfn1, IN PFN_NUMBER PageFrameIndex)
PFN_NUMBER NTAPI	MiRemoveAnyPage (IN ULONG Color)
PFN_NUMBER NTAPI	MiRemoveZeroPage (IN ULONG Color)
VOID NTAPI	MiZeroPhysicalPage (IN PFN_NUMBER PageFrameIndex)
VOID NTAPI	MiInsertPageInFreeList (IN PFN_NUMBER PageFrameIndex)
PFN_COUNT NTAPI	MiDeleteSystemPageableVm (IN PMMPTE PointerPte, IN PFN_NUMBER PageCount, IN ULONG Flags, OUT PPFN_NUMBER ValidPages)
ULONG NTAPI	MiGetPageProtection (IN PMMPTE PointerPte)
PLDR_DATA_TABLE_ENTRY NTAPI	MiLookupDataTableEntry (IN PVOID Address)
VOID NTAPI	MiInitializeDriverLargePageList (VOID)
VOID NTAPI	MiInitializeLargePageSupport (VOID)
VOID NTAPI	MiSyncCachedRanges (VOID)
BOOLEAN NTAPI	MiIsPfnInUse (IN PMMPFN Pfn1)
PMMVAD NTAPI	MiLocateAddress (IN PVOID VirtualAddress)
TABLE_SEARCH_RESULT NTAPI	MiCheckForConflictingNode (IN ULONG_PTR StartVpn, IN ULONG_PTR EndVpn, IN PMM_AVL_TABLE Table, OUT PMMADDRESS_NODE *NodeOrParent)
TABLE_SEARCH_RESULT NTAPI	MiFindEmptyAddressRangeDownTree (IN SIZE_T Length, IN ULONG_PTR BoundaryAddress, IN ULONG_PTR Alignment, IN PMM_AVL_TABLE Table, OUT PULONG_PTR Base, OUT PMMADDRESS_NODE *Parent)
NTSTATUS NTAPI	MiFindEmptyAddressRangeDownBasedTree (IN SIZE_T Length, IN ULONG_PTR BoundaryAddress, IN ULONG_PTR Alignment, IN PMM_AVL_TABLE Table, OUT PULONG_PTR Base)
TABLE_SEARCH_RESULT NTAPI	MiFindEmptyAddressRangeInTree (IN SIZE_T Length, IN ULONG_PTR Alignment, IN PMM_AVL_TABLE Table, OUT PMMADDRESS_NODE *PreviousVad, OUT PULONG_PTR Base)
NTSTATUS NTAPI	MiCheckSecuredVad (IN PMMVAD Vad, IN PVOID Base, IN SIZE_T Size, IN ULONG ProtectionMask)
VOID NTAPI	MiInsertVad (_Inout_ PMMVAD Vad, _Inout_ PMM_AVL_TABLE VadRoot)
NTSTATUS NTAPI	MiInsertVadEx (_Inout_ PMMVAD Vad, _In_ ULONG_PTR *BaseAddress, _In_ SIZE_T ViewSize, _In_ ULONG_PTR HighestAddress, _In_ ULONG_PTR Alignment, _In_ ULONG AllocationType)
VOID NTAPI	MiInsertBasedSection (IN PSECTION Section)
NTSTATUS NTAPI	MiUnmapViewOfSection (IN PEPROCESS Process, IN PVOID BaseAddress, IN ULONG Flags)
NTSTATUS NTAPI	MiRosUnmapViewOfSection (IN PEPROCESS Process, IN PVOID BaseAddress, IN BOOLEAN SkipDebuggerNotify)
VOID NTAPI	MiInsertNode (IN PMM_AVL_TABLE Table, IN PMMADDRESS_NODE NewNode, PMMADDRESS_NODE Parent, TABLE_SEARCH_RESULT Result)
VOID NTAPI	MiRemoveNode (IN PMMADDRESS_NODE Node, IN PMM_AVL_TABLE Table)
PMMADDRESS_NODE NTAPI	MiGetPreviousNode (IN PMMADDRESS_NODE Node)
PMMADDRESS_NODE NTAPI	MiGetNextNode (IN PMMADDRESS_NODE Node)
BOOLEAN NTAPI	MiInitializeSystemSpaceMap (IN PMMSESSION InputSession OPTIONAL)
VOID NTAPI	MiSessionRemoveProcess (VOID)
VOID NTAPI	MiReleaseProcessReferenceToSessionDataPage (IN PMM_SESSION_SPACE SessionGlobal)
VOID NTAPI	MiSessionAddProcess (IN PEPROCESS NewProcess)
NTSTATUS NTAPI	MiSessionCommitPageTables (IN PVOID StartVa, IN PVOID EndVa)
ULONG NTAPI	MiMakeProtectionMask (IN ULONG Protect)
VOID NTAPI	MiDeleteVirtualAddresses (IN ULONG_PTR Va, IN ULONG_PTR EndingAddress, IN PMMVAD Vad)
VOID NTAPI	MiDeletePte (IN PMMPTE PointerPte, IN PVOID VirtualAddress, IN PEPROCESS CurrentProcess, IN PMMPTE PrototypePte)
ULONG NTAPI	MiMakeSystemAddressValid (IN PVOID PageTableVirtualAddress, IN PEPROCESS CurrentProcess)
ULONG NTAPI	MiMakeSystemAddressValidPfn (IN PVOID VirtualAddress, IN KIRQL OldIrql)
VOID NTAPI	MiRemoveMappedView (IN PEPROCESS CurrentProcess, IN PMMVAD Vad)
PSUBSECTION NTAPI	MiLocateSubsection (IN PMMVAD Vad, IN ULONG_PTR Vpn)
VOID NTAPI	MiDeleteARM3Section (PVOID ObjectBody)
NTSTATUS NTAPI	MiQueryMemorySectionName (IN HANDLE ProcessHandle, IN PVOID BaseAddress, OUT PVOID MemoryInformation, IN SIZE_T MemoryInformationLength, OUT PSIZE_T ReturnLength)
NTSTATUS NTAPI	MiRosUnmapViewInSystemSpace (IN PVOID MappedBase)
VOID NTAPI	MiMakePdeExistAndMakeValid (IN PMMPDE PointerPde, IN PEPROCESS TargetProcess, IN KIRQL OldIrql)
VOID NTAPI	MiWriteProtectSystemImage (_In_ PVOID ImageBase)
FORCEINLINE PFN_NUMBER	MiRemoveZeroPageSafe (IN ULONG Color)
FORCEINLINE USHORT	MiIncrementPageTableReferences (IN PVOID Address)
FORCEINLINE USHORT	MiDecrementPageTableReferences (IN PVOID Address)
FORCEINLINE VOID	MiDeletePde (_In_ PMMPDE PointerPde, _In_ PEPROCESS CurrentProcess)

Variables
const ULONG_PTR	MmProtectToPteMask [32]
const ULONG	MmProtectToValue [32]
ULONG	ExpNumberOfPagedPools
POOL_DESCRIPTOR	NonPagedPoolDescriptor
PPOOL_DESCRIPTOR	ExpPagedPoolDescriptor [16+1]
PPOOL_TRACKER_TABLE	PoolTrackTable
PMM_SESSION_SPACE	MmSessionSpace
MMPTE	HyperTemplatePte
MMPDE	ValidKernelPde
MMPTE	ValidKernelPte
MMPDE	ValidKernelPdeLocal
MMPTE	ValidKernelPteLocal
MMPDE	DemandZeroPde
MMPTE	DemandZeroPte
MMPTE	PrototypePte
MMPTE	MmDecommittedPte
BOOLEAN	MmLargeSystemCache
BOOLEAN	MmZeroPageFile
BOOLEAN	MmProtectFreedNonPagedPool
BOOLEAN	MmTrackLockedPages
BOOLEAN	MmTrackPtes
BOOLEAN	MmDynamicPfn
BOOLEAN	MmMirroring
BOOLEAN	MmMakeLowMemory
BOOLEAN	MmEnforceWriteProtection
SIZE_T	MmAllocationFragment
ULONG	MmConsumedPoolPercentage
ULONG	MmVerifyDriverBufferType
ULONG	MmVerifyDriverLevel
WCHAR	MmVerifyDriverBuffer [512]
WCHAR	MmLargePageDriverBuffer [512]
LIST_ENTRY	MiLargePageDriverList
BOOLEAN	MiLargePageAllDrivers
ULONG	MmVerifyDriverBufferLength
ULONG	MmLargePageDriverBufferLength
SIZE_T	MmSizeOfNonPagedPoolInBytes
SIZE_T	MmMaximumNonPagedPoolInBytes
PFN_NUMBER	MmMaximumNonPagedPoolInPages
PFN_NUMBER	MmSizeOfPagedPoolInPages
PVOID	MmNonPagedSystemStart
PVOID	MmNonPagedPoolStart
PVOID	MmNonPagedPoolExpansionStart
PVOID	MmNonPagedPoolEnd
SIZE_T	MmSizeOfPagedPoolInBytes
PVOID	MmPagedPoolStart
PVOID	MmPagedPoolEnd
PVOID	MmSessionBase
SIZE_T	MmSessionSize
PMMPTE	MmFirstReservedMappingPte
PMMPTE	MmLastReservedMappingPte
PMMPTE	MiFirstReservedZeroingPte
MI_PFN_CACHE_ATTRIBUTE	MiPlatformCacheAttributes [2][MmMaximumCacheType]
PPHYSICAL_MEMORY_DESCRIPTOR	MmPhysicalMemoryBlock
SIZE_T	MmBootImageSize
PMMPTE	MmSystemPtesStart [MaximumPtePoolTypes]
PMMPTE	MmSystemPtesEnd [MaximumPtePoolTypes]
PMEMORY_ALLOCATION_DESCRIPTOR	MxFreeDescriptor
MEMORY_ALLOCATION_DESCRIPTOR	MxOldFreeDescriptor
ULONG_PTR	MxPfnAllocation
MM_PAGED_POOL_INFO	MmPagedPoolInfo
KGUARDED_MUTEX	MmPagedPoolMutex
KGUARDED_MUTEX	MmSectionCommitMutex
PVOID	MiSystemViewStart
SIZE_T	MmSystemViewSize
PVOID	MiSessionSpaceEnd
PMMPTE	MiSessionImagePteStart
PMMPTE	MiSessionImagePteEnd
PMMPTE	MiSessionBasePte
PMMPTE	MiSessionLastPte
PMMPDE	MmSystemPagePtes
PVOID	MmSystemCacheStart
PVOID	MmSystemCacheEnd
MMSUPPORT	MmSystemCacheWs
SIZE_T	MmAllocatedNonPagedPool
ULONG	MmSpecialPoolTag
PVOID	MmHyperSpaceEnd
PMMWSL	MmSystemCacheWorkingSetList
SIZE_T	MmMinimumNonPagedPoolSize
ULONG	MmMinAdditionNonPagedPoolPerMb
SIZE_T	MmDefaultMaximumNonPagedPool
ULONG	MmMaxAdditionNonPagedPoolPerMb
ULONG	MmSecondaryColors
ULONG	MmSecondaryColorMask
ULONG	MmNumberOfSystemPtes
ULONG	MmMaximumNonPagedPoolPercent
ULONG	MmLargeStackSize
PMMCOLOR_TABLES	MmFreePagesByColor [FreePageList+1]
MMPFNLIST	MmStandbyPageListByPriority [8]
ULONG	MmProductType
MM_SYSTEMSIZE	MmSystemSize
PKEVENT	MiLowMemoryEvent
PKEVENT	MiHighMemoryEvent
PKEVENT	MiLowPagedPoolEvent
PKEVENT	MiHighPagedPoolEvent
PKEVENT	MiLowNonPagedPoolEvent
PKEVENT	MiHighNonPagedPoolEvent
PFN_NUMBER	MmLowMemoryThreshold
PFN_NUMBER	MmHighMemoryThreshold
PFN_NUMBER	MiLowPagedPoolThreshold
PFN_NUMBER	MiHighPagedPoolThreshold
PFN_NUMBER	MiLowNonPagedPoolThreshold
PFN_NUMBER	MiHighNonPagedPoolThreshold
PFN_NUMBER	MmMinimumFreePages
PFN_NUMBER	MmPlentyFreePages
SIZE_T	MmMinimumStackCommitInBytes
PFN_COUNT	MiExpansionPoolPagesInitialCharge
PFN_NUMBER	MmResidentAvailableAtInit
ULONG	MmTotalFreeSystemPtes [MaximumPtePoolTypes]
PFN_NUMBER	MmTotalSystemDriverPages
ULONG	MmCritsectTimeoutSeconds
PVOID	MiSessionImageStart
PVOID	MiSessionImageEnd
PMMPTE	MiHighestUserPte
PMMPDE	MiHighestUserPde
PFN_NUMBER	MmSystemPageDirectory [PPE_PER_PAGE]
PMMPTE	MmSharedUserDataPte
LIST_ENTRY	MmProcessList
KEVENT	MmZeroingPageEvent
ULONG	MmSystemPageColor
ULONG	MmProcessColorSeed
PMMWSL	MmWorkingSetList
PFN_NUMBER	MiNumberOfFreePages
SIZE_T	MmSessionViewSize
SIZE_T	MmSessionPoolSize
SIZE_T	MmSessionImageSize
PVOID	MiSessionPoolEnd
PVOID	MiSessionPoolStart
PVOID	MiSessionViewStart
PVOID	MiSessionSpaceWs
ULONG	MmMaximumDeadKernelStacks
SLIST_HEADER	MmDeadStackSListHead
MM_AVL_TABLE	MmSectionBasedRoot
KGUARDED_MUTEX	MmSectionBasedMutex
PVOID	MmHighSectionBase
SIZE_T	MmSystemLockPagesCount
ULONG_PTR	MmSubsectionBase
LARGE_INTEGER	MmCriticalSectionTimeout
LIST_ENTRY	MmWorkingSetExpansionHead
KSPIN_LOCK	MmExpansionLock
PETHREAD	MiExpansionLockOwner

Macro Definition Documentation

_1GB

#define _1GB   (1024 * _1MB)

Definition at line 20 of file miarm.h.

_1KB

#define _1KB   (1024u)

Definition at line 18 of file miarm.h.

_1MB

#define _1MB   (1024 * _1KB)

Definition at line 19 of file miarm.h.

_64K

#define _64K   (64 * _1KB)

Definition at line 23 of file miarm.h.

BASE_POOL_TYPE_MASK

#define BASE_POOL_TYPE_MASK   1

Definition at line 277 of file miarm.h.

IMAGE_SCN_PROTECTION_MASK

#define IMAGE_SCN_PROTECTION_MASK   (IMAGE_SCN_MEM_WRITE | IMAGE_SCN_MEM_READ | IMAGE_SCN_MEM_EXECUTE)

Definition at line 160 of file miarm.h.

MI_GET_NEXT_COLOR

#define MI_GET_NEXT_COLOR

(

)

(MI_GET_PAGE_COLOR(++MmSystemPageColor))

Definition at line 237 of file miarm.h.

MI_GET_NEXT_PROCESS_COLOR

#define MI_GET_NEXT_PROCESS_COLOR

(

x

)

(MI_GET_PAGE_COLOR(++(x)->NextPageColor))

Definition at line 238 of file miarm.h.

MI_GET_PAGE_COLOR

#define MI_GET_PAGE_COLOR

(

x

)

((x) & MmSecondaryColorMask)

Definition at line 236 of file miarm.h.

MI_INITIAL_SESSION_IDS

#define MI_INITIAL_SESSION_IDS   64

Definition at line 212 of file miarm.h.

MI_IS_PAGE_TABLE_ADDRESS

#define MI_IS_PAGE_TABLE_ADDRESS

(

Address

)

(((PVOID)(Address) >= (PVOID)PTE_BASE) && ((PVOID)(Address) <= (PVOID)PTE_TOP))

Definition at line 177 of file miarm.h.

MI_IS_PAGE_TABLE_OR_HYPER_ADDRESS

#define MI_IS_PAGE_TABLE_OR_HYPER_ADDRESS

(

Address

)

(((PVOID)(Address) >= (PVOID)PTE_BASE) && ((PVOID)(Address) <= (PVOID)MmHyperSpaceEnd))

Definition at line 183 of file miarm.h.

MI_IS_PFN_DELETED

#define MI_IS_PFN_DELETED

(

x

)

((ULONG_PTR)((x)->PteAddress) & 1)

Definition at line 195 of file miarm.h.

MI_IS_ROS_PFN

#define MI_IS_ROS_PFN

(

x

)

((x)->u4.AweAllocation == TRUE)

Definition at line 1108 of file miarm.h.

MI_IS_SESSION_ADDRESS

#define MI_IS_SESSION_ADDRESS

(

Address

)

(((Address) >= MmSessionBase) && ((Address) < MiSessionSpaceEnd))

Definition at line 171 of file miarm.h.

MI_IS_SESSION_IMAGE_ADDRESS

#define MI_IS_SESSION_IMAGE_ADDRESS

(

Address

)

(((Address) >= MiSessionImageStart) && ((Address) < MiSessionImageEnd))

Definition at line 168 of file miarm.h.

MI_IS_SESSION_PTE

#define MI_IS_SESSION_PTE

(

Pte

)

((((PMMPTE)Pte) >= MiSessionBasePte) && (((PMMPTE)Pte) < MiSessionLastPte))

Definition at line 174 of file miarm.h.

MI_IS_SYSTEM_PAGE_TABLE_ADDRESS

#define MI_IS_SYSTEM_PAGE_TABLE_ADDRESS

(

Address

)

(((Address) >= (PVOID)MiAddressToPte(MmSystemRangeStart)) && ((Address) <= (PVOID)PTE_TOP))

Definition at line 180 of file miarm.h.

MI_LOWEST_VAD_ADDRESS

#define MI_LOWEST_VAD_ADDRESS   (PVOID)MM_LOWEST_USER_ADDRESS

Definition at line 15 of file miarm.h.

MI_MAKE_SOFTWARE_PTE

#define MI_MAKE_SOFTWARE_PTE	(		p,
			x
	)		((p)->u.Long = (x << MM_PTE_SOFTWARE_PROTECTION_BITS))

Definition at line 189 of file miarm.h.

MI_PTE_LOOKUP_NEEDED

#define MI_PTE_LOOKUP_NEEDED   0xFFFFF

Definition at line 246 of file miarm.h.

MI_SESSION_DATA_PAGES_MAXIMUM

#define MI_SESSION_DATA_PAGES_MAXIMUM   (MM_ALLOCATION_GRANULARITY / PAGE_SIZE)

Definition at line 252 of file miarm.h.

MI_SESSION_TAG_PAGES_MAXIMUM

#define MI_SESSION_TAG_PAGES_MAXIMUM   (MM_ALLOCATION_GRANULARITY / PAGE_SIZE)

Definition at line 253 of file miarm.h.

MI_SET_PFN_DELETED

#define MI_SET_PFN_DELETED

(

x

)

((x)->PteAddress = (PMMPTE)((ULONG_PTR)(x)->PteAddress | 1))

Definition at line 194 of file miarm.h.

MI_SYSTEM_VIEW_BUCKET_SIZE

#define MI_SYSTEM_VIEW_BUCKET_SIZE   _64K

Definition at line 266 of file miarm.h.

MM_DECOMMIT

#define MM_DECOMMIT   (MM_ZERO_ACCESS | MM_GUARDPAGE)

Definition at line 64 of file miarm.h.

MM_DELETE_CHECK

#define MM_DELETE_CHECK   85

Definition at line 261 of file miarm.h.

MM_EXECUTE

#define MM_EXECUTE   2

Definition at line 45 of file miarm.h.

MM_EXECUTE_READ

#define MM_EXECUTE_READ   3

Definition at line 46 of file miarm.h.

MM_EXECUTE_READWRITE

#define MM_EXECUTE_READWRITE   6

Definition at line 49 of file miarm.h.

MM_EXECUTE_WRITECOPY

#define MM_EXECUTE_WRITECOPY   7

Definition at line 50 of file miarm.h.

MM_GUARDPAGE

#define MM_GUARDPAGE   0x10

Definition at line 57 of file miarm.h.

MM_INVALID_PROTECTION

#define MM_INVALID_PROTECTION   0xFFFFFFFF

Definition at line 67 of file miarm.h.

MM_NO_ACCESS_ALLOWED

#define MM_NO_ACCESS_ALLOWED   01

Definition at line 260 of file miarm.h.

MM_NOACCESS

#define MM_NOACCESS   (MM_ZERO_ACCESS | MM_WRITECOMBINE)

Definition at line 65 of file miarm.h.

MM_NOCACHE

#define MM_NOCACHE   0x08

Definition at line 56 of file miarm.h.

MM_OUTSWAPPED_KSTACK

#define MM_OUTSWAPPED_KSTACK   (MM_EXECUTE_WRITECOPY | MM_WRITECOMBINE)

Definition at line 66 of file miarm.h.

MM_PROTECT_ACCESS

#define MM_PROTECT_ACCESS   7

Definition at line 51 of file miarm.h.

MM_PROTECT_SPECIAL

#define MM_PROTECT_SPECIAL   0x18

Definition at line 59 of file miarm.h.

MM_READ_ONLY_ALLOWED

#define MM_READ_ONLY_ALLOWED   10

Definition at line 259 of file miarm.h.

MM_READ_WRITE_ALLOWED

#define MM_READ_WRITE_ALLOWED   11

Definition at line 258 of file miarm.h.

MM_READONLY

#define MM_READONLY   1

Definition at line 44 of file miarm.h.

MM_READWRITE

#define MM_READWRITE   4

Definition at line 47 of file miarm.h.

MM_SYSLDR_BOOT_LOADED

#define MM_SYSLDR_BOOT_LOADED   (PVOID)0xFFFFFFFF

Definition at line 205 of file miarm.h.

MM_SYSLDR_NO_IMPORTS

#define MM_SYSLDR_NO_IMPORTS   (PVOID)0xFFFFFFFE

Definition at line 204 of file miarm.h.

MM_SYSLDR_SINGLE_ENTRY

#define MM_SYSLDR_SINGLE_ENTRY   0x1

Definition at line 207 of file miarm.h.

MM_WRITECOMBINE

#define MM_WRITECOMBINE   0x18

Definition at line 58 of file miarm.h.

MM_WRITECOPY

#define MM_WRITECOPY   5

Definition at line 48 of file miarm.h.

MM_ZERO_ACCESS

#define MM_ZERO_ACCESS   0

Definition at line 43 of file miarm.h.

PD_SIZE

#define PD_SIZE   (PDE_PER_PAGE * sizeof(MMPDE))

Definition at line 29 of file miarm.h.

POOL_ALLOC_IRQL_INVALID

#define POOL_ALLOC_IRQL_INVALID   8

Definition at line 309 of file miarm.h.

POOL_BILLED_PROCESS_INVALID

#define POOL_BILLED_PROCESS_INVALID   13

Definition at line 311 of file miarm.h.

POOL_BLOCK_SIZE

#define POOL_BLOCK_SIZE   8

Definition at line 274 of file miarm.h.

POOL_CORRUPTED_LIST

#define POOL_CORRUPTED_LIST   3

Definition at line 295 of file miarm.h.

POOL_ENTRIES_NOT_ALIGNED_NEXT

#define POOL_ENTRIES_NOT_ALIGNED_NEXT   9

Definition at line 300 of file miarm.h.

POOL_ENTRIES_NOT_ALIGNED_PREVIOUS

#define POOL_ENTRIES_NOT_ALIGNED_PREVIOUS   6

Definition at line 297 of file miarm.h.

POOL_ENTRY_ALREADY_FREE

#define POOL_ENTRY_ALREADY_FREE   6

Definition at line 307 of file miarm.h.

POOL_ENTRY_CORRUPTED

#define POOL_ENTRY_CORRUPTED   1

Definition at line 306 of file miarm.h.

POOL_ENTRY_NOT_ALLOCATED

#define POOL_ENTRY_NOT_ALLOCATED   7

Definition at line 308 of file miarm.h.

POOL_ENTRY_NOT_FOUND

#define POOL_ENTRY_NOT_FOUND   10

Definition at line 301 of file miarm.h.

POOL_FLAG_CHECK_DEADLOCK

#define POOL_FLAG_CHECK_DEADLOCK   0x10

Definition at line 287 of file miarm.h.

POOL_FLAG_CHECK_RESOURCES

#define POOL_FLAG_CHECK_RESOURCES   0x4

Definition at line 285 of file miarm.h.

POOL_FLAG_CHECK_TIMERS

#define POOL_FLAG_CHECK_TIMERS   0x1

Definition at line 283 of file miarm.h.

POOL_FLAG_CHECK_WORKERS

#define POOL_FLAG_CHECK_WORKERS   0x2

Definition at line 284 of file miarm.h.

POOL_FLAG_CRASH_ON_FAILURE

#define POOL_FLAG_CRASH_ON_FAILURE   0x80

Definition at line 290 of file miarm.h.

POOL_FLAG_DBGPRINT_ON_FAILURE

#define POOL_FLAG_DBGPRINT_ON_FAILURE   0x40

Definition at line 289 of file miarm.h.

POOL_FLAG_SPECIAL_POOL

#define POOL_FLAG_SPECIAL_POOL   0x20

Definition at line 288 of file miarm.h.

POOL_FLAG_VERIFIER

#define POOL_FLAG_VERIFIER   0x8

Definition at line 286 of file miarm.h.

POOL_FREE_IRQL_INVALID

#define POOL_FREE_IRQL_INVALID   9

Definition at line 310 of file miarm.h.

POOL_HEADER_IS_ZERO

#define POOL_HEADER_IS_ZERO   8

Definition at line 299 of file miarm.h.

POOL_HEADER_NOT_ALIGNED

#define POOL_HEADER_NOT_ALIGNED   7

Definition at line 298 of file miarm.h.

POOL_HEADER_SIZE_INVALID

#define POOL_HEADER_SIZE_INVALID   32

Definition at line 312 of file miarm.h.

POOL_LISTS_PER_PAGE

#define POOL_LISTS_PER_PAGE   (PAGE_SIZE / POOL_BLOCK_SIZE)

Definition at line 276 of file miarm.h.

POOL_MAX_ALLOC

#define POOL_MAX_ALLOC   (PAGE_SIZE - (sizeof(POOL_HEADER) + POOL_BLOCK_SIZE))

Definition at line 278 of file miarm.h.

POOL_SIZE_OR_INDEX_MISMATCH

#define POOL_SIZE_OR_INDEX_MISMATCH   5

Definition at line 296 of file miarm.h.

PT_SIZE

#define PT_SIZE   (PTE_PER_PAGE * sizeof(MMPTE))

Definition at line 26 of file miarm.h.

SYSTEM_PD_SIZE

#define SYSTEM_PD_SIZE   (PPE_PER_PAGE * PD_SIZE)

Definition at line 32 of file miarm.h.

Typedef Documentation

MI_LARGE_PAGE_DRIVER_ENTRY

typedef struct _MI_LARGE_PAGE_DRIVER_ENTRY MI_LARGE_PAGE_DRIVER_ENTRY

MI_LARGE_PAGE_RANGES

typedef struct _MI_LARGE_PAGE_RANGES MI_LARGE_PAGE_RANGES

MI_PFN_CACHE_ATTRIBUTE

typedef enum _MI_PFN_CACHE_ATTRIBUTE MI_PFN_CACHE_ATTRIBUTE

MM_SESSION_SPACE

typedef struct _MM_SESSION_SPACE MM_SESSION_SPACE

MM_SESSION_SPACE_FLAGS

typedef struct _MM_SESSION_SPACE_FLAGS MM_SESSION_SPACE_FLAGS

MMCOLOR_TABLES

typedef struct _MMCOLOR_TABLES MMCOLOR_TABLES

MMSESSION

typedef struct _MMSESSION MMSESSION

MMSYSTEM_PTE_POOL_TYPE

typedef enum _MMSYSTEM_PTE_POOL_TYPE MMSYSTEM_PTE_POOL_TYPE

MMVIEW

typedef struct _MMVIEW MMVIEW

PHYSICAL_MEMORY_DESCRIPTOR

typedef struct _PHYSICAL_MEMORY_DESCRIPTOR PHYSICAL_MEMORY_DESCRIPTOR

PHYSICAL_MEMORY_RUN

typedef struct _PHYSICAL_MEMORY_RUN PHYSICAL_MEMORY_RUN

PMI_LARGE_PAGE_DRIVER_ENTRY

typedef struct _MI_LARGE_PAGE_DRIVER_ENTRY * PMI_LARGE_PAGE_DRIVER_ENTRY

PMI_LARGE_PAGE_RANGES

typedef struct _MI_LARGE_PAGE_RANGES * PMI_LARGE_PAGE_RANGES

PMI_PFN_CACHE_ATTRIBUTE

typedef enum _MI_PFN_CACHE_ATTRIBUTE * PMI_PFN_CACHE_ATTRIBUTE

PMM_SESSION_SPACE

typedef struct _MM_SESSION_SPACE * PMM_SESSION_SPACE

PMMCOLOR_TABLES

typedef struct _MMCOLOR_TABLES * PMMCOLOR_TABLES

PMMSESSION

typedef struct _MMSESSION * PMMSESSION

PMMVIEW

typedef struct _MMVIEW * PMMVIEW

POOL_DESCRIPTOR

typedef struct _POOL_DESCRIPTOR POOL_DESCRIPTOR

POOL_HEADER

typedef struct _POOL_HEADER POOL_HEADER

POOL_TRACKER_BIG_PAGES

typedef struct _POOL_TRACKER_BIG_PAGES POOL_TRACKER_BIG_PAGES

POOL_TRACKER_TABLE

typedef struct _POOL_TRACKER_TABLE POOL_TRACKER_TABLE

PPHYSICAL_MEMORY_DESCRIPTOR

typedef struct _PHYSICAL_MEMORY_DESCRIPTOR * PPHYSICAL_MEMORY_DESCRIPTOR

PPHYSICAL_MEMORY_RUN

typedef struct _PHYSICAL_MEMORY_RUN * PPHYSICAL_MEMORY_RUN

PPOOL_DESCRIPTOR

typedef struct _POOL_DESCRIPTOR * PPOOL_DESCRIPTOR

PPOOL_HEADER

typedef struct _POOL_HEADER * PPOOL_HEADER

PPOOL_TRACKER_BIG_PAGES

typedef struct _POOL_TRACKER_BIG_PAGES * PPOOL_TRACKER_BIG_PAGES

PPOOL_TRACKER_TABLE

typedef struct _POOL_TRACKER_TABLE * PPOOL_TRACKER_TABLE

Enumeration Type Documentation

_MI_PFN_CACHE_ATTRIBUTE

enum _MI_PFN_CACHE_ATTRIBUTE

Enumerator
MiNonCached
MiCached
MiWriteCombined
MiNotMapped

Definition at line 413 of file miarm.h.

{
    MiNonCached,
    MiCached,
    MiWriteCombined,
    MiNotMapped
} MI_PFN_CACHE_ATTRIBUTE, *PMI_PFN_CACHE_ATTRIBUTE;

_MMSYSTEM_PTE_POOL_TYPE

enum _MMSYSTEM_PTE_POOL_TYPE

Enumerator
SystemPteSpace
NonPagedPoolExpansion
MaximumPtePoolTypes

Definition at line 406 of file miarm.h.

{
    SystemPteSpace,
    NonPagedPoolExpansion,
    MaximumPtePoolTypes
} MMSYSTEM_PTE_POOL_TYPE;

Function Documentation

C_ASSERT() [1/2]

C_ASSERT

(

sizeof(POOL_HEADER)

= =POOL_BLOCK_SIZE

)

C_ASSERT() [2/2]

C_ASSERT

(

POOL_BLOCK_SIZE

= =sizeof(LIST_ENTRY)

)

ExInitializePoolDescriptor()

VOID NTAPI ExInitializePoolDescriptor	(	IN PPOOL_DESCRIPTOR	PoolDescriptor,
		IN POOL_TYPE	PoolType,
		IN ULONG	PoolIndex,
		IN ULONG	Threshold,
		IN PVOID	PoolLock
	)

Definition at line 966 of file expool.c.

{
    PLIST_ENTRY NextEntry, LastEntry;

    //
    // Setup the descriptor based on the caller's request
    //
    PoolDescriptor->PoolType = PoolType;
    PoolDescriptor->PoolIndex = PoolIndex;
    PoolDescriptor->Threshold = Threshold;
    PoolDescriptor->LockAddress = PoolLock;

    //
    // Initialize accounting data
    //
    PoolDescriptor->RunningAllocs = 0;
    PoolDescriptor->RunningDeAllocs = 0;
    PoolDescriptor->TotalPages = 0;
    PoolDescriptor->TotalBytes = 0;
    PoolDescriptor->TotalBigPages = 0;

    //
    // Nothing pending for now
    //
    PoolDescriptor->PendingFrees = NULL;
    PoolDescriptor->PendingFreeDepth = 0;

    //
    // Loop all the descriptor's allocation lists and initialize them
    //
    NextEntry = PoolDescriptor->ListHeads;
    LastEntry = NextEntry + POOL_LISTS_PER_PAGE;
    while (NextEntry < LastEntry)
    {
        ExpInitializePoolListHead(NextEntry);
        NextEntry++;
    }

    //
    // Note that ReactOS does not support Session Pool Yet
    //
    ASSERT(PoolType != PagedPoolSession);
}

Referenced by InitializePool(), and MiInitializeSessionPool().

InitializePool()

VOID NTAPI InitializePool	(	IN POOL_TYPE	PoolType,
		IN ULONG	Threshold
	)

Definition at line 1017 of file expool.c.

{
    PPOOL_DESCRIPTOR Descriptor;
    SIZE_T TableSize;
    ULONG i;

    //
    // Check what kind of pool this is
    //
    if (PoolType == NonPagedPool)
    {
        //
        // Compute the track table size and convert it from a power of two to an
        // actual byte size
        //
        // NOTE: On checked builds, we'll assert if the registry table size was
        // invalid, while on retail builds we'll just break out of the loop at
        // that point.
        //
        TableSize = min(PoolTrackTableSize, MmSizeOfNonPagedPoolInBytes >> 8);
        for (i = 0; i < 32; i++)
        {
            if (TableSize & 1)
            {
                ASSERT((TableSize & ~1) == 0);
                if (!(TableSize & ~1)) break;
            }
            TableSize >>= 1;
        }

        //
        // If we hit bit 32, than no size was defined in the registry, so
        // we'll use the default size of 2048 entries.
        //
        // Otherwise, use the size from the registry, as long as it's not
        // smaller than 64 entries.
        //
        if (i == 32)
        {
            PoolTrackTableSize = 2048;
        }
        else
        {
            PoolTrackTableSize = max(1 << i, 64);
        }

        //
        // Loop trying with the biggest specified size first, and cut it down
        // by a power of two each iteration in case not enough memory exist
        //
        while (TRUE)
        {
            //
            // Do not allow overflow
            //
            if ((PoolTrackTableSize + 1) > (MAXULONG_PTR / sizeof(POOL_TRACKER_TABLE)))
            {
                PoolTrackTableSize >>= 1;
                continue;
            }

            //
            // Allocate the tracker table and exit the loop if this worked
            //
            PoolTrackTable = MiAllocatePoolPages(NonPagedPool,
                                                 (PoolTrackTableSize + 1) *
                                                 sizeof(POOL_TRACKER_TABLE));
            if (PoolTrackTable) break;

            //
            // Otherwise, as long as we're not down to the last bit, keep
            // iterating
            //
            if (PoolTrackTableSize == 1)
            {
                KeBugCheckEx(MUST_SUCCEED_POOL_EMPTY,
                             TableSize,
                             0xFFFFFFFF,
                             0xFFFFFFFF,
                             0xFFFFFFFF);
            }
            PoolTrackTableSize >>= 1;
        }

        //
        // Add one entry, compute the hash, and zero the table
        //
        PoolTrackTableSize++;
        PoolTrackTableMask = PoolTrackTableSize - 2;

        RtlZeroMemory(PoolTrackTable,
                      PoolTrackTableSize * sizeof(POOL_TRACKER_TABLE));

        //
        // Finally, add the most used tags to speed up those allocations
        //
        ExpSeedHotTags();

        //
        // We now do the exact same thing with the tracker table for big pages
        //
        TableSize = min(PoolBigPageTableSize, MmSizeOfNonPagedPoolInBytes >> 8);
        for (i = 0; i < 32; i++)
        {
            if (TableSize & 1)
            {
                ASSERT((TableSize & ~1) == 0);
                if (!(TableSize & ~1)) break;
            }
            TableSize >>= 1;
        }

        //
        // For big pages, the default tracker table is 4096 entries, while the
        // minimum is still 64
        //
        if (i == 32)
        {
            PoolBigPageTableSize = 4096;
        }
        else
        {
            PoolBigPageTableSize = max(1 << i, 64);
        }

        //
        // Again, run the exact same loop we ran earlier, but this time for the
        // big pool tracker instead
        //
        while (TRUE)
        {
            if ((PoolBigPageTableSize + 1) > (MAXULONG_PTR / sizeof(POOL_TRACKER_BIG_PAGES)))
            {
                PoolBigPageTableSize >>= 1;
                continue;
            }

            PoolBigPageTable = MiAllocatePoolPages(NonPagedPool,
                                                   PoolBigPageTableSize *
                                                   sizeof(POOL_TRACKER_BIG_PAGES));
            if (PoolBigPageTable) break;

            if (PoolBigPageTableSize == 1)
            {
                KeBugCheckEx(MUST_SUCCEED_POOL_EMPTY,
                             TableSize,
                             0xFFFFFFFF,
                             0xFFFFFFFF,
                             0xFFFFFFFF);
            }

            PoolBigPageTableSize >>= 1;
        }

        //
        // An extra entry is not needed for for the big pool tracker, so just
        // compute the hash and zero it
        //
        PoolBigPageTableHash = PoolBigPageTableSize - 1;
        RtlZeroMemory(PoolBigPageTable,
                      PoolBigPageTableSize * sizeof(POOL_TRACKER_BIG_PAGES));
        for (i = 0; i < PoolBigPageTableSize; i++)
        {
            PoolBigPageTable[i].Va = (PVOID)POOL_BIG_TABLE_ENTRY_FREE;
        }

        //
        // During development, print this out so we can see what's happening
        //
        DPRINT("EXPOOL: Pool Tracker Table at: 0x%p with 0x%lx bytes\n",
                PoolTrackTable, PoolTrackTableSize * sizeof(POOL_TRACKER_TABLE));
        DPRINT("EXPOOL: Big Pool Tracker Table at: 0x%p with 0x%lx bytes\n",
                PoolBigPageTable, PoolBigPageTableSize * sizeof(POOL_TRACKER_BIG_PAGES));

        //
        // Insert the generic tracker for all of big pool
        //
        ExpInsertPoolTracker('looP',
                             ROUND_TO_PAGES(PoolBigPageTableSize *
                                            sizeof(POOL_TRACKER_BIG_PAGES)),
                             NonPagedPool);

        //
        // No support for NUMA systems at this time
        //
        ASSERT(KeNumberNodes == 1);

        //
        // Initialize the tag spinlock
        //
        KeInitializeSpinLock(&ExpTaggedPoolLock);

        //
        // Initialize the nonpaged pool descriptor
        //
        PoolVector[NonPagedPool] = &NonPagedPoolDescriptor;
        ExInitializePoolDescriptor(PoolVector[NonPagedPool],
                                   NonPagedPool,
                                   0,
                                   Threshold,
                                   NULL);
    }
    else
    {
        //
        // No support for NUMA systems at this time
        //
        ASSERT(KeNumberNodes == 1);

        //
        // Allocate the pool descriptor
        //
        Descriptor = ExAllocatePoolWithTag(NonPagedPool,
                                           sizeof(KGUARDED_MUTEX) +
                                           sizeof(POOL_DESCRIPTOR),
                                           'looP');
        if (!Descriptor)
        {
            //
            // This is really bad...
            //
            KeBugCheckEx(MUST_SUCCEED_POOL_EMPTY,
                         0,
                         -1,
                         -1,
                         -1);
        }

        //
        // Setup the vector and guarded mutex for paged pool
        //
        PoolVector[PagedPool] = Descriptor;
        ExpPagedPoolMutex = (PKGUARDED_MUTEX)(Descriptor + 1);
        ExpPagedPoolDescriptor[0] = Descriptor;
        KeInitializeGuardedMutex(ExpPagedPoolMutex);
        ExInitializePoolDescriptor(Descriptor,
                                   PagedPool,
                                   0,
                                   Threshold,
                                   ExpPagedPoolMutex);

        //
        // Insert the generic tracker for all of nonpaged pool
        //
        ExpInsertPoolTracker('looP',
                             ROUND_TO_PAGES(PoolTrackTableSize * sizeof(POOL_TRACKER_TABLE)),
                             NonPagedPool);
    }
}

Referenced by MiBuildPagedPool(), and MiInitMachineDependent().

MI_ERASE_PTE()

FORCEINLINE VOID MI_ERASE_PTE

(

IN PMMPTE

PointerPte

)

Definition at line 1011 of file miarm.h.

{
    /* Zero out the PTE */
    ASSERT(PointerPte->u.Long != 0);
    PointerPte->u.Long = 0;
}

Referenced by MiDeletePte(), MiDeleteSystemPageableVm(), MiDeleteVirtualAddresses(), MiUnmapLockedPagesInUserSpace(), and MmFreeSpecialPool().

MI_GET_PROTOTYPE_PTE_FOR_VPN()

FORCEINLINE PMMPTE MI_GET_PROTOTYPE_PTE_FOR_VPN	(	IN PMMVAD	Vad,
		IN ULONG_PTR	Vpn
	)

Definition at line 1562 of file miarm.h.

{
    PMMPTE ProtoPte;

    /* Find the offset within the VAD's prototype PTEs */
    ProtoPte = Vad->FirstPrototypePte + (Vpn - Vad->StartingVpn);
    ASSERT(ProtoPte <= Vad->LastContiguousPte);
    return ProtoPte;
}

Referenced by MiDeleteVirtualAddresses(), MiQueryAddressState(), and NtAllocateVirtualMemory().

MI_IS_MAPPED_PTE()

FORCEINLINE BOOLEAN MI_IS_MAPPED_PTE

(

PMMPTE

PointerPte

)

Todo:

Make this reasonable code, this is UGLY!

Definition at line 924 of file miarm.h.

{
    return ((PointerPte->u.Long & 0xFFFFFC01) != 0);
}

MI_IS_PHYSICAL_ADDRESS()

FORCEINLINE BOOLEAN MI_IS_PHYSICAL_ADDRESS

(

IN PVOID

Address

)

Definition at line 950 of file miarm.h.

{
    PMMPDE PointerPde;

    /* Large pages are never paged out, always physically resident */
    PointerPde = MiAddressToPde(Address);
    return ((PointerPde->u.Hard.LargePage) && (PointerPde->u.Hard.Valid));
}

Referenced by MiDispatchFault(), MiFindInitializationCode(), MiFreeInitializationCode(), MiProtectFreeNonPagedPool(), MiReleaseProcessReferenceToSessionDataPage(), MiSetPagingOfDriver(), MiUnProtectFreeNonPagedPool(), MiWriteProtectSystemImage(), MmChangeKernelResourceSectionProtection(), MmFreeDriverInitialization(), MmFreeLoaderBlock(), MmMakeKernelResourceSectionWritable(), and MmProbeAndLockPages().

MI_IS_PROCESS_WORKING_SET()

FORCEINLINE BOOLEAN MI_IS_PROCESS_WORKING_SET

(

PMMSUPPORT

WorkingSet

)

Definition at line 666 of file miarm.h.

{
    return (WorkingSet != &MmSystemCacheWs) && !WorkingSet->Flags.SessionSpace;
}

Referenced by MiInitializeWorkingSetList(), and MmWorkingSetManager().

MI_IS_WS_UNSAFE()

FORCEINLINE BOOLEAN MI_IS_WS_UNSAFE

(

IN PEPROCESS

Process

)

Definition at line 1119 of file miarm.h.

{
    return (Process->Vm.Flags.AcquiredUnsafe == TRUE);
}

Referenced by MiLockProcessWorkingSet(), MiLockProcessWorkingSetShared(), MiLockProcessWorkingSetUnsafe(), MiUnlockProcessWorkingSet(), MiUnlockProcessWorkingSetForFault(), MiUnlockProcessWorkingSetShared(), and MiUnlockProcessWorkingSetUnsafe().

MI_MAKE_HARDWARE_PTE()

FORCEINLINE VOID MI_MAKE_HARDWARE_PTE	(	IN PMMPTE	NewPte,
		IN PMMPTE	MappingPte,
		IN ULONG_PTR	ProtectionMask,
		IN PFN_NUMBER	PageFrameNumber
	)

Definition at line 812 of file miarm.h.

{
    /* Check that we are not setting valid a page that should not be */
    ASSERT(ProtectionMask & MM_PROTECT_ACCESS);
    ASSERT((ProtectionMask & MM_GUARDPAGE) == 0);

    /* Set the protection and page */
    NewPte->u.Long = MiDetermineUserGlobalPteMask(MappingPte);
    NewPte->u.Long |= MmProtectToPteMask[ProtectionMask];
    NewPte->u.Hard.PageFrameNumber = PageFrameNumber;
}

Referenced by MiCompleteProtoPteFault(), MiResolveDemandZeroFault(), MiResolvePageFileFault(), MiResolveProtoPteFault(), MmArmAccessFault(), and MmCreateVirtualMappingUnsafe().

MI_MAKE_HARDWARE_PTE_KERNEL()

FORCEINLINE VOID MI_MAKE_HARDWARE_PTE_KERNEL	(	IN PMMPTE	NewPte,
		IN PMMPTE	MappingPte,
		IN ULONG_PTR	ProtectionMask,
		IN PFN_NUMBER	PageFrameNumber
	)

Definition at line 778 of file miarm.h.

{
    /* Only valid for kernel, non-session PTEs */
    ASSERT(MappingPte > MiHighestUserPte);
    ASSERT(!MI_IS_SESSION_PTE(MappingPte));
    ASSERT((MappingPte < (PMMPTE)PDE_BASE) || (MappingPte > (PMMPTE)PDE_TOP));

    /* Check that we are not setting valid a page that should not be */
    ASSERT(ProtectionMask & MM_PROTECT_ACCESS);
    ASSERT((ProtectionMask & MM_GUARDPAGE) == 0);

    /* Start fresh */
    NewPte->u.Long = 0;

    /* Set the protection and page */
    NewPte->u.Hard.PageFrameNumber = PageFrameNumber;
    NewPte->u.Long |= MmProtectToPteMask[ProtectionMask];

    /* Make this valid & global */
#ifdef _GLOBAL_PAGES_ARE_AWESOME_
    if (KeFeatureBits & KF_GLOBAL_PAGE)
        NewPte->u.Hard.Global = 1;
#endif
    NewPte->u.Hard.Valid = 1;
}

Referenced by MiArchCreateProcessAddressSpace(), MmChangeKernelResourceSectionProtection(), MmCreateKernelStack(), MmGrowKernelStackEx(), and MmInitSystem().

MI_MAKE_HARDWARE_PTE_USER()

FORCEINLINE VOID MI_MAKE_HARDWARE_PTE_USER	(	IN PMMPTE	NewPte,
		IN PMMPTE	MappingPte,
		IN ULONG_PTR	ProtectionMask,
		IN PFN_NUMBER	PageFrameNumber
	)

Definition at line 832 of file miarm.h.

{
    /* Only valid for kernel, non-session PTEs */
    ASSERT(MappingPte <= MiHighestUserPte);

    /* Start fresh */
    NewPte->u.Long = 0;

    /* Check that we are not setting valid a page that should not be */
    ASSERT(ProtectionMask & MM_PROTECT_ACCESS);
    ASSERT((ProtectionMask & MM_GUARDPAGE) == 0);

    NewPte->u.Hard.Valid = TRUE;
    NewPte->u.Hard.Owner = TRUE;
    NewPte->u.Hard.PageFrameNumber = PageFrameNumber;
    NewPte->u.Long |= MmProtectToPteMask[ProtectionMask];
}

Referenced by MiCompleteProtoPteFault(), MiFlushTbAndCapture(), MiMapLockedPagesInUserSpace(), MiResolveDemandZeroFault(), MiResolveProtoPteFault(), and MmArmAccessFault().

MI_MAKE_PROTOTYPE_PTE()

FORCEINLINE VOID MI_MAKE_PROTOTYPE_PTE	(	IN PMMPTE	NewPte,
		IN PMMPTE	PointerPte
	)

Definition at line 859 of file miarm.h.

{
    ULONG_PTR Offset;

    /* Mark this as a prototype */
    NewPte->u.Long = 0;
    NewPte->u.Proto.Prototype = 1;

    /*
     * Prototype PTEs are only valid in paged pool by design, this little trick
     * lets us only use 30 bits for the adress of the PTE, as long as the area
     * stays 1024MB At most.
     */
    Offset = (ULONG_PTR)PointerPte - (ULONG_PTR)MmPagedPoolStart;

    /*
     * 7 bits go in the "low" (but we assume the bottom 2 are zero)
     * and the other 21 bits go in the "high"
     */
    NewPte->u.Proto.ProtoAddressLow = (Offset & 0x1FC) >> 2;
    NewPte->u.Proto.ProtoAddressHigh = (Offset & 0x3FFFFE00) >> 9;
}

MI_MAKE_SUBSECTION_PTE()

FORCEINLINE VOID MI_MAKE_SUBSECTION_PTE	(	IN PMMPTE	NewPte,
		IN PVOID	Segment
	)

Definition at line 888 of file miarm.h.

{
    ULONG_PTR Offset;

    /* Mark this as a prototype */
    NewPte->u.Long = 0;
    NewPte->u.Subsect.Prototype = 1;

    /*
     * Segments are only valid either in nonpaged pool. We store the 20 bit
     * difference either from the top or bottom of nonpaged pool, giving a
     * maximum of 128MB to each delta, meaning nonpaged pool cannot exceed
     * 256MB.
     */
    if ((ULONG_PTR)Segment < ((ULONG_PTR)MmSubsectionBase + (128 * _1MB)))
    {
        Offset = (ULONG_PTR)Segment - (ULONG_PTR)MmSubsectionBase;
        NewPte->u.Subsect.WhichPool = PagedPool;
    }
    else
    {
        Offset = (ULONG_PTR)MmNonPagedPoolEnd - (ULONG_PTR)Segment;
        NewPte->u.Subsect.WhichPool = NonPagedPool;
    }

    /*
     * 4 bits go in the "low" (but we assume the bottom 3 are zero)
     * and the other 20 bits go in the "high"
     */
    NewPte->u.Subsect.SubsectionAddressLow = (Offset & 0x78) >> 3;
    NewPte->u.Subsect.SubsectionAddressHigh = (Offset & 0xFFFFF80) >> 7;
}

MI_MAKE_TRANSITION_PTE()

FORCEINLINE VOID MI_MAKE_TRANSITION_PTE	(	_Out_ PMMPTE	NewPte,
		_In_ PFN_NUMBER	Page,
		_In_ ULONG	Protection
	)

Definition at line 934 of file miarm.h.

{
    NewPte->u.Long = 0;
    NewPte->u.Trans.Transition = 1;
    NewPte->u.Trans.Protection = Protection;
    NewPte->u.Trans.PageFrameNumber = Page;
}

Referenced by MiResolvePageFileFault(), and TrimWsList().

MI_PFN_ELEMENT()

FORCEINLINE PMMPFN MI_PFN_ELEMENT

(

IN PFN_NUMBER

Pfn

)

Definition at line 1579 of file miarm.h.

{
    /* Get the entry */
    return &MmPfnDatabase[Pfn];
};

Referenced by MiDecrementReferenceCount(), MiDecrementShareCount(), MiDispatchFault(), MiFindContiguousPages(), MiGetPageProtection(), MiInitializeAndChargePfn(), MiInitializePfn(), MiInitializePfnAndMakePteValid(), MiInitializePfnForOtherProcess(), MiInsertPageInFreeList(), MiInsertPageInList(), MiInsertStandbyListAtFront(), MiMapLockedPagesInUserSpace(), MiReleaseProcessReferenceToSessionDataPage(), MiRemoveAnyPage(), MiRemovePageByColor(), MiRemoveZeroPage(), MiResolveDemandZeroFault(), MiResolvePageFileFault(), MiResolveProtoPteFault(), MiSegmentDelete(), MiSessionCommitPageTables(), MiSessionCreateInternal(), MiUnlinkFreeOrZeroedPage(), MiUnlinkPageFromList(), MmArmAccessFault(), and MmFreeSpecialPool().

MI_UPDATE_VALID_PTE()

FORCEINLINE VOID MI_UPDATE_VALID_PTE	(	IN PMMPTE	PointerPte,
		IN MMPTE	TempPte
	)

Definition at line 982 of file miarm.h.

{
    /* Write the valid PTE */
    ASSERT(PointerPte->u.Hard.Valid == 1);
    ASSERT(TempPte.u.Hard.Valid == 1);
    ASSERT(PointerPte->u.Hard.PageFrameNumber == TempPte.u.Hard.PageFrameNumber);
    *PointerPte = TempPte;
}

Referenced by MiFlushTbAndCapture(), MiSetSystemCodeProtection(), and MmChangeKernelResourceSectionProtection().

MI_WRITE_INVALID_PDE()

FORCEINLINE VOID MI_WRITE_INVALID_PDE	(	IN PMMPDE	PointerPde,
		IN MMPDE	InvalidPde
	)

Definition at line 1040 of file miarm.h.

{
    /* Write the invalid PDE */
    ASSERT(InvalidPde.u.Hard.Valid == 0);
    ASSERT(InvalidPde.u.Long != 0);
#ifdef _M_AMD64
    ASSERT(InvalidPde.u.Soft.Protection == MM_EXECUTE_READWRITE);
#endif
    *PointerPde = InvalidPde;
}

Referenced by MmArmAccessFault().

MI_WRITE_INVALID_PTE()

FORCEINLINE VOID MI_WRITE_INVALID_PTE	(	IN PMMPTE	PointerPte,
		IN MMPTE	InvalidPte
	)

Definition at line 997 of file miarm.h.

{
    /* Write the invalid PTE */
    ASSERT(InvalidPte.u.Hard.Valid == 0);
    ASSERT(InvalidPte.u.Long != 0);
    *PointerPte = InvalidPte;
}

Referenced by MiAccessCheck(), MiAddMappedPtes(), MiAllocatePoolPages(), MiDecommitPages(), MiDecrementShareCount(), MiMapViewOfDataSection(), MiProcessValidPteList(), MiProtectFreeNonPagedPool(), MiProtectVirtualMemory(), MiResolvePageFileFault(), MiSetProtectionOnSection(), MmArmAccessFault(), MmCommitSessionMappedView(), MmCreateKernelStack(), MmGrowKernelStackEx(), and NtAllocateVirtualMemory().

MI_WRITE_VALID_PDE()

FORCEINLINE VOID MI_WRITE_VALID_PDE	(	IN PMMPDE	PointerPde,
		IN MMPDE	TempPde
	)

Definition at line 1023 of file miarm.h.

{
    /* Write the valid PDE */
    ASSERT(PointerPde->u.Hard.Valid == 0);
#ifdef _M_AMD64
    ASSERT(PointerPde->u.Hard.NoExecute == 0);
#endif
    ASSERT(TempPde.u.Hard.Valid == 1);
    *PointerPde = TempPde;
}

Referenced by MiAllocatePoolPages(), MiBuildPagedPool(), MiFillSystemPageDirectory(), MiInitializeAndChargePfn(), MiRemoveMappedPtes(), MiSessionCommitPageTables(), MiSessionCreateInternal(), and MiSessionInitializeWorkingSetList().

MI_WRITE_VALID_PTE()

FORCEINLINE VOID MI_WRITE_VALID_PTE	(	IN PMMPTE	PointerPte,
		IN MMPTE	TempPte
	)

Definition at line 964 of file miarm.h.

{
    /* Write the valid PTE */
    ASSERT(PointerPte->u.Hard.Valid == 0);
    ASSERT(TempPte.u.Hard.Valid == 1);
#if _M_AMD64
    ASSERT(!MI_IS_PAGE_TABLE_ADDRESS(MiPteToAddress(PointerPte)) ||
           (TempPte.u.Hard.NoExecute == 0));
#endif
    *PointerPte = TempPte;
}

Referenced by MiAllocatePoolPages(), MiArchCreateProcessAddressSpace(), MiBuildPagedPool(), MiCompleteProtoPteFault(), MiCopyPfn(), MiDispatchFault(), MiInitializeColorTables(), MiInitializePfnAndMakePteValid(), MiInitMachineDependent(), MiLoadImageSection(), MiMapLockedPagesInUserSpace(), MiMapPageInHyperSpace(), MiMapPagesInZeroSpace(), MiMapPDEs(), MiMapPfnDatabase(), MiMapPPEs(), MiMapPTEs(), MiReloadBootLoadedDrivers(), MiResolveDemandZeroFault(), MiResolvePageFileFault(), MiResolveProtoPteFault(), MiResolveTransitionFault(), MiSessionCreateInternal(), MiUnProtectFreeNonPagedPool(), MiZeroPfn(), MmAllocateNonCachedMemory(), MmArmAccessFault(), MmCreateKernelStack(), MmGrowKernelStackEx(), MmMapIoSpace(), and MmMapLockedPagesSpecifyCache().

MI_WS_OWNER()

FORCEINLINE BOOLEAN MI_WS_OWNER

(

IN PEPROCESS

Process

)

Definition at line 1082 of file miarm.h.

{
    /* Check if this process is the owner, and that the thread owns the WS */
    if (PsGetCurrentThread()->OwnsProcessWorkingSetExclusive == 0)
    {
        DPRINT("Thread: %p is not an owner\n", PsGetCurrentThread());
    }
    if (KeGetCurrentThread()->ApcState.Process != &Process->Pcb)
    {
        DPRINT("Current thread %p is attached to another process %p\n", PsGetCurrentThread(), Process);
    }
    return ((KeGetCurrentThread()->ApcState.Process == &Process->Pcb) &&
            ((PsGetCurrentThread()->OwnsProcessWorkingSetExclusive) ||
             (PsGetCurrentThread()->OwnsProcessWorkingSetShared)));
}

Referenced by MiUnlockProcessWorkingSet(), MiUnlockProcessWorkingSetForFault(), MiUnlockProcessWorkingSetShared(), and MiUnlockProcessWorkingSetUnsafe().

MiAcquireExpansionLock()

FORCEINLINE KIRQL MiAcquireExpansionLock

(

VOID

)

Definition at line 1536 of file miarm.h.

{
    KIRQL OldIrql;

    ASSERT(KeGetCurrentIrql() <= APC_LEVEL);
    KeAcquireSpinLock(&MmExpansionLock, &OldIrql);
    ASSERT(MiExpansionLockOwner == NULL);
    MiExpansionLockOwner = PsGetCurrentThread();
    return OldIrql;
}

Referenced by MiArchCreateProcessAddressSpace(), MiDereferenceSessionFinal(), MiSessionAddProcess(), MiSessionInitializeWorkingSetList(), MiSessionLeader(), MiSessionRemoveProcess(), MmDeleteProcessAddressSpace(), MmGetSessionById(), and MmWorkingSetManager().

MiAllocatePagesForMdl()

PMDL NTAPI MiAllocatePagesForMdl	(	IN PHYSICAL_ADDRESS	LowAddress,
		IN PHYSICAL_ADDRESS	HighAddress,
		IN PHYSICAL_ADDRESS	SkipBytes,
		IN SIZE_T	TotalBytes,
		IN MI_PFN_CACHE_ATTRIBUTE	CacheAttribute,
		IN ULONG	Flags
	)

Definition at line 182 of file freelist.c.

{
    PMDL Mdl;
    PFN_NUMBER PageCount, LowPage, HighPage, SkipPages, PagesFound = 0, Page;
    PPFN_NUMBER MdlPage, LastMdlPage;
    KIRQL OldIrql;
    PMMPFN Pfn1;
    INT LookForZeroedPages;
    ASSERT(KeGetCurrentIrql() <= APC_LEVEL);
    DPRINT1("ARM3-DEBUG: Being called with %I64x %I64x %I64x %lx %d %lu\n", LowAddress, HighAddress, SkipBytes, TotalBytes, CacheAttribute, MdlFlags);

    //
    // Convert the low address into a PFN
    //
    LowPage = (PFN_NUMBER)(LowAddress.QuadPart >> PAGE_SHIFT);

    //
    // Convert, and normalize, the high address into a PFN
    //
    HighPage = (PFN_NUMBER)(HighAddress.QuadPart >> PAGE_SHIFT);
    if (HighPage > MmHighestPhysicalPage) HighPage = MmHighestPhysicalPage;

    //
    // Validate skipbytes and convert them into pages
    //
    if (BYTE_OFFSET(SkipBytes.LowPart)) return NULL;
    SkipPages = (PFN_NUMBER)(SkipBytes.QuadPart >> PAGE_SHIFT);

    /* This isn't supported at all */
    if (SkipPages) DPRINT1("WARNING: Caller requesting SkipBytes, MDL might be mismatched\n");

    //
    // Now compute the number of pages the MDL will cover
    //
    PageCount = (PFN_NUMBER)ADDRESS_AND_SIZE_TO_SPAN_PAGES(0, TotalBytes);
    do
    {
        //
        // Try creating an MDL for these many pages
        //
        Mdl = MmCreateMdl(NULL, NULL, PageCount << PAGE_SHIFT);
        if (Mdl) break;

        //
        // This function is not required to return the amount of pages requested
        // In fact, it can return as little as 1 page, and callers are supposed
        // to deal with this scenario. So re-attempt the allocation with less
        // pages than before, and see if it worked this time.
        //
        PageCount -= (PageCount >> 4);
    } while (PageCount);

    //
    // Wow, not even a single page was around!
    //
    if (!Mdl) return NULL;

    //
    // This is where the page array starts....
    //
    MdlPage = (PPFN_NUMBER)(Mdl + 1);

    //
    // Lock the PFN database
    //
    OldIrql = MiAcquirePfnLock();

    //
    // Are we looking for any pages, without discriminating?
    //
    if ((LowPage == 0) && (HighPage == MmHighestPhysicalPage))
    {
        //
        // Well then, let's go shopping
        //
        while (PagesFound < PageCount)
        {
            /* Grab a page */
            MI_SET_USAGE(MI_USAGE_MDL);
            MI_SET_PROCESS2("Kernel");

            /* FIXME: This check should be smarter */
            Page = 0;
            if (MmAvailablePages != 0)
                Page = MiRemoveAnyPage(0);

            if (Page == 0)
            {
                /* This is not good... hopefully we have at least SOME pages */
                ASSERT(PagesFound);
                break;
            }

            /* Grab the page entry for it */
            Pfn1 = MiGetPfnEntry(Page);

            //
            // Make sure it's really free
            //
            ASSERT(Pfn1->u3.e2.ReferenceCount == 0);

            /* Now setup the page and mark it */
            Pfn1->u3.e2.ReferenceCount = 1;
            Pfn1->u2.ShareCount = 1;
            MI_SET_PFN_DELETED(Pfn1);
            Pfn1->u4.PteFrame = 0x1FFEDCB;
            Pfn1->u3.e1.StartOfAllocation = 1;
            Pfn1->u3.e1.EndOfAllocation = 1;
            Pfn1->u4.VerifierAllocation = 0;

            //
            // Save it into the MDL
            //
            *MdlPage++ = MiGetPfnEntryIndex(Pfn1);
            PagesFound++;
        }
    }
    else
    {
        //
        // You want specific range of pages. We'll do this in two runs
        //
        for (LookForZeroedPages = 1; LookForZeroedPages >= 0; LookForZeroedPages--)
        {
            //
            // Scan the range you specified
            //
            for (Page = LowPage; Page < HighPage; Page++)
            {
                //
                // Get the PFN entry for this page
                //
                Pfn1 = MiGetPfnEntry(Page);
                ASSERT(Pfn1);

                //
                // Make sure it's free and if this is our first pass, zeroed
                //
                if (MiIsPfnInUse(Pfn1)) continue;
                if ((Pfn1->u3.e1.PageLocation == ZeroedPageList) != LookForZeroedPages) continue;

                /* Remove the page from the free or zero list */
                ASSERT(Pfn1->u3.e1.ReadInProgress == 0);
                MI_SET_USAGE(MI_USAGE_MDL);
                MI_SET_PROCESS2("Kernel");
                MiUnlinkFreeOrZeroedPage(Pfn1);

                //
                // Sanity checks
                //
                ASSERT(Pfn1->u3.e2.ReferenceCount == 0);

                //
                // Now setup the page and mark it
                //
                Pfn1->u3.e2.ReferenceCount = 1;
                Pfn1->u2.ShareCount = 1;
                MI_SET_PFN_DELETED(Pfn1);
                Pfn1->u4.PteFrame = 0x1FFEDCB;
                Pfn1->u3.e1.StartOfAllocation = 1;
                Pfn1->u3.e1.EndOfAllocation = 1;
                Pfn1->u4.VerifierAllocation = 0;

                //
                // Save this page into the MDL
                //
                *MdlPage++ = Page;
                if (++PagesFound == PageCount) break;
            }

            //
            // If the first pass was enough, don't keep going, otherwise, go again
            //
            if (PagesFound == PageCount) break;
        }
    }

    //
    // Now release the PFN count
    //
    MiReleasePfnLock(OldIrql);

    //
    // We might've found less pages, but not more ;-)
    //
    if (PagesFound != PageCount) ASSERT(PagesFound < PageCount);
    if (!PagesFound)
    {
        //
        // If we didn' tfind any pages at all, fail
        //
        DPRINT1("NO MDL PAGES!\n");
        ExFreePoolWithTag(Mdl, TAG_MDL);
        return NULL;
    }

    //
    // Write out how many pages we found
    //
    Mdl->ByteCount = (ULONG)(PagesFound << PAGE_SHIFT);

    //
    // Terminate the MDL array if there's certain missing pages
    //
    if (PagesFound != PageCount) *MdlPage = LIST_HEAD;

    //
    // Now go back and loop over all the MDL pages
    //
    MdlPage = (PPFN_NUMBER)(Mdl + 1);
    LastMdlPage = MdlPage + PagesFound;
    while (MdlPage < LastMdlPage)
    {
        //
        // Check if we've reached the end
        //
        Page = *MdlPage++;
        if (Page == LIST_HEAD) break;

        //
        // Get the PFN entry for the page and check if we should zero it out
        //
        Pfn1 = MiGetPfnEntry(Page);
        ASSERT(Pfn1);
        if (Pfn1->u3.e1.PageLocation != ZeroedPageList) MiZeroPhysicalPage(Page);
        Pfn1->u3.e1.PageLocation = ActiveAndValid;
    }

    //
    // We're done, mark the pages as locked
    //
    Mdl->Process = NULL;
    Mdl->MdlFlags |= MDL_PAGES_LOCKED;
    return Mdl;
}

Referenced by MmAllocateNonCachedMemory(), MmAllocatePagesForMdl(), and MmAllocatePagesForMdlEx().

MiCheckForConflictingNode()

TABLE_SEARCH_RESULT NTAPI MiCheckForConflictingNode	(	IN ULONG_PTR	StartVpn,
		IN ULONG_PTR	EndVpn,
		IN PMM_AVL_TABLE	Table,
		OUT PMMADDRESS_NODE *	NodeOrParent
	)

Definition at line 78 of file vadnode.c.

{
    PMMADDRESS_NODE ParentNode, CurrentNode;

    /* If the tree is empty, there is no conflict */
    if (Table->NumberGenericTableElements == 0) return TableEmptyTree;

    /* Start looping from the root node */
    CurrentNode = RtlRightChildAvl(&Table->BalancedRoot);
    ASSERT(CurrentNode != NULL);
    while (CurrentNode)
    {
        ParentNode = CurrentNode;

        /* This address comes after */
        if (StartVpn > CurrentNode->EndingVpn)
        {
            /* Keep searching on the right */
            CurrentNode = RtlRightChildAvl(CurrentNode);
        }
        else if (EndVpn < CurrentNode->StartingVpn)
        {
            /* This address ends before the node starts, search on the left */
            CurrentNode = RtlLeftChildAvl(CurrentNode);
        }
        else
        {
            /* This address is part of this node, return it */
            *NodeOrParent = ParentNode;
            return TableFoundNode;
        }
    }

    /* There is no more child, save the current node as parent */
    *NodeOrParent = ParentNode;
    if (StartVpn > ParentNode->EndingVpn)
    {
        return TableInsertAsRight;
    }
    else
    {
        return TableInsertAsLeft;
    }
}

Referenced by MiInsertVadEx(), MiMapLockedPagesInUserSpace(), MiProtectVirtualMemory(), MmLocateMemoryAreaByAddress(), MmLocateMemoryAreaByRegion(), and NtAllocateVirtualMemory().

MiCheckForContiguousMemory()

PVOID NTAPI MiCheckForContiguousMemory	(	IN PVOID	BaseAddress,
		IN PFN_NUMBER	BaseAddressPages,
		IN PFN_NUMBER	SizeInPages,
		IN PFN_NUMBER	LowestPfn,
		IN PFN_NUMBER	HighestPfn,
		IN PFN_NUMBER	BoundaryPfn,
		IN MI_PFN_CACHE_ATTRIBUTE	CacheAttribute
	)

Definition at line 214 of file contmem.c.

{
    PMMPTE StartPte, EndPte;
    PFN_NUMBER PreviousPage = 0, Page, HighPage, BoundaryMask, Pages = 0;

    //
    // Okay, first of all check if the PFNs match our restrictions
    //
    if (LowestPfn > HighestPfn) return NULL;
    if (LowestPfn + SizeInPages <= LowestPfn) return NULL;
    if (LowestPfn + SizeInPages - 1 > HighestPfn) return NULL;
    if (BaseAddressPages < SizeInPages) return NULL;

    //
    // This is the last page we need to get to and the boundary requested
    //
    HighPage = HighestPfn + 1 - SizeInPages;
    BoundaryMask = ~(BoundaryPfn - 1);

    //
    // And here's the PTEs for this allocation. Let's go scan them.
    //
    StartPte = MiAddressToPte(BaseAddress);
    EndPte = StartPte + BaseAddressPages;
    while (StartPte < EndPte)
    {
        //
        // Get this PTE's page number
        //
        ASSERT (StartPte->u.Hard.Valid == 1);
        Page = PFN_FROM_PTE(StartPte);

        //
        // Is this the beginning of our adventure?
        //
        if (!Pages)
        {
            //
            // Check if this PFN is within our range
            //
            if ((Page >= LowestPfn) && (Page <= HighPage))
            {
                //
                // It is! Do you care about boundary (alignment)?
                //
                if (!(BoundaryPfn) ||
                    (!((Page ^ (Page + SizeInPages - 1)) & BoundaryMask)))
                {
                    //
                    // You don't care, or you do care but we deliver
                    //
                    Pages++;
                }
            }

            //
            // Have we found all the pages we need by now?
            // Incidently, this means you only wanted one page
            //
            if (Pages == SizeInPages)
            {
                //
                // Mission complete
                //
                return MiPteToAddress(StartPte);
            }
        }
        else
        {
            //
            // Have we found a page that doesn't seem to be contiguous?
            //
            if (Page != (PreviousPage + 1))
            {
                //
                // Ah crap, we have to start over
                //
                Pages = 0;
                continue;
            }

            //
            // Otherwise, we're still in the game. Do we have all our pages?
            //
            if (++Pages == SizeInPages)
            {
                //
                // We do! This entire range was contiguous, so we'll return it!
                //
                return MiPteToAddress(StartPte - Pages + 1);
            }
        }

        //
        // Try with the next PTE, remember this PFN
        //
        PreviousPage = Page;
        StartPte++;
        continue;
    }

    //
    // All good returns are within the loop...
    //
    return NULL;
}

Referenced by MiAllocateContiguousMemory().

MiCheckPdeForPagedPool()

NTSTATUS FASTCALL MiCheckPdeForPagedPool

(

IN PVOID

Address

)

Definition at line 475 of file pagfault.c.

{
    return STATUS_ACCESS_VIOLATION;
}

Referenced by MiDeletePte(), MiInitializePfn(), MiInitializePfnAndMakePteValid(), and MmArmAccessFault().

MiCheckSecuredVad()

NTSTATUS NTAPI MiCheckSecuredVad	(	IN PMMVAD	Vad,
		IN PVOID	Base,
		IN SIZE_T	Size,
		IN ULONG	ProtectionMask
	)

Definition at line 815 of file vadnode.c.

{
    ULONG_PTR StartAddress, EndAddress;

    /* Compute start and end address */
    StartAddress = (ULONG_PTR)Base;
    EndAddress = StartAddress + Size - 1;

    /* Are we deleting/unmapping, or changing? */
    if (ProtectionMask < MM_DELETE_CHECK)
    {
        /* Changing... are we allowed to do so? */
        if ((Vad->u.VadFlags.NoChange == 1) &&
            (Vad->u2.VadFlags2.SecNoChange == 1) &&
            (Vad->u.VadFlags.Protection != ProtectionMask))
        {
            /* Nope, bail out */
            DPRINT1("Trying to mess with a no-change VAD!\n");
            return STATUS_INVALID_PAGE_PROTECTION;
        }
    }
    else
    {
        /* This is allowed */
        ProtectionMask = 0;
    }

    /* ARM3 doesn't support this yet */
    ASSERT(Vad->u2.VadFlags2.MultipleSecured == 0);

    /* Is this a one-secured VAD, like a TEB or PEB? */
    if (Vad->u2.VadFlags2.OneSecured)
    {
        /* Is this allocation being described by the VAD? */
        if ((StartAddress <= ((PMMVAD_LONG)Vad)->u3.Secured.EndVpn) &&
            (EndAddress >= ((PMMVAD_LONG)Vad)->u3.Secured.StartVpn))
        {
            /* Guard page? */
            if (ProtectionMask & MM_DECOMMIT)
            {
                DPRINT1("Not allowed to change protection on guard page!\n");
                return STATUS_INVALID_PAGE_PROTECTION;
            }

            /* ARM3 doesn't have read-only VADs yet */
            ASSERT(Vad->u2.VadFlags2.ReadOnly == 0);

            /* Check if read-write protections are allowed */
            if (MmReadWrite[ProtectionMask] < MM_READ_WRITE_ALLOWED)
            {
                DPRINT1("Invalid protection mask for RW access!\n");
                return STATUS_INVALID_PAGE_PROTECTION;
            }
        }
    }

    /* All good, allow the change */
    return STATUS_SUCCESS;
}

Referenced by MiUnmapViewOfSection(), and NtAllocateVirtualMemory().

MiComputeColorInformation()

VOID NTAPI MiComputeColorInformation

(

VOID

)

Definition at line 508 of file mminit.c.

{
    ULONG L2Associativity;

    /* Check if no setting was provided already */
    if (!MmSecondaryColors)
    {
        /* Get L2 cache information */
        L2Associativity = KeGetPcr()->SecondLevelCacheAssociativity;

        /* The number of colors is the number of cache bytes by set/way */
        MmSecondaryColors = KeGetPcr()->SecondLevelCacheSize;
        if (L2Associativity) MmSecondaryColors /= L2Associativity;
    }

    /* Now convert cache bytes into pages */
    MmSecondaryColors >>= PAGE_SHIFT;
    if (!MmSecondaryColors)
    {
        /* If there was no cache data from the KPCR, use the default colors */
        MmSecondaryColors = MI_SECONDARY_COLORS;
    }
    else
    {
        /* Otherwise, make sure there aren't too many colors */
        if (MmSecondaryColors > MI_MAX_SECONDARY_COLORS)
        {
            /* Set the maximum */
            MmSecondaryColors = MI_MAX_SECONDARY_COLORS;
        }

        /* Make sure there aren't too little colors */
        if (MmSecondaryColors < MI_MIN_SECONDARY_COLORS)
        {
            /* Set the default */
            MmSecondaryColors = MI_SECONDARY_COLORS;
        }

        /* Finally make sure the colors are a power of two */
        if (MmSecondaryColors & (MmSecondaryColors - 1))
        {
            /* Set the default */
            MmSecondaryColors = MI_SECONDARY_COLORS;
        }
    }

    /* Compute the mask and store it */
    MmSecondaryColorMask = MmSecondaryColors - 1;
    KeGetCurrentPrcb()->SecondaryColorMask = MmSecondaryColorMask;
}

Referenced by MmArmInitSystem().

MiConvertSharedWorkingSetLockToExclusive()

FORCEINLINE BOOLEAN MiConvertSharedWorkingSetLockToExclusive	(	_In_ PETHREAD	Thread,
		_In_ PMMSUPPORT	Vm
	)

Definition at line 1433 of file miarm.h.

{
    /* Sanity check: No exclusive lock. */
    ASSERT(!Thread->OwnsProcessWorkingSetExclusive);
    ASSERT(!Thread->OwnsSessionWorkingSetExclusive);
    ASSERT(!Thread->OwnsSystemWorkingSetExclusive);

    /* And it should have one and only one shared lock */
    ASSERT((Thread->OwnsProcessWorkingSetShared + Thread->OwnsSessionWorkingSetShared + Thread->OwnsSystemWorkingSetShared) == 1);

    /* Try. */
    if (!ExConvertPushLockSharedToExclusive(&Vm->WorkingSetMutex))
        return FALSE;

    if (Vm == &MmSystemCacheWs)
    {
        ASSERT(Thread->OwnsSystemWorkingSetShared);
        Thread->OwnsSystemWorkingSetShared = FALSE;
        Thread->OwnsSystemWorkingSetExclusive = TRUE;
    }
    else if (Vm->Flags.SessionSpace)
    {
        ASSERT(Thread->OwnsSessionWorkingSetShared);
        Thread->OwnsSessionWorkingSetShared = FALSE;
        Thread->OwnsSessionWorkingSetExclusive = TRUE;
    }
    else
    {
        ASSERT(Thread->OwnsProcessWorkingSetShared);
        Thread->OwnsProcessWorkingSetShared = FALSE;
        Thread->OwnsProcessWorkingSetExclusive = TRUE;
    }

    return TRUE;
}

Referenced by MmWorkingSetManager().

MiDecrementPageTableReferences()

FORCEINLINE USHORT MiDecrementPageTableReferences

(

IN PVOID

Address

)

Definition at line 2504 of file miarm.h.

{
    PMMPDE PointerPde = MiAddressToPde(Address);
    PMMPFN Pfn;

    /* We should not tinker with this one. */
    ASSERT(PointerPde != (PMMPDE)PXE_SELFMAP);

    DPRINT("Decrementing %p from %p\n", PointerPde, _ReturnAddress());

    /* Make sure we're locked */
    ASSERT(PsGetCurrentThread()->OwnsProcessWorkingSetExclusive);

    /* If we're decreasing refcount, then it must be valid! */
    ASSERT(PointerPde->u.Hard.Valid == 1);

    /* This lies on the PFN */
    Pfn = MiGetPfnEntry(PFN_FROM_PDE(PointerPde));

    ASSERT(Pfn->OriginalPte.u.Soft.UsedPageTableEntries != 0);
    Pfn->OriginalPte.u.Soft.UsedPageTableEntries--;

    ASSERT(Pfn->OriginalPte.u.Soft.UsedPageTableEntries < PTE_PER_PAGE);

    return Pfn->OriginalPte.u.Soft.UsedPageTableEntries;
}

Referenced by MiDeletePde(), MiDeleteVirtualAddresses(), MiUnmapLockedPagesInUserSpace(), MmDeletePageFileMapping(), and MmDeleteVirtualMapping().

MiDecrementReferenceCount()

VOID NTAPI MiDecrementReferenceCount	(	IN PMMPFN	Pfn1,
		IN PFN_NUMBER	PageFrameIndex
	)

Definition at line 1224 of file pfnlist.c.

{
    /* PFN lock must be held */
    MI_ASSERT_PFN_LOCK_HELD();

    /* Sanity checks on the page */
    if (PageFrameIndex > MmHighestPhysicalPage ||
        Pfn1 != MI_PFN_ELEMENT(PageFrameIndex) ||
        Pfn1->u3.e2.ReferenceCount == 0 ||
        Pfn1->u3.e2.ReferenceCount >= 2500)
    {
        DPRINT1("PageFrameIndex=0x%lx, MmHighestPhysicalPage=0x%lx\n", PageFrameIndex, MmHighestPhysicalPage);
        DPRINT1("Pfn1=%p, Element=%p, RefCount=%u\n", Pfn1, MI_PFN_ELEMENT(PageFrameIndex), Pfn1->u3.e2.ReferenceCount);
        ASSERT(PageFrameIndex <= MmHighestPhysicalPage);
        ASSERT(Pfn1 == MI_PFN_ELEMENT(PageFrameIndex));
        ASSERT(Pfn1->u3.e2.ReferenceCount != 0);
        ASSERT(Pfn1->u3.e2.ReferenceCount < 2500);
    }

    /* Dereference the page, bail out if it's still alive */
    InterlockedDecrement16((PSHORT)&Pfn1->u3.e2.ReferenceCount);
    if (Pfn1->u3.e2.ReferenceCount) return;

    /* Nobody should still have reference to this page */
    if (Pfn1->u2.ShareCount != 0)
    {
        /* Otherwise something's really wrong */
        KeBugCheckEx(PFN_LIST_CORRUPT, 7, PageFrameIndex, Pfn1->u2.ShareCount, 0);
    }

    /* And it should be lying on some page list */
    ASSERT(Pfn1->u3.e1.PageLocation != ActiveAndValid);

    /* Did someone set the delete flag? */
    if (MI_IS_PFN_DELETED(Pfn1))
    {
        /* Insert it into the free list, there's nothing left to do */
        MiInsertPageInFreeList(PageFrameIndex);
        return;
    }

    /* Check to see which list this page should go into */
    if (Pfn1->u3.e1.Modified == 1)
    {
        /* Push it into the modified page list */
        MiInsertPageInList(&MmModifiedPageListHead, PageFrameIndex);
    }
    else
    {
        /* Otherwise, insert this page into the standby list */
        ASSERT(Pfn1->u3.e1.RemovalRequested == 0);
        MiInsertStandbyListAtFront(PageFrameIndex);
    }
}

Referenced by MiDecrementShareCount(), MiDeletePte(), MiDereferencePfnAndDropLockCount(), and MmFreePagesFromMdl().

MiDecrementShareCount()

VOID NTAPI MiDecrementShareCount	(	IN PMMPFN	Pfn1,
		IN PFN_NUMBER	PageFrameIndex
	)

Definition at line 1133 of file pfnlist.c.

{
    PMMPTE PointerPte;
    MMPTE TempPte;

    ASSERT(PageFrameIndex > 0);
    ASSERT(MI_PFN_ELEMENT(PageFrameIndex) != NULL);
    ASSERT(Pfn1 == MI_PFN_ELEMENT(PageFrameIndex));
    ASSERT(MI_IS_ROS_PFN(Pfn1) == FALSE);

    DPRINT("Decrementing %p from %p\n", Pfn1, _ReturnAddress());

    /* Page must be in-use */
    if ((Pfn1->u3.e1.PageLocation != ActiveAndValid) &&
        (Pfn1->u3.e1.PageLocation != StandbyPageList))
    {
        /* Otherwise we have PFN corruption */
        KeBugCheckEx(PFN_LIST_CORRUPT,
                     0x99,
                     PageFrameIndex,
                     Pfn1->u3.e1.PageLocation,
                     0);
    }

    /* Page should at least have one reference */
    ASSERT(Pfn1->u3.e2.ReferenceCount != 0);

    /* Check if the share count is now 0 */
    ASSERT(Pfn1->u2.ShareCount < 0xF000000);
    if (!--Pfn1->u2.ShareCount)
    {
        /* Was this a prototype PTE? */
        if (Pfn1->u3.e1.PrototypePte)
        {
            /* Grab the PTE address and make sure it's in prototype pool */
            PointerPte = Pfn1->PteAddress;
            ASSERT((PointerPte >= (PMMPTE)MmPagedPoolStart) && (PointerPte <= (PMMPTE)MmPagedPoolEnd));

            /* The PTE that backs it should also be valdi */
            PointerPte = MiAddressToPte(PointerPte);
            ASSERT(PointerPte->u.Hard.Valid == 1);

            /* Get the original prototype PTE and turn it into a transition PTE */
            PointerPte = Pfn1->PteAddress;
            TempPte = *PointerPte;
            TempPte.u.Soft.Transition = 1;
            TempPte.u.Soft.Valid = 0;
            TempPte.u.Soft.Prototype = 0;
            TempPte.u.Soft.Protection = Pfn1->OriginalPte.u.Soft.Protection;
            MI_WRITE_INVALID_PTE(PointerPte, TempPte);
            DPRINT("Marking PTE: %p as transition (%p - %lx)\n", PointerPte, Pfn1, MiGetPfnEntryIndex(Pfn1));
        }

        /* Put the page in transition */
        Pfn1->u3.e1.PageLocation = TransitionPage;

        /* PFN lock must be held */
        MI_ASSERT_PFN_LOCK_HELD();

        if (Pfn1->u3.e2.ReferenceCount == 1)
        {
            /* Is there still a PFN for this page? */
            if (MI_IS_PFN_DELETED(Pfn1))
            {
                /* Clear the last reference */
                Pfn1->u3.e2.ReferenceCount = 0;
                ASSERT(Pfn1->OriginalPte.u.Soft.Prototype == 0);

                /* Mark the page temporarily as valid, we're going to make it free soon */
                Pfn1->u3.e1.PageLocation = ActiveAndValid;

                /* Bring it back into the free list */
                MiInsertPageInFreeList(PageFrameIndex);
            }
            else
            {
                /* PFN not yet deleted, drop a ref count */
                MiDecrementReferenceCount(Pfn1, PageFrameIndex);
            }
        }
        else
        {
            /* Otherwise, just drop the reference count */
            InterlockedDecrement16((PSHORT)&Pfn1->u3.e2.ReferenceCount);
        }
    }
}

Referenced by FreeWsleIndex(), MiDeletePte(), MiDeleteSystemPageableVm(), MiFreeContiguousMemory(), MiProcessValidPteList(), MiProtectVirtualMemory(), MiReleaseProcessReferenceToSessionDataPage(), MiRemoveMappedPtes(), MiUnmapLockedPagesInUserSpace(), MmDeleteKernelStack(), MmDeleteProcessAddressSpace(), MmFreeLoaderBlock(), MmFreeSpecialPool(), and TrimWsList().

MiDeleteARM3Section()

VOID NTAPI MiDeleteARM3Section

(

PVOID

ObjectBody

)

Definition at line 3308 of file section.c.

{
    PSECTION SectionObject;
    PCONTROL_AREA ControlArea;
    KIRQL OldIrql;

    SectionObject = (PSECTION)ObjectBody;

    if (SectionObject->u.Flags.Based == 1)
    {
        /* Remove the node from the global section address tree */
        KeAcquireGuardedMutex(&MmSectionBasedMutex);
        MiRemoveNode(&SectionObject->Address, &MmSectionBasedRoot);
        KeReleaseGuardedMutex(&MmSectionBasedMutex);
    }

    /* Lock the PFN database */
    OldIrql = MiAcquirePfnLock();

    ASSERT(SectionObject->Segment);
    ASSERT(SectionObject->Segment->ControlArea);

    ControlArea = SectionObject->Segment->ControlArea;

    /* Dereference */
    ControlArea->NumberOfSectionReferences--;
    ControlArea->NumberOfUserReferences--;

    ASSERT(ControlArea->u.Flags.BeingDeleted == 0);

    /* Check it. It will delete it if there is no more reference to it */
    MiCheckControlArea(ControlArea, OldIrql);
}

Referenced by MmpDeleteSection().

MiDeletePde()

FORCEINLINE VOID MiDeletePde	(	_In_ PMMPDE	PointerPde,
		_In_ PEPROCESS	CurrentProcess
	)

Definition at line 2538 of file miarm.h.

{
    /* Only for user-mode ones */
    ASSERT(MiIsUserPde(PointerPde));

    /* Kill this one as a PTE */
    MiDeletePte((PMMPTE)PointerPde, MiPdeToPte(PointerPde), CurrentProcess, NULL);
#if _MI_PAGING_LEVELS >= 3
    /* Cascade down */
    if (MiDecrementPageTableReferences(MiPdeToPte(PointerPde)) == 0)
    {
        MiDeletePte(MiPdeToPpe(PointerPde), PointerPde, CurrentProcess, NULL);
#if _MI_PAGING_LEVELS == 4
        if (MiDecrementPageTableReferences(PointerPde) == 0)
        {
            MiDeletePte(MiPdeToPxe(PointerPde), MiPdeToPpe(PointerPde), CurrentProcess, NULL);
        }
#endif
    }
#endif
}

Referenced by MiDeleteVirtualAddresses(), MiUnmapLockedPagesInUserSpace(), MmDeletePageFileMapping(), and MmDeleteVirtualMapping().

MiDeletePte()

VOID NTAPI MiDeletePte	(	IN PMMPTE	PointerPte,
		IN PVOID	VirtualAddress,
		IN PEPROCESS	CurrentProcess,
		IN PMMPTE	PrototypePte
	)

Definition at line 369 of file virtual.c.

{
    PMMPFN Pfn1;
    MMPTE TempPte;
    PFN_NUMBER PageFrameIndex;
    PMMPDE PointerPde;

    /* PFN lock must be held */
    MI_ASSERT_PFN_LOCK_HELD();

    /* WorkingSet must be exclusively locked */
    ASSERT(MM_ANY_WS_LOCK_HELD_EXCLUSIVE(PsGetCurrentThread()));

    /* This must be current process. */
    ASSERT(CurrentProcess == PsGetCurrentProcess());

    /* Capture the PTE */
    TempPte = *PointerPte;

    /* See if the PTE is valid */
    if (TempPte.u.Hard.Valid == 0)
    {
        /* Prototype and paged out PTEs not supported yet */
        ASSERT(TempPte.u.Soft.Prototype == 0);
        ASSERT((TempPte.u.Soft.PageFileHigh == 0) || (TempPte.u.Soft.Transition == 1));

        if (TempPte.u.Soft.Transition)
        {
            /* Get the PFN entry */
            PageFrameIndex = PFN_FROM_PTE(&TempPte);
            Pfn1 = MiGetPfnEntry(PageFrameIndex);

            DPRINT("Pte %p is transitional!\n", PointerPte);

            /* Make sure the saved PTE address is valid */
            ASSERT((PMMPTE)((ULONG_PTR)Pfn1->PteAddress & ~0x1) == PointerPte);

            /* Destroy the PTE */
            MI_ERASE_PTE(PointerPte);

            /* Drop the reference on the page table. */
            MiDecrementShareCount(MiGetPfnEntry(Pfn1->u4.PteFrame), Pfn1->u4.PteFrame);

            /* In case of shared page, the prototype PTE must be in transition, not the process one */
            ASSERT(Pfn1->u3.e1.PrototypePte == 0);

            /* Delete the PFN */
            MI_SET_PFN_DELETED(Pfn1);

            /* It must be either free (refcount == 0) or being written (refcount == 1) */
            ASSERT(Pfn1->u3.e2.ReferenceCount == Pfn1->u3.e1.WriteInProgress);

            /* See if we must free it ourselves, or if it will be freed once I/O is over */
            if (Pfn1->u3.e2.ReferenceCount == 0)
            {
                /* And it should be in standby or modified list */
                ASSERT((Pfn1->u3.e1.PageLocation == ModifiedPageList) || (Pfn1->u3.e1.PageLocation == StandbyPageList));

                /* Unlink it and set its reference count to one */
                MiUnlinkPageFromList(Pfn1);
                Pfn1->u3.e2.ReferenceCount++;

                /* This will put it back in free list and clean properly up */
                MiDecrementReferenceCount(Pfn1, PageFrameIndex);
            }
            return;
        }
    }

    /* Get the PFN entry */
    PageFrameIndex = PFN_FROM_PTE(&TempPte);
    Pfn1 = MiGetPfnEntry(PageFrameIndex);

    /* Check if this is a valid, prototype PTE */
    if (Pfn1->u3.e1.PrototypePte == 1)
    {
        /* Get the PDE and make sure it's faulted in */
        PointerPde = MiPteToPde(PointerPte);
        if (PointerPde->u.Hard.Valid == 0)
        {
#if (_MI_PAGING_LEVELS == 2)
            /* Could be paged pool access from a new process -- synchronize the page directories */
            if (!NT_SUCCESS(MiCheckPdeForPagedPool(VirtualAddress)))
            {
#endif
                /* The PDE must be valid at this point */
                KeBugCheckEx(MEMORY_MANAGEMENT,
                             0x61940,
                             (ULONG_PTR)PointerPte,
                             PointerPte->u.Long,
                             (ULONG_PTR)VirtualAddress);
            }
#if (_MI_PAGING_LEVELS == 2)
        }
#endif
        /* Drop the share count on the page table */
        PointerPde = MiPteToPde(PointerPte);
        MiDecrementShareCount(MiGetPfnEntry(PointerPde->u.Hard.PageFrameNumber),
            PointerPde->u.Hard.PageFrameNumber);

        /* Drop the share count */
        MiDecrementShareCount(Pfn1, PageFrameIndex);

        /* Either a fork, or this is the shared user data page */
        if ((PointerPte <= MiHighestUserPte) && (PrototypePte != Pfn1->PteAddress))
        {
            /* If it's not the shared user page, then crash, since there's no fork() yet */
            if ((PAGE_ALIGN(VirtualAddress) != (PVOID)USER_SHARED_DATA) ||
                 (MmHighestUserAddress <= (PVOID)USER_SHARED_DATA))
            {
                /* Must be some sort of memory corruption */
                KeBugCheckEx(MEMORY_MANAGEMENT,
                             0x400,
                             (ULONG_PTR)PointerPte,
                             (ULONG_PTR)PrototypePte,
                             (ULONG_PTR)Pfn1->PteAddress);
            }
        }

        /* Erase it */
        MI_ERASE_PTE(PointerPte);
    }
    else
    {
        /* Make sure the saved PTE address is valid */
        if ((PMMPTE)((ULONG_PTR)Pfn1->PteAddress & ~0x1) != PointerPte)
        {
            /* The PFN entry is illegal, or invalid */
            KeBugCheckEx(MEMORY_MANAGEMENT,
                         0x401,
                         (ULONG_PTR)PointerPte,
                         PointerPte->u.Long,
                         (ULONG_PTR)Pfn1->PteAddress);
        }

        /* Erase the PTE */
        MI_ERASE_PTE(PointerPte);

        /* There should only be 1 shared reference count */
        ASSERT(Pfn1->u2.ShareCount == 1);

        /* Drop the reference on the page table. */
        MiDecrementShareCount(MiGetPfnEntry(Pfn1->u4.PteFrame), Pfn1->u4.PteFrame);

        /* Mark the PFN for deletion and dereference what should be the last ref */
        MI_SET_PFN_DELETED(Pfn1);
        MiDecrementShareCount(Pfn1, PageFrameIndex);

        /* We should eventually do this */
        //CurrentProcess->NumberOfPrivatePages--;
    }

    /* Flush the TLB */
    KeFlushCurrentTb();
}

Referenced by MiDeletePde(), MiDeleteVirtualAddresses(), MiResolveProtoPteFault(), and MmArmAccessFault().

MiDeleteSystemPageableVm()

PFN_COUNT NTAPI MiDeleteSystemPageableVm	(	IN PMMPTE	PointerPte,
		IN PFN_NUMBER	PageCount,
		IN ULONG	Flags,
		OUT PPFN_NUMBER	ValidPages
	)

Definition at line 275 of file virtual.c.

{
    PFN_COUNT ActualPages = 0;
    PETHREAD CurrentThread = PsGetCurrentThread();
    PMMPFN Pfn1, Pfn2;
    PFN_NUMBER PageFrameIndex, PageTableIndex;
    KIRQL OldIrql;
    ASSERT(KeGetCurrentIrql() <= APC_LEVEL);

    /* Lock the system working set */
    MiLockWorkingSet(CurrentThread, &MmSystemCacheWs);

    /* Loop all pages */
    while (PageCount)
    {
        /* Make sure there's some data about the page */
        if (PointerPte->u.Long)
        {
            /* Normally this is one possibility -- freeing a valid page */
            if (PointerPte->u.Hard.Valid)
            {
                /* Get the page PFN */
                PageFrameIndex = PFN_FROM_PTE(PointerPte);
                Pfn1 = MiGetPfnEntry(PageFrameIndex);

                /* Should not have any working set data yet */
                ASSERT(Pfn1->u1.WsIndex == 0);

                /* Actual valid, legitimate, pages */
                if (ValidPages) (*ValidPages)++;

                /* Get the page table entry */
                PageTableIndex = Pfn1->u4.PteFrame;
                Pfn2 = MiGetPfnEntry(PageTableIndex);

                /* Lock the PFN database */
                OldIrql = MiAcquirePfnLock();

                /* Delete it the page */
                MI_SET_PFN_DELETED(Pfn1);
                MiDecrementShareCount(Pfn1, PageFrameIndex);

                /* Decrement the page table too */
                MiDecrementShareCount(Pfn2, PageTableIndex);

                /* Release the PFN database */
                MiReleasePfnLock(OldIrql);

                /* Destroy the PTE */
                MI_ERASE_PTE(PointerPte);
            }
            else
            {
                /* As always, only handle current ARM3 scenarios */
                ASSERT(PointerPte->u.Soft.Prototype == 0);
                ASSERT(PointerPte->u.Soft.Transition == 0);

                /*
                 * The only other ARM3 possibility is a demand zero page, which would
                 * mean freeing some of the paged pool pages that haven't even been
                 * touched yet, as part of a larger allocation.
                 *
                 * Right now, we shouldn't expect any page file information in the PTE
                 */
                ASSERT(PointerPte->u.Soft.PageFileHigh == 0);

                /* Destroy the PTE */
                MI_ERASE_PTE(PointerPte);
            }

            /* Actual legitimate pages */
            ActualPages++;
        }

        /* Keep going */
        PointerPte++;
        PageCount--;
    }

    /* Release the working set */
    MiUnlockWorkingSet(CurrentThread, &MmSystemCacheWs);

    /* Flush the entire TLB */
    KeFlushEntireTb(TRUE, TRUE);

    /* Done */
    return ActualPages;
}

Referenced by MiFreeInitializationCode(), MiFreePoolPages(), MmFreeDriverInitialization(), and MmFreeSpecialPool().

MiDeleteVirtualAddresses()

VOID NTAPI MiDeleteVirtualAddresses	(	IN ULONG_PTR	Va,
		IN ULONG_PTR	EndingAddress,
		IN PMMVAD	Vad
	)

Definition at line 530 of file virtual.c.

{
    PMMPTE PointerPte, PrototypePte, LastPrototypePte;
    PMMPDE PointerPde;
#if (_MI_PAGING_LEVELS >= 3)
    PMMPPE PointerPpe;
#endif
#if (_MI_PAGING_LEVELS >= 4)
    PMMPPE PointerPxe;
#endif
    MMPTE TempPte;
    PEPROCESS CurrentProcess;
    KIRQL OldIrql;
    BOOLEAN AddressGap = FALSE;
    PSUBSECTION Subsection;

    /* Get out if this is a fake VAD, RosMm will free the marea pages */
    if ((Vad) && (Vad->u.VadFlags.Spare == 1)) return;

    /* Get the current process */
    CurrentProcess = PsGetCurrentProcess();

    /* Check if this is a section VAD or a VM VAD */
    if (!(Vad) || (Vad->u.VadFlags.PrivateMemory) || !(Vad->FirstPrototypePte))
    {
        /* Don't worry about prototypes */
        PrototypePte = LastPrototypePte = NULL;
    }
    else
    {
        /* Get the prototype PTE */
        PrototypePte = Vad->FirstPrototypePte;
        LastPrototypePte = Vad->FirstPrototypePte + 1;
    }

    /* In all cases, we don't support fork() yet */
    ASSERT(CurrentProcess->CloneRoot == NULL);

    /* Loop the PTE for each VA (EndingAddress is inclusive!) */
    while (Va <= EndingAddress)
    {
#if (_MI_PAGING_LEVELS >= 4)
        /* Get the PXE and check if it's valid */
        PointerPxe = MiAddressToPxe((PVOID)Va);
        if (!PointerPxe->u.Hard.Valid)
        {
            /* Check for unmapped range and skip it */
            if (!PointerPxe->u.Long)
            {
                /* There are gaps in the address space */
                AddressGap = TRUE;

                /* Update Va and continue looping */
                Va = (ULONG_PTR)MiPxeToAddress(PointerPxe + 1);
                continue;
            }

            /* Make the PXE valid */
            MiMakeSystemAddressValid(MiPteToAddress(PointerPxe), CurrentProcess);
        }
#endif
#if (_MI_PAGING_LEVELS >= 3)
        /* Get the PPE and check if it's valid */
        PointerPpe = MiAddressToPpe((PVOID)Va);
        if (!PointerPpe->u.Hard.Valid)
        {
            /* Check for unmapped range and skip it */
            if (!PointerPpe->u.Long)
            {
                /* There are gaps in the address space */
                AddressGap = TRUE;

                /* Update Va and continue looping */
                Va = (ULONG_PTR)MiPpeToAddress(PointerPpe + 1);
                continue;
            }

            /* Make the PPE valid */
            MiMakeSystemAddressValid(MiPteToAddress(PointerPpe), CurrentProcess);
        }
#endif
        /* Skip invalid PDEs */
        PointerPde = MiAddressToPde((PVOID)Va);
        if (!PointerPde->u.Long)
        {
            /* There are gaps in the address space */
            AddressGap = TRUE;

            /* Check if all the PDEs are invalid, so there's nothing to free */
            Va = (ULONG_PTR)MiPdeToAddress(PointerPde + 1);
            continue;
        }

        /* Now check if the PDE is mapped in */
        if (!PointerPde->u.Hard.Valid)
        {
            /* It isn't, so map it in */
            PointerPte = MiPteToAddress(PointerPde);
            MiMakeSystemAddressValid(PointerPte, CurrentProcess);
        }

        /* Now we should have a valid PDE, mapped in, and still have some VA */
        ASSERT(PointerPde->u.Hard.Valid == 1);
        ASSERT(Va <= EndingAddress);

        /* Check if this is a section VAD with gaps in it */
        if ((AddressGap) && (LastPrototypePte))
        {
            /* We need to skip to the next correct prototype PTE */
            PrototypePte = MI_GET_PROTOTYPE_PTE_FOR_VPN(Vad, Va >> PAGE_SHIFT);

            /* And we need the subsection to skip to the next last prototype PTE */
            Subsection = MiLocateSubsection(Vad, Va >> PAGE_SHIFT);
            if (Subsection)
            {
                /* Found it! */
                LastPrototypePte = &Subsection->SubsectionBase[Subsection->PtesInSubsection];
            }
            else
            {
                /* No more subsections, we are done with prototype PTEs */
                PrototypePte = NULL;
            }
        }

        /* Lock the PFN Database while we delete the PTEs */
        OldIrql = MiAcquirePfnLock();
        PointerPte = MiAddressToPte(Va);
        do
        {
            /* Making sure the PDE is still valid */
            ASSERT(PointerPde->u.Hard.Valid == 1);

            /* Capture the PDE and make sure it exists */
            TempPte = *PointerPte;
            if (TempPte.u.Long)
            {
                /* Check if the PTE is actually mapped in */
                if (MI_IS_MAPPED_PTE(&TempPte))
                {
                    /* Are we dealing with section VAD? */
                    if ((LastPrototypePte) && (PrototypePte > LastPrototypePte))
                    {
                        /* We need to skip to the next correct prototype PTE */
                        PrototypePte = MI_GET_PROTOTYPE_PTE_FOR_VPN(Vad, Va >> PAGE_SHIFT);

                        /* And we need the subsection to skip to the next last prototype PTE */
                        Subsection = MiLocateSubsection(Vad, Va >> PAGE_SHIFT);
                        if (Subsection)
                        {
                            /* Found it! */
                            LastPrototypePte = &Subsection->SubsectionBase[Subsection->PtesInSubsection];
                        }
                        else
                        {
                            /* No more subsections, we are done with prototype PTEs */
                            PrototypePte = NULL;
                        }
                    }

                    /* Check for prototype PTE */
                    if ((TempPte.u.Hard.Valid == 0) &&
                        (TempPte.u.Soft.Prototype == 1))
                    {
                        /* Just nuke it */
                        MI_ERASE_PTE(PointerPte);
                    }
                    else
                    {
                        /* Delete the PTE proper */
                        MiDeletePte(PointerPte,
                                    (PVOID)Va,
                                    CurrentProcess,
                                    PrototypePte);
                    }
                }
                else
                {
                    /* The PTE was never mapped, just nuke it here */
                    MI_ERASE_PTE(PointerPte);
                }

                if (MiDecrementPageTableReferences((PVOID)Va) == 0)
                {
                    ASSERT(PointerPde->u.Long != 0);
                    /* Delete the PDE proper */
                    MiDeletePde(PointerPde, CurrentProcess);
                    /* Jump */
                    Va = (ULONG_PTR)MiPdeToAddress(PointerPde + 1);
                    break;
                }
            }

            /* Update the address and PTE for it */
            Va += PAGE_SIZE;
            PointerPte++;
            PrototypePte++;
        } while ((Va & (PDE_MAPPED_VA - 1)) && (Va <= EndingAddress));

        /* Release the lock */
        MiReleasePfnLock(OldIrql);

        if (Va > EndingAddress) return;

        /* Otherwise, we exited because we hit a new PDE boundary, so start over */
        AddressGap = FALSE;
    }
}

Referenced by MiRemoveMappedView(), MmCleanProcessAddressSpace(), MmDeleteTeb(), and NtFreeVirtualMemory().

MiDereferencePfnAndDropLockCount()

FORCEINLINE VOID MiDereferencePfnAndDropLockCount

(

IN PMMPFN

Pfn1

)

Definition at line 1620 of file miarm.h.

{
    USHORT RefCount, OldRefCount;
    PFN_NUMBER PageFrameIndex;

    /* Loop while we decrement the page successfully */
    do
    {
        /* There should be at least one reference */
        OldRefCount = Pfn1->u3.e2.ReferenceCount;
        ASSERT(OldRefCount != 0);

        /* Are we the last one */
        if (OldRefCount == 1)
        {
            /* The page shoudln't be shared not active at this point */
            ASSERT(Pfn1->u3.e2.ReferenceCount == 1);
            ASSERT(Pfn1->u3.e1.PageLocation != ActiveAndValid);
            ASSERT(Pfn1->u2.ShareCount == 0);

            /* Is it a prototype PTE? */
            if ((Pfn1->u3.e1.PrototypePte == 1) &&
                (Pfn1->OriginalPte.u.Soft.Prototype == 1))
            {
                /* FIXME: We should return commit */
                DPRINT1("Not returning commit for prototype PTE\n");
            }

            /* Update the counter, and drop a reference the long way */
            InterlockedDecrementSizeT(&MmSystemLockPagesCount);
            PageFrameIndex = MiGetPfnEntryIndex(Pfn1);
            MiDecrementReferenceCount(Pfn1, PageFrameIndex);
            return;
        }

        /* Drop a reference the short way, and that's it */
        RefCount = InterlockedCompareExchange16((PSHORT)&Pfn1->u3.e2.ReferenceCount,
                                                OldRefCount - 1,
                                                OldRefCount);
        ASSERT(RefCount != 0);
    } while (OldRefCount != RefCount);

    /* If we got here, there should be more than one reference */
    ASSERT(RefCount > 1);
    if (RefCount == 2)
    {
        /* Is it still being shared? */
        if (Pfn1->u2.ShareCount >= 1)
        {
            /* Then it should be valid */
            ASSERT(Pfn1->u3.e1.PageLocation == ActiveAndValid);

            /* Is it a prototype PTE? */
            if ((Pfn1->u3.e1.PrototypePte == 1) &&
                (Pfn1->OriginalPte.u.Soft.Prototype == 1))
            {
                /* We don't handle ethis */
                ASSERT(FALSE);
            }

            /* Update the counter */
            InterlockedDecrementSizeT(&MmSystemLockPagesCount);
        }
    }
}

Referenced by MI_UNLOCK_VA(), MiCompleteProtoPteFault(), MiDispatchFault(), and MmUnlockPages().

MiDetermineUserGlobalPteMask()

FORCEINLINE ULONG_PTR MiDetermineUserGlobalPteMask

(

IN PVOID

PointerPte

)

Definition at line 741 of file miarm.h.

{
    MMPTE TempPte;

    /* Start fresh */
    TempPte.u.Long = 0;

    /* Make it valid and accessed */
    TempPte.u.Hard.Valid = TRUE;
    MI_MAKE_ACCESSED_PAGE(&TempPte);

    /* Is this for user-mode? */
    if (
#if (_MI_PAGING_LEVELS == 4)
        MiIsUserPxe(PointerPte) ||
#endif
#if (_MI_PAGING_LEVELS >= 3)
        MiIsUserPpe(PointerPte) ||
#endif
        MiIsUserPde(PointerPte) ||
        MiIsUserPte(PointerPte))
    {
        /* Set the owner bit */
        MI_MAKE_OWNER_PAGE(&TempPte);
    }

    /* FIXME: We should also set the global bit */

    /* Return the protection */
    return TempPte.u.Long;
}

Referenced by MI_MAKE_HARDWARE_PTE(), and MiResolveTransitionFault().

MiDropLockCount()

FORCEINLINE VOID MiDropLockCount

(

IN PMMPFN

Pfn1

)

Definition at line 1590 of file miarm.h.

{
    /* This page shouldn't be locked, but it should be valid */
    ASSERT(Pfn1->u3.e2.ReferenceCount != 0);
    ASSERT(Pfn1->u2.ShareCount == 0);

    /* Is this the last reference to the page */
    if (Pfn1->u3.e2.ReferenceCount == 1)
    {
        /* It better not be valid */
        ASSERT(Pfn1->u3.e1.PageLocation != ActiveAndValid);

        /* Is it a prototype PTE? */
        if ((Pfn1->u3.e1.PrototypePte == 1) &&
            (Pfn1->OriginalPte.u.Soft.Prototype == 1))
        {
            /* FIXME: We should return commit */
            DPRINT1("Not returning commit for prototype PTE\n");
        }

        /* Update the counter */
        InterlockedDecrementSizeT(&MmSystemLockPagesCount);
    }
}

Referenced by MiResolveTransitionFault().

MiFindContiguousPages()

PFN_NUMBER NTAPI MiFindContiguousPages	(	IN PFN_NUMBER	LowestPfn,
		IN PFN_NUMBER	HighestPfn,
		IN PFN_NUMBER	BoundaryPfn,
		IN PFN_NUMBER	SizeInPages,
		IN MEMORY_CACHING_TYPE	CacheType
	)

Definition at line 22 of file contmem.c.

{
    PFN_NUMBER Page, PageCount, LastPage, Length, BoundaryMask;
    ULONG i = 0;
    PMMPFN Pfn1, EndPfn;
    KIRQL OldIrql;
    PAGED_CODE();
    ASSERT(SizeInPages != 0);

    //
    // Convert the boundary PFN into an alignment mask
    //
    BoundaryMask = ~(BoundaryPfn - 1);

    /* Disable APCs */
    KeEnterGuardedRegion();

    //
    // Loop all the physical memory blocks
    //
    do
    {
        //
        // Capture the base page and length of this memory block
        //
        Page = MmPhysicalMemoryBlock->Run[i].BasePage;
        PageCount = MmPhysicalMemoryBlock->Run[i].PageCount;

        //
        // Check how far this memory block will go
        //
        LastPage = Page + PageCount;

        //
        // Trim it down to only the PFNs we're actually interested in
        //
        if ((LastPage - 1) > HighestPfn) LastPage = HighestPfn + 1;
        if (Page < LowestPfn) Page = LowestPfn;

        //
        // Skip this run if it's empty or fails to contain all the pages we need
        //
        if (!(PageCount) || ((Page + SizeInPages) > LastPage)) continue;

        //
        // Now scan all the relevant PFNs in this run
        //
        Length = 0;
        for (Pfn1 = MI_PFN_ELEMENT(Page); Page < LastPage; Page++, Pfn1++)
        {
            //
            // If this PFN is in use, ignore it
            //
            if (MiIsPfnInUse(Pfn1))
            {
                Length = 0;
                continue;
            }

            //
            // If we haven't chosen a start PFN yet and the caller specified an
            // alignment, make sure the page matches the alignment restriction
            //
            if ((!(Length) && (BoundaryPfn)) &&
                (((Page ^ (Page + SizeInPages - 1)) & BoundaryMask)))
            {
                //
                // It does not, so bail out
                //
                continue;
            }

            //
            // Increase the number of valid pages, and check if we have enough
            //
            if (++Length == SizeInPages)
            {
                //
                // It appears we've amassed enough legitimate pages, rollback
                //
                Pfn1 -= (Length - 1);
                Page -= (Length - 1);

                //
                // Acquire the PFN lock
                //
                OldIrql = MiAcquirePfnLock();
                do
                {
                    //
                    // Things might've changed for us. Is the page still free?
                    //
                    if (MiIsPfnInUse(Pfn1)) break;

                    //
                    // So far so good. Is this the last confirmed valid page?
                    //
                    if (!--Length)
                    {
                        //
                        // Sanity check that we didn't go out of bounds
                        //
                        ASSERT(i != MmPhysicalMemoryBlock->NumberOfRuns);

                        //
                        // Loop until all PFN entries have been processed
                        //
                        EndPfn = Pfn1 - SizeInPages + 1;
                        do
                        {
                            //
                            // This PFN is now a used page, set it up
                            //
                            MI_SET_USAGE(MI_USAGE_CONTINOUS_ALLOCATION);
                            MI_SET_PROCESS2("Kernel Driver");
                            MiUnlinkFreeOrZeroedPage(Pfn1);
                            Pfn1->u3.e2.ReferenceCount = 1;
                            Pfn1->u2.ShareCount = 1;
                            Pfn1->u3.e1.PageLocation = ActiveAndValid;
                            Pfn1->u3.e1.StartOfAllocation = 0;
                            Pfn1->u3.e1.EndOfAllocation = 0;
                            Pfn1->u3.e1.PrototypePte = 0;
                            Pfn1->u4.VerifierAllocation = 0;
                            Pfn1->PteAddress = (PVOID)(ULONG_PTR)0xBAADF00DBAADF00DULL;

                            //
                            // Check if this is the last PFN, otherwise go on
                            //
                            if (Pfn1 == EndPfn) break;
                            Pfn1--;
                        } while (TRUE);

                        //
                        // Mark the first and last PFN so we can find them later
                        //
                        Pfn1->u3.e1.StartOfAllocation = 1;
                        (Pfn1 + SizeInPages - 1)->u3.e1.EndOfAllocation = 1;

                        //
                        // Now it's safe to let go of the PFN lock
                        //
                        MiReleasePfnLock(OldIrql);

                        //
                        // Quick sanity check that the last PFN is consistent
                        //
                        EndPfn = Pfn1 + SizeInPages;
                        ASSERT(EndPfn == MI_PFN_ELEMENT(Page + 1));

                        //
                        // Compute the first page, and make sure it's consistent
                        //
                        Page = Page - SizeInPages + 1;
                        ASSERT(Pfn1 == MI_PFN_ELEMENT(Page));
                        ASSERT(Page != 0);

                        /* Enable APCs and return the page */
                        KeLeaveGuardedRegion();
                        return Page;
                    }

                    //
                    // Keep going. The purpose of this loop is to reconfirm that
                    // after acquiring the PFN lock these pages are still usable
                    //
                    Pfn1++;
                    Page++;
                } while (TRUE);

                //
                // If we got here, something changed while we hadn't acquired
                // the PFN lock yet, so we'll have to restart
                //
                MiReleasePfnLock(OldIrql);
                Length = 0;
            }
        }
    } while (++i != MmPhysicalMemoryBlock->NumberOfRuns);

    //
    // And if we get here, it means no suitable physical memory runs were found
    //
    KeLeaveGuardedRegion();
    return 0;
}