miarm.h File Reference

This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Classes
struct	_POOL_DESCRIPTOR
struct	_POOL_HEADER
struct	_POOL_TRACKER_TABLE
struct	_POOL_TRACKER_BIG_PAGES
struct	_MI_LARGE_PAGE_DRIVER_ENTRY
struct	_PHYSICAL_MEMORY_RUN
struct	_PHYSICAL_MEMORY_DESCRIPTOR
struct	_MMCOLOR_TABLES
struct	_MI_LARGE_PAGE_RANGES
struct	_MMVIEW
struct	_MMSESSION
struct	_MM_SESSION_SPACE_FLAGS
struct	_MM_SESSION_SPACE

Macros
#define	MI_LOWEST_VAD_ADDRESS   (PVOID)MM_LOWEST_USER_ADDRESS
#define	_1KB   (1024u)
#define	_1MB   (1024 * _1KB)
#define	_1GB   (1024 * _1MB)
#define	_64K   (64 * _1KB)
#define	PDE_MAPPED_VA   (PTE_COUNT * PAGE_SIZE)
#define	PT_SIZE   (PTE_COUNT * sizeof(MMPTE))
#define	PD_SIZE   (PDE_COUNT * sizeof(MMPDE))
#define	PD_COUNT   PPE_PER_PAGE
#define	PDE_COUNT   PDE_PER_PAGE
#define	PTE_COUNT   PTE_PER_PAGE
#define	SYSTEM_PD_SIZE   (PD_COUNT * PD_SIZE)
#define	MM_ZERO_ACCESS   0
#define	MM_READONLY   1
#define	MM_EXECUTE   2
#define	MM_EXECUTE_READ   3
#define	MM_READWRITE   4
#define	MM_WRITECOPY   5
#define	MM_EXECUTE_READWRITE   6
#define	MM_EXECUTE_WRITECOPY   7
#define	MM_PROTECT_ACCESS   7
#define	MM_NOCACHE   0x08
#define	MM_GUARDPAGE   0x10
#define	MM_WRITECOMBINE   0x18
#define	MM_PROTECT_SPECIAL   0x18
#define	MM_DECOMMIT   (MM_ZERO_ACCESS | MM_GUARDPAGE)
#define	MM_NOACCESS   (MM_ZERO_ACCESS | MM_WRITECOMBINE)
#define	MM_OUTSWAPPED_KSTACK   (MM_EXECUTE_WRITECOPY | MM_WRITECOMBINE)
#define	MM_INVALID_PROTECTION   0xFFFFFFFF
#define	MI_IS_SESSION_IMAGE_ADDRESS(Address)   (((Address) >= MiSessionImageStart) && ((Address) < MiSessionImageEnd))
#define	MI_IS_SESSION_ADDRESS(Address)   (((Address) >= MmSessionBase) && ((Address) < MiSessionSpaceEnd))
#define	MI_IS_SESSION_PTE(Pte)   ((((PMMPTE)Pte) >= MiSessionBasePte) && (((PMMPTE)Pte) < MiSessionLastPte))
#define	MI_IS_PAGE_TABLE_ADDRESS(Address)   (((PVOID)(Address) >= (PVOID)PTE_BASE) && ((PVOID)(Address) <= (PVOID)PTE_TOP))
#define	MI_IS_SYSTEM_PAGE_TABLE_ADDRESS(Address)   (((Address) >= (PVOID)MiAddressToPte(MmSystemRangeStart)) && ((Address) <= (PVOID)PTE_TOP))
#define	MI_IS_PAGE_TABLE_OR_HYPER_ADDRESS(Address)   (((PVOID)(Address) >= (PVOID)PTE_BASE) && ((PVOID)(Address) <= (PVOID)MmHyperSpaceEnd))
#define	MI_MAKE_SOFTWARE_PTE(p, x)   ((p)->u.Long = (x << MM_PTE_SOFTWARE_PROTECTION_BITS))
#define	MI_SET_PFN_DELETED(x)   ((x)->PteAddress = (PMMPTE)((ULONG_PTR)(x)->PteAddress | 1))
#define	MI_IS_PFN_DELETED(x)   ((ULONG_PTR)((x)->PteAddress) & 1)
#define	MM_SYSLDR_NO_IMPORTS   (PVOID)0xFFFFFFFE
#define	MM_SYSLDR_BOOT_LOADED   (PVOID)0xFFFFFFFF
#define	MM_SYSLDR_SINGLE_ENTRY   0x1
#define	MI_INITIAL_SESSION_IDS   64
#define	MM_NOIRQL   (KIRQL)0xFFFFFFFF
#define	MI_GET_PAGE_COLOR(x)   ((x) & MmSecondaryColorMask)
#define	MI_GET_NEXT_COLOR()   (MI_GET_PAGE_COLOR(++MmSystemPageColor))
#define	MI_GET_NEXT_PROCESS_COLOR(x)   (MI_GET_PAGE_COLOR(++(x)->NextPageColor))
#define	MI_PTE_LOOKUP_NEEDED   0xFFFFF
#define	MI_SESSION_DATA_PAGES_MAXIMUM   (MM_ALLOCATION_GRANULARITY / PAGE_SIZE)
#define	MI_SESSION_TAG_PAGES_MAXIMUM   (MM_ALLOCATION_GRANULARITY / PAGE_SIZE)
#define	MM_READ_WRITE_ALLOWED   11
#define	MM_READ_ONLY_ALLOWED   10
#define	MM_NO_ACCESS_ALLOWED   01
#define	MM_DELETE_CHECK   85
#define	MI_SYSTEM_VIEW_BUCKET_SIZE   _64K
#define	POOL_BLOCK_SIZE   8
#define	POOL_LISTS_PER_PAGE   (PAGE_SIZE / POOL_BLOCK_SIZE)
#define	BASE_POOL_TYPE_MASK   1
#define	POOL_MAX_ALLOC   (PAGE_SIZE - (sizeof(POOL_HEADER) + POOL_BLOCK_SIZE))
#define	POOL_FLAG_CHECK_TIMERS   0x1
#define	POOL_FLAG_CHECK_WORKERS   0x2
#define	POOL_FLAG_CHECK_RESOURCES   0x4
#define	POOL_FLAG_VERIFIER   0x8
#define	POOL_FLAG_CHECK_DEADLOCK   0x10
#define	POOL_FLAG_SPECIAL_POOL   0x20
#define	POOL_FLAG_DBGPRINT_ON_FAILURE   0x40
#define	POOL_FLAG_CRASH_ON_FAILURE   0x80
#define	POOL_CORRUPTED_LIST   3
#define	POOL_SIZE_OR_INDEX_MISMATCH   5
#define	POOL_ENTRIES_NOT_ALIGNED_PREVIOUS   6
#define	POOL_HEADER_NOT_ALIGNED   7
#define	POOL_HEADER_IS_ZERO   8
#define	POOL_ENTRIES_NOT_ALIGNED_NEXT   9
#define	POOL_ENTRY_NOT_FOUND   10
#define	POOL_ENTRY_CORRUPTED   1
#define	POOL_ENTRY_ALREADY_FREE   6
#define	POOL_ENTRY_NOT_ALLOCATED   7
#define	POOL_ALLOC_IRQL_INVALID   8
#define	POOL_FREE_IRQL_INVALID   9
#define	POOL_BILLED_PROCESS_INVALID   13
#define	POOL_HEADER_SIZE_INVALID   32
#define	MI_IS_ROS_PFN(x)   ((x)->u4.AweAllocation == TRUE)

Typedefs
typedef struct _POOL_DESCRIPTOR	POOL_DESCRIPTOR
typedef struct _POOL_DESCRIPTOR *	PPOOL_DESCRIPTOR
typedef struct _POOL_HEADER	POOL_HEADER
typedef struct _POOL_HEADER *	PPOOL_HEADER
typedef struct _POOL_TRACKER_TABLE	POOL_TRACKER_TABLE
typedef struct _POOL_TRACKER_TABLE *	PPOOL_TRACKER_TABLE
typedef struct _POOL_TRACKER_BIG_PAGES	POOL_TRACKER_BIG_PAGES
typedef struct _POOL_TRACKER_BIG_PAGES *	PPOOL_TRACKER_BIG_PAGES
typedef struct _MI_LARGE_PAGE_DRIVER_ENTRY	MI_LARGE_PAGE_DRIVER_ENTRY
typedef struct _MI_LARGE_PAGE_DRIVER_ENTRY *	PMI_LARGE_PAGE_DRIVER_ENTRY
typedef enum _MMSYSTEM_PTE_POOL_TYPE	MMSYSTEM_PTE_POOL_TYPE
typedef enum _MI_PFN_CACHE_ATTRIBUTE	MI_PFN_CACHE_ATTRIBUTE
typedef enum _MI_PFN_CACHE_ATTRIBUTE *	PMI_PFN_CACHE_ATTRIBUTE
typedef struct _PHYSICAL_MEMORY_RUN	PHYSICAL_MEMORY_RUN
typedef struct _PHYSICAL_MEMORY_RUN *	PPHYSICAL_MEMORY_RUN
typedef struct _PHYSICAL_MEMORY_DESCRIPTOR	PHYSICAL_MEMORY_DESCRIPTOR
typedef struct _PHYSICAL_MEMORY_DESCRIPTOR *	PPHYSICAL_MEMORY_DESCRIPTOR
typedef struct _MMCOLOR_TABLES	MMCOLOR_TABLES
typedef struct _MMCOLOR_TABLES *	PMMCOLOR_TABLES
typedef struct _MI_LARGE_PAGE_RANGES	MI_LARGE_PAGE_RANGES
typedef struct _MI_LARGE_PAGE_RANGES *	PMI_LARGE_PAGE_RANGES
typedef struct _MMVIEW	MMVIEW
typedef struct _MMVIEW *	PMMVIEW
typedef struct _MMSESSION	MMSESSION
typedef struct _MMSESSION *	PMMSESSION
typedef struct _MM_SESSION_SPACE_FLAGS	MM_SESSION_SPACE_FLAGS
typedef struct _MM_SESSION_SPACE	MM_SESSION_SPACE
typedef struct _MM_SESSION_SPACE *	PMM_SESSION_SPACE

Enumerations
enum	_MMSYSTEM_PTE_POOL_TYPE { SystemPteSpace, NonPagedPoolExpansion, MaximumPtePoolTypes }
enum	_MI_PFN_CACHE_ATTRIBUTE { MiNonCached, MiCached, MiWriteCombined, MiNotMapped }

Functions
	C_ASSERT (sizeof(POOL_HEADER)==POOL_BLOCK_SIZE)
	C_ASSERT (POOL_BLOCK_SIZE==sizeof(LIST_ENTRY))
FORCEINLINE BOOLEAN	MiIsMemoryTypeFree (TYPE_OF_MEMORY MemoryType)
FORCEINLINE BOOLEAN	MiIsMemoryTypeInvisible (TYPE_OF_MEMORY MemoryType)
FORCEINLINE BOOLEAN	MiIsUserPde (PVOID Address)
FORCEINLINE BOOLEAN	MiIsUserPte (PVOID Address)
FORCEINLINE ULONG_PTR	MiDetermineUserGlobalPteMask (IN PVOID PointerPte)
FORCEINLINE VOID	MI_MAKE_HARDWARE_PTE_KERNEL (IN PMMPTE NewPte, IN PMMPTE MappingPte, IN ULONG_PTR ProtectionMask, IN PFN_NUMBER PageFrameNumber)
FORCEINLINE VOID	MI_MAKE_HARDWARE_PTE (IN PMMPTE NewPte, IN PMMPTE MappingPte, IN ULONG_PTR ProtectionMask, IN PFN_NUMBER PageFrameNumber)
FORCEINLINE VOID	MI_MAKE_HARDWARE_PTE_USER (IN PMMPTE NewPte, IN PMMPTE MappingPte, IN ULONG_PTR ProtectionMask, IN PFN_NUMBER PageFrameNumber)
FORCEINLINE VOID	MI_MAKE_PROTOTYPE_PTE (IN PMMPTE NewPte, IN PMMPTE PointerPte)
FORCEINLINE VOID	MI_MAKE_SUBSECTION_PTE (IN PMMPTE NewPte, IN PVOID Segment)
FORCEINLINE BOOLEAN	MI_IS_MAPPED_PTE (PMMPTE PointerPte)
FORCEINLINE VOID	MI_MAKE_TRANSITION_PTE (_Out_ PMMPTE NewPte, _In_ PFN_NUMBER Page, _In_ ULONG Protection)
FORCEINLINE BOOLEAN	MI_IS_PHYSICAL_ADDRESS (IN PVOID Address)
FORCEINLINE VOID	MI_WRITE_VALID_PTE (IN PMMPTE PointerPte, IN MMPTE TempPte)
FORCEINLINE VOID	MI_UPDATE_VALID_PTE (IN PMMPTE PointerPte, IN MMPTE TempPte)
FORCEINLINE VOID	MI_WRITE_INVALID_PTE (IN PMMPTE PointerPte, IN MMPTE InvalidPte)
FORCEINLINE VOID	MI_ERASE_PTE (IN PMMPTE PointerPte)
FORCEINLINE VOID	MI_WRITE_VALID_PDE (IN PMMPDE PointerPde, IN MMPDE TempPde)
FORCEINLINE VOID	MI_WRITE_INVALID_PDE (IN PMMPDE PointerPde, IN MMPDE InvalidPde)
FORCEINLINE BOOLEAN	MM_ANY_WS_LOCK_HELD (IN PETHREAD Thread)
FORCEINLINE BOOLEAN	MI_WS_OWNER (IN PEPROCESS Process)
FORCEINLINE BOOLEAN	MiIsRosSectionObject (IN PVOID Section)
VOID NTAPI	MiDecrementReferenceCount (IN PMMPFN Pfn1, IN PFN_NUMBER PageFrameIndex)
FORCEINLINE BOOLEAN	MI_IS_WS_UNSAFE (IN PEPROCESS Process)
FORCEINLINE VOID	MiLockProcessWorkingSet (IN PEPROCESS Process, IN PETHREAD Thread)
FORCEINLINE VOID	MiLockProcessWorkingSetShared (IN PEPROCESS Process, IN PETHREAD Thread)
FORCEINLINE VOID	MiLockProcessWorkingSetUnsafe (IN PEPROCESS Process, IN PETHREAD Thread)
FORCEINLINE VOID	MiUnlockProcessWorkingSet (IN PEPROCESS Process, IN PETHREAD Thread)
FORCEINLINE VOID	MiUnlockProcessWorkingSetShared (IN PEPROCESS Process, IN PETHREAD Thread)
FORCEINLINE VOID	MiUnlockProcessWorkingSetUnsafe (IN PEPROCESS Process, IN PETHREAD Thread)
FORCEINLINE VOID	MiLockWorkingSet (IN PETHREAD Thread, IN PMMSUPPORT WorkingSet)
FORCEINLINE VOID	MiUnlockWorkingSet (IN PETHREAD Thread, IN PMMSUPPORT WorkingSet)
FORCEINLINE VOID	MiUnlockProcessWorkingSetForFault (IN PEPROCESS Process, IN PETHREAD Thread, OUT PBOOLEAN Safe, OUT PBOOLEAN Shared)
FORCEINLINE VOID	MiLockProcessWorkingSetForFault (IN PEPROCESS Process, IN PETHREAD Thread, IN BOOLEAN Safe, IN BOOLEAN Shared)
FORCEINLINE KIRQL	MiAcquireExpansionLock (VOID)
FORCEINLINE VOID	MiReleaseExpansionLock (KIRQL OldIrql)
FORCEINLINE PMMPTE	MI_GET_PROTOTYPE_PTE_FOR_VPN (IN PMMVAD Vad, IN ULONG_PTR Vpn)
FORCEINLINE PMMPFN	MI_PFN_ELEMENT (IN PFN_NUMBER Pfn)
FORCEINLINE VOID	MiDropLockCount (IN PMMPFN Pfn1)
FORCEINLINE VOID	MiDereferencePfnAndDropLockCount (IN PMMPFN Pfn1)
FORCEINLINE VOID	MiReferenceProbedPageAndBumpLockCount (IN PMMPFN Pfn1)
FORCEINLINE VOID	MiReferenceUsedPageAndBumpLockCount (IN PMMPFN Pfn1)
FORCEINLINE VOID	MiReferenceUnusedPageAndBumpLockCount (IN PMMPFN Pfn1)
FORCEINLINE VOID	MiIncrementPageTableReferences (IN PVOID Address)
FORCEINLINE VOID	MiDecrementPageTableReferences (IN PVOID Address)
FORCEINLINE USHORT	MiQueryPageTableReferences (IN PVOID Address)
BOOLEAN NTAPI	MmArmInitSystem (IN ULONG Phase, IN PLOADER_PARAMETER_BLOCK LoaderBlock)
VOID NTAPI	MiInitializeSessionSpaceLayout (VOID)
NTSTATUS NTAPI	MiInitMachineDependent (IN PLOADER_PARAMETER_BLOCK LoaderBlock)
VOID NTAPI	MiComputeColorInformation (VOID)
VOID NTAPI	MiMapPfnDatabase (IN PLOADER_PARAMETER_BLOCK LoaderBlock)
VOID NTAPI	MiInitializeColorTables (VOID)
VOID NTAPI	MiInitializePfnDatabase (IN PLOADER_PARAMETER_BLOCK LoaderBlock)
VOID NTAPI	MiInitializeSessionWsSupport (VOID)
VOID NTAPI	MiInitializeSessionIds (VOID)
BOOLEAN NTAPI	MiInitializeMemoryEvents (VOID)
PFN_NUMBER NTAPI	MxGetNextPage (IN PFN_NUMBER PageCount)
PPHYSICAL_MEMORY_DESCRIPTOR NTAPI	MmInitializeMemoryLimits (IN PLOADER_PARAMETER_BLOCK LoaderBlock, IN PBOOLEAN IncludeType)
PFN_NUMBER NTAPI	MiPagesInLoaderBlock (IN PLOADER_PARAMETER_BLOCK LoaderBlock, IN PBOOLEAN IncludeType)
VOID FASTCALL	MiSyncARM3WithROS (IN PVOID AddressStart, IN PVOID AddressEnd)
NTSTATUS NTAPI	MiRosProtectVirtualMemory (IN PEPROCESS Process, IN OUT PVOID *BaseAddress, IN OUT PSIZE_T NumberOfBytesToProtect, IN ULONG NewAccessProtection, OUT PULONG OldAccessProtection OPTIONAL)
NTSTATUS NTAPI	MmArmAccessFault (IN BOOLEAN StoreInstruction, IN PVOID Address, IN KPROCESSOR_MODE Mode, IN PVOID TrapInformation)
NTSTATUS FASTCALL	MiCheckPdeForPagedPool (IN PVOID Address)
VOID NTAPI	MiInitializeNonPagedPool (VOID)
VOID NTAPI	MiInitializeNonPagedPoolThresholds (VOID)
VOID NTAPI	MiInitializePoolEvents (VOID)
VOID NTAPI	InitializePool (IN POOL_TYPE PoolType, IN ULONG Threshold)
VOID NTAPI INIT_FUNCTION	ExInitializePoolDescriptor (IN PPOOL_DESCRIPTOR PoolDescriptor, IN POOL_TYPE PoolType, IN ULONG PoolIndex, IN ULONG Threshold, IN PVOID PoolLock)
NTSTATUS NTAPI	MiInitializeSessionPool (VOID)
VOID NTAPI	MiInitializeSystemPtes (IN PMMPTE StartingPte, IN ULONG NumberOfPtes, IN MMSYSTEM_PTE_POOL_TYPE PoolType)
PMMPTE NTAPI	MiReserveSystemPtes (IN ULONG NumberOfPtes, IN MMSYSTEM_PTE_POOL_TYPE SystemPtePoolType)
VOID NTAPI	MiReleaseSystemPtes (IN PMMPTE StartingPte, IN ULONG NumberOfPtes, IN MMSYSTEM_PTE_POOL_TYPE SystemPtePoolType)
PFN_NUMBER NTAPI	MiFindContiguousPages (IN PFN_NUMBER LowestPfn, IN PFN_NUMBER HighestPfn, IN PFN_NUMBER BoundaryPfn, IN PFN_NUMBER SizeInPages, IN MEMORY_CACHING_TYPE CacheType)
PVOID NTAPI	MiCheckForContiguousMemory (IN PVOID BaseAddress, IN PFN_NUMBER BaseAddressPages, IN PFN_NUMBER SizeInPages, IN PFN_NUMBER LowestPfn, IN PFN_NUMBER HighestPfn, IN PFN_NUMBER BoundaryPfn, IN MI_PFN_CACHE_ATTRIBUTE CacheAttribute)
PMDL NTAPI	MiAllocatePagesForMdl (IN PHYSICAL_ADDRESS LowAddress, IN PHYSICAL_ADDRESS HighAddress, IN PHYSICAL_ADDRESS SkipBytes, IN SIZE_T TotalBytes, IN MI_PFN_CACHE_ATTRIBUTE CacheAttribute, IN ULONG Flags)
VOID NTAPI	MiInsertPageInList (IN PMMPFNLIST ListHead, IN PFN_NUMBER PageFrameIndex)
VOID NTAPI	MiUnlinkFreeOrZeroedPage (IN PMMPFN Entry)
VOID NTAPI	MiUnlinkPageFromList (IN PMMPFN Pfn)
VOID NTAPI	MiInitializePfn (IN PFN_NUMBER PageFrameIndex, IN PMMPTE PointerPte, IN BOOLEAN Modified)
NTSTATUS NTAPI	MiInitializeAndChargePfn (OUT PPFN_NUMBER PageFrameIndex, IN PMMPDE PointerPde, IN PFN_NUMBER ContainingPageFrame, IN BOOLEAN SessionAllocation)
VOID NTAPI	MiInitializePfnAndMakePteValid (IN PFN_NUMBER PageFrameIndex, IN PMMPTE PointerPte, IN MMPTE TempPte)
VOID NTAPI	MiInitializePfnForOtherProcess (IN PFN_NUMBER PageFrameIndex, IN PVOID PteAddress, IN PFN_NUMBER PteFrame)
VOID NTAPI	MiDecrementShareCount (IN PMMPFN Pfn1, IN PFN_NUMBER PageFrameIndex)
PFN_NUMBER NTAPI	MiRemoveAnyPage (IN ULONG Color)
PFN_NUMBER NTAPI	MiRemoveZeroPage (IN ULONG Color)
VOID NTAPI	MiZeroPhysicalPage (IN PFN_NUMBER PageFrameIndex)
VOID NTAPI	MiInsertPageInFreeList (IN PFN_NUMBER PageFrameIndex)
PFN_COUNT NTAPI	MiDeleteSystemPageableVm (IN PMMPTE PointerPte, IN PFN_NUMBER PageCount, IN ULONG Flags, OUT PPFN_NUMBER ValidPages)
ULONG NTAPI	MiGetPageProtection (IN PMMPTE PointerPte)
PLDR_DATA_TABLE_ENTRY NTAPI	MiLookupDataTableEntry (IN PVOID Address)
VOID NTAPI	MiInitializeDriverLargePageList (VOID)
VOID NTAPI	MiInitializeLargePageSupport (VOID)
VOID NTAPI	MiSyncCachedRanges (VOID)
BOOLEAN NTAPI	MiIsPfnInUse (IN PMMPFN Pfn1)
PMMVAD NTAPI	MiLocateAddress (IN PVOID VirtualAddress)
TABLE_SEARCH_RESULT NTAPI	MiCheckForConflictingNode (IN ULONG_PTR StartVpn, IN ULONG_PTR EndVpn, IN PMM_AVL_TABLE Table, OUT PMMADDRESS_NODE *NodeOrParent)
TABLE_SEARCH_RESULT NTAPI	MiFindEmptyAddressRangeDownTree (IN SIZE_T Length, IN ULONG_PTR BoundaryAddress, IN ULONG_PTR Alignment, IN PMM_AVL_TABLE Table, OUT PULONG_PTR Base, OUT PMMADDRESS_NODE *Parent)
NTSTATUS NTAPI	MiFindEmptyAddressRangeDownBasedTree (IN SIZE_T Length, IN ULONG_PTR BoundaryAddress, IN ULONG_PTR Alignment, IN PMM_AVL_TABLE Table, OUT PULONG_PTR Base)
TABLE_SEARCH_RESULT NTAPI	MiFindEmptyAddressRangeInTree (IN SIZE_T Length, IN ULONG_PTR Alignment, IN PMM_AVL_TABLE Table, OUT PMMADDRESS_NODE *PreviousVad, OUT PULONG_PTR Base)
NTSTATUS NTAPI	MiCheckSecuredVad (IN PMMVAD Vad, IN PVOID Base, IN SIZE_T Size, IN ULONG ProtectionMask)
VOID NTAPI	MiInsertVad (_Inout_ PMMVAD Vad, _Inout_ PMM_AVL_TABLE VadRoot)
NTSTATUS NTAPI	MiInsertVadEx (_Inout_ PMMVAD Vad, _In_ ULONG_PTR *BaseAddress, _In_ SIZE_T ViewSize, _In_ ULONG_PTR HighestAddress, _In_ ULONG_PTR Alignment, _In_ ULONG AllocationType)
VOID NTAPI	MiInsertBasedSection (IN PSECTION Section)
NTSTATUS NTAPI	MiUnmapViewOfSection (IN PEPROCESS Process, IN PVOID BaseAddress, IN ULONG Flags)
NTSTATUS NTAPI	MiRosUnmapViewOfSection (IN PEPROCESS Process, IN PVOID BaseAddress, IN BOOLEAN SkipDebuggerNotify)
VOID NTAPI	MiInsertNode (IN PMM_AVL_TABLE Table, IN PMMADDRESS_NODE NewNode, PMMADDRESS_NODE Parent, TABLE_SEARCH_RESULT Result)
VOID NTAPI	MiRemoveNode (IN PMMADDRESS_NODE Node, IN PMM_AVL_TABLE Table)
PMMADDRESS_NODE NTAPI	MiGetPreviousNode (IN PMMADDRESS_NODE Node)
PMMADDRESS_NODE NTAPI	MiGetNextNode (IN PMMADDRESS_NODE Node)
BOOLEAN NTAPI	MiInitializeSystemSpaceMap (IN PMMSESSION InputSession OPTIONAL)
VOID NTAPI	MiSessionRemoveProcess (VOID)
VOID NTAPI	MiReleaseProcessReferenceToSessionDataPage (IN PMM_SESSION_SPACE SessionGlobal)
VOID NTAPI	MiSessionAddProcess (IN PEPROCESS NewProcess)
NTSTATUS NTAPI	MiSessionCommitPageTables (IN PVOID StartVa, IN PVOID EndVa)
ULONG NTAPI	MiMakeProtectionMask (IN ULONG Protect)
VOID NTAPI	MiDeleteVirtualAddresses (IN ULONG_PTR Va, IN ULONG_PTR EndingAddress, IN PMMVAD Vad)
VOID NTAPI	MiDeletePte (IN PMMPTE PointerPte, IN PVOID VirtualAddress, IN PEPROCESS CurrentProcess, IN PMMPTE PrototypePte)
ULONG NTAPI	MiMakeSystemAddressValid (IN PVOID PageTableVirtualAddress, IN PEPROCESS CurrentProcess)
ULONG NTAPI	MiMakeSystemAddressValidPfn (IN PVOID VirtualAddress, IN KIRQL OldIrql)
VOID NTAPI	MiRemoveMappedView (IN PEPROCESS CurrentProcess, IN PMMVAD Vad)
PSUBSECTION NTAPI	MiLocateSubsection (IN PMMVAD Vad, IN ULONG_PTR Vpn)
VOID NTAPI	MiDeleteARM3Section (PVOID ObjectBody)
NTSTATUS NTAPI	MiQueryMemorySectionName (IN HANDLE ProcessHandle, IN PVOID BaseAddress, OUT PVOID MemoryInformation, IN SIZE_T MemoryInformationLength, OUT PSIZE_T ReturnLength)
NTSTATUS NTAPI	MiRosUnmapViewInSystemSpace (IN PVOID MappedBase)
POOL_TYPE NTAPI	MmDeterminePoolType (IN PVOID PoolAddress)
VOID NTAPI	MiMakePdeExistAndMakeValid (IN PMMPDE PointerPde, IN PEPROCESS TargetProcess, IN KIRQL OldIrql)
FORCEINLINE PFN_NUMBER	MiRemoveZeroPageSafe (IN ULONG Color)

Variables
const ULONG_PTR	MmProtectToPteMask [32]
const ULONG	MmProtectToValue [32]
ULONG	ExpNumberOfPagedPools
POOL_DESCRIPTOR	NonPagedPoolDescriptor
PPOOL_DESCRIPTOR	ExpPagedPoolDescriptor [16+1]
PPOOL_TRACKER_TABLE	PoolTrackTable
PMM_SESSION_SPACE	MmSessionSpace
MMPTE	HyperTemplatePte
MMPDE	ValidKernelPde
MMPTE	ValidKernelPte
MMPDE	ValidKernelPdeLocal
MMPTE	ValidKernelPteLocal
MMPDE	DemandZeroPde
MMPTE	DemandZeroPte
MMPTE	PrototypePte
MMPTE	MmDecommittedPte
BOOLEAN	MmLargeSystemCache
BOOLEAN	MmZeroPageFile
BOOLEAN	MmProtectFreedNonPagedPool
BOOLEAN	MmTrackLockedPages
BOOLEAN	MmTrackPtes
BOOLEAN	MmDynamicPfn
BOOLEAN	MmMirroring
BOOLEAN	MmMakeLowMemory
BOOLEAN	MmEnforceWriteProtection
SIZE_T	MmAllocationFragment
ULONG	MmConsumedPoolPercentage
ULONG	MmVerifyDriverBufferType
ULONG	MmVerifyDriverLevel
WCHAR	MmVerifyDriverBuffer [512]
WCHAR	MmLargePageDriverBuffer [512]
LIST_ENTRY	MiLargePageDriverList
BOOLEAN	MiLargePageAllDrivers
ULONG	MmVerifyDriverBufferLength
ULONG	MmLargePageDriverBufferLength
SIZE_T	MmSizeOfNonPagedPoolInBytes
SIZE_T	MmMaximumNonPagedPoolInBytes
PFN_NUMBER	MmMaximumNonPagedPoolInPages
PFN_NUMBER	MmSizeOfPagedPoolInPages
PVOID	MmNonPagedSystemStart
PVOID	MmNonPagedPoolStart
PVOID	MmNonPagedPoolExpansionStart
PVOID	MmNonPagedPoolEnd
SIZE_T	MmSizeOfPagedPoolInBytes
PVOID	MmPagedPoolStart
PVOID	MmPagedPoolEnd
PVOID	MmSessionBase
SIZE_T	MmSessionSize
PMMPTE	MmFirstReservedMappingPte
PMMPTE	MmLastReservedMappingPte
PMMPTE	MiFirstReservedZeroingPte
MI_PFN_CACHE_ATTRIBUTE	MiPlatformCacheAttributes [2][MmMaximumCacheType]
PPHYSICAL_MEMORY_DESCRIPTOR	MmPhysicalMemoryBlock
SIZE_T	MmBootImageSize
PMMPTE	MmSystemPtesStart [MaximumPtePoolTypes]
PMMPTE	MmSystemPtesEnd [MaximumPtePoolTypes]
PMEMORY_ALLOCATION_DESCRIPTOR	MxFreeDescriptor
MEMORY_ALLOCATION_DESCRIPTOR	MxOldFreeDescriptor
ULONG_PTR	MxPfnAllocation
MM_PAGED_POOL_INFO	MmPagedPoolInfo
RTL_BITMAP	MiPfnBitMap
KGUARDED_MUTEX	MmPagedPoolMutex
KGUARDED_MUTEX	MmSectionCommitMutex
PVOID	MiSystemViewStart
SIZE_T	MmSystemViewSize
PVOID	MiSessionSpaceEnd
PMMPTE	MiSessionImagePteStart
PMMPTE	MiSessionImagePteEnd
PMMPTE	MiSessionBasePte
PMMPTE	MiSessionLastPte
PMMPDE	MmSystemPagePtes
PVOID	MmSystemCacheStart
PVOID	MmSystemCacheEnd
MMSUPPORT	MmSystemCacheWs
SIZE_T	MmAllocatedNonPagedPool
ULONG	MmSpecialPoolTag
PVOID	MmHyperSpaceEnd
PMMWSL	MmSystemCacheWorkingSetList
SIZE_T	MmMinimumNonPagedPoolSize
ULONG	MmMinAdditionNonPagedPoolPerMb
SIZE_T	MmDefaultMaximumNonPagedPool
ULONG	MmMaxAdditionNonPagedPoolPerMb
ULONG	MmSecondaryColors
ULONG	MmSecondaryColorMask
ULONG	MmNumberOfSystemPtes
ULONG	MmMaximumNonPagedPoolPercent
ULONG	MmLargeStackSize
PMMCOLOR_TABLES	MmFreePagesByColor [FreePageList+1]
MMPFNLIST	MmStandbyPageListByPriority [8]
ULONG	MmProductType
MM_SYSTEMSIZE	MmSystemSize
PKEVENT	MiLowMemoryEvent
PKEVENT	MiHighMemoryEvent
PKEVENT	MiLowPagedPoolEvent
PKEVENT	MiHighPagedPoolEvent
PKEVENT	MiLowNonPagedPoolEvent
PKEVENT	MiHighNonPagedPoolEvent
PFN_NUMBER	MmLowMemoryThreshold
PFN_NUMBER	MmHighMemoryThreshold
PFN_NUMBER	MiLowPagedPoolThreshold
PFN_NUMBER	MiHighPagedPoolThreshold
PFN_NUMBER	MiLowNonPagedPoolThreshold
PFN_NUMBER	MiHighNonPagedPoolThreshold
PFN_NUMBER	MmMinimumFreePages
PFN_NUMBER	MmPlentyFreePages
SIZE_T	MmMinimumStackCommitInBytes
PFN_COUNT	MiExpansionPoolPagesInitialCharge
PFN_NUMBER	MmResidentAvailablePages
PFN_NUMBER	MmResidentAvailableAtInit
ULONG	MmTotalFreeSystemPtes [MaximumPtePoolTypes]
PFN_NUMBER	MmTotalSystemDriverPages
ULONG	MmCritsectTimeoutSeconds
PVOID	MiSessionImageStart
PVOID	MiSessionImageEnd
PMMPTE	MiHighestUserPte
PMMPDE	MiHighestUserPde
PFN_NUMBER	MmSystemPageDirectory [PD_COUNT]
PMMPTE	MmSharedUserDataPte
LIST_ENTRY	MmProcessList
BOOLEAN	MmZeroingPageThreadActive
KEVENT	MmZeroingPageEvent
ULONG	MmSystemPageColor
ULONG	MmProcessColorSeed
PMMWSL	MmWorkingSetList
PFN_NUMBER	MiNumberOfFreePages
SIZE_T	MmSessionViewSize
SIZE_T	MmSessionPoolSize
SIZE_T	MmSessionImageSize
PVOID	MiSessionPoolEnd
PVOID	MiSessionPoolStart
PVOID	MiSessionViewStart
PVOID	MiSessionSpaceWs
ULONG	MmMaximumDeadKernelStacks
SLIST_HEADER	MmDeadStackSListHead
MM_AVL_TABLE	MmSectionBasedRoot
KGUARDED_MUTEX	MmSectionBasedMutex
PVOID	MmHighSectionBase
SIZE_T	MmSystemLockPagesCount
ULONG_PTR	MmSubsectionBase
LARGE_INTEGER	MmCriticalSectionTimeout
LIST_ENTRY	MmWorkingSetExpansionHead
KSPIN_LOCK	MmExpansionLock
PETHREAD	MiExpansionLockOwner

Macro Definition Documentation

#define _1GB   (1024 * _1MB)

Definition at line 14 of file miarm.h.

Referenced by MiInitializeNonPagedPool(), and MmArmInitSystem().

#define _1KB   (1024u)

Definition at line 12 of file miarm.h.

Referenced by FsRtlTest_StartTest(), and MmArmInitSystem().

#define _1MB   (1024 * _1KB)

Definition at line 13 of file miarm.h.

Referenced by MI_MAKE_SUBSECTION_PTE(), MiAdjustWorkingSetManagerParameters(), MiBuildPagedPool(), MiComputeNonPagedPoolVa(), MiInitializeMemoryEvents(), MiInitializeNonPagedPoolThresholds(), and MmArmInitSystem().

#define _64K   (64 * _1KB)

Definition at line 17 of file miarm.h.

Referenced by MiCreatePebOrTeb(), MiMapViewOfDataSection(), MiUnmapViewInSystemSpace(), MmCreateArm3Section(), and NtAllocateVirtualMemory().

#define BASE_POOL_TYPE_MASK   1

Definition at line 249 of file miarm.h.

#define MI_GET_NEXT_COLOR

(

)

(MI_GET_PAGE_COLOR(++MmSystemPageColor))

Definition at line 209 of file miarm.h.

Referenced by MiAllocatePoolPages(), MiFillSystemPageDirectory(), MiInitializeAndChargePfn(), MiLoadImageSection(), MiResolveDemandZeroFault(), MiResolveProtoPteFault(), MiSessionCreateInternal(), MiSessionInitializeWorkingSetList(), MmAllocateSpecialPool(), MmAllocPage(), MmCreateKernelStack(), and MmGrowKernelStackEx().

#define MI_GET_NEXT_PROCESS_COLOR

(

x

)

(MI_GET_PAGE_COLOR(++(x)->NextPageColor))

Definition at line 210 of file miarm.h.

Referenced by MiResolveDemandZeroFault(), MiResolvePageFileFault(), MiResolveProtoPteFault(), MmArmAccessFault(), and MmCreateProcessAddressSpace().

#define MI_GET_PAGE_COLOR

(

x

)

((x) & MmSecondaryColorMask)

Definition at line 208 of file miarm.h.

Referenced by MmZeroPageThread().

#define MI_INITIAL_SESSION_IDS   64

Definition at line 179 of file miarm.h.

Referenced by MiInitializeSessionIds().

#define MI_IS_PAGE_TABLE_ADDRESS

(

Address

)

(((PVOID)(Address) >= (PVOID)PTE_BASE) && ((PVOID)(Address) <= (PVOID)PTE_TOP))

Definition at line 144 of file miarm.h.

Referenced by MiCheckVirtualAddress(), and MiResolveDemandZeroFault().

#define MI_IS_PAGE_TABLE_OR_HYPER_ADDRESS

(

Address

)

(((PVOID)(Address) >= (PVOID)PTE_BASE) && ((PVOID)(Address) <= (PVOID)MmHyperSpaceEnd))

Definition at line 150 of file miarm.h.

Referenced by MmArmAccessFault().

#define MI_IS_PFN_DELETED

(

x

)

((ULONG_PTR)((x)->PteAddress) & 1)

Definition at line 162 of file miarm.h.

Referenced by MiDecrementReferenceCount(), MiDecrementShareCount(), MmArmAccessFault(), and MmFreePagesFromMdl().

#define MI_IS_ROS_PFN

(

x

)

((x)->u4.AweAllocation == TRUE)

Definition at line 1041 of file miarm.h.

Referenced by MiDecommitPages(), MiDecrementShareCount(), and MiReferenceProbedPageAndBumpLockCount().

#define MI_IS_SESSION_ADDRESS

(

Address

)

(((Address) >= MmSessionBase) && ((Address) < MiSessionSpaceEnd))

Definition at line 138 of file miarm.h.

Referenced by MiCheckVirtualAddress(), MiLockWorkingSet(), MiResolveImageReferences(), MiUnlockWorkingSet(), MiWriteProtectSystemImage(), MmArmAccessFault(), MmIsSessionAddress(), and MmUnmapViewInSessionSpace().

#define MI_IS_SESSION_IMAGE_ADDRESS

(

Address

)

(((Address) >= MiSessionImageStart) && ((Address) < MiSessionImageEnd))

Definition at line 135 of file miarm.h.

Referenced by MiResolveDemandZeroFault(), MiSetPagingOfDriver(), MmArmAccessFault(), and MmPageEntireDriver().

#define MI_IS_SESSION_PTE

(

Pte

)

((((PMMPTE)Pte) >= MiSessionBasePte) && (((PMMPTE)Pte) < MiSessionLastPte))

Definition at line 141 of file miarm.h.

Referenced by MI_MAKE_HARDWARE_PTE_KERNEL(), and MmArmAccessFault().

#define MI_IS_SYSTEM_PAGE_TABLE_ADDRESS

(

Address

)

(((Address) >= (PVOID)MiAddressToPte(MmSystemRangeStart)) && ((Address) <= (PVOID)PTE_TOP))

Definition at line 147 of file miarm.h.

Referenced by MmArmAccessFault().

#define MI_LOWEST_VAD_ADDRESS   (PVOID)MM_LOWEST_USER_ADDRESS

Definition at line 9 of file miarm.h.

Referenced by MiBalancerThread(), MiFindEmptyAddressRangeDownBasedTree(), MiFindEmptyAddressRangeDownTree(), and MmDeleteProcessAddressSpace().

#define MI_MAKE_SOFTWARE_PTE	(		p,
			x
	)		((p)->u.Long = (x << MM_PTE_SOFTWARE_PROTECTION_BITS))

Definition at line 156 of file miarm.h.

Referenced by MiAllocatePoolPages(), MiInitializePfn(), MiInitializePfnForOtherProcess(), MmCreateKernelStack(), and MmGrowKernelStackEx().

#define MI_PTE_LOOKUP_NEEDED   0xFFFFF

Definition at line 218 of file miarm.h.

Referenced by MiCalculatePageCommitment(), MiCompleteProtoPteFault(), MiDispatchFault(), MiGetPageProtection(), MiInitMachineDependent(), MiIsEntireRangeCommitted(), MiQueryAddressState(), MiResolvePageFileFault(), MiResolveProtoPteFault(), and MmArmAccessFault().

#define MI_SESSION_DATA_PAGES_MAXIMUM   (MM_ALLOCATION_GRANULARITY / PAGE_SIZE)

Definition at line 224 of file miarm.h.

Referenced by MiInitializeSessionIds(), MiReleaseProcessReferenceToSessionDataPage(), and MiSessionCreateInternal().

#define MI_SESSION_TAG_PAGES_MAXIMUM   (MM_ALLOCATION_GRANULARITY / PAGE_SIZE)

Definition at line 225 of file miarm.h.

Referenced by MiInitializeSessionIds(), and MiSessionCreateInternal().

#define MI_SET_PFN_DELETED

(

x

)

((x)->PteAddress = (PMMPTE)((ULONG_PTR)(x)->PteAddress | 1))

Definition at line 161 of file miarm.h.

Referenced by MiAllocatePagesForMdl(), MiDeletePte(), MiDeleteSystemPageableVm(), MiFreeContiguousMemory(), MiProcessValidPteList(), MiReleaseProcessReferenceToSessionDataPage(), MiSegmentDelete(), MmDeleteKernelStack(), MmDeleteProcessAddressSpace2(), MmFreeLoaderBlock(), and MmFreeSpecialPool().

#define MI_SYSTEM_VIEW_BUCKET_SIZE   _64K

Definition at line 238 of file miarm.h.

Referenced by MiInitializeSystemSpaceMap(), MiInsertInSystemSpace(), MiMapViewInSystemSpace(), and MmCommitSessionMappedView().

#define MM_DECOMMIT   (MM_ZERO_ACCESS | MM_GUARDPAGE)

Definition at line 66 of file miarm.h.

Referenced by MiAccessCheck(), MiCalculatePageCommitment(), MiCheckSecuredVad(), MiIsEntireRangeCommitted(), MiQueryAddressState(), and MmArmAccessFault().

#define MM_DELETE_CHECK   85

Definition at line 233 of file miarm.h.

Referenced by MiCheckSecuredVad(), and MiUnmapViewOfSection().

#define MM_EXECUTE   2

Definition at line 47 of file miarm.h.

Referenced by MiComputeDriverProtection().

#define MM_EXECUTE_READ   3

Definition at line 48 of file miarm.h.

#define MM_EXECUTE_READWRITE   6

Definition at line 51 of file miarm.h.

Referenced by MiComputeDriverProtection().

#define MM_EXECUTE_WRITECOPY   7

Definition at line 52 of file miarm.h.

#define MM_GUARDPAGE   0x10

Definition at line 59 of file miarm.h.

Referenced by MiAccessCheck(), MiMakeProtectionMask(), and MmArmAccessFault().

#define MM_INVALID_PROTECTION   0xFFFFFFFF

Definition at line 69 of file miarm.h.

Referenced by MiMakeProtectionMask(), MiProtectVirtualMemory(), MmCreateSection(), and NtAllocateVirtualMemory().

#define MM_NO_ACCESS_ALLOWED   01

Definition at line 232 of file miarm.h.

#define MM_NOACCESS   (MM_ZERO_ACCESS | MM_WRITECOMBINE)

Definition at line 67 of file miarm.h.

Referenced by MiCheckVirtualAddress(), MiComputeDriverProtection(), MiFlushTbAndCapture(), MiMakeProtectionMask(), MmArmAccessFault(), MmCreateKernelStack(), MmFreeSpecialPool(), and MmGrowKernelStackEx().

#define MM_NOCACHE   0x08

Definition at line 58 of file miarm.h.

Referenced by MiFlushTbAndCapture(), and MiMakeProtectionMask().

#define MM_NOIRQL   (KIRQL)0xFFFFFFFF

Definition at line 203 of file miarm.h.

Referenced by MiDecommitPages(), MiDispatchFault(), MiMakePdeExistAndMakeValid(), MiMapLockedPagesInUserSpace(), MiProtectVirtualMemory(), MiResolveDemandZeroFault(), MiResolvePageFileFault(), MiResolveProtoPteFault(), MiResolveTransitionFault(), MiSetProtectionOnSection(), MmArmAccessFault(), MmProbeAndLockPages(), and NtAllocateVirtualMemory().

#define MM_OUTSWAPPED_KSTACK   (MM_EXECUTE_WRITECOPY | MM_WRITECOMBINE)

Definition at line 68 of file miarm.h.

#define MM_PROTECT_ACCESS   7

Definition at line 53 of file miarm.h.

Referenced by MiIsAccessAllowed().

#define MM_PROTECT_SPECIAL   0x18

Definition at line 61 of file miarm.h.

Referenced by MiAccessCheck(), MiCompleteProtoPteFault(), and MmArmAccessFault().

#define MM_READ_ONLY_ALLOWED   10

Definition at line 231 of file miarm.h.

#define MM_READ_WRITE_ALLOWED   11

Definition at line 230 of file miarm.h.

Referenced by MiCheckSecuredVad().

#define MM_READONLY   1

Definition at line 46 of file miarm.h.

Referenced by MiCheckVirtualAddress(), MiComputeDriverProtection(), MiResolveProtoPteFault(), MmArmAccessFault(), and MmInitSystem().

#define MM_READWRITE   4

Definition at line 49 of file miarm.h.

Referenced by MiAllocatePoolPages(), MiCheckVirtualAddress(), MiCompleteProtoPteFault(), MiComputeDriverProtection(), MiCreatePebOrTeb(), MiInitializePfn(), MiInitializePfnForOtherProcess(), MiInitializeWorkingSetList(), MiMapLockedPagesInUserSpace(), MiResolveProtoPteFault(), MmArmAccessFault(), MmCreateKernelStack(), MmGrowKernelStackEx(), and MmInitializeProcessAddressSpace().

#define MM_SYSLDR_BOOT_LOADED   (PVOID)0xFFFFFFFF

Definition at line 172 of file miarm.h.

Referenced by MiBuildImportsForBootDrivers(), MiClearImports(), MiDereferenceImports(), and MmUnloadSystemImage().

#define MM_SYSLDR_NO_IMPORTS   (PVOID)0xFFFFFFFE

Definition at line 171 of file miarm.h.

Referenced by MiBuildImportsForBootDrivers(), MiClearImports(), MiDereferenceImports(), MiResolveImageReferences(), and MmLoadSystemImage().

#define MM_SYSLDR_SINGLE_ENTRY   0x1

Definition at line 174 of file miarm.h.

Referenced by MiBuildImportsForBootDrivers(), MiClearImports(), MiDereferenceImports(), and MiResolveImageReferences().

#define MM_WRITECOMBINE   0x18

Definition at line 60 of file miarm.h.

#define MM_WRITECOPY   5

Definition at line 50 of file miarm.h.

Referenced by MiCompleteProtoPteFault(), and MiResolveProtoPteFault().

#define MM_ZERO_ACCESS   0

Definition at line 45 of file miarm.h.

Referenced by MiCompleteProtoPteFault(), MiComputeDriverProtection(), and MmArmAccessFault().

#define PD_COUNT   PPE_PER_PAGE

Definition at line 29 of file miarm.h.

Referenced by MiBuildPagedPool(), and MiBuildPfnDatabaseFromPages().

#define PD_SIZE   (PDE_COUNT * sizeof(MMPDE))

Definition at line 26 of file miarm.h.

Referenced by MiSegmentDelete().

#define PDE_COUNT   PDE_PER_PAGE

Definition at line 30 of file miarm.h.

Referenced by MiAllocatePoolPages(), MiBuildPagedPool(), MiBuildPfnDatabaseFromPages(), and MiFillSystemPageDirectory().

#define PDE_MAPPED_VA   (PTE_COUNT * PAGE_SIZE)

Definition at line 20 of file miarm.h.

Referenced by MiAddHalIoMappings(), MiBuildPfnDatabaseFromPages(), MiDeleteVirtualAddresses(), MiInitMachineDependent(), MiSessionCreateInternal(), MiUseLargeDriverPage(), and MmArmInitSystem().

#define POOL_ALLOC_IRQL_INVALID   8

Definition at line 281 of file miarm.h.

Referenced by ExpCheckPoolIrqlLevel().

#define POOL_BILLED_PROCESS_INVALID   13

Definition at line 283 of file miarm.h.

#define POOL_BLOCK_SIZE   8

Definition at line 246 of file miarm.h.

Referenced by ExAllocatePoolWithQuotaTag(), ExAllocatePoolWithTag(), ExFreePoolWithTag(), ExpCheckPoolBlocks(), and ExReturnPoolQuota().

#define POOL_CORRUPTED_LIST   3

Definition at line 267 of file miarm.h.

#define POOL_ENTRIES_NOT_ALIGNED_NEXT   9

Definition at line 272 of file miarm.h.

#define POOL_ENTRIES_NOT_ALIGNED_PREVIOUS   6

Definition at line 269 of file miarm.h.

#define POOL_ENTRY_ALREADY_FREE   6

Definition at line 279 of file miarm.h.

#define POOL_ENTRY_CORRUPTED   1

Definition at line 278 of file miarm.h.

#define POOL_ENTRY_NOT_ALLOCATED   7

Definition at line 280 of file miarm.h.

#define POOL_ENTRY_NOT_FOUND   10

Definition at line 273 of file miarm.h.

#define POOL_FLAG_CHECK_DEADLOCK   0x10

Definition at line 259 of file miarm.h.

Referenced by ExFreePoolWithTag().

#define POOL_FLAG_CHECK_RESOURCES   0x4

Definition at line 257 of file miarm.h.

Referenced by ExFreePoolWithTag().

#define POOL_FLAG_CHECK_TIMERS   0x1

Definition at line 255 of file miarm.h.

Referenced by ExFreePoolWithTag().

#define POOL_FLAG_CHECK_WORKERS   0x2

Definition at line 256 of file miarm.h.

Referenced by ExFreePoolWithTag().

#define POOL_FLAG_CRASH_ON_FAILURE   0x80

Definition at line 262 of file miarm.h.

Referenced by ExAllocatePoolWithTag().

#define POOL_FLAG_DBGPRINT_ON_FAILURE   0x40

Definition at line 261 of file miarm.h.

Referenced by ExAllocatePoolWithTag().

#define POOL_FLAG_SPECIAL_POOL   0x20

Definition at line 260 of file miarm.h.

Referenced by ExAllocatePoolWithQuotaTag(), ExAllocatePoolWithTag(), ExFreePoolWithTag(), ExReturnPoolQuota(), and MiInitializeSpecialPool().

#define POOL_FLAG_VERIFIER   0x8

Definition at line 258 of file miarm.h.

Referenced by ExAllocatePoolWithTag(), and ExFreePoolWithTag().

#define POOL_FREE_IRQL_INVALID   9

Definition at line 282 of file miarm.h.

Referenced by ExpCheckPoolIrqlLevel().

#define POOL_HEADER_IS_ZERO   8

Definition at line 271 of file miarm.h.

#define POOL_HEADER_NOT_ALIGNED   7

Definition at line 270 of file miarm.h.

#define POOL_HEADER_SIZE_INVALID   32

Definition at line 284 of file miarm.h.

#define POOL_LISTS_PER_PAGE   (PAGE_SIZE / POOL_BLOCK_SIZE)

Definition at line 248 of file miarm.h.

Referenced by ExAllocatePoolWithTag(), and ExInitializePoolDescriptor().

#define POOL_MAX_ALLOC   (PAGE_SIZE - (sizeof(POOL_HEADER) + POOL_BLOCK_SIZE))

Definition at line 250 of file miarm.h.

Referenced by ExAllocatePoolWithTag().

#define POOL_SIZE_OR_INDEX_MISMATCH   5

Definition at line 268 of file miarm.h.

#define PT_SIZE   (PTE_COUNT * sizeof(MMPTE))

Definition at line 23 of file miarm.h.

#define PTE_COUNT   PTE_PER_PAGE

Definition at line 31 of file miarm.h.

Referenced by MiAddHalIoMappings(), MiAllocatePoolPages(), MiBalancerThread(), MiBuildPfnDatabaseFromPages(), MmCreatePageFileMapping(), MmCreateVirtualMappingUnsafe(), MmDeletePageFileMapping(), MmDeleteProcessAddressSpace(), and MmDeleteVirtualMapping().

#define SYSTEM_PD_SIZE   (PD_COUNT * PD_SIZE)

Definition at line 34 of file miarm.h.

Referenced by MiAllocatePoolPages(), MiFillSystemPageDirectory(), MiRemoveMappedPtes(), MiSetProtectionOnSection(), and MiSynchronizeSystemPde().

Typedef Documentation

typedef struct _MI_LARGE_PAGE_DRIVER_ENTRY MI_LARGE_PAGE_DRIVER_ENTRY

typedef struct _MI_LARGE_PAGE_RANGES MI_LARGE_PAGE_RANGES

typedef enum _MI_PFN_CACHE_ATTRIBUTE MI_PFN_CACHE_ATTRIBUTE

typedef struct _MM_SESSION_SPACE MM_SESSION_SPACE

typedef struct _MM_SESSION_SPACE_FLAGS MM_SESSION_SPACE_FLAGS

typedef struct _MMCOLOR_TABLES MMCOLOR_TABLES

typedef struct _MMSESSION MMSESSION

typedef enum _MMSYSTEM_PTE_POOL_TYPE MMSYSTEM_PTE_POOL_TYPE

typedef struct _MMVIEW MMVIEW

typedef struct _PHYSICAL_MEMORY_DESCRIPTOR PHYSICAL_MEMORY_DESCRIPTOR

typedef struct _PHYSICAL_MEMORY_RUN PHYSICAL_MEMORY_RUN

typedef struct _MI_LARGE_PAGE_DRIVER_ENTRY * PMI_LARGE_PAGE_DRIVER_ENTRY

typedef struct _MI_LARGE_PAGE_RANGES * PMI_LARGE_PAGE_RANGES

typedef enum _MI_PFN_CACHE_ATTRIBUTE * PMI_PFN_CACHE_ATTRIBUTE

typedef struct _MM_SESSION_SPACE * PMM_SESSION_SPACE

typedef struct _MMCOLOR_TABLES * PMMCOLOR_TABLES

typedef struct _MMSESSION * PMMSESSION

typedef struct _MMVIEW * PMMVIEW

typedef struct _POOL_DESCRIPTOR POOL_DESCRIPTOR

typedef struct _POOL_HEADER POOL_HEADER

typedef struct _POOL_TRACKER_BIG_PAGES POOL_TRACKER_BIG_PAGES

typedef struct _POOL_TRACKER_TABLE POOL_TRACKER_TABLE

typedef struct _PHYSICAL_MEMORY_DESCRIPTOR * PPHYSICAL_MEMORY_DESCRIPTOR

typedef struct _PHYSICAL_MEMORY_RUN * PPHYSICAL_MEMORY_RUN

typedef struct _POOL_DESCRIPTOR * PPOOL_DESCRIPTOR

typedef struct _POOL_HEADER * PPOOL_HEADER

typedef struct _POOL_TRACKER_BIG_PAGES * PPOOL_TRACKER_BIG_PAGES

typedef struct _POOL_TRACKER_TABLE * PPOOL_TRACKER_TABLE

Enumeration Type Documentation

enum _MI_PFN_CACHE_ATTRIBUTE

Enumerator
MiNonCached
MiCached
MiWriteCombined
MiNotMapped

Definition at line 385 of file miarm.h.

{
    MiNonCached,
    MiCached,
    MiWriteCombined,
    MiNotMapped
} MI_PFN_CACHE_ATTRIBUTE, *PMI_PFN_CACHE_ATTRIBUTE;

enum _MMSYSTEM_PTE_POOL_TYPE

Enumerator
SystemPteSpace
NonPagedPoolExpansion
MaximumPtePoolTypes

Definition at line 378 of file miarm.h.

{
    SystemPteSpace,
    NonPagedPoolExpansion,
    MaximumPtePoolTypes
} MMSYSTEM_PTE_POOL_TYPE;

Function Documentation

C_ASSERT

(

sizeof(POOL_HEADER)

= =POOL_BLOCK_SIZE

)

C_ASSERT

(

POOL_BLOCK_SIZE

= =sizeof(LIST_ENTRY)

)

VOID NTAPI INIT_FUNCTION ExInitializePoolDescriptor	(	IN PPOOL_DESCRIPTOR	PoolDescriptor,
		IN POOL_TYPE	PoolType,
		IN ULONG	PoolIndex,
		IN ULONG	Threshold,
		IN PVOID	PoolLock
	)

Definition at line 798 of file expool.c.

Referenced by InitializePool(), and MiInitializeSessionPool().

{
    PLIST_ENTRY NextEntry, LastEntry;

    //
    // Setup the descriptor based on the caller's request
    //
    PoolDescriptor->PoolType = PoolType;
    PoolDescriptor->PoolIndex = PoolIndex;
    PoolDescriptor->Threshold = Threshold;
    PoolDescriptor->LockAddress = PoolLock;

    //
    // Initialize accounting data
    //
    PoolDescriptor->RunningAllocs = 0;
    PoolDescriptor->RunningDeAllocs = 0;
    PoolDescriptor->TotalPages = 0;
    PoolDescriptor->TotalBytes = 0;
    PoolDescriptor->TotalBigPages = 0;

    //
    // Nothing pending for now
    //
    PoolDescriptor->PendingFrees = NULL;
    PoolDescriptor->PendingFreeDepth = 0;

    //
    // Loop all the descriptor's allocation lists and initialize them
    //
    NextEntry = PoolDescriptor->ListHeads;
    LastEntry = NextEntry + POOL_LISTS_PER_PAGE;
    while (NextEntry < LastEntry)
    {
        ExpInitializePoolListHead(NextEntry);
        NextEntry++;
    }

    //
    // Note that ReactOS does not support Session Pool Yet
    //
    ASSERT(PoolType != PagedPoolSession);
}

VOID NTAPI InitializePool	(	IN POOL_TYPE	PoolType,
		IN ULONG	Threshold
	)

Definition at line 849 of file expool.c.

Referenced by MiBuildPagedPool(), and MiInitMachineDependent().

{
    PPOOL_DESCRIPTOR Descriptor;
    SIZE_T TableSize;
    ULONG i;

    //
    // Check what kind of pool this is
    //
    if (PoolType == NonPagedPool)
    {
        //
        // Compute the track table size and convert it from a power of two to an
        // actual byte size
        //
        // NOTE: On checked builds, we'll assert if the registry table size was
        // invalid, while on retail builds we'll just break out of the loop at
        // that point.
        //
        TableSize = min(PoolTrackTableSize, MmSizeOfNonPagedPoolInBytes >> 8);
        for (i = 0; i < 32; i++)
        {
            if (TableSize & 1)
            {
                ASSERT((TableSize & ~1) == 0);
                if (!(TableSize & ~1)) break;
            }
            TableSize >>= 1;
        }

        //
        // If we hit bit 32, than no size was defined in the registry, so
        // we'll use the default size of 2048 entries.
        //
        // Otherwise, use the size from the registry, as long as it's not
        // smaller than 64 entries.
        //
        if (i == 32)
        {
            PoolTrackTableSize = 2048;
        }
        else
        {
            PoolTrackTableSize = max(1 << i, 64);
        }

        //
        // Loop trying with the biggest specified size first, and cut it down
        // by a power of two each iteration in case not enough memory exist
        //
        while (TRUE)
        {
            //
            // Do not allow overflow
            //
            if ((PoolTrackTableSize + 1) > (MAXULONG_PTR / sizeof(POOL_TRACKER_TABLE)))
            {
                PoolTrackTableSize >>= 1;
                continue;
            }

            //
            // Allocate the tracker table and exit the loop if this worked
            //
            PoolTrackTable = MiAllocatePoolPages(NonPagedPool,
                                                 (PoolTrackTableSize + 1) *
                                                 sizeof(POOL_TRACKER_TABLE));
            if (PoolTrackTable) break;

            //
            // Otherwise, as long as we're not down to the last bit, keep
            // iterating
            //
            if (PoolTrackTableSize == 1)
            {
                KeBugCheckEx(MUST_SUCCEED_POOL_EMPTY,
                             TableSize,
                             0xFFFFFFFF,
                             0xFFFFFFFF,
                             0xFFFFFFFF);
            }
            PoolTrackTableSize >>= 1;
        }

        //
        // Add one entry, compute the hash, and zero the table
        //
        PoolTrackTableSize++;
        PoolTrackTableMask = PoolTrackTableSize - 2;

        RtlZeroMemory(PoolTrackTable,
                      PoolTrackTableSize * sizeof(POOL_TRACKER_TABLE));

        //
        // Finally, add the most used tags to speed up those allocations
        //
        ExpSeedHotTags();

        //
        // We now do the exact same thing with the tracker table for big pages
        //
        TableSize = min(PoolBigPageTableSize, MmSizeOfNonPagedPoolInBytes >> 8);
        for (i = 0; i < 32; i++)
        {
            if (TableSize & 1)
            {
                ASSERT((TableSize & ~1) == 0);
                if (!(TableSize & ~1)) break;
            }
            TableSize >>= 1;
        }

        //
        // For big pages, the default tracker table is 4096 entries, while the
        // minimum is still 64
        //
        if (i == 32)
        {
            PoolBigPageTableSize = 4096;
        }
        else
        {
            PoolBigPageTableSize = max(1 << i, 64);
        }

        //
        // Again, run the exact same loop we ran earlier, but this time for the
        // big pool tracker instead
        //
        while (TRUE)
        {
            if ((PoolBigPageTableSize + 1) > (MAXULONG_PTR / sizeof(POOL_TRACKER_BIG_PAGES)))
            {
                PoolBigPageTableSize >>= 1;
                continue;
            }

            PoolBigPageTable = MiAllocatePoolPages(NonPagedPool,
                                                   PoolBigPageTableSize *
                                                   sizeof(POOL_TRACKER_BIG_PAGES));
            if (PoolBigPageTable) break;

            if (PoolBigPageTableSize == 1)
            {
                KeBugCheckEx(MUST_SUCCEED_POOL_EMPTY,
                             TableSize,
                             0xFFFFFFFF,
                             0xFFFFFFFF,
                             0xFFFFFFFF);
            }

            PoolBigPageTableSize >>= 1;
        }

        //
        // An extra entry is not needed for for the big pool tracker, so just
        // compute the hash and zero it
        //
        PoolBigPageTableHash = PoolBigPageTableSize - 1;
        RtlZeroMemory(PoolBigPageTable,
                      PoolBigPageTableSize * sizeof(POOL_TRACKER_BIG_PAGES));
        for (i = 0; i < PoolBigPageTableSize; i++) PoolBigPageTable[i].Va = (PVOID)1;

        //
        // During development, print this out so we can see what's happening
        //
        DPRINT("EXPOOL: Pool Tracker Table at: 0x%p with 0x%lx bytes\n",
                PoolTrackTable, PoolTrackTableSize * sizeof(POOL_TRACKER_TABLE));
        DPRINT("EXPOOL: Big Pool Tracker Table at: 0x%p with 0x%lx bytes\n",
                PoolBigPageTable, PoolBigPageTableSize * sizeof(POOL_TRACKER_BIG_PAGES));

        //
        // Insert the generic tracker for all of big pool
        //
        ExpInsertPoolTracker('looP',
                             ROUND_TO_PAGES(PoolBigPageTableSize *
                                            sizeof(POOL_TRACKER_BIG_PAGES)),
                             NonPagedPool);

        //
        // No support for NUMA systems at this time
        //
        ASSERT(KeNumberNodes == 1);

        //
        // Initialize the tag spinlock
        //
        KeInitializeSpinLock(&ExpTaggedPoolLock);

        //
        // Initialize the nonpaged pool descriptor
        //
        PoolVector[NonPagedPool] = &NonPagedPoolDescriptor;
        ExInitializePoolDescriptor(PoolVector[NonPagedPool],
                                   NonPagedPool,
                                   0,
                                   Threshold,
                                   NULL);
    }
    else
    {
        //
        // No support for NUMA systems at this time
        //
        ASSERT(KeNumberNodes == 1);

        //
        // Allocate the pool descriptor
        //
        Descriptor = ExAllocatePoolWithTag(NonPagedPool,
                                           sizeof(KGUARDED_MUTEX) +
                                           sizeof(POOL_DESCRIPTOR),
                                           'looP');
        if (!Descriptor)
        {
            //
            // This is really bad...
            //
            KeBugCheckEx(MUST_SUCCEED_POOL_EMPTY,
                         0,
                         -1,
                         -1,
                         -1);
        }

        //
        // Setup the vector and guarded mutex for paged pool
        //
        PoolVector[PagedPool] = Descriptor;
        ExpPagedPoolMutex = (PKGUARDED_MUTEX)(Descriptor + 1);
        ExpPagedPoolDescriptor[0] = Descriptor;
        KeInitializeGuardedMutex(ExpPagedPoolMutex);
        ExInitializePoolDescriptor(Descriptor,
                                   PagedPool,
                                   0,
                                   Threshold,
                                   ExpPagedPoolMutex);

        //
        // Insert the generic tracker for all of nonpaged pool
        //
        ExpInsertPoolTracker('looP',
                             ROUND_TO_PAGES(PoolTrackTableSize * sizeof(POOL_TRACKER_TABLE)),
                             NonPagedPool);
    }
}

FORCEINLINE VOID MI_ERASE_PTE

(

IN PMMPTE

PointerPte

)

Definition at line 957 of file miarm.h.

Referenced by MiDeletePte(), MiDeleteSystemPageableVm(), MiDeleteVirtualAddresses(), MiUnmapLockedPagesInUserSpace(), and MmFreeSpecialPool().

{
    /* Zero out the PTE */
    ASSERT(PointerPte->u.Long != 0);
    PointerPte->u.Long = 0;
}

FORCEINLINE PMMPTE MI_GET_PROTOTYPE_PTE_FOR_VPN	(	IN PMMVAD	Vad,
		IN ULONG_PTR	Vpn
	)

Definition at line 1374 of file miarm.h.

Referenced by MiDeleteVirtualAddresses(), MiQueryAddressState(), and NtAllocateVirtualMemory().

{
    PMMPTE ProtoPte;

    /* Find the offset within the VAD's prototype PTEs */
    ProtoPte = Vad->FirstPrototypePte + (Vpn - Vad->StartingVpn);
    ASSERT(ProtoPte <= Vad->LastContiguousPte);
    return ProtoPte;
}

FORCEINLINE BOOLEAN MI_IS_MAPPED_PTE

(

PMMPTE

PointerPte

)

Todo:

Make this reasonable code, this is UGLY!

Definition at line 874 of file miarm.h.

{
    return ((PointerPte->u.Long & 0xFFFFFC01) != 0);
}

FORCEINLINE BOOLEAN MI_IS_PHYSICAL_ADDRESS

(

IN PVOID

Address

)

Definition at line 900 of file miarm.h.

Referenced by MiDispatchFault(), MiFindInitializationCode(), MiFreeInitializationCode(), MiProtectFreeNonPagedPool(), MiReleaseProcessReferenceToSessionDataPage(), MiSetPagingOfDriver(), MiUnProtectFreeNonPagedPool(), MiWriteProtectSystemImage(), MmFreeDriverInitialization(), MmFreeLoaderBlock(), and MmProbeAndLockPages().

{
    PMMPDE PointerPde;

    /* Large pages are never paged out, always physically resident */
    PointerPde = MiAddressToPde(Address);
    return ((PointerPde->u.Hard.LargePage) && (PointerPde->u.Hard.Valid));
}

FORCEINLINE BOOLEAN MI_IS_WS_UNSAFE

(

IN PEPROCESS

Process

)

Definition at line 1052 of file miarm.h.

Referenced by MiLockProcessWorkingSet(), MiLockProcessWorkingSetShared(), MiLockProcessWorkingSetUnsafe(), MiUnlockProcessWorkingSet(), MiUnlockProcessWorkingSetForFault(), MiUnlockProcessWorkingSetShared(), and MiUnlockProcessWorkingSetUnsafe().

{
    return (Process->Vm.Flags.AcquiredUnsafe == TRUE);
}

FORCEINLINE VOID MI_MAKE_HARDWARE_PTE	(	IN PMMPTE	NewPte,
		IN PMMPTE	MappingPte,
		IN ULONG_PTR	ProtectionMask,
		IN PFN_NUMBER	PageFrameNumber
	)

Definition at line 769 of file miarm.h.

Referenced by MiCompleteProtoPteFault(), MiResolveDemandZeroFault(), MiResolvePageFileFault(), MiResolveProtoPteFault(), MmArmAccessFault(), and MmInitializeProcessAddressSpace().

{
    /* Set the protection and page */
    NewPte->u.Long = MiDetermineUserGlobalPteMask(MappingPte);
    NewPte->u.Long |= MmProtectToPteMask[ProtectionMask];
    NewPte->u.Hard.PageFrameNumber = PageFrameNumber;
}

FORCEINLINE VOID MI_MAKE_HARDWARE_PTE_KERNEL	(	IN PMMPTE	NewPte,
		IN PMMPTE	MappingPte,
		IN ULONG_PTR	ProtectionMask,
		IN PFN_NUMBER	PageFrameNumber
	)

Definition at line 746 of file miarm.h.

Referenced by MiInitializeWorkingSetList(), MmCreateKernelStack(), MmGrowKernelStackEx(), and MmInitSystem().

{
    /* Only valid for kernel, non-session PTEs */
    ASSERT(MappingPte > MiHighestUserPte);
    ASSERT(!MI_IS_SESSION_PTE(MappingPte));
    ASSERT((MappingPte < (PMMPTE)PDE_BASE) || (MappingPte > (PMMPTE)PDE_TOP));

    /* Start fresh */
    *NewPte = ValidKernelPte;

    /* Set the protection and page */
    NewPte->u.Hard.PageFrameNumber = PageFrameNumber;
    NewPte->u.Long |= MmProtectToPteMask[ProtectionMask];
}

FORCEINLINE VOID MI_MAKE_HARDWARE_PTE_USER	(	IN PMMPTE	NewPte,
		IN PMMPTE	MappingPte,
		IN ULONG_PTR	ProtectionMask,
		IN PFN_NUMBER	PageFrameNumber
	)

Definition at line 785 of file miarm.h.

Referenced by MiCompleteProtoPteFault(), MiFlushTbAndCapture(), MiMapLockedPagesInUserSpace(), MiResolveDemandZeroFault(), MiResolveProtoPteFault(), and MmArmAccessFault().

{
    /* Only valid for kernel, non-session PTEs */
    ASSERT(MappingPte <= MiHighestUserPte);

    /* Start fresh */
    NewPte->u.Long = 0;

    /* Set the protection and page */
    NewPte->u.Hard.Valid = TRUE;
    NewPte->u.Hard.Owner = TRUE;
    NewPte->u.Hard.PageFrameNumber = PageFrameNumber;
    NewPte->u.Long |= MmProtectToPteMask[ProtectionMask];
}

FORCEINLINE VOID MI_MAKE_PROTOTYPE_PTE	(	IN PMMPTE	NewPte,
		IN PMMPTE	PointerPte
	)

Definition at line 809 of file miarm.h.

{
    ULONG_PTR Offset;

    /* Mark this as a prototype */
    NewPte->u.Long = 0;
    NewPte->u.Proto.Prototype = 1;

    /*
     * Prototype PTEs are only valid in paged pool by design, this little trick
     * lets us only use 30 bits for the adress of the PTE, as long as the area
     * stays 1024MB At most.
     */
    Offset = (ULONG_PTR)PointerPte - (ULONG_PTR)MmPagedPoolStart;

    /*
     * 7 bits go in the "low" (but we assume the bottom 2 are zero)
     * and the other 21 bits go in the "high"
     */
    NewPte->u.Proto.ProtoAddressLow = (Offset & 0x1FC) >> 2;
    NewPte->u.Proto.ProtoAddressHigh = (Offset & 0x3FFFFE00) >> 9;
}

FORCEINLINE VOID MI_MAKE_SUBSECTION_PTE	(	IN PMMPTE	NewPte,
		IN PVOID	Segment
	)

Definition at line 838 of file miarm.h.

{
    ULONG_PTR Offset;

    /* Mark this as a prototype */
    NewPte->u.Long = 0;
    NewPte->u.Subsect.Prototype = 1;

    /*
     * Segments are only valid either in nonpaged pool. We store the 20 bit
     * difference either from the top or bottom of nonpaged pool, giving a
     * maximum of 128MB to each delta, meaning nonpaged pool cannot exceed
     * 256MB.
     */
    if ((ULONG_PTR)Segment < ((ULONG_PTR)MmSubsectionBase + (128 * _1MB)))
    {
        Offset = (ULONG_PTR)Segment - (ULONG_PTR)MmSubsectionBase;
        NewPte->u.Subsect.WhichPool = PagedPool;
    }
    else
    {
        Offset = (ULONG_PTR)MmNonPagedPoolEnd - (ULONG_PTR)Segment;
        NewPte->u.Subsect.WhichPool = NonPagedPool;
    }

    /*
     * 4 bits go in the "low" (but we assume the bottom 3 are zero)
     * and the other 20 bits go in the "high"
     */
    NewPte->u.Subsect.SubsectionAddressLow = (Offset & 0x78) >> 3;
    NewPte->u.Subsect.SubsectionAddressHigh = (Offset & 0xFFFFF80) >> 7;
}

FORCEINLINE VOID MI_MAKE_TRANSITION_PTE	(	_Out_ PMMPTE	NewPte,
		_In_ PFN_NUMBER	Page,
		_In_ ULONG	Protection
	)

Definition at line 884 of file miarm.h.

Referenced by MiResolvePageFileFault().

{
    NewPte->u.Long = 0;
    NewPte->u.Trans.Transition = 1;
    NewPte->u.Trans.Protection = Protection;
    NewPte->u.Trans.PageFrameNumber = Page;
}

FORCEINLINE PMMPFN MI_PFN_ELEMENT

(

IN PFN_NUMBER

Pfn

)

Definition at line 1391 of file miarm.h.

Referenced by MiDecrementReferenceCount(), MiDecrementShareCount(), MiDispatchFault(), MiFindContiguousPages(), MiGetPageProtection(), MiInitializeAndChargePfn(), MiInitializePfn(), MiInitializePfnAndMakePteValid(), MiInitializePfnForOtherProcess(), MiInsertPageInFreeList(), MiInsertPageInList(), MiInsertStandbyListAtFront(), MiMapLockedPagesInUserSpace(), MiReleaseProcessReferenceToSessionDataPage(), MiRemoveAnyPage(), MiRemovePageByColor(), MiRemoveZeroPage(), MiResolveDemandZeroFault(), MiResolvePageFileFault(), MiResolveProtoPteFault(), MiSegmentDelete(), MiSessionCommitPageTables(), MiSessionCreateInternal(), MiUnlinkFreeOrZeroedPage(), MiUnlinkPageFromList(), MmArmAccessFault(), and MmFreeSpecialPool().

{
    /* Get the entry */
    return &MmPfnDatabase[Pfn];
};

FORCEINLINE VOID MI_UPDATE_VALID_PTE	(	IN PMMPTE	PointerPte,
		IN MMPTE	TempPte
	)

Definition at line 928 of file miarm.h.

Referenced by MiFlushTbAndCapture().

{
    /* Write the valid PTE */
    ASSERT(PointerPte->u.Hard.Valid == 1);
    ASSERT(TempPte.u.Hard.Valid == 1);
    ASSERT(PointerPte->u.Hard.PageFrameNumber == TempPte.u.Hard.PageFrameNumber);
    *PointerPte = TempPte;
}

FORCEINLINE VOID MI_WRITE_INVALID_PDE	(	IN PMMPDE	PointerPde,
		IN MMPDE	InvalidPde
	)

Definition at line 983 of file miarm.h.

Referenced by MmArmAccessFault().

{
    /* Write the invalid PDE */
    ASSERT(InvalidPde.u.Hard.Valid == 0);
    ASSERT(InvalidPde.u.Long != 0);
    *PointerPde = InvalidPde;
}

FORCEINLINE VOID MI_WRITE_INVALID_PTE	(	IN PMMPTE	PointerPte,
		IN MMPTE	InvalidPte
	)

Definition at line 943 of file miarm.h.

Referenced by MiAccessCheck(), MiAddMappedPtes(), MiAllocatePoolPages(), MiDecommitPages(), MiDecrementShareCount(), MiMapViewOfDataSection(), MiProcessValidPteList(), MiProtectFreeNonPagedPool(), MiProtectVirtualMemory(), MiResolvePageFileFault(), MiSetProtectionOnSection(), MmArmAccessFault(), MmCommitSessionMappedView(), MmCreateKernelStack(), MmGetPageTableForProcess(), MmGrowKernelStackEx(), MmInitializeProcessAddressSpace(), and NtAllocateVirtualMemory().

{
    /* Write the invalid PTE */
    ASSERT(InvalidPte.u.Hard.Valid == 0);
    ASSERT(InvalidPte.u.Long != 0);
    *PointerPte = InvalidPte;
}

FORCEINLINE VOID MI_WRITE_VALID_PDE	(	IN PMMPDE	PointerPde,
		IN MMPDE	TempPde
	)

Definition at line 969 of file miarm.h.

Referenced by MiBuildPagedPool(), MiFillSystemPageDirectory(), MiInitializeAndChargePfn(), MiRemoveMappedPtes(), MiSessionCommitPageTables(), MiSessionCreateInternal(), and MiSessionInitializeWorkingSetList().

{
    /* Write the valid PDE */
    ASSERT(PointerPde->u.Hard.Valid == 0);
    ASSERT(TempPde.u.Hard.Valid == 1);
    *PointerPde = TempPde;
}

FORCEINLINE VOID MI_WRITE_VALID_PTE	(	IN PMMPTE	PointerPte,
		IN MMPTE	TempPte
	)

Definition at line 914 of file miarm.h.

Referenced by MiAllocatePoolPages(), MiBuildPagedPool(), MiCompleteProtoPteFault(), MiCopyPfn(), MiDispatchFault(), MiGetPteForProcess(), MiInitializeColorTables(), MiInitializePfnAndMakePteValid(), MiInitializeWorkingSetList(), MiInitMachineDependent(), MiLoadImageSection(), MiMapLockedPagesInUserSpace(), MiMapPageInHyperSpace(), MiMapPagesInZeroSpace(), MiMapPDEs(), MiMapPfnDatabase(), MiMapPPEs(), MiMapPTEs(), MiReloadBootLoadedDrivers(), MiResolveDemandZeroFault(), MiResolvePageFileFault(), MiResolveProtoPteFault(), MiResolveTransitionFault(), MiSessionCreateInternal(), MiUnProtectFreeNonPagedPool(), MiZeroPfn(), MmAllocateNonCachedMemory(), MmArmAccessFault(), MmCreateKernelStack(), MmGrowKernelStackEx(), MmInitializeProcessAddressSpace(), MmMapIoSpace(), and MmMapLockedPagesSpecifyCache().

{
    /* Write the valid PTE */
    ASSERT(PointerPte->u.Hard.Valid == 0);
    ASSERT(TempPte.u.Hard.Valid == 1);
    *PointerPte = TempPte;
}

FORCEINLINE BOOLEAN MI_WS_OWNER

(

IN PEPROCESS

Process

)

Definition at line 1013 of file miarm.h.

Referenced by MiUnlockProcessWorkingSet(), MiUnlockProcessWorkingSetForFault(), MiUnlockProcessWorkingSetShared(), and MiUnlockProcessWorkingSetUnsafe().

{
    /* Check if this process is the owner, and that the thread owns the WS */
    if (PsGetCurrentThread()->OwnsProcessWorkingSetExclusive == 0)
    {
        DPRINT("Thread: %p is not an owner\n", PsGetCurrentThread());
    }
    if (KeGetCurrentThread()->ApcState.Process != &Process->Pcb)
    {
        DPRINT("Current thread %p is attached to another process %p\n", PsGetCurrentThread(), Process);
    }
    return ((KeGetCurrentThread()->ApcState.Process == &Process->Pcb) &&
            ((PsGetCurrentThread()->OwnsProcessWorkingSetExclusive) ||
             (PsGetCurrentThread()->OwnsProcessWorkingSetShared)));
}

FORCEINLINE KIRQL MiAcquireExpansionLock

(

VOID

)

Definition at line 1348 of file miarm.h.

Referenced by MiDereferenceSessionFinal(), MiSessionAddProcess(), MiSessionInitializeWorkingSetList(), MiSessionLeader(), MiSessionRemoveProcess(), MmDeleteProcessAddressSpace(), and MmGetSessionById().

{
    KIRQL OldIrql;

    ASSERT(KeGetCurrentIrql() <= APC_LEVEL);
    KeAcquireSpinLock(&MmExpansionLock, &OldIrql);
    ASSERT(MiExpansionLockOwner == NULL);
    MiExpansionLockOwner = PsGetCurrentThread();
    return OldIrql;
}

PMDL NTAPI MiAllocatePagesForMdl	(	IN PHYSICAL_ADDRESS	LowAddress,
		IN PHYSICAL_ADDRESS	HighAddress,
		IN PHYSICAL_ADDRESS	SkipBytes,
		IN SIZE_T	TotalBytes,
		IN MI_PFN_CACHE_ATTRIBUTE	CacheAttribute,
		IN ULONG	Flags
	)

Definition at line 150 of file freelist.c.

Referenced by MmAllocateNonCachedMemory(), MmAllocatePagesForMdl(), and MmAllocatePagesForMdlEx().

{
    PMDL Mdl;
    PFN_NUMBER PageCount, LowPage, HighPage, SkipPages, PagesFound = 0, Page;
    PPFN_NUMBER MdlPage, LastMdlPage;
    KIRQL OldIrql;
    PMMPFN Pfn1;
    INT LookForZeroedPages;
    ASSERT(KeGetCurrentIrql() <= APC_LEVEL);
    DPRINT1("ARM3-DEBUG: Being called with %I64x %I64x %I64x %lx %d %lu\n", LowAddress, HighAddress, SkipBytes, TotalBytes, CacheAttribute, MdlFlags);

    //
    // Convert the low address into a PFN
    //
    LowPage = (PFN_NUMBER)(LowAddress.QuadPart >> PAGE_SHIFT);

    //
    // Convert, and normalize, the high address into a PFN
    //
    HighPage = (PFN_NUMBER)(HighAddress.QuadPart >> PAGE_SHIFT);
    if (HighPage > MmHighestPhysicalPage) HighPage = MmHighestPhysicalPage;

    //
    // Validate skipbytes and convert them into pages
    //
    if (BYTE_OFFSET(SkipBytes.LowPart)) return NULL;
    SkipPages = (PFN_NUMBER)(SkipBytes.QuadPart >> PAGE_SHIFT);

    /* This isn't supported at all */
    if (SkipPages) DPRINT1("WARNING: Caller requesting SkipBytes, MDL might be mismatched\n");

    //
    // Now compute the number of pages the MDL will cover
    //
    PageCount = (PFN_NUMBER)ADDRESS_AND_SIZE_TO_SPAN_PAGES(0, TotalBytes);
    do
    {
        //
        // Try creating an MDL for these many pages
        //
        Mdl = MmCreateMdl(NULL, NULL, PageCount << PAGE_SHIFT);
        if (Mdl) break;

        //
        // This function is not required to return the amount of pages requested
        // In fact, it can return as little as 1 page, and callers are supposed
        // to deal with this scenario. So re-attempt the allocation with less
        // pages than before, and see if it worked this time.
        //
        PageCount -= (PageCount >> 4);
    } while (PageCount);

    //
    // Wow, not even a single page was around!
    //
    if (!Mdl) return NULL;

    //
    // This is where the page array starts....
    //
    MdlPage = (PPFN_NUMBER)(Mdl + 1);

    //
    // Lock the PFN database
    //
    OldIrql = KeAcquireQueuedSpinLock(LockQueuePfnLock);

    //
    // Are we looking for any pages, without discriminating?
    //
    if ((LowPage == 0) && (HighPage == MmHighestPhysicalPage))
    {
        //
        // Well then, let's go shopping
        //
        while (PagesFound < PageCount)
        {
            /* Grab a page */
            MI_SET_USAGE(MI_USAGE_MDL);
            MI_SET_PROCESS2("Kernel");

            /* FIXME: This check should be smarter */
            Page = 0;
            if (MmAvailablePages != 0)
                Page = MiRemoveAnyPage(0);

            if (Page == 0)
            {
                /* This is not good... hopefully we have at least SOME pages */
                ASSERT(PagesFound);
                break;
            }

            /* Grab the page entry for it */
            Pfn1 = MiGetPfnEntry(Page);

            //
            // Make sure it's really free
            //
            ASSERT(Pfn1->u3.e2.ReferenceCount == 0);

            /* Now setup the page and mark it */
            Pfn1->u3.e2.ReferenceCount = 1;
            Pfn1->u2.ShareCount = 1;
            MI_SET_PFN_DELETED(Pfn1);
            Pfn1->u4.PteFrame = 0x1FFEDCB;
            Pfn1->u3.e1.StartOfAllocation = 1;
            Pfn1->u3.e1.EndOfAllocation = 1;
            Pfn1->u4.VerifierAllocation = 0;

            //
            // Save it into the MDL
            //
            *MdlPage++ = MiGetPfnEntryIndex(Pfn1);
            PagesFound++;
        }
    }
    else
    {
        //
        // You want specific range of pages. We'll do this in two runs
        //
        for (LookForZeroedPages = 1; LookForZeroedPages >= 0; LookForZeroedPages--)
        {
            //
            // Scan the range you specified
            //
            for (Page = LowPage; Page < HighPage; Page++)
            {
                //
                // Get the PFN entry for this page
                //
                Pfn1 = MiGetPfnEntry(Page);
                ASSERT(Pfn1);

                //
                // Make sure it's free and if this is our first pass, zeroed
                //
                if (MiIsPfnInUse(Pfn1)) continue;
                if ((Pfn1->u3.e1.PageLocation == ZeroedPageList) != LookForZeroedPages) continue;

                /* Remove the page from the free or zero list */
                ASSERT(Pfn1->u3.e1.ReadInProgress == 0);
                MI_SET_USAGE(MI_USAGE_MDL);
                MI_SET_PROCESS2("Kernel");
                MiUnlinkFreeOrZeroedPage(Pfn1);

                //
                // Sanity checks
                //
                ASSERT(Pfn1->u3.e2.ReferenceCount == 0);

                //
                // Now setup the page and mark it
                //
                Pfn1->u3.e2.ReferenceCount = 1;
                Pfn1->u2.ShareCount = 1;
                MI_SET_PFN_DELETED(Pfn1);
                Pfn1->u4.PteFrame = 0x1FFEDCB;
                Pfn1->u3.e1.StartOfAllocation = 1;
                Pfn1->u3.e1.EndOfAllocation = 1;
                Pfn1->u4.VerifierAllocation = 0;

                //
                // Save this page into the MDL
                //
                *MdlPage++ = Page;
                if (++PagesFound == PageCount) break;
            }

            //
            // If the first pass was enough, don't keep going, otherwise, go again
            //
            if (PagesFound == PageCount) break;
        }
    }

    //
    // Now release the PFN count
    //
    KeReleaseQueuedSpinLock(LockQueuePfnLock, OldIrql);

    //
    // We might've found less pages, but not more ;-)
    //
    if (PagesFound != PageCount) ASSERT(PagesFound < PageCount);
    if (!PagesFound)
    {
        //
        // If we didn' tfind any pages at all, fail
        //
        DPRINT1("NO MDL PAGES!\n");
        ExFreePoolWithTag(Mdl, TAG_MDL);
        return NULL;
    }

    //
    // Write out how many pages we found
    //
    Mdl->ByteCount = (ULONG)(PagesFound << PAGE_SHIFT);

    //
    // Terminate the MDL array if there's certain missing pages
    //
    if (PagesFound != PageCount) *MdlPage = LIST_HEAD;

    //
    // Now go back and loop over all the MDL pages
    //
    MdlPage = (PPFN_NUMBER)(Mdl + 1);
    LastMdlPage = MdlPage + PagesFound;
    while (MdlPage < LastMdlPage)
    {
        //
        // Check if we've reached the end
        //
        Page = *MdlPage++;
        if (Page == LIST_HEAD) break;

        //
        // Get the PFN entry for the page and check if we should zero it out
        //
        Pfn1 = MiGetPfnEntry(Page);
        ASSERT(Pfn1);
        if (Pfn1->u3.e1.PageLocation != ZeroedPageList) MiZeroPhysicalPage(Page);
        Pfn1->u3.e1.PageLocation = ActiveAndValid;
    }

    //
    // We're done, mark the pages as locked
    //
    Mdl->Process = NULL;
    Mdl->MdlFlags |= MDL_PAGES_LOCKED;
    return Mdl;
}

TABLE_SEARCH_RESULT NTAPI MiCheckForConflictingNode	(	IN ULONG_PTR	StartVpn,
		IN ULONG_PTR	EndVpn,
		IN PMM_AVL_TABLE	Table,
		OUT PMMADDRESS_NODE *	NodeOrParent
	)

Definition at line 78 of file vadnode.c.

Referenced by MiInsertVadEx(), MiMapLockedPagesInUserSpace(), MiProtectVirtualMemory(), MmLocateMemoryAreaByAddress(), MmLocateMemoryAreaByRegion(), and NtAllocateVirtualMemory().

{
    PMMADDRESS_NODE ParentNode, CurrentNode;

    /* If the tree is empty, there is no conflict */
    if (Table->NumberGenericTableElements == 0) return TableEmptyTree;

    /* Start looping from the root node */
    CurrentNode = RtlRightChildAvl(&Table->BalancedRoot);
    ASSERT(CurrentNode != NULL);
    while (CurrentNode)
    {
        ParentNode = CurrentNode;

        /* This address comes after */
        if (StartVpn > CurrentNode->EndingVpn)
        {
            /* Keep searching on the right */
            CurrentNode = RtlRightChildAvl(CurrentNode);
        }
        else if (EndVpn < CurrentNode->StartingVpn)
        {
            /* This address ends before the node starts, search on the left */
            CurrentNode = RtlLeftChildAvl(CurrentNode);
        }
        else
        {
            /* This address is part of this node, return it */
            *NodeOrParent = ParentNode;
            return TableFoundNode;
        }
    }

    /* There is no more child, save the current node as parent */
    *NodeOrParent = ParentNode;
    if (StartVpn > ParentNode->EndingVpn)
    {
        return TableInsertAsRight;
    }
    else
    {
        return TableInsertAsLeft;
    }
}

PVOID NTAPI MiCheckForContiguousMemory	(	IN PVOID	BaseAddress,
		IN PFN_NUMBER	BaseAddressPages,
		IN PFN_NUMBER	SizeInPages,
		IN PFN_NUMBER	LowestPfn,
		IN PFN_NUMBER	HighestPfn,
		IN PFN_NUMBER	BoundaryPfn,
		IN MI_PFN_CACHE_ATTRIBUTE	CacheAttribute
	)

Definition at line 214 of file contmem.c.

Referenced by MiAllocateContiguousMemory().

{
    PMMPTE StartPte, EndPte;
    PFN_NUMBER PreviousPage = 0, Page, HighPage, BoundaryMask, Pages = 0;

    //
    // Okay, first of all check if the PFNs match our restrictions
    //
    if (LowestPfn > HighestPfn) return NULL;
    if (LowestPfn + SizeInPages <= LowestPfn) return NULL;
    if (LowestPfn + SizeInPages - 1 > HighestPfn) return NULL;
    if (BaseAddressPages < SizeInPages) return NULL;

    //
    // This is the last page we need to get to and the boundary requested
    //
    HighPage = HighestPfn + 1 - SizeInPages;
    BoundaryMask = ~(BoundaryPfn - 1);

    //
    // And here's the PTEs for this allocation. Let's go scan them.
    //
    StartPte = MiAddressToPte(BaseAddress);
    EndPte = StartPte + BaseAddressPages;
    while (StartPte < EndPte)
    {
        //
        // Get this PTE's page number
        //
        ASSERT (StartPte->u.Hard.Valid == 1);
        Page = PFN_FROM_PTE(StartPte);

        //
        // Is this the beginning of our adventure?
        //
        if (!Pages)
        {
            //
            // Check if this PFN is within our range
            //
            if ((Page >= LowestPfn) && (Page <= HighPage))
            {
                //
                // It is! Do you care about boundary (alignment)?
                //
                if (!(BoundaryPfn) ||
                    (!((Page ^ (Page + SizeInPages - 1)) & BoundaryMask)))
                {
                    //
                    // You don't care, or you do care but we deliver
                    //
                    Pages++;
                }
            }

            //
            // Have we found all the pages we need by now?
            // Incidently, this means you only wanted one page
            //
            if (Pages == SizeInPages)
            {
                //
                // Mission complete
                //
                return MiPteToAddress(StartPte);
            }
        }
        else
        {
            //
            // Have we found a page that doesn't seem to be contiguous?
            //
            if (Page != (PreviousPage + 1))
            {
                //
                // Ah crap, we have to start over
                //
                Pages = 0;
                continue;
            }

            //
            // Otherwise, we're still in the game. Do we have all our pages?
            //
            if (++Pages == SizeInPages)
            {
                //
                // We do! This entire range was contiguous, so we'll return it!
                //
                return MiPteToAddress(StartPte - Pages + 1);
            }
        }

        //
        // Try with the next PTE, remember this PFN
        //
        PreviousPage = Page;
        StartPte++;
        continue;
    }

    //
    // All good returns are within the loop...
    //
    return NULL;
}

NTSTATUS FASTCALL MiCheckPdeForPagedPool

(

IN PVOID

Address

)

Definition at line 471 of file pagfault.c.

Referenced by MiDeletePte(), MiInitializePfn(), MiInitializePfnAndMakePteValid(), and MmArmAccessFault().

{
    return STATUS_ACCESS_VIOLATION;
}

NTSTATUS NTAPI MiCheckSecuredVad	(	IN PMMVAD	Vad,
		IN PVOID	Base,
		IN SIZE_T	Size,
		IN ULONG	ProtectionMask
	)

Definition at line 809 of file vadnode.c.

Referenced by MiUnmapViewOfSection(), and NtAllocateVirtualMemory().

{
    ULONG_PTR StartAddress, EndAddress;

    /* Compute start and end address */
    StartAddress = (ULONG_PTR)Base;
    EndAddress = StartAddress + Size - 1;

    /* Are we deleting/unmapping, or changing? */
    if (ProtectionMask < MM_DELETE_CHECK)
    {
        /* Changing... are we allowed to do so? */
        if ((Vad->u.VadFlags.NoChange == 1) &&
            (Vad->u2.VadFlags2.SecNoChange == 1) &&
            (Vad->u.VadFlags.Protection != ProtectionMask))
        {
            /* Nope, bail out */
            DPRINT1("Trying to mess with a no-change VAD!\n");
            return STATUS_INVALID_PAGE_PROTECTION;
        }
    }
    else
    {
        /* This is allowed */
        ProtectionMask = 0;
    }

    /* ARM3 doesn't support this yet */
    ASSERT(Vad->u2.VadFlags2.MultipleSecured == 0);

    /* Is this a one-secured VAD, like a TEB or PEB? */
    if (Vad->u2.VadFlags2.OneSecured)
    {
        /* Is this allocation being described by the VAD? */
        if ((StartAddress <= ((PMMVAD_LONG)Vad)->u3.Secured.EndVpn) &&
            (EndAddress >= ((PMMVAD_LONG)Vad)->u3.Secured.StartVpn))
        {
            /* Guard page? */
            if (ProtectionMask & MM_DECOMMIT)
            {
                DPRINT1("Not allowed to change protection on guard page!\n");
                return STATUS_INVALID_PAGE_PROTECTION;
            }

            /* ARM3 doesn't have read-only VADs yet */
            ASSERT(Vad->u2.VadFlags2.ReadOnly == 0);

            /* Check if read-write protections are allowed */
            if (MmReadWrite[ProtectionMask] < MM_READ_WRITE_ALLOWED)
            {
                DPRINT1("Invalid protection mask for RW access!\n");
                return STATUS_INVALID_PAGE_PROTECTION;
            }
        }
    }

    /* All good, allow the change */
    return STATUS_SUCCESS;
}

VOID NTAPI MiComputeColorInformation

(

VOID

)

Definition at line 498 of file mminit.c.

Referenced by MmArmInitSystem().

{
    ULONG L2Associativity;

    /* Check if no setting was provided already */
    if (!MmSecondaryColors)
    {
        /* Get L2 cache information */
        L2Associativity = KeGetPcr()->SecondLevelCacheAssociativity;

        /* The number of colors is the number of cache bytes by set/way */
        MmSecondaryColors = KeGetPcr()->SecondLevelCacheSize;
        if (L2Associativity) MmSecondaryColors /= L2Associativity;
    }

    /* Now convert cache bytes into pages */
    MmSecondaryColors >>= PAGE_SHIFT;
    if (!MmSecondaryColors)
    {
        /* If there was no cache data from the KPCR, use the default colors */
        MmSecondaryColors = MI_SECONDARY_COLORS;
    }
    else
    {
        /* Otherwise, make sure there aren't too many colors */
        if (MmSecondaryColors > MI_MAX_SECONDARY_COLORS)
        {
            /* Set the maximum */
            MmSecondaryColors = MI_MAX_SECONDARY_COLORS;
        }

        /* Make sure there aren't too little colors */
        if (MmSecondaryColors < MI_MIN_SECONDARY_COLORS)
        {
            /* Set the default */
            MmSecondaryColors = MI_SECONDARY_COLORS;
        }

        /* Finally make sure the colors are a power of two */
        if (MmSecondaryColors & (MmSecondaryColors - 1))
        {
            /* Set the default */
            MmSecondaryColors = MI_SECONDARY_COLORS;
        }
    }

    /* Compute the mask and store it */
    MmSecondaryColorMask = MmSecondaryColors - 1;
    KeGetCurrentPrcb()->SecondaryColorMask = MmSecondaryColorMask;
}

FORCEINLINE VOID MiDecrementPageTableReferences

(

IN PVOID

Address

)

Definition at line 1647 of file miarm.h.

Referenced by MiDeleteVirtualAddresses(), and MiUnmapLockedPagesInUserSpace().

{
    PUSHORT RefCount;

    RefCount = &MmWorkingSetList->UsedPageTableEntries[MiGetPdeOffset(Address)];

    *RefCount -= 1;
    ASSERT(*RefCount < PTE_PER_PAGE);
}

VOID NTAPI MiDecrementReferenceCount	(	IN PMMPFN	Pfn1,
		IN PFN_NUMBER	PageFrameIndex
	)

Definition at line 1222 of file pfnlist.c.

Referenced by MiDecrementShareCount(), MiDeletePte(), MiDereferencePfnAndDropLockCount(), and MmFreePagesFromMdl().

{
    /* PFN lock must be held */
    ASSERT(KeGetCurrentIrql() == DISPATCH_LEVEL);

    /* Sanity checks on the page */
    if (PageFrameIndex > MmHighestPhysicalPage ||
        Pfn1 != MI_PFN_ELEMENT(PageFrameIndex) ||
        Pfn1->u3.e2.ReferenceCount == 0 ||
        Pfn1->u3.e2.ReferenceCount >= 2500)
    {
        DPRINT1("PageFrameIndex=0x%lx, MmHighestPhysicalPage=0x%lx\n", PageFrameIndex, MmHighestPhysicalPage);
        DPRINT1("Pfn1=%p, Element=%p, RefCount=%u\n", Pfn1, MI_PFN_ELEMENT(PageFrameIndex), Pfn1->u3.e2.ReferenceCount);
        ASSERT(PageFrameIndex <= MmHighestPhysicalPage);
        ASSERT(Pfn1 == MI_PFN_ELEMENT(PageFrameIndex));
        ASSERT(Pfn1->u3.e2.ReferenceCount != 0);
        ASSERT(Pfn1->u3.e2.ReferenceCount < 2500);
    }

    /* Dereference the page, bail out if it's still alive */
    InterlockedDecrement16((PSHORT)&Pfn1->u3.e2.ReferenceCount);
    if (Pfn1->u3.e2.ReferenceCount) return;

    /* Nobody should still have reference to this page */
    if (Pfn1->u2.ShareCount != 0)
    {
        /* Otherwise something's really wrong */
        KeBugCheckEx(PFN_LIST_CORRUPT, 7, PageFrameIndex, Pfn1->u2.ShareCount, 0);
    }

    /* And it should be lying on some page list */
    ASSERT(Pfn1->u3.e1.PageLocation != ActiveAndValid);

    /* Did someone set the delete flag? */
    if (MI_IS_PFN_DELETED(Pfn1))
    {
        /* Insert it into the free list, there's nothing left to do */
        MiInsertPageInFreeList(PageFrameIndex);
        return;
    }

    /* Check to see which list this page should go into */
    if (Pfn1->u3.e1.Modified == 1)
    {
        /* Push it into the modified page list */
        MiInsertPageInList(&MmModifiedPageListHead, PageFrameIndex);
    }
    else
    {
        /* Otherwise, insert this page into the standby list */
        ASSERT(Pfn1->u3.e1.RemovalRequested == 0);
        MiInsertStandbyListAtFront(PageFrameIndex);
    }
}

VOID NTAPI MiDecrementShareCount	(	IN PMMPFN	Pfn1,
		IN PFN_NUMBER	PageFrameIndex
	)

Definition at line 1133 of file pfnlist.c.

Referenced by MiDeletePte(), MiDeleteSystemPageableVm(), MiFreeContiguousMemory(), MiProcessValidPteList(), MiProtectVirtualMemory(), MiReleaseProcessReferenceToSessionDataPage(), MiRemoveMappedPtes(), MiUnmapLockedPagesInUserSpace(), MmDeleteKernelStack(), MmDeleteProcessAddressSpace2(), MmFreeLoaderBlock(), and MmFreeSpecialPool().

{
    PMMPTE PointerPte;
    MMPTE TempPte;

    ASSERT(PageFrameIndex > 0);
    ASSERT(MI_PFN_ELEMENT(PageFrameIndex) != NULL);
    ASSERT(Pfn1 == MI_PFN_ELEMENT(PageFrameIndex));
    ASSERT(MI_IS_ROS_PFN(Pfn1) == FALSE);

    /* Page must be in-use */
    if ((Pfn1->u3.e1.PageLocation != ActiveAndValid) &&
        (Pfn1->u3.e1.PageLocation != StandbyPageList))
    {
        /* Otherwise we have PFN corruption */
        KeBugCheckEx(PFN_LIST_CORRUPT,
                     0x99,
                     PageFrameIndex,
                     Pfn1->u3.e1.PageLocation,
                     0);
    }

    /* Page should at least have one reference */
    ASSERT(Pfn1->u3.e2.ReferenceCount != 0);

    /* Check if the share count is now 0 */
    ASSERT(Pfn1->u2.ShareCount < 0xF000000);
    if (!--Pfn1->u2.ShareCount)
    {
        /* Was this a prototype PTE? */
        if (Pfn1->u3.e1.PrototypePte)
        {
            /* Grab the PTE address and make sure it's in prototype pool */
            PointerPte = Pfn1->PteAddress;
            ASSERT((PointerPte >= (PMMPTE)MmPagedPoolStart) && (PointerPte <= (PMMPTE)MmPagedPoolEnd));

            /* The PTE that backs it should also be valdi */
            PointerPte = MiAddressToPte(PointerPte);
            ASSERT(PointerPte->u.Hard.Valid == 1);

            /* Get the original prototype PTE and turn it into a transition PTE */
            PointerPte = Pfn1->PteAddress;
            TempPte = *PointerPte;
            TempPte.u.Soft.Transition = 1;
            TempPte.u.Soft.Valid = 0;
            TempPte.u.Soft.Prototype = 0;
            TempPte.u.Soft.Protection = Pfn1->OriginalPte.u.Soft.Protection;
            MI_WRITE_INVALID_PTE(PointerPte, TempPte);
            DPRINT("Marking PTE: %p as transition (%p - %lx)\n", PointerPte, Pfn1, MiGetPfnEntryIndex(Pfn1));
        }

        /* Put the page in transition */
        Pfn1->u3.e1.PageLocation = TransitionPage;

        /* PFN lock must be held */
        ASSERT(KeGetCurrentIrql() == DISPATCH_LEVEL);

        if (Pfn1->u3.e2.ReferenceCount == 1)
        {
            /* Is there still a PFN for this page? */
            if (MI_IS_PFN_DELETED(Pfn1))
            {
                /* Clear the last reference */
                Pfn1->u3.e2.ReferenceCount = 0;
                ASSERT(Pfn1->OriginalPte.u.Soft.Prototype == 0);

                /* Mark the page temporarily as valid, we're going to make it free soon */
                Pfn1->u3.e1.PageLocation = ActiveAndValid;

                /* Bring it back into the free list */
                MiInsertPageInFreeList(PageFrameIndex);
            }
            else
            {
                /* PFN not yet deleted, drop a ref count */
                MiDecrementReferenceCount(Pfn1, PageFrameIndex);
            }
        }
        else
        {
            /* Otherwise, just drop the reference count */
            InterlockedDecrement16((PSHORT)&Pfn1->u3.e2.ReferenceCount);
        }
    }
}

VOID NTAPI MiDeleteARM3Section

(

PVOID

ObjectBody

)

Definition at line 3244 of file section.c.

Referenced by MmpDeleteSection().

{
    PSECTION SectionObject;
    PCONTROL_AREA ControlArea;
    KIRQL OldIrql;

    SectionObject = (PSECTION)ObjectBody;

    if (SectionObject->u.Flags.Based == 1)
    {
        /* Remove the node from the global section address tree */
        KeAcquireGuardedMutex(&MmSectionBasedMutex);
        MiRemoveNode(&SectionObject->Address, &MmSectionBasedRoot);
        KeReleaseGuardedMutex(&MmSectionBasedMutex);
    }

    /* Lock the PFN database */
    OldIrql = KeAcquireQueuedSpinLock(LockQueuePfnLock);

    ASSERT(SectionObject->Segment);
    ASSERT(SectionObject->Segment->ControlArea);

    ControlArea = SectionObject->Segment->ControlArea;

    /* Dereference */
    ControlArea->NumberOfSectionReferences--;
    ControlArea->NumberOfUserReferences--;

    ASSERT(ControlArea->u.Flags.BeingDeleted == 0);

    /* Check it. It will delete it if there is no more reference to it */
    MiCheckControlArea(ControlArea, OldIrql);
}

VOID NTAPI MiDeletePte	(	IN PMMPTE	PointerPte,
		IN PVOID	VirtualAddress,
		IN PEPROCESS	CurrentProcess,
		IN PMMPTE	PrototypePte
	)

Definition at line 391 of file virtual.c.

Referenced by MiBalancerThread(), MiDeleteVirtualAddresses(), MiResolveProtoPteFault(), MiUnmapLockedPagesInUserSpace(), MmArmAccessFault(), MmDeleteProcessAddressSpace(), and MmFreeMemoryArea().

{
    PMMPFN Pfn1;
    MMPTE TempPte;
    PFN_NUMBER PageFrameIndex;
    PMMPDE PointerPde;

    /* PFN lock must be held */
    ASSERT(KeGetCurrentIrql() == DISPATCH_LEVEL);

    /* Capture the PTE */
    TempPte = *PointerPte;

    /* See if the PTE is valid */
    if (TempPte.u.Hard.Valid == 0)
    {
        /* Prototype and paged out PTEs not supported yet */
        ASSERT(TempPte.u.Soft.Prototype == 0);
        ASSERT((TempPte.u.Soft.PageFileHigh == 0) || (TempPte.u.Soft.Transition == 1));

        if (TempPte.u.Soft.Transition)
        {
            /* Get the PFN entry */
            PageFrameIndex = PFN_FROM_PTE(&TempPte);
            Pfn1 = MiGetPfnEntry(PageFrameIndex);

            DPRINT("Pte %p is transitional!\n", PointerPte);

            /* Make sure the saved PTE address is valid */
            ASSERT((PMMPTE)((ULONG_PTR)Pfn1->PteAddress & ~0x1) == PointerPte);

            /* Destroy the PTE */
            MI_ERASE_PTE(PointerPte);

            /* Drop the reference on the page table. */
            MiDecrementShareCount(MiGetPfnEntry(Pfn1->u4.PteFrame), Pfn1->u4.PteFrame);

            ASSERT(Pfn1->u3.e1.PrototypePte == 0);

            /* Make the page free. For prototypes, it will be made free when deleting the section object */
            if (Pfn1->u3.e2.ReferenceCount == 0)
            {
                /* And it should be in standby or modified list */
                ASSERT((Pfn1->u3.e1.PageLocation == ModifiedPageList) || (Pfn1->u3.e1.PageLocation == StandbyPageList));

                /* Unlink it and set its reference count to one */
                MiUnlinkPageFromList(Pfn1);
                Pfn1->u3.e2.ReferenceCount++;

                /* This will put it back in free list and clean properly up */
                MI_SET_PFN_DELETED(Pfn1);
                MiDecrementReferenceCount(Pfn1, PageFrameIndex);
            }
            return;
        }
    }

    /* Get the PFN entry */
    PageFrameIndex = PFN_FROM_PTE(&TempPte);
    Pfn1 = MiGetPfnEntry(PageFrameIndex);

    /* Check if this is a valid, prototype PTE */
    if (Pfn1->u3.e1.PrototypePte == 1)
    {
        /* Get the PDE and make sure it's faulted in */
        PointerPde = MiPteToPde(PointerPte);
        if (PointerPde->u.Hard.Valid == 0)
        {
#if (_MI_PAGING_LEVELS == 2)
            /* Could be paged pool access from a new process -- synchronize the page directories */
            if (!NT_SUCCESS(MiCheckPdeForPagedPool(VirtualAddress)))
            {
#endif
                /* The PDE must be valid at this point */
                KeBugCheckEx(MEMORY_MANAGEMENT,
                             0x61940,
                             (ULONG_PTR)PointerPte,
                             PointerPte->u.Long,
                             (ULONG_PTR)VirtualAddress);
            }
#if (_MI_PAGING_LEVELS == 2)
        }
#endif
        /* Drop the share count on the page table */
        PointerPde = MiPteToPde(PointerPte);
        MiDecrementShareCount(MiGetPfnEntry(PointerPde->u.Hard.PageFrameNumber),
            PointerPde->u.Hard.PageFrameNumber);

        /* Drop the share count */
        MiDecrementShareCount(Pfn1, PageFrameIndex);

        /* Either a fork, or this is the shared user data page */
        if ((PointerPte <= MiHighestUserPte) && (PrototypePte != Pfn1->PteAddress))
        {
            /* If it's not the shared user page, then crash, since there's no fork() yet */
            if ((PAGE_ALIGN(VirtualAddress) != (PVOID)USER_SHARED_DATA) ||
                 (MmHighestUserAddress <= (PVOID)USER_SHARED_DATA))
            {
                /* Must be some sort of memory corruption */
                KeBugCheckEx(MEMORY_MANAGEMENT,
                             0x400,
                             (ULONG_PTR)PointerPte,
                             (ULONG_PTR)PrototypePte,
                             (ULONG_PTR)Pfn1->PteAddress);
            }
        }

        /* Erase it */
        MI_ERASE_PTE(PointerPte);
    }
    else
    {
        /* Make sure the saved PTE address is valid */
        if ((PMMPTE)((ULONG_PTR)Pfn1->PteAddress & ~0x1) != PointerPte)
        {
            /* The PFN entry is illegal, or invalid */
            KeBugCheckEx(MEMORY_MANAGEMENT,
                         0x401,
                         (ULONG_PTR)PointerPte,
                         PointerPte->u.Long,
                         (ULONG_PTR)Pfn1->PteAddress);
        }

        /* Erase the PTE */
        MI_ERASE_PTE(PointerPte);

        /* There should only be 1 shared reference count */
        ASSERT(Pfn1->u2.ShareCount == 1);

        /* Drop the reference on the page table. */
        MiDecrementShareCount(MiGetPfnEntry(Pfn1->u4.PteFrame), Pfn1->u4.PteFrame);

        /* Mark the PFN for deletion and dereference what should be the last ref */
        MI_SET_PFN_DELETED(Pfn1);
        MiDecrementShareCount(Pfn1, PageFrameIndex);

        /* We should eventually do this */
        //CurrentProcess->NumberOfPrivatePages--;
    }

    /* Flush the TLB */
    KeFlushCurrentTb();
}

PFN_COUNT NTAPI MiDeleteSystemPageableVm	(	IN PMMPTE	PointerPte,
		IN PFN_NUMBER	PageCount,
		IN ULONG	Flags,
		OUT PPFN_NUMBER	ValidPages
	)

Definition at line 297 of file virtual.c.

Referenced by MiFreeInitializationCode(), MiFreePoolPages(), MmFreeDriverInitialization(), and MmFreeSpecialPool().

{
    PFN_COUNT ActualPages = 0;
    PETHREAD CurrentThread = PsGetCurrentThread();
    PMMPFN Pfn1, Pfn2;
    PFN_NUMBER PageFrameIndex, PageTableIndex;
    KIRQL OldIrql;
    ASSERT(KeGetCurrentIrql() <= APC_LEVEL);

    /* Lock the system working set */
    MiLockWorkingSet(CurrentThread, &MmSystemCacheWs);

    /* Loop all pages */
    while (PageCount)
    {
        /* Make sure there's some data about the page */
        if (PointerPte->u.Long)
        {
            /* As always, only handle current ARM3 scenarios */
            ASSERT(PointerPte->u.Soft.Prototype == 0);
            ASSERT(PointerPte->u.Soft.Transition == 0);

            /* Normally this is one possibility -- freeing a valid page */
            if (PointerPte->u.Hard.Valid)
            {
                /* Get the page PFN */
                PageFrameIndex = PFN_FROM_PTE(PointerPte);
                Pfn1 = MiGetPfnEntry(PageFrameIndex);

                /* Should not have any working set data yet */
                ASSERT(Pfn1->u1.WsIndex == 0);

                /* Actual valid, legitimate, pages */
                if (ValidPages) (*ValidPages)++;

                /* Get the page table entry */
                PageTableIndex = Pfn1->u4.PteFrame;
                Pfn2 = MiGetPfnEntry(PageTableIndex);

                /* Lock the PFN database */
                OldIrql = KeAcquireQueuedSpinLock(LockQueuePfnLock);

                /* Delete it the page */
                MI_SET_PFN_DELETED(Pfn1);
                MiDecrementShareCount(Pfn1, PageFrameIndex);

                /* Decrement the page table too */
                MiDecrementShareCount(Pfn2, PageTableIndex);

                /* Release the PFN database */
                KeReleaseQueuedSpinLock(LockQueuePfnLock, OldIrql);

                /* Destroy the PTE */
                MI_ERASE_PTE(PointerPte);
            }
            else
            {
                /*
                 * The only other ARM3 possibility is a demand zero page, which would
                 * mean freeing some of the paged pool pages that haven't even been
                 * touched yet, as part of a larger allocation.
                 *
                 * Right now, we shouldn't expect any page file information in the PTE
                 */
                ASSERT(PointerPte->u.Soft.PageFileHigh == 0);

                /* Destroy the PTE */
                MI_ERASE_PTE(PointerPte);
            }

            /* Actual legitimate pages */
            ActualPages++;
        }

        /* Keep going */
        PointerPte++;
        PageCount--;
    }

    /* Release the working set */
    MiUnlockWorkingSet(CurrentThread, &MmSystemCacheWs);

    /* Flush the entire TLB */
    KeFlushEntireTb(TRUE, TRUE);

    /* Done */
    return ActualPages;
}

VOID NTAPI MiDeleteVirtualAddresses	(	IN ULONG_PTR	Va,
		IN ULONG_PTR	EndingAddress,
		IN PMMVAD	Vad
	)

Definition at line 540 of file virtual.c.

Referenced by MiRemoveMappedView(), MmCleanProcessAddressSpace(), MmDeleteTeb(), and NtFreeVirtualMemory().

{
    PMMPTE PointerPte, PrototypePte, LastPrototypePte;
    PMMPDE PointerPde;
    MMPTE TempPte;
    PEPROCESS CurrentProcess;
    KIRQL OldIrql;
    BOOLEAN AddressGap = FALSE;
    PSUBSECTION Subsection;

    /* Get out if this is a fake VAD, RosMm will free the marea pages */
    if ((Vad) && (Vad->u.VadFlags.Spare == 1)) return;

    /* Grab the process and PTE/PDE for the address being deleted */
    CurrentProcess = PsGetCurrentProcess();
    PointerPde = MiAddressToPde(Va);
    PointerPte = MiAddressToPte(Va);

    /* Check if this is a section VAD or a VM VAD */
    if (!(Vad) || (Vad->u.VadFlags.PrivateMemory) || !(Vad->FirstPrototypePte))
    {
        /* Don't worry about prototypes */
        PrototypePte = LastPrototypePte = NULL;
    }
    else
    {
        /* Get the prototype PTE */
        PrototypePte = Vad->FirstPrototypePte;
        LastPrototypePte = Vad->FirstPrototypePte + 1;
    }

    /* In all cases, we don't support fork() yet */
    ASSERT(CurrentProcess->CloneRoot == NULL);

    /* Loop the PTE for each VA */
    while (TRUE)
    {
        /* First keep going until we find a valid PDE */
        while (!PointerPde->u.Long)
        {
            /* There are gaps in the address space */
            AddressGap = TRUE;

            /* Still no valid PDE, try the next 4MB (or whatever) */
            PointerPde++;

            /* Update the PTE on this new boundary */
            PointerPte = MiPteToAddress(PointerPde);

            /* Check if all the PDEs are invalid, so there's nothing to free */
            Va = (ULONG_PTR)MiPteToAddress(PointerPte);
            if (Va > EndingAddress) return;
        }

        /* Now check if the PDE is mapped in */
        if (!PointerPde->u.Hard.Valid)
        {
            /* It isn't, so map it in */
            PointerPte = MiPteToAddress(PointerPde);
            MiMakeSystemAddressValid(PointerPte, CurrentProcess);
        }

        /* Now we should have a valid PDE, mapped in, and still have some VA */
        ASSERT(PointerPde->u.Hard.Valid == 1);
        ASSERT(Va <= EndingAddress);

        /* Check if this is a section VAD with gaps in it */
        if ((AddressGap) && (LastPrototypePte))
        {
            /* We need to skip to the next correct prototype PTE */
            PrototypePte = MI_GET_PROTOTYPE_PTE_FOR_VPN(Vad, Va >> PAGE_SHIFT);

            /* And we need the subsection to skip to the next last prototype PTE */
            Subsection = MiLocateSubsection(Vad, Va >> PAGE_SHIFT);
            if (Subsection)
            {
                /* Found it! */
                LastPrototypePte = &Subsection->SubsectionBase[Subsection->PtesInSubsection];
            }
            else
            {
                /* No more subsections, we are done with prototype PTEs */
                PrototypePte = NULL;
            }
        }

        /* Lock the PFN Database while we delete the PTEs */
        OldIrql = KeAcquireQueuedSpinLock(LockQueuePfnLock);
        do
        {
            /* Capture the PDE and make sure it exists */
            TempPte = *PointerPte;
            if (TempPte.u.Long)
            {
                MiDecrementPageTableReferences((PVOID)Va);

                /* Check if the PTE is actually mapped in */
                if (MI_IS_MAPPED_PTE(&TempPte))
                {
                    /* Are we dealing with section VAD? */
                    if ((LastPrototypePte) && (PrototypePte > LastPrototypePte))
                    {
                        /* We need to skip to the next correct prototype PTE */
                        PrototypePte = MI_GET_PROTOTYPE_PTE_FOR_VPN(Vad, Va >> PAGE_SHIFT);

                        /* And we need the subsection to skip to the next last prototype PTE */
                        Subsection = MiLocateSubsection(Vad, Va >> PAGE_SHIFT);
                        if (Subsection)
                        {
                            /* Found it! */
                            LastPrototypePte = &Subsection->SubsectionBase[Subsection->PtesInSubsection];
                        }
                        else
                        {
                            /* No more subsections, we are done with prototype PTEs */
                            PrototypePte = NULL;
                        }
                    }

                    /* Check for prototype PTE */
                    if ((TempPte.u.Hard.Valid == 0) &&
                        (TempPte.u.Soft.Prototype == 1))
                    {
                        /* Just nuke it */
                        MI_ERASE_PTE(PointerPte);
                    }
                    else
                    {
                        /* Delete the PTE proper */
                        MiDeletePte(PointerPte,
                                    (PVOID)Va,
                                    CurrentProcess,
                                    PrototypePte);
                    }
                }
                else
                {
                    /* The PTE was never mapped, just nuke it here */
                    MI_ERASE_PTE(PointerPte);
                }
            }

            /* Update the address and PTE for it */
            Va += PAGE_SIZE;
            PointerPte++;
            PrototypePte++;

            /* Making sure the PDE is still valid */
            ASSERT(PointerPde->u.Hard.Valid == 1);
        }
        while ((Va & (PDE_MAPPED_VA - 1)) && (Va <= EndingAddress));

        /* The PDE should still be valid at this point */
        ASSERT(PointerPde->u.Hard.Valid == 1);

        /* Check remaining PTE count (go back 1 page due to above loop) */
        if (MiQueryPageTableReferences((PVOID)(Va - PAGE_SIZE)) == 0)
        {
            if (PointerPde->u.Long != 0)
            {
                /* Delete the PTE proper */
                MiDeletePte(PointerPde,
                            MiPteToAddress(PointerPde),
                            CurrentProcess,
                            NULL);
            }
        }

        /* Release the lock and get out if we're done */
        KeReleaseQueuedSpinLock(LockQueuePfnLock, OldIrql);
        if (Va > EndingAddress) return;

        /* Otherwise, we exited because we hit a new PDE boundary, so start over */
        PointerPde = MiAddressToPde(Va);
        AddressGap = FALSE;
    }
}

FORCEINLINE VOID MiDereferencePfnAndDropLockCount

(

IN PMMPFN

Pfn1

)

Definition at line 1432 of file miarm.h.

Referenced by MI_UNLOCK_VA(), MiCompleteProtoPteFault(), MiDispatchFault(), and MmUnlockPages().

{
    USHORT RefCount, OldRefCount;
    PFN_NUMBER PageFrameIndex;

    /* Loop while we decrement the page successfully */
    do
    {
        /* There should be at least one reference */
        OldRefCount = Pfn1->u3.e2.ReferenceCount;
        ASSERT(OldRefCount != 0);

        /* Are we the last one */
        if (OldRefCount == 1)
        {
            /* The page shoudln't be shared not active at this point */
            ASSERT(Pfn1->u3.e2.ReferenceCount == 1);
            ASSERT(Pfn1->u3.e1.PageLocation != ActiveAndValid);
            ASSERT(Pfn1->u2.ShareCount == 0);

            /* Is it a prototype PTE? */
            if ((Pfn1->u3.e1.PrototypePte == 1) &&
                (Pfn1->OriginalPte.u.Soft.Prototype == 1))
            {
                /* FIXME: We should return commit */
                DPRINT1("Not returning commit for prototype PTE\n");
            }

            /* Update the counter, and drop a reference the long way */
            InterlockedDecrementSizeT(&MmSystemLockPagesCount);
            PageFrameIndex = MiGetPfnEntryIndex(Pfn1);
            MiDecrementReferenceCount(Pfn1, PageFrameIndex);
            return;
        }

        /* Drop a reference the short way, and that's it */
        RefCount = InterlockedCompareExchange16((PSHORT)&Pfn1->u3.e2.ReferenceCount,
                                                OldRefCount - 1,
                                                OldRefCount);
        ASSERT(RefCount != 0);
    } while (OldRefCount != RefCount);

    /* If we got here, there should be more than one reference */
    ASSERT(RefCount > 1);
    if (RefCount == 2)
    {
        /* Is it still being shared? */
        if (Pfn1->u2.ShareCount >= 1)
        {
            /* Then it should be valid */
            ASSERT(Pfn1->u3.e1.PageLocation == ActiveAndValid);

            /* Is it a prototype PTE? */
            if ((Pfn1->u3.e1.PrototypePte == 1) &&
                (Pfn1->OriginalPte.u.Soft.Prototype == 1))
            {
                /* We don't handle ethis */
                ASSERT(FALSE);
            }

            /* Update the counter */
            InterlockedDecrementSizeT(&MmSystemLockPagesCount);
        }
    }
}

FORCEINLINE ULONG_PTR MiDetermineUserGlobalPteMask

(

IN PVOID

PointerPte

)

Definition at line 709 of file miarm.h.

Referenced by MI_MAKE_HARDWARE_PTE(), and MiResolveTransitionFault().

{
    MMPTE TempPte;

    /* Start fresh */
    TempPte.u.Long = 0;

    /* Make it valid and accessed */
    TempPte.u.Hard.Valid = TRUE;
    MI_MAKE_ACCESSED_PAGE(&TempPte);

    /* Is this for user-mode? */
    if (
#if (_MI_PAGING_LEVELS == 4)
        MiIsUserPxe(PointerPte) ||
#endif
#if (_MI_PAGING_LEVELS >= 3)
        MiIsUserPpe(PointerPte) ||
#endif
        MiIsUserPde(PointerPte) ||
        MiIsUserPte(PointerPte))
    {
        /* Set the owner bit */
        MI_MAKE_OWNER_PAGE(&TempPte);
    }

    /* FIXME: We should also set the global bit */

    /* Return the protection */
    return TempPte.u.Long;
}

FORCEINLINE VOID MiDropLockCount

(

IN PMMPFN

Pfn1

)

Definition at line 1402 of file miarm.h.

Referenced by MiResolveTransitionFault().

{
    /* This page shouldn't be locked, but it should be valid */
    ASSERT(Pfn1->u3.e2.ReferenceCount != 0);
    ASSERT(Pfn1->u2.ShareCount == 0);

    /* Is this the last reference to the page */
    if (Pfn1->u3.e2.ReferenceCount == 1)
    {
        /* It better not be valid */
        ASSERT(Pfn1->u3.e1.PageLocation != ActiveAndValid);

        /* Is it a prototype PTE? */
        if ((Pfn1->u3.e1.PrototypePte == 1) &&
            (Pfn1->OriginalPte.u.Soft.Prototype == 1))
        {
            /* FIXME: We should return commit */
            DPRINT1("Not returning commit for prototype PTE\n");
        }

        /* Update the counter */
        InterlockedDecrementSizeT(&MmSystemLockPagesCount);
    }
}

PFN_NUMBER NTAPI MiFindContiguousPages	(	IN PFN_NUMBER	LowestPfn,
		IN PFN_NUMBER	HighestPfn,
		IN PFN_NUMBER	BoundaryPfn,
		IN PFN_NUMBER	SizeInPages,
		IN MEMORY_CACHING_TYPE	CacheType
	)

Definition at line 22 of file contmem.c.

Referenced by MiFindContiguousMemory().

{
    PFN_NUMBER Page, PageCount, LastPage, Length, BoundaryMask;
    ULONG i = 0;
    PMMPFN Pfn1, EndPfn;
    KIRQL OldIrql;
    PAGED_CODE();
    ASSERT(SizeInPages != 0);

    //
    // Convert the boundary PFN into an alignment mask
    //
    BoundaryMask = ~(BoundaryPfn - 1);

    /* Disable APCs */
    KeEnterGuardedRegion();

    //
    // Loop all the physical memory blocks
    //
    do
    {
        //
        // Capture the base page and length of this memory block
        //
        Page = MmPhysicalMemoryBlock->Run[i].BasePage;
        PageCount = MmPhysicalMemoryBlock->Run[i].PageCount;

        //
        // Check how far this memory block will go
        //
        LastPage = Page + PageCount;

        //
        // Trim it down to only the PFNs we're actually interested in
        //
        if ((LastPage - 1) > HighestPfn) LastPage = HighestPfn + 1;
        if (Page < LowestPfn) Page = LowestPfn;

        //
        // Skip this run if it's empty or fails to contain all the pages we need
        //
        if (!(PageCount) || ((Page + SizeInPages) > LastPage)) continue;

        //
        // Now scan all the relevant PFNs in this run
        //
        Length = 0;
        for (Pfn1 = MI_PFN_ELEMENT(Page); Page < LastPage; Page++, Pfn1++)
        {
            //
            // If this PFN is in use, ignore it
            //
            if (MiIsPfnInUse(Pfn1))
            {
                Length = 0;
                continue;
            }

            //
            // If we haven't chosen a start PFN yet and the caller specified an
            // alignment, make sure the page matches the alignment restriction
            //
            if ((!(Length) && (BoundaryPfn)) &&
                (((Page ^ (Page + SizeInPages - 1)) & BoundaryMask)))
            {
                //
                // It does not, so bail out
                //
                continue;
            }

            //
            // Increase the number of valid pages, and check if we have enough
            //
            if (++Length == SizeInPages)
            {
                //
                // It appears we've amassed enough legitimate pages, rollback
                //
                Pfn1 -= (Length - 1);
                Page -= (Length - 1);

                //
                // Acquire the PFN lock
                //
                OldIrql = KeAcquireQueuedSpinLock(LockQueuePfnLock);
                do
                {
                    //
                    // Things might've changed for us. Is the page still free?
                    //
                    if (MiIsPfnInUse(Pfn1)) break;

                    //
                    // So far so good. Is this the last confirmed valid page?
                    //
                    if (!--Length)
                    {
                        //
                        // Sanity check that we didn't go out of bounds
                        //
                        ASSERT(i != MmPhysicalMemoryBlock->NumberOfRuns);

                        //
                        // Loop until all PFN entries have been processed
                        //
                        EndPfn = Pfn1 - SizeInPages + 1;
                        do
                        {
                            //
                            // This PFN is now a used page, set it up
                            //
                            MI_SET_USAGE(MI_USAGE_CONTINOUS_ALLOCATION);
                            MI_SET_PROCESS2("Kernel Driver");
                            MiUnlinkFreeOrZeroedPage(Pfn1);
                            Pfn1->u3.e2.ReferenceCount = 1;
                            Pfn1->u2.ShareCount = 1;
                            Pfn1->u3.e1.PageLocation = ActiveAndValid;
                            Pfn1->u3.e1.StartOfAllocation = 0;
                            Pfn1->u3.e1.EndOfAllocation = 0;
                            Pfn1->u3.e1.PrototypePte = 0;
                            Pfn1->u4.VerifierAllocation = 0;
                            Pfn1->PteAddress = (PVOID)0xBAADF00D;

                            //
                            // Check if this is the last PFN, otherwise go on
                            //
                            if (Pfn1 == EndPfn) break;
                            Pfn1--;
                        } while (TRUE);

                        //
                        // Mark the first and last PFN so we can find them later
                        //
                        Pfn1->u3.e1.StartOfAllocation = 1;
                        (Pfn1 + SizeInPages - 1)->u3.e1.EndOfAllocation = 1;

                        //
                        // Now it's safe to let go of the PFN lock
                        //
                        KeReleaseQueuedSpinLock(LockQueuePfnLock, OldIrql);

                        //
                        // Quick sanity check that the last PFN is consistent
                        //
                        EndPfn = Pfn1 + SizeInPages;
                        ASSERT(EndPfn == MI_PFN_ELEMENT(Page + 1));

                        //
                        // Compute the first page, and make sure it's consistent
                        //
                        Page = Page - SizeInPages + 1;
                        ASSERT(Pfn1 == MI_PFN_ELEMENT(Page));
                        ASSERT(Page != 0);

                        /* Enable APCs and return the page */
                        KeLeaveGuardedRegion();
                        return Page;
                    }

                    //
                    // Keep going. The purpose of this loop is to reconfirm that
                    // after acquiring the PFN lock these pages are still usable
                    //
                    Pfn1++;
                    Page++;
                } while (TRUE);

                //
                // If we got here, something changed while we hadn't acquired
                // the PFN lock yet, so we'll have to restart
                //
                KeReleaseQueuedSpinLock(LockQueuePfnLock, OldIrql);
                Length = 0;
            }
        }
    } while (++i != MmPhysicalMemoryBlock->NumberOfRuns);

    //
    // And if we get here, it means no suitable physical memory runs were found
    //
    KeLeaveGuardedRegion();
    return 0;
}

NTSTATUS NTAPI MiFindEmptyAddressRangeDownBasedTree	(	IN SIZE_T	Length,
		IN ULONG_PTR	BoundaryAddress,
		IN ULONG_PTR	Alignment,
		IN PMM_AVL_TABLE	Table,
		OUT PULONG_PTR	Base
	)

Definition at line 707 of file vadnode.c.

Referenced by MmCreateArm3Section().

{
    PMMADDRESS_NODE Node, LowestNode;
    ULONG_PTR LowVpn, BestVpn;

    /* Sanity checks */
    ASSERT(Table == &MmSectionBasedRoot);
    ASSERT(BoundaryAddress);
    ASSERT(BoundaryAddress <= ((ULONG_PTR)MM_HIGHEST_VAD_ADDRESS + 1));

    /* Compute page length, make sure the boundary address is valid */
    Length = ROUND_TO_PAGES(Length);
    if ((BoundaryAddress + 1) < Length) return STATUS_NO_MEMORY;

    /* Check if the table is empty */
    BestVpn = ROUND_DOWN(BoundaryAddress + 1 - Length, Alignment);
    if (Table->NumberGenericTableElements == 0)
    {
        /* Tree is empty, the candidate address is already the best one */
        *Base = BestVpn;
        return STATUS_SUCCESS;
    }

    /* Go to the right-most node which should be the biggest address */
    Node = Table->BalancedRoot.RightChild;
    while (RtlRightChildAvl(Node)) Node = RtlRightChildAvl(Node);

    /* Check if we can fit in here */
    LowVpn = ROUND_UP(Node->EndingVpn + 1, Alignment);
    if ((LowVpn < BoundaryAddress) && (Length <= (BoundaryAddress - LowVpn)))
    {
#if (NTDDI_VERSION >= NTDDI_VISTA)
        /* Return the address. */
        *Base = BestVpn;
#else
        /* Note: this is a compatibility hack that mimics a bug in the 2k3
           kernel. It will can waste up to Alignment bytes of memory above
           the allocation. This bug was fixed in Windows Vista */
        *Base = ROUND_DOWN(BoundaryAddress - Length, Alignment);
#endif
        return STATUS_SUCCESS;
    }

    /* Now loop the Vad nodes */
    do
    {
        /* Break out if we've reached the last node */
        LowestNode = MiGetPreviousNode(Node);
        if (!LowestNode) break;

        /* Check if this node could contain the requested address */
        LowVpn = ROUND_UP(LowestNode->EndingVpn + 1, Alignment);
        if ((LowestNode->EndingVpn < BestVpn) &&
            (LowVpn < Node->StartingVpn) &&
            (Length <= (Node->StartingVpn - LowVpn)))
        {
            /* Check if we need to take BoundaryAddress into account */
            if (BoundaryAddress < Node->StartingVpn)
            {
                /* Return the optimal VPN address */
                *Base = BestVpn;
                return STATUS_SUCCESS;
            }
            else
            {
                /* The upper margin is given by the Node's starting address */
                *Base = ROUND_DOWN(Node->StartingVpn - Length, Alignment);
                return STATUS_SUCCESS;
            }
        }

        /* Move to the next node */
        Node = LowestNode;
    } while (TRUE);

    /* Check if there's enough space before the lowest Vad */
    if ((Node->StartingVpn > (ULONG_PTR)MI_LOWEST_VAD_ADDRESS) &&
        ((Node->StartingVpn - (ULONG_PTR)MI_LOWEST_VAD_ADDRESS) >= Length))
    {
        /* Check if it fits in perfectly */
        if (BoundaryAddress < Node->StartingVpn)
        {
            /* Return the optimal VPN address */
            *Base = BestVpn;
            return STATUS_SUCCESS;
        }

        /* Return an aligned base address within this node */
        *Base = ROUND_DOWN(Node->StartingVpn - Length, Alignment);
        return STATUS_SUCCESS;
    }

    /* No address space left at all */
    return STATUS_NO_MEMORY;
}

TABLE_SEARCH_RESULT NTAPI MiFindEmptyAddressRangeDownTree	(	IN SIZE_T	Length,
		IN ULONG_PTR	BoundaryAddress,
		IN ULONG_PTR	Alignment,
		IN PMM_AVL_TABLE	Table,
		OUT PULONG_PTR	Base,
		OUT PMMADDRESS_NODE *	Parent
	)

Definition at line 597 of file vadnode.c.

Referenced by MiInsertVadEx(), and MmFindGap().

{
    PMMADDRESS_NODE Node, OldNode, Child;
    ULONG_PTR LowVpn, HighVpn, AlignmentVpn;
    PFN_NUMBER PageCount;

    /* Sanity checks */
    ASSERT(BoundaryAddress);
    ASSERT(BoundaryAddress <= ((ULONG_PTR)MM_HIGHEST_VAD_ADDRESS));
    ASSERT((Alignment & (PAGE_SIZE - 1)) == 0);

    /* Calculate page numbers for the length and alignment */
    Length = ROUND_TO_PAGES(Length);
    PageCount = Length >> PAGE_SHIFT;
    AlignmentVpn = Alignment / PAGE_SIZE;

    /* Check for kernel mode table (memory areas) */
    if (Table->Unused == 1)
    {
        LowVpn = ALIGN_UP_BY((ULONG_PTR)MmSystemRangeStart >> PAGE_SHIFT, AlignmentVpn);
    }
    else
    {
        LowVpn = ALIGN_UP_BY((ULONG_PTR)MM_LOWEST_USER_ADDRESS, Alignment);
    }

    /* Check if there is enough space below the boundary */
    if ((LowVpn + Length) > (BoundaryAddress + 1))
    {
        return TableFoundNode;
    }

    /* Check if the table is empty */
    if (Table->NumberGenericTableElements == 0)
    {
        /* Tree is empty, the candidate address is already the best one */
        *Base = ALIGN_DOWN_BY(BoundaryAddress + 1 - Length, Alignment);
        return TableEmptyTree;
    }

    /* Calculate the initial upper margin */
    HighVpn = (BoundaryAddress + 1) >> PAGE_SHIFT;

    /* Starting from the root, follow the right children until we found a node
       that ends above the boundary */
    Node = RtlRightChildAvl(&Table->BalancedRoot);
    while ((Node->EndingVpn < HighVpn) &&
           ((Child = RtlRightChildAvl(Node)) != NULL)) Node = Child;

    /* Now loop the Vad nodes */
    while (Node)
    {
        /* Calculate the lower margin */
        LowVpn = ALIGN_UP_BY(Node->EndingVpn + 1, AlignmentVpn);

        /* Check if the current bounds are suitable */
        if ((HighVpn > LowVpn) && ((HighVpn - LowVpn) >= PageCount))
        {
            /* There is enough space to add our node */
            LowVpn = ALIGN_DOWN_BY(HighVpn - PageCount, AlignmentVpn);
            *Base = LowVpn << PAGE_SHIFT;

            /* Can we use the current node as parent? */
            if (!RtlRightChildAvl(Node))
            {
                /* Node has no right child, so use it as parent */
                *Parent = Node;
                return TableInsertAsRight;
            }
            else
            {
                /* Node has a right child, the node we had before is the most
                   left grandchild of that right child, use it as parent. */
                *Parent = OldNode;
                return TableInsertAsLeft;
            }
        }

        /* Update the upper margin if necessary */
        if (Node->StartingVpn < HighVpn) HighVpn = Node->StartingVpn;

        /* Remember the current node and go to the previous node */
        OldNode = Node;
        Node = MiGetPreviousNode(Node);
    }

    /* Check if there's enough space before the lowest Vad */
    LowVpn = ALIGN_UP_BY((ULONG_PTR)MI_LOWEST_VAD_ADDRESS, Alignment) / PAGE_SIZE;
    if ((HighVpn > LowVpn) && ((HighVpn - LowVpn) >= PageCount))
    {
        /* There is enough space to add our address */
        LowVpn = ALIGN_DOWN_BY(HighVpn - PageCount, Alignment >> PAGE_SHIFT);
        *Base = LowVpn << PAGE_SHIFT;
        *Parent = OldNode;
        return TableInsertAsLeft;
    }

    /* No address space left at all */
    *Base = 0;
    *Parent = NULL;
    return TableFoundNode;
}