ReactOS 0.4.15-dev-7085-g12a5971
Macros | Functions | Variables
drvmgmt.c File Reference
#include <ntoskrnl.h>
#include <debug.h>
#include <mm/ARM3/miarm.h>
Include dependency graph for drvmgmt.c:

Go to the source code of this file.

Macros

#define NDEBUG
 
#define MODULE_INVOLVED_IN_ARM3
 

Functions

VOID NTAPI MmUnlockPageableImageSection (IN PVOID ImageSectionHandle)
 
VOID NTAPI MmLockPageableSectionByHandle (IN PVOID ImageSectionHandle)
 
PVOID NTAPI MmLockPageableDataSection (IN PVOID AddressWithinSection)
 
ULONG NTAPI MmTrimAllSystemPageableMemory (IN ULONG PurgeTransitionList)
 
NTSTATUS NTAPI MmAddVerifierThunks (IN PVOID ThunkBuffer, IN ULONG ThunkBufferSize)
 
LOGICAL NTAPI MmIsDriverVerifying (IN PDRIVER_OBJECT DriverObject)
 
NTSTATUS NTAPI MmIsVerifierEnabled (OUT PULONG VerifierFlags)
 

Variables

MM_DRIVER_VERIFIER_DATA MmVerifierData
 
LIST_ENTRY MiVerifierDriverAddedThunkListHead
 
ULONG MiActiveVerifierThunks
 
WCHAR MmVerifyDriverBuffer [512] = {0}
 
ULONG MmVerifyDriverBufferLength = sizeof(MmVerifyDriverBuffer)
 
ULONG MmVerifyDriverBufferType = REG_NONE
 
ULONG MmVerifyDriverLevel = -1
 
PVOID MmTriageActionTaken
 
PVOID KernelVerifier
 

Macro Definition Documentation

◆ MODULE_INVOLVED_IN_ARM3

#define MODULE_INVOLVED_IN_ARM3

Definition at line 15 of file drvmgmt.c.

◆ NDEBUG

#define NDEBUG

Definition at line 12 of file drvmgmt.c.

Function Documentation

◆ MmAddVerifierThunks()

NTSTATUS NTAPI MmAddVerifierThunks ( IN PVOID  ThunkBuffer,
IN ULONG  ThunkBufferSize 
)

Definition at line 82 of file drvmgmt.c.

84{
85 PDRIVER_VERIFIER_THUNK_PAIRS ThunkTable;
86 ULONG ThunkCount;
87 PDRIVER_SPECIFIED_VERIFIER_THUNKS DriverThunks;
88 PLDR_DATA_TABLE_ENTRY LdrEntry;
89 PVOID ModuleBase, ModuleEnd;
90 ULONG i;
91 NTSTATUS Status = STATUS_SUCCESS;
92 PAGED_CODE();
93
94 //
95 // Make sure the driver verifier is initialized
96 //
97 if (!MiVerifierDriverAddedThunkListHead.Flink) return STATUS_NOT_SUPPORTED;
98
99 //
100 // Get the thunk pairs and count them
101 //
102 ThunkCount = ThunkBufferSize / sizeof(DRIVER_VERIFIER_THUNK_PAIRS);
103 if (!ThunkCount) return STATUS_INVALID_PARAMETER_1;
104
105 //
106 // Now allocate our own thunk table
107 //
108 DriverThunks = ExAllocatePoolWithTag(PagedPool,
109 sizeof(*DriverThunks) +
110 ThunkCount *
111 sizeof(DRIVER_VERIFIER_THUNK_PAIRS),
112 'tVmM');
113 if (!DriverThunks) return STATUS_INSUFFICIENT_RESOURCES;
114
115 //
116 // Now copy the driver-fed part
117 //
118 ThunkTable = (PDRIVER_VERIFIER_THUNK_PAIRS)(DriverThunks + 1);
119 RtlCopyMemory(ThunkTable,
120 ThunkBuffer,
121 ThunkCount * sizeof(DRIVER_VERIFIER_THUNK_PAIRS));
122
123 //
124 // Acquire the system load lock
125 //
126 KeEnterCriticalRegion();
127 KeWaitForSingleObject(&MmSystemLoadLock,
128 WrVirtualMemory,
129 KernelMode,
130 FALSE,
131 NULL);
132
133 //
134 // Get the loader entry
135 //
136 LdrEntry = MiLookupDataTableEntry(ThunkTable->PristineRoutine);
137 if (!LdrEntry)
138 {
139 //
140 // Fail
141 //
142 Status = STATUS_INVALID_PARAMETER_2;
143 goto Cleanup;
144 }
145
146 //
147 // Get driver base and end
148 //
149 ModuleBase = LdrEntry->DllBase;
150 ModuleEnd = (PVOID)((ULONG_PTR)LdrEntry->DllBase + LdrEntry->SizeOfImage);
151
152 //
153 // Don't allow hooking the kernel or HAL
154 //
155 if (ModuleBase < (PVOID)(KSEG0_BASE + MmBootImageSize))
156 {
157 //
158 // Fail
159 //
160 Status = STATUS_INVALID_PARAMETER_2;
161 goto Cleanup;
162 }
163
164 //
165 // Loop all the thunks
166 //
167 for (i = 0; i < ThunkCount; i++)
168 {
169 //
170 // Make sure it's in the driver
171 //
172 if (((ULONG_PTR)ThunkTable->PristineRoutine < (ULONG_PTR)ModuleBase) ||
173 ((ULONG_PTR)ThunkTable->PristineRoutine >= (ULONG_PTR)ModuleEnd))
174 {
175 //
176 // Nope, fail
177 //
178 Status = STATUS_INVALID_PARAMETER_2;
179 goto Cleanup;
180 }
181 }
182
183 //
184 // Otherwise, add this entry
185 //
186 DriverThunks->DataTableEntry = LdrEntry;
187 DriverThunks->NumberOfThunks = ThunkCount;
188 MiActiveVerifierThunks++;
189 InsertTailList(&MiVerifierDriverAddedThunkListHead,
190 &DriverThunks->ListEntry);
191 DriverThunks = NULL;
192
193Cleanup:
194 //
195 // Release the lock
196 //
197 KeReleaseMutant(&MmSystemLoadLock, MUTANT_INCREMENT, FALSE, FALSE);
198 KeLeaveCriticalRegion();
199
200 //
201 // Free the table if we failed and return status
202 //
203 if (DriverThunks) ExFreePoolWithTag(DriverThunks, 'tVmM');
204 return Status;
205}
PAGED_CODE
#define PAGED_CODE()
Definition: Bus_PDO_QueryResourceRequirements.c:89
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
NULL
#define NULL
Definition: types.h:112
FALSE
#define FALSE
Definition: types.h:117
Cleanup
static const WCHAR Cleanup[]
Definition: register.c:80
ULONG_PTR
#define ULONG_PTR
Definition: config.h:101
MiActiveVerifierThunks
ULONG MiActiveVerifierThunks
Definition: drvmgmt.c:22
MiVerifierDriverAddedThunkListHead
LIST_ENTRY MiVerifierDriverAddedThunkListHead
Definition: drvmgmt.c:21
InsertTailList
#define InsertTailList(ListHead, Entry)
Definition: env_spec_w32.h:1003
ExAllocatePoolWithTag
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
KeWaitForSingleObject
#define KeWaitForSingleObject(pEvt, foo, a, b, c)
Definition: env_spec_w32.h:478
PagedPool
#define PagedPool
Definition: env_spec_w32.h:308
Status
Status
Definition: gdiplustypes.h:25
i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
KeLeaveCriticalRegion
#define KeLeaveCriticalRegion()
Definition: ke_x.h:119
KeEnterCriticalRegion
#define KeEnterCriticalRegion()
Definition: ke_x.h:88
MiLookupDataTableEntry
PLDR_DATA_TABLE_ENTRY NTAPI MiLookupDataTableEntry(IN PVOID Address)
Definition: sysldr.c:3514
ExFreePoolWithTag
#define ExFreePoolWithTag(_P, _T)
Definition: module.h:1109
KernelMode
#define KernelMode
Definition: asm.h:34
KSEG0_BASE
#define KSEG0_BASE
Definition: ketypes.h:339
MUTANT_INCREMENT
#define MUTANT_INCREMENT
Definition: extypes.h:84
DRIVER_VERIFIER_THUNK_PAIRS
struct _DRIVER_VERIFIER_THUNK_PAIRS DRIVER_VERIFIER_THUNK_PAIRS
PDRIVER_VERIFIER_THUNK_PAIRS
struct _DRIVER_VERIFIER_THUNK_PAIRS * PDRIVER_VERIFIER_THUNK_PAIRS
MmSystemLoadLock
KMUTANT MmSystemLoadLock
Definition: sysldr.c:26
KeReleaseMutant
LONG NTAPI KeReleaseMutant(IN PKMUTANT Mutant, IN KPRIORITY Increment, IN BOOLEAN Abandon, IN BOOLEAN Wait)
Definition: mutex.c:98
MmBootImageSize
ULONG MmBootImageSize
Definition: init.c:49
STATUS_INVALID_PARAMETER_2
#define STATUS_INVALID_PARAMETER_2
Definition: ntstatus.h:476
STATUS_NOT_SUPPORTED
#define STATUS_NOT_SUPPORTED
Definition: ntstatus.h:423
STATUS_INVALID_PARAMETER_1
#define STATUS_INVALID_PARAMETER_1
Definition: ntstatus.h:475
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
_DRIVER_SPECIFIED_VERIFIER_THUNKS
Definition: mmtypes.h:1019
_DRIVER_SPECIFIED_VERIFIER_THUNKS::NumberOfThunks
ULONG NumberOfThunks
Definition: mmtypes.h:1022
_DRIVER_SPECIFIED_VERIFIER_THUNKS::ListEntry
LIST_ENTRY ListEntry
Definition: mmtypes.h:1020
_DRIVER_SPECIFIED_VERIFIER_THUNKS::DataTableEntry
struct _LDR_DATA_TABLE_ENTRY * DataTableEntry
Definition: mmtypes.h:1021
_DRIVER_VERIFIER_THUNK_PAIRS
Definition: ntddk.template.h:194
_DRIVER_VERIFIER_THUNK_PAIRS::PristineRoutine
PDRIVER_VERIFIER_THUNK_ROUTINE PristineRoutine
Definition: ntddk.template.h:195
_LDR_DATA_TABLE_ENTRY
Definition: btrfs_drv.h:1876
_LDR_DATA_TABLE_ENTRY::SizeOfImage
ULONG SizeOfImage
Definition: ldrtypes.h:143
_LDR_DATA_TABLE_ENTRY::DllBase
PVOID DllBase
Definition: btrfs_drv.h:1880
_LIST_ENTRY::Flink
struct _LIST_ENTRY * Flink
Definition: typedefs.h:121
PVOID
void * PVOID
Definition: typedefs.h:50
RtlCopyMemory
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
ULONG_PTR
uint32_t ULONG_PTR
Definition: typedefs.h:65
ULONG
uint32_t ULONG
Definition: typedefs.h:59
STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
WrVirtualMemory
@ WrVirtualMemory
Definition: ketypes.h:433
ThunkBufferSize
_In_ ULONG ThunkBufferSize
Definition: mmfuncs.h:699

◆ MmIsDriverVerifying()

LOGICAL NTAPI MmIsDriverVerifying ( IN PDRIVER_OBJECT  DriverObject)

Definition at line 212 of file drvmgmt.c.

213{
214 PLDR_DATA_TABLE_ENTRY LdrEntry;
215
216 //
217 // Get the loader entry
218 //
219 LdrEntry = (PLDR_DATA_TABLE_ENTRY)DriverObject->DriverSection;
220 if (!LdrEntry) return FALSE;
221
222 //
223 // Check if we're verifying or not
224 //
225 return (LdrEntry->Flags & LDRP_IMAGE_VERIFYING) ? TRUE: FALSE;
226}
PLDR_DATA_TABLE_ENTRY
struct _LDR_DATA_TABLE_ENTRY * PLDR_DATA_TABLE_ENTRY
TRUE
#define TRUE
Definition: types.h:120
LDRP_IMAGE_VERIFYING
#define LDRP_IMAGE_VERIFYING
Definition: ldrtypes.h:55
if
if(dx< 0)
Definition: linetemp.h:194
_LDR_DATA_TABLE_ENTRY::Flags
ULONG Flags
Definition: ntddk_ex.h:207
DriverObject
_Must_inspect_result_ _In_ PDRIVER_OBJECT DriverObject
Definition: wdfdriver.h:213

Referenced by IsWindowsVerifierOn().

◆ MmIsVerifierEnabled()

NTSTATUS NTAPI MmIsVerifierEnabled ( OUT PULONG  VerifierFlags)

Definition at line 233 of file drvmgmt.c.

234{
235 //
236 // Check if we've actually added anything to the list
237 //
238 if (MiVerifierDriverAddedThunkListHead.Flink)
239 {
240 //
241 // We have, read the verifier level
242 //
243 *VerifierFlags = MmVerifierData.Level;
244 return STATUS_SUCCESS;
245 }
246
247 //
248 // Otherwise, we're disabled
249 //
250 *VerifierFlags = 0;
251 return STATUS_NOT_SUPPORTED;
252}
MmVerifierData
MM_DRIVER_VERIFIER_DATA MmVerifierData
Definition: drvmgmt.c:20
_MM_DRIVER_VERIFIER_DATA::Level
ULONG Level
Definition: mmtypes.h:986

◆ MmLockPageableDataSection()

PVOID NTAPI MmLockPageableDataSection ( IN PVOID  AddressWithinSection)

Definition at line 57 of file drvmgmt.c.

58{
59 //
60 // We should just find the section and call MmLockPageableSectionByHandle
61 //
62 static ULONG Warn; if (!Warn++) UNIMPLEMENTED;
63 return AddressWithinSection;
64}
UNIMPLEMENTED
#define UNIMPLEMENTED
Definition: debug.h:115
Warn
@ Warn
Definition: video.h:589

◆ MmLockPageableSectionByHandle()

VOID NTAPI MmLockPageableSectionByHandle ( IN PVOID  ImageSectionHandle)

Definition at line 47 of file drvmgmt.c.

48{
49 UNIMPLEMENTED;
50}

◆ MmTrimAllSystemPageableMemory()

ULONG NTAPI MmTrimAllSystemPageableMemory ( IN ULONG  PurgeTransitionList)

Definition at line 71 of file drvmgmt.c.

72{
73 UNIMPLEMENTED;
74 return 0;
75}

◆ MmUnlockPageableImageSection()

VOID NTAPI MmUnlockPageableImageSection ( IN PVOID  ImageSectionHandle)

Definition at line 37 of file drvmgmt.c.

38{
39 static ULONG Warn; if (!Warn++) UNIMPLEMENTED;
40}

Variable Documentation

◆ KernelVerifier

PVOID KernelVerifier

Definition at line 28 of file drvmgmt.c.

◆ MiActiveVerifierThunks

ULONG MiActiveVerifierThunks

Definition at line 22 of file drvmgmt.c.

Referenced by MmAddVerifierThunks().

◆ MiVerifierDriverAddedThunkListHead

LIST_ENTRY MiVerifierDriverAddedThunkListHead

Definition at line 21 of file drvmgmt.c.

Referenced by MmAddVerifierThunks(), and MmIsVerifierEnabled().

◆ MmTriageActionTaken

PVOID MmTriageActionTaken

Definition at line 27 of file drvmgmt.c.

◆ MmVerifierData

MM_DRIVER_VERIFIER_DATA MmVerifierData

Definition at line 20 of file drvmgmt.c.

Referenced by MmIsVerifierEnabled().

◆ MmVerifyDriverBuffer

WCHAR MmVerifyDriverBuffer[512] = {0}

Definition at line 23 of file drvmgmt.c.

◆ MmVerifyDriverBufferLength

ULONG MmVerifyDriverBufferLength = sizeof(MmVerifyDriverBuffer)

Definition at line 24 of file drvmgmt.c.

◆ MmVerifyDriverBufferType

ULONG MmVerifyDriverBufferType = REG_NONE

Definition at line 25 of file drvmgmt.c.

◆ MmVerifyDriverLevel

ULONG MmVerifyDriverLevel = -1

Definition at line 26 of file drvmgmt.c.