quota.c

Go to the documentation of this file.

/*
 * PROJECT:         ReactOS Kernel
 * LICENSE:         GPL-2.0-or-later (https://spdx.org/licenses/GPL-2.0-or-later)
 * PURPOSE:         Process Pool Quotas Support
 * COPYRIGHT:       Copyright 2005 Alex Ionescu <alex@relsoft.net>
 *                  Copyright 2007 Mike Nordell
 *                  Copyright 2021 George Bișoc <george.bisoc@reactos.org>
 */
 
/* INCLUDES **************************************************************/
 
#include <ntoskrnl.h>
#define NDEBUG
#include <debug.h>
 
EPROCESS_QUOTA_BLOCK PspDefaultQuotaBlock;
static LIST_ENTRY PspQuotaBlockList = {&PspQuotaBlockList, &PspQuotaBlockList};
static KSPIN_LOCK PspQuotaLock;
 
#define VALID_QUOTA_FLAGS (QUOTA_LIMITS_HARDWS_MIN_ENABLE | \
                           QUOTA_LIMITS_HARDWS_MIN_DISABLE | \
                           QUOTA_LIMITS_HARDWS_MAX_ENABLE | \
                           QUOTA_LIMITS_HARDWS_MAX_DISABLE)
 
/* PRIVATE FUNCTIONS *******************************************************/
 
_Requires_lock_held_(PspQuotaLock)
VOID
NTAPI
PspReturnQuotasOnDestroy(
    _In_ PEPROCESS_QUOTA_BLOCK QuotaBlock)
{
    ULONG PsQuotaTypeIndex;
    SIZE_T QuotaToReturn;
 
    /*
     * We must be in a dispatch level interrupt here
     * as we should be under a spin lock.
     */
    ASSERT_IRQL_EQUAL(DISPATCH_LEVEL);
 
    /* Make sure that the quota block is not plain garbage */
    ASSERT(QuotaBlock);
 
    /* Loop over the Process quota types */
    for (PsQuotaTypeIndex = PsNonPagedPool; PsQuotaTypeIndex < PsPageFile; PsQuotaTypeIndex++)
    {
        /* The amount needed to return to Mm is the limit and return fields */
        QuotaToReturn = QuotaBlock->QuotaEntry[PsQuotaTypeIndex].Limit + QuotaBlock->QuotaEntry[PsQuotaTypeIndex].Return;
        MmReturnPoolQuota(PsQuotaTypeIndex, QuotaToReturn);
    }
}
 
_Requires_lock_held_(PspQuotaLock)
VOID
NTAPI
PspReturnExcessQuotas(
    _In_ PS_QUOTA_TYPE QuotaType,
    _Outptr_ PSIZE_T ReturnedQuotas)
{
    PLIST_ENTRY PspQuotaList;
    PEPROCESS_QUOTA_BLOCK QuotaBlockFromList;
    SIZE_T AmountToReturn = 0;
 
    /*
     * We must be in a dispatch level interrupt here
     * as we should be under a spin lock.
     */
    ASSERT_IRQL_EQUAL(DISPATCH_LEVEL);
 
    /*
     * Loop over the quota block lists and reap
     * whatever quotas we haven't returned which
     * is needed to free up resources.
     */
    for (PspQuotaList = PspQuotaBlockList.Flink;
         PspQuotaList != &PspQuotaBlockList;
         PspQuotaList = PspQuotaList->Flink)
    {
        /* Gather the quota block from the list */
        QuotaBlockFromList = CONTAINING_RECORD(PspQuotaList, EPROCESS_QUOTA_BLOCK, QuotaList);
 
        /*
         * Gather any unreturned quotas and cache
         * them to a variable.
         */
        AmountToReturn += InterlockedExchangeSizeT(&QuotaBlockFromList->QuotaEntry[QuotaType].Return, 0);
 
        /*
         * If no other process is taking use of this
         * block, then it means that this block has
         * only shared pool quota and the last process
         * no longer uses this block. If the limit is
         * grater than the usage then trim the limit
         * and use that as additional amount of quota
         * to return.
         */
        if (QuotaBlockFromList->ProcessCount == 0)
        {
            if (QuotaBlockFromList->QuotaEntry[QuotaType].Usage <
                QuotaBlockFromList->QuotaEntry[QuotaType].Limit)
            {
                InterlockedExchangeSizeT(&QuotaBlockFromList->QuotaEntry[QuotaType].Limit,
                                         QuotaBlockFromList->QuotaEntry[QuotaType].Usage);
                AmountToReturn += QuotaBlockFromList->QuotaEntry[QuotaType].Limit;
            }
        }
    }
 
    /* Invoke Mm to return quotas */
    DPRINT("PspReturnExcessQuotas(): Amount of quota released -- %lu\n", AmountToReturn);
    MmReturnPoolQuota(QuotaType, AmountToReturn);
    *ReturnedQuotas = AmountToReturn;
}
 
NTSTATUS
NTAPI
PspChargeProcessQuotaSpecifiedPool(
    _In_opt_ PEPROCESS Process,
    _In_ PEPROCESS_QUOTA_BLOCK QuotaBlock,
    _In_ PS_QUOTA_TYPE QuotaType,
    _In_ SIZE_T Amount)
{
    KIRQL OldIrql;
    SIZE_T ReturnedQuotas;
    SIZE_T UpdatedLimit;
 
    /* Sanity checks */
    ASSERT(QuotaType < PsQuotaTypes);
    ASSERT((SSIZE_T)Amount >= 0);
 
    /* Guard ourselves in a spin lock */
    KeAcquireSpinLock(&PspQuotaLock, &OldIrql);
 
    /* Are we within the bounds of quota limit? */
    if (QuotaBlock->QuotaEntry[QuotaType].Usage + Amount >
        QuotaBlock->QuotaEntry[QuotaType].Limit &&
        QuotaBlock != &PspDefaultQuotaBlock)
    {
        /* We aren't... Is this a page file quota charging? */
        if (QuotaType == PsPageFile)
        {
            /* It is, return the appropriate status code */
            DPRINT1("PspChargeProcessQuotaSpecifiedPool(): Quota amount exceeds the limit on page file quota (limit -- %lu || amount -- %lu)\n",
                    QuotaBlock->QuotaEntry[QuotaType].Limit, Amount);
            return STATUS_PAGEFILE_QUOTA_EXCEEDED;
        }
 
        /*
         * This is not a page file charge. What we can do at best
         * in this scenario is to attempt to raise (expand) the
         * quota limit charges of the block.
         */
        if (!MmRaisePoolQuota(QuotaType,
                              QuotaBlock->QuotaEntry[QuotaType].Limit,
                              &UpdatedLimit))
        {
            /*
             * We can't? It could be that we must free
             * up some resources in order to raise the
             * limit, which in that case we must return
             * the excess of quota that hasn't been
             * returned. If we haven't returned anything
             * then what we're doing here is futile.
             * Bail out...
             */
            PspReturnExcessQuotas(QuotaType, &ReturnedQuotas);
            if (ReturnedQuotas == 0)
            {
                DPRINT1("PspChargeProcessQuotaSpecifiedPool(): Failed to free some resources in order to raise quota limits...\n");
                KeReleaseSpinLock(&PspQuotaLock, OldIrql);
                return STATUS_QUOTA_EXCEEDED;
            }
 
            /* Try to raise the quota limits again */
            MmRaisePoolQuota(QuotaType,
                             QuotaBlock->QuotaEntry[QuotaType].Limit,
                             &UpdatedLimit);
        }
 
        /* Enforce a new raised limit */
        InterlockedExchangeSizeT(&QuotaBlock->QuotaEntry[QuotaType].Limit, UpdatedLimit);
 
        /*
         * Now determine if the current usage and the
         * amounting by the caller still exceeds the
         * quota limit of the process. If it's still
         * over the limit then there's nothing we can
         * do, so fail.
         */
        if (QuotaBlock->QuotaEntry[QuotaType].Usage + Amount >
            QuotaBlock->QuotaEntry[QuotaType].Limit)
        {
            DPRINT1("PspChargeProcessQuotaSpecifiedPool(): Quota amount exceeds the limit (limit -- %lu || amount -- %lu)\n",
                    QuotaBlock->QuotaEntry[QuotaType].Limit, Amount);
            return STATUS_QUOTA_EXCEEDED;
        }
    }
 
    /* Update the quota usage */
    InterlockedExchangeAddSizeT(&QuotaBlock->QuotaEntry[QuotaType].Usage, Amount);
 
    /* Update the entry peak if it's less than the usage */
    if (QuotaBlock->QuotaEntry[QuotaType].Peak <
        QuotaBlock->QuotaEntry[QuotaType].Usage)
    {
        InterlockedExchangeSizeT(&QuotaBlock->QuotaEntry[QuotaType].Peak,
                                 QuotaBlock->QuotaEntry[QuotaType].Usage);
    }
 
    /* Are we being given a process as well? */
    if (Process)
    {
        /* We're being given, check that's not a system one */
        ASSERT(Process != PsInitialSystemProcess);
 
        InterlockedExchangeAddSizeT(&Process->QuotaUsage[QuotaType], Amount);
 
        /*
         * OK, we've now updated the quota usage of the process
         * based upon the amount that the caller wanted to charge.
         * Although the peak of process quota can be less than it was
         * before so update the peaks as well accordingly.
         */
        if (Process->QuotaPeak[QuotaType] < Process->QuotaUsage[QuotaType])
        {
            InterlockedExchangeSizeT(&Process->QuotaPeak[QuotaType],
                                     Process->QuotaUsage[QuotaType]);
        }
    }
 
    /* Release the lock */
    KeReleaseSpinLock(&PspQuotaLock, OldIrql);
    return STATUS_SUCCESS;
}
 
VOID
NTAPI
PspReturnProcessQuotaSpecifiedPool(
    _In_opt_ PEPROCESS Process,
    _In_ PEPROCESS_QUOTA_BLOCK QuotaBlock,
    _In_ PS_QUOTA_TYPE QuotaType,
    _In_ SIZE_T Amount)
{
    KIRQL OldIrql;
    SIZE_T ReturnThreshold;
    SIZE_T AmountToReturn = 0;
 
    /* Sanity checks */
    ASSERT(QuotaType < PsQuotaTypes);
    ASSERT((SSIZE_T)Amount >= 0);
 
    /* Guard ourselves in a spin lock */
    KeAcquireSpinLock(&PspQuotaLock, &OldIrql);
 
    /* Does the caller return more quota than it was previously charged? */
    if ((Process && Process->QuotaUsage[QuotaType] < Amount) ||
        QuotaBlock->QuotaEntry[QuotaType].Usage < Amount)
    {
        /* It does, crash the system! */
        KeBugCheckEx(QUOTA_UNDERFLOW,
                     (ULONG_PTR)Process,
                     (ULONG_PTR)QuotaType,
                     Process ? (ULONG_PTR)Process->QuotaUsage[QuotaType] :
                               QuotaBlock->QuotaEntry[QuotaType].Usage,
                     (ULONG_PTR)Amount);
    }
 
    /* The return threshold can be non paged or paged */
    ReturnThreshold = QuotaType ? PSP_NON_PAGED_POOL_QUOTA_THRESHOLD : PSP_PAGED_POOL_QUOTA_THRESHOLD;
 
    /*
     * We need to trim the quota limits based on the
     * amount we're going to return quotas back.
     */
    if ((QuotaType != PsPageFile && QuotaBlock != &PspDefaultQuotaBlock) &&
        (QuotaBlock->QuotaEntry[QuotaType].Limit > QuotaBlock->QuotaEntry[QuotaType].Usage + ReturnThreshold))
    {
        /*
         * If the amount to return exceeds the threshold,
         * the new amount becomes the default, otherwise
         * the amount is just the one given by the caller.
         */
        AmountToReturn = min(Amount, ReturnThreshold);
 
        /* Add up the lots to the Return field */
        InterlockedExchangeAddSizeT(&QuotaBlock->QuotaEntry[QuotaType].Return, AmountToReturn);
 
        /*
         * If the amount to return exceeds the threshold then
         * we have lots of quota to return to Mm. So do it so
         * and zerou out the Return field.
         */
        if (QuotaBlock->QuotaEntry[QuotaType].Return > ReturnThreshold)
        {
            MmReturnPoolQuota(QuotaType, QuotaBlock->QuotaEntry[QuotaType].Return);
            InterlockedExchangeSizeT(QuotaBlock->QuotaEntry[QuotaType].Return, 0);
        }
 
        /* And try to trim the limit */
        InterlockedExchangeSizeT(&QuotaBlock->QuotaEntry[QuotaType].Limit,
                                 QuotaBlock->QuotaEntry[QuotaType].Limit - AmountToReturn);
    }
 
    /* Update the usage member of the block */
    InterlockedExchangeAddSizeT(&QuotaBlock->QuotaEntry[QuotaType].Usage, -(LONG_PTR)Amount);
 
    /* Are we being given a process? */
    if (Process)
    {
        /* We're being given, check that's not a system one  */
        ASSERT(Process != PsInitialSystemProcess);
 
        /* Decrease the process' quota usage */
        InterlockedExchangeAddSizeT(&Process->QuotaUsage[QuotaType], -(LONG_PTR)Amount);
    }
 
    /* We're done, release the lock */
    KeReleaseSpinLock(&PspQuotaLock, OldIrql);
}
 
/* FUNCTIONS ***************************************************************/
 
CODE_SEG("INIT")
VOID
NTAPI
PsInitializeQuotaSystem(VOID)
{
    /* Initialize the default block */
    RtlZeroMemory(&PspDefaultQuotaBlock, sizeof(PspDefaultQuotaBlock));
 
    /* Assign the default quota limits */
    PspDefaultQuotaBlock.QuotaEntry[PsNonPagedPool].Limit = (SIZE_T)-1;
    PspDefaultQuotaBlock.QuotaEntry[PsPagedPool].Limit = (SIZE_T)-1;
    PspDefaultQuotaBlock.QuotaEntry[PsPageFile].Limit = (SIZE_T)-1;
 
    /*
     * Set up the count references as the
     * default block will going to be used.
     */
    PspDefaultQuotaBlock.ReferenceCount = 1;
    PspDefaultQuotaBlock.ProcessCount = 1;
 
    /* Assign that block to initial process */
    PsGetCurrentProcess()->QuotaBlock = &PspDefaultQuotaBlock;
}
 
VOID
NTAPI
PspInheritQuota(
    _In_ PEPROCESS Process,
    _In_opt_ PEPROCESS ParentProcess)
{
    PEPROCESS_QUOTA_BLOCK QuotaBlock;
 
    if (ParentProcess != NULL)
    {
        ASSERT(ParentProcess->QuotaBlock != NULL);
        QuotaBlock = ParentProcess->QuotaBlock;
    }
    else
    {
        QuotaBlock = &PspDefaultQuotaBlock;
    }
 
    InterlockedIncrementSizeT(&QuotaBlock->ProcessCount);
    InterlockedIncrementSizeT(&QuotaBlock->ReferenceCount);
 
    Process->QuotaBlock = QuotaBlock;
}
 
VOID
NTAPI
PspInsertQuotaBlock(
    _In_ PEPROCESS_QUOTA_BLOCK QuotaBlock)
{
    KIRQL OldIrql;
 
    KeAcquireSpinLock(&PspQuotaLock, &OldIrql);
    InsertTailList(&PspQuotaBlockList, &QuotaBlock->QuotaList);
    KeReleaseSpinLock(&PspQuotaLock, OldIrql);
}
 
VOID
NTAPI
PspDereferenceQuotaBlock(
    _In_opt_ PEPROCESS Process,
    _In_ PEPROCESS_QUOTA_BLOCK QuotaBlock)
{
    ULONG PsQuotaTypeIndex;
    KIRQL OldIrql;
 
    /* Make sure the quota block is not trash */
    ASSERT(QuotaBlock);
 
    /* Iterate over the process quota types if we have a process */
    if (Process)
    {
        for (PsQuotaTypeIndex = PsNonPagedPool; PsQuotaTypeIndex < PsQuotaTypes; PsQuotaTypeIndex++)
        {
            /*
             * We need to make sure that the quota usage
             * uniquely associated with the process is 0
             * on that moment the process gets destroyed.
             */
            ASSERT(Process->QuotaUsage[PsQuotaTypeIndex] == 0);
        }
 
        /* As the process is now gone, decrement the process count */
        InterlockedDecrementUL(&QuotaBlock->ProcessCount);
    }
 
    /* If no one is using this block, begin to destroy it */
    if (QuotaBlock != &PspDefaultQuotaBlock &&
        InterlockedDecrementUL(&QuotaBlock->ReferenceCount) == 0)
    {
        /* Acquire the quota lock */
        KeAcquireSpinLock(&PspQuotaLock, &OldIrql);
 
        /* Return all the quotas back to Mm and remove the quota from list */
        PspReturnQuotasOnDestroy(QuotaBlock);
        RemoveEntryList(&QuotaBlock->QuotaList);
 
        /* Release the lock and free the block */
        KeReleaseSpinLock(&PspQuotaLock, OldIrql);
        ExFreePoolWithTag(QuotaBlock, TAG_QUOTA_BLOCK);
    }
}
 
VOID
NTAPI
PsReturnSharedPoolQuota(
    _In_ PEPROCESS_QUOTA_BLOCK QuotaBlock,
    _In_ SIZE_T AmountToReturnPaged,
    _In_ SIZE_T AmountToReturnNonPaged)
{
    /* Sanity check */
    ASSERT(QuotaBlock);
 
    /* Return the pool quotas if there're any */
    if (AmountToReturnPaged != 0)
    {
        PspReturnProcessQuotaSpecifiedPool(NULL, QuotaBlock, PsPagedPool, AmountToReturnPaged);
    }
 
    if (AmountToReturnNonPaged != 0)
    {
        PspReturnProcessQuotaSpecifiedPool(NULL, QuotaBlock, PsNonPagedPool, AmountToReturnNonPaged);
    }
 
    DPRINT("PsReturnSharedPoolQuota(): Amount returned back (paged %lu -- non paged %lu)\n", AmountToReturnPaged, AmountToReturnNonPaged);
 
    /* Dereference the quota block */
    PspDereferenceQuotaBlock(NULL, QuotaBlock);
}
 
PEPROCESS_QUOTA_BLOCK
NTAPI
PsChargeSharedPoolQuota(
    _In_ PEPROCESS Process,
    _In_ SIZE_T AmountToChargePaged,
    _In_ SIZE_T AmountToChargeNonPaged)
{
    NTSTATUS Status;
 
    /* Sanity checks */
    ASSERT(Process);
    ASSERT(Process->QuotaBlock);
 
    /* Do we have some paged pool quota to charge? */
    if (AmountToChargePaged != 0)
    {
        /* We do, charge! */
        Status = PspChargeProcessQuotaSpecifiedPool(NULL, Process->QuotaBlock, PsPagedPool, AmountToChargePaged);
        if (!NT_SUCCESS(Status))
        {
            DPRINT1("PsChargeSharedPoolQuota(): Failed to charge the shared pool quota (Status 0x%lx)\n", Status);
            return NULL;
        }
    }
 
    /* Do we have some non paged pool quota to charge? */
    if (AmountToChargeNonPaged != 0)
    {
        /* We do, charge! */
        Status = PspChargeProcessQuotaSpecifiedPool(NULL, Process->QuotaBlock, PsNonPagedPool, AmountToChargeNonPaged);
        if (!NT_SUCCESS(Status))
        {
            DPRINT1("PsChargeSharedPoolQuota(): Failed to charge the shared pool quota (Status 0x%lx). Attempting to return some paged pool back...\n", Status);
            PspReturnProcessQuotaSpecifiedPool(NULL, Process->QuotaBlock, PsPagedPool, AmountToChargePaged);
            return NULL;
        }
    }
 
    /* We have charged the quotas of an object, increment the reference */
    InterlockedIncrementSizeT(&Process->QuotaBlock->ReferenceCount);
 
    DPRINT("PsChargeSharedPoolQuota(): Amount charged (paged %lu --  non paged %lu)\n", AmountToChargePaged, AmountToChargeNonPaged);
    return Process->QuotaBlock;
}
 
NTSTATUS
NTAPI
PsChargeProcessPageFileQuota(
    _In_ PEPROCESS Process,
    _In_ SIZE_T Amount)
{
    /* Don't do anything for the system process */
    if (Process == PsInitialSystemProcess) return STATUS_SUCCESS;
 
    return PspChargeProcessQuotaSpecifiedPool(Process, Process->QuotaBlock, PsPageFile, Amount);
}
 
VOID
NTAPI
PsChargePoolQuota(
    _In_ PEPROCESS Process,
    _In_ POOL_TYPE PoolType,
    _In_ SIZE_T Amount)
{
    NTSTATUS Status;
    ASSERT(KeGetCurrentIrql() < DISPATCH_LEVEL);
 
    /* Don't do anything for the system process */
    if (Process == PsInitialSystemProcess) return;
 
    /* Charge the usage */
    Status = PsChargeProcessPoolQuota(Process, PoolType, Amount);
    if (!NT_SUCCESS(Status)) ExRaiseStatus(Status);
}
 
NTSTATUS
NTAPI
PsChargeProcessNonPagedPoolQuota(
    _In_ PEPROCESS Process,
    _In_ SIZE_T Amount)
{
    /* Call the general function */
    return PsChargeProcessPoolQuota(Process, NonPagedPool, Amount);
}
 
NTSTATUS
NTAPI
PsChargeProcessPagedPoolQuota(
    _In_ PEPROCESS Process,
    _In_ SIZE_T Amount)
{
    /* Call the general function */
    return PsChargeProcessPoolQuota(Process, PagedPool, Amount);
}
 
NTSTATUS
NTAPI
PsChargeProcessPoolQuota(
    _In_ PEPROCESS Process,
    _In_ POOL_TYPE PoolType,
    _In_ SIZE_T Amount)
{
    /* Don't do anything for the system process */
    if (Process == PsInitialSystemProcess) return STATUS_SUCCESS;
 
    return PspChargeProcessQuotaSpecifiedPool(Process,
                                              Process->QuotaBlock,
                                              (PoolType & PAGED_POOL_MASK),
                                              Amount);
}
 
VOID
NTAPI
PsReturnPoolQuota(
    _In_ PEPROCESS Process,
    _In_ POOL_TYPE PoolType,
    _In_ SIZE_T Amount)
{
    /* Don't do anything for the system process */
    if (Process == PsInitialSystemProcess) return;
 
    PspReturnProcessQuotaSpecifiedPool(Process,
                                       Process->QuotaBlock,
                                       (PoolType & PAGED_POOL_MASK),
                                       Amount);
}
 
VOID
NTAPI
PsReturnProcessNonPagedPoolQuota(
    _In_ PEPROCESS Process,
    _In_ SIZE_T Amount)
{
    /* Don't do anything for the system process */
    if (Process == PsInitialSystemProcess) return;
 
    PsReturnPoolQuota(Process, NonPagedPool, Amount);
}
 
VOID
NTAPI
PsReturnProcessPagedPoolQuota(
    _In_ PEPROCESS Process,
    _In_ SIZE_T Amount)
{
    /* Don't do anything for the system process */
    if (Process == PsInitialSystemProcess) return;
 
    PsReturnPoolQuota(Process, PagedPool, Amount);
}
 
NTSTATUS
NTAPI
PsReturnProcessPageFileQuota(
    _In_ PEPROCESS Process,
    _In_ SIZE_T Amount)
{
    /* Don't do anything for the system process */
    if (Process == PsInitialSystemProcess) return STATUS_SUCCESS;
 
    PspReturnProcessQuotaSpecifiedPool(Process, Process->QuotaBlock, PsPageFile, Amount);
    return STATUS_SUCCESS;
}
 
NTSTATUS
NTAPI
PspSetQuotaLimits(
    _In_ PEPROCESS Process,
    _In_ ULONG Unused,
    _In_ PVOID QuotaLimits,
    _In_ ULONG QuotaLimitsLength,
    _In_ KPROCESSOR_MODE PreviousMode)
{
    QUOTA_LIMITS_EX CapturedQuotaLimits;
    PEPROCESS_QUOTA_BLOCK QuotaBlock, OldQuotaBlock;
    BOOLEAN IncreaseOkay;
    KAPC_STATE SavedApcState;
    NTSTATUS Status;
 
    UNREFERENCED_PARAMETER(Unused);
 
    _SEH2_TRY
    {
        ProbeForRead(QuotaLimits, QuotaLimitsLength, sizeof(ULONG));
 
        /* Check if we have the basic or extended structure */
        if (QuotaLimitsLength == sizeof(QUOTA_LIMITS))
        {
            /* Copy the basic structure, zero init the remaining fields */
            RtlCopyMemory(&CapturedQuotaLimits, QuotaLimits, sizeof(QUOTA_LIMITS));
            CapturedQuotaLimits.WorkingSetLimit = 0;
            CapturedQuotaLimits.Reserved2 = 0;
            CapturedQuotaLimits.Reserved3 = 0;
            CapturedQuotaLimits.Reserved4 = 0;
            CapturedQuotaLimits.CpuRateLimit.RateData = 0;
            CapturedQuotaLimits.Flags = 0;
        }
        else if (QuotaLimitsLength == sizeof(QUOTA_LIMITS_EX))
        {
            /* Copy the full structure */
            RtlCopyMemory(&CapturedQuotaLimits, QuotaLimits, sizeof(QUOTA_LIMITS_EX));
 
            /* Verify that the caller passed valid flags */
            if ((CapturedQuotaLimits.Flags & ~VALID_QUOTA_FLAGS) ||
                ((CapturedQuotaLimits.Flags & QUOTA_LIMITS_HARDWS_MIN_ENABLE) &&
                 (CapturedQuotaLimits.Flags & QUOTA_LIMITS_HARDWS_MIN_DISABLE)) ||
                ((CapturedQuotaLimits.Flags & QUOTA_LIMITS_HARDWS_MAX_ENABLE) &&
                 (CapturedQuotaLimits.Flags & QUOTA_LIMITS_HARDWS_MAX_DISABLE)))
            {
                DPRINT1("Invalid quota flags: 0x%lx\n", CapturedQuotaLimits.Flags);
                _SEH2_YIELD(return STATUS_INVALID_PARAMETER);
            }
 
            /* Verify that the caller didn't pass reserved values */
            if ((CapturedQuotaLimits.WorkingSetLimit != 0) ||
                (CapturedQuotaLimits.Reserved2 != 0) ||
                (CapturedQuotaLimits.Reserved3 != 0) ||
                (CapturedQuotaLimits.Reserved4 != 0) ||
                (CapturedQuotaLimits.CpuRateLimit.RateData != 0))
            {
                DPRINT1("Invalid value: (%lx,%lx,%lx,%lx,%lx)\n",
                        CapturedQuotaLimits.WorkingSetLimit,
                        CapturedQuotaLimits.Reserved2,
                        CapturedQuotaLimits.Reserved3,
                        CapturedQuotaLimits.Reserved4,
                        CapturedQuotaLimits.CpuRateLimit.RateData);
                _SEH2_YIELD(return STATUS_INVALID_PARAMETER);
            }
        }
        else
        {
            DPRINT1("Invalid quota size: 0x%lx\n", QuotaLimitsLength);
            _SEH2_YIELD(return STATUS_INFO_LENGTH_MISMATCH);
        }
    }
    _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
    {
        DPRINT1("Exception while copying data\n");
        _SEH2_YIELD(return _SEH2_GetExceptionCode());
    }
    _SEH2_END;
 
    /* Check the caller changes the working set size limits */
    if ((CapturedQuotaLimits.MinimumWorkingSetSize != 0) &&
        (CapturedQuotaLimits.MaximumWorkingSetSize != 0))
    {
        /* Check for special case: trimming the WS */
        if ((CapturedQuotaLimits.MinimumWorkingSetSize == SIZE_T_MAX) &&
            (CapturedQuotaLimits.MaximumWorkingSetSize == SIZE_T_MAX))
        {
            /* No increase allowed */
            IncreaseOkay = FALSE;
        }
        else
        {
            /* Check if the caller has the required privilege */
            IncreaseOkay = SeSinglePrivilegeCheck(SeIncreaseQuotaPrivilege,
                                                  PreviousMode);
        }
 
        /* Attach to the target process and disable APCs */
        KeStackAttachProcess(&Process->Pcb, &SavedApcState);
        KeEnterGuardedRegion();
 
        /* Call Mm to adjust the process' working set size */
        Status = MmAdjustWorkingSetSize(CapturedQuotaLimits.MinimumWorkingSetSize,
                                        CapturedQuotaLimits.MaximumWorkingSetSize,
                                        0,
                                        IncreaseOkay);
 
        /* Bring back APCs and detach from the process */
        KeLeaveGuardedRegion();
        KeUnstackDetachProcess(&SavedApcState);
    }
    else if (Process->QuotaBlock == &PspDefaultQuotaBlock)
    {
        /* Check if the caller has the required privilege */
        if (!SeSinglePrivilegeCheck(SeIncreaseQuotaPrivilege, PreviousMode))
        {
            return STATUS_PRIVILEGE_NOT_HELD;
        }
 
        /* Allocate a new quota block */
        QuotaBlock = ExAllocatePoolWithTag(NonPagedPool,
                                           sizeof(EPROCESS_QUOTA_BLOCK),
                                           TAG_QUOTA_BLOCK);
        if (QuotaBlock == NULL)
        {
            ObDereferenceObject(Process);
            return STATUS_NO_MEMORY;
        }
 
        /* Initialize the quota block */
        QuotaBlock->ReferenceCount = 1;
        QuotaBlock->ProcessCount = 1;
        QuotaBlock->QuotaEntry[PsNonPagedPool].Peak = Process->QuotaPeak[PsNonPagedPool];
        QuotaBlock->QuotaEntry[PsPagedPool].Peak = Process->QuotaPeak[PsPagedPool];
        QuotaBlock->QuotaEntry[PsPageFile].Peak = Process->QuotaPeak[PsPageFile];
        QuotaBlock->QuotaEntry[PsNonPagedPool].Limit = PspDefaultQuotaBlock.QuotaEntry[PsNonPagedPool].Limit;
        QuotaBlock->QuotaEntry[PsPagedPool].Limit = PspDefaultQuotaBlock.QuotaEntry[PsPagedPool].Limit;
        QuotaBlock->QuotaEntry[PsPageFile].Limit = PspDefaultQuotaBlock.QuotaEntry[PsPageFile].Limit;
 
        /* Try to exchange the quota block, if that failed, just drop it */
        OldQuotaBlock = InterlockedCompareExchangePointer((PVOID*)&Process->QuotaBlock,
                                                          QuotaBlock,
                                                          &PspDefaultQuotaBlock);
        if (OldQuotaBlock == &PspDefaultQuotaBlock)
        {
            /* Success, insert the new quota block */
            PspInsertQuotaBlock(QuotaBlock);
        }
        else
        {
            /* Failed, free the quota block and ignore it */
            ExFreePoolWithTag(QuotaBlock, TAG_QUOTA_BLOCK);
        }
 
        Status = STATUS_SUCCESS;
    }
    else
    {
        Status = STATUS_SUCCESS;
    }
 
    return Status;
}
 
/* EOF */