#include <internal/arch/mm.h>

Include dependency graph for mm.h:

Classes
struct	_MM_SECTION_SEGMENT

struct	_MM_IMAGE_SECTION_OBJECT

struct	_MEMORY_AREA

struct	_MM_RMAP_ENTRY

struct	_MMPFNENTRY

struct	_MMPFN

struct	_MMPFNLIST

struct	_MM_MEMORY_CONSUMER

struct	_MM_REGION

struct	_MMFREE_POOL_ENTRY

struct	_MM_PAGED_POOL_INFO

struct	_MMPAGING_FILE

Macros
#define	MI_QUOTA_NON_PAGED_NEEDED_PAGES 64

#define	MI_NON_PAGED_QUOTA_MIN_RESIDENT_PAGES 200

#define	MI_CHARGE_PAGED_POOL_QUOTA 0x80000

#define	MI_CHARGE_NON_PAGED_POOL_QUOTA 0x10000

#define	MM_NOIRQL ((KIRQL)0xFFFFFFFF)

#define	MMDBG_COPY_WRITE 0x00000001

#define	MMDBG_COPY_PHYSICAL 0x00000002

#define	MMDBG_COPY_UNSAFE 0x00000004

#define	MMDBG_COPY_CACHED 0x00000008

#define	MMDBG_COPY_UNCACHED 0x00000010

#define	MMDBG_COPY_WRITE_COMBINED 0x00000020

#define	MMDBG_COPY_MAX_SIZE 0x8

#define	MI_STATIC_MEMORY_AREAS (13)

#define	MEMORY_AREA_SECTION_VIEW (1)

#define	MEMORY_AREA_OWNED_BY_ARM3 (15)

#define	MEMORY_AREA_STATIC (0x80000000)

#define	MM_VIRTMEM_GRANULARITY (64 * 1024)

#define	STATUS_MM_RESTART_OPERATION ((NTSTATUS)0xD0000001)

#define	PAGE_WRITETHROUGH (1024)

#define	PAGE_SYSTEM (2048)

#define	SEC_PHYSICALMEMORY (0x80000000)

#define	MC_USER (0)

#define	MC_SYSTEM (1)

#define	MC_MAXIMUM (2)

#define	PAGED_POOL_MASK 1

#define	MUST_SUCCEED_POOL_MASK 2

#define	CACHE_ALIGNED_POOL_MASK 4

#define	QUOTA_POOL_MASK 8

#define	SESSION_POOL_MASK 32

#define	VERIFIER_POOL_MASK 64

#define	MAX_PAGING_FILES (16)

#define	MM_ROUND_UP(x, s) ((PVOID)(((ULONG_PTR)(x)+(s)-1) & ~((ULONG_PTR)(s)-1)))

#define	MM_ROUND_DOWN(x, s) ((PVOID)(((ULONG_PTR)(x)) & ~((ULONG_PTR)(s)-1)))

#define	PAGE_ROUND_UP_64(x) (((x) + PAGE_SIZE - 1) & ~(PAGE_SIZE - 1))

#define	PAGE_ROUND_DOWN_64(x) ((x) & ~(PAGE_SIZE - 1))

#define	PAGE_FLAGS_VALID_FOR_SECTION

#define	PAGE_IS_READABLE

#define	PAGE_IS_WRITABLE

#define	PAGE_IS_EXECUTABLE

#define	PAGE_IS_WRITECOPY

#define	InterlockedCompareExchangePte(PointerPte, Exchange, Comperand) InterlockedCompareExchange((PLONG)(PointerPte), Exchange, Comperand)

#define	InterlockedExchangePte(PointerPte, Value) InterlockedExchange((PLONG)(PointerPte), Value)

#define	MM_PHYSICALMEMORY_SEGMENT (0x1)

#define	MM_DATAFILE_SEGMENT (0x2)

#define	MM_SEGMENT_INDELETE (0x4)

#define	MM_SEGMENT_INCREATE (0x8)

#define	MM_IMAGE_SECTION_FLUSH_DELETE (0x10)

#define	MA_GetStartingAddress(_MemoryArea) ((_MemoryArea)->VadNode.StartingVpn << PAGE_SHIFT)

#define	MA_GetEndingAddress(_MemoryArea) (((_MemoryArea)->VadNode.EndingVpn + 1) << PAGE_SHIFT)

#define	MI_SET_USAGE(x)

#define	MI_SET_PROCESS(x)

#define	MI_SET_PROCESS2(x)

#define	StartOfAllocation ReadInProgress

#define	EndOfAllocation WriteInProgress

#define	MM_FREE_POOL_SIGNATURE 'ARM3'

#define	RMAP_SEGMENT_MASK ~((ULONG_PTR)0xff)

#define	RMAP_IS_SEGMENT(x) (((ULONG_PTR)(x) & RMAP_SEGMENT_MASK) == RMAP_SEGMENT_MASK)

#define	MI_ASSERT_PFN_LOCK_HELD() NT_ASSERT((KeGetCurrentIrql() >= DISPATCH_LEVEL) && (MmPfnLock != 0))

#define	MmSetCleanPage(__P, __A) MmSetDirtyBit(__P, __A, FALSE)

#define	MmSetDirtyPage(__P, __A) MmSetDirtyBit(__P, __A, TRUE)

#define	PFN_FROM_SSE(E) ((PFN_NUMBER)((E) >> PAGE_SHIFT))

#define	IS_SWAP_FROM_SSE(E) ((E) & 0x00000001)

#define	MM_IS_WAIT_PTE(E) (IS_SWAP_FROM_SSE(E) && SWAPENTRY_FROM_SSE(E) == MM_WAIT_ENTRY)

#define	MAKE_PFN_SSE(P) ((ULONG_PTR)((P) << PAGE_SHIFT))

#define	SWAPENTRY_FROM_SSE(E) ((E) >> 1)

#define	MAKE_SWAP_SSE(S) (((ULONG_PTR)(S) << 1) \| 0x1)

#define	DIRTY_SSE(E) ((E) \| 2)

#define	CLEAN_SSE(E) ((E) & ~2)

#define	IS_DIRTY_SSE(E) ((E) & 2)

#define	WRITE_SSE(E) ((E) \| 4)

#define	IS_WRITE_SSE(E) ((E) & 4)

#define	PAGE_FROM_SSE(E) ((E) & 0xFFFFF000)

#define	SHARE_COUNT_FROM_SSE(E) (((E) & 0x00000FFC) >> 3)

#define	MAX_SHARE_COUNT 0x1FF

#define	MAKE_SSE(P, C) ((ULONG_PTR)((P) \| ((C) << 3)))

#define	BUMPREF_SSE(E) (PAGE_FROM_SSE(E) \| ((SHARE_COUNT_FROM_SSE(E) + 1) << 3) \| ((E) & 0x7))

#define	DECREF_SSE(E) (PAGE_FROM_SSE(E) \| ((SHARE_COUNT_FROM_SSE(E) - 1) << 3) \| ((E) & 0x7))

#define	MmLockSectionSegment(x) _MmLockSectionSegment(x,__FILE__,__LINE__)

#define	MmUnlockSectionSegment(x) _MmUnlockSectionSegment(x,__FILE__,__LINE__)

#define	MmSetPageEntrySectionSegment(S, O, E) _MmSetPageEntrySectionSegment(S,O,E,__FILE__,__LINE__)

#define	MmGetPageEntrySectionSegment(S, O) _MmGetPageEntrySectionSegment(S,O,__FILE__,__LINE__)

Typedefs
typedef ULONG_PTR	SWAPENTRY

typedef struct _MM_SECTION_SEGMENT	MM_SECTION_SEGMENT

typedef struct _MM_SECTION_SEGMENT *	PMM_SECTION_SEGMENT

typedef struct _MM_IMAGE_SECTION_OBJECT	MM_IMAGE_SECTION_OBJECT

typedef struct _MM_IMAGE_SECTION_OBJECT *	PMM_IMAGE_SECTION_OBJECT

typedef struct _MEMORY_AREA	MEMORY_AREA

typedef struct _MEMORY_AREA *	PMEMORY_AREA

typedef struct _MM_RMAP_ENTRY	MM_RMAP_ENTRY

typedef struct _MM_RMAP_ENTRY *	PMM_RMAP_ENTRY

typedef enum _MI_PFN_USAGES	MI_PFN_USAGES

typedef struct _MMPFNENTRY	MMPFNENTRY

typedef struct _MMPFN	MMPFN

typedef struct _MMPFN *	PMMPFN

typedef struct _MMPFNLIST	MMPFNLIST

typedef struct _MMPFNLIST *	PMMPFNLIST

typedef struct _MM_MEMORY_CONSUMER	MM_MEMORY_CONSUMER

typedef struct _MM_MEMORY_CONSUMER *	PMM_MEMORY_CONSUMER

typedef struct _MM_REGION	MM_REGION

typedef struct _MM_REGION *	PMM_REGION

typedef struct _MMFREE_POOL_ENTRY	MMFREE_POOL_ENTRY

typedef struct _MMFREE_POOL_ENTRY *	PMMFREE_POOL_ENTRY

typedef struct _MM_PAGED_POOL_INFO	MM_PAGED_POOL_INFO

typedef struct _MM_PAGED_POOL_INFO *	PMM_PAGED_POOL_INFO

typedef struct _MMPAGING_FILE	MMPAGING_FILE

typedef struct _MMPAGING_FILE *	PMMPAGING_FILE

typedef VOID(*	PMM_ALTER_REGION_FUNC) (PMMSUPPORT AddressSpace, PVOID BaseAddress, SIZE_T Length, ULONG OldType, ULONG OldProtect, ULONG NewType, ULONG NewProtect)

typedef VOID(*	PMM_FREE_PAGE_FUNC) (PVOID Context, PMEMORY_AREA MemoryArea, PVOID Address, PFN_NUMBER Page, SWAPENTRY SwapEntry, BOOLEAN Dirty)

Functions
NTSTATUS NTAPI	MmDbgCopyMemory (IN ULONG64 Address, IN PVOID Buffer, IN ULONG Size, IN ULONG Flags)

BOOLEAN NTAPI	MmIsSessionAddress (IN PVOID Address)

ULONG NTAPI	MmGetSessionId (IN PEPROCESS Process)

ULONG NTAPI	MmGetSessionIdEx (IN PEPROCESS Process)

NTSTATUS NTAPI	MmCreateMemoryArea (PMMSUPPORT AddressSpace, ULONG Type, PVOID BaseAddress, SIZE_T Length, ULONG Protection, PMEMORY_AREA Result, ULONG AllocationFlags, ULONG AllocationGranularity)

PMEMORY_AREA NTAPI	MmLocateMemoryAreaByAddress (PMMSUPPORT AddressSpace, PVOID Address)

NTSTATUS NTAPI	MmFreeMemoryArea (PMMSUPPORT AddressSpace, PMEMORY_AREA MemoryArea, PMM_FREE_PAGE_FUNC FreePage, PVOID FreePageContext)

VOID NTAPI	MiRosCleanupMemoryArea (PEPROCESS Process, PMMVAD Vad)

PMEMORY_AREA NTAPI	MmLocateMemoryAreaByRegion (PMMSUPPORT AddressSpace, PVOID Address, SIZE_T Length)

PVOID NTAPI	MmFindGap (PMMSUPPORT AddressSpace, SIZE_T Length, ULONG_PTR Granularity, BOOLEAN TopDown)

VOID NTAPI	MiRosCheckMemoryAreas (PMMSUPPORT AddressSpace)

VOID NTAPI	MiCheckAllProcessMemoryAreas (VOID)

VOID NTAPI	MiInitializeNonPagedPool (VOID)

PVOID NTAPI	MiAllocatePoolPages (IN POOL_TYPE PoolType, IN SIZE_T SizeInBytes)

POOL_TYPE NTAPI	MmDeterminePoolType (IN PVOID VirtualAddress)

ULONG NTAPI	MiFreePoolPages (IN PVOID StartingAddress)

	_Requires_lock_held_ (PspQuotaLock) BOOLEAN NTAPI MmRaisePoolQuota(_In_ POOL_TYPE PoolType

VOID NTAPI	MmBuildMdlFromPages (PMDL Mdl, PPFN_NUMBER Pages)

VOID NTAPI	MmInit1 (VOID)

BOOLEAN NTAPI	MmInitSystem (IN ULONG Phase, IN PLOADER_PARAMETER_BLOCK LoaderBlock)

SWAPENTRY NTAPI	MmAllocSwapPage (VOID)

VOID NTAPI	MmFreeSwapPage (SWAPENTRY Entry)

VOID NTAPI	MmInitPagingFile (VOID)

BOOLEAN NTAPI	MmIsFileObjectAPagingFile (PFILE_OBJECT FileObject)

NTSTATUS NTAPI	MmReadFromSwapPage (SWAPENTRY SwapEntry, PFN_NUMBER Page)

NTSTATUS NTAPI	MmWriteToSwapPage (SWAPENTRY SwapEntry, PFN_NUMBER Page)

VOID NTAPI	MmShowOutOfSpaceMessagePagingFile (VOID)

NTSTATUS NTAPI	MiReadPageFile (_In_ PFN_NUMBER Page, _In_ ULONG PageFileIndex, _In_ ULONG_PTR PageFileOffset)

NTSTATUS NTAPI	MmInitializeProcessAddressSpace (IN PEPROCESS Process, IN PEPROCESS Clone OPTIONAL, IN PVOID Section OPTIONAL, IN OUT PULONG Flags, IN POBJECT_NAME_INFORMATION *AuditName OPTIONAL)

NTSTATUS NTAPI	MmCreatePeb (IN PEPROCESS Process, IN PINITIAL_PEB InitialPeb, OUT PPEB *BasePeb)

NTSTATUS NTAPI	MmCreateTeb (IN PEPROCESS Process, IN PCLIENT_ID ClientId, IN PINITIAL_TEB InitialTeb, OUT PTEB *BaseTeb)

VOID NTAPI	MmDeleteTeb (struct _EPROCESS *Process, PTEB Teb)

VOID NTAPI	MmCleanProcessAddressSpace (IN PEPROCESS Process)

VOID NTAPI	MmDeleteProcessAddressSpace (IN PEPROCESS Process)

ULONG NTAPI	MmGetSessionLocaleId (VOID)

NTSTATUS NTAPI	MmSetMemoryPriorityProcess (IN PEPROCESS Process, IN UCHAR MemoryPriority)

NTSTATUS NTAPI	MmPageFault (ULONG Cs, PULONG Eip, PULONG Eax, ULONG Cr2, ULONG ErrorCode)

VOID NTAPI	MiInitializeSpecialPool (VOID)

BOOLEAN NTAPI	MmUseSpecialPool (IN SIZE_T NumberOfBytes, IN ULONG Tag)

BOOLEAN NTAPI	MmIsSpecialPoolAddress (IN PVOID P)

BOOLEAN NTAPI	MmIsSpecialPoolAddressFree (IN PVOID P)

PVOID NTAPI	MmAllocateSpecialPool (IN SIZE_T NumberOfBytes, IN ULONG Tag, IN POOL_TYPE PoolType, IN ULONG SpecialType)

VOID NTAPI	MmFreeSpecialPool (IN PVOID P)

NTSTATUS NTAPI	MmAccessFault (IN ULONG FaultCode, IN PVOID Address, IN KPROCESSOR_MODE Mode, IN PVOID TrapInformation)

PVOID NTAPI	MmCreateKernelStack (BOOLEAN GuiStack, UCHAR Node)

VOID NTAPI	MmDeleteKernelStack (PVOID Stack, BOOLEAN GuiStack)

FORCEINLINE VOID	UpdateTotalCommittedPages (LONG Delta)

VOID NTAPI	MmInitializeMemoryConsumer (ULONG Consumer, NTSTATUS(*Trim)(ULONG Target, ULONG Priority, PULONG NrFreed))

VOID NTAPI	MmInitializeBalancer (ULONG NrAvailablePages, ULONG NrSystemPages)

NTSTATUS NTAPI	MmReleasePageMemoryConsumer (ULONG Consumer, PFN_NUMBER Page)

NTSTATUS NTAPI	MmRequestPageMemoryConsumer (ULONG Consumer, BOOLEAN MyWait, PPFN_NUMBER AllocatedPage)

VOID NTAPI	MiInitBalancerThread (VOID)

VOID NTAPI	MmRebalanceMemoryConsumers (VOID)

VOID NTAPI	MmSetRmapListHeadPage (PFN_NUMBER Page, struct _MM_RMAP_ENTRY *ListHead)

struct _MM_RMAP_ENTRY *NTAPI	MmGetRmapListHeadPage (PFN_NUMBER Page)

VOID NTAPI	MmInsertRmap (PFN_NUMBER Page, struct _EPROCESS *Process, PVOID Address)

VOID NTAPI	MmDeleteAllRmaps (PFN_NUMBER Page, PVOID Context, VOID(DeleteMapping)(PVOID Context, struct _EPROCESS Process, PVOID Address))

VOID NTAPI	MmDeleteRmap (PFN_NUMBER Page, struct _EPROCESS *Process, PVOID Address)

VOID NTAPI	MmInitializeRmapList (VOID)

NTSTATUS NTAPI	MmPageOutPhysicalAddress (PFN_NUMBER Page)

PMM_SECTION_SEGMENT NTAPI	MmGetSectionAssociation (PFN_NUMBER Page, PLARGE_INTEGER Offset)

	_IRQL_raises_ (DISPATCH_LEVEL) _IRQL_requires_max_(DISPATCH_LEVEL) _Requires_lock_not_held_(MmPfnLock) _Acquires_lock_(MmPfnLock) _IRQL_saves_ FORCEINLINE KIRQL MiAcquirePfnLock(VOID)

	_Requires_lock_held_ (MmPfnLock) _Releases_lock_(MmPfnLock) _IRQL_requires_(DISPATCH_LEVEL) FORCEINLINE VOID MiReleasePfnLock(_In_ _IRQL_restores_ KIRQL OldIrql)

	_IRQL_requires_min_ (DISPATCH_LEVEL) _Requires_lock_not_held_(MmPfnLock) _Acquires_lock_(MmPfnLock) FORCEINLINE VOID MiAcquirePfnLockAtDpcLevel(VOID)

FORCEINLINE PMMPFN	MiGetPfnEntry (IN PFN_NUMBER Pfn)

FORCEINLINE PFN_NUMBER	MiGetPfnEntryIndex (IN PMMPFN Pfn1)

PFN_NUMBER NTAPI	MmGetLRUNextUserPage (PFN_NUMBER PreviousPage, BOOLEAN MoveToLast)

PFN_NUMBER NTAPI	MmGetLRUFirstUserPage (VOID)

VOID NTAPI	MmDumpArmPfnDatabase (IN BOOLEAN StatusOnly)

VOID NTAPI	MmZeroPageThread (VOID)

PVOID NTAPI	MiMapPageInHyperSpace (IN PEPROCESS Process, IN PFN_NUMBER Page, IN PKIRQL OldIrql)

VOID NTAPI	MiUnmapPageInHyperSpace (IN PEPROCESS Process, IN PVOID Address, IN KIRQL OldIrql)

PVOID NTAPI	MiMapPagesInZeroSpace (IN PMMPFN Pfn1, IN PFN_NUMBER NumberOfPages)

VOID NTAPI	MiUnmapPagesInZeroSpace (IN PVOID VirtualAddress, IN PFN_NUMBER NumberOfPages)

NTSTATUS NTAPI	MmCreateVirtualMapping (struct _EPROCESS *Process, PVOID Address, ULONG flProtect, PFN_NUMBER Page)

NTSTATUS NTAPI	MmCreateVirtualMappingUnsafe (struct _EPROCESS *Process, PVOID Address, ULONG flProtect, PFN_NUMBER Page)

NTSTATUS NTAPI	MmCreatePhysicalMapping (_Inout_opt_ PEPROCESS Process, _In_ PVOID Address, _In_ ULONG flProtect, _In_ PFN_NUMBER Page)

ULONG NTAPI	MmGetPageProtect (struct _EPROCESS *Process, PVOID Address)

VOID NTAPI	MmSetPageProtect (struct _EPROCESS *Process, PVOID Address, ULONG flProtect)

BOOLEAN NTAPI	MmIsPagePresent (struct _EPROCESS *Process, PVOID Address)

BOOLEAN NTAPI	MmIsDisabledPage (struct _EPROCESS *Process, PVOID Address)

VOID NTAPI	MmInitGlobalKernelPageDirectory (VOID)

VOID NTAPI	MmDeletePageFileMapping (struct _EPROCESS Process, PVOID Address, SWAPENTRY SwapEntry)

NTSTATUS NTAPI	MmCreatePageFileMapping (struct _EPROCESS *Process, PVOID Address, SWAPENTRY SwapEntry)

VOID NTAPI	MmGetPageFileMapping (PEPROCESS Process, PVOID Address, SWAPENTRY *SwapEntry)

BOOLEAN NTAPI	MmIsPageSwapEntry (struct _EPROCESS *Process, PVOID Address)

PFN_NUMBER NTAPI	MmAllocPage (ULONG Consumer)

VOID NTAPI	MmDereferencePage (PFN_NUMBER Page)

VOID NTAPI	MmReferencePage (PFN_NUMBER Page)

ULONG NTAPI	MmGetReferenceCountPage (PFN_NUMBER Page)

BOOLEAN NTAPI	MmIsPageInUse (PFN_NUMBER Page)

VOID NTAPI	MmSetSavedSwapEntryPage (PFN_NUMBER Page, SWAPENTRY SavedSwapEntry)

SWAPENTRY NTAPI	MmGetSavedSwapEntryPage (PFN_NUMBER Page)

VOID NTAPI	MmSetCleanPage (struct _EPROCESS *Process, PVOID Address)

VOID NTAPI	MmSetDirtyBit (PEPROCESS Process, PVOID Address, BOOLEAN Bit)

VOID NTAPI	MmDeletePageTable (struct _EPROCESS *Process, PVOID Address)

PFN_NUMBER NTAPI	MmGetPfnForProcess (struct _EPROCESS *Process, PVOID Address)

BOOLEAN NTAPI	MmCreateProcessAddressSpace (IN ULONG MinWs, IN PEPROCESS Dest, IN PULONG_PTR DirectoryTableBase)

NTSTATUS NTAPI	MmInitializeHandBuiltProcess (IN PEPROCESS Process, IN PULONG_PTR DirectoryTableBase)

NTSTATUS NTAPI	MmInitializeHandBuiltProcess2 (IN PEPROCESS Process)

NTSTATUS NTAPI	MmSetExecuteOptions (IN ULONG ExecuteOptions)

NTSTATUS NTAPI	MmGetExecuteOptions (IN PULONG ExecuteOptions)

	_Success_ (return) BOOLEAN MmDeleteVirtualMapping(_Inout_opt_ PEPROCESS Process

BOOLEAN	MiArchCreateProcessAddressSpace (_In_ PEPROCESS Process, _In_ PULONG_PTR DirectoryTableBase)

NTSTATUS	MmTrimUserMemory (ULONG Target, ULONG Priority, PULONG NrFreedPages)

NTSTATUS NTAPI	MmAlterRegion (PMMSUPPORT AddressSpace, PVOID BaseAddress, PLIST_ENTRY RegionListHead, PVOID StartAddress, SIZE_T Length, ULONG NewType, ULONG NewProtect, PMM_ALTER_REGION_FUNC AlterFunc)

VOID NTAPI	MmInitializeRegion (PLIST_ENTRY RegionListHead, SIZE_T Length, ULONG Type, ULONG Protect)

PMM_REGION NTAPI	MmFindRegion (PVOID BaseAddress, PLIST_ENTRY RegionListHead, PVOID Address, PVOID *RegionBaseAddress)

VOID NTAPI	_MmLockSectionSegment (PMM_SECTION_SEGMENT Segment, const char *file, int line)

VOID NTAPI	_MmUnlockSectionSegment (PMM_SECTION_SEGMENT Segment, const char *file, int line)

VOID NTAPI	MmGetImageInformation (OUT PSECTION_IMAGE_INFORMATION ImageInformation)

PFILE_OBJECT NTAPI	MmGetFileObjectForSection (IN PVOID Section)

NTSTATUS NTAPI	MmGetFileNameForAddress (IN PVOID Address, OUT PUNICODE_STRING ModuleName)

NTSTATUS NTAPI	MmGetFileNameForSection (IN PVOID Section, OUT POBJECT_NAME_INFORMATION *ModuleName)

NTSTATUS NTAPI	MmQuerySectionView (PMEMORY_AREA MemoryArea, PVOID Address, PMEMORY_BASIC_INFORMATION Info, PSIZE_T ResultLength)

NTSTATUS NTAPI	MmProtectSectionView (PMMSUPPORT AddressSpace, PMEMORY_AREA MemoryArea, PVOID BaseAddress, SIZE_T Length, ULONG Protect, PULONG OldProtect)

NTSTATUS NTAPI	MmInitSectionImplementation (VOID)

NTSTATUS NTAPI	MmNotPresentFaultSectionView (PMMSUPPORT AddressSpace, MEMORY_AREA *MemoryArea, PVOID Address, BOOLEAN Locked)

NTSTATUS NTAPI	MmPageOutSectionView (PMMSUPPORT AddressSpace, PMEMORY_AREA MemoryArea, PVOID Address, ULONG_PTR Entry)

NTSTATUS NTAPI	MmCreatePhysicalMemorySection (VOID)

NTSTATUS NTAPI	MmAccessFaultSectionView (PMMSUPPORT AddressSpace, MEMORY_AREA *MemoryArea, PVOID Address, BOOLEAN Locked)

VOID NTAPI	MmFreeSectionSegments (PFILE_OBJECT FileObject)

NTSTATUS NTAPI	MmMapViewInSystemSpaceEx (_In_ PVOID Section, _Outptr_result_bytebuffer_(ViewSize) PVOID MappedBase, _Inout_ PSIZE_T ViewSize, _Inout_ PLARGE_INTEGER SectionOffset, _In_ ULONG_PTR Flags)

BOOLEAN NTAPI	MmIsDataSectionResident (_In_ PSECTION_OBJECT_POINTERS SectionObjectPointer, _In_ LONGLONG Offset, _In_ ULONG Length)

NTSTATUS NTAPI	MmMakeSegmentDirty (_In_ PSECTION_OBJECT_POINTERS SectionObjectPointer, _In_ LONGLONG Offset, _In_ ULONG Length)

NTSTATUS NTAPI	MmFlushSegment (_In_ PSECTION_OBJECT_POINTERS SectionObjectPointer, _In_opt_ PLARGE_INTEGER Offset, _In_ ULONG Length, _Out_opt_ PIO_STATUS_BLOCK Iosb)

NTSTATUS NTAPI	MmMakeDataSectionResident (_In_ PSECTION_OBJECT_POINTERS SectionObjectPointer, _In_ LONGLONG Offset, _In_ ULONG Length, _In_ PLARGE_INTEGER ValidDataLength)

BOOLEAN NTAPI	MmPurgeSegment (_In_ PSECTION_OBJECT_POINTERS SectionObjectPointer, _In_opt_ PLARGE_INTEGER Offset, _In_ ULONG Length)

BOOLEAN NTAPI	MmCheckDirtySegment (PMM_SECTION_SEGMENT Segment, PLARGE_INTEGER Offset, BOOLEAN ForceDirty, BOOLEAN PageOut)

BOOLEAN NTAPI	MmUnsharePageEntrySectionSegment (PMEMORY_AREA MemoryArea, PMM_SECTION_SEGMENT Segment, PLARGE_INTEGER Offset, BOOLEAN Dirty, BOOLEAN PageOut, ULONG_PTR *InEntry)

	_When_ (OldIrql==MM_NOIRQL, _IRQL_requires_max_(DISPATCH_LEVEL)) _When_(OldIrql

	_Requires_lock_not_held_ (MmPfnLock)) _When_(OldIrql !

	_Releases_lock_ (MmPfnLock)) _When_(OldIrql !

	_IRQL_requires_ (DISPATCH_LEVEL)) VOID NTAPI MmDereferenceSegmentWithLock(_In_ PMM_SECTION_SEGMENT Segment

_In_	_When_ (OldIrql !=MM_NOIRQL, _IRQL_restores_) KIRQL OldIrql)

	_IRQL_requires_max_ (DISPATCH_LEVEL) _Requires_lock_not_held_(MmPfnLock) FORCEINLINE VOID MmDereferenceSegment(PMM_SECTION_SEGMENT Segment)

NTSTATUS NTAPI	MmExtendSection (_In_ PVOID Section, _Inout_ PLARGE_INTEGER NewSize)

NTSTATUS NTAPI	_MmSetPageEntrySectionSegment (PMM_SECTION_SEGMENT Segment, PLARGE_INTEGER Offset, ULONG_PTR Entry, const char *file, int line)

ULONG_PTR NTAPI	_MmGetPageEntrySectionSegment (PMM_SECTION_SEGMENT Segment, PLARGE_INTEGER Offset, const char *file, int line)

VOID NTAPI	MiReloadBootLoadedDrivers (IN PLOADER_PARAMETER_BLOCK LoaderBlock)

BOOLEAN NTAPI	MiInitializeLoadedModuleList (IN PLOADER_PARAMETER_BLOCK LoaderBlock)

BOOLEAN NTAPI	MmChangeKernelResourceSectionProtection (IN ULONG_PTR ProtectionMask)

VOID NTAPI	MmMakeKernelResourceSectionWritable (VOID)

NTSTATUS NTAPI	MmLoadSystemImage (IN PUNICODE_STRING FileName, IN PUNICODE_STRING NamePrefix OPTIONAL, IN PUNICODE_STRING LoadedName OPTIONAL, IN ULONG Flags, OUT PVOID ModuleObject, OUT PVOID ImageBaseAddress)

NTSTATUS NTAPI	MmUnloadSystemImage (IN PVOID ImageHandle)

NTSTATUS NTAPI	MmCheckSystemImage (_In_ HANDLE ImageHandle)

NTSTATUS NTAPI	MmCallDllInitialize (_In_ PLDR_DATA_TABLE_ENTRY LdrEntry, _In_ PLIST_ENTRY ModuleListHead)

VOID NTAPI	MmFreeDriverInitialization (IN PLDR_DATA_TABLE_ENTRY LdrEntry)

NTSTATUS NTAPI	RtlpFindExportedRoutineByName (_In_ PVOID ImageBase, _In_ PCSTR ExportName, _Out_ PVOID *Function, _Out_opt_ PBOOLEAN IsForwarder, _In_ NTSTATUS NotFoundStatus)
	ReactOS-only helper routine for RtlFindExportedRoutineByName(), that provides a finer granularity regarding the nature of the export, and the failure reasons.

PVOID NTAPI	RtlFindExportedRoutineByName (_In_ PVOID ImageBase, _In_ PCSTR ExportName)
	Finds the address of a given named exported routine in a loaded image. Note that this function does not support forwarders.

NTSTATUS NTAPI	MmGrowKernelStack (IN PVOID StackPointer)

FORCEINLINE VOID	MmLockAddressSpace (PMMSUPPORT AddressSpace)

FORCEINLINE VOID	MmUnlockAddressSpace (PMMSUPPORT AddressSpace)

FORCEINLINE PEPROCESS	MmGetAddressSpaceOwner (IN PMMSUPPORT AddressSpace)

FORCEINLINE PMMSUPPORT	MmGetCurrentAddressSpace (VOID)

FORCEINLINE PMMSUPPORT	MmGetKernelAddressSpace (VOID)

VOID NTAPI	ExpCheckPoolAllocation (PVOID P, POOL_TYPE PoolType, ULONG Tag)

VOID NTAPI	ExReturnPoolQuota (IN PVOID P)

NTSTATUS NTAPI	MmAdjustWorkingSetSize (IN SIZE_T WorkingSetMinimumInBytes, IN SIZE_T WorkingSetMaximumInBytes, IN ULONG SystemCache, IN BOOLEAN IncreaseOkay)

	_IRQL_requires_max_ (APC_LEVEL) NTSTATUS NTAPI MmAttachSession(_Inout_ PVOID SessionEntry

VOID NTAPI	MmQuitNextSession (_Inout_ PVOID SessionEntry)

PVOID NTAPI	MmGetSessionById (_In_ ULONG SessionId)

VOID	MmShutdownSystem (IN ULONG Phase)

NTSTATUS NTAPI	MmCopyVirtualMemory (IN PEPROCESS SourceProcess, IN PVOID SourceAddress, IN PEPROCESS TargetProcess, OUT PVOID TargetAddress, IN SIZE_T BufferSize, IN KPROCESSOR_MODE PreviousMode, OUT PSIZE_T ReturnSize)

	_Requires_exclusive_lock_held_ (WorkingSet->WorkingSetMutex) VOID NTAPI MiInitializeWorkingSetList(_Inout_ PMMSUPPORT WorkingSet)

Variables
PMMSUPPORT	MmKernelAddressSpace

PFN_COUNT	MiFreeSwapPages

PFN_COUNT	MiUsedSwapPages

PFN_COUNT	MmNumberOfPhysicalPages

UCHAR	MmDisablePagingExecutive

PFN_NUMBER	MmLowestPhysicalPage

PFN_NUMBER	MmHighestPhysicalPage

PFN_NUMBER	MmAvailablePages

PFN_NUMBER	MmResidentAvailablePages

ULONG	MmThrottleTop

ULONG	MmThrottleBottom

LIST_ENTRY	MmLoadedUserImageList

KMUTANT	MmSystemLoadLock

ULONG	MmNumberOfPagingFiles

SIZE_T	MmTotalNonPagedPoolQuota

SIZE_T	MmTotalPagedPoolQuota

PVOID	MmUnloadedDrivers

PVOID	MmLastUnloadedDrivers

PVOID	MmTriageActionTaken

PVOID	KernelVerifier

MM_DRIVER_VERIFIER_DATA	MmVerifierData

SIZE_T	MmTotalCommitLimit

SIZE_T	MmTotalCommittedPages

SIZE_T	MmSharedCommit

SIZE_T	MmDriverCommit

SIZE_T	MmProcessCommit

SIZE_T	MmPagedPoolCommit

SIZE_T	MmPeakCommitment

SIZE_T	MmtotalCommitLimitMaximum

PVOID	MiDebugMapping

PMMPTE	MmDebugPte

KSPIN_LOCK	MmPfnLock

PMMPFN	MmPfnDatabase

MMPFNLIST	MmZeroedPageListHead

MMPFNLIST	MmFreePageListHead

MMPFNLIST	MmStandbyPageListHead

MMPFNLIST	MmModifiedPageListHead

MMPFNLIST	MmModifiedNoWritePageListHead

MM_MEMORY_CONSUMER	MiMemoryConsumers [MC_MAXIMUM]

PMMPAGING_FILE	MmPagingFile [MAX_PAGING_FILES]

_In_ SIZE_T	CurrentMaxQuota

_In_ SIZE_T _Out_ PSIZE_T	NewMaxQuota

_In_ SIZE_T	QuotaToReturn

_In_ PVOID	Address

_In_ PVOID _Out_opt_ BOOLEAN *	WasDirty

_In_ PVOID _Out_opt_ BOOLEAN _Out_opt_ PPFN_NUMBER	Page

_Out_ PKAPC_STATE	ApcState

Macro Definition Documentation

◆ BUMPREF_SSE

#define BUMPREF_SSE ( E ) (PAGE_FROM_SSE(E) | ((SHARE_COUNT_FROM_SSE(E) + 1) << 3) | ((E) & 0x7))

Definition at line 1395 of file mm.h.

◆ CACHE_ALIGNED_POOL_MASK

#define CACHE_ALIGNED_POOL_MASK 4

Definition at line 120 of file mm.h.

◆ CLEAN_SSE

#define CLEAN_SSE ( E ) ((E) & ~2)

Definition at line 1383 of file mm.h.

◆ DECREF_SSE

#define DECREF_SSE ( E ) (PAGE_FROM_SSE(E) | ((SHARE_COUNT_FROM_SSE(E) - 1) << 3) | ((E) & 0x7))

Definition at line 1396 of file mm.h.

◆ DIRTY_SSE

#define DIRTY_SSE ( E ) ((E) | 2)

Definition at line 1382 of file mm.h.

◆ EndOfAllocation

#define EndOfAllocation WriteInProgress

Definition at line 363 of file mm.h.

◆ InterlockedCompareExchangePte

#define InterlockedCompareExchangePte	(	PointerPte,
		Exchange,
		Comperand
	)	InterlockedCompareExchange((PLONG)(PointerPte), Exchange, Comperand)

Definition at line 194 of file mm.h.

◆ InterlockedExchangePte

#define InterlockedExchangePte	(	PointerPte,
		Value
	)	InterlockedExchange((PLONG)(PointerPte), Value)

Definition at line 197 of file mm.h.

◆ IS_DIRTY_SSE

#define IS_DIRTY_SSE ( E ) ((E) & 2)

Definition at line 1384 of file mm.h.

◆ IS_SWAP_FROM_SSE

#define IS_SWAP_FROM_SSE ( E ) ((E) & 0x00000001)

Definition at line 1376 of file mm.h.

◆ IS_WRITE_SSE

#define IS_WRITE_SSE ( E ) ((E) & 4)

Definition at line 1386 of file mm.h.

◆ MA_GetEndingAddress

#define MA_GetEndingAddress ( _MemoryArea ) (((_MemoryArea)->VadNode.EndingVpn + 1) << PAGE_SHIFT)

Definition at line 252 of file mm.h.

◆ MA_GetStartingAddress

#define MA_GetStartingAddress ( _MemoryArea ) ((_MemoryArea)->VadNode.StartingVpn << PAGE_SHIFT)

Definition at line 251 of file mm.h.

◆ MAKE_PFN_SSE

#define MAKE_PFN_SSE ( P ) ((ULONG_PTR)((P) << PAGE_SHIFT))

Definition at line 1379 of file mm.h.

◆ MAKE_SSE

#define MAKE_SSE	(	P,
		C
	)	((ULONG_PTR)((P) \| ((C) << 3)))

Definition at line 1394 of file mm.h.

◆ MAKE_SWAP_SSE

#define MAKE_SWAP_SSE ( S ) (((ULONG_PTR)(S) << 1) | 0x1)

Definition at line 1381 of file mm.h.

◆ MAX_PAGING_FILES

#define MAX_PAGING_FILES (16)

Definition at line 125 of file mm.h.

◆ MAX_SHARE_COUNT

#define MAX_SHARE_COUNT 0x1FF

Definition at line 1393 of file mm.h.

◆ MC_MAXIMUM

#define MC_MAXIMUM (2)

Definition at line 116 of file mm.h.

◆ MC_SYSTEM

#define MC_SYSTEM (1)

Definition at line 115 of file mm.h.

◆ MC_USER

#define MC_USER (0)

Definition at line 114 of file mm.h.

◆ MEMORY_AREA_OWNED_BY_ARM3

#define MEMORY_AREA_OWNED_BY_ARM3 (15)

Definition at line 97 of file mm.h.

◆ MEMORY_AREA_SECTION_VIEW

#define MEMORY_AREA_SECTION_VIEW (1)

Definition at line 93 of file mm.h.

◆ MEMORY_AREA_STATIC

#define MEMORY_AREA_STATIC (0x80000000)

Definition at line 98 of file mm.h.

◆ MI_ASSERT_PFN_LOCK_HELD

#define MI_ASSERT_PFN_LOCK_HELD ( ) NT_ASSERT((KeGetCurrentIrql() >= DISPATCH_LEVEL) && (MmPfnLock != 0))

Definition at line 1050 of file mm.h.

◆ MI_CHARGE_NON_PAGED_POOL_QUOTA

#define MI_CHARGE_NON_PAGED_POOL_QUOTA 0x10000

Definition at line 65 of file mm.h.

◆ MI_CHARGE_PAGED_POOL_QUOTA

#define MI_CHARGE_PAGED_POOL_QUOTA 0x80000

Definition at line 64 of file mm.h.

◆ MI_NON_PAGED_QUOTA_MIN_RESIDENT_PAGES

#define MI_NON_PAGED_QUOTA_MIN_RESIDENT_PAGES 200

Definition at line 63 of file mm.h.

◆ MI_QUOTA_NON_PAGED_NEEDED_PAGES

#define MI_QUOTA_NON_PAGED_NEEDED_PAGES 64

Definition at line 62 of file mm.h.

◆ MI_SET_PROCESS

#define MI_SET_PROCESS ( x )

Definition at line 325 of file mm.h.

◆ MI_SET_PROCESS2

#define MI_SET_PROCESS2 ( x )

Definition at line 326 of file mm.h.

◆ MI_SET_USAGE

#define MI_SET_USAGE ( x )

Definition at line 324 of file mm.h.

◆ MI_STATIC_MEMORY_AREAS

#define MI_STATIC_MEMORY_AREAS (13)

Definition at line 90 of file mm.h.

◆ MM_DATAFILE_SEGMENT

#define MM_DATAFILE_SEGMENT (0x2)

Definition at line 245 of file mm.h.

◆ MM_FREE_POOL_SIGNATURE

#define MM_FREE_POOL_SIGNATURE 'ARM3'

Definition at line 488 of file mm.h.

◆ MM_IMAGE_SECTION_FLUSH_DELETE

#define MM_IMAGE_SECTION_FLUSH_DELETE (0x10)

Definition at line 248 of file mm.h.

◆ MM_IS_WAIT_PTE

#define MM_IS_WAIT_PTE ( E ) (IS_SWAP_FROM_SSE(E) && SWAPENTRY_FROM_SSE(E) == MM_WAIT_ENTRY)

Definition at line 1377 of file mm.h.

◆ MM_NOIRQL

#define MM_NOIRQL ((KIRQL)0xFFFFFFFF)

Definition at line 70 of file mm.h.

◆ MM_PHYSICALMEMORY_SEGMENT

#define MM_PHYSICALMEMORY_SEGMENT (0x1)

Definition at line 244 of file mm.h.

◆ MM_ROUND_DOWN

#define MM_ROUND_DOWN	(	x,
		s
	)	((PVOID)(((ULONG_PTR)(x)) & ~((ULONG_PTR)(s)-1)))

Definition at line 131 of file mm.h.

◆ MM_ROUND_UP

#define MM_ROUND_UP	(	x,
		s
	)	((PVOID)(((ULONG_PTR)(x)+(s)-1) & ~((ULONG_PTR)(s)-1)))

Definition at line 128 of file mm.h.

◆ MM_SEGMENT_INCREATE

#define MM_SEGMENT_INCREATE (0x8)

Definition at line 247 of file mm.h.

◆ MM_SEGMENT_INDELETE

#define MM_SEGMENT_INDELETE (0x4)

Definition at line 246 of file mm.h.

◆ MM_VIRTMEM_GRANULARITY

#define MM_VIRTMEM_GRANULARITY (64 * 1024)

Definition at line 102 of file mm.h.

◆ MMDBG_COPY_CACHED

#define MMDBG_COPY_CACHED 0x00000008

Definition at line 78 of file mm.h.

◆ MMDBG_COPY_MAX_SIZE

#define MMDBG_COPY_MAX_SIZE 0x8

Definition at line 85 of file mm.h.

◆ MMDBG_COPY_PHYSICAL

#define MMDBG_COPY_PHYSICAL 0x00000002

Definition at line 76 of file mm.h.

◆ MMDBG_COPY_UNCACHED

#define MMDBG_COPY_UNCACHED 0x00000010

Definition at line 79 of file mm.h.

◆ MMDBG_COPY_UNSAFE

#define MMDBG_COPY_UNSAFE 0x00000004

Definition at line 77 of file mm.h.

◆ MMDBG_COPY_WRITE

#define MMDBG_COPY_WRITE 0x00000001

Definition at line 75 of file mm.h.

◆ MMDBG_COPY_WRITE_COMBINED

#define MMDBG_COPY_WRITE_COMBINED 0x00000020

Definition at line 80 of file mm.h.

◆ MmGetPageEntrySectionSegment

#define MmGetPageEntrySectionSegment	(	S,
		O
	)	_MmGetPageEntrySectionSegment(S,O,__FILE__,__LINE__)

Definition at line 1609 of file mm.h.

◆ MmLockSectionSegment

#define MmLockSectionSegment ( x ) _MmLockSectionSegment(x,__FILE__,__LINE__)

Definition at line 1404 of file mm.h.

◆ MmSetCleanPage

#define MmSetCleanPage	(	__P,
		__A
	)	MmSetDirtyBit(__P, __A, FALSE)

Definition at line 1258 of file mm.h.

◆ MmSetDirtyPage

#define MmSetDirtyPage	(	__P,
		__A
	)	MmSetDirtyBit(__P, __A, TRUE)

Definition at line 1259 of file mm.h.

◆ MmSetPageEntrySectionSegment

#define MmSetPageEntrySectionSegment	(	S,
		O,
		E
	)	_MmSetPageEntrySectionSegment(S,O,E,__FILE__,__LINE__)

Definition at line 1607 of file mm.h.

◆ MmUnlockSectionSegment

#define MmUnlockSectionSegment ( x ) _MmUnlockSectionSegment(x,__FILE__,__LINE__)

Definition at line 1412 of file mm.h.

◆ MUST_SUCCEED_POOL_MASK

#define MUST_SUCCEED_POOL_MASK 2

Definition at line 119 of file mm.h.

◆ PAGE_FLAGS_VALID_FOR_SECTION

#define PAGE_FLAGS_VALID_FOR_SECTION

Value:

    (PAGE_READONLY | \
     PAGE_READWRITE | \
     PAGE_WRITECOPY | \
     PAGE_EXECUTE | \
     PAGE_EXECUTE_READ | \
     PAGE_EXECUTE_READWRITE | \
     PAGE_EXECUTE_WRITECOPY | \
     PAGE_NOACCESS | \
     PAGE_NOCACHE)

Definition at line 141 of file mm.h.

◆ PAGE_FROM_SSE

#define PAGE_FROM_SSE ( E ) ((E) & 0xFFFFF000)

Definition at line 1390 of file mm.h.

◆ PAGE_IS_EXECUTABLE

#define PAGE_IS_EXECUTABLE

Value:

    (PAGE_EXECUTE | \
    PAGE_EXECUTE_READ | \
    PAGE_EXECUTE_READWRITE | \
    PAGE_EXECUTE_WRITECOPY)

Definition at line 166 of file mm.h.

◆ PAGE_IS_READABLE

#define PAGE_IS_READABLE

Value:

    (PAGE_READONLY | \
    PAGE_READWRITE | \
    PAGE_WRITECOPY | \
    PAGE_EXECUTE_READ | \
    PAGE_EXECUTE_READWRITE | \
    PAGE_EXECUTE_WRITECOPY)

Definition at line 152 of file mm.h.

◆ PAGE_IS_WRITABLE

#define PAGE_IS_WRITABLE

Value:

    (PAGE_READWRITE | \
    PAGE_WRITECOPY | \
    PAGE_EXECUTE_READWRITE | \
    PAGE_EXECUTE_WRITECOPY)

Definition at line 160 of file mm.h.

◆ PAGE_IS_WRITECOPY

#define PAGE_IS_WRITECOPY

Value:

(PAGE_WRITECOPY | \

PAGE_EXECUTE_WRITECOPY)

Definition at line 172 of file mm.h.

◆ PAGE_ROUND_DOWN_64

#define PAGE_ROUND_DOWN_64 ( x ) ((x) & ~(PAGE_SIZE - 1))

Definition at line 138 of file mm.h.

◆ PAGE_ROUND_UP_64

#define PAGE_ROUND_UP_64 ( x ) (((x) + PAGE_SIZE - 1) & ~(PAGE_SIZE - 1))

Definition at line 135 of file mm.h.

◆ PAGE_SYSTEM

#define PAGE_SYSTEM (2048)

Definition at line 110 of file mm.h.

◆ PAGE_WRITETHROUGH

#define PAGE_WRITETHROUGH (1024)

Definition at line 109 of file mm.h.

◆ PAGED_POOL_MASK

#define PAGED_POOL_MASK 1

Definition at line 118 of file mm.h.

◆ PFN_FROM_SSE

#define PFN_FROM_SSE ( E ) ((PFN_NUMBER)((E) >> PAGE_SHIFT))

Definition at line 1375 of file mm.h.

◆ QUOTA_POOL_MASK

#define QUOTA_POOL_MASK 8

Definition at line 121 of file mm.h.

◆ RMAP_IS_SEGMENT

#define RMAP_IS_SEGMENT ( x ) (((ULONG_PTR)(x) & RMAP_SEGMENT_MASK) == RMAP_SEGMENT_MASK)

Definition at line 947 of file mm.h.

◆ RMAP_SEGMENT_MASK

#define RMAP_SEGMENT_MASK ~((ULONG_PTR)0xff)

Definition at line 946 of file mm.h.

◆ SEC_PHYSICALMEMORY

#define SEC_PHYSICALMEMORY (0x80000000)

Definition at line 112 of file mm.h.

◆ SESSION_POOL_MASK

#define SESSION_POOL_MASK 32

Definition at line 122 of file mm.h.

◆ SHARE_COUNT_FROM_SSE

#define SHARE_COUNT_FROM_SSE ( E ) (((E) & 0x00000FFC) >> 3)

Definition at line 1392 of file mm.h.

◆ StartOfAllocation

#define StartOfAllocation ReadInProgress

Definition at line 362 of file mm.h.

◆ STATUS_MM_RESTART_OPERATION

#define STATUS_MM_RESTART_OPERATION ((NTSTATUS)0xD0000001)

Definition at line 104 of file mm.h.

◆ SWAPENTRY_FROM_SSE

#define SWAPENTRY_FROM_SSE ( E ) ((E) >> 1)

Definition at line 1380 of file mm.h.

◆ VERIFIER_POOL_MASK

#define VERIFIER_POOL_MASK 64

Definition at line 123 of file mm.h.

◆ WRITE_SSE

#define WRITE_SSE ( E ) ((E) | 4)

Definition at line 1385 of file mm.h.

Typedef Documentation

◆ MEMORY_AREA

typedef struct _MEMORY_AREA MEMORY_AREA

◆ MI_PFN_USAGES

typedef enum _MI_PFN_USAGES MI_PFN_USAGES

◆ MM_IMAGE_SECTION_OBJECT

typedef struct _MM_IMAGE_SECTION_OBJECT MM_IMAGE_SECTION_OBJECT

◆ MM_MEMORY_CONSUMER

typedef struct _MM_MEMORY_CONSUMER MM_MEMORY_CONSUMER

◆ MM_PAGED_POOL_INFO

typedef struct _MM_PAGED_POOL_INFO MM_PAGED_POOL_INFO

◆ MM_REGION

typedef struct _MM_REGION MM_REGION

◆ MM_RMAP_ENTRY

typedef struct _MM_RMAP_ENTRY MM_RMAP_ENTRY

◆ MM_SECTION_SEGMENT

typedef struct _MM_SECTION_SEGMENT MM_SECTION_SEGMENT

◆ MMFREE_POOL_ENTRY

typedef struct _MMFREE_POOL_ENTRY MMFREE_POOL_ENTRY

◆ MMPAGING_FILE

typedef struct _MMPAGING_FILE MMPAGING_FILE

◆ MMPFN

typedef struct _MMPFN MMPFN

◆ MMPFNENTRY

typedef struct _MMPFNENTRY MMPFNENTRY

◆ MMPFNLIST

typedef struct _MMPFNLIST MMPFNLIST

◆ PMEMORY_AREA

typedef struct _MEMORY_AREA * PMEMORY_AREA

◆ PMM_ALTER_REGION_FUNC

typedef VOID(* PMM_ALTER_REGION_FUNC) (PMMSUPPORT AddressSpace, PVOID BaseAddress, SIZE_T Length, ULONG OldType, ULONG OldProtect, ULONG NewType, ULONG NewProtect)

Definition at line 522 of file mm.h.

◆ PMM_FREE_PAGE_FUNC

typedef VOID(* PMM_FREE_PAGE_FUNC) (PVOID Context, PMEMORY_AREA MemoryArea, PVOID Address, PFN_NUMBER Page, SWAPENTRY SwapEntry, BOOLEAN Dirty)

Definition at line 533 of file mm.h.

◆ PMM_IMAGE_SECTION_OBJECT

typedef struct _MM_IMAGE_SECTION_OBJECT * PMM_IMAGE_SECTION_OBJECT

◆ PMM_MEMORY_CONSUMER

typedef struct _MM_MEMORY_CONSUMER * PMM_MEMORY_CONSUMER

◆ PMM_PAGED_POOL_INFO

typedef struct _MM_PAGED_POOL_INFO * PMM_PAGED_POOL_INFO

◆ PMM_REGION

typedef struct _MM_REGION * PMM_REGION

◆ PMM_RMAP_ENTRY

typedef struct _MM_RMAP_ENTRY * PMM_RMAP_ENTRY

◆ PMM_SECTION_SEGMENT

typedef struct _MM_SECTION_SEGMENT * PMM_SECTION_SEGMENT

◆ PMMFREE_POOL_ENTRY

typedef struct _MMFREE_POOL_ENTRY * PMMFREE_POOL_ENTRY

◆ PMMPAGING_FILE

typedef struct _MMPAGING_FILE * PMMPAGING_FILE

◆ PMMPFN

typedef struct _MMPFN * PMMPFN

◆ PMMPFNLIST

typedef struct _MMPFNLIST * PMMPFNLIST

◆ SWAPENTRY

typedef ULONG_PTR SWAPENTRY

Definition at line 57 of file mm.h.

Enumeration Type Documentation

◆ _MI_PFN_USAGES

enum _MI_PFN_USAGES

Enumerator
MI_USAGE_NOT_SET
MI_USAGE_PAGED_POOL
MI_USAGE_NONPAGED_POOL
MI_USAGE_NONPAGED_POOL_EXPANSION
MI_USAGE_KERNEL_STACK
MI_USAGE_KERNEL_STACK_EXPANSION
MI_USAGE_SYSTEM_PTE
MI_USAGE_VAD
MI_USAGE_PEB_TEB
MI_USAGE_SECTION
MI_USAGE_PAGE_TABLE
MI_USAGE_PAGE_DIRECTORY
MI_USAGE_LEGACY_PAGE_DIRECTORY
MI_USAGE_DRIVER_PAGE
MI_USAGE_CONTINOUS_ALLOCATION
MI_USAGE_MDL
MI_USAGE_DEMAND_ZERO
MI_USAGE_ZERO_LOOP
MI_USAGE_CACHE
MI_USAGE_PFN_DATABASE
MI_USAGE_BOOT_DRIVER
MI_USAGE_INIT_MEMORY
MI_USAGE_PAGE_FILE
MI_USAGE_COW
MI_USAGE_WSLE
MI_USAGE_FREE_PAGE

Definition at line 329 of file mm.h.

{
    MI_USAGE_NOT_SET = 0,
    MI_USAGE_PAGED_POOL,
    MI_USAGE_NONPAGED_POOL,
    MI_USAGE_NONPAGED_POOL_EXPANSION,
    MI_USAGE_KERNEL_STACK,
    MI_USAGE_KERNEL_STACK_EXPANSION,
    MI_USAGE_SYSTEM_PTE,
    MI_USAGE_VAD,
    MI_USAGE_PEB_TEB,
    MI_USAGE_SECTION,
    MI_USAGE_PAGE_TABLE,
    MI_USAGE_PAGE_DIRECTORY,
    MI_USAGE_LEGACY_PAGE_DIRECTORY,
    MI_USAGE_DRIVER_PAGE,
    MI_USAGE_CONTINOUS_ALLOCATION,
    MI_USAGE_MDL,
    MI_USAGE_DEMAND_ZERO,
    MI_USAGE_ZERO_LOOP,
    MI_USAGE_CACHE,
    MI_USAGE_PFN_DATABASE,
    MI_USAGE_BOOT_DRIVER,
    MI_USAGE_INIT_MEMORY,
    MI_USAGE_PAGE_FILE,
    MI_USAGE_COW,
    MI_USAGE_WSLE,
    MI_USAGE_FREE_PAGE
} MI_PFN_USAGES;

Function Documentation

◆ _IRQL_raises_()

_IRQL_raises_ ( DISPATCH_LEVEL )

Definition at line 999 of file mm.h.

{
    return KeAcquireQueuedSpinLock(LockQueuePfnLock);
}

◆ _IRQL_requires_()

_IRQL_requires_ ( DISPATCH_LEVEL )

◆ _IRQL_requires_max_() [1/2]

_IRQL_requires_max_ ( APC_LEVEL )

Definition at line 37 of file cddata.c.

{
    THREAD_CONTEXT ThreadContext = {0};
    PIRP_CONTEXT IrpContext = NULL;
    BOOLEAN Wait;
 
#ifdef CD_SANITY
    PVOID PreviousTopLevel;
#endif
 
    NTSTATUS Status;
 
#if DBG
 
    KIRQL SaveIrql = KeGetCurrentIrql();
 
#endif
 
    ASSERT_OPTIONAL_IRP( Irp );
 
    UNREFERENCED_PARAMETER( DeviceObject );
 
    FsRtlEnterFileSystem();
 
#ifdef CD_SANITY
    PreviousTopLevel = IoGetTopLevelIrp();
#endif
 
    //
    //  Loop until this request has been completed or posted.
    //
 
    do {
 
        //
        //  Use a try-except to handle the exception cases.
        //
 
        _SEH2_TRY {
 
            //
            //  If the IrpContext is NULL then this is the first pass through
            //  this loop.
            //
 
            if (IrpContext == NULL) {
 
                //
                //  Decide if this request is waitable an allocate the IrpContext.
                //  If the file object in the stack location is NULL then this
                //  is a mount which is always waitable.  Otherwise we look at
                //  the file object flags.
                //
 
                if (IoGetCurrentIrpStackLocation( Irp )->FileObject == NULL) {
 
                    Wait = TRUE;
 
                } else {
 
                    Wait = CanFsdWait( Irp );
                }
 
                IrpContext = CdCreateIrpContext( Irp, Wait );
 
                //
                //  Update the thread context information.
                //
 
                CdSetThreadContext( IrpContext, &ThreadContext );
 
#ifdef CD_SANITY
                NT_ASSERT( !CdTestTopLevel ||
                        SafeNodeType( IrpContext->TopLevel ) == CDFS_NTC_IRP_CONTEXT );
#endif
 
            //
            //  Otherwise cleanup the IrpContext for the retry.
            //
 
            } else {
 
                //
                //  Set the MORE_PROCESSING flag to make sure the IrpContext
                //  isn't inadvertently deleted here.  Then cleanup the
                //  IrpContext to perform the retry.
                //
 
                SetFlag( IrpContext->Flags, IRP_CONTEXT_FLAG_MORE_PROCESSING );
                CdCleanupIrpContext( IrpContext, FALSE );
            }
 
            //
            //  Case on the major irp code.
            //
 
            switch (IrpContext->MajorFunction) {
 
            case IRP_MJ_CREATE :
 
                Status = CdCommonCreate( IrpContext, Irp );
                break;
 
            case IRP_MJ_CLOSE :
 
                Status = CdCommonClose( IrpContext, Irp );
                break;
 
            case IRP_MJ_READ :
 
                //
                //  If this is an Mdl complete request, don't go through
                //  common read.
                //
 
                if (FlagOn( IrpContext->MinorFunction, IRP_MN_COMPLETE )) {
 
                    Status = CdCompleteMdl( IrpContext, Irp );
 
                } else {
 
                    Status = CdCommonRead( IrpContext, Irp );
                }
 
                break;
 
            case IRP_MJ_WRITE :
 
                Status = CdCommonWrite( IrpContext, Irp );
                break;
 
            case IRP_MJ_QUERY_INFORMATION :
 
                Status = CdCommonQueryInfo( IrpContext, Irp );
                break;
 
            case IRP_MJ_SET_INFORMATION :
 
                Status = CdCommonSetInfo( IrpContext, Irp );
                break;
 
            case IRP_MJ_QUERY_VOLUME_INFORMATION :
 
                Status = CdCommonQueryVolInfo( IrpContext, Irp );
                break;
 
            case IRP_MJ_DIRECTORY_CONTROL :
 
                Status = CdCommonDirControl( IrpContext, Irp );
                break;
 
            case IRP_MJ_FILE_SYSTEM_CONTROL :
 
                Status = CdCommonFsControl( IrpContext, Irp );
                break;
 
            case IRP_MJ_DEVICE_CONTROL :
 
                Status = CdCommonDevControl( IrpContext, Irp );
                break;
 
            case IRP_MJ_LOCK_CONTROL :
 
                Status = CdCommonLockControl( IrpContext, Irp );
                break;
 
            case IRP_MJ_CLEANUP :
 
                Status = CdCommonCleanup( IrpContext, Irp );
                break;
 
            case IRP_MJ_PNP :
 
                Status = CdCommonPnp( IrpContext, Irp );
                break;
 
            case IRP_MJ_SHUTDOWN :
 
                Status = CdCommonShutdown( IrpContext, Irp );
                break;
 
            default :
 
                Status = STATUS_INVALID_DEVICE_REQUEST;
                CdCompleteRequest( IrpContext, Irp, Status );
            }
 
        } _SEH2_EXCEPT( CdExceptionFilter( IrpContext, _SEH2_GetExceptionInformation() )) {
 
            Status = CdProcessException( IrpContext, Irp, _SEH2_GetExceptionCode() );
        } _SEH2_END;
 
    } while (Status == STATUS_CANT_WAIT);
 
#ifdef CD_SANITY
    NT_ASSERT( !CdTestTopLevel ||
            (PreviousTopLevel == IoGetTopLevelIrp()) );
#endif
 
    FsRtlExitFileSystem();
 
    NT_ASSERT( SaveIrql == KeGetCurrentIrql( ));
 
    return Status;
}

◆ _IRQL_requires_max_() [2/2]

_IRQL_requires_max_ ( DISPATCH_LEVEL )

Definition at line 1575 of file mm.h.

{
    MmDereferenceSegmentWithLock(Segment, MM_NOIRQL);
}

◆ _IRQL_requires_min_()

_IRQL_requires_min_ ( DISPATCH_LEVEL )

Definition at line 1022 of file mm.h.

{
    PKSPIN_LOCK_QUEUE LockQueue;
 
    ASSERT(KeGetCurrentIrql() >= DISPATCH_LEVEL);
    LockQueue = &KeGetCurrentPrcb()->LockQueue[LockQueuePfnLock];
    KeAcquireQueuedSpinLockAtDpcLevel(LockQueue);
}

◆ _MmGetPageEntrySectionSegment()

ULONG_PTR NTAPI _MmGetPageEntrySectionSegment	(	PMM_SECTION_SEGMENT	Segment,
		PLARGE_INTEGER	Offset,
		const char *	file,
		int	line
	)

Definition at line 280 of file sptab.c.

{
    LARGE_INTEGER FileOffset;
    ULONG_PTR PageIndex, Result;
    PCACHE_SECTION_PAGE_TABLE PageTable;
 
    ASSERT(Segment->Locked);
    FileOffset.QuadPart = ROUND_DOWN(Offset->QuadPart,
                                     ENTRIES_PER_ELEMENT * PAGE_SIZE);
    PageTable = MiSectionPageTableGet(&Segment->PageTable, &FileOffset);
    if (!PageTable) return 0;
    PageIndex = (ULONG_PTR)((Offset->QuadPart - PageTable->FileOffset.QuadPart) / PAGE_SIZE);
    Result = PageTable->PageEntries[PageIndex];
#if 0
    DPRINTC
        ("MiGetPageEntrySectionSegment(%p,%08x%08x) => %x %s:%d\n",
         Segment,
         FileOffset.u.HighPart,
         FileOffset.u.LowPart + PageIndex * PAGE_SIZE,
         Result,
         file, line);
#endif
    return Result;
}

◆ _MmLockSectionSegment()

VOID NTAPI _MmLockSectionSegment	(	PMM_SECTION_SEGMENT	Segment,
		const char *	file,
		int	line
	)

Definition at line 98 of file data.c.

{
    //DPRINT("MmLockSectionSegment(%p,%s:%d)\n", Segment, file, line);
    ExAcquireFastMutex(&Segment->Lock);
    Segment->Locked = TRUE;
}

◆ _MmSetPageEntrySectionSegment()

NTSTATUS NTAPI _MmSetPageEntrySectionSegment	(	PMM_SECTION_SEGMENT	Segment,
		PLARGE_INTEGER	Offset,
		ULONG_PTR	Entry,
		const char *	file,
		int	line
	)

Definition at line 178 of file sptab.c.

{
    ULONG_PTR PageIndex, OldEntry;
    PCACHE_SECTION_PAGE_TABLE PageTable;
 
    ASSERT(Segment->Locked);
    ASSERT(!IS_SWAP_FROM_SSE(Entry) || !IS_DIRTY_SSE(Entry));
 
    PageTable = MiSectionPageTableGetOrAllocate(&Segment->PageTable, Offset);
 
    if (!PageTable) return STATUS_NO_MEMORY;
 
    ASSERT(MiSectionPageTableGet(&Segment->PageTable, Offset));
 
    PageTable->Segment = Segment;
    PageIndex = (ULONG_PTR)((Offset->QuadPart - PageTable->FileOffset.QuadPart) / PAGE_SIZE);
    OldEntry = PageTable->PageEntries[PageIndex];
 
    DPRINT("MiSetPageEntrySectionSegment(%p,%08x%08x,%x=>%x)\n",
            Segment,
            Offset->u.HighPart,
            Offset->u.LowPart,
            OldEntry,
            Entry);
 
    /* Manage ref on segment */
    if (Entry && !OldEntry)
    {
        InterlockedIncrement64(Segment->ReferenceCount);
    }
    if (OldEntry && !Entry)
    {
        MmDereferenceSegment(Segment);
    }
 
    if (Entry && !IS_SWAP_FROM_SSE(Entry))
    {
        /* We have a valid entry. See if we must do something */
        if (OldEntry && !IS_SWAP_FROM_SSE(OldEntry))
        {
            /* The previous entry was valid. Shall we swap the Rmaps ? */
            if (PFN_FROM_SSE(Entry) != PFN_FROM_SSE(OldEntry))
            {
                MmDeleteSectionAssociation(PFN_FROM_SSE(OldEntry));
 
                /* This has to be done before setting the new section association
                   to prevent a race condition with the paging out path */
                PageTable->PageEntries[PageIndex] = Entry;
 
                MmSetSectionAssociation(PFN_FROM_SSE(Entry), Segment, Offset);
            }
            else
            {
                PageTable->PageEntries[PageIndex] = Entry;
            }
        }
        else
        {
            /*
             * We're switching to a valid entry from an invalid one.
             * Add the Rmap and take a ref on the segment.
             */
            PageTable->PageEntries[PageIndex] = Entry;
            MmSetSectionAssociation(PFN_FROM_SSE(Entry), Segment, Offset);
 
            if (Offset->QuadPart >= (Segment->LastPage << PAGE_SHIFT))
                Segment->LastPage = (Offset->QuadPart >> PAGE_SHIFT) + 1;
        }
    }
    else if (OldEntry && !IS_SWAP_FROM_SSE(OldEntry))
    {
        /* We're switching to an invalid entry from a valid one */
        MmDeleteSectionAssociation(PFN_FROM_SSE(OldEntry));
        PageTable->PageEntries[PageIndex] = Entry;
 
        if (Offset->QuadPart == ((Segment->LastPage - 1ULL) << PAGE_SHIFT))
        {
            /* We are unsetting the last page */
            while (--Segment->LastPage)
            {
                LARGE_INTEGER CheckOffset;
                CheckOffset.QuadPart = (Segment->LastPage - 1) << PAGE_SHIFT;
                ULONG_PTR Entry = MmGetPageEntrySectionSegment(Segment, &CheckOffset);
                if ((Entry != 0) && !IS_SWAP_FROM_SSE(Entry))
                    break;
            }
        }
    }
    else
    {
        PageTable->PageEntries[PageIndex] = Entry;
    }
 
    return STATUS_SUCCESS;
}

◆ _MmUnlockSectionSegment()

VOID NTAPI _MmUnlockSectionSegment	(	PMM_SECTION_SEGMENT	Segment,
		const char *	file,
		int	line
	)

Definition at line 107 of file data.c.

{
    ASSERT(Segment->Locked);
    Segment->Locked = FALSE;
    ExReleaseFastMutex(&Segment->Lock);
    //DPRINT("MmUnlockSectionSegment(%p,%s:%d)\n", Segment, file, line);
}

◆ _Releases_lock_()

_Releases_lock_ ( MmPfnLock )

◆ _Requires_exclusive_lock_held_()

_Requires_exclusive_lock_held_ ( WorkingSet-> WorkingSetMutex )

◆ _Requires_lock_held_() [1/2]

_Requires_lock_held_ ( MmPfnLock )

Definition at line 1011 of file mm.h.

{
    KeReleaseQueuedSpinLock(LockQueuePfnLock, OldIrql);
}

◆ _Requires_lock_held_() [2/2]

_Requires_lock_held_ ( PspQuotaLock )

◆ _Requires_lock_not_held_()

_Requires_lock_not_held_ ( MmPfnLock )

◆ _Success_()

_Success_ ( return )

Definition at line 57 of file firmware.c.

{
    NTSTATUS Status;
    SYSTEM_BOOT_ENVIRONMENT_INFORMATION BootInfo;
 
    /* Check input parameters */
    if (FirmwareType == NULL)
    {
        SetLastError(ERROR_INVALID_PARAMETER);
        return FALSE;
    }
 
    /* Query firmware type */
    Status = NtQuerySystemInformation(SystemBootEnvironmentInformation,
                                      &BootInfo,
                                      sizeof(BootInfo),
                                      0);
    if (!NT_SUCCESS(Status))
    {
        BaseSetLastNTError(Status);
        return FALSE;
    }
 
    *FirmwareType = BootInfo.FirmwareType;
    return TRUE;
}

◆ _When_() [1/2]

_In_ _When_	(	OldIrql !	= `MM_NOIRQL`,
		_IRQL_restores_
	)

◆ _When_() [2/2]

_When_	(	OldIrql	= `= MM_NOIRQL`,
		_IRQL_requires_max_(DISPATCH_LEVEL)
	)

◆ ExpCheckPoolAllocation()

VOID NTAPI ExpCheckPoolAllocation	(	PVOID	P,
		POOL_TYPE	PoolType,
		ULONG	Tag
	)

Definition at line 296 of file expool.c.

{
    PPOOL_HEADER Entry;
    ULONG i;
    KIRQL OldIrql;
    POOL_TYPE RealPoolType;
 
    /* Get the pool header */
    Entry = ((PPOOL_HEADER)P) - 1;
 
    /* Check if this is a large allocation */
    if (PAGE_ALIGN(P) == P)
    {
        /* Lock the pool table */
        KeAcquireSpinLock(&ExpLargePoolTableLock, &OldIrql);
 
        /* Find the pool tag */
        for (i = 0; i < PoolBigPageTableSize; i++)
        {
            /* Check if this is our allocation */
            if (PoolBigPageTable[i].Va == P)
            {
                /* Make sure the tag is ok */
                if (PoolBigPageTable[i].Key != Tag)
                {
                    KeBugCheckEx(BAD_POOL_CALLER, 0x0A, (ULONG_PTR)P, PoolBigPageTable[i].Key, Tag);
                }
 
                break;
            }
        }
 
        /* Release the lock */
        KeReleaseSpinLock(&ExpLargePoolTableLock, OldIrql);
 
        if (i == PoolBigPageTableSize)
        {
            /* Did not find the allocation */
            //ASSERT(FALSE);
        }
 
        /* Get Pool type by address */
        RealPoolType = MmDeterminePoolType(P);
    }
    else
    {
        /* Verify the tag */
        if (Entry->PoolTag != Tag)
        {
            DPRINT1("Allocation has wrong pool tag! Expected '%.4s', got '%.4s' (0x%08lx)\n",
                    &Tag, &Entry->PoolTag, Entry->PoolTag);
            KeBugCheckEx(BAD_POOL_CALLER, 0x0A, (ULONG_PTR)P, Entry->PoolTag, Tag);
        }
 
        /* Check the rest of the header */
        ExpCheckPoolHeader(Entry);
 
        /* Get Pool type from entry */
        RealPoolType = (Entry->PoolType - 1);
    }
 
    /* Should we check the pool type? */
    if (PoolType != -1)
    {
        /* Verify the pool type */
        if (RealPoolType != PoolType)
        {
            DPRINT1("Wrong pool type! Expected %s, got %s\n",
                    PoolType & BASE_POOL_TYPE_MASK ? "PagedPool" : "NonPagedPool",
                    (Entry->PoolType - 1) & BASE_POOL_TYPE_MASK ? "PagedPool" : "NonPagedPool");
            KeBugCheckEx(BAD_POOL_CALLER, 0xCC, (ULONG_PTR)P, Entry->PoolTag, Tag);
        }
    }
}

◆ ExReturnPoolQuota()

VOID NTAPI ExReturnPoolQuota ( IN PVOID P )

Definition at line 1852 of file expool.c.

{
    PPOOL_HEADER Entry;
    POOL_TYPE PoolType;
    USHORT BlockSize;
    PEPROCESS Process;
 
    if ((ExpPoolFlags & POOL_FLAG_SPECIAL_POOL) &&
        (MmIsSpecialPoolAddress(P)))
    {
        return;
    }
 
    Entry = P;
    Entry--;
    ASSERT((ULONG_PTR)Entry % POOL_BLOCK_SIZE == 0);
 
    PoolType = Entry->PoolType - 1;
    BlockSize = Entry->BlockSize;
 
    if (PoolType & QUOTA_POOL_MASK)
    {
        Process = ((PVOID *)POOL_NEXT_BLOCK(Entry))[-1];
        ASSERT(Process != NULL);
        if (Process)
        {
            if (Process->Pcb.Header.Type != ProcessObject)
            {
                DPRINT1("Object %p is not a process. Type %u, pool type 0x%x, block size %u\n",
                        Process, Process->Pcb.Header.Type, Entry->PoolType, BlockSize);
                KeBugCheckEx(BAD_POOL_CALLER,
                             POOL_BILLED_PROCESS_INVALID,
                             (ULONG_PTR)P,
                             Entry->PoolTag,
                             (ULONG_PTR)Process);
            }
            ((PVOID *)POOL_NEXT_BLOCK(Entry))[-1] = NULL;
            PsReturnPoolQuota(Process,
                              PoolType & BASE_POOL_TYPE_MASK,
                              BlockSize * POOL_BLOCK_SIZE);
            ObDereferenceObject(Process);
        }
    }
}

Referenced by IoFreeIrp().

◆ MiAllocatePoolPages()

PVOID NTAPI MiAllocatePoolPages	(	IN POOL_TYPE	PoolType,
		IN SIZE_T	SizeInBytes
	)

Definition at line 422 of file pool.c.

{
    PFN_NUMBER PageFrameNumber;
    PFN_COUNT SizeInPages, PageTableCount;
    ULONG i;
    KIRQL OldIrql;
    PLIST_ENTRY NextEntry, NextHead, LastHead;
    PMMPTE PointerPte, StartPte;
    PMMPDE PointerPde;
    ULONG EndAllocation;
    MMPTE TempPte;
    MMPDE TempPde;
    PMMPFN Pfn1;
    PVOID BaseVa, BaseVaStart;
    PMMFREE_POOL_ENTRY FreeEntry;
 
    //
    // Figure out how big the allocation is in pages
    //
    SizeInPages = (PFN_COUNT)BYTES_TO_PAGES(SizeInBytes);
 
    //
    // Check for overflow
    //
    if (SizeInPages == 0)
    {
        //
        // Fail
        //
        return NULL;
    }
 
    //
    // Handle paged pool
    //
    if ((PoolType & BASE_POOL_TYPE_MASK) == PagedPool)
    {
        //
        // If only one page is being requested, try to grab it from the S-LIST
        //
        if ((SizeInPages == 1) && (ExQueryDepthSList(&MiPagedPoolSListHead)))
        {
            BaseVa = InterlockedPopEntrySList(&MiPagedPoolSListHead);
            if (BaseVa) return BaseVa;
        }
 
        //
        // Lock the paged pool mutex
        //
        KeAcquireGuardedMutex(&MmPagedPoolMutex);
 
        //
        // Find some empty allocation space
        //
        i = RtlFindClearBitsAndSet(MmPagedPoolInfo.PagedPoolAllocationMap,
                                   SizeInPages,
                                   MmPagedPoolInfo.PagedPoolHint);
        if (i == 0xFFFFFFFF)
        {
            //
            // Get the page bit count
            //
            i = ((SizeInPages - 1) / PTE_PER_PAGE) + 1;
            DPRINT("Paged pool expansion: %lu %x\n", i, SizeInPages);
 
            //
            // Check if there is enougn paged pool expansion space left
            //
            if (MmPagedPoolInfo.NextPdeForPagedPoolExpansion >
                (PMMPDE)MiAddressToPte(MmPagedPoolInfo.LastPteForPagedPool))
            {
                //
                // Out of memory!
                //
                DPRINT1("FAILED to allocate %Iu bytes from paged pool\n", SizeInBytes);
                KeReleaseGuardedMutex(&MmPagedPoolMutex);
                return NULL;
            }
 
            //
            // Check if we'll have to expand past the last PTE we have available
            //
            if (((i - 1) + MmPagedPoolInfo.NextPdeForPagedPoolExpansion) >
                 (PMMPDE)MiAddressToPte(MmPagedPoolInfo.LastPteForPagedPool))
            {
                //
                // We can only support this much then
                //
                PointerPde = MiPteToPde(MmPagedPoolInfo.LastPteForPagedPool);
                PageTableCount = (PFN_COUNT)(PointerPde + 1 -
                                 MmPagedPoolInfo.NextPdeForPagedPoolExpansion);
                ASSERT(PageTableCount < i);
                i = PageTableCount;
            }
            else
            {
                //
                // Otherwise, there is plenty of space left for this expansion
                //
                PageTableCount = i;
            }
 
            //
            // Get the template PDE we'll use to expand
            //
            TempPde = ValidKernelPde;
 
            //
            // Get the first PTE in expansion space
            //
            PointerPde = MmPagedPoolInfo.NextPdeForPagedPoolExpansion;
            BaseVa = MiPdeToPte(PointerPde);
            BaseVaStart = BaseVa;
 
            //
            // Lock the PFN database and loop pages
            //
            OldIrql = MiAcquirePfnLock();
            do
            {
                //
                // It should not already be valid
                //
                ASSERT(PointerPde->u.Hard.Valid == 0);
 
                /* Request a page */
                MI_SET_USAGE(MI_USAGE_PAGED_POOL);
                MI_SET_PROCESS2("Kernel");
                PageFrameNumber = MiRemoveAnyPage(MI_GET_NEXT_COLOR());
                TempPde.u.Hard.PageFrameNumber = PageFrameNumber;
#if (_MI_PAGING_LEVELS >= 3)
                /* On PAE/x64 systems, there's no double-buffering */
                /* Initialize the PFN entry for it */
                MiInitializePfnForOtherProcess(PageFrameNumber,
                                               (PMMPTE)PointerPde,
                                               PFN_FROM_PTE(MiAddressToPte(PointerPde)));
 
                /* Write the actual PDE now */
                MI_WRITE_VALID_PDE(PointerPde, TempPde);
#else
                //
                // Save it into our double-buffered system page directory
                //
                MmSystemPagePtes[((ULONG_PTR)PointerPde & (SYSTEM_PD_SIZE - 1)) / sizeof(MMPTE)] = TempPde;
 
                /* Initialize the PFN */
                MiInitializePfnForOtherProcess(PageFrameNumber,
                                               (PMMPTE)PointerPde,
                                               MmSystemPageDirectory[(PointerPde - MiAddressToPde(NULL)) / PDE_PER_PAGE]);
#endif
 
                //
                // Move on to the next expansion address
                //
                PointerPde++;
                BaseVa = (PVOID)((ULONG_PTR)BaseVa + PAGE_SIZE);
                i--;
            } while (i > 0);
 
            //
            // Release the PFN database lock
            //
            MiReleasePfnLock(OldIrql);
 
            //
            // These pages are now available, clear their availablity bits
            //
            EndAllocation = (ULONG)(MmPagedPoolInfo.NextPdeForPagedPoolExpansion -
                                    (PMMPDE)MiAddressToPte(MmPagedPoolInfo.FirstPteForPagedPool)) *
                            PTE_PER_PAGE;
            RtlClearBits(MmPagedPoolInfo.PagedPoolAllocationMap,
                         EndAllocation,
                         PageTableCount * PTE_PER_PAGE);
 
            //
            // Update the next expansion location
            //
            MmPagedPoolInfo.NextPdeForPagedPoolExpansion += PageTableCount;
 
            //
            // Zero out the newly available memory
            //
            RtlZeroMemory(BaseVaStart, PageTableCount * PAGE_SIZE);
 
            //
            // Now try consuming the pages again
            //
            i = RtlFindClearBitsAndSet(MmPagedPoolInfo.PagedPoolAllocationMap,
                                       SizeInPages,
                                       0);
            if (i == 0xFFFFFFFF)
            {
                //
                // Out of memory!
                //
                DPRINT1("FAILED to allocate %Iu bytes from paged pool\n", SizeInBytes);
                KeReleaseGuardedMutex(&MmPagedPoolMutex);
                return NULL;
            }
        }
 
        //
        // Update the pool hint if the request was just one page
        //
        if (SizeInPages == 1) MmPagedPoolInfo.PagedPoolHint = i + 1;
 
        //
        // Update the end bitmap so we know the bounds of this allocation when
        // the time comes to free it
        //
        EndAllocation = i + SizeInPages - 1;
        RtlSetBit(MmPagedPoolInfo.EndOfPagedPoolBitmap, EndAllocation);
 
        //
        // Now we can release the lock (it mainly protects the bitmap)
        //
        KeReleaseGuardedMutex(&MmPagedPoolMutex);
 
        //
        // Now figure out where this allocation starts
        //
        BaseVa = (PVOID)((ULONG_PTR)MmPagedPoolStart + (i << PAGE_SHIFT));
 
        //
        // Flush the TLB
        //
        KeFlushEntireTb(TRUE, TRUE);
 
        /* Setup a demand-zero writable PTE */
        MI_MAKE_SOFTWARE_PTE(&TempPte, MM_READWRITE);
 
        //
        // Find the first and last PTE, then loop them all
        //
        PointerPte = MiAddressToPte(BaseVa);
        StartPte = PointerPte + SizeInPages;
        do
        {
            //
            // Write the demand zero PTE and keep going
            //
            MI_WRITE_INVALID_PTE(PointerPte, TempPte);
        } while (++PointerPte < StartPte);
 
        //
        // Return the allocation address to the caller
        //
        return BaseVa;
    }
 
    //
    // If only one page is being requested, try to grab it from the S-LIST
    //
    if ((SizeInPages == 1) && (ExQueryDepthSList(&MiNonPagedPoolSListHead)))
    {
        BaseVa = InterlockedPopEntrySList(&MiNonPagedPoolSListHead);
        if (BaseVa) return BaseVa;
    }
 
    //
    // Allocations of less than 4 pages go into their individual buckets
    //
    i = min(SizeInPages, MI_MAX_FREE_PAGE_LISTS) - 1;
 
    //
    // Loop through all the free page lists based on the page index
    //
    NextHead = &MmNonPagedPoolFreeListHead[i];
    LastHead = &MmNonPagedPoolFreeListHead[MI_MAX_FREE_PAGE_LISTS];
 
    //
    // Acquire the nonpaged pool lock
    //
    OldIrql = KeAcquireQueuedSpinLock(LockQueueMmNonPagedPoolLock);
    do
    {
        //
        // Now loop through all the free page entries in this given list
        //
        NextEntry = NextHead->Flink;
        while (NextEntry != NextHead)
        {
            /* Is freed non paged pool enabled */
            if (MmProtectFreedNonPagedPool)
            {
                /* We need to be able to touch this page, unprotect it */
                MiUnProtectFreeNonPagedPool(NextEntry, 0);
            }
 
            //
            // Grab the entry and see if it can handle our allocation
            //
            FreeEntry = CONTAINING_RECORD(NextEntry, MMFREE_POOL_ENTRY, List);
            ASSERT(FreeEntry->Signature == MM_FREE_POOL_SIGNATURE);
            if (FreeEntry->Size >= SizeInPages)
            {
                //
                // It does, so consume the pages from here
                //
                FreeEntry->Size -= SizeInPages;
 
                //
                // The allocation will begin in this free page area
                //
                BaseVa = (PVOID)((ULONG_PTR)FreeEntry +
                                 (FreeEntry->Size  << PAGE_SHIFT));
 
                /* Remove the item from the list, depending if pool is protected */
                if (MmProtectFreedNonPagedPool)
                    MiProtectedPoolRemoveEntryList(&FreeEntry->List);
                else
                    RemoveEntryList(&FreeEntry->List);
 
                //
                // However, check if its' still got space left
                //
                if (FreeEntry->Size != 0)
                {
                    /* Check which list to insert this entry into */
                    i = min(FreeEntry->Size, MI_MAX_FREE_PAGE_LISTS) - 1;
 
                    /* Insert the entry into the free list head, check for prot. pool */
                    if (MmProtectFreedNonPagedPool)
                        MiProtectedPoolInsertList(&MmNonPagedPoolFreeListHead[i], &FreeEntry->List, TRUE);
                    else
                        InsertTailList(&MmNonPagedPoolFreeListHead[i], &FreeEntry->List);
 
                    /* Is freed non paged pool protected? */
                    if (MmProtectFreedNonPagedPool)
                    {
                        /* Protect the freed pool! */
                        MiProtectFreeNonPagedPool(FreeEntry, FreeEntry->Size);
                    }
                }
 
                //
                // Grab the PTE for this allocation
                //
                PointerPte = MiAddressToPte(BaseVa);
                ASSERT(PointerPte->u.Hard.Valid == 1);
 
                //
                // Grab the PFN NextEntry and index
                //
                Pfn1 = MiGetPfnEntry(PFN_FROM_PTE(PointerPte));
 
                //
                // Now mark it as the beginning of an allocation
                //
                ASSERT(Pfn1->u3.e1.StartOfAllocation == 0);
                Pfn1->u3.e1.StartOfAllocation = 1;
 
                /* Mark it as special pool if needed */
                ASSERT(Pfn1->u4.VerifierAllocation == 0);
                if (PoolType & VERIFIER_POOL_MASK)
                {
                    Pfn1->u4.VerifierAllocation = 1;
                }
 
                //
                // Check if the allocation is larger than one page
                //
                if (SizeInPages != 1)
                {
                    //
                    // Navigate to the last PFN entry and PTE
                    //
                    PointerPte += SizeInPages - 1;
                    ASSERT(PointerPte->u.Hard.Valid == 1);
                    Pfn1 = MiGetPfnEntry(PointerPte->u.Hard.PageFrameNumber);
                }
 
                //
                // Mark this PFN as the last (might be the same as the first)
                //
                ASSERT(Pfn1->u3.e1.EndOfAllocation == 0);
                Pfn1->u3.e1.EndOfAllocation = 1;
 
                //
                // Release the nonpaged pool lock, and return the allocation
                //
                KeReleaseQueuedSpinLock(LockQueueMmNonPagedPoolLock, OldIrql);
                return BaseVa;
            }
 
            //
            // Try the next free page entry
            //
            NextEntry = FreeEntry->List.Flink;
 
            /* Is freed non paged pool protected? */
            if (MmProtectFreedNonPagedPool)
            {
                /* Protect the freed pool! */
                MiProtectFreeNonPagedPool(FreeEntry, FreeEntry->Size);
            }
        }
    } while (++NextHead < LastHead);
 
    //
    // If we got here, we're out of space.
    // Start by releasing the lock
    //
    KeReleaseQueuedSpinLock(LockQueueMmNonPagedPoolLock, OldIrql);
 
    //
    // Allocate some system PTEs
    //
    StartPte = MiReserveSystemPtes(SizeInPages, NonPagedPoolExpansion);
    PointerPte = StartPte;
    if (StartPte == NULL)
    {
        //
        // Ran out of memory
        //
        DPRINT("Out of NP Expansion Pool\n");
        return NULL;
    }
 
    //
    // Acquire the pool lock now
    //
    OldIrql = KeAcquireQueuedSpinLock(LockQueueMmNonPagedPoolLock);
 
    //
    // Lock the PFN database too
    //
    MiAcquirePfnLockAtDpcLevel();
 
    /* Check that we have enough available pages for this request */
    if (MmAvailablePages < SizeInPages)
    {
        MiReleasePfnLockFromDpcLevel();
        KeReleaseQueuedSpinLock(LockQueueMmNonPagedPoolLock, OldIrql);
 
        MiReleaseSystemPtes(StartPte, SizeInPages, NonPagedPoolExpansion);
 
        DPRINT1("OUT OF AVAILABLE PAGES! Required %lu, Available %lu\n", SizeInPages, MmAvailablePages);
 
        return NULL;
    }
 
    //
    // Loop the pages
    //
    TempPte = ValidKernelPte;
    do
    {
        /* Allocate a page */
        MI_SET_USAGE(MI_USAGE_PAGED_POOL);
        MI_SET_PROCESS2("Kernel");
        PageFrameNumber = MiRemoveAnyPage(MI_GET_NEXT_COLOR());
 
        /* Get the PFN entry for it and fill it out */
        Pfn1 = MiGetPfnEntry(PageFrameNumber);
        Pfn1->u3.e2.ReferenceCount = 1;
        Pfn1->u2.ShareCount = 1;
        Pfn1->PteAddress = PointerPte;
        Pfn1->u3.e1.PageLocation = ActiveAndValid;
        Pfn1->u4.VerifierAllocation = 0;
 
        /* Write the PTE for it */
        TempPte.u.Hard.PageFrameNumber = PageFrameNumber;
        MI_WRITE_VALID_PTE(PointerPte++, TempPte);
    } while (--SizeInPages > 0);
 
    //
    // This is the last page
    //
    Pfn1->u3.e1.EndOfAllocation = 1;
 
    //
    // Get the first page and mark it as such
    //
    Pfn1 = MiGetPfnEntry(StartPte->u.Hard.PageFrameNumber);
    Pfn1->u3.e1.StartOfAllocation = 1;
 
    /* Mark it as a verifier allocation if needed */
    ASSERT(Pfn1->u4.VerifierAllocation == 0);
    if (PoolType & VERIFIER_POOL_MASK) Pfn1->u4.VerifierAllocation = 1;
 
    //
    // Release the PFN and nonpaged pool lock
    //
    MiReleasePfnLockFromDpcLevel();
    KeReleaseQueuedSpinLock(LockQueueMmNonPagedPoolLock, OldIrql);
 
    //
    // Return the address
    //
    return MiPteToAddress(StartPte);
}

Referenced by _IRQL_requires_(), ExAllocatePoolWithTag(), and InitializePool().

◆ MiArchCreateProcessAddressSpace()

BOOLEAN MiArchCreateProcessAddressSpace	(	_In_ PEPROCESS	Process,
		_In_ PULONG_PTR	DirectoryTableBase
	)

Definition at line 21 of file procsup.c.

{
    KIRQL OldIrql;
    PFN_NUMBER TableBasePfn, HyperPfn, HyperPdPfn, HyperPtPfn;
    PMMPTE SystemPte;
    MMPTE TempPte, PdePte;
    ULONG TableIndex;
    PMMPTE PageTablePointer;
    ULONG PageColor;
 
    /* Non-arch specific code-path allocated those for us */
    TableBasePfn = DirectoryTableBase[0] >> PAGE_SHIFT;
    HyperPfn = DirectoryTableBase[1] >> PAGE_SHIFT;
 
    /*
     * Lock PFN database. Try getting zero pages.
     * If that doesn't work, we take the slow path
     * outside of the PFN lock.
     */
    OldIrql = MiAcquirePfnLock();
    PageColor = MI_GET_NEXT_PROCESS_COLOR(Process);
    HyperPdPfn = MiRemoveZeroPageSafe(PageColor);
    if(!HyperPdPfn)
    {
        HyperPdPfn = MiRemoveAnyPage(PageColor);
        MiReleasePfnLock(OldIrql);
        MiZeroPhysicalPage(HyperPdPfn);
        OldIrql = MiAcquirePfnLock();
    }
    PageColor = MI_GET_NEXT_PROCESS_COLOR(Process);
    HyperPtPfn = MiRemoveZeroPageSafe(PageColor);
    if(!HyperPtPfn)
    {
        HyperPtPfn = MiRemoveAnyPage(PageColor);
        MiReleasePfnLock(OldIrql);
        MiZeroPhysicalPage(HyperPtPfn);
    }
    else
    {
        MiReleasePfnLock(OldIrql);
    }
 
    /* Get a PTE to map the page directory */
    SystemPte = MiReserveSystemPtes(1, SystemPteSpace);
    if (!SystemPte)
        return FALSE;
 
    /* Get its address */
    PageTablePointer = MiPteToAddress(SystemPte);
 
    /* Build the PTE for the page directory and map it */
    MI_MAKE_HARDWARE_PTE_KERNEL(&PdePte, SystemPte, MM_READWRITE, TableBasePfn);
    MI_WRITE_VALID_PTE(SystemPte, PdePte);
 
    /* Copy the kernel mappings and zero out the rest */
    TableIndex = PXE_PER_PAGE / 2;
    RtlZeroMemory(PageTablePointer, TableIndex * sizeof(MMPTE));
    RtlCopyMemory(PageTablePointer + TableIndex,
                  MiAddressToPxe(0) + TableIndex,
                  PAGE_SIZE - TableIndex * sizeof(MMPTE));
 
    /* Sanity check */
    ASSERT(MiAddressToPxi(MmHyperSpaceEnd) >= TableIndex);
 
    /* Setup a PTE for the page directory mappings */
    TempPte = ValidKernelPte;
 
    /* Update the self mapping of the PML4 */
    TableIndex = MiAddressToPxi((PVOID)PXE_SELFMAP);
    TempPte.u.Hard.PageFrameNumber = TableBasePfn;
    PageTablePointer[TableIndex] = TempPte;
 
    /* Write the PML4 entry for hyperspace */
    TableIndex = MiAddressToPxi((PVOID)HYPER_SPACE);
    TempPte.u.Hard.PageFrameNumber = HyperPfn;
    PageTablePointer[TableIndex] = TempPte;
 
    /* Map the hyperspace PDPT to the system PTE */
    PdePte.u.Hard.PageFrameNumber = HyperPfn;
    *SystemPte = PdePte;
    __invlpg(PageTablePointer);
 
    /* Write the hyperspace entry for the first PD */
    TempPte.u.Hard.PageFrameNumber = HyperPdPfn;
    PageTablePointer[0] = TempPte;
 
    /* Map the hyperspace PD to the system PTE */
    PdePte.u.Hard.PageFrameNumber = HyperPdPfn;
    *SystemPte = PdePte;
    __invlpg(PageTablePointer);
 
    /* Write the hyperspace entry for the first PT */
    TempPte.u.Hard.PageFrameNumber = HyperPtPfn;
    PageTablePointer[0] = TempPte;
 
    /* Map the hyperspace PT to the system PTE */
    PdePte.u.Hard.PageFrameNumber = HyperPtPfn;
    *SystemPte = PdePte;
    __invlpg(PageTablePointer);
 
    /* Write the hyperspace PTE for the working set list index */
    TempPte.u.Hard.PageFrameNumber = Process->WorkingSetPage;
    TableIndex = MiAddressToPti(MmWorkingSetList);
    PageTablePointer[TableIndex] = TempPte;
 
    /* Release the system PTE */
    MiReleaseSystemPtes(SystemPte, 1, SystemPteSpace);
 
    return TRUE;
}

Referenced by MmCreateProcessAddressSpace().

◆ MiCheckAllProcessMemoryAreas()

VOID NTAPI MiCheckAllProcessMemoryAreas ( VOID )

◆ MiFreePoolPages()

ULONG NTAPI MiFreePoolPages ( IN PVOID StartingAddress )

Definition at line 918 of file pool.c.

{
    PMMPTE PointerPte, StartPte;
    PMMPFN Pfn1, StartPfn;
    PFN_COUNT FreePages, NumberOfPages;
    KIRQL OldIrql;
    PMMFREE_POOL_ENTRY FreeEntry, NextEntry, LastEntry;
    ULONG i, End;
    ULONG_PTR Offset;
 
    //
    // Handle paged pool
    //
    if ((StartingVa >= MmPagedPoolStart) && (StartingVa <= MmPagedPoolEnd))
    {
        //
        // Calculate the offset from the beginning of paged pool, and convert it
        // into pages
        //
        Offset = (ULONG_PTR)StartingVa - (ULONG_PTR)MmPagedPoolStart;
        i = (ULONG)(Offset >> PAGE_SHIFT);
        End = i;
 
        //
        // Now use the end bitmap to scan until we find a set bit, meaning that
        // this allocation finishes here
        //
        while (!RtlTestBit(MmPagedPoolInfo.EndOfPagedPoolBitmap, End)) End++;
 
        //
        // Now calculate the total number of pages this allocation spans. If it's
        // only one page, add it to the S-LIST instead of freeing it
        //
        NumberOfPages = End - i + 1;
        if ((NumberOfPages == 1) &&
            (ExQueryDepthSList(&MiPagedPoolSListHead) < MiPagedPoolSListMaximum))
        {
            InterlockedPushEntrySList(&MiPagedPoolSListHead, StartingVa);
            return 1;
        }
 
        /* Delete the actual pages */
        PointerPte = MmPagedPoolInfo.FirstPteForPagedPool + i;
        FreePages = MiDeleteSystemPageableVm(PointerPte, NumberOfPages, 0, NULL);
        ASSERT(FreePages == NumberOfPages);
 
        //
        // Acquire the paged pool lock
        //
        KeAcquireGuardedMutex(&MmPagedPoolMutex);
 
        //
        // Clear the allocation and free bits
        //
        RtlClearBit(MmPagedPoolInfo.EndOfPagedPoolBitmap, End);
        RtlClearBits(MmPagedPoolInfo.PagedPoolAllocationMap, i, NumberOfPages);
 
        //
        // Update the hint if we need to
        //
        if (i < MmPagedPoolInfo.PagedPoolHint) MmPagedPoolInfo.PagedPoolHint = i;
 
        //
        // Release the lock protecting the bitmaps
        //
        KeReleaseGuardedMutex(&MmPagedPoolMutex);
 
        //
        // And finally return the number of pages freed
        //
        return NumberOfPages;
    }
 
    //
    // Get the first PTE and its corresponding PFN entry. If this is also the
    // last PTE, meaning that this allocation was only for one page, push it into
    // the S-LIST instead of freeing it
    //
    StartPte = PointerPte = MiAddressToPte(StartingVa);
    StartPfn = Pfn1 = MiGetPfnEntry(PointerPte->u.Hard.PageFrameNumber);
    if ((Pfn1->u3.e1.EndOfAllocation == 1) &&
        (ExQueryDepthSList(&MiNonPagedPoolSListHead) < MiNonPagedPoolSListMaximum))
    {
        InterlockedPushEntrySList(&MiNonPagedPoolSListHead, StartingVa);
        return 1;
    }
 
    //
    // Loop until we find the last PTE
    //
    while (Pfn1->u3.e1.EndOfAllocation == 0)
    {
        //
        // Keep going
        //
        PointerPte++;
        Pfn1 = MiGetPfnEntry(PointerPte->u.Hard.PageFrameNumber);
    }
 
    //
    // Now we know how many pages we have
    //
    NumberOfPages = (PFN_COUNT)(PointerPte - StartPte + 1);
 
    //
    // Acquire the nonpaged pool lock
    //
    OldIrql = KeAcquireQueuedSpinLock(LockQueueMmNonPagedPoolLock);
 
    //
    // Mark the first and last PTEs as not part of an allocation anymore
    //
    StartPfn->u3.e1.StartOfAllocation = 0;
    Pfn1->u3.e1.EndOfAllocation = 0;
 
    //
    // Assume we will free as many pages as the allocation was
    //
    FreePages = NumberOfPages;
 
    //
    // Peek one page past the end of the allocation
    //
    PointerPte++;
 
    //
    // Guard against going past initial nonpaged pool
    //
    if (MiGetPfnEntryIndex(Pfn1) == MiEndOfInitialPoolFrame)
    {
        //
        // This page is on the outskirts of initial nonpaged pool, so ignore it
        //
        Pfn1 = NULL;
    }
    else
    {
        /* Sanity check */
        ASSERT((ULONG_PTR)StartingVa + NumberOfPages <= (ULONG_PTR)MmNonPagedPoolEnd);
 
        /* Check if protected pool is enabled */
        if (MmProtectFreedNonPagedPool)
        {
            /* The freed block will be merged, it must be made accessible */
            MiUnProtectFreeNonPagedPool(MiPteToAddress(PointerPte), 0);
        }
 
        //
        // Otherwise, our entire allocation must've fit within the initial non
        // paged pool, or the expansion nonpaged pool, so get the PFN entry of
        // the next allocation
        //
        if (PointerPte->u.Hard.Valid == 1)
        {
            //
            // It's either expansion or initial: get the PFN entry
            //
            Pfn1 = MiGetPfnEntry(PointerPte->u.Hard.PageFrameNumber);
        }
        else
        {
            //
            // This means we've reached the guard page that protects the end of
            // the expansion nonpaged pool
            //
            Pfn1 = NULL;
        }
 
    }
 
    //
    // Check if this allocation actually exists
    //
    if ((Pfn1) && (Pfn1->u3.e1.StartOfAllocation == 0))
    {
        //
        // It doesn't, so we should actually locate a free entry descriptor
        //
        FreeEntry = (PMMFREE_POOL_ENTRY)((ULONG_PTR)StartingVa +
                                         (NumberOfPages << PAGE_SHIFT));
        ASSERT(FreeEntry->Signature == MM_FREE_POOL_SIGNATURE);
        ASSERT(FreeEntry->Owner == FreeEntry);
 
        /* Consume this entry's pages */
        FreePages += FreeEntry->Size;
 
        /* Remove the item from the list, depending if pool is protected */
        if (MmProtectFreedNonPagedPool)
            MiProtectedPoolRemoveEntryList(&FreeEntry->List);
        else
            RemoveEntryList(&FreeEntry->List);
    }
 
    //
    // Now get the official free entry we'll create for the caller's allocation
    //
    FreeEntry = StartingVa;
 
    //
    // Check if the our allocation is the very first page
    //
    if (MiGetPfnEntryIndex(StartPfn) == MiStartOfInitialPoolFrame)
    {
        //
        // Then we can't do anything or we'll risk underflowing
        //
        Pfn1 = NULL;
    }
    else
    {
        //
        // Otherwise, get the PTE for the page right before our allocation
        //
        PointerPte -= NumberOfPages + 1;
 
        /* Check if protected pool is enabled */
        if (MmProtectFreedNonPagedPool)
        {
            /* The freed block will be merged, it must be made accessible */
            MiUnProtectFreeNonPagedPool(MiPteToAddress(PointerPte), 0);
        }
 
        /* Check if this is valid pool, or a guard page */
        if (PointerPte->u.Hard.Valid == 1)
        {
            //
            // It's either expansion or initial nonpaged pool, get the PFN entry
            //
            Pfn1 = MiGetPfnEntry(PointerPte->u.Hard.PageFrameNumber);
        }
        else
        {
            //
            // We must've reached the guard page, so don't risk touching it
            //
            Pfn1 = NULL;
        }
    }
 
    //
    // Check if there is a valid PFN entry for the page before the allocation
    // and then check if this page was actually the end of an allocation.
    // If it wasn't, then we know for sure it's a free page
    //
    if ((Pfn1) && (Pfn1->u3.e1.EndOfAllocation == 0))
    {
        //
        // Get the free entry descriptor for that given page range
        //
        FreeEntry = (PMMFREE_POOL_ENTRY)((ULONG_PTR)StartingVa - PAGE_SIZE);
        ASSERT(FreeEntry->Signature == MM_FREE_POOL_SIGNATURE);
        FreeEntry = FreeEntry->Owner;
 
        /* Check if protected pool is enabled */
        if (MmProtectFreedNonPagedPool)
        {
            /* The freed block will be merged, it must be made accessible */
            MiUnProtectFreeNonPagedPool(FreeEntry, 0);
        }
 
        //
        // Check if the entry is small enough (1-3 pages) to be indexed on a free list
        // If it is, we'll want to re-insert it, since we're about to
        // collapse our pages on top of it, which will change its count
        //
        if (FreeEntry->Size < MI_MAX_FREE_PAGE_LISTS)
        {
            /* Remove the item from the list, depending if pool is protected */
            if (MmProtectFreedNonPagedPool)
                MiProtectedPoolRemoveEntryList(&FreeEntry->List);
            else
                RemoveEntryList(&FreeEntry->List);
 
            //
            // Update its size
            //
            FreeEntry->Size += FreePages;
 
            //
            // And now find the new appropriate list to place it in
            //
            i = min(FreeEntry->Size, MI_MAX_FREE_PAGE_LISTS) - 1;
 
            /* Insert the entry into the free list head, check for prot. pool */
            if (MmProtectFreedNonPagedPool)
                MiProtectedPoolInsertList(&MmNonPagedPoolFreeListHead[i], &FreeEntry->List, TRUE);
            else
                InsertTailList(&MmNonPagedPoolFreeListHead[i], &FreeEntry->List);
        }
        else
        {
            //
            // Otherwise, just combine our free pages into this entry
            //
            FreeEntry->Size += FreePages;
        }
    }
 
    //
    // Check if we were unable to do any compaction, and we'll stick with this
    //
    if (FreeEntry == StartingVa)
    {
        //
        // Well, now we are a free entry. At worse we just have our newly freed
        // pages, at best we have our pages plus whatever entry came after us
        //
        FreeEntry->Size = FreePages;
 
        //
        // Find the appropriate list we should be on
        //
        i = min(FreeEntry->Size, MI_MAX_FREE_PAGE_LISTS) - 1;
 
        /* Insert the entry into the free list head, check for prot. pool */
        if (MmProtectFreedNonPagedPool)
            MiProtectedPoolInsertList(&MmNonPagedPoolFreeListHead[i], &FreeEntry->List, TRUE);
        else
            InsertTailList(&MmNonPagedPoolFreeListHead[i], &FreeEntry->List);
    }
 
    //
    // Just a sanity check
    //
    ASSERT(FreePages != 0);
 
    //
    // Get all the pages between our allocation and its end. These will all now
    // become free page chunks.
    //
    NextEntry = StartingVa;
    LastEntry = (PMMFREE_POOL_ENTRY)((ULONG_PTR)NextEntry + (FreePages << PAGE_SHIFT));
    do
    {
        //
        // Link back to the parent free entry, and keep going
        //
        NextEntry->Owner = FreeEntry;
        NextEntry->Signature = MM_FREE_POOL_SIGNATURE;
        NextEntry = (PMMFREE_POOL_ENTRY)((ULONG_PTR)NextEntry + PAGE_SIZE);
    } while (NextEntry != LastEntry);
 
    /* Is freed non paged pool protected? */
    if (MmProtectFreedNonPagedPool)
    {
        /* Protect the freed pool! */
        MiProtectFreeNonPagedPool(FreeEntry, FreeEntry->Size);
    }
 
    //
    // We're done, release the lock and let the caller know how much we freed
    //
    KeReleaseQueuedSpinLock(LockQueueMmNonPagedPoolLock, OldIrql);
    return NumberOfPages;
}

Referenced by _IRQL_requires_(), and ExFreePoolWithTag().

◆ MiGetPfnEntry()

FORCEINLINE PMMPFN MiGetPfnEntry ( IN PFN_NUMBER Pfn )

Definition at line 1054 of file mm.h.

{
    PMMPFN Page;
    extern RTL_BITMAP MiPfnBitMap;
 
    /* Make sure the PFN number is valid */
    if (Pfn > MmHighestPhysicalPage) return NULL;
 
    /* Make sure this page actually has a PFN entry */
    if ((MiPfnBitMap.Buffer) && !(RtlTestBit(&MiPfnBitMap, (ULONG)Pfn))) return NULL;
 
    /* Get the entry */
    Page = &MmPfnDatabase[Pfn];
 
    /* Return it */
    return Page;
};

Referenced by FreeWsleIndex(), MiAddHalIoMappings(), MiAllocatePagesForMdl(), MiAllocatePoolPages(), MiBuildPfnDatabaseFromLoaderBlock(), MiBuildPfnDatabaseFromPages(), MiBuildPfnDatabaseFromPageTables(), MiBuildPfnDatabaseSelf(), MiBuildPfnDatabaseZeroPage(), MiCompleteProtoPteFault(), MiCopyPfn(), MiDbgTranslatePhysicalAddress(), MiDecommitPages(), MiDecrementPageTableReferences(), MiDeletePte(), MiDeleteSystemPageableVm(), MiDispatchFault(), MiFindContiguousMemory(), MiFreeContiguousMemory(), MiFreePoolPages(), MiGetPageProtection(), MiIncrementPageTableReferences(), MiInitMachineDependent(), MiInsertInWorkingSetList(), MiIsPageTablePresent(), MiLockVirtualMemory(), MiMapLockedPagesInUserSpace(), MiMapPageInHyperSpace(), MiProcessValidPteList(), MiProtectVirtualMemory(), MiReloadBootLoadedDrivers(), MiRemoveMappedPtes(), MiResolveProtoPteFault(), MiResolveTransitionFault(), MiSetPagingOfDriver(), MiSetupPfnForPageTable(), MiUnlockVirtualMemory(), MiUnmapLockedPagesInUserSpace(), MiZeroPfn(), MmAllocPage(), MmArmAccessFault(), MmBuildMdlForNonPagedPool(), MmDeleteKernelStack(), MmDeleteProcessAddressSpace(), MmDereferencePage(), MmDumpArmPfnDatabase(), MmFreeLoaderBlock(), MmFreePagesFromMdl(), MmGetLRUNextUserPage(), MmGetReferenceCountPage(), MmGetRmapListHeadPage(), MmGetSavedSwapEntryPage(), MmInitializeProcessAddressSpace(), MmInsertLRULastUserPage(), MmIsPageInUse(), MmMapIoSpace(), MmProbeAndLockPages(), MmReferencePage(), MmRemoveLRUUserPage(), MmSetRmapListHeadPage(), MmSetSavedSwapEntryPage(), MmUnlockPages(), MmUnmapIoSpace(), MmZeroPageThread(), PspCreateProcess(), RemoveFromWsList(), and TrimWsList().

◆ MiGetPfnEntryIndex()

FORCEINLINE PFN_NUMBER MiGetPfnEntryIndex ( IN PMMPFN Pfn1 )

Definition at line 1074 of file mm.h.

{
    //
    // This will return the Page Frame Number (PFN) from the MMPFN
    //
    return Pfn1 - MmPfnDatabase;
}

Referenced by MiAllocatePagesForMdl(), MiDecrementShareCount(), MiDereferencePfnAndDropLockCount(), MiFreePoolPages(), MiInsertPageInFreeList(), MiMapPagesInZeroSpace(), MiUnlinkFreeOrZeroedPage(), MmGetLRUFirstUserPage(), MmGetLRUNextUserPage(), MmInitializeProcessAddressSpace(), and MmZeroPageThread().

◆ MiInitBalancerThread()

VOID NTAPI MiInitBalancerThread ( VOID )

Definition at line 426 of file balance.c.

{
    KPRIORITY Priority;
    NTSTATUS Status;
    LARGE_INTEGER Timeout;
 
    KeInitializeEvent(&MiBalancerEvent, SynchronizationEvent, FALSE);
    KeInitializeEvent(&MiBalancerDoneEvent, SynchronizationEvent, FALSE);
    KeInitializeTimerEx(&MiBalancerTimer, SynchronizationTimer);
 
    Timeout.QuadPart = -20000000; /* 2 sec */
    KeSetTimerEx(&MiBalancerTimer,
                 Timeout,
                 2000,         /* 2 sec */
                 NULL);
 
    Status = PsCreateSystemThread(&MiBalancerThreadHandle,
                                  THREAD_ALL_ACCESS,
                                  NULL,
                                  NULL,
                                  &MiBalancerThreadId,
                                  MiBalancerThread,
                                  NULL);
    if (!NT_SUCCESS(Status))
    {
        KeBugCheck(MEMORY_MANAGEMENT);
    }
 
    Priority = LOW_REALTIME_PRIORITY + 1;
    NtSetInformationThread(MiBalancerThreadHandle,
                           ThreadPriority,
                           &Priority,
                           sizeof(Priority));
 
}

Referenced by MmInitSystem().

◆ MiInitializeLoadedModuleList()

BOOLEAN NTAPI MiInitializeLoadedModuleList ( IN PLOADER_PARAMETER_BLOCK LoaderBlock )

Definition at line 2242 of file sysldr.c.

{
    PLDR_DATA_TABLE_ENTRY LdrEntry, NewEntry;
    PLIST_ENTRY ListHead, NextEntry;
    ULONG EntrySize;
 
    /* Setup the loaded module list and locks */
    ExInitializeResourceLite(&PsLoadedModuleResource);
    KeInitializeSpinLock(&PsLoadedModuleSpinLock);
    InitializeListHead(&PsLoadedModuleList);
 
    /* Get loop variables and the kernel entry */
    ListHead = &LoaderBlock->LoadOrderListHead;
    NextEntry = ListHead->Flink;
    LdrEntry = CONTAINING_RECORD(NextEntry,
                                 LDR_DATA_TABLE_ENTRY,
                                 InLoadOrderLinks);
    PsNtosImageBase = (ULONG_PTR)LdrEntry->DllBase;
 
    /* Locate resource section, pool code, and system pte code */
    MiLocateKernelSections(LdrEntry);
 
    /* Loop the loader block */
    while (NextEntry != ListHead)
    {
        /* Get the loader entry */
        LdrEntry = CONTAINING_RECORD(NextEntry,
                                     LDR_DATA_TABLE_ENTRY,
                                     InLoadOrderLinks);
 
        /* FIXME: ROS HACK. Make sure this is a driver */
        if (!RtlImageNtHeader(LdrEntry->DllBase))
        {
            /* Skip this entry */
            NextEntry = NextEntry->Flink;
            continue;
        }
 
        /* Calculate the size we'll need and allocate a copy */
        EntrySize = sizeof(LDR_DATA_TABLE_ENTRY) +
                    LdrEntry->BaseDllName.MaximumLength +
                    sizeof(UNICODE_NULL);
        NewEntry = ExAllocatePoolWithTag(NonPagedPool, EntrySize, TAG_MODULE_OBJECT);
        if (!NewEntry) return FALSE;
 
        /* Copy the entry over */
        *NewEntry = *LdrEntry;
 
        /* Allocate the name */
        NewEntry->FullDllName.Buffer =
            ExAllocatePoolWithTag(PagedPool,
                                  LdrEntry->FullDllName.MaximumLength +
                                      sizeof(UNICODE_NULL),
                                  TAG_LDR_WSTR);
        if (!NewEntry->FullDllName.Buffer)
        {
            ExFreePoolWithTag(NewEntry, TAG_MODULE_OBJECT);
            return FALSE;
        }
 
        /* Set the base name */
        NewEntry->BaseDllName.Buffer = (PVOID)(NewEntry + 1);
 
        /* Copy the full and base name */
        RtlCopyMemory(NewEntry->FullDllName.Buffer,
                      LdrEntry->FullDllName.Buffer,
                      LdrEntry->FullDllName.MaximumLength);
        RtlCopyMemory(NewEntry->BaseDllName.Buffer,
                      LdrEntry->BaseDllName.Buffer,
                      LdrEntry->BaseDllName.MaximumLength);
 
        /* Null-terminate the base name */
        NewEntry->BaseDllName.Buffer[NewEntry->BaseDllName.Length /
                                     sizeof(WCHAR)] = UNICODE_NULL;
 
        /* Insert the entry into the list */
        InsertTailList(&PsLoadedModuleList, &NewEntry->InLoadOrderLinks);
        NextEntry = NextEntry->Flink;
    }
 
    /* Build the import lists for the boot drivers */
    MiBuildImportsForBootDrivers();
 
    /* We're done */
    return TRUE;
}

Referenced by MmArmInitSystem().

◆ MiInitializeNonPagedPool()

VOID NTAPI MiInitializeNonPagedPool ( VOID )

Definition at line 278 of file pool.c.

{
    ULONG i;
    PFN_COUNT PoolPages;
    PMMFREE_POOL_ENTRY FreeEntry, FirstEntry;
    PMMPTE PointerPte;
    PAGED_CODE();
 
    //
    // Initialize the pool S-LISTs as well as their maximum count. In general,
    // we'll allow 8 times the default on a 2GB system, and two times the default
    // on a 1GB system.
    //
    InitializeSListHead(&MiPagedPoolSListHead);
    InitializeSListHead(&MiNonPagedPoolSListHead);
    if (MmNumberOfPhysicalPages >= ((2 * _1GB) /PAGE_SIZE))
    {
        MiNonPagedPoolSListMaximum *= 8;
        MiPagedPoolSListMaximum *= 8;
    }
    else if (MmNumberOfPhysicalPages >= (_1GB /PAGE_SIZE))
    {
        MiNonPagedPoolSListMaximum *= 2;
        MiPagedPoolSListMaximum *= 2;
    }
 
    //
    // However if debugging options for the pool are enabled, turn off the S-LIST
    // to reduce the risk of messing things up even more
    //
    if (MmProtectFreedNonPagedPool)
    {
        MiNonPagedPoolSListMaximum = 0;
        MiPagedPoolSListMaximum = 0;
    }
 
    //
    // We keep 4 lists of free pages (4 lists help avoid contention)
    //
    for (i = 0; i < MI_MAX_FREE_PAGE_LISTS; i++)
    {
        //
        // Initialize each of them
        //
        InitializeListHead(&MmNonPagedPoolFreeListHead[i]);
    }
 
    //
    // Calculate how many pages the initial nonpaged pool has
    //
    PoolPages = (PFN_COUNT)BYTES_TO_PAGES(MmSizeOfNonPagedPoolInBytes);
    MmNumberOfFreeNonPagedPool = PoolPages;
 
    //
    // Initialize the first free entry
    //
    FreeEntry = MmNonPagedPoolStart;
    FirstEntry = FreeEntry;
    FreeEntry->Size = PoolPages;
    FreeEntry->Signature = MM_FREE_POOL_SIGNATURE;
    FreeEntry->Owner = FirstEntry;
 
    //
    // Insert it into the last list
    //
    InsertHeadList(&MmNonPagedPoolFreeListHead[MI_MAX_FREE_PAGE_LISTS - 1],
                   &FreeEntry->List);
 
    //
    // Now create free entries for every single other page
    //
    while (PoolPages-- > 1)
    {
        //
        // Link them all back to the original entry
        //
        FreeEntry = (PMMFREE_POOL_ENTRY)((ULONG_PTR)FreeEntry + PAGE_SIZE);
        FreeEntry->Owner = FirstEntry;
        FreeEntry->Signature = MM_FREE_POOL_SIGNATURE;
    }
 
    //
    // Validate and remember first allocated pool page
    //
    PointerPte = MiAddressToPte(MmNonPagedPoolStart);
    ASSERT(PointerPte->u.Hard.Valid == 1);
    MiStartOfInitialPoolFrame = PFN_FROM_PTE(PointerPte);
 
    //
    // Keep track of where initial nonpaged pool ends
    //
    MmNonPagedPoolEnd0 = (PVOID)((ULONG_PTR)MmNonPagedPoolStart +
                                 MmSizeOfNonPagedPoolInBytes);
 
    //
    // Validate and remember last allocated pool page
    //
    PointerPte = MiAddressToPte((PVOID)((ULONG_PTR)MmNonPagedPoolEnd0 - 1));
    ASSERT(PointerPte->u.Hard.Valid == 1);
    MiEndOfInitialPoolFrame = PFN_FROM_PTE(PointerPte);
 
    //
    // Validate the first nonpaged pool expansion page (which is a guard page)
    //
    PointerPte = MiAddressToPte(MmNonPagedPoolExpansionStart);
    ASSERT(PointerPte->u.Hard.Valid == 0);
 
    //
    // Calculate the size of the expansion region alone
    //
    MiExpansionPoolPagesInitialCharge = (PFN_COUNT)
    BYTES_TO_PAGES(MmMaximumNonPagedPoolInBytes - MmSizeOfNonPagedPoolInBytes);
 
    //
    // Remove 2 pages, since there's a guard page on top and on the bottom
    //
    MiExpansionPoolPagesInitialCharge -= 2;
 
    //
    // Now initialize the nonpaged pool expansion PTE space. Remember there's a
    // guard page on top so make sure to skip it. The bottom guard page will be
    // guaranteed by the fact our size is off by one.
    //
    MiInitializeSystemPtes(PointerPte + 1,
                           MiExpansionPoolPagesInitialCharge,
                           NonPagedPoolExpansion);
}

Referenced by MiBuildNonPagedPool(), and MiInitMachineDependent().

◆ MiInitializeSpecialPool()

VOID NTAPI MiInitializeSpecialPool ( VOID )

Definition at line 123 of file special.c.

{
    ULONG SpecialPoolPtes, i;
    PMMPTE PointerPte;
 
    /* Check if there is a special pool tag */
    if ((MmSpecialPoolTag == 0) ||
        (MmSpecialPoolTag == -1)) return;
 
    /* Calculate number of system PTEs for the special pool */
    if (MmNumberOfSystemPtes >= 0x3000)
        SpecialPoolPtes = MmNumberOfSystemPtes / 3;
    else
        SpecialPoolPtes = MmNumberOfSystemPtes / 6;
 
    /* Don't let the number go too high */
    if (SpecialPoolPtes > 0x6000) SpecialPoolPtes = 0x6000;
 
    /* Round up to the page size */
    SpecialPoolPtes = PAGE_ROUND_UP(SpecialPoolPtes);
 
    ASSERT((SpecialPoolPtes & (PTE_PER_PAGE - 1)) == 0);
 
    /* Reserve those PTEs */
    do
    {
        PointerPte = MiReserveAlignedSystemPtes(SpecialPoolPtes,
                                                SystemPteSpace,
                                                /*0x400000*/0); // FIXME:
        if (PointerPte) break;
 
        /* Reserving didn't work, so try to reduce the requested size */
        ASSERT(SpecialPoolPtes >= PTE_PER_PAGE);
        SpecialPoolPtes -= PTE_PER_PAGE;
    } while (SpecialPoolPtes);
 
    /* Fail if we couldn't reserve them at all */
    if (!SpecialPoolPtes) return;
 
    /* Make sure we got enough */
    ASSERT(SpecialPoolPtes >= PTE_PER_PAGE);
 
    /* Save first PTE and its address */
    MiSpecialPoolFirstPte = PointerPte;
    MmSpecialPoolStart = MiPteToAddress(PointerPte);
 
    for (i = 0; i < PTE_PER_PAGE / 2; i++)
    {
        /* Point it to the next entry */
        PointerPte->u.List.NextEntry = &PointerPte[2] - MmSystemPteBase;
 
        /* Move to the next pair */
        PointerPte += 2;
    }
 
    /* Save extra values */
    MiSpecialPoolExtra = PointerPte;
    MiSpecialPoolExtraCount = SpecialPoolPtes - PTE_PER_PAGE;
 
    /* Mark the previous PTE as the last one */
    MiSpecialPoolLastPte = PointerPte - 2;
    MiSpecialPoolLastPte->u.List.NextEntry = MM_EMPTY_PTE_LIST;
 
    /* Save end address of the special pool */
    MmSpecialPoolEnd = MiPteToAddress(MiSpecialPoolLastPte + 1);
 
    /* Calculate maximum non-paged part of the special pool */
    MiSpecialPagesNonPagedMaximum = MmResidentAvailablePages >> 4;
 
    /* And limit it if it turned out to be too big */
    if (MmNumberOfPhysicalPages > 0x3FFF)
        MiSpecialPagesNonPagedMaximum = MmResidentAvailablePages >> 3;
 
    DPRINT1("Special pool start %p - end %p\n", MmSpecialPoolStart, MmSpecialPoolEnd);
    ExpPoolFlags |= POOL_FLAG_SPECIAL_POOL;
 
    //MiTestSpecialPool();
}

Referenced by MiBuildPagedPool().

◆ MiMapPageInHyperSpace()

PVOID NTAPI MiMapPageInHyperSpace	(	IN PEPROCESS	Process,
		IN PFN_NUMBER	Page,
		IN PKIRQL	OldIrql
	)

Definition at line 28 of file hypermap.c.

{
    MMPTE TempPte;
    PMMPTE PointerPte;
    PFN_NUMBER Offset;
 
    //
    // Never accept page 0 or non-physical pages
    //
    ASSERT(Page != 0);
    ASSERT(MiGetPfnEntry(Page) != NULL);
 
    //
    // Build the PTE
    //
    TempPte = ValidKernelPteLocal;
    TempPte.u.Hard.PageFrameNumber = Page;
 
    //
    // Pick the first hyperspace PTE
    //
    PointerPte = MmFirstReservedMappingPte;
 
    //
    // Acquire the hyperlock
    //
    ASSERT(Process == PsGetCurrentProcess());
    KeAcquireSpinLock(&Process->HyperSpaceLock, OldIrql);
 
    //
    // Now get the first free PTE
    //
    Offset = PFN_FROM_PTE(PointerPte);
    if (!Offset)
    {
        //
        // Reset the PTEs
        //
        Offset = MI_HYPERSPACE_PTES;
        KeFlushProcessTb();
    }
 
    //
    // Prepare the next PTE
    //
    PointerPte->u.Hard.PageFrameNumber = Offset - 1;
 
    //
    // Write the current PTE
    //
    PointerPte += Offset;
    MI_WRITE_VALID_PTE(PointerPte, TempPte);
 
    //
    // Return the address
    //
    return MiPteToAddress(PointerPte);
}

Referenced by MiCopyFromUserPage(), MiReadFilePage(), and MiZeroPhysicalPage().

◆ MiMapPagesInZeroSpace()

PVOID NTAPI MiMapPagesInZeroSpace	(	IN PMMPFN	Pfn1,
		IN PFN_NUMBER	NumberOfPages
	)

Definition at line 111 of file hypermap.c.

{
    MMPTE TempPte;
    PMMPTE PointerPte;
    PFN_NUMBER Offset, PageFrameIndex;
 
    //
    // Sanity checks
    //
    ASSERT(KeGetCurrentIrql() == PASSIVE_LEVEL);
    ASSERT(NumberOfPages != 0);
    ASSERT(NumberOfPages <= MI_ZERO_PTES);
 
    //
    // Pick the first zeroing PTE
    //
    PointerPte = MiFirstReservedZeroingPte;
 
    //
    // Now get the first free PTE
    //
    Offset = PFN_FROM_PTE(PointerPte);
    if (NumberOfPages > Offset)
    {
        //
        // Reset the PTEs
        //
        Offset = MI_ZERO_PTES;
        PointerPte->u.Hard.PageFrameNumber = Offset;
        KeFlushProcessTb();
    }
 
    //
    // Prepare the next PTE
    //
    PointerPte->u.Hard.PageFrameNumber = Offset - NumberOfPages;
 
    /* Choose the correct PTE to use, and which template */
    PointerPte += (Offset + 1);
    TempPte = ValidKernelPte;
 
    /* Disable cache. Write through */
    MI_PAGE_DISABLE_CACHE(&TempPte);
    MI_PAGE_WRITE_THROUGH(&TempPte);
 
    /* Make sure the list isn't empty and loop it */
    ASSERT(Pfn1 != (PVOID)LIST_HEAD);
    while (Pfn1 != (PVOID)LIST_HEAD)
    {
        /* Get the page index for this PFN */
        PageFrameIndex = MiGetPfnEntryIndex(Pfn1);
 
        //
        // Write the PFN
        //
        TempPte.u.Hard.PageFrameNumber = PageFrameIndex;
 
        //
        // Set the correct PTE to write to, and set its new value
        //
        PointerPte--;
        MI_WRITE_VALID_PTE(PointerPte, TempPte);
 
        /* Move to the next PFN */
        Pfn1 = (PMMPFN)Pfn1->u1.Flink;
    }
 
    //
    // Return the address
    //
    return MiPteToAddress(PointerPte);
}

Referenced by MmZeroPageThread().

◆ MiReadPageFile()

NTSTATUS NTAPI MiReadPageFile	(	_In_ PFN_NUMBER	Page,
		_In_ ULONG	PageFileIndex,
		_In_ ULONG_PTR	PageFileOffset
	)

Definition at line 211 of file pagefile.c.

{
    LARGE_INTEGER file_offset;
    IO_STATUS_BLOCK Iosb;
    NTSTATUS Status;
    KEVENT Event;
    UCHAR MdlBase[sizeof(MDL) + sizeof(PFN_NUMBER)];
    PMDL Mdl = (PMDL)MdlBase;
    PMMPAGING_FILE PagingFile;
 
    DPRINT("MiReadSwapFile\n");
 
    if (PageFileOffset == 0)
    {
        KeBugCheck(MEMORY_MANAGEMENT);
        return(STATUS_UNSUCCESSFUL);
    }
 
    /* Normalize offset. */
    PageFileOffset--;
 
    ASSERT(PageFileIndex < MAX_PAGING_FILES);
 
    PagingFile = MmPagingFile[PageFileIndex];
 
    if (PagingFile->FileObject == NULL || PagingFile->FileObject->DeviceObject == NULL)
    {
        DPRINT1("Bad paging file %u\n", PageFileIndex);
        KeBugCheck(MEMORY_MANAGEMENT);
    }
 
    MmInitializeMdl(Mdl, NULL, PAGE_SIZE);
    MmBuildMdlFromPages(Mdl, &Page);
    Mdl->MdlFlags |= MDL_PAGES_LOCKED | MDL_IO_PAGE_READ;
 
    file_offset.QuadPart = PageFileOffset * PAGE_SIZE;
 
    KeInitializeEvent(&Event, NotificationEvent, FALSE);
    Status = IoPageRead(PagingFile->FileObject,
                        Mdl,
                        &file_offset,
                        &Event,
                        &Iosb);
    if (Status == STATUS_PENDING)
    {
        KeWaitForSingleObject(&Event, Executive, KernelMode, FALSE, NULL);
        Status = Iosb.Status;
    }
    if (Mdl->MdlFlags & MDL_MAPPED_TO_SYSTEM_VA)
    {
        MmUnmapLockedPages (Mdl->MappedSystemVa, Mdl);
    }
    return(Status);
}

Referenced by MiResolvePageFileFault(), and MmReadFromSwapPage().

◆ MiReloadBootLoadedDrivers()

VOID NTAPI MiReloadBootLoadedDrivers ( IN PLOADER_PARAMETER_BLOCK LoaderBlock )

Definition at line 1731 of file sysldr.c.

{
    PLIST_ENTRY NextEntry;
    ULONG i = 0;
    PIMAGE_NT_HEADERS NtHeader;
    PLDR_DATA_TABLE_ENTRY LdrEntry;
    PIMAGE_FILE_HEADER FileHeader;
    BOOLEAN ValidRelocs;
    PIMAGE_DATA_DIRECTORY DataDirectory;
    PVOID DllBase, NewImageAddress;
    NTSTATUS Status;
    PMMPTE PointerPte, StartPte, LastPte;
    PFN_COUNT PteCount;
    PMMPFN Pfn1;
    MMPTE TempPte, OldPte;
 
    /* Loop driver list */
    for (NextEntry = LoaderBlock->LoadOrderListHead.Flink;
         NextEntry != &LoaderBlock->LoadOrderListHead;
         NextEntry = NextEntry->Flink)
    {
        /* Get the loader entry and NT header */
        LdrEntry = CONTAINING_RECORD(NextEntry,
                                     LDR_DATA_TABLE_ENTRY,
                                     InLoadOrderLinks);
        NtHeader = RtlImageNtHeader(LdrEntry->DllBase);
 
        /* Debug info */
        DPRINT("[Mm0]: Driver at: %p ending at: %p for module: %wZ\n",
                LdrEntry->DllBase,
                (ULONG_PTR)LdrEntry->DllBase + LdrEntry->SizeOfImage,
                &LdrEntry->FullDllName);
 
        /* Get the first PTE and the number of PTEs we'll need */
        PointerPte = StartPte = MiAddressToPte(LdrEntry->DllBase);
        PteCount = ROUND_TO_PAGES(LdrEntry->SizeOfImage) >> PAGE_SHIFT;
        LastPte = StartPte + PteCount;
 
#if MI_TRACE_PFNS
        /* Loop the PTEs */
        while (PointerPte < LastPte)
        {
            ULONG len;
            ASSERT(PointerPte->u.Hard.Valid == 1);
            Pfn1 = MiGetPfnEntry(PFN_FROM_PTE(PointerPte));
            len = wcslen(LdrEntry->BaseDllName.Buffer) * sizeof(WCHAR);
            snprintf(Pfn1->ProcessName, min(16, len), "%S", LdrEntry->BaseDllName.Buffer);
            PointerPte++;
        }
#endif
        /* Skip kernel and HAL */
        /* ROS HACK: Skip BOOTVID/KDCOM too */
        i++;
        if (i <= 4) continue;
 
        /* Skip non-drivers */
        if (!NtHeader) continue;
 
        /* Get the file header and make sure we can relocate */
        FileHeader = &NtHeader->FileHeader;
        if (FileHeader->Characteristics & IMAGE_FILE_RELOCS_STRIPPED) continue;
        if (NtHeader->OptionalHeader.NumberOfRvaAndSizes <
            IMAGE_DIRECTORY_ENTRY_BASERELOC) continue;
 
        /* Everything made sense until now, check the relocation section too */
        DataDirectory = &NtHeader->OptionalHeader.
                        DataDirectory[IMAGE_DIRECTORY_ENTRY_BASERELOC];
        if (!DataDirectory->VirtualAddress)
        {
            /* We don't really have relocations */
            ValidRelocs = FALSE;
        }
        else
        {
            /* Make sure the size is valid */
            if ((DataDirectory->VirtualAddress + DataDirectory->Size) >
                LdrEntry->SizeOfImage)
            {
                /* They're not, skip */
                continue;
            }
 
            /* We have relocations */
            ValidRelocs = TRUE;
        }
 
        /* Remember the original address */
        DllBase = LdrEntry->DllBase;
 
        /* Loop the PTEs */
        PointerPte = StartPte;
        while (PointerPte < LastPte)
        {
            /* Mark the page modified in the PFN database */
            ASSERT(PointerPte->u.Hard.Valid == 1);
            Pfn1 = MiGetPfnEntry(PFN_FROM_PTE(PointerPte));
            ASSERT(Pfn1->u3.e1.Rom == 0);
            Pfn1->u3.e1.Modified = TRUE;
 
            /* Next */
            PointerPte++;
        }
 
        /* Now reserve system PTEs for the image */
        PointerPte = MiReserveSystemPtes(PteCount, SystemPteSpace);
        if (!PointerPte)
        {
            /* Shouldn't happen */
            ERROR_FATAL("[Mm0]: Couldn't allocate driver section!\n");
            return;
        }
 
        /* This is the new virtual address for the module */
        LastPte = PointerPte + PteCount;
        NewImageAddress = MiPteToAddress(PointerPte);
 
        /* Sanity check */
        DPRINT("[Mm0]: Copying from: %p to: %p\n", DllBase, NewImageAddress);
        ASSERT(ExpInitializationPhase == 0);
 
        /* Loop the new driver PTEs */
        TempPte = ValidKernelPte;
        while (PointerPte < LastPte)
        {
            /* Copy the old data */
            OldPte = *StartPte;
            ASSERT(OldPte.u.Hard.Valid == 1);
 
            /* Set page number from the loader's memory */
            TempPte.u.Hard.PageFrameNumber = OldPte.u.Hard.PageFrameNumber;
 
            /* Write it */
            MI_WRITE_VALID_PTE(PointerPte, TempPte);
 
            /* Move on */
            PointerPte++;
            StartPte++;
        }
 
        /* Update position */
        PointerPte -= PteCount;
 
        /* Sanity check */
        ASSERT(*(PULONG)NewImageAddress == *(PULONG)DllBase);
 
        /* Set the image base to the address where the loader put it */
        NtHeader->OptionalHeader.ImageBase = (ULONG_PTR)DllBase;
 
        /* Check if we had relocations */
        if (ValidRelocs)
        {
            /* Relocate the image */
            Status = LdrRelocateImageWithBias(NewImageAddress,
                                              0,
                                              "SYSLDR",
                                              STATUS_SUCCESS,
                                              STATUS_CONFLICTING_ADDRESSES,
                                              STATUS_INVALID_IMAGE_FORMAT);
            if (!NT_SUCCESS(Status))
            {
                /* This shouldn't happen */
                ERROR_FATAL("Relocations failed!\n");
                return;
            }
        }
 
        /* Update the loader entry */
        LdrEntry->DllBase = NewImageAddress;
 
        /* Update the thunks */
        DPRINT("[Mm0]: Updating thunks to: %wZ\n", &LdrEntry->BaseDllName);
        MiUpdateThunks(LoaderBlock,
                       DllBase,
                       NewImageAddress,
                       LdrEntry->SizeOfImage);
 
        /* Update the loader entry */
        LdrEntry->Flags |= LDRP_SYSTEM_MAPPED;
        LdrEntry->EntryPoint = (PVOID)((ULONG_PTR)NewImageAddress +
                                NtHeader->OptionalHeader.AddressOfEntryPoint);
        LdrEntry->SizeOfImage = PteCount << PAGE_SHIFT;
 
        /* FIXME: We'll need to fixup the PFN linkage when switching to ARM3 */
    }
}

Referenced by MmArmInitSystem().

◆ MiRosCheckMemoryAreas()

VOID NTAPI MiRosCheckMemoryAreas ( PMMSUPPORT AddressSpace )

◆ MiRosCleanupMemoryArea()

VOID NTAPI MiRosCleanupMemoryArea	(	PEPROCESS	Process,
		PMMVAD	Vad
	)

Definition at line 521 of file marea.c.

{
    PMEMORY_AREA MemoryArea;
    PVOID BaseAddress;
    NTSTATUS Status;
 
    /* We must be called from MmCleanupAddressSpace and nowhere else!
       Make sure things are as expected... */
    ASSERT(Process == PsGetCurrentProcess());
    ASSERT(Process->VmDeleted == TRUE);
    ASSERT(((PsGetCurrentThread()->ThreadsProcess == Process) &&
            (Process->ActiveThreads == 1)) ||
           (Process->ActiveThreads == 0));
 
    MemoryArea = (PMEMORY_AREA)Vad;
    BaseAddress = (PVOID)MA_GetStartingAddress(MemoryArea);
 
    if (MemoryArea->Type == MEMORY_AREA_SECTION_VIEW)
    {
        Status = MiRosUnmapViewOfSection(Process, BaseAddress, Process->ProcessExiting);
    }
#ifdef NEWCC
    else if (MemoryArea->Type == MEMORY_AREA_CACHE)
    {
        Status = MmUnmapViewOfCacheSegment(&Process->Vm, BaseAddress);
    }
#endif
    else
    {
        /* There shouldn't be anything else! */
        ASSERT(FALSE);
    }
 
    /* Make sure this worked! */
    ASSERT(NT_SUCCESS(Status));
}

Referenced by MmCleanProcessAddressSpace().

◆ MiUnmapPageInHyperSpace()

VOID NTAPI MiUnmapPageInHyperSpace	(	IN PEPROCESS	Process,
		IN PVOID	Address,
		IN KIRQL	OldIrql
	)

Definition at line 91 of file hypermap.c.

{
    ASSERT(Process == PsGetCurrentProcess());
 
    //
    // Blow away the mapping
    //
    MiAddressToPte(Address)->u.Long = 0;
 
    //
    // Release the hyperlock
    //
    ASSERT(KeGetCurrentIrql() == DISPATCH_LEVEL);
    KeReleaseSpinLock(&Process->HyperSpaceLock, OldIrql);
}

Referenced by MiCopyFromUserPage(), MiReadFilePage(), and MiZeroPhysicalPage().

◆ MiUnmapPagesInZeroSpace()

VOID NTAPI MiUnmapPagesInZeroSpace	(	IN PVOID	VirtualAddress,
		IN PFN_NUMBER	NumberOfPages
	)

Definition at line 187 of file hypermap.c.

{
    PMMPTE PointerPte;
 
    //
    // Sanity checks
    //
    ASSERT(KeGetCurrentIrql() == PASSIVE_LEVEL);
    ASSERT (NumberOfPages != 0);
    ASSERT(NumberOfPages <= MI_ZERO_PTES);
 
    //
    // Get the first PTE for the mapped zero VA
    //
    PointerPte = MiAddressToPte(VirtualAddress);
 
    //
    // Blow away the mapped zero PTEs
    //
    RtlZeroMemory(PointerPte, NumberOfPages * sizeof(MMPTE));
}

Referenced by MmZeroPageThread().

◆ MmAccessFault()

NTSTATUS NTAPI MmAccessFault	(	IN ULONG	FaultCode,
		IN PVOID	Address,
		IN KPROCESSOR_MODE	Mode,
		IN PVOID	TrapInformation
	)

Definition at line 218 of file mmfault.c.

{
    PMEMORY_AREA MemoryArea = NULL;
    NTSTATUS Status;
    BOOLEAN IsArm3Fault = FALSE;
 
    /* Cute little hack for ROS */
    if ((ULONG_PTR)Address >= (ULONG_PTR)MmSystemRangeStart)
    {
#ifdef _M_IX86
        /* Check for an invalid page directory in kernel mode */
        if (Mmi386MakeKernelPageTableGlobal(Address))
        {
            /* All is well with the world */
            return STATUS_SUCCESS;
        }
#endif
    }
 
    /* Handle shared user page / page table, which don't have a VAD / MemoryArea */
    if ((PAGE_ALIGN(Address) == (PVOID)MM_SHARED_USER_DATA_VA) ||
        MI_IS_PAGE_TABLE_ADDRESS(Address))
    {
        /* This is an ARM3 fault */
        DPRINT("ARM3 fault %p\n", Address);
        return MmArmAccessFault(FaultCode, Address, Mode, TrapInformation);
    }
 
    /* Is there a ReactOS address space yet? */
    if (MmGetKernelAddressSpace())
    {
        if (Address > MM_HIGHEST_USER_ADDRESS)
        {
            /* Check if this is an ARM3 memory area */
            MiLockWorkingSetShared(PsGetCurrentThread(), &MmSystemCacheWs);
            MemoryArea = MmLocateMemoryAreaByAddress(MmGetKernelAddressSpace(), Address);
 
            if ((MemoryArea != NULL) && (MemoryArea->Type == MEMORY_AREA_OWNED_BY_ARM3))
            {
                IsArm3Fault = TRUE;
            }
 
            MiUnlockWorkingSetShared(PsGetCurrentThread(), &MmSystemCacheWs);
        }
        else
        {
            /* Could this be a VAD fault from user-mode? */
            MiLockProcessWorkingSetShared(PsGetCurrentProcess(), PsGetCurrentThread());
            MemoryArea = MmLocateMemoryAreaByAddress(MmGetCurrentAddressSpace(), Address);
 
            if ((MemoryArea != NULL) && (MemoryArea->Type == MEMORY_AREA_OWNED_BY_ARM3))
            {
                IsArm3Fault = TRUE;
            }
 
            MiUnlockProcessWorkingSetShared(PsGetCurrentProcess(), PsGetCurrentThread());
        }
    }
 
    /* Is this an ARM3 memory area, or is there no address space yet? */
    if (IsArm3Fault ||
        ((MemoryArea == NULL) &&
         ((ULONG_PTR)Address >= (ULONG_PTR)MmPagedPoolStart) &&
         ((ULONG_PTR)Address < (ULONG_PTR)MmPagedPoolEnd)) ||
        (!MmGetKernelAddressSpace()))
    {
        /* This is an ARM3 fault */
        DPRINT("ARM3 fault %p\n", MemoryArea);
        return MmArmAccessFault(FaultCode, Address, Mode, TrapInformation);
    }
 
Retry:
    /* Keep same old ReactOS Behaviour */
    if (!MI_IS_NOT_PRESENT_FAULT(FaultCode))
    {
        /* Call access fault */
        Status = MmpAccessFault(Mode, (ULONG_PTR)Address, TrapInformation ? FALSE : TRUE, FaultCode);
    }
    else
    {
        /* Call not present */
        Status = MmNotPresentFault(Mode, (ULONG_PTR)Address, TrapInformation ? FALSE : TRUE);
    }
 
    if (Status == STATUS_NO_MEMORY)
    {
        MmRebalanceMemoryConsumersAndWait();
        goto Retry;
    }
 
    return Status;
}

Referenced by KiDataAbortHandler(), KiTrap0EHandler(), MiLockVirtualMemory(), MiMakeSystemAddressValid(), MiMakeSystemAddressValidPfn(), and MmProbeAndLockPages().

◆ MmAccessFaultSectionView()

NTSTATUS NTAPI MmAccessFaultSectionView	(	PMMSUPPORT	AddressSpace,
		MEMORY_AREA *	MemoryArea,
		PVOID	Address,
		BOOLEAN	Locked
	)

Definition at line 1915 of file section.c.

{
    PMM_SECTION_SEGMENT Segment;
    PFN_NUMBER OldPage;
    PFN_NUMBER NewPage;
    PFN_NUMBER UnmappedPage;
    PVOID PAddress;
    LARGE_INTEGER Offset;
    PMM_REGION Region;
    ULONG_PTR Entry;
    PEPROCESS Process = MmGetAddressSpaceOwner(AddressSpace);
    BOOLEAN Cow = FALSE;
    ULONG NewProtect;
    BOOLEAN Unmapped;
    NTSTATUS Status;
 
    DPRINT("MmAccessFaultSectionView(%p, %p, %p)\n", AddressSpace, MemoryArea, Address);
 
    /* Get the region for this address */
    Region = MmFindRegion((PVOID)MA_GetStartingAddress(MemoryArea),
                        &MemoryArea->SectionData.RegionListHead,
                        Address, NULL);
    ASSERT(Region != NULL);
    if (!(Region->Protect & PAGE_IS_WRITABLE))
        return STATUS_ACCESS_VIOLATION;
 
    /* Make sure we have a page mapping for this address.  */
    if (!MmIsPagePresent(Process, Address))
    {
        NTSTATUS Status = MmNotPresentFaultSectionView(AddressSpace, MemoryArea, Address, Locked);
        if (!NT_SUCCESS(Status))
        {
            /* This is invalid access ! */
            return Status;
        }
    }
 
    /*
     * Check if the page has already been set readwrite
     */
    if (MmGetPageProtect(Process, Address) & (PAGE_READWRITE | PAGE_EXECUTE_READWRITE))
    {
        DPRINT("Address 0x%p\n", Address);
        return STATUS_SUCCESS;
    }
 
    /* Check if we are doing Copy-On-Write */
    Segment = MemoryArea->SectionData.Segment;
    Cow = Segment->WriteCopy || (Region->Protect & PAGE_IS_WRITECOPY);
 
    if (!Cow)
    {
        /* Simply update page protection and we're done */
        MmSetPageProtect(Process, Address, Region->Protect);
        return STATUS_SUCCESS;
    }
 
    /* Calculate the new protection & check if we should update the region */
    NewProtect = Region->Protect;
    if (NewProtect & PAGE_IS_WRITECOPY)
    {
        NewProtect &= ~PAGE_IS_WRITECOPY;
        if (Region->Protect & PAGE_IS_EXECUTABLE)
            NewProtect |= PAGE_EXECUTE_READWRITE;
        else
            NewProtect |= PAGE_READWRITE;
        MmAlterRegion(AddressSpace, (PVOID)MA_GetStartingAddress(MemoryArea),
                &MemoryArea->SectionData.RegionListHead,
                Address, PAGE_SIZE, Region->Type, NewProtect,
                MmAlterViewAttributes);
    }
 
    /*
     * Find the offset of the page
     */
    PAddress = MM_ROUND_DOWN(Address, PAGE_SIZE);
    Offset.QuadPart = (ULONG_PTR)PAddress - MA_GetStartingAddress(MemoryArea)
                      + MemoryArea->SectionData.ViewOffset;
 
    /* Get the page mapping this section offset. */
    MmLockSectionSegment(Segment);
    Entry = MmGetPageEntrySectionSegment(Segment, &Offset);
 
    /* Get the current page mapping for the process */
    ASSERT(MmIsPagePresent(Process, PAddress));
    OldPage = MmGetPfnForProcess(Process, PAddress);
    ASSERT(OldPage != 0);
 
    if (IS_SWAP_FROM_SSE(Entry) ||
            PFN_FROM_SSE(Entry) != OldPage)
    {
        MmUnlockSectionSegment(Segment);
        /* This is a private page. We must only change the page protection. */
        MmSetPageProtect(Process, PAddress, NewProtect);
        return STATUS_SUCCESS;
    }
 
    /*
     * Allocate a page
     */
    Status = MmRequestPageMemoryConsumer(MC_USER, TRUE, &NewPage);
    if (!NT_SUCCESS(Status))
    {
        MmUnlockSectionSegment(Segment);
        return STATUS_NO_MEMORY;
    }
 
    /*
     * Copy the old page
     */
    NT_VERIFY(NT_SUCCESS(MiCopyFromUserPage(NewPage, PAddress)));
 
    /*
     * Unshare the old page.
     */
    DPRINT("Swapping page (Old %x New %x)\n", OldPage, NewPage);
    Unmapped = MmDeleteVirtualMapping(Process, PAddress, NULL, &UnmappedPage);
    if (!Unmapped || (UnmappedPage != OldPage))
    {
        /* Uh , we had a page just before, but suddenly it changes. Someone corrupted us. */
        KeBugCheckEx(MEMORY_MANAGEMENT,
                    (ULONG_PTR)Process,
                    (ULONG_PTR)PAddress,
                    (ULONG_PTR)__FILE__,
                    __LINE__);
    }
 
    if (Process)
        MmDeleteRmap(OldPage, Process, PAddress);
    MmUnsharePageEntrySectionSegment(MemoryArea, Segment, &Offset, FALSE, FALSE, NULL);
    MmUnlockSectionSegment(Segment);
 
    /*
     * Set the PTE to point to the new page
     */
    if (!NT_SUCCESS(MmCreateVirtualMapping(Process, PAddress, NewProtect, NewPage)))
    {
        DPRINT1("MmCreateVirtualMapping failed, unable to create virtual mapping, not out of memory\n");
        KeBugCheck(MEMORY_MANAGEMENT);
    }
 
    if (Process)
        MmInsertRmap(NewPage, Process, PAddress);
 
    DPRINT("Address 0x%p\n", Address);
    return STATUS_SUCCESS;
}

Referenced by MmpAccessFault().

◆ MmAdjustWorkingSetSize()

NTSTATUS NTAPI MmAdjustWorkingSetSize	(	IN SIZE_T	WorkingSetMinimumInBytes,
		IN SIZE_T	WorkingSetMaximumInBytes,
		IN ULONG	SystemCache,
		IN BOOLEAN	IncreaseOkay
	)

Definition at line 44 of file mmsup.c.

{
    SIZE_T MinimumWorkingSetSize, MaximumWorkingSetSize;
    SSIZE_T Delta;
    PMMSUPPORT Ws;
    NTSTATUS Status;
 
    /* Check for special case: empty the working set */
    if ((WorkingSetMinimumInBytes == -1) &&
        (WorkingSetMaximumInBytes == -1))
    {
        UNIMPLEMENTED;
        return STATUS_NOT_IMPLEMENTED;
    }
 
    /* Assume success */
    Status = STATUS_SUCCESS;
 
    /* Get the working set and lock it */
    Ws = &PsGetCurrentProcess()->Vm;
    MiLockWorkingSet(PsGetCurrentThread(), Ws);
 
    /* Calculate the actual minimum and maximum working set size to set */
    MinimumWorkingSetSize = (WorkingSetMinimumInBytes != 0) ?
        (WorkingSetMinimumInBytes / PAGE_SIZE) : Ws->MinimumWorkingSetSize;
    MaximumWorkingSetSize = (WorkingSetMaximumInBytes != 0) ?
        (WorkingSetMaximumInBytes / PAGE_SIZE) : Ws->MaximumWorkingSetSize;
 
    /* Check if the new maximum exceeds the global maximum */
    if (MaximumWorkingSetSize > MmMaximumWorkingSetSize)
    {
        MaximumWorkingSetSize = MmMaximumWorkingSetSize;
        Status = STATUS_WORKING_SET_LIMIT_RANGE;
    }
 
    /* Check if the new minimum is below the global minimum */
    if (MinimumWorkingSetSize < MmMinimumWorkingSetSize)
    {
        MinimumWorkingSetSize = MmMinimumWorkingSetSize;
        Status = STATUS_WORKING_SET_LIMIT_RANGE;
    }
 
    /* Check if the new minimum exceeds the new maximum */
    if (MinimumWorkingSetSize > MaximumWorkingSetSize)
    {
        DPRINT1("MinimumWorkingSetSize (%lu) > MaximumWorkingSetSize (%lu)\n",
                MinimumWorkingSetSize, MaximumWorkingSetSize);
        Status = STATUS_BAD_WORKING_SET_LIMIT;
        goto Cleanup;
    }
 
    /* Calculate the minimum WS size adjustment and check if we increase */
    Delta = MinimumWorkingSetSize - Ws->MinimumWorkingSetSize;
    if (Delta > 0)
    {
        /* Is increasing ok? */
        if (!IncreaseOkay)
        {
            DPRINT1("Privilege for WS size increase not held\n");
            Status = STATUS_PRIVILEGE_NOT_HELD;
            goto Cleanup;
        }
 
        /* Check if the number of available pages is large enough */
        if (((SIZE_T)Delta / 1024) > (MmAvailablePages - 128))
        {
            DPRINT1("Not enough available pages\n");
            Status = STATUS_INSUFFICIENT_RESOURCES;
            goto Cleanup;
        }
 
        /* Check if there are enough resident available pages */
        if ((SIZE_T)Delta >
            (MmResidentAvailablePages - MmSystemLockPagesCount - 256))
        {
            DPRINT1("Not enough resident pages\n");
            Status = STATUS_INSUFFICIENT_RESOURCES;
            goto Cleanup;
        }
    }
 
    /* Update resident available pages */
    if (Delta != 0)
    {
        InterlockedExchangeAddSizeT(&MmResidentAvailablePages, -Delta);
    }
 
    /* Calculate new pages above minimum WS size */
    Delta += max((SSIZE_T)Ws->WorkingSetSize - MinimumWorkingSetSize, 0);
 
    /* Subtract old pages above minimum WS size */
    Delta -= max((SSIZE_T)Ws->WorkingSetSize - Ws->MinimumWorkingSetSize, 0);
 
    /* If it changed, add it to the global variable */
    if (Delta != 0)
    {
        InterlockedExchangeAddSizeT(&MmPagesAboveWsMinimum, Delta);
    }
 
    /* Set the new working set size */
    Ws->MinimumWorkingSetSize = MinimumWorkingSetSize;
    Ws->MaximumWorkingSetSize = MaximumWorkingSetSize;
 
Cleanup:
 
    /* Unlock the working set and return the status */
    MiUnlockWorkingSet(PsGetCurrentThread(), Ws);
    return Status;
}

Referenced by PspSetQuotaLimits().

◆ MmAllocateSpecialPool()

PVOID NTAPI MmAllocateSpecialPool	(	IN SIZE_T	NumberOfBytes,
		IN ULONG	Tag,
		IN POOL_TYPE	PoolType,
		IN ULONG	SpecialType
	)

Referenced by ExAllocatePoolWithTag().

◆ MmAllocPage()

PFN_NUMBER NTAPI MmAllocPage ( ULONG Consumer )

Definition at line 602 of file freelist.c.

{
    PFN_NUMBER PfnOffset;
    PMMPFN Pfn1;
    KIRQL OldIrql;
 
    OldIrql = MiAcquirePfnLock();
 
#if MI_TRACE_PFNS
    switch(Type)
    {
    case MC_SYSTEM:
        MI_SET_USAGE(MI_USAGE_CACHE);
        break;
    case MC_USER:
        MI_SET_USAGE(MI_USAGE_SECTION);
        break;
    default:
        ASSERT(FALSE);
    }
#endif
 
    PfnOffset = MiRemoveZeroPage(MI_GET_NEXT_COLOR());
    if (!PfnOffset)
    {
        MiReleasePfnLock(OldIrql);
        return 0;
    }
 
    DPRINT("Legacy allocate: %lx\n", PfnOffset);
    Pfn1 = MiGetPfnEntry(PfnOffset);
    Pfn1->u3.e2.ReferenceCount = 1;
    Pfn1->u3.e1.PageLocation = ActiveAndValid;
 
    /* This marks the PFN as a ReactOS PFN */
    Pfn1->u4.AweAllocation = TRUE;
 
    /* Allocate the extra ReactOS Data and zero it out */
    Pfn1->u1.SwapEntry = 0;
    Pfn1->RmapListHead = NULL;
 
    Pfn1->NextLRU = NULL;
    Pfn1->PreviousLRU = NULL;
 
    if (Type == MC_USER)
    {
        Pfn1->u4.MustBeCached = 1; /* HACK again */
        MmInsertLRULastUserPage(PfnOffset);
    }
 
    MiReleasePfnLock(OldIrql);
    return PfnOffset;
}

Referenced by MmRequestPageMemoryConsumer().

◆ MmAllocSwapPage()

SWAPENTRY NTAPI MmAllocSwapPage ( VOID )

Definition at line 322 of file pagefile.c.

{
    ULONG i;
    ULONG off;
    SWAPENTRY entry;
 
    KeAcquireGuardedMutex(&MmPageFileCreationLock);
 
    if (MiFreeSwapPages == 0)
    {
        KeReleaseGuardedMutex(&MmPageFileCreationLock);
        return(0);
    }
 
    for (i = 0; i < MAX_PAGING_FILES; i++)
    {
        if (MmPagingFile[i] != NULL &&
                MmPagingFile[i]->FreeSpace >= 1)
        {
            off = RtlFindClearBitsAndSet(MmPagingFile[i]->Bitmap, 1, 0);
            if (off == 0xFFFFFFFF)
            {
                KeBugCheck(MEMORY_MANAGEMENT);
                KeReleaseGuardedMutex(&MmPageFileCreationLock);
                return(STATUS_UNSUCCESSFUL);
            }
            MiUsedSwapPages++;
            MiFreeSwapPages--;
            UpdateTotalCommittedPages(1);
 
            KeReleaseGuardedMutex(&MmPageFileCreationLock);
 
            entry = ENTRY_FROM_FILE_OFFSET(i, off + 1);
            return(entry);
        }
    }
 
    KeReleaseGuardedMutex(&MmPageFileCreationLock);
    KeBugCheck(MEMORY_MANAGEMENT);
    return(0);
}

Referenced by MmPageOutPhysicalAddress().

◆ MmAlterRegion()

NTSTATUS NTAPI MmAlterRegion	(	PMMSUPPORT	AddressSpace,
		PVOID	BaseAddress,
		PLIST_ENTRY	RegionListHead,
		PVOID	StartAddress,
		SIZE_T	Length,
		ULONG	NewType,
		ULONG	NewProtect,
		PMM_ALTER_REGION_FUNC	AlterFunc
	)

Definition at line 108 of file region.c.

{
    PMM_REGION InitialRegion;
    PVOID InitialBaseAddress = NULL;
    PMM_REGION NewRegion;
    PLIST_ENTRY CurrentEntry;
    PMM_REGION CurrentRegion = NULL;
    PVOID CurrentBaseAddress;
    SIZE_T RemainingLength;
 
    /*
     * Find the first region containing part of the range of addresses to
     * be altered.
     */
    InitialRegion = MmFindRegion(BaseAddress, RegionListHead, StartAddress,
                                 &InitialBaseAddress);
    /*
     * If necessary then split the region into the affected and unaffected parts.
     */
    if (InitialRegion->Type != NewType || InitialRegion->Protect != NewProtect)
    {
        NewRegion = MmSplitRegion(InitialRegion, InitialBaseAddress,
                                  StartAddress, Length, NewType, NewProtect,
                                  AddressSpace, AlterFunc);
        if (NewRegion == NULL)
        {
            return(STATUS_NO_MEMORY);
        }
        if(NewRegion->Length < Length)
            RemainingLength = Length - NewRegion->Length;
        else
            RemainingLength = 0;
    }
    else
    {
        NewRegion = InitialRegion;
        if(((ULONG_PTR)InitialBaseAddress + NewRegion->Length) <
                ((ULONG_PTR)StartAddress + Length))
            RemainingLength = ((ULONG_PTR)StartAddress + Length) - ((ULONG_PTR)InitialBaseAddress + NewRegion->Length);
        else
            RemainingLength = 0;
    }
 
    /*
     * Free any complete regions that are containing in the range of addresses
     * and call the helper function to actually do the changes.
     */
    CurrentEntry = NewRegion->RegionListEntry.Flink;
    CurrentRegion = CONTAINING_RECORD(CurrentEntry, MM_REGION,
                                      RegionListEntry);
    CurrentBaseAddress = (char*)StartAddress + NewRegion->Length;
    while (RemainingLength > 0 && CurrentRegion->Length <= RemainingLength &&
            CurrentEntry != RegionListHead)
    {
        if (CurrentRegion->Type != NewType ||
                CurrentRegion->Protect != NewProtect)
        {
            AlterFunc(AddressSpace, CurrentBaseAddress, CurrentRegion->Length,
                      CurrentRegion->Type, CurrentRegion->Protect,
                      NewType, NewProtect);
        }
 
        CurrentBaseAddress = (PVOID)((ULONG_PTR)CurrentBaseAddress + CurrentRegion->Length);
        NewRegion->Length += CurrentRegion->Length;
        RemainingLength -= CurrentRegion->Length;
        CurrentEntry = CurrentEntry->Flink;
        RemoveEntryList(&CurrentRegion->RegionListEntry);
        ExFreePoolWithTag(CurrentRegion, TAG_MM_REGION);
        CurrentRegion = CONTAINING_RECORD(CurrentEntry, MM_REGION,
                                          RegionListEntry);
    }
 
    /*
     * Split any final region.
     */
    if (RemainingLength > 0 && CurrentEntry != RegionListHead)
    {
        CurrentRegion = CONTAINING_RECORD(CurrentEntry, MM_REGION,
                                          RegionListEntry);
        if (CurrentRegion->Type != NewType ||
                CurrentRegion->Protect != NewProtect)
        {
            AlterFunc(AddressSpace, CurrentBaseAddress, RemainingLength,
                      CurrentRegion->Type, CurrentRegion->Protect,
                      NewType, NewProtect);
        }
        NewRegion->Length += RemainingLength;
        CurrentRegion->Length -= RemainingLength;
    }
 
    /*
     * If the region after the new region has the same type then merge them.
     */
    if (NewRegion->RegionListEntry.Flink != RegionListHead)
    {
        CurrentEntry = NewRegion->RegionListEntry.Flink;
        CurrentRegion = CONTAINING_RECORD(CurrentEntry, MM_REGION,
                                          RegionListEntry);
        if (CurrentRegion->Type == NewRegion->Type &&
                CurrentRegion->Protect == NewRegion->Protect)
        {
            NewRegion->Length += CurrentRegion->Length;
            RemoveEntryList(&CurrentRegion->RegionListEntry);
            ExFreePoolWithTag(CurrentRegion, TAG_MM_REGION);
        }
    }
 
    /*
     * If the region before the new region has the same type then merge them.
     */
    if (NewRegion->RegionListEntry.Blink != RegionListHead)
    {
        CurrentEntry = NewRegion->RegionListEntry.Blink;
        CurrentRegion = CONTAINING_RECORD(CurrentEntry, MM_REGION,
                                          RegionListEntry);
        if (CurrentRegion->Type == NewRegion->Type &&
                CurrentRegion->Protect == NewRegion->Protect)
        {
            NewRegion->Length += CurrentRegion->Length;
            RemoveEntryList(&CurrentRegion->RegionListEntry);
            ExFreePoolWithTag(CurrentRegion, TAG_MM_REGION);
        }
    }
 
    return(STATUS_SUCCESS);
}

Referenced by MmAccessFaultSectionView(), MmNotPresentFaultSectionView(), and MmProtectSectionView().

◆ MmBuildMdlFromPages()

VOID NTAPI MmBuildMdlFromPages	(	PMDL	Mdl,
		PPFN_NUMBER	Pages
	)

Definition at line 111 of file pagefile.c.

{
    memcpy(Mdl + 1, Pages, sizeof(PFN_NUMBER) * (PAGE_ROUND_UP(Mdl->ByteOffset+Mdl->ByteCount)/PAGE_SIZE));
}

Referenced by MiReadPageFile(), and MmWriteToSwapPage().

◆ MmCallDllInitialize()

NTSTATUS NTAPI MmCallDllInitialize	(	_In_ PLDR_DATA_TABLE_ENTRY	LdrEntry,
		_In_ PLIST_ENTRY	ModuleListHead
	)

Definition at line 433 of file sysldr.c.

{
    UNICODE_STRING ServicesKeyName = RTL_CONSTANT_STRING(
        L"\\Registry\\Machine\\System\\CurrentControlSet\\Services\\");
    PMM_DLL_INITIALIZE DllInit;
    UNICODE_STRING RegPath, ImportName;
    PCWCH Extension;
    NTSTATUS Status;
 
    PAGED_CODE();
 
    /* Try to see if the image exports a DllInitialize routine */
    DllInit = (PMM_DLL_INITIALIZE)
        RtlFindExportedRoutineByName(LdrEntry->DllBase, "DllInitialize");
    if (!DllInit)
        return STATUS_SUCCESS;
 
    /* Make a temporary copy of BaseDllName because we will alter its length */
    ImportName.Length = LdrEntry->BaseDllName.Length;
    ImportName.MaximumLength = LdrEntry->BaseDllName.MaximumLength;
    ImportName.Buffer = LdrEntry->BaseDllName.Buffer;
 
    /* Obtain the path to this dll's service in the registry */
    RegPath.MaximumLength = ServicesKeyName.Length +
        ImportName.Length + sizeof(UNICODE_NULL);
    RegPath.Buffer = ExAllocatePoolWithTag(NonPagedPool,
                                           RegPath.MaximumLength,
                                           TAG_LDR_WSTR);
 
    /* Check if this allocation was unsuccessful */
    if (!RegPath.Buffer)
        return STATUS_INSUFFICIENT_RESOURCES;
 
    /* Build and append the service name itself */
    RegPath.Length = ServicesKeyName.Length;
    RtlCopyMemory(RegPath.Buffer,
                  ServicesKeyName.Buffer,
                  ServicesKeyName.Length);
 
    /* If the filename has an extension, remove it */
    Extension = wcschr(ImportName.Buffer, L'.');
    if (Extension)
        ImportName.Length = (USHORT)(Extension - ImportName.Buffer) * sizeof(WCHAR);
 
    /* Append the service name (base name without extension) */
    RtlAppendUnicodeStringToString(&RegPath, &ImportName);
 
    /* Now call DllInitialize */
    DPRINT("Calling DllInit(%wZ)\n", &RegPath);
    Status = DllInit(&RegPath);
 
    /* Clean up */
    ExFreePoolWithTag(RegPath.Buffer, TAG_LDR_WSTR);
 
    // TODO: This is for Driver Verifier support.
    UNREFERENCED_PARAMETER(ModuleListHead);
 
    /* Return the DllInitialize status value */
    return Status;
}

Referenced by IopInitializeBootDrivers(), and MiResolveImageReferences().

◆ MmChangeKernelResourceSectionProtection()

BOOLEAN NTAPI MmChangeKernelResourceSectionProtection ( IN ULONG_PTR ProtectionMask )

Definition at line 2331 of file sysldr.c.

{
    PMMPTE PointerPte;
    MMPTE TempPte;
 
    /* Don't do anything if the resource section is already writable */
    if (MiKernelResourceStartPte == NULL || MiKernelResourceEndPte == NULL)
        return FALSE;
 
    /* If the resource section is physical, we cannot change its protection */
    if (MI_IS_PHYSICAL_ADDRESS(MiPteToAddress(MiKernelResourceStartPte)))
        return FALSE;
 
    /* Loop the PTEs */
    for (PointerPte = MiKernelResourceStartPte; PointerPte < MiKernelResourceEndPte; ++PointerPte)
    {
        /* Read the PTE */
        TempPte = *PointerPte;
 
        /* Update the protection */
        MI_MAKE_HARDWARE_PTE_KERNEL(&TempPte, PointerPte, ProtectionMask, TempPte.u.Hard.PageFrameNumber);
        MI_UPDATE_VALID_PTE(PointerPte, TempPte);
    }
 
    /* Only flush the current processor's TLB */
    KeFlushCurrentTb();
    return TRUE;
}

Referenced by DisplayBootBitmap(), and MmMakeKernelResourceSectionWritable().

◆ MmCheckDirtySegment()

BOOLEAN NTAPI MmCheckDirtySegment	(	PMM_SECTION_SEGMENT	Segment,
		PLARGE_INTEGER	Offset,
		BOOLEAN	ForceDirty,
		BOOLEAN	PageOut
	)

Referenced by MiShutdownSystem(), MmFlushSegment(), and MmPageOutPhysicalAddress().

◆ MmCheckSystemImage()

NTSTATUS NTAPI MmCheckSystemImage ( _In_ HANDLE ImageHandle )

Definition at line 2754 of file sysldr.c.

{
    NTSTATUS Status;
    HANDLE SectionHandle;
    PVOID ViewBase = NULL;
    SIZE_T ViewSize = 0;
    IO_STATUS_BLOCK IoStatusBlock;
    FILE_STANDARD_INFORMATION FileStandardInfo;
    KAPC_STATE ApcState;
    PIMAGE_NT_HEADERS NtHeaders;
    OBJECT_ATTRIBUTES ObjectAttributes;
    PAGED_CODE();
 
    /* Setup the object attributes */
    InitializeObjectAttributes(&ObjectAttributes,
                               NULL,
                               OBJ_CASE_INSENSITIVE | OBJ_KERNEL_HANDLE,
                               NULL,
                               NULL);
 
    /* Create a section for the DLL */
    Status = ZwCreateSection(&SectionHandle,
                             SECTION_MAP_EXECUTE,
                             &ObjectAttributes,
                             NULL,
                             PAGE_EXECUTE,
                             SEC_IMAGE,
                             ImageHandle);
    if (!NT_SUCCESS(Status))
    {
        DPRINT1("ZwCreateSection failed with status 0x%x\n", Status);
        return Status;
    }
 
    /* Make sure we're in the system process */
    KeStackAttachProcess(&PsInitialSystemProcess->Pcb, &ApcState);
 
    /* Map it */
    Status = ZwMapViewOfSection(SectionHandle,
                                NtCurrentProcess(),
                                &ViewBase,
                                0,
                                0,
                                NULL,
                                &ViewSize,
                                ViewShare,
                                0,
                                PAGE_EXECUTE);
    if (!NT_SUCCESS(Status))
    {
        /* We failed, close the handle and return */
        DPRINT1("ZwMapViewOfSection failed with status 0x%x\n", Status);
        KeUnstackDetachProcess(&ApcState);
        ZwClose(SectionHandle);
        return Status;
    }
 
    /* Now query image information */
    Status = ZwQueryInformationFile(ImageHandle,
                                    &IoStatusBlock,
                                    &FileStandardInfo,
                                    sizeof(FileStandardInfo),
                                    FileStandardInformation);
    if (NT_SUCCESS(Status))
    {
        /* First, verify the checksum */
        if (!LdrVerifyMappedImageMatchesChecksum(ViewBase,
                                                 ViewSize,
                                                 FileStandardInfo.
                                                 EndOfFile.LowPart))
        {
            /* Set checksum failure */
            Status = STATUS_IMAGE_CHECKSUM_MISMATCH;
            goto Fail;
        }
 
        /* Make sure it's a real image */
        NtHeaders = RtlImageNtHeader(ViewBase);
        if (!NtHeaders)
        {
            /* Set checksum failure */
            Status = STATUS_IMAGE_CHECKSUM_MISMATCH;
            goto Fail;
        }
 
        /* Make sure it's for the correct architecture */
        if ((NtHeaders->FileHeader.Machine != IMAGE_FILE_MACHINE_NATIVE) ||
            (NtHeaders->OptionalHeader.Magic != IMAGE_NT_OPTIONAL_HDR_MAGIC))
        {
            /* Set protection failure */
            Status = STATUS_INVALID_IMAGE_PROTECT;
            goto Fail;
        }
 
#ifdef CONFIG_SMP
        /* Check that the image is safe to use if we have more than one CPU */
        if (!MiVerifyImageIsOkForMpUse(NtHeaders))
        {
            /* Otherwise it's not the right image */
            Status = STATUS_IMAGE_MP_UP_MISMATCH;
        }
#endif // CONFIG_SMP
    }
 
    /* Unmap the section, close the handle, and return status */
Fail:
    ZwUnmapViewOfSection(NtCurrentProcess(), ViewBase);
    KeUnstackDetachProcess(&ApcState);
    ZwClose(SectionHandle);
    return Status;
}

Referenced by MmLoadSystemImage(), and PsLocateSystemDll().

◆ MmCleanProcessAddressSpace()

VOID NTAPI MmCleanProcessAddressSpace ( IN PEPROCESS Process )

Definition at line 1263 of file procsup.c.

{
    PMMVAD Vad;
    PMM_AVL_TABLE VadTree;
    PETHREAD Thread = PsGetCurrentThread();
 
    /* Remove from the session */
    MiSessionRemoveProcess();
 
    /* Abort early, when the address space wasn't fully initialized */
    if (Process->AddressSpaceInitialized < 2)
    {
        DPRINT1("Incomplete address space for Process %p. Might leak resources.\n",
                Process);
        return;
    }
 
    /* Lock the process address space from changes */
    MmLockAddressSpace(&Process->Vm);
    MiLockProcessWorkingSetUnsafe(Process, Thread);
 
    /* VM is deleted now */
    Process->VmDeleted = TRUE;
    MiUnlockProcessWorkingSetUnsafe(Process, Thread);
 
    /* Enumerate the VADs */
    VadTree = &Process->VadRoot;
    while (VadTree->NumberGenericTableElements)
    {
        /* Grab the current VAD */
        Vad = (PMMVAD)VadTree->BalancedRoot.RightChild;
 
        /* Check for old-style memory areas */
        if (Vad->u.VadFlags.Spare == 1)
        {
            /* Let RosMm handle this */
            MiRosCleanupMemoryArea(Process, Vad);
            continue;
        }
 
        /* Lock the working set */
        MiLockProcessWorkingSetUnsafe(Process, Thread);
 
        /* Remove this VAD from the tree */
        ASSERT(VadTree->NumberGenericTableElements >= 1);
        MiRemoveNode((PMMADDRESS_NODE)Vad, VadTree);
 
        /* Only regular VADs supported for now */
        ASSERT(Vad->u.VadFlags.VadType == VadNone);
 
        /* Check if this is a section VAD */
        if (!(Vad->u.VadFlags.PrivateMemory) && (Vad->ControlArea))
        {
            /* Remove the view */
            MiRemoveMappedView(Process, Vad);
        }
        else
        {
            /* Delete the addresses */
            MiDeleteVirtualAddresses(Vad->StartingVpn << PAGE_SHIFT,
                                     (Vad->EndingVpn << PAGE_SHIFT) | (PAGE_SIZE - 1),
                                     Vad);
 
            /* Release the working set */
            MiUnlockProcessWorkingSetUnsafe(Process, Thread);
        }
 
         /* Skip ARM3 fake VADs, they'll be freed by MmDeleteProcessAddresSpace */
        if (Vad->u.VadFlags.Spare == 1)
        {
            /* Set a flag so MmDeleteMemoryArea knows to free, but not to remove */
            Vad->u.VadFlags.Spare = 2;
            continue;
        }
 
        /* Free the VAD memory */
        ExFreePool(Vad);
 
        /* Return the quota the VAD used */
        PsReturnProcessNonPagedPoolQuota(Process, sizeof(MMVAD_LONG));
    }
 
    /* Lock the working set */
    MiLockProcessWorkingSetUnsafe(Process, Thread);
    ASSERT(Process->CloneRoot == NULL);
    ASSERT(Process->PhysicalVadRoot == NULL);
 
    /* Delete the shared user data section */
    MiDeleteVirtualAddresses(USER_SHARED_DATA, USER_SHARED_DATA, NULL);
 
    /* Release the working set */
    MiUnlockProcessWorkingSetUnsafe(Process, Thread);
 
    /* Release the address space */
    MmUnlockAddressSpace(&Process->Vm);
}

Referenced by PspExitProcess(), and PspExitThread().

◆ MmCopyVirtualMemory()

NTSTATUS NTAPI MmCopyVirtualMemory	(	IN PEPROCESS	SourceProcess,
		IN PVOID	SourceAddress,
		IN PEPROCESS	TargetProcess,
		OUT PVOID	TargetAddress,
		IN SIZE_T	BufferSize,
		IN KPROCESSOR_MODE	PreviousMode,
		OUT PSIZE_T	ReturnSize
	)

Definition at line 1270 of file virtual.c.

{
    NTSTATUS Status;
    PEPROCESS Process = SourceProcess;
 
    //
    // Don't accept zero-sized buffers
    //
    if (!BufferSize) return STATUS_SUCCESS;
 
    //
    // If we are copying from ourselves, lock the target instead
    //
    if (SourceProcess == PsGetCurrentProcess()) Process = TargetProcess;
 
    //
    // Acquire rundown protection
    //
    if (!ExAcquireRundownProtection(&Process->RundownProtect))
    {
        //
        // Fail
        //
        return STATUS_PROCESS_IS_TERMINATING;
    }
 
    //
    // See if we should use the pool copy
    //
    if (BufferSize > MI_POOL_COPY_BYTES)
    {
        //
        // Use MDL-copy
        //
        Status = MiDoMappedCopy(SourceProcess,
                                SourceAddress,
                                TargetProcess,
                                TargetAddress,
                                BufferSize,
                                PreviousMode,
                                ReturnSize);
    }
    else
    {
        //
        // Do pool copy
        //
        Status = MiDoPoolCopy(SourceProcess,
                              SourceAddress,
                              TargetProcess,
                              TargetAddress,
                              BufferSize,
                              PreviousMode,
                              ReturnSize);
    }
 
    //
    // Release the lock
    //
    ExReleaseRundownProtection(&Process->RundownProtect);
    return Status;
}

Referenced by LpcpCopyRequestData(), NtReadVirtualMemory(), and NtWriteVirtualMemory().

◆ MmCreateKernelStack()

PVOID NTAPI MmCreateKernelStack	(	BOOLEAN	GuiStack,
		UCHAR	Node
	)

Referenced by KeInitThread(), KeStartAllProcessors(), KiInitializeKernel(), and PsConvertToGuiThread().

◆ MmCreateMemoryArea()

NTSTATUS NTAPI MmCreateMemoryArea	(	PMMSUPPORT	AddressSpace,
		ULONG	Type,
		PVOID *	BaseAddress,
		SIZE_T	Length,
		ULONG	Protection,
		PMEMORY_AREA *	Result,
		ULONG	AllocationFlags,
		ULONG	AllocationGranularity
	)

Definition at line 410 of file marea.c.

{
    ULONG_PTR tmpLength;
    PMEMORY_AREA MemoryArea;
    ULONG_PTR EndingAddress;
 
    DPRINT("MmCreateMemoryArea(Type 0x%lx, BaseAddress %p, "
           "*BaseAddress %p, Length %p, AllocationFlags %x, "
           "Result %p)\n",
           Type, BaseAddress, *BaseAddress, Length, AllocationFlags,
           Result);
 
    /* Is this a static memory area? */
    if (Type & MEMORY_AREA_STATIC)
    {
        /* Use the static array instead of the pool */
        ASSERT(MiStaticMemoryAreaCount < MI_STATIC_MEMORY_AREAS);
        MemoryArea = &MiStaticMemoryAreas[MiStaticMemoryAreaCount++];
    }
    else
    {
        /* Allocate the memory area from nonpaged pool */
        MemoryArea = ExAllocatePoolWithTag(NonPagedPool,
                                           sizeof(MEMORY_AREA),
                                           TAG_MAREA);
    }
 
    if (!MemoryArea)
    {
        DPRINT1("Not enough memory.\n");
        return STATUS_NO_MEMORY;
    }
 
    RtlZeroMemory(MemoryArea, sizeof(MEMORY_AREA));
    MemoryArea->Type = Type & ~MEMORY_AREA_STATIC;
    MemoryArea->Flags = AllocationFlags;
    MemoryArea->Magic = 'erAM';
    MemoryArea->DeleteInProgress = FALSE;
 
    if (*BaseAddress == 0)
    {
        tmpLength = (ULONG_PTR)MM_ROUND_UP(Length, PAGE_SIZE);
        *BaseAddress = MmFindGap(AddressSpace,
                                 tmpLength,
                                 Granularity,
                                 (AllocationFlags & MEM_TOP_DOWN) == MEM_TOP_DOWN);
        if ((*BaseAddress) == 0)
        {
            DPRINT("No suitable gap\n");
            if (!(Type & MEMORY_AREA_STATIC)) ExFreePoolWithTag(MemoryArea, TAG_MAREA);
            return STATUS_NO_MEMORY;
        }
 
        MemoryArea->VadNode.StartingVpn = (ULONG_PTR)*BaseAddress >> PAGE_SHIFT;
        MemoryArea->VadNode.EndingVpn = ((ULONG_PTR)*BaseAddress + tmpLength - 1) >> PAGE_SHIFT;
        MmInsertMemoryArea(AddressSpace, MemoryArea, Protect);
    }
    else
    {
        EndingAddress = ((ULONG_PTR)*BaseAddress + Length - 1) | (PAGE_SIZE - 1);
        *BaseAddress = ALIGN_DOWN_POINTER_BY(*BaseAddress, Granularity);
        tmpLength = EndingAddress + 1 - (ULONG_PTR)*BaseAddress;
 
        if (!MmGetAddressSpaceOwner(AddressSpace) && *BaseAddress < MmSystemRangeStart)
        {
            ASSERT(FALSE);
            if (!(Type & MEMORY_AREA_STATIC)) ExFreePoolWithTag(MemoryArea, TAG_MAREA);
            return STATUS_ACCESS_VIOLATION;
        }
 
        if (MmGetAddressSpaceOwner(AddressSpace) &&
                (ULONG_PTR)(*BaseAddress) + tmpLength > (ULONG_PTR)MmSystemRangeStart)
        {
            DPRINT("Memory area for user mode address space exceeds MmSystemRangeStart\n");
            if (!(Type & MEMORY_AREA_STATIC)) ExFreePoolWithTag(MemoryArea, TAG_MAREA);
            return STATUS_ACCESS_VIOLATION;
        }
 
        /* No need to check ARM3 owned memory areas, the range MUST be free */
        if (MemoryArea->Type != MEMORY_AREA_OWNED_BY_ARM3)
        {
            if (MmLocateMemoryAreaByRegion(AddressSpace,
                                           *BaseAddress,
                                           tmpLength) != NULL)
            {
                DPRINT("Memory area already occupied\n");
                if (!(Type & MEMORY_AREA_STATIC)) ExFreePoolWithTag(MemoryArea, TAG_MAREA);
                return STATUS_CONFLICTING_ADDRESSES;
            }
        }
 
        MemoryArea->VadNode.StartingVpn = (ULONG_PTR)*BaseAddress >> PAGE_SHIFT;
        MemoryArea->VadNode.EndingVpn = ((ULONG_PTR)*BaseAddress + tmpLength - 1) >> PAGE_SHIFT;
        MmInsertMemoryArea(AddressSpace, MemoryArea, Protect);
    }
 
    *Result = MemoryArea;
 
    DPRINT("MmCreateMemoryArea() succeeded (%p)\n", *BaseAddress);
    return STATUS_SUCCESS;
}

Referenced by MiCreateArm3StaticMemoryArea(), MiInsertNode(), and MmMapViewOfSegment().

◆ MmCreatePageFileMapping()

NTSTATUS NTAPI MmCreatePageFileMapping	(	struct _EPROCESS *	Process,
		PVOID	Address,
		SWAPENTRY	SwapEntry
	)

Referenced by MmNotPresentFaultSectionView(), and MmPageOutPhysicalAddress().

◆ MmCreatePeb()

NTSTATUS NTAPI MmCreatePeb	(	IN PEPROCESS	Process,
		IN PINITIAL_PEB	InitialPeb,
		OUT PPEB *	BasePeb
	)

Definition at line 518 of file procsup.c.

{
    PPEB Peb = NULL;
    LARGE_INTEGER SectionOffset;
    SIZE_T ViewSize = 0;
    PVOID TableBase = NULL;
    PIMAGE_NT_HEADERS NtHeaders;
    PIMAGE_LOAD_CONFIG_DIRECTORY ImageConfigData;
    NTSTATUS Status;
    USHORT Characteristics;
    SectionOffset.QuadPart = (ULONGLONG)0;
    *BasePeb = NULL;
 
    //
    // Attach to Process
    //
    KeAttachProcess(&Process->Pcb);
 
    //
    // Map NLS Tables
    //
    Status = MmMapViewOfSection(ExpNlsSectionPointer,
                                (PEPROCESS)Process,
                                &TableBase,
                                0,
                                0,
                                &SectionOffset,
                                &ViewSize,
                                ViewShare,
                                MEM_TOP_DOWN,
                                PAGE_READONLY);
    DPRINT("NLS Tables at: %p\n", TableBase);
    if (!NT_SUCCESS(Status))
    {
        /* Cleanup and exit */
        KeDetachProcess();
        return Status;
    }
 
    //
    // Allocate the PEB
    //
    Status = MiCreatePebOrTeb(Process, sizeof(PEB), (PULONG_PTR)&Peb);
    DPRINT("PEB at: %p\n", Peb);
    if (!NT_SUCCESS(Status))
    {
        /* Cleanup and exit */
        KeDetachProcess();
        return Status;
    }
 
    //
    // Use SEH in case we can't load the PEB
    //
    _SEH2_TRY
    {
        //
        // Initialize the PEB
        //
        RtlZeroMemory(Peb, sizeof(PEB));
 
        //
        // Set up data
        //
        Peb->ImageBaseAddress = Process->SectionBaseAddress;
        Peb->InheritedAddressSpace = InitialPeb->InheritedAddressSpace;
        Peb->Mutant = InitialPeb->Mutant;
        Peb->ImageUsesLargePages = InitialPeb->ImageUsesLargePages;
 
        //
        // NLS
        //
        Peb->AnsiCodePageData = (PCHAR)TableBase + ExpAnsiCodePageDataOffset;
        Peb->OemCodePageData = (PCHAR)TableBase + ExpOemCodePageDataOffset;
        Peb->UnicodeCaseTableData = (PCHAR)TableBase + ExpUnicodeCaseTableDataOffset;
 
        //
        // Default Version Data (could get changed below)
        //
        Peb->OSMajorVersion = NtMajorVersion;
        Peb->OSMinorVersion = NtMinorVersion;
        Peb->OSBuildNumber = (USHORT)(NtBuildNumber & 0x3FFF);
        Peb->OSPlatformId = VER_PLATFORM_WIN32_NT;
        Peb->OSCSDVersion = (USHORT)CmNtCSDVersion;
 
        //
        // Heap and Debug Data
        //
        Peb->NumberOfProcessors = KeNumberProcessors;
        Peb->ImageProcessAffinityMask = KeActiveProcessors;
        Peb->BeingDebugged = (BOOLEAN)(Process->DebugPort != NULL);
        Peb->NtGlobalFlag = NtGlobalFlag;
        Peb->HeapSegmentReserve = MmHeapSegmentReserve;
        Peb->HeapSegmentCommit = MmHeapSegmentCommit;
        Peb->HeapDeCommitTotalFreeThreshold = MmHeapDeCommitTotalFreeThreshold;
        Peb->HeapDeCommitFreeBlockThreshold = MmHeapDeCommitFreeBlockThreshold;
        Peb->CriticalSectionTimeout = MmCriticalSectionTimeout;
        Peb->MinimumStackCommit = MmMinimumStackCommitInBytes;
        Peb->MaximumNumberOfHeaps = (PAGE_SIZE - sizeof(PEB)) / sizeof(PVOID);
        Peb->ProcessHeaps = (PVOID*)(Peb + 1);
 
        //
        // Session ID
        //
        if (Process->Session) Peb->SessionId = MmGetSessionId(Process);
    }
    _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
    {
        //
        // Fail
        //
        KeDetachProcess();
        _SEH2_YIELD(return _SEH2_GetExceptionCode());
    }
    _SEH2_END;
 
    //
    // Use SEH in case we can't load the image
    //
    _SEH2_TRY
    {
        //
        // Get NT Headers
        //
        NtHeaders = RtlImageNtHeader(Peb->ImageBaseAddress);
        Characteristics = NtHeaders->FileHeader.Characteristics;
    }
    _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
    {
        //
        // Fail
        //
        KeDetachProcess();
        _SEH2_YIELD(return STATUS_INVALID_IMAGE_PROTECT);
    }
    _SEH2_END;
 
    //
    // Parse the headers
    //
    if (NtHeaders)
    {
        //
        // Use SEH in case we can't load the headers
        //
        _SEH2_TRY
        {
            //
            // Get the Image Config Data too
            //
            ImageConfigData = RtlImageDirectoryEntryToData(Peb->ImageBaseAddress,
                                                           TRUE,
                                                           IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG,
                                                           (PULONG)&ViewSize);
            if (ImageConfigData)
            {
                //
                // Probe it
                //
                ProbeForRead(ImageConfigData,
                             sizeof(IMAGE_LOAD_CONFIG_DIRECTORY),
                             sizeof(ULONG));
            }
 
            //
            // Write subsystem data
            //
            Peb->ImageSubsystem = NtHeaders->OptionalHeader.Subsystem;
            Peb->ImageSubsystemMajorVersion = NtHeaders->OptionalHeader.MajorSubsystemVersion;
            Peb->ImageSubsystemMinorVersion = NtHeaders->OptionalHeader.MinorSubsystemVersion;
 
            //
            // Check for version data
            //
            if (NtHeaders->OptionalHeader.Win32VersionValue)
            {
                //
                // Extract values and write them
                //
                Peb->OSMajorVersion = NtHeaders->OptionalHeader.Win32VersionValue & 0xFF;
                Peb->OSMinorVersion = (NtHeaders->OptionalHeader.Win32VersionValue >> 8) & 0xFF;
                Peb->OSBuildNumber = (NtHeaders->OptionalHeader.Win32VersionValue >> 16) & 0x3FFF;
                Peb->OSPlatformId = (NtHeaders->OptionalHeader.Win32VersionValue >> 30) ^ 2;
 
                /* Process CSD version override */
                if ((ImageConfigData) && (ImageConfigData->CSDVersion))
                {
                    /* Take the value from the image configuration directory */
                    Peb->OSCSDVersion = ImageConfigData->CSDVersion;
                }
            }
 
            /* Process optional process affinity mask override */
            if ((ImageConfigData) && (ImageConfigData->ProcessAffinityMask))
            {
                /* Take the value from the image configuration directory */
                Peb->ImageProcessAffinityMask = ImageConfigData->ProcessAffinityMask;
            }
 
            //
            // Check if this is a UP image
            if (Characteristics & IMAGE_FILE_UP_SYSTEM_ONLY)
            {
                //
                // Set single processor rotating affinity.
                // See https://www.microsoftpressstore.com/articles/article.aspx?p=2233328&seqNum=3
                //
                Peb->ImageProcessAffinityMask = AFFINITY_MASK(MmRotatingUniprocessorNumber);
                ASSERT(Peb->ImageProcessAffinityMask & KeActiveProcessors);
                MmRotatingUniprocessorNumber = (MmRotatingUniprocessorNumber + 1) % KeNumberProcessors;
            }
        }
        _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
        {
            //
            // Fail
            //
            KeDetachProcess();
            _SEH2_YIELD(return STATUS_INVALID_IMAGE_PROTECT);
        }
        _SEH2_END;
    }
 
    //
    // Detach from the Process
    //
    KeDetachProcess();
    *BasePeb = Peb;
    return STATUS_SUCCESS;
}

Referenced by PspCreateProcess().

◆ MmCreatePhysicalMapping()

NTSTATUS NTAPI MmCreatePhysicalMapping	(	_Inout_opt_ PEPROCESS	Process,
		_In_ PVOID	Address,
		_In_ ULONG	flProtect,
		_In_ PFN_NUMBER	Page
	)

Definition at line 735 of file page.c.

{
    return MmCreateVirtualMappingUnsafeEx(Process, Address, flProtect, Page, TRUE);
}

Referenced by MmNotPresentFaultSectionView().

◆ MmCreatePhysicalMemorySection()

NTSTATUS NTAPI MmCreatePhysicalMemorySection ( VOID )

Definition at line 2208 of file section.c.

{
    PSECTION PhysSection;
    NTSTATUS Status;
    OBJECT_ATTRIBUTES Obj;
    UNICODE_STRING Name = RTL_CONSTANT_STRING(L"\\Device\\PhysicalMemory");
    LARGE_INTEGER SectionSize;
    HANDLE Handle;
    PMM_SECTION_SEGMENT Segment;
 
    /*
     * Create the section mapping physical memory
     */
    SectionSize.QuadPart = MmHighestPhysicalPage * PAGE_SIZE;
    InitializeObjectAttributes(&Obj,
                               &Name,
                               OBJ_PERMANENT | OBJ_KERNEL_EXCLUSIVE,
                               NULL,
                               NULL);
    /*
     * Create the Object
     */
    Status = ObCreateObject(KernelMode,
                            MmSectionObjectType,
                            &Obj,
                            ExGetPreviousMode(),
                            NULL,
                            sizeof(*PhysSection),
                            0,
                            0,
                            (PVOID*)&PhysSection);
    if (!NT_SUCCESS(Status))
    {
        DPRINT1("MmCreatePhysicalMemorySection: failed to create object (0x%lx)\n", Status);
        return Status;
    }
 
    /*
     * Initialize it
     */
    RtlZeroMemory(PhysSection, sizeof(*PhysSection));
 
    /* Mark this as a "ROS Section" */
    PhysSection->u.Flags.filler = 1;
    PhysSection->InitialPageProtection = PAGE_EXECUTE_READWRITE;
    PhysSection->u.Flags.PhysicalMemory = 1;
    PhysSection->SizeOfSection = SectionSize;
    Segment = ExAllocatePoolWithTag(NonPagedPool, sizeof(MM_SECTION_SEGMENT),
                                    TAG_MM_SECTION_SEGMENT);
    if (Segment == NULL)
    {
        ObDereferenceObject(PhysSection);
        return STATUS_NO_MEMORY;
    }
    RtlZeroMemory(Segment, sizeof(MM_SECTION_SEGMENT));
    PhysSection->Segment = (PSEGMENT)Segment;
    Segment->RefCount = 1;
 
    Segment->ReferenceCount = &Segment->RefCount;
    Segment->Flags = &Segment->SegFlags;
 
    ExInitializeFastMutex(&Segment->Lock);
    Segment->Image.FileOffset = 0;
    Segment->Protection = PAGE_EXECUTE_READWRITE;
    Segment->RawLength = SectionSize;
    Segment->Length = SectionSize;
    Segment->SegFlags = MM_PHYSICALMEMORY_SEGMENT;
    Segment->WriteCopy = FALSE;
    Segment->Image.VirtualAddress = 0;
    Segment->Image.Characteristics = 0;
    MiInitializeSectionPageTable(Segment);
 
    Status = ObInsertObject(PhysSection,
                            NULL,
                            SECTION_ALL_ACCESS,
                            0,
                            NULL,
                            &Handle);
    if (!NT_SUCCESS(Status))
    {
        ObDereferenceObject(PhysSection);
        return Status;
    }
    ObCloseHandle(Handle, KernelMode);
 
    return STATUS_SUCCESS;
}

Referenced by MmInitSectionImplementation().

◆ MmCreateProcessAddressSpace()

BOOLEAN NTAPI MmCreateProcessAddressSpace	(	IN ULONG	MinWs,
		IN PEPROCESS	Dest,
		IN PULONG_PTR	DirectoryTableBase
	)

Definition at line 136 of file page.c.

{
    UNIMPLEMENTED_DBGBREAK();
    return FALSE;
}

Referenced by PspCreateProcess().

◆ MmCreateTeb()

NTSTATUS NTAPI MmCreateTeb	(	IN PEPROCESS	Process,
		IN PCLIENT_ID	ClientId,
		IN PINITIAL_TEB	InitialTeb,
		OUT PTEB *	BaseTeb
	)

Definition at line 753 of file procsup.c.

{
    PTEB Teb;
    NTSTATUS Status = STATUS_SUCCESS;
    *BaseTeb = NULL;
 
    //
    // Attach to Target
    //
    KeAttachProcess(&Process->Pcb);
 
    //
    // Allocate the TEB
    //
    Status = MiCreatePebOrTeb(Process, sizeof(TEB), (PULONG_PTR)&Teb);
    if (!NT_SUCCESS(Status))
    {
        /* Cleanup and exit */
        KeDetachProcess();
        return Status;
    }
 
    //
    // Use SEH in case we can't load the TEB
    //
    _SEH2_TRY
    {
        //
        // Initialize the PEB
        //
        RtlZeroMemory(Teb, sizeof(TEB));
 
        //
        // Set TIB Data
        //
#ifdef _M_AMD64
        Teb->NtTib.ExceptionList = NULL;
#else
        Teb->NtTib.ExceptionList = EXCEPTION_CHAIN_END;
#endif
        Teb->NtTib.Self = (PNT_TIB)Teb;
 
        //
        // Identify this as an OS/2 V3.0 ("Cruiser") TIB
        //
        Teb->NtTib.Version = 30 << 8;
 
        //
        // Set TEB Data
        //
        Teb->ClientId = *ClientId;
        Teb->RealClientId = *ClientId;
        Teb->ProcessEnvironmentBlock = Process->Peb;
        Teb->CurrentLocale = PsDefaultThreadLocaleId;
 
        //
        // Check if we have a grandparent TEB
        //
        if ((InitialTeb->PreviousStackBase == NULL) &&
            (InitialTeb->PreviousStackLimit == NULL))
        {
            //
            // Use initial TEB values
            //
            Teb->NtTib.StackBase = InitialTeb->StackBase;
            Teb->NtTib.StackLimit = InitialTeb->StackLimit;
            Teb->DeallocationStack = InitialTeb->AllocatedStackBase;
        }
        else
        {
            //
            // Use grandparent TEB values
            //
            Teb->NtTib.StackBase = InitialTeb->PreviousStackBase;
            Teb->NtTib.StackLimit = InitialTeb->PreviousStackLimit;
        }
 
        //
        // Initialize the static unicode string
        //
        Teb->StaticUnicodeString.MaximumLength = sizeof(Teb->StaticUnicodeBuffer);
        Teb->StaticUnicodeString.Buffer = Teb->StaticUnicodeBuffer;
    }
    _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
    {
        //
        // Get error code
        //
        Status = _SEH2_GetExceptionCode();
    }
    _SEH2_END;
 
    //
    // Return
    //
    KeDetachProcess();
    *BaseTeb = Teb;
    return Status;
}

Referenced by PspCreateThread().

◆ MmCreateVirtualMapping()

NTSTATUS NTAPI MmCreateVirtualMapping	(	struct _EPROCESS *	Process,
		PVOID	Address,
		ULONG	flProtect,
		PFN_NUMBER	Page
	)

Referenced by MmAccessFaultSectionView(), MmNotPresentFaultSectionView(), and MmPageOutPhysicalAddress().

◆ MmCreateVirtualMappingUnsafe()

NTSTATUS NTAPI MmCreateVirtualMappingUnsafe	(	struct _EPROCESS *	Process,
		PVOID	Address,
		ULONG	flProtect,
		PFN_NUMBER	Page
	)

◆ MmDbgCopyMemory()

NTSTATUS NTAPI MmDbgCopyMemory	(	IN ULONG64	Address,
		IN PVOID	Buffer,
		IN ULONG	Size,
		IN ULONG	Flags
	)

Definition at line 124 of file mmdbg.c.

{
    PVOID TargetAddress;
    ULONG64 PhysicalAddress;
    PMMPTE PointerPte;
    PVOID CopyDestination, CopySource;
 
    /* No local kernel debugging support yet, so don't worry about locking */
    if (!(Flags & MMDBG_COPY_UNSAFE))
    {
        static BOOLEAN Warned = FALSE;
        if (!Warned)
        {
            KdpDprintf("MmDbgCopyMemory: not providing MMDBG_COPY_UNSAFE is UNIMPLEMENTED\n");
            Warned = TRUE;
        }
    }
 
    /* We only handle 1, 2, 4 and 8 byte requests */
    if ((Size != 1) &&
        (Size != 2) &&
        (Size != 4) &&
        (Size != 8))
    {
        /* Invalid size, fail */
        KdpDprintf("MmDbgCopyMemory: Received Illegal Size 0x%lx\n",
                   Size);
        return STATUS_INVALID_PARAMETER_3;
    }
 
    /* The copy must be aligned */
    if ((Address & (Size - 1)) != 0)
    {
        /* Not allowing unaligned access */
        KdpDprintf("MmDbgCopyMemory: Received Unaligned Address 0x%I64x Size %lx\n",
                   Address,
                   Size);
        return STATUS_INVALID_PARAMETER_3;
    }
 
    /* Check for physical or virtual copy */
    if (Flags & MMDBG_COPY_PHYSICAL)
    {
        /* Physical: translate and map it to our mapping space */
        TargetAddress = MiDbgTranslatePhysicalAddress(Address,
                                                      Flags);
 
        /* Check if translation failed */
        if (!TargetAddress)
        {
            /* Fail */
            KdpDprintf("MmDbgCopyMemory: Failed to Translate Physical Address %I64x\n",
                       Address);
            return STATUS_UNSUCCESSFUL;
        }
 
        /* The address we received must be valid! */
        ASSERT(MmIsAddressValid(TargetAddress));
    }
    else
    {
        /* Virtual; truncate it to avoid casts later down */
        TargetAddress = (PVOID)(ULONG_PTR)Address;
 
        /* Make sure address is valid */
        if (!MmIsAddressValid(TargetAddress))
        {
            /* Fail */
            KdpDprintf("MmDbgCopyMemory: Failing %s for invalid Virtual Address 0x%p\n",
                       Flags & MMDBG_COPY_WRITE ? "write" : "read",
                       TargetAddress);
            return STATUS_UNSUCCESSFUL;
        }
 
        /* Not handling session space correctly yet */
        if (MmIsSessionAddress(TargetAddress))
        {
            /* FIXME */
        }
 
        /* If we are going to write to the address, then check if its writable */
        PointerPte = MiAddressToPte(TargetAddress);
        if ((Flags & MMDBG_COPY_WRITE) &&
            (!MI_IS_PAGE_WRITEABLE(PointerPte)))
        {
            /* Not writable, we need to do a physical copy */
            Flags |= MMDBG_COPY_PHYSICAL;
 
            /* Calculate the physical address */
            PhysicalAddress = PointerPte->u.Hard.PageFrameNumber << PAGE_SHIFT;
            PhysicalAddress += BYTE_OFFSET(Address);
 
            /* Translate the physical address */
            TargetAddress = MiDbgTranslatePhysicalAddress(PhysicalAddress,
                                                          Flags);
 
            /* Check if translation failed */
            if (!TargetAddress)
            {
                /* Fail */
                KdpDprintf("MmDbgCopyMemory: Failed to translate for write %I64x (%I64x)\n",
                           PhysicalAddress,
                           Address);
                return STATUS_UNSUCCESSFUL;
            }
        }
    }
 
    /* Check what kind of operation this is */
    if (Flags & MMDBG_COPY_WRITE)
    {
        /* Write */
        CopyDestination = TargetAddress;
        CopySource = Buffer;
    }
    else
    {
        /* Read */
        CopyDestination = Buffer;
        CopySource = TargetAddress;
    }
 
    /* Do the copy  */
    switch (Size)
    {
        case 1:
 
            /* 1 byte */
            *(PUCHAR)CopyDestination = *(PUCHAR)CopySource;
            break;
 
        case 2:
 
            /* 2 bytes */
            *(PUSHORT)CopyDestination = *(PUSHORT)CopySource;
            break;
 
        case 4:
 
            /* 4 bytes */
            *(PULONG)CopyDestination = *(PULONG)CopySource;
            break;
 
        case 8:
 
            /* 8 bytes */
            *(PULONGLONG)CopyDestination = *(PULONGLONG)CopySource;
            break;
 
        /* Size is sanitized above */
        DEFAULT_UNREACHABLE;
    }
 
    /* Get rid of the mapping if this was a physical copy */
    if (Flags & MMDBG_COPY_PHYSICAL)
    {
        /* Unmap and flush it */
        MiDbgUnTranslatePhysicalAddress();
    }
 
    /* And we are done */
    return STATUS_SUCCESS;
}

Referenced by KdpCopyMemoryChunks().

◆ MmDeleteAllRmaps()

VOID NTAPI MmDeleteAllRmaps	(	PFN_NUMBER	Page,
		PVOID	Context,
		VOID()(PVOID Context, struct _EPROCESS Process, PVOID Address)	DeleteMapping
	)

◆ MmDeleteKernelStack()

VOID NTAPI MmDeleteKernelStack	(	PVOID	Stack,
		BOOLEAN	GuiStack
	)

Referenced by KeInitThread(), KeStartAllProcessors(), KeUninitThread(), PsConvertToGuiThread(), PspDeleteThread(), and PspReapRoutine().

◆ MmDeletePageFileMapping()

VOID NTAPI MmDeletePageFileMapping	(	struct _EPROCESS *	Process,
		PVOID	Address,
		SWAPENTRY *	SwapEntry
	)

Referenced by MmFreeMemoryArea(), MmNotPresentFaultSectionView(), and MmPageOutPhysicalAddress().

◆ MmDeletePageTable()

VOID NTAPI MmDeletePageTable	(	struct _EPROCESS *	Process,
		PVOID	Address
	)

◆ MmDeleteProcessAddressSpace()

VOID NTAPI MmDeleteProcessAddressSpace ( IN PEPROCESS Process )

Definition at line 1362 of file procsup.c.

{
    PMMPFN Pfn1, Pfn2;
    KIRQL OldIrql;
    PFN_NUMBER PageFrameIndex;
 
#ifndef _M_AMD64
    OldIrql = MiAcquireExpansionLock();
    RemoveEntryList(&Process->MmProcessLinks);
    MiReleaseExpansionLock(OldIrql);
#endif
 
    //ASSERT(Process->CommitCharge == 0);
 
    /* Remove us from the list */
    OldIrql = MiAcquireExpansionLock();
    if (Process->Vm.WorkingSetExpansionLinks.Flink != NULL)
        RemoveEntryList(&Process->Vm.WorkingSetExpansionLinks);
    MiReleaseExpansionLock(OldIrql);
 
    /* Acquire the PFN lock */
    OldIrql = MiAcquirePfnLock();
 
    /* Check for fully initialized process */
    if (Process->AddressSpaceInitialized == 2)
    {
        /* Map the working set page and its page table */
        Pfn1 = MiGetPfnEntry(Process->WorkingSetPage);
        Pfn2 = MiGetPfnEntry(Pfn1->u4.PteFrame);
 
        /* Nuke it */
        MI_SET_PFN_DELETED(Pfn1);
        MiDecrementShareCount(Pfn2, Pfn1->u4.PteFrame);
        MiDecrementShareCount(Pfn1, Process->WorkingSetPage);
        ASSERT((Pfn1->u3.e2.ReferenceCount == 0) || (Pfn1->u3.e1.WriteInProgress));
 
        /* Now map hyperspace and its page table */
        PageFrameIndex = Process->Pcb.DirectoryTableBase[1] >> PAGE_SHIFT;
        Pfn1 = MiGetPfnEntry(PageFrameIndex);
        Pfn2 = MiGetPfnEntry(Pfn1->u4.PteFrame);
 
        /* Nuke it */
        MI_SET_PFN_DELETED(Pfn1);
        MiDecrementShareCount(Pfn2, Pfn1->u4.PteFrame);
        MiDecrementShareCount(Pfn1, PageFrameIndex);
        ASSERT((Pfn1->u3.e2.ReferenceCount == 0) || (Pfn1->u3.e1.WriteInProgress));
 
        /* Finally, nuke the PDE itself */
        PageFrameIndex = Process->Pcb.DirectoryTableBase[0] >> PAGE_SHIFT;
        Pfn1 = MiGetPfnEntry(PageFrameIndex);
        MI_SET_PFN_DELETED(Pfn1);
        MiDecrementShareCount(Pfn1, PageFrameIndex);
        MiDecrementShareCount(Pfn1, PageFrameIndex);
 
        /* Page table is now dead. Bye bye... */
        ASSERT((Pfn1->u3.e2.ReferenceCount == 0) || (Pfn1->u3.e1.WriteInProgress));
    }
    else
    {
        DPRINT1("Deleting partially initialized address space of Process %p. Might leak resources.\n",
                Process);
    }
 
    /* Release the PFN lock */
    MiReleasePfnLock(OldIrql);
 
    /* Drop a reference on the session */
    if (Process->Session) MiReleaseProcessReferenceToSessionDataPage(Process->Session);
 
    /* Clear out the PDE pages */
    Process->Pcb.DirectoryTableBase[0] = 0;
    Process->Pcb.DirectoryTableBase[1] = 0;
}

Referenced by PspDeleteProcess().

◆ MmDeleteRmap()

VOID NTAPI MmDeleteRmap	(	PFN_NUMBER	Page,
		struct _EPROCESS *	Process,
		PVOID	Address
	)

Referenced by MmAccessFaultSectionView(), MmFreeCacheSectionPage(), MmFreeSectionPage(), and MmPageOutCacheSection().

◆ MmDeleteTeb()

VOID NTAPI MmDeleteTeb	(	struct _EPROCESS *	Process,
		PTEB	Teb
	)

Referenced by PspCreateThread(), and PspExitThread().

◆ MmDereferencePage()

VOID NTAPI MmDereferencePage ( PFN_NUMBER Page )

Definition at line 566 of file freelist.c.

{
    PMMPFN Pfn1;
    DPRINT("MmDereferencePage(PhysicalAddress %x)\n", Pfn << PAGE_SHIFT);
 
    MI_ASSERT_PFN_LOCK_HELD();
 
    Pfn1 = MiGetPfnEntry(Pfn);
    ASSERT(Pfn1);
    ASSERT_IS_ROS_PFN(Pfn1);
 
    ASSERT(Pfn1->u3.e2.ReferenceCount != 0);
    Pfn1->u3.e2.ReferenceCount--;
    if (Pfn1->u3.e2.ReferenceCount == 0)
    {
        /* Apply LRU hack */
        if (Pfn1->u4.MustBeCached)
        {
            MmRemoveLRUUserPage(Pfn);
            Pfn1->u4.MustBeCached = 0;
        }
 
        /* Mark the page temporarily as valid, we're going to make it free soon */
        Pfn1->u3.e1.PageLocation = ActiveAndValid;
 
        /* It's not a ROS PFN anymore */
        Pfn1->u4.AweAllocation = FALSE;
 
        /* Bring it back into the free list */
        DPRINT("Legacy free: %lx\n", Pfn);
        MiInsertPageInFreeList(Pfn);
    }
}

Referenced by MmReleasePageMemoryConsumer(), and MmTrimUserMemory().

◆ MmDeterminePoolType()

POOL_TYPE NTAPI MmDeterminePoolType ( IN PVOID VirtualAddress )

Definition at line 408 of file pool.c.

{
    //
    // Use a simple bounds check
    //
    if (PoolAddress >= MmPagedPoolStart && PoolAddress <= MmPagedPoolEnd)
        return PagedPool;
    else if (PoolAddress >= MmNonPagedPoolStart && PoolAddress <= MmNonPagedPoolEnd)
        return NonPagedPool;
    KeBugCheckEx(BAD_POOL_CALLER, 0x42, (ULONG_PTR)PoolAddress, 0, 0);
}

Referenced by ExFreePoolWithTag(), and ExpCheckPoolAllocation().

◆ MmDumpArmPfnDatabase()

VOID NTAPI MmDumpArmPfnDatabase ( IN BOOLEAN StatusOnly )

Definition at line 1465 of file mminit.c.

{
    ULONG i;
    PMMPFN Pfn1;
    PCHAR Consumer = "Unknown";
    KIRQL OldIrql;
    ULONG ActivePages = 0, FreePages = 0, OtherPages = 0;
#if MI_TRACE_PFNS
    ULONG UsageBucket[MI_USAGE_FREE_PAGE + 1] = {0};
    PCHAR MI_USAGE_TEXT[MI_USAGE_FREE_PAGE + 1] =
    {
        "Not set",
        "Paged Pool",
        "Nonpaged Pool",
        "Nonpaged Pool Ex",
        "Kernel Stack",
        "Kernel Stack Ex",
        "System PTE",
        "VAD",
        "PEB/TEB",
        "Section",
        "Page Table",
        "Page Directory",
        "Old Page Table",
        "Driver Page",
        "Contiguous Alloc",
        "MDL",
        "Demand Zero",
        "Zero Loop",
        "Cache",
        "PFN Database",
        "Boot Driver",
        "Initial Memory",
        "Free Page"
    };
#endif
    //
    // Loop the PFN database
    //
    KeRaiseIrql(HIGH_LEVEL, &OldIrql);
    for (i = 0; i <= MmHighestPhysicalPage; i++)
    {
        Pfn1 = MiGetPfnEntry(i);
        if (!Pfn1) continue;
#if MI_TRACE_PFNS
        ASSERT(Pfn1->PfnUsage <= MI_USAGE_FREE_PAGE);
#endif
        //
        // Get the page location
        //
        switch (Pfn1->u3.e1.PageLocation)
        {
            case ActiveAndValid:
 
                Consumer = "Active and Valid";
                ActivePages++;
                break;
 
            case ZeroedPageList:
 
                Consumer = "Zero Page List";
                FreePages++;
                break;//continue;
 
            case FreePageList:
 
                Consumer = "Free Page List";
                FreePages++;
                break;//continue;
 
            default:
 
                Consumer = "Other (ASSERT!)";
                OtherPages++;
                break;
        }
 
#if MI_TRACE_PFNS
        /* Add into bucket */
        UsageBucket[Pfn1->PfnUsage]++;
#endif
 
        //
        // Pretty-print the page
        //
        if (!StatusOnly)
        DbgPrint("0x%08p:\t%20s\t(%04d.%04d)\t[%16s - %16s]\n",
                 i << PAGE_SHIFT,
                 Consumer,
                 Pfn1->u3.e2.ReferenceCount,
                 Pfn1->u2.ShareCount == LIST_HEAD ? 0xFFFF : Pfn1->u2.ShareCount,
#if MI_TRACE_PFNS
                 MI_USAGE_TEXT[Pfn1->PfnUsage],
                 Pfn1->ProcessName);
#else
                 "Page tracking",
                 "is disabled");
#endif
    }
 
    DbgPrint("Active:               %5d pages\t[%6d KB]\n", ActivePages,  (ActivePages    << PAGE_SHIFT) / 1024);
    DbgPrint("Free:                 %5d pages\t[%6d KB]\n", FreePages,    (FreePages      << PAGE_SHIFT) / 1024);
    DbgPrint("Other:                %5d pages\t[%6d KB]\n", OtherPages,   (OtherPages     << PAGE_SHIFT) / 1024);
    DbgPrint("-----------------------------------------\n");
#if MI_TRACE_PFNS
    OtherPages = UsageBucket[MI_USAGE_BOOT_DRIVER];
    DbgPrint("Boot Images:          %5d pages\t[%6d KB]\n", OtherPages,   (OtherPages     << PAGE_SHIFT) / 1024);
    OtherPages = UsageBucket[MI_USAGE_DRIVER_PAGE];
    DbgPrint("System Drivers:       %5d pages\t[%6d KB]\n", OtherPages,   (OtherPages     << PAGE_SHIFT) / 1024);
    OtherPages = UsageBucket[MI_USAGE_PFN_DATABASE];
    DbgPrint("PFN Database:         %5d pages\t[%6d KB]\n", OtherPages,   (OtherPages     << PAGE_SHIFT) / 1024);
    OtherPages = UsageBucket[MI_USAGE_PAGE_TABLE] + UsageBucket[MI_USAGE_PAGE_DIRECTORY] + UsageBucket[MI_USAGE_LEGACY_PAGE_DIRECTORY];
    DbgPrint("Page Tables:          %5d pages\t[%6d KB]\n", OtherPages,   (OtherPages     << PAGE_SHIFT) / 1024);
    OtherPages = UsageBucket[MI_USAGE_SYSTEM_PTE];
    DbgPrint("System PTEs:          %5d pages\t[%6d KB]\n", OtherPages,   (OtherPages     << PAGE_SHIFT) / 1024);
    OtherPages = UsageBucket[MI_USAGE_VAD];
    DbgPrint("VADs:                 %5d pages\t[%6d KB]\n", OtherPages,   (OtherPages     << PAGE_SHIFT) / 1024);
    OtherPages = UsageBucket[MI_USAGE_CONTINOUS_ALLOCATION];
    DbgPrint("Continuous Allocs:    %5d pages\t[%6d KB]\n", OtherPages,   (OtherPages     << PAGE_SHIFT) / 1024);
    OtherPages = UsageBucket[MI_USAGE_MDL];
    DbgPrint("MDLs:                 %5d pages\t[%6d KB]\n", OtherPages,   (OtherPages     << PAGE_SHIFT) / 1024);
    OtherPages = UsageBucket[MI_USAGE_NONPAGED_POOL] + UsageBucket[MI_USAGE_NONPAGED_POOL_EXPANSION];
    DbgPrint("NonPaged Pool:        %5d pages\t[%6d KB]\n", OtherPages,   (OtherPages     << PAGE_SHIFT) / 1024);
    OtherPages = UsageBucket[MI_USAGE_PAGED_POOL];
    DbgPrint("Paged Pool:           %5d pages\t[%6d KB]\n", OtherPages,   (OtherPages     << PAGE_SHIFT) / 1024);
    OtherPages = UsageBucket[MI_USAGE_DEMAND_ZERO];
    DbgPrint("Demand Zero:          %5d pages\t[%6d KB]\n", OtherPages,   (OtherPages     << PAGE_SHIFT) / 1024);
    OtherPages = UsageBucket[MI_USAGE_ZERO_LOOP];
    DbgPrint("Zero Loop:            %5d pages\t[%6d KB]\n", OtherPages,   (OtherPages     << PAGE_SHIFT) / 1024);
    OtherPages = UsageBucket[MI_USAGE_PEB_TEB];
    DbgPrint("PEB/TEB:              %5d pages\t[%6d KB]\n", OtherPages,   (OtherPages     << PAGE_SHIFT) / 1024);
    OtherPages = UsageBucket[MI_USAGE_KERNEL_STACK] + UsageBucket[MI_USAGE_KERNEL_STACK_EXPANSION];
    DbgPrint("Kernel Stack:         %5d pages\t[%6d KB]\n", OtherPages,   (OtherPages     << PAGE_SHIFT) / 1024);
    OtherPages = UsageBucket[MI_USAGE_INIT_MEMORY];
    DbgPrint("Init Memory:          %5d pages\t[%6d KB]\n", OtherPages,   (OtherPages     << PAGE_SHIFT) / 1024);
    OtherPages = UsageBucket[MI_USAGE_SECTION];
    DbgPrint("Sections:             %5d pages\t[%6d KB]\n", OtherPages,   (OtherPages     << PAGE_SHIFT) / 1024);
    OtherPages = UsageBucket[MI_USAGE_CACHE];
    DbgPrint("Cache:                %5d pages\t[%6d KB]\n", OtherPages,   (OtherPages     << PAGE_SHIFT) / 1024);
    OtherPages = UsageBucket[MI_USAGE_FREE_PAGE];
    DbgPrint("Free:                 %5d pages\t[%6d KB]\n", OtherPages,   (OtherPages     << PAGE_SHIFT) / 1024);
#endif
    KeLowerIrql(OldIrql);
}

Referenced by KdSystemDebugControl().

◆ MmExtendSection()

NTSTATUS NTAPI MmExtendSection	(	_In_ PVOID	Section,
		_Inout_ PLARGE_INTEGER	NewSize
	)

Definition at line 5383 of file section.c.

{
    PSECTION Section = _Section;
 
    /* It makes no sense to extend an image mapping */
    if (Section->u.Flags.Image)
        return STATUS_SECTION_NOT_EXTENDED;
 
    /* Nor is it possible to extend a page file mapping */
    if (!Section->u.Flags.File)
        return STATUS_SECTION_NOT_EXTENDED;
 
    if (!MiIsRosSectionObject(Section))
        return STATUS_NOT_IMPLEMENTED;
 
    /* We just extend the sizes. Shrinking is a no-op ? */
    if (NewSize->QuadPart > Section->SizeOfSection.QuadPart)
    {
        PMM_SECTION_SEGMENT Segment = (PMM_SECTION_SEGMENT)Section->Segment;
        Section->SizeOfSection = *NewSize;
 
        if (!Section->u.Flags.Reserve)
        {
            MmLockSectionSegment(Segment);
            if (Segment->RawLength.QuadPart < NewSize->QuadPart)
            {
                Segment->RawLength = *NewSize;
                Segment->Length.QuadPart = (NewSize->QuadPart + PAGE_SIZE - 1) & ~((LONGLONG)PAGE_SIZE);
            }
            MmUnlockSectionSegment(Segment);
        }
    }
 
    return STATUS_SUCCESS;
}

Referenced by CcSetFileSizes(), and NtExtendSection().

◆ MmFindGap()

PVOID NTAPI MmFindGap	(	PMMSUPPORT	AddressSpace,
		SIZE_T	Length,
		ULONG_PTR	Granularity,
		BOOLEAN	TopDown
	)

Definition at line 215 of file marea.c.

{
    PEPROCESS Process;
    PMM_AVL_TABLE VadRoot;
    TABLE_SEARCH_RESULT Result;
    PMMADDRESS_NODE Parent;
    ULONG_PTR StartingAddress, HighestAddress;
 
    Process = MmGetAddressSpaceOwner(AddressSpace);
    VadRoot = Process ? &Process->VadRoot : &MiRosKernelVadRoot;
    if (TopDown)
    {
        /* Find an address top-down */
        HighestAddress = Process ? (ULONG_PTR)MM_HIGHEST_VAD_ADDRESS : (LONG_PTR)-1;
        Result = MiFindEmptyAddressRangeDownTree(Length,
                                                 HighestAddress,
                                                 Granularity,
                                                 VadRoot,
                                                 &StartingAddress,
                                                 &Parent);
    }
    else
    {
        Result = MiFindEmptyAddressRangeInTree(Length,
                                               Granularity,
                                               VadRoot,
                                               &Parent,
                                               &StartingAddress);
    }
 
    if (Result == TableFoundNode)
    {
        return NULL;
    }
 
    return (PVOID)StartingAddress;
}

Referenced by MmCreateMemoryArea(), and MmMapViewOfSection().

◆ MmFindRegion()

PMM_REGION NTAPI MmFindRegion	(	PVOID	BaseAddress,
		PLIST_ENTRY	RegionListHead,
		PVOID	Address,
		PVOID *	RegionBaseAddress
	)

Definition at line 257 of file region.c.

{
    PLIST_ENTRY current_entry;
    PMM_REGION current;
    PVOID StartAddress = BaseAddress;
 
    current_entry = RegionListHead->Flink;
    while (current_entry != RegionListHead)
    {
        current = CONTAINING_RECORD(current_entry, MM_REGION, RegionListEntry);
 
        if (StartAddress <= Address &&
                ((char*)StartAddress + current->Length) > (char*)Address)
        {
            if (RegionBaseAddress != NULL)
            {
                *RegionBaseAddress = StartAddress;
            }
            return(current);
        }
 
        current_entry = current_entry->Flink;
 
        StartAddress = (PVOID)((ULONG_PTR)StartAddress + current->Length);
 
    }
    return(NULL);
}

Referenced by MmAccessFaultSectionView(), MmAlterRegion(), MmNotPresentFaultSectionView(), MmPageOutPhysicalAddress(), MmProtectSectionView(), and MmQuerySectionView().

◆ MmFlushSegment()

NTSTATUS NTAPI MmFlushSegment	(	_In_ PSECTION_OBJECT_POINTERS	SectionObjectPointer,
		_In_opt_ PLARGE_INTEGER	Offset,
		_In_ ULONG	Length,
		_Out_opt_ PIO_STATUS_BLOCK	Iosb
	)

Definition at line 5051 of file section.c.

{
    LARGE_INTEGER FlushStart, FlushEnd;
    NTSTATUS Status;
 
    if (Offset)
    {
        FlushStart = *Offset;
        Status = RtlLongLongAdd(FlushStart.QuadPart, Length, &FlushEnd.QuadPart);
        if (!NT_SUCCESS(Status))
            return Status;
    }
 
    if (Iosb)
        Iosb->Information = 0;
 
    PMM_SECTION_SEGMENT Segment = MiGrabDataSection(SectionObjectPointer);
    if (!Segment)
    {
        /* Nothing to flush */
        goto Quit;
    }
 
    ASSERT(*Segment->Flags & MM_DATAFILE_SEGMENT);
 
    MmLockSectionSegment(Segment);
 
    if (!Offset)
    {
        FlushStart.QuadPart = 0;
 
        /* FIXME: All of this is suboptimal */
        ULONG ElemCount = RtlNumberGenericTableElements(&Segment->PageTable);
        if (!ElemCount)
        {
            /* No page. Nothing to flush */
            MmUnlockSectionSegment(Segment);
            MmDereferenceSegment(Segment);
            goto Quit;
        }
 
        PCACHE_SECTION_PAGE_TABLE PageTable = RtlGetElementGenericTable(&Segment->PageTable, ElemCount - 1);
        FlushEnd.QuadPart = PageTable->FileOffset.QuadPart + _countof(PageTable->PageEntries) * PAGE_SIZE;
    }
 
    /* Find byte offset of the page to start */
    FlushStart.QuadPart = PAGE_ROUND_DOWN_64(FlushStart.QuadPart);
 
    while (FlushStart.QuadPart < FlushEnd.QuadPart)
    {
        ULONG_PTR Entry = MmGetPageEntrySectionSegment(Segment, &FlushStart);
 
        if (IS_DIRTY_SSE(Entry))
        {
            MmCheckDirtySegment(Segment, &FlushStart, FALSE, FALSE);
 
            if (Iosb)
                Iosb->Information += PAGE_SIZE;
        }
 
        FlushStart.QuadPart += PAGE_SIZE;
    }
 
    MmUnlockSectionSegment(Segment);
    MmDereferenceSegment(Segment);
 
Quit:
    /* FIXME: Handle failures */
    if (Iosb)
        Iosb->Status = STATUS_SUCCESS;
 
    return STATUS_SUCCESS;
}

Referenced by CcFlushCache(), CcRosDeleteFileCache(), CcRosFlushVacb(), and MiRosUnmapViewOfSection().

◆ MmFreeDriverInitialization()

VOID NTAPI MmFreeDriverInitialization ( IN PLDR_DATA_TABLE_ENTRY LdrEntry )

Definition at line 1673 of file sysldr.c.

{
    PMMPTE StartPte, EndPte;
    PFN_NUMBER PageCount;
    PVOID DllBase;
    ULONG i;
    PIMAGE_NT_HEADERS NtHeader;
    PIMAGE_SECTION_HEADER Section, DiscardSection;
 
    /* Get the base address and the page count */
    DllBase = LdrEntry->DllBase;
    PageCount = LdrEntry->SizeOfImage >> PAGE_SHIFT;
 
    /* Get the last PTE in this image */
    EndPte = MiAddressToPte(DllBase) + PageCount;
 
    /* Get the NT header */
    NtHeader = RtlImageNtHeader(DllBase);
    if (!NtHeader) return;
 
    /* Get the last section and loop each section backwards */
    Section = IMAGE_FIRST_SECTION(NtHeader) + NtHeader->FileHeader.NumberOfSections;
    DiscardSection = NULL;
    for (i = 0; i < NtHeader->FileHeader.NumberOfSections; i++)
    {
        /* Go back a section and check if it's discardable */
        Section--;
        if (Section->Characteristics & IMAGE_SCN_MEM_DISCARDABLE)
        {
            /* It is, select it for freeing */
            DiscardSection = Section;
        }
        else
        {
            /* No more discardable sections exist, bail out */
            break;
        }
    }
 
    /* Bail out if there's nothing to free */
    if (!DiscardSection) return;
 
    /* Push the DLL base to the first disacrable section, and get its PTE */
    DllBase = (PVOID)ROUND_TO_PAGES((ULONG_PTR)DllBase + DiscardSection->VirtualAddress);
    ASSERT(MI_IS_PHYSICAL_ADDRESS(DllBase) == FALSE);
    StartPte = MiAddressToPte(DllBase);
 
    /* Check how many pages to free total */
    PageCount = (PFN_NUMBER)(EndPte - StartPte);
    if (!PageCount) return;
 
    /* Delete this many PTEs */
    MiDeleteSystemPageableVm(StartPte, PageCount, 0, NULL);
}

Referenced by IopInitializeDriverModule().

◆ MmFreeMemoryArea()

NTSTATUS NTAPI MmFreeMemoryArea	(	PMMSUPPORT	AddressSpace,
		PMEMORY_AREA	MemoryArea,
		PMM_FREE_PAGE_FUNC	FreePage,
		PVOID	FreePageContext
	)

Definition at line 283 of file marea.c.

{
    ULONG_PTR Address;
    PVOID EndAddress;
 
    /* Make sure we own the address space lock! */
    ASSERT(CONTAINING_RECORD(AddressSpace, EPROCESS, Vm)->AddressCreationLock.Owner == KeGetCurrentThread());
 
    /* Check magic */
    ASSERT(MemoryArea->Magic == 'erAM');
 
    if (MemoryArea->Type != MEMORY_AREA_OWNED_BY_ARM3)
    {
        PEPROCESS CurrentProcess = PsGetCurrentProcess();
        PEPROCESS Process = MmGetAddressSpaceOwner(AddressSpace);
 
        if ((Process != NULL) && (Process != CurrentProcess))
        {
            KeAttachProcess(&Process->Pcb);
        }
 
        EndAddress = MM_ROUND_UP(MA_GetEndingAddress(MemoryArea), PAGE_SIZE);
        for (Address = MA_GetStartingAddress(MemoryArea);
                Address < (ULONG_PTR)EndAddress;
                Address += PAGE_SIZE)
        {
            BOOLEAN Dirty = FALSE;
            SWAPENTRY SwapEntry = 0;
            PFN_NUMBER Page = 0;
            BOOLEAN DoFree;
 
            if (MmIsPageSwapEntry(Process, (PVOID)Address))
            {
                MmDeletePageFileMapping(Process, (PVOID)Address, &SwapEntry);
                /* We'll have to do some cleanup when we're on the page file */
                DoFree = TRUE;
            }
            else if (FreePage == NULL)
            {
                DoFree = MmDeletePhysicalMapping(Process, (PVOID)Address, &Dirty, &Page);
            }
            else
            {
                DoFree = MmDeleteVirtualMapping(Process, (PVOID)Address, &Dirty, &Page);
            }
            if (DoFree && (FreePage != NULL))
            {
                FreePage(FreePageContext, MemoryArea, (PVOID)Address,
                         Page, SwapEntry, (BOOLEAN)Dirty);
            }
        }
 
        //if (MemoryArea->VadNode.StartingVpn < (ULONG_PTR)MmSystemRangeStart >> PAGE_SHIFT
        if (MemoryArea->Vad)
        {
            ASSERT(MemoryArea->VadNode.EndingVpn + 1 < (ULONG_PTR)MmSystemRangeStart >> PAGE_SHIFT);
#ifdef NEWCC
            ASSERT(MemoryArea->Type == MEMORY_AREA_SECTION_VIEW || MemoryArea->Type == MEMORY_AREA_CACHE);
#else
            ASSERT(MemoryArea->Type == MEMORY_AREA_SECTION_VIEW);
#endif
 
            /* MmCleanProcessAddressSpace might have removed it (and this would be MmDeleteProcessAddressSpace) */
            ASSERT(MemoryArea->VadNode.u.VadFlags.Spare != 0);
            if (((PMMVAD)MemoryArea->Vad)->u.VadFlags.Spare == 1)
            {
                MiLockProcessWorkingSet(PsGetCurrentProcess(), PsGetCurrentThread());
                MiRemoveNode((PMMADDRESS_NODE)&MemoryArea->VadNode, &Process->VadRoot);
                MiUnlockProcessWorkingSet(PsGetCurrentProcess(), PsGetCurrentThread());
            }
 
            MemoryArea->Vad = NULL;
        }
        else
        {
            MiLockWorkingSet(PsGetCurrentThread(), &MmSystemCacheWs);
            MiRemoveNode((PMMADDRESS_NODE)&MemoryArea->VadNode, &MiRosKernelVadRoot);
            MiUnlockWorkingSet(PsGetCurrentThread(), &MmSystemCacheWs);
        }
 
        if ((Process != NULL) && (Process != CurrentProcess))
        {
            KeDetachProcess();
        }
    }
 
#if DBG
    MemoryArea->Magic = 'daeD';
#endif
    ExFreePoolWithTag(MemoryArea, TAG_MAREA);
 
    DPRINT("MmFreeMemoryArea() succeeded\n");
 
    return STATUS_SUCCESS;
}

Referenced by MiRemoveNode(), and MmUnmapViewOfSegment().

◆ MmFreeSectionSegments()

VOID NTAPI MmFreeSectionSegments ( PFILE_OBJECT FileObject )

◆ MmFreeSpecialPool()

VOID NTAPI MmFreeSpecialPool ( IN PVOID P )

Referenced by ExFreePoolWithTag().

◆ MmFreeSwapPage()

VOID NTAPI MmFreeSwapPage ( SWAPENTRY Entry )

Definition at line 291 of file pagefile.c.

{
    ULONG i;
    ULONG_PTR off;
    PMMPAGING_FILE PagingFile;
 
    i = FILE_FROM_ENTRY(Entry);
    off = OFFSET_FROM_ENTRY(Entry) - 1;
 
    KeAcquireGuardedMutex(&MmPageFileCreationLock);
 
    PagingFile = MmPagingFile[i];
    if (PagingFile == NULL)
    {
        KeBugCheck(MEMORY_MANAGEMENT);
    }
 
    RtlClearBit(PagingFile->Bitmap, off >> 5);
 
    PagingFile->FreeSpace++;
    PagingFile->CurrentUsage--;
 
    MiFreeSwapPages++;
    MiUsedSwapPages--;
    UpdateTotalCommittedPages(-1);
 
    KeReleaseGuardedMutex(&MmPageFileCreationLock);
}

Referenced by MiFreeSegmentPage(), MmFreeCacheSectionPage(), MmFreeSectionPage(), MmPageOutPhysicalAddress(), MmpFreePageFileSegment(), and MmUnsharePageEntrySectionSegment().

◆ MmGetAddressSpaceOwner()

FORCEINLINE PEPROCESS MmGetAddressSpaceOwner ( IN PMMSUPPORT AddressSpace )

Definition at line 1723 of file mm.h.

{
    if (AddressSpace == MmKernelAddressSpace) return NULL;
    return CONTAINING_RECORD(AddressSpace, EPROCESS, Vm);
}

Referenced by MmAccessFaultSectionView(), MmAlterViewAttributes(), MmCreateMemoryArea(), MmFindGap(), MmFreeCacheSectionPage(), MmFreeMemoryArea(), MmFreeSectionPage(), MmInsertMemoryArea(), MmLocateMemoryAreaByAddress(), MmLocateMemoryAreaByRegion(), MmNotPresentFaultSectionView(), and MmPageOutCacheSection().

◆ MmGetCurrentAddressSpace()

FORCEINLINE PMMSUPPORT MmGetCurrentAddressSpace ( VOID )

Definition at line 1731 of file mm.h.

{
    return &((PEPROCESS)KeGetCurrentThread()->ApcState.Process)->Vm;
}

Referenced by MiLockVirtualMemory(), MiProtectVirtualMemory(), MiUnlockVirtualMemory(), MmAccessFault(), MmGetFileNameForAddress(), NtAllocateVirtualMemory(), NtAreMappedFilesTheSame(), and NtFreeVirtualMemory().

◆ MmGetExecuteOptions()

NTSTATUS NTAPI MmGetExecuteOptions ( IN PULONG ExecuteOptions )

Definition at line 2653 of file pagfault.c.

{
    PKPROCESS CurrentProcess = &PsGetCurrentProcess()->Pcb;
    ASSERT(KeGetCurrentIrql() == PASSIVE_LEVEL);
 
    *ExecuteOptions = 0;
 
    if (CurrentProcess->Flags.ExecuteDisable)
    {
        *ExecuteOptions |= MEM_EXECUTE_OPTION_DISABLE;
    }
 
    if (CurrentProcess->Flags.ExecuteEnable)
    {
        *ExecuteOptions |= MEM_EXECUTE_OPTION_ENABLE;
    }
 
    if (CurrentProcess->Flags.DisableThunkEmulation)
    {
        *ExecuteOptions |= MEM_EXECUTE_OPTION_DISABLE_THUNK_EMULATION;
    }
 
    if (CurrentProcess->Flags.Permanent)
    {
        *ExecuteOptions |= MEM_EXECUTE_OPTION_PERMANENT;
    }
 
    if (CurrentProcess->Flags.ExecuteDispatchEnable)
    {
        *ExecuteOptions |= MEM_EXECUTE_OPTION_EXECUTE_DISPATCH_ENABLE;
    }
 
    if (CurrentProcess->Flags.ImageDispatchEnable)
    {
        *ExecuteOptions |= MEM_EXECUTE_OPTION_IMAGE_DISPATCH_ENABLE;
    }
 
    return STATUS_SUCCESS;
}

Referenced by NtQueryInformationProcess().

◆ MmGetFileNameForAddress()

NTSTATUS NTAPI MmGetFileNameForAddress	(	IN PVOID	Address,
		OUT PUNICODE_STRING	ModuleName
	)

Definition at line 1689 of file section.c.

{
    POBJECT_NAME_INFORMATION ModuleNameInformation;
    PVOID AddressSpace;
    NTSTATUS Status;
    PMMVAD Vad;
    PFILE_OBJECT FileObject = NULL;
 
    /* Lock address space */
    AddressSpace = MmGetCurrentAddressSpace();
    MmLockAddressSpace(AddressSpace);
 
    /* Get the VAD */
    Vad = MiLocateAddress(Address);
    if (Vad == NULL)
    {
        /* Fail, the address does not exist */
        DPRINT1("No VAD at address %p\n", Address);
        MmUnlockAddressSpace(AddressSpace);
        return STATUS_INVALID_ADDRESS;
    }
 
    /* Get the file object pointer for the VAD */
    FileObject = MiGetFileObjectForVad(Vad);
    if (FileObject == NULL)
    {
        DPRINT1("Failed to get file object for Address %p\n", Address);
        MmUnlockAddressSpace(AddressSpace);
        return STATUS_SECTION_NOT_IMAGE;
    }
 
    /* Reference the file object */
    ObReferenceObject(FileObject);
 
    /* Unlock address space */
    MmUnlockAddressSpace(AddressSpace);
 
    /* Get the filename of the file object */
    Status = MmGetFileNameForFileObject(FileObject, &ModuleNameInformation);
 
    /* Dereference the file object */
    ObDereferenceObject(FileObject);
 
    /* Check if we were able to get the file object name */
    if (NT_SUCCESS(Status))
    {
        /* Init modulename */
        if (!RtlCreateUnicodeString(ModuleName, ModuleNameInformation->Name.Buffer))
            Status = STATUS_INSUFFICIENT_RESOURCES;
 
        /* Free temp taged buffer from MmGetFileNameForFileObject() */
        ExFreePoolWithTag(ModuleNameInformation, TAG_MM);
 
        DPRINT("Found ModuleName %wZ by address %p\n", ModuleName, Address);
    }
 
   /* Return status */
   return Status;
}

Referenced by DbgkpPostFakeModuleMessages(), and MiQueryMemorySectionName().

◆ MmGetFileNameForSection()

NTSTATUS NTAPI MmGetFileNameForSection	(	IN PVOID	Section,
		OUT POBJECT_NAME_INFORMATION *	ModuleName
	)

Definition at line 1668 of file section.c.

{
    PFILE_OBJECT FileObject;
    PSECTION SectionObject = Section;
 
    /* Make sure it's an image section */
    if (SectionObject->u.Flags.Image == 0)
    {
        /* It's not, fail */
        DPRINT1("Not an image section\n");
        return STATUS_SECTION_NOT_IMAGE;
    }
 
    /* Get the file object */
    FileObject = MmGetFileObjectForSection(Section);
    return MmGetFileNameForFileObject(FileObject, ModuleName);
}

Referenced by DbgkCreateThread(), and DbgkpSectionToFileHandle().

◆ MmGetFileObjectForSection()

PFILE_OBJECT NTAPI MmGetFileObjectForSection ( IN PVOID Section )

Definition at line 1541 of file section.c.

{
    PSECTION Section = SectionObject;
    ASSERT(KeGetCurrentIrql() == PASSIVE_LEVEL);
    ASSERT(SectionObject != NULL);
 
    /* Check if it's an ARM3, or ReactOS section */
    if (MiIsRosSectionObject(SectionObject) == FALSE)
    {
        /* Return the file pointer stored in the control area */
        return Section->Segment->ControlArea->FilePointer;
    }
 
    /* Return the file object */
    return ((PMM_SECTION_SEGMENT)Section->Segment)->FileObject;
}

Referenced by CcGetFileObjectFromBcb(), CcGetFileObjectFromSectionPtrs(), CcShutdownSystem(), MmGetFileNameForSection(), MmInitializeProcessAddressSpace(), and PsReferenceProcessFilePointer().

◆ MmGetImageInformation()

VOID NTAPI MmGetImageInformation ( OUT PSECTION_IMAGE_INFORMATION ImageInformation )

Definition at line 1615 of file section.c.

{
    PSECTION SectionObject;
 
    /* Get the section object of this process*/
    SectionObject = PsGetCurrentProcess()->SectionObject;
    ASSERT(SectionObject != NULL);
    ASSERT(MiIsRosSectionObject(SectionObject) == TRUE);
 
    if (SectionObject->u.Flags.Image == 0)
    {
        RtlZeroMemory(ImageInformation, sizeof(*ImageInformation));
        return;
    }
 
    /* Return the image information */
    *ImageInformation = ((PMM_IMAGE_SECTION_OBJECT)SectionObject->Segment)->ImageInformation;
}

Referenced by NtQueryInformationProcess().

◆ MmGetKernelAddressSpace()

FORCEINLINE PMMSUPPORT MmGetKernelAddressSpace ( VOID )

Definition at line 1738 of file mm.h.

{
    return MmKernelAddressSpace;
}

Referenced by MiCreateArm3StaticMemoryArea(), MiInitSystemMemoryAreas(), MiRosUnmapViewInSystemSpace(), MmAccessFault(), MmMapViewInSystemSpaceEx(), MmNotPresentFault(), MmpAccessFault(), MmpPageOutPhysicalAddress(), MmUnmapViewInSystemSpace(), and MmWorkingSetManager().

◆ MmGetLRUFirstUserPage()

PFN_NUMBER NTAPI MmGetLRUFirstUserPage ( VOID )

Definition at line 45 of file freelist.c.

{
    PFN_NUMBER Page;
    KIRQL OldIrql;
 
    /* Find the first user page */
    OldIrql = MiAcquirePfnLock();
 
    if (FirstUserLRUPfn == NULL)
    {
        MiReleasePfnLock(OldIrql);
        return 0;
    }
 
    Page = MiGetPfnEntryIndex(FirstUserLRUPfn);
    MmReferencePage(Page);
 
    MiReleasePfnLock(OldIrql);
 
    return Page;
}

Referenced by MiShutdownSystem(), and MmTrimUserMemory().

◆ MmGetLRUNextUserPage()

PFN_NUMBER NTAPI MmGetLRUNextUserPage	(	PFN_NUMBER	PreviousPage,
		BOOLEAN	MoveToLast
	)

Definition at line 125 of file freelist.c.

{
    PFN_NUMBER Page = 0;
    KIRQL OldIrql;
 
    /* Find the next user page */
    OldIrql = MiAcquirePfnLock();
 
    PMMPFN PreviousPfn = MiGetPfnEntry(PreviousPage);
    PMMPFN NextPfn = PreviousPfn->NextLRU;
 
    /*
     * Move this one at the end of the list.
     * It may be freed by MmDereferencePage below.
     * If it's not, then it means it is still hanging in some process address space.
     * This avoids paging-out e.g. ntdll early just because it's mapped first time.
     */
    if ((MoveToLast) && (MmGetReferenceCountPage(PreviousPage) > 1))
    {
        MmRemoveLRUUserPage(PreviousPage);
        MmInsertLRULastUserPage(PreviousPage);
    }
 
    if (NextPfn)
    {
        Page = MiGetPfnEntryIndex(NextPfn);
        MmReferencePage(Page);
    }
 
    MmDereferencePage(PreviousPage);
 
    MiReleasePfnLock(OldIrql);
 
    return Page;
}

Referenced by MiShutdownSystem(), and MmTrimUserMemory().

◆ MmGetPageFileMapping()

VOID NTAPI MmGetPageFileMapping	(	PEPROCESS	Process,
		PVOID	Address,
		SWAPENTRY *	SwapEntry
	)

Definition at line 299 of file page.c.

{
    ASSERT(FALSE);
}

Referenced by MmAlterViewAttributes(), MmNotPresentFaultSectionView(), and MmPageOutCacheSection().

◆ MmGetPageProtect()

ULONG NTAPI MmGetPageProtect	(	struct _EPROCESS *	Process,
		PVOID	Address
	)

Referenced by KdbpOverwriteInstruction(), and MmAccessFaultSectionView().

◆ MmGetPfnForProcess()

PFN_NUMBER NTAPI MmGetPfnForProcess	(	struct _EPROCESS *	Process,
		PVOID	Address
	)

Referenced by MmAccessFaultSectionView(), MmAlterViewAttributes(), MmInsertRmap(), MmPageOutPhysicalAddress(), and MmpPageOutPhysicalAddress().

◆ MmGetReferenceCountPage()

ULONG NTAPI MmGetReferenceCountPage ( PFN_NUMBER Page )

Definition at line 539 of file freelist.c.

{
    ULONG RCount;
    PMMPFN Pfn1;
 
    MI_ASSERT_PFN_LOCK_HELD();
 
    DPRINT("MmGetReferenceCountPage(PhysicalAddress %x)\n", Pfn << PAGE_SHIFT);
 
    Pfn1 = MiGetPfnEntry(Pfn);
    ASSERT(Pfn1);
    ASSERT_IS_ROS_PFN(Pfn1);
 
    RCount = Pfn1->u3.e2.ReferenceCount;
 
    return(RCount);
}

Referenced by MmGetLRUNextUserPage(), and MmGetReferenceCountPageWithoutLock().

◆ MmGetRmapListHeadPage()

struct _MM_RMAP_ENTRY *NTAPI MmGetRmapListHeadPage ( PFN_NUMBER Page )

Definition at line 459 of file freelist.c.

{
    PMMPFN Pfn1;
 
    /* PFN database must be locked */
    MI_ASSERT_PFN_LOCK_HELD();
 
    /* Get the entry */
    Pfn1 = MiGetPfnEntry(Pfn);
    ASSERT(Pfn1);
 
    if (!MI_IS_ROS_PFN(Pfn1))
    {
        return NULL;
    }
 
    /* Should not have an RMAP for a non-active page */
    ASSERT(MiIsPfnInUse(Pfn1) == TRUE);
 
    /* Get the list head */
    return Pfn1->RmapListHead;
}

Referenced by MmDeleteRmap(), MmDeleteSectionAssociation(), MmGetSegmentRmap(), MmInsertRmap(), MmPageOutPhysicalAddress(), MmpPageOutPhysicalAddress(), and MmTrimUserMemory().

◆ MmGetSavedSwapEntryPage()

SWAPENTRY NTAPI MmGetSavedSwapEntryPage ( PFN_NUMBER Page )

Definition at line 500 of file freelist.c.

{
    SWAPENTRY SwapEntry;
    KIRQL oldIrql;
    PMMPFN Pfn1;
 
    Pfn1 = MiGetPfnEntry(Pfn);
    ASSERT(Pfn1);
    ASSERT_IS_ROS_PFN(Pfn1);
 
    oldIrql = MiAcquirePfnLock();
    SwapEntry = Pfn1->u1.SwapEntry;
    MiReleasePfnLock(oldIrql);
 
    return(SwapEntry);
}

Referenced by if(), MiPurgeImageSegment(), MmFinalizeSectionPageOut(), MmFreeSectionPage(), MmPageOutPhysicalAddress(), MmpFreePageFileSegment(), and MmUnsharePageEntrySectionSegment().

◆ MmGetSectionAssociation()

PMM_SECTION_SEGMENT NTAPI MmGetSectionAssociation	(	PFN_NUMBER	Page,
		PLARGE_INTEGER	Offset
	)

Definition at line 374 of file sptab.c.

{
    ULONG RawOffset;
    PMM_SECTION_SEGMENT Segment = NULL;
    PCACHE_SECTION_PAGE_TABLE PageTable;
 
    KIRQL OldIrql = MiAcquirePfnLock();
 
    PageTable = MmGetSegmentRmap(Page, &RawOffset);
    if (PageTable)
    {
        Segment = PageTable->Segment;
        Offset->QuadPart = PageTable->FileOffset.QuadPart +
                           ((ULONG64)RawOffset << PAGE_SHIFT);
        ASSERT(PFN_FROM_SSE(PageTable->PageEntries[RawOffset]) == Page);
        InterlockedIncrement64(Segment->ReferenceCount);
    }
 
    MiReleasePfnLock(OldIrql);
 
    return Segment;
}

Referenced by MiShutdownSystem(), MmPageOutPhysicalAddress(), and MmpPageOutPhysicalAddress().

◆ MmGetSessionById()

PVOID NTAPI MmGetSessionById ( _In_ ULONG SessionId )

Definition at line 1050 of file session.c.

{
    PLIST_ENTRY ListEntry;
    PMM_SESSION_SPACE Session;
    PEPROCESS Process = NULL;
    KIRQL OldIrql;
 
    /* Acquire the expansion lock while touching the session */
    OldIrql = MiAcquireExpansionLock();
 
    /* Loop all entries in the session ws list */
    ListEntry = MiSessionWsList.Flink;
    while (ListEntry != &MiSessionWsList)
    {
        Session = CONTAINING_RECORD(ListEntry, MM_SESSION_SPACE, WsListEntry);
        ListEntry = ListEntry->Flink;
 
        /* Check if this is the session we are looking for */
        if (Session->SessionId == SessionId)
        {
            /* Check if we also have a process in the process list */
            if (!IsListEmpty(&Session->ProcessList))
            {
                Process = CONTAINING_RECORD(Session->ProcessList.Flink,
                                            EPROCESS,
                                            SessionProcessLinks);
 
                /* Reference the process */
                ObReferenceObject(Process);
                break;
            }
        }
    }
 
    /* Release the lock again */
    MiReleaseExpansionLock(OldIrql);
 
    return Process;
}

Referenced by ExpWin32SessionCallout().

◆ MmGetSessionId()

ULONG NTAPI MmGetSessionId ( IN PEPROCESS Process )

Definition at line 179 of file session.c.

{
    PMM_SESSION_SPACE SessionGlobal;
 
    /* The session leader is always session zero */
    if (Process->Vm.Flags.SessionLeader == 1) return 0;
 
    /* Otherwise, get the session global, and read the session ID from it */
    SessionGlobal = (PMM_SESSION_SPACE)Process->Session;
    if (!SessionGlobal) return 0;
    return SessionGlobal->SessionId;
}

Referenced by IoGetRequestorSessionId(), MmCreatePeb(), PsGetCurrentProcessSessionId(), PsGetProcessSessionId(), PsGetThreadSessionId(), PspInitializeProcessSecurity(), and SeExchangePrimaryToken().

◆ MmGetSessionIdEx()

ULONG NTAPI MmGetSessionIdEx ( IN PEPROCESS Process )

Definition at line 194 of file session.c.

{
    PMM_SESSION_SPACE SessionGlobal;
 
    /* The session leader is always session zero */
    if (Process->Vm.Flags.SessionLeader == 1) return 0;
 
    /* Otherwise, get the session global, and read the session ID from it */
    SessionGlobal = (PMM_SESSION_SPACE)Process->Session;
    if (!SessionGlobal) return -1;
    return SessionGlobal->SessionId;
}

Referenced by PsGetProcessSessionIdEx().

◆ MmGetSessionLocaleId()

ULONG NTAPI MmGetSessionLocaleId ( VOID )

Definition at line 56 of file session.c.

{
    PEPROCESS Process;
    PAGED_CODE();
 
    //
    // Get the current process
    //
    Process = PsGetCurrentProcess();
 
    //
    // Check if it's NOT the Session Leader
    //
    if (!Process->Vm.Flags.SessionLeader)
    {
        //
        // Make sure it has a valid Session
        //
        if (Process->Session)
        {
            //
            // Get the Locale ID
            //
            return ((PMM_SESSION_SPACE)Process->Session)->LocaleId;
        }
    }
 
    //
    // Not a session leader, return the default
    //
    return PsDefaultThreadLocaleId;
}

Referenced by NtQueryDefaultLocale(), and PspUserThreadStartup().

◆ MmGrowKernelStack()

NTSTATUS NTAPI MmGrowKernelStack ( IN PVOID StackPointer )

Definition at line 477 of file procsup.c.

{
    //
    // Call the extended version
    //
    return MmGrowKernelStackEx(StackPointer, KERNEL_LARGE_STACK_COMMIT);
}

Referenced by KiUserModeCallout().

◆ MmInit1()

VOID NTAPI MmInit1 ( VOID )

◆ MmInitGlobalKernelPageDirectory()

VOID NTAPI MmInitGlobalKernelPageDirectory ( VOID )

Definition at line 277 of file page.c.

{
    ULONG i;
    PULONG CurrentPageDirectory = (PULONG)PDE_BASE;
 
    /* Loop the 2GB of address space which belong to the kernel */
    for (i = MiGetPdeOffset(MmSystemRangeStart); i < 2048; i++)
    {
        /* Check if we have an entry for this already */
        if ((i != MiGetPdeOffset(PTE_BASE)) &&
            (i != MiGetPdeOffset(HYPER_SPACE)) &&
            (!MmGlobalKernelPageDirectory[i]) &&
            (CurrentPageDirectory[i]))
        {
            /* We don't, link it in our global page directory */
            MmGlobalKernelPageDirectory[i] = CurrentPageDirectory[i];
        }
    }
}

Referenced by MmInitSystem().

◆ MmInitializeBalancer()

VOID NTAPI MmInitializeBalancer	(	ULONG	NrAvailablePages,
		ULONG	NrSystemPages
	)

Definition at line 44 of file balance.c.

{
    memset(MiMemoryConsumers, 0, sizeof(MiMemoryConsumers));
 
    /* Set up targets. */
    MiMinimumAvailablePages = 256;
    MiMinimumPagesPerRun = 256;
    MiMemoryConsumers[MC_USER].PagesTarget = NrAvailablePages / 2;
}

Referenced by MiInitMachineDependent().

◆ MmInitializeHandBuiltProcess()

NTSTATUS NTAPI MmInitializeHandBuiltProcess	(	IN PEPROCESS	Process,
		IN PULONG_PTR	DirectoryTableBase
	)

Definition at line 1127 of file procsup.c.

{
    /* Share the directory base with the idle process */
    DirectoryTableBase[0] = PsGetCurrentProcess()->Pcb.DirectoryTableBase[0];
    DirectoryTableBase[1] = PsGetCurrentProcess()->Pcb.DirectoryTableBase[1];
 
    /* Initialize the Addresss Space */
    KeInitializeGuardedMutex(&Process->AddressCreationLock);
    KeInitializeSpinLock(&Process->HyperSpaceLock);
    Process->Vm.WorkingSetExpansionLinks.Flink = NULL;
    ASSERT(Process->VadRoot.NumberGenericTableElements == 0);
    Process->VadRoot.BalancedRoot.u1.Parent = &Process->VadRoot.BalancedRoot;
 
    /* Use idle process Working set */
    Process->Vm.VmWorkingSetList = PsGetCurrentProcess()->Vm.VmWorkingSetList;
    Process->WorkingSetPage = PsGetCurrentProcess()->WorkingSetPage;
 
    /* Done */
    Process->HasAddressSpace = TRUE;//??
    return STATUS_SUCCESS;
}

Referenced by PspCreateProcess().

◆ MmInitializeHandBuiltProcess2()

NTSTATUS NTAPI MmInitializeHandBuiltProcess2 ( IN PEPROCESS Process )

Definition at line 1153 of file procsup.c.

{
    /* Lock the VAD, ARM3-owned ranges away */
    return STATUS_SUCCESS;
}

Referenced by PspCreateProcess().

◆ MmInitializeMemoryConsumer()

VOID NTAPI MmInitializeMemoryConsumer	(	ULONG	Consumer,
		NTSTATUS(*)(ULONG Target, ULONG Priority, PULONG NrFreed)	Trim
	)

Definition at line 57 of file balance.c.

{
    MiMemoryConsumers[Consumer].Trim = Trim;
}

Referenced by MmInitSystem().

◆ MmInitializeProcessAddressSpace()

NTSTATUS NTAPI MmInitializeProcessAddressSpace	(	IN PEPROCESS	Process,
		IN PEPROCESS Clone	OPTIONAL,
		IN PVOID Section	OPTIONAL,
		IN OUT PULONG	Flags,
		IN POBJECT_NAME_INFORMATION *AuditName	OPTIONAL
	)

Referenced by MiInitMachineDependent(), and PspCreateProcess().

◆ MmInitializeRegion()

VOID NTAPI MmInitializeRegion	(	PLIST_ENTRY	RegionListHead,
		SIZE_T	Length,
		ULONG	Type,
		ULONG	Protect
	)

Definition at line 239 of file region.c.

{
    PMM_REGION Region;
 
    Region = ExAllocatePoolWithTag(NonPagedPool, sizeof(MM_REGION),
                                   TAG_MM_REGION);
    if (!Region) return;
 
    Region->Type = Type;
    Region->Protect = Protect;
    Region->Length = Length;
    InitializeListHead(RegionListHead);
    InsertHeadList(RegionListHead, &Region->RegionListEntry);
}

Referenced by MmMapViewOfSegment().

◆ MmInitializeRmapList()

VOID NTAPI MmInitializeRmapList ( VOID )

Definition at line 38 of file rmap.c.

{
    ExInitializeNPagedLookasideList (&RmapLookasideList,
                                     NULL,
                                     RmapListFree,
                                     0,
                                     sizeof(MM_RMAP_ENTRY),
                                     TAG_RMAP,
                                     50);
}

Referenced by MmInitSystem().

◆ MmInitPagingFile()

VOID NTAPI MmInitPagingFile ( VOID )

Definition at line 272 of file pagefile.c.

{
    ULONG i;
 
    KeInitializeGuardedMutex(&MmPageFileCreationLock);
 
    MiFreeSwapPages = 0;
    MiUsedSwapPages = 0;
    MiReservedSwapPages = 0;
 
    for (i = 0; i < MAX_PAGING_FILES; i++)
    {
        MmPagingFile[i] = NULL;
    }
    MmNumberOfPagingFiles = 0;
}

Referenced by MmInitSystem().

◆ MmInitSectionImplementation()

NTSTATUS NTAPI MmInitSectionImplementation ( VOID )

Definition at line 2299 of file section.c.

{
    OBJECT_TYPE_INITIALIZER ObjectTypeInitializer;
    UNICODE_STRING Name;
 
    DPRINT("Creating Section Object Type\n");
 
    /* Initialize the section based root */
    ASSERT(MmSectionBasedRoot.NumberGenericTableElements == 0);
    MmSectionBasedRoot.BalancedRoot.u1.Parent = &MmSectionBasedRoot.BalancedRoot;
 
    /* Initialize the Section object type  */
    RtlZeroMemory(&ObjectTypeInitializer, sizeof(ObjectTypeInitializer));
    RtlInitUnicodeString(&Name, L"Section");
    ObjectTypeInitializer.Length = sizeof(ObjectTypeInitializer);
    ObjectTypeInitializer.DefaultPagedPoolCharge = sizeof(SECTION);
    ObjectTypeInitializer.PoolType = PagedPool;
    ObjectTypeInitializer.UseDefaultObject = TRUE;
    ObjectTypeInitializer.GenericMapping = MmpSectionMapping;
    ObjectTypeInitializer.DeleteProcedure = MmpDeleteSection;
    ObjectTypeInitializer.CloseProcedure = MmpCloseSection;
    ObjectTypeInitializer.ValidAccessMask = SECTION_ALL_ACCESS;
    ObjectTypeInitializer.InvalidAttributes = OBJ_OPENLINK;
    ObCreateObjectType(&Name, &ObjectTypeInitializer, NULL, &MmSectionObjectType);
 
    MmCreatePhysicalMemorySection();
 
    return STATUS_SUCCESS;
}

Referenced by MmInitSystem().

◆ MmInitSystem()

BOOLEAN NTAPI MmInitSystem	(	IN ULONG	Phase,
		IN PLOADER_PARAMETER_BLOCK	LoaderBlock
	)

Definition at line 206 of file mminit.c.

{
    extern MMPTE ValidKernelPte;
    PMMPTE PointerPte;
    MMPTE TempPte = ValidKernelPte;
    PFN_NUMBER PageFrameNumber;
    PLIST_ENTRY ListEntry;
    PLDR_DATA_TABLE_ENTRY DataTableEntry;
 
    /* Initialize the kernel address space */
    ASSERT(Phase == 1);
 
#ifdef NEWCC
    InitializeListHead(&MiSegmentList);
    ExInitializeFastMutex(&MiGlobalPageOperation);
    KeInitializeEvent(&MmWaitPageEvent, SynchronizationEvent, FALSE);
    // Until we're fully demand paged, we can do things the old way through
    // the balance manager
    // CcInitView will override this...
    MmInitializeMemoryConsumer(MC_CACHE, MiRosTrimCache);
#else
    KeInitializeEvent(&MmWaitPageEvent, SynchronizationEvent, FALSE);
#endif
 
    MmKernelAddressSpace = &PsIdleProcess->Vm;
 
    /* Intialize system memory areas */
    MiInitSystemMemoryAreas();
 
    /* Dump the address space */
    MiDbgDumpAddressSpace();
 
    MmInitGlobalKernelPageDirectory();
    MmInitializeMemoryConsumer(MC_USER, MmTrimUserMemory);
    MmInitializeRmapList();
    MmInitSectionImplementation();
    MmInitPagingFile();
 
    //
    // Create a PTE to double-map the shared data section. We allocate it
    // from paged pool so that we can't fault when trying to touch the PTE
    // itself (to map it), since paged pool addresses will already be mapped
    // by the fault handler.
    //
    MmSharedUserDataPte = ExAllocatePoolWithTag(PagedPool,
                          sizeof(MMPTE),
                          TAG_MM);
    if (!MmSharedUserDataPte) return FALSE;
 
    //
    // Now get the PTE for shared data, and read the PFN that holds it
    //
    PointerPte = MiAddressToPte((PVOID)KI_USER_SHARED_DATA);
    ASSERT(PointerPte->u.Hard.Valid == 1);
    PageFrameNumber = PFN_FROM_PTE(PointerPte);
 
    /* Build the PTE and write it */
    MI_MAKE_HARDWARE_PTE_KERNEL(&TempPte,
                                PointerPte,
                                MM_READONLY,
                                PageFrameNumber);
    *MmSharedUserDataPte = TempPte;
 
    /* Initialize session working set support */
    MiInitializeSessionWsSupport();
 
    /* Setup session IDs */
    MiInitializeSessionIds();
 
    /* Setup the memory threshold events */
    if (!MiInitializeMemoryEvents()) return FALSE;
 
    /*
     * Unmap low memory
     */
    MiInitBalancerThread();
 
    /* Initialize the balance set manager */
    MmInitBsmThread();
 
    /* Loop the boot loaded images (under lock) */
    ExAcquireResourceExclusiveLite(&PsLoadedModuleResource, TRUE);
    for (ListEntry = PsLoadedModuleList.Flink;
         ListEntry != &PsLoadedModuleList;
         ListEntry = ListEntry->Flink)
    {
        /* Get the data table entry */
        DataTableEntry = CONTAINING_RECORD(ListEntry, LDR_DATA_TABLE_ENTRY, InLoadOrderLinks);
 
        /* Set up the image protection */
        MiWriteProtectSystemImage(DataTableEntry->DllBase);
    }
    ExReleaseResourceLite(&PsLoadedModuleResource);
 
    return TRUE;
}

Referenced by Phase1InitializationDiscard().

◆ MmInsertRmap()

VOID NTAPI MmInsertRmap	(	PFN_NUMBER	Page,
		struct _EPROCESS *	Process,
		PVOID	Address
	)

Referenced by MmAccessFaultSectionView(), MmNotPresentFaultSectionView(), and MmSetSectionAssociation().

◆ MmIsDataSectionResident()

BOOLEAN NTAPI MmIsDataSectionResident	(	_In_ PSECTION_OBJECT_POINTERS	SectionObjectPointer,
		_In_ LONGLONG	Offset,
		_In_ ULONG	Length
	)

Definition at line 4932 of file section.c.

{
    PMM_SECTION_SEGMENT Segment;
    LARGE_INTEGER RangeStart, RangeEnd;
    BOOLEAN Ret = TRUE;
 
    RangeStart.QuadPart = Offset;
    if (!NT_SUCCESS(RtlLongLongAdd(RangeStart.QuadPart, Length, &RangeEnd.QuadPart)))
        return FALSE;
 
    Segment = MiGrabDataSection(SectionObjectPointer);
    if (!Segment)
        return FALSE;
 
    /* Find byte offset of the page to start */
    RangeStart.QuadPart = PAGE_ROUND_DOWN_64(RangeStart.QuadPart);
 
    MmLockSectionSegment(Segment);
 
    while (RangeStart.QuadPart < RangeEnd.QuadPart)
    {
        ULONG_PTR Entry = MmGetPageEntrySectionSegment(Segment, &RangeStart);
        if ((Entry == 0) || IS_SWAP_FROM_SSE(Entry))
        {
            Ret = FALSE;
            break;
        }
 
        RangeStart.QuadPart += PAGE_SIZE;
    }
 
    MmUnlockSectionSegment(Segment);
    MmDereferenceSegment(Segment);
 
    return Ret;
}

Referenced by CcRosEnsureVacbResident().

◆ MmIsDisabledPage()

BOOLEAN NTAPI MmIsDisabledPage	(	struct _EPROCESS *	Process,
		PVOID	Address
	)

Referenced by MmAlterViewAttributes(), and MmNotPresentFaultSectionView().

◆ MmIsFileObjectAPagingFile()

BOOLEAN NTAPI MmIsFileObjectAPagingFile ( PFILE_OBJECT FileObject )

Definition at line 119 of file pagefile.c.

{
    ULONG i;
 
    /* Loop through all the paging files */
    for (i = 0; i < MmNumberOfPagingFiles; i++)
    {
        /* Check if this is one of them */
        if (MmPagingFile[i]->FileObject == FileObject) return TRUE;
    }
 
    /* Nothing found */
    return FALSE;
}

Referenced by FsRtlIsPagingFile(), and IoPageRead().

◆ MmIsPageInUse()

BOOLEAN NTAPI MmIsPageInUse ( PFN_NUMBER Page )

Definition at line 559 of file freelist.c.

{
    return MiIsPfnInUse(MiGetPfnEntry(Pfn));
}

Referenced by MmCreateVirtualMapping().

◆ MmIsPagePresent()

BOOLEAN NTAPI MmIsPagePresent	(	struct _EPROCESS *	Process,
		PVOID	Address
	)

Referenced by MmAccessFaultSectionView(), MmAlterViewAttributes(), and MmNotPresentFaultSectionView().

◆ MmIsPageSwapEntry()

BOOLEAN NTAPI MmIsPageSwapEntry	(	struct _EPROCESS *	Process,
		PVOID	Address
	)

Referenced by MmFreeMemoryArea(), MmNotPresentFaultSectionView(), and MmPageOutCacheSection().

◆ MmIsSessionAddress()

BOOLEAN NTAPI MmIsSessionAddress ( IN PVOID Address )

Definition at line 48 of file session.c.

{
    /* Check if it is in range */
    return MI_IS_SESSION_ADDRESS(Address) ? TRUE : FALSE;
}

Referenced by KdpQueryMemory().

◆ MmIsSpecialPoolAddress()

BOOLEAN NTAPI MmIsSpecialPoolAddress ( IN PVOID P )

Referenced by ExAllocatePoolWithQuotaTag(), ExFreePoolWithTag(), ExReturnPoolQuota(), and KeBugCheckWithTf().

◆ MmIsSpecialPoolAddressFree()

BOOLEAN NTAPI MmIsSpecialPoolAddressFree ( IN PVOID P )

Referenced by KeBugCheckWithTf().

◆ MmLoadSystemImage()

NTSTATUS NTAPI MmLoadSystemImage	(	IN PUNICODE_STRING	FileName,
		IN PUNICODE_STRING NamePrefix	OPTIONAL,
		IN PUNICODE_STRING LoadedName	OPTIONAL,
		IN ULONG	Flags,
		OUT PVOID *	ModuleObject,
		OUT PVOID *	ImageBaseAddress
	)

Definition at line 2949 of file sysldr.c.

{
    PVOID ModuleLoadBase = NULL;
    NTSTATUS Status;
    HANDLE FileHandle = NULL;
    OBJECT_ATTRIBUTES ObjectAttributes;
    IO_STATUS_BLOCK IoStatusBlock;
    PIMAGE_NT_HEADERS NtHeader;
    UNICODE_STRING BaseName, BaseDirectory, PrefixName;
    PLDR_DATA_TABLE_ENTRY LdrEntry = NULL;
    ULONG EntrySize, DriverSize;
    PLOAD_IMPORTS LoadedImports = MM_SYSLDR_NO_IMPORTS;
    PCHAR MissingApiName, Buffer;
    PWCHAR MissingDriverName, PrefixedBuffer = NULL;
    HANDLE SectionHandle;
    ACCESS_MASK DesiredAccess;
    PSECTION Section = NULL;
    BOOLEAN LockOwned = FALSE;
    PLIST_ENTRY NextEntry;
    IMAGE_INFO ImageInfo;
 
    PAGED_CODE();
 
    /* Detect session-load */
    if (Flags)
    {
        /* Sanity checks */
        ASSERT(NamePrefix == NULL);
        ASSERT(LoadedName == NULL);
 
        /* Make sure the process is in session too */
        if (!PsGetCurrentProcess()->ProcessInSession) return STATUS_NO_MEMORY;
    }
 
    /* Allocate a buffer we'll use for names */
    Buffer = ExAllocatePoolWithTag(NonPagedPool,
                                   MAXIMUM_FILENAME_LENGTH,
                                   TAG_LDR_WSTR);
    if (!Buffer) return STATUS_INSUFFICIENT_RESOURCES;
 
    /* Check for a separator */
    if (FileName->Buffer[0] == OBJ_NAME_PATH_SEPARATOR)
    {
        PWCHAR p;
        ULONG BaseLength;
 
        /* Loop the path until we get to the base name */
        p = &FileName->Buffer[FileName->Length / sizeof(WCHAR)];
        while (*(p - 1) != OBJ_NAME_PATH_SEPARATOR) p--;
 
        /* Get the length */
        BaseLength = (ULONG)(&FileName->Buffer[FileName->Length / sizeof(WCHAR)] - p);
        BaseLength *= sizeof(WCHAR);
 
        /* Setup the string */
        BaseName.Length = (USHORT)BaseLength;
        BaseName.Buffer = p;
    }
    else
    {
        /* Otherwise, we already have a base name */
        BaseName.Length = FileName->Length;
        BaseName.Buffer = FileName->Buffer;
    }
 
    /* Setup the maximum length */
    BaseName.MaximumLength = BaseName.Length;
 
    /* Now compute the base directory */
    BaseDirectory = *FileName;
    BaseDirectory.Length -= BaseName.Length;
    BaseDirectory.MaximumLength = BaseDirectory.Length;
 
    /* And the prefix, which for now is just the name itself */
    PrefixName = *FileName;
 
    /* Check if we have a prefix */
    if (NamePrefix)
    {
        /* Check if "directory + prefix" is too long for the string */
        Status = RtlUShortAdd(BaseDirectory.Length,
                              NamePrefix->Length,
                              &PrefixName.MaximumLength);
        if (!NT_SUCCESS(Status))
        {
            Status = STATUS_INVALID_PARAMETER;
            goto Quickie;
        }
 
        /* Check if "directory + prefix + basename" is too long for the string */
        Status = RtlUShortAdd(PrefixName.MaximumLength,
                              BaseName.Length,
                              &PrefixName.MaximumLength);
        if (!NT_SUCCESS(Status))
        {
            Status = STATUS_INVALID_PARAMETER;
            goto Quickie;
        }
 
        /* Allocate the buffer exclusively used for prefixed name */
        PrefixedBuffer = ExAllocatePoolWithTag(PagedPool,
                                               PrefixName.MaximumLength,
                                               TAG_LDR_WSTR);
        if (!PrefixedBuffer)
        {
            Status = STATUS_INSUFFICIENT_RESOURCES;
            goto Quickie;
        }
 
        /* Clear out the prefixed name string */
        PrefixName.Buffer = PrefixedBuffer;
        PrefixName.Length = 0;
 
        /* Concatenate the strings */
        RtlAppendUnicodeStringToString(&PrefixName, &BaseDirectory);
        RtlAppendUnicodeStringToString(&PrefixName, NamePrefix);
        RtlAppendUnicodeStringToString(&PrefixName, &BaseName);
 
        /* Now the base name of the image becomes the prefixed version */
        BaseName.Buffer = &(PrefixName.Buffer[BaseDirectory.Length / sizeof(WCHAR)]);
        BaseName.Length += NamePrefix->Length;
        BaseName.MaximumLength = (PrefixName.MaximumLength - BaseDirectory.Length);
    }
 
    /* Check if we already have a name, use it instead */
    if (LoadedName) BaseName = *LoadedName;
 
    /* Check for loader snap debugging */
    if (NtGlobalFlag & FLG_SHOW_LDR_SNAPS)
    {
        /* Print out standard string */
        DPRINT1("MM:SYSLDR Loading %wZ (%wZ) %s\n",
                &PrefixName, &BaseName, Flags ? "in session space" : "");
    }
 
    /* Acquire the load lock */
LoaderScan:
    ASSERT(LockOwned == FALSE);
    LockOwned = TRUE;
    KeEnterCriticalRegion();
    KeWaitForSingleObject(&MmSystemLoadLock,
                          WrVirtualMemory,
                          KernelMode,
                          FALSE,
                          NULL);
 
    /* Scan the module list */
    NextEntry = PsLoadedModuleList.Flink;
    while (NextEntry != &PsLoadedModuleList)
    {
        /* Get the entry and compare the names */
        LdrEntry = CONTAINING_RECORD(NextEntry,
                                     LDR_DATA_TABLE_ENTRY,
                                     InLoadOrderLinks);
        if (RtlEqualUnicodeString(&PrefixName, &LdrEntry->FullDllName, TRUE))
        {
            /* Found it, break out */
            break;
        }
 
        /* Keep scanning */
        NextEntry = NextEntry->Flink;
    }
 
    /* Check if we found the image */
    if (NextEntry != &PsLoadedModuleList)
    {
        /* Check if we had already mapped a section */
        if (Section)
        {
            /* Dereference and clear */
            ObDereferenceObject(Section);
            Section = NULL;
        }
 
        /* Check if this was supposed to be a session load */
        if (!Flags)
        {
            /* It wasn't, so just return the data */
            *ModuleObject = LdrEntry;
            *ImageBaseAddress = LdrEntry->DllBase;
            Status = STATUS_IMAGE_ALREADY_LOADED;
        }
        else
        {
            /* We don't support session loading yet */
            UNIMPLEMENTED_DBGBREAK("Unsupported Session-Load!\n");
            Status = STATUS_NOT_IMPLEMENTED;
        }
 
        /* Do cleanup */
        goto Quickie;
    }
    else if (!Section)
    {
        /* It wasn't loaded, and we didn't have a previous attempt */
        KeReleaseMutant(&MmSystemLoadLock, MUTANT_INCREMENT, FALSE, FALSE);
        KeLeaveCriticalRegion();
        LockOwned = FALSE;
 
        /* Check if KD is enabled */
        if ((KdDebuggerEnabled) && !(KdDebuggerNotPresent))
        {
            /* FIXME: Attempt to get image from KD */
        }
 
        /* We don't have a valid entry */
        LdrEntry = NULL;
 
        /* Setup image attributes */
        InitializeObjectAttributes(&ObjectAttributes,
                                   FileName,
                                   OBJ_CASE_INSENSITIVE | OBJ_KERNEL_HANDLE,
                                   NULL,
                                   NULL);
 
        /* Open the image */
        Status = ZwOpenFile(&FileHandle,
                            FILE_EXECUTE,
                            &ObjectAttributes,
                            &IoStatusBlock,
                            FILE_SHARE_READ | FILE_SHARE_DELETE,
                            0);
        if (!NT_SUCCESS(Status))
        {
            DPRINT1("ZwOpenFile failed for '%wZ' with status 0x%x\n",
                    FileName, Status);
            goto Quickie;
        }
 
        /* Validate it */
        Status = MmCheckSystemImage(FileHandle);
        if ((Status == STATUS_IMAGE_CHECKSUM_MISMATCH) ||
            (Status == STATUS_IMAGE_MP_UP_MISMATCH) ||
            (Status == STATUS_INVALID_IMAGE_PROTECT))
        {
            /* Fail loading */
            goto Quickie;
        }
 
        /* Check if this is a session-load */
        if (Flags)
        {
            /* Then we only need read and execute */
            DesiredAccess = SECTION_MAP_READ | SECTION_MAP_EXECUTE;
        }
        else
        {
            /* Otherwise, we can allow write access */
            DesiredAccess = SECTION_ALL_ACCESS;
        }
 
        /* Initialize the attributes for the section */
        InitializeObjectAttributes(&ObjectAttributes,
                                   NULL,
                                   OBJ_CASE_INSENSITIVE | OBJ_KERNEL_HANDLE,
                                   NULL,
                                   NULL);
 
        /* Create the section */
        Status = ZwCreateSection(&SectionHandle,
                                 DesiredAccess,
                                 &ObjectAttributes,
                                 NULL,
                                 PAGE_EXECUTE,
                                 SEC_IMAGE,
                                 FileHandle);
        if (!NT_SUCCESS(Status))
        {
            DPRINT1("ZwCreateSection failed with status 0x%x\n", Status);
            goto Quickie;
        }
 
        /* Now get the section pointer */
        Status = ObReferenceObjectByHandle(SectionHandle,
                                           SECTION_MAP_EXECUTE,
                                           MmSectionObjectType,
                                           KernelMode,
                                           (PVOID*)&Section,
                                           NULL);
        ZwClose(SectionHandle);
        if (!NT_SUCCESS(Status)) goto Quickie;
 
        /* Check if this was supposed to be a session-load */
        if (Flags)
        {
            /* We don't support session loading yet */
            UNIMPLEMENTED_DBGBREAK("Unsupported Session-Load!\n");
            goto Quickie;
        }
 
        /* Check the loader list again, we should end up in the path below */
        goto LoaderScan;
    }
    else
    {
        /* We don't have a valid entry */
        LdrEntry = NULL;
    }
 
    /* Load the image */
    Status = MiLoadImageSection(&Section,
                                &ModuleLoadBase,
                                FileName,
                                FALSE,
                                NULL);
    ASSERT(Status != STATUS_ALREADY_COMMITTED);
 
    /* Get the size of the driver */
    DriverSize = ((PMM_IMAGE_SECTION_OBJECT)Section->Segment)->ImageInformation.ImageFileSize;
 
    /* Make sure we're not being loaded into session space */
    if (!Flags)
    {
        /* Check for success */
        if (NT_SUCCESS(Status))
        {
            /* Support large pages for drivers */
            MiUseLargeDriverPage(DriverSize / PAGE_SIZE,
                                 &ModuleLoadBase,
                                 &BaseName,
                                 TRUE);
        }
 
        /* Dereference the section */
        ObDereferenceObject(Section);
        Section = NULL;
    }
 
    /* Check for failure of the load earlier */
    if (!NT_SUCCESS(Status))
    {
        DPRINT1("MiLoadImageSection failed with status 0x%x\n", Status);
        goto Quickie;
    }
 
    /* Relocate the driver */
    Status = LdrRelocateImageWithBias(ModuleLoadBase,
                                      0,
                                      "SYSLDR",
                                      STATUS_SUCCESS,
                                      STATUS_CONFLICTING_ADDRESSES,
                                      STATUS_INVALID_IMAGE_FORMAT);
    if (!NT_SUCCESS(Status))
    {
        DPRINT1("LdrRelocateImageWithBias failed with status 0x%x\n", Status);
        goto Quickie;
    }
 
    /* Get the NT Header */
    NtHeader = RtlImageNtHeader(ModuleLoadBase);
 
    /* Calculate the size we'll need for the entry and allocate it */
    EntrySize = sizeof(LDR_DATA_TABLE_ENTRY) +
                BaseName.Length +
                sizeof(UNICODE_NULL);
 
    /* Allocate the entry */
    LdrEntry = ExAllocatePoolWithTag(NonPagedPool, EntrySize, TAG_MODULE_OBJECT);
    if (!LdrEntry)
    {
        /* Fail */
        Status = STATUS_INSUFFICIENT_RESOURCES;
        goto Quickie;
    }
 
    /* Setup the entry */
    LdrEntry->Flags = LDRP_LOAD_IN_PROGRESS;
    LdrEntry->LoadCount = 1;
    LdrEntry->LoadedImports = LoadedImports;
    LdrEntry->PatchInformation = NULL;
 
    /* Check the version */
    if ((NtHeader->OptionalHeader.MajorOperatingSystemVersion >= 5) &&
        (NtHeader->OptionalHeader.MajorImageVersion >= 5))
    {
        /* Mark this image as a native image */
        LdrEntry->Flags |= LDRP_ENTRY_NATIVE;
    }
 
    /* Setup the rest of the entry */
    LdrEntry->DllBase = ModuleLoadBase;
    LdrEntry->EntryPoint = (PVOID)((ULONG_PTR)ModuleLoadBase +
                                   NtHeader->OptionalHeader.AddressOfEntryPoint);
    LdrEntry->SizeOfImage = DriverSize;
    LdrEntry->CheckSum = NtHeader->OptionalHeader.CheckSum;
    LdrEntry->SectionPointer = Section;
 
    /* Now write the DLL name */
    LdrEntry->BaseDllName.Buffer = (PVOID)(LdrEntry + 1);
    LdrEntry->BaseDllName.Length = BaseName.Length;
    LdrEntry->BaseDllName.MaximumLength = BaseName.Length;
 
    /* Copy and null-terminate it */
    RtlCopyMemory(LdrEntry->BaseDllName.Buffer,
                  BaseName.Buffer,
                  BaseName.Length);
    LdrEntry->BaseDllName.Buffer[BaseName.Length / sizeof(WCHAR)] = UNICODE_NULL;
 
    /* Now allocate the full name */
    LdrEntry->FullDllName.Buffer = ExAllocatePoolWithTag(PagedPool,
                                                         PrefixName.Length +
                                                         sizeof(UNICODE_NULL),
                                                         TAG_LDR_WSTR);
    if (!LdrEntry->FullDllName.Buffer)
    {
        /* Don't fail, just set it to zero */
        LdrEntry->FullDllName.Length = 0;
        LdrEntry->FullDllName.MaximumLength = 0;
    }
    else
    {
        /* Set it up */
        LdrEntry->FullDllName.Length = PrefixName.Length;
        LdrEntry->FullDllName.MaximumLength = PrefixName.Length;
 
        /* Copy and null-terminate */
        RtlCopyMemory(LdrEntry->FullDllName.Buffer,
                      PrefixName.Buffer,
                      PrefixName.Length);
        LdrEntry->FullDllName.Buffer[PrefixName.Length / sizeof(WCHAR)] = UNICODE_NULL;
    }
 
    /* Add the entry */
    MiProcessLoaderEntry(LdrEntry, TRUE);
 
    /* Resolve imports */
    MissingApiName = Buffer;
    MissingDriverName = NULL;
    Status = MiResolveImageReferences(ModuleLoadBase,
                                      &BaseDirectory,
                                      NULL,
                                      &MissingApiName,
                                      &MissingDriverName,
                                      &LoadedImports);
    if (!NT_SUCCESS(Status))
    {
        BOOLEAN NeedToFreeString = FALSE;
 
        /* If the lowest bit is set to 1, this is a hint that we need to free */
        if (*(ULONG_PTR*)&MissingDriverName & 1)
        {
            NeedToFreeString = TRUE;
            *(ULONG_PTR*)&MissingDriverName &= ~1;
        }
 
        DPRINT1("MiResolveImageReferences failed with status 0x%x\n", Status);
        DPRINT1(" Missing driver '%ls', missing API '%s'\n",
                MissingDriverName, MissingApiName);
 
        if (NeedToFreeString)
        {
            ExFreePoolWithTag(MissingDriverName, TAG_LDR_WSTR);
        }
 
        /* Fail */
        MiProcessLoaderEntry(LdrEntry, FALSE);
 
        /* Check if we need to free the name */
        if (LdrEntry->FullDllName.Buffer)
        {
            /* Free it */
            ExFreePoolWithTag(LdrEntry->FullDllName.Buffer, TAG_LDR_WSTR);
        }
 
        /* Free the entry itself */
        ExFreePoolWithTag(LdrEntry, TAG_MODULE_OBJECT);
        LdrEntry = NULL;
        goto Quickie;
    }
 
    /* Update the loader entry */
    LdrEntry->Flags |= (LDRP_SYSTEM_MAPPED |
                        LDRP_ENTRY_PROCESSED |
                        LDRP_MM_LOADED);
    LdrEntry->Flags &= ~LDRP_LOAD_IN_PROGRESS;
    LdrEntry->LoadedImports = LoadedImports;
 
    /* FIXME: Call driver verifier's loader function */
 
    /* Write-protect the system image */
    MiWriteProtectSystemImage(LdrEntry->DllBase);
 
    /* Initialize the security cookie (Win7 is not doing this yet!) */
    LdrpInitSecurityCookie(LdrEntry);
 
    /* Check if notifications are enabled */
    if (PsImageNotifyEnabled)
    {
        /* Fill out the notification data */
        ImageInfo.Properties = 0;
        ImageInfo.ImageAddressingMode = IMAGE_ADDRESSING_MODE_32BIT;
        ImageInfo.SystemModeImage = TRUE;
        ImageInfo.ImageSize = LdrEntry->SizeOfImage;
        ImageInfo.ImageBase = LdrEntry->DllBase;
        ImageInfo.ImageSectionNumber = ImageInfo.ImageSelector = 0;
 
        /* Send the notification */
        PspRunLoadImageNotifyRoutines(FileName, NULL, &ImageInfo);
    }
 
#ifdef __ROS_ROSSYM__
    /* MiCacheImageSymbols doesn't detect rossym */
    if (TRUE)
#else
    /* Check if there's symbols */
    if (MiCacheImageSymbols(LdrEntry->DllBase))
#endif
    {
        UNICODE_STRING UnicodeTemp;
        STRING AnsiTemp;
 
        /* Check if the system root is present */
        if ((PrefixName.Length > (11 * sizeof(WCHAR))) &&
            !(_wcsnicmp(PrefixName.Buffer, L"\\SystemRoot", 11)))
        {
            /* Add the system root */
            UnicodeTemp = PrefixName;
            UnicodeTemp.Buffer += 11;
            UnicodeTemp.Length -= (11 * sizeof(WCHAR));
            RtlStringCbPrintfA(Buffer,
                               MAXIMUM_FILENAME_LENGTH,
                               "%ws%wZ",
                               &SharedUserData->NtSystemRoot[2],
                               &UnicodeTemp);
        }
        else
        {
            /* Build the name */
            RtlStringCbPrintfA(Buffer, MAXIMUM_FILENAME_LENGTH,
                               "%wZ", &BaseName);
        }
 
        /* Setup the ANSI string */
        RtlInitString(&AnsiTemp, Buffer);
 
        /* Notify the debugger */
        DbgLoadImageSymbols(&AnsiTemp,
                            LdrEntry->DllBase,
                            (ULONG_PTR)PsGetCurrentProcessId());
        LdrEntry->Flags |= LDRP_DEBUG_SYMBOLS_LOADED;
    }
 
    /* Page the driver */
    ASSERT(Section == NULL);
    MiEnablePagingOfDriver(LdrEntry);
 
    /* Return pointers */
    *ModuleObject = LdrEntry;
    *ImageBaseAddress = LdrEntry->DllBase;
 
Quickie:
    /* Check if we have the lock acquired */
    if (LockOwned)
    {
        /* Release the lock */
        KeReleaseMutant(&MmSystemLoadLock, MUTANT_INCREMENT, FALSE, FALSE);
        KeLeaveCriticalRegion();
        LockOwned = FALSE;
    }
 
    /* If we have a file handle, close it */
    if (FileHandle) ZwClose(FileHandle);
 
    /* If we have allocated a prefixed name buffer, free it */
    if (PrefixedBuffer) ExFreePoolWithTag(PrefixedBuffer, TAG_LDR_WSTR);
 
    /* Free the name buffer and return status */
    ExFreePoolWithTag(Buffer, TAG_LDR_WSTR);
    return Status;
}

Referenced by IopLoadDriver(), MiResolveImageReferences(), and SSI_DEF().

◆ MmLocateMemoryAreaByAddress()

PMEMORY_AREA NTAPI MmLocateMemoryAreaByAddress	(	PMMSUPPORT	AddressSpace,
		PVOID	Address
	)

Definition at line 60 of file marea.c.

{
    ULONG_PTR StartVpn = (ULONG_PTR)Address_ / PAGE_SIZE;
    PEPROCESS Process;
    PMM_AVL_TABLE Table;
    PMMADDRESS_NODE Node;
    PMEMORY_AREA MemoryArea;
    TABLE_SEARCH_RESULT Result;
    PMMVAD_LONG Vad;
 
    Process = MmGetAddressSpaceOwner(AddressSpace);
    Table = (Process != NULL) ? &Process->VadRoot : &MiRosKernelVadRoot;
 
    Result = MiCheckForConflictingNode(StartVpn, StartVpn, Table, &Node);
    if (Result != TableFoundNode)
    {
        return NULL;
    }
 
    Vad = (PMMVAD_LONG)Node;
    if (Vad->u.VadFlags.Spare == 0)
    {
        /* Check if this is VM VAD */
        if (Vad->ControlArea == NULL)
        {
            /* We store the reactos MEMORY_AREA here */
            MemoryArea = (PMEMORY_AREA)Vad->FirstPrototypePte;
        }
        else
        {
            /* This is a section VAD. Store the MAREA here for now */
            MemoryArea = (PMEMORY_AREA)Vad->u4.Banked;
        }
    }
    else
    {
        MemoryArea = (PMEMORY_AREA)Node;
    }
 
    return MemoryArea;
}

Referenced by MiProtectVirtualMemory(), MiQueryMemoryBasicInformation(), MiRosProtectVirtualMemory(), MiRosUnmapViewOfSection(), MiUnmapViewOfSection(), MmAccessFault(), MmAlterViewAttributes(), MmNotPresentFault(), MmpAccessFault(), MmPageOutPhysicalAddress(), MmpPageOutPhysicalAddress(), MmUnmapViewInSystemSpace(), MmUnmapViewOfSegment(), NtAllocateVirtualMemory(), and NtFreeVirtualMemory().

◆ MmLocateMemoryAreaByRegion()

PMEMORY_AREA NTAPI MmLocateMemoryAreaByRegion	(	PMMSUPPORT	AddressSpace,
		PVOID	Address,
		SIZE_T	Length
	)

Definition at line 106 of file marea.c.

{
    ULONG_PTR StartVpn = (ULONG_PTR)Address_ / PAGE_SIZE;
    ULONG_PTR EndVpn = ((ULONG_PTR)Address_ + Length - 1) / PAGE_SIZE;
    PEPROCESS Process;
    PMM_AVL_TABLE Table;
    PMMADDRESS_NODE Node;
    PMEMORY_AREA MemoryArea;
    TABLE_SEARCH_RESULT Result;
    PMMVAD_LONG Vad;
 
    Process = MmGetAddressSpaceOwner(AddressSpace);
    Table = (Process != NULL) ? &Process->VadRoot : &MiRosKernelVadRoot;
 
    Result = MiCheckForConflictingNode(StartVpn, EndVpn, Table, &Node);
    if (Result != TableFoundNode)
    {
        return NULL;
    }
 
    Vad = (PMMVAD_LONG)Node;
    if (Vad->u.VadFlags.Spare == 0)
    {
        /* Check if this is VM VAD */
        if (Vad->ControlArea == NULL)
        {
            /* We store the reactos MEMORY_AREA here */
            MemoryArea = (PMEMORY_AREA)Vad->FirstPrototypePte;
        }
        else
        {
            /* This is a section VAD. Store the MAREA here for now */
            MemoryArea = (PMEMORY_AREA)Vad->u4.Banked;
        }
    }
    else
    {
        MemoryArea = (PMEMORY_AREA)Node;
    }
 
    ASSERT(MemoryArea != NULL);
    return MemoryArea;
}

Referenced by MmCreateMemoryArea(), and MmMapViewOfSection().

◆ MmLockAddressSpace()

FORCEINLINE VOID MmLockAddressSpace ( PMMSUPPORT AddressSpace )

Definition at line 1703 of file mm.h.

{
    ASSERT(!PsGetCurrentThread()->OwnsProcessWorkingSetExclusive);
    ASSERT(!PsGetCurrentThread()->OwnsProcessWorkingSetShared);
    ASSERT(!PsGetCurrentThread()->OwnsSystemWorkingSetExclusive);
    ASSERT(!PsGetCurrentThread()->OwnsSystemWorkingSetShared);
    ASSERT(!PsGetCurrentThread()->OwnsSessionWorkingSetExclusive);
    ASSERT(!PsGetCurrentThread()->OwnsSessionWorkingSetShared);
    KeAcquireGuardedMutex(&CONTAINING_RECORD(AddressSpace, EPROCESS, Vm)->AddressCreationLock);
}

Referenced by MiInitSystemMemoryAreas(), MiLockVirtualMemory(), MiMapLockedPagesInUserSpace(), MiProtectVirtualMemory(), MiQueryMemoryBasicInformation(), MiRosProtectVirtualMemory(), MiUnlockVirtualMemory(), MiUnmapLockedPagesInUserSpace(), MiUnmapViewOfSection(), MmAlterViewAttributes(), MmCleanProcessAddressSpace(), MmFreeSectionPage(), MmGetFileNameForAddress(), MmMapViewInSystemSpaceEx(), MmMapViewOfSection(), MmNotPresentFault(), MmNotPresentFaultSectionView(), MmpAccessFault(), MmPageOutPhysicalAddress(), MmpPageOutPhysicalAddress(), MmUnmapViewInSystemSpace(), MmUnmapViewOfSegment(), NtAllocateVirtualMemory(), NtAreMappedFilesTheSame(), and NtFreeVirtualMemory().

◆ MmMakeDataSectionResident()

NTSTATUS NTAPI MmMakeDataSectionResident	(	_In_ PSECTION_OBJECT_POINTERS	SectionObjectPointer,
		_In_ LONGLONG	Offset,
		_In_ ULONG	Length,
		_In_ PLARGE_INTEGER	ValidDataLength
	)

Definition at line 4974 of file section.c.

{
    PMM_SECTION_SEGMENT Segment = MiGrabDataSection(SectionObjectPointer);
 
    /* There must be a segment for this call */
    ASSERT(Segment);
 
    NTSTATUS Status = MmMakeSegmentResident(Segment, Offset, Length, ValidDataLength, FALSE);
 
    MmDereferenceSegment(Segment);
 
    return Status;
}

Referenced by CcRosEnsureVacbResident().

◆ MmMakeKernelResourceSectionWritable()

VOID NTAPI MmMakeKernelResourceSectionWritable ( VOID )

Definition at line 2362 of file sysldr.c.

{
    /* Don't do anything if the resource section is already writable */
    if (MiKernelResourceStartPte == NULL || MiKernelResourceEndPte == NULL)
        return;
 
    /* If the resource section is physical, we cannot change its protection */
    if (MI_IS_PHYSICAL_ADDRESS(MiPteToAddress(MiKernelResourceStartPte)))
        return;
 
    if (MmChangeKernelResourceSectionProtection(MM_READWRITE))
    {
        /*
         * Invalidate the cached resource section PTEs
         * so as to not change its protection again later.
         */
        MiKernelResourceStartPte = NULL;
        MiKernelResourceEndPte = NULL;
    }
}

Referenced by KeGetBugMessageText().

◆ MmMakeSegmentDirty()

NTSTATUS NTAPI MmMakeSegmentDirty	(	_In_ PSECTION_OBJECT_POINTERS	SectionObjectPointer,
		_In_ LONGLONG	Offset,
		_In_ ULONG	Length
	)

Definition at line 4994 of file section.c.

{
    PMM_SECTION_SEGMENT Segment;
    LARGE_INTEGER RangeStart, RangeEnd;
    NTSTATUS Status;
 
    RangeStart.QuadPart = Offset;
    Status = RtlLongLongAdd(RangeStart.QuadPart, Length, &RangeEnd.QuadPart);
    if (!NT_SUCCESS(Status))
        return Status;
 
    Segment = MiGrabDataSection(SectionObjectPointer);
    if (!Segment)
        return STATUS_NOT_MAPPED_VIEW;
 
    /* Find byte offset of the page to start */
    RangeStart.QuadPart = PAGE_ROUND_DOWN_64(RangeStart.QuadPart);
 
    MmLockSectionSegment(Segment);
 
    while (RangeStart.QuadPart < RangeEnd.QuadPart)
    {
        ULONG_PTR Entry = MmGetPageEntrySectionSegment(Segment, &RangeStart);
 
        /* Let any pending read proceed */
        while (MM_IS_WAIT_PTE(Entry))
        {
            MmUnlockSectionSegment(Segment);
            KeDelayExecutionThread(KernelMode, FALSE, &TinyTime);
            MmLockSectionSegment(Segment);
            Entry = MmGetPageEntrySectionSegment(Segment, &RangeStart);
        }
 
        /* We are called from Cc, this can't be backed by the page files */
        ASSERT(!IS_SWAP_FROM_SSE(Entry));
 
        /* If there is no page there, there is nothing to make dirty */
        if (Entry != 0)
        {
            /* Dirtify the entry */
            MmSetPageEntrySectionSegment(Segment, &RangeStart, DIRTY_SSE(Entry));
        }
 
        RangeStart.QuadPart += PAGE_SIZE;
    }
 
    MmUnlockSectionSegment(Segment);
    MmDereferenceSegment(Segment);
 
    return STATUS_SUCCESS;
}

Referenced by CcCopyWrite(), CcSetDirtyPinnedData(), and CcZeroData().

◆ MmMapViewInSystemSpaceEx()

NTSTATUS NTAPI MmMapViewInSystemSpaceEx	(	_In_ PVOID	Section,
		_Outptr_result_bytebuffer_ ViewSize PVOID	MappedBase,
		_Inout_ PSIZE_T	ViewSize,
		_Inout_ PLARGE_INTEGER	SectionOffset,
		_In_ ULONG_PTR	Flags
	)

Definition at line 4465 of file section.c.

{
    PSECTION Section = SectionObject;
    PMM_SECTION_SEGMENT Segment;
    PMMSUPPORT AddressSpace;
    NTSTATUS Status;
 
    UNREFERENCED_PARAMETER(Flags);
 
    PAGED_CODE();
 
    if (MiIsRosSectionObject(SectionObject) == FALSE)
    {
        return MiMapViewInSystemSpace(SectionObject,
                                      &MmSession,
                                      MappedBase,
                                      ViewSize,
                                      SectionOffset);
    }
 
    DPRINT("MmMapViewInSystemSpaceEx() called\n");
 
    /* unsupported for now */
    ASSERT(Section->u.Flags.Image == 0);
 
    Section = SectionObject;
    Segment = (PMM_SECTION_SEGMENT)Section->Segment;
 
    if (*ViewSize == 0)
    {
        LONGLONG MapSizeLL;
 
        /* Page-align the mapping */
        SectionOffset->LowPart = PAGE_ROUND_DOWN(SectionOffset->LowPart);
 
        if (!NT_SUCCESS(RtlLongLongSub(Section->SizeOfSection.QuadPart, SectionOffset->QuadPart, &MapSizeLL)))
            return STATUS_INVALID_VIEW_SIZE;
 
        if (!NT_SUCCESS(RtlLongLongToSIZET(MapSizeLL, ViewSize)))
            return STATUS_INVALID_VIEW_SIZE;
    }
    else
    {
        LONGLONG HelperLL;
 
        /* Get the map end */
        if (!NT_SUCCESS(RtlLongLongAdd(SectionOffset->QuadPart, *ViewSize, &HelperLL)))
            return STATUS_INVALID_VIEW_SIZE;
 
        /* Round it up, if needed */
        if (HelperLL % PAGE_SIZE)
        {
            if (!NT_SUCCESS(RtlLongLongAdd(HelperLL, PAGE_SIZE - (HelperLL % PAGE_SIZE), &HelperLL)))
                return STATUS_INVALID_VIEW_SIZE;
        }
 
        /* Now that we have the mapping end, we can align down its start */
        SectionOffset->LowPart = PAGE_ROUND_DOWN(SectionOffset->LowPart);
 
        /* Get the new size */
        if (!NT_SUCCESS(RtlLongLongSub(HelperLL, SectionOffset->QuadPart, &HelperLL)))
            return STATUS_INVALID_VIEW_SIZE;
 
        if (!NT_SUCCESS(RtlLongLongToSIZET(HelperLL, ViewSize)))
            return STATUS_INVALID_VIEW_SIZE;
    }
 
    AddressSpace = MmGetKernelAddressSpace();
 
    MmLockAddressSpace(AddressSpace);
 
    MmLockSectionSegment(Segment);
 
    Status = MmMapViewOfSegment(AddressSpace,
                                Section->u.Flags.Image,
                                Segment,
                                MappedBase,
                                *ViewSize,
                                PAGE_READWRITE,
                                SectionOffset->QuadPart,
                                SEC_RESERVE);
 
    MmUnlockSectionSegment(Segment);
    MmUnlockAddressSpace(AddressSpace);
 
    return Status;
}

Referenced by CcRosCreateVacb(), and MmMapViewInSystemSpace().

◆ MmNotPresentFaultSectionView()

NTSTATUS NTAPI MmNotPresentFaultSectionView	(	PMMSUPPORT	AddressSpace,
		MEMORY_AREA *	MemoryArea,
		PVOID	Address,
		BOOLEAN	Locked
	)

Definition at line 1537 of file section.c.

{
    LARGE_INTEGER Offset;
    PFN_NUMBER Page;
    NTSTATUS Status;
    PMM_SECTION_SEGMENT Segment;
    ULONG_PTR Entry;
    ULONG_PTR Entry1;
    ULONG Attributes;
    PMM_REGION Region;
    BOOLEAN HasSwapEntry;
    PVOID PAddress;
    PEPROCESS Process = MmGetAddressSpaceOwner(AddressSpace);
    SWAPENTRY SwapEntry;
 
    ASSERT(Locked);
 
    /*
     * There is a window between taking the page fault and locking the
     * address space when another thread could load the page so we check
     * that.
     */
    if (MmIsPagePresent(Process, Address))
    {
        return STATUS_SUCCESS;
    }
 
    if (MmIsDisabledPage(Process, Address))
    {
        return STATUS_ACCESS_VIOLATION;
    }
 
    /*
     * Check for the virtual memory area being deleted.
     */
    if (MemoryArea->DeleteInProgress)
    {
        return STATUS_UNSUCCESSFUL;
    }
 
    PAddress = MM_ROUND_DOWN(Address, PAGE_SIZE);
    Offset.QuadPart = (ULONG_PTR)PAddress - MA_GetStartingAddress(MemoryArea)
                      + MemoryArea->SectionData.ViewOffset;
 
    Segment = MemoryArea->SectionData.Segment;
    Region = MmFindRegion((PVOID)MA_GetStartingAddress(MemoryArea),
                          &MemoryArea->SectionData.RegionListHead,
                          Address, NULL);
    ASSERT(Region != NULL);
 
    /* Check for a NOACCESS mapping */
    if (Region->Protect & PAGE_NOACCESS)
    {
        return STATUS_ACCESS_VIOLATION;
    }
 
    if (Region->Protect & PAGE_GUARD)
    {
        /* Remove it */
        Status = MmAlterRegion(AddressSpace, (PVOID)MA_GetStartingAddress(MemoryArea),
                &MemoryArea->SectionData.RegionListHead,
                Address, PAGE_SIZE, Region->Type, Region->Protect & ~PAGE_GUARD,
                MmAlterViewAttributes);
 
        if (!NT_SUCCESS(Status))
        {
            DPRINT1("Removing PAGE_GUARD protection failed : 0x%08x.\n", Status);
        }
 
        return STATUS_GUARD_PAGE_VIOLATION;
    }
 
    HasSwapEntry = MmIsPageSwapEntry(Process, Address);
 
    /* See if we should use a private page */
    if (HasSwapEntry)
    {
        SWAPENTRY DummyEntry;
 
        MmGetPageFileMapping(Process, Address, &SwapEntry);
        if (SwapEntry == MM_WAIT_ENTRY)
        {
            MmUnlockAddressSpace(AddressSpace);
            KeDelayExecutionThread(KernelMode, FALSE, &TinyTime);
            MmLockAddressSpace(AddressSpace);
            return STATUS_MM_RESTART_OPERATION;
        }
 
        MI_SET_USAGE(MI_USAGE_SECTION);
        if (Process) MI_SET_PROCESS2(Process->ImageFileName);
        if (!Process) MI_SET_PROCESS2("Kernel Section");
        Status = MmRequestPageMemoryConsumer(MC_USER, TRUE, &Page);
        if (!NT_SUCCESS(Status))
        {
            return STATUS_NO_MEMORY;
        }
 
        /*
         * Must be private page we have swapped out.
         */
 
        /*
        * Sanity check
        */
        MmDeletePageFileMapping(Process, Address, &DummyEntry);
        ASSERT(DummyEntry == SwapEntry);
 
        /* Tell everyone else we are serving the fault. */
        MmCreatePageFileMapping(Process, Address, MM_WAIT_ENTRY);
 
        MmUnlockAddressSpace(AddressSpace);
 
        Status = MmReadFromSwapPage(SwapEntry, Page);
        if (!NT_SUCCESS(Status))
        {
            DPRINT1("MmReadFromSwapPage failed, status = %x\n", Status);
            KeBugCheck(MEMORY_MANAGEMENT);
        }
 
        MmLockAddressSpace(AddressSpace);
        MmDeletePageFileMapping(Process, PAddress, &DummyEntry);
        ASSERT(DummyEntry == MM_WAIT_ENTRY);
 
        Status = MmCreateVirtualMapping(Process,
                                        PAddress,
                                        Region->Protect,
                                        Page);
        if (!NT_SUCCESS(Status))
        {
            DPRINT("MmCreateVirtualMapping failed, not out of memory\n");
            KeBugCheck(MEMORY_MANAGEMENT);
            return Status;
        }
 
        /*
         * Store the swap entry for later use.
         */
        MmSetSavedSwapEntryPage(Page, SwapEntry);
 
        /*
         * Add the page to the process's working set
         */
        if (Process) MmInsertRmap(Page, Process, Address);
        /*
         * Finish the operation
         */
        DPRINT("Address 0x%p\n", Address);
        return STATUS_SUCCESS;
    }
 
    /*
     * Lock the segment
     */
    MmLockSectionSegment(Segment);
 
    /*
     * Satisfying a page fault on a map of /Device/PhysicalMemory is easy
     */
    if ((*Segment->Flags) & MM_PHYSICALMEMORY_SEGMENT)
    {
        MmUnlockSectionSegment(Segment);
        /*
         * Just map the desired physical page
         */
        Page = (PFN_NUMBER)(Offset.QuadPart >> PAGE_SHIFT);
        Status = MmCreatePhysicalMapping(Process,
                                         PAddress,
                                         Region->Protect,
                                         Page);
        if (!NT_SUCCESS(Status))
        {
            DPRINT("MmCreateVirtualMappingUnsafe failed, not out of memory\n");
            KeBugCheck(MEMORY_MANAGEMENT);
            return Status;
        }
 
        /*
         * Cleanup and release locks
         */
        DPRINT("Address 0x%p\n", Address);
        return STATUS_SUCCESS;
    }
 
    /*
     * Check if this page needs to be mapped COW
     */
    if ((Segment->WriteCopy) &&
        (Region->Protect == PAGE_READWRITE || Region->Protect == PAGE_EXECUTE_READWRITE))
    {
        Attributes = Region->Protect == PAGE_READWRITE ? PAGE_READONLY : PAGE_EXECUTE_READ;
    }
    else
    {
        Attributes = Region->Protect;
    }
 
 
    /*
     * Get the entry corresponding to the offset within the section
     */
    Entry = MmGetPageEntrySectionSegment(Segment, &Offset);
    if (Entry == 0)
    {
        /*
         * If the entry is zero, then we need to load the page.
         */
        if ((Offset.QuadPart >= (LONGLONG)PAGE_ROUND_UP(Segment->RawLength.QuadPart)) && (MemoryArea->VadNode.u.VadFlags.VadType == VadImageMap))
        {
            /* We are beyond the data which is on file. Just get a new page. */
            MI_SET_USAGE(MI_USAGE_SECTION);
            if (Process) MI_SET_PROCESS2(Process->ImageFileName);
            if (!Process) MI_SET_PROCESS2("Kernel Section");
            Status = MmRequestPageMemoryConsumer(MC_USER, FALSE, &Page);
            if (!NT_SUCCESS(Status))
            {
                MmUnlockSectionSegment(Segment);
                return STATUS_NO_MEMORY;
            }
            MmSetPageEntrySectionSegment(Segment, &Offset, MAKE_SSE(Page << PAGE_SHIFT, 1));
            MmUnlockSectionSegment(Segment);
 
            Status = MmCreateVirtualMapping(Process, PAddress, Attributes, Page);
            if (!NT_SUCCESS(Status))
            {
                DPRINT1("Unable to create virtual mapping\n");
                KeBugCheck(MEMORY_MANAGEMENT);
            }
            ASSERT(MmIsPagePresent(Process, PAddress));
            if (Process)
                MmInsertRmap(Page, Process, Address);
 
            DPRINT("Address 0x%p\n", Address);
            return STATUS_SUCCESS;
        }
 
        MmUnlockSectionSegment(Segment);
        MmUnlockAddressSpace(AddressSpace);
 
        /* The data must be paged in. Lock the file, so that the VDL doesn't get updated behind us. */
        FsRtlAcquireFileExclusive(Segment->FileObject);
 
        PFSRTL_COMMON_FCB_HEADER FcbHeader = Segment->FileObject->FsContext;
 
        Status = MmMakeSegmentResident(Segment, Offset.QuadPart, PAGE_SIZE, &FcbHeader->ValidDataLength, FALSE);
 
        FsRtlReleaseFile(Segment->FileObject);
 
        /* Lock address space again */
        MmLockAddressSpace(AddressSpace);
        if (!NT_SUCCESS(Status))
        {
            if (Status == STATUS_NO_MEMORY)
            {
                return Status;
            }
            /* Damn */
            DPRINT1("Failed to page data in!\n");
            return STATUS_IN_PAGE_ERROR;
        }
 
        /* Everything went fine. Restart the operation */
        return STATUS_MM_RESTART_OPERATION;
    }
    else if (IS_SWAP_FROM_SSE(Entry))
    {
        SWAPENTRY SwapEntry;
 
        SwapEntry = SWAPENTRY_FROM_SSE(Entry);
 
        /* See if a page op is running on this segment. */
        if (SwapEntry == MM_WAIT_ENTRY)
        {
            MmUnlockSectionSegment(Segment);
            MmUnlockAddressSpace(AddressSpace);
            KeDelayExecutionThread(KernelMode, FALSE, &TinyTime);
            MmLockAddressSpace(AddressSpace);
            return STATUS_MM_RESTART_OPERATION;
        }
 
        Status = MmRequestPageMemoryConsumer(MC_USER, TRUE, &Page);
        if (!NT_SUCCESS(Status))
        {
            MmUnlockSectionSegment(Segment);
            return STATUS_NO_MEMORY;
        }
 
        /*
        * Release all our locks and read in the page from disk
        */
        MmSetPageEntrySectionSegment(Segment, &Offset, MAKE_SWAP_SSE(MM_WAIT_ENTRY));
        MmUnlockSectionSegment(Segment);
 
        MmUnlockAddressSpace(AddressSpace);
 
        Status = MmReadFromSwapPage(SwapEntry, Page);
        if (!NT_SUCCESS(Status))
        {
            KeBugCheck(MEMORY_MANAGEMENT);
        }
 
        /*
         * Relock the address space and segment
         */
        MmLockAddressSpace(AddressSpace);
        MmLockSectionSegment(Segment);
 
        /*
         * Check the entry. No one should change the status of a page
         * that has a pending page-in.
         */
        Entry1 = MmGetPageEntrySectionSegment(Segment, &Offset);
        if (Entry1 != MAKE_SWAP_SSE(MM_WAIT_ENTRY))
        {
            DPRINT1("Someone changed ppte entry while we slept (%x vs %x)\n", Entry, Entry1);
            KeBugCheck(MEMORY_MANAGEMENT);
        }
 
        /*
         * Save the swap entry.
         */
        MmSetSavedSwapEntryPage(Page, SwapEntry);
 
        /* Map the page into the process address space */
        Status = MmCreateVirtualMapping(Process,
                                        PAddress,
                                        Attributes,
                                        Page);
        if (!NT_SUCCESS(Status))
        {
            DPRINT1("Unable to create virtual mapping\n");
            KeBugCheck(MEMORY_MANAGEMENT);
        }
        if (Process)
            MmInsertRmap(Page, Process, Address);
 
        /*
         * Mark the offset within the section as having valid, in-memory
         * data
         */
        Entry = MAKE_SSE(Page << PAGE_SHIFT, 1);
        MmSetPageEntrySectionSegment(Segment, &Offset, Entry);
        MmUnlockSectionSegment(Segment);
 
        DPRINT("Address 0x%p\n", Address);
        return STATUS_SUCCESS;
    }
    else
    {
        /* We already have a page on this section offset. Map it into the process address space. */
        Page = PFN_FROM_SSE(Entry);
 
        Status = MmCreateVirtualMapping(Process,
                                        PAddress,
                                        Attributes,
                                        Page);
        if (!NT_SUCCESS(Status))
        {
            DPRINT1("Unable to create virtual mapping\n");
            KeBugCheck(MEMORY_MANAGEMENT);
        }
 
        if (Process)
            MmInsertRmap(Page, Process, Address);
 
        /* Take a reference on it */
        MmSharePageEntrySectionSegment(Segment, &Offset);
        MmUnlockSectionSegment(Segment);
 
        DPRINT("Address 0x%p\n", Address);
        return STATUS_SUCCESS;
    }
}

Referenced by MmAccessFaultSectionView(), and MmNotPresentFault().

◆ MmPageFault()

NTSTATUS NTAPI MmPageFault	(	ULONG	Cs,
		PULONG	Eip,
		PULONG	Eax,
		ULONG	Cr2,
		ULONG	ErrorCode
	)

◆ MmPageOutPhysicalAddress()

NTSTATUS NTAPI MmPageOutPhysicalAddress ( PFN_NUMBER Page )

Definition at line 51 of file rmap.c.

{
    PMM_RMAP_ENTRY entry;
    PMEMORY_AREA MemoryArea;
    PMMSUPPORT AddressSpace;
    PVOID Address = NULL;
    PEPROCESS Process = NULL;
    NTSTATUS Status = STATUS_SUCCESS;
    PMM_SECTION_SEGMENT Segment;
    LARGE_INTEGER SegmentOffset;
    KIRQL OldIrql;
 
GetEntry:
    OldIrql = MiAcquirePfnLock();
 
    entry = MmGetRmapListHeadPage(Page);
 
    while (entry && RMAP_IS_SEGMENT(entry->Address))
        entry = entry->Next;
 
    if (entry == NULL)
    {
        MiReleasePfnLock(OldIrql);
        goto WriteSegment;
    }
 
    Process = entry->Process;
    Address = entry->Address;
 
    if ((((ULONG_PTR)Address) & 0xFFF) != 0)
    {
        KeBugCheck(MEMORY_MANAGEMENT);
    }
 
    /* This is for user-mode address only */
    ASSERT(Address < MmSystemRangeStart);
 
    if (!ExAcquireRundownProtection(&Process->RundownProtect))
    {
        MiReleasePfnLock(OldIrql);
        return STATUS_PROCESS_IS_TERMINATING;
    }
 
    Status = ObReferenceObjectByPointer(Process, PROCESS_ALL_ACCESS, NULL, KernelMode);
    MiReleasePfnLock(OldIrql);
    if (!NT_SUCCESS(Status))
    {
        ExReleaseRundownProtection(&Process->RundownProtect);
        return Status;
    }
    AddressSpace = &Process->Vm;
 
    MmLockAddressSpace(AddressSpace);
 
    MemoryArea = MmLocateMemoryAreaByAddress(AddressSpace, Address);
    if (MemoryArea == NULL || MemoryArea->DeleteInProgress)
    {
        MmUnlockAddressSpace(AddressSpace);
        ExReleaseRundownProtection(&Process->RundownProtect);
        ObDereferenceObject(Process);
        goto GetEntry;
    }
 
 
    /* Attach to it, if needed */
    ASSERT(PsGetCurrentProcess() == PsInitialSystemProcess);
    if (Process != PsInitialSystemProcess)
        KeAttachProcess(&Process->Pcb);
 
    if (MmGetPfnForProcess(Process, Address) != Page)
    {
        /* This changed in the short window where we didn't have any locks */
        if (Process != PsInitialSystemProcess)
            KeDetachProcess();
        MmUnlockAddressSpace(AddressSpace);
        ExReleaseRundownProtection(&Process->RundownProtect);
        ObDereferenceObject(Process);
        goto GetEntry;
    }
 
    if (MemoryArea->Type == MEMORY_AREA_SECTION_VIEW)
    {
        ULONG_PTR Entry;
        BOOLEAN Dirty;
        PFN_NUMBER MapPage;
        LARGE_INTEGER Offset;
        BOOLEAN Released;
        BOOLEAN Unmapped;
 
        Offset.QuadPart = MemoryArea->SectionData.ViewOffset +
                 ((ULONG_PTR)Address - MA_GetStartingAddress(MemoryArea));
 
        Segment = MemoryArea->SectionData.Segment;
 
        MmLockSectionSegment(Segment);
 
        Entry = MmGetPageEntrySectionSegment(Segment, &Offset);
        if (Entry && MM_IS_WAIT_PTE(Entry))
        {
            /* The segment is being read or something. Give up */
            MmUnlockSectionSegment(Segment);
            if (Process != PsInitialSystemProcess)
                KeDetachProcess();
            MmUnlockAddressSpace(AddressSpace);
            ExReleaseRundownProtection(&Process->RundownProtect);
            ObDereferenceObject(Process);
            return(STATUS_UNSUCCESSFUL);
        }
 
        /* Delete this virtual mapping in the process */
        MmDeleteRmap(Page, Process, Address);
        Unmapped = MmDeleteVirtualMapping(Process, Address, &Dirty, &MapPage);
        if (!Unmapped || (MapPage != Page))
        {
            /*
             * Something's corrupted, we got there because this process is
             * supposed to be mapping this page there.
             */
            KeBugCheckEx(MEMORY_MANAGEMENT,
                         (ULONG_PTR)Process,
                         (ULONG_PTR)Address,
                         (ULONG_PTR)__FILE__,
                         __LINE__);
        }
 
        if (Page != PFN_FROM_SSE(Entry))
        {
            SWAPENTRY SwapEntry;
 
            /* This page is private to the process */
            MmUnlockSectionSegment(Segment);
 
            /* Check if we should write it back to the page file */
            SwapEntry = MmGetSavedSwapEntryPage(Page);
 
            if ((SwapEntry == 0) && Dirty)
            {
                /* We don't have a Swap entry, yet the page is dirty. Get one */
                SwapEntry = MmAllocSwapPage();
                if (!SwapEntry)
                {
                    PMM_REGION Region = MmFindRegion((PVOID)MA_GetStartingAddress(MemoryArea),
                            &MemoryArea->SectionData.RegionListHead,
                            Address, NULL);
 
                    /* We can't, so let this page in the Process VM */
                    MmCreateVirtualMapping(Process, Address, Region->Protect, Page);
                    MmInsertRmap(Page, Process, Address);
                    MmSetDirtyPage(Process, Address);
 
                    MmUnlockAddressSpace(AddressSpace);
                    if (Process != PsInitialSystemProcess)
                        KeDetachProcess();
                    ExReleaseRundownProtection(&Process->RundownProtect);
                    ObDereferenceObject(Process);
 
                    return STATUS_UNSUCCESSFUL;
                }
            }
 
            if (Dirty)
            {
                SWAPENTRY Dummy;
 
                /* Put a wait entry into the process and unlock */
                MmCreatePageFileMapping(Process, Address, MM_WAIT_ENTRY);
                MmUnlockAddressSpace(AddressSpace);
 
                Status = MmWriteToSwapPage(SwapEntry, Page);
 
                MmLockAddressSpace(AddressSpace);
                MmDeletePageFileMapping(Process, Address, &Dummy);
                ASSERT(Dummy == MM_WAIT_ENTRY);
 
                if (!NT_SUCCESS(Status))
                {
                    /* We failed at saving the content of this page. Keep it in */
                    PMM_REGION Region = MmFindRegion((PVOID)MA_GetStartingAddress(MemoryArea),
                            &MemoryArea->SectionData.RegionListHead,
                            Address, NULL);
 
                    /* This Swap Entry is useless to us */
                    MmSetSavedSwapEntryPage(Page, 0);
                    MmFreeSwapPage(SwapEntry);
 
                    /* We can't, so let this page in the Process VM */
                    MmCreateVirtualMapping(Process, Address, Region->Protect, Page);
                    MmInsertRmap(Page, Process, Address);
                    MmSetDirtyPage(Process, Address);
 
                    MmUnlockAddressSpace(AddressSpace);
                    if (Process != PsInitialSystemProcess)
                        KeDetachProcess();
                    ExReleaseRundownProtection(&Process->RundownProtect);
                    ObDereferenceObject(Process);
 
                    return STATUS_UNSUCCESSFUL;
                }
            }
 
            if (SwapEntry)
            {
                /* Keep this in the process VM */
                MmCreatePageFileMapping(Process, Address, SwapEntry);
                MmSetSavedSwapEntryPage(Page, 0);
            }
 
            /* We can finally let this page go */
            MmUnlockAddressSpace(AddressSpace);
            if (Process != PsInitialSystemProcess)
                KeDetachProcess();
#if DBG
            OldIrql = MiAcquirePfnLock();
            ASSERT(MmGetRmapListHeadPage(Page) == NULL);
            MiReleasePfnLock(OldIrql);
#endif
            MmReleasePageMemoryConsumer(MC_USER, Page);
 
            ExReleaseRundownProtection(&Process->RundownProtect);
            ObDereferenceObject(Process);
 
            return STATUS_SUCCESS;
        }
 
        /* One less mapping referencing this segment */
        Released = MmUnsharePageEntrySectionSegment(MemoryArea, Segment, &Offset, Dirty, TRUE, NULL);
 
        MmUnlockSectionSegment(Segment);
        if (Process != PsInitialSystemProcess)
            KeDetachProcess();
        MmUnlockAddressSpace(AddressSpace);
 
        ExReleaseRundownProtection(&Process->RundownProtect);
        ObDereferenceObject(Process);
 
        if (Released) return STATUS_SUCCESS;
    }
#ifdef NEWCC
    else if (Type == MEMORY_AREA_CACHE)
    {
        /* NEWCC does locking itself */
        MmUnlockAddressSpace(AddressSpace);
        Status = MmpPageOutPhysicalAddress(Page);
    }
#endif
    else
    {
        KeBugCheck(MEMORY_MANAGEMENT);
    }
 
WriteSegment:
    /* Now write this page to file, if needed */
    Segment = MmGetSectionAssociation(Page, &SegmentOffset);
    if (Segment)
    {
        BOOLEAN Released;
 
        MmLockSectionSegment(Segment);
 
        Released = MmCheckDirtySegment(Segment, &SegmentOffset, FALSE, TRUE);
 
        MmUnlockSectionSegment(Segment);
        MmDereferenceSegment(Segment);
 
        if (Released)
        {
            return STATUS_SUCCESS;
        }
    }
 
    /* If we are here, then we didn't release the page */
    return STATUS_UNSUCCESSFUL;
}

Referenced by CcRosTrimCache(), and MmTrimUserMemory().

◆ MmPageOutSectionView()

NTSTATUS NTAPI MmPageOutSectionView	(	PMMSUPPORT	AddressSpace,
		PMEMORY_AREA	MemoryArea,
		PVOID	Address,
		ULONG_PTR	Entry
	)

◆ MmProtectSectionView()

NTSTATUS NTAPI MmProtectSectionView	(	PMMSUPPORT	AddressSpace,
		PMEMORY_AREA	MemoryArea,
		PVOID	BaseAddress,
		SIZE_T	Length,
		ULONG	Protect,
		PULONG	OldProtect
	)

Definition at line 2068 of file section.c.

{
    PMM_REGION Region;
    NTSTATUS Status;
    ULONG_PTR MaxLength;
 
    MaxLength = MA_GetEndingAddress(MemoryArea) - (ULONG_PTR)BaseAddress;
    if (Length > MaxLength)
        Length = (ULONG)MaxLength;
 
    Region = MmFindRegion((PVOID)MA_GetStartingAddress(MemoryArea),
                          &MemoryArea->SectionData.RegionListHead,
                          BaseAddress, NULL);
    ASSERT(Region != NULL);
 
    if ((MemoryArea->Flags & SEC_NO_CHANGE) &&
            Region->Protect != Protect)
    {
        return STATUS_INVALID_PAGE_PROTECTION;
    }
 
    *OldProtect = Region->Protect;
    Status = MmAlterRegion(AddressSpace, (PVOID)MA_GetStartingAddress(MemoryArea),
                           &MemoryArea->SectionData.RegionListHead,
                           BaseAddress, Length, Region->Type, Protect,
                           MmAlterViewAttributes);
 
    return Status;
}

Referenced by MiRosProtectVirtualMemory().

◆ MmPurgeSegment()

BOOLEAN NTAPI MmPurgeSegment	(	_In_ PSECTION_OBJECT_POINTERS	SectionObjectPointer,
		_In_opt_ PLARGE_INTEGER	Offset,
		_In_ ULONG	Length
	)

Definition at line 4837 of file section.c.

{
    LARGE_INTEGER PurgeStart, PurgeEnd;
    PMM_SECTION_SEGMENT Segment;
 
    PurgeStart.QuadPart = Offset ? Offset->QuadPart : 0LL;
    if (Length && Offset)
    {
        if (!NT_SUCCESS(RtlLongLongAdd(PurgeStart.QuadPart, Length, &PurgeEnd.QuadPart)))
            return FALSE;
    }
 
    Segment = MiGrabDataSection(SectionObjectPointer);
    if (!Segment)
    {
        /* Nothing to purge */
        return TRUE;
    }
 
    MmLockSectionSegment(Segment);
 
    if (!Length || !Offset)
    {
        /* We must calculate the length for ourselves */
        /* FIXME: All of this is suboptimal */
        ULONG ElemCount = RtlNumberGenericTableElements(&Segment->PageTable);
        if (!ElemCount)
        {
            /* No page. Nothing to purge */
            MmUnlockSectionSegment(Segment);
            MmDereferenceSegment(Segment);
            return TRUE;
        }
 
        PCACHE_SECTION_PAGE_TABLE PageTable = RtlGetElementGenericTable(&Segment->PageTable, ElemCount - 1);
        PurgeEnd.QuadPart = PageTable->FileOffset.QuadPart + _countof(PageTable->PageEntries) * PAGE_SIZE;
    }
 
    /* Find byte offset of the page to start */
    PurgeStart.QuadPart = PAGE_ROUND_DOWN_64(PurgeStart.QuadPart);
 
    while (PurgeStart.QuadPart < PurgeEnd.QuadPart)
    {
        ULONG_PTR Entry = MmGetPageEntrySectionSegment(Segment, &PurgeStart);
 
        if (Entry == 0)
        {
            PurgeStart.QuadPart += PAGE_SIZE;
            continue;
        }
 
        if (IS_SWAP_FROM_SSE(Entry))
        {
            ASSERT(SWAPENTRY_FROM_SSE(Entry) == MM_WAIT_ENTRY);
            /* The page is currently being read. Meaning someone will need it soon. Bad luck */
            MmUnlockSectionSegment(Segment);
            MmDereferenceSegment(Segment);
            return FALSE;
        }
 
        if (IS_WRITE_SSE(Entry))
        {
            /* We're trying to purge an entry which is being written. Restart this loop iteration */
            MmUnlockSectionSegment(Segment);
            KeDelayExecutionThread(KernelMode, FALSE, &TinyTime);
            MmLockSectionSegment(Segment);
            continue;
        }
 
        if (SHARE_COUNT_FROM_SSE(Entry) > 0)
        {
            /* This page is currently in use. Bad luck */
            MmUnlockSectionSegment(Segment);
            MmDereferenceSegment(Segment);
            return FALSE;
        }
 
        /* We can let this page go */
        MmSetPageEntrySectionSegment(Segment, &PurgeStart, 0);
        MmReleasePageMemoryConsumer(MC_USER, PFN_FROM_SSE(Entry));
 
        PurgeStart.QuadPart += PAGE_SIZE;
    }
 
    /* This page is currently in use. Bad luck */
    MmUnlockSectionSegment(Segment);
    MmDereferenceSegment(Segment);
    return TRUE;
}

Referenced by CcPurgeCacheSection().

◆ MmQuerySectionView()

NTSTATUS NTAPI MmQuerySectionView	(	PMEMORY_AREA	MemoryArea,
		PVOID	Address,
		PMEMORY_BASIC_INFORMATION	Info,
		PSIZE_T	ResultLength
	)

Definition at line 2104 of file section.c.

{
    PMM_REGION Region;
    PVOID RegionBaseAddress;
    PMM_SECTION_SEGMENT Segment;
 
    Region = MmFindRegion((PVOID)MA_GetStartingAddress(MemoryArea),
                          &MemoryArea->SectionData.RegionListHead,
                          Address, &RegionBaseAddress);
    if (Region == NULL)
    {
        return STATUS_UNSUCCESSFUL;
    }
 
    if (MemoryArea->VadNode.u.VadFlags.VadType == VadImageMap)
    {
        Segment = MemoryArea->SectionData.Segment;
        Info->AllocationBase = (PUCHAR)MA_GetStartingAddress(MemoryArea) - Segment->Image.VirtualAddress;
        Info->Type = MEM_IMAGE;
    }
    else
    {
        Info->AllocationBase = (PVOID)MA_GetStartingAddress(MemoryArea);
        Info->Type = MEM_MAPPED;
    }
    Info->BaseAddress = RegionBaseAddress;
    Info->AllocationProtect = MmProtectToValue[MemoryArea->VadNode.u.VadFlags.Protection];
    Info->RegionSize = Region->Length;
    Info->State = MEM_COMMIT;
    Info->Protect = Region->Protect;
 
    *ResultLength = sizeof(MEMORY_BASIC_INFORMATION);
    return STATUS_SUCCESS;
}

Referenced by MiQueryMemoryBasicInformation().

◆ MmQuitNextSession()

VOID NTAPI MmQuitNextSession ( _Inout_ PVOID SessionEntry )

Definition at line 1030 of file session.c.

{
    PEPROCESS EntryProcess;
 
    /* The parameter is the actual process! */
    EntryProcess = SessionEntry;
    ASSERT(EntryProcess != NULL);
 
    /* Sanity checks */
    ASSERT(KeGetCurrentIrql () <= APC_LEVEL);
    ASSERT(EntryProcess->Vm.Flags.SessionLeader == 0);
    ASSERT(EntryProcess->Session != NULL);
 
    /* Get rid of the reference we took */
    ObDereferenceObject(EntryProcess);
}

Referenced by ExpWin32SessionCallout().

◆ MmReadFromSwapPage()

NTSTATUS NTAPI MmReadFromSwapPage	(	SWAPENTRY	SwapEntry,
		PFN_NUMBER	Page
	)

Definition at line 204 of file pagefile.c.

{
    return MiReadPageFile(Page, FILE_FROM_ENTRY(SwapEntry), OFFSET_FROM_ENTRY(SwapEntry));
}

Referenced by MiSwapInPage(), and MmNotPresentFaultSectionView().

◆ MmRebalanceMemoryConsumers()

VOID NTAPI MmRebalanceMemoryConsumers ( VOID )

Definition at line 290 of file balance.c.

{
    if (InterlockedCompareExchange(&PageOutThreadActive, 1, 0) == 0)
    {
        KeSetEvent(&MiBalancerEvent, IO_NO_INCREMENT, FALSE);
    }
}

Referenced by MiDecrementAvailablePages(), and MmRebalanceMemoryConsumersAndWait().

◆ MmReferencePage()

VOID NTAPI MmReferencePage ( PFN_NUMBER Page )

Definition at line 519 of file freelist.c.

{
    PMMPFN Pfn1;
 
    DPRINT("MmReferencePage(PysicalAddress %x)\n", Pfn << PAGE_SHIFT);
 
    MI_ASSERT_PFN_LOCK_HELD();
    ASSERT(Pfn != 0);
    ASSERT(Pfn <= MmHighestPhysicalPage);
 
    Pfn1 = MiGetPfnEntry(Pfn);
    ASSERT(Pfn1);
    ASSERT_IS_ROS_PFN(Pfn1);
 
    ASSERT(Pfn1->u3.e2.ReferenceCount != 0);
    Pfn1->u3.e2.ReferenceCount++;
}

Referenced by MmGetLRUFirstUserPage(), and MmGetLRUNextUserPage().

◆ MmReleasePageMemoryConsumer()

NTSTATUS NTAPI MmReleasePageMemoryConsumer	(	ULONG	Consumer,
		PFN_NUMBER	Page
	)

Definition at line 72 of file balance.c.

{
    KIRQL OldIrql;
 
    if (Page == 0)
    {
        DPRINT1("Tried to release page zero.\n");
        KeBugCheck(MEMORY_MANAGEMENT);
    }
 
    (void)InterlockedDecrementUL(&MiMemoryConsumers[Consumer].PagesUsed);
    UpdateTotalCommittedPages(-1);
 
    OldIrql = MiAcquirePfnLock();
 
    MmDereferencePage(Page);
 
    MiReleasePfnLock(OldIrql);
 
    return(STATUS_SUCCESS);
}

Referenced by FreeSegmentPage(), if(), MiFreeSegmentPage(), MiGetOnePage(), MiPurgeImageSegment(), MiReadFilePage(), MmCreateProcessAddressSpace(), MmDeleteVirtualMapping(), MmFinalizeSectionPageOut(), MmFreeCacheSectionPage(), MmFreePageTable(), MmFreeSectionPage(), MmGetPageTableForProcess(), MmGetPageTableForProcessForPAE(), MmMakeSegmentResident(), MmPageOutCacheSection(), MmPageOutPhysicalAddress(), MmpFreePageFileSegment(), MmPurgeSegment(), and MmUnsharePageEntrySectionSegment().

◆ MmRequestPageMemoryConsumer()

NTSTATUS NTAPI MmRequestPageMemoryConsumer	(	ULONG	Consumer,
		BOOLEAN	MyWait,
		PPFN_NUMBER	AllocatedPage
	)

Definition at line 313 of file balance.c.

{
    PFN_NUMBER Page;
 
    /* Delay some requests for the Memory Manager to recover pages (CORE-17624).
     * FIXME: This is suboptimal.
     */
    static INT i = 0;
    static LARGE_INTEGER TinyTime = {{-1L, -1L}};
    if (i++ >= 100)
    {
        KeDelayExecutionThread(KernelMode, FALSE, &TinyTime);
        i = 0;
    }
 
    /*
     * Actually allocate the page.
     */
    Page = MmAllocPage(Consumer);
    if (Page == 0)
    {
        *AllocatedPage = 0;
        return STATUS_NO_MEMORY;
    }
    *AllocatedPage = Page;
 
    /* Update the target */
    InterlockedIncrementUL(&MiMemoryConsumers[Consumer].PagesUsed);
    UpdateTotalCommittedPages(1);
 
    return(STATUS_SUCCESS);
}

Referenced by CcInitCacheZeroPage(), MiGetOnePage(), MiGetPageTableForProcess(), MiReadFilePage(), MiSwapInPage(), MmAccessFaultSectionView(), MmCreateProcessAddressSpace(), MmGetPageTableForProcess(), MmGetPageTableForProcessForPAE(), MmMakeSegmentResident(), and MmNotPresentFaultSectionView().

◆ MmSetCleanPage()

VOID NTAPI MmSetCleanPage	(	struct _EPROCESS *	Process,
		PVOID	Address
	)

◆ MmSetDirtyBit()

VOID NTAPI MmSetDirtyBit	(	PEPROCESS	Process,
		PVOID	Address,
		BOOLEAN	Bit
	)

Definition at line 890 of file page.c.

{
    PMMPTE PointerPte;
 
    DPRINT("MmSetDirtyBit(Process %p  Address %p  Bit %x)\n",
           Process, Address, Bit);
 
    ASSERT(Process != NULL);
    ASSERT(Address < MmSystemRangeStart);
 
    ASSERT(Process == PsGetCurrentProcess());
 
    MiLockProcessWorkingSetUnsafe(Process, PsGetCurrentThread());
 
    MiMakePdeExistAndMakeValid(MiAddressToPde(Address), Process, MM_NOIRQL);
 
    PointerPte = MiAddressToPte(Address);
    // We shouldnl't set dirty bit on non-mapped addresses
    if (!PointerPte->u.Hard.Valid && (FlagOn(PointerPte->u.Long, 0x800) || (PointerPte->u.Hard.PageFrameNumber == 0)))
    {
        DPRINT1("Invalid Pte %lx\n", PointerPte->u.Long);
        KeBugCheck(MEMORY_MANAGEMENT);
    }
 
    PointerPte->u.Hard.Dirty = !!Bit;
 
    if (!Bit)
        KeInvalidateTlbEntry(Address);
 
    MiUnlockProcessWorkingSetUnsafe(Process, PsGetCurrentThread());
}

◆ MmSetExecuteOptions()

NTSTATUS NTAPI MmSetExecuteOptions ( IN ULONG ExecuteOptions )

Definition at line 2695 of file pagfault.c.

{
    PKPROCESS CurrentProcess = &PsGetCurrentProcess()->Pcb;
    KLOCK_QUEUE_HANDLE ProcessLock;
    NTSTATUS Status = STATUS_ACCESS_DENIED;
    ASSERT(KeGetCurrentIrql() == PASSIVE_LEVEL);
 
    /* Only accept valid flags */
    if (ExecuteOptions & ~MEM_EXECUTE_OPTION_VALID_FLAGS)
    {
        /* Fail */
        DPRINT1("Invalid no-execute options\n");
        return STATUS_INVALID_PARAMETER;
    }
 
    /* Change the NX state in the process lock */
    KiAcquireProcessLockRaiseToSynch(CurrentProcess, &ProcessLock);
 
    /* Don't change anything if the permanent flag was set */
    if (!CurrentProcess->Flags.Permanent)
    {
        /* Start by assuming it's not disabled */
        CurrentProcess->Flags.ExecuteDisable = FALSE;
 
        /* Now process each flag and turn the equivalent bit on */
        if (ExecuteOptions & MEM_EXECUTE_OPTION_DISABLE)
        {
            CurrentProcess->Flags.ExecuteDisable = TRUE;
        }
        if (ExecuteOptions & MEM_EXECUTE_OPTION_ENABLE)
        {
            CurrentProcess->Flags.ExecuteEnable = TRUE;
        }
        if (ExecuteOptions & MEM_EXECUTE_OPTION_DISABLE_THUNK_EMULATION)
        {
            CurrentProcess->Flags.DisableThunkEmulation = TRUE;
        }
        if (ExecuteOptions & MEM_EXECUTE_OPTION_PERMANENT)
        {
            CurrentProcess->Flags.Permanent = TRUE;
        }
        if (ExecuteOptions & MEM_EXECUTE_OPTION_EXECUTE_DISPATCH_ENABLE)
        {
            CurrentProcess->Flags.ExecuteDispatchEnable = TRUE;
        }
        if (ExecuteOptions & MEM_EXECUTE_OPTION_IMAGE_DISPATCH_ENABLE)
        {
            CurrentProcess->Flags.ImageDispatchEnable = TRUE;
        }
 
        /* These are turned on by default if no-execution is also enabled */
        if (CurrentProcess->Flags.ExecuteEnable)
        {
            CurrentProcess->Flags.ExecuteDispatchEnable = TRUE;
            CurrentProcess->Flags.ImageDispatchEnable = TRUE;
        }
 
        /* All good */
        Status = STATUS_SUCCESS;
    }
 
    /* Release the lock and return status */
    KiReleaseProcessLock(&ProcessLock);
    return Status;
}

Referenced by NtSetInformationProcess().

◆ MmSetMemoryPriorityProcess()

NTSTATUS NTAPI MmSetMemoryPriorityProcess	(	IN PEPROCESS	Process,
		IN UCHAR	MemoryPriority
	)

Definition at line 487 of file procsup.c.

{
    UCHAR OldPriority;
 
    //
    // Check if we have less then 16MB of Physical Memory
    //
    if ((MmSystemSize == MmSmallSystem) &&
        (MmNumberOfPhysicalPages < ((15 * 1024 * 1024) / PAGE_SIZE)))
    {
        //
        // Always use background priority
        //
        MemoryPriority = MEMORY_PRIORITY_BACKGROUND;
    }
 
    //
    // Save the old priority and update it
    //
    OldPriority = (UCHAR)Process->Vm.Flags.MemoryPriority;
    Process->Vm.Flags.MemoryPriority = MemoryPriority;
 
    //
    // Return the old priority
    //
    return OldPriority;
}

Referenced by NtSetInformationProcess(), and PspComputeQuantumAndPriority().

◆ MmSetPageProtect()

VOID NTAPI MmSetPageProtect	(	struct _EPROCESS *	Process,
		PVOID	Address,
		ULONG	flProtect
	)

Referenced by KdbpOverwriteInstruction(), MmAccessFaultSectionView(), and MmAlterViewAttributes().

◆ MmSetRmapListHeadPage()

VOID NTAPI MmSetRmapListHeadPage	(	PFN_NUMBER	Page,
		struct _MM_RMAP_ENTRY *	ListHead
	)

Referenced by MmDeleteRmap(), MmDeleteSectionAssociation(), and MmInsertRmap().

◆ MmSetSavedSwapEntryPage()

VOID NTAPI MmSetSavedSwapEntryPage	(	PFN_NUMBER	Page,
		SWAPENTRY	SavedSwapEntry
	)

Definition at line 484 of file freelist.c.

{
    KIRQL oldIrql;
    PMMPFN Pfn1;
 
    Pfn1 = MiGetPfnEntry(Pfn);
    ASSERT(Pfn1);
    ASSERT_IS_ROS_PFN(Pfn1);
 
    oldIrql = MiAcquirePfnLock();
    Pfn1->u1.SwapEntry = SwapEntry;
    MiReleasePfnLock(oldIrql);
}

Referenced by MiSwapInPage(), MmFinalizeSectionPageOut(), MmFreeCacheSectionPage(), MmFreeSectionPage(), MmNotPresentFaultSectionView(), MmPageOutPhysicalAddress(), MmpFreePageFileSegment(), and MmUnsharePageEntrySectionSegment().

◆ MmShowOutOfSpaceMessagePagingFile()

VOID NTAPI MmShowOutOfSpaceMessagePagingFile ( VOID )

Definition at line 136 of file pagefile.c.

{
    if (!MmSwapSpaceMessage)
    {
        DPRINT1("MM: Out of swap space.\n");
        MmSwapSpaceMessage = TRUE;
    }
}

◆ MmShutdownSystem()

VOID MmShutdownSystem ( IN ULONG Phase )

Definition at line 77 of file shutdown.c.

{
    if (Phase == 0)
    {
        MiShutdownSystem();
    }
    else if (Phase == 1)
    {
        ULONG i;
 
        /* Loop through all the paging files */
        for (i = 0; i < MmNumberOfPagingFiles; i++)
        {
            /* And dereference them */
            ObDereferenceObject(MmPagingFile[i]->FileObject);
        }
    }
    else
    {
        ASSERT(Phase == 2);
 
        UNIMPLEMENTED;
    }
}

Referenced by PopGracefulShutdown().

◆ MmTrimUserMemory()

NTSTATUS MmTrimUserMemory	(	ULONG	Target,
		ULONG	Priority,
		PULONG	NrFreedPages
	)

Definition at line 138 of file balance.c.

{
    PFN_NUMBER FirstPage, CurrentPage;
    NTSTATUS Status;
 
    (*NrFreedPages) = 0;
 
    DPRINT("MM BALANCER: %s\n", Priority ? "Paging out!" : "Removing access bit!");
 
    FirstPage = MmGetLRUFirstUserPage();
    CurrentPage = FirstPage;
    while (CurrentPage != 0 && Target > 0)
    {
        if (Priority)
        {
            Status = MmPageOutPhysicalAddress(CurrentPage);
            if (NT_SUCCESS(Status))
            {
                DPRINT("Succeeded\n");
                Target--;
                (*NrFreedPages)++;
                if (CurrentPage == FirstPage)
                {
                    FirstPage = 0;
                }
            }
        }
        else
        {
            /* When not paging-out agressively, just reset the accessed bit */
            PEPROCESS Process = NULL;
            PVOID Address = NULL;
            BOOLEAN Accessed = FALSE;
 
            /*
             * We have a lock-ordering problem here. We cant lock the PFN DB before the Process address space.
             * So we must use circonvoluted loops.
             * Well...
             */
            while (TRUE)
            {
                KAPC_STATE ApcState;
                KIRQL OldIrql = MiAcquirePfnLock();
                PMM_RMAP_ENTRY Entry = MmGetRmapListHeadPage(CurrentPage);
                while (Entry)
                {
                    if (RMAP_IS_SEGMENT(Entry->Address))
                    {
                        Entry = Entry->Next;
                        continue;
                    }
 
                    /* Check that we didn't treat this entry before */
                    if (Entry->Address < Address)
                    {
                        Entry = Entry->Next;
                        continue;
                    }
 
                    if ((Entry->Address == Address) && (Entry->Process <= Process))
                    {
                        Entry = Entry->Next;
                        continue;
                    }
 
                    break;
                }
 
                if (!Entry)
                {
                    MiReleasePfnLock(OldIrql);
                    break;
                }
 
                Process = Entry->Process;
                Address = Entry->Address;
 
                ObReferenceObject(Process);
 
                if (!ExAcquireRundownProtection(&Process->RundownProtect))
                {
                    ObDereferenceObject(Process);
                    MiReleasePfnLock(OldIrql);
                    continue;
                }
 
                MiReleasePfnLock(OldIrql);
 
                KeStackAttachProcess(&Process->Pcb, &ApcState);
                MiLockProcessWorkingSet(Process, PsGetCurrentThread());
 
                /* Be sure this is still valid. */
                if (MmIsAddressValid(Address))
                {
                    PMMPTE Pte = MiAddressToPte(Address);
                    Accessed = Accessed || Pte->u.Hard.Accessed;
                    Pte->u.Hard.Accessed = 0;
 
                    /* There is no need to invalidate, the balancer thread is never on a user process */
                    //KeInvalidateTlbEntry(Address);
                }
 
                MiUnlockProcessWorkingSet(Process, PsGetCurrentThread());
 
                KeUnstackDetachProcess(&ApcState);
                ExReleaseRundownProtection(&Process->RundownProtect);
                ObDereferenceObject(Process);
            }
 
            if (!Accessed)
            {
                /* Nobody accessed this page since the last time we check. Time to clean up */
 
                Status = MmPageOutPhysicalAddress(CurrentPage);
                if (NT_SUCCESS(Status))
                {
                    if (CurrentPage == FirstPage)
                    {
                        FirstPage = 0;
                    }
                }
                // DPRINT1("Paged-out one page: %s\n", NT_SUCCESS(Status) ? "Yes" : "No");
            }
 
            /* Done for this page. */
            Target--;
        }
 
        CurrentPage = MmGetLRUNextUserPage(CurrentPage, TRUE);
        if (FirstPage == 0)
        {
            FirstPage = CurrentPage;
        }
        else if (CurrentPage == FirstPage)
        {
            DPRINT1("We are back at the start, abort!\n");
            return STATUS_SUCCESS;
        }
    }
 
    if (CurrentPage)
    {
        KIRQL OldIrql = MiAcquirePfnLock();
        MmDereferencePage(CurrentPage);
        MiReleasePfnLock(OldIrql);
    }
 
    return STATUS_SUCCESS;
}

Referenced by MmInitSystem().

◆ MmUnloadSystemImage()

NTSTATUS NTAPI MmUnloadSystemImage ( IN PVOID ImageHandle )

Definition at line 945 of file sysldr.c.

{
    PLDR_DATA_TABLE_ENTRY LdrEntry = ImageHandle;
    PVOID BaseAddress = LdrEntry->DllBase;
    NTSTATUS Status;
    STRING TempName;
    BOOLEAN HadEntry = FALSE;
 
    /* Acquire the loader lock */
    KeEnterCriticalRegion();
    KeWaitForSingleObject(&MmSystemLoadLock,
                          WrVirtualMemory,
                          KernelMode,
                          FALSE,
                          NULL);
 
    /* Check if this driver was loaded at boot and didn't get imports parsed */
    if (LdrEntry->LoadedImports == MM_SYSLDR_BOOT_LOADED) goto Done;
 
    /* We should still be alive */
    ASSERT(LdrEntry->LoadCount != 0);
    LdrEntry->LoadCount--;
 
    /* Check if we're still loaded */
    if (LdrEntry->LoadCount) goto Done;
 
    /* We should cleanup... are symbols loaded */
    if (LdrEntry->Flags & LDRP_DEBUG_SYMBOLS_LOADED)
    {
        /* Create the ANSI name */
        Status = RtlUnicodeStringToAnsiString(&TempName,
                                              &LdrEntry->BaseDllName,
                                              TRUE);
        if (NT_SUCCESS(Status))
        {
            /* Unload the symbols */
            DbgUnLoadImageSymbols(&TempName,
                                  BaseAddress,
                                  (ULONG_PTR)PsGetCurrentProcessId());
            RtlFreeAnsiString(&TempName);
        }
    }
 
    /* FIXME: Free the driver */
    DPRINT1("Leaking driver: %wZ\n", &LdrEntry->BaseDllName);
    //MmFreeSection(LdrEntry->DllBase);
 
    /* Check if we're linked in */
    if (LdrEntry->InLoadOrderLinks.Flink)
    {
        /* Remove us */
        MiProcessLoaderEntry(LdrEntry, FALSE);
        HadEntry = TRUE;
    }
 
    /* Dereference and clear the imports */
    MiDereferenceImports(LdrEntry->LoadedImports);
    MiClearImports(LdrEntry);
 
    /* Check if the entry needs to go away */
    if (HadEntry)
    {
        /* Check if it had a name */
        if (LdrEntry->FullDllName.Buffer)
        {
            /* Free it */
            ExFreePoolWithTag(LdrEntry->FullDllName.Buffer, TAG_LDR_WSTR);
        }
 
        /* Check if we had a section */
        if (LdrEntry->SectionPointer)
        {
            /* Dereference it */
            ObDereferenceObject(LdrEntry->SectionPointer);
        }
 
        /* Free the entry */
        ExFreePoolWithTag(LdrEntry, TAG_MODULE_OBJECT);
    }
 
    /* Release the system lock and return */
Done:
    KeReleaseMutant(&MmSystemLoadLock, MUTANT_INCREMENT, FALSE, FALSE);
    KeLeaveCriticalRegion();
    return STATUS_SUCCESS;
}

Referenced by IopDeleteDriver(), IopInitializeDriverModule(), LoadSymbolsRoutine(), MiCallDllUnloadAndUnloadDll(), MiResolveImageReferences(), and SSI_DEF().

◆ MmUnlockAddressSpace()

FORCEINLINE VOID MmUnlockAddressSpace ( PMMSUPPORT AddressSpace )

◆ MmUnsharePageEntrySectionSegment()

BOOLEAN NTAPI MmUnsharePageEntrySectionSegment	(	PMEMORY_AREA	MemoryArea,
		PMM_SECTION_SEGMENT	Segment,
		PLARGE_INTEGER	Offset,
		BOOLEAN	Dirty,
		BOOLEAN	PageOut,
		ULONG_PTR *	InEntry
	)

Definition at line 1089 of file section.c.

{
    ULONG_PTR Entry = InEntry ? *InEntry : MmGetPageEntrySectionSegment(Segment, Offset);
    PFN_NUMBER Page = PFN_FROM_SSE(Entry);
    BOOLEAN IsDataMap = BooleanFlagOn(*Segment->Flags, MM_DATAFILE_SEGMENT);
    SWAPENTRY SwapEntry;
 
    if (Entry == 0)
    {
        DPRINT1("Entry == 0 for MmUnsharePageEntrySectionSegment\n");
        KeBugCheck(MEMORY_MANAGEMENT);
    }
    if (SHARE_COUNT_FROM_SSE(Entry) == 0)
    {
        DPRINT1("Zero share count for unshare (Seg %p Offset %x Page %x)\n", Segment, Offset->LowPart, PFN_FROM_SSE(Entry));
        KeBugCheck(MEMORY_MANAGEMENT);
    }
    if (IS_SWAP_FROM_SSE(Entry))
    {
        KeBugCheck(MEMORY_MANAGEMENT);
    }
    Entry = DECREF_SSE(Entry);
    if (Dirty) Entry = DIRTY_SSE(Entry);
 
    /* If we are paging-out, pruning the page for real will be taken care of in MmCheckDirtySegment */
    if ((SHARE_COUNT_FROM_SSE(Entry) > 0) || PageOut)
    {
        /* Update the page mapping in the segment and we're done */
        MmSetPageEntrySectionSegment(Segment, Offset, Entry);
        return FALSE;
    }
 
    /* We are pruning the last mapping on this page. See if we can keep it a bit more. */
    ASSERT(!PageOut);
 
    if (IsDataMap)
    {
        /* We can always keep memory in for data maps */
        MmSetPageEntrySectionSegment(Segment, Offset, Entry);
        return FALSE;
    }
 
    if (!FlagOn(Segment->Image.Characteristics, IMAGE_SCN_MEM_SHARED))
    {
        ASSERT(Segment->WriteCopy);
        ASSERT(!IS_DIRTY_SSE(Entry));
        ASSERT(MmGetSavedSwapEntryPage(Page) == 0);
        /* So this must have been a read-only page. Keep it ! */
        MmSetPageEntrySectionSegment(Segment, Offset, Entry);
        return FALSE;
    }
 
    /*
     * So this is a page for a shared section of a DLL.
     * We can keep it if it is not dirty.
     */
    SwapEntry = MmGetSavedSwapEntryPage(Page);
    if ((SwapEntry == 0) && !IS_DIRTY_SSE(Entry))
    {
        MmSetPageEntrySectionSegment(Segment, Offset, Entry);
        return FALSE;
    }
 
    /* No more processes are referencing this shared dirty page. Ditch it. */
    if (SwapEntry)
    {
        MmSetSavedSwapEntryPage(Page, 0);
        MmFreeSwapPage(SwapEntry);
    }
    MmSetPageEntrySectionSegment(Segment, Offset, 0);
    MmReleasePageMemoryConsumer(MC_USER, Page);
    return TRUE;
}

Referenced by MmAccessFaultSectionView(), MmFreeSectionPage(), and MmPageOutPhysicalAddress().

◆ MmUseSpecialPool()

BOOLEAN NTAPI MmUseSpecialPool	(	IN SIZE_T	NumberOfBytes,
		IN ULONG	Tag
	)

Referenced by ExAllocatePoolWithTag().

◆ MmWriteToSwapPage()

NTSTATUS NTAPI MmWriteToSwapPage	(	SWAPENTRY	SwapEntry,
		PFN_NUMBER	Page
	)

Definition at line 147 of file pagefile.c.

{
    ULONG i;
    ULONG_PTR offset;
    LARGE_INTEGER file_offset;
    IO_STATUS_BLOCK Iosb;
    NTSTATUS Status;
    KEVENT Event;
    UCHAR MdlBase[sizeof(MDL) + sizeof(PFN_NUMBER)];
    PMDL Mdl = (PMDL)MdlBase;
 
    DPRINT("MmWriteToSwapPage\n");
 
    if (SwapEntry == 0)
    {
        KeBugCheck(MEMORY_MANAGEMENT);
        return(STATUS_UNSUCCESSFUL);
    }
 
    i = FILE_FROM_ENTRY(SwapEntry);
    offset = OFFSET_FROM_ENTRY(SwapEntry) - 1;
 
    if (MmPagingFile[i]->FileObject == NULL ||
            MmPagingFile[i]->FileObject->DeviceObject == NULL)
    {
        DPRINT1("Bad paging file 0x%.8X\n", SwapEntry);
        KeBugCheck(MEMORY_MANAGEMENT);
    }
 
    MmInitializeMdl(Mdl, NULL, PAGE_SIZE);
    MmBuildMdlFromPages(Mdl, &Page);
    Mdl->MdlFlags |= MDL_PAGES_LOCKED;
 
    file_offset.QuadPart = offset * PAGE_SIZE;
 
    KeInitializeEvent(&Event, NotificationEvent, FALSE);
    Status = IoSynchronousPageWrite(MmPagingFile[i]->FileObject,
                                    Mdl,
                                    &file_offset,
                                    &Event,
                                    &Iosb);
    if (Status == STATUS_PENDING)
    {
        KeWaitForSingleObject(&Event, Executive, KernelMode, FALSE, NULL);
        Status = Iosb.Status;
    }
 
    if (Mdl->MdlFlags & MDL_MAPPED_TO_SYSTEM_VA)
    {
        MmUnmapLockedPages (Mdl->MappedSystemVa, Mdl);
    }
    return(Status);
}

Referenced by MmPageOutPhysicalAddress().

◆ MmZeroPageThread()

VOID NTAPI MmZeroPageThread ( VOID )

Definition at line 36 of file zeropage.c.

{
    PKTHREAD Thread = KeGetCurrentThread();
    PVOID StartAddress, EndAddress;
    PVOID WaitObjects[2];
 
    /* Get the discardable sections to free them */
    MiFindInitializationCode(&StartAddress, &EndAddress);
    if (StartAddress) MiFreeInitializationCode(StartAddress, EndAddress);
    DPRINT("Free pages: %lx\n", MmAvailablePages);
 
    /* Set our priority to 0 */
    Thread->BasePriority = 0;
    KeSetPriorityThread(Thread, 0);
 
    /* Setup the wait objects */
    WaitObjects[0] = &MmZeroingPageEvent;
//    WaitObjects[1] = &PoSystemIdleTimer; FIXME: Implement idle timer
 
    while (TRUE)
    {
        KIRQL OldIrql;
 
        KeWaitForMultipleObjects(1, // 2
                                 WaitObjects,
                                 WaitAny,
                                 WrFreePage,
                                 KernelMode,
                                 FALSE,
                                 NULL,
                                 NULL);
        OldIrql = MiAcquirePfnLock();
 
        while (TRUE)
        {
            ULONG PageCount = 0;
            PMMPFN Pfn1 = (PMMPFN)LIST_HEAD;
            PVOID ZeroAddress;
            PFN_NUMBER PageIndex, FreePage;
 
            while (PageCount < MI_ZERO_PTES)
            {
                PMMPFN Pfn2;
 
                if (!MmFreePageListHead.Total)
                    break;
 
                PageIndex = MmFreePageListHead.Flink;
                ASSERT(PageIndex != LIST_HEAD);
                MI_SET_USAGE(MI_USAGE_ZERO_LOOP);
                MI_SET_PROCESS2("Kernel 0 Loop");
                FreePage = MiRemoveAnyPage(MI_GET_PAGE_COLOR(PageIndex));
 
                /* The first global free page should also be the first on its own list */
                if (FreePage != PageIndex)
                {
                    KeBugCheckEx(PFN_LIST_CORRUPT,
                                0x8F,
                                FreePage,
                                PageIndex,
                                0);
                }
 
                Pfn2 = MiGetPfnEntry(PageIndex);
                Pfn2->u1.Flink = (PFN_NUMBER)Pfn1;
                Pfn1 = Pfn2;
                PageCount++;
            }
            MiReleasePfnLock(OldIrql);
 
            if (PageCount == 0)
            {
                KeClearEvent(&MmZeroingPageEvent);
                break;
            }
 
            ZeroAddress = MiMapPagesInZeroSpace(Pfn1, PageCount);
            ASSERT(ZeroAddress);
            KeZeroPages(ZeroAddress, PageCount * PAGE_SIZE);
            MiUnmapPagesInZeroSpace(ZeroAddress, PageCount);
 
            OldIrql = MiAcquirePfnLock();
 
            while (Pfn1 != (PMMPFN)LIST_HEAD)
            {
                PageIndex = MiGetPfnEntryIndex(Pfn1);
                Pfn1 = (PMMPFN)Pfn1->u1.Flink;
                MiInsertPageInList(&MmZeroedPageListHead, PageIndex);
            }
        }
    }
}

Referenced by Phase1Initialization().

◆ RtlFindExportedRoutineByName()

PVOID NTAPI RtlFindExportedRoutineByName	(	_In_ PVOID	ImageBase,
		_In_ PCSTR	ExportName
	)

Finds the address of a given named exported routine in a loaded image. Note that this function does not support forwarders.

Parameters

[in]	ImageBase	The base address of the loaded image.
[in]	ExportName	The name of the export, given as an ANSI NULL-terminated string.

Returns: The address of the named exported routine, or NULL if not found. If the export is a forwarder, this function returns NULL as well.

Note: This routine was originally named MiLocateExportName(), with a separate duplicated MiFindExportedRoutineByName() one (taking a PANSI_STRING) on Windows <= 2003. Both routines have been then merged and renamed to MiFindExportedRoutineByName() on Windows 8 (taking a PCSTR instead), and finally renamed and exported as RtlFindExportedRoutineByName() on Windows 10.

See also: https://www.geoffchappell.com/studies/windows/km/ntoskrnl/api/mm/sysload/mmgetsystemroutineaddress.htm

Definition at line 401 of file sysldr.c.

{
    NTSTATUS Status;
    BOOLEAN IsForwarder = FALSE;
    PVOID Function;
 
    PAGED_CODE();
 
    /* Call the internal API */
    Status = RtlpFindExportedRoutineByName(ImageBase,
                                           ExportName,
                                           &Function,
                                           &IsForwarder,
                                           STATUS_ENTRYPOINT_NOT_FOUND);
    if (!NT_SUCCESS(Status))
        return NULL;
 
    /* If the export is actually a forwarder, log the error and fail */
    if (IsForwarder)
    {
        DPRINT1("RtlFindExportedRoutineByName does not support forwarders!\n", FALSE);
        return NULL;
    }
 
    /* We've found the export */
    return Function;
}

Referenced by MiCallDllUnloadAndUnloadDll(), MmCallDllInitialize(), and MmGetSystemRoutineAddress().

◆ RtlpFindExportedRoutineByName()

NTSTATUS NTAPI RtlpFindExportedRoutineByName	(	_In_ PVOID	ImageBase,
		_In_ PCSTR	ExportName,
		_Out_ PVOID *	Function,
		_Out_opt_ PBOOLEAN	IsForwarder,
		_In_ NTSTATUS	NotFoundStatus
	)

ReactOS-only helper routine for RtlFindExportedRoutineByName(), that provides a finer granularity regarding the nature of the export, and the failure reasons.

Parameters

[in]	ImageBase	The base address of the loaded image.
[in]	ExportName	The name of the export, given as an ANSI NULL-terminated string.
[out]	Function	The address of the named exported routine, or NULL if not found. If the export is a forwarder (see `IsForwarder` below), this address points to the forwarder name.
[out]	IsForwarder	An optional pointer to a BOOLEAN variable, that is set to TRUE if the found export is a forwarder, and FALSE otherwise.
[in]	NotFoundStatus	The status code to return in case the export could not be found (examples: STATUS_ENTRYPOINT_NOT_FOUND, STATUS_PROCEDURE_NOT_FOUND).

Returns

A status code as follows:

STATUS_SUCCESS if the named exported routine is found;
The custom NotFoundStatus if the export could not be found;
STATUS_INVALID_PARAMETER if the image is invalid or does not contain an Export Directory.

Note: See RtlFindExportedRoutineByName() for more remarks. Used by psmgr.c PspLookupSystemDllEntryPoint() as well.

Definition at line 309 of file sysldr.c.

{
    PIMAGE_EXPORT_DIRECTORY ExportDirectory;
    PULONG NameTable;
    PUSHORT OrdinalTable;
    ULONG ExportSize;
    USHORT Ordinal;
    PULONG ExportTable;
    ULONG_PTR FunctionAddress;
 
    PAGED_CODE();
 
    /* Get the export directory */
    ExportDirectory = RtlImageDirectoryEntryToData(ImageBase,
                                                   TRUE,
                                                   IMAGE_DIRECTORY_ENTRY_EXPORT,
                                                   &ExportSize);
    if (!ExportDirectory)
        return STATUS_INVALID_PARAMETER;
 
    /* Setup name tables */
    NameTable = (PULONG)RVA(ImageBase, ExportDirectory->AddressOfNames);
    OrdinalTable = (PUSHORT)RVA(ImageBase, ExportDirectory->AddressOfNameOrdinals);
 
    /* Get the ordinal */
    Ordinal = NameToOrdinal(ExportName,
                            ImageBase,
                            ExportDirectory->NumberOfNames,
                            NameTable,
                            OrdinalTable);
 
    /* Check if we couldn't find it */
    if (Ordinal == -1)
        return NotFoundStatus;
 
    /* Validate the ordinal */
    if (Ordinal >= ExportDirectory->NumberOfFunctions)
        return NotFoundStatus;
 
    /* Resolve the function's address */
    ExportTable = (PULONG)RVA(ImageBase, ExportDirectory->AddressOfFunctions);
    FunctionAddress = (ULONG_PTR)RVA(ImageBase, ExportTable[Ordinal]);
 
    /* Check if the function is actually a forwarder */
    if (IsForwarder)
    {
        *IsForwarder = FALSE;
        if ((FunctionAddress > (ULONG_PTR)ExportDirectory) &&
            (FunctionAddress < (ULONG_PTR)ExportDirectory + ExportSize))
        {
            /* It is, and points to the forwarder name */
            *IsForwarder = TRUE;
        }
    }
 
    /* We've found it */
    *Function = (PVOID)FunctionAddress;
    return STATUS_SUCCESS;
}

Referenced by CODE_SEG(), and RtlFindExportedRoutineByName().

◆ UpdateTotalCommittedPages()

FORCEINLINE VOID UpdateTotalCommittedPages ( LONG Delta )

Definition at line 878 of file mm.h.

{
    /*
     * Add up all the used "Committed" memory + pagefile.
     * Not sure this is right. 8^\
     * MmTotalCommittedPages should be adjusted consistently with
     * other counters at different places.
     *
       MmTotalCommittedPages = MiMemoryConsumers[MC_SYSTEM].PagesUsed +
                               MiMemoryConsumers[MC_USER].PagesUsed +
                               MiUsedSwapPages;
     */
 
    /* Update Commitment */
    SIZE_T TotalCommittedPages = InterlockedExchangeAddSizeT(&MmTotalCommittedPages, Delta) + Delta;
 
    /* Update Peak = max(Peak, Total) in a lockless way */
    SIZE_T PeakCommitment = MmPeakCommitment;
    while (TotalCommittedPages > PeakCommitment &&
           InterlockedCompareExchangeSizeT(&MmPeakCommitment, TotalCommittedPages, PeakCommitment) != PeakCommitment)
    {
        PeakCommitment = MmPeakCommitment;
    }
}

Referenced by MmAllocSwapPage(), MmFreeSwapPage(), MmReleasePageMemoryConsumer(), and MmRequestPageMemoryConsumer().

Variable Documentation

◆ Address

_In_ PVOID Address

Definition at line 1310 of file mm.h.

◆ ApcState

_Out_ PKAPC_STATE ApcState

Definition at line 1777 of file mm.h.

Referenced by _IRQL_requires_max_(), DbgkpMarkProcessPeb(), DbgkpPostFakeProcessCreateMessages(), ExpDebuggerWorker(), ExpWin32SessionCallout(), HalpLowerIrql(), IntAttachToCSRSS(), IntDetachFromCSRSS(), IntInt10AllocateBuffer(), IntInt10CallBios(), IntInt10FreeBuffer(), IntInt10ReadMemory(), IntInt10WriteMemory(), IntRemoveHook(), KdbCommand_Gdi_dumpht(), KdbCommand_Gdi_entry(), KdbCommand_Gdi_handle(), KdbpOverwriteInstruction(), KdSetOwedBreakpoints(), KeRemoveQueueApc(), KeStackAttachProcess(), KeUnstackDetachProcess(), KeUserModeCallback(), KiInsertQueueApc(), KiSwapThread(), MI_WS_OWNER(), MiDoMappedCopy(), MiDoPoolCopy(), MiLoadImageSection(), MiQueryMemoryBasicInformation(), MiUnmapViewOfSection(), MmCheckSystemImage(), MmMapViewOfArm3Section(), MmMapViewOfSection(), MmTrimUserMemory(), NtAllocateVirtualMemory(), NtFlushInstructionCache(), NtFreeVirtualMemory(), NtLockVirtualMemory(), NtProtectVirtualMemory(), NtSetInformationObject(), NtUnlockVirtualMemory(), NtUserSetWindowsHookEx(), NtUserWaitForInputIdle(), ObClearProcessHandleTable(), ObDuplicateObject(), ObpCloseHandle(), ObpCreateHandle(), ObpCreateUnnamedHandle(), ObSetHandleAttributes(), PspDeleteProcess(), PspWriteTebImpersonationInfo(), RtlGetCurrentPeb(), SepCleanupLUIDDeviceMapDirectory(), and VideoPortGetRomImage().

◆ CurrentMaxQuota

_In_ SIZE_T CurrentMaxQuota

Definition at line 672 of file mm.h.

Referenced by _Requires_lock_held_().

◆ KernelVerifier

PVOID KernelVerifier

extern

Definition at line 28 of file drvmgmt.c.

◆ MiDebugMapping

PVOID MiDebugMapping

extern

Definition at line 30 of file mmdbg.c.

Referenced by MmArmInitSystem().

◆ MiFreeSwapPages

PFN_COUNT MiFreeSwapPages

extern

Definition at line 66 of file pagefile.c.

Referenced by MmAllocSwapPage(), MmFreeSwapPage(), MmInitPagingFile(), NtCreatePagingFile(), and QSI_DEF().

◆ MiMemoryConsumers

MM_MEMORY_CONSUMER MiMemoryConsumers[MC_MAXIMUM]

extern

Definition at line 28 of file balance.c.

Referenced by MiTrimMemoryConsumer(), MmInitializeBalancer(), MmInitializeMemoryConsumer(), MmReleasePageMemoryConsumer(), MmRequestPageMemoryConsumer(), and QSI_DEF().

◆ MiUsedSwapPages

PFN_COUNT MiUsedSwapPages

extern

Definition at line 69 of file pagefile.c.

Referenced by MmAllocSwapPage(), MmFreeSwapPage(), MmInitPagingFile(), and QSI_DEF().

◆ MmAvailablePages

PFN_NUMBER MmAvailablePages

extern

◆ MmDebugPte

PMMPTE MmDebugPte

extern

Definition at line 31 of file mmdbg.c.

Referenced by MmArmInitSystem().

◆ MmDisablePagingExecutive

UCHAR MmDisablePagingExecutive

extern

Definition at line 25 of file mminit.c.

Referenced by MiEnablePagingOfDriver(), and MmPageEntireDriver().

◆ MmDriverCommit

SIZE_T MmDriverCommit

extern

Definition at line 32 of file freelist.c.

◆ MmFreePageListHead

MMPFNLIST MmFreePageListHead

extern

Definition at line 42 of file pfnlist.c.

Referenced by MiInsertPageInFreeList(), MiInsertPageInList(), MiRemoveAnyPage(), MiRemoveZeroPage(), and MmZeroPageThread().

◆ MmHighestPhysicalPage

PFN_NUMBER MmHighestPhysicalPage

extern

◆ MmKernelAddressSpace

PMMSUPPORT MmKernelAddressSpace

extern

Definition at line 27 of file mminit.c.

Referenced by MmGetAddressSpaceOwner(), MmGetKernelAddressSpace(), and MmInitSystem().

◆ MmLastUnloadedDrivers

PVOID MmLastUnloadedDrivers

extern

Definition at line 31 of file sysldr.c.

◆ MmLoadedUserImageList

LIST_ENTRY MmLoadedUserImageList

extern

Definition at line 22 of file sysldr.c.

Referenced by MmArmInitSystem(), and QSI_DEF().

◆ MmLowestPhysicalPage

PFN_NUMBER MmLowestPhysicalPage

extern

Definition at line 30 of file meminit.c.

Referenced by MiBuildPfnDatabaseSelf(), MiBuildPfnDatabaseZeroPage(), MiInitializeSessionIds(), MiInsertPageInFreeList(), MiInsertPageInList(), MiInsertStandbyListAtFront(), MiScanMemoryDescriptors(), MmAllocatePagesInLookupTable(), MmAreMemoryPagesAvailable(), MmArmInitSystem(), MmFindAvailablePages(), MmFindAvailablePagesBeforePage(), MmGetAddressablePageCountIncludingHoles(), MmInitPageLookupTable(), MmMarkPagesInLookupTable(), MmUpdateLastFreePageHint(), and QSI_DEF().

◆ MmModifiedNoWritePageListHead

MMPFNLIST MmModifiedNoWritePageListHead

extern

Definition at line 47 of file pfnlist.c.

Referenced by MiUnlinkPageFromList().

◆ MmModifiedPageListHead

MMPFNLIST MmModifiedPageListHead

extern

Definition at line 45 of file pfnlist.c.

Referenced by CcCanIWrite(), MiDecrementReferenceCount(), MiInsertPageInList(), MiUnlinkPageFromList(), and MmWorkingSetManager().

◆ MmNumberOfPagingFiles

ULONG MmNumberOfPagingFiles

extern

Definition at line 63 of file pagefile.c.

Referenced by MiShutdownSystem(), MmInitPagingFile(), MmIsFileObjectAPagingFile(), MmShutdownSystem(), and NtCreatePagingFile().

◆ MmNumberOfPhysicalPages

PFN_COUNT MmNumberOfPhysicalPages

extern

Definition at line 48 of file init.c.

Referenced by CcInitializeCacheManager(), KdbSymInit(), KdpGetMemorySizeInMBs(), MiAdjustWorkingSetManagerParameters(), MiBuildNonPagedPool(), MiComputeNonPagedPoolVa(), MiInitializeMemoryEvents(), MiInitializeNonPagedPool(), MiInitializeSessionIds(), MiInitializeSpecialPool(), MiMapPfnDatabase(), MiScanMemoryDescriptors(), MmArmInitSystem(), MmSetMemoryPriorityProcess(), MxGetNextPage(), Phase1InitializationDiscard(), and QSI_DEF().

◆ MmPagedPoolCommit

SIZE_T MmPagedPoolCommit

extern

Definition at line 34 of file freelist.c.

◆ MmPagingFile

PMMPAGING_FILE MmPagingFile[MAX_PAGING_FILES]

extern

Definition at line 57 of file pagefile.c.

Referenced by MiReadPageFile(), MiShutdownSystem(), MmAllocSwapPage(), MmFreeSwapPage(), MmInitPagingFile(), MmIsFileObjectAPagingFile(), MmShutdownSystem(), MmWriteToSwapPage(), and NtCreatePagingFile().

◆ MmPeakCommitment

SIZE_T MmPeakCommitment

extern

Definition at line 35 of file freelist.c.

Referenced by QSI_DEF(), and UpdateTotalCommittedPages().

◆ MmPfnDatabase

PMMPFN MmPfnDatabase

extern

Definition at line 24 of file freelist.c.

Referenced by _Success_(), MI_PFN_ELEMENT(), MiAddDescriptorToDatabase(), MiBuildNonPagedPool(), MiBuildPfnDatabase(), MiDbgDumpAddressSpace(), MiGetPfnEntry(), MiGetPfnEntryIndex(), MiInitializeColorTables(), MiInitMachineDependent(), MiInitSystemMemoryAreas(), MiMapPfnDatabase(), and MmCreateVirtualMappingUnsafeEx().

◆ MmPfnLock

KSPIN_LOCK MmPfnLock

extern

Definition at line 45 of file krnlinit.c.

Referenced by KiInitSpinLocks().

◆ MmProcessCommit

SIZE_T MmProcessCommit

extern

Definition at line 33 of file freelist.c.

◆ MmResidentAvailablePages

PFN_NUMBER MmResidentAvailablePages

extern

Definition at line 27 of file freelist.c.

Referenced by _Requires_lock_held_(), MiInitializeSpecialPool(), MmAdjustWorkingSetSize(), and MmArmInitSystem().

◆ MmSharedCommit

SIZE_T MmSharedCommit

extern

Definition at line 31 of file freelist.c.

Referenced by MmCommitSessionMappedView().

◆ MmStandbyPageListHead

MMPFNLIST MmStandbyPageListHead

extern

Definition at line 43 of file pfnlist.c.

Referenced by MiInsertPageInList(), and MiUnlinkPageFromList().

◆ MmSystemLoadLock

KMUTANT MmSystemLoadLock

extern

Definition at line 26 of file sysldr.c.

Referenced by MiFindInitializationCode(), MmAddVerifierThunks(), MmArmInitSystem(), MmLoadSystemImage(), and MmUnloadSystemImage().

◆ MmThrottleBottom

ULONG MmThrottleBottom

extern

Definition at line 397 of file mminit.c.

Referenced by CcCanIWrite(), and MmArmInitSystem().

◆ MmThrottleTop

ULONG MmThrottleTop

extern

Definition at line 396 of file mminit.c.

Referenced by CcCanIWrite(), CcWriteBehind(), and MmArmInitSystem().

◆ MmTotalCommitLimit

SIZE_T MmTotalCommitLimit

extern

Definition at line 359 of file mminit.c.

Referenced by MmArmInitSystem().

◆ MmtotalCommitLimitMaximum

SIZE_T MmtotalCommitLimitMaximum

extern

Definition at line 36 of file freelist.c.

◆ MmTotalCommittedPages

SIZE_T MmTotalCommittedPages

extern

Definition at line 30 of file freelist.c.

Referenced by QSI_DEF(), and UpdateTotalCommittedPages().

◆ MmTotalNonPagedPoolQuota

SIZE_T MmTotalNonPagedPoolQuota

extern

Definition at line 27 of file pool.c.

Referenced by _Requires_lock_held_().

◆ MmTotalPagedPoolQuota

SIZE_T MmTotalPagedPoolQuota

extern

Definition at line 28 of file pool.c.

Referenced by _Requires_lock_held_().

◆ MmTriageActionTaken

PVOID MmTriageActionTaken

extern

Definition at line 27 of file drvmgmt.c.

◆ MmUnloadedDrivers

PVOID MmUnloadedDrivers

extern

Definition at line 30 of file sysldr.c.

◆ MmVerifierData

MM_DRIVER_VERIFIER_DATA MmVerifierData

extern

Definition at line 20 of file drvmgmt.c.

Referenced by MmIsVerifierEnabled().

◆ MmZeroedPageListHead

MMPFNLIST MmZeroedPageListHead

extern

Definition at line 41 of file pfnlist.c.

Referenced by MiRemoveAnyPage(), MiRemoveZeroPage(), and MmZeroPageThread().

◆ NewMaxQuota

_In_ SIZE_T _Out_ PSIZE_T NewMaxQuota

Definition at line 673 of file mm.h.

Referenced by _Requires_lock_held_().

◆ Page

_In_ PVOID _Out_opt_ BOOLEAN _Out_opt_ PPFN_NUMBER Page

Definition at line 1312 of file mm.h.

Referenced by _Success_(), CcRosTrimCache(), DiskClassInstaller(), DmaRequest(), FatBuildZeroMdl(), FatExamineFatEntries(), FatFlushFat(), FatSetFatRun(), FindFile(), FreeWsleIndex(), Ki386FreeIdentityMap(), MempSetupPaging(), MempUnmapPage(), MemQueryMemoryZone(), MI_MAKE_TRANSITION_PTE(), MiAllocatePagesForMdl(), MiCacheEvictPages(), MiCheckForContiguousMemory(), MiFindContiguousMemory(), MiFindContiguousPages(), MiGetPfnEntry(), MiMapPageInHyperSpace(), MiReadFilePage(), MiReadPageFile(), MiResolvePageFileFault(), MiShutdownSystem(), MmCreatePhysicalMapping(), MmCreateVirtualMapping(), MmCreateVirtualMappingUnsafe(), MmCreateVirtualMappingUnsafeEx(), MmDeleteRmap(), MmDeleteSectionAssociation(), MmDeleteVirtualMapping(), MmFinalizeSectionPageOut(), MmFreeCacheSectionPage(), MmFreeMemoryArea(), MmGetLRUFirstUserPage(), MmGetLRUNextUserPage(), MmGetPfnForProcess(), MmGetReferenceCountPageWithoutLock(), MmGetSectionAssociation(), MmGetSegmentRmap(), MmInsertLRULastUserPage(), MmInsertRmap(), MmMdFindDescriptor(), MmMdFindDescriptorFromMdl(), MmPageOutPhysicalAddress(), MmPapFreePhysicalPages(), MmpPageOutPhysicalAddress(), MmReadFromSwapPage(), MmReleasePageMemoryConsumer(), MmRemoveLRUUserPage(), MmRequestPageMemoryConsumer(), MmSetSectionAssociation(), MmWriteToSwapPage(), MUIClearStyledText(), MUIClearText(), MUIGetEntry(), MUISetStyledText(), MUISetText(), OpenControlPanelItem(), RunUSetup(), SH_CreatePropertySheetPageEx(), ShowFolderOptionsDialog(), TestFreeNoAccess(), TestMmBuildMdlForNonPagedPool(), TrimWsList(), vfatDirFindFile(), VidBiosDrawGlyph(), VidBiosGetCursorPosition(), VidBiosPrintCharacter(), VidBiosScrollWindow(), VidBiosSetCursorPosition(), VidBiosSetVideoMode(), and VidBiosVideoService().

◆ QuotaToReturn

_In_ SIZE_T QuotaToReturn

Definition at line 681 of file mm.h.

Referenced by _Requires_lock_held_().

◆ WasDirty

_In_ PVOID _Out_opt_ BOOLEAN * WasDirty

Definition at line 1311 of file mm.h.

Referenced by _Success_(), and MmDeleteVirtualMapping().

Enumerations
enum	_MI_PFN_USAGES { MI_USAGE_NOT_SET = 0 , MI_USAGE_PAGED_POOL , MI_USAGE_NONPAGED_POOL , MI_USAGE_NONPAGED_POOL_EXPANSION , MI_USAGE_KERNEL_STACK , MI_USAGE_KERNEL_STACK_EXPANSION , MI_USAGE_SYSTEM_PTE , MI_USAGE_VAD , MI_USAGE_PEB_TEB , MI_USAGE_SECTION , MI_USAGE_PAGE_TABLE , MI_USAGE_PAGE_DIRECTORY , MI_USAGE_LEGACY_PAGE_DIRECTORY , MI_USAGE_DRIVER_PAGE , MI_USAGE_CONTINOUS_ALLOCATION , MI_USAGE_MDL , MI_USAGE_DEMAND_ZERO , MI_USAGE_ZERO_LOOP , MI_USAGE_CACHE , MI_USAGE_PFN_DATABASE , MI_USAGE_BOOT_DRIVER , MI_USAGE_INIT_MEMORY , MI_USAGE_PAGE_FILE , MI_USAGE_COW , MI_USAGE_WSLE , MI_USAGE_FREE_PAGE }

Classes

Macros

Typedefs

Enumerations

Functions

Variables

Macro Definition Documentation

◆ BUMPREF_SSE

◆ CACHE_ALIGNED_POOL_MASK

◆ CLEAN_SSE

◆ DECREF_SSE

◆ DIRTY_SSE

◆ EndOfAllocation

◆ InterlockedCompareExchangePte

◆ InterlockedExchangePte

◆ IS_DIRTY_SSE

◆ IS_SWAP_FROM_SSE

◆ IS_WRITE_SSE

◆ MA_GetEndingAddress

◆ MA_GetStartingAddress

◆ MAKE_PFN_SSE

◆ MAKE_SSE

◆ MAKE_SWAP_SSE

◆ MAX_PAGING_FILES

◆ MAX_SHARE_COUNT

◆ MC_MAXIMUM

◆ MC_SYSTEM

◆ MC_USER

◆ MEMORY_AREA_OWNED_BY_ARM3

◆ MEMORY_AREA_SECTION_VIEW

◆ MEMORY_AREA_STATIC

◆ MI_ASSERT_PFN_LOCK_HELD

◆ MI_CHARGE_NON_PAGED_POOL_QUOTA

◆ MI_CHARGE_PAGED_POOL_QUOTA

◆ MI_NON_PAGED_QUOTA_MIN_RESIDENT_PAGES

◆ MI_QUOTA_NON_PAGED_NEEDED_PAGES

◆ MI_SET_PROCESS

◆ MI_SET_PROCESS2

◆ MI_SET_USAGE

◆ MI_STATIC_MEMORY_AREAS

◆ MM_DATAFILE_SEGMENT

◆ MM_FREE_POOL_SIGNATURE

◆ MM_IMAGE_SECTION_FLUSH_DELETE

◆ MM_IS_WAIT_PTE

◆ MM_NOIRQL

◆ MM_PHYSICALMEMORY_SEGMENT

◆ MM_ROUND_DOWN

◆ MM_ROUND_UP

◆ MM_SEGMENT_INCREATE

◆ MM_SEGMENT_INDELETE

◆ MM_VIRTMEM_GRANULARITY

◆ MMDBG_COPY_CACHED

◆ MMDBG_COPY_MAX_SIZE

◆ MMDBG_COPY_PHYSICAL

◆ MMDBG_COPY_UNCACHED

◆ MMDBG_COPY_UNSAFE

◆ MMDBG_COPY_WRITE

◆ MMDBG_COPY_WRITE_COMBINED

◆ MmGetPageEntrySectionSegment

◆ MmLockSectionSegment

◆ MmSetCleanPage

◆ MmSetDirtyPage

◆ MmSetPageEntrySectionSegment

◆ MmUnlockSectionSegment

◆ MUST_SUCCEED_POOL_MASK

◆ PAGE_FLAGS_VALID_FOR_SECTION

◆ PAGE_FROM_SSE

◆ PAGE_IS_EXECUTABLE

◆ PAGE_IS_READABLE

◆ PAGE_IS_WRITABLE

◆ PAGE_IS_WRITECOPY

◆ PAGE_ROUND_DOWN_64

◆ PAGE_ROUND_UP_64

◆ PAGE_SYSTEM

◆ PAGE_WRITETHROUGH

◆ PAGED_POOL_MASK

◆ PFN_FROM_SSE

◆ QUOTA_POOL_MASK

◆ RMAP_IS_SEGMENT

◆ RMAP_SEGMENT_MASK