NTSTATUS
VdmpStartExecution(
VOID
)
/*++
Routine Description:
This routine causes execution of dos application code to begin. The
Dos application executes on the thread. The Vdms context is loaded
from the VDM_TIB for the thread. The 32 bit context is stored into
the MonitorContext. Execution in the VDM context will continue until
an event occurs that the monitor needs to service. At that point,
the information will be put into the VDM_TIB, and the call will
return.
Arguments:
Return Value:
TrapFrame->Eax for application mode, required for system sevices
exit.
--*/
{
PVDM_TIB VdmTib;
PKTRAP_FRAME TrapFrame;
PETHREAD Thread;
KIRQL OldIrql;
BOOLEAN IntsEnabled;
PVDM_PROCESS_OBJECTS pProcessObjects;
NTSTATUS Status;
CONTEXT VdmContext;
PAGED_CODE();
KeRaiseIrql(APC_LEVEL, &OldIrql);
//
// Form a pointer to the trap frame for the current thread
//
Thread = PsGetCurrentThread();
TrapFrame = VdmGetTrapFrame(&Thread->Tcb);
//
// Get the VdmTib
//
Status = VdmpGetVdmTib(&VdmTib, VDMTIB_KMODE);
if (!NT_SUCCESS(Status)) {
KeLowerIrql(OldIrql);
return(STATUS_INVALID_SYSTEM_SERVICE);
}
try {
//
// Determine if interrupts are on or off
//
IntsEnabled = VdmTib->VdmContext.EFlags & EFLAGS_INTERRUPT_MASK
? TRUE : FALSE;
//
// check for timer ints to dispatch, However if interrupts are disabled
// or there are hardware ints pending we postpone dispatching the timer
// interrupt until interrupts are enabled.
//
if (*pNtVDMState & VDM_INT_TIMER &&
IntsEnabled && !(*pNtVDMState & VDM_INT_HARDWARE))
{
VdmTib->EventInfo.Event = VdmIntAck;
VdmTib->EventInfo.InstructionSize = 0;
VdmTib->EventInfo.IntAckInfo = 0;
KeLowerIrql(OldIrql);
return STATUS_SUCCESS;
}
//
// Perform IF to VIF translation
//
//
// If the processor supports IF virtualization
//
if (((KeI386VirtualIntExtensions & V86_VIRTUAL_INT_EXTENSIONS) &&
(VdmTib->VdmContext.EFlags & EFLAGS_V86_MASK)) ||
((KeI386VirtualIntExtensions & PM_VIRTUAL_INT_EXTENSIONS) &&
!(VdmTib->VdmContext.EFlags & EFLAGS_V86_MASK)))
{
//
// Translate IF to VIF
//
if (IntsEnabled) {
VdmTib->VdmContext.EFlags |= EFLAGS_VIF;
} else {
VdmTib->VdmContext.EFlags &= ~EFLAGS_VIF;
VdmTib->VdmContext.EFlags |= EFLAGS_INTERRUPT_MASK;
}
if (*pNtVDMState & VDM_INT_HARDWARE)
VdmTib->VdmContext.EFlags |= EFLAGS_VIP;
else
VdmTib->VdmContext.EFlags &= ~EFLAGS_VIP;
//
// Else if we are not running in v86 mode, or not using IOPL in
// v86 mode
//
} else if (!(KeI386VdmIoplAllowed) ||
!(VdmTib->VdmContext.EFlags & EFLAGS_V86_MASK))
{
//
// Translate the real interrupt flag in the VdmContext to the virtual
// interrupt flag in the VdmTib, and force real interrupts enabled.
//
ASSERT(VDM_VIRTUAL_INTERRUPTS == EFLAGS_INTERRUPT_MASK);
if (VdmTib->VdmContext.EFlags & EFLAGS_INTERRUPT_MASK) {
_asm {
mov eax,VdmFixedStateLinear ; get pointer to VDM State
lock or dword ptr [eax], dword ptr VDM_VIRTUAL_INTERRUPTS
}
} else {
_asm {
mov eax,VdmFixedStateLinear ; get pointer to VDM State
lock and dword ptr [eax], NOT VDM_VIRTUAL_INTERRUPTS
}
}
//
// Insure that real interrupts are always enabled.
//
VdmTib->VdmContext.EFlags |= EFLAGS_INTERRUPT_MASK;
}
NTSTATUS
VdmpInitialize(
PVDMICAUSERDATA pIcaUserData
)
/*++
Routine Description:
Initialize the address space of a VDM.
Arguments:
None,
Return Value:
NTSTATUS.
--*/
{
NTSTATUS Status, StatusCopy;
OBJECT_ATTRIBUTES ObjectAttributes;
UNICODE_STRING SectionName;
UNICODE_STRING WorkString;
ULONG ViewSize;
LARGE_INTEGER ViewBase;
PVOID BaseAddress;
PVOID destination;
HANDLE SectionHandle, RegistryHandle;
PEPROCESS Process;
ULONG ResultLength;
ULONG Index;
PCM_FULL_RESOURCE_DESCRIPTOR ResourceDescriptor;
PCM_PARTIAL_RESOURCE_DESCRIPTOR PartialResourceDescriptor;
PKEY_VALUE_FULL_INFORMATION KeyValueBuffer;
PCM_ROM_BLOCK BiosBlock;
ULONG LastMappedAddress;
PVDM_PROCESS_OBJECTS pVdmObjects = NULL;
USHORT PagedQuotaCharged = 0;
USHORT NonPagedQuotaCharged = 0;
HANDLE hThread;
PVDM_TIB VdmTib;
PAGED_CODE();
Status = VdmpGetVdmTib(&VdmTib, VDMTIB_PROBE); // take from user mode and probe
if (!NT_SUCCESS(Status)) {
return Status;
}
if ((KeI386MachineType & MACHINE_TYPE_PC_9800_COMPATIBLE) == 0) {
//
// This is PC/AT (and FMR in Japan) VDM.
//
RtlInitUnicodeString(
&SectionName,
L"\\Device\\PhysicalMemory"
);
InitializeObjectAttributes(
&ObjectAttributes,
&SectionName,
OBJ_CASE_INSENSITIVE|OBJ_KERNEL_HANDLE,
(HANDLE) NULL,
(PSECURITY_DESCRIPTOR) NULL
);
Status = ZwOpenSection(
&SectionHandle,
SECTION_ALL_ACCESS,
&ObjectAttributes
);
if (!NT_SUCCESS(Status)) {
return Status;
}
//
// Copy the first page of memory into the VDM's address space
//
BaseAddress = 0;
destination = 0;
ViewSize = 0x1000;
ViewBase.LowPart = 0;
ViewBase.HighPart = 0;
Status = ZwMapViewOfSection(
SectionHandle,
NtCurrentProcess(),
&BaseAddress,
0,
ViewSize,
&ViewBase,
&ViewSize,
ViewUnmap,
0,
PAGE_READWRITE
);
if (!NT_SUCCESS(Status)) {
ZwClose(SectionHandle);
return Status;
}
// problem with this statement below --
// it could be a non-vdm process and copying memory to address 0
// should be guarded against
StatusCopy = STATUS_SUCCESS;
try {
RtlMoveMemory(
destination,
BaseAddress,
ViewSize
);
}
except(ExSystemExceptionFilter()) {
StatusCopy = GetExceptionCode();
}
Status = ZwUnmapViewOfSection(
NtCurrentProcess(),
BaseAddress
);
if (!NT_SUCCESS(Status) || !NT_SUCCESS(StatusCopy)) {
ZwClose(SectionHandle);
return (NT_SUCCESS(Status) ? StatusCopy : Status);
}
//
// Map Rom into address space
//
BaseAddress = (PVOID) 0x000C0000;
ViewSize = 0x40000;
ViewBase.LowPart = 0x000C0000;
ViewBase.HighPart = 0;
//
// First unmap the reserved memory. This must be done here to prevent
// the virtual memory in question from being consumed by some other
// alloc vm call.
//
Status = ZwFreeVirtualMemory(
NtCurrentProcess(),
&BaseAddress,
&ViewSize,
MEM_RELEASE
);
// N.B. This should probably take into account the fact that there are
// a handfull of error conditions that are ok. (such as no memory to
// release.)
if (!NT_SUCCESS(Status)) {
ZwClose(SectionHandle);
return Status;
}
//
// Set up and open KeyPath
//
InitializeObjectAttributes(
&ObjectAttributes,
&CmRegistryMachineHardwareDescriptionSystemName,
OBJ_CASE_INSENSITIVE|OBJ_KERNEL_HANDLE,
(HANDLE)NULL,
NULL
);
Status = ZwOpenKey(
&RegistryHandle,
KEY_READ,
&ObjectAttributes
);
if (!NT_SUCCESS(Status)) {
ZwClose(SectionHandle);
return Status;
}
//
// Allocate space for the data
//
KeyValueBuffer = ExAllocatePoolWithTag(
PagedPool,
KEY_VALUE_BUFFER_SIZE,
' MDV'
);
if (KeyValueBuffer == NULL) {
ZwClose(RegistryHandle);
ZwClose(SectionHandle);
return STATUS_NO_MEMORY;
}
//
// Get the data for the rom information
//
RtlInitUnicodeString(
&WorkString,
L"Configuration Data"
);
Status = ZwQueryValueKey(
RegistryHandle,
&WorkString,
KeyValueFullInformation,
KeyValueBuffer,
KEY_VALUE_BUFFER_SIZE,
&ResultLength
);
if (!NT_SUCCESS(Status)) {
ZwClose(RegistryHandle);
ExFreePool(KeyValueBuffer);
ZwClose(SectionHandle);
return Status;
}
ResourceDescriptor = (PCM_FULL_RESOURCE_DESCRIPTOR)
((PUCHAR) KeyValueBuffer + KeyValueBuffer->DataOffset);
if ((KeyValueBuffer->DataLength < sizeof(CM_FULL_RESOURCE_DESCRIPTOR)) ||
(ResourceDescriptor->PartialResourceList.Count < 2)
) {
ZwClose(RegistryHandle);
ExFreePool(KeyValueBuffer);
ZwClose(SectionHandle);
// No rom blocks.
return STATUS_SUCCESS;
}
PartialResourceDescriptor = (PCM_PARTIAL_RESOURCE_DESCRIPTOR)
((PUCHAR)ResourceDescriptor +
sizeof(CM_FULL_RESOURCE_DESCRIPTOR) +
ResourceDescriptor->PartialResourceList.PartialDescriptors[0]
.u.DeviceSpecificData.DataSize);
if (KeyValueBuffer->DataLength < ((PUCHAR)PartialResourceDescriptor -
(PUCHAR)ResourceDescriptor + sizeof(CM_PARTIAL_RESOURCE_DESCRIPTOR)
+ sizeof(CM_ROM_BLOCK))
) {
ZwClose(RegistryHandle);
ExFreePool(KeyValueBuffer);
ZwClose(SectionHandle);
return STATUS_ILL_FORMED_SERVICE_ENTRY;
}
BiosBlock = (PCM_ROM_BLOCK)((PUCHAR)PartialResourceDescriptor +
sizeof(CM_PARTIAL_RESOURCE_DESCRIPTOR));
Index = PartialResourceDescriptor->u.DeviceSpecificData.DataSize /
sizeof(CM_ROM_BLOCK);
//
// N.B. Rom blocks begin on 2K (not necessarily page) boundaries
// They end on 512 byte boundaries. This means that we have
// to keep track of the last page mapped, and round the next
// Rom block up to the next page boundary if necessary.
//
LastMappedAddress = 0xC0000;
while (Index) {
#if 0
DbgPrint(
"Bios Block, PhysAddr = %lx, size = %lx\n",
BiosBlock->Address,
BiosBlock->Size
);
#endif
if ((Index > 1) &&
((BiosBlock->Address + BiosBlock->Size) == BiosBlock[1].Address)
) {
//
// Coalesce adjacent blocks
//
BiosBlock[1].Address = BiosBlock[0].Address;
BiosBlock[1].Size += BiosBlock[0].Size;
Index--;
BiosBlock++;
continue;
}
BaseAddress = (PVOID)(BiosBlock->Address);
ViewSize = BiosBlock->Size;
if ((ULONG)BaseAddress < LastMappedAddress) {
if (ViewSize > (LastMappedAddress - (ULONG)BaseAddress)) {
ViewSize = ViewSize - (LastMappedAddress - (ULONG)BaseAddress);
BaseAddress = (PVOID)LastMappedAddress;
} else {
ViewSize = 0;
}
}
ViewBase.LowPart = (ULONG)BaseAddress;
if (ViewSize > 0) {
Status = ZwMapViewOfSection(
SectionHandle,
NtCurrentProcess(),
&BaseAddress,
0,
ViewSize,
&ViewBase,
&ViewSize,
ViewUnmap,
MEM_DOS_LIM,
PAGE_READWRITE
);
if (!NT_SUCCESS(Status)) {
break;
}
LastMappedAddress = (ULONG)BaseAddress + ViewSize;
}
Index--;
BiosBlock++;
}
//
// Free up the handles
//
ZwClose(SectionHandle);
ZwClose(RegistryHandle);
ExFreePool(KeyValueBuffer);
} else {
NTSTATUS
NTAPI
VdmpStartExecution(VOID)
{
PETHREAD Thread = PsGetCurrentThread();
PKTRAP_FRAME VdmFrame;
NTSTATUS Status;
PVDM_TIB VdmTib;
BOOLEAN Interrupts;
KIRQL OldIrql;
CONTEXT VdmContext;
PAGED_CODE();
/* Get the thread's VDM frame and TIB */
VdmFrame = (PVOID)((ULONG_PTR)Thread->Tcb.InitialStack -
sizeof(FX_SAVE_AREA) -
sizeof(KTRAP_FRAME));
Status = VdmpGetVdmTib(&VdmTib);
if (!NT_SUCCESS(Status)) return STATUS_INVALID_SYSTEM_SERVICE;
/* Go to APC level */
KeRaiseIrql(APC_LEVEL, &OldIrql);
/* Check if interrupts are enabled */
Interrupts = (BOOLEAN)(VdmTib->VdmContext.EFlags & EFLAGS_INTERRUPT_MASK);
/* We don't support full VDM yet, this shouldn't happen */
ASSERT(*VdmState == 0);
ASSERT(VdmTib->VdmContext.EFlags & EFLAGS_V86_MASK);
/* Check if VME is supported and V86 mode was enabled */
if ((KeI386VirtualIntExtensions) &&
(VdmTib->VdmContext.EFlags & EFLAGS_V86_MASK))
{
/* Check if interrupts are enabled */
if (Interrupts)
{
/* Set fake IF flag */
VdmTib->VdmContext.EFlags |= EFLAGS_VIF;
}
else
{
/* Remove fake IF flag, turn on real IF flag */
VdmTib->VdmContext.EFlags &= ~EFLAGS_VIF;
VdmTib->VdmContext.EFlags |= EFLAGS_INTERRUPT_MASK;
}
}
else
{
/* Set interrupt state in the VDM State */
if (VdmTib->VdmContext.EFlags & EFLAGS_INTERRUPT_MASK)
{
/* Enable them as well */
InterlockedOr((PLONG)VdmState, EFLAGS_INTERRUPT_MASK);
}
else
{
/* Disable them */
InterlockedAnd((PLONG)VdmState, ~EFLAGS_INTERRUPT_MASK);
}
/* Enable the interrupt flag */
VdmTib->VdmContext.EFlags |= EFLAGS_INTERRUPT_MASK;
}
/* Get the VDM context and make sure it's not an edited frame */
VdmContext = VdmTib->VdmContext;
if (!(VdmContext.SegCs & FRAME_EDITED))
{
/* Fail */
KeLowerIrql(OldIrql);
return STATUS_INVALID_SYSTEM_SERVICE;
}
/* Now do the VDM Swap */
VdmSwapContext(VdmFrame, &VdmTib->MonitorContext, &VdmContext);
/* Lower the IRQL and return EAX */
KeLowerIrql(OldIrql);
return VdmFrame->Eax;
}
