/*
* TsmiHandleMemWrite
*
* Purpose:
*
* Patch vbox dll in memory.
*
* Warning: potential BSOD-generator due to nonstandard way of loading, take care with patch offsets.
*
*/
NTSTATUS TsmiHandleMemWrite(
_In_ PVOID SrcAddress,
_In_ PVOID DestAddress,
_In_ ULONG Size
)
{
PMDL mdl;
NTSTATUS status = STATUS_SUCCESS;
PAGED_CODE();
mdl = IoAllocateMdl(DestAddress, Size, FALSE, FALSE, NULL);
if (mdl == NULL) {
return STATUS_INSUFFICIENT_RESOURCES;
}
if (DestAddress >= MmSystemRangeStart)
if (!MmIsAddressValid(DestAddress)) {
return STATUS_ACCESS_VIOLATION;
}
MmProbeAndLockPages(mdl, KernelMode, IoReadAccess);
DestAddress = MmGetSystemAddressForMdlSafe(mdl, HighPagePriority);
if (DestAddress != NULL) {
status = MmProtectMdlSystemAddress(mdl, PAGE_EXECUTE_READWRITE);
__movsb((PUCHAR)DestAddress, (const UCHAR *)SrcAddress, Size);
MmUnmapLockedPages(DestAddress, mdl);
MmUnlockPages(mdl);
}
else {
status = STATUS_ACCESS_VIOLATION;
}
IoFreeMdl(mdl);
return status;
}
/*
* TsmiHandleMemWrite
*
* Purpose:
*
* Patch vbox dll in memory.
*
* Warning: If compiled not in ReleaseSigned configuration this function is a
* potential BSOD-generator due to nonstandard way of loading, take care with patch offsets.
*
*/
NTSTATUS TsmiHandleMemWrite(
_In_ PVOID SrcAddress,
_In_ PVOID DestAddress,
_In_ ULONG Size
)
{
PMDL mdl;
NTSTATUS status = STATUS_SUCCESS;
PAGED_CODE();
mdl = IoAllocateMdl(DestAddress, Size, FALSE, FALSE, NULL);
if (mdl == NULL) {
#ifdef _DEBUGMSG
DbgPrint("[TSMI] Failed to create MDL at write\n");
#endif
return STATUS_INSUFFICIENT_RESOURCES;
}
#ifdef _SIGNED_BUILD
__try {
#endif //_SIGNED_BUILD
if (DestAddress >= MmSystemRangeStart)
if (!MmIsAddressValid(DestAddress)) {
#ifdef _DEBUGMSG
DbgPrint("[TSMI] Invalid address\n");
#endif //_DEBUGMSG
return STATUS_ACCESS_VIOLATION;
}
MmProbeAndLockPages(mdl, KernelMode, IoReadAccess);
DestAddress = MmGetSystemAddressForMdlSafe(mdl, HighPagePriority);
if (DestAddress != NULL) {
status = MmProtectMdlSystemAddress(mdl, PAGE_EXECUTE_READWRITE);
__movsb((PUCHAR)DestAddress, (const UCHAR *)SrcAddress, Size);
MmUnmapLockedPages(DestAddress, mdl);
MmUnlockPages(mdl);
}
else {
status = STATUS_ACCESS_VIOLATION;
}
#ifdef _SIGNED_BUILD
}
__except (EXCEPTION_EXECUTE_HANDLER) {
status = STATUS_ACCESS_VIOLATION;
#ifdef _DEBUGMSG
DbgPrint("[TSMI] MmProbeAndLockPages failed at write DestAddress = %p\n", DestAddress);
#endif //_DEBUGMSG
}
#endif //_SIGNED_BUILD
IoFreeMdl(mdl);
return status;
}
DECLHIDDEN(int) rtR0MemObjNativeAllocPage(PPRTR0MEMOBJINTERNAL ppMem, size_t cb, bool fExecutable)
{
AssertMsgReturn(cb <= _1G, ("%#x\n", cb), VERR_OUT_OF_RANGE); /* for safe size_t -> ULONG */
/*
* Try allocate the memory and create an MDL for them so
* we can query the physical addresses and do mappings later
* without running into out-of-memory conditions and similar problems.
*/
int rc = VERR_NO_PAGE_MEMORY;
void *pv = ExAllocatePoolWithTag(NonPagedPool, cb, IPRT_NT_POOL_TAG);
if (pv)
{
PMDL pMdl = IoAllocateMdl(pv, (ULONG)cb, FALSE, FALSE, NULL);
if (pMdl)
{
MmBuildMdlForNonPagedPool(pMdl);
#ifdef RT_ARCH_AMD64
MmProtectMdlSystemAddress(pMdl, PAGE_EXECUTE_READWRITE);
#endif
/*
* Create the IPRT memory object.
*/
PRTR0MEMOBJNT pMemNt = (PRTR0MEMOBJNT)rtR0MemObjNew(sizeof(*pMemNt), RTR0MEMOBJTYPE_PAGE, pv, cb);
if (pMemNt)
{
pMemNt->cMdls = 1;
pMemNt->apMdls[0] = pMdl;
*ppMem = &pMemNt->Core;
return VINF_SUCCESS;
}
rc = VERR_NO_MEMORY;
IoFreeMdl(pMdl);
}
ExFreePool(pv);
}
return rc;
}
