// Terminates DdiMon
_Use_decl_annotations_ EXTERN_C void DdimonTermination() {
PAGED_CODE();
HYPERPLATFORM_COMMON_DBG_BREAK();
ShDisableHooks();
UtilSleep(500);
DdimonpFreeAllocatedTrampolineRegions();
HYPERPLATFORM_LOG_INFO("DdiMon has been terminated.");
}
// Terminates DdiMon
_Use_decl_annotations_ EXTERN_C void SbpTermination() {
PAGED_CODE();
auto ptrs = g_sbpp_breakpoints;
auto status = UtilVmCall(HypercallNumber::kDdimonDisablePageShadowing, ptrs);
NT_VERIFY(NT_SUCCESS(status));
UtilSleep(500);
g_sbpp_breakpoints = nullptr;
delete ptrs;
}
_Use_decl_annotations_ void GMonWaitForever(const AllRegisters *registers,
ULONG_PTR stack_pointer) {
UNREFERENCED_PARAMETER(registers);
UNREFERENCED_PARAMETER(stack_pointer);
HYPERPLATFORM_LOG_INFO_SAFE(
"PatchGuard context has been detected and terminated.");
HYPERPLATFORM_COMMON_DBG_BREAK();
#pragma warning(push)
#pragma warning(disable : 28138)
KeLowerIrql(PASSIVE_LEVEL);
#pragma warning(push)
// Wait until this thread ends == never returns
for (auto status = STATUS_SUCCESS;;) {
status = KeWaitForSingleObject(PsGetCurrentThread(), Executive, KernelMode,
FALSE, nullptr);
HYPERPLATFORM_LOG_WARN("Oops? (%08x)", status);
UtilSleep(60000);
}
}