// Page-Rounding Macros
//
#define PAGE_ROUND_DOWN(x) \
- (((ULONG_PTR)x)&(~(PAGE_SIZE-1)))
+ (((ULONG_PTR)(x))&(~(PAGE_SIZE-1)))
#define PAGE_ROUND_UP(x) \
- ( (((ULONG_PTR)x)%PAGE_SIZE) ? \
- ((((ULONG_PTR)x)&(~(PAGE_SIZE-1)))+PAGE_SIZE) : \
- ((ULONG_PTR)x) )
+ ( (((ULONG_PTR)(x)) + PAGE_SIZE-1) & (~(PAGE_SIZE-1)) )
#ifdef NTOS_MODE_USER
#define ROUND_TO_PAGES(Size) \
(((ULONG_PTR)(Size) + PAGE_SIZE - 1) & ~(PAGE_SIZE - 1))
& ~(MM_ALLOCATION_GRANULARITY - 1))
//
-// Macro for generating pool tags
+// PFN Identity Uses
//
-#define TAG(A, B, C, D) \
- (ULONG)(((A)<<0) + ((B)<<8) + ((C)<<16) + ((D)<<24))
+#define MMPFNUSE_PROCESSPRIVATE 0
+#define MMPFNUSE_FILE 1
+#define MMPFNUSE_PAGEFILEMAPPED 2
+#define MMPFNUSE_PAGETABLE 3
+#define MMPFNUSE_PAGEDPOOL 4
+#define MMPFNUSE_NONPAGEDPOOL 5
+#define MMPFNUSE_SYSTEMPTE 6
+#define MMPFNUSE_SESSIONPRIVATE 7
+#define MMPFNUSE_METAFILE 8
+#define MMPFNUSE_AWEPAGE 9
+#define MMPFNUSE_DRIVERLOCKPAGE 10
+#define MMPFNUSE_KERNELSTACK 11
+
+//
+// Lock/Unlock Virtuam Memory Flags
+//
+#define MAP_PROCESS 1
+#define MAP_SYSTEM 2
#ifndef NTOS_MODE_USER
} POOL_TYPE;
#endif
+//
+// Memory Manager Page Lists
+//
+typedef enum _MMLISTS
+{
+ ZeroedPageList = 0,
+ FreePageList = 1,
+ StandbyPageList = 2,
+ ModifiedPageList = 3,
+ ModifiedNoWritePageList = 4,
+ BadPageList = 5,
+ ActiveAndValid = 6,
+ TransitionPage = 7
+} MMLISTS;
+
//
// Per Processor Non Paged Lookaside List IDs
//
SectionImageInformation,
} SECTION_INFORMATION_CLASS;
+//
+// Kinds of VADs
+//
+typedef enum _MI_VAD_TYPE
+{
+ VadNone,
+ VadDevicePhysicalMemory,
+ VadImageMap,
+ VadAwe,
+ VadWriteWatch,
+ VadLargePages,
+ VadRotatePhysical,
+ VadLargePageSection
+} MI_VAD_TYPE, *PMI_VAD_TYPE;
+
#ifdef NTOS_MODE_USER
//
} VM_COUNTERS_EX, *PVM_COUNTERS_EX;
#endif
+//
+// Sub-Information Types for PFN Identity
+//
+typedef struct _MEMORY_FRAME_INFORMATION
+{
+ ULONGLONG UseDescription:4;
+ ULONGLONG ListDescription:3;
+ ULONGLONG Reserved0:1;
+ ULONGLONG Pinned:1;
+ ULONGLONG DontUse:48;
+ ULONGLONG Priority:3;
+ ULONGLONG Reserved:4;
+} MEMORY_FRAME_INFORMATION, *PMEMORY_FRAME_INFORMATION;
+
+typedef struct _FILEOFFSET_INFORMATION
+{
+ ULONGLONG DontUse:9;
+ ULONGLONG Offset:48;
+ ULONGLONG Reserved:7;
+} FILEOFFSET_INFORMATION, *PFILEOFFSET_INFORMATION;
+
+typedef struct _PAGEDIR_INFORMATION
+{
+ ULONGLONG DontUse:9;
+ ULONGLONG PageDirectoryBase:48;
+ ULONGLONG Reserved:7;
+} PAGEDIR_INFORMATION, *PPAGEDIR_INFORMATION;
+
+typedef struct _UNIQUE_PROCESS_INFORMATION
+{
+ ULONGLONG DontUse:9;
+ ULONGLONG UniqueProcessKey:48;
+ ULONGLONG Reserved:7;
+} UNIQUE_PROCESS_INFORMATION, *PUNIQUE_PROCESS_INFORMATION;
+
+//
+// PFN Identity Data Structure
+//
+typedef struct _MMPFN_IDENTITY
+{
+ union
+ {
+ MEMORY_FRAME_INFORMATION e1;
+ FILEOFFSET_INFORMATION e2;
+ PAGEDIR_INFORMATION e3;
+ UNIQUE_PROCESS_INFORMATION e4;
+ } u1;
+ SIZE_T PageFrameIndex;
+ union
+ {
+ struct
+ {
+ ULONG Image:1;
+ ULONG Mismatch:1;
+ } e1;
+ PVOID FileObject;
+ PVOID UniqueFileObjectKey;
+ PVOID ProtoPteAddress;
+ PVOID VirtualAddress;
+ } u2;
+} MMPFN_IDENTITY, *PMMPFN_IDENTITY;
+
//
// List of Working Sets
//
ULONG ZeroBits;
ULONG MaximumStackSize;
ULONG CommittedStackSize;
- ULONG SubsystemType;
+ ULONG SubSystemType;
USHORT SubSystemMinorVersion;
USHORT SubSystemMajorVersion;
ULONG GpValue;
USHORT ImageCharacteristics;
- USHORT DllChracteristics;
+ USHORT DllCharacteristics;
USHORT Machine;
UCHAR ImageContainsCode;
UCHAR Spare1;
ULONG LoaderFlags;
- ULONG ImageFileSIze;
+ ULONG ImageFileSize;
ULONG Reserved[1];
} SECTION_IMAGE_INFORMATION, *PSECTION_IMAGE_INFORMATION;
ULONG NumberOfCommittedPages;
PMMEXTEND_INFO ExtendInfo;
SEGMENT_FLAGS SegmentFlags;
- PVOID BaseAddress;
+ PVOID BasedAddress;
union
{
SIZE_T ImageCommitment;
//
typedef struct _EVENT_COUNTER
{
+ SLIST_ENTRY ListEntry;
ULONG RefCount;
KEVENT Event;
- LIST_ENTRY ListEntry;
} EVENT_COUNTER, *PEVENT_COUNTER;
//
ULONG SectorEndOffset:12;
} MMSUBSECTION_FLAGS, *PMMSUBSECTION_FLAGS;
+typedef struct _MMSUBSECTION_FLAGS2
+{
+ ULONG SubsectionAccessed:1;
+ ULONG SubsectionConverted:1;
+ ULONG Reserved:30;
+} MMSUBSECTION_FLAGS2;
+
//
// Control Area Structures
//
} LARGE_CONTROL_AREA, *PLARGE_CONTROL_AREA;
//
-// Subsection
+// Subsection and Mapped Subsection
//
typedef struct _SUBSECTION
{
PMMPTE SubsectionBase;
ULONG UnusedPtes;
ULONG PtesInSubsection;
- struct _SUBSECTION *NextSubSection;
+ struct _SUBSECTION *NextSubsection;
} SUBSECTION, *PSUBSECTION;
+typedef struct _MSUBSECTION
+{
+ PCONTROL_AREA ControlArea;
+ union
+ {
+ ULONG LongFlags;
+ MMSUBSECTION_FLAGS SubsectionFlags;
+ } u;
+ ULONG StartingSector;
+ ULONG NumberOfFullSectors;
+ PMMPTE SubsectionBase;
+ ULONG UnusedPtes;
+ ULONG PtesInSubsection;
+ struct _SUBSECTION *NextSubsection;
+ LIST_ENTRY DereferenceList;
+ ULONG_PTR NumberOfMappedViews;
+ union
+ {
+ ULONG LongFlags2;
+ MMSUBSECTION_FLAGS2 SubsectionFlags2;
+ } u2;
+} MSUBSECTION, *PMSUBSECTION;
+
//
// Segment Object
//
{
union
{
- ULONG Balance:2;
+ LONG Balance:2;
struct _MMADDRESS_NODE *Parent;
} u1;
struct _MMADDRESS_NODE *LeftChild;
PVOID NodeFreeHint;
} MM_AVL_TABLE, *PMM_AVL_TABLE;
+//
+// Virtual Adress List used in VADs
+//
+typedef struct _MMADDRESS_LIST
+{
+ ULONG StartVpn;
+ ULONG EndVpn;
+} MMADDRESS_LIST, *PMMADDRESS_LIST;
+
+//
+// Flags used in the VAD
+//
+typedef struct _MMVAD_FLAGS
+{
+ ULONG CommitCharge:19;
+ ULONG NoChange:1;
+ ULONG VadType:3;
+ ULONG MemCommit:1;
+ ULONG Protection:5;
+ ULONG Spare:2;
+ ULONG PrivateMemory:1;
+} MMVAD_FLAGS, *PMMVAD_FLAGS;
+
+//
+// Extended flags used in the VAD
+//
+typedef struct _MMVAD_FLAGS2
+{
+ ULONG FileOffset:24;
+ ULONG SecNoChange:1;
+ ULONG OneSecured:1;
+ ULONG MultipleSecured:1;
+ ULONG ReadOnly:1;
+ ULONG LongVad:1;
+ ULONG ExtendableFile:1;
+ ULONG Inherit:1;
+ ULONG CopyOnWrite:1;
+} MMVAD_FLAGS2, *PMMVAD_FLAGS2;
+
+//
+// Virtual Address Descriptor (VAD) Structure
+//
+typedef struct _MMVAD
+{
+ union
+ {
+ LONG_PTR Balance:2;
+ struct _MMVAD *Parent;
+ } u1;
+ struct _MMVAD *LeftChild;
+ struct _MMVAD *RightChild;
+ ULONG StartingVpn;
+ ULONG EndingVpn;
+ union
+ {
+ ULONG LongFlags;
+ MMVAD_FLAGS VadFlags;
+ } u;
+ PCONTROL_AREA ControlArea;
+ PMMPTE FirstPrototypePte;
+ PMMPTE LastContiguousPte;
+ union
+ {
+ ULONG LongFlags2;
+ MMVAD_FLAGS2 VadFlags2;
+ } u2;
+} MMVAD, *PMMVAD;
+
+//
+// Long VAD used in section and private allocations
+//
+typedef struct _MMVAD_LONG
+{
+ union
+ {
+ LONG_PTR Balance:2;
+ PMMVAD Parent;
+ } u1;
+ PMMVAD LeftChild;
+ PMMVAD RightChild;
+ ULONG StartingVpn;
+ ULONG EndingVpn;
+ union
+ {
+ ULONG LongFlags;
+ MMVAD_FLAGS VadFlags;
+ } u;
+ PCONTROL_AREA ControlArea;
+ PMMPTE FirstPrototypePte;
+ PMMPTE LastContiguousPte;
+ union
+ {
+ ULONG LongFlags2;
+ MMVAD_FLAGS2 VadFlags2;
+ } u2;
+ union
+ {
+ LIST_ENTRY List;
+ MMADDRESS_LIST Secured;
+ } u3;
+ union
+ {
+ PVOID Banked;
+ PMMEXTEND_INFO ExtendedInfo;
+ } u4;
+} MMVAD_LONG, *PMMVAD_LONG;
+
//
// Actual Section Object
//
ULONG Hashed:1;
ULONG Direct:1;
ULONG Age:2;
- ULONG VirtualPageNumber:14;
+ ULONG VirtualPageNumber:20;
} MMWSLENTRY, *PMMWSLENTRY;
typedef struct _MMWSLE
ULONG NextSlot;
PMMWSLE Wsle;
ULONG LastInitializedWsle;
- ULONG NonDirectcout;
+ ULONG NonDirectCount;
PMMWSLE_HASH HashTable;
ULONG HashTableSize;
ULONG NumberOfCommittedPageTables;
ULONG TrimHard:1;
ULONG MaximumWorkingSetHard:1;
ULONG ForceTrim:1;
- ULONG MinimumworkingSetHard:1;
+ ULONG MinimumWorkingSetHard:1;
ULONG Available0:1;
ULONG MemoryPriority:8;
ULONG GrowWsleHash:1;
PVOID BaseAddress;
PVOID AllocationBase;
ULONG AllocationProtect;
- ULONG RegionSize;
+ SIZE_T RegionSize;
ULONG State;
ULONG Protect;
ULONG Type;