#define NDEBUG
#include <debug.h>
-#line 15 "ARMĀ³::DRVMGMT"
#define MODULE_INVOLVED_IN_ARM3
#include "../ARM3/miarm.h"
MM_DRIVER_VERIFIER_DATA MmVerifierData;
LIST_ENTRY MiVerifierDriverAddedThunkListHead;
ULONG MiActiveVerifierThunks;
-
-/* PRIVATE FUNCTIONS *********************************************************/
-
-PLDR_DATA_TABLE_ENTRY
-NTAPI
-MiLookupDataTableEntry(IN PVOID Address)
-{
- PLDR_DATA_TABLE_ENTRY LdrEntry, FoundEntry = NULL;
- PLIST_ENTRY NextEntry;
- PAGED_CODE();
-
- //
- // Loop entries
- //
- NextEntry = PsLoadedModuleList.Flink;
- do
- {
- //
- // Get the loader entry
- //
- LdrEntry = CONTAINING_RECORD(NextEntry,
- LDR_DATA_TABLE_ENTRY,
- InLoadOrderLinks);
-
- //
- // Check if the address matches
- //
- if ((Address >= LdrEntry->DllBase) &&
- (Address < (PVOID)((ULONG_PTR)LdrEntry->DllBase +
- LdrEntry->SizeOfImage)))
- {
- //
- // Found a match
- //
- FoundEntry = LdrEntry;
- break;
- }
-
- //
- // Move on
- //
- NextEntry = NextEntry->Flink;
- } while(NextEntry != &PsLoadedModuleList);
-
- //
- // Return the entry
- //
- return FoundEntry;
-}
+WCHAR MmVerifyDriverBuffer[512] = {0};
+ULONG MmVerifyDriverBufferLength = sizeof(MmVerifyDriverBuffer);
+ULONG MmVerifyDriverBufferType = REG_NONE;
+ULONG MmVerifyDriverLevel = -1;
+PVOID MmTriageActionTaken;
+PVOID KernelVerifier;
/* PUBLIC FUNCTIONS ***********************************************************/
//
// We should just find the section and call MmLockPageableSectionByHandle
//
- UNIMPLEMENTED;
+ static BOOLEAN Warn; if (!Warn++) UNIMPLEMENTED;
return AddressWithinSection;
}
-/*
- * @unimplemented
- */
-PVOID
-NTAPI
-MmPageEntireDriver(IN PVOID AddressWithinSection)
-{
- //PMMPTE StartPte, EndPte;
- PLDR_DATA_TABLE_ENTRY LdrEntry;
- PAGED_CODE();
-
- //
- // Get the loader entry
- //
- LdrEntry = MiLookupDataTableEntry(AddressWithinSection);
- if (!LdrEntry) return NULL;
-
- //
- // Check if paging of kernel mode is disabled or if the driver is mapped as
- // an image
- //
- if ((MmDisablePagingExecutive & 0x1) || (LdrEntry->SectionPointer))
- {
- //
- // Don't do anything, just return the base address
- //
- return LdrEntry->DllBase;
- }
-
- //
- // Wait for active DPCs to finish before we page out the driver
- //
- KeFlushQueuedDpcs();
-
- //
- // Get the PTE range for the whole driver image
- //
- //StartPte = MiGetPteAddress(LdrEntry->DllBase);
- //EndPte = MiGetPteAddress(LdrEntry->DllBase +
- // LdrEntry->SizeOfImage);
-
- //
- // Enable paging for the PTE range
- //
- //MiSetPagingOfDriver(StartPte, EndPte);
-
- //
- // Return the base address
- //
- return LdrEntry->DllBase;
-}
-
-/*
- * @unimplemented
- */
-VOID
-NTAPI
-MmResetDriverPaging(IN PVOID AddressWithinSection)
-{
- UNIMPLEMENTED;
-}
-
/*
* @unimplemented
*/
NTAPI
MmTrimAllSystemPageableMemory(IN ULONG PurgeTransitionList)
{
- UNIMPLEMENTED;
- return 0;
+ UNIMPLEMENTED;
+ return 0;
}
/*
ULONG i;
NTSTATUS Status = STATUS_SUCCESS;
PAGED_CODE();
-
+
//
// Make sure the driver verifier is initialized
//
if (!MiVerifierDriverAddedThunkListHead.Flink) return STATUS_NOT_SUPPORTED;
-
+
//
// Get the thunk pairs and count them
//
ThunkCount = ThunkBufferSize / sizeof(DRIVER_VERIFIER_THUNK_PAIRS);
if (!ThunkCount) return STATUS_INVALID_PARAMETER_1;
-
+
//
// Now allocate our own thunk table
//
sizeof(DRIVER_VERIFIER_THUNK_PAIRS),
'tVmM');
if (!DriverThunks) return STATUS_INSUFFICIENT_RESOURCES;
-
+
//
// Now copy the driver-fed part
//
RtlCopyMemory(ThunkTable,
ThunkBuffer,
ThunkCount * sizeof(DRIVER_VERIFIER_THUNK_PAIRS));
-
+
//
// Acquire the system load lock
//
KernelMode,
FALSE,
NULL);
-
+
//
// Get the loader entry
//
Status = STATUS_INVALID_PARAMETER_2;
goto Cleanup;
}
-
+
//
// Get driver base and end
//
ModuleBase = LdrEntry->DllBase;
ModuleEnd = (PVOID)((ULONG_PTR)LdrEntry->DllBase + LdrEntry->SizeOfImage);
-
+
//
// Don't allow hooking the kernel or HAL
//
Status = STATUS_INVALID_PARAMETER_2;
goto Cleanup;
}
-
+
//
// Loop all the thunks
//
goto Cleanup;
}
}
-
+
//
// Otherwise, add this entry
//
InsertTailList(&MiVerifierDriverAddedThunkListHead,
&DriverThunks->ListEntry);
DriverThunks = NULL;
-
+
Cleanup:
//
// Release the lock
//
KeReleaseMutant(&MmSystemLoadLock, 1, FALSE, FALSE);
KeLeaveCriticalRegion();
-
+
//
// Free the table if we failed and return status
//
- if (DriverThunks) ExFreePool(DriverThunks);
+ if (DriverThunks) ExFreePoolWithTag(DriverThunks, 'tVmM');
return Status;
}
MmIsDriverVerifying(IN PDRIVER_OBJECT DriverObject)
{
PLDR_DATA_TABLE_ENTRY LdrEntry;
-
+
//
// Get the loader entry
//
LdrEntry = (PLDR_DATA_TABLE_ENTRY)DriverObject->DriverSection;
if (!LdrEntry) return FALSE;
-
+
//
// Check if we're verifying or not
//
*VerifierFlags = MmVerifierData.Level;
return STATUS_SUCCESS;
}
-
+
//
// Otherwise, we're disabled
//