kernel
Loading...
Searching...
No Matches
mm.h
Go to the documentation of this file.
1#ifndef X86_MATANEL_MEMORY_H
2#define X86_MATANEL_MEMORY_H
3
4/*++
5
6Module Name:
7
8 mm.h
9
10Purpose:
11
12 This module contains the header files required for memory management (virtual, physical, PFN, VAD, MMIO, init, etc.)
13
14Author:
15
16 slep (Matanel) 2025.
17
18Revision History:
19
20--*/
21
22// Base Includes
23#include <stdint.h>
24#include <stdbool.h>
25#include "annotations.h"
26#include "macros.h"
27#include "../mtstatus.h"
28#include "../intrinsics/intrin.h"
29#include "../intrinsics/atomic.h"
30
31// Needed for linked list and spinlocks
32#include "ms.h"
33#include "core.h"
34#include "efi.h"
35
36// ------------------ HEADER SPECIFIC MACROS ------------------
37
38#define PML4_INDEX_BITS 9
39#define PML4_INDEX_SHIFT 39
40#define PML4_INDEX_MASK ((1ULL << PML4_INDEX_BITS) - 1ULL)
41
42#define PML4_INDEX_FROM_VA(VA) ( ( (uintptr_t)(VA) >> PML4_INDEX_SHIFT ) & PML4_INDEX_MASK )
43
44/* If PhysicalMemoryOffset is the kernel VA base that maps physical 0:
45 index in PML4 for physical address PHYS is the index of (PHYS + PhysicalMemoryOffset) */
46#define PML4_INDEX_FROM_PHYS(PHYS) PML4_INDEX_FROM_VA( (uintptr_t)(PHYS) + (uintptr_t)PhysicalMemoryOffset )
47
48 /* safer typed helper */
49static inline int MiConvertVaToPml4Offset(uint64_t va) {
50 return (int)((va >> PML4_INDEX_SHIFT) & PML4_INDEX_MASK);
51}
52
53#define VirtualPageSize 4096ULL // Same as each physical frame.
54#define PhysicalFrameSize 4096ULL // Each physical frame.
55#define KernelVaStart 0xfffff80000000000ULL
56#define PhysicalMemoryOffset 0xffff880000000000ULL // Defines the offset in arithmetic for quick mapping
57#define RECURSIVE_INDEX 0x1FF
58
59#ifndef __INTELLISENSE__
60#ifndef __OFFSET_GENERATOR__
61/* Convert a PFN index to a PPFN_ENTRY pointer */
62#define INDEX_TO_PPFN(Index) \
63 (&(PfnDatabase.PfnEntries[(size_t)(Index)]))
64#define PHYSICAL_TO_PPFN(PHYS) \
65 (&PfnDatabase.PfnEntries[(size_t)((PHYS) / (uint64_t)PhysicalFrameSize)])
66#define PTE_TO_PHYSICAL(PMMPTE) ((PMMPTE)->Value & ~0xFFFULL)
67/* single-CPU build (no IPI shootdown code) */
68#ifdef MT_UP
69
70#define MI_WRITE_PTE(_PtePointer, _Va, _Pa, _Flags) \
71do { \
72 MMPTE* _pte = (MMPTE*)(_PtePointer); \
73 uint64_t _val = (((uintptr_t)(_Pa)) & ~0xFFFULL) | (uint64_t)(_Flags); \
74 MiAtomicExchangePte(_pte, _val); \
75 __asm__ volatile("" ::: "memory"); \
76 \
77 /* Only set PFN->PTE link if PFN database is initialized */ \
78 if (MmPfnDatabaseInitialized) { \
79 PPFN_ENTRY _pfn = PHYSICAL_TO_PPFN(_Pa); \
80 _pfn->Descriptor.Mapping.PteAddress = (PMMPTE)_pte; \
81 _pfn->State = PfnStateActive; \
82 _pfn->Flags = PFN_FLAG_NONPAGED; \
83 } \
84 \
85 invlpg((void*)(uintptr_t)(_Va)); \
86} while (0)
87
88#else /* SMP build: include TLB shootdown via IPI */
89
90#define MI_WRITE_PTE(_PtePointer, _Va, _Pa, _Flags) \
91do { \
92 MMPTE* _pte = (MMPTE*)(_PtePointer); \
93 uint64_t _val = (((uintptr_t)(_Pa)) & ~0xFFFULL) | (uint64_t)(_Flags); \
94 MiAtomicExchangePte(_pte, _val); \
95 __asm__ volatile("" ::: "memory"); \
96 \
97 /* Only set PFN->PTE link if PFN database is initialized */ \
98 if (MmPfnDatabaseInitialized) { \
99 PPFN_ENTRY _pfn = PHYSICAL_TO_PPFN(_Pa); \
100 _pfn->Descriptor.Mapping.PteAddress = (PMMPTE)_pte; \
101 _pfn->State = PfnStateActive; \
102 _pfn->Flags = PFN_FLAG_NONPAGED; \
103 } \
104 \
105 invlpg((void*)(uintptr_t)(_Va)); \
106 \
107 /* Send IPIs if SMP is initialized (and all APs are on) */ \
108 if (smpInitialized && allApsInitialized) { \
109 IPI_PARAMS _Params; \
110 _Params.pageParams.addressToInvalidate = (uint64_t)(_Va); \
111 MhSendActionToCpusAndWait(CPU_ACTION_PERFORM_TLB_SHOOTDOWN, _Params);\
112 } \
113} while (0)
114
115#define MI_WRITE_PTE_NO_IPI(_PtePointer, _Va, _Pa, _Flags) \
116do { \
117 MMPTE* _pte = (MMPTE*)(_PtePointer); \
118 uint64_t _val = (((uintptr_t)(_Pa)) & ~0xFFFULL) | (uint64_t)(_Flags); \
119 MiAtomicExchangePte(_pte, _val); \
120 __asm__ volatile("" ::: "memory"); \
121 \
122 /* Only set PFN->PTE link if PFN database is initialized */ \
123 if (MmPfnDatabaseInitialized) { \
124 PPFN_ENTRY _pfn = PHYSICAL_TO_PPFN(_Pa); \
125 _pfn->Descriptor.Mapping.PteAddress = (PMMPTE)_pte; \
126 _pfn->State = PfnStateActive; \
127 _pfn->Flags = PFN_FLAG_NONPAGED; \
128 } \
129 \
130 invlpg((void*)(uintptr_t)(_Va)); \
131 \
132} while (0)
133
134#endif
135#define PPFN_TO_INDEX(PPFN) ((size_t)((PPFN) - PfnDatabase.PfnEntries))
136#define PPFN_TO_PHYSICAL_ADDRESS(PPFN) \
137 ((uint64_t)((uint64_t)PPFN_TO_INDEX(PPFN) * (uint64_t)PhysicalFrameSize))
138#define VA_OFFSET(_VirtualAddress) ((uintptr_t)(_VirtualAddress) & 0xFFF)
139#define MM_IS_DEMAND_ZERO_PTE(pte) \
140 (((pte).Soft.SoftwareFlags & MI_DEMAND_ZERO_BIT) != 0)
141#define MM_SET_DEMAND_ZERO_PTE(pte, prot_flags, nx) \
142 do { \
143 (pte).Value = 0; \
144 (pte).Soft.SoftwareFlags = (prot_flags) | MI_DEMAND_ZERO_BIT; \
145 (pte).Soft.NoExecute = (nx); \
146 } while(0)
147#define MM_UNSET_DEMAND_ZERO_PTE(pte) \
148 do { \
149 (pte).Soft.SoftwareFlags &= ~MI_DEMAND_ZERO_BIT; \
150 } while(0)
151#endif
152#else
153#define PTE_TO_PHYSICAL(PMMPTE) (0)
154#define MI_WRITE_PTE(_PtePointer, _Va, _Pa, _Flags) ((void)0)
155#define MI_WRITE_PTE_NO_IPI(_PtePointer, _Va, _Pa, _Flags) ((void)0)
156#define PPFN_TO_INDEX(PPFN) (0)
157#define PPFN_TO_PHYSICAL_ADDRESS(PPFN) (0)
158#define INDEX_TO_PPFN(Index) (NULL)
159#define PHYSICAL_TO_PPFN(PHYS) (NULL)
160#define VA_OFFSET(_VirtualAddress) (uintptr_t)(NULL)
161#define MM_IS_DEMAND_ZERO_PTE(pte) (NULL)
162#define MM_SET_DEMAND_ZERO_PTE(pte, prot_flags, nx) ((void)0)
163#define MM_UNSET_DEMAND_ZERO_PTE(pte) (NULL)
164#endif
165
166// Convert bytes to pages (rounding up)
167#define BYTES_TO_PAGES(Bytes) (((Bytes) + VirtualPageSize - 1) / VirtualPageSize)
168// Convert pages to bytes
169#define PAGES_TO_BYTES(Pages) ((Pages) * VirtualPageSize)
170
171// Align the page (down)
172#define PAGE_ALIGN(Va) ((void*)((uint64_t)(Va) & ~(VirtualPageSize - 1)))
173
174#define MAX_POOL_DESCRIPTORS 7 // Allows for: 32, 64, 128, 256, 512, 1024, 2048 Bytes Per pool
175#define _32B_POOL 1
176#define _64B_POOL 2
177#define _128B_POOL 3
178#define _256B_POOL 4
179#define _512B_POOL 5
180#define _1024B_POOL 6
181#define _2048B_POOL 7
182#define POOL_MIN_ALLOC 32 // Bytes
183// You are allowed to request bytes above max allocation, the global pool would be used.
184#define POOL_MAX_ALLOC 2048
185// Pool sizes
186#define MI_NONPAGED_POOL_SIZE ((size_t)16ULL * 1024 * 1024 * 1024) // 16 GiB
187#define MI_PAGED_POOL_SIZE ((size_t)32ULL * 1024 * 1024 * 1024) // 32 GiB
188
189// Total pages in each pool
190#define NONPAGED_POOL_VA_TOTAL_PAGES (MI_NONPAGED_POOL_SIZE / VirtualPageSize)
191#define PAGED_POOL_VA_TOTAL_PAGES (MI_PAGED_POOL_SIZE / VirtualPageSize)
192
193// Bitmap QWORDs
194#define NONPAGED_POOL_VA_BITMAP_QWORDS ((NONPAGED_POOL_VA_TOTAL_PAGES + 63) / 64)
195#define PAGED_POOL_VA_BITMAP_QWORDS ((PAGED_POOL_VA_TOTAL_PAGES + 63) / 64)
196
197// Number of pages needed for each bitmap (page-aligned)
198#define MI_NONPAGED_BITMAP_PAGES_NEEDED ((NONPAGED_POOL_VA_BITMAP_QWORDS * sizeof(uint64_t) + VirtualPageSize - 1) / VirtualPageSize)
199#define MI_PAGED_BITMAP_PAGES_NEEDED ((PAGED_POOL_VA_BITMAP_QWORDS * sizeof(uint64_t) + VirtualPageSize - 1) / VirtualPageSize)
200
201// Alignment helper
202#define ALIGN_UP(x, align) (((uintptr_t)(x) + ((align)-1)) & ~((uintptr_t)((align)-1)))
203
204// Bitmap memory allocations (physical pages)
205#define MI_NONPAGED_BITMAP_BASE ALIGN_UP(LK_KERNEL_END, VirtualPageSize)
206#define MI_NONPAGED_BITMAP_END (MI_NONPAGED_BITMAP_BASE + MI_NONPAGED_BITMAP_PAGES_NEEDED * VirtualPageSize)
207
208#define MI_PAGED_BITMAP_BASE ALIGN_UP(MI_NONPAGED_BITMAP_END, VirtualPageSize)
209#define MI_PAGED_BITMAP_END (MI_PAGED_BITMAP_BASE + MI_PAGED_BITMAP_PAGES_NEEDED * VirtualPageSize)
210
211// Pool virtual address ranges (page-aligned)
212#define MI_NONPAGED_POOL_BASE ALIGN_UP(MI_PAGED_BITMAP_END, VirtualPageSize)
213#define MI_NONPAGED_POOL_END (MI_NONPAGED_POOL_BASE + MI_NONPAGED_POOL_SIZE)
214
215#define MI_PAGED_POOL_BASE ALIGN_UP(MI_NONPAGED_POOL_END, VirtualPageSize)
216#define MI_PAGED_POOL_END (MI_PAGED_POOL_BASE + MI_PAGED_POOL_SIZE)
217
218// Address Manipulation And Checks
219#define MI_IS_CANONICAL_ADDR(va) \
220({ \
221 uint64_t _va = (uint64_t)(va); \
222 uint64_t _mask = ~((1ULL << 48) - 1); /* bits 63:48 */ \
223 ((_va & _mask) == 0 || (_va & _mask) == _mask); \
224})
225
226#define PFN_TO_PHYS(Pfn) PPFN_TO_PHYSICAL_ADDRESS(INDEX_TO_PPFN(Pfn))
227#define PHYS_TO_INDEX(PhysicalAddress) PPFN_TO_INDEX(PHYSICAL_TO_PPFN(PhysicalAddress))
228
229#define PFN_ERROR UINT64_T_MAX
230
231// Lazy allocations macros
232#define PROT_KERNEL_READ (1ULL << 0)
233#define PROT_KERNEL_WRITE (1ULL << 1)
234#define PROT_KERNEL_NOEXECUTE (1ULL << 2)
235#define PROT_KERNEL_USER (1ULL << 3)
236#define MI_DEMAND_ZERO_BIT (1ULL << 16)
237
238// Tags
239#define MM_POOL_CANARY 'BEKA'
240
241// Stack sizes & protections.
242#define MI_STACK_SIZE 0x4000 // 16KiB
243#define MI_LARGE_STACK_SIZE 0xf000 // 60 KiB
244#define MI_GUARD_PAGE_PROTECTION (1ULL << 17)
245#define MI_DEFAULT_USER_STACK_SIZE 0x100000 // 1 MiB
246
247// Barriers
248
249// Prevents CPU Reordering as well as the MmBarrier functionality.
250#define MmFullBarrier() __sync_synchronize()
251
252// Ensure ordedring of memory operations (memory should be visible before continuing)
253#define MmBarrier() __asm__ __volatile__("mfence" ::: "memory")
254
255// ------------------ TYPE DEFINES ------------------
256typedef uint64_t PAGE_INDEX;
257
258#define MmIsAddressValid(VirtualAddress) MmIsAddressPresent(VirtualAddress)
259
260// ------------------ ACCESS RIGHTS ------------------
261
262#define MT_SECTION_QUERY 0x0001 // Query section info (size, attributes)
263#define MT_SECTION_MAP_WRITE 0x0002 // Map section with write permissions
264#define MT_SECTION_MAP_READ 0x0004 // Map section with read permissions
265#define MT_SECTION_MAP_EXECUTE 0x0008 // Map section with execute permissions
266#define MT_SECTION_EXTEND_SIZE 0x0010 // Extend section size (file-backed sections)
267#define MT_SECTION_MAP_EXECUTE_EXPL 0x0020 // Explicit executable mapping (DEP / NX override)
268
269// All valid section rights
270#define MT_SECTION_ALL_ACCESS 0x003F
271
272typedef int32_t HANDLE, * PHANDLE;
273// ------------------ ENUMERATORS ------------------
274
275typedef enum _PFN_STATE {
276 PfnStateActive, // Actively mapped in a process (RefCount > 0)
277 PfnStateStandby, // Clean, in RAM, not mapped (RefCount == 0)
278 PfnStateModified, // Dirty, in RAM, not mapped (RefCount == 0)
279 PfnStateFree, // Contents are garbage (RefCount == 0)
280 PfnStateZeroed, // Contents are all zeros (RefCount == 0)
281 PfnStateTransition, // Locked for I/O (e.g being paged in/out)
282 PfnStateBad // Unusable (hardware error)
283} PFN_STATE;
284
285// Page FLAGS (attributes that can be combined)
286typedef enum _PFN_FLAGS {
287 PFN_FLAG_NONE = 0,
288 PFN_FLAG_NONPAGED = (1U << 0), // This PFN holds a nonpaged virtual address (not backed by a file), BIT 3 must NOT be set if this bit is active.
289 PFN_FLAG_COPY_ON_WRITE = (1U << 1), // This is a COW page
290 PFN_FLAG_MAPPED_FILE = (1U << 2), // Backed by a file (not swap)
291 PFN_FLAG_LOCKED_FOR_IO = (1U << 3) // Page is pinned for DMA, etc.
292} PFN_FLAGS;
293
294typedef enum _VAD_FLAGS {
295 VAD_FLAG_NONE = 0, // No flags, base value.
296 VAD_FLAG_READ = (1U << 0), // Allowed to read from this address.
297 VAD_FLAG_WRITE = (1U << 1), // Allowed to write to this address
298 VAD_FLAG_EXECUTE = (1U << 2), // Instruction execution is permitted on the address.
299 VAD_FLAG_PRIVATE = (1U << 3), // Private (backed by swap file, like pagefile.mtsys)
300 VAD_FLAG_MAPPED_FILE = (1U << 4), // Backed by a file (lets say data.mtdll)
301 VAD_FLAG_COPY_ON_WRITE = (1U << 5), // Allocation comes from a shared physical memory address(s), this can be shared between executables.
302 VAD_FLAG_RESERVED = (1U << 6), // Allocation WILL NOT happen if this flag is set, it takes precedence.
303 VAD_FLAG_GUARD_PAGE = (1U << 7), // This allocation signifies a guard page, if a memory operation is performed on this page, an MT_GUARD_PAGE_VIOLATION exception is raised, and the page turns to a normal stack page.
304} VAD_FLAGS;
305
306typedef enum _PAGE_FLAGS {
307 PAGE_PRESENT = 1 << 0, // Bit 0
308 // 0 = page not present (access causes page fault)
309 // 1 = page is present, MMU translates virtual addresses
310
311 PAGE_RW = 1 << 1, // Bit 1
312 // 0 = read-only
313 // 1 = read/write
314
315 PAGE_USER = 1 << 2, // Bit 2
316 // 0 = supervisor (kernel) only
317 // 1 = user-mode access allowed
318
319 PAGE_PWT = 0x8, // Bit 3
320 // Page Write-Through
321 // 0 = write-back caching
322 // 1 = write-through caching
323
324 PAGE_PCD = 0x10, // Bit 4
325 // Page Cache Disable
326 // 0 = cacheable
327 // 1 = cache disabled
328
329 PAGE_ACCESSED = 0x20, // Bit 5
330 // Set by CPU when page is read or written
331
332 PAGE_DIRTY = 0x40, // Bit 6
333 // Set by CPU when page is written to
334
335 PAGE_PS = 0x80, // Bit 7
336 // Page Size
337 // 0 = normal 4KB page
338 // 1 = large page (4MB in PDE, 2MB in PTE for PAE/long mode)
339
340#define PAGE_PAT (1ULL << 7)
341 // PAGE_PAT, Look at MEMORY_CACHING_TYPE enum.
342
343 PAGE_GLOBAL = 0x100, // Bit 8
344 // Global page
345 // Not flushed from TLB on CR3 reload
346
347 PAGE_NX = (1ULL << 63) // Bit 63
348 // No-Execute region
349 // Execution cannot happen in this page.
350} PAGE_FLAGS;
351
352// NonPagedPools - Allocations occur at max DISPATCH_LEVEL (inclusive). (e.g assert(IRQL == DISPATCH/PASSIVE/APC_LEVEL)
353// PagedPools - Allocations occur at max DISPATCH_LEVEL (exclusive) (e.g assert(IRQL == PASSIVE/APC_LEVEL)
354typedef enum _POOL_TYPE {
355 NonPagedPool = 0, // Non-pageable kernel pool (instant map, available at all IRQLs) (IMPLEMENTED)
356 PagedPool = 1, // Pageable pool (can only be used when IRQL < DISPATCH_LEVEL). (IMPLEMENTED) (NOEXECUTE)
357 NonPagedPoolCacheAligned = 2, // Non-paged, cache-aligned (UNIMPLEMENTED)
358 PagedPoolCacheAligned = 3, // Paged, cache-aligned (UNIMPLEMENTED)
359 NonPagedPoolNx = 4, // Non-paged, non-executable (NX) (IMPLEMENTED)
360 // No MustSucceeds, these are a bad concept, handle errors gracefully.
361} POOL_TYPE;
362
369
374
375typedef enum _MEMORY_CACHING_TYPE {
376
377 MmNonCached = 0, // UC (Uncacheable)
378 // CPU never caches reads/writes.
379 // Every access goes directly to RAM or device.
380 // Most MMIO devices require this.
381
382 MmCached, // WB (Write-Back) (default)
383 // Normal DRAM caching behavior.
384 // Reads/writes go through CPU caches; writes may be delayed.
385 // Fastest and default for regular memory.
386
387 MmWriteCombined, // WC (Write-Combining)
388 // Writes are buffered and combined, NOT cached.
389 // Ideal for framebuffers / GPUs.
390 // Fast sequential writes; CPU collects them and bursts to memory.
391
392 MmWriteThrough, // WT (Write-Through)
393 // Reads are cached, but writes go straight to memory.
394 // Ensures memory is always coherent but slower for writes.
395 // Rarely used today.
396
397 MmNonCachedUnordered, // UC- (Uncacheable Minus)
398 // Similar to UC but allows some reordering and speculative reads.
399 // Safe for some device memory but not all.
400 // Used mostly by OSes for special mappings.
401
402 MmUSWCCached, // USWC (Uncached Speculative Write Combining)
403 // Read = UC-, Write = WC.
404 // Used for some high-end GPU/PCIe devices.
405 // Allows speculative reads + write-combined writes.
406
407 MmHardwareCoherentCached, // WB or WT depending on device
408 // For coherent DMA-capable devices.
409 // Typically WB unless device explicitly requires WT.
410} MEMORY_CACHING_TYPE;
411
416
417// ------------------ STRUCTURES ------------------
418
419typedef struct _MMPTE
420{
421 union
422 {
423 uint64_t Value; // Raw 64-bit PTE value
424
425 //
426 // Hardware format when the page is present in memory
427 //
428 struct
429 {
430 uint64_t Present : 1; // 1 = Present
431 uint64_t Write : 1; // Writable
432 uint64_t User : 1; // User-accessible
433 uint64_t WriteThrough : 1; // Write-through cache
434 uint64_t CacheDisable : 1; // Disable caching
435 uint64_t Accessed : 1; // Set by CPU when accessed
436 uint64_t Dirty : 1; // Set by CPU when written
437 uint64_t LargePage : 1; // Large page flag (2MB/1GB) (valid only in PDE)
438 uint64_t Global : 1; // Global TLB entry
439 uint64_t CopyOnWrite : 1; // Software: copy-on-write
440 uint64_t Prototype : 1; // Software: prototype PTE (section)
441 uint64_t Reserved0 : 1; // VAD PTE?
442 uint64_t PageFrameNumber : 40;// Physical page frame number
443 uint64_t Reserved1 : 11; // Reserved by hardware
444 uint64_t NoExecute : 1; // NX bit
445 } Hard;
446
447 //
448 // Software format when not present
449 // (Paged out / transition / pagefile / prototype)
450 //
451 struct
452 {
453 uint64_t Present : 1; // 0 = Not present
454 uint64_t Write : 1; // Meaning depends on context
455 uint64_t Transition : 1; // 1 = Page is in transition (has PFN) (used for StandBy List)
456 uint64_t Prototype : 1; // 1 = Prototype PTE (mapped section)
457 uint64_t PageFile : 1; // 1 = Paged to disk (pagefile)
458 uint64_t Reserved : 7; // i'm sorry, h.c (sorry for cringing out whoever sees this)
459 uint64_t PageFrameNumber : 32; // Pagefile offset or PFN (if transition)
460 uint64_t SoftwareFlags : 19; // e.g. protection mask, pool type
461 uint64_t NoExecute : 1; // NX still meaningful in software
462 } Soft;
463 };
464} MMPTE, * PMMPTE;
465// Guess why I had to put this here? Because the Soft struct took 65 bits, which made it take 16 bytes, overflowing to the next PTE.
466// fun, very fun..
467_Static_assert(sizeof(MMPTE) == 8, "The size of a PTE in a 64bit system is always 8 bytes");
468
469typedef struct _PFN_ENTRY {
470 volatile uint32_t RefCount; // Atomic Reference Count
471 uint8_t State; // PFN_STATE of this Page.
472 uint8_t Flags; // Bitfield of PFN_FLAGS
473 // The Descriptor of the PFN (contains mapping data, the doubly linked list, and file offset, all that depend on the State)
474 union {
475 // State: PfnStateFree, PfnStateZeroed,
476 // PfnStateStandby, PfnStateModified (Used when - INACTIVE)
477 struct _DOUBLY_LINKED_LIST ListEntry;
478
479 // State: PfnStateActive (this is the reverse mapping information) (Used when - ACTIVE, IN USE)
480 struct {
481 struct _MMVAD* Vad; // Pointer to VAD in memory. (might not always be in use)
482 PMMPTE PteAddress; // Pointer to PTE in memory. (is always valid when in use)
483 } Mapping;
484
485 // State: PfnStateStandby or PfnStateModified (for file backed pages) (Used when - SEMI-ACTIVE, PAGED TO DISK, NOT IN CURRENT USE)
486 uint64_t FileOffset; // Offset of bytes in pagefile.mtsys
487
488 } Descriptor;
489} PFN_ENTRY, *PPFN_ENTRY;
490
491typedef struct _MM_PFN_LIST {
492 struct _DOUBLY_LINKED_LIST ListEntry; // List Head
493 volatile uint64_t Count; // Number of pages in this list.
494 SPINLOCK PfnListLock; // Spinlock for each PFN List to ensure atomicity.
495} MM_PFN_LIST;
496
497typedef struct _MM_PFN_DATABASE {
498 PPFN_ENTRY PfnEntries; // Pointer to base of the PFN_ENTRY array.
499 size_t TotalPageCount; // Total count of pages in the PFN database.
500 SPINLOCK PfnDatabaseLock; // Global spinlock for adding/popping memory.
501
502 // Page lists
503 MM_PFN_LIST FreePageList; // Pages with garbage data.
504 MM_PFN_LIST ZeroedPageList; // Pages pre-filled with zeros for optimization purposes.
505 MM_PFN_LIST StandbyPageList; // Clean pages, candidates for reuse. (used for loading processes fast)
506 MM_PFN_LIST ModifiedPageList; // Dirty pages, must be written to disk for backing.
507 MM_PFN_LIST BadPageList; // List of bad memory pages
508
509 // Statistics
510 volatile size_t AvailablePages; // Free + Zeroed + Standby
511 volatile size_t TotalReserved; // Kernel, drivers, etc.
512} MM_PFN_DATABASE;
513
514typedef struct _MMVAD {
515 uintptr_t StartVa; // Starting Virtual Address.
516 uintptr_t EndVa; // Ending Virtual Address.
517 VAD_FLAGS Flags; // VAD_FLAGS Bitfield
518
519 // VAD Are per process, stored in an AVL.
520 struct _MMVAD* LeftChild;
521 struct _MMVAD* RightChild;
522 struct _MMVAD* Parent;
523
524 // Height of the node in the tree.
525 int Height;
526
527 // If VAD_FLAG_MAPPED_FILE bit is set.
528 struct _FILE_OBJECT* File; // FILE_OBJECT Ptr.
529 uint64_t FileOffset; // Offset into the file this region starts in. (in bytes, so compute arithemetic with addresses and not pages!!)
530
531 // Pointer to owner process.
532 struct _EPROCESS* OwningProcess;
533} MMVAD, *PMMVAD;
534
535typedef struct _POOL_HEADER
536{
537 uint32_t PoolCanary; // Must always be equal to - 'BEKA'
538 union
539 {
540 // When the block is FREE, it's part of a list.
541 SINGLE_LINKED_LIST FreeListEntry;
542
543 // When the block is ALLOCATED, we store actual metadata info.
544 struct
545 {
546 uint16_t BlockSize; // Size of this block
547 uint16_t PoolIndex; // Index of the slab it came from
548 };
549 } Metadata;
550 uint32_t PoolTag; // Tag of pool. (default - 'ADIR')
551} POOL_HEADER, * PPOOL_HEADER;
552
553typedef struct _POOL_DESCRIPTOR {
554 SINGLE_LINKED_LIST FreeListHead; // Head of the free list
555 size_t BlockSize; // The size of the block + header (so if this is a 32 byte slab, it would be (32 + sizeof(POOL_HEADER))
556 volatile uint64_t FreeCount; // Number of blocks on the free list
557 volatile uint64_t TotalBlocks; // Total blocks ever allocated (statistics)
558 SPINLOCK PoolLock; // Spinlock for this specific pool descriptor.
559 enum _POOL_TYPE PoolType; // The type of the pools this descriptor holds.
560} POOL_DESCRIPTOR, *PPOOL_DESCRIPTOR;
561
562typedef struct {
563 uint64_t r_offset; /* Address (RVA) */
564 uint64_t r_info; /* Relocation type and symbol index */
565 int64_t r_addend; /* Addend */
566} Rela;
567
568#define R_X86_64_RELATIVE 8
569
570#pragma pack(push, 1)
571typedef struct {
572 uint8_t Magic[4];
573 uint64_t PreferredImageBase; /* __image_base */
574 uint64_t EntryRVA; /* __entry_rva */
575 uint64_t TextRVA; /* __text_rva */
576 uint64_t TextSize;
577 uint64_t DataRVA;
578 uint64_t DataSize;
579 uint64_t BssSize;
580 uint64_t exports_rva;
581 uint64_t exports_size;
582 uint64_t reloc_rva;
583 uint64_t reloc_size;
584 uint64_t imports_rva; // RVA To import array, then absolute addresses.
585 uint64_t imports_size; // Size of total imports (to find out total we divide by MT_IMPORT_ENTRIES)
586 uint8_t Reserved[20]; /* pad the rest to 128 bytes */
587} MTE_HEADER;
588#pragma pack(pop)
589
590VALIDATE_SIZE(MTE_HEADER, 128);
591
592// Exports are RVA
593typedef struct {
594 uint64_t name_rva;
595 uint64_t func_rva;
596} MT_EXPORT_ENTRY;
597
598// Imports are absolutes.
599typedef struct {
600 uint64_t lib_name_absolute; // RVA to string "kernel32.dll"
601 uint64_t func_name_absolute; // RVA to string "PrintString"
602 uint64_t iat_addr_absolute; // RVA to the function pointer to be patched
603} MT_IMPORT_ENTRY;
604
605// Represents a section in the file (.text, .data)
606typedef struct _MM_SUBSECTION {
607 uint64_t FileOffset; // Where in the file this data lives
608 uint64_t VirtualSize; // How much RAM it needs
609 VAD_FLAGS Protection; // VAD_FLAGS (Read, Write, Exec)
610 uint32_t IsDemandZero; // 1 for .bss (no file backing), 0 for .text/.data
611} MM_SUBSECTION, * PMM_SUBSECTION;
612
613// Represents the loaded Executable/DLL
614typedef struct _MM_SECTION {
615 struct _FILE_OBJECT* FileObject;
616 uintptr_t PreferredBase;
617 MM_SUBSECTION WholeFileSection;
618
619 // We have 3 distinct regions in our MTE format.
620 MM_SUBSECTION Text;
621 MM_SUBSECTION Data;
622 MM_SUBSECTION Bss;
623
624 uint64_t EntryPointOffset;
625 uint64_t ImageSize; // Total size in Virtual Memory
626} MM_SECTION, * PMM_SECTION;
627
628// ------------------ FUNCTIONS ------------------
629extern MM_PFN_DATABASE PfnDatabase; // Database defined in 'pfn.c'
630
631// Global Externals for signals & constants.
632extern bool MmPfnDatabaseInitialized;
633extern PAGE_INDEX MmHighestPfn;
634extern uintptr_t MmSystemRangeStart;
635extern uintptr_t MmHighestUserAddress;
636extern uintptr_t MmUserStartAddress;
637extern uintptr_t MmUserProbeAddress;
638extern uintptr_t MmNonPagedPoolStart;
639extern uintptr_t MmNonPagedPoolEnd;
640extern uintptr_t MmPagedPoolStart;
641extern uintptr_t MmPagedPoolEnd;
642extern uint64_t MmTotalMemory;
643extern uint64_t MmTotalUsableMemory;
644
645
646#define USER_VA_END 0x00007FFFFFFFFFFF
647#define USER_VA_START 0x10000
648
649// general functions
650uint64_t* pml4_from_recursive(void);
651
652// Memory Set.
653FORCEINLINE
654void*
655kmemset (
656 void* dest, int64_t val, uint64_t len
657)
658{
659 uint8_t* ptr = dest;
660 for (size_t i = 0; i < (size_t)len; i++) {
661 ptr[i] = (uint8_t)val;
662 }
663 return dest;
664}
665
666// Memory copy
667FORCEINLINE
668void*
669kmemcpy(
670 void* dest, const void* src, size_t len
671)
672{
673 uint8_t* d = (uint8_t*)dest;
674 const uint8_t* s = (const uint8_t*)src;
675 for (size_t i = 0; i < len; i++) d[i] = s[i];
676 return dest;
677}
678
679FORCEINLINE
680int
681kmemcmp(
682 const void* s1, const void* s2, size_t n
683)
684{
685 const uint8_t* p1 = (const uint8_t*)s1;
686 const uint8_t* p2 = (const uint8_t*)s2;
687
688 for (size_t i = 0; i < n; i++) {
689 if (p1[i] != p2[i])
690 return (int)(p1[i] - p2[i]);
691 }
692 return 0;
693}
694
695FORCEINLINE
696uint64_t
697MiCacheToFlags(MEMORY_CACHING_TYPE type)
698{
699 switch (type)
700 {
701 case MmCached: // WB
702 return 0;
703
704 case MmWriteThrough: // WT
705 return PAGE_PWT;
706
707 case MmNonCached: // UC
708 return PAGE_PCD | PAGE_PWT;
709
710 case MmWriteCombined: // WC
711 return PAGE_PAT; // (Index 5)
712
713 case MmNonCachedUnordered: // UC-
714 return PAGE_PAT | PAGE_PCD; // (Index 6)
715
716 case MmUSWCCached: // USWC (UC- reads + WC writes)
717 return PAGE_PAT | PAGE_PWT; // (Index 7 = UC, but write behavior is WC)
718
719 case MmHardwareCoherentCached: // Usually WB; fallback WT if required
720 return 0;
721
722 default:
723 return 0;
724 }
725}
726
727FORCEINLINE
728FAULT_OPERATION
729MiRetrieveOperationFromErrorCode(
730 uint64_t ErrorCode
731)
732
733{
734 FAULT_OPERATION operation;
735
736 // Any of the operations below can also occur not only because of a non-present page (PTE), but a non-present page directory (or above)
737 if (ErrorCode & (1 << 4)) {
738 operation = ExecuteOperation; // Execute (NX Fault) (NX Bit set, and CPU attempted execution on an instruction with it present.)
739 }
740 else if (ErrorCode & (1 << 1)) {
741 operation = WriteOperation; // Write fault (read only page \ not present)
742 }
743 else {
744 operation = ReadOperation; // Read Fault (not present?)
745 }
746
747 return operation;
748}
749
750FORCEINLINE
751uint64_t
752MiRetrieveLastFaultyAddress(
753 void
754)
755
756{
757 return __read_cr2();
758}
759
760FORCEINLINE
761void
762MiAtomicExchangePte(
763 PMMPTE PtePtr,
764 uint64_t NewPteValue
765)
766
767{
768 InterlockedExchangeU64((volatile uint64_t*)PtePtr, NewPteValue);
769}
770
771FORCEINLINE
772bool
773MiIsValidPfn(
774 IN PAGE_INDEX Pfn
775)
776
777{
778 return Pfn <= MmHighestPfn;
779}
780
781// module: pfn.c
782
783MTSTATUS
784MiInitializePfnDatabase(
785 IN PBOOT_INFO BootInfo
786);
787
788MUST_USE_RESULT
789HOT
790PAGE_INDEX
791MiRequestPhysicalPage(
792 IN PFN_STATE ListType
793);
794
795bool
796MiIsWithinBoundsOfReleasePhysicalPage(
797 void* VirtualAddress
798);
799
800void
801MiReleasePhysicalPage(
802 IN PAGE_INDEX PfnIndex
803);
804
805void
806MiUnlinkPageFromList(
807 PPFN_ENTRY pfn
808);
809
810void
811MiUnlinkPageFromList(
812 PPFN_ENTRY pfn
813);
814
815// module: map.c
816
817void
818MiInvalidateTlbForVa(
819 IN void* VirtualAddress
820);
821
822void
823MiReloadTLBs(
824 void
825);
826
827PMMPTE
828MiGetPml4ePointer(
829 IN uintptr_t va
830);
831
832PMMPTE
833MiGetPdptePointer(
834 IN uintptr_t va
835);
836
837PMMPTE
838MiGetPdePointer(
839 IN uintptr_t va
840);
841
842PMMPTE
843MiGetPtePointer(
844 IN uintptr_t va
845);
846
847uintptr_t
848MiTranslatePteToVa(
849 IN PMMPTE pte
850);
851
852PAGE_INDEX
853MiTranslatePteToPfn(
854 IN PMMPTE pte
855);
856
857bool
858MiAtomicSetTransitionPte(
859 IN PMMPTE Pte,
860 IN PAGE_INDEX Pfn
861);
862
863uintptr_t
864MiTranslateVirtualToPhysical(
865 IN void* VirtualAddress
866);
867
868void
869MiUnmapPte(
870 IN PMMPTE pte
871);
872
873bool
874MmIsAddressPresent(
875 IN uintptr_t VirtualAddress
876);
877
878// module: hypermap.c
879
880MUST_USE_RESULT
881void*
882MiMapPageInHyperspace(
883 IN uint64_t PfnIndex,
884 OUT PIRQL OldIrql
885);
886
887void
888MiUnmapHyperSpaceMap(
889 IN IRQL OldIrql
890);
891
892// module: pool.c
893
894MTSTATUS
895MiInitializePoolSystem(
896 void
897);
898
899// Only NonPagedPool and PagedPool are implemented out of the POOL_TYPE enumerator.
900MUST_USE_RESULT
901HOT
902void*
903MmAllocatePoolWithTag(
904 IN enum _POOL_TYPE PoolType,
905 IN size_t NumberOfBytes,
906 IN uint32_t Tag
907);
908
909void
910MmFreePool(
911 IN void* buf
912);
913
914// module: mmproc.c
915
916MUST_USE_RESULT
917void*
918MiCreateKernelStack(
919 IN bool LargeStack
920);
921
922void
923MiFreeKernelStack(
924 IN void* AllocatedStackTop,
925 IN bool LargeStack
926);
927
928MTSTATUS
929MmCreateProcessAddressSpace(
930 OUT void** DirectoryTable
931);
932
933MTSTATUS
934MmDeleteProcessAddressSpace(
935 IN PEPROCESS Process,
936 IN uintptr_t PageDirectoryPhysical
937);
938
939MTSTATUS
940MmCreateUserStack(
941 IN PEPROCESS Process,
942 OUT void** OutStackTop,
943 _In_Opt size_t StackReserveSize
944);
945
946MTSTATUS
947MmCreatePeb(
948 IN PEPROCESS Process,
949 OUT void** OutPeb,
950 OUT void** OutBasicMtdllTypes
951);
952
953MTSTATUS
954MmCreateTeb(
955 IN PETHREAD Thread,
956 OUT void** OutTeb
957);
958
959// module: vad.c
960
961MTSTATUS
962MmAllocateVirtualMemory(
963 IN PEPROCESS Process,
964 _In_Opt _Out_Opt void** BaseAddress,
965 IN size_t NumberOfBytes,
966 IN VAD_FLAGS VadFlags
967);
968
969MTSTATUS
970// TODO Free with explicit size, split vad if needed.
971MmFreeVirtualMemory(
972 IN PEPROCESS Process,
973 IN void* BaseAddress
974);
975
976MUST_USE_RESULT
977PMMVAD
978MiFindVad(
979 IN PEPROCESS Process,
980 IN uintptr_t VirtualAddress
981);
982
983MUST_USE_RESULT
984uintptr_t
985MmFindFreeAddressSpace(
986 IN PEPROCESS Process,
987 IN size_t NumberOfBytes,
988 IN uintptr_t SearchStart,
989 IN uintptr_t SearchEnd // exclusive
990);
991
992MUST_USE_RESULT
993MTSTATUS
994MmIsAddressRangeFree(
995 PEPROCESS Process,
996 uintptr_t StartVa,
997 uintptr_t EndVa
998);
999
1000// module: va.c
1001
1002bool
1003MiInitializePoolVaSpace(
1004 void
1005);
1006
1007MUST_USE_RESULT
1008uintptr_t
1009MiAllocatePoolVa(
1010 IN POOL_TYPE PoolType,
1011 IN size_t NumberOfBytes
1012);
1013
1014void
1015MiFreePoolVaContiguous(
1016 IN uintptr_t va,
1017 IN size_t NumberOfBytes,
1018 IN POOL_TYPE PoolType
1019);
1020
1021// module: fault.c
1022
1023MTSTATUS
1024MmAccessFault(
1025 IN uint64_t FaultBits,
1026 IN uint64_t VirtualAddress,
1027 IN PRIVILEGE_MODE PreviousMode,
1028 IN PTRAP_FRAME TrapFrame
1029);
1030
1031MUST_USE_RESULT
1032bool
1033MmInvalidAccessAllowed(
1034 void
1035);
1036
1037// module: mmio.c
1038
1039bool
1040MiCheckForContigiousMemory(
1041 IN void* StartAddress,
1042 IN size_t NumberOfBytes
1043);
1044
1045MUST_USE_RESULT
1046void*
1047MmAllocateContigiousMemory(
1048 IN size_t NumberOfBytes,
1049 IN uint64_t HighestAcceptableAddress
1050);
1051
1052void
1053MmFreeContigiousMemory(
1054 IN void* BaseAddress,
1055 IN size_t NumberOfBytes
1056);
1057
1058MUST_USE_RESULT
1059void*
1060MmMapIoSpace(
1061 IN uintptr_t PhysicalAddress,
1062 IN size_t NumberOfBytes,
1063 IN MEMORY_CACHING_TYPE CacheType
1064);
1065
1066void
1067MmUnmapIoSpace(
1068 IN void* VirtualAddress,
1069 IN size_t NumberOfBytes
1070);
1071
1072// module: mminit.c
1073
1074bool
1075MmInitSystem(
1076 IN uint8_t Phase,
1077 IN PBOOT_INFO BootInformation
1078);
1079
1080void
1081MiMoveUefiDataToHigherHalf(
1082 IN PBOOT_INFO BootInfo
1083);
1084
1085MTSTATUS
1086MmInitSections(
1087 void
1088);
1089
1090// module: section.c
1091
1092MTSTATUS
1093MmCreateSection(
1094 OUT PHANDLE SectionHandle,
1095 IN struct _FILE_OBJECT* FileObject
1096);
1097
1098MTSTATUS
1099MmMapViewOfSection(
1100 IN HANDLE SectionHandle,
1101 IN PEPROCESS Process,
1102 OUT void** EntryPointAddress,
1103 OUT void** BaseAddress
1104);
1105
1106// used by Ob, private.
1107void
1108MmpDeleteSection(
1109 void* Object
1110);
1111
1112#endif
VALIDATE_SIZE
#define VALIDATE_SIZE(struc, size)
Definition annotations.h:75
HOT
#define HOT
Definition annotations.h:48
_In_Opt
#define _In_Opt
Definition annotations.h:10
FORCEINLINE
#define FORCEINLINE
Definition annotations.h:23
_Out_Opt
#define _Out_Opt
Definition annotations.h:11
IN
#define IN
Definition annotations.h:8
OUT
#define OUT
Definition annotations.h:9
MUST_USE_RESULT
#define MUST_USE_RESULT
Definition annotations.h:42
InterlockedExchangeU64
FORCEINLINE uint64_t InterlockedExchangeU64(volatile uint64_t *target, uint64_t value)
Definition atomic.h:42
PHANDLE
int32_t * PHANDLE
Definition core.h:58
IRQL
enum _IRQL IRQL
PIRQL
enum _IRQL * PIRQL
HANDLE
int32_t HANDLE
Definition core.h:58
PEPROCESS
EPROCESS * PEPROCESS
Definition core.h:52
PTRAP_FRAME
TRAP_FRAME * PTRAP_FRAME
Definition core.h:56
PETHREAD
ETHREAD * PETHREAD
Definition core.h:44
SINGLE_LINKED_LIST
struct _SINGLE_LINKED_LIST SINGLE_LINKED_LIST
PBOOT_INFO
struct _BOOT_INFO * PBOOT_INFO
__read_cr2
FORCEINLINE unsigned long __read_cr2(void)
Definition intrin.h:82
_PAGE_FLAGS
_PAGE_FLAGS
Definition mm.h:306
PAGE_RW
@ PAGE_RW
Definition mm.h:311
PAGE_ACCESSED
@ PAGE_ACCESSED
Definition mm.h:329
PAGE_PWT
@ PAGE_PWT
Definition mm.h:319
PAGE_DIRTY
@ PAGE_DIRTY
Definition mm.h:332
PAGE_GLOBAL
@ PAGE_GLOBAL
Definition mm.h:343
PAGE_USER
@ PAGE_USER
Definition mm.h:315
PAGE_PRESENT
@ PAGE_PRESENT
Definition mm.h:307
PAGE_NX
@ PAGE_NX
Definition mm.h:347
PAGE_PCD
@ PAGE_PCD
Definition mm.h:324
PAGE_PS
@ PAGE_PS
Definition mm.h:335
MiCreateKernelStack
MUST_USE_RESULT void * MiCreateKernelStack(IN bool LargeStack)
Definition mmproc.c:26
MmFreeContigiousMemory
void MmFreeContigiousMemory(IN void *BaseAddress, IN size_t NumberOfBytes)
Definition mmio.c:213
SYSTEM_PHASE_ROUTINE
enum _SYSTEM_PHASE_ROUTINE SYSTEM_PHASE_ROUTINE
MM_PFN_LIST
struct _MM_PFN_LIST MM_PFN_LIST
MmAccessFault
MTSTATUS MmAccessFault(IN uint64_t FaultBits, IN uint64_t VirtualAddress, IN PRIVILEGE_MODE PreviousMode, IN PTRAP_FRAME TrapFrame)
Definition fault.c:28
_PFN_STATE
_PFN_STATE
Definition mm.h:275
PfnStateTransition
@ PfnStateTransition
Definition mm.h:281
PfnStateFree
@ PfnStateFree
Definition mm.h:279
PfnStateZeroed
@ PfnStateZeroed
Definition mm.h:280
PfnStateModified
@ PfnStateModified
Definition mm.h:278
PfnStateActive
@ PfnStateActive
Definition mm.h:276
PfnStateStandby
@ PfnStateStandby
Definition mm.h:277
PfnStateBad
@ PfnStateBad
Definition mm.h:282
MiAtomicExchangePte
FORCEINLINE void MiAtomicExchangePte(PMMPTE PtePtr, uint64_t NewPteValue)
Definition mm.h:762
MiCheckForContigiousMemory
bool MiCheckForContigiousMemory(IN void *StartAddress, IN size_t NumberOfBytes)
Definition mmio.c:25
MmInvalidAccessAllowed
MUST_USE_RESULT bool MmInvalidAccessAllowed(void)
Definition fault.c:496
MiRetrieveLastFaultyAddress
FORCEINLINE uint64_t MiRetrieveLastFaultyAddress(void)
Definition mm.h:752
MiTranslateVirtualToPhysical
uintptr_t MiTranslateVirtualToPhysical(IN void *VirtualAddress)
Definition map.c:512
PFN_STATE
enum _PFN_STATE PFN_STATE
MiTranslatePteToVa
uintptr_t MiTranslatePteToVa(IN PMMPTE pte)
Definition map.c:337
MiUnlinkPageFromList
void MiUnlinkPageFromList(PPFN_ENTRY pfn)
Definition pfn.c:530
PMM_SUBSECTION
struct _MM_SUBSECTION * PMM_SUBSECTION
MiAllocatePoolVa
MUST_USE_RESULT uintptr_t MiAllocatePoolVa(IN POOL_TYPE PoolType, IN size_t NumberOfBytes)
Definition va.c:213
_SYSTEM_PHASE_ROUTINE
_SYSTEM_PHASE_ROUTINE
Definition mm.h:412
SYSTEM_PHASE_INITIALIZE_PAT_ONLY
@ SYSTEM_PHASE_INITIALIZE_PAT_ONLY
Definition mm.h:414
SYSTEM_PHASE_INITIALIZE_ALL
@ SYSTEM_PHASE_INITIALIZE_ALL
Definition mm.h:413
_POOL_TYPE
_POOL_TYPE
Definition mm.h:354
PagedPoolCacheAligned
@ PagedPoolCacheAligned
Definition mm.h:358
NonPagedPoolCacheAligned
@ NonPagedPoolCacheAligned
Definition mm.h:357
NonPagedPool
@ NonPagedPool
Definition mm.h:355
PagedPool
@ PagedPool
Definition mm.h:356
NonPagedPoolNx
@ NonPagedPoolNx
Definition mm.h:359
kmemcmp
FORCEINLINE int kmemcmp(const void *s1, const void *s2, size_t n)
Definition mm.h:681
MiIsValidPfn
FORCEINLINE bool MiIsValidPfn(IN PAGE_INDEX Pfn)
Definition mm.h:773
_VAD_FLAGS
_VAD_FLAGS
Definition mm.h:294
VAD_FLAG_NONE
@ VAD_FLAG_NONE
Definition mm.h:295
VAD_FLAG_READ
@ VAD_FLAG_READ
Definition mm.h:296
VAD_FLAG_RESERVED
@ VAD_FLAG_RESERVED
Definition mm.h:302
VAD_FLAG_COPY_ON_WRITE
@ VAD_FLAG_COPY_ON_WRITE
Definition mm.h:301
VAD_FLAG_PRIVATE
@ VAD_FLAG_PRIVATE
Definition mm.h:299
VAD_FLAG_GUARD_PAGE
@ VAD_FLAG_GUARD_PAGE
Definition mm.h:303
VAD_FLAG_MAPPED_FILE
@ VAD_FLAG_MAPPED_FILE
Definition mm.h:300
VAD_FLAG_EXECUTE
@ VAD_FLAG_EXECUTE
Definition mm.h:298
VAD_FLAG_WRITE
@ VAD_FLAG_WRITE
Definition mm.h:297
MEMORY_CACHING_TYPE
enum _MEMORY_CACHING_TYPE MEMORY_CACHING_TYPE
MmMapIoSpace
MUST_USE_RESULT void * MmMapIoSpace(IN uintptr_t PhysicalAddress, IN size_t NumberOfBytes, IN MEMORY_CACHING_TYPE CacheType)
Definition mmio.c:269
MmMapViewOfSection
MTSTATUS MmMapViewOfSection(IN HANDLE SectionHandle, IN PEPROCESS Process, OUT void **EntryPointAddress, OUT void **BaseAddress)
Definition section.c:110
MmIsAddressRangeFree
MUST_USE_RESULT MTSTATUS MmIsAddressRangeFree(PEPROCESS Process, uintptr_t StartVa, uintptr_t EndVa)
Definition vad.c:860
PMM_SECTION
struct _MM_SECTION * PMM_SECTION
MmpDeleteSection
void MmpDeleteSection(void *Object)
Definition section.c:198
_MEMORY_CACHING_TYPE
_MEMORY_CACHING_TYPE
Definition mm.h:375
MmUSWCCached
@ MmUSWCCached
Definition mm.h:402
MmCached
@ MmCached
Definition mm.h:382
MmNonCached
@ MmNonCached
Definition mm.h:377
MmWriteThrough
@ MmWriteThrough
Definition mm.h:392
MmNonCachedUnordered
@ MmNonCachedUnordered
Definition mm.h:397
MmWriteCombined
@ MmWriteCombined
Definition mm.h:387
MmHardwareCoherentCached
@ MmHardwareCoherentCached
Definition mm.h:407
MiReloadTLBs
void MiReloadTLBs(void)
Definition map.c:499
PFAULT_OPERATION
enum _FAULT_OPERATION * PFAULT_OPERATION
PPRIVILEGE_MODE
enum _PRIVILEGE_MODE * PPRIVILEGE_MODE
POOL_TYPE
enum _POOL_TYPE POOL_TYPE
FAULT_OPERATION
enum _FAULT_OPERATION FAULT_OPERATION
MmUnmapIoSpace
void MmUnmapIoSpace(IN void *VirtualAddress, IN size_t NumberOfBytes)
Definition mmio.c:335
PMMPTE
struct _MMPTE * PMMPTE
MiReleasePhysicalPage
void MiReleasePhysicalPage(IN PAGE_INDEX PfnIndex)
Definition pfn.c:441
MM_SUBSECTION
struct _MM_SUBSECTION MM_SUBSECTION
POOL_DESCRIPTOR
struct _POOL_DESCRIPTOR POOL_DESCRIPTOR
MiMapPageInHyperspace
MUST_USE_RESULT void * MiMapPageInHyperspace(IN uint64_t PfnIndex, OUT PIRQL OldIrql)
Definition hypermap.c:37
MiRetrieveOperationFromErrorCode
FORCEINLINE FAULT_OPERATION MiRetrieveOperationFromErrorCode(uint64_t ErrorCode)
Definition mm.h:729
kmemcpy
FORCEINLINE void * kmemcpy(void *dest, const void *src, size_t len)
Definition mm.h:669
MM_PFN_DATABASE
struct _MM_PFN_DATABASE MM_PFN_DATABASE
MiFreePoolVaContiguous
void MiFreePoolVaContiguous(IN uintptr_t va, IN size_t NumberOfBytes, IN POOL_TYPE PoolType)
Definition va.c:367
MiCacheToFlags
FORCEINLINE uint64_t MiCacheToFlags(MEMORY_CACHING_TYPE type)
Definition mm.h:697
PFN_ENTRY
struct _PFN_ENTRY PFN_ENTRY
MmCreateProcessAddressSpace
MTSTATUS MmCreateProcessAddressSpace(OUT void **DirectoryTable)
Definition mmproc.c:221
MiInitializePoolSystem
MTSTATUS MiInitializePoolSystem(void)
Definition pool.c:36
PAGE_PAT
#define PAGE_PAT
Definition mm.h:340
PRIVILEGE_MODE
enum _PRIVILEGE_MODE PRIVILEGE_MODE
MiIsWithinBoundsOfReleasePhysicalPage
bool MiIsWithinBoundsOfReleasePhysicalPage(void *VirtualAddress)
Definition pfn.c:516
MmAllocateContigiousMemory
MUST_USE_RESULT void * MmAllocateContigiousMemory(IN size_t NumberOfBytes, IN uint64_t HighestAcceptableAddress)
Definition mmio.c:87
MMVAD
struct _MMVAD MMVAD
PAGE_INDEX
uint64_t PAGE_INDEX
Definition mm.h:256
kmemset
FORCEINLINE void * kmemset(void *dest, int64_t val, uint64_t len)
Definition mm.h:655
PPOOL_DESCRIPTOR
struct _POOL_DESCRIPTOR * PPOOL_DESCRIPTOR
MiGetPdptePointer
PMMPTE MiGetPdptePointer(IN uintptr_t va)
Definition map.c:177
VAD_FLAGS
enum _VAD_FLAGS VAD_FLAGS
MM_SECTION
struct _MM_SECTION MM_SECTION
MmFreeVirtualMemory
MTSTATUS MmFreeVirtualMemory(IN PEPROCESS Process, IN void *BaseAddress)
Definition vad.c:871
MmCreateUserStack
MTSTATUS MmCreateUserStack(IN PEPROCESS Process, OUT void **OutStackTop, _In_Opt size_t StackReserveSize)
Definition mmproc.c:436
_FAULT_OPERATION
_FAULT_OPERATION
Definition mm.h:363
ExecuteOperation
@ ExecuteOperation
Definition mm.h:367
ReadOperation
@ ReadOperation
Definition mm.h:365
WriteOperation
@ WriteOperation
Definition mm.h:366
FaultOpInvalid
@ FaultOpInvalid
Definition mm.h:364
PML4_INDEX_SHIFT
#define PML4_INDEX_SHIFT
Definition mm.h:39
MmDeleteProcessAddressSpace
MTSTATUS MmDeleteProcessAddressSpace(IN PEPROCESS Process, IN uintptr_t PageDirectoryPhysical)
Definition mmproc.c:391
MiRequestPhysicalPage
MUST_USE_RESULT HOT PAGE_INDEX MiRequestPhysicalPage(IN PFN_STATE ListType)
Definition pfn.c:333
MiMoveUefiDataToHigherHalf
void MiMoveUefiDataToHigherHalf(IN PBOOT_INFO BootInfo)
Definition mminit.c:176
MiInitializePfnDatabase
MTSTATUS MiInitializePfnDatabase(IN PBOOT_INFO BootInfo)
Definition pfn.c:102
MiGetPdePointer
PMMPTE MiGetPdePointer(IN uintptr_t va)
Definition map.c:219
pml4_from_recursive
uint64_t * pml4_from_recursive(void)
Definition map.c:31
MmAllocateVirtualMemory
MTSTATUS MmAllocateVirtualMemory(IN PEPROCESS Process, _In_Opt _Out_Opt void **BaseAddress, IN size_t NumberOfBytes, IN VAD_FLAGS VadFlags)
Definition vad.c:740
MiFindVad
MUST_USE_RESULT PMMVAD MiFindVad(IN PEPROCESS Process, IN uintptr_t VirtualAddress)
Definition vad.c:352
MmIsAddressPresent
bool MmIsAddressPresent(IN uintptr_t VirtualAddress)
Definition map.c:544
PAGE_FLAGS
enum _PAGE_FLAGS PAGE_FLAGS
MiGetPml4ePointer
PMMPTE MiGetPml4ePointer(IN uintptr_t va)
Definition map.c:147
MmInitSystem
bool MmInitSystem(IN uint8_t Phase, IN PBOOT_INFO BootInformation)
Definition mminit.c:77
MiTranslatePteToPfn
PAGE_INDEX MiTranslatePteToPfn(IN PMMPTE pte)
Definition map.c:310
MmCreateTeb
MTSTATUS MmCreateTeb(IN PETHREAD Thread, OUT void **OutTeb)
Definition mmproc.c:536
POOL_HEADER
struct _POOL_HEADER POOL_HEADER
PMMVAD
struct _MMVAD * PMMVAD
MmFreePool
void MmFreePool(IN void *buf)
Definition pool.c:632
MiFreeKernelStack
void MiFreeKernelStack(IN void *AllocatedStackTop, IN bool LargeStack)
Definition mmproc.c:149
MiUnmapHyperSpaceMap
void MiUnmapHyperSpaceMap(IN IRQL OldIrql)
Definition hypermap.c:95
MmFindFreeAddressSpace
MUST_USE_RESULT uintptr_t MmFindFreeAddressSpace(IN PEPROCESS Process, IN size_t NumberOfBytes, IN uintptr_t SearchStart, IN uintptr_t SearchEnd)
Definition vad.c:725
PPFN_ENTRY
struct _PFN_ENTRY * PPFN_ENTRY
MMPTE
struct _MMPTE MMPTE
_PFN_FLAGS
_PFN_FLAGS
Definition mm.h:286
PFN_FLAG_NONE
@ PFN_FLAG_NONE
Definition mm.h:287
PFN_FLAG_MAPPED_FILE
@ PFN_FLAG_MAPPED_FILE
Definition mm.h:290
PFN_FLAG_COPY_ON_WRITE
@ PFN_FLAG_COPY_ON_WRITE
Definition mm.h:289
PFN_FLAG_NONPAGED
@ PFN_FLAG_NONPAGED
Definition mm.h:288
PFN_FLAG_LOCKED_FOR_IO
@ PFN_FLAG_LOCKED_FOR_IO
Definition mm.h:291
MiInitializePoolVaSpace
bool MiInitializePoolVaSpace(void)
Definition va.c:35
MiGetPtePointer
PMMPTE MiGetPtePointer(IN uintptr_t va)
Definition map.c:76
MmAllocatePoolWithTag
MUST_USE_RESULT HOT void * MmAllocatePoolWithTag(IN enum _POOL_TYPE PoolType, IN size_t NumberOfBytes, IN uint32_t Tag)
Definition pool.c:443
MiInvalidateTlbForVa
void MiInvalidateTlbForVa(IN void *VirtualAddress)
Definition map.c:273
MiUnmapPte
void MiUnmapPte(IN PMMPTE pte)
Definition map.c:385
MiAtomicSetTransitionPte
bool MiAtomicSetTransitionPte(IN PMMPTE Pte, IN PAGE_INDEX Pfn)
Definition map.c:438
PFN_FLAGS
enum _PFN_FLAGS PFN_FLAGS
PPOOL_HEADER
struct _POOL_HEADER * PPOOL_HEADER
PML4_INDEX_MASK
#define PML4_INDEX_MASK
Definition mm.h:40
_PRIVILEGE_MODE
_PRIVILEGE_MODE
Definition mm.h:370
KernelMode
@ KernelMode
Definition mm.h:371
UserMode
@ UserMode
Definition mm.h:372
MmCreateSection
MTSTATUS MmCreateSection(OUT PHANDLE SectionHandle, IN struct _FILE_OBJECT *FileObject)
Definition section.c:25
MmCreatePeb
MTSTATUS MmCreatePeb(IN PEPROCESS Process, OUT void **OutPeb, OUT void **OutBasicMtdllTypes)
Definition mmproc.c:502
MmInitSections
MTSTATUS MmInitSections(void)
Definition mminit.c:58
SPINLOCK
struct _SPINLOCK SPINLOCK
MTSTATUS
int32_t MTSTATUS
Definition mtstatus.h:12
MmHighestPfn
PAGE_INDEX MmHighestPfn
Definition pfn.c:31
MmPfnDatabaseInitialized
bool MmPfnDatabaseInitialized
Definition pfn.c:30
MmTotalUsableMemory
uint64_t MmTotalUsableMemory
Definition pfn.c:34
PfnDatabase
MM_PFN_DATABASE PfnDatabase
Definition pfn.c:29
MmTotalMemory
uint64_t MmTotalMemory
Definition pfn.c:33
MmNonPagedPoolEnd
uintptr_t MmNonPagedPoolEnd
Definition pool.c:31
MmNonPagedPoolStart
uintptr_t MmNonPagedPoolStart
Definition pool.c:30
MmPagedPoolStart
uintptr_t MmPagedPoolStart
Definition pool.c:32
MmPagedPoolEnd
uintptr_t MmPagedPoolEnd
Definition pool.c:33
MmSystemRangeStart
uintptr_t MmSystemRangeStart
Definition process.c:31
MmUserProbeAddress
uintptr_t MmUserProbeAddress
Definition process.c:34
MmUserStartAddress
uintptr_t MmUserStartAddress
Definition process.c:33
MmHighestUserAddress
uintptr_t MmHighestUserAddress
Definition process.c:32
_DOUBLY_LINKED_LIST
Definition core.h:29
_EPROCESS
Definition ps.h:145
_FILE_OBJECT
Definition fs.h:99
_MM_PFN_DATABASE
Definition mm.h:497
_MM_PFN_DATABASE::StandbyPageList
MM_PFN_LIST StandbyPageList
Definition mm.h:505
_MM_PFN_DATABASE::AvailablePages
volatile size_t AvailablePages
Definition mm.h:510
_MM_PFN_DATABASE::BadPageList
MM_PFN_LIST BadPageList
Definition mm.h:507
_MM_PFN_DATABASE::TotalPageCount
size_t TotalPageCount
Definition mm.h:499
_MM_PFN_DATABASE::ModifiedPageList
MM_PFN_LIST ModifiedPageList
Definition mm.h:506
_MM_PFN_DATABASE::TotalReserved
volatile size_t TotalReserved
Definition mm.h:511
_MM_PFN_DATABASE::PfnEntries
PPFN_ENTRY PfnEntries
Definition mm.h:498
_MM_PFN_DATABASE::ZeroedPageList
MM_PFN_LIST ZeroedPageList
Definition mm.h:504
_MM_PFN_DATABASE::PfnDatabaseLock
SPINLOCK PfnDatabaseLock
Definition mm.h:500
_MM_PFN_DATABASE::FreePageList
MM_PFN_LIST FreePageList
Definition mm.h:503
_MM_PFN_LIST
Definition mm.h:491
_MM_PFN_LIST::Count
volatile uint64_t Count
Definition mm.h:493
_MM_PFN_LIST::PfnListLock
SPINLOCK PfnListLock
Definition mm.h:494
_MM_PFN_LIST::ListEntry
struct _DOUBLY_LINKED_LIST ListEntry
Definition mm.h:492
_MM_SECTION
Definition mm.h:614
_MM_SECTION::EntryPointOffset
uint64_t EntryPointOffset
Definition mm.h:624
_MM_SECTION::Text
MM_SUBSECTION Text
Definition mm.h:620
_MM_SECTION::Data
MM_SUBSECTION Data
Definition mm.h:621
_MM_SECTION::ImageSize
uint64_t ImageSize
Definition mm.h:625
_MM_SECTION::FileObject
struct _FILE_OBJECT * FileObject
Definition mm.h:615
_MM_SECTION::Bss
MM_SUBSECTION Bss
Definition mm.h:622
_MM_SECTION::WholeFileSection
MM_SUBSECTION WholeFileSection
Definition mm.h:617
_MM_SECTION::PreferredBase
uintptr_t PreferredBase
Definition mm.h:616
_MM_SUBSECTION
Definition mm.h:606
_MM_SUBSECTION::IsDemandZero
uint32_t IsDemandZero
Definition mm.h:610
_MM_SUBSECTION::FileOffset
uint64_t FileOffset
Definition mm.h:607
_MM_SUBSECTION::VirtualSize
uint64_t VirtualSize
Definition mm.h:608
_MM_SUBSECTION::Protection
VAD_FLAGS Protection
Definition mm.h:609
_MMPTE
Definition mm.h:420
_MMPTE::Accessed
uint64_t Accessed
Definition mm.h:435
_MMPTE::Prototype
uint64_t Prototype
Definition mm.h:440
_MMPTE::Global
uint64_t Global
Definition mm.h:438
_MMPTE::Hard
struct _MMPTE::@172372265215056352375070220246156106027174106113::@200357034104227323320222006243127050212100105247 Hard
_MMPTE::Dirty
uint64_t Dirty
Definition mm.h:436
_MMPTE::CopyOnWrite
uint64_t CopyOnWrite
Definition mm.h:439
_MMPTE::Reserved0
uint64_t Reserved0
Definition mm.h:441
_MMPTE::Write
uint64_t Write
Definition mm.h:431
_MMPTE::PageFile
uint64_t PageFile
Definition mm.h:457
_MMPTE::PageFrameNumber
uint64_t PageFrameNumber
Definition mm.h:442
_MMPTE::WriteThrough
uint64_t WriteThrough
Definition mm.h:433
_MMPTE::Reserved
uint64_t Reserved
Definition mm.h:458
_MMPTE::Present
uint64_t Present
Definition mm.h:430
_MMPTE::Transition
uint64_t Transition
Definition mm.h:455
_MMPTE::User
uint64_t User
Definition mm.h:432
_MMPTE::LargePage
uint64_t LargePage
Definition mm.h:437
_MMPTE::Value
uint64_t Value
Definition mm.h:423
_MMPTE::CacheDisable
uint64_t CacheDisable
Definition mm.h:434
_MMPTE::NoExecute
uint64_t NoExecute
Definition mm.h:444
_MMPTE::SoftwareFlags
uint64_t SoftwareFlags
Definition mm.h:460
_MMPTE::Soft
struct _MMPTE::@172372265215056352375070220246156106027174106113::@277354034164206104264133322054061025100052052376 Soft
_MMPTE::Reserved1
uint64_t Reserved1
Definition mm.h:443
_MMVAD
Definition mm.h:514
_MMVAD::Flags
VAD_FLAGS Flags
Definition mm.h:517
_MMVAD::EndVa
uintptr_t EndVa
Definition mm.h:516
_MMVAD::Parent
struct _MMVAD * Parent
Definition mm.h:522
_MMVAD::StartVa
uintptr_t StartVa
Definition mm.h:515
_MMVAD::FileOffset
uint64_t FileOffset
Definition mm.h:529
_MMVAD::Height
int Height
Definition mm.h:525
_MMVAD::File
struct _FILE_OBJECT * File
Definition mm.h:528
_MMVAD::OwningProcess
struct _EPROCESS * OwningProcess
Definition mm.h:532
_MMVAD::LeftChild
struct _MMVAD * LeftChild
Definition mm.h:520
_MMVAD::RightChild
struct _MMVAD * RightChild
Definition mm.h:521
_PFN_ENTRY
Definition mm.h:469
_PFN_ENTRY::Descriptor
union _PFN_ENTRY::@217024126340164016372152071216274230164113211246 Descriptor
_PFN_ENTRY::RefCount
volatile uint32_t RefCount
Definition mm.h:470
_PFN_ENTRY::Mapping
struct _PFN_ENTRY::@217024126340164016372152071216274230164113211246::@301110335271023021153236134322146064331241142124 Mapping
_PFN_ENTRY::State
uint8_t State
Definition mm.h:471
_PFN_ENTRY::FileOffset
uint64_t FileOffset
Definition mm.h:486
_PFN_ENTRY::PteAddress
PMMPTE PteAddress
Definition mm.h:482
_PFN_ENTRY::Vad
struct _MMVAD * Vad
Definition mm.h:481
_PFN_ENTRY::ListEntry
struct _DOUBLY_LINKED_LIST ListEntry
Definition mm.h:477
_PFN_ENTRY::Flags
uint8_t Flags
Definition mm.h:472
_POOL_DESCRIPTOR
Definition mm.h:553
_POOL_DESCRIPTOR::PoolType
enum _POOL_TYPE PoolType
Definition mm.h:559
_POOL_DESCRIPTOR::BlockSize
size_t BlockSize
Definition mm.h:555
_POOL_DESCRIPTOR::PoolLock
SPINLOCK PoolLock
Definition mm.h:558
_POOL_DESCRIPTOR::FreeCount
volatile uint64_t FreeCount
Definition mm.h:556
_POOL_DESCRIPTOR::TotalBlocks
volatile uint64_t TotalBlocks
Definition mm.h:557
_POOL_DESCRIPTOR::FreeListHead
SINGLE_LINKED_LIST FreeListHead
Definition mm.h:554
_POOL_HEADER
Definition mm.h:536
_POOL_HEADER::BlockSize
uint16_t BlockSize
Definition mm.h:546
_POOL_HEADER::PoolIndex
uint16_t PoolIndex
Definition mm.h:547
_POOL_HEADER::FreeListEntry
SINGLE_LINKED_LIST FreeListEntry
Definition mm.h:541
_POOL_HEADER::PoolCanary
uint32_t PoolCanary
Definition mm.h:537
_POOL_HEADER::PoolTag
uint32_t PoolTag
Definition mm.h:550
_POOL_HEADER::Metadata
union _POOL_HEADER::@321115223011072362277073135231015025151337071364 Metadata
MT_EXPORT_ENTRY
Definition mm.h:593
MT_EXPORT_ENTRY::func_rva
uint64_t func_rva
Definition mm.h:595
MT_EXPORT_ENTRY::name_rva
uint64_t name_rva
Definition mm.h:594
MT_IMPORT_ENTRY
Definition mm.h:599
MT_IMPORT_ENTRY::lib_name_absolute
uint64_t lib_name_absolute
Definition mm.h:600
MT_IMPORT_ENTRY::func_name_absolute
uint64_t func_name_absolute
Definition mm.h:601
MT_IMPORT_ENTRY::iat_addr_absolute
uint64_t iat_addr_absolute
Definition mm.h:602
MTE_HEADER
Definition mm.h:571
MTE_HEADER::DataSize
uint64_t DataSize
Definition mm.h:578
MTE_HEADER::Magic
uint8_t Magic[4]
Definition mm.h:572
MTE_HEADER::reloc_rva
uint64_t reloc_rva
Definition mm.h:582
MTE_HEADER::DataRVA
uint64_t DataRVA
Definition mm.h:577
MTE_HEADER::EntryRVA
uint64_t EntryRVA
Definition mm.h:574
MTE_HEADER::PreferredImageBase
uint64_t PreferredImageBase
Definition mm.h:573
MTE_HEADER::imports_size
uint64_t imports_size
Definition mm.h:585
MTE_HEADER::imports_rva
uint64_t imports_rva
Definition mm.h:584
MTE_HEADER::TextSize
uint64_t TextSize
Definition mm.h:576
MTE_HEADER::reloc_size
uint64_t reloc_size
Definition mm.h:583
MTE_HEADER::exports_rva
uint64_t exports_rva
Definition mm.h:580
MTE_HEADER::TextRVA
uint64_t TextRVA
Definition mm.h:575
MTE_HEADER::BssSize
uint64_t BssSize
Definition mm.h:579
MTE_HEADER::Reserved
uint8_t Reserved[20]
Definition mm.h:586
MTE_HEADER::exports_size
uint64_t exports_size
Definition mm.h:581
Rela
Definition mm.h:562
Rela::r_offset
uint64_t r_offset
Definition mm.h:563
Rela::r_info
uint64_t r_info
Definition mm.h:564
Rela::r_addend
int64_t r_addend
Definition mm.h:565