From 12ed9f30a7d076022a74e99a1948f8133668a92a Mon Sep 17 00:00:00 2001
From: Timo Kreuzer <timo.kreuzer@reactos.org>
Date: Thu, 15 Dec 2022 21:44:43 +0200
Subject: [PATCH] [NTOS] Fix interrupt flag handling in KiPageFault

This fixes a crash in kmtest:ZwAllocateVirtualMemory
---
 ntoskrnl/ke/amd64/trap.S | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/ntoskrnl/ke/amd64/trap.S b/ntoskrnl/ke/amd64/trap.S
index 9ca9dacde94..150d08d8133 100644
--- a/ntoskrnl/ke/amd64/trap.S
+++ b/ntoskrnl/ke/amd64/trap.S
@@ -417,13 +417,15 @@ FUNC KiPageFault
     mov rdx, cr2
     mov [rbp  + KTRAP_FRAME_FaultAddress], rdx
     
-    /* If interrupts are off, treat this as an access violation */
+    /* If interrupts are off, do not enable them */
     test dword ptr [rbp + KTRAP_FRAME_EFlags], EFLAGS_IF_MASK
-    jz AccessViolation
+    jz IntsDisabled
 
     /* Enable interrupts for the page fault handler */
     sti
 
+IntsDisabled:
+
     /* Call page fault handler */
     mov ecx, [rbp + KTRAP_FRAME_ErrorCode] // FaultCode
     // rdx == Address
@@ -443,13 +445,10 @@ FUNC KiPageFault
 
 PageFaultError:
 
-    /* Disable interrupts again for the debugger */
-    cli
-
     /* Set parameter 1 to error code */
     mov r9d, [rbp + KTRAP_FRAME_ErrorCode]
 
-    /* Set parameter2 to faulting address */
+    /* Set parameter 2 to faulting address */
     mov r10, cr2  // Param2 = faulting address
 
     cmp eax, STATUS_ACCESS_VIOLATION
@@ -477,6 +476,10 @@ SpecialCode:
     call InternalDispatchException
 
 PageFaultReturn:
+
+    /* Disable interrupts for the return */
+    cli
+
     /* Return */
     ExitTrap (TF_SAVE_ALL or TF_CHECKUSERAPC)
 ENDFUNC