[NTOS:MM] Pass page fault code to MmAccessFault

Note: before we had a BOOLEAN parameter called StoreInstruction, but in reality it was not specifying whether the fault was from a store store instruction, but whether it was an access violation rather than a page-not-present fault. On x86 without PAE there are only 2 kinds of access violations: (1) Access of a kernel mode page from user mode, which is handled early and (2) access of a read-only (or COW) page with a writing instruction. Therefore we could get away with this, even though it relied on the wrong assumption that a fault, which was not a page-not-present-fault, was automatically a write access. This commit only changes one thing: we pass the full fault-code to MmAccessFault and handle the rest from there in exactly the same way as before. More changes are coming to make things clear.
2025-07-31 22:02:14 +00:00 · 2018-01-01 15:25:45 +01:00 · 2018-01-01 15:25:45 +01:00 · 3021c2d571
commit 3021c2d571
parent fe50c655aa
8 changed files with 17 additions and 9 deletions
--- a/ntoskrnl/include/internal/arm/mm.h
+++ b/ntoskrnl/include/internal/arm/mm.h
@ -88,6 +88,9 @@
 #define MI_MAKE_OWNER_PAGE(x)      ((x)->u.Hard.Owner = 1)
 #define MI_MAKE_WRITE_PAGE(x)      ((x)->u.Hard.ReadOnly = 0)

+/* Macros to identify the page fault reason from the error code */
+#define MI_IS_NOT_PRESENT_FAULT(FaultCode) TRUE
+
 /* Convert an address to a corresponding PTE */
 #define MiAddressToPte(x) \
    ((PMMPTE)(PTE_BASE + (((ULONG)(x) >> 12) << 2)))