[NTOS:MM] Add a MmChangeKernelResourceSectionProtection() helper. (#1649)

This allows setting the memory protection of the kernel's resource
section as will. MmMakeKernelResourceSectionWritable() is re-implemented
around this helper.
This commit is contained in:
Hermès Bélusca-Maïto 2019-07-14 00:04:19 +02:00
parent a3e22b99a4
commit 3625238ecb
No known key found for this signature in database
GPG key ID: 3B2539C65E7B93D0
2 changed files with 33 additions and 12 deletions

View file

@ -1370,6 +1370,10 @@ MiInitializeLoadedModuleList(
IN PLOADER_PARAMETER_BLOCK LoaderBlock
);
BOOLEAN
NTAPI
MmChangeKernelResourceSectionProtection(IN ULONG_PTR ProtectionMask);
VOID
NTAPI
MmMakeKernelResourceSectionWritable(VOID);

View file

@ -2281,20 +2281,20 @@ MiInitializeLoadedModuleList(IN PLOADER_PARAMETER_BLOCK LoaderBlock)
return TRUE;
}
VOID
BOOLEAN
NTAPI
MmMakeKernelResourceSectionWritable(VOID)
MmChangeKernelResourceSectionProtection(IN ULONG_PTR ProtectionMask)
{
PMMPTE PointerPte;
MMPTE TempPte;
/* Don't do anything if the resource section is already writable */
if (MiKernelResourceStartPte == NULL || MiKernelResourceEndPte == NULL)
return;
return FALSE;
/* If the resource section is physical, we cannot change its protection */
if (MI_IS_PHYSICAL_ADDRESS(MiPteToAddress(MiKernelResourceStartPte)))
return;
return FALSE;
/* Loop the PTEs */
for (PointerPte = MiKernelResourceStartPte; PointerPte < MiKernelResourceEndPte; ++PointerPte)
@ -2303,19 +2303,36 @@ MmMakeKernelResourceSectionWritable(VOID)
TempPte = *PointerPte;
/* Update the protection */
MI_MAKE_HARDWARE_PTE_KERNEL(&TempPte, PointerPte, MM_READWRITE, TempPte.u.Hard.PageFrameNumber);
MI_MAKE_HARDWARE_PTE_KERNEL(&TempPte, PointerPte, ProtectionMask, TempPte.u.Hard.PageFrameNumber);
MI_UPDATE_VALID_PTE(PointerPte, TempPte);
}
/*
* Invalidate the cached resource section PTEs
* so as to not change its protection again later.
*/
MiKernelResourceStartPte = NULL;
MiKernelResourceEndPte = NULL;
/* Only flush the current processor's TLB */
KeFlushCurrentTb();
return TRUE;
}
VOID
NTAPI
MmMakeKernelResourceSectionWritable(VOID)
{
/* Don't do anything if the resource section is already writable */
if (MiKernelResourceStartPte == NULL || MiKernelResourceEndPte == NULL)
return;
/* If the resource section is physical, we cannot change its protection */
if (MI_IS_PHYSICAL_ADDRESS(MiPteToAddress(MiKernelResourceStartPte)))
return;
if (MmChangeKernelResourceSectionProtection(MM_READWRITE))
{
/*
* Invalidate the cached resource section PTEs
* so as to not change its protection again later.
*/
MiKernelResourceStartPte = NULL;
MiKernelResourceEndPte = NULL;
}
}
LOGICAL