[NTOS:MM:PS] Little fixes for NTDLL loading (#7707)

- [NTOS:PS] `STATUS_INVALID_IMAGE_PROTECT` returned by `MmCheckSystemImage` should be a fatal error too. - [NTOS:PS] Fix object attributes for opening NTDLL. - [NTOS:MM] Remove `MmCheckSystemImage` unused parameter. - [NTOS:MM] Inline `MmVerifyImageIsOkForMpUse` in `MmCheckSystemImage`, reducing a call to `RtlImageNtHeader`.
2025-07-31 13:21:39 +00:00 · 2025-03-04 03:36:21 +08:00 · 2025-03-04 03:36:21 +08:00 · 4d605ec26f
commit 4d605ec26f
parent 7c23a2e38e
3 changed files with 11 additions and 11 deletions
--- a/ntoskrnl/include/internal/mm.h
+++ b/ntoskrnl/include/internal/mm.h
@ -1652,9 +1652,7 @@ MmUnloadSystemImage(
 NTSTATUS
 NTAPI
 MmCheckSystemImage(
-    IN HANDLE ImageHandle,
+    _In_ HANDLE ImageHandle);
    IN BOOLEAN PurgeSection
 );
 NTSTATUS
 NTAPI
--- a/ntoskrnl/mm/ARM3/sysldr.c
+++ b/ntoskrnl/mm/ARM3/sysldr.c
@ -2751,8 +2751,8 @@ MmVerifyImageIsOkForMpUse(
 NTSTATUS
 NTAPI
-MmCheckSystemImage(IN HANDLE ImageHandle,
+MmCheckSystemImage(
-                   IN BOOLEAN PurgeSection)
+    _In_ HANDLE ImageHandle)
 {
    NTSTATUS Status;
    HANDLE SectionHandle;
@ -2846,12 +2846,14 @@ MmCheckSystemImage(IN HANDLE ImageHandle,
            goto Fail;
        }
-        /* Check that it's a valid SMP image if we have more then one CPU */
+#ifdef CONFIG_SMP
-        if (!MmVerifyImageIsOkForMpUse(ViewBase))
+        /* Check that it's a valid SMP image if we have more than one CPU */
        if (!MiVerifyImageIsOkForMpUse(NtHeaders))
        {
            /* Otherwise it's not the right image */
            Status = STATUS_IMAGE_MP_UP_MISMATCH;
        }
 #endif // CONFIG_SMP
    }
    /* Unmap the section, close the handle, and return status */
@ -3180,7 +3182,7 @@ LoaderScan:
        }
        /* Validate it */
-        Status = MmCheckSystemImage(FileHandle, FALSE);
+        Status = MmCheckSystemImage(FileHandle);
        if ((Status == STATUS_IMAGE_CHECKSUM_MISMATCH) ||
            (Status == STATUS_IMAGE_MP_UP_MISMATCH) ||
            (Status == STATUS_INVALID_IMAGE_PROTECT))
--- a/ntoskrnl/ps/psmgr.c
+++ b/ntoskrnl/ps/psmgr.c
@ -196,7 +196,7 @@ PsLocateSystemDll(VOID)
    /* Locate and open NTDLL to determine ImageBase and LdrStartup */
    InitializeObjectAttributes(&ObjectAttributes,
                               &PsNtDllPathName,
-                               0,
+                               OBJ_CASE_INSENSITIVE | OBJ_KERNEL_HANDLE,
                               NULL,
                               NULL);
    Status = ZwOpenFile(&FileHandle,
@ -212,8 +212,8 @@ PsLocateSystemDll(VOID)
    }
    /* Check if the image is valid */
-    Status = MmCheckSystemImage(FileHandle, TRUE);
+    Status = MmCheckSystemImage(FileHandle);
-    if (Status == STATUS_IMAGE_CHECKSUM_MISMATCH)
+    if (Status == STATUS_IMAGE_CHECKSUM_MISMATCH || Status == STATUS_INVALID_IMAGE_PROTECT)
    {
        /* Raise a hard error */
        HardErrorParameters = (ULONG_PTR)&PsNtDllPathName;