- Get rid of MmZeroPte and instead implement MI_ERASE_PTE. Use this and only this to make a PTE zero. The other functions will not allow to do this.
- Add MI_UPDATE_VALID_PTE to update a valid PTE with another valid PTE
- Add 2 additional protection mask constants: MM_PROTECT_ACCESS for the lower 3 bits and MM_PROTECT_SPECIAL for the higher 2 bits. Make use of the latter when dealing with guard pages and caching.
- Deduplicate some code in MmArmAccessFault
- Move code in MiDeleteSystemPageableVm to where it belongs (it was in the wrong else case!)
- Wse MiQueryPageTableReferences instead of manipulating MmWorkingSetList->UsedPageTableEntries
svn path=/trunk/; revision=61110
- Implement SepAdjustPrivileges, which does both the counting of (changed) privileges as well as applying them, when requested. Use it in NtAdjustPrivilegesToken twice instead of duplicating the code there.
- Fix return value of NtAdjustPrivilegesToken by making sure to properly count the found privileges and check against the provided ones
- Lock the Token, while messing with the privileges
- Add support for SE_PRIVILEGE_REMOVED
- Proplery (re)calculate Token flags after changing privileges
- Improve failure pathes by using a common cleanup label
- Don't free the allocations atatched to the token in SepCreateToken on failure, since ObDereferenceObject will already do that.
- Make priviliges constants instead of initializing them.
svn path=/trunk/; revision=61109
- Remove the BoundaryAddressMultiple parameter from MmCreateMemoryArea (wasn't used) and give it instead a Granularity parameter
- Use the Granularity parameter in MmMapViewOfSegment to make sure that full sections are allocated on a MM_ALLOCATION_GRANULARITY aligned address.
- Check for overflow and unaligned image base in MmMapViewOfSection when mapping image sections
- Return proper status code on failure
svn path=/trunk/; revision=61108
BuildUserInfoBuffer: Set the UF_PASSWD_CANT_CHANGE account control flag if the user does not have the USER_CHANGE_PASSWORD access right for his own account data.
svn path=/trunk/; revision=61103
- Create the Security directory and the LSA_AUTHENTICATION_INITIALIZED event in SepInitializationPhase1().
- Get rid of SeInitSRM().
svn path=/trunk/; revision=61102
- Fix wrong check for realtime priority class in CreateProcessInternalW
- Fix double free in GetEnvironmentVariable[AW]
- Fix broken sizeof usage ('X' is of type int!)
- Remove redundant casts and comparisons
svn path=/trunk/; revision=61101
Windows / ReactOS uses a software protection field called protection mask, which is stored inside invalid (Software) PTEs to provide information about the desired protection, when a page is made valid by the page fault handler. The mask consists of the values 0-7 specifying the read/write/execute rights, 0 being inaccessible aka MM_ZERO_ACCESS, plus 2 flag-like bits, for uncached and writecombine memory respectively. Both flags together don't make sense, so this combination is used to mark guard pages. Since all these flags only make sense when used together with a proper access (i.e. not MM_ZERO_ACCESS), the combination of these flags together with MM_ZERO_ACCESS was given special meaning: MM_DECOMMIT, which equals MM_GUARDPAGE | MM_ZERO_ACCESS is for decommitted pages, that are not yet erased to zero, MM_NOACCESS, which is the mask for pages that are mapped with PAGE_NOACCESS (this is to make sure that a software PTE of a committed page is never completely 0, which it could be, when MM_ZERO_ACCESS was used), and finally MM_OUTSWAPPED_KSTACK for outswapped kernel stacks. See also https://www.reactos.org/wiki/Techwiki:Memory_Protection_constants.
The next thing to know is that the number of PTEs that are not null is counted for each PDE. So once a page gets committed, a software PTE is written and the reference count is incremented. When the page is made valid by the fault handler, the count is not changed, when the page is decommitted, the MM_DECOMMIT software PTE is written and again the PTE stays non-null and nothing is changed. Only when the range is cleaned up totally, the PTEs get erased and the reference count is decremented. Now it happened that our page fault handler missed to validate the access rights of protection constants. The problem that came up with this is a major one: since a decommitted page is a software PTE with MM_DECOMMIT as the protection mask (which we remember has the MM_GUARDPAGE bit set), the fault handler considered faults on decommitted PTEs as faults on guard pages and simply removed the guard page flag, leaving a completely empty PTE behind! So the decommitted page got erased without decrementing the reference count. This lead to CORE-7445.
- Add protection flags (MM_GUARDPAGE, MM_WRITECOMBINE, MM_OUTSWAPPED_KSTACK)
- Instead of writing 0 to a PTE, use MI_WRITE_INVALID_PTE with MmZeroPte
- Implement MiIsAccessAllowed that checks for read/write/execute access and use it in MiAccessCheck
- Add some more ASSERTs
CORE-7445 #resolve
svn path=/trunk/; revision=61095
- define STR_FILE_SYS_BIND_DATA in the public headers and use it in IFileSystemBindDataImpl and CFSFolder. Now we use the same string to store the IFileSystemBindDataImpl in the bind context.
- Fix CFSFolder::ParseDisplayName to properly parse paths with a IBindCtx
- Should fix creating pidls that represent files that don't exist and fix SHChangeNotify tests that hanged for a whole minute in our test suite
svn path=/trunk/; revision=61094
- Add a disabled "Change Password" button to the Security dialog.
- Add the "Change Password" dialog and a basic dialog function.
svn path=/trunk/; revision=61092
- Use MI_IS_MAPPED_PTE instead of unportable bit fiddling
- Use MiDecrementPageTableReferences instead of manually messing with MmWorkingSetList, which is not portable
- Make MmGetPhysicalAddress portable
svn path=/trunk/; revision=61086
- Add hacks to MmMapViewInSessionSpace and MmUnmapViewInSessionSpace to check for legacy (non ARM3) sections (image sections) and (un)map them in system space instead.
- Fix MmCommitSessionMappedView (it wasn't resetting the PointerPte to the start, when processing the PTE range a second time)
- Remove an ASSERT that didn't allow unmapping session space mappings, since that works (see CORE-6729)
- Change a write to a PTE to using MI_WRITE_VALID_PTE
svn path=/trunk/; revision=61081
- Fix few French resources.
- Support F2 key for renaming keys/values.
Patch by Edijs Kolesnikovics
CORE-7615 #resolve #comment Committed in revision 61080. Thanks!
svn path=/trunk/; revision=61080
Skip all images that were loaded using MmLoadSystemImage in MiFindInitializationCode. Drivers loaded by Mm are handled in MmFreeDriverInitialization (which we currently run for boot loaded images as well, so duplicated work...). But now at least session loaded images are NOT processed this way. Because even though they can have INIT sections, they don't neccessarily like it when stuff gets removed, especially win32k doesn't like it when it's .rsrc section is being discarded due to it's section flags!
svn path=/trunk/; revision=61076
Check the PTE as well in MmArmAccessFault, when we are at high IRQL and fail if it's not valid. Otherwise we just end up in an endless loop.
svn path=/trunk/; revision=61075
Always call the win32 process callout from PsConvertToGuiThread and handle the case where we alrady have an allocated win32 process there. (The original win32k sometimes allocates a win32 process, but doesn't initialize it, so it needs to be called again to do so)
svn path=/trunk/; revision=61072
