mirror of
https://github.com/reactos/reactos.git
synced 2024-06-29 17:31:31 +00:00
e6a9aafe58
This fixes the crashes in HvpGetCellMapped on Windows Server 2003 when booting from Freeloader, as mentioned in maharmstone/btrfs#16. When the bootloader loads the system hive, it cleans the data pertaining to any volatile keys. The Windows bootloader does this by setting SubKeyCounts[Volatile] to 0. After boot, the kernel marks any cell where this is 0 but SubKeyLists[Volatile] isn't HCELL_NIL as dirty, meaning that the sanitized version will then get flushed to the disk. Because Freeloader sets SubKeyLists[Volatile] to HCELL_NIL straightaway, Windows thinks the cell is clean, and can unload it without flushing. If it then reads it from the disk, it will crash in HvpGetCellMapped due to the stale volatile pointers. If you break on nt!CmpInitializeSystemHive on Windows and "gu" to the let the function run, you'll see that DirtyVector of the HHIVE has only the first 8 bits set. If you run it using the official bootloader, it'll have a lot more than that. |
||
|---|---|---|
| .. | ||
| CMakeLists.txt | ||
| cmdata.h | ||
| cmindex.c | ||
| cminit.c | ||
| cmkeydel.c | ||
| cmlib.h | ||
| cmname.c | ||
| cmse.c | ||
| cmvalue.c | ||
| hivebin.c | ||
| hivecell.c | ||
| hivedata.h | ||
| hiveinit.c | ||
| hivesum.c | ||
| hivewrt.c | ||