PVOID
NTAPI
MmCreateHyperspaceMapping(PFN_TYPE Page)
{
PVOID Address;
ULONG i;
if (Ke386Pae)
{
ULONGLONG Entry;
ULONGLONG ZeroEntry = 0LL;
PULONGLONG Pte;
Entry = PFN_TO_PTE(Page) | PA_PRESENT | PA_READWRITE;
Pte = PAE_ADDR_TO_PTE(HYPERSPACE) + Page % 1024;
if (Page & 1024)
{
for (i = Page %1024; i < 1024; i++, Pte++)
{
if (0LL == ExfInterlockedCompareExchange64UL(Pte, &Entry, &ZeroEntry))
{
break;
}
}
if (i >= 1024)
{
Pte = PAE_ADDR_TO_PTE(HYPERSPACE);
for (i = 0; i < Page % 1024; i++, Pte++)
{
if (0LL == ExfInterlockedCompareExchange64UL(Pte, &Entry, &ZeroEntry))
{
break;
}
}
if (i >= Page % 1024)
{
KEBUGCHECK(0);
}
}
}
else
{
for (i = Page %1024; (LONG)i >= 0; i--, Pte--)
{
if (0LL == ExfInterlockedCompareExchange64UL(Pte, &Entry, &ZeroEntry))
{
break;
}
}
if ((LONG)i < 0)
{
Pte = PAE_ADDR_TO_PTE(HYPERSPACE) + 1023;
for (i = 1023; i > Page % 1024; i--, Pte--)
{
if (0LL == ExfInterlockedCompareExchange64UL(Pte, &Entry, &ZeroEntry))
{
break;
}
}
if (i <= Page % 1024)
{
KEBUGCHECK(0);
}
}
}
}
else
{
ULONG Entry;
PULONG Pte;
Entry = PFN_TO_PTE(Page) | PA_PRESENT | PA_READWRITE;
Pte = ADDR_TO_PTE(HYPERSPACE) + Page % 1024;
if (Page & 1024)
{
for (i = Page % 1024; i < 1024; i++, Pte++)
{
if (0 == InterlockedCompareExchange((PLONG)Pte, (LONG)Entry, 0))
{
break;
}
}
if (i >= 1024)
{
Pte = ADDR_TO_PTE(HYPERSPACE);
for (i = 0; i < Page % 1024; i++, Pte++)
{
if (0 == InterlockedCompareExchange((PLONG)Pte, (LONG)Entry, 0))
{
break;
}
}
if (i >= Page % 1024)
{
KEBUGCHECK(0);
}
}
}
else
{
for (i = Page % 1024; (LONG)i >= 0; i--, Pte--)
{
if (0 == InterlockedCompareExchange((PLONG)Pte, (LONG)Entry, 0))
{
break;
}
}
if ((LONG)i < 0)
{
Pte = ADDR_TO_PTE(HYPERSPACE) + 1023;
for (i = 1023; i > Page % 1024; i--, Pte--)
{
if (0 == InterlockedCompareExchange((PLONG)Pte, (LONG)Entry, 0))
{
break;
}
}
if (i <= Page % 1024)
{
KEBUGCHECK(0);
}
}
}
}
Address = (PVOID)((ULONG_PTR)HYPERSPACE + i * PAGE_SIZE);
__invlpg(Address);
return Address;
}
if (Page & 1024)
这句有什么用啊。
[课程]FART 脱壳王!加量不加价!FART作者讲授!
