hfiref0x/directio.c

## directio.c
typedef struct _MAP_PARAMS {
   HANDLE SectionHandle;
   PVOID MapBaseAddressIoSpace;
   PMDL AllocatedMdl;
   DWORD MapSize;
   LARGE_INTEGER Offset;
   PVOID MapBaseAddress;
   BOOLEAN Writeable;
} MAP_PARAMS, *PMAP_PARAMS; //sizeof 45 bytes

NTSTATUS DirectIoUnmapMemory_IOCTL_8011E048(MAP_PARAMS *MapParams)
{
  NTSTATUS ntStatus;
  MAP_PARAMS *mapParams;

  ntStatus = STATUS_SUCCESS;
  mapParams = MapParams;
  if ( MapParams->SectionHandle )
    return ZwUnmapViewOfSection(ZwCurrentProcess(), MapParams->MapBaseAddress);
  MmUnmapLockedPages(MapParams->MapBaseAddress, MapParams->AllocatedMdl);
  IoFreeMdl(mapParams->AllocatedMdl);
  MmUnmapIoSpace(mapParams->MapBaseAddressIoSpace, mapParams->MapSize);
  return ntStatus;
}

NTSTATUS DirectIoMapMemory_IOCTL_8011E044(MAP_PARAMS *MapParams)
{
  MAP_PARAMS *mapParams;
  NTSTATUS ntStatus;
  PVOID mappedAddress;
  _MDL *mdl;
  PVOID mappedPages;
  ULONG_PTR ViewSize;
  UNICODE_STRING objectName;
  OBJECT_ATTRIBUTES ObjectAttributes;
  HANDLE SectionHandle;
  LARGE_INTEGER SectionOffset;
  PVOID RefObject;

  mapParams = MapParams;
  RefObject = 0;
  RtlInitUnicodeString(&objectName, L"\\Device\\PhysicalMemory");
  ObjectAttributes.Length = sizeof(OBJECT_ATTRIBUTES);
  ObjectAttributes.RootDirectory = 0;
  ObjectAttributes.Attributes = OBJ_KERNEL_HANDLE;
  ObjectAttributes.ObjectName = &objectName;
  _mm_storeu_si128(&ObjectAttributes.SecurityDescriptor, 0);
  SectionHandle = 0;
  ntStatus = ZwOpenSection(&SectionHandle, mapParams->Writeable != 0 ? SECTION_MAP_READ | SECTION_MAP_WRITE : SECTION_MAP_READ, &ObjectAttributes);
  if ( ntStatus >= 0 )
  {
    ntStatus = ObReferenceObjectByHandle(SectionHandle, mapParams->Writeable != 0 ? SECTION_MAP_READ | SECTION_MAP_WRITE : SECTION_MAP_READ, 0, 0, &RefObject, 0i64);
    if ( ntStatus >= 0 )
    {
      SectionOffset = mapParams->Offset;
      mapParams->MapBaseAddress = 0;
      ViewSize = mapParams->MapSize;
      ntStatus = ZwMapViewOfSection(
                   SectionHandle,
                   ZwCurrentProcess(),
                   &mapParams->MapBaseAddress,
                   0,
                   ViewSize,
                   &SectionOffset,
                   &ViewSize,
                   ViewShare,
                   0,
                   mapParams->Writeable != 0 ? PAGE_READWRITE | PAGE_NOCACHE : PAGE_READONLY | PAGE_NOCACHE);
      if ( ntStatus >= 0 )
      {
        mapParams->Offset = SectionOffset.QuadPart;
        mapParams->SectionHandle = SectionHandle;
        mapParams->MapBaseAddressIoSpace = 0;
        mapParams->AllocatedMdl = 0;
        ObfDereferenceObject(RefObject);
      }
    }
    ZwClose(SectionHandle);
  }
  if ( !(NT_SUCCESS(ntStatus)) && ntStatus != STATUS_INVALID_VIEW_SIZE )
  {
    _mm_lfence();
    mappedAddress = MmMapIoSpace(mapParams->Offset, mapParams->MapSize, 0);
    mapParams->MapBaseAddressIoSpace = mappedAddress;
    if ( mappedAddress )
    {
      _mm_lfence();
      mdl = IoAllocateMdl(mappedAddress, mapParams->MapSize, 0, 0, 0);
      mapParams->AllocatedMdl = mdl;
      if ( mdl )
      {
        MmBuildMdlForNonPagedPool(mdl);
        _mm_lfence();
        mappedPages = MmMapLockedPagesSpecifyCache(mapParams->AllocatedMdl, KernelMode, MmNonCached, 0, 0, NormalPagePriority);
        mapParams->MapBaseAddress = mappedPages;
        if ( mappedPages )
        {
          mapParams->SectionHandle = 0;
          ntStatus = 0;
        }
        else
        {
          _mm_lfence();
          ntStatus = STATUS_ACCESS_DENIED;
          IoFreeMdl(mapParams->AllocatedMdl);
          MmUnmapIoSpace(mapParams->MapBaseAddressIoSpace, mapParams->MapSize);
        }
      }
      else
      {
        _mm_lfence();
        ntStatus = STATUS_ACCESS_DENIED;
        MmUnmapIoSpace(mapParams->MapBaseAddressIoSpace, mapParams->MapSize);
      }
    }
    else
    {
      ntStatus = STATUS_ACCESS_DENIED;
    }
  }
  return ntStatus;
}
	typedef struct _MAP_PARAMS {
	HANDLE SectionHandle;
	PVOID MapBaseAddressIoSpace;
	PMDL AllocatedMdl;
	DWORD MapSize;
	LARGE_INTEGER Offset;
	PVOID MapBaseAddress;
	BOOLEAN Writeable;
	} MAP_PARAMS, *PMAP_PARAMS; //sizeof 45 bytes

	NTSTATUS DirectIoUnmapMemory_IOCTL_8011E048(MAP_PARAMS *MapParams)
	{
	NTSTATUS ntStatus;
	MAP_PARAMS *mapParams;

	ntStatus = STATUS_SUCCESS;
	mapParams = MapParams;
	if ( MapParams->SectionHandle )
	return ZwUnmapViewOfSection(ZwCurrentProcess(), MapParams->MapBaseAddress);
	MmUnmapLockedPages(MapParams->MapBaseAddress, MapParams->AllocatedMdl);
	IoFreeMdl(mapParams->AllocatedMdl);
	MmUnmapIoSpace(mapParams->MapBaseAddressIoSpace, mapParams->MapSize);
	return ntStatus;
	}

	NTSTATUS DirectIoMapMemory_IOCTL_8011E044(MAP_PARAMS *MapParams)
	{
	MAP_PARAMS *mapParams;
	NTSTATUS ntStatus;
	PVOID mappedAddress;
	_MDL *mdl;
	PVOID mappedPages;
	ULONG_PTR ViewSize;
	UNICODE_STRING objectName;
	OBJECT_ATTRIBUTES ObjectAttributes;
	HANDLE SectionHandle;
	LARGE_INTEGER SectionOffset;
	PVOID RefObject;

	mapParams = MapParams;
	RefObject = 0;
	RtlInitUnicodeString(&objectName, L"\\Device\\PhysicalMemory");
	ObjectAttributes.Length = sizeof(OBJECT_ATTRIBUTES);
	ObjectAttributes.RootDirectory = 0;
	ObjectAttributes.Attributes = OBJ_KERNEL_HANDLE;
	ObjectAttributes.ObjectName = &objectName;
	_mm_storeu_si128(&ObjectAttributes.SecurityDescriptor, 0);
	SectionHandle = 0;
	ntStatus = ZwOpenSection(&SectionHandle, mapParams->Writeable != 0 ? SECTION_MAP_READ \| SECTION_MAP_WRITE : SECTION_MAP_READ, &ObjectAttributes);
	if ( ntStatus >= 0 )
	{
	ntStatus = ObReferenceObjectByHandle(SectionHandle, mapParams->Writeable != 0 ? SECTION_MAP_READ \| SECTION_MAP_WRITE : SECTION_MAP_READ, 0, 0, &RefObject, 0i64);
	if ( ntStatus >= 0 )
	{
	SectionOffset = mapParams->Offset;
	mapParams->MapBaseAddress = 0;
	ViewSize = mapParams->MapSize;
	ntStatus = ZwMapViewOfSection(
	SectionHandle,
	ZwCurrentProcess(),
	&mapParams->MapBaseAddress,
	0,
	ViewSize,
	&SectionOffset,
	&ViewSize,
	ViewShare,
	0,
	mapParams->Writeable != 0 ? PAGE_READWRITE \| PAGE_NOCACHE : PAGE_READONLY \| PAGE_NOCACHE);
	if ( ntStatus >= 0 )
	{
	mapParams->Offset = SectionOffset.QuadPart;
	mapParams->SectionHandle = SectionHandle;
	mapParams->MapBaseAddressIoSpace = 0;
	mapParams->AllocatedMdl = 0;
	ObfDereferenceObject(RefObject);
	}
	}
	ZwClose(SectionHandle);
	}
	if ( !(NT_SUCCESS(ntStatus)) && ntStatus != STATUS_INVALID_VIEW_SIZE )
	{
	_mm_lfence();
	mappedAddress = MmMapIoSpace(mapParams->Offset, mapParams->MapSize, 0);
	mapParams->MapBaseAddressIoSpace = mappedAddress;
	if ( mappedAddress )
	{
	_mm_lfence();
	mdl = IoAllocateMdl(mappedAddress, mapParams->MapSize, 0, 0, 0);
	mapParams->AllocatedMdl = mdl;
	if ( mdl )
	{
	MmBuildMdlForNonPagedPool(mdl);
	_mm_lfence();
	mappedPages = MmMapLockedPagesSpecifyCache(mapParams->AllocatedMdl, KernelMode, MmNonCached, 0, 0, NormalPagePriority);
	mapParams->MapBaseAddress = mappedPages;
	if ( mappedPages )
	{
	mapParams->SectionHandle = 0;
	ntStatus = 0;
	}
	else
	{
	_mm_lfence();
	ntStatus = STATUS_ACCESS_DENIED;
	IoFreeMdl(mapParams->AllocatedMdl);
	MmUnmapIoSpace(mapParams->MapBaseAddressIoSpace, mapParams->MapSize);
	}
	}
	else
	{
	_mm_lfence();
	ntStatus = STATUS_ACCESS_DENIED;
	MmUnmapIoSpace(mapParams->MapBaseAddressIoSpace, mapParams->MapSize);
	}
	}
	else
	{
	ntStatus = STATUS_ACCESS_DENIED;
	}
	}
	return ntStatus;
	}