标准MDL方法修改Page、NonPage内存的属性
typedefstruct_REPROTECT_CONTEXT{PMDLMdl;PUCHARLockedVa;}REPROTECT_CONTEXT,*PREPROTECT_CONTEXT;NTSTATUSMmLockVaForWrite(__inPVOIDVa,__inULONGLength,__outPREPROTECT_CONTEXTReprotectContext){NTSTATUSStatus;Status=STATUS_SUCCESS;ReprotectContext->Mdl=0;ReprotectContext->LockedVa=0;ReprotectContext->Mdl=IoAllocateMdl(Va,Length,FALSE,FALSE,0);if(!ReprotectContext->Mdl){returnSTATUS_INSUFFICIENT_RESOURCES;}////RetrievealockedVAmapping.//__try{MmProbeAndLockPages(ReprotectContext->Mdl,KernelMode,IoModifyAccess);}__except(EXCEPTION_EXECUTE_HANDLER){returnGetExceptionCode();}ReprotectContext->LockedVa=(PUCHAR)MmMapLockedPagesSpecifyCache(ReprotectContext->Mdl,KernelMode,MmCached,0,FALSE,NormalPagePriority);if(!ReprotectContext->LockedVa){IoFreeMdl(ReprotectContext->Mdl);ReprotectContext->Mdl=0;returnSTATUS_ACCESS_VIOLATION;}////Reprotect.//Status=MmProtectMdlSystemAddress(ReprotectContext->Mdl,PAGE_EXECUTE_READWRITE);if(!NT_SUCCESS(Status)){MmUnmapLockedPages(ReprotectContext->LockedVa,ReprotectContext->Mdl);MmUnlockPages(ReprotectContext->Mdl);IoFreeMdl(ReprotectContext->Mdl);ReprotectContext->LockedVa=0;ReprotectContext->Mdl=0;}returnStatus;}NTSTATUSMmUnlockVaForWrite(__inPREPROTECT_CONTEXTReprotectContext){if(ReprotectContext->LockedVa){MmUnmapLockedPages(ReprotectContext->LockedVa,ReprotectContext->Mdl);MmUnlockPages(ReprotectContext->Mdl);IoFreeMdl(ReprotectContext->Mdl);ReprotectContext->LockedVa=0;ReprotectContext->Mdl=0;}returnSTATUS_SUCCESS;}
页:
[1]