PTE PTEPTE PTE Typedef struct MMPTELIST ULONG Valid

系統PTE區域的管理 PTE區域未必按照硬體所定義的PTE格式： 硬體PTE欄位： Typedef struct _MMPTE_LIST{ ULONG Valid : 1; ULONG One. Entry : 1; ULONG filler 1 : 8; ULONG prototype : 1; ULONG filler 1 : 1; ULONG Next. Entry : 20; } MMPTE_LIST;

PTE區域的管理 #define MM_SYS_PTE_TABLE_MAX 5 #define MM_PTE_TABLE_LIMIT 16 ULONG Mm. Sys. Pte. Index[MM_SYS_PTE_TABLE_MAX] = {1, 2, 4, 8, MM_PTE_TABLE_LIMIT}; UCHAR Mm. Sys. Pte. Tables[MM_PTE_TABLE_LIMIT+1] = {0, 0, 1, 2, 2, 3, 3, 4, 4, 4, 4}; ULONG Mm. Sys. Pte. Minimum. Free[MM_SYS_PTE_TABLE_MAX] = {100, 50, 30, 20}; PVOID Mi. System. Pte. NBHead[MM_SYS_PTE_TABLE_MAX]; ULONG Mm. Sys. Pte. List. By. Size. Count[MM_SYS_PTE_TABLE_MAX]; ULONG Mm. Total. Free. System. Ptes[Maximum. Pte. Pool. Types]; ULONG Mm. System. Ptes. Start[Maximum. Pte. Pool. Types]; ULONG Mm. System. Ptes. End[Maximum. Pte. Pool. Types]; MMPTE Mm. First. Free. System. Pte[Maximum. Pte. Pool. Types];

PTE區域的管理”實作” 主要函式有：basentosmmsysptes. c � Mi. Initialize. System. Ptes � Mi. Reserve. System. Ptes � Mi. Release. System. Ptes

PTE區域的管理”實作” 流程： � Mi. Initialize. System. Ptes初始化PTE區域 初始化PTE單串列，每個node是一塊記憶體，稱做 chunk。 � Mi. Reserve. System. Ptes會申請一塊很大的PTE區段， 然後按小區塊釋放頁面。 PMMPTE NTAPI Mi. Reserve. System. Ptes ( IN ULONG Number. Of. Ptes, IN MMSYSTEM_PTE_POOL_TYPE System. Pte. Pool. Type ) System. Pte. Pool. Type : System. Pte. Space, Non. Paged. Pool. Expansion

PTE區域的管理”實作” Mi. Reserve. System. Ptes： � 根據Number. Of. Ptes決定使用哪種佇列 � 如果佇列區塊數量<預定的最小值 Mm. Sys. Pte. List. By. Size. Count < Mm. Sys. Pte. Minimum. Free 呼叫Mi. Feed. Sys. Pte. Pool函式，獲得更多區塊。 � 如果Number. Of. Ptes>16，或沒辦法取得指定大小 區塊。 呼叫Mi. Reserve. Aligned. System. Ptes

行程位址空間的建立 呼叫Mm. Create. Process. Address. Space函式建立 BLEEN 位址空間 Mm. Create. Process. Address. Space ( IN ULONG Minimum. Working. Set. Size , //建立行程的最小 作集的大小 IN PROCESS New. Process , //建立行程的行程物件 OUT PULONG_PTR Directory. Table. Base //指向行程位址空間的分頁目錄位址 ); 這裡僅介紹Intel x 86版本，其程式碼位於 basentosmmi 386procx 86. c檔案的28 -362行

行程位址空間的建立-函式流程 Step 1 確保系統有足夠的分頁檔 Mi. Charge. Commitment ( Real. Charge , Current. Process ) 在intel x 86上需確保 4個頁面

行程位址空間的建立-函式流程 Step 6 作集串列 實體頁面 Step 7 初始化Vm. Minimum. Working. Set. Size , Working. Set. Page , Directory. Table. Base

行程位址空間的建立-函式流程 接下來呼叫Mm. Initialize. Process. Address. Space 函式初始化使用者空間部分(0 x 0 -0 x 7 fffffff) NTSTSTUS Mm. Initialize. Process. Address. Space ( IN PEPROCESS Process. To. Initialize , //要初始化的目標行程 IN PEPROCESS Process. To. Clone OPTIONAL , //新行程的位址空間可從該行程複製獲得 IN PVOID Section. To. Map OPTIONAL , //提供一記憶體區段物件，鰾是在新行程位址空間中對應此物件 IN OUT PULONG Create. Flags , //各種與行程建立相關的旗標 OUT POBJECT_NAME_INFORMATION *Audit. Name OPTIONAL , //物件名稱資訊指標 );

行程位址空間的建立-函式流程 Step 1 判斷是否更新新行程空間中的系統PDE( 分頁後半部分)，若需要則呼叫 Mi. Update. System. Pdes Step 2 呼叫Ke. Attach. Process把目前緒程”暫時” 附加至待初始化的行程物件上 Step 3 標明目前正在使用位址空間 2 Process. To. Initialize->Flags = PS_PROCESS_FLAGS_ADDRESS_SPACE 2 Step 4 初始化位址建立鎖及 作集互斥器 Process. To. Initialize->Address. Creation. Lock Process. To. Initialize->Vm. Working. Set. Mutex

VAD (Virtual Address Descriptor) EPROCESS MM_AVL_TABLE MMAVL_TABLE* vad. Root MMADDRESS_NODE balanced. Root

MM_AVL_TABLE typedef struct _MM_AVL_TABLE { MMADDRESS_NODE Balanced. Root; ULONG_PTR Depth. Of. Tree: 5; ULONG_PRT Unused: 3; ULONG_PRT Number. Generic. Table. Elements: 24; PVOID Node. Hint; PVOID Node. Free. Hint; } MM_AVL_TABLE, *PMM_AVL_TABLE;

MMVAD typedef struct _MM_MMADDRESS_NODE { union { LONG_PTR Balance : 2; struct _MMVAD * parent; } struct _MMVAD * Left. Child; struct _MMVAD * Right. Child; ULONG_PTR Starting. Vpn; ULONG_PTR Ending. Vpn; } MMADDRESS_NODE, *PMMADDRESS_NODE;

AVL Tree Vad. Root. Balanced. Root. Right. Child [20, 20] [130, 134] [270, 2 a 3] [240, 24 f] [300, 305] Root [410, 50 f] [67000, 6700 e] [77 c 50, 77 cee] [77 e 40, 77 f 41] [7 c 800, 7 c 8 bf] [7 ffb 0, 7 ffd 3] [7 ffdd, 7 ffde]

Basentosmmaddrsup. c Mi. Find. Node. Or. Parent () Mi. Insert. Node() Mi. Remove. Node()

VAD點陣圖 Mi. Insert. Vad. Charges() Start. Bit = (ULONG) (((ULONG)MI_64 K_ALIGN (MI_VPN_TO_VA(Vad>Starting. Vpn)))/X 64 K); End. Bit = (ULONG) (((ULONG)MI_64 K_ALIGN (MI_VPN_TO_VA(Vad>Ending. Vpn)))/X 64 K); Vad. Bit. Map. Size. Of. Bit. Map = Mi. Last. Mad. Bit + 1; Bad. Bit. Map. Buffer = VAD_BITMAP_SPACE; Rtl. Set. Bits (&Vad. Bit. Map, Start. Bit, End. Bit – Start. Bit + 1);

4. 4. 2 軟體PTE : 無效 PTE 和原型PTE 975402009黃子權

四種無效PTE情形(1) 位於分頁檔 p typedef struct _MMPTE_SOFTWARE { p ULONG Valid : 1; p ULONG Page. File. Low : 4; 用于索引在哪个页面文件中，页面文件的结 構MMPAGING_FILE 儲存在一个Mm. Paging. File的數组中 一共可以支持16 個页面文件 p ULONG Protection : 5; p ULONG Prototype : 1; p ULONG Transition : 1; p ULONG Page. File. High : 20; 在页面文件中的偏移 p } MMPTE_SOFTWARE;

四種無效PTE情形(3) 頁面轉移 p typedef struct _MMPTE_TRANSITION { p ULONG Valid : 1; p ULONG Write : 1; p ULONG Owner : 1; p ULONG Write. Through : 1; p ULONG Cache. Disable : 1; p ULONG Protection : 5; p ULONG Prototype : 1; p ULONG Transition : 1; p ULONG Page. Frame. Number :

指向原型PTE的無效PTE 指向原型PTE的無效PTE定義: p typedef struct _MMPTE_PROTOTYPE { p ULONG Valid : 1; p ULONG Proto. Address. Low : 7; p ULONG Read. Only : 1; // if set allow read only access. p ULONG Which. Pool : 1; 再哪个换页内儲存中 p ULONG Prototype : 1; p ULONG Proto. Address. High : 21; 原型PTE所在偏移 p } MMPTE_PROTOTYPE