https://git.reactos.org/?p=reactos.git;a=commitdiff;h=96c65e94e1621efb8989aa5ee93961ad1690c6ba
commit 96c65e94e1621efb8989aa5ee93961ad1690c6ba
Author: Timo Kreuzer <timo.kreu...@reactos.org>
AuthorDate: Mon Sep 9 17:05:53 2024 +0300
Commit: Timo Kreuzer <timo.kreu...@reactos.org>
CommitDate: Mon Sep 16 16:04:43 2024 +0300
[NTOS:MM] Properly handle execution in NX section
This prevents processes from looping forever, thinking the fault was
already resolbed, because the page is writable.
---
ntoskrnl/mm/mmfault.c | 13 +++++++++++--
1 file changed, 11 insertions(+), 2 deletions(-)
diff --git a/ntoskrnl/mm/mmfault.c b/ntoskrnl/mm/mmfault.c
index cfd6d756d15..5dbdc7a8ac2 100644
--- a/ntoskrnl/mm/mmfault.c
+++ b/ntoskrnl/mm/mmfault.c
@@ -22,7 +22,8 @@ NTSTATUS
NTAPI
MmpAccessFault(KPROCESSOR_MODE Mode,
ULONG_PTR Address,
- BOOLEAN FromMdl)
+ BOOLEAN FromMdl,
+ ULONG FaultCode)
{
PMMSUPPORT AddressSpace;
MEMORY_AREA* MemoryArea;
@@ -36,6 +37,14 @@ MmpAccessFault(KPROCESSOR_MODE Mode,
return(STATUS_UNSUCCESSFUL);
}
+ /* Instruction fetch and the page is present.
+ This means the page is NX and we cannot do anything to "fix" it. */
+ if (MI_IS_INSTRUCTION_FETCH(FaultCode))
+ {
+ DPRINT1("Page fault instruction fetch at %p\n", Address);
+ return STATUS_ACCESS_VIOLATION;
+ }
+
/*
* Find the memory area for the faulting address
*/
@@ -285,7 +294,7 @@ Retry:
if (!MI_IS_NOT_PRESENT_FAULT(FaultCode))
{
/* Call access fault */
- Status = MmpAccessFault(Mode, (ULONG_PTR)Address, TrapInformation ?
FALSE : TRUE);
+ Status = MmpAccessFault(Mode, (ULONG_PTR)Address, TrapInformation ?
FALSE : TRUE, FaultCode);
}
else
{
