Changeset 52135 in vbox for trunk/src/VBox/HostDrivers
- Timestamp:
- Jul 22, 2014 7:14:54 PM (10 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/VBox/HostDrivers/Support/win/SUPDrv-win.cpp
r51955 r52135 2760 2760 if ( pNtProtect->enmProcessKind == kSupDrvNtProtectKind_VmProcessUnconfirmed 2761 2761 && pNtProtect->fFirstProcessCreateHandle 2762 && pOpInfo->KernelHandle == 0 2762 2763 && pNtProtect->hParentPid == PsGetProcessId(PsGetCurrentProcess())) 2763 2764 { … … 2787 2788 && pNtProtect->enmProcessKind == kSupDrvNtProtectKind_VmProcessUnconfirmed 2788 2789 && pNtProtect->fCsrssFirstProcessCreateHandle 2789 && supdrvNtProtectIsAssociatedCsrss(pNtProtect, PsGetCurrentProcess())2790 )2790 && pOpInfo->KernelHandle == 0 2791 && supdrvNtProtectIsAssociatedCsrss(pNtProtect, PsGetCurrentProcess()) ) 2791 2792 { 2792 2793 pNtProtect->fCsrssFirstProcessCreateHandle = false; … … 2813 2814 && pOpInfo->Parameters->CreateHandleInformation.DesiredAccess == 0x1478 /* 6.1.7600.16385 (win7_rtm.090713-1255) */ 2814 2815 && pNtProtect->fThemesFirstProcessCreateHandle 2815 && supdrvNtProtectIsFrigginThemesService(pNtProtect, PsGetCurrentProcess())) 2816 && pOpInfo->KernelHandle == 0 2817 && supdrvNtProtectIsFrigginThemesService(pNtProtect, PsGetCurrentProcess()) ) 2816 2818 { 2817 2819 pNtProtect->fThemesFirstProcessCreateHandle = true; /* Only once! */ … … 2854 2856 && pNtProtect->enmProcessKind == kSupDrvNtProtectKind_VmProcessUnconfirmed 2855 2857 && pNtProtect->fCsrssFirstProcessDuplicateHandle 2858 && pOpInfo->KernelHandle == 0 2856 2859 && pNtProtect->hParentPid 2857 2860 == PsGetProcessId((PEPROCESS)pOpInfo->Parameters->DuplicateHandleInformation.SourceProcess) 2858 2861 && pOpInfo->Parameters->DuplicateHandleInformation.TargetProcess == PsGetCurrentProcess() 2859 && supdrvNtProtectIsAssociatedCsrss(pNtProtect, PsGetCurrentProcess()) 2860 ) 2862 && supdrvNtProtectIsAssociatedCsrss(pNtProtect, PsGetCurrentProcess()) ) 2861 2863 { 2862 2864 pNtProtect->fCsrssFirstProcessDuplicateHandle = false; … … 2992 2994 && pNtProtect->enmProcessKind == kSupDrvNtProtectKind_VmProcessUnconfirmed 2993 2995 && pNtProtect->fFirstThreadCreateHandle 2994 && pNtProtect->hParentPid == PsGetProcessId(PsGetCurrentProcess())) 2996 && pOpInfo->KernelHandle == 0 2997 && pNtProtect->hParentPid == PsGetProcessId(PsGetCurrentProcess()) ) 2995 2998 { 2996 2999 if ( !pOpInfo->KernelHandle … … 3013 3016 && ( (enmProcessKind = pNtProtect->enmProcessKind) == kSupDrvNtProtectKind_VmProcessConfirmed 3014 3017 || enmProcessKind == kSupDrvNtProtectKind_VmProcessUnconfirmed) 3018 && pOpInfo->KernelHandle == 0 3015 3019 && supdrvNtProtectIsAssociatedCsrss(pNtProtect, PsGetCurrentProcess()) ) 3016 3020 { … … 3056 3060 || enmProcessKind == kSupDrvNtProtectKind_VmProcessUnconfirmed) 3057 3061 && pOpInfo->Parameters->DuplicateHandleInformation.TargetProcess == PsGetCurrentProcess() 3062 && pOpInfo->KernelHandle == 0 3058 3063 && supdrvNtProtectIsAssociatedCsrss(pNtProtect, PsGetCurrentProcess()) ) 3059 3064 { … … 3147 3152 /* Duplicate entry, fail. */ 3148 3153 pNtProtect->u32Magic = SUPDRVNTPROTECT_MAGIC_DEAD; 3154 LogRel(("supdrvNtProtectCreate: Duplicate (%#x).\n", pNtProtect->AvlCore.Key)); 3149 3155 RTMemFree(pNtProtect); 3150 return VERR_ ACCESS_DENIED;3156 return VERR_DUPLICATE; 3151 3157 } 3152 3158 }
Note:
See TracChangeset
for help on using the changeset viewer.
