VirtualBox

Changeset 52205 in vbox


Ignore:
Timestamp:
Jul 26, 2014 11:58:18 AM (11 years ago)
Author:
vboxsync
svn:sync-xref-src-repo-rev:
95265
Message:

VBox/err.h: four VERR_SUP_VP_* status codes for the latest SUP changes.

Location:
trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • trunk/include/VBox/err.h

    r51977 r52205  
    24932493 * http://www.symantec.com/connect/articles/creating-application-control-exclusions-symantec-endpoint-protection-121 */
    24942494#define VERR_SUP_VP_SYSFER_DLL                      (-5662)
    2495 
     2495/** Process Purification Failure: KERNE32.DLL already mapped into the initial
     2496 *  process (suspended). */
     2497#define VERR_SUP_VP_KERNEL32_ALREADY_MAPPED         (-5663)
     2498/** Process Purification Failure: NtFreeVirtualMemory failed on a chunk of
     2499 *  executable memory which shouldn't be present in the process. */
     2500#define VERR_SUP_VP_FREE_VIRTUAL_MEMORY_FAILED      (-5664)
     2501/** Process Purification Failure: Both NtUnmapViewOfSetion and
     2502 *  NtProtectVirtualMemory failed to get rid of or passify an non-image
     2503 *  exectuable mapping. */
     2504#define VERR_SUP_VP_UNMAP_AND_PROTECT_FAILED        (-5665)
     2505/** Process Purification Failure: Unknown memory type of executable memory.   */
     2506#define VERR_SUP_VP_UNKOWN_MEM_TYPE                 (-5666)
    24962507
    24972508/** @} */

  • trunk/src/VBox/HostDrivers/Support/win/SUPHardenedVerifyProcess-win.cpp

    r52204 r52205  
    12661266                    rcNt = NtFreeVirtualMemory(pThis->hProcess, &pvFree, &cbFree, MEM_RELEASE);
    12671267                    if (!NT_SUCCESS(rcNt))
    1268                         supHardNtVpSetInfo2(pThis, VERR_GENERAL_FAILURE,
     1268                        supHardNtVpSetInfo2(pThis, VERR_SUP_VP_FREE_VIRTUAL_MEMORY_FAILED,
    12691269                                            "NtFreeVirtualMemory (%p LB %#zx) failed: %#x",
    12701270                                            MemInfo.BaseAddress, MemInfo.RegionSize, rcNt);
     
    12861286                            rcNt2 = NtProtectVirtualMemory(pThis->hProcess, &pvCopy, &cbCopy, PAGE_READONLY, NULL);
    12871287                        if (!NT_SUCCESS(rcNt2))
    1288                             supHardNtVpSetInfo2(pThis, VERR_GENERAL_FAILURE,
     1288                            supHardNtVpSetInfo2(pThis, VERR_SUP_VP_UNMAP_AND_PROTECT_FAILED,
    12891289                                                "NtUnmapViewOfSection (%p/%p LB %#zx) failed: %#x (%#x)",
    12901290                                                MemInfo.AllocationBase, MemInfo.BaseAddress, MemInfo.RegionSize, rcNt, rcNt2);
     
    12921292                }
    12931293                else
    1294                     supHardNtVpSetInfo2(pThis, VERR_GENERAL_FAILURE,
     1294                    supHardNtVpSetInfo2(pThis, VERR_SUP_VP_UNKOWN_MEM_TYPE,
    12951295                                        "Unknown executable memory type %#x at %p/%p LB %#zx",
    12961296                                        MemInfo.Type, MemInfo.AllocationBase, MemInfo.BaseAddress, MemInfo.RegionSize);
     
    15591559                                   "The process has no KERNEL32.DLL.");
    15601560    else if (iKernel32 != UINT32_MAX && pThis->enmKind == SUPHARDNTVPKIND_CHILD_PURIFICATION)
    1561         return supHardNtVpSetInfo2(pThis, VERR_GENERAL_FAILURE,
     1561        return supHardNtVpSetInfo2(pThis, VERR_SUP_VP_KERNEL32_ALREADY_MAPPED,
    15621562                                   "The process already has KERNEL32.DLL loaded.");
    15631563
Note: See TracChangeset for help on using the changeset viewer.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette