API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Aug 18th, 2019
107
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 13.46 KB | None | 0 0
raw download clone embed print report
  1. Result __fastcall KMemoryBlockManager::CreateUserAddressSpace(KMemoryManager *this, AddressSpaceType addrspaceType, bool enableAslr, bool aslrDisabled, u64 *pageTable, unsigned __int64 addrspaceMinAddr, u64 addrspaceMaxAddr, MemoryRegion memregion, u64 addr, u64 size, KDynamicSlabAllocator *kMemoryBlockAllocator, KDynamicSlabAllocator *allocator2)
  2. {
  3. u64 endaddr; // x11
  4. KMemoryManager *this2; // x19
  5. bool v14; // cf
  6. bool v15; // zf
  7. signed __int64 new_map_region_size; // x17
  8. signed __int64 tls_io_region_size; // x0
  9. unsigned __int64 addr_space_size; // x8
  10. signed __int64 tlsIoAndnewMapRegionEndAddr; // x9
  11. signed __int64 new_map_region_base_addr; // x10
  12. signed __int64 map_region_size; // x1
  13. signed __int64 heap_region_size; // x20
  14. u64 some_kind_of_addr; // x12
  15. signed __int64 addr_space_start_addr; // x11
  16. u64 some_kind_of_endaddr; // x8
  17. signed __int64 v26; // x26
  18. u64 *new_map_region_addr; // x24
  19. u64 *v28; // x23
  20. u64 *tlsIoBaseAddrPtr; // x22
  21. signed __int64 addrspace_base; // x28
  22. u64 v31; // x8
  23. u64 total_region_size; // x9
  24. u64 v33; // x8
  25. u64 v35; // x25
  26. signed __int64 v36; // ST08_8
  27. signed __int64 v37; // ST10_8
  28. u64 *v38; // ST28_8
  29. unsigned __int64 v39; // ST30_8
  30. u64 v40; // ST38_8
  31. bool v41; // ST20_1
  32. MemoryRegion v42; // ST24_4
  33. signed __int64 v43; // ST18_8
  34. u64 map_region_start_offset; // x21
  35. u64 heap_region_start_offset; // x27
  36. signed __int64 v46; // ST00_8
  37. u64 v47; // x20
  38. u64 v48; // x0
  39. u64 new_map_region_start_offset; // x2
  40. u64 tls_io_region_start_offset; // x9
  41. u64 *v51; // x8
  42. u64 *v52; // x12
  43. signed __int64 first_region_size; // x14
  44. u64 *last_region_end_addr; // x15
  45. u64 *v55; // x11
  46. u64 *last_region_base_addr; // x13
  47. signed __int64 v57; // x14
  48. u64 *v58; // x15
  49. u64 *v59; // x13
  50. u64 v60; // x13
  51. signed __int64 v61; // x14
  52. u64 *v62; // x13
  53. u64 *v63; // x15
  54. u64 *v64; // x14
  55. signed __int64 v65; // x13
  56. u64 v66; // x12
  57. u64 *v67; // x13
  58. signed __int64 v68; // x12
  59. bool v69; // cf
  60. u64 *v70; // x9
  61. signed __int64 v71; // x11
  62. u64 *v72; // x12
  63. unsigned __int64 v73; // x9
  64. BOOL v74; // w11
  65. signed int v75; // w13
  66. signed int v76; // w12
  67. signed int v77; // w11
  68. u64 v78; // x13
  69. unsigned __int64 v79; // x11
  70. u64 v80; // x12
  71. u64 v81; // x10
  72. u64 v82; // x15
  73. unsigned __int64 v83; // x8
  74. u64 v84; // x16
  75. unsigned __int64 v85; // x14
  76. u64 v86; // x17
  77. unsigned __int64 v87; // x12
  78. unsigned __int64 v88; // x10
  79. unsigned __int64 v89; // x13
  80. unsigned __int64 v90; // x8
  81.  
  82. endaddr = size + addr;
  83. this2 = this;
  84. if ( addrspaceMinAddr <= addr )
  85. {
  86. v14 = endaddr >= addr;
  87. v15 = endaddr == addr;
  88. }
  89. else
  90. {
  91. v14 = 0;
  92. v15 = 0;
  93. }
  94. if ( v15 || !v14 || endaddr - 1 > addrspaceMaxAddr - 1 )
  95. def_80073680:
  96. kernelpanic();
  97. switch ( addrspaceType & 0xE )
  98. {
  99. case ADDRSPACE_REGULAR_32BIT:
  100. new_map_region_size = 0LL;
  101. tls_io_region_size = 0LL;
  102. addr_space_size = 0x3FE00000LL;
  103. this2->addrSpaceWidth = 32;
  104. tlsIoAndnewMapRegionEndAddr = 0x40000000LL;
  105. new_map_region_base_addr = 0x200000LL;
  106. map_region_size = 0x40000000LL;
  107. heap_region_size = 0x40000000LL;
  108. goto LABEL_12;
  109. case ADDRSPACE_REGULAR_36BIT:
  110. new_map_region_size = 0LL;
  111. tls_io_region_size = 0LL;
  112. map_region_size = 0x180000000LL;
  113. this2->addrSpaceWidth = 36;
  114. addr_space_size = 0x78000000LL;
  115. tlsIoAndnewMapRegionEndAddr = 0x80000000LL;
  116. new_map_region_base_addr = 0x8000000LL;
  117. heap_region_size = 0x180000000LL;
  118. addr_space_start_addr = 0x8000000LL;
  119. some_kind_of_addr = 0x8000000LL;
  120. goto LABEL_13;
  121. case ADDRSPACE_NOMAP_32BIT:
  122. map_region_size = 0LL;
  123. new_map_region_size = 0LL;
  124. tls_io_region_size = 0LL;
  125. this2->addrSpaceWidth = 32;
  126. addr_space_size = 0x3FE00000LL;
  127. heap_region_size = 0x80000000LL;
  128. tlsIoAndnewMapRegionEndAddr = 0x40000000LL;
  129. new_map_region_base_addr = 0x200000LL;
  130. LABEL_12:
  131. addr_space_start_addr = 0x200000LL;
  132. some_kind_of_addr = 0x200000LL;
  133. goto LABEL_13;
  134. case ADDRSPACE_REGULAR_39BIT:
  135. this->addrSpaceWidth = 39;
  136. some_kind_of_addr = addr & 0xFFFFFFFFFFE00000LL;
  137. new_map_region_base_addr = 0LL;
  138. tlsIoAndnewMapRegionEndAddr = 0LL;
  139. heap_region_size = 0x180000000LL;
  140. addr_space_size = ((endaddr + 0x1FFFFF) & 0xFFFFFFFFFFE00000LL) - (addr & 0xFFFFFFFFFFE00000LL);
  141. map_region_size = 0x1000000000LL;
  142. addr_space_start_addr = 0x8000000LL;
  143. new_map_region_size = 0x80000000LL;
  144. tls_io_region_size = 0x1000000000LL;
  145. LABEL_13:
  146. some_kind_of_endaddr = some_kind_of_addr + addr_space_size;
  147. this2->tlsIoEndAddr = tlsIoAndnewMapRegionEndAddr;
  148. v26 = (signed __int64)&this2->tlsIoEndAddr;
  149. *(_QWORD *)(v26 - 24) = new_map_region_base_addr;// this2->newMapRegionEndAddr = v20
  150. new_map_region_addr = &this2->newMapRegionBaseAddr;
  151. this2->newMapRegionEndAddr = tlsIoAndnewMapRegionEndAddr;
  152. v28 = &this2->newMapRegionEndAddr;
  153. this2->tlsIoBaseAddr = new_map_region_base_addr;
  154. tlsIoBaseAddrPtr = &this2->tlsIoBaseAddr;
  155. *(_BYTE *)(v26 + 89) = enableAslr;
  156. *(_QWORD *)(v26 + 96) = kMemoryBlockAllocator;
  157. *(_QWORD *)(v26 + 104) = allocator2;
  158. if ( some_kind_of_addr - addr_space_start_addr >= addrspaceMaxAddr - some_kind_of_endaddr )
  159. addrspace_base = addr_space_start_addr;
  160. else
  161. addrspace_base = some_kind_of_endaddr;
  162. if ( some_kind_of_addr - addr_space_start_addr >= addrspaceMaxAddr - some_kind_of_endaddr )
  163. v31 = some_kind_of_addr - addr_space_start_addr;
  164. else
  165. v31 = addrspaceMaxAddr - some_kind_of_endaddr;
  166. total_region_size = heap_region_size + map_region_size + new_map_region_size + tls_io_region_size;
  167. v14 = v31 >= total_region_size;
  168. v33 = v31 - total_region_size;
  169. this2->addrSpaceMinAddr = addrspaceMinAddr;
  170. this2->addrSpaceMaxAddr = addrspaceMaxAddr;
  171. this2->isKernel = 0;
  172. if ( !v14 )
  173. return 53249;
  174. if ( enableAslr )
  175. {
  176. v35 = v33 >> 21;
  177. v36 = map_region_size;
  178. v37 = tls_io_region_size;
  179. v38 = pageTable;
  180. v39 = addrspaceMinAddr;
  181. v40 = addrspaceMaxAddr;
  182. v41 = aslrDisabled;
  183. v42 = memregion;
  184. v43 = new_map_region_size;
  185. map_region_start_offset = randrange(0LL, v33 >> 21) << 21;
  186. heap_region_start_offset = randrange(0LL, v35) << 21;
  187. v46 = heap_region_size;
  188. v47 = randrange(0LL, v35) << 21;
  189. v48 = randrange(0LL, v35);
  190. new_map_region_start_offset = v47;
  191. heap_region_size = v46;
  192. map_region_size = v36;
  193. aslrDisabled = v41;
  194. memregion = v42;
  195. addrspaceMaxAddr = v40;
  196. pageTable = v38;
  197. addrspaceMinAddr = v39;
  198. tls_io_region_start_offset = v48 << 21;
  199. tls_io_region_size = v37;
  200. new_map_region_size = v43;
  201. }
  202. else
  203. {
  204. map_region_start_offset = 0LL;
  205. heap_region_start_offset = 0LL;
  206. new_map_region_start_offset = 0LL;
  207. tls_io_region_start_offset = 0LL;
  208. }
  209. this2->heapRegionEndAddr = heap_region_start_offset + addrspace_base + heap_region_size;
  210. v51 = &this2->heapRegionEndAddr;
  211. this2->mapRegionBaseAddr = map_region_start_offset + addrspace_base;
  212. v52 = &this2->mapRegionBaseAddr;
  213. if ( map_region_start_offset <= heap_region_start_offset )
  214. first_region_size = map_region_size;
  215. else
  216. first_region_size = heap_region_size;
  217. this2->mapRegionEndAddr = map_region_start_offset + addrspace_base + map_region_size;
  218. if ( map_region_start_offset <= heap_region_start_offset )
  219. last_region_end_addr = &this2->heapRegionEndAddr;
  220. else
  221. last_region_end_addr = &this2->mapRegionEndAddr;
  222. this2->heapRegionBaseAddr = heap_region_start_offset + addrspace_base;
  223. v55 = &this2->heapRegionBaseAddr;
  224. if ( map_region_start_offset <= heap_region_start_offset )
  225. last_region_base_addr = &this2->heapRegionBaseAddr;
  226. else
  227. last_region_base_addr = &this2->mapRegionBaseAddr;
  228. *last_region_base_addr += first_region_size;
  229. *last_region_end_addr += first_region_size;
  230. if ( new_map_region_size )
  231. {
  232. *new_map_region_addr = new_map_region_start_offset + addrspace_base;
  233. if ( map_region_start_offset >= new_map_region_start_offset )
  234. v57 = new_map_region_size;
  235. else
  236. v57 = map_region_size;
  237. if ( map_region_start_offset >= new_map_region_start_offset )
  238. v58 = &this2->mapRegionEndAddr;
  239. else
  240. v58 = &this2->newMapRegionEndAddr;
  241. *v28 = new_map_region_start_offset + addrspace_base + new_map_region_size;
  242. if ( map_region_start_offset >= new_map_region_start_offset )
  243. v59 = &this2->mapRegionBaseAddr;
  244. else
  245. v59 = &this2->newMapRegionBaseAddr;
  246. *v59 += v57;
  247. v60 = *v58 + v57;
  248. if ( heap_region_start_offset >= new_map_region_start_offset )
  249. v61 = new_map_region_size;
  250. else
  251. v61 = heap_region_size;
  252. *v58 = v60;
  253. if ( heap_region_start_offset >= new_map_region_start_offset )
  254. v62 = &this2->heapRegionBaseAddr;
  255. else
  256. v62 = &this2->newMapRegionBaseAddr;
  257. if ( heap_region_start_offset >= new_map_region_start_offset )
  258. v63 = &this2->heapRegionEndAddr;
  259. else
  260. v63 = &this2->newMapRegionEndAddr;
  261. *v62 += v61;
  262. *v63 += v61;
  263. }
  264. if ( tls_io_region_size )
  265. {
  266. *tlsIoBaseAddrPtr = tls_io_region_start_offset + addrspace_base;
  267. if ( map_region_start_offset < tls_io_region_start_offset )
  268. v52 = &this2->tlsIoBaseAddr;
  269. if ( map_region_start_offset >= tls_io_region_start_offset )
  270. v64 = &this2->mapRegionEndAddr;
  271. else
  272. v64 = &this2->tlsIoEndAddr;
  273. *(_QWORD *)v26 = tls_io_region_start_offset + addrspace_base + tls_io_region_size;
  274. if ( map_region_start_offset >= tls_io_region_start_offset )
  275. v65 = tls_io_region_size;
  276. else
  277. v65 = map_region_size;
  278. if ( heap_region_start_offset < tls_io_region_start_offset )
  279. v55 = &this2->tlsIoBaseAddr;
  280. *v52 += v65;
  281. v66 = *v64 + v65;
  282. if ( heap_region_start_offset >= tls_io_region_start_offset )
  283. v67 = &this2->heapRegionEndAddr;
  284. else
  285. v67 = &this2->tlsIoEndAddr;
  286. *v64 = v66;
  287. if ( heap_region_start_offset >= tls_io_region_start_offset )
  288. v68 = tls_io_region_size;
  289. else
  290. v68 = heap_region_size;
  291. *v55 += v68;
  292. *v67 += v68;
  293. if ( new_map_region_size )
  294. {
  295. v69 = new_map_region_start_offset >= tls_io_region_start_offset;
  296. if ( new_map_region_start_offset >= tls_io_region_start_offset )
  297. v70 = &this2->newMapRegionBaseAddr;
  298. else
  299. v70 = &this2->tlsIoBaseAddr;
  300. if ( v69 )
  301. v71 = tls_io_region_size;
  302. else
  303. v71 = new_map_region_size;
  304. if ( v69 )
  305. v72 = &this2->newMapRegionEndAddr;
  306. else
  307. v72 = &this2->tlsIoEndAddr;
  308. *v70 += v71;
  309. *v72 += v71;
  310. }
  311. }
  312. v73 = this2->heapRegionBaseAddr;
  313. this2->heapCapacity = 0LL;
  314. this2->personalMmHeapUsage = 0LL;
  315. this2->currentHeapAddr = v73;
  316. v74 = kernelmemconfig_bit0_set_fill_pattern;
  317. this2->memRegionAndAslr = aslrDisabled | 16 * memregion;
  318. if ( v74 )
  319. v75 = 90;
  320. else
  321. v75 = 0;
  322. if ( v74 )
  323. v76 = 89;
  324. else
  325. v76 = 0;
  326. if ( v74 )
  327. v77 = 88;
  328. else
  329. v77 = 0;
  330. this2->heapFillPatternZ = v75;
  331. this2->fillPatternY = v76;
  332. this2->fillPatternX = v77;
  333. v78 = this2->addrSpaceMinAddr;
  334. v79 = this2->mapRegionBaseAddr;
  335. if ( v78 > v79 )
  336. goto def_80073680;
  337. v80 = this2->addrSpaceMaxAddr;
  338. if ( v79 > v80 )
  339. goto def_80073680;
  340. v81 = this2->mapRegionEndAddr;
  341. if ( v78 > v81 )
  342. goto def_80073680;
  343. if ( v81 > v80 )
  344. goto def_80073680;
  345. if ( v78 > v73 )
  346. goto def_80073680;
  347. if ( v73 > v80 )
  348. goto def_80073680;
  349. v82 = *v51;
  350. if ( v78 > *v51 )
  351. goto def_80073680;
  352. if ( v82 > v80 )
  353. goto def_80073680;
  354. v83 = *new_map_region_addr;
  355. if ( v78 > *new_map_region_addr )
  356. goto def_80073680;
  357. if ( v83 > v80 )
  358. goto def_80073680;
  359. v84 = *v28;
  360. if ( v78 > *v28 )
  361. goto def_80073680;
  362. if ( v84 > v80 )
  363. goto def_80073680;
  364. v85 = *tlsIoBaseAddrPtr;
  365. if ( v78 > *tlsIoBaseAddrPtr )
  366. goto def_80073680;
  367. if ( v85 > v80 )
  368. goto def_80073680;
  369. v86 = *(_QWORD *)v26;
  370. if ( v78 > *(_QWORD *)v26 )
  371. goto def_80073680;
  372. if ( v86 > v80 )
  373. goto def_80073680;
  374. v87 = v81 - 1;
  375. v88 = v82 - 1;
  376. if ( v87 >= v73 && v88 >= v79 )
  377. goto def_80073680;
  378. v89 = v84 - 1;
  379. if ( v87 >= v83 && v89 >= v79 )
  380. goto def_80073680;
  381. if ( v88 >= v83 && v89 >= v73 )
  382. goto def_80073680;
  383. v90 = v86 - 1;
  384. if ( v87 >= v85 && v90 >= v79 )
  385. goto def_80073680;
  386. if ( v88 >= v85 && v90 >= v73 )
  387. goto def_80073680;
  388. KPageTable::KPageTable(&this2->pageTable, pageTable, addrspaceMinAddr, addrspaceMaxAddr);
  389. return KMemoryBlockManager::KMemoryBlockManager(
  390. &this2->memoryBlockManager,
  391. this2->addrSpaceMinAddr,
  392. this2->addrSpaceMaxAddr,
  393. this2->kMemoryBlockAllocator);
  394. default:
  395. goto def_80073680;
  396. }
  397. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!