Changeset 2861 for trunk/kLdr/kLdrRdrFile.c

Timestamp:

Nov 10, 2006, 4:04:42 AM (19 years ago)

Author:

bird

Message:

Put the PE module interpreter thru the wringer and learnt how much the window file mapping API sucks.

File:

• trunk/kLdr/kLdrRdrFile.c (modified) (7 diffs)

trunk/kLdr/kLdrRdrFile.c

@@ -35 +35 @@
 
 #elif defined(__WIN32__) || defined(__WIN64__) || defined(__WIN__)
+# define WIN32_NO_STATUS
 # include <Windows.h>
 # ifndef __WIN__
 #  define __WIN__
 # endif
+# include <ntsecapi.h>
+# include <ntstatus.h>
+
+  /// @todo find a non-conflicting header with NTSTATUS, NTAPI, ++
+  typedef LONG NTSTATUS;
+  #define NT_SUCCESS(x) ((x)>=0)
+
+  typedef struct _OBJECT_ATTRIBUTES
+  {
+      ULONG   Length;
+      HANDLE  RootDirectory;
+      PUNICODE_STRING ObjectName;
+      ULONG   Attributes;
+      PVOID   SecurityDescriptor;
+      PVOID   SecurityQualityOfService;
+  } OBJECT_ATTRIBUTES, *POBJECT_ATTRIBUTES;
+
+  typedef enum _SECTION_INHERIT
+  {
+      ViewShare = 1,
+      ViewUnmap = 2
+  } SECTION_INHERIT;
+
+# define NTOSAPI __declspec(dllimport)
+# define NtCurrentProcess() GetCurrentProcess()
+
+# ifndef MEM_DOS_LIM
+#  define MEM_DOS_LIM 0x40000000UL
+# endif
+
+  NTOSAPI
+  NTSTATUS
+  NTAPI
+  NtCreateSection(
+      OUT PHANDLE SectionHandle,
+      IN ACCESS_MASK DesiredAccess,
+      IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
+      IN PLARGE_INTEGER SectionSize OPTIONAL,
+      IN ULONG Protect,
+      IN ULONG Attributes,
+      IN HANDLE FileHandle OPTIONAL
+  );
+
+  NTOSAPI
+  NTSTATUS
+  NTAPI
+  NtMapViewOfSection(
+      IN HANDLE SectionHandle,
+      IN HANDLE ProcessHandle,
+      IN OUT PVOID *BaseAddress,
+      IN ULONG ZeroBits,
+      IN ULONG CommitSize,
+      IN OUT PLARGE_INTEGER SectionOffset OPTIONAL,
+      IN OUT PSIZE_T ViewSize,
+      IN SECTION_INHERIT InheritDisposition,
+      IN ULONG AllocationType,
+      IN ULONG Protect
+  );
+
+  NTOSAPI
+  NTSTATUS
+  NTAPI
+  NtUnmapViewOfSection(
+      IN HANDLE ProcessHandle,
+      IN PVOID BaseAddress
+  );
+
+  NTOSAPI
+  NTSTATUS
+  NTAPI
+  NtClose(
+      IN HANDLE Handle
+  );
+
+  NTOSAPI
+  NTSTATUS
+  NTAPI
+  ZwProtectVirtualMemory(
+      IN HANDLE ProcessHandle,
+      IN OUT PVOID *BaseAddress,
+      IN OUT PULONG ProtectSize,
+      IN ULONG NewProtect,
+      OUT PULONG OldProtect
+  );
+# define NtProtectVirtualMemory ZwProtectVirtualMemory
+
+  NTOSAPI
+  NTSTATUS
+  NTAPI
+  NtAllocateVirtualMemory(
+      IN HANDLE ProcessHandle,
+      IN OUT PVOID *BaseAddress,
+      IN ULONG ZeroBits,
+      IN OUT PULONG AllocationSize,
+      IN ULONG AllocationType,
+      IN ULONG Protect
+  );
+
+  NTOSAPI
+  NTSTATUS
+  NTAPI
+  NtFreeVirtualMemory(
+      IN HANDLE ProcessHandle,
+      IN OUT PVOID *BaseAddress,
+      IN OUT PULONG FreeSize,
+      IN ULONG FreeType
+  );
 
 #else
@@ -46 +154 @@
 #include <kLdr.h>
 #include "kLdrHlp.h"
+
+
+/*******************************************************************************
+*   Defined Constants And Macros                                               *
+*******************************************************************************/
+/** @def KLDRRDRFILE_STRICT
+ * Define KLDRRDRFILE_STRICT to enabled strict checks in KLDRRDRFILE. */
+#define KLDRRDRFILE_STRICT 1
+
+/** @def KLDRRDRFILE_ASSERT
+ * Assert that an expression is true when KLDRRDRFILE_STRICT is defined.
+ */
+#ifdef KLDRRDRFILE_STRICT
+# define KLDRRDRFILE_ASSERT(expr)  kldrHlpAssert(expr)
+#else
+# define KLDRRDRFILE_ASSERT(expr)  do {} while (0)
+#endif
 
 
@@ -102 +227 @@
 *******************************************************************************/
 static void     kldrRdrFileDone(PKLDRRDR pRdr);
-static int      kldrRdrFileUnprepare(PKLDRRDR pRdr, void *pv, size_t cb);
-static int      kldrRdrFileUnmap(PKLDRRDR pRdr, void *pv, size_t cb);
-static int      kldrRdrFileProtect(PKLDRRDR pRdr, void *pv, size_t cb, KLDRPROT enmProt);
-static int      kldrRdrFileRefreshMap(PKLDRRDR pRdr, void *pv, size_t cb, KLDRPROT enmProt, off_t offFile, size_t cbFile);
-static int      kldrRdrFileMap(PKLDRRDR pRdr, void *pv, size_t cb, KLDRPROT enmProt, off_t offFile, size_t cbFile);
-static int      kldrRdrFilePrepare(PKLDRRDR pRdr, void **ppv, size_t cb, unsigned fFixed);
+static int      kldrRdrFileUnmap(PKLDRRDR pRdr, void *pvBase, uint32_t cSegments, PCKLDRSEG paSegments);
+static int      kldrRdrFileGenericUnmap(PKLDRRDR pRdr, PKLDRRDRFILEPREP pPrep, uint32_t cSegments, PCKLDRSEG paSegments);
+static int      kldrRdrFileProtect(PKLDRRDR pRdr, void *pvBase, uint32_t cSegments, PCKLDRSEG paSegments, unsigned fUnprotectOrProtect);
+static int      kldrRdrFileGenericProtect(PKLDRRDR pRdr, PKLDRRDRFILEPREP pPrep, uint32_t cSegments, PCKLDRSEG paSegments, unsigned fUnprotectOrProtect);
+static int      kldrRdrFileRefresh(PKLDRRDR pRdr, void *pvBase, uint32_t cSegments, PCKLDRSEG paSegments);
+static int      kldrRdrFileGenericRefresh(PKLDRRDR pRdr, PKLDRRDRFILEPREP pPrep, uint32_t cSegments, PCKLDRSEG paSegments);
+static int      kldrRdrFileMap(PKLDRRDR pRdr, void *ppvBase, uint32_t cSegments, PCKLDRSEG paSegments, unsigned fFixed);
+static int      kldrRdrFileGenericMap(PKLDRRDR pRdr, PKLDRRDRFILEPREP pPrep, uint32_t cSegments, PCKLDRSEG paSegments, unsigned fFixed);
 static size_t   kldrRdrFilePageSize(PKLDRRDR pRdr);
 static const char *kldrRdrFileName(PKLDRRDR pRdr);
@@ -136 +263 @@
     kldrRdrFileName,
     kldrRdrFilePageSize,
-    kldrRdrFilePrepare,
     kldrRdrFileMap,
-    kldrRdrFileRefreshMap,
+    kldrRdrFileRefresh,
     kldrRdrFileProtect,
     kldrRdrFileUnmap,
-    kldrRdrFileUnprepare,
     kldrRdrFileDone,
     42
 };
+
+
+#if defined(__WIN__) || defined(__NT__)
+/**
+ * Converts a kLdr segment protection to NT protection for a mapping.
+ *
+ * @returns Nt page protection.
+ * @param   enmProt     kLdr protection.
+ */
+static ULONG kldrRdrFileGetNtMapProt(KLDRPROT enmProt)
+{
+    switch (enmProt)
+    {
+        case KLDRPROT_NOACCESS:             return PAGE_NOACCESS;
+        case KLDRPROT_READONLY:             return PAGE_READONLY;
+        case KLDRPROT_READWRITE:            return PAGE_READWRITE;
+        case KLDRPROT_WRITECOPY:            return PAGE_WRITECOPY;
+        case KLDRPROT_EXECUTE:              return PAGE_EXECUTE;
+        case KLDRPROT_EXECUTE_READ:         return PAGE_EXECUTE_READ;
+        case KLDRPROT_EXECUTE_READWRITE:    return PAGE_EXECUTE_READWRITE;
+        case KLDRPROT_EXECUTE_WRITECOPY:    return PAGE_EXECUTE_WRITECOPY;
+        default:                            return ~(ULONG)0;
+    }
+}
+
+
+/**
+ * Converts a kLdr segment protection to NT protection for a allocation.
+ *
+ * @returns Nt page protection.
+ * @param   enmProt     kLdr protection.
+ */
+static ULONG kldrRdrFileGetNtAllocProt(KLDRPROT enmProt)
+{
+    switch (enmProt)
+    {
+        case KLDRPROT_NOACCESS:             return PAGE_NOACCESS;
+        case KLDRPROT_READONLY:             return PAGE_READONLY;
+        case KLDRPROT_WRITECOPY:
+        case KLDRPROT_READWRITE:            return PAGE_READWRITE;
+        case KLDRPROT_EXECUTE:              return PAGE_EXECUTE;
+        case KLDRPROT_EXECUTE_READ:         return PAGE_EXECUTE_READ;
+        case KLDRPROT_EXECUTE_WRITECOPY:
+        case KLDRPROT_EXECUTE_READWRITE:    return PAGE_EXECUTE_READWRITE;
+        default:                            return ~(ULONG)0;
+    }
+}
+#endif
 
 
@@ -159 +332 @@
  * @param   pFile   The instance data.
  * @param   pv      The base of the region.
- * @param   cb      The size of the region.
  */
-static PKLDRRDRFILEPREP kldrRdrFileFindPrepExact(PKLDRRDRFILE pFile, void *pv, size_t cb)
+static PKLDRRDRFILEPREP kldrRdrFileFindPrepExact(PKLDRRDRFILE pFile, void *pv)
 {
     int32_t i = pFile->cPreps;
     while (i-- > 0)
-        if (    pFile->aPreps[i].pv == pv
-            ||  pFile->aPreps[i].cb == cb)
+        if (pFile->aPreps[i].pv == pv)
             return &pFile->aPreps[i];
     return NULL;
@@ -172 +343 @@
 
 
-/**
- * Finds a prepared mapping region containing the specified region.
- *
- * @returns Pointer to the aPrep entry.
- * @param   pFile   The instance data.
- * @param   pv      The base of the sub region.
- * @param   cb      The size of the sub region.
- */
-static PKLDRRDRFILEPREP kldrRdrFileFindPrepWithin(PKLDRRDRFILE pFile, void *pv, size_t cb)
-{
-    int32_t i = pFile->cPreps;
-    while (i-- > 0)
-        if ((uintptr_t)pv - (uintptr_t)pFile->aPreps[i].pv < pFile->aPreps[i].cb)
-        {
-            if ((uintptr_t)pv - (uintptr_t)pFile->aPreps[i].pv + cb <= pFile->aPreps[i].cb)
-                return &pFile->aPreps[i];
-            return NULL;
-        }
-    return NULL;
-}
-
-
-/** @copydoc KLDRRDR::pfnUnprepare */
-static int      kldrRdrFileUnprepare(PKLDRRDR pRdr, void *pv, size_t cb)
+/** @copydoc KLDRRDR::pfnUnmap */
+static int      kldrRdrFileUnmap(PKLDRRDR pRdr, void *pvBase, uint32_t cSegments, PCKLDRSEG paSegments)
 {
     PKLDRRDRFILE        pRdrFile = (PKLDRRDRFILE)pRdr;
-    PKLDRRDRFILEPREP    pPrep = kldrRdrFileFindPrepExact(pRdrFile, pv, cb);
+    PKLDRRDRFILEPREP    pPrep = kldrRdrFileFindPrepExact(pRdrFile, pvBase);
+    int                 rc;
     if (!pPrep)
         return KLDR_ERR_INVALID_PARAMETER;
 
-    return -1;
-}
-
-
-/** @copydoc KLDRRDR::pfnUnmap */
-static int      kldrRdrFileUnmap(PKLDRRDR pRdr, void *pv, size_t cb)
+#if defined(__WIN__) || defined(__NT__)
+    if (pPrep->hSection != NULL)
+    {
+        /** @todo implement me. */
+        return -1;
+    }
+#endif
+
+    rc = kldrRdrFileGenericUnmap(pRdr, pPrep, cSegments, paSegments);
+
+    /* remove the mapping data on success. */
+    if (!rc)
+    {
+        pRdrFile->cPreps--;
+        if (pPrep != &pRdrFile->aPreps[pRdrFile->cPreps])
+            *pPrep = pRdrFile->aPreps[pRdrFile->cPreps];
+    }
+    return rc;
+}
+
+
+/** Generic implementation of kldrRdrFileUnmap. */
+static int kldrRdrFileGenericUnmap(PKLDRRDR pRdr, PKLDRRDRFILEPREP pPrep, uint32_t cSegments, PCKLDRSEG paSegments)
+{
+    kldrRdrFileGenericProtect(pRdr, pPrep, cSegments, paSegments, 1 /* unprotect */);
+    return kldrHlpPageFree(pPrep->pv, pPrep->cb);
+}
+
+
+/** @copydoc KLDRRDR::pfnProtect */
+static int      kldrRdrFileProtect(PKLDRRDR pRdr, void *pvBase, uint32_t cSegments, PCKLDRSEG paSegments, unsigned fUnprotectOrProtect)
 {
     PKLDRRDRFILE        pRdrFile = (PKLDRRDRFILE)pRdr;
-    PKLDRRDRFILEPREP    pPrep = kldrRdrFileFindPrepExact(pRdrFile, pv, cb);
+    PKLDRRDRFILEPREP    pPrep = kldrRdrFileFindPrepExact(pRdrFile, pvBase);
     if (!pPrep)
         return KLDR_ERR_INVALID_PARAMETER;
 
-    return -1;
-}
-
-
-/** @copydoc KLDRRDR::pfnProtect */
-static int      kldrRdrFileProtect(PKLDRRDR pRdr, void *pv, size_t cb, KLDRPROT enmProt)
+#if defined(__WIN__) || defined(__NT__)
+    if (pPrep->hSection != NULL)
+    {
+        /** @todo implement me. */
+        return -1;
+    }
+#endif
+
+    return kldrRdrFileGenericProtect(pRdr, pPrep, cSegments, paSegments, fUnprotectOrProtect);
+}
+
+
+/** Generic implementation of kldrRdrFileProtect. */
+static int kldrRdrFileGenericProtect(PKLDRRDR pRdr, PKLDRRDRFILEPREP pPrep, uint32_t cSegments, PCKLDRSEG paSegments, unsigned fUnprotectOrProtect)
+{
+    uint32_t i;
+
+    /*
+     * Iterate the segments and apply memory protection changes.
+     */
+    for (i = 0; i < cSegments; i++)
+    {
+        int rc;
+        void *pv;
+        KLDRPROT enmProt;
+
+        if (paSegments[i].RVA == NIL_KLDRADDR)
+            continue;
+
+        /* calc new protection. */
+        enmProt = paSegments[i].enmProt;
+        if (fUnprotectOrProtect)
+        {
+            switch (enmProt)
+            {
+                case KLDRPROT_NOACCESS:
+                case KLDRPROT_READONLY:
+                case KLDRPROT_READWRITE:
+                case KLDRPROT_WRITECOPY:
+                    enmProt = KLDRPROT_READWRITE;
+                    break;
+                case KLDRPROT_EXECUTE:
+                case KLDRPROT_EXECUTE_READ:
+                case KLDRPROT_EXECUTE_READWRITE:
+                case KLDRPROT_EXECUTE_WRITECOPY:
+                    enmProt = KLDRPROT_EXECUTE_READWRITE;
+                    break;
+                default:
+                    KLDRRDRFILE_ASSERT(!"bad enmProt");
+                    return -1;
+            }
+        }
+        else
+        {
+            /* copy on write -> normal write. */
+            if (enmProt == KLDRPROT_EXECUTE_WRITECOPY)
+                enmProt = KLDRPROT_EXECUTE_READWRITE;
+            else if (enmProt == KLDRPROT_WRITECOPY)
+                enmProt = KLDRPROT_READWRITE;
+        }
+
+        pv = (uint8_t *)pPrep->pv + paSegments[i].RVA;
+
+        rc = kldrHlpPageProtect(pv, paSegments[i].cbMapped, enmProt);
+        if (rc)
+            break;
+    }
+
+    return 0;
+}
+
+
+/** @copydoc KLDRRDR::pfnRefresh */
+static int      kldrRdrFileRefresh(PKLDRRDR pRdr, void *pvBase, uint32_t cSegments, PCKLDRSEG paSegments)
 {
     PKLDRRDRFILE        pRdrFile = (PKLDRRDRFILE)pRdr;
-    PKLDRRDRFILEPREP    pPrep = kldrRdrFileFindPrepExact(pRdrFile, pv, cb);
+    PKLDRRDRFILEPREP    pPrep = kldrRdrFileFindPrepExact(pRdrFile, pvBase);
     if (!pPrep)
         return KLDR_ERR_INVALID_PARAMETER;
 
-    return -1;
-}
-
-
-/** @copydoc KLDRRDR::pfnRefreshMap */
-static int      kldrRdrFileRefreshMap(PKLDRRDR pRdr, void *pv, size_t cb, KLDRPROT enmProt, off_t offFile, size_t cbFile)
+#if defined(__WIN__) || defined(__NT__)
+    if (pPrep->hSection != NULL)
+    {
+        /** @todo implement me. */
+        return -1;
+    }
+#endif
+
+    return kldrRdrFileGenericRefresh(pRdr, pPrep, cSegments, paSegments);
+}
+
+
+/** Generic implementation of kldrRdrFileRefresh. */
+static int      kldrRdrFileGenericRefresh(PKLDRRDR pRdr, PKLDRRDRFILEPREP pPrep, uint32_t cSegments, PCKLDRSEG paSegments)
+{
+    int rc;
+    int rc2;
+    uint32_t i;
+
+    /*
+     * Make everything writable again.
+     */
+    rc = kldrRdrFileGenericProtect(pRdr, pPrep, cSegments, paSegments, 1 /* unprotect */);
+    if (rc)
+    {
+        kldrRdrFileGenericProtect(pRdr, pPrep, cSegments, paSegments, 0 /* protect */);
+        return rc;
+    }
+
+    /*
+     * Clear everything.
+     */
+    /** @todo only zero the areas not covered by raw file bits. */
+    kLdrHlpMemSet(pPrep->pv, 0, pPrep->cb);
+
+    /*
+     * Reload all the segments.
+     * We could possibly skip some segments, but we currently have
+     * no generic way of figuring out which at the moment.
+     */
+    for (i = 0; i < cSegments; i++)
+    {
+        void *pv;
+
+        if (    paSegments[i].RVA == NIL_KLDRADDR
+            ||  !paSegments[i].cbFile)
+            continue;
+
+        pv = (uint8_t *)pPrep->pv + paSegments[i].RVA;
+        rc = pRdr->pOps->pfnRead(pRdr, pv, paSegments[i].cbFile, paSegments[i].offFile);
+        if (rc)
+            break;
+    }
+
+    /*
+     * Protect the bits again.
+     */
+    rc2 = kldrRdrFileGenericProtect(pRdr, pPrep, cSegments, paSegments, 0 /* protect */);
+    if (rc2 && rc)
+        rc = rc2;
+
+    return rc;
+}
+
+
+/** @copydoc KLDRRDR::pfnMap */
+static int      kldrRdrFileMap(PKLDRRDR pRdr, void **ppvBase, uint32_t cSegments, PCKLDRSEG paSegments, unsigned fFixed)
 {
     PKLDRRDRFILE        pRdrFile = (PKLDRRDRFILE)pRdr;
-    PKLDRRDRFILEPREP    pPrep = kldrRdrFileFindPrepExact(pRdrFile, pv, cb);
-    if (!pPrep)
-        return KLDR_ERR_INVALID_PARAMETER;
-
-    return -1;
-}
-
-
-/** @copydoc KLDRRDR::pfnMap */
-static int      kldrRdrFileMap(PKLDRRDR pRdr, void *pv, size_t cb, KLDRPROT enmProt, off_t offFile, size_t cbFile)
-{
-    PKLDRRDRFILE        pRdrFile = (PKLDRRDRFILE)pRdr;
-    PKLDRRDRFILEPREP    pPrep = kldrRdrFileFindPrepExact(pRdrFile, pv, cb);
-    if (!pPrep)
-        return KLDR_ERR_INVALID_PARAMETER;
-
-    return -1;
-}
-
-
-/** @copydoc KLDRRDR:pfnPrepare */
-static int      kldrRdrFilePrepare(PKLDRRDR pRdr, void **ppv, size_t cb, unsigned fFixed)
-{
-#ifdef __OS2__
-
-
-#elif defined(__WIN__)
-
-#else
-# error "port me."
-#endif
-    return -1;
+    PKLDRRDRFILEPREP    pPrep = &pRdrFile->aPreps[pRdrFile->cPreps];
+    KLDRSIZE            cbTotal;
+    const size_t        cbPage = pRdr->pOps->pfnPageSize(pRdr);
+    int                 rc;
+    uint32_t            i;
+
+    if (pRdrFile->cPreps >= KLDR_ELEMENTS(pRdrFile->aPreps))
+        return KLDR_ERR_TOO_MANY_MAPPINGS;
+
+    /*
+     * Calc the total mapping space needed.
+     */
+    cbTotal = 0;
+    for (i = 0; i < cSegments; i++)
+    {
+        KLDRSIZE uRVASegmentEnd;
+        if (paSegments[i].RVA == NIL_KLDRADDR)
+            continue;
+        uRVASegmentEnd = paSegments[i].RVA + paSegments[i].cbMapped;
+        if (cbTotal < uRVASegmentEnd)
+            cbTotal = uRVASegmentEnd;
+    }
+    pPrep->cb = (size_t)cbTotal;
+    if (pPrep->cb != cbTotal)
+        return KLDR_ERR_ADDRESS_OVERFLOW;
+    pPrep->cb = (pPrep->cb + (cbPage - 1)) & ~(cbPage- 1);
+
+#if defined(__WIN__) || defined(__NT__)
+    /*
+     * The NT memory mapped file API sucks in a lot of ways. Unless you're actually
+     * trying to map a PE image and the kernel can parse the file for it self, the
+     * API just isn't up to scratch.
+     *
+     * Problems:
+     *      1. Reserving memory for the views is risky because you can't reserve and
+     *         map into the reserved space. So, other threads might grab the memory
+     *         before we get to it.
+     *      2. The page aligning of file offsets makes it impossible to map most
+     *         executable images since these are commonly sector aligned.
+     *      3. When mapping a read+execute file, its not possible to create section
+     *         larger than the file since the section size is bound to the data file
+     *         size. This wouldn't have been such a problem if it was possible to
+     *         map views beyond the section restriction, i.e. have a file size and
+     *         view size.
+     *      4. Only x86 can map views at page granularity it seems, and that only
+     *         using an undocument flag. The default granularity is 64KB.
+     *      5. There is more crappyness here...
+     *
+     * So, first we'll have to check if we can the file using the crappy NT APIs.
+     * Chances are we can't.
+     */
+    for (i = 0; i < cSegments; i++)
+    {
+        if (paSegments[i].RVA == NIL_KLDRADDR)
+            continue;
+
+        /* The file backing of the segments must be page aligned. */
+        if (    paSegments[i].cbFile
+            &&  paSegments[i].offFile & (cbPage - 1))
+            break;
+
+        /* Only page alignment gaps between the file size and the mapping size. */
+        if (    paSegments[i].cbFile
+            &&  (paSegments[i].cbFile & ~(cbPage - 1)) != (paSegments[i].cbMapped & ~(cbPage - 1)) )
+            break;
+
+        /* The mapping addresses of the segments must be page aligned.
+         * Non-x86 will probably require 64KB alignment here. */
+        if (paSegments[i].RVA & (cbPage - 1))
+            break;
+
+        /* If we do have to allocate the segment it's RVA must be 64KB aligned. */
+        if (    !paSegments[i].cbFile
+            &&  (paSegments[i].RVA & 0xffff))
+            break;
+    }
+    /** @todo if this is a PE image, we might just try a SEC_IMAGE mapping. It'll work if the host and image machines matches. */
+    if (i == cSegments)
+    {
+        /* WOW! it may work out! Incredible! */
+        SIZE_T          ViewSize;
+        LARGE_INTEGER   SectionOffset;
+        LARGE_INTEGER   MaxiumSize;
+        NTSTATUS        Status;
+        PVOID           pv;
+
+        MaxiumSize.QuadPart = pRdr->pOps->pfnSize(pRdr);
+        if (MaxiumSize.QuadPart > (LONGLONG)cbTotal)
+            MaxiumSize.QuadPart = cbTotal;
+
+        Status = NtCreateSection(&pPrep->hSection,
+                                 SECTION_MAP_EXECUTE | SECTION_MAP_READ,    /* desired access */
+                                 NULL,                                      /* object attributes */
+                                 &MaxiumSize,
+                                 PAGE_EXECUTE_WRITECOPY,                    /* page attributes */
+                                 SEC_COMMIT,                                /* section attributes */
+                                 pRdrFile->File);
+        if (!NT_SUCCESS(Status))
+            return (int)Status;
+
+        /*
+         * Determin the base address.
+         */
+        if (fFixed)
+            pPrep->pv = *ppvBase;
+        else
+        {
+            pv = NULL;
+            ViewSize = (size_t)cbTotal;
+
+            Status = NtAllocateVirtualMemory(NtCurrentProcess(),
+                                             &pv,
+                                             0,                             /* ZeroBits */
+                                             &ViewSize,
+                                             MEM_RESERVE,
+                                             PAGE_READONLY);
+            if (NT_SUCCESS(Status))
+            {
+                pPrep->pv = *ppvBase = pv;
+                ViewSize = 0;
+                Status = NtFreeVirtualMemory(NtCurrentProcess(), &pv, &ViewSize, MEM_RELEASE);
+            }
+            if (!NT_SUCCESS(Status))
+            {
+                NtClose(pPrep->hSection);
+                return Status;
+            }
+        }
+
+        /*
+         * Map the segments.
+         */
+        for (i = 0; i < cSegments; i++)
+        {
+            ULONG fPageProt;
+
+            if (paSegments[i].RVA == NIL_KLDRADDR)
+                continue;
+
+            pv = (uint8_t *)pPrep->pv + paSegments[i].RVA;
+            if (paSegments[i].cbFile)
+            {
+                SectionOffset.QuadPart = paSegments[i].offFile;
+                ViewSize = paSegments[i].cbFile;
+                fPageProt = kldrRdrFileGetNtMapProt(paSegments[i].enmProt);
+                // STATUS_MAPPED_ALIGNMENT
+                // STATUS_CONFLICTING_ADDRESSES
+                // STATUS_INVALID_VIEW_SIZE
+                Status = NtMapViewOfSection(pPrep->hSection, NtCurrentProcess(),
+                                            &pv,
+                                            0,                                  /* ZeroBits */
+                                            0,                                  /* CommitSize */
+                                            &SectionOffset,                     /* SectionOffset */
+                                            &ViewSize,
+                                            ViewUnmap,
+                                            MEM_DOS_LIM,                        /* AllocationType */
+                                            fPageProt);
+                /* do we have to zero anything? */
+                if (    NT_SUCCESS(Status)
+                    &&  0/*later*/)
+                {
+                    //ULONG OldPageProt = 0;
+                    //NtProtectVirtualMemory(NtCurrentProcess(), &pv, &ViewSize, ,
+                }
+            }
+            else
+            {
+                ViewSize = paSegments[i].cbMapped;
+                fPageProt = kldrRdrFileGetNtAllocProt(paSegments[i].enmProt);
+                Status = NtAllocateVirtualMemory(NtCurrentProcess(),
+                                                 &pv,
+                                                 0,                             /* ZeroBits */
+                                                 &ViewSize,
+                                                 MEM_COMMIT,
+                                                 fPageProt);
+            }
+            if (!NT_SUCCESS(Status))
+                break;
+        }
+
+        /*
+         * On success, commit the mapping and return.
+         */
+        if (NT_SUCCESS(Status))
+        {
+            pRdrFile->cPreps++;
+            return 0;
+        }
+
+        /* bail out and fall back on the generic code. */
+        while (i-- > 0)
+        {
+            PVOID pv;
+
+            if (paSegments[i].RVA == NIL_KLDRADDR)
+                continue;
+
+            pv = (uint8_t *)pPrep->pv + paSegments[i].RVA;
+            if (paSegments[i].cbFile)
+                NtUnmapViewOfSection(NtCurrentProcess(), pv);
+            else
+                NtFreeVirtualMemory(NtCurrentProcess(), &pv, NULL, MEM_RELEASE);
+        }
+        NtClose(pPrep->hSection);
+    }
+    /* else: fall back to the generic code */
+    pPrep->hSection = NULL;
+#endif
+
+    /*
+     * Use the generic map emulation.
+     */
+    pPrep->pv = fFixed ? *ppvBase : NULL;
+    rc = kldrRdrFileGenericMap(pRdr, pPrep, cSegments, paSegments, fFixed);
+    if (!rc)
+    {
+        *ppvBase = pPrep->pv;
+        pRdrFile->cPreps++;
+    }
+
+    return rc;
+}
+
+
+/** Generic implementation of kldrRdrFileMap. */
+static int  kldrRdrFileGenericMap(PKLDRRDR pRdr, PKLDRRDRFILEPREP pPrep, uint32_t cSegments, PCKLDRSEG paSegments, unsigned fFixed)
+{
+    int rc;
+    uint32_t i;
+
+    /*
+     * Generic mapping code using kldrHlpPageAlloc(), kldrHlpPageFree() and kldrHlpPageProtect().
+     */
+    rc = kldrHlpPageAlloc(&pPrep->pv, pPrep->cb, KLDRPROT_EXECUTE_READWRITE, fFixed);
+    if (rc)
+        return rc;
+
+    /*
+     * Load the data.
+     */
+    for (i = 0; i < cSegments; i++)
+    {
+        void *pv;
+
+        if (    paSegments[i].RVA == NIL_KLDRADDR
+            ||  !paSegments[i].cbFile)
+            continue;
+
+        pv = (uint8_t *)pPrep->pv + paSegments[i].RVA;
+        rc = pRdr->pOps->pfnRead(pRdr, pv, paSegments[i].cbFile, paSegments[i].offFile);
+        if (rc)
+            break;
+    }
+
+    /*
+     * Set segment protection.
+     */
+    if (!rc)
+    {
+        rc = kldrRdrFileGenericProtect(pRdr, pPrep, cSegments, paSegments, 0 /* protect */);
+        if (!rc)
+            return 0;
+        kldrRdrFileGenericProtect(pRdr, pPrep, cSegments, paSegments, 1 /* unprotect */);
+    }
+
+    /* bailout */
+    kldrHlpPageFree(pPrep->pv, pPrep->cb);
+    return rc;
 }
 
@@ -572 +1112 @@
     SecAttr.lpSecurityDescriptor = NULL;
     SecAttr.nLength = 0;
-    File = CreateFile(pszFilename, GENERIC_READ, FILE_SHARE_READ, &SecAttr, OPEN_ALWAYS, 0, NULL);
+    File = CreateFile(pszFilename, GENERIC_READ | GENERIC_EXECUTE, FILE_SHARE_READ, &SecAttr, OPEN_ALWAYS, 0, NULL);
     if (File == INVALID_HANDLE_VALUE)
         return GetLastError();