From c4e6cbbd175a548061a1c5410b6b5d30faff1db5 Mon Sep 17 00:00:00 2001
From: xerox <xerox@hacks.ltd>
Date: Fri, 17 Jul 2020 00:31:15 -0700
Subject: [PATCH] tracking all mapped memory, CloseHandle!

---
 physmeme-lib/physmeme/physmeme.hpp | 35 +++++++++++++++++++++--------
 physmeme/physmeme/physmeme.hpp     | 36 +++++++++++++++++++++---------
 2 files changed, 52 insertions(+), 19 deletions(-)

diff --git a/physmeme-lib/physmeme/physmeme.hpp b/physmeme-lib/physmeme/physmeme.hpp
index e86b9b0..d4b2732 100644
--- a/physmeme-lib/physmeme/physmeme.hpp
+++ b/physmeme-lib/physmeme/physmeme.hpp
@@ -19,17 +19,23 @@ typedef struct _GIOMAP
 } GIOMAP;
 #pragma pack ( pop )
 
+#define MAP_PHYS 0xC3502004
+#define UNMAP_PHYS 0xC3502008
+
 namespace physmeme
 {
 	inline std::string drv_key;
 	inline HANDLE drv_handle = NULL;
 
+	// keep track of mappings.
+	inline std::vector<std::pair<std::uintptr_t, std::uint32_t >> virtual_mappings;
+
 	//
 	// please code this function depending on your method of physical read/write.
 	//
 	inline bool load_drv()
 	{
-		const auto [result, key] = 
+		const auto [result, key] =
 			driver::load(
 				raw_driver,
 				sizeof(raw_driver)
@@ -38,11 +44,11 @@ namespace physmeme
 		drv_key = key;
 		drv_handle = CreateFile(
 			"\\\\.\\GIO",
-			GENERIC_READ | GENERIC_WRITE, 
+			GENERIC_READ | GENERIC_WRITE,
 			NULL,
 			NULL,
-			OPEN_EXISTING, 
-			FILE_ATTRIBUTE_NORMAL, 
+			OPEN_EXISTING,
+			FILE_ATTRIBUTE_NORMAL,
 			NULL
 		);
 		return drv_handle;
@@ -53,7 +59,7 @@ namespace physmeme
 	//
 	inline bool unload_drv()
 	{
-		return driver::unload(drv_key);
+		return CloseHandle(drv_handle) && driver::unload(drv_key);
 	}
 
 	//
@@ -71,8 +77,10 @@ namespace physmeme
 		GIOMAP in_buffer = { 0, 0, addr, 0, size };
 		uintptr_t out_buffer[2] = { 0 };
 		unsigned long returned = 0;
-		DeviceIoControl(drv_handle, 0xC3502004, reinterpret_cast<LPVOID>(&in_buffer), sizeof(in_buffer),
+		DeviceIoControl(drv_handle, MAP_PHYS, reinterpret_cast<LPVOID>(&in_buffer), sizeof(in_buffer),
 			reinterpret_cast<LPVOID>(out_buffer), sizeof(out_buffer), &returned, NULL);
+
+		virtual_mappings.emplace_back(std::pair<std::uintptr_t, std::size_t>(out_buffer[0], size));
 		return out_buffer[0];
 	}
 
@@ -85,11 +93,20 @@ namespace physmeme
 	)
 	{
 		uintptr_t in_buffer = addr;
-		uintptr_t out_buffer[2] = {sizeof(out_buffer)};
+		uintptr_t out_buffer[2] = { sizeof(out_buffer) };
 
 		unsigned long returned = NULL;
-		DeviceIoControl(drv_handle, 0xC3502008, reinterpret_cast<LPVOID>(&in_buffer), sizeof(in_buffer),
+		DeviceIoControl(drv_handle, UNMAP_PHYS, reinterpret_cast<LPVOID>(&in_buffer), sizeof(in_buffer),
 			reinterpret_cast<LPVOID>(out_buffer), sizeof(out_buffer), &returned, NULL);
 		return out_buffer[0];
 	}
-}
+
+	//
+	// unmap all physical memory that was mapped.
+	//
+	inline void unmap_all()
+	{
+		for (auto idx = 0u; idx < virtual_mappings.size(); ++idx)
+			unmap_phys(virtual_mappings[idx].first, virtual_mappings[idx].second);
+	}
+}
\ No newline at end of file
diff --git a/physmeme/physmeme/physmeme.hpp b/physmeme/physmeme/physmeme.hpp
index 49b7979..d4b2732 100644
--- a/physmeme/physmeme/physmeme.hpp
+++ b/physmeme/physmeme/physmeme.hpp
@@ -19,30 +19,36 @@ typedef struct _GIOMAP
 } GIOMAP;
 #pragma pack ( pop )
 
+#define MAP_PHYS 0xC3502004
+#define UNMAP_PHYS 0xC3502008
+
 namespace physmeme
 {
 	inline std::string drv_key;
 	inline HANDLE drv_handle = NULL;
 
+	// keep track of mappings.
+	inline std::vector<std::pair<std::uintptr_t, std::uint32_t >> virtual_mappings;
+
 	//
 	// please code this function depending on your method of physical read/write.
 	//
 	inline bool load_drv()
 	{
-		const auto [result, key] = 
+		const auto [result, key] =
 			driver::load(
-				raw_driver, 
+				raw_driver,
 				sizeof(raw_driver)
 			);
 
 		drv_key = key;
 		drv_handle = CreateFile(
 			"\\\\.\\GIO",
-			GENERIC_READ | GENERIC_WRITE, 
+			GENERIC_READ | GENERIC_WRITE,
 			NULL,
 			NULL,
-			OPEN_EXISTING, 
-			FILE_ATTRIBUTE_NORMAL, 
+			OPEN_EXISTING,
+			FILE_ATTRIBUTE_NORMAL,
 			NULL
 		);
 		return drv_handle;
@@ -71,10 +77,11 @@ namespace physmeme
 		GIOMAP in_buffer = { 0, 0, addr, 0, size };
 		uintptr_t out_buffer[2] = { 0 };
 		unsigned long returned = 0;
-		DeviceIoControl(drv_handle, 0xC3502004, reinterpret_cast<LPVOID>(&in_buffer), sizeof(in_buffer),
+		DeviceIoControl(drv_handle, MAP_PHYS, reinterpret_cast<LPVOID>(&in_buffer), sizeof(in_buffer),
 			reinterpret_cast<LPVOID>(out_buffer), sizeof(out_buffer), &returned, NULL);
-		return out_buffer[0];
 
+		virtual_mappings.emplace_back(std::pair<std::uintptr_t, std::size_t>(out_buffer[0], size));
+		return out_buffer[0];
 	}
 
 	//
@@ -86,11 +93,20 @@ namespace physmeme
 	)
 	{
 		uintptr_t in_buffer = addr;
-		uintptr_t out_buffer[2] = {sizeof(out_buffer)};
+		uintptr_t out_buffer[2] = { sizeof(out_buffer) };
 
 		unsigned long returned = NULL;
-		DeviceIoControl(drv_handle, 0xC3502008, reinterpret_cast<LPVOID>(&in_buffer), sizeof(in_buffer),
+		DeviceIoControl(drv_handle, UNMAP_PHYS, reinterpret_cast<LPVOID>(&in_buffer), sizeof(in_buffer),
 			reinterpret_cast<LPVOID>(out_buffer), sizeof(out_buffer), &returned, NULL);
 		return out_buffer[0];
 	}
-}
+
+	//
+	// unmap all physical memory that was mapped.
+	//
+	inline void unmap_all()
+	{
+		for (auto idx = 0u; idx < virtual_mappings.size(); ++idx)
+			unmap_phys(virtual_mappings[idx].first, virtual_mappings[idx].second);
+	}
+}
\ No newline at end of file