From c608b60a1bbebb28ff2c8516c1b4aaadcb4179cf Mon Sep 17 00:00:00 2001
From: Maschell <Maschell@gmx.de>
Date: Sat, 6 Nov 2021 17:06:31 +0100
Subject: [PATCH] Patch KiGetOrPutUserData to allows usage of our mapped memory
 inside kernel

---
 source/function_replacements.cpp | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/source/function_replacements.cpp b/source/function_replacements.cpp
index 543e3d6..d9a2fd8 100644
--- a/source/function_replacements.cpp
+++ b/source/function_replacements.cpp
@@ -53,6 +53,23 @@ DECL_FUNCTION(uint32_t, KiIsEffectiveRangeValid, uint32_t addressSpace, uint32_t
     return result;
 }
 
+
+#define k_memcpy ((void (*)( void*, void*,uint32_t))(0xfff09e44))
+
+DECL_FUNCTION(uint32_t, KiGetOrPutUserData, void *src, uint32_t size, void *dst, bool isRead) {
+    // 
+    if (isRead && MemoryMapping_EffectiveToPhysical((uint32_t) src) > 0) {
+        k_memcpy(dst, src, size);
+        return 1;
+    } else if (!isRead && MemoryMapping_EffectiveToPhysical((uint32_t) dst) > 0) {
+        // src and dst are swapped here
+        k_memcpy(src, dst, size);
+        return 1;
+    }
+
+    return real_KiGetOrPutUserData(src, size, dst, isRead);
+}
+
 function_replacement_data_t function_replacements[] __attribute__((section(".data"))) = {
         REPLACE_FUNCTION_VIA_ADDRESS(sCheckDataRange,                       0x3200cf60, 0x0100cf60),
         REPLACE_FUNCTION_VIA_ADDRESS(KiEffectiveToPhysical,                 0xffee0aac, 0xffee0aac),
@@ -60,6 +77,7 @@ function_replacement_data_t function_replacements[] __attribute__((section(".dat
         REPLACE_FUNCTION_VIA_ADDRESS(KiPhysicalToEffectiveUncached,         0xffee0a80, 0xffee0a80),
         REPLACE_FUNCTION_VIA_ADDRESS(KiIsEffectiveRangeValid,               0xffee0d6c, 0xffee0d6c),
         REPLACE_FUNCTION_VIA_ADDRESS(IPCKDriver_ValidatePhysicalAddress,    0xfff0cb5c, 0xfff0cb5c),
+        REPLACE_FUNCTION_VIA_ADDRESS(KiGetOrPutUserData,                    0xffee0794, 0xffee0794),
 };
 
 uint32_t function_replacements_size __attribute__((section(".data"))) = sizeof(function_replacements) / sizeof(function_replacement_data_t);
\ No newline at end of file