From 40dfee0daae14b39b9a1ff935f677b6aa24ac3f2 Mon Sep 17 00:00:00 2001
From: lhodges1 <lachiehodges7785@gmail.com>
Date: Sun, 27 Aug 2023 16:01:36 +1000
Subject: [PATCH] oh ye oh ye

---
 driver/pool.c | 16 ++++++----------
 1 file changed, 6 insertions(+), 10 deletions(-)

diff --git a/driver/pool.c b/driver/pool.c
index df4acfc..4ea5b5e 100644
--- a/driver/pool.c
+++ b/driver/pool.c
@@ -168,14 +168,14 @@ VOID WalkKernelPageTables()
 		return;
 	}
 
-	cr3.BitAddress = __readcr3();
-
-	//KeRaiseIrql( DISPATCH_LEVEL, &irql );
-
-	PAGED_CODE();
+	/* raise our irql to ensure we arent preempted by NOOB threads */
+	KeRaiseIrql( DISPATCH_LEVEL, &irql );
 
+	/* disable interrupts to prevent any funny business occuring */
 	_disable();
 
+	cr3.BitAddress = __readcr3();
+
 	physical.QuadPart = cr3.Bits.PhysicalAddress << PAGE_4KB_SHIFT;
 
 	pml4_base.BitAddress = MmGetVirtualForPhysical( physical );
@@ -258,10 +258,6 @@ VOID WalkKernelPageTables()
 					if ( base_virtual_page == NULL || !MmIsAddressValid( base_virtual_page ) )
 						continue;
 
-					/* this probably isnt needed but whatevs */
-					//if ( base_virtual_page < 0xfffff80000000000 || base_virtual_page > 0xffffffffffffffff )
-					//	continue;
-
 					ScanPageForProcessAllocations( base_virtual_page, PAGE_BASE_SIZE );
 				}
 			}
@@ -270,7 +266,7 @@ VOID WalkKernelPageTables()
 
 	_enable();
 
-	//KeLowerIrql( irql );
+	KeLowerIrql( irql );
 
 	DEBUG_LOG( "Finished scanning memory" );