From d7ee2f9afc22aa95be3162ce29c331e425925dee Mon Sep 17 00:00:00 2001
From: Dibyamartanda Samanta <dibyaxp@noreply.codingworkshop.git>
Date: Wed, 7 Aug 2024 10:38:18 +0200
Subject: [PATCH] [NTOSKRNL:CC] CcMapDataForOverwrite

Implemented CcMapDataForOverwrite
---
 NTOSKRNL/CC/ccpinsupport.cpp | 62 ++++++++++++++++++++++++++++++++++++
 1 file changed, 62 insertions(+)

diff --git a/NTOSKRNL/CC/ccpinsupport.cpp b/NTOSKRNL/CC/ccpinsupport.cpp
index 49072ba..fe396f8 100644
--- a/NTOSKRNL/CC/ccpinsupport.cpp
+++ b/NTOSKRNL/CC/ccpinsupport.cpp
@@ -60,6 +60,68 @@ CcAllocateObcb(
     return NewObcb;
 }
 
+VOID 
+VECTORCALL 
+CcMapDataForOverwrite(
+    PFILE_OBJECT FileObject,
+    PLARGE_INTEGER FileOffset,
+    ULONG Length,
+    PVOID *Bcb,
+    PVOID *Buffer)
+{
+    NTSTATUS status = STATUS_SUCCESS;
+    PETHREAD currentThread = nullptr;
+    PSHARED_CACHE_MAP sharedCacheMap = nullptre;
+    ULONG pageCount = {0};
+    PVOID outBcb = nullptr;
+    PVOID localBuffer = nullptr;
+    ULONG savedState = {0};
+    ULONG readClusterSize = {0};
+
+  
+    pageCount = (Length >> PAGE_SHIFT) + (((FileOffset->LowPart & PAGE_OFFSET) + 4095 + (Length & PAGE_OFFSET)) >> PAGE_SHIFT);
+    currentThread = (PETHREAD)KeGetCurrentThread();
+    sharedCacheMap = (PSHARED_CACHE_MAP)FileObject->SectionObjectPointer->SharedCacheMap;
+
+    if ((sharedCacheMap->Flags & 0x20000) == 0)
+    {
+        SpinLockGuard lockGuard(LockQueueMasterLock);
+        sharedCacheMap->Flags |= 0x20000;
+      
+    }
+
+    savedState = currentThread->CacheManagerActive + 2 * currentThread->ReadClusterSize;
+    readClusterSize = currentThread->ReadClusterSize;
+
+    CcMapDataCommon(FileObject, FileOffset, Length, TRUE, &outBcb, &localBuffer);
+  
+
+    auto SystemCacheAddress = *localBuffer;
+    ULONG remainingPages = pageCount;
+
+    while (remainingPages)
+    {
+        currentThread->CacheManagerActive = 1;
+        if (--remainingPages > readClusterSize)
+        {
+            currentThread->ReadClusterSize = (remainingPages > 0xF) ? 15 : remainingPages;
+        }
+
+        if (!MmCheckCachedPageState(SystemCacheAddress,true))
+        {
+            MmCheckCachedPageState(SystemCacheAddress,false);
+        }
+
+         SystemCacheAddress += 4096;
+    }
+
+    currentThread->CacheManagerActive = savedState & 1;
+    currentThread->ReadClusterSize = savedState >> 1;
+    *Bcb = outBcb;
+    *Buffer = localBuffer;
+
+}
+
 VOID
 NTAPI
 CcSetDirtyPinnedData(