NtFlushVirtualMemory - NtDoc

Native API online documentation, based on the System Informer (formerly Process Hacker) phnt headers 
#ifndef _NTMMAPI_H
// Virtual memory
#if (PHNT_MODE != PHNT_MODE_KERNEL)

NTSYSCALLAPI
NTSTATUS
NTAPI
NtFlushVirtualMemory(
    _In_ HANDLE ProcessHandle,
    _Inout_ PVOID *BaseAddress,
    _Inout_ PSIZE_T RegionSize,
    _Out_ PIO_STATUS_BLOCK IoStatus
    );

#endif
#endif

View code on GitHub
#ifndef _NTZWAPI_H

NTSYSCALLAPI
NTSTATUS
NTAPI
ZwFlushVirtualMemory(
    _In_ HANDLE ProcessHandle,
    _Inout_ PVOID *BaseAddress,
    _Inout_ PSIZE_T RegionSize,
    _Out_ PIO_STATUS_BLOCK IoStatus
    );

#endif

View code on GitHub

This function is documented in Windows Driver Kit.

NtFlushVirtualMemory flushes mapped section view to file.

ProcessHandle

HANDLE of process containing mapped view of section to flush.

*BaseAddress

Pointer to PVOID value containing address of memory area to flush.
On output this value is rounded to Page Size (0x1000).

NumberOfBytesToFlush

Pointer to ULONG value specifying length of area to flush. On output this value is rounded up to Page Size (0x1000).

IoStatusBlock

Pointer to IO_STATUS_BLOCK structure. After call Information member contains the same value as NumberOfBytesToFlush parameter.

WARNING: Two (or more) memory pages mapped in different calls of NtMapViewOfSection cannot be flushed in one function call, even if both has the same SECTION as a source.

Documented by

See also

Edit description on GitHub