Windows System Software -- Consulting, Training, Development -- Unique Expertise, Guaranteed Results

Home NTDEV

Before Posting...

Please check out the Community Guidelines in the Announcements and Administration Category.

More Info on Driver Writing and Debugging


The free OSR Learning Library has more than 50 articles on a wide variety of topics about writing and debugging device drivers and Minifilters. From introductory level to advanced. All the articles have been recently reviewed and updated, and are written using the clear and definitive style you've come to expect from OSR over the years.


Check out The OSR Learning Library at: https://www.osr.com/osr-learning-library/


send MDL from network buffer to user via IRP

ArsenArsen Member Posts: 61

Hello.
Can I send MDLs from network buffer (FilterSendNetBufferLists procedure from NDIS filter driver) to user using IRP->MdlAddress without copying the entire Mdl.
Uncompleted (pending) Irp IrpFromUser->MdlAddress = pNB->NetBufferHeader.MdlChain;
IoCompleteRequest(IrpFromUser,IO_NO_INCREENT);
Thank you.

Comments

  • ArsenArsen Member Posts: 61

    Can I send outgoing buffers from the NDIS network driver (from NET_BUFFER.MdlChain) to the user via Irp->MdlAddress. Is that enough, or should I also copy all mdl buffers. Where can I find an example doing something similar.

  • Tim_RobertsTim_Roberts Member - All Emails Posts: 14,445

    No. You're not thinking about what you're asking. When a request originates from user-mode, the user has specified a virtual address within its process. Assuming it is a direct I/O request, Irp->MdlAddress describes the physical pages of that user buffer. The "virtual address" within the MDL is the virtual address in that process. Those physical addresses are system-wide, but the virtual address is only valid within the originating process.

    All the user process knows is the virtual address. If you just plop a new MDL into the IRP, the physical pages in that MDL have nothing to do with the user's virtual address, and are probably not mapped into the other process at all. When the IRP is completed, the user is going to find that his buffer is unchanged, because those pages were not touched. And when the IRP is cleaned up, things probably explode because the fields are inconsistent.

    Short answer, don't do that. You must copy the bytes into the other process.

    Tim Roberts, [email protected]
    Providenza & Boekelheide, Inc.

  • ArsenArsen Member Posts: 61
    edited January 17

    Thank You. Now I am trying to understand everything You wrote

  • ArsenArsen Member Posts: 61

    Can I copy the contents of the MDL to system space memory and share that memory with the user

  • ArsenArsen Member Posts: 61
    edited January 17

    Could you please explain in more detail how to copy the bytes to another process. Do you mean the process in user mode, the originator of DeviceIoControl request.

  • Tim_RobertsTim_Roberts Member - All Emails Posts: 14,445

    As a driver, you just need to remember that a user-mode address is only valid when that process is the current process. Otherwise, you have the wrong page tables. You have two buffers to worry about: the buffer from your net packets, and the buffer from the monitoring application (which arrived via DeviceIoControl). The buffer from the net packets has probably already been mapped into kernel memory, and if the ioctl is Direct I/O, its buffer has also been mapped into kernel memory. When you have two kernel addresses, you can copy the data, and then complete the ioctl. As an overly general rule, you won't use the MDL unless you're doing DMA.

    Tim Roberts, [email protected]
    Providenza & Boekelheide, Inc.

  • ArsenArsen Member Posts: 61
    edited January 18

    hank you Mr. Tim_Roberts. Until now, I couldn't figure out why MdlAddress is a member of the Irp structure. Now I know that one of its uses is related to DMA. Now I have one more question. When I make an Irq request from a user program, at that time I don't know the size of the buffer that the driver will return. I can provide a large field as the second buffer for the DeviceIoControl, but this is not a very good solution. Because of this, it will be better to allocate the buffer from the driver. Thank you

  • ArsenArsen Member Posts: 61
    edited January 18

    hank you Mr. Tim_Roberts. Until now, I couldn't figure out why MdlAddress is a member of the Irp structure. Now I know that one of its uses is related to DMA. Now I have one more question. When I make an Irq request from a user program, at that time I don't know the size of the buffer that the driver will return. I can provide a large field as the second buffer for the DeviceIoControl, but this is not a very good solution. Because of this, it will be better to allocate the buffer from inside the driver. Thank you

    Post edited by Arsen on
  • Tim_RobertsTim_Roberts Member - All Emails Posts: 14,445

    it will be better to allocate the buffer from inside the driver.

    You might think so, but that's not how it works. Just allocate a large buffer. I'm not sure why you think it's "not a very good solution". There's no particular penalty, and there's really no alternative. Remember, YOU have to adapt to the WINDOWS I/O system, not the other way around.

    Tim Roberts, [email protected]
    Providenza & Boekelheide, Inc.

  • ArsenArsen Member Posts: 61

    Thank You,mister

Sign In or Register to comment.

Howdy, Stranger!

It looks like you're new here. Sign in or register to get started.

Upcoming OSR Seminars
OSR has suspended in-person seminars due to the Covid-19 outbreak. But, don't miss your training! Attend via the internet instead!
Kernel Debugging 30 January 2023 Live, Online
Developing Minifilters 20 March 2023 Live, Online
Internals & Software Drivers 17 April 2023 Live, Online
Writing WDF Drivers 22 May 2023 Live, Online