Freeing physical pages mapped in the MDL

Jay_Kumar · July 24, 2023, 3:26pm

Hi All,

I have question regarding freeing of physical pages mapped to MDL using this function MmFreePagesFromMdl.
I have a code flow like this.

User mode allocates a memory and invokes IOCTL (Direct_IN)
My driver finds the physical pages passed in the MDL structure from IRP
Programs the device using the physical pages
Then try to deallocate the memory occupied by the physical pages

Does this cause any memory corruption or access violation since the I feel the system also will try to free the physical pages when completing the IRP request.

Any pointer will be appreciated…

Thanks,

Mark_Roddy · July 24, 2023, 8:48pm

Yeah, you didn’t allocate those pages so don’t free them.

Tim_Roberts · July 25, 2023, 1:39am

You don’t own that memory, so of course you are not allowed to free the pages. They will be freed by the owner.

And please remember that even with METHOD_IN_DIRECT, the first buffer in the DeviceIoControl call is COPIED into kernel memory. It is only the second buffer that is mapped.