IoBuildDeviceIoControlRequest for usermode buffers

Alex_Grig · October 23, 2013, 6:29pm

I need to create a threaded IRP with usermode buffers (as locked MDLs)

So I wonder whether IoBuildDeviceIoControlRequest contains the ProbeForRead/Write, IoAllocateMdl, MmProbeAndLockPages sequence that’s normally performed for METHOD_IN_DIRECT IRPs that originate from usermode DeviceIoControl call. Or I have to do all of that by myself.

Doron_Holan · October 23, 2013, 6:56pm

If you think about it, the API has to allocate the MDL and set up the buffers properly. The one bugger is that the probe and lock passes KernelMode, not UserMode for the Mdl it builds. You could pass NULL for the OutputBuffer that the MDL will be built around and after a successful call, allocate MDL /probe and lock with UserMode on your own. Or probe and lock before the call and pass the KM pointer as the OutputBuffer and let the API probe and lock again

-----Original Message-----
From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of xxxxx@broadcom.com
Sent: Wednesday, October 23, 2013 3:30 PM
To: Windows System Software Devs Interest List
Subject: [ntdev] IoBuildDeviceIoControlRequest for usermode buffers

I need to create a threaded IRP with usermode buffers (as locked MDLs)

So I wonder whether IoBuildDeviceIoControlRequest contains the ProbeForRead/Write, IoAllocateMdl, MmProbeAndLockPages sequence that’s normally performed for METHOD_IN_DIRECT IRPs that originate from usermode DeviceIoControl call. Or I have to do all of that by myself.

NTDEV is sponsored by OSR

Visit the list at: http://www.osronline.com/showlists.cfm?list=ntdev

OSR is HIRING!! See http://www.osr.com/careers

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer

Alex_Grig · October 23, 2013, 8:32pm

>Or probe and lock before the call and pass the KM pointer as the OutputBuffer and let the API probe and lock again

Does it actually increment the lock number for KM non-paged addresses?

Alex_Grig · October 23, 2013, 8:35pm

The purpose is to keep a usermode buffer locked after the original usermode DeviceIoControl completes, but have the secondary threaded IRP to unlock it when the process dies and the IRP is cancelled.

Maxim_S_Shatskih · October 24, 2013, 12:45pm

> Does it actually increment the lock number for KM non-paged addresses?

I think it was always fine to pass NPP addresses to MmProbeAndLockPages (and later unlock).

Otherwise, ZwRead/WriteFile for NPP would fail.

–
Maxim S. Shatskih
Microsoft MVP on File System And Storage
xxxxx@storagecraft.com
http://www.storagecraft.com