Creating partial MDL recursively;

NTDEV
1

Is it OK to build partial MDL recursively like the following:. Thanks.

  1. Irp is received by my driver.

  2. I build Irp1 from it.

PCHAR buffer1 = MmGetMdlVirtualAddress (Irp->MdlAddress) + offset1;
Irp1->MdlAddress = IoAllocateMdl (buffer1
numOfBytes1,
FALSE,
FALSE,
NULL);
IoBuildPartialMdl (Irp->MdlAddress,
Irp1->MdlAddress,
buffer1,
numOfBytes1);

// map the buffer to the kernel space
buffer1 = MmGetSystemAddressForMdlSafe (Irp1->MdlAddress, NormalPagePriority)
// then do some read/write – is it OK??
if (0x0 == buffer1[0] ) {
buffer1[0] = 0xAA;
}

  1. Then I build Irp2 from Irp1:
    PCHAR buffer2 = MmGetMdlVirtualAddress (Irp1->MdlAddress) + offset2;
    Irp2->MdlAddress = IoAllocateMdl (buffer2
    numOfBytes2,
    FALSE,
    FALSE,
    NULL);
    IoBuildPartialMdl (Irp1->MdlAddress,
    Irp2->MdlAddress,
    buffer2,
    numOfBytes2);
    // map the buffer to the kernel space
    buffer2 = MmGetSystemAddressForMdlSafe (Irp2->MdlAddress, NormalPagePriority)
    // then do some read/write – is it OK??
    if (0x0 == buffer2[0]) {
    buffer2[0] = 0xBB;
    }
2

xxxxx@yahoo.com wrote:

Is it OK to build partial MDL recursively like the following:. Thanks.

  1. Irp is received by my driver.

  2. I build Irp1 from it.

PCHAR buffer1 = MmGetMdlVirtualAddress (Irp->MdlAddress) + offset1;
Irp1->MdlAddress = IoAllocateMdl (buffer1
numOfBytes1,
FALSE,
FALSE,
NULL);
IoBuildPartialMdl (Irp->MdlAddress,
Irp1->MdlAddress,
buffer1,
numOfBytes1);

// map the buffer to the kernel space
buffer1 = MmGetSystemAddressForMdlSafe (Irp1->MdlAddress, NormalPagePriority)
// then do some read/write – is it OK??
if (0x0 == buffer1[0] ) {
buffer1[0] = 0xAA;
}

Why would you do this? If there’s an MDL, then it’s ALREADY mapped into
kernel space. There is no reason to map it again. Why not just pass
around the pointer?


Tim Roberts, xxxxx@probo.com
Providenza & Boekelheide, Inc.

3

Hi Tim, my question was: is it ok to build a partial MDL from another partial MDL? And is it OK to write/read to a buffer obtained from MmGetSystemAddressForMdlSafe (Irp->MdlAddress, NormalPagePriority) where Irp->MdlAdress was built using IoBuildPartialMdl? I think twice occurrence of MmGetSystemAddressForMdlSafe (Irp1->MdlAddress, NormalPagePriority) gave the wrong impression about my question :frowning:

I want to split the original Irp so I need to build partial MDLs.

4

Yes I believe that should be fine.

-p

-----Original Message-----
From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of xxxxx@yahoo.com
Sent: Friday, October 24, 2008 2:22 PM
To: Windows System Software Devs Interest List
Subject: RE:[ntdev] Creating partial MDL recursively;

Hi Tim, my question was: is it ok to build a partial MDL from another partial MDL? And is it OK to write/read to a buffer obtained from MmGetSystemAddressForMdlSafe (Irp->MdlAddress, NormalPagePriority) where Irp->MdlAdress was built using IoBuildPartialMdl? I think twice occurrence of MmGetSystemAddressForMdlSafe (Irp1->MdlAddress, NormalPagePriority) gave the wrong impression about my question :frowning:

I want to split the original Irp so I need to build partial MDLs.

NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer

5

> Is it OK to build partial MDL recursively like the following:. Thanks.

Yes, this is OK, but note that the partial MDL must be destroyed before
its master MDL, otherwise, you have good chances of experiencing
PFN_LIST_CORRUPT BSOD.


Maxim S. Shatskih
Windows DDK MVP
xxxxx@storagecraft.com
http://www.storagecraft.com

6

> If there’s an MDL, then it’s ALREADY mapped into kernel space.

No - it is just probed and locked, so that pages that MDL describes are not going to get swapped to the disk. However, unless it describes memory from non-paged pool, it is not yet mapped to the system space…

Anton Bassov

7

> No - it is just probed and locked, so that pages that MDL describes are

not going to get swapped to the disk.
However, unless it describes memory from non-paged pool, it is not yet
mapped to the system space…

More on MDLs.

You can construct the MDL using one of 4 methods:

  • MmProbeAndLockPages
  • MmBuildMdlForNonPagedPool
  • IoBuildPartialMdl
  • MmAllocatePagesForMdl

Among these, only a) MmBuildMdlForNonPagedPool MDLs and b) IoBuildPartialMdl
MDLs constructed when the master MDL is already mapped - are automatically
mapped. The rest require MmGetSystemAddressForMdlSafe call.

So, partial MDLs can be of 2 kinds a) created when the master was mapped b)
created when the master was NOT mapped.

The a) kind reuses the master’s system PTEs, is already mapped just after
IoBuildPartialMdl, MmGetSystemAddressForMdlSafe is no-op.

The b) kind requires MmGetSystemAddressForMdlSafe to be mapped.

There is a “partial-has-been-mapped” flag in ->Flags to distinguish a) and
b).


Maxim S. Shatskih
Windows DDK MVP
xxxxx@storagecraft.com
http://www.storagecraft.com