Is there a reason why you think the Mdl you’ve received here has not
already been probed and locked?
I think you are seeing the AV here because the VirtualAddress used to
initialize this Mdl was a user mode address that is no longer valid in
your current process context. The Mdl must be probed and locked in the
context where it is allocated because in any other context the virtual
address is probably not valid.
In reading the MmMapLockedPagesSpecifyCache documentation, I can see how
you could arrive at your conclusion that you must call
MmProbeAndLockPages. It says that the caller must have already probed
and locked the Mdl, but what it really means is that the Mdl must have
already been probed and locked - who did it isn’t important. If a
higher filter created the Mdl and set it in the IRP (it should have
probed and locked it as part of this process), that is sufficient
preparation to call MmMapLockedPagesSpecifyCache.
Take a look at the routines FatLockUserBuffer() and FatMapUserBuffer()
in the fastfat sources of the IFS Kit for a pretty clean example of how
this works. FatLockUserBuffer() to setup the Mdl when an IRP is going
to be posted to a worker thread. FatMapUserBuffer() is called in the
operation itself once the real work of the operation has begun to get
the appropriate buffer to use. It either gets the buffer from the
Irp->UserBuffer or from the Irp->MdlAddress by calling
MmGetSystemAddressForMdlSafe. For NT 4.0 support, you just need to do
your macro expansion for MmGetSystemAddressForMdlSafe like you do below.
Regards,
Molly Brown
Microsoft Corporation
This posting is provided “AS IS” with no warranties and confers no
rights.
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Ladislav Zezula
Sent: Thursday, December 02, 2004 11:36 PM
To: Windows File Systems Devs Interest List
Subject: Re: [ntfsd] How to use MmMapLockedPagesSpecifyCache
Thank you, Molly, for the response.
Here are more details:
My filter calls CcCopyRead on behalf of cached IRP_MJ_READ request.
Before the call of CcCopyRead, the filter needs to “map”
the user buffer (See the snipet of the code at the end of this mail).
The “Operation”, passed to MmProbeAndLockPages for this case is
IoWriteAccess (I expect that on IRP_MJ_READ, I must have write access to
the page, on IRP_MJ_WRITE, I must have read access to the page).
Maybe you will recognize that the code around call of
MmMapLockedPagesSpecifyCache is actually the macro
"MmGetSystemAddressForMdlSafe, changed so it uses pointer
“pMmGetSystemAddressForMdlSafe”, which is dynamically retrieved address
from the kernel (the driver must run on Windows NT 4.0 too)
MmProbeAndLockPages throws the access violation exception (0xC0000005).
if (Irp->MdlAddress == NULL)
{
return Irp->UserBuffer;
}
else
{
// Windows 2000+
if(pMmMapLockedPagesSpecifyCache != NULL)
{
MmProbeAndLockPages(Irp->MdlAddress,
KernelMode,
Operation);
IrpContext->LockedCount++;
if(Irp->MdlAddress->MdlFlags & (MDL_MAPPED_TO_SYSTEM_VA |
MDL_SOURCE_IS_NONPAGED_POOL))
{
IrpContext->LockedBuffer =
Irp->MdlAddress->MappedSystemVa;
}
else
{
IrpContext->LockedBufferMdl = Irp->MdlAddress;
IrpContext->LockedBuffer =
pMmMapLockedPagesSpecifyCache(
Irp->MdlAddress,
KernelMode,
MmCached,
NULL,
FALSE,
NormalPagePriority);
}
}
else
{
IrpContext->LockedBuffer =
MmGetSystemAddressForMdl(Irp->MdlAddress);
}
}
L.
Questions? First check the IFS FAQ at
https://www.osronline.com/article.cfm?id=17
You are currently subscribed to ntfsd as: xxxxx@windows.microsoft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com