memory access scheme - continuation

Pavel_S · December 5, 2014, 6:25pm

Hello,

Some time ago I started following topic: http://www.osronline.com/showThread.cfm?link=261179
Thank you very much for answer and explanation.

It seems I cannot continue this thread so I’m starting next one.

Now I would like to focus on __try/__except block during accessing user mode memory from kernel mode.

What means “invalid address” in such case?
I understand that address of memory that is currently paged out is not part of “invalid” range? Is that correct?
If above is correct - do I need __try/__except when accessing “valid” user mode address, but one that is paged out? To image such situation - let’s assume some Ps* callback we want to read PE header of image. I understand that having baseaddress in LoadImage callback is valid (because under this address some image has been mapped), but this memory (in theory) can be paged out. Does it mean to access this memory at passive level - I need to have __try/__expcept? Ok. I understand that adding it to code costs nothing and gives better protection against bad situations… but it is just an example.

Thank you for answers.

Peter_Viscarola_OSR · December 6, 2014, 9:51am

Any invalid access to the virtual address, such as attempting to access an address for which there is no valid backing physical page. Or attempting to write to a read-only page.

Note that this does *not* include accesses which generate a page fault. Those happen (or not) and are taken care of for you by the MM.

Peter
OSR
@OSRDrivers

Pavel_S · December 6, 2014, 5:25pm

Hi Peter,

Thank you for answer.

Ok so I unserstand that in case I’ve described - I do not need __try/__except right? because in loadimge base address should be mapped already and even in case it is paged out - during my Access in callback it should be handled anyways - is that correct?

thank you

Maxim_S_Shatskih · December 7, 2014, 3:38pm

> 1. What means “invalid address” in such case?

This means “not mapped at all”.

Page fault handler will raise 0xc000000d.

Thus the need to catch this exception.

If above is correct - do I need __try/__except when accessing “valid” user mode address, but one
that is paged out?

Yes.

You don’t know whether the pointer passed to you from user mode is valid.

And you cannot risk crashing the whole OS.

some image has been mapped), but this memory (in theory) can be paged out.

Provided your kmode code runs at PASSIVE, there is no difference for you whether the memory is present or is paged out.

Does it mean to access this memory at passive level - I need to have __try/__expcept?

Yes. See above about “risk crashing the whole OS”.

–
Maxim S. Shatskih
Microsoft MVP on File System And Storage
xxxxx@storagecraft.com
http://www.storagecraft.com

Maxim_S_Shatskih · December 7, 2014, 3:40pm

>loadimge base address should be mapped already and even in case it is paged out

What if a read error will occur during inpage read? you will crash the OS.

Other then this, since you get the pointer from the trustworthy kmode code, probably there is no much other uses for __try/__except in your special case.

–
Maxim S. Shatskih
Microsoft MVP on File System And Storage
xxxxx@storagecraft.com
http://www.storagecraft.com