I’ve the following problem:
I’ve an application A communicating with a kernel mode driver B.
B initializes some data defined like this:
strct _MYSTRUCT
{
PVOID field1;
PVOID field2;
DWORD flags;
}
In kernel mode I have a variable taking 12 bytes (_MYSTRUCT). Field1 and field2 are two pointers pointing to two different locations of 128k each.
The application A sends an IOCTL to B that replies sending the _MYSTRCT data to the application. The problem is field1 and field2 are pointing to a location in the kernel’s address space, so I can’ dereference them in a user mode app. The second problem is the fact that, from my driver, I can’t copy the data pointed by field1 and field2, because the size of the data cannot be assumed.
I wondered if there was a way to pass _MYSTRUCT as it is. When a user application tries to dereference field1, for instance, an exception should be generated and the system should switch to kernel mode. When this happen I could map the first 64k of memory pointed by field1 and reexecute the instruction. If this happens again I map other 64k until my user app can read what it needs.
I don’t have any idea of how this could be achieved… The second problem is…is there a way i can make an applivcation access some kernel mode data by referencing real kernel mode addresses (ffffffff-80000000)? I was looking for some documentation about sections but I think, with sections you can map kernel mode addresses but using user’s mode address space, am I correct?
Thanks
-Matt