Physical Add to User Add mapping

Santhosh_Kumar-3 · April 25, 2010, 7:37pm

In an app I need to read a physical add in a loop (poll). I use a driver which does this for me and it works fine. However some one suggested if I can map the Physical Add to User space then the application can do the mapping once and then on just poll the user address. Underneath, the “Physical Add to User space” mapping will take care of getting to the actual physical address. This I was told will avoid lot of software overhead, is much faster and less intrusive. Basically the hardware is doing the fetching for me.

VirtualAdd = (PULONG)MmMapIoSpace(
physicalAddress,
memoryLength,
MmNonCached
);

The above call gets me the virtual add. Question is, is there way to map map this virtual address to the user space?
If some kind soul can enlighten me would be grateful. Thanks

OSR_Community_User · April 25, 2010, 11:14pm

Why do you have to (a) continuously poll physical memory; and (b) do so from user mode?

Mapping the address in to user space is not really secure and it also really won’t provide you with better ‘performance;’ continuously polling in a loop will not help overall system performance either. Also, the thing is, tight loop or not, if you’re thread gets preempted, you’re done reading memory until you get scheduled again, so it’s quite possible that you’re really reading things they way that you think you are.

What are your requirements?

mm

Santhosh_Kumar-3 · April 25, 2010, 11:51pm

Please note this is for validation/proof of concept environment. I thought if the memory access happened without the software overhead it would be faster. But you say it might not be faster. That is okay. Anyway just for academic interest is there a easy way to map Physical memory to user space? Or virtual add in Kernel space to user space?
thanks

clteng · April 26, 2010, 2:02am

Test, you can go to http://bbs.codeheaven.com.tw/htm_data/2/1004/1.html download the simple direct access i/o and memory source code, enjoy it.

Tim_Roberts · April 26, 2010, 1:32pm

xxxxx@gmail.com wrote:

Please note this is for validation/proof of concept environment. I thought if the memory access happened without the software overhead it would be faster. But you say it might not be faster. That is okay.

Well, that depends on what you mean. Polling a memory address in a loop
is certainly faster than sending an ioctl for each and every memory
access, but probably not significantly faster than sending a single
ioctl and allowing the driver to poll for you.

In addition, performance is not the only criterion by which drivers are
judged. Security is another factor. It’s trivially easy for another
process to gain access to your processes memory space and write over the
mapped memory, thereby causing the drawbridge to go up, or whatever.
That’s the big reason why it’s better to leave device memory in kernel
space.

Anyway just for academic interest is there a easy way to map Physical memory to user space? Or virtual add in Kernel space to user space?

A kernel driver can map pages into user mode using
MmMapLockedPagesSpecifyCache.

–
Tim Roberts, xxxxx@probo.com
Providenza & Boekelheide, Inc.

Santhosh_Kumar-3 · April 26, 2010, 1:53pm

Thank you IceMan!! it works like a charm!! Perfect!! Here is the code I used of yours:

PMDL pMdl;
PUCHAR pUserMapAdd;
pMdl = IoAllocateMdl(VirtualAdd, memoryLength, FALSE, FALSE, NULL);
if (pMdl == NULL)
{
return(STATUS_INSUFFICIENT_RESOURCES);
};

MmBuildMdlForNonPagedPool(pMdl);

pUserMapAdd =
(PUCHAR)MmMapLockedPagesSpecifyCache(pMdl,
UserMode,
MmNonCached,
NULL,
FALSE,
NormalPagePriority
);
if (pUserMapAdd == NULL)
{
return (STATUS_INSUFFICIENT_RESOURCES);
}

This posting can be closed.

Gary_Little-3 · April 26, 2010, 3:28pm

How can this thread be closed when you basically ignored Tim’s comments
about security, and that is an extremely vital concern. So much so that were
I to know for whom you work, and what the product is, I would not allow it
to be installed on any of my machines. Early on you mentioned this is only
for testing and validation. Don’t let it sneak into mainline code because it
violates basic principles of security.

Gary G. Little
H (952) 223-1349
C (952) 454-4629
xxxxx@comcast.net

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of xxxxx@gmail.com
Sent: Monday, April 26, 2010 12:52 PM
To: Windows System Software Devs Interest List
Subject: RE:[ntdev] Physical Add to User Add mapping

Thank you IceMan!! it works like a charm!! Perfect!! Here is the code I used
of yours:

PMDL pMdl;
PUCHAR pUserMapAdd;
pMdl = IoAllocateMdl(VirtualAdd, memoryLength, FALSE, FALSE, NULL);
if (pMdl == NULL)
{
return(STATUS_INSUFFICIENT_RESOURCES);
};

MmBuildMdlForNonPagedPool(pMdl);

pUserMapAdd =
(PUCHAR)MmMapLockedPagesSpecifyCache(pMdl,
UserMode,
MmNonCached,
NULL,
FALSE,
NormalPagePriority
);
if (pUserMapAdd == NULL)
{
return (STATUS_INSUFFICIENT_RESOURCES);
}

This posting can be closed.

NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer

__________ Information from ESET Smart Security, version of virus signature
database 5063 (20100426) __________

The message was checked by ESET Smart Security.

http://www.eset.com

__________ Information from ESET Smart Security, version of virus signature
database 5063 (20100426) __________

The message was checked by ESET Smart Security.

http://www.eset.com

Santhosh_Kumar-3 · April 26, 2010, 5:10pm

Gary,

Thanks for your concern, I got the full picture. When I posted my last message I had not seen Tim’s reply. (Thanks Tim) I am not in software selling business and my code would never make it to any main stream code. This is for internal validation purpose only. Also I am going to mention the security hole in this code. If the management shoots it down then so be it, we will live with the driver calls. Atleast I have learnt something new, may be never get to use it… thanks to all.

Pavel_Lebedinsky · April 27, 2010, 1:10am

> pUserMapAdd =

(PUCHAR)MmMapLockedPagesSpecifyCache(pMdl,
UserMode,
MmNonCached,
NULL,
FALSE,
NormalPagePriority
);
if (pUserMapAdd == NULL)
{
return (STATUS_INSUFFICIENT_RESOURCES);
}

MmMapLockedPagesSpecifyCache(UserMode) raises an exception
on failure, so you need to wrap this call in try/except instead of
checking for NULL.

–
Pavel Lebedinsky/Windows Fundamentals Test
This posting is provided “AS IS” with no warranties, and confers no rights.

Santhosh_Kumar-3 · April 27, 2010, 5:07pm

Sure, thanks will do. Yes I do see that you have warned us in the man pages too. Sorry I missed it.