Pointers in IOControl

I have an ioctl that allows the user to write a buffer to device memory.
My question is whether it is legal to receive a pointer from user space,
and use that pointer in the driver to write to the device memory?
If it is not legal, what is the best way to allow a user to write more
than a limited copied buffer to the device, if I don’t want to map it to
the user, and I still want to use the ioctl albeit modified a bit?
thanx
Nachum Kanovsky
Driver Development Team
xxxxx@mangodsp.com
02 5328706
011 972 2 532 8706


You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com

Sure. As long as you remain in the proper process context, you will be
OK. Just do not post a request off to a worker thread :slight_smile:

Remember to put a __try{}__except{} around access to the buffer. Also,
remember to use METHOD_NEITHER.

Jamey

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Nachum Kanovsky
Sent: Tuesday, December 11, 2001 8:50 AM
To: NT Developers Interest List
Subject: [ntdev] Pointers in IOControl

I have an ioctl that allows the user to write a buffer to device memory.
My question is whether it is legal to receive a pointer from user space,
and use that pointer in the driver to write to the device memory?

If it is not legal, what is the best way to allow a user to write more
than a limited copied buffer to the device, if I don’t want to map it to
the user, and I still want to use the ioctl albeit modified a bit?

thanx
Nachum Kanovsky
Driver Development Team
xxxxx@mangodsp.com
02 5328706
011 972 2 532 8706


You are currently subscribed to ntdev as: xxxxx@storagecraft.com
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com


You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com

> I have an ioctl that allows the user to write a buffer to device memory.

My question is whether it is legal to receive a pointer from user space,
and use that pointer in the driver to write to the device memory?

No, for several reasons. For example, the program may deallocate
the memory before you access it and the driver will crash.

If it is not legal, what is the best way to allow a user to write more
than a limited copied buffer to the device, if I don’t want to map it to
the user, and I still want to use the ioctl albeit modified a bit?
thanx

So, use METHOD_IN_DIRECT instead of METHOD_BUFFERED.


Do You Yahoo!?
Check out Yahoo! Shopping and Yahoo! Auctions for all of
your unique holiday gifts! Buy at http://shopping.yahoo.com
or bid at http://auctions.yahoo.com


You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com

It isn’t illegal, it is however unusual and not the normal NT practice. You
have to guarantee that all accesses to the buffer will be in the calling
process context at less than dispatch level, and you have to contain any
access faults so that the system does not crash, or you have to do
everything that the operating system would do to map and lock the pages and
describe them with an MDL… The effort involved in doing this correctly
generally exceeds the effort required to re-work your application to ‘do
things the NT way’, and consequently it is generally a waste of time and
money.

If you use DIRECT_IO there is no copying of user data. There is the overhead
of locking down the user data pages, but if you are actually going to access
all of these pages anyway, the cost is more the length of time that you have
the pages locked rather than the cost of paging the data into memory.
DIRECT_IO operations are generally limited to less than 64MB.

-----Original Message-----
From: Nachum Kanovsky [mailto:xxxxx@yahoo.com]
Sent: Tuesday, December 11, 2001 11:50 AM
To: NT Developers Interest List
Subject: [ntdev] Pointers in IOControl

I have an ioctl that allows the user to write a buffer to device memory. My
question is whether it is legal to receive a pointer from user space, and
use that pointer in the driver to write to the device memory?

If it is not legal, what is the best way to allow a user to write more than
a limited copied buffer to the device, if I don’t want to map it to the
user, and I still want to use the ioctl albeit modified a bit?

thanx
Nachum Kanovsky
Driver Development Team
xxxxx@mangodsp.com
02 5328706
011 972 2 532 8706


You are currently subscribed to ntdev as: xxxxx@stratus.com
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com


You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com

This is quite simple:

if( Buffer != NULL )
{
// Build a MDL which will describe the buffer
Irp->MdlAddress = IoAllocateMdl(Buffer, Length, FALSE, FALSE, NULL);
if( Irp->MdlAddress == NULL )
{
// Allocation failed
IoFreeIrp(Irp);
ExFreePool(Srb);
return STATUS_INSUFFICIENT_RESOURCES;
}
// Probe and lock the MDL
__try
{
MmProbeAndLockPages(Irp->MdlAddress, KernelMode,
Write ? IoReadAccess : IoWriteAccess);
}
__except(EXCEPTION_EXECUTE_HANDLER)
{
// Probe failed - invalid address
IoFreeMdl(Irp->MdlAddress);
IoFreeIrp(Irp);
ExFreePool(Srb);
return GetExceptionCode();
}
}

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Roddy, Mark
Sent: Tuesday, December 11, 2001 9:45 AM
To: NT Developers Interest List
Subject: [ntdev] RE: Pointers in IOControl

It isn’t illegal, it is however unusual and not the normal NT practice.
You have to guarantee that all accesses to the buffer will be in the
calling process context at less than dispatch level, and you have to
contain any access faults so that the system does not crash, or you have
to do everything that the operating system would do to map and lock the
pages and describe them with an MDL… The effort involved in doing this
correctly generally exceeds the effort required to re-work your
application to ‘do things the NT way’, and consequently it is generally
a waste of time and money.

If you use DIRECT_IO there is no copying of user data. There is the
overhead of locking down the user data pages, but if you are actually
going to access all of these pages anyway, the cost is more the length
of time that you have the pages locked rather than the cost of paging
the data into memory. DIRECT_IO operations are generally limited to less
than 64MB.

-----Original Message-----
From: Nachum Kanovsky [mailto:xxxxx@yahoo.com]
Sent: Tuesday, December 11, 2001 11:50 AM
To: NT Developers Interest List
Subject: [ntdev] Pointers in IOControl

I have an ioctl that allows the user to write a buffer to device memory.
My question is whether it is legal to receive a pointer from user space,
and use that pointer in the driver to write to the device memory?

If it is not legal, what is the best way to allow a user to write more
than a limited copied buffer to the device, if I don’t want to map it to
the user, and I still want to use the ioctl albeit modified a bit?

thanx
Nachum Kanovsky
Driver Development Team
xxxxx@mangodsp.com
02 5328706
011 972 2 532 8706


You are currently subscribed to ntdev as: xxxxx@stratus.com
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com


You are currently subscribed to ntdev as: xxxxx@storagecraft.com
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com


You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com

— Jamey Kirby wrote:
> This is quite simple:
>
> if( Buffer != NULL )
> {
> // Build a MDL which will describe the buffer
> Irp->MdlAddress = IoAllocateMdl(Buffer, Length, FALSE, FALSE, NULL);
> if( Irp->MdlAddress == NULL )
> {
> // Allocation failed
> IoFreeIrp(Irp);
> ExFreePool(Srb);
> return STATUS_INSUFFICIENT_RESOURCES;
> }
> // Probe and lock the MDL
> __try
> {
> MmProbeAndLockPages(Irp->MdlAddress, KernelMode,
^^^^^^^^^^^
Put UserMode here since if your buffer comes from a user mode program

> Write ? IoReadAccess : IoWriteAccess);
> }
>__except(EXCEPTION_EXECUTE_HANDLER)
> {
> // Probe failed - invalid address
> IoFreeMdl(Irp->MdlAddress);
> IoFreeIrp(Irp);
> ExFreePool(Srb);
> return GetExceptionCode();
> }
> }
>
>
> -----Original Message-----
> From: xxxxx@lists.osr.com
> [mailto:xxxxx@lists.osr.com] On Behalf Of Roddy, Mark
> Sent: Tuesday, December 11, 2001 9:45 AM
> To: NT Developers Interest List
> Subject: [ntdev] RE: Pointers in IOControl
>
>
> It isn’t illegal, it is however unusual and not the normal NT practice.
> You have to guarantee that all accesses to the buffer will be in the
> calling process context at less than dispatch level, and you have to
> contain any access faults so that the system does not crash, or you have
> to do everything that the operating system would do to map and lock the
> pages and describe them with an MDL… The effort involved in doing this
> correctly generally exceeds the effort required to re-work your
> application to ‘do things the NT way’, and consequently it is generally
> a waste of time and money.
>
> If you use DIRECT_IO there is no copying of user data. There is the
> overhead of locking down the user data pages, but if you are actually
> going to access all of these pages anyway, the cost is more the length
> of time that you have the pages locked rather than the cost of paging
> the data into memory. DIRECT_IO operations are generally limited to less
> than 64MB.
>
> -----Original Message-----
> From: Nachum Kanovsky [mailto:xxxxx@yahoo.com]
> Sent: Tuesday, December 11, 2001 11:50 AM
> To: NT Developers Interest List
> Subject: [ntdev] Pointers in IOControl
>
>
>
> I have an ioctl that allows the user to write a buffer to device memory.
> My question is whether it is legal to receive a pointer from user space,
> and use that pointer in the driver to write to the device memory?
>
> If it is not legal, what is the best way to allow a user to write more
> than a limited copied buffer to the device, if I don’t want to map it to
> the user, and I still want to use the ioctl albeit modified a bit?
>
> thanx
> Nachum Kanovsky
> Driver Development Team
> xxxxx@mangodsp.com
> 02 5328706
> 011 972 2 532 8706
>
> —
> You are currently subscribed to ntdev as: xxxxx@stratus.com
> To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com
>
> —
> You are currently subscribed to ntdev as: xxxxx@storagecraft.com
> To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com
>
>
>
> —
> You are currently subscribed to ntdev as: xxxxx@yahoo.com
> To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com
>

__________________________________________________
Do You Yahoo!?
Check out Yahoo! Shopping and Yahoo! Auctions for all of
your unique holiday gifts! Buy at http://shopping.yahoo.com
or bid at http://auctions.yahoo.com


You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com

Hi,

— Jamey Kirby wrote:
> > This is quite simple:
> >
> > if( Buffer != NULL )
> > {
> > // Build a MDL which will describe the buffer
> > Irp->MdlAddress = IoAllocateMdl(Buffer, Length, FALSE, FALSE, NULL);
> > if( Irp->MdlAddress == NULL )
> > {
> > // Allocation failed
> > IoFreeIrp(Irp);
> > ExFreePool(Srb);
> > return STATUS_INSUFFICIENT_RESOURCES;
> > }
> > // Probe and lock the MDL
> > __try
> > {
> > MmProbeAndLockPages(Irp->MdlAddress, KernelMode,
> ^^^^^^^^^^^
> Put UserMode here since if your buffer comes from a user mode program

Is that true, I thought UserBuffer pointer was used by file system driver
and such and
you dont have to set it in a IOCTL ?

Jos


You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com