> Here is what I do. Note that if you maintain your lock on the memory
after completing the IRP than you must track it within your driver
on a per handle basis. Failing to release the memory when the
originating handle is closed = BSOD.
Actually, I think I got that wrong. You won’t get BSOD until the
application closes. However, you still need to tie it to the file
handle as that is the information that you have.
Try this:
try
{
// Access user-mode memory.
}
except (EXCEPTION_EXECUTE_HANDLER)
{
IoStatus->Status = GetExceptionCode();
}
Regards,
Carsten
“Mark Roddy” wrote in message news:xxxxx@ntdev…
> That is because they are respectively ‘ProbeForRead’ and ‘ProbeForWrite’.
>
> I think you are saying that you are embedding a user mode pointer in an
> IOCTL METHOD_BUFFERED buffer. At this point the chorus cuts in with:
>
> CHORUS: Vijay, Don’t Do That! Bad Vijay! Bad!
>
> Your approach might be typical in the Unix world, but it is considered
> strictly Bad Form over here in our world.
>
> Regardless, you cannot tell from a VA what the valid length of the VA is.
>
> > -----Original Message-----
> > From: xxxxx@lists.osr.com
> > [mailto:xxxxx@lists.osr.com] On Behalf Of Mayank Kumar
> > Sent: Tuesday, April 27, 2004 1:14 AM
> > To: Windows System Software Devs Interest List
> > Subject: RE: [ntdev] Verifying user mode addresses
> >
> > Hi Roddy, Vijay
> > firstly i could not find these two apis in windows 2003 ddk.
> > Secondly what i want to do is just verify an address which
> > has been passed to me from the User Mode via an IOCTL in
> > BUFFERED_IO mode , whether that buffer is a valid memory
> > address so that i can write to it and also the amount of
> > memory size it is poiting to.
> > Is this possible or not ??
> >
> > regds
> > Mayank
> >
> > -----Original Message-----
> > From: xxxxx@lists.osr.com
> > [mailto:xxxxx@lists.osr.com]On Behalf Of Mark Roddy
> > Sent: Monday, April 26, 2004 4:01 PM
> > To: Windows System Software Devs Interest List
> > Subject: RE: [ntdev] Verifying user mode addresses
> >
> >
> >
> >
> > > -----Original Message-----
> > > From: xxxxx@lists.osr.com
> > > [mailto:xxxxx@lists.osr.com] On Behalf Of Vijay Anand
> > > Sent: Monday, April 26, 2004 5:38 AM
> > > To: Windows System Software Devs Interest List
> > > Subject: Re: [ntdev] Verifying user mode addresses
> > >
> > > MmProbeForRead
> > > MmProbeForWrite
> >
> > Not sufficient. Especially for (3). Given that the OP did not
> > state any other constraints on his problem, I’d say he cannot
> > reliably accomplish his goals. Is he locking the UVA into an
> > MDL? Can he guarantee process context?
> > In fact what exactly is he trying to do?
> >
> > >
> > > HTH,
> > > Vijay
> > > ----- Original Message -----
> > > From: “Mayank Kumar”
> > > To: “Windows System Software Devs Interest List”
> >
> > > Sent: Monday, April 26, 2004 11:03 AM
> > > Subject: [ntdev] Verifying user mode addresses
> > >
> > >
> > > > Hi all
> > > > can someody tell me if there is a way in the kernel to
> > tell whether
> > > > a particular memory address is a valid address or not ie
> > > > 1: u can read /write to it
> > > > 2: u can free it
> > > > 3: acessing it will not cause page fault or ke bugcheck
> > > >
> > > > Also another question is what does the line “Break due to
> > > Page Fault”
> > > > in a soft ice window mean.
> > > >
> > > > Thanks in advance for ur help
> > > > Mayank
> > > >
> > > >
> > > > —
> > > > Questions? First check the Kernel Driver FAQ at
> > > http://www.osronline.com/article.cfm?id=256
> > > >
> > > > You are currently subscribed to ntdev as:
> > > xxxxx@hotmail.com
> > > > To unsubscribe send a blank email to
> > xxxxx@lists.osr.com
> > > >
> > >
> > > —
> > > Questions? First check the Kernel Driver FAQ at
> > > http://www.osronline.com/article.cfm?id=256
> > >
> > > You are currently subscribed to ntdev as: xxxxx@hollistech.com To
> > > unsubscribe send a blank email to xxxxx@lists.osr.com
> > >
> >
> >
> >
> >
> > —
> > Questions? First check the Kernel Driver FAQ at
> > http://www.osronline.com/article.cfm?id=256
> >
> > You are currently subscribed to ntdev as:
> > xxxxx@intersolutions.stpn.soft.net
> > To unsubscribe send a blank email to xxxxx@lists.osr.com
> >
> >
> > —
> > Questions? First check the Kernel Driver FAQ at
> > http://www.osronline.com/article.cfm?id=256
> >
> > You are currently subscribed to ntdev as:
> > xxxxx@hollistech.com To unsubscribe send a blank email to
> > xxxxx@lists.osr.com
> >
>
>
>
>
The reasons why this approach is insufficient have been discussed here at
length. Consider for example the case where the user mode application
deallocates the virtual memory after you finish validating it. Your try
block worked fine, the VA is invalid. Oops.
At a minimum ProbeForRead/ProbeForWrite are required, and even then without
creating an MDL they are insufficient.
Note that the OP didn’t want any page faults. How are you going to guarantee
that? Finally the OP wants to decide THE SIZE of the VA buffer using these
techniques, and that simply cannot be done.
Now of course a COOPERATIVE user mode program can avoid most of the
pitfalls, but in that case this user mode program can far more cooperative
by using DIRECT_IO to begin with, right?
=====================
Mark Roddy
-----Original Message-----
From: Carsten Schmidt [mailto:xxxxx@email.dk]
Sent: Tuesday, April 27, 2004 4:16 PM
To: Windows System Software Devs Interest List
Subject: Re:[ntdev] Verifying user mode addressesTry this:
try
{
// Access user-mode memory.
}
except (EXCEPTION_EXECUTE_HANDLER)
{
IoStatus->Status = GetExceptionCode();
}Regards,
Carsten“Mark Roddy” wrote in message
> news:xxxxx@ntdev…
> > That is because they are respectively ‘ProbeForRead’ and
> ‘ProbeForWrite’.
> >
> > I think you are saying that you are embedding a user mode
> pointer in
> > an IOCTL METHOD_BUFFERED buffer. At this point the chorus
> cuts in with:
> >
> > CHORUS: Vijay, Don’t Do That! Bad Vijay! Bad!
> >
> > Your approach might be typical in the Unix world, but it is
> considered
> > strictly Bad Form over here in our world.
> >
> > Regardless, you cannot tell from a VA what the valid length
> of the VA is.
> >
> > > -----Original Message-----
> > > From: xxxxx@lists.osr.com
> > > [mailto:xxxxx@lists.osr.com] On Behalf Of
> Mayank Kumar
> > > Sent: Tuesday, April 27, 2004 1:14 AM
> > > To: Windows System Software Devs Interest List
> > > Subject: RE: [ntdev] Verifying user mode addresses
> > >
> > > Hi Roddy, Vijay
> > > firstly i could not find these two apis in windows 2003 ddk.
> > > Secondly what i want to do is just verify an address
> which has been
> > > passed to me from the User Mode via an IOCTL in
> BUFFERED_IO mode ,
> > > whether that buffer is a valid memory address so that i
> can write to
> > > it and also the amount of memory size it is poiting to.
> > > Is this possible or not ??
> > >
> > > regds
> > > Mayank
> > >
> > > -----Original Message-----
> > > From: xxxxx@lists.osr.com
> > > [mailto:xxxxx@lists.osr.com]On Behalf Of Mark Roddy
> > > Sent: Monday, April 26, 2004 4:01 PM
> > > To: Windows System Software Devs Interest List
> > > Subject: RE: [ntdev] Verifying user mode addresses
> > >
> > >
> > >
> > >
> > > > -----Original Message-----
> > > > From: xxxxx@lists.osr.com
> > > > [mailto:xxxxx@lists.osr.com] On Behalf Of
> Vijay Anand
> > > > Sent: Monday, April 26, 2004 5:38 AM
> > > > To: Windows System Software Devs Interest List
> > > > Subject: Re: [ntdev] Verifying user mode addresses
> > > >
> > > > MmProbeForRead
> > > > MmProbeForWrite
> > >
> > > Not sufficient. Especially for (3). Given that the OP did
> not state
> > > any other constraints on his problem, I’d say he cannot reliably
> > > accomplish his goals. Is he locking the UVA into an MDL? Can he
> > > guarantee process context?
> > > In fact what exactly is he trying to do?
> > >
> > > >
> > > > HTH,
> > > > Vijay
> > > > ----- Original Message -----
> > > > From: “Mayank Kumar”
> > > > To: “Windows System Software Devs Interest List”
> > >
> > > > Sent: Monday, April 26, 2004 11:03 AM
> > > > Subject: [ntdev] Verifying user mode addresses
> > > >
> > > >
> > > > > Hi all
> > > > > can someody tell me if there is a way in the kernel to
> > > tell whether
> > > > > a particular memory address is a valid address or not ie
> > > > > 1: u can read /write to it
> > > > > 2: u can free it
> > > > > 3: acessing it will not cause page fault or ke bugcheck
> > > > >
> > > > > Also another question is what does the line “Break due to
> > > > Page Fault”
> > > > > in a soft ice window mean.
> > > > >
> > > > > Thanks in advance for ur help
> > > > > Mayank
> > > > >
> > > > >
> > > > > —
> > > > > Questions? First check the Kernel Driver FAQ at
> > > > http://www.osronline.com/article.cfm?id=256
> > > > >
> > > > > You are currently subscribed to ntdev as:
> > > > xxxxx@hotmail.com
> > > > > To unsubscribe send a blank email to
> > > xxxxx@lists.osr.com
> > > > >
> > > >
> > > > —
> > > > Questions? First check the Kernel Driver FAQ at
> > > > http://www.osronline.com/article.cfm?id=256
> > > >
> > > > You are currently subscribed to ntdev as:
> xxxxx@hollistech.com To
> > > > unsubscribe send a blank email to
> xxxxx@lists.osr.com
> > > >
> > >
> > >
> > >
> > >
> > > —
> > > Questions? First check the Kernel Driver FAQ at
> > > http://www.osronline.com/article.cfm?id=256
> > >
> > > You are currently subscribed to ntdev as:
> > > xxxxx@intersolutions.stpn.soft.net
> > > To unsubscribe send a blank email to
> xxxxx@lists.osr.com
> > >
> > >
> > > —
> > > Questions? First check the Kernel Driver FAQ at
> > > http://www.osronline.com/article.cfm?id=256
> > >
> > > You are currently subscribed to ntdev as:
> > > xxxxx@hollistech.com To unsubscribe send a blank email to
> > > xxxxx@lists.osr.com
> > >
> >
> >
> >
> >
>
>
>
> —
> Questions? First check the Kernel Driver FAQ at
> http://www.osronline.com/article.cfm?id=256
>
> You are currently subscribed to ntdev as:
> xxxxx@stratus.com To unsubscribe send a blank email to
> xxxxx@lists.osr.com
>