Be carefull with MmIsAddressValid. This routine will
return TRUE if the input address falls whithin a valid
page. But a valid page from NT’s Memory manager point
of view is a page who has bit 0 (PRESENT bit) in it’s
corresponding PTE set. Thus , MmIsAddressValid can
return false for an address which is completly
usable, but happens to fall into a paged-out page.
Assuming IRQL < DISPATCH_LEVEL you can still access
that address , altough MmIsAddressValid returned
false,
since touching it will cause a page fault which in
turn will transparently bring back the page from
secondary storage. Note that you don’t need need to
page-in yourself , touching the page is enough. The
whole paging mechanism is transparrent for you. The
situations when your drivers needs to access itself
a pagefile to “page-in” are so seldom that doesn
really worth to be mentioned(not to mention that is a
hack).
The only way Im aware of one method to get a complete
map of the user memory from kernel mode , by walking
the VADs trees for the target process. (again a hack)
Yet in your case seems that you can get out as simple
as using SEH to catch exceptions. Just ensure that you
are in the right memory context. OSR guys have a fair
good primer on execution contexts on their NT INSIDER
on line articles , you may want to read it.
Best regards , Dan
Do You Yahoo!?
Get email at your own domain with Yahoo! Mail.
http://personal.mail.yahoo.com/
You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com
While we are at hacking ideas - maybe KeAttachProcess() could be of
use to assure that context is maintained?
Nevertheless - under normal circumstances context should never be a
problem and all this try/except/MmIs…/KeAttach…/whatever shouldn’t
be needed.
regards,
Anders
Monday, March 05, 2001, 12:06:24 AM, you wrote:
PD> Be carefull with MmIsAddressValid. This routine will
PD> return TRUE if the input address falls whithin a valid
PD> page. But a valid page from NT’s Memory manager point
PD> of view is a page who has bit 0 (PRESENT bit) in it’s
PD> corresponding PTE set. Thus , MmIsAddressValid can
PD> return false for an address which is completly
PD> usable, but happens to fall into a paged-out page.
PD> Assuming IRQL < DISPATCH_LEVEL you can still access
PD> that address , altough MmIsAddressValid returned
PD> false,
PD> since touching it will cause a page fault which in
PD> turn will transparently bring back the page from
PD> secondary storage. Note that you don’t need need to
PD> page-in yourself , touching the page is enough. The
PD> whole paging mechanism is transparrent for you. The
PD> situations when your drivers needs to access itself
PD> a pagefile to “page-in” are so seldom that doesn
PD> really worth to be mentioned(not to mention that is a
PD> hack).
PD> The only way Im aware of one method to get a complete
PD> map of the user memory from kernel mode , by walking
PD> the VADs trees for the target process. (again a hack)
PD> Yet in your case seems that you can get out as simple
PD> as using SEH to catch exceptions. Just ensure that you
PD> are in the right memory context. OSR guys have a fair
PD> good primer on execution contexts on their NT INSIDER
PD> on line articles , you may want to read it.
PD> Best regards , Dan
PD> __________________________________________________
PD> Do You Yahoo!?
PD> Get email at your own domain with Yahoo! Mail.
PD> http://personal.mail.yahoo.com/
PD> —
PD> You are currently subscribed to ntdev as: xxxxx@flaffer.com
PD> To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com
–
Best regards,
Anders mailto:xxxxx@flaffer.com
You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com