本文整理汇总了C++中MmBuildMdlForNonPagedPool函数的典型用法代码示例。如果您正苦于以下问题:C++ MmBuildMdlForNonPagedPool函数的具体用法?C++ MmBuildMdlForNonPagedPool怎么用?C++ MmBuildMdlForNonPagedPool使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了MmBuildMdlForNonPagedPool函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: InitScratchpad
//
// file local helper functions.
//
NTSTATUS
InitScratchpad(
IN PUSB_FDO_CONTEXT fdoContext)
{
NTSTATUS status;
KeInitializeEvent(&fdoContext->ScratchPad.CompletionEvent, NotificationEvent, FALSE);
fdoContext->ScratchPad.Buffer = ExAllocatePoolWithTag(NonPagedPool, PAGE_SIZE, XVU1);
if (!fdoContext->ScratchPad.Buffer)
{
status = STATUS_NO_MEMORY;
TraceEvents(TRACE_LEVEL_ERROR, TRACE_DEVICE,
__FUNCTION__": Device %p ExAllocatePoolWithTag failed\n",
fdoContext->WdfDevice);
return status;
}
RtlZeroMemory(fdoContext->ScratchPad.Buffer, PAGE_SIZE);
fdoContext->ScratchPad.Mdl = IoAllocateMdl(fdoContext->ScratchPad.Buffer,
PAGE_SIZE,
FALSE,
FALSE,
NULL);
if (!fdoContext->ScratchPad.Mdl)
{
status = STATUS_NO_MEMORY;
TraceEvents(TRACE_LEVEL_ERROR, TRACE_DEVICE,
__FUNCTION__": device %p IoAllocateMdl failed\n",
fdoContext->WdfDevice);
return status;
}
MmBuildMdlForNonPagedPool(fdoContext->ScratchPad.Mdl);
return STATUS_SUCCESS;
}示例2: Ext2CreateMdl
PMDL
Ext2CreateMdl (
IN PVOID Buffer,
IN BOOLEAN bPaged,
IN ULONG Length,
IN LOCK_OPERATION Operation
)
{
NTSTATUS Status;
PMDL Mdl = NULL;
ASSERT (Buffer != NULL);
Mdl = IoAllocateMdl (Buffer, Length, FALSE, FALSE, NULL);
if (Mdl == NULL) {
Status = STATUS_INSUFFICIENT_RESOURCES;
} else {
__try {
if (bPaged) {
MmProbeAndLockPages(Mdl, KernelMode, Operation);
} else {
MmBuildMdlForNonPagedPool (Mdl);
}
Status = STATUS_SUCCESS;
} __except (EXCEPTION_EXECUTE_HANDLER) {
IoFreeMdl (Mdl);
Mdl = NULL;
DbgBreak();
Status = STATUS_INVALID_USER_BUFFER;
}
}
return Mdl;
}示例3: ChangeServiceTableMemoryFlags
NTSTATUS ChangeServiceTableMemoryFlags()
{
// Map the memory into our domain and change the permissions on the memory page by using a MDL
g_MappedSystemCallTableMDL = IoAllocateMdl( KeServiceDescriptorTable.ServiceTableBase, // starting virtual address
KeServiceDescriptorTable.NumberOfServices*4, // size of buffer
FALSE, // not associated with an IRP
FALSE, // charge quota, should be FALSE
NULL // IRP * should be NULL
);
if(!g_MappedSystemCallTableMDL)
{
DbgPrint("MDL could not be allocated...");
return STATUS_UNSUCCESSFUL;
}
else
{
DbgPrint("The MDL is at 0x%x\n", g_MappedSystemCallTableMDL);
}
// MmBuildMdlForNonPagedPool fills in the corresponding physical page array
// of a given MDL for a buffer in nonpaged system space (pool).
MmBuildMdlForNonPagedPool(g_MappedSystemCallTableMDL);
// MDL's are supposed to be opaque, but this is the only way we know of getting to these flags...
g_MappedSystemCallTableMDL->MdlFlags = g_MappedSystemCallTableMDL->MdlFlags | MDL_MAPPED_TO_SYSTEM_VA;
// finish off the mapping...
g_MappedSystemCallTable = MmMapLockedPages(g_MappedSystemCallTableMDL, KernelMode);
return STATUS_SUCCESS;
}示例4: USBPORT_ValidateTransferParametersURB
NTSTATUS
NTAPI
USBPORT_ValidateTransferParametersURB(IN PURB Urb)
{
struct _URB_CONTROL_TRANSFER *UrbRequest;
PMDL Mdl;
DPRINT_URB("USBPORT_ValidateTransferParametersURB: Urb - %p\n", Urb);
UrbRequest = &Urb->UrbControlTransfer;
if (UrbRequest->TransferBuffer == NULL &&
UrbRequest->TransferBufferMDL == NULL &&
UrbRequest->TransferBufferLength > 0)
{
DPRINT1("USBPORT_ValidateTransferParametersURB: Not valid parameter\n");
USBPORT_DumpingURB(Urb);
return STATUS_INVALID_PARAMETER;
}
if ((UrbRequest->TransferBuffer != NULL) &&
(UrbRequest->TransferBufferMDL != NULL) &&
UrbRequest->TransferBufferLength == 0)
{
DPRINT1("USBPORT_ValidateTransferParametersURB: Not valid parameter\n");
USBPORT_DumpingURB(Urb);
return STATUS_INVALID_PARAMETER;
}
if (UrbRequest->TransferBuffer != NULL &&
UrbRequest->TransferBufferMDL == NULL &&
UrbRequest->TransferBufferLength != 0)
{
DPRINT_URB("USBPORT_ValidateTransferParametersURB: TransferBuffer - %p, TransferBufferLength - %x\n",
UrbRequest->TransferBuffer,
UrbRequest->TransferBufferLength);
Mdl = IoAllocateMdl(UrbRequest->TransferBuffer,
UrbRequest->TransferBufferLength,
FALSE,
FALSE,
NULL);
if (!Mdl)
{
DPRINT1("USBPORT_ValidateTransferParametersURB: Not allocated Mdl\n");
return STATUS_INSUFFICIENT_RESOURCES;
}
MmBuildMdlForNonPagedPool(Mdl);
UrbRequest->TransferBufferMDL = Mdl;
Urb->UrbHeader.UsbdFlags |= USBD_FLAG_ALLOCATED_MDL;
DPRINT_URB("USBPORT_ValidateTransferParametersURB: Mdl - %p\n", Mdl);
}
return STATUS_SUCCESS;
}示例5: DriverEntry
//-----------------------------------------------------------------------------
// MAIN
//-----------------------------------------------------------------------------
NTSTATUS DriverEntry(PDRIVER_OBJECT driver_object,
PUNICODE_STRING registry_path)
{
NTSTATUS ret;
if (!driver_object)
{
DbgPrint("\n!!! ERROR: invalid driver_object in DriverEntry()\n");
return STATUS_UNSUCCESSFUL;
}
driver_object->DriverUnload = OnUnload;
DbgPrint("---------------- Driver Loaded\n");
// routine allocates a memory descriptor list (MDL)
mdl_sys_call = IoAllocateMdl(KeServiceDescriptorTable.ServiceTableBase,
KeServiceDescriptorTable.NumberOfServices * 4,
FALSE, FALSE, NULL);
if (!mdl_sys_call )
{
DbgPrint("\n!!! ERROR: invalid mdl in DriverEntry()\n");
return STATUS_UNSUCCESSFUL;
}
MmBuildMdlForNonPagedPool(mdl_sys_call);
mdl_sys_call->MdlFlags = mdl_sys_call->MdlFlags | MDL_MAPPED_TO_SYSTEM_VA;
// map the physical pages
syscall_tbl = MmMapLockedPagesSpecifyCache(mdl_sys_call, KernelMode,
MmNonCached, NULL, FALSE,
HighPagePriority);
if (!syscall_tbl)
{
DbgPrint("\n!!! ERROR: invalid mapped syscall table in DriverEntry()\n");
return STATUS_UNSUCCESSFUL;
}
hook_syscalls();
debug("register our callback for when our target proc is loaded:\n %ws\n\n",
target_file_loc);
#if BREAK_POINT
// register a callback func that is invoked when our target proc is loaded
ret = PsSetLoadImageNotifyRoutine(add_one_time_bp);
#endif
#if DATA_MINING
ret = PsSetLoadImageNotifyRoutine(add_hooks_for_data_mining);
#endif
if (ret != STATUS_SUCCESS)
DbgPrint("\n!!! ERROR: PsSetLoadImageNotifyRoutine()\n\n");
return STATUS_SUCCESS;
}示例6: drv_mapPdoMem
//------------------------------------------------------------------------------
tOplkError drv_mapPdoMem(UINT8** ppKernelMem_p, UINT8** ppUserMem_p,
size_t* pMemSize_p)
{
tOplkError ret;
// Get PDO memory
ret = pdokcal_getPdoMemRegion((UINT8**)&pdoMemInfo_l.pKernelVa,
&pdoMemInfo_l.memSize);
if (ret != kErrorOk || pdoMemInfo_l.pKernelVa == NULL)
return kErrorNoResource;
if (*pMemSize_p > pdoMemInfo_l.memSize)
{
DEBUG_LVL_ERROR_TRACE("%s() Higher Memory requested (Kernel-%d User-%d) !\n",
__func__, pdoMemInfo_l.memSize, *pMemSize_p);
*pMemSize_p = 0;
return kErrorNoResource;
}
// Allocate new MDL pointing to PDO memory
pdoMemInfo_l.pMdl = IoAllocateMdl(pdoMemInfo_l.pKernelVa, pdoMemInfo_l.memSize, FALSE, FALSE,
NULL);
if (pdoMemInfo_l.pMdl == NULL)
{
DEBUG_LVL_ERROR_TRACE("%s() Error allocating MDL !\n", __func__);
return kErrorNoResource;
}
// Update the MDL with physical addresses
MmBuildMdlForNonPagedPool(pdoMemInfo_l.pMdl);
// Map the memory in user space and get the address
pdoMemInfo_l.pUserVa = MmMapLockedPagesSpecifyCache(pdoMemInfo_l.pMdl, // MDL
UserMode, // Mode
MmCached, // Caching
NULL, // Address
FALSE, // Bug-check?
NormalPagePriority); // Priority
if (pdoMemInfo_l.pUserVa == NULL)
{
MmUnmapLockedPages(pdoMemInfo_l.pUserVa, pdoMemInfo_l.pMdl);
IoFreeMdl(pdoMemInfo_l.pMdl);
DEBUG_LVL_ERROR_TRACE("%s() Error mapping MDL !\n", __func__);
return kErrorNoResource;
}
*ppKernelMem_p = pdoMemInfo_l.pKernelVa;
*ppUserMem_p = pdoMemInfo_l.pUserVa;
*pMemSize_p = pdoMemInfo_l.memSize;
TRACE("Mapped memory info U:%p K:%p size %x", pdoMemInfo_l.pUserVa,
(UINT8*)pdoMemInfo_l.pKernelVa,
pdoMemInfo_l.memSize);
return kErrorOk;
}示例7: AsyncReadWriteSec
NTSTATUS
AsyncReadWriteSec(
IN PDEVICE_OBJECT DeviceObject,
IN PIRP ParentIrp,
IN ULONG ulStartSec,
IN ULONG ulSectors,
IN PVOID pBuffer,
IN UCHAR MajorFunction
)
{
PMDL MDL;
KEVENT event;
PIRP Irp;
ULONG ulBytes;
LARGE_INTEGER Start;
IO_STATUS_BLOCK ioStatus;
NTSTATUS status = STATUS_SUCCESS;
PIO_STACK_LOCATION NextIrpStack;
PDEVICE_EXTENSION deviceExtension = DeviceObject->DeviceExtension;
ulBytes = ulSectors * SECTOR_SIZE;
Start.QuadPart = ((LONGLONG)ulStartSec)*SECTOR_SIZE;
Irp = IoAllocateIrp(LOBYTE(LOWORD(deviceExtension->TargetDeviceObject->StackSize+1)),FALSE);
//Irp = IoBuildSynchronousFsdRequest( MajorFunction,
// deviceExtension->TargetDeviceObject,
// pBuffer,ulBytes,
// &Start,&event,
// &ioStatus );
ASSERT(Irp);
if (!Irp)
{
return STATUS_INSUFFICIENT_RESOURCES;
}
MDL = IoAllocateMdl(pBuffer,ulBytes,FALSE,FALSE,Irp);
if (!MDL)
return STATUS_INSUFFICIENT_RESOURCES;
MmBuildMdlForNonPagedPool(MDL);
IoSetNextIrpStackLocation(Irp);
NextIrpStack = IoGetNextIrpStackLocation(Irp);
NextIrpStack->DeviceObject = deviceExtension->TargetDeviceObject;
NextIrpStack->MajorFunction = MajorFunction;
NextIrpStack->MinorFunction = 0;
NextIrpStack->Parameters.Read.Length = ulBytes;
NextIrpStack->Parameters.Read.Key = 0;
NextIrpStack->Parameters.Read.ByteOffset.QuadPart = Start.QuadPart;
RtlCopyMemory(&(NextIrpStack->Parameters.Write),&(NextIrpStack->Parameters.Read),sizeof(NextIrpStack->Parameters.Read));
IoSetCompletionRoutine(Irp,AsyncCompletion,ParentIrp,TRUE,TRUE,TRUE);
status = IoCallDriver(deviceExtension->TargetDeviceObject,Irp);
return status;
} // end SyncReadWriteSec()示例8: dump_hook_init
int dump_hook_init(PDRIVER_OBJECT drv_obj)
{
PLDR_DATA_TABLE_ENTRY table;
PHYSICAL_ADDRESS high_addr;
PLIST_ENTRY entry;
NTSTATUS status;
int resl = 0;
ExInitializeFastMutex(&dump_sync);
ExAcquireFastMutex(&dump_sync);
/* find PsLoadedModuleListHead */
entry = ((PLIST_ENTRY)(drv_obj->DriverSection))->Flink;
while (entry != drv_obj->DriverSection)
{
table = CONTAINING_RECORD(entry, LDR_DATA_TABLE_ENTRY, InLoadOrderLinks);
entry = entry->Flink;
if ( (table->BaseDllName.Length == 0x18) &&
(p32(table->BaseDllName.Buffer)[0] == 0x0074006E) )
{
ps_loaded_mod_list = pv(table->InLoadOrderLinks.Blink);
break;
}
}
ExReleaseFastMutex(&dump_sync);
do
{
if (ps_loaded_mod_list == NULL) break;
status = PsSetLoadImageNotifyRoutine(load_img_routine);
if (NT_SUCCESS(status) == FALSE) break;
high_addr.HighPart = 0;
high_addr.LowPart = 0xFFFFFFFF;
dump_mem = MmAllocateContiguousMemory(DUMP_MEM_SIZE, high_addr);
if (dump_mem == NULL) break;
dump_mdl = IoAllocateMdl(dump_mem, DUMP_MEM_SIZE, FALSE, FALSE, NULL);
if (dump_mdl == NULL) break;
MmBuildMdlForNonPagedPool(dump_mdl);
memset(dump_mem, 0, DUMP_MEM_SIZE);
resl = 1;
} while (0);
if (resl == 0) {
if (dump_mdl != NULL) IoFreeMdl(dump_mdl);
if (dump_mem != NULL) MmFreeContiguousMemory(dump_mem);
}
return resl;
}示例9: DumpKernelMemory
NTSTATUS DumpKernelMemory(PVOID DstAddr, PVOID SrcAddr, ULONG Size)
{
PMDL pSrcMdl, pDstMdl;
PUCHAR pAddress, pDstAddress;
NTSTATUS st = STATUS_UNSUCCESSFUL;
ULONG r;
// Создаем MDL для буфера-источника
pSrcMdl = IoAllocateMdl(SrcAddr, Size, FALSE, FALSE, NULL);
if (pSrcMdl)
{
// Построение MDL
MmBuildMdlForNonPagedPool(pSrcMdl);
// Получение адреса из MDL
pAddress = (PUCHAR)MmGetSystemAddressForMdlSafe(pSrcMdl, NormalPagePriority);
zDbgPrint("pAddress = %x", pAddress);
if (pAddress != NULL)
{
pDstMdl = IoAllocateMdl(DstAddr, Size, FALSE, FALSE, NULL);
zDbgPrint("pDstMdl = %x", pDstMdl);
if (pDstMdl != NULL)
{
__try
{
MmProbeAndLockPages(pDstMdl, KernelMode, IoWriteAccess);
pDstAddress = (PUCHAR)MmGetSystemAddressForMdlSafe(pDstMdl, NormalPagePriority);
zDbgPrint("pDstAddress = %x", pDstAddress);
if (pDstAddress != NULL)
{
memset(pDstAddress, 0, Size);
zDbgPrint("Copy block");
for (r = 1; r < Size; r++)
{
if (MmIsAddressValid(pAddress))
*pDstAddress = *pAddress;
else
*pDstAddress = 0;
pAddress++;
pDstAddress++;
}
st = STATUS_SUCCESS;
}
MmUnlockPages(pDstMdl);
}
__except(EXCEPTION_EXECUTE_HANDLER)
{
zDbgPrint("Copy block exception");
}
IoFreeMdl(pDstMdl);
}
} 示例10: AllocateSharedMemory
BOOLEAN AllocateSharedMemory(PSHARED_MEMORY lpSharedMemory, POOL_TYPE PoolType, ULONG dwSizeRegion)
{
if (!_MmIsAddressValid(lpSharedMemory))
return FALSE;
if (!dwSizeRegion)
return FALSE;
memset(lpSharedMemory, 0, sizeof(SHARED_MEMORY));
#ifndef __MISC_USE_KHEAP
lpSharedMemory->m_lpKernelMemory = ExAllocatePool(PoolType, dwSizeRegion);
#else
lpSharedMemory->m_lpKernelMemory = (CHAR*) _AllocatePoolFromKHeap(hKHeapMiscDefault, dwSizeRegion);
#endif //!__MISC_USE_KHEAP
if (!lpSharedMemory->m_lpKernelMemory)
return FALSE;
lpSharedMemory->m_Mdl = IoAllocateMdl(lpSharedMemory->m_lpKernelMemory, dwSizeRegion, FALSE, FALSE, NULL);
if (!lpSharedMemory->m_Mdl)
{
#ifndef __MISC_USE_KHEAP
ExFreePool(lpSharedMemory->m_lpKernelMemory);
#else
FreePoolToKHeap(hKHeapMiscDefault, lpSharedMemory->m_lpKernelMemory);
#endif //!__MISC_USE_KHEAP
memset(lpSharedMemory, 0, sizeof(SHARED_MEMORY));
return FALSE;
}
MmBuildMdlForNonPagedPool(lpSharedMemory->m_Mdl);
lpSharedMemory->m_lpUserPage = MmMapLockedPages(lpSharedMemory->m_Mdl, UserMode);
lpSharedMemory->m_lpUserMemory = (PVOID) (((ULONG)PAGE_ALIGN(lpSharedMemory->m_lpUserPage))+MmGetMdlByteOffset(lpSharedMemory->m_Mdl));
if (!_MmIsAddressValid(lpSharedMemory->m_lpUserMemory))
{
MmUnmapLockedPages(lpSharedMemory->m_lpUserPage, lpSharedMemory->m_Mdl);
IoFreeMdl(lpSharedMemory->m_Mdl);
#ifndef __MISC_USE_KHEAP
ExFreePool(lpSharedMemory->m_lpKernelMemory);
#else
FreePoolToKHeap(hKHeapMiscDefault, lpSharedMemory->m_lpKernelMemory);
#endif //!__MISC_USE_KHEAP
memset(lpSharedMemory, 0, sizeof(SHARED_MEMORY));
return FALSE;
}
lpSharedMemory->m_dwSizeRegion = dwSizeRegion;
return TRUE;
}示例11: __ConsPacket
void __ConsPacket(OUT PPACKET_BASE pPacket)
{
PVOID Va;
PMDL pMdl;
Va = ExAllocatePoolWithTag(
NonPagedPool,
MDL_BUFFER_SIZE,
(ULONG)'TTWH');
RtlZeroMemory(Va, MDL_BUFFER_SIZE);
pMdl = IoAllocateMdl(Va, MDL_BUFFER_SIZE, FALSE, FALSE, NULL);
MmBuildMdlForNonPagedPool(pMdl);
pPacket->pMdl = pMdl;
}示例12: SafeCopyMemory
NTSTATUS SafeCopyMemory(PVOID SrcAddr, PVOID DstAddr, ULONG Size)
{
PMDL pSrcMdl, pDstMdl;
PUCHAR pSrcAddress, pDstAddress;
NTSTATUS st = STATUS_UNSUCCESSFUL;
ULONG r;
BOOL bInit = FALSE;
pSrcMdl = IoAllocateMdl(SrcAddr, Size, FALSE, FALSE, NULL);
if (MmIsAddressValidEx(pSrcMdl))
{
MmBuildMdlForNonPagedPool(pSrcMdl);
pSrcAddress = (PUCHAR)MmGetSystemAddressForMdlSafe(pSrcMdl, NormalPagePriority);
if (MmIsAddressValidEx(pSrcAddress))
{
pDstMdl = IoAllocateMdl(DstAddr, Size, FALSE, FALSE, NULL);
if (MmIsAddressValidEx(pDstMdl))
{
__try
{
MmProbeAndLockPages(pDstMdl, KernelMode, IoWriteAccess);
pDstAddress = (PUCHAR)MmGetSystemAddressForMdlSafe(pDstMdl, NormalPagePriority);
if (MmIsAddressValidEx(pDstAddress))
{
RtlZeroMemory(pDstAddress,Size);
RtlCopyMemory(pDstAddress, pSrcAddress, Size);
st = STATUS_SUCCESS;
}
MmUnlockPages(pDstMdl);
}
__except(EXCEPTION_EXECUTE_HANDLER)
{
if (pDstMdl) MmUnlockPages(pDstMdl);
if (pDstMdl) IoFreeMdl(pDstMdl);
if (pSrcMdl) IoFreeMdl(pSrcMdl);
return GetExceptionCode();
}
IoFreeMdl(pDstMdl);
}
}
IoFreeMdl(pSrcMdl);
}
return st;
}示例13: RegmonMapServiceTable
//----------------------------------------------------------------------
//
// RegmonMapServiceTable
//
// If we are running on Whistler then we have
// to double map the system service table to get around the
// fact that the system service table is write-protected on systems
// with > 128MB memory. Since there's no harm in always double mapping,
// we always do it, regardless of whether or not we are on Whistler.
//
//----------------------------------------------------------------------
PVOID *
RegmonMapServiceTable(
SERVICE_HOOK_DESCRIPTOR **HookDescriptors
)
{
//
// Allocate an array to store original function addresses in. This
// makes us play well with other hookers.
//
*HookDescriptors = (SERVICE_HOOK_DESCRIPTOR *) ExAllocatePool( NonPagedPool,
KeServiceDescriptorTable->Limit * sizeof(SERVICE_HOOK_DESCRIPTOR));
if( !*HookDescriptors ) {
return NULL;
}
memset( *HookDescriptors, 0,
KeServiceDescriptorTable->Limit * sizeof(SERVICE_HOOK_DESCRIPTOR));
//
// Build an MDL that describes the system service table function
// pointers array.
//
KdPrint(("Reglib: KeServiceDescriptorTable: %I64x Pointers: %I64x Limit: %d\n",
KeServiceDescriptorTable, KeServiceDescriptorTable->ServicePointers,
KeServiceDescriptorTable->Limit ));
KeServiceTableMdl = MmCreateMdl( NULL, KeServiceDescriptorTable->ServicePointers,
KeServiceDescriptorTable->Limit * sizeof(PVOID));
if( !KeServiceTableMdl ) {
return NULL;
}
//
// Fill in the physical pages and then double-map the description. Note
// that MmMapLockedPages is obsolete as of Win2K and has been replaced
// with MmMapLockedPagesSpecifyCache. However, we use the same driver
// on all NT platforms, so we use it anyway.
//
MmBuildMdlForNonPagedPool( KeServiceTableMdl );
KeServiceTableMdl->MdlFlags |= MDL_MAPPED_TO_SYSTEM_VA;
#if defined(_M_IA64)
return MmMapLockedPagesSpecifyCache( KeServiceTableMdl, KernelMode,
MmCached, NULL, FALSE, NormalPagePriority );
#else
return MmMapLockedPages( KeServiceTableMdl, KernelMode );
#endif
}示例14: initMDL
NTSTATUS initMDL()
{
// map memory into our domain
g_pmdlSystemCall = MmCreateMdl(NULL, KeServiceDescriptorTable.ServiceTableBase,
KeServiceDescriptorTable.NumberOfServices*4);
if(!g_pmdlSystemCall)
return STATUS_UNSUCCESSFUL;
MmBuildMdlForNonPagedPool(g_pmdlSystemCall);
// change MDL permissions
g_pmdlSystemCall->MdlFlags = g_pmdlSystemCall->MdlFlags | MDL_MAPPED_TO_SYSTEM_VA;
MappedSystemCallTable = MmMapLockedPages(g_pmdlSystemCall, KernelMode);
MDLinit = TRUE;
return STATUS_SUCCESS;
}示例15: UtilForceMemCpy
// Does memcpy safely even if Destination is a read only region.
_Use_decl_annotations_ EXTERN_C NTSTATUS UtilForceMemCpy(void *Destination,
const void *Source,
SIZE_T Length) {
auto mdl = std::experimental::make_unique_resource(
IoAllocateMdl(Destination, static_cast<ULONG>(Length), FALSE, FALSE,
nullptr),
&IoFreeMdl);
if (!mdl) {
return STATUS_INSUFFICIENT_RESOURCES;
}
MmBuildMdlForNonPagedPool(mdl.get());
#pragma warning(push)
#pragma warning(disable : 28145)
//
// Following MmMapLockedPagesSpecifyCache() call causes bug check in case
// you are using Driver Verifier. The reason is explained as follows:
//
// A driver must not try to create more than one system-address-space
// mapping for an MDL. Additionally, because an MDL that is built by the
// MmBuildMdlForNonPagedPool routine is already mapped to the system
// address space, a driver must not try to map this MDL into the system
// address space again by using the MmMapLockedPagesSpecifyCache routine.
// -- MSDN
//
// This flag modification hacks Driver Verifier's check and prevent leading
// bug check.
//
mdl.get()->MdlFlags &= ~MDL_SOURCE_IS_NONPAGED_POOL;
mdl.get()->MdlFlags |= MDL_PAGES_LOCKED;
#pragma warning(pop)
auto writableDest = MmMapLockedPagesSpecifyCache(
mdl.get(), KernelMode, MmCached, nullptr, FALSE, NormalPagePriority);
if (!writableDest) {
return STATUS_INSUFFICIENT_RESOURCES;
}
memcpy(writableDest, Source, Length);
MmUnmapLockedPages(writableDest, mdl.get());
return STATUS_SUCCESS;
}