From: Anders Fogh [afogh@flaffer.com] Sent: Friday, March 16, 2001 2:50 AM To: NT Developers Interest List Subject: [ntdev] Re: an opinion...memory allocation Hello Matteo, There is almost endless ways of allocating memory in a usermode context from a driver. Messing with the heap structures as you suggest is possible, but qualifies as one of the most reliable ways I can think of to cause trouble. The easier way to go is probably ZwAllocateVirtualMemory() exported from ntoskrnl.exe. It's prototype is: NTSYSAPI NTSTATUS NTAPI ZwAllocateVirutualMemory( IN Handle ProcessHandle, IN OUT PVOID *BaseAddress, IN ULONG ZeroBits, // how many of the lsb must be 0. Alignment. IN OUT AllocationSize, IN ULONG AllocationType, // same constants as VirtualAlloc() of sdk IN ULONG Protection // same constants as VirtualAlloc() of sdk ); The thougher way is (*** off the top of my head so watch out for errors ***) DWORD dwSize; PVOID pMemoryIWannaAccessInUserMode; PMDL pMDL; PVOID umPtr; // resulting usermode pointer dwSize = MmSizeOfMdl(pMemoryIWannaAccessInUserMode,SizeOfYourBufferHere); pMdl = (PMDL) ExAllocatePool( NonPagedPool, dwSize ); pMdl = MmCreateMdl( pMdl, pMemoryIWannaAccessInUserMode, SizeOfYourBufferHere); if ( (pMdl->MdlFlags & ( MDL_MAPPED_TO_SYSTEM_VA | MDL_PAGES_LOCKED | MDL_SOURCE_IS_NONPAGED_POOL ) ) == 0) { MmBuildMdlForNonPagedPool(pMdl); } umPtr = MmMapLockedPages(pMdl, UserMode); Watch out for the BSOD when you forget to free this buffer on closing the process ;)))... Accessing the usermode memory from kernelmode is straight forward - if you're within process context when you need to access it, just access the usermode pointer. If you're not in context or at elevated IRQL build and MDL and lock the pages. I'm sure code for this is in any standard book about KM development. Regards, Anders Fogh Thursday, March 15, 2001, 9:20:01 AM, you wrote: MP> I've the following problem. I've to hook some kernel mode functions and execute some code in user mode and put my kernel mode routine on a wait state until the user mode function has completed. MP> Yhe solution i've used is creating some threads that send IOCTLs to my driver. My driver puts these IRPs in a waiting queue and whenver it needs to invoke a user mode function it releases an MP> IOCTL. MP> My problem is the following: Along with my ioctl (returning from KM to UM) I've to send the parameter stack for the user mode function. Since buffers are allocated in user mode I've no clue about MP> the buffer i have to allocate. Mu ioctl is a generic ioctl_wait_notify and I cannot know what will be the stack size that i will have to put in my buffer. MP> Now, what i thought if the buffer was too small, was releasing my ioctl with some additional data specifying i need a larger buffer. The app receving this ioctl, anaalyzes it, enlarge my buffer MP> and send me another ioctl with the buffer i requested. I'm afarid this is a bit too time consuming so i was thinking about an alternative solution. MP> How can I allocate memory in the user address space of the running process? so that i can drefernce that pointer from user mode.... MP> In my um app I'm using the HeapCreate() and HeapAlloc() APIs. Anyone knows if i can access to those data structures from KM? MP> Thanks MP> Matteo MP> --- MP> You are currently subscribed to ntdev as: afogh@flaffer.com MP> To unsubscribe send a blank email to leave-ntdev-247T@lists.osr.com -- Best regards, Anders mailto:afogh@flaffer.com --- You are currently subscribed to ntdev as: GlennEverhart@FirstUSA.com To unsubscribe send a blank email to leave-ntdev-247T@lists.osr.com