使用共享内存内核模式 - >用户模式 [英] Using shared memory kernel mode to -> usermode

问题描述

直截了当地说，我创建了一个将共享部分映射到用户模式的内核驱动程序。我的问题是我试图用驱动程序读/写内存，但我有使用ReadFile，WriteFile的经验。我有一个用CreateFileA创建的句柄。



现在我的旧项目驱动程序我曾经用这样的IOCTL代码进行通信。

so straight to the point i have created a kernel driver that maps shared section to user mode. my problem is am trying to read/write memory with the driver but i have 0 experience with ReadFile , WriteFile . i have a handle that was created with CreateFileA.

now i my old project driver i used to communicate with IOCTL code something like this .

#define IO_READ_REQUEST CTL_CODE(FILE_DEVICE_UNKNOWN, 0x0701 /* Our Custom Code */, METHOD_BUFFERED, FILE_SPECIAL_ACCESS)

typedef struct _KERNEL_READ_REQUEST
{
	ULONG ProcessId;

	ULONG Address;
	ULONG Response;
	ULONG Size;

} KERNEL_READ_REQUEST, *PKERNEL_READ_REQUEST;

template <typename type>
	type ReadVirtualMemory(ULONG ProcessId, ULONG ReadAddress,
		SIZE_T Size)
	{
		if (hDriver == INVALID_HANDLE_VALUE)
			return (type)false;

		DWORD Return, Bytes;
		KERNEL_READ_REQUEST ReadRequest;

		ReadRequest.ProcessId = ProcessId;
		ReadRequest.Address = ReadAddress;
		ReadRequest.Size = Size;

		// send code to our driver with the arguments
		if (DeviceIoControl(hDriver, IO_READ_REQUEST, &ReadRequest,
			sizeof(ReadRequest), &ReadRequest, sizeof(ReadRequest), 0, 0))
			return (type)ReadRequest.Response;
		else
			return (type)false;
	}

是的我知道这是从kernelbhop粘贴但是这就是我的驱动程序也是这样（旧的）。



现在我怎么能完成相同的过程，但没有IOCTL代码，只有ReadFile，WriteFile。还有一件事，在我习惯从内核

and yeah i know this is pasted from kernelbhop but this is what my driver does the same (old one).

now how could i do the exact same process but without IOCTL code and with only ReadFile , WriteFile . and 1 more thing , before i used to call my IOCTL code from kernel

if (ControlCode == IO_READ_REQUEST)
	{
// then do something here
}

但据我所知我不能这样做现在我想知道我应该用，

but as far as i know i can't do that now i want to know should i use ,

IRP_MJ_WRITE

或

IRP_MJ_READ

来做我的事情。因为我想到了它，如果我只能使用它们，那么我就无法处理所有的内核函数，所以这是不可能的。感谢任何能帮助我的人，我只想要一个片段或一个例子，这样我就可以从中学习并解决我的问题。 :)



我尝试了什么：



i还没试过还有什么。等待之前可能有这个问题的人可以帮助它：）

to do my stuff. because i thought about it and if i could only use both of them then i can't handle all my kernel functions so it would be impossible. thanks to anyone who will help me with this i just want a snippet or an example so i can learn from it and to solve my problem. :)

What I have tried:

i haven't tried anything yet. waiting for someone that may had this problem before and can help with it :)

推荐答案

这个问题有点不清楚。应该使用memcpy复制数据。



清楚内存属于谁以及访问权限得到尊重。当用户和内核使用OWN内存并将字节复制到其空间时，这是最好的。否则你可能会遇到奇怪和不可饶恕的错误。



提示：获取所用函数的所有错误代码并轻轻处理它们。

The question is a bit unclear. Should work with memcpy to copy data.

Be clear about whom the memory belongs and that the access rights are respected. It is best, when user and kernel use OWN memory and are copying the bytes into their spaces. Else you may get strange and undebuggable errors.

tip: fetch all error codes of used functions and handle them gently.

这篇关于使用共享内存内核模式 - >用户模式的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！