-
-
[求助]MmAllocatePagesForMdl 共享内存 属性的问题
-
发表于:
2017-5-9 21:09
4418
-
[求助]MmAllocatePagesForMdl 共享内存 属性的问题
LowAddress.QuadPart = 0;
MAX_MEM(HighAddress.QuadPart);
// 分配4K的共享缓冲区
Mdl = MmAllocatePagesForMdl(LowAddress,
HighAddress,
LowAddress,
TotalBytes);
if (!Mdl)
{
return STATUS_INSUFFICIENT_RESOURCES;
}
Status = ObReferenceObjectByHandle
(
ProcessHandle,
PROCESS_VM_OPERATION,
*PsProcessType,
UserMode,
(PVOID*)(&Process),
NULL);
if (!NT_SUCCESS(Status))
{
__try
{
*lpStatus = STATUS_INSUFFICIENT_RESOURCES;
return STATUS_INSUFFICIENT_RESOURCES;
}
__except (1)
{
return STATUS_INSUFFICIENT_RESOURCES;
}
}
KeStackAttachProcess((PRKPROCESS)(PVOID)(Process), &ApcState);
//KdPrint(("jmg-kernel-> AllocateVirtualMemory call Process: %s\n", PsGetProcessImageFileName(PsGetCurrentProcess())));
// 映射共享缓冲区到用户地址空间
UserVAToReturn = MmMapLockedPagesSpecifyCache
(Mdl,
UserMode,
MmCached,
NULL,
FALSE,
NormalPagePriority);
Mdl->MdlFlags = Mdl->MdlFlags | MDL_MAPPED_TO_SYSTEM_VA;
PVOID MappedSystemCallTable = MmMapLockedPages(Mdl, UserMode);
KeUnstackDetachProcess(&ApcState);
ObDereferenceObject(Process);
if (!UserVAToReturn)
{
MmFreePagesFromMdl(Mdl);
IoFreeMdl(Mdl);
return STATUS_INSUFFICIENT_RESOURCES;
}
映射 到了R3 的地址..mdl地址属性应该怎么改成可执行呢??
[招生]科锐逆向工程师培训(2024年11月15日实地,远程教学同时开班, 第51期)
