Re: Buffer manipulation of an IRP_MJ_READ/WRITE

I've just realised my mistake with all this; I've been trying to make this a
lot hard than it actually is. The buffer is merely a pointer, so like all
good pointers, I only need increment it to get to the next byte in the
buffer. That really is a proper school boy error, how embarrasing.

Thanks very much for the help Don!

Peter


"Don Burn" wrote:

Take a look at MmGetSystemAddressForMdlSafe, you should not need to lock
down the pages, since if the call is occurring at DISPATCH_LEVEL the caller
will have locked them down.


--
Don Burn (MVP, Windows DDK)
Windows 2k/XP/2k3 Filesystem and Driver Consulting
Website: http://www.windrvr.com
Blog: http://msmvps.com/blogs/WinDrvr
Remove StopSpam to reply


"Peter Jones" <Peter Jones@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:7EAE2F8E-B27B-4A41-BC13-05539E763C39@xxxxxxxxxxxxxxxx
Hi all,

I'm pretty new to driver development, but I've been picking things up
fairly
quickly as I've gone along.

To set the scene a little: I've written myself a virtual device driver
that
allows you to use a disk image as a virtual disk on the system, allowing
the
user to read and write data etc, as you would expect a normal disk drive
to.
I'm aiming to get the driver to encrypt/decrypt data on the disk image,
each
time an IRP is issued to read/write. So, effectively performing on the fly
cryptography for the user.

Since the file system attached to the device works on a 512 byte size
sector, it should be a relatively simple process to perform encryption at
the
sector level. This is where my problem is though.

For a read opertion, I'm allocating a buffer using ExAllocatePool,
performing the read operation, then grabbing the system address for the
MDL
supplied in IRP->MdlAddress. After the operation is complete, theread
buffer
is then copied across into the system buffer address supplied by the MDL.

From what I can tell, I need to lock the paged memory using
MmProbeAndLockPages and then get an array of the memory pages using
MmMdlGetPfnArray. After this though, I'm a little unclear as how to
actually
manipulate the data I need.

Are there any methods for being able to manipulate the read/write buffers
used when processing an IRP? Ideally I need to be able to access
individual
bytes from the buffer.

Any help is greatly appreciated.

Thanks in advance,

Peter



.

Relevant Pages

  • Re: [Full-Disclosure] Win32 Device Drivers Communication Vulnerabilities + PoC for Symantec Norton A
    ... Function Codes/IRP Function Codes and IOCTRL/Defining I/O Control Codes): ... IRPs containing the I/O control code will supply a pointer ... describing the output buffer at Irp->MdlAddress. ... if the driver can be sent such a request only while it is ...
    (Full-Disclosure)
  • Re: Buffer manipulation of an IRP_MJ_READ/WRITE
    ... you should not need to lock ... Windows 2k/XP/2k3 Filesystem and Driver Consulting ... I'm aiming to get the driver to encrypt/decrypt data on the disk image, ... For a read opertion, I'm allocating a buffer using ExAllocatePool, ...
    (microsoft.public.development.device.drivers)
  • Re: Difference between synchronous and asynchronous operation/calls (NDISPROT)
    ... The main problem with synchronous operation/calls seems to be the lack of buffers for the driver to store data into. ... Each "read call" supplies the driver with a buffer and optionally a completion routine so that the driver can inform the application when the requested operation is/was done. ... However it seems the current windows/driver design does some copies as well? ...
    (microsoft.public.development.device.drivers)
  • Re: Degradation of TCP connection
    ... Gigabit ethernet. ... D card's data buffer can only hold about 64K samples worth of data ... link you posted is for an older version of VxWorks that used a BSD- ... but a bug in the ethernet driver. ...
    (comp.os.vxworks)
  • Re: PCI bus-master and large contiguous memory buffers
    ... As soon as device reaches the end of the buffer ... Sure, I am developing both PCI adapter and device driver, so, it is ... not afford reinitializing DMA on my device after every transfer. ... x86 CPU memory management structures I never tried to dig into Windows ...
    (microsoft.public.development.device.drivers)