Using section/view in the driver
in [Device Drivers]
|
Prev: USB Video extension units
Next: ZwQueryInformationFile(..FileAlignmentInformation..) always returns FILE_WORD_ALIGNMENT
From: soviet_bloke on 1 Oct 2006 00:49 Gary, DriverEntry() and AddDevice() are called in the context of a system process. If you create a kernel thread with PsCreateSystemThread() and specify NULL as ProcessHandle argument, your thread will run in the context of a system process as well. Therefore, if you create a section in DriverEntry() or AddDevice(), you will have no problem mapping it in the context of a kernel thread that you have created. To summarize, all your worries are unfounded Anton Bassov Gary Li wrote: > Thanks for the feeback. > > My problem actually is: > I need to access a big file in the workitem routine (kernel thread created > by driver and running in the PASSIVE_LEVEL). However, ZwCreateSection() will > report STATUS_SECTION_TOO_BIG if called in the routines other than > DriverEntry() or AddDevice(). > Therefore, I am planing to create the file and section in AddDevice(), and > to map the view in the workitem routines. Now sure whether they are legal. > NtCurrentProcess() will be used to get process handle during mapping the view. > If AddDevice() and workitem are in different processes, how to use this > mechanism ? or is there any other mechanism to try for the same purpose ? > > Thanks > > -Gary > > "soviet_bloke(a)hotmail.com" wrote: > > > > Can I call ZwCreateSection() and ZwMapViewOfSection() with the same handle in > > > the different processes ? > > > > Of course you cannot do it - *ANY* handle is valid only in the context > > of a process that has opened it, unless it has been duplicated with > > DuplicateHandle() > > > > Anton Bassov > > > > Gary Li wrote: > > > Can I call ZwCreateSection() and ZwMapViewOfSection() with the same handle in > > > the different processes ? > > > > > > -Gary > > > >
From: Gary Li on 29 Oct 2006 16:18
Thanks, The work items created in my DPC routine are in the system process, so the section handle created in AddDevice() can be used in those work items. I don't have to create new section in other routines. -Gary "soviet_bloke(a)hotmail.com" wrote: > Gary, > > DriverEntry() and AddDevice() are called in the context of a system > process. If you create a kernel thread with PsCreateSystemThread() and > specify NULL as ProcessHandle argument, > your thread will run in the context of a system process as well. > Therefore, if you create a section in DriverEntry() or AddDevice(), you > will have no problem mapping it in the context of a kernel thread that > you have created. To summarize, all your worries are unfounded > > > Anton Bassov > > Gary Li wrote: > > Thanks for the feeback. > > > > My problem actually is: > > I need to access a big file in the workitem routine (kernel thread created > > by driver and running in the PASSIVE_LEVEL). However, ZwCreateSection() will > > report STATUS_SECTION_TOO_BIG if called in the routines other than > > DriverEntry() or AddDevice(). > > Therefore, I am planing to create the file and section in AddDevice(), and > > to map the view in the workitem routines. Now sure whether they are legal. > > NtCurrentProcess() will be used to get process handle during mapping the view. > > If AddDevice() and workitem are in different processes, how to use this > > mechanism ? or is there any other mechanism to try for the same purpose ? > > > > Thanks > > > > -Gary > > > > "soviet_bloke(a)hotmail.com" wrote: > > > > > > Can I call ZwCreateSection() and ZwMapViewOfSection() with the same handle in > > > > the different processes ? > > > > > > Of course you cannot do it - *ANY* handle is valid only in the context > > > of a process that has opened it, unless it has been duplicated with > > > DuplicateHandle() > > > > > > Anton Bassov > > > > > > Gary Li wrote: > > > > Can I call ZwCreateSection() and ZwMapViewOfSection() with the same handle in > > > > the different processes ? > > > > > > > > -Gary > > > > > > > > |