memory descriptor list
in [Device Drivers]
|
From: codeFather on 11 Jun 2010 09:56 hey! the size returned by MmSizeOfMdl (PMDL mymdl) = 0x20 or 32 bytes but if you look at the structure of the MDL its a constant 28 bytes :- Struct MDL { MDL* next; //what is this for? nywayz its 4 bytes short size; // 2 bytes short MdlFlags; //2 bytes eprocess proc; // pointer to a eprocess struct = 4 bytes pvoid mappedSystemVa; // 4 bytes pvoid startVa; //4 bytes dword byteCount;// 4 bytes dword byteOffset;// 4 bytes }*PMDL; the size of the above structure = 4 + 2 + 2 + 4 +4 +4 +4 +4 = 28 bytes which is a constant size but when i disassemble the MmSizeOfMdl structure i find this :- mov eax,[ebp+08]; eax =1st parameter, base address mov ecx,[ebp+0c]; ecx = 2nd parameter, size add eax,00000fff; keep the last 12 bits ? 12 bits are used to index a page frame? lea eax,[eax+ecx+00000fff] ; eax = base address + size + 0000fff shr eax,0c; shifts eax left 12 times (dividing by 4096... 4KB? page size?) /* the above instructions are calculating the number of pages spanned for the given virtual address range (from base address to base address + size) right? */ lea eax,[eax*4 + 0000001C] ; 1C is 28 in decimal ret so the size returned = 28 bytes + number of pages spanned for a given virutal address range. I get the 28 bytes part, but why is the function adding the 2nd operand? should it not simply return 28 bytes? what am i missing what are the extra bytes for?
From: Scott Noone on 11 Jun 2010 10:01 See the comment in wdm.h right before the MDL structure is defined: // // I/O system definitions. // // Define a Memory Descriptor List (MDL) // // An MDL describes pages in a virtual buffer in terms of physical pages. The // pages associated with the buffer are described in an array that is allocated // just after the MDL header structure itself. // // One simply calculates the base of the array by adding one to the base // MDL pointer: // // Pages = (PPFN_NUMBER) (Mdl + 1); // // Notice that while in the context of the subject thread, the base virtual // address of a buffer mapped by an MDL may be referenced using the following: // // Mdl->StartVa | Mdl->ByteOffset // typedef __struct_bcount(Size) struct _MDL { struct _MDL *Next; CSHORT Size; CSHORT MdlFlags; struct _EPROCESS *Process; PVOID MappedSystemVa; PVOID StartVa; ULONG ByteCount; ULONG ByteOffset; } MDL, *PMDL; -scott -- Scott Noone Consulting Associate OSR Open Systems Resources, Inc. http://www.osronline.com "codeFather" <codeFather(a)discussions.microsoft.com> wrote in message news:6F41FDE9-C0DA-4B97-B4E9-7C4F3EF4BC76(a)microsoft.com... > hey! > the size returned by MmSizeOfMdl (PMDL mymdl) = 0x20 or 32 bytes but if > you > look at the structure of the MDL its a constant 28 bytes :- > Struct MDL > { > MDL* next; //what is this for? nywayz its 4 bytes > short size; // 2 bytes > short MdlFlags; //2 bytes > eprocess proc; // pointer to a eprocess struct = 4 bytes > pvoid mappedSystemVa; // 4 bytes > pvoid startVa; //4 bytes > dword byteCount;// 4 bytes > dword byteOffset;// 4 bytes > }*PMDL; > the size of the above structure = 4 + 2 + 2 + 4 +4 +4 +4 +4 = 28 bytes > which is a constant size but when i disassemble the MmSizeOfMdl structure > i find this :- > > mov eax,[ebp+08]; eax =1st parameter, base address > mov ecx,[ebp+0c]; ecx = 2nd parameter, size > add eax,00000fff; keep the last 12 bits ? 12 bits are used to index a page > frame? > lea eax,[eax+ecx+00000fff] ; eax = base address + size + 0000fff > shr eax,0c; shifts eax left 12 times (dividing by 4096... 4KB? page size?) > /* > the above instructions are calculating the number of pages spanned for the > given virtual address range (from base address to base address + size) > right? > */ > lea eax,[eax*4 + 0000001C] ; 1C is 28 in decimal > ret > > so the size returned = 28 bytes + number of pages spanned for a given > virutal address range. I get the 28 bytes part, but why is the function > adding the 2nd operand? should it not simply return 28 bytes? what am i > missing what are the extra bytes for?
|
Pages: 1 Prev: WinUSB - WinUsb_ControlTransfer ignoring Index field? Next: memory descriptor list |