Finding a magic in conventionnal memory

TheMSsForum.com: The Microsoft Software Forum

Hi

One of my driver (boot driver) is supposed to find a "magic" in conventional
memory.This Magic as been set previously to the actual boot of Windows (even
before the MBR has been loaded).
I know that the Magic resides between 512KB and 640KB.
The memory area in which this magic is located has previosuly been protected
from writings (by using a modified Int 15/AX=E820h section)

I am currently using MmMapIoSpace(PhysAddr, Size, MmNonCached);
This works OK with the free build of Windows XP (sp2, 32bits) but with the
checked build (sp2 32bits) I have an error.
I am not currently on the computer that runs the debugger so I cannot
currently be more precise, but I hope that the experts in this group will
have an answer to my question (and if I need to give more detailsn I will
have to be very cautious because we have strong non disclosure agreements
with the customer).

I know that one other developer that worked on this driver had to tune the
Memory Mapping functions in order for Driver Verifier to accept the way we do
the mapping. He is the one that decided to use MmMapIoSpace.

The customer that we develop the driver for is requiring that it to be able
to run on the checked build of Windows XP and that it can pass Driver
Verifier on the free build.


So here is my question:

What is the "correct" way to map some "low" memory in order to find a magic
and read the memory that is located after this magic?
The "correct" way in this context means a way that is acceptable to checked
buold and driver verifier


Thanks in advance
Top

Re: Finding a magic in conventionnal memory by Maxim

Maxim
Thu Apr 13 04:41:38 CDT 2006

> The memory area in which this magic is located has previosuly been protected
> from writings (by using a modified Int 15/AX=E820h section)

Maybe this protection should be removed, and the bug will cease? Try it.

Note: what you're doing is undocumented hackery. There are no ways of any
theoretically proper design in it. So, just find a way where it works - find by
trial and error, put it to the product and forget it.

If the customer will have another product doing the same - the interop will
arise for sure, no ways to prevent it.

--
Maxim Shatskih, Windows DDK MVP
StorageCraft Corporation
maxim@storagecraft.com
http://www.storagecraft.com

Top

Re: Finding a magic in conventionnal memory by Ray

Ray
Thu Apr 13 17:17:43 CDT 2006

This sounds like one of those "how do I do this" questions that just
begs out for a "why do you want to do this" question in response.

Really, nothing that is done before boot is immune to being changed
after boot by some driver that loads before yours, so if the customer is
trying to use this for copy protection or something they really need to
come up with a design that actually works (opinion: this is actually
impossible).

princetarhn wrote:
> Hi
>
> One of my driver (boot driver) is supposed to find a "magic" in conventional
> memory.This Magic as been set previously to the actual boot of Windows (even
> before the MBR has been loaded).
> I know that the Magic resides between 512KB and 640KB.
> The memory area in which this magic is located has previosuly been protected
> from writings (by using a modified Int 15/AX=E820h section)
>
> I am currently using MmMapIoSpace(PhysAddr, Size, MmNonCached);
> This works OK with the free build of Windows XP (sp2, 32bits) but with the
> checked build (sp2 32bits) I have an error.
> I am not currently on the computer that runs the debugger so I cannot
> currently be more precise, but I hope that the experts in this group will
> have an answer to my question (and if I need to give more detailsn I will
> have to be very cautious because we have strong non disclosure agreements
> with the customer).
>
> I know that one other developer that worked on this driver had to tune the
> Memory Mapping functions in order for Driver Verifier to accept the way we do
> the mapping. He is the one that decided to use MmMapIoSpace.
>
> The customer that we develop the driver for is requiring that it to be able
> to run on the checked build of Windows XP and that it can pass Driver
> Verifier on the free build.
>
>
> So here is my question:
>
> What is the "correct" way to map some "low" memory in order to find a magic
> and read the memory that is located after this magic?
> The "correct" way in this context means a way that is acceptable to checked
> buold and driver verifier
>
>
> Thanks in advance
>
>


--
Ray
Top