This might seem like a basic question, but I can't find a solution anywhere.
I have to get Information out of a kernel mode. Therefore i work with an IOCTL. My User-Mode-Applications sends this IOCTL using DeviceIoControl with METHOD_OUT_DIRECT because i need to transfer big amounts of data. This sends a char-Pointer to my Driver.
The Driver gets the IOCTL and can respond to it within the interrupt request.
Code looks like this:
case IOCTL_FILTERIO_REQUEST_DATA:
{
PVOID pInputBuffer;
PVOID pOutputBuffer;
ULONG outputBufferLength;
PCHAR pReturnData = g_pDataPack;
ULONG dwDataSize = 8000;
ULONG dwDataRead = 0, dwDataWritten = 0;
status = STATUS_UNSUCCESSFUL;
pInputBuffer = Irp - > AssociatedIrp.SystemBuffer;
pOutputBuffer = NULL;
if (Irp - > MdlAddress) {
pOutputBuffer = MmGetSystemAddressForMdlSafe(Irp - > MdlAddress, NormalPagePriority);
}
if (pOutputBuffer) {
RtlCopyMemory(pOutputBuffer, pReturnData, dwDataSize);
status = STATUS_SUCCESS; * g_pDataPack = 0;
db_counter = 0;
}
}
break;
But i need to copy information from another part of the kernel-mode.
I tried to create a global PCHAR like this:
Header-File (Declaration) : extern PCHAR g_pDataPack;
Source-File (Definition) : PCHAR g_pDataPack = "IOCTL DEFINITION";
Editing (Other Source-File): *g_pDataPack++ = 'some stuff';
My Problem is, that i have to edit and enlarge the global PCHAR many times before the interrupt copies it to the local PCHAR and sends it back to my USER-Mode-Application. I tried to reset the global Pointer every 5000 editions, but that did not realy work.
if (db_counter > 5000)
{
*g_pDataPack = 0;
db_counter = 0;
}
The Program crashes after a special amount of time. I guess, because the global pointer allocates to much space?
I tried to create a CHAR Array, but that did not work at all.
Is there another better or easier way to allocate a special size of memory and then edit this one and copy it to the local PCHAR pReturnData when i need it or do i have to learn how to work with DMA for this project?
