我正试图通过共享内存将两个地址从用户模式程序传递给我的内核模式驱动程序。我在网上找不到任何关于在内核中打开命名映射内存的资源,所以我想我可以使用ZwOpenFile和我在用户模式程序中使用的名称。问题是驱动程序正在记录"无法加载shmem",所以我不知道如何正确打开它。
用户模式代码:
#define BUF_SIZE 256
TCHAR szName[] = TEXT("Global\MyFileMappingObject");
TCHAR szMsg[] = TEXT("0x0n0x1");
int main() {
HANDLE hMapFile;
LPCTSTR pBuf;
hMapFile = CreateFileMapping(
INVALID_HANDLE_VALUE, // use paging file
NULL, // default security
PAGE_READWRITE, // read/write access
0, // maximum object size (high-order DWORD)
BUF_SIZE, // maximum object size (low-order DWORD)
szName); // name of mapping object
if (hMapFile == NULL)
{
_tprintf(TEXT("Could not create file mapping object (%d).n"),
GetLastError());
return 1;
}
pBuf = (LPTSTR)MapViewOfFile(hMapFile, // handle to map object
FILE_MAP_ALL_ACCESS, // read/write permission
0,
0,
BUF_SIZE);
if (pBuf == NULL)
{
_tprintf(TEXT("Could not map view of file (%d).n"),
GetLastError());
CloseHandle(hMapFile);
return 1;
}
CopyMemory((PVOID)pBuf, szMsg, (_tcslen(szMsg) * sizeof(TCHAR)));
Pause(); // I run the kernel driver when code is here, shmem is still mapped
UnmapViewOfFile(pBuf);
CloseHandle(hMapFile);
内核驱动程序代码:
HANDLE shmem;
OBJECT_ATTRIBUTES attrs;
UNICODE_STRING uniName;
OBJECT_ATTRIBUTES objAttr;
IO_STATUS_BLOCK ioStatusBlock;
RtlInitUnicodeString(&uniName, L"Global\MyFileMappingObject");
InitializeObjectAttributes(&attrs, &uniName, OBJ_CASE_INSENSITIVE, NULL, NULL);
if (!NT_SUCCESS(ZwOpenFile(&shmem, READ_CONTROL, &attrs, &ioStatusBlock, FILE_SHARE_READ, FILE_NON_DIRECTORY_FILE))) {
log("Could not load shmem");
}
else {
log("shmem loaded successfully");
ZwClose(shmem);
}
提前感谢
已解决,使用ZwOpenSection,路径以\\BaseNamedObjects\\开头
HANDLE shmem;
OBJECT_ATTRIBUTES attrs;
UNICODE_STRING uniName;
RtlInitUnicodeString(&uniName, L"\BaseNamedObjects\MyFileMappingObject");
InitializeObjectAttributes(&attrs, &uniName, OBJ_CASE_INSENSITIVE, NULL, NULL);
if (!NT_SUCCESS(ZwOpenSection(&shmem, FILE_SHARE_READ, &attrs))) {
log("Could not load shmem");
}
else {
log("shmem loaded successfully");
ZwClose(shmem);
}