Expandir Minimizar

MmSecureVirtualMemory routine

The MmSecureVirtualMemory routine secures a user-space memory address range so that it cannot be freed and its protection type cannot be made more restrictive.

Syntax


HANDLE MmSecureVirtualMemory(
  _In_  PVOID Address,
  _In_  SIZE_T Size,
  _In_  ULONG ProbeMode
);

Parameters

Address [in]

The beginning of the user virtual address range to secure.

Size [in]

The size, in bytes, of the virtual address range to secure.

ProbeMode [in]

The most restrictive protection type that is allowed. Use PAGE_READWRITE to specify that address range must remain both readable and writable, or use PAGE_READONLY to specify the address range must only remain readable.

Return value

On success, MmSecureVirtualMemory returns an opaque pointer value that the driver passes to the MmUnsecureVirtualMemory routine to unsecure the memory address range. If the routine is unable to secure the memory address range, it returns NULL.

Remarks

MmSecureVirtualMemory can be used to avoid certain race conditions on user-mode buffers. For example, if a driver checks to see if the buffer is writable, but then the originating user-mode process changes the buffer to be read-only before the driver can write to the buffer, then a race condition can result. A driver that uses MmSecureVirtualMemory is guaranteed that if the requested protection mode is available, it cannot be changed until the driver calls MmUnsecureVirtualMemory. The routine also protects against the originating user-mode process freeing the buffer.

While calling MmSecureVirtualMemory on an address range prevents the address range from being freed or from having its protection changed, it does not protect against other types of raised exceptions. (For example, it does not protect against an exception raised when the system finds a bad disk block in the page file.) Therefore, drivers must still wrap any memory accesses in a try/except block. Therefore, we recommend that drivers do not use this function. For more information, see Handling Exceptions.

Requirements

Version

Available starting with Windows 2000.

Header

Ntddk.h (include Ntddk.h)

Library

Ntoskrnl.lib

IRQL

<=APC_LEVEL

DDI compliance rules

IrqlMmApcLte, HwStorPortProhibitedDDIs

See also

MmUnsecureVirtualMemory

 

 

Send comments about this topic to Microsoft

Mostrar:
© 2014 Microsoft