LockPages - will this work?

Tutorials Win: Microsoft Windows Forum

I would like to lock into memory a small part of the code within a
driver. While the LockPages API is fairly straight forward, other
people in the group have mentioned that the real problem is how to get
the start address of the code pages to be locked (along with the
number of pages). I've come up with what I think is a simple way of
doing this and it seems to work (i.e. LockPages succeeds), but I'd
like to know what others think about it. So, here it is.

1) Put a #pragma code_seg(".somename") right before the code to be
locked.
2) Put the following routine right after the #pragma code_seg and
before the code to be locked:

void LockCode()
{
LockPages(LockCode, (PCHAR)EndLockCode - (PCHAR)LockCode,
NULL, LOCKFLAG_READ);
}

3) Put the following routine right after the code to be locked.

void EndLockCode()
{
}

4) Call LockCode sometime during initialization.

Since code segments start on page boundaries, and LockCode is the
first routine in the segment, it should be aligned on a page boundary.
Is this a safe assumption?

Also, do I need to round the size of the code to be locked (i.e.
EndLockCode - LockCode) up to the nearest multiple of the page size?

Are there any other reasons why this might not work?
Top

Re: LockPages - will this work? by Steve

Steve
Wed Dec 03 14:21:46 CST 2003

Umm - Why? Drivers are already loaded by Device.EXE via a call to
LoadDriver() which locks all of the code!

--
Steve Maillet (eMVP)
Entelechy Consulting
smaillet_AT_EntelechyConsulting_DOT_com


Top

Re: LockPages - will this work? by shawn

shawn
Thu Dec 04 11:18:27 CST 2003

I'm not quite sure about that Steve. After examining the source code
for device.exe it looks like it uses either LoadLibrary or LoadDriver
based on a flags value (per driver?) that is read from the registry.
Furthermore, here's a direct quote from the Microsoft documentation
for LoadDriver:

"All drivers loaded by the system load using LoadLibrary."

So now I'm more confused than before! How do I get an authoritative
answer to this question?

Regardless, I still want to know whether or not my LockPages code will
work.

"Steve Maillet \(eMVP\)" <nospam1@EntelechyConsulting.com> wrote in message news:<u5H5ZsduDHA.2248@TK2MSFTNGP09.phx.gbl>...
> Umm - Why? Drivers are already loaded by Device.EXE via a call to
> LoadDriver() which locks all of the code!
Top

Re: LockPages - will this work? by Steve

Steve
Thu Dec 04 14:05:28 CST 2003

By default device.exe loads drivers with LoadDriver(). If for some reason
you don't want that you can set the registry flag to use LoadLibrary()
instead. (I can't imagine what drove the addition of that feature but the
original behavior of previous versions of the OS is the default)

I've never tried your particular approach but from first glance it looks
like it should work but I wouldn't recommend it as it's too much of a hack
when the OS has mechanisms for handling the problem for drivers already. If
you are being truly paranoid and proud (e.g. you think someone might alter
the registry to enable the LoadLibrary flag which would cause your driver to
crash.) You can just call LoadDriver on the drivers DLL from within the
Drivers Init (NOTE: Don't do it from DllMain or equivalent!) as calling
LoadDriver on a module loaded with LoadLibrary will shift it over from paged
to non paged and lock the code in the process.

--
Steve Maillet (eMVP)
Entelechy Consulting
smaillet_AT_EntelechyConsulting_DOT_com


Top