Author: Eric M
Subject: Am I missing something here?
Posted: 05 May 2014 at 10:28pm
I am attempting to walk memory pages and a bit confused on walking the PTE. There is very little information on this subject, so I'm relying on some undocumented code, and some information reversed by ReactOS.
Edited by Eric M - 05 May 2014 at 10:29pm
Subject: Am I missing something here?
Posted: 05 May 2014 at 10:28pm
I am attempting to walk memory pages and a bit confused on walking the PTE. There is very little information on this subject, so I'm relying on some undocumented code, and some information reversed by ReactOS.
|
Looking at ReactOS calls to MiGetPteAddress, it passes user mode virtual addresses. At first glance, that made no sense to me, because a single virtual address can be valid on multiple processes and will obviously have a different PTE on each process. Even though it made no sense, I opted to try it and of course the address was invalid memory. Is this macro accurate and, if so, how does the kernel calculate the correct PTE given nothing more than a user mode VA? I am currently working on Windows 8.1 x64 is that is of any significance, but I imagine my question applies to previous versions of Windows as well.
Disclaimer: I tested this macro with user mode VA, Vad->StartingVpn, and everywhere in between. Clearly I am missing something here.
Edited by Eric M - 05 May 2014 at 10:29pm