jhersh
January 6th, 2005, 08:47 PM
Background:
I believe I have a somewhat unique problem I'm trying to solve. The situation I have to deal with is we bought a specialized PCI card that I want to access from within another driver in kernel mode. It came with a driver, but I can't use the driver it came with. The driver was not developed by the company that makes the card. The driver is a WinRT driver and it is coupled with a user mode DLL to provide access to the functionality of the card. From what I can tell, all this driver does is map the memory resources to user space. The DLL then does all of the work of manipulating the card. The interface between the driver and the DLL is unknown.
My approach:
I need to leave the existing driver in tact, because I want to use the application that the company provides to configure he card. I simply want to have a way to read the time from the card from within another driver. I'm attempting to develop an upper filter driver for the card. The card has two 4k memory regions that I want to access from within the filter driver through which I can perform the tasks I need to to get the data from the card. These are the same memory regions on the PCI card that are mapped to user space by the WinRT driver. I have a filter driver installed above WinRT and I successfully get the the resource lists that tell me what physical memory addresses to use in the IRP_MN_START_DEVICE. One thing I noticed is that the translated address is identical to the raw address. I guess this is normal? Or at least not an obvious problem, right?
The problem:
I have attempted two approaches to access the memory regions on the PCI card. The first is the standard kernel mode mapping that I expected to work for sure. I use MmMapIoSpace and get what appears to be a valid kernel mode virtual address (above 0x8000000), get no errors, and get no bug check when accessing it. However it doesn't seem to act like valid memory. When the virtual memory is read using either READ_REGISTER_UCHAR or simple dereference, the result is always 0xFF. When writing with either WRITE_REGISTER_UCHAR or simple dereference, the memory is unchanged (at least according to the read). There are no errors or bug check or anything like that. I'm doing the test reads and writes in the IRP_MN_START_DEVICE handler immediately after mapping the memory.
I attempted another method by using ZwOpenSection to open \Device\PhysicalMemory and then used ZwMapViewOfSection to get a user mode virtual address to the memory I want to access, but have the exact same results. Write does nothing and read is all 0xFF. The DLL that came with the card still work great.
If anyone has attempted something like this or has any ideas of what I can try, please let me know. Your help will be greatly appreciated. Hopefully there is a glaring error that will stick out to someone a little more familiar with the NT kernel.
Thanks in advance!
Sincerely,
-Joe Hershberger
I believe I have a somewhat unique problem I'm trying to solve. The situation I have to deal with is we bought a specialized PCI card that I want to access from within another driver in kernel mode. It came with a driver, but I can't use the driver it came with. The driver was not developed by the company that makes the card. The driver is a WinRT driver and it is coupled with a user mode DLL to provide access to the functionality of the card. From what I can tell, all this driver does is map the memory resources to user space. The DLL then does all of the work of manipulating the card. The interface between the driver and the DLL is unknown.
My approach:
I need to leave the existing driver in tact, because I want to use the application that the company provides to configure he card. I simply want to have a way to read the time from the card from within another driver. I'm attempting to develop an upper filter driver for the card. The card has two 4k memory regions that I want to access from within the filter driver through which I can perform the tasks I need to to get the data from the card. These are the same memory regions on the PCI card that are mapped to user space by the WinRT driver. I have a filter driver installed above WinRT and I successfully get the the resource lists that tell me what physical memory addresses to use in the IRP_MN_START_DEVICE. One thing I noticed is that the translated address is identical to the raw address. I guess this is normal? Or at least not an obvious problem, right?
The problem:
I have attempted two approaches to access the memory regions on the PCI card. The first is the standard kernel mode mapping that I expected to work for sure. I use MmMapIoSpace and get what appears to be a valid kernel mode virtual address (above 0x8000000), get no errors, and get no bug check when accessing it. However it doesn't seem to act like valid memory. When the virtual memory is read using either READ_REGISTER_UCHAR or simple dereference, the result is always 0xFF. When writing with either WRITE_REGISTER_UCHAR or simple dereference, the memory is unchanged (at least according to the read). There are no errors or bug check or anything like that. I'm doing the test reads and writes in the IRP_MN_START_DEVICE handler immediately after mapping the memory.
I attempted another method by using ZwOpenSection to open \Device\PhysicalMemory and then used ZwMapViewOfSection to get a user mode virtual address to the memory I want to access, but have the exact same results. Write does nothing and read is all 0xFF. The DLL that came with the card still work great.
If anyone has attempted something like this or has any ideas of what I can try, please let me know. Your help will be greatly appreciated. Hopefully there is a glaring error that will stick out to someone a little more familiar with the NT kernel.
Thanks in advance!
Sincerely,
-Joe Hershberger