There is a one issue in using MmProbeAndLockPages that sometimes overlooked and resulted in a subtle and hard tracked bug. I am talking about AccessMode parameter. The value of this parameter translates to the dirty flag for page descriptors when MmUnlockPages is called. It might sound surprising but for the memory locked using MmProbeAndLockPages the kernel does not use dirty flag in the PTE to track modified pages, there are a lot of reasons for this, one is that the pages might never be mapped in any address space, e.g. when used for DMA IO. The kernel employs a simple approach - if the pages were locked with IoWriteAccess or IoModifyAccess the kernel marks page descriptors as dirty when MmUnlockPages is called even if there were no actual data transfer to the pages. The consequence of such behavior is that the Memory Manager will try to flush modified pages to a storage if they belong to a mapped file, this might surprise both you and a file system driver, especially if the file system is read only one.
No comments:
Post a Comment