Memory Access Permissions (Windows CE 5.0)
Processes in Microsoft® Windows® CE map into different virtual addresses. Although any process can look into the memory of any other process, the Windows CE security system prevents this from being universally true all of the time. A driver can access memory in any process, but to do so, it must be able to unlock the permissions for those address spaces.
Although the details of the virtual-to-physical mapping are device-dependent, the basic layout tends to be the same from one device to another. Accessing the address space of an application can be complicated when a device driver creates a thread because access to process address spaces is set on a thread-by-thread basis. Each thread has a 32-bit flag, one bit per process, that describes the process a thread can access.
A thread can call the SetProcPermissions function to modify the permission mask, which controls the thread's access each process address space. The same thread can call the GetCurrentPermissions function to get the mask field for current permissions, so that the permissions can be reset when the thread has accessed the process data.
Because by default, the operating system does not run in full-kernel mode, and you cannot assume that driver threads run in kernel mode. Although there may be situations where you need to enter full-kernel mode.
Note If you are building run-time images in Platform Builder, you can clear the IMGNOTALLKMODE environment variable so your run-time image executes in user-mode by default.
To programmatically enable full-kernel mode
- Call the SetKMode function with TRUE.
- Do the work that requires full-kernel mode.
- Call SetKMode with FALSE to exit full-kernel mode.
See Also
Accessing Memory from a Driver | Memory Architecture
Send Feedback on this topic to the authors