来自 msdn:
在内核模式下运行的驱动程序必须非常小心地直接读取或写入用户空间中的地址。这个场景说明了原因。
- 用户模式程序发起从设备读取某些数据的请求。程序提供缓冲区的起始地址来接收数据。
- 在内核模式下运行的设备驱动程序启动读取操作并将控制权返回给它的调用者。
- 稍后,设备会中断当前正在运行的任何线程,以表示读取操作已完成。中断由运行在该任意线程上的内核模式驱动程序处理,该线程属于任意进程。
- 此时,驱动程序不得将数据写入用户模式程序在步骤 1 中提供的起始地址。该地址位于发起请求的进程的虚拟地址空间中,这很可能与当前进程。
任何人都可以用其他方式解释这一点吗?第 2、3、4 点不是很清楚。谢谢。
Each process has its own "context" of execution which includes Data structures (page tables) used in Virtual to Physical address translation.
At any point of time, Virtual Address to Physical address mapping depends on the currently executing process at that time.
Take the following scenario :
A user-mode program (say "Process-A" with a single thread) initiates a read request and passes a User-space buffer address.
This read request reaches to Device Driver routine, which is running in Kernel mode. Now most likely, the actual read operation from Device hardware will take some time to complete. In this case, the Driver routine may not wait for the completion of operation. Instead, it will just start the read operation from the Device, and return immedietly. In this activity, the Operating System will also get notified that the read opeartion has started but not completed yet. The OS will put the Process-A in waiting state, and schedule some other Process (thread) in execution.
Later when the Device completes the reading operation, it will raise an Interrupt to notify this. At this time, any arbitrary process (say "Process-B") will be in execution. That is the Page tables will be reflecting Virtual to Physical address space mapping for Process-B. The Driver routine called for servicing this interrupt will be running in Context of Process-B.
At this point, accessing the virtual address provided by user-mode program at step-1 will access the Virtual Address corresponding to Process-B and not that of Process-A.
See the "Methods for Accessing Data Buffers" for different approches to transfer data to user-space from Kernel-mode routines.