StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

PO
primarykey
Id
18965864
data
AcceptedAnswerId
0
AnswerCount
0
ClosedDate
CommentCount
0
CommunityOwnedDate
CreationDate
2013-09-23T18:03:51.660
FavoriteCount
0
LastActivityDate
2013-09-23T18:10:01.787
LastEditDate
2013-09-23T18:10:01.787
LastEditorUserId
103167
OwnerUserId
103167
ParentId
18965117
PostTypeId
2
Score
1
ViewCount
0
LastEditorDisplayName
text
Body
You would need a kernel driver to change the page table mappings. Once the memory is mapped into your process's address space, a user-mode process could then access it. Of course, this comes with a severe warning -- an application with access to kernel memory areas could easily destabilize your system or worse. Of course the changes should be done in cooperation with the virtual memory manager by using its APIs and not changing the mappings directly, otherwise kernel memory management is likely to get very confused when its entries aren't in the locations it expected. There is nothing preventing user-mode applications from accessing memory belonging to other processes, except that the existing kernel code doesn't provide such access, except in very limited cases. For example, file mappings already DO use shared memory and give user-mode processes access to kernel-owned pages (owned by the disk cache). Note that the virtual address would still not match the physical address, and only kernel code can use physical addresses directly. So using this for things like DMA would be difficult. (I know of a kernel driver that does this for I/O ports -- giveio.sys, which is often used by hardware monitoring software. Not sure whether it can be used for memory page access or you'd need to find a different one/write your own. On linux, there is a widely-available kernel module that gives user code access to all memory, via the <code>/dev/kmem</code> device. Which is a good example that this doesn't necessarily break security, since <code>/dev/kmem</code> checks for superuser rights on the requesting process, and a Windows driver can do approximately the same.) The shortest way is undoubtedly to find an existing driver that exposes ioctls for this. At that point the user-mode application only needs to install and load a driver, then use its ioctls to map the pages you want into your process. User-mode APIs for managing drivers and devices (with admin rights of course) are well-documented.
Tags
Title
singulars
PostAcceptedAnswerId
1. This table or related slice is empty.
PostParentId
1. POWin32 Application with unlimited access to memory
 singulars
 PostTypePostTypeId
 PTQuestion
PostTypePostTypeId
1. PTAnswer
UserLastEditorUserId
1. USBen Voigt
UserOwnerUserId
1. USBen Voigt
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. This table or related slice is empty.
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 PO
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
CommentsPostId
1. This table or related slice is empty.

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.