请问在win98中进入Ring0后如何对32位绝对地址(0FFF80000H)所指存储器进行操作?

如题

应该将此地址值转换为VXD的FLAT地址，便可访问。
我在网上查的，具体如何实现，我尚没有代码。

我没有用VXD,我是修改IDT增加一个中断门安置我们的中断服务,可以在中断服务程序中对32位绝对地址(0FFF80000H)所指存储器进行操作吗?

有一个转换函数叫做Map_Flat(),应该是他吧。

我看不行，保护方式下直接操作的总是线性地址，没法直接对物理地址进行操作。楼上那位给的那个函数是进行物理地址和线性地址转换的么？

我的上面的观点，即可访问物理地址的观点，也许是错误的。请看：
　Memory allocated in a VxD is globally,and can be shared with applications.Memory that an application allocates may be in a process specific region of the memory map.In this case,the VxD cannot access that memory unless the current memory context is  that of the process.
　就是说我们在ｖｘｄ中访问内存的时候，还有重要的一点：就是要关注当前进程的上下文，不是吗？不慎了解，共同探讨。


[编辑 -  2/27/02 作者： guoj]

Map_Flat 函数显然不是进行物理地址和线性地址转换的. 而只是 32 位与 16 位的转换而已. 相似的还有 Map_Lin_To_VM_Addr . 不过 _MapPhysToLinear 不知是否可以?!

Map_Flat 函数
include vmm.inc

mov     ah, SegOffset    ; client register containing the segment
mov     al, OffOffset    ; client register containing the offset
VMMcall Map_Flat

cmp     eax, -1         ; -1 if error
je      error
mov     [LinAddr], eax  ; ring-0 linear address


Converts the address contained in the specified client registers to a linear address. The given address is either a selector:offset or segment:offset address, depending on the execution mode of the current virtual machine. Uses EAX, Flags.

Returns a ring-0 linear address in the EAX register if successful, 1 if the specified selector is invalid.

SegOffset

Offset of the client register containing the segment address or selector.

OffOffset

Offset of the client register containing the offset address. Can be ?1, in which case the offset address is zero.

The SegOffset and OffOffset parameters specify offsets, in bytes, relative to the beginning of the Client_Reg_Struc structure for the current virtual machine.
Before converting an address, Map_Flat checks the current execution mode and, for protected-mode applications, the bitness of the DPMI client. If the virtual machine is running a 32-bit protected mode application, it uses 32-bit address offsets. For V86 and 16-bit protected-mode applications, it uses 16-bit address offsets and ignores the high word if the OffOffset parameter specifies a 32-bit register.

The following example converts the address Client_DS:Client_DX and returns the linear address in EAX:

mov     ax, (Client_DS SHL 8) + Client_DX
VMMcall Map_Flat


It is typically more convenient to use the Client_Ptr_Flat macro instead.


_MapPhysToLinear 函数
include vmm.inc

VMMcall _MapPhysToLinear, <PhysAddr, nBytes, flags>

cmp     eax, 0FFFFFFFFh     ; 0FFFFFFFFh if not addressable
je      not_addressable
mov     [Address], eax      ; address of first byte


Returns the linear address of the first byte in the specified range of physical addresses. Uses EAX, ECX, EDX and Flags.

Returns the ring-0 linear address of the first byte of the physical region, if successful. The EAX register contains 0FFFFFFFFh if the specified range is not addressable.

PhysAddr

32-bit physical address of the start of the region to examine. Physical addresses start at 0, thus the address of physical page 0A0h is 0A0000h.

nBytes

Length of the physical region, in bytes. The service uses this parameter to verify that the entire range is addressable.

flags

Operation flags. Must be zero.

This service is intended to be used to examine device-specific physical memory. Virtual devices must not use this service for any other purpose.
Because physical addresses do not move, the linear address returned by this service remains valid until the system is shut down. Virtual devices should be careful not to use this service in a manner that wastes linear address space.
The following example returns a linear address for 64 kilobytes of memory starting at the physical page 0A0h:

VMMcall _MapPhysToLinear,<0A0000h,10000h,0>


Since physical memory is mapped contiguously, the linear address for page 0A1h is 4096 bytes beyond the return linear address. Note, however, that no information can be concluded about the linear addresses for physical pages 9Fh or 0B0h, because they lie outside the 64KB range requested. If a virtual device needs linear address aliases for those pages, it must call _MapPhysToLinear separately for those pages.

你说的是线性地址吧！！！
不会是物理地址吧!!!除非你是大富豪哈！！！
在RING0中你把段选择子改为0030H好了，哪是DATA段超级选择子
可以访问进程全局！！！只要你说0fff80000的在!!!

在Windows VxD与设备驱动程序权威指南中曾给出这样一个函数：
//function:把物理地址转为线性地址，用于获得一个指向固定物
//理地址的指针
void far *MapPhysToPtr(DWORD PhysBase,DWORD PhySize)
{
      WORD myDs,sel;
      WORD HiBase,LoBase;

      _asm mov myDs,ds
           sel=AllocSelector(myDs);
           SetSelectorLimit(sel,PhysSize);
      _asm
          {
           mov cx,PhysBase
           mov bx,PhysBase+2
           mov di,PhysSize
           mov si,PhysSize+2
           mov ax,0800H           //DPMI Map Phys
           int 31H
           mov HiBase,bx
           mov LoBase,cx
          }
         //用得到的线性地址设定选择子
         SetSelectorBase(sel,MAKELONG(LoBase,HiBase);
         return (MAKELP(sel,0);
    }
如果想访问大于64Kb的内存一定要用DPMI的选择子函数，而不要用windows的。老实讲DPMI这块也不是很明白，希望没理解错。

你说的是线性地址吧！！！
不会是物理地址吧!!!除非你是大富豪哈！！！
在RING0中你把段选择子改为0030H好了，哪是DATA段超级选择子
可以访问进程全局！！！只要你说0fff80000的在!!!
 

killhs 你所说的行吗?我把段选择子改为30h,好像不能正常工作
我是这样处理的

word DsData;

_asm
{
       //此时DS=ES
       mov DsData,DS  //改变选择子
       mov AX,0030H
       mov DS,AX
      
       //改处插入对0fff80000h操作程序

       mov AX,ES:DsData   //恢复选择子
       mov DS,AX
      
}
有何不妥吗?

可以读出某个选择子对应的描述符的内容吗,还有,有没有方法修改描述符?
如果以上都可以,我想我就可以对物理地址的0FFF80000H操作了,有没有人知道以上可不可以实现.