DevHelp VerifyAccess
This service is used to verify that the user process has the correct access rights for the memory that it passed to the physical device driver. If the process does not have the needed access rights to the memory, then it is terminated. If it does have the needed access rights, these rights are guaranteed to remain valid until the physical device driver exits its strategy routine.
Syntax
C
USHORT APIENTRY DevHelp_VerifyAccess( SEL MemSelector,
USHORT Length,
USHORT MemOffset,
UCHAR AccessFlag)
Assembler
MOV AX,Segment_@ ; Selector or segment
MOV CX,MemLength ; Length of memory area in bytes (0=64KB)
MOV DI,Mem_Offset ; Offset to memory area
MOV DH,TypeOfAccess ; Verify access for...
; 0 = read access
; 1 = read/write access
MOV DL,DevHlp_VerifyAccess
CALL [Device_Help]
Parameters
C
- MemSelector (SEL)
- Selector or segment
- Length (USHORT)
- Length of memory area in bytes (0-64KB)
- MemOffset (USHORT)
- Offset to memory area
- AccessFlag (UCHAR)
- Verify access - VERIFY_READONLY = 0
- VERIFY_READWRITE= 1
Assembler
MOV AX,Segment_@ ; Selector or segment
MOV CX,MemLength ; Length of memory area in bytes (0=64KB)
MOV DI,Mem_Offset ; Offset to memory area
MOV DH,TypeOfAccess ; Verify access for...
; 0 = read access
; 1 = read/write access
Return Code
C
Success Indicator: 0 if access is verified.
Possible errors: Access attempt failed.
Assembler
'C' Clear if successful.
Access is verified.
'C' Set if error (if the access attempt failed).
Remarks
A physical device driver can receive addresses to memory as part of a generic IOCtl request from a process. Because the operating system cannot verify addresses imbedded in the IOCtl command, the physical device driver must request verification in order to prevent itself from accidentally erasing memory on behalf of a user process. If the verification test fails, then VerifyAccess terminates the process.
After the physical device driver verifies that the process has the needed access rights to the addresses of interest, it does not need to repeat the verification until it yields the CPU. When the device driver yields the CPU, all address access verifications it has done become unreliable, except for segments that have been locked. The physical device driver could yield the CPU by accessing a not-present-segment exiting its strategy routine, or by calling a DevHlp service that yields while performing the service.
If the physical device driver plans to lock the segment into memory (by using the DevHlp_Lock), it should perform the lock before the call to VerifyAccess. If the selector is invalid, the DevHlp_Lock returns an error. The physical device driver can then call VerifyAccess. VerifyAccess terminates the process if the address lacks sufficient access permission for the requested I/O operation.
Note: If the physical device driver successfully calls the DevHlp_Lock before calling VerifyAccess, and the VerifyAccess call terminates the application, the physical device driver must unlock the segment (using the DevHlp_Unlock) before returning.
Example Code
C
#include "dhcalls.h"
USHORT APIENTRY DevHelp_VerifyAccess( SEL MemSelector,
USHORT Length,
USHORT MemOffset,
UCHAR AccessFlag)