How to write directly to frame buffer in Windows driver
I am writing a driver that can write data to a framebuffer directly so that I can show a secret message on the screen while applications in user space cannot receive it. Below is my code that tries to write a value to the framebuffer, but after I write the value to the framebuffer, the values obtained from the framebuffer are 0.
I'm puzzled, does anyone know the reason? Or does anyone know how to display a message on the screen while applications in user space cannot get the message content? Many thanks!
#define FRAME_BUFFER_PHYSICAL_ADDRESS 0xA0000
#define BUFFER_SIZE 0x20000
void showMessage()
{
int i;
int *vAddr;
PHYSICAL_ADDRESS pAddr;
pAddr.QuadPart = FRAME_BUFFER_PHYSICAL_ADDRESS;
vAddr = (int *)MmMapIoSpace(pAddr, BUFFER_SIZE, MmNonCached);
KdPrint(("Virtual address is %p", vAddr));
for(i = 0; i < BUFFER_SIZE / 4; i++)
{
vAddr[i] = 0x11223344;
}
for(i = 0; i < 0x80; i++)
{
KdPrint(("Value: %d", vAddr[i])); // output are all zero
}
MmUnmapIoSpace(vAddr, BUFFER_SIZE);
}
source to share
You must map shared memory during device startup. I am assuming showMessage
not being called during startup. More details here .
In terms of displaying a message on the screen, this should include user space interaction since the GUI is a user space component. I suppose you could notify the GUI listener without involving other applications.
source to share
The memory mapped to IO is not meant to act exactly the same as memory (retrieving data posted there in the same form it was stored in). Writing to the 0xA0000 + range is written to PORTS in the IO space of the video device (from its point of view); While the corresponding entries result in the corresponding pixels being highlighted, the video device has done its job from the point of view of people writing drivers for screen rendering (or old DOS code where memory was free for all non-user-space / kernel space). But such code never needed to store data that would later be retrieved from the video segment. So the typical memory semantics were generally not implemented (a waste of hardware and effort). Here, these randoms talk about it: Magic number with MmMapIoSpace
source to share