vmcall
awesome, but how to ensure that the virtual address will not be used by the system ?
I'm trying to insert the address into the nonpagedpool list, could you give me some advice ?
I felt bad looking back at that response, so here is the bits if you still care: Thankfully, we can automate this process by calling MmIsAddressValid and printing any invalid target // regarding finding if the address are used When page table entry translation is done, we need to manually piece together a valid page table entry so the processor does not page fault when control flow is forced to that memory region. This can be done properly, by utilizing the page frame database, making sure that the windows operating system actually knows that this memory page is being used and thus not up for grabs or by simply manipulating the page table entry, causing a giant race condition as we are about to showcase ;-). // in regards to not having bugchecks when they try allocating allocated memory