Здравствуйте Alex Fedotov, Вы писали:

AF>Здравствуйте Байдануца Иван Васильевич, Вы писали:

БИВ>>Можно ли обратиться из win32 программы к _физическому_ адресу?
БИВ>>Если да, то посоветуйте какие функции почитать.

AF>Из Win32 программы — нельзя.

Famous Gary Nebbett helps:

source: http://groups.google.com/groups?selm=01bdc5f2%24e2ec33d0%241eadf6a8%40caopi2&oe=utf-8


From: Gary Nebbett (gary.nebbett@cp.novartis.com)
Subject: How to read physical memory from user mode — sample code
Newsgroups: comp.os.ms-windows.programmer.nt.kernel-mode, comp.os.ms-windows.programmer.win32, microsoft.public.win32.programmer.kernel

Hello,

The following short program demonstrates, using only documented functions,
how to read physical memory from user mode under Windows NT.

Also demonstrated is a technique for including both windows.h and ntddk.h
in one file with the minimum number of name collisions.

The protection on the PhysicalMemory section allows BUILTIN\Administrators
read access and SYSTEM read/write access.

Gary Nebbett

#define WIN32_NO_STATUS
#include <windows.h>

#undef MAKELANGID
#undef PRIMARYLANGID
#undef SUBLANGID
#undef MAKELCID
#undef LANGIDFROMLCID
#undef SORTIDFROMLCID
#undef UInt32x32To64
#undef WIN32_NO_STATUS

namespace NT {
    extern "C" {
        #include <ntddk.h>
    }
}

using NT::NTSTATUS;

#include <assert.h>

int main()
{
    HANDLE hSect;

    WCHAR s[] = L"\\Device\\PhysicalMemory";

    NT::UNICODE_STRING name = {sizeof s - sizeof (WCHAR), sizeof s, s};

    NT::OBJECT_ATTRIBUTES oa = {sizeof oa, 0, &name, OBJ_CASE_INSENSITIVE, 0, 0};

    NTSTATUS rv = NT::ZwOpenSection(&hSect, SECTION_MAP_READ, &oa);
    assert(rv == STATUS_SUCCESS);

    PVOID p = MapViewOfFile(hSect, FILE_MAP_READ, 0, 0, 0x400);
    assert(p != 0);

    return 0;
}