DPCs seem to be problematic especially on start up and on shut down. Sometimes the calling program will just crash (or another program might crash), this is usually due to memory management, i.e. cr3 load/store which isn't handled properly.
An alternative would be using exec_on_cpu (See here), there is only one issue with this, if this is called inside of an arbitary process context, we will get the CR3 of that process and use as the host cr3, and so obviously this is bad. This can be fixed using driver entry to get the kernel cr3 (or so), because DriverEntry is called from IopLoadDriver which is called inside some system thread.
asamy
commented
7 years ago
DPCs seem to be problematic especially on start up and on shut down. Sometimes the calling program will just crash (or another program might crash), this is usually due to memory management, i.e. cr3 load/store which isn't handled properly.
An alternative would be using
exec_on_cpu(See here), there is only one issue with this, if this is called inside of an arbitary process context, we will get the CR3 of that process and use as the host cr3, and so obviously this is bad. This can be fixed using driver entry to get the kernel cr3 (or so), because DriverEntry is called fromIopLoadDriverwhich is called inside some system thread.This is quite rare, but it still nice to fix.