Hi,
Your question is unclear. You need to specify who allocated the buffer... usermode or kernelmode? Also you need to clarify which ring is reading the buffer... usermode or kernelmode.
I think you may be looking for the
MmIsAddressValid function[
^].
If the buffer you are passing to kernelmode has come from a usermode application you may need to call the
ProbeForRead function[
^] to validate read access to buffers that are allocated in user space.
Best Wishes,
-David Delaune