Presentation on theme: "WDM What is WDM? What are Device Objects and Device Stacks? Something about Kernel-Mode Driver Components."— Presentation transcript:
WDM What is WDM? What are Device Objects and Device Stacks? Something about Kernel-Mode Driver Components
Contents Windows Types Design goal Windows Driver Model What is WDM? Types Device Objects and Device Stacks What is Device Object? Device Object Type Creating Device Object Named device object NT device name Device extension Properties Device access Driver Components Standard Driver Routine Driver Object Driver Object Entry Point Dispatch Routine Unload routine
Types of Windows Drivers Highest-level drivers alwa ys depend on support fro m underlying lower-level drivers Intermediate drivers depe nd on support from underl ying lower-level drivers. –Function/filter driver Lowest-level drivers control an I/O bus to which peripheral devices are connected.
Design Goal for Drivers Portable Configurable Always pre-emptible and always interruptible Multiprocessor-safe Object-based Packet-driven I/O with reusable IRPs Capable of supporting asynchronous I/O
WDM Bus Driver –Enumerate the device on its bus –Respond to Plug and Play IRPs and power management IRPs –Multiplex access to the bus –Generically administer the devices on its bus Filter Driver –Add value to or modify the behavior of a device –Optional Function Driver –Handles reads and writes to the device and manage device power policy
WDM Driver Layer Example
Device Object device objectOS represents devices by device object One or more device object are associated with each device (n:1) Software-only driver still must a device object to represent the target of its operations System passes an IRP data structure to the driver for the top device object in the device stack
Types of Device Object Physical Device Object –Represents a device on a bus to a bus driver Function Device Object –Represents a device to a function driver Filter Device Object –Represents a device to a filter driver DEVICE_OBJECTEach device objects are all of the type DEVICE_OBJECT, but are used differently and can have different device extensions
Creating a Device Object Device Extension is a system- allocated storage area that the driver can use for device-specific storage Device Type represented by the device object Characteristic indicate the device characteristics for the device Exclusive indicate the driver services an exclusive device –WDM drivers must set FALSE Driver Object point to their driver object in their DriverEntry routine Device Name is an optional pointer to a null-terminated Unicode String –Only with non-WDM/Bus drivers
Named Device Objects Device object can be named or unnamed., I/O. (Communication between driver and app) WDM drivers do not in general require MS-DOS device name but interface
NT Device Name NT device name \Device\DeviceName. WDM Driver –Bus driver specifies the FILE_AUTOGENERATED_DEVICE_NAME device characteristic when it creates device object. –FDO, Filter DO are not named. Non-WDM Driver –Must explicitly specify a name. If not, cant accessible from user mode
Device Extensions Driver-defined structure. Maintain device state information Provide storage for any kernel- defined objects or other system resources used by the driver Hold any data the driver must have resident and in system space to carry out its I/O operations ex
Device Object properties Type –Ntddk.h/wdm.h define Characteristics – 1. –FILE_DEVICE_SECURE_OPEN In the Registry –WDM: can be set each device or a whole device setup class –Non-WDM: can be set for a named device objects device setup class
Controlling Device Access Can be specified when the device object is created, or set in the registry WDM: when create device object, PnP manager determines a security descriptor for the device –Set by Registry VS default security descriptor WDM(Bus Driver): –Must provide security descriptor for PDO opened in raw mode. Non-WDM: –Must specify default security descriptor and class GUID for named device object.
Standard Driver Routines Required –DriverEntry: initialize the driver and driver its object –AddDevice: initialize devices and creates device objects –Dispatch Routine: receive and process IRPs –Unload: release system resources acquired by driver Optional –Reinitialize: DriverEntry, –StartIo: start I/O on a physical device –Interrupt Service Routine: save device state when interrupted –SynchCritSection: synchronizes access to driver data –IoCompletion: completes drivers processing of an IRP –Cancel: cancel drivers processing of an IRP –... And more...
Standard driver routine required Must have DriverEntry which initialize driver- wide data structures and resources. Must have at least one dispatch routine WDM driver must have an Unload routine. WDM driver must have AddDevice routine. Can have StartIo routine standard routine.
Driver Object I/O manager creates a driver object for each driver Driver object contains storage for entry points to many of a drivers standard routines. DriverEntry routine supplies the address of the drivers driver object
Entry Points in Driver Objects AddDevice routine at DriverObject- >DriverExtension->AddDevice If driver manages its own queue of IRPs, specify StartIo routine Can be loaded/replaced dynamically, specify Unload routine ex
Required Dispatch Routines DispatchPnP: IRP_MJ_PNP –Request PnP device recognition, hardware configuration, resource allocation DispatchPower: IRP_MJ_ROUTINE –Request pertaining to the power state of either their device or the system DispatchCreate: IRP_MJ_CREATE DispatchClose: IRP_MJ_CLOSE –Last handle of the file object that was associated the target device object has been closed and released. DispatchRead: IRP_MJ_READ –Transfer data from the underlying physical device to the system. DispatchWrite: IRP_MJ_WRITE –Transfer data from the system to the underlying physical device DispatchDeviceControl: IRP_MJ_DEVICE_CONTROL DispatchInternalDeviceControl: IRP_MJ_INTERNAL_DEVICE_CONTROL DispatchSystemControl: IRP_MJ_SYSTEM_CONTROL –Used to specify WMI requests to drivers ex
Unload routine environment PnP manager calls Unload routine if driver has no more device objects after driver handles an IRP_MN_REMOVE_DEVICE request Start of unloading sequence, driver object and its device objects as unload pending. While unload pending, no additional driver attach and no IRPs to the driver
Unload Routine PnP Driver: –In general, unloading process is a synchronous –If driver allocated driver-wide resources, it must de- allocate in Unload routine unless it has already done so. Non-PnP Driver: –Must release resources, delete device objects, and detach from the device stack in Unload routine. If not, ISR might be calld to handle a device interrupt while the Unload routine is releasing resources. –After disabling interrupt, file system/legacy driver release resources and objects.