第1页 / 共1279页
第2页 / 共1279页
第3页 / 共1279页
第4页 / 共1279页
第5页 / 共1279页
第6页 / 共1279页
第7页 / 共1279页
第8页 / 共1279页
Kernel-Mode Driver Architecture Design Guide.pdf
Cover Page
Kernel-Mode Driver Architecture Design Guide
Introduction to Windows Drivers
Overview of Windows Components
Types of Windows Drivers
Design Goals for Kernel-Mode Drivers
Portable
Configurable
Always Preemptible and Always Interruptible
Multiprocessor-Safe
Object-Based
Packet-Driven I/O with Reusable IRPs
Supporting Asynchronous I/O
Sample Kernel-Mode Drivers
Kernel-Mode Managers and Libraries
Windows Kernel-Mode Object Manager
Windows Kernel-Mode Memory Manager
Windows Kernel-Mode Process and Thread Manager
Windows Kernel-Mode I/O Manager
Windows Kernel-Mode Plug and Play Manager
Windows Kernel-Mode Power Manager
Windows Kernel-Mode Configuration Manager
Windows Kernel-Mode Kernel Transaction Manager
Windows Kernel-Mode Security Reference Monitor
Windows Kernel-Mode Kernel Library
Windows Kernel-Mode Executive Support Library
Windows Kernel-Mode Run-Time Library
Windows Kernel-Mode Safe String Library
Windows Kernel-Mode DMA Library
Windows Kernel-Mode HAL Library
Windows Kernel-Mode CLFS Library
Windows Kernel-Mode WMI Library
Writing WDM Drivers
Windows Driver Model (WDM)
Introduction to WDM
Types of WDM Drivers
Bus Drivers
Function Drivers
Filter Drivers
WDM Driver Layers: An Example
Device Configurations and Layered Drivers
Sample Device and Driver Configuration
Points to Consider When Adding Drivers
WDM Versions
Determining the WDM Version
Differences in WDM Versions
Kernel-Mode Driver Components
Introduction to Standard Driver Routines
Standard Driver Routine Requirements
Introduction to Driver Objects
Driver Entry Points in Driver Objects
Other Standard Driver Routines
Writing a DriverEntry Routine
DriverEntry's Required Responsibilities
DriverEntry's Optional Responsibilities
DriverEntry Return Values
Writing a Reinitialize Routine
Writing an AddDevice Routine
AddDevice Routines in Function or Filter Drivers
AddDevice Routines in Bus Drivers
Guidelines for Writing AddDevice Routines
Writing Dispatch Routines
Dispatch Routine Functionality
Required Dispatch Routines
Optional Dispatch Routines
Dispatch Routines and IRQLs
When to Check the Driver's I/O Stack Location
DispatchCreate, DispatchClose, and DispatchCreateClose Routines
Separate DispatchCreate and DispatchClose Routines
A Single DispatchCreateClose Routine
Rules for Implementing DispatchCreate, DispatchClose, and DispatchCreateClose Routines
DispatchCleanup Routines
DispatchRead, DispatchWrite, and DispatchReadWrite Routines
Handling Transfers Asynchronously
DispatchReadWrite Using Buffered I/O
DispatchReadWrite Using Direct I/O
DispatchReadWrite in Higher-Level Drivers
Summary of Read/Write Dispatch Routines
DispatchDeviceControl and DispatchInternalDeviceControl Routines
DispatchDeviceControl in Lowest-Level Drivers
DispatchDeviceControl in Higher-Level Drivers
Dispatch(Internal)DeviceControl in Class/Port Drivers
Guidelines for Writing Dispatch(Internal)DeviceControl Routines
DispatchPnP Routines
DispatchPower Routines
DispatchQueryInformation Routines
DispatchSetInformation Routines
DispatchFlushBuffers Routines
DispatchShutdown Routines
DispatchSystemControl Routines
Writing an Unload Routine
Unload Routine Environment
Unload Routine Functionality
PnP Driver's Unload Routine
Non-PnP Driver's Unload Routine
Releasing Driver-Allocated Resources
Releasing Device and Controller Objects
Device Objects and Device Stacks
Introduction to Device Objects
WDM Device Objects and Device Stacks
Types of WDM Device Objects
Example WDM Device Objects
When Are WDM Device Objects Created?
Example WDM Device Stack
Creating a Device Object
Initializing a Device Object
Named Device Objects
NT Device Names
MS-DOS Device Names
Introduction to MS-DOS Device Names
Local and Global MS-DOS Device Names
Device Extensions
Properties of Device Objects
Specifying Device Types
Specifying Device Characteristics
Specifying Exclusive Access to Device Objects
Setting Device Object Properties in the Registry
Setting Device Object Registry Properties During Installation
Setting Device Object Registry Properties After Installation
Securing Device Objects
Controlling Device Access
Controlling Device Namespace Access
SDDL for Device Objects
Points to Consider About Device Objects
Managing Kernel Objects
Object Names
Object Directories
Life Cycle of an Object
Object Handles
Object Security
Access Rights
Security Descriptors
Privileges
Memory Management for Windows Drivers
Overview of Windows Memory Space
Allocating System-Space Memory
Map Registers
Mapping Bus-Relative Addresses to Virtual Addresses
Using the Kernel Stack
Using Lookaside Lists
Making Drivers Pageable
When Should Code and Data Be Pageable?
Making Driver Code or Data Pageable
Detecting Code That Can Be Pageable
Isolating Pageable Code
Locking Pageable Code or Data
Paging an Entire Driver
Accessing Read-Only System Memory
Accessing User-Space Memory
No-Execute (NX) Nonpaged Pool
NX and Execute Pool Types
NX Pool Compatibility Issues
NX Pool Opt-In Mechanisms
Single Binary Opt-In: POOL_NX_OPTIN
Multiple Binary Opt-In: POOL_NX_OPTIN_AUTO
Selective Opt-Out: POOL_NX_OPTOUT
Section Objects and Views
File-Backed and Page-File-Backed Sections
Managing Memory Sections
Security Issues for Section Objects and Views
Using MDLs
Managing Input/Output for Drivers
Handling IRPs
Overview of the Windows I/O Model
End-User I/O Requests and File Objects
The Life of an I/O Request
Example I/O Request - An Overview
Example I/O Request - The Details
Driver Thread Context
Points to Consider about User I/O Requests
IRP Major Function Codes
IRP_MJ_CLEANUP
IRP_MJ_CLOSE
IRP_MJ_CREATE
IRP_MJ_DEVICE_CONTROL
IRP_MJ_FILE_SYSTEM_CONTROL
IRP_MJ_FLUSH_BUFFERS
IRP_MJ_INTERNAL_DEVICE_CONTROL
IRP_MJ_PNP
IRP_MJ_POWER
IRP_MJ_QUERY_INFORMATION
IRP_MJ_READ
IRP_MJ_SET_INFORMATION
IRP_MJ_SHUTDOWN
IRP_MJ_SYSTEM_CONTROL
IRP_MJ_WRITE
I/O Stack Locations
I/O Status Blocks
Passing IRPs down the Driver Stack
Creating IRPs for Lower-Level Drivers
Queuing and Dequeuing IRPs
Writing a StartIo Routine
StartIo Routines in Lowest-Level Drivers
StartIo Routines in Higher-Level Drivers
Points to Consider For StartIo Routines
Driver-Managed IRP Queues
Setting Up and Using Device Queues
Managing Device Queues
Setting Up and Using Interlocked Queues
Managing Interlocked Queues with a Driver-Created Thread
Cancel-Safe IRP Queues
Completing IRPs
When to Complete an IRP
Completing IRPs in Dispatch Routines
How to Complete an IRP in a Dispatch Routine
When to Complete an IRP in a Dispatch Routine
Using IoCompletion Routines
Registering an IoCompletion Routine
Implementing an IoCompletion Routine
Canceling IRPs
Introduction to Cancel Routines
Registering a Cancel Routine
Points to Consider When Canceling IRPs
Synchronizing IRP Cancellation
Using the System's Cancel Spin Lock
Synchronizing Cancellation in Driver Routines that Process IRPs
Synchronizing Cancellation in Higher-Level Drivers without Cancel Routines
Using a Driver-Supplied Spin Lock
Implementing a Cancel Routine
Cancel Routines in Drivers with StartIo Routines
Cancel Routines in Drivers without StartIo Routines
Reusing IRPs
Device Type-Specific I/O Requests
Using I/O Control Codes
Introduction to I/O Control Codes
Creating IOCTL Requests in Drivers
Defining I/O Control Codes
Buffer Descriptions for I/O Control Codes
Security Issues for I/O Control Codes
Using IRP Priority Hints
IRP Processing Examples
Processing IRPs in a Lowest-Level Driver
Processing IRPs in an Intermediate-Level Driver
Different ways of handling IRPs - Cheat sheet
I/O Programming Techniques
General I/O Programming Techniques
Synchronous I/O Programming
Asynchronous I/O Programming
Restricting Waits in Vista
Avoid Polling Devices
Maintaining Cache Coherency
Methods for Accessing Data Buffers
Using Buffered I/O
Using Direct I/O
Using Direct I/O with DMA
Using Direct I/O with PIO
Using Neither Buffered Nor Direct I/O
DMA Programming Techniques
Flushing Cached Data during DMA Operations
Splitting DMA Transfer Requests
Adapter Objects and DMA
Introduction to Adapter Objects
Getting an Adapter Object
Using Scatter/Gather DMA
Writing AdapterControl Routines
Storage Requirements for AdapterControl Routines
Setting Up AdapterControl Routines
AdapterControl Routine Requirements
Using System DMA
Using Packet-Based System DMA
Allocating an Adapter Channel for Packet-Based DMA
Setting Up the System DMA Controller for Packet-Based DMA
Using Common-Buffer System DMA
Allocating an Adapter Channel for Common-Buffer System DMA
Setting Up the System DMA Controller for Common-Buffer DMA
Using Bus-Master DMA
Using Packet-Based Bus-Master DMA
Allocating the Bus-Master Adapter Object
Setting Up a Transfer Operation
Using Common-Buffer Bus-Master DMA
Version 3 of the DMA Operations Interface
Basic Calling Pattern for Version-3 DMA Routines
Using the MapTransferEx Routine
PIO Techniques
Flushing Cached Data during PIO Operations
Legacy I/O Programming
Accessing Device Configuration Space
Obtaining Device Configuration Information at IRQL = PASSIVE_LEVEL
Obtaining Device Configuration Information at IRQL = DISPATCH_LEVEL
Obtaining Configuration Information from Other Driver Stacks
Using Controller Objects
Introduction to Controller Objects
Creating Controller Objects and Controller Extensions
Allocating Controller Objects for I/O Operations
Writing ControllerControl Routines
Storage Requirements for ControllerControl Routines
Setting Up ControllerControl Routines
ControllerControl Routine Requirements
Servicing Interrupts
Interrupt Service Routines
Introduction to Interrupt Service Routines
Removing an ISR
Making an ISR Active or Inactive
Interrupt Affinity
Providing ISR Context Information
Writing an ISR
Synchronizing Access to Device Data
Using Message-Signaled Interrupts
Introduction to Message-Signaled Interrupts
Enabling Message-Signaled Interrupts in the Registry
Using Interrupt Resource Descriptors
Dynamically Configuring MSI-X
Registering an ISR
Using the CONNECT_LINE_BASED Version of IoConnectInterruptEx
Using the CONNECT_MESSAGE_BASED Version of IoConnectInterruptEx
Using the CONNECT_FULLY_SPECIFIED Version of IoConnectInterruptEx
Using Passive-Level Interrupt Service Routines
Using IoConnectInterruptEx Prior to Windows Vista
DPC Objects and DPCs
Introduction to DPC Objects
Introduction to DPCs
Which Type of DPC Should You Use?
Registering and Queuing a DpcForIsr Routine
Registering and Queuing a CustomDpc Routine
Handling Overlapped I/O Operations
Writing DPC Routines
Guidelines for Writing DPC Routines
Organization of DPC Queues
Threaded DPCs
Introduction to Threaded DPCs
Synchronization and Threaded DPCs
Converting an Ordinary DPC to a Threaded DPC
Using Critical Sections
Introduction to SynchCritSection Routines
Writing SynchCritSection Routines
Programming a Device for an I/O Operation
Accessing Shared State Information
Managing Hardware Priorities
Implementing Plug and Play
Introduction to Plug and Play
PnP Components
Levels of Support for PnP
PnP Driver Design Guidelines
Device Tree
Hardware Resources
State Transitions for PnP Devices
Adding a PnP Device to a Running System
Plug and Play Minor IRPs
IRP_MN_CANCEL_REMOVE_DEVICE
IRP_MN_CANCEL_STOP_DEVICE
IRP_MN_DEVICE_ENUMERATED
IRP_MN_DEVICE_USAGE_NOTIFICATION
IRP_MN_EJECT
IRP_MN_FILTER_RESOURCE_REQUIREMENTS
IRP_MN_QUERY_BUS_INFORMATION
IRP_MN_QUERY_CAPABILITIES
IRP_MN_QUERY_DEVICE_RELATIONS
IRP_MN_QUERY_DEVICE_TEXT
IRP_MN_QUERY_ID
IRP_MN_QUERY_INTERFACE
IRP_MN_QUERY_LEGACY_BUS_INFORMATION
IRP_MN_QUERY_PNP_DEVICE_STATE
IRP_MN_QUERY_REMOVE_DEVICE
IRP_MN_QUERY_RESOURCE_REQUIREMENTS
IRP_MN_QUERY_RESOURCES
IRP_MN_QUERY_STOP_DEVICE
IRP_MN_READ_CONFIG
IRP_MN_REMOVE_DEVICE
IRP_MN_SET_LOCK
IRP_MN_START_DEVICE
IRP_MN_STOP_DEVICE
IRP_MN_SURPRISE_REMOVAL
IRP_MN_WRITE_CONFIG
Passing PnP IRPs Down the Device Stack
Postponing PnP IRP Processing Until Lower Drivers Finish
Starting a Device
Starting a Device in a Function Driver
Starting a Device in a Filter Driver
Starting a Device in a Bus Driver
Design Guidelines for Starting Devices
Stopping a Device
Stopping a Device to Rebalance Resources
Stopping a Device to Disable It (Windows 98/Me)
Stopping a Device after a Failed Start (Windows 98/Me)
Handling Stop IRPs (Windows 2000 and Later)
Handling an IPR_MN_QUERY_STOP_DEVICE Request (Windows 2000 and later)
Handling an IRP_MN_STOP_DEVICE Request (Windows 2000 and later)
Handling an IRP_MN_CANCEL_STOP_DEVICE Request (Windows 2000 and later)
Holding Incoming IRPs When A Device Is Paused
Handling Stop IRPs (Windows 98/Me)
Handling an IRP_MN_QUERY_STOP_DEVICE Request (Windows 98/Me)
Handling an IRP_MN_STOP_DEVICE Request (Windows 98/Me)
Handling an IRP_MN_CANCEL_STOP_DEVICE Request (Windows 98/Me)
Resetting and recovering a device
Removing a Device
Understanding When Remove IRPs Are Issued
Handling an IRP_MN_QUERY_REMOVE_DEVICE Request
Handling an IRP_MN_REMOVE_DEVICE Request
Removing a Device in a Function Driver
Removing a Device in a Filter Driver
Removing a Device in a Bus Driver
Handling an IRP_MN_CANCEL_REMOVE_DEVICE Request
Handling an IRP_MN_SURPRISE_REMOVAL Request
Using Remove Locks
Using PnP Notification
PnP Notification Overview
Guidelines for Writing PnP Notification Callback Routines
Using PnP Device Interface Change Notification
Registering for Device Interface Change Notification
Handling Device Interface Change Events
Using PnP Target Device Change Notification
Registering for Target Device Change Notification
Handling a GUID_TARGET_DEVICE_QUERY_REMOVE Event
Handling a GUID_TARGET_DEVICE_REMOVE_COMPLETE Event
Handling a GUID_TARGET_DEVICE_REMOVE_CANCELLED Event
Using PnP Hardware Profile Change Notification
Registering for Hardware Profile Change Notification
Handling Hardware Profile Change Events
Using PnP Custom Notification
Power Management for Windows Drivers
Introduction to Power Management
Industry Initiatives for Power Management
Support for Power Management
System-Wide Overview of Power Management
Power States
Kernel-Mode Power Management Components
ACPI BIOS
Acpi.sys: The Windows ACPI Driver
Power Manager
Driver Role in Power Management
Power Management Responsibilities for Drivers
Reporting Device Power Capabilities
DeviceD1 and DeviceD2
WakeFromD0, WakeFromD1, WakeFromD2, and WakeFromD3
DeviceState
SystemWake
DeviceWake
D1Latency, D2Latency, and D3Latency
Setting Device Object Flags for Power Management
Handling Power IRPs
Power IRPs for the System
Power IRPs for Individual Devices
Power Management Minor IRPs
IRP_MN_POWER_SEQUENCE
IRP_MN_QUERY_POWER
IRP_MN_SET_POWER
IRP_MN_WAIT_WAKE
Powering Up a Device
Powering Down a Device
Enabling Device Wake-Up
Managing Device Performance States
Distinguishing Fast Startup from Wake-from-Hibernation
Rules for Handling Power IRPs
Calling IoCallDriver vs. Calling PoCallDriver
Calling PoStartNextPowerIrp
Calling PoStartNextPowerIrp from a Filter Driver
Calling PoStartNextPowerIrp from a Device Power Policy Owner
Calling PoStartNextPowerIrp from a Bus Driver
Passing Power IRPs
Queuing I/O Requests While a Device Is Sleeping
Handling Unsupported or Unrecognized Power IRPs
Calling ExSetTimerResolution While Processing a Power IRP
Managing Power for Individual Devices
Device Power States
Device Working State D0
Device Low-Power States
Required Support for Device Power States
Managing Device Power Policy
Handling IRP_MN_SET_POWER for Device Power States
Handling Device Power-Down IRPs
Handling Device Power-Up IRPs
IoCompletion Routines for Device Power IRPs
Handling IRP_MN_QUERY_POWER for Device Power States
Sending IRP_MN_QUERY_POWER or IRP_MN_SET_POWER for Device Power States
Detecting an Idle Device
Using Power Manager Routines for Idle Detection
Performing Device-Specific Idle Detection
Supporting D3cold in a Driver
Enabling Transitions to D3cold
D3cold Capabilities of a Device
Using the GUID_D3COLD_SUPPORT_INTERFACE Driver Interface
Surprise Wake-Up
Handling System Power State Requests
System Power States
System Working State S0
System Sleeping States
System Shutdown State S5
System Power Actions
System Power Policy
Preventing System Power State Changes
Handling IRP_MN_QUERY_POWER for System Power States
Handling a System Query-Power IRP in a Device Power Policy Owner
Handling a System Query-Power IRP in a Filter or Function Driver
Failing a System Query-Power IRP in a Filter or Function Driver
Handling a System Query-Power IRP in a Bus Driver
Handling IRP_MN_SET_POWER for System Power States
Handling a System Set-Power IRP in a Device Power Policy Owner
Determining the Correct Device Power State
Sending a Device Set-Power IRP in Response to a System Set-Power IRP
Handling a System Set-Power IRP in a Bus Driver
Handling a System Set-Power IRP in a Filter Driver
Overview of the Power Management Framework
Component-Level Power Management
Component-Level Performance State Management
Platform Extension Plug-ins (PEPs)
Using PEPs for ACPI services
Platform Performance Thresholds
Supporting Devices that Have Wake-Up Capabilities
Overview of Wait/Wake Operation
Determining Whether a Device Can Wake the System
Understanding the Path of Wait/Wake IRPs through a Device Tree
Overview of Wait/Wake IRP Completion
Receiving a Wait/Wake IRP
Handling a Wait/Wake IRP in a Function (FDO) or Filter Driver (Filter DO)
Handling a Wait/Wake IRP in a Bus Driver (PDO)
IoCompletion Routines for Wait/Wake IRPs
Sending a Wait/Wake IRP
Determining When to Send a Wait/Wake IRP
Wait/Wake IRP Requests
Wait/Wake Callback Routines
Canceling a Wait/Wake IRP
Improving System Startup Performance
Sharing Processor Resources During Startup from a Low-Power State
Fast Startup from a Low-Power State
Device-Level Thermal Management
Passive and Active Cooling Modes
Global thermal management
Implementing WMI
Introduction to WMI
WMI Architecture
WMI Requirements for WDM Drivers
MOF Syntax for WMI Data and Event Blocks
WMI Class Qualifiers
WMI Class Names and Base Classes
Required Items in WMI Classes
WMI Property Qualifiers
Driver-Defined WMI Data Items
WMI Class Examples
Designing WMI Data and Event Blocks
Supporting Standard WMI Blocks
Implementing Custom WMI Blocks
Defining WMI Instance Names
Publishing a WMI Schema
Compiling a Driver's MOF File
Setting the MofImagePath Registry Value
Implementing Dynamic MOF Data
Localizing MOF Files
Creating the Localized MOF File
Building and Deploying the Localized MOF File
Registering as a WMI Data Provider
Using the WMI Library to Register Blocks
Handling IRP_MN_REGINFO and IRP_MN_REGINFO_EX to Register Blocks
WMI Registration Flags
Updating WMI Registration Information
Handling WMI Requests
WMI Minor IRPs
IRP_MN_CHANGE_SINGLE_INSTANCE
IRP_MN_CHANGE_SINGLE_ITEM
IRP_MN_DISABLE_COLLECTION
IRP_MN_DISABLE_EVENTS
IRP_MN_ENABLE_COLLECTION
IRP_MN_ENABLE_EVENTS
IRP_MN_EXECUTE_METHOD
IRP_MN_QUERY_ALL_DATA
IRP_MN_QUERY_SINGLE_INSTANCE
IRP_MN_REGINFO
IRP_MN_REGINFO_EX
Calling WmiSystemControl to Handle WMI IRPs
Processing WMI IRPs in a DispatchSystemControl Routine
WMI WNODE_XXX Structures
Sending WMI Events
Sending an Event with WmiFireEvent
Sending an Event with IoWMIWriteEvent
Using Custom WMI Events
WMI Property Sheets
WMI Generic Property Page Provider
WMI and the Power Management Tab
Using Wmimofck.exe
WMI Event Tracing
Testing and Troubleshooting WMI Driver Support
General Techniques for Testing WMI Driver Support
Troubleshooting Specific WMI Problems
Driver Programming Techniques
Using Nt and Zw Versions of the Native System Services Routines
PreviousMode
Libraries and Headers
What Does the Zw Prefix Mean?
Specifying Access Rights
NtXxx Routines
Synchronization Techniques
Kernel Dispatcher Objects
Introduction to Kernel Dispatcher Objects
Timer Objects
KeXxxTimer Routines, KTIMER Objects, and DPCs
Using Timer Objects
Timer Accuracy
Registering and Queuing a CustomTimerDpc Routine
Providing CustomTimerDpc Context Information
Using a CustomTimerDpc Routine
ExXxxTimer Routines and EX_TIMER Objects
High-Resolution Timers
No-Wake Timers
Deleting a System-Allocated Timer Object
Event Objects
Defining and Using an Event Object
Standard Event Objects
Semaphore Objects
Mutex Objects
Introduction to Mutex Objects
Alternatives to Mutex Objects
Thread Objects
Introduction to Thread Objects
Thread Priorities
Device-Dedicated Threads
System Worker Threads
Waits and APCs
Callback Objects
Defining a Callback Object
Using a Driver-Defined Callback Object
Using a System-Defined Callback Object
Spin Locks
Introduction to Spin Locks
Providing Storage for Spin Locks and Protected Data
Initializing Spin Locks
Calling Support Routines That Use Spin Locks
Using Spin Locks: An Example
Preventing Errors and Deadlocks While Using Spin Locks
Queued Spin Locks
Reader/Writer Spin Locks
Fast Mutexes and Guarded Mutexes
ERESOURCE Structures
Introduction to ERESOURCE Routines
Additional Timers and Counters
IoTimer Routines
Registering and Enabling an IoTimer Routine
Providing IoTimer Context Information
Using an IoTimer Routine
Counters
Asynchronous Procedure Calls
Types of APCs
Disabling APCs
Critical Regions and Guarded Regions
Acquire and Release Semantics
Run-Down Protection
Using Common Log File System
Introduction to the Common Log File System
CLFS Terminology
CLFS Log Sequence Numbers
CLFS Marshalling Areas
Writing Data Records to a CLFS Stream
Writing Restart Records to a CLFS Stream
Reading Data Records from a CLFS Stream
Reading Restart Records from a CLFS Stream
CLFS Stable Storage
Dedicated CLFS Logs
Multiplexed CLFS Logs
CLFS Support for Archiving
Using Kernel Transaction Manager
Introduction to KTM
When to Use Kernel-Mode KTM
Transaction Processing Terms
Understanding TPS Components
Additional Transactional Interfaces
KTM Objects
Transaction Manager Objects
Resource Manager Objects
Transaction Objects
Enlistment Objects
Using KTM
Creating a Resource Manager
Creating a Transactional Client
Creating a Superior Transaction Manager
Handling Transaction Operations
Handling Commit Operations
Handling Rollback Operations
Handling Recovery Operations
Transaction Notifications
Using Log Streams with KTM
Using Virtual Clock Values
Using TmXxx Routines
Dynamic Hardware Partitioning Techniques
Introduction to Dynamic Hardware Partitioning
Dynamic Hardware Partitioning Architecture
Critical Issues for Device Drivers
Changes to the Number of Processors
Changes to the Amount of Physical Memory
Hot Replace of Partition Units
Driver Notification
Introduction to Driver Notification
Synchronous Driver Notification
Registering for Synchronous Driver Notification
Processing a Synchronous Driver Notification
Asynchronous Driver Notification
Registering for Asynchronous Driver Notification
Processing an Asynchronous Driver Notification
Application Notification
Introduction to Application Notification
Registering for Application Notification
Processing an Application Notification
Miscellaneous Driver Programming Techniques
NTSTATUS Values
Using NTSTATUS Values
Defining New NTSTATUS Values
Singly and Doubly Linked Lists
Handling Exceptions
Logging Errors
Writing to the System Event Log
Defining Custom Error Types
Registering as a Source of Error Messages
Writing a Bug Check Callback Routine
Using Safe String Functions
Summary of Kernel-Mode Safe String Functions
Importing Kernel-Mode Safe String Functions
Using Safe Integer Functions
Summary of Kernel-Mode Safe Integer Functions
Importing Kernel-Mode Safe Integer Functions
Determining Whether the Operating System Is Running in Safe Mode
Using GUIDs in Drivers
Defining and Exporting New GUIDs
Including GUIDs in Driver Code
Using Floating Point in a WDM Driver
Using Files In A Driver
Opening a Handle to a File
Using a File Handle
Using the Current File Position
Using the Registry in a Driver
Registry Key Object Routines
Opening a Handle to a Registry-Key Object
Using a Handle to a Registry-Key Object
Registry Run-Time Library Routines
Plug and Play Registry Routines
Supporting Removable Media
Responding to Check-Verify Requests from the File System
Notifying the File System of Possible Media Changes
Checking Flags in the Device Object
Setting up IRPs in Intermediate Drivers
Creating Export Drivers
Creating Reliable Kernel-Mode Drivers
Failure to Validate Device Objects
Failure to Validate Object Handles
Errors in a Multiprocessor Environment
Failure to Check a Driver's State
Errors in Buffered I/O
Failure to Check the Size of Buffers
Failure to Initialize Output Buffers
Failure to Validate Variable-Length Buffers
Errors in Direct I/O
Errors in Referencing User-Space Addresses
Errors in Handling Cleanup and Close Operations
Additional Errors in Handling IRPs
Hiding Devices from Device Manager
Filtering Registry Calls
Registering for Notifications
Handling Notifications
Supporting Layered Registry Filtering Drivers
Specifying Context Information
Obtaining Additional Registry Information
Invalid Key Object Pointers in Registry Notifications
Filtering Registry Operations on Application Hives
Object Reference Tracing with Tags
Programming Issues for 64-Bit Drivers
Porting Your Driver to 64-Bit Windows
What's Changed
The New Data Types
64-Bit Compiler
Performing DMA in 64-Bit Windows
Using extended processor features in Windows drivers
Porting Issues Checklist
Supporting 32-Bit I/O in Your 64-Bit Driver
Why Thunking Is Necessary
Which Data Types Need Thunking
How Drivers Identify 32-Bit Callers
Technique 1: Defining a 64Bit Field
Technique 2: Using IoIs32bitProcess
Extended Example: Defining a 64Bit Field
Extended Example: Using IoIs32bitProcess
Avoiding Misalignment of Fixed-Precision Data Types
Driver x64 Restrictions
Obsolete and Reserved Kernel Programming Interfaces
Windows kernel obsolete macros
Windows kernel obsolete routines
Windows kernel routines reserved for system use
Windows kernel run-time library obsolete routines
Kernel Macros, Global Variables, and Opaque Structures
Windows kernel global variables
Windows kernel macros
Windows kernel opaque structures
Table of Contents
Table of Contents
Kernel-Mode Driver Architecture Design Guide
Introduction to Windows Drivers
Overview of Windows Components
Types of Windows Drivers
Design Goals for Kernel-Mode Drivers
Sample Kernel-Mode Drivers
Kernel-Mode Managers and Libraries
Windows Kernel-Mode Object Manager
Windows Kernel-Mode Memory Manager
Windows Kernel-Mode Process and Thread Manager
Windows Kernel-Mode I/O Manager
Windows Kernel-Mode Plug and Play Manager
Windows Kernel-Mode Power Manager
Windows Kernel-Mode Configuration Manager
Windows Kernel-Mode Kernel Transaction Manager
Windows Kernel-Mode Security Reference Monitor
Windows Kernel-Mode Kernel Library
Windows Kernel-Mode Executive Support Library
Windows Kernel-Mode Run-Time Library
Windows Kernel-Mode Safe String Library
Windows Kernel-Mode DMA Library
Windows Kernel-Mode HAL Library
Windows Kernel-Mode CLFS Library
Windows Kernel-Mode WMI Library
Writing WDM Drivers
Windows Driver Model (WDM)
Kernel-Mode Driver Components
Device Objects and Device Stacks
Managing Kernel Objects
Memory Management for Windows Drivers
Managing Input/Output for Drivers
Implementing Plug and Play
Power Management for Windows Drivers
Implementing WMI
Driver Programming Techniques
Using Nt and Zw Versions of the Native System Services Routines
Synchronization Techniques
Using Common Log File System
Using Kernel Transaction Manager
Dynamic Hardware Partitioning Techniques
Miscellaneous Driver Programming Techniques
Kernel-Mode Driver Architecture Design Guide
6/19/2017 • 1 min to read • Edit Online
This section includes general concepts to help you understand kernel-mode programming and describes specific
techniques of kernel programming. This section is divided into four parts:
Introduction to Windows Drivers provides a general overview of Windows components, lists the types of
device drivers used in Windows, discusses the goals of Windows device drivers, and discusses generic
sample device drivers included in the kit.
Kernel-Mode Managers and Libraries lists the primary kernel-mode components of the Windows operating
system.
Writing WDM Drivers provides information needed to write drivers using the Windows Driver Model
(WDM).
Driver Programming Techniques describes techniques that you can use to program Windows kernel-mode
device drivers.
Note For information about programming interfaces that your driver can implement or call, see Kernel-
Mode Driver Reference.
Send comments about this topic to Microsoft
Introduction to Windows Drivers
6/19/2017 • 1 min to read • Edit Online
This section introduces design concepts for Microsoft Windows drivers. It contains the following topics:
Overview of Windows Components
Types of Windows Drivers
Design Goals for Kernel-Mode Drivers
Sample Kernel-Mode Drivers
Send comments about this topic to Microsoft
Overview of Windows Components
6/19/2017 • 1 min to read • Edit Online
The following figure shows the major internal components of the Windows operating system.
As the figure shows, the Windows operating system includes both user-mode and kernel-mode components. For
more information about Windows user and kernel modes, see User Mode and Kernel Mode.
Drivers call routines that are exported by various kernel components. For example, to create a device object, you
would call the IoCreateDevice routine which is exported by the I/O manager. For a list of kernel-mode routines
that drivers can call, see Driver Support Routines.
In addition, drivers must respond to specific calls from the operating system and can respond to other system calls.
For a list of kernel mode routines that drivers may need to support, see Standard Driver Routines.
Not all kernel-mode components are pictured in the figure above. For a list of kernel mode components, see
Kernel-Mode Managers and Libraries.
Send comments about this topic to Microsoft
Types of Windows Drivers
6/19/2017 • 2 min to read • Edit Online
There are two basic types of Microsoft Windows drivers:
User-mode drivers execute in user mode, and they typically provide an interface between a Win32
application and kernel-mode drivers or other operating system components.
For example, in Windows Vista, all printer drivers execute in user mode. For more information about printer
driver components, see Introduction to Printing.
Kernel-mode drivers execute in kernel mode as part of the executive, which consists of kernel-mode
operating system components that manage I/O, Plug and Play memory, processes and threads, security, and
so on. Kernel-mode drivers are typically layered. Generally, higher-level drivers typically receive data from
applications, filter the data, and pass it to a lower-level driver that supports device functionality.
Some kernel-mode drivers are also WDM drivers, which conform to the Windows Driver Model (WDM). All
WDM drivers support Plug and Play, and power management. WDM drivers are source-compatible (but not
binary-compatible) across Windows 98/Me and Windows 2000 and later operating systems.
Like the operating system itself, kernel-mode drivers are implemented as discrete, modular components
that have a well-defined set of required functionalities. All kernel-mode drivers supply a set of system-
defined standard driver routines.
The following figure divides kernel-mode drivers into several types.
As shown in the figure, there are three basic types of kernel-mode drivers in a driver stack: highest-level,
intermediate, and lowest-level. Each type differs only slightly in structure but greatly in functionality:
1. Highest-level drivers. Highest-level drivers include file system drivers (FSDs) that support file systems, such
as:
NTFS
File allocation table (FAT)
CD-ROM file system (CDFS)
Highest-level drivers always depend on support from underlying lower-level drivers, such as intermediate-
level function drivers and lowest-level hardware bus drivers.
2. Intermediate drivers, such as a virtual disk, mirror, or device-type-specific class driver. Intermediate drivers
depend on support from underlying lower-level drivers. Intermediate drivers are subdivided further as
follows:
Function drivers control specific peripheral devices on an I/O bus.
Filter drivers insert themselves above or below function drivers.
Software bus drivers present a set of child devices to which still higher-level class, function, or filter
drivers can attach themselves.
For example, a driver that controls a multifunction adapter with an on-board set of heterogeneous
devices is a software bus driver.
Any system-supplied class driver that exports a system-defined class/miniclass interface is, in effect,
an intermediate driver with one or more linked miniclass drivers (sometimes called minidrivers). Each
linked class/minidriver pair provides functionality that is equivalent to that of a function driver or a
software bus driver.
3. Lowest-level drivers control an I/O bus to which peripheral devices are connected. Lowest-level drivers do
not depend on lower-level drivers.
Hardware bus drivers are system-supplied and usually control dynamically configurable I/O buses.
Hardware bus drivers work with the Plug and Play manager to configure and reconfigure system
hardware resources, for all child devices that are connected to the I/O buses that the driver controls.
These hardware resources include mappings for device memory and interrupt requests (IRQs).
(Hardware bus drivers subsume some of the functionality that the HAL component provided in
releases of the Windows NT-based operating system earlier than Windows 2000.)
Legacy drivers that directly control a physical device are lowest-level drivers.
Send comments about this topic to Microsoft
Design Goals for Kernel-Mode Drivers
6/19/2017 • 1 min to read • Edit Online
Kernel-mode drivers share many of the design goals of the operating system, particularly those of the system I/O
manager. Kernel-mode drivers are designed to be:
Portable from one platform to another.
Configurable to various hardware and software platforms.
Always preemptible and always interruptible.
Multiprocessor-safe on multiprocessor platforms.
Object-based.
Packet-driven I/O with reusable IRPs.
Capable of supporting asynchronous I/O.
Send comments about this topic to Microsoft
相关推荐
2023年江西萍乡中考道德与法治真题及答案.doc
2012年重庆南川中考生物真题及答案.doc
2013年江西师范大学地理学综合及文艺理论基础考研真题.doc
2020年四川甘孜小升初语文真题及答案I卷.doc
2020年注册岩土工程师专业基础考试真题及答案.doc
2023-2024学年福建省厦门市九年级上学期数学月考试题及答案.doc
2021-2022学年辽宁省沈阳市大东区九年级上学期语文期末试题及答案.doc
2022-2023学年北京东城区初三第一学期物理期末试卷及答案.doc
2018上半年江西教师资格初中地理学科知识与教学能力真题及答案.doc
2012年河北国家公务员申论考试真题及答案-省级.doc
2020-2021学年江苏省扬州市江都区邵樊片九年级上学期数学第一次质量检测试题及答案.doc
2022下半年黑龙江教师资格证中学综合素质真题及答案.doc
