Filter Manager Support In User Mode

Slides:



Advertisements
Similar presentations
Filter Manager Overview
Advertisements

Florida State UniversityCOP Advanced Unix Programming Raw Sockets Datalink Access Chapters 25, 26.
WDM 드라이버의 기본 구조 What is WDM?
Filter Manager Rajeev Nagar Lead Program Manager Core File Services
Loading and Unloading Minifilters
© 2004 Microsoft Corporation. All rights reserved. 1 File Name Management.
Lesson 15 – INSTALL AND SET UP NETWARE 5.1. Understanding NetWare 5.1 Preparing for installation Installing NetWare 5.1 Configuring NetWare 5.1 client.
1 CE6130 現代作業系統核心 Modern Operating System Kernels 許 富 皓.
Figure 1.1 Interaction between applications and the operating system.
1 of 2 Microsoft Outlook 2003 makes it possible to delegate one or more people to read and create items in your Outlook account and to respond to e- mail.
1 of 2 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2007 Microsoft Corporation.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.
© 2004 Microsoft Corporation. All rights reserved. 1 User / Kernel Communication Model.
Operating Systems Concepts 1. A Computer Model An operating system has to deal with the fact that a computer is made up of a CPU, random access memory.
Windows XP tests at DESY Henner Bartels W2K HTASC Coordination Committee CERN, December 3 rd – 4 th.
Automatic Software Testing Tool for Computer Networks ARD Presentation Adi Shachar Yaniv Cohen Dudi Patimer
Hacking the Bluetooth Pairing Authentication Process Graduate Operating System Mini Project Siyuan Jiang and Haipeng Cai.
Programming mobile devices Part II Programming Symbian devices with Symbian C++
NDIS LBFO Miniports (Load Balancing And Failover) Larry Cleeton Program Manager Windows Networking And Communications Microsoft Corporation.
How to Add WMI Interfaces to SCSIPort and Storport Miniports
Developing WIA Drivers Byron Changuion Developer Windows Imaging Group Microsoft Corporation.
© Microsoft Corporation1 Windows Kernel Internals I/O Architecture *David B. Probert, Ph.D. Windows Kernel Development Microsoft Corporation.
ATA Miniport Nuts and Bolts
April 2000Dr Milan Simic1 Network Operating Systems Windows NT.
© 2006 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice HP Library Encryption - LTO4 Key.
CE Operating Systems Lecture 3 Overview of OS functions and structure.
© 2004 Microsoft Corporation. All rights reserved. 1 Minifilter Generated IO’s.
System Components ● There are three main protected modules of the System  The Hardware Abstraction Layer ● A virtual machine to configure all devices.
How to write a MSGQ Transport (MQT) Overview Nov 29, 2005 Todd Mullanix.
CHAPTER Network Operating System Concepts. Chapter Objectives Provide an overview of network operating systems and its functions Explain the concept of.
WiFi Hardware IHV Miniport Driver (ExtSTA, NetMon, ExtAP) NDIS Port 1 VWiFi Filter Driver VWiFi Bus Driver VWiFi Miniport Driver NDIS Port.
2Operating Systems  Program that runs on a computer  Manages hardware resources  Allows for execution of programs  Acts as an intermediary between.
South Dakota Library Network Remote ILL Workflow Renewals / Messages South Dakota Library Network 1200 University, Unit 9672 Spearfish, SD 57799
Chapter 4. CONCEPT OF THE OPERATING SYSTEM MANAGING ESSENTIAL FILE OPERATIONS.
Introduction to Operating Systems Concepts
Chapter 3: Windows7 Part 5.
Port Scanning James Tate II
Troubleshooting Tools
Device Interfaces Overview
Data Virtualization Tutorial… CORS and CIS
Mobile Operating System
Protection of System Resources
Lecture 4: Operating System Structures
Microsoft Build /12/2018 5:05 AM Using non-volatile memory (NVDIMM-N) as byte-addressable storage in Windows Server 2016 Tobias Klima Program Manager.
Chapter 3: Windows7 Part 4.
System Structure and Process Model
System Structure and Process Model
Chapter 3: Windows7 Part 2.
Windows Development Dynadata Copyright, 2014 © DynaData S.A. 1/10.
Chapter 3: Windows7 Part 5.
Windows Internals Brown-Bag Seminar Chapter 1 – Concepts and Tools
Chapter 4: Threads.
System Structure B. Ramamurthy.
Chapter 2: The Linux System Part 2
Chapter 2: System Structures
11/27/2018 6:59 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
Sarah Diesburg Operating Systems COP 4610
Chapter 3: Windows7 Part 2.
Filter Manager Rajeev Nagar Lead Program Manager Core File Services
Lecture Topics: 11/1 General Operating System Concepts Processes
Threads Chapter 4.
Operating Systems Lecture 3.
Operating Systems: A Modern Perspective, Chapter 3
Windows desktop sharing
Chapter 2: Operating-System Structures
Chapter 2 Processes and Threads 2.1 Processes 2.2 Threads
System Calls System calls are the user API to the OS
Operating Systems Structure
Virtual Private Network
Presentation transcript:

Filter Manager Support In User Mode © 2004 Microsoft Corporation. All rights reserved.

Why provide user mode interfaces? Provide common functionality for products that include filter drivers General control of driver Communication between user-mode service and filter driver Provide interfaces for management tools Allow enumeration of filters, volumes and instances © 2004 Microsoft Corporation. All rights reserved.

What can be done from user mode? Load and unload filters Attach and detach filters to volumes Open communication channels to filters from user mode and send/receive data from the filters Query the system for information such as: Filters loaded Volumes Instances attached to a given volume © 2004 Microsoft Corporation. All rights reserved.

User mode library security All user mode APIs require administrator privileges User/Kernel mode communication APIs are an exception Necessary privilege defined by minifilter through ACL defined on Port © 2004 Microsoft Corporation. All rights reserved.

User mode library Prototypes in: Link to: FltUser.h FltUserStructures.h Link to: FltLib.lib © 2004 Microsoft Corporation. All rights reserved.

Load/Unload Filters FilterLoad() FilterUnload() Loads a filter and calls its DriverEntry() routine FilterUnload() Unloads a filter Unload request can be failed by the filter © 2004 Microsoft Corporation. All rights reserved.

Handle creation FilterCreate() FilterInstanceCreate() Opens a handle to a filter with the given filter name FilterInstanceCreate() Opens a handle to an instance Identify with filter and volume instance id optional FilterClose()/FilterInstanceClose() Closes the given handle © 2004 Microsoft Corporation. All rights reserved.

Informational API’s FilterGetInformation() Returns information about the given filter, such as its name, number of instances, etc. FilterInstanceGetInformation() Returns information about an instance, such as its instance ID and the name of the volume it is attached to, etc. © 2004 Microsoft Corporation. All rights reserved.

Adding/Removing Filter Instances FilterAttach() Creates a new instance for the given filter and attaches it to the stack of the volume specified Instance altitude is determined from the given instance name FilterAttachAtAltitude() Creates a new instance for the given filter and attaches it to the stack of the volume at the specified altitude For debug purpose only – may be removed in the final Filter Manager release FilterDetach() Detaches a filter instance from a volume for the specified filter with the given Instance Name © 2004 Microsoft Corporation. All rights reserved.

Enumeration API’s Filter enumeration: Volume enumeration: FilterFindFirst() FilterFindNext() Volume enumeration: FilterVolumeFindFirst() FilterVolumeFindNext() Filter Instance enumeration: FilterInstanceFindFirst() FilterInstanceFindNext() Volume Instance enumeration: FilterVolumeInstanceFindFirst() FilterVolumeInstanceFindNext() © 2004 Microsoft Corporation. All rights reserved.

User-Initiated Communication APIs These routines send messages from user-mode to a port exposed by the minifilter They potentially expect a response Access to the port is controlled by the minifilter FilterConnectCommunicationPort() Opens a port handle to the communication port created by the filter FilterSendMessage() Used to send a message from user-mode to kernel-mode through a port handle © 2004 Microsoft Corporation. All rights reserved.

User-Initiated Communication APIs FilterGetMessage() Allows user to request a message from a kernel mode filter through a port handle FilterReplyMessage() Used to reply to a message received via FilterGetMessage() © 2004 Microsoft Corporation. All rights reserved.

Kernel-Initiated Communication APIs FltSendMessage() Sends message to a user mode component through a port Filter can wait on port object for a reply to this message from user mode Timeout can be specified for user to receive message and reply to be returned © 2004 Microsoft Corporation. All rights reserved.

Support APIs FilterGetDosName() Given a volume name it returns the DOS name for the device Volume name can be one of the following forms: NT device name, e.g. \Device\HarddiskVolume1 Dos device name, e.g. D: Volume GUID name, e.g. \\?\Volume{a4e6ccb3-134a-11d5-b660-00c04f72d8dd} Mount point name, e.g. C:\MountPoint Returned DOS name will be one of the following: Drive letter (if one exists), e.g. D: Does not work for network drives © 2004 Microsoft Corporation. All rights reserved.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.