© 2004 Microsoft Corporation. All rights reserved. 1 User / Kernel Communication Model.

Slides:

Advertisements

Similar presentations

1 Symbian Client Server Architecture. 2 Client, who (a software module) needs service from service provider (another software module) Server, who provide.

Advertisements

Processes Management.

Sockets Programming Network API Socket Structures Socket Functions

Umut Girit  One of the core members of the Internet Protocol Suite, the set of network protocols used for the Internet. With UDP, computer.

Lecture 2b Sockets Erick Pranata © Sekolah Tinggi Teknik Surabaya 1.

© Janice Regan, CMPT 128, CMPT 371 Data Communications and Networking Socket Programming 0.

Interprocess Communications

Generic Transport Service Primitives Listen –notify Transport layer a call is expected Connect –establish Transport layer connection Send (or Write) Receive.

Socket Programming.

1 Generic Transport Service Primitives Listen –notify Transport layer a call is expected Connect –establish Transport layer connection Send (or Write)

I/O Hardware n Incredible variety of I/O devices n Common concepts: – Port – connection point to the computer – Bus (daisy chain or shared direct access)

7-1 JMH Associates © 2003, All rights reserved Designing and Developing Reliable, Scaleable Multithreaded Windows Applications Chapter 10 Supplement Advanced.

USER LEVEL INTERPROCESS COMMUNICATION FOR SHARED MEMORY MULTIPROCESSORS Presented by Elakkiya Pandian CS 533 OPERATING SYSTEMS – SPRING 2011 Brian N. Bershad.

Socket Addresses. Domains Internet domains –familiar with these Unix domains –for processes communicating on the same hosts –not sure of widespread use.

1 Nonblocking I/O Nonblocking reads and writes Buffers enabling overlapped nonblocking I/O Nonblocking connect.

1 I/O Management in Representative Operating Systems.

Message-Oriented Communication Synchronous versus asynchronous communications Message-Queuing System Message Brokers Example: IBM MQSeries 02 – 26 Communication/2.4.

© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.

Interprocess Communication. Process Concepts Last class.

© Microsoft Corporation1 Windows Kernel Internals Lightweight Procedure Calls David B. Probert, Ph.D. Windows Kernel Development Microsoft Corporation.

I/O Systems ◦ Operating Systems ◦ CS550. Note:  Based on Operating Systems Concepts by Silberschatz, Galvin, and Gagne  Strongly recommended to read.

Socket Programming -What is it ? -Why bother ?. Basic Interface for programming networks at transport level It is communication end point Used for inter.

Agenda  Terminal Handling in Unix File Descriptors Opening/Assigning & Closing Sockets Types of Sockets – Internal(Local) vs. Network(Internet) Programming.

Assignment 3 A Client/Server Application: Chatroom.

Multithreading Allows application to split itself into multiple “threads” of execution (“threads of execution”). OS support for creating threads, terminating.

Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.

Hardware Definitions –Port: Point of connection –Bus: Interface Daisy Chain (A=>B=>…=>X) Shared Direct Device Access –Controller: Device Electronics –Registers:

PIKA Technologies Inc. Digital Logger Application Sample April 2010.

1-1 Embedded Network Interface (ENI) API Concepts Shared RAM vs. FIFO modes ENI API’s.

Threaded Applications Introducing additional threads in a Delphi application is easy.

COT 4600 Operating Systems Fall 2009 Dan C. Marinescu Office: HEC 439 B Office hours: Tu-Th 3:00-4:00 PM.

Hands-On Microsoft Windows Server Introduction to Remote Access Routing and Remote Access Services (RRAS) –Enable routing and remote access through.

 TCP (Transport Control Protocol) is a connection-oriented protocol that provides a reliable flow of data between two computers.  TCP/IP Stack Application.

Sami Al-wakeel 1 Data Transmission and Computer Networks The Switching Networks.

Fundamentals of Proxying. Proxy Server Fundamentals  Proxy simply means acting on someone other’s behalf  A Proxy acts on behalf of the client or user.

Chapter 2 Applications and Layered Architectures Sockets.

The Socket Interface Chapter 21. Application Program Interface (API) Interface used between application programs and TCP/IP protocols Interface used between.

The Socket Interface Chapter 22. Introduction This chapter reviews one example of an Application Program Interface (API) which is the interface between.

CE Operating Systems Lecture 13 Linux/Unix interprocess communication.

Interprocess Communications

© 2004 Microsoft Corporation. All rights reserved. 1 Minifilter Generated IO’s.

Operating Systems Proj.. Background A firewall is an information technology (IT) security device which is configured to permit, deny or proxy data connections.

Chapter 24 Transport Control Protocol (TCP) Layer 4 protocol Responsible for reliable end-to-end transmission Provides illusion of reliable network to.

1 Client-Server Interaction. 2 Functionality Transport layer and layers below –Basic communication –Reliability Application layer –Abstractions Files.

The Client-Server Model And the Socket API. Client-Server (1) The datagram service does not require cooperation between the peer applications but such.

1 1999/Ph 514: Flow of Control EPICS Flow of Control Marty Kraimer APS.

System Components ● There are three main protected modules of the System  The Hardware Abstraction Layer ● A virtual machine to configure all devices.

Events in General. Agenda Post/wait technique I/O multiplexing Asynchronous I/O Signal-driven I/O Database events Publish/subscribe model Local vs. distributed.

Socket Programming.

SIP-H.323 Interworking Group RRR-1 IETF-48 SIP-H.323 Interworking Requirements draft-agrawal-sip-h323-interworking-reqs-00.txt Hemant.

Way beyond fast © 2002 Axis Systems, Inc. CONFIDENTIAL Axis Common Transaction Interface (CTI) Architecture Highlights 9/11/2003 Ching-Ping Chou Axis Systems,

CSI 3125, Preliminaries, page 1 Networking. CSI 3125, Preliminaries, page 2 Networking A network represents interconnection of computers that is capable.

Berkeley Socket Abstraction

Firewalls A brief introduction to firewalls. What does a Firewall do? Firewalls are essential tools in managing and controlling network traffic Firewalls.

Inter-Process Communication 9.1 Unix Sockets You may regard a socket as being a communication endpoint. –For two processes to communicate, both must create.

1 EPICS Flow of Control: EPICS Workshop at IHEP, Beijing, August 2001 EPICS Flow of Control Marty Kraimer APS.

Netprog: Client/Server Issues1 Issues in Client/Server Programming Refs: Chapter 27.

1 Network Communications A Brief Introduction. 2 Network Communications.

Processes and threads.

Filter Manager Support In User Mode

Chapter 3: Windows7 Part 4.

Java Byte IPC: Part 6-Summary

Inter Process Communication (IPC)

TCP Sockets Programming

CS703 - Advanced Operating Systems

Issues in Client/Server Programming

My 7-Point Plan for Windows Security

TA: Donghyun (David) Kim

Presented by: SHILPI AGARWAL

Virtual Private Network

Presentation transcript:

© 2004 Microsoft Corporation. All rights reserved. 1 User / Kernel Communication Model

© 2004 Microsoft Corporation. All rights reserved. 2 Advantages Bi-directional messaging facility Minifilter defines the security on the channel Fast User-to-Kernel messaging, no buffering Efficient Kernel-to-User messaging with the capability for user mode to reply back to the filter. Can associate I/O completion ports for Kernel-to-User communication

© 2004 Microsoft Corporation. All rights reserved. 3 Communication Ports Filter creates a named communication port Filter implicitly begins to listen for incoming connections on the port Connection will be denied if user doesn’t have sufficient access as specified by security descriptor on listener port Each connection to the listener port gets its own message queue and private endpoints

© 2004 Microsoft Corporation. All rights reserved. 4 Communication Ports (cont’d) Closing either endpoint (kernel/user) terminates that connection Closing listener port handle prevents future connections Existing connections will not be terminated Unload safe When minifilter unloads, Filter manager forcibly terminates existing connections

© 2004 Microsoft Corporation. All rights reserved. 5 Creating Communication Port Minifilter creates a named port with: FltCreateCommunicationPort( IN PFLT_FILTER Filter, OUT PFLT_PORT *ServerPort, IN POBJECT_ATTRIBUTES ObjectAttributes, IN PVOID ServerPortCookie OPTIONAL, IN PFLT_CONNECT_NOTIFY ConnectNotifyCallback, IN PFLT_DISCONNECT_NOTIFY DisconnectNotifyCallback, IN PFLT_MESSAGE_NOTIFY MessageNotifyCallback, IN ULONG MaxConnections); Minifilter closes named port with: FltCloseCommunicationPort()

© 2004 Microsoft Corporation. All rights reserved. 6 Establishing a Connection from User-Mode Application connects to named port with: FilterConnectCommunicationPort( IN LPCWSTR lpPortName, IN DWORD dwOptions, IN LPVOID lpContext OPTIONAL, IN WORD wSizeOfContext, IN LPSECURITY_ATTRIBUTES lpSecurityAttributes OPTIONAL, OUT HANDLE *hPort); Application disconnects from named port with: CloseHandle()

© 2004 Microsoft Corporation. All rights reserved. 7 Establishing a Connection (cont’d) User connect triggers ConnectNotify() callback in minifilter Receives a handle to the new connection just created On return, user-mode receives a separate handle representing its endpoint to the connection User-mode handle is a file handle Can be used to associate I/O completion ports

© 2004 Microsoft Corporation. All rights reserved. 8 User-to-Kernel Messaging FilterSendMessage() Sends synchronous message from user to kernel Minifilter receives message via MessageNotify() callback Buffers are raw user buffers Must use try-except(), probe/capture, etc., to safely access buffers

© 2004 Microsoft Corporation. All rights reserved. 9 Kernel-to-User Messaging FltSendMessage() Sends message to waiting user-mode receiver Can block if no user-mode receivers are available Timeout may be specified, use with care FilterGetMessage() Called by user mode application to receive a message from the minifilter Recommend that you use overlapped structure to issue multiple asynchronous gets FilterReplyMessage() Applications reply to a specific message Requires agreed upon message protocol between application and minifilter

© 2004 Microsoft Corporation. All rights reserved. 10 Terminating a Connection User-mode close of handle triggers DisconnectNotify() in minifilter Filter then calls FltCloseClientPort() to finish closing the connection Minifilter unload also triggers DisconnectNotify()

© 2004 Microsoft Corporation. All rights reserved. 11 Sample Look at Scanner minifilter sample