Presentation is loading. Please wait.

Presentation is loading. Please wait.

Filter Manager Support In User Mode

Published byEleanor Hunter Modified over 6 years ago

Similar presentations

Presentation on theme: "Filter Manager Support In User Mode"— Presentation transcript:

1 Filter Manager Support In User Mode
© 2004 Microsoft Corporation. All rights reserved.

2 Why provide user mode interfaces?
Provide common functionality for products that include filter drivers General control of driver Communication between user-mode service and filter driver Provide interfaces for management tools Allow enumeration of filters, volumes and instances © 2004 Microsoft Corporation. All rights reserved.

3 What can be done from user mode?
Load and unload filters Attach and detach filters to volumes Open communication channels to filters from user mode and send/receive data from the filters Query the system for information such as: Filters loaded Volumes Instances attached to a given volume © 2004 Microsoft Corporation. All rights reserved.

4 User mode library security
All user mode APIs require administrator privileges User/Kernel mode communication APIs are an exception Necessary privilege defined by minifilter through ACL defined on Port © 2004 Microsoft Corporation. All rights reserved.

5 User mode library Prototypes in: Link to: FltUser.h
FltUserStructures.h Link to: FltLib.lib © 2004 Microsoft Corporation. All rights reserved.

6 Load/Unload Filters FilterLoad() FilterUnload()
Loads a filter and calls its DriverEntry() routine FilterUnload() Unloads a filter Unload request can be failed by the filter © 2004 Microsoft Corporation. All rights reserved.

7 Handle creation FilterCreate() FilterInstanceCreate()
Opens a handle to a filter with the given filter name FilterInstanceCreate() Opens a handle to an instance Identify with filter and volume instance id optional FilterClose()/FilterInstanceClose() Closes the given handle © 2004 Microsoft Corporation. All rights reserved.

8 Informational API’s FilterGetInformation()
Returns information about the given filter, such as its name, number of instances, etc. FilterInstanceGetInformation() Returns information about an instance, such as its instance ID and the name of the volume it is attached to, etc. © 2004 Microsoft Corporation. All rights reserved.

9 Adding/Removing Filter Instances
FilterAttach() Creates a new instance for the given filter and attaches it to the stack of the volume specified Instance altitude is determined from the given instance name FilterAttachAtAltitude() Creates a new instance for the given filter and attaches it to the stack of the volume at the specified altitude For debug purpose only – may be removed in the final Filter Manager release FilterDetach() Detaches a filter instance from a volume for the specified filter with the given Instance Name © 2004 Microsoft Corporation. All rights reserved.

10 Enumeration API’s Filter enumeration: Volume enumeration:
FilterFindFirst() FilterFindNext() Volume enumeration: FilterVolumeFindFirst() FilterVolumeFindNext() Filter Instance enumeration: FilterInstanceFindFirst() FilterInstanceFindNext() Volume Instance enumeration: FilterVolumeInstanceFindFirst() FilterVolumeInstanceFindNext() © 2004 Microsoft Corporation. All rights reserved.

11 User-Initiated Communication APIs
These routines send messages from user-mode to a port exposed by the minifilter They potentially expect a response Access to the port is controlled by the minifilter FilterConnectCommunicationPort() Opens a port handle to the communication port created by the filter FilterSendMessage() Used to send a message from user-mode to kernel-mode through a port handle © 2004 Microsoft Corporation. All rights reserved.

12 User-Initiated Communication APIs
FilterGetMessage() Allows user to request a message from a kernel mode filter through a port handle FilterReplyMessage() Used to reply to a message received via FilterGetMessage() © 2004 Microsoft Corporation. All rights reserved.

13 Kernel-Initiated Communication APIs
FltSendMessage() Sends message to a user mode component through a port Filter can wait on port object for a reply to this message from user mode Timeout can be specified for user to receive message and reply to be returned © 2004 Microsoft Corporation. All rights reserved.

14 Support APIs FilterGetDosName()
Given a volume name it returns the DOS name for the device Volume name can be one of the following forms: NT device name, e.g. \Device\HarddiskVolume1 Dos device name, e.g. D: Volume GUID name, e.g. \\?\Volume{a4e6ccb3-134a-11d5-b660-00c04f72d8dd} Mount point name, e.g. C:\MountPoint Returned DOS name will be one of the following: Drive letter (if one exists), e.g. D: Does not work for network drives © 2004 Microsoft Corporation. All rights reserved.

Download ppt "Filter Manager Support In User Mode"

Similar presentations

Filter Manager Overview

Filter Manager Overview
Florida State UniversityCOP5570 - Advanced Unix Programming Raw Sockets Datalink Access Chapters 25, 26.

Florida State UniversityCOP Advanced Unix Programming Raw Sockets Datalink Access Chapters 25, 26.
WDM 드라이버의 기본 구조 What is WDM?

WDM 드라이버의 기본 구조 What is WDM?
Filter Manager Rajeev Nagar Lead Program Manager Core File Services

Filter Manager Rajeev Nagar Lead Program Manager Core File Services
Loading and Unloading Minifilters

Loading and Unloading Minifilters
© 2004 Microsoft Corporation. All rights reserved. 1 File Name Management.

© 2004 Microsoft Corporation. All rights reserved. 1 File Name Management.
Lesson 15 – INSTALL AND SET UP NETWARE 5.1. Understanding NetWare 5.1 Preparing for installation Installing NetWare 5.1 Configuring NetWare 5.1 client.

Lesson 15 – INSTALL AND SET UP NETWARE 5.1. Understanding NetWare 5.1 Preparing for installation Installing NetWare 5.1 Configuring NetWare 5.1 client.
1 CE6130 現代作業系統核心 Modern Operating System Kernels 許 富 皓.

1 CE6130 現代作業系統核心 Modern Operating System Kernels 許 富 皓.
Figure 1.1 Interaction between applications and the operating system.

Figure 1.1 Interaction between applications and the operating system.
1 of 2 Microsoft Outlook 2003 makes it possible to delegate one or more people to read and create items in your Outlook account and to respond to e- mail.

1 of 2 Microsoft Outlook 2003 makes it possible to delegate one or more people to read and create items in your Outlook account and to respond to e- mail.
1 of 2 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2007 Microsoft Corporation.

1 of 2 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2007 Microsoft Corporation.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.
© 2004 Microsoft Corporation. All rights reserved. 1 User / Kernel Communication Model.

© 2004 Microsoft Corporation. All rights reserved. 1 User / Kernel Communication Model.
Operating Systems Concepts 1. A Computer Model An operating system has to deal with the fact that a computer is made up of a CPU, random access memory.

Operating Systems Concepts 1. A Computer Model An operating system has to deal with the fact that a computer is made up of a CPU, random access memory.
Windows XP tests at DESY Henner Bartels W2K HTASC Coordination Committee CERN, December 3 rd – 4 th.

Windows XP tests at DESY Henner Bartels W2K HTASC Coordination Committee CERN, December 3 rd – 4 th.
Automatic Software Testing Tool for Computer Networks ARD Presentation Adi Shachar Yaniv Cohen Dudi Patimer www.cs.bgu.ac.il/~adishach.

Automatic Software Testing Tool for Computer Networks ARD Presentation Adi Shachar Yaniv Cohen Dudi Patimer
Hacking the Bluetooth Pairing Authentication Process Graduate Operating System Mini Project Siyuan Jiang and Haipeng Cai.

Hacking the Bluetooth Pairing Authentication Process Graduate Operating System Mini Project Siyuan Jiang and Haipeng Cai.
Programming mobile devices Part II Programming Symbian devices with Symbian C++

Programming mobile devices Part II Programming Symbian devices with Symbian C++
NDIS LBFO Miniports (Load Balancing And Failover) Larry Cleeton Program Manager Windows Networking And Communications Microsoft Corporation.

NDIS LBFO Miniports (Load Balancing And Failover) Larry Cleeton Program Manager Windows Networking And Communications Microsoft Corporation.
How to Add WMI Interfaces to SCSIPort and Storport Miniports

How to Add WMI Interfaces to SCSIPort and Storport Miniports

Similar presentations

Ads by Google