Presentation is loading. Please wait.

Presentation is loading. Please wait.

Introduction to writing device drivers for Windows

Published byElizabeth Holmes Modified over 6 years ago

Similar presentations

Presentation on theme: "Introduction to writing device drivers for Windows"— Presentation transcript:

1 Introduction to writing device drivers for Windows
Ben Bernstein myself MS Haifa 11/19/2018

2 Device Drivers Why do we need them ?
The only way to connect IO devices to windows (hence the name). The only way to inject code into the windows kernel. Doing stuff in an utmost low level Firewall. AV. ID. Remind the CS sandboxing project. 11/19/2018

3 Device Drivers Why I hate them
Mostly undocumented, very few web resources. Very primitive dev tools. No GUI – I cannot impress anyone. The kernel never quite seems to forgives my bugs. Lots of technical details – it’s a little boring. So much cryptic knowledge we cannot cover the whole subject in two hours. 11/19/2018

4 Windows IO Windows uses the same mechanism for communicating with files, and communicating with devices. CreateFile CloseHandle WriteFile ReadFile DeviceIoControl Extension – Specific for every device. Main() example We’ll go over the first example in sample.txt 11/19/2018

5 Calling DeviceIOControl
We’ll go over the first example in sample.txt 11/19/2018

6 Windows IO - IRPs Every IO request from a file or a device gets to the kernel – the IO manager. The IO manager creates an IRP and dispatches it to the proper driver(s) of the device. The drivers may decide to make the request pending and answer it after a while. The driver may decide to pass the IRP to another driver. A user-mode program may decide to call IO functions asynchronously or synchronously. 11/19/2018

7 PDO FDO FiDO PDO, FDO, Device Enumaration Plug & Play 11/19/2018

8 Device Driver Code A code that runs inside the kernel of windows.
#include "ntddk.h" NTSTATUS DriverEntry( IN PDRIVER_OBJECT DriverObject, IN PUNICODE_STRING RegistryPath ) { // // I wish I could hello world you return STATUS_SUCCESS; } A code that runs inside the kernel of windows. It’s a C/C+/C++ program! 11/19/2018

9 Few questions?! (The MS driver rules)
#include "ntddk.h" NTSTATUS DriverEntry( IN PDRIVER_OBJECT DriverObject, IN PUNICODE_STRING RegistryPath ) { // // I wish I could hello world you return STATUS_SUCCESS; } Few questions?! (The MS driver rules) You have to order the DDK. Compiling: No IDE - just BUILD.EXE. no Makefile – just dirs, sources,. DBG/FRE dos build environments The .SYS files Export and import, DriverEntry is the entry point Weird types UNICODE_STRING, NTSTATUS, some undocumented. 11/19/2018

10 11/19/2018

11 DriverEntry #include "ntddk.h" NTSTATUS DriverEntry(
IN PDRIVER_OBJECT DriverObject, IN PUNICODE_STRING RegistryPath ) { // // I wish I could hello world you return STATUS_SUCCESS; } DriverEntry The DriverEntry RegistryPath parameter. Points to the registry. The registry info is usually created by an INF file The DriverEntry DriverObject parameter. Used to return callbacks to the OS. #include "ntddk.h" NTSTATUS DriverEntry( IN PDRIVER_OBJECT DriverObject, IN PUNICODE_STRING RegistryPath ) { // // I wish I could hello world you return STATUS_SUCCESS; } 11/19/2018

12 Device Driver – Initializing Callbacks
NTSTATUS DriverEntry( IN PDRIVER_OBJECT DriverObject, IN PUNICODE_STRING RegistryPath ) { DriverObject->DriverUnload = MyUnload; DriverObject->MajorFunction[IRP_MJ_CREATE] = MyCreate; DriverObject->MajorFunction[IRP_MJ_CLOSE] = MyClose; DriverObject->MajorFunction[IRP_MJ_CLEANUP] = MyCleanup; DriverObject->MajorFunction[IRP_MJ_READ] = MyRead; DriverObject->MajorFunction[IRP_MJ_DEVICE_CONTROL]=MyCtrl; DriverObject->DriverExtension->AddDevice = MyPnpAddDevice IoCreateDevice( … , “device name”, …) return STATUS_SUCCESS;} We’ll go over the DriverEntry example in sample.txt 11/19/2018

13 Device Driver – Dispatch Functions
IOCtrl dispatch function All in the form of: NTSTATUS MyDispatchFunc( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp ) Enables the user of the driver to communicate with the driver. Filemon Example DriverUnload dispatch Does driver cleanup One can support some and set other to NULL. DriverExtension->AddDevice vs. DriverEntry 11/19/2018

14 Device Driver – Dispatch Functions
What can the driver functions do ? Call the kernel apis for instance. Ex ( Executive) Mm (Memory manager) Rtl (Run time library) FsRtl (File system runtime library) Ob ( Object management) Io (I/O) Hal (Hardware abstraction level) Zw (File & Registry) Ke (General kernel) Use DMA to talk to the device Lets look at the sample code for dispatch functions. 11/19/2018

15 Device Driver - Interrupts
Interrupts – The way the actual device “dispatches” the OS. In order to register to a certain Interrupt one uses the IoConnectInterrupt API. Easier with PNP support. A completion function is passed to the IoConnectInterrupt . 11/19/2018

16 Device Driver - Interrupts
Usually looking like this: BOOLEAN InterruptIsr(IN PKINTERRUPT Interrupt, IN OUT PVOID Context) { … (few commands if any) IoRequestDpc(DeviceObject, DeviceObject->CurrentIrp, NULL); return TRUE; } 11/19/2018

17 Device Driver - Interrupts
What is a DPC? Deffered procedure call. Used to postpone the driver calculation to enable receiving other interrupts. The DPC is processed only after all interrupt are processed. All interrupts service routines do almost nothing other then queuing DPCs. Each device object has a DPC inside it, A driver can allocate more DPCs if he believes he’ll get lots of interrupts. Interrupt Example We’ll go over the last piece of code from samples.txt 11/19/2018

18 Other important issues (that were not quite covered)
IRQL & Interrupts. DDK API calls and IRQL Class Filter driver Spin locks NPP WinDBG/SoftIce FastIoDispatch IFS Filter Drivers PNP dispatch functions. 11/19/2018

19 Bibliography http://www.sysinternals.com/ - Mark Russinovich MS DDK.
Inside Windows 2000. 11/19/2018

20 11/19/2018

Download ppt "Introduction to writing device drivers for Windows"

Similar presentations

WDM 드라이버의 기본 구조 What is WDM?

WDM 드라이버의 기본 구조 What is WDM?
Windows 2000 System Architecture (continued) Computing Department, Lancaster University, UK.

Windows 2000 System Architecture (continued) Computing Department, Lancaster University, UK.
3: OS Structures 1 OPERATING SYSTEM STRUCTURES PROCESS MANAGEMENT A process is a program in execution: (A program is passive, a process active.) A process.

3: OS Structures 1 OPERATING SYSTEM STRUCTURES PROCESS MANAGEMENT A process is a program in execution: (A program is passive, a process active.) A process.
OS Fall ’ 02 Introduction Operating Systems Fall 2002.

OS Fall ’ 02 Introduction Operating Systems Fall 2002.
2: OS Structures 1 Jerry Breecher OPERATING SYSTEMS STRUCTURES.

2: OS Structures 1 Jerry Breecher OPERATING SYSTEMS STRUCTURES.
OS Spring’03 Introduction Operating Systems Spring 2003.

OS Spring’03 Introduction Operating Systems Spring 2003.
1 CE6130 現代作業系統核心 Modern Operating System Kernels 許 富 皓.

1 CE6130 現代作業系統核心 Modern Operating System Kernels 許 富 皓.
I/O Request Flaw in WDF Kernel-Mode Driver

I/O Request Flaw in WDF Kernel-Mode Driver
Threads CS 416: Operating Systems Design, Spring 2001 Department of Computer Science Rutgers University

Threads CS 416: Operating Systems Design, Spring 2001 Department of Computer Science Rutgers University
OS Spring’04 Introduction Operating Systems Spring 2004.

OS Spring’04 Introduction Operating Systems Spring 2004.
Copyright Arshi Khan1 System Programming Instructor Arshi Khan.

Copyright Arshi Khan1 System Programming Instructor Arshi Khan.
I/O Tanenbaum, ch. 5 p. 329 – 427 Silberschatz, ch. 13 p. 495 - 527.

I/O Tanenbaum, ch. 5 p. 329 – 427 Silberschatz, ch. 13 p
Windows Driver Verification David Lariviere COMS E6832 – Formal Hardware & Software Verification Presentation of Project.

Windows Driver Verification David Lariviere COMS E6832 – Formal Hardware & Software Verification Presentation of Project.
Driver Verifier Advancements In Windows 7 Daniel Mihai Principal Software Design Engineer Windows Engineering Tools.

Driver Verifier Advancements In Windows 7 Daniel Mihai Principal Software Design Engineer Windows Engineering Tools.
Windows® Driver Model History And Architectural Overview Bob Rinne Director Windows Operating System Base Microsoft Corporation.

Windows® Driver Model History And Architectural Overview Bob Rinne Director Windows Operating System Base Microsoft Corporation.
OPERATING SYSTEM OVERVIEW. Contents Basic hardware elements.

OPERATING SYSTEM OVERVIEW. Contents Basic hardware elements.
© Microsoft Corporation1 Windows Kernel Internals I/O Architecture *David B. Probert, Ph.D. Windows Kernel Development Microsoft Corporation.

© Microsoft Corporation1 Windows Kernel Internals I/O Architecture *David B. Probert, Ph.D. Windows Kernel Development Microsoft Corporation.
ATA Miniport Nuts and Bolts

ATA Miniport Nuts and Bolts
OS provide a user-friendly environment and manage resources of the computer system. Operating systems manage: –Processes –Memory –Storage –I/O subsystem.

OS provide a user-friendly environment and manage resources of the computer system. Operating systems manage: –Processes –Memory –Storage –I/O subsystem.
A Comparative Study of the Linux and Windows Device Driver Architectures with a focus on IEEE1394 (high speed serial bus) drivers Melekam Tsegaye

A Comparative Study of the Linux and Windows Device Driver Architectures with a focus on IEEE1394 (high speed serial bus) drivers Melekam Tsegaye

Similar presentations

Ads by Google