Организация ввода-вывода. Драйверы WDM

М.: МГУПИ, 2011. - 84 с. Настоящее учебное пособие предназначено для подготовки студентов различных специальностей, изуч

287 82 1MB

Russian Pages [83]

Report DMCA / Copyright

DOWNLOAD PDF FILE

Recommend Papers

Организация ввода-вывода. Драйверы WDM

  • Commentary
  • 709880
  • 0 0 0
  • Like this paper and download? You can publish your own PDF file online for free in a few minutes! Sign Up
File loading please wait...
Citation preview

–––––––––––––––––––––

“ ”

––––––––––––––––––––– ф

“ ”

. .

WDM c 4

2011

681.3 32.973.26-18.2 Ɋɟɤɨɦɟɧɞɨɜɚɧɨ ɤ ɢɡɞɚɧɢɸ ɜ ɤɚɱɟɫɬɜɟ ɭɱɟɛɧɨɝɨ ɩɨɫɨɛɢɹ ɪɟɞɚɤɰɢɨɧɧɨ-ɢɡɞɚɬɟɥɶɫɤɢɦ ɫɨɜɟɬɨɦ ɆȽɍɉɂ : 49

. . .,

, "

. . , 2011. – 84 .

-

", . . .,

.

WDM.

.–

.:

, .

,

«

» "

-

"

"

" . WDM

, –

, , Plug

.

and Play

. , Windows. 681.3 32.973.26-18.2 ©

2

©

2011 2011

. 1 WDM1.1 1.2 1.3 WDM1.4 1.5 1.6 2 2.1 2.2 2.3 DriverEntry 2.4 DriverUnload 2.5 AddDevice 2.6 2.7 2.8 3 IRP 3.1 IRP 3.2 3.3 IRP 3.4 IRP 3.5 IRP 3.6 3.7 IoCallDriver 3.8 3.9 IRP 3.10 IRP 3.11 StartIo 3.12 ISR 3.13 DPC 3.14 3.15 3.16 3.17 DEVQUEUE 3.18 3.19 IRP 3.20

3

(DEVICE_EXTENSION)

4 5 11 12 13 18 21 24 24 26 29 32 33 33 35 36 39 39 42 43 44 46 47 48 48 51 52 52 53 54 55 58 59 61 63 65 78 83

1 ɋɬɪɭɤɬɭɪɚ WDM-ɞɪɚɣɜɟɪɚ WDM (Windows Driver Model) . WDM-

,

Windows 98. ,

.

WDM-

1.1 [3].

1.1 –

,

DriverEntry, AddDevice,

.

IRP.

-

,

StartIo.

,

AdapterControl.

,

,

,

(ISR – Interrupt Service Routine), (DPC – Deffered Procedure Call).

IRP.

4

1.1 ɇɚɡɧɚɱɟɧɢɟ ɞɪɚɣɜɟɪɚ Windows NT5 [1]:

− (

) ,

− (

(

).

)

. Windows

2000/XP — 32-

(64), 4

. ,

,

,

. 4 [4].

4

(

,

) : ,

2



,

.

,

.

.

,

Windows , ,

,

, .

,

,

5

.

Windows NT [1,2]

1.2.

1.2 –

Windows NT5 , ,

. , ,

− −

: , (Winlogon); Windows-

. Task Scheduler),

( ,

-

Microsoft SQL Server,

;



. : Win32, Win64 ( 64-



-

DOS, POSIX

), Windows 3.1, MS-

OS/2; .

(

), . Windows : Win32, POSIX 6

OS/2. Windows

2000

,

Windows XP,

Win32,

. , −

,

: , ,



,

-

. .;

, ,

( Windows Intel,

NT

MIPS, Alpha AXP,

Motorola PowerPC).

/

, . , −

,

-

. .; ;



(Hardware Abstraction Layer, HAL) — (

92), -

,

,

,

, (



,

)

,

. .;

. Windows,

DOS, ,

,

-

-

HAL. −

: (

).

, 7

. (

COM-

)

, ,

,

. ,

,

-

,

, ;



Plug-and-Play (PnP)

ACPI (Advanced Configu-

ration Power Management interface — );



,

PnP TCP/IP, IPX/SPX

ACPI (

. .),

,

.

,

,

-

.

Windows 2000,

PnP

-

(ACPI),

,

Windows Driver Model (WDM). NT,

WDM

Windows 98

Windows Millennium Edition,

Windows 2000

NT (NT4), −

,

.

WDM

: .

, NT4, Windows 2000

, ,

, ,

HAL (DLL),

8

. OEM-



; ;



. Windows . , (

CD-ROM),

, .

:



;



-



; -

. Windows

,



.

:

(VDD);



. , ,

-

.

-

,

Windows . , Windows, (

)

,

-

. ,

,

,

Plug-and-Play,

,

,

,



-

, .

( )

inf-

cat9

(

,

Microsoft WHQL — Microsoft Windows Hardware Quality Lab)

.

, ,

,

. -

.

1.3.

1.3 – -

Windows

, , .

(

) 10

, .

[2]

,

, .

1.2 Ɍɢɩɵ ɞɪɚɣɜɟɪɨɜ Windows NT5 (2000/XP/XP Embedded) . 1.4 [3].

1.4 –

Windows NT5 (VDD – Virtual Device Driver) ,

16.

(

. )

, . .

,

Plug and Play

WDM-

[3]

Windows 98/Me/2000/XP

PnP –

Windows XP.

PnP

.

WDM-

( ),

( 11

), (

)

(

-

).

.

. Windows NT,

Windows XP.

Plug and Play.

1.3 WDM-ɞɪɚɣɜɟɪɵ WDM,

– ,

-

. Microsoft. ,

,

,

Microsoft

.

. -

, Microsoft. , .

,

. ,

,

, .

, . 12

, . , .

, .

,

,

. ,

PsCreateSystemThread.

:



, ,

− IRP, ,

.

1.4 ɂɟɪɚɪɯɢɹ ɭɫɬɪɨɣɫɬɜ ɢ ɞɪɚɣɜɟɪɨɜ , ,

, . 1.5 [3].

1.5 –

WDM 13

1.5



: (

)

DEVICE_OBJEKT, ,



, ,



IRP ( -

)

.

WDM – ɮɭɧɤɰɢɨɧɚɥɶɧɵɣ ɞɪɚɣɜɟɪ –

. -

,

, .

,

MS-DOS

. ɞɪɚɣɜɟɪ ɲɢɧɵ, .

,

,

PCI (Peripheral

Component Interconnect)

,

PCI,

, (

-

,

),

(ɢɥɢ

ɮɢɥɶɬɪɭɸɳɢɦɢ

. ɞɪɚɣɜɟɪɚɦɢ-ɮɢɥɶɬɪɚɦɢ ɞɪɚɣɜɟɪɚɦɢ).

-

. IRP ,

,

.

. IRP,

(

)

14

.

,

, .

1.5, DEVICE_OBJECT

.

:

− PDO (Phisical Device Object) –

,

,

− FDO (Function Device Object) –

,

,

− FiDO (Filter Device Object) –

,

.

1.6 –

Plug and Play , WDM-

,

,

, PnP-

PnP

, .

Plug and Play

ɩɟɪɟɱɢɫɥɟɧɢɹ ( ,

.

). «

»

USB, PCMCIA),

( ,

15

,

.

, ,

PDO,

1.6 (



).

(1) , IoInvalidateDeviceRelations,

PnP

. (2)

IRP,

PnP

IRP_MJ_PNP

(MJ)

IRP_MN_QUERY_DEVICE_RELATIONS,

(MN) ,

PnP

(QUERY DEVICE RELATIONS) – (2)

. PDO,

PnP

, .

(3)

IRP

PnP

IRP_MN_QUERY_ID, . –

– .

(4)

PnP . , . ( ), .

.INF. , 16

.INF-

.

,

.INF-

, .

,

, .

. PnP

, ,

,

. PnP

,

, .

,

PnP ,

. . DriverEntry. AddDevice,

PnP

(5)

1.6.

IRP

PnP

IRP_MN_QUERY_RESOURCE_REQUIREMENTS, ( – (6)

,

,

DMA).

1.6. PnP ,

. IRP_MJ_PNP

PnP

IRP_MN_START_DEVICE. , .

17

( ,

)

Plug and Play, .

. .INF-

,

1.7 (1). , (2).

,

, (3).

(4).

, / .

1.7 –

,

Plug and Play

. ,

, Plug and Play.

1.5 ɉɨɪɹɞɨɤ ɡɚɝɪɭɡɤɢ ɞɪɚɣɜɟɪɨɜ , 18

.

-

. ,

, UpperFilters

LowerFilters, -

.

, UpperFilters

. LowerFilters.

-

,

. , .

, .

AddDevice (

.

1.7) [3]:



AddDevice

-

, LowerFilters,



AddDevice

-

, LowerFilters,



AddDevice

,

Service



,

AddDevice

-

, UpperFilters,



AddDevice

-

, UpperFilters. ,

DevView,

[3].

1.9 .

, PDO (

),

(details). 19

AddDevice

1.8 –

FDO (

1.10 ).

, PDO

FDO.

1.11 CDROM.

– FiDO –

, .

1.9 –

PDO

DevView

20

1.10 –

FDO

DevView

1.11 –

PDO

DevView

CDROM

1.6 ȼɨɩɪɨɫɵ ɞɥɹ ɫɚɦɨɩɪɨɜɟɪɤɢ 1. 2. 3. 4. 5. 6. 7. 8. 9.

WDM-

? ,

? ? ? ? ? ? ? ? 21

10. 11. 12. 13. 14. 15. 16. 17. 18. 19. 20. 21.

Windows NT5? ? ? ? DLL

? ? ?

? ? ? ? ?

22. 23. 24. 25. 26. 27. 28. 29. 30. 31. 32. 33. 34. 35. 36. 37. 38. 39. 40. 41. 42. 43. 44.

? ? ? PnP? WDM? ? ? ? -

? -

? -

?

Windows NT5? ? ? ? ? WDM? ? ? ? ? ? ? 22

45. 46. 47. 48. 49. 50. 51. 52. 53. 54. 55. 56. 57. 58. 59.

? ? ? PnP? ? ? ? ? DriverEntry? , ? ? ? AddDevice? ?

23

PnP?

2 Ɉɫɧɨɜɧɵɟ ɫɬɪɭɤɬɭɪɵ ɞɚɧɧɵɯ WDM-

– . .

,

. (

WDM-

,

, . .) . ,

.

2.1 Ɉɛɴɟɤɬɵ ɞɪɚɣɜɟɪɨɜ . WDM.H

DDK

:

typedef struct _DRIVER_OBJECT {

//

CSHORT Type;

//

CSHORT Size;

//



// PDRIVER_OBJECT

}

DRIVER_OBJECT,

DRIVER_OBJECT, *PDRIVER_OBJECT; (CSHORT –

// DRIVEROBJECT )

2.1 – PVOID, PVOID64

(

64-

) NTAPI __stdcall VOID CHAR, PCHAR UCHAR, PUCHAR SCHAR, PSCHAR SHORT, PSHORT CSHORT

i86 void 88816-

24

2.1 – USHORT, UPSHORT LONG, PLONG ULONG, PULONG WCHAR, PWSTR, PWCHAR PCWSTR NTSTATUS LARGE_INTEGER ULARGE_INTEGER PSZ, PCSZ

163232-

Ю

Ю

(

)

6464ASCIIZ

BOOLEAN, PBOOLEAN

TRUE

FALSE (

UCHAR)

DRIVER_OBJECT, PDRIVER_OBJECT

_DRIVER_OBJECT. .

DeviceObject (PDEVICE_OBJECT) , -

. .

Type Size DeviceObject Flags DriverStart DriverSize DriverSection Driver_Object AddDevice Count ServiceKeyName

DriverExtension DriverName HardwareDatabase FastIoDispatch DriverInit DriverStartIo DriverUnload MajorFunction

Driver_Object

2.1 – DriverExtension

(PDRIVER_EXTENSION) AddDevice

, 25

(PDRIVER_ADD_DEVICE).

AddDevice

,

. HardwareDatabase (PUNICODE_EXTENSION) .

\Registry\Machine\Hardware\Description\System

, .

WDM-

,

PnP. .

FastIoDispatch (PFAST_IO_DISPATCH)

,

, . DriverInit

(PDRIVER_INIT) .

. DriverStartIo (PDRIVER_STARTIO) -

,

DriverUnload

-

.

(PDRIVER_UNLOAD) .

(

,

WDM-

.) MajorFunction

(PDRIVER_

DISPATCH) -

20

.

.

. 2.2 Ɉɛɴɟɤɬɵ ɭɫɬɪɨɣɫɬɜ 2.2.

,

. IoCreateDevice. WDM-

.

26

,

DriverObject (PDRIVER_OBJECT)

,

.

, IoCreateDevice.

NextDevice (PDEVICE_OBJECT) ,

,

. ,

DeviceObject

,

.

Type Size ReferenceCount DriverObject NextDevice AttachedDevice CurrentIrp Timer Flags Characteristics DeviceExtension DeviceType StackSize …

AlignmentRequirement … DeviceObject

2.2 – CurrentIrp (PIRP)

IRP,

StartIo. StartPaket

,

StartNextPaket

IRP.

Flags (ULONG)

(

27

2.2).

Flags

2.2 –

DEVICE_OBJECT

DO_BUFFERED_IO . .

Д

DO_EXCLUSIVE

. DO_DIRECT_IO .

Д .

DO_DEVICE_INITIALIZING DO_POWER_PAGABLE

. В

DO_POWER_INRUSH

IRP_MJ_PNP PASSIVE_LEVEL. .

DO_

2.2

DEVICE_OBJECT.

Characteristics

2.3 –

DEVICE_OBJECT

FILE_REMOVABLE_MEDIA FILE_READ_ONLY_DEVICE FILE_FLOPPY_DISKETTE



FILE_WRITE_ONCE_MEDIA Д

FILE_REMOTE_DEVICE FILE_DEVICE_IS_MOUNTED FILE_VIRTUAL_VOLUME FILE_AUTOGENERATED_DEVICE_NAME

FILE_DEVICE_SECURE_OPEN

Characteristics (ULONG)

. (

2.3).

IoCreateDevice.

28

DeviceExtension

(PVOID)

, .

. DeviceType (DEVICE_TYPE) ,

.

IoCreateDevice.

StackSize (CCHAR) PDO. AlignmentRequirement

(ULONG)

, WDM.H

. FILE_BYTE_ALIGNMENT

FILE_512_BYTE_ALIGNMENT. (

) –1.

FILE_64_BYTE_ALIGNMENT=0x3F (63D). .

2.3 Ɏɭɧɤɰɢɹ DriverEntry ,

PnP AddDevice. , .

DriverEntry. : extern “C” NTSTATUS DriverEntry(IN PDRIVER_OBJECT DriverObject, IN PUNICODE_STRING RegistryPatch) { }

. extern “C” –

C++,

,

, ,

. 29

,

( )

.

C++

"

"

, (

"

")

. IN.

DDK IN

OUT –

.

, IN,

, OUT

. IN OUT

,

.

,

.

NTSTATUS

,

NTSTATUS.

(LONG). NTSTATUS, .

NTSTATUS.H. DriverEntry ,

.

WDM-

DriverEntry

.

,

,

, .

WDM-

PnP. DriverEntry PUNICODE_STRING, . DriverEntry

WDM-

. . − DriverUnload –

-

: . 30

.

,

,

.

.

− DriverExtension Æ AddDevice – .

AddDevice

PnP ,

− DriverStartIo –

. StartIo,

-

.

− MajorFunction –

, . -

, IRP, . -

PnP _ POWER и

SYSTEM_CONTROL. DriverEntry:

,

extern “C” NTSTATUS DriverEntry(IN PDRIVER_OBJECT DriverObject, IN PUNICODE_STRING RegistryPath) { DriverObject->DriverUnload = DriverUnload;

//1

DriverObject->DriverExtension->AddDevice = AddDevice; DriverObject->MajorFunction[IRP_MJ_PNP] = DispatchPnp; //2 DriverObject->MajorFunction[IRP_MJ_POWER] = DispatchPower; DriverObject->MajorFunction[IRP_MJ_SYSTEM_CONTROL] = DispatchWmi; …

//3

servkey.Buffer = (PWSTR) ExAllocatePool(PagePool,

//4

RegistryPath->Length + sizeof(WCHAR)); if (!servkey.Buffer) return STATUS_INSUFFICIENT_RESOURCES; servkey.MaximumLength = RegistryPath->Length + sizeof(WCHAR)); RtlCopyUnicodeString(&servkey, RegistryPath);

31

servkey.Buffer[RegistryPath->Length/sizeof(WCHAR)] = 0; return STATUS_SUCCESS;

//5

}

1.

, .

, AddDevice).

(DriverUnload 2.

WDMPnP_POWER

SYSTEM_CONTROL. .

. 3. ,

.

RegistryPath

4.

, .

servkey

,

UnicodeString

-

STATUS_SUCCESS (

5. 0),

.

, .

(4)

RegistryPath, STATUS_INSUFFICIENT_RESOURCES (

). .

2.4 Ɏɭɧɤɰɢɹ DriverUnload WDM-

DriverUnload « DriverEntry.

,

RegistryPath.

VOID DriverUnload(PDRIVER_OBJECT DriverObject) { RtlFreeUnicodeString(&strvkey); }

32

»

DriverEntry

, DriverUnload. -

, DriverEntry

, ,

.

2.5 Ɏɭɧɤɰɢɹ AddDevice , AddDevice.

PnP

. : NTSTATUS AddDevice(PDRIVER_OBJECT DriverObject, PDEVICE_OBJECT pdo) { Return STATUS_SOMETHING; //

, STATUS_SUCCESS

}

DriverObject

,

DriverEntry.

pdo .



AddDevice:

, IoCreateDevice .

− .

– .

− −

Flags . IoAttachDeviceToDeviceStack .

2.6 ɋɨɡɞɚɧɢɟ ɨɛɴɟɤɬɚ ɭɫɬɪɨɣɫɬɜɚ IoCreateDevice. : 33

PDEVICE_OBJECT fdo; NTSTATUS status = IoCreateDevice(DriverObject, sizeof(DEVICE_EXTESION), NULL, FILE_DEVICE_UNKNOWN, FILE_DEVICE_SECURE_OPEN, FALSE, &fdo);

(DriverObject) AddDevice. ,

-

IRP,

, .

, ( ).

-

DEVICE_EXTESION

. UNICODE_TRING ,

. NULL.

,

( WDM.H),

FILE_DEVICE_UNKNOWN.

. (

, .)

( )

. . FILE_DEVICE_SECURE_OPEN Characteristics,

,

. ,

.

(FALSE), . (

.)

,

.

34

,

,

(&fdo) .

,

.

PDEVICE_OBJECT.

.

,

, . : NTSTATUS status = IoCreateDevice(…); if (!NT_SUCCESS(status)) return status; … if (
)

{ IoDeleteDevice(fdo); return status; }

2.7 ɂɧɢɰɢɚɥɢɡɚɰɢɹ ɪɚɫɲɢɪɟɧɢɹ ɭɫɬɪɨɣɫɬɜɚ (DEVICE_EXTENSION) . .

: typedef struct _DEVICE_EXTENSION { PDEVICE_OBJECT DeviceObject;

//1 //2

PDEVICE_OBJECT LowerDeviceObject; //3 PDEVICE_OBJECT Pdo;

//4

UNICODE_STRING ifname;

//5

IO_REMOVE_LOCK RemoveLock;

//6

35

DEVSTATE devstate;

//7

DEVSTATE prevstate; DEVICE_POWER_STATE devpower; SYSTEM_POWER_STATE syspower; DEVICE_CAPABILITIES devcaps;

//8

… } DEVICE_EXTENSION, *DEVICE_EXTENSION;

(1),

,

DDK.

,

,

DEVICE_EXTENSION,

PDEVICE_EXTENSION

_DEVICE_EXTENSION. , DeviceExtension

(2). , . DeviceObject.

LowerDeviceObject (3) . IoAttachDeviceToDeviceStack. Pdo (4)

, .

ifname

(

UNICODE_STRING),

.

(6) IO_REMOVE_LOCK,

. AddDevice.

(7) Plug and Play DEVSTATE

. -

,

.

(8)

.

2.8. ȼɨɩɪɨɫɵ ɞɥɹ ɫɚɦɨɩɪɨɜɟɪɤɢ 36

1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15. 16. 17. 18. 19. 20. 21. 22. 23. 24. 25. 26. 27. 28. 29. 30. 31. 32. 33. 34. 35. 36.

? ? DDK? ? CHAR? UCHAR? LONG? ULONG? WCHAR? PWCHAR? PWSTR? PCWSTR? PSZ? DeviceObject DriverExtension HardwareDatabase FastIoDispatch DriverInit DriverStartIo DriverUnload MajorFunction AddDevice

? ? ? ? ? ? ? ? ? ?

DriverObject NextDevice CurrentIrp Flags ? Characteristics DeviceExtension DeviceType StackSize AlignmentRequirement Flags Characteristics DriverEntry? DriverEntry? 37

? ? ? ? ? ? ? ? ? ?

37. 38. 39. 40. 41. 42. 43. 44. 45. 46. 47.

extern “C” DriverEntry? IN OUT? NTSTATUS? DriverEntry WDM ? DriverEntry? DriverUnload? DriverExtension->AddDevice? DriverStartIo? WDM DriverUnload? DriverUnload?

48. 49. 50. 51. 52. 53. 54. 55. 56. 57. 58. 59. 60. 61. 62. 63. 64. 65. 66. 67. 68. 69. 70. 71.

AddDevice? AddDevice? DriverObject AddDevice? pdo AddDevice? AddDevice? IoCreateDevice? IoCreateDevice? ? ? Flags

? ?

Flags ? IoAttachDeviceToDeviceStack? IoAttachDeviceToDeviceStack? IoCreateDevice? ? IoCreateDevice? IoCreateDevice? IoCreateDevice? IoCreateDevice? IoCreateDevice? ? IoCreateDevice? IoCreateDevice? 38

?

3 ɉɚɤɟɬɵ ɡɚɩɪɨɫɨɜ ɜɜɨɞɚ-ɜɵɜɨɞɚ IRP .

-

.

3.1 ɋɬɪɭɤɬɭɪɚ IRP IRP

3.1.

. Type

RequestorMode Cancel

Size

MdlAddress Flags AssociatedIrp ThreadListEntry IoStatus PendingReturned StackCount CancelIrql ApcEnvironment UserIosb UserEvent Overlay CancelRoutine UserBuffer

CurrentLocation AllocftionFlags

Tail

IRP

3.1 – MdlAddress (PMDL) (Memory Descriptor List).

, . MDL

(IRP_MJ_READ

.

IRP_MJ_WRITE),

DO_DIRECT_IO. IRP_MJ_DEVICE_CONTROL MDL METOD_IN_DIRECT

METOD_OUT_DIRECT.

. Flags (ULONG) ,

, .

39

AssociatedIrp

. AssociatedIrp.SystemBuffer.

WDM-

. (IRP_MJ_READ

IRP_MJ_WRITE), DO_DIRECT_IO. IRP_MJ_DEVICE_CONTROL

METOD_IN_DIRECT

METOD_OUT_DIRECT. -

, IRP. (IRP_MJ_DEVICE_CONTROL). . -

. IoStatus (IO_STATUS_BLOCK)

, -

IoStatus.Status

NTSTATUS,

.

IoStatusInformation

IRP

,

.

.

PnP

,

.

RequestorMode {UserMode

KernelMode}.

.

PendingReturned (BOOLEAN)

,

STATUS_PENDING. Cancel (BOOLEAN) IOCancelIrp,

TRUE, FALSE

40

.

CancelIrql (KIRQL –

IRQL)

, (IRQL),

-

. CancelRoutine (PDRIVER_CANCEL) IRP

.

UserBuffer (PVOID) IRP_MJ_DEVICE_CONTROL, METHOD_NEITHER. Taile

(

3.2).

Taile.Overlay

:

Taile.Overlay.DeviceQueueEntry (KDEVICE_QUEUE_ENTRY) Taile.Overlay.DriverContext (PVOID[4]). Taile.Overlay.DeviceQueueEntry

. Taile.Overlay

DeviceQueueEntry

TailCompletionKey DriverContext

Thread AuxiliaryBuffer Tail.Apc

ListEntry

CurrentStackLocation

PacketType

OriginalFileObject

Tail IRP

3.2 –

Taile.Overlay.DriverContext IoCsqXxx (

). 41

IRP,

,

, .

Taile.Overlay.ListEntry (LIST_ENTRY) . 3.2 ɋɬɟɤ ɜɜɨɞɚ-ɜɵɜɨɞɚ IRP

-

IO_STACK_LOCATION.

, IRP (

3.3).

3.3 –

3.4.

3.4 –

-

MajorFunction (UCHAR) IRP.

,

( , IRP_MJ_READ

MajorFunction 42

.

)

,

MinorFunction (UCHAR)

,

IRP,

.

,

IRP_MJ_PNP , IRP_MN_START_DEVICE.

, Flags

,

/

.

.

Control

, -

IRP.

,

,

,

loMarklrpPending

SL_PENDING,

-

IRP

,

.

Parameters ,

.

Create

,

IRP_MJ_CREATE, IRP_MJ_READ

Read

. .

DeviceObject (PDEVICE_OBJECT)

,

. IoCallDriver. FileObject (PFILE_OBJECT)

,

IRP. IRP

.

CompletionRoutine (PIO_COMPLETION_ROUTINE) (

)

.

. Context (PVOID)

,

. 3.3 Ɍɢɩɢɱɧɚɹ ɦɨɞɟɥɶ ɨɛɪɚɛɨɬɤɢ IRP IRP IRP

3.5. .

43

. .

IRP

3.5 – IRP .

-

IRP

:

IoBuildAsynchronousFsdRequest (Fsd – File System Driver) IRP,

. IoBuildSynchronousFsdRequest

IRP,

. IoBuildDeviceControlRequest IRP_MJ_DEVICE_CONTROL

IRP_MJ_INTERNAL_DEVICE_CONTROL.

IoAllocateIrp

IRP

.

3.4 ɋɨɡɞɚɧɢɟ ɫɢɧɯɪɨɧɧɵɯ IRP IRP

, :

− −

.

IRP,

.

IRP

, . 44



IoCompleteRequest

-

IRP



.

-

.

, (PASSIVE_LEVEL). ,

.

PIRP Irp = IoBuildSynchronousFsdRequest(…); // З

ExAcquireFastMutex(…);

З

//

IRQL

APC_LEVEL

NSTATUS status = IoCallDriver(…); if (status == STATUS_PENDING) KeWaitForSingleObject(…); ExReleaseFastMutex(…);

// !!!

//

IRP (

IoCompleteRequest . APC,

) ,

,

.

,

IRQL

,

. (

APC

APC_LEVEL, ,

),

(

STATUS_PENDING). IRP,

, ,



. ,

IRQL −

,

PASSIVE_LEVEL.

APC

. KeEnterCriticalRegion, APC

,

ExAcquireFastMutexUnsafe

. APC

45

.



IRP,

– . IRP.

3.1

IRP

3.1 – IRP IoBuildSynchronousFsdRequest

IRP_MJ_READ IRP_MJ_WRITE IRP_MJ_FLUSH_BUFFERS IRP_MJ_SHUTDOWN IRP_MJ_PNP IRP_MJ_POWER

IoBuildDeviceControlRequest

IRP_MJ_DEVICE_CONTROL IRP_MJ_INTERNAL_DEVICE_CONTROL

3.5 ɋɨɡɞɚɧɢɟ ɚɫɢɧɯɪɨɧɧɵɯ IRP IRP

: IRP

IoBuildAsynchronousFsdRequest

IRP_MJ_READ IRP_MJ_WRITE IRP_MJ_FLUSH_BUFFERS IRP_MJ_SHUTDOWN IRP_MJ_PNP IRP_MJ_POWER (

IRP_MJ_POWER_SEQUENCE) (

IoAllocateIrp

MajorFunction )

IRP ACP



.

IRP.

IRP: IRP,

,

46



IRP

, ,



IRP,

-

, IoFreeIrp



IRP,

,

IRP, ,



IRP

, IRQL

DISPATCH_LEVEL);

,

(MajorFunction = IRP_MJ_Xxx; …

//

(

NTSTATUS status = IoCallDriver(DeviceObject, Irp);

47

)

IoCallDriver

, .

IRP

(

DeviceObject

PnP)

.

LowerDeviceObject,

IoAttachDeviceToDeviceStack. IRP

.

ɦɢɧɭɫ ɩɟɪɜɵɣ

, .

,

ɫɥɟɞɭɸɳɢɣ

,

,

.

3.7 Ɏɭɧɤɰɢɹ IoCallDriver IoCallDriver

:

NTSTATUS IoCallDriver(PDEVICE_OBJECT DeviceObject, PIRP Irp) { IoSetNextIrpStackLocation(Irp); PIO_STACK_LOCATION stack = IoGetCurrentIrpStackLocation(Irp); stack->device_object = DeviceObject; ULONG fcn = stack->MajorFunction; PDRIVER_OBJECT driver = DeviceObject->DriverObject; return (*driver->MajorFunction[fcn])(DeviceObject, Irp); }



IoCallDriver:

, ,





, ,

.

3.8 Ⱦɢɫɩɟɬɱɟɪɫɤɢɟ ɮɭɧɤɰɢɢ IRP: NTSTATUS DispatchXxx(PDEVICE_OBJECT fdo, PIRP Irp) {

48

PIO_STACK_LOCATION stack = IoGetCurrentIrpStackLocation(Irp);

//1

PDEVICE_EXTENSION pdx = (PDEVICE_EXTENSION)Device-> DeviceExtension; //2 … return STATUS_Xxx;

//3

}

: //1 . //2

, AddDevice. NTSTATUS

//3 IoCallDriver,

.

: a.

,

b.

,

,

c. . a. Ɂɚɜɟɪɲɟɧɢɟ IRP IRP −

.

IRP

: (

,

); , −

, , (

,

);

. 49

IRP

Status

IRP IoStatus

Information

IoCompleteRequest.

Status

,

NTSTATUS.H. 3.2. NTSTATUS

3.2 – STATUS_SUCCESS STATUS_UNSUCCESSFULL

,

STATUS_NOT_IMPLEMENTED STATUS_INVALID_HANDLE

Д

STATUS_INVALID_PARAMETER STATUS_INVALID_DEVICE_REQUEST Д

STATUS_EBD_OF_FILE STATUS_DELETE_PENDING STATUS_INSUFFICIENT_RESOURCES

(

)

. : NTSTATUS CompleteRequest(PIRP Irp, NTSTATUS Status, ULONG_PTR Information) { Irp->IoStatus.Status = status; Irp->IoStatus.Information = Information; IoCompleteRequest(Irp, IO_NO_INCREMENT) return status; }

IoCompleteRequest ,

,

. IoCompleteRequest IRP.

, : 50



,



, MDL (Memory Descriptor List),

IRP ( ),



APC . ,



,

: ,



IRP,



IRP.

,

3.9 ɉɟɪɟɞɚɱɚ IRP ɜɧɢɡ ɩɨ ɫɬɟɤɭ IRP

,

,

. ,

,

AddDevice: pdx->LowerDeviceObject = IoAttachDeviceToDeviceStack(fdo, pdo);

fdo –

,

pdo – .

IoAttachDeviceToDeviceStack

, IRP,

. , IoCallDriver. IRP

, IO_STACK_LOCATION.

. – … IoCopyCurrentIrpStackLocationToNext(Irp); status = IoCallDriver(pdx->LowerDeviceObject, Irp);

51

:



IoCopyCurrentIrpStackLocationToNext IO_STACK_LOCATION

.

,

-

.

3.10 ɉɨɫɬɚɧɨɜɤɚ IRP ɜ ɨɱɟɪɟɞɶ ɞɥɹ ɩɨɫɥɟɞɭɸɳɟɣ ɨɛɪɚɛɨɬɤɢ IRP

– . IRP

,

DEVQUEUE:

NTSTATUS DispatchSomething(PDEVICE_OBJECT fdo, PIRP Irp) { … IoMarkIrpPending(Irp);

//a

StartPacket(&pdx->dqSomething, fdo, Irp, CancelRoutine);//b return STATUS_PENDING;

//c

}

a.

, STATUS_PENDING.

b.

PnP

StartPacket

, ;

, StartIo.

c.

STATUS_PENDING

IRP

,

. StartPacket

, IRP,

IRP ,



.

3.11 Ɏɭɧɤɰɢɹ StartIo StartIo

IRP IRP

VOID StartIo(PDEVICE_OBJECT device, PIRP Irp)

52

. .

{ PIO_STACK_LOCATION stack = IoGetCurrentStackLocation(Irp); PDEVICE_EXTENSION pdx = (PDEVICE_EXTENSION) device->DeviceExtension; … }

StartIo

IRP. .

,

DISPATCH_LEVEL. 3.12 Ɉɛɪɚɛɨɬɱɢɤ ɩɪɟɪɵɜɚɧɢɹ ISR , IRQL

. (DIRQL)

-

.

. . :

,

, t1.

-

. t2

,

, ,

-

.

-

,

,

, -

.

,

,

,

. .

, . -

.

IRQL

-

DISPATCH_LEVEL.

, 53

IRQL

PASSIVE_LEVEL

,

.

ISR

:

BOOLEAN OnInterrupt (PKINTERRUPT InterruptObject. PDEVICE_EXTENSION pdx) { if


return FALSE; … }

ISR

,

IoConnectInterrupt. .

,

. .

(DPC – Defered Procedure Call). DPC –



DPC

, (DIRQL),

,

IoCompleneRequest. :

IoRequestDpc(pdx->DeviceObject, NULL, pdx); 3.13 Ɏɭɧɤɰɢɹ DPC DpcForIsr,

,

DISPATCH_LEVEL.

IRP, .

IoCompleteRequest

IRP,

StartNextPacket

IRP StartIo.

,

:

VOID DpcForIsr(PKDPC Dpc, PDEVICE_OBJECT fdo, PIRP junk,

54

PDEVICE_EXTENSION pdx) { … StartNextPacket(&pdx->dqSomething, fdo);

//a

IoCompleteRequest(Irp, boost);

//b

}

a. StartNextPacket

IRP

StartIo, b. IoCompleteRequest

IRP,

; ,

IRP. 3.14 Ɏɭɧɤɰɢɢ ɡɚɜɟɪɲɟɧɢɹ -

IRP

(CompletionNotification) IoSetCompletionRoutine(): VOID loSetCompletionRoutine(IN PIRP Irp, IN PIO_COMPLETION_ROUTINE CompletionRoutine, INPVOID Context, IN BOOLEAN InvokeOnSuccess, IN BOOLEAN InvokeOnError, IN BOOLEAN InvokeOnCahcel);

Irp – ,

IRP,

CompletionRoutine



,

IRP, Context –

CompletionRoutine,

InvokeOnSuccess,

,

,

InvokeOnError,

IwokeOnCancel

CompletionRoutine

, IRP

.

55



InvokeOnXxx

, ,

, .

InvokeOnSuccess

,

IRP InvokeOnError

,

NT_Success.

1

NT_Success.

,

IRP

,

IwokeOnCancel

,

, IoCancelIrp.

IwokeOnCancel

Cancel

IoCancelIrp.

IRP,

IRP

InvokeOnError,

,

InvokeOnSuccess,

.

IRP

. .

, IRP. loSetCompletionRoutine() , IRP.



: NTSTATUS CompletionRoutine(IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp, IN PVOID Context);

DeviceObject



-

,

IRP, IRP – IRP, Context –

,

,

IoSetCompletionRoutine(). IoSetCompletionRoutine() ɫɬɟɤɟ ɪɚɡɦɟɳɟɧɢɹ ɜɜɨɞɚ/ɜɵɜɨɞɚ,

IRP

56

ɫɬɟɤɟ ɪɚɡɦɟɳɟɧɢɹ ɜɜɨɞɚ/ɜɵɜɨɞɚ

.

:



IRP IRP,



, (

) ,

(

.

),

(

, -

)

-

,

, ,

/

. IRQL, IRP – loComplete Request().

IRQL

IRQL_ DISPATCH_LEVEL. IRP , IRP,

InvokeOnSuccess, InvokeOnError,

IwokeOnCancel

TRUE.

IRP

IoFreeIrp()

IRP. [3]: STATUS_MORE_PROCESSING_REQUIRED ɞɨɩɨɥɧɢɬɟɥɶɧɚɹ ɨɛɪɚɛɨɬɤɚ) –

(ɬɪɟɛɭɟɬɫɹ . .

,

STATUS_MORE_PROCESSING_REQUIRED ,

STATUS_SACCESS.

57

3.15 ȼɵɡɨɜ ɮɭɧɤɰɢɣ ɡɚɜɟɪɲɟɧɢɹ , IoCompleteRequest.

3.6.

3.6 – IoCompleteRequest

, ,

.

,

, .

, ,

IoCompleteRequest

.

IoCompleteRequest

( ,

IRP).

IoCompleteRequest ,

.

STATUS_MORE_PROCESSING_REQUIRED, IoCompleteRequest 58

. STATUS_MORE_PROCESSING_REQUIRED, IoCompleteRequest

,

.

IRP

-

«

.

»

, «

»

IRP

, IoCompleteRequest

. , IoGetCurrentIrpStackLokation

,

IoSetCompletionRoutine. . IoCompleteRequest . 3.16 Ɉɱɟɪɟɞɢ ɡɚɩɪɨɫɨɜ ɜɜɨɞɚ-ɜɵɜɨɞɚ ,

IRP,

-

IRP

. ,

.

IRP

StartIo. IRP

, (

) AddDevice: typedef struct _DEVICE_EXTENSION { LIST_ENTRY IrpQueue; BOOLEAN DeviceBusy; } DEVICE_EXTENSION, *PDEVICE_EXTENSION; NTSTATUS AddDevice(…) { … InitializeListHead(&pdx->IrpQueue); …

59

.

}

IRP VOID NativeStartPacket(PDEVICE_EXTENSION pdx, PIRP Irp) { if (pdx->DeviceBusy) InsertTailList(&pdx->IrpQueue,&Irp->Tail.Overlay.ListEntry); else { pdx->DeviceBusy = TRUE; StartIo(pdx->DeviceObject, Irp); } }

VOID NativeStartNextPacket(PDEVICE_EXTENSION pdx, PIRP Irp) { if (IsListEmpty(&pdx->IrpQueue)) pdx->DeviceBusy = FALSE; else { PLIST_ENTRY foo = RemoveHeadList(&pdx->IrpQueue); PIRP Irp = CONTAINING_RECORD(foo,IRP, Tail.Overlay.ListEntry); StartIo(pdx->DeviceObject, Irp); } }

IRP

,

ntdef.h: #define CONTAINING_RECORD(address, type, field) \ ((type *)((PCHAR)(address) - (ULONG_PTR)(&((type *)0)->field)))

. , PnP [3].

-

60

,

IRP

,

StartIo.

3.17 Ɉɛɴɟɤɬ DEVQUEUE ,

,

[3] DEVQUEUE

, DEVICE_EXTENSION. typedef struct

_DEVICE_EXTENSION {

… DEVQUEUE dqReadWrite; … } DEVICE_EXTENSION, *DEVICE_EXTENSION; IRP

3.7

,

DEVICE_EXTENSION [3].

3.7 –

IRP

DEVQUEUE StartIo

DEVQUEUE

StartIo, AddDevice.

NTSTATUS AddDevice(…) { … PDEVICE_EXTENSION pdx = …; InitializeQueue(&pdx->dqReadWrite, StartIo); 61

… } IRP_MJ_READ IRP_MJ_WRITE. NTSTATUS DriverEntry(PDRIVER_OBJECT DriverObject, PUNICODE_STRING RegistryPath) { … DriverObject->MajorFunction[IRP_MJ_READ] = DispatchReadWrite; DriverObject->MajorFunction[IRP_MJ_WRITE] = DispatchReadWrite; … } #pragma PAGEDCODE

//С

NTSTATUS DispatchReadWrite(PDEVICE_OBJECT fdo, PIRP Irp) { PAGED_CODE()

//

,

//

, IRQL,

// PDEVICE_EXTENSION pdx = (PDEVICE_EXTENSION) fdo->DeviceExtension; IoMarkIrpPending(Irp); StartPacket(&pdx->dqReadWrite, fdo, Irp, CancelRoutine); return STATUS_PENDING; } #pragma LOCKEDCODE

//С

VOID CancelRoutine(PDEVICE_OBJECT fdo, PIRP Irp) { PDEVICE_EXTENSION pdx = (PDEVICE_EXTENSION) fdo->DeviceExtension; CancelRequest(&pdx->dqReadWrite, Irp); }

62

,

StartPacket

, . IRP

DPC

StartNextPacket. VOID DpcForIsr(PKDPC junk1, PDEVICE_OBJECT fdo, PIRP junk2, PDEVICE_EXTENSION pdx) { … StartNextPacket(pdx->dqReadWrite, fdo); }

3.18 Ɉɬɦɟɧɚ ɡɚɩɪɨɫɨɜ ɜɜɨɞɚ-ɜɵɜɨɞɚ ,

.

, . ,

. -

,

IoCancelIrp.

-

IoCancelIrp ,

IRP, .

CancelIo, , (handle) IRP

. IoCancelIrp STATUS_CANCELED.

IoCancelIrp

,

IRP,

, IRP

,

,

. , StartIo



,

: IRP

CancelRoutine .

CancelRoutine

NULL. 63

IRP

IRP



IoCancelIrp

Cancel NULL

,

Irp.

CancelRoutine

, CancelRoutine

IRP.

IRP

NULL.

IoCancelIrp

. IRP IRP

,



, STATUS_CANCELED.

IRP

IoCancelIrp

CancelRoutine

NULL,

IRP

, .

.

, ,

«

,

» . .

IRP. IoCsqXxx,

-

-

,

,

Microsoft. . «

». IoCancelIrp.

BOOLEAN IoCancelIrp(PIRP Irp) { IoAcquireCancelSpinLock(&Irp->CancelIrql);

//1

&Irp->CancelIrql = TRUE;

//2

PDRIVER_CANCEL CancelRoutine = IoSetCancelRoutine(Irp, NULL); //3 if (CancelRoutine) {PIO_STACK_LOCATION stack = IoGetCurrentIrpStackLocation(Irp); (*CancelRoutine)(stack->DeviceObject, Irp);

//4

return TRUE; } else { IoReleaseCancelSpinLock(Irp->CancelIrql); return FALSE;

//5

64

} }

. IoCancelIrp

1.

-

.

,

IRP. IRP. Cancel = TRUE

2.

,

IoCancelIrp. IoSetCancelRoutine

3. CancelRoutine

NULL

.

4. IoCancelIrp

,

,

-

. .

,

,

,

, IoCallDriver.

5.

, -

IoCancelIrp

.

3.19 ɋɰɟɧɚɪɢɢ ɨɛɪɚɛɨɬɤɢ IRP IRP,

, , [3].

. ɋɰɟɧɚɪɢɣ 1: ɩɟɪɟɞɚɱɚ ɜɧɢɡ ɫ ɮɭɧɤɰɢɟɣ ɡɚɜɟɪɲɟɧɢɹ IRP,

, PnP, (

3.8).

65

3.8 – :

− IRP

DISPATCH_LEVEL (

IRP

, ),



, DISPATCH_LEVEL ( ).

: NTSTATUS DispatchSomething(PDEVICE_OBJECT fdo, PIRP Irp) { PDEVICE_EXTENSION pdx = (PDEVICE_EXTENSION) fdo->DeviceExtension; NTSTATUS status = IoAcqureRemoveLock(&pdx->RemoveLock, Irp); if (!NT_SUCCESS(status)) return CompleteRequest(Irp, status); IoCopyCurrentIrpStacklocationToNext(Irp); IoSetCompletionRoutine(Irp, (PIO_COMPLETION_ROUTINE) CompletionRoutine, pdx, TRUE, TRUE, TRUE); return IoCallDriver(pdx->LowerDeviceObject, Irp); } NTSTATUS CompletionRoutine(PDEVICE_OBJECT fdo, PIRP Irp,

66

PDEVICE_EXTENSION pdx) { if (Irp->PendingReturned) IoMarkIrpPending(Irp); …

//

IoReleaseRemoveLock(&pdx->RemoveLock, Irp); return STATUS_SUCCESS; }

ɋɰɟɧɚɪɢɣ 2: ɩɟɪɟɞɚɱɚ ɜɧɢɡ ɛɟɡ ɮɭɧɤɰɢɢ ɡɚɜɟɪɲɟɧɢɹ IRP,

, IRP

PnP,

(

3.9).

:

− IRP

(



), IRP,

,

,

. , IRP,

.

,

,

NTSTATUS ForwardAndForget(PDEVICE_EXTENSION pdx, PIRP Irp) { PDEVICE_EXTENSION pdx = (PDEVICE_EXTENSION) fdo->DeviceExtension; NTSTATUS status = IoAcqureRemoveLock(&pdx->RemoveLock, Irp); if (!NT_SUCCESS(status)) return CompleteRequest(Irp, status); IoSkipCurrentIrpStackLocation(Irp); status = IoCallDriver(pdx->LowerDeviceObject Irp); IoReleaseRemoveLock(&pdx->RemoveLock, Irp); return status; }

67

:

3.9 – ɋɰɟɧɚɪɢɣ 3: ɡɚɜɟɪɲɟɧɢɟ ɜ ɞɢɫɩɟɬɱɟɪɫɤɨɣ ɮɭɧɤɰɢɢ IRP, (

3.10).

:

− IRP

(



), IRP, -



IRP

(IOCTL),

-

(

)

,

. : NTSTATUS DispatchSomething(PDEVICE_OBJECT fdo, PIRP Irp) { PDEVICE_EXTENSION pdx = (PDEVICE_EXTENSION) fdo->DeviceExtension; …

//

IRP

Irp->IoStatus.Status = STATUS_XXX; Irp->IoStatus.Information = YYY; IoSetCompletionRequest(Irp,IO_NO_INCREMENT); return STATUS_XXX; }

68

3.10 – ɋɰɟɧɚɪɢɣ 4: ɩɨɫɬɚɧɨɜɤɚ ɜ ɨɱɟɪɟɞɶ ɞɥɹ ɩɨɫɥɟɞɭɸɳɟɣ ɨɛɪɚɛɨɬɤɢ IRP, . IRP StartIo (

3.11).

− IRP

:

(



), IRP,

, IRP, .

IRP

DEV1QUEUE.

-

3.11 –

69

.

, IRP

.

typedef struct _DEVICE_EXTENSION { DEVQUEUE dqReadWrite; } DEVICE_EXTENSION, *DEVICE_EXTENSION; NTSTATUS AddDevice(PDRIVER_OBJECT DriverObject, PDEVICE_OBJECT pdo) { … InitializeQueue(&pdx->dqReadWrite, StartIo); IoInitializeDpcRequest(fdo, (PIO_DPC_ROUTINE) DpcForIsr); … } NTSTATUS DispatchReadWrite(PDEVICE_OBJECT fdo,PIRP Irp) { PDEVICE_EXTENSION pdx = (PDEVICE_EXTENSION) fdo->DeviceExtension; IoMarkIrpPending(Irp); StartPacket(&pdx->dqReadWrite, fdo, Irp, CancelRoutine); return STATUS_PENDING; } VOID CancelRoutine(PDEVICE_OBJECT fdo,PIRP Irp) { PDEVICE_EXTENSION pdx = (PDEVICE_EXTENSION) fdo->DeviceExtension; CancelRequest(&pdx->dqReadWrite, Irp); } VOID StartIo(PDEVICE_OBJECT fdo, PIRP Irp) { … } BOOLEAN OnInterrupt(PKITERRUPT junk, PDEVICE_EXTENSION pdx); { … PIRP Irp = GetCurrentIrp(&pdx->dqReadWrite); Irp->IoStatus.Status = STATUS_XXX;

70

Irp->IoStatus.Information = YYY; IoRequestDpc(pdx->DeviceObject, NULL, pdx); … } VOID DpcForIsr(PKDPC junk1, PDEVICE_OBJECT fdo, PIRP junk2, PDEVICE_EXTENSION pdx) { … PIRP Irp = GetCurrentIrp(&pdx->dqReadWrite); StartNextPacket(&pdx->dqReadWrite, fdo); IoCompleteRequest(Irp, IO_NO_INCREMENT); }

ɋɰɟɧɚɪɢɣ 5: ɫɨɡɞɚɧɢɟ ɚɫɢɧɯɪɨɧɧɵɯ IRP IRP, −



(

3.12).

:

,

, ( DISPATCH_LEVEL (

), ).

IRP

3.12 – ,

. IRP, .

SOMETYPE SomeFunction(PDEVICE_EXTENSION pdx, PDEVICE_OBJECT DeviceObject)

71

{ NTSTATUS status = IoAcquireRemoveLock(&pdx->RemoveLock, (PVOID) 42);

//A

if (!NT_SUCCESS(status)) return
;

//A

PIRP Irp; Irp = IoBuildAsynchronousFsdRequest(IRP_MJ_XXX, DeviceObject, …);

Irp = IoAllocateIrp(DeviceObject->StackSize, FALSE); PIO_STACK_LOCATION stack = IoGetNextIrpStackLocation(Irp); stack->MajorFunction = IPR_MJ_XXX;


IoSetCompletionRoutine[EX]([pdx->DeviceObject,] Irp, (PIO_COMPLETIOM_ROUTINE)CompletiomRoutine, pdx, TRUE, TRUE, TRUE); ObReferenceObject(DeviceObject);

//B

IoCallDriver(DeviceObject, Irp); ObDeReferenceObject(DeviceObject);

//B

} NTSTATUS CompletionRoutine(PDEVICEOBJECT junk, PIRP Irp, PDEVICETXTENSION PDX) {


IoFreeIrp(Irp); IoReleaseRemoveLock(&pdx->RemoveLock, (PVOID) 42);

//A

return STATUS_MORE_PROCESSING_REQUIRED; }

IoAcquireRemoveLock

IoReleaseRemoveLock ( IRP

, . 42 –

.

ObDeReferenceObject IoCallDriver

(

ObDeReferenceObject

)

,

IoGetDeviceObjectPointer

DeviceObject, 72

)

. ( )

( )



,

.

ɋɰɟɧɚɪɢɣ 6: ɫɨɡɞɚɧɢɟ ɫɢɧɯɪɨɧɧɵɯ IRP IRP, −

(

3.13).

:

,



, .

IRP

3.13 – ,

. IRP, .

SOMETYPE SomeFunction(PDEVICE_EXTENSION pdx, PDEVICE_OBJECT DeviceObject) { NTSTATUS status = IoAcquireRemoveLock(&pdx->RemoveLock, (PVOID) 42);

//A

if (!NT_SUCCESS(status)) return
;

//A

PIRP Irp; KEVENT event;

73

IO_STATUS_BLOCK iosb; KeInitializeEvent(&event, NotificationEvent, FALSE); Irp = IoBuildSynchronousFsdRequest(IRP_MJ_XXX, DeviceObject, … &event, &iosb);

Irp = IoBuildDeviceIoControl(IOCTL_XXX, DeviceObject, … &event, &iosb); status = IoCallDriver(DeviceObject, Irp); if (status == STATUS_PENDING) { KeWaitForSingleObject(&event, Executive, KernelMode, FALSE, NULL); status = iosb.Status; } IoReleaseRemoveLock(&pdx->RemoveLock, (PVOID) 42);

//A

… }

IoAcquireRemoveLock

5, IoReleaseRemoveLock (

)

,

IRP

. 42 – .

USB (URB – USB Request Block). IRP,

.

IRP

.

-

. ɋɰɟɧɚɪɢɣ 7: ɫɢɧɯɪɨɧɧɚɹ ɩɟɪɟɞɚɱɚ ɜɧɢɡ IRP. (

3.14).

:

− IRP

(



), PASSIVE_LEVEL

, 74



IRP PASSIVE_LEVEL. , PnP



IRP_MN_START_DEVICE.

IRP

3.14 – ,

,

. ,

IoCompleteRequest

,

IRP,

. ForwardAndWait, .

NTSTATUS ForwardAndWait(PDEVICE_EXTENSION pdx, PIRP Irp) { KEVENT event; KeInitialize(&event, NotificationRoutine, FALSE); IoCopyCurrentIrpStackLocationToNext(Irp); IoCompletionRoutine(Irp, (PIO_COMPLETION_ROUTINE) ForwardAndWaitCompletionRoutine, &event, TRUE, TRUE, TRUE); NTSTATUS status = IoCallDriver(pdx->LowerDeviceObject, Irp); if (status == STATUS_PENDING) { KeWaitForSingleObject(&event, Executive, KernelMode, FALSE, NULL); status = Irp->IoStatus.Status;

75

} return status; } NTSTATUS ForwardAndWaitCompletionRoutine(PDEVICE_JBJECT fdo, PIRP Irp,PKEVENT pev) { if (Irp->PendingReturned) KeSetEvent(pev,IO_NO_INCREMENT, FALSE); return STATUS_MORE_PROCESSING_REQUIRED; }

ɋɰɟɧɚɪɢɣ 8: ɫɢɧɯɪɨɧɧɚɹ ɨɛɪɚɛɨɬɤɚ ɚɫɢɧɯɪɨɧɧɵɯ IRP IRP, IRP (

3.15).

:



,



, ,



DPC_LEVEL . , –

.

IRP

3.15 –

. SOMETYPE SomeFunction(PDEVICE_EXTENSION pdx, PDEVICE_OBJECT DeviceObject)

76

{ NTSTATUS status = IoAcquireRemoveLock(&pdx->RemoveLock, (PVOID) 42);

//A

if (!NT_SUCCESS(status)) return
;

//A

PIRP Irp; Irp = IoBuildAsynchronousFsdRequest(IRP_MJ_XXX, DeviceObject, …);

Irp = IoAllocateIrp(DeviceObject->StackSize, FALSE); PIO_STACK_LOCATION stack = IoGetNextIrpStackLocation(Irp); Stack->MajorFunction = IPR_MJ_XXX; л




KEVENT event; KeInitializeEvent(&event, NotificationEvent, FALSE); IoCopyCurrentIrpStackLocationToNext(Irp); IoSetCompletionRoutine[EX]([pdx->DeviceObject,] Irp, (PIO_COMPLETIOM_ROUTINE)CompletiomRoutine, &event, TRUE, TRUE, TRUE); status = IoCallDriver(DeviceObject, Irp); if (status == STATUS_PENDING) KeWaitForSingleObject(&event, Executive, KernelMode, FALSE, NULL); IoReleaseRemoveLock(&pdx->RemoveLock, (PVOID) 42);

//A

} NTSTATUS CompletionRoutine(PDEVICE_OBJECT junk, PIRP Irp, PKEVENT pev) if (Irp->PendingReturned) KeSetEvent(pev,EVENT_INCREMENT, FALSE);


IoFreeIrp(Irp); return STATUS_MORE_PROCESSING_REQUIRED; }

,

5,

,

, 77

. IoAcquireRemoveLock

IoReleaseRemoveLock (

)

,

IRP

. 42 – . ,

IRP.

3.20 ȼɨɩɪɨɫɵ ɞɥɹ ɫɚɦɨɩɪɨɜɟɪɤɢ 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15. 16. 17. 18. 19. 20. 21. 22. 23. 24. 25. 26. 27. 28. 29.

-

IRP? -

IRP?

MdlAddress IRP? Flags IRP? AssociatedIrp IRP? IoStatus IRP? RequestorMode IRP? Cancel IRP? PendingReturned IRP? CanselIrql IRP? CancelRoutine IRP? UserBuffer IRP? Tail IRP? MDL? MDL? ? IO_STACK_LOCATION? IO_STACK_LOCATION? MajorFunction MinorFunction IO_STACK_LOCATION? Flags IO_STACK_LOCATION? Control IO_STACK_LOCATION? Parameters IO_STACK_LOCATION? DeviceObject IO_STACK_LOCATION? FileObject IO_STACK_LOCATION? IO_STACK_LOCATION? CompletionRoutine Context IO_STACK_LOCATION? IRP? IRP? IRP? 78

30. 31. 32. 33. 34.

IRP? IRP? IRP? IRP? IRQL?

35. 36. 37. 38. 39. 40. 41. 42. 43. 44. 45. 46. 47. 48. 49. 50. 51. 52. 53. 54. 55. 56. 57. 58. 59. 60. 61. 62. 63. 64. 65.

? ? ? IRP? & IRP

? IRP? IRP? IRP?

IRP

?

IRQL IRQL

IRP? IRP? IoFreeIrP? IoFreeIrP? IRP

? -

? -

IoGetNextIrpStackLocation? MajorFunction IRP? ? IRP ? IoCallDriver? IoAttachDeviceToDeviceStack? IoCallDriver? IoCallDriver? ? ? ? NTSTATUS? ? IRP ? IRP? 79

66. 67. 68. 69. 70.

Status

IRP IoStatus? Status? IRP? CompleteRequest? IoCompleteRequest ?

71.

, IoCompleteRequest?

72. 73. 74. 75. 76. 77.

IoCompleteRequest? IoCompleteRequest? ? IRP

83. 84. 85. 86. 87. 88. 89. 90. 91. 92. 93. 94. 95. 96. 97. 98.

? ? IRP

? IO_STACK_LOCATION ?

78. 79. 80. 81. 82.

-

IRP ?

IRP DEVQUEUE? DEVQUEUE? , STATUS_PENDING? IRP ? , STATUS_PENDING? StartIo? StartIo? IRQL ISR? IRQL ? ISR? ISR? ISR? ISR IRQL 80

?

StartIo? ? ? ?

DPC? DpcForIsr?

99. 100. 101.

DpcForIsr? ? -

IRP

? 102. IoSetCmpletionRoutine? 103. IoSetCmpletionRoutine? 104. IoSetCmpletionRoutine? 105. IoSetCmpletionRoutine? IoSetCmpletionRoutine? 106. 107. IoSetCmpletionRoutine? 108. IoSetCmpletionRoutine? 109. IoSetCmpletionRoutine? 110. InvokeOnSuccess? 111. InvokeOnError? 112. InvokeOnCancel? 113. IoSetCmpletionRoutine? 114. IRP IoSetCmpletionRoutine? 115. , IRP ? 116. IRQL ? 117. , IRP ? ? 118. 119. , ? 120. ? 121. ? 122. IoCompleteRequest ? IoCompleteRequest 123. ? 124. IRP « » IoCompleteRequest? 125. IoCompleteRequest , ? 81

126. 127. 128. 129. 130. 131. 132. 133. 134.

,

IRP? IRP? IRP? IRP ? IRP ? CONTAINING_RECORD? DEVQUEUE? IRP DEVQUEUE?

? 135. 136. 137. 138. 139. 140. 141. 142. 143. 144. 145. 146. 147. 148. 149. 150. 151. 152. 153. 154. 155. 156.

PAGED_CODE? IoMarkIrpPending? StartPacket? #pragma PAGEDCODE? LOCKED_CODE? #pragma LOCKEDCODE? StartPacket? IRP DPC? StartNextPacket? ? ? ? « » IRP? IRP? IRP ? IRP ? IRP ? IRP IRP? IRP? IRP IRP ? IRP?

82

?

ɋɩɢɫɨɤ ɢɫɩɨɥɶɡɨɜɚɧɧɵɯ ɢɫɬɨɱɧɢɤɨɜ 1.

. .

2. 3. 4. .

. Windows NT5:

,

, 2009. – 91 . . . Windows, 3. – .: « », 2005. – 592 . . Microsoft Windows Driver Model. 2, 2007. – 764 . . Windows Driver Foundation: . , . . – .: « ». – », 2008. – 880 .: .

21.07.2011 . 5,25 . . 100 . М

ы

60 84. 1/16 № 120

я 107996, Ɇɨɫɤɜɚ, ɭɥ. ɋɬɪɨɦɵɧɤɚ, 20

83

3. –

.:

.:

.

. –

.:

. .: «

. / -