2. Tech
  3. Design of Windows 2000 driver

Design of Windows 2000 driver

xiaoxiao2021-03-06  24

Design of Windows 2000 driver

[Date: 2005-1-22] Source: users upload Author: Unknown [font: medium and small]

1 Introduction:

---- Windows 2000 The original Windows NT 5.0 is a new generation of operating systems in Windows NT 4.0, which not only inherits all kinds of Windows NT 4.0, but also has many breakthroughs in technology, one is the driver The structure of the structure is introduced into the new WDM (Win32 Driver Model) driver architecture. Said new technologies, in fact, in 1997, Microsoft proposed the technology and obtained a full application in Windows 98. In other words, Windows 98 also supports WDM. Such WDM has become a cross-platform driver model, not only such a WDM driver can also run on a non-Intel platform without modifying the source code, can not exaggerate WDM calculation is 21st century Driver architecture.

2. WDM works:

WDM is developed on the NT 4.0 driver structure, so it is extremely similar to NT 4.0 drivers, but it has an essential improvement, such as new hardware standards such as USB, IEEE 1394, ACPI. Although Windows 98 supports WDM with Windows 2000, it does not mean that VXD under Windows 98 can run in Windows 2000, while VDD under NT can run in Windows 98. However, it is important to run both platforms to work on both platforms, and now you can write a WDM driver now. Like NT 4.0 drivers, WDM drivers are also hierarchical, that is, drivers on different layers have different priorities, and VXD under Windows 9X does not have this structure. In addition, WDM also introduces two new concepts of functional equipment object FDO (Functional Device Object) to describe hardware, a PDO represents a real hardware, which is an FDO in the driver. see picture 1. It is also worth noting that a hardware only allows a PDO, but can have multiple FDOs, and we don't directly operate hardware in the driver to operate the corresponding PDO and FDO. In terms of Ring-3 and Ring-0 communication, the operating system is packaged into an IRP (Iro Request Packet) structure for each user, sending it to the driver and identifies which device sent by the PDO in the IRP. of. In addition, WDM is neither * driver name is neither * driver name, but also * a 128-bit GUID to identify drivers (many things under Windows * this Identify).

3. Implementation:

Like many applications, the WDM driver is PE format, but it doesn't have the entrance such as WinMain or Main, replaced by DriveRentry:

NTSTATUS DRIVERENTRY (in PDRIVER_OBJECT DriverObject,

/ / Different from the previous PDO

In Punicode_String RegistryPath)

{

DriverObject-> DriveRextension-> AddDevice =

AddDevice; // DriveRextension

The driver extension information is stored, including the hardware resources required for the device. DriverObject-> Majorfunction [IRP_MJ_CREATE]

= RequestCreate;

DriverObject-> Majorfunction [IRP_MJ_CLOSE]

= RequestClose;

DriverObject-> Majorfunction [IRP_MJ_DEVICE_CONTROL]

= RequestControl;

DriverObject-> Majorfunction [IRP_MJ_PNP]

= RequestPnP;

Return status_success;

}

---- In the Driverentry driver, you must register and register some message processors to the operating system, but also indicate whether the data input to the driver input is buffer, and we also provide an AddDevice routine to add the driver to the driver. Driver in the stack. Among them, IRP_MJ_XXXXX is the system message received by the driver, and the requestXXXXX is the corresponding message processing function. In the client program, we generally use DeviceioControl to communicate with the driver by custom control code (mostly in VXD). Look at the system messages received by the driver, we can't find an IRP_MJ_DEVICE_CONTROL message to the driver when the user calls DeviceIocontrol, to trigger the RequestControl message processing function.

NTSTATUS RequestControl (in PDEvice_Object

DeviceObject, in PIRP IRP)

{

PIO_STACK_LOCATION IRPSTACK;

Ulong controlcode;

Ulong InputLength, OutputLength

NTSTATUS STATUS;

Irpstack = IOGETCURRENTIRPSTACKLOCATION (IRP);

/ / Get the I / O stack where the current IRP is located

Controlcode = Irpstack-> Parameters.Deviceiocontrol.

IOCONTROLCODE; / / Get the control code

InputLength = Irpstack-> Parameters.Deviceiocontrol.

InputBufferLength; // Take the input buffer size

OutputLength = Irpstack-> Parameters.Deviceiocontrol.

OutputBufferLength; // Take the output buffer size

Switch (Controlcode)

{

Case hellowdm_ioctl_hell dbgprint

("Hello from wdm./n" ); / / output string to the debugger

Status = status_success; // Set return value

Break;

Default: status = status_invalid_device_request;

// The input control code is not supported

}

Return CompleteRequest (IRP, STATUS, 0);

// Call the CompleteRequest Notification The operating system completes IRP operations

}

---- In the client, set the setupdigetClassDevs in setupapi.dll and build Ring-0 and Ring-3 interface with 128-bit GUID mentioned above:

---- HDEVINFO info = SetupDiGetClassDevs ((LPGUID) & GUID_HELLOWDM, NULL, // GUID_HELLOWDM is 128 GUID NULL, DIGCF_PRESENT | DIGCF_INTERFACEDEVICE); SetupDiEnumDeviceInterfaces then use the interface to enumerate the obtained data to obtain an interface, followed by two consecutive Call SetupDiGetDeviceInterfaceDetail Get the interface details, including the string of type /////00000000000000004# {3D93C5C0-0085-11D1-821E-0080C88327AB} required to call Createfil E, the last call method and VXD calls are generally the same Quantity will not be described. However, since the API in setupapi.dll is used, SETUPDIDESTROYDEVICEINFOLIST needs to be used to release the resources applied. ---- 4. Some explanations:

---- Since WDM is a driver model of cross-platform and cross-operative systems, it must not be used as compilation when writing. In addition, you should also pay attention to the response to the IRP_MJ_PNP message and the transfer of other system messages, which is delivered to other information in the driver stack rather than to client programs, detailed information, please refer to this article. Routine. Finally, because the author wrote this article, Windows 2000 has not yet been officially released, and everything is done with 98DDK with VC6.0 on Windows 98, and commissioned with Numega Softice 4.0.