|
 |
Overview
|
This fast-paced seminar expands on the basic concepts presented in our Writing WDM Kernel Mode
Drivers 3-day lecture or 5-day lab. Through a mixture of lectures and lab assignments, students
gain a solid understanding of the complexities of WDM driver development while enhancing their
knowledge of the WDM driver architecture.
The seminar warms up with a review of the basics: Windows architecture, terminology, and a brief
review of WDM driver basics. Then, we launch into a detailed discussion of several of the
often-overlooked complexities regarding how user data buffers are described, and how the problems
they cause may be avoided. This introduces one of the basic themes of this seminar: "Drivers are
not always as simple as they first seem."
The discussions about buffer management lead us to a brief discussion about different ways of
managing request context in a driver: Synchronous processing (and why it should be avoided),
work queues (including rolling your own), temporarily changing process context for a thread,
and impersonation are all discussed.
Next, the seminar undertakes a practical discussion of multi-driver interaction.
Several different methods for implementing inter-driver communication are discussed.
This prepares students for a very detailed discussion of I/O completion, STATUS_PENDING, and
driver I/O completion routines. Many students are surprised to discover that I/O completion
(including properly pending an IRP and using a completion routine to re-claim an IRP) is probably
one of most complicated and confusing topics in WDM!
Continuing with the general theme of multi-driver interaction, the next topic discussed is
power management. Power management architecture, concepts, and the details of how power management
is implemented in a WDM driver that is power policy owner are presented. Common problems and
issues involving power management implementations are described and discussed, including interaction with PnP.
Following the discussion of power management is a discussion of I/O request cancellation.
Interactions
between cancel and other phases of driver operation (PnP, power, cleanup, request
initiation, request completion) are covered. Practical advice for dealing with common cancel
situations is given.
|
|
Building on the detailed concepts presented in the course up to this point, the seminar next
turns to a detailed discussion of protocol-based bus devices, using USB as the primary example.
USB concepts and the details of implementing a USB client driver are discussed. Client driver
concepts and implementation details refer back to the previous discussions of data buffering,
I/O completion, and power management.
Methods of driver instrumentation are discussed next. This includes implementing WMI
support (for exposing both standard and custom data within the system), as well as implementing
driver support for Event Tracing for Windows using WPP.
The seminar finishes with a short overview of the new Windows Driver Foundation (WDF).
This is the new driver model by Microsoft. Our discussion focuses on how many of the complexities discussed
earlier (including buffer handling, power management, and even WMI implementation) are avoided
in WDF.
About the labs: Each student has a pair of appropriately configured systems available for
their exclusive use. Labs are interspersed with lecture at appropriate points during the seminar,
and will last for varying periods of time. Some lab sessions might only be an hour or two.
At other times, larger blocks of time will be dedicated to lab assignments. Each lab session
provides several alternative assignments for students to work on, so that students may work
according to their own abilities, at their own pace, and on topics that most interest them.
While labs are relatively loosely structured, an OSR staff member is always available during
labs to answer questions. A Lab Exercises workbook is provided as a guide, as are example
drivers that students may use as a base for their assignments. Solutions for all lab exercises
are provided. These solutions include both working code and textual explanation for each lab
assignment.
|
|
Target Audience
|
|
|
Developers with practical experience writing Windows drivers who prefer to learn in a
hands-on environment.
|
|
|
Prerequisites
|
This is an intermediate level seminar, and is not suitable for beginners.
Attendees will be assumed to have taken either OSR's 3-day Writing WDM Kernel Mode Drivers
lecture seminar or OSR's 5-day Writing WDM Kernel Mode Drivers lab seminar.
As an
alternative to taking either of these seminars, attendees may substitute actual hands-on
experience in implementing basic WDM drivers. A basic knowledge is assumed of WDM driver
architecture, including how to implement DriverEntry, AddDevice, and dispatch routines for PnP,
Read, Write, and Device Control. Also assumed is a solid understanding of IRQLs, DPCs, dispatcher
objects, and spin locks within WDM drivers. A basic understanding of driver installation
procedures and INF files is also assumed.
|
|
Because of the hands-on nature of this seminar, it is assumed that attendees will be familiar
with using the
Windows operating system, the Windows DDK and Visual Studio (or another source-code
editor of their choice that they bring with them to class). Of course, good knowledge of the
C programming language is required.
There is no time in this seminar to cover prerequisite material. In fairness to other
seminar attendees, please do not sign up for this seminar unless you meet the prerequisites.
If in doubt about whether you meet the prerequisites for this seminar, please contact an
OSR Seminar Consultant. We'd be happy to review your specific background and make
a recommendation. The instructor cannot cover prerequisite material during
class time.
|
|
Seminar Outline
|
|
1. Windows System Architecture
A review of Windows Operating System architecture concepts
that are vital to driver writers.
2. Review of WDM Driver Basics
All the basics of WDM drivers, discussed in less than two hours:
a. Basic I/O function codes;
b. Structure of a WDM driver: Typical driver entry points;
c. Normal flow of processing: Dispatch routines, interrupt service, DpcForIsr;
d. Driver installation;
e. How device stacks are built;
f. How requests are passed from driver-to-driver down a device stack.
3. Describing User Data
The characteristics of Buffered I/O, Direct I/O, and Neither I/O, as well as
their IOCTL counterparts METHOD_BUFFERED, METHOD_xxx_DIRECT, and METHOD_NEITHER
(topics that are covered in OSR's basic WDM driver lecture and lab seminars)
are first briefly reviewed. Given these methods, a number of interesting issues arise:
a. Why there's really no such thing as "simple" buffer handling in Windows drivers;
b. Common errors that lead to security and reliability problems in Windows drivers,
and how to avoid them;
c. When and how to use Windows structured exception handling;
d. The special problems inherent in handling IOCTLs,
as well as those of using Neither I/O and Fast I/O.
4. Managing Request Context
How to create drivers that are not dependent on process context is
discussed, as are mechanisms a driver may use to manage the context in which it executes.
Work queues - how to use them and how to create your own worker threads - and the "high priority
work queue effect" are also discussed in this section.
5. Driver to Driver Communication
In this section, we discuss different methods drivers use to communicate.
Included are descriptions of callback objects, PnP notification
(target device change, interface change, and hardware profile change,
IRP_MN_QUERY_DEVICE_INTERFACES are discussed), and classic IRP-based
communications techniques.
Lab Session:
Buffering and inter-driver communication.
6. I/O Completion
This section comprises a detailed discussion of the interaction between the I/O Manager
and both asynchronous and synchronous drivers. Why drivers must call IoMarkIrpPending
when they return STATUS_PENDING is discussed. Complications introduced by completion routines. and
how/why/when the SL_PENDING bit is propagated are also covered..
|
|
7. Power Management - Power Policy Ownership
Power management concepts, as well as the responsibilities of the power policy owner,
are discussed in this section. Proper handling of power transitions, interactions with PnP,
starting and completing D-IRPs, and dealing with various failure situations are also discussed.
A brief discussion of wait/wake and "fast resume" is included.
Lab Session:
I/O completion and power management.
8. I/O Cancellation
In this section of the seminar, the details of I/O cancellation are discussed.
Included in this discussion are the differences between cleanup and cancel
(and when a driver would specifically want to support each), using the IoCsq
functions to manage request queues, and the complexities of cancelling in-progress
requests.
9. Writing USB Drivers
All about the USB bus and devices:
a. Device, configuration, and
endpoint descriptors;
b. Control, bulk, interrupt, and isochronous endpoints;
c. The Windows USB stack;
d. Implementing a client driver;
e. A brief discussion of
selective suspend and wake support.
Lab Session:
I/O cancellation, USB.
10. WMI Concepts and Implementation
Key WMI concepts are covered, as are the details of how to handle WMI requests
using WMILib. The basics of building a WMI schema to expose custom data are also discussed.
Different methods for exposing a driver's WMI data are discussed.
11. Windows Pre-Processor (WPP) Tracing
In this module, we'll discuss existing Windows O/S trace points,
as well as how to use Event Tracing for Windows (ETW) in your driver.
TraceView (a tool designed specifically to support driver developers'
use of tracing) will also be discussed.
12. An Introduction to The Windows Driver Foundation
A brief introduction to the concepts and implementation of the Windows Driver
Foundation, kernel-mode driver framework. This new driver model promises to revolutionize how drivers are developed for
Windows. In this section, we'll take a quick look at the WDF abstractions used
to encapsulate the WDM concepts we talk about earlier in the week, focusing
particularly on PnP and power management.
Lab Session:
WMI support; WDF "nothing" driver.
|
|
Cost
Advanced WDM Driver Development for Windows (with lab)
5 days, lecture with lab
Cost: $3350 or $3150 if paid 2 weeks prior
OSR also teaches private on-site seminars
all over the world.
As with all of our seminar offerings, our Terms and Conditions and Bottom Line Guarantee apply.
Seminars Outside North America
Please contact OSR at +1.603.595.6500 for seminars held outside
of the United States and Canada. Prices vary by location.
All courses are taught in English. At some international locations,
translation services will be provided. Please contact OSR
for more information.
|
|
|
|
