* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Device Drivers - EMU CMPE Home Page
Survey
Document related concepts
Burroughs MCP wikipedia , lookup
Mobile operating system wikipedia , lookup
Copland (operating system) wikipedia , lookup
Criticism of Windows Vista wikipedia , lookup
Security-focused operating system wikipedia , lookup
Spring (operating system) wikipedia , lookup
Windows Phone 8.1 wikipedia , lookup
Distributed operating system wikipedia , lookup
Transcript
Device Drivers We use materials from Art Baker, Jerry Lozano, The Windows 2000 Device Driver Book. A Guide for Programmers. 2nd Edition, 2001, Prentice Hall PTR, Upper Saddle River, New Jersey, 07458, ISBN 0-13-020431-5, 446 p. Svetlana Sorokina, Andrey Tihonov, Andrey Scherbakov, Drivers Programming and Security Systems, St-Petersburg, BHV-Petersburg, Moscow, Izdatel Molgacheva S.V., 2002, 256 p., ISBN 5-94157-263-8 (in Russian) Device Drivers are special programs which are used for organization of access to external devices. In MS DOS they have more simple structure than in Windows. Let’s consider Device Drivers for Windows 2000 operating system, same concepts are used in Windows NT, XP, similar principles were used in Wndows 95, 98, so these may be viewed as Windows32 (32-bit operating systems), but we shall use Windows NT/2000 for our considerations. Overall structure of OS Windows NT/2000 is given in the figure below: User Mode _____________________________________________________________________ Kernel Mode IO Manager Device Drivers Executive Components Kernel Hardware Abstraction Layer (HAL) Hardware Platform Figure 1. The layers of the Windows NT/2000 operating system. We shall refer to Intel processors, which in the protected mode provide 4 levels of security (privileges) of execution of programs (4 privilege rings, numbered 0,1,2,3, 0 ring of the highest privilege, security). Windows NT/2000 uses 0th and 3rd rings of privileges: 0th – for Kernel mode parts of OS, and users applications and some parts of OS run on the 3rd ring of privilege. Protected mode provides means for multitasking and segmented and paged virtual memory. Each user task gets 4G bytes of virtual address space. Maximal size of segment is 4Gb, size of page is 4Kb. States of tasks are saved in special Task State Segments (Process Control Block, states of registers). TSS also has Input-Output Map showing for each of possible 64K input-output ports possibility of access to it. Windows NT/2000 is characterized by: - model of modified micro-kernel - emulation of several OS - independence from processor architecture - object model - multithreading - preemptive multitasking - virtual memory with loading of pages by demand - multiprocessor mode - support of networking Idea of microkernel is to execute all components of OS (excepting small number, microkernel itself) as users’ processes. Microkernel components execute in the privileged mode. Windows NT/2000 uses approach known as modified microkernel, which is intermediate between pure microkernel and monolithic OS. In this approach, Environmental and Integral Subsystems work in the user mode. Environmental Subsystems provide Application Programming Interface (API) as required by several OS (Windows32, Windows 3.x, POSIX, OS/2, DOS). Windows32 subsystem is a native and is used as a server for implementation of other APIs (for example, psxdll.dll is used by POSIX programs). Environmental Subsystem Windows32 is implemented by kernel32.dll, user32.dll, gdi32.dll and other client dlls, and server process – csrss.exe (Client/Server Runtime SubSystem). Control of windows and messages are provided by user32.dll, graphics – by gdi32.dll, basic services, as input/output, processes and threads management, memory management, synchronization – by kernel32.dll. Since NT 4.0 USER and GDI functions have been moved to kernel mode. Kernel mode code which implements USER and GDI functions resides in win32k.sys module (user mode side is csrss.exe). Integral Subsystems include: The Security Subsystem, The Service Control Manager (manages daemon processes and device drivers), The RPC Locator and Service processes give support to applications distributed across the network. Executive Components are: Object manager – manages resources and implements global names space; Security Reference Monitor – implements security on the base of Security Identifiers (SID) and Discretionary Access Control List (DACL); Virtual Memory Manager – defines address space of the process and manages physical memory; I/O Manager – provides interface between applications and device drivers; Cache Manager – manages global file cache; Local Procedure Call Facility – provides effective inter-processes communications; Configuration Manager – controls registry; Processes Manager – responsible for creation and deletion of processes and threads; Win32 Support – implements windows management (messages and graphics); Plugand-Play manager – monitors switching on/off of devices; Power Manager – controls power supply; Executive Support – responsible for queuing, control of system memory and system work threads. Kernel (ntoskrnl.exe for uni-processors, ntkrnlmp.exe – for multiprocessors) is responsible for interruptions handling, scheduling of threads, inter-processes synchronization. Device drivers and executive components call kernel procedures, identifiers of which have prefix Ke(rnel). Kernel exports dispatcher objects and control objects. Dispatcher objects are used for scheduling and synchronization and have attribute, determining its state – free or busy. Dispatcher objects are: events, mutexes, semaphores, timers. Control objects are used to control system operations, they are: APC (Asynchronous Procedure Call) object – has entry point of the asynchronous procedure and pointer to thread which is to run this procedure; DPC (Deferred Procedure Call) object – contains address of the deferred procedure; Interruption object establishes correspondence between interruption vector and Interrupt Service Routine (ISR) of the device driver. Functions of kernel strongly depend on the hardware. Hardware Abstraction Layer (HAL) is a thin layer of code interfacing between kernel and directly hardware (processor, buses, devices). It resides in hal.dll. Procedures of HAL has identifiers with prefix Hal. HAL provides independence from hardware. Usage of Memory Memory in Windows NT/2000 uses flat model, each segment having size of 4G. Main types of segments are: Selector Usage Base Limit DPL Type Hex 08 Code32 0000 0000 ffff ffff 0 RE 10 Data32 0000 0000 ffff ffff 0 RW 1b Code32 0000 0000 ffff ffff 3 RE 23 Data32 0000 0000 ffff ffff 3 RW System address space – 2-4G (highest 2 Gb), range – 0-2G – user address space. System space is one and the same for all processes. System address space has the following structure: HAL 0xffff ffff Crash dump information Non-paged pool Paged pool Cache Manger Mapped View Cache Manger Hyperspace Page Directory Page Table Memory Mapped Files OS image 0x8000 0000 Priority System Windows NT/2000 has 2-level system of priorities: - high level – Interrupt ReQuest Level (IRQL), which are controlled by hardware interruptions - low level – schedule priorities, controlled by dispatcher Generated by IRQL name Purpose Hardware HIHGEST_LEVEL Machine checks and bus POWER_LEVEL IPI_LEVEL CLOCK2_LEVEL CLOCK1_LEVEL PROFILE_LEVEL DIRQLs Software DISPATCH_LEVEL APC_LEVEL PASSIVE_LEVEL errors Power fail interrupts Interprocessor door-bell for MP systems Interval clock 2 Interval clock 1 Profiling timer Platform dependent number of levels for I/O device interrupts Thread schedule and deferred procedure call execution Asynchronous procedure call execution Normal thread execution level Each thread gets priority in the range 0-31 (lowest priority 0 is for Zero Page Thread background process). Real-time priorities – 16-31 Dynamic priorities – 0-15 Threads of real-time priority are interrupted only when appears process of the higher priority. Such processes are to yield control by themselves. For processes with dynamic priorities, dispatcher may increase priority of long waiting process.