How to access processor-specific resources (e.g., MSRs)

A few days ago I posted some stuff about hooking an ISR without knowing what vector and DIRQL I should use. I’ve given up on that for the moment, as the hardware is on-board AMD processors, and AMD’s own driver to access this hardware seems to be relying on things within the HAL, which AMD probably had a hand in writing.

Meantime, I’m trying to service the hardware periodically using a Dpc associated with a periodic timer. That’s simple enough and the Dpc is getting called periodically.

The problem is that the Dpc is running on an arbitrary processor, but I want to use the MSRs on a specific processor, say processor 0. If the Dpc happens to be running on processor 1, then the RDMSR and WRMSR instruction get the MSRs for processor 1. But I need the MSRs for processor 0.

How do I do this??? Some ideas…

(1) find out how processor 1 can get to the MSRs for processor 0, through some sort of memory mapping, I suppose, as it can get to the APIC registers through a memory map. AMD’s processor programming guide doesn’t have anything that I could find on this subject.

(2) force the Dpc to always run on processor 0.

(3) some other way to cause a function to run on processor 0. Perhaps hook it as an ISR associated with some periodic timer events.

(4) run a higher-priority user thread on processor 0 that will wait for periodic timer events and then send an IOCTL to my driver, which will then work with the profiling hardware. It appears that DeviceIoControl always runs the driver’s dispatch routine in the same processor. (Is this actually true?)

I know I can do (4) if nothing else works. I’m hoping one of you will have a different solution.

I have the impression that the whole design of drivers is oriented around the driver code not having to care which processor it’s running on. Which is fine for system-wide devices or resources. But I’d like to think there’s a clean way that driver code can get to resources on a specific processor.

You can set target CPU for your DPC run on specific processor (see
KeSetTargetProcessorDpc).

Kris

On Mon, Jan 1, 2018 at 8:29 AM, xxxxx@rolle.name wrote:
> A few days ago I posted some stuff about hooking an ISR without knowing what vector and DIRQL I should use. I’ve given up on that for the moment, as the hardware is on-board AMD processors, and AMD’s own driver to access this hardware seems to be relying on things within the HAL, which AMD probably had a hand in writing.
>
> Meantime, I’m trying to service the hardware periodically using a Dpc associated with a periodic timer. That’s simple enough and the Dpc is getting called periodically.
>
> The problem is that the Dpc is running on an arbitrary processor, but I want to use the MSRs on a specific processor, say processor 0. If the Dpc happens to be running on processor 1, then the RDMSR and WRMSR instruction get the MSRs for processor 1. But I need the MSRs for processor 0.
>
> How do I do this??? Some ideas…
>
> (1) find out how processor 1 can get to the MSRs for processor 0, through some sort of memory mapping, I suppose, as it can get to the APIC registers through a memory map. AMD’s processor programming guide doesn’t have anything that I could find on this subject.
>
> (2) force the Dpc to always run on processor 0.
>
> (3) some other way to cause a function to run on processor 0. Perhaps hook it as an ISR associated with some periodic timer events.
>
> (4) run a higher-priority user thread on processor 0 that will wait for periodic timer events and then send an IOCTL to my driver, which will then work with the profiling hardware. It appears that DeviceIoControl always runs the driver’s dispatch routine in the same processor. (Is this actually true?)
>
> I know I can do (4) if nothing else works. I’m hoping one of you will have a different solution.
>
> I have the impression that the whole design of drivers is oriented around the driver code not having to care which processor it’s running on. Which is fine for system-wide devices or resources. But I’d like to think there’s a clean way that driver code can get to resources on a specific processor.
>
>
>
> —
> NTDEV is sponsored by OSR
>
> Visit the list online at: http:
>
> MONTHLY seminars on crash dump analysis, WDF, Windows internals and software drivers!
> Details at http:
>
> To unsubscribe, visit the List Server section of OSR Online at http:


Kris</http:></http:></http:>

Use the solution mentioned above, and on the routine executed on the specific processor, you can execute the code for your various routines for the functionality you need to work on multiple processors.

Thanks, just what I wanted to know. And more questions…

If I could find a list of all driver routines that pertain to a DPC, that would be helpful.

Specifically, can I control the IRQL at which the DPC runs?

What IRQL does a DPC run at? (at least by default).

They run at dispatch level. You can raise IRQL within your routine.

I have no idea how to interpret "
If I could find a list of all driver routines that pertain to a DPC, that would be helpful." A Dpc is per Driver, there isn’t a dpc for all driver routines. Do you mean all queues up DPCs? That information is not expose outside of the kernel.

Bent from my phone


From: xxxxx@lists.osr.com on behalf of xxxxx@rolle.name
Sent: Monday, January 1, 2018 9:20:25 PM
To: Windows System Software Devs Interest List
Subject: RE:[ntdev] How to access processor-specific resources (e.g., MSRs)

Thanks, just what I wanted to know. And more questions…

If I could find a list of all driver routines that pertain to a DPC, that would be helpful.

Specifically, can I control the IRQL at which the DPC runs?

What IRQL does a DPC run at? (at least by default).


NTDEV is sponsored by OSR

Visit the list online at: https:

MONTHLY seminars on crash dump analysis, WDF, Windows internals and software drivers!
Details at https:

To unsubscribe, visit the List Server section of OSR Online at https:</https:></https:></https:>

I guess if I want my driver to get to the MSRs on all processors, I would need a separate DPC for each one, using the KeSetTargetProcessorDpc calls. Then I would execute the DPC for the processor I want.

I was hoping for some simpler, which is a way to directly access another processor’s MSRs. In particular, I’m looking to do this on the AMD Ryzen. Perhaps a way of memory mapping the other processor’s MSRs.

xxxxx@rolle.name wrote:

I guess if I want my driver to get to the MSRs on all processors, I would need a separate DPC for each one, using the KeSetTargetProcessorDpc calls. Then I would execute the DPC for the processor I want.

I was hoping for some simpler, which is a way to directly access another processor’s MSRs. In particular, I’m looking to do this on the AMD Ryzen. Perhaps a way of memory mapping the other processor’s MSRs.

MSRs are not memory mapped.  They are accessed directly by special CPU
instructions, and those instructions must be executed on the processor
of interest.  What you’re asking is the equivalent of trying to read the
rax register from another processor.  They are simply not available at
the silicon level.

You don’t actually need a set of DPCs.  You can use
KeSetSystemAffinityThread to force your thread to move to another
processor.  It might take some time, if that processor happens to be busy.


Tim Roberts, xxxxx@probo.com
Providenza & Boekelheide, Inc.

This. (actually, you want the EX version, KeSetSystemAffinityThreadEx)

Peter
OSR
@OSRDrivers