Windows System Software -- Consulting, Training, Development -- Unique Expertise, Guaranteed Results
Before Posting...
Please check out the Community Guidelines in the Announcements and Administration Category.More Info on Driver Writing and Debugging
The free OSR Learning Library has more than 50 articles on a wide variety of topics about writing and debugging device drivers and Minifilters. From introductory level to advanced. All the articles have been recently reviewed and updated, and are written using the clear and definitive style you've come to expect from OSR over the years.
Check out The OSR Learning Library at: https://www.osr.com/osr-learning-library/
Setting The IO Type For WDF Driver IOCTLS
Hi All,
I have a requirement where each WDF request will result in Read and Write of the data. We have note decided yet if we will have two pointers (one for input data and one for output data) or use the same pointer for input output data (with two size fields IN size and Out size). I know it has been advised not to use NEITHER IO for transfers. I am looking at METHOD_IN_DIRECT and METHOD_OUT_DIRECT for defining the IOCTLS.
My question is, is it possible to define IOCTLS with both the flags set at the same time? My guess is that it should be possible but I am not sure.
Any help appreciated.
Thanks
AJ--
Howdy, Stranger!
| Upcoming OSR Seminars | ||
|---|---|---|
| OSR has suspended in-person seminars due to the Covid-19 outbreak. But, don't miss your training! Attend via the internet instead! | ||
| Internals & Software Drivers | 19-23 June 2023 | Live, Online |
| Writing WDF Drivers | 10-14 July 2023 | Live, Online |
| Kernel Debugging | 16-20 October 2023 | Live, Online |
| Developing Minifilters | 13-17 November 2023 | Live, Online |
Comments
No, it's an enumeration, not a bitfield, but it doesn't really matter. METHOD_IN_DIRECT and METHOD_OUT_DIRECT are identical, except that the IN version guarantees that the second buffer is readable, and the OUT version guarantees that the second buffer is writable. In practice, it's just memory, and it will always be both readable and writable. So, just use OUT.
Remember that in both cases, the first buffer is copied to kernel, and the second buffer is mapped. There's no other behavioral difference.
Tim Roberts, [email protected]
Providenza & Boekelheide, Inc.
Tim,
Will the IO manager clear the input buffer to zero when I set the flag as METHOD_OUT_DIRECT, since the input data is not expected?
No. It's just not that formal. The user-mode pages get mapped and locked in kernel mode. Literally the only difference is whether I/O manager does ProbeForRead or ProbeForWrite on that locked buffer.
Tim Roberts, [email protected]
Providenza & Boekelheide, Inc.
My driver would stop working if tomorrow security update comes and decides to zero out the "write" memory on input path and zero out the read memory on the output path.
read/write mdl based buffer is standard practice. However if you insist,
use the system buffer for read and the mdl for write. Note that they could
both be pointing at the same user data. The OS will copy that data to the
system buffer. Inefficient needless copy, but avoids some future
catastrophe.
Mark Roddy
I will stake my reputation on the assertion that Microsoft will NEVER change that behavior, until the operating system is called something other than "Windows". Core kernel behavior just does not change, because the consequences are so dire.
Tim Roberts, [email protected]
Providenza & Boekelheide, Inc.
Thanks Guys. Really appreciate the help.
METHOD_OUT_DIRECT is intended for use as output, OR as input AND output. This is by design.
It’s not a hack, it’s not a loophole, its not a coincidence that it works, it’s not a risk. It’s by design. As Mr. Roddy clearly said this is a “standard practice.” As Mr. Roberts said this will “NEVER change” until we’ve all switched to running on Fuchsia or something.
Peter
Peter Viscarola
OSR
@OSRDrivers
Awesome! Will use this METHOD_OUT_DIRECT, which I wanted to in the first place. Just wanted to make sure there are no risks associated with it in anyway.