Hi,
How to retrieve an event handle in the driver. I saw that in WDM this was done using
" hEvent = (HANDLE) irpStack->Parameters.DeviceIoControl.Type3InputBuffer;" under IRP_MJ_DEVICE_CONTROL.
The DeviceIoControl looked like this,
"HANDLE m_hCommEvent = CreateEvent(NULL, false, false, NULL);
DeviceIoControl(m_hCommDevice,
IO_REFERENCE_EVENT,
(LPVOID) m_hCommEvent,
0,
NULL,
0,
&dwReturn,
NULL);"
Plz tell me how I should do this in WDF.
Use ObReferenceObjectByHandle(…, UserMode, *ExEventObjectType,…)
This will give you the pointer on which you can do KeWaitForSingleObject
and KeSetEvent
–
Maxim Shatskih, Windows DDK MVP
StorageCraft Corporation
xxxxx@storagecraft.com
http://www.storagecraft.com
wrote in message news:xxxxx@ntdev…
> Hi,
>
> How to retrieve an event handle in the driver. I saw that in WDM this was
done using
> " hEvent = (HANDLE) irpStack->Parameters.DeviceIoControl.Type3InputBuffer;"
under IRP_MJ_DEVICE_CONTROL.
>
> The DeviceIoControl looked like this,
>
> “HANDLE m_hCommEvent = CreateEvent(NULL, false, false, NULL);
>
> DeviceIoControl(m_hCommDevice,
> IO_REFERENCE_EVENT,
> (LPVOID) m_hCommEvent,
> 0,
> NULL,
> 0,
> &dwReturn,
> NULL);”
>
> Plz tell me how I should do this in WDF.
>
Hi Maxim,
What is the difference between ObReferenceObjectByHandle and
ObReferenceObject and which one is better? I saw a sample using the
ObReferenceObject. Thanks.
Yong
On 3/5/07, Maxim S. Shatskih wrote:
>
> Use ObReferenceObjectByHandle(…, UserMode, *ExEventObjectType,…)
>
> This will give you the pointer on which you can do
> KeWaitForSingleObject
> and KeSetEvent
>
> –
> Maxim Shatskih, Windows DDK MVP
> StorageCraft Corporation
> xxxxx@storagecraft.com
> http://www.storagecraft.com
>
> wrote in message news:xxxxx@ntdev…
> > Hi,
> >
> > How to retrieve an event handle in the driver. I saw that in WDM this
> was
> done using
> > " hEvent = (HANDLE) irpStack->
> Parameters.DeviceIoControl.Type3InputBuffer;"
> under IRP_MJ_DEVICE_CONTROL.
> >
> > The DeviceIoControl looked like this,
> >
> > “HANDLE m_hCommEvent = CreateEvent(NULL, false, false, NULL);
> >
> > DeviceIoControl(m_hCommDevice,
> > IO_REFERENCE_EVENT,
> > (LPVOID) m_hCommEvent,
> > 0,
> > NULL,
> > 0,
> > &dwReturn,
> > NULL);”
> >
> > Plz tell me how I should do this in WDF.
> >
>
>
> —
> Questions? First check the Kernel Driver FAQ at
> http://www.osronline.com/article.cfm?id=256
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
They take different inputs, ObReferenceObjectByHandle takes a handle to the
object, while ObReferenceObject takes a pointer to the object. One is not
better than the other, only what your inputs are in a given situation.
–
Don Burn (MVP, Windows DDK)
Windows 2k/XP/2k3 Filesystem and Driver Consulting
Website: http://www.windrvr.com
Blog: http://msmvps.com/blogs/WinDrvr
Remove StopSpam to reply
“Yong Liu” wrote in message news:xxxxx@ntdev…
> Hi Maxim,
>
> What is the difference between ObReferenceObjectByHandle and
> ObReferenceObject and which one is better? I saw a sample using the
> ObReferenceObject. Thanks.
> Yong
>
There are a few things to clear up here
karthik, what are you going to do once the event is signalled in the application? send down an IOCTL to retrieve information? if so, forget about the handle to the event and send down an asynchronous IOCTL (using overlapped i/o) and then just complete the IOCTL with the data you want to send
You want to use an IOCTL other then METHOD_NEITHER, it is very insecure. instead, use METHOD_BUFFERED and send a pointer to the handle, not the handle itself
DeviceIoControl(m_hCommDevice,
IO_REFERENCE_EVENT,
(LPVOID) &m_hCommEvent, <== notice the &
and then retrieve the handle as HANDLE hEvent = *(HANDLE*) Irp->AssociatedIrp.SystemBuffer;
in WDF, your WDFQUEUE callbacks do not have a guaranteed context. to do the handle mapping, you must be in the context of the process sending the IOCTL. To do this, you must register an in process callback by calling WdfDeviceInitSetIoInCallerContextCallback and call ObReferenceObjectByHandle in your EvtIoInCallerContext routine
Yong, ObReferenceObjectByHandle is used to turn an NT handle into an objec. ObReferenceObject just increments a reference count on an NT object that you already have.
d
That’s an abysmal piece of sample code- since when is a handle 0 bytes in length?
KMDF should reject the buffer given that circumstance, but in the event you fix that DeviceIoControl code so it correctly gives the input buffer size- this must be a METHOD_NEITHER IOCTL (because nothing else uses Type3InputBuffer), so you need to use an in-context callback, and in that callback retrieve the “unsafe input buffer” from the WDFREQUEST and process it there.
Or you could make life easier, and make the IOCTL METHOD_BUFFERED (a handle is not a pointer, even though it may look like one from the typedef), and just get the input buffer the same as you would any IOCTL (the size issue is even more important in this case).
Looking at Doron’s reply, I see I forgot about the context in dereferencing the handle. Follow Doron’s advice, but you have to fix the buffer size, as well.
Thanks for the info guys… I came across that piece of code in codeproject.
Doron COuld you plz tell me how I can retrieve the pointer to the handle in WDF,
you suggested I use "retrieve the handle as HANDLE hEvent = *(HANDLE*) Irp->AssociatedIrp.SystemBuffer; "
Is there a way to obtain the Irp from a WDFREQUEST object?.
Sorry if my queries sound too basic. I’m just starting out on driver programming.
First, download the WDK and look at the KMDF samples. there are many of them to look at and learn from.
to get the buffer, your code would look like this
NTSTATUS status;
HANDLE hEvent;
status = WdfRequestRetrieveInputBuffer(Request, (PVOID*) &hEvent, sizeof(hEvent), NULL);
if (NT_SUCCESS(status)) {
status = ObReferenceObjectByHandle(…);
}
d
>First, download the WDK and look at the KMDF samples. there are many of
them to look at and learn from.
I’ve waited many days before asking this… download how?
Using the link named 6000.16386.WDK_RTM.iso
at http://www.microsoft.com/whdc/DevTools/WDK/WDKpkg.mspx
gives me a few KB instead of the 2.4 GB advertised.
I tried various browsers, and a different source gave the same result!
What gives?
I just tried it, worked for me
d
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Justin
Schoenwald
Sent: Tuesday, March 06, 2007 5:11 AM
To: Windows System Software Devs Interest List
Subject: RE:[ntdev] Retrieving an event handle from an IOCTL
First, download the WDK and look at the KMDF samples. there are many
of
them to look at and learn from.
I’ve waited many days before asking this… download how?
Using the link named 6000.16386.WDK_RTM.iso
at http://www.microsoft.com/whdc/DevTools/WDK/WDKpkg.mspx
gives me a few KB instead of the 2.4 GB advertised.
I tried various browsers, and a different source gave the same result!
What gives?
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer