Sockets and TDI

OSR_Community_User · February 1, 2007, 9:18am

Is there any reasonble way to get from a usermode socket to a file object I
can use in kernel mode for TDI sends and receives? (I know there are
unreasonable ways–please don’t suggest I dig around in AFD’s private data
structures.)

Thanks,

Dan.

OSR_Community_User · February 1, 2007, 11:06am

Lesson: search the archives before posting stupid questions.

I see from a previous discussion this is not possible, and I need to take a
different approach.

Back to the drawing board…

Dan.

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Dan Kyler
Sent: Thursday, February 01, 2007 7:17 AM
To: Windows System Software Devs Interest List
Subject: [ntdev] Sockets and TDI

Is there any reasonble way to get from a usermode socket to a file object I
can use in kernel mode for TDI sends and receives? (I know there are
unreasonable ways–please don’t suggest I dig around in AFD’s private data
structures.)

Thanks,

Dan.

Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer

OSR_Community_User · February 1, 2007, 11:28am

On pre-Vista/LHS systems, a TDI filter driver can easily do what you suggest
(or hint at) doing in a different manner. On Vista, you can implement the
same using ALE and a WFP Stream callout driver.

Both types of drivers can track all of the flows created by applications
running on the system and store the information for later use. Both drivers
can examine, drop, and insert data into a flow as well as terminate a flow.

Is this reasonable? That depends on the real problem you are trying to
solve.

-Preston

Greg_Thomson · February 1, 2007, 3:15pm

Is it possible to accomplish your driver tasks with a User Mode driver
(UMDF) and use your usermode sockets directly?

Greg

“Dan Kyler” wrote in message news:xxxxx@ntdev…
> Is there any reasonble way to get from a usermode socket to a file object
> I
> can use in kernel mode for TDI sends and receives? (I know there are
> unreasonable ways–please don’t suggest I dig around in AFD’s private data
> structures.)
>
> Thanks,
> - Dan.
>
>

OSR_Community_User · February 1, 2007, 5:08pm

The networking stack is not integrated or otherwise supported by UMDF in any
version of Windows, so no.

You can do some things with WFP (Vista/LHS only) in either user mode or
kernel mode, but you cannot inspect, drop, or inject data in flows without
writing a kernel mode driver.

TDI (pre Vista/LHS) is strictly kernel mode.

-Preston

On 2/1/07 3:15 PM, “Greg Thomson” wrote:

> Is it possible to accomplish your driver tasks with a User Mode driver
> (UMDF) and use your usermode sockets directly?
>
> - Greg
>
> “Dan Kyler” wrote in message news:xxxxx@ntdev…
>> Is there any reasonble way to get from a usermode socket to a file object
>> I
>> can use in kernel mode for TDI sends and receives? (I know there are
>> unreasonable ways–please don’t suggest I dig around in AFD’s private data
>> structures.)
>>
>> Thanks,
>> - Dan.