1.3 implementation details
1.3.1 kernel code run level
Windows NT assigns different levels for code for its kernel mode. On the same CPU, low level
It can be interrupted by any of the higher levels. The level is ranked from low to high as follows:
Level name runs on this level of the process
Passive_level DriveRentry, Unload, Shutdown, Dispatchxxx.
APC_LEVEL In some special cases, the driver of the large memory device is run at this level.
Dispatch_level Startio, AdapterControl, ControllerControl, Iotimer, DPC.
DIRQLS various interrupt handles.
Table II
1.3.2 Several objects
I) I / O Request Pack (IRP)
Each I / O Manager creates this structure per received request from the user and transmits it as a parameter.
The DISPATCHXXXX, STARTIO process of motors. This structure stores a type of request, the first place of the user buffer
Address, user requests the length of the data. After the driver is processed, it is also added in this structure.
The results of the result, call IOCOMPLETEREQUEST to return it to I / O Manager, request for user programs
return.
II) DPC
This object needs to be created when the DPC procedure is used in the driver. See 1.3.3 for specific functions.
III) Drive Object (DriverObject)
This object is created by the I / O Manager when the driver is started, saving the program to process various requests.
The entrance, the list of all equipment objects driven by the program, etc.
IV) Equipment object (DeviceObject)
For each discovery, the driver calls IOCREATEDEVICE creates a object. Should
The object has a pointer DeviceExtension pointing to a structure defined by the driver, where the device is saved
All information such as port numbers, interrupt vectors.
v) Interrupt objects (Interrupt)
This object is created, there is information, and the process of interrupting and processing when the driver is called IoconnectingerRupt.
When an interrupt occurs, I / O Manager uses it to find the corresponding process.
1.3.3 Postpon Process Call (Deferred Procedure Call)
Since the interrupt processing process is running on a higher DIRQL level, they can mask a number of processes that are less than or equal to their
Execution, if they occupy too long's CPU, it is easy to reduce system performance. Therefore, the interrupt treatment process should be
Some an urgent task is placed in the process known as DPC, and a DPC will be done after completing the emergency tasks such as data transmission.
The object is placed at the end of the system DPC queue, then exits, as soon as possible to make the CPU. The system will complete all DIRQL levels
After the task processes the DPC queue, execute the DPC process specified by each DPC object in Dispatch_level, completion
Processing the undeaded task.
-
