I, background introduction
1.1 consisting of Windows NT operating systems
1.1.1 User Mode and Kernel Mode
Starting from Intel 80386, this series of CPUs can run in Ring0 for security and stability.
~ Ring3 provides corresponding four protection levels for data from high to low. Run in a more
The low-level code cannot invoke the high-level code and access the higher level of data, and only Ring0
The code of the layer can be directly accessed to physical hardware. Since Windows NT is an operation that supports multi-platform
System, in order to be compatible with other platforms, it only uses the two run levels of the CPU. One is called kernel mode,
Corresponding to 80x86 Ring0 layers, the core part of the operating system, including the device driver running in this mode;
A RING3 layer called user mode, corresponding 80x86, user interface part of the operating system, and all
The user is running at this level.
1.1.2 Structure of the Windows NT operating system
Figure 1 briefly describes the system consisting of Windows NT.
Figure one
As can be seen from the figure, there is a hardware abstraction between physical hardware and system core (kernel)
Hardware Abstract Layer, which blocks the difference in hardware of different platforms, to the operating system
The upper layer provides a set of unified interfaces. From the figure we can also see, device driver (Device Driver)
It is surrounded by the I / O Manager (I / O Manager), that is, the driver and the upper layer of the operating system are all
To pass the I / O Manager. This brings great convenience to the driver, because many, such as receiving users
Seeking, exchange data with user program, memory mapping, hanging interrupt, synchronization, etc., all, by the I / O Manager
Work.
1.1.3 Classification of Windows NT Device Drivers
According to whether the hardware is processed directly, the driver can be divided into two major classes: the driver and dedicated drive of the kernel mode.
Actors.
The driver of the kernel mode is directly accessed directly according to the hardware communication protocol, interrupts the response, DM
A transmission. It includes: string, parallel port, keyboard, file system, SCSI, network, etc. driver; dedicated driver
Including drivers such as video, printing, multimedia, virtual DOS, which have great differences in implementation with the former. I'm here
The work done during the internship and the discussion below this article are limited to the drivers of the kernel mode.
-
