Device Drivers
Device Drivers are special programs which are used for organization of
access to external devices. In MS DOS they have more simple structure than
in Windows. Let’s consider Device Drivers for Windows 2000 operating
system, same concepts are used in Windows NT, XP, similar principles were
used in Wndows 95, 98, so these may be viewed as Windows32 (32-bit
operating systems), but we shall use Windows NT/2000 for our
considerations.
Overall structure of OS Windows NT/2000 is given in the figure below:
User Mode
_____________________________________________________________
Kernel Mode
IO Manager
Device
Drivers
Executive Components
Kernel
Hardware Abstraction Layer (HAL)
Hardware Platform
Figure 1. The layers of the Windows NT/2000 operating system.
INTEL PROCESSORS AND WINDOWS NT/2000
We shall refer to Intel processors, which in the protected mode provide 4
levels of security (privileges) of execution of programs (4 privilege rings,
numbered 0,1,2,3, 0 ring of the highest privilege, security). Windows
NT/2000 uses 0th and 3rd rings of privileges: 0th – for Kernel mode parts of
OS, and users applications and some parts of OS run on the 3 rd ring of
privilege. Protected mode provides means for multitasking and segmented
and paged virtual memory. Each user task gets 4G bytes of virtual address
space. Maximal size of segment is 4Gb, size of page is 4Kb. States of tasks
are saved in special Task State Segments (Process Control Block, states of
registers). TSS also has Input-Output Map showing for each of possible 64K
input-output ports possibility of access to it.
Windows NT/2000 is characterized by:
- model of modified micro-kernel
- emulation of several OS
- independence from processor architecture
- object model
- multithreading
- preemptive multitasking
- virtual memory with loading of pages by demand
- multiprocessor mode
- support of networking
WINDOWS NT/2000 COMPONENTS
Idea of microkernel is to execute all components of OS (excepting small
number, microkernel itself) as users’ processes. Microkernel components
execute in the privileged mode. Windows NT/2000 uses approach known
as modified microkernel, which is intermediate between pure
microkernel and monolithic OS. In this approach, Environmental and
Integral Subsystems work in the user mode.
Environmental Subsystems provide Application Programming Interface
(API) as required by several OS (Windows32, Windows 3.x, POSIX,
OS/2, DOS). Windows32 subsystem is a native and is used as a server for
implementation of other APIs (for example, psxdll.dll is used by POSIX
programs). Environmental Subsystem Windows32 is implemented by
kernel32.dll, user32.dll, gdi32.dll and other client dlls, and server process
– csrss.exe (Client/Server Runtime SubSystem). Control of windows and
messages are provided by user32.dll, graphics – by gdi32.dll, basic
services, as input/output, processes and threads management, memory
management, synchronization – by kernel32.dll. Since NT 4.0 USER and
GDI functions have been moved to kernel mode. Kernel mode code
which implements USER and GDI functions resides in win32k.sys
module (user mode side is csrss.exe).
Integral Subsystems include: The Security Subsystem, The Service
Control Manager (manages daemon processes and device drivers), The
RPC Locator and Service processes give support to applications
distributed across the network.
WINDOWS NT/2000 COMPONENTS (CONT 1)
Executive Components are: Object manager – manages resources and
implements global names space; Security Reference Monitor –
implements security on the base of Security Identifiers (SID) and
Discretionary Access Control List (DACL); Virtual Memory Manager –
defines address space of the process and manages physical memory; I/O
Manager – provides interface between applications and device drivers;
Cache Manager – manages global file cache; Local Procedure Call
Facility
–
provides
effective
inter-processes
communications;
Configuration Manager – controls registry; Processes Manager –
responsible for creation and deletion of processes and threads; Win32
Support – implements windows management (messages and graphics);
Plug-and-Play manager – monitors switching on/off of devices; Power
Manager – controls power supply; Executive Support – responsible for
queuing, control of system memory and system work threads.
Kernel
(ntoskrnl.exe
for
uni-processors,
ntkrnlmp.exe
–
for
multiprocessors) is responsible for interruptions handling, scheduling of
threads, inter-processes synchronization. Device drivers and executive
components call kernel procedures, identifiers of which have prefix
Ke(rnel). Kernel exports dispatcher objects and control objects.
Dispatcher objects are used for scheduling and synchronization and have
attribute, determining its state – free or busy. Dispatcher objects are:
events, mutexes, semaphores, timers. Control objects are used to control
system operations, they are: APC (Asynchronous Procedure Call) object
– has entry point of the asynchronous procedure and pointer to thread
which is to run this procedure;
WINDOWS NT/2000 COMPONENTS (CONT 2)
DPC (Deferred Procedure Call) object – contains address of the deferred
procedure; Interruption object establishes correspondence between
interruption vector and Interrupt Service Routine (ISR) of the device
driver. Functions of kernel strongly depend on the hardware.
Hardware Abstraction Layer (HAL) is a thin layer of code interfacing
between kernel and directly hardware (processor, buses, devices). It
resides in hal.dll. Procedures of HAL has identifiers with prefix Hal.
HAL provides independence from hardware.
USAGE OF MEMORY
Memory in Windows NT/2000 uses flat model, each segment having size
of 4G. Main types of segments are:
Selector Usage
Base
Limit
DPL
Type
Hex
08
Code32 0000
ffff ffff 0
RE
ffff ffff 0
RW
ffff ffff 3
RE
ffff ffff 3
RW
0000
10
Data32 0000
0000
1b
Code32 0000
0000
23
Data32 0000
0000
System address space – 2-4G (highest 2 Gb), range – 0-2G – user address
space. System space is one and the same for all processes.
System address space has the following structure:
USAGE OF MEMORY (CONT 1)
HAL
0xffff
ffff
Crash
dump
information
Non-paged pool
Paged pool
Cache
Manager
Mapped View
Cache
Manager
Hyperspace
Page Directory
Page Table
Memory
Mapped
Files
OS image
0x8000
0000
PRIORITY SYSTEM
Windows NT/2000 has 2-level system of priorities:
- high level – Interrupt ReQuest Level (IRQL), which are controlled by
hardware interruptions
- low level – schedule priorities, controlled by dispatcher
Generated by
IRQL name
Purpose
PRIORITY SYSTEM (CONT 1)
Hardware
HIHGEST_LEVEL
Machine
checks
and
bus errors
POWER_LEVEL
Power fail interrupts
IPI_LEVEL
Interprocessor door-bell
for MP systems
CLOCK2_LEVEL
Interval clock 2
CLOCK1_LEVEL
Interval clock 1
PROFILE_LEVEL
Profiling timer
DIRQLs
Platform
dependent
number of levels for I/O
device interrupts
Software
DISPATCH_LEVEL
Thread schedule and
deferred procedure call
execution
APC_LEVEL
Asynchronous
procedure
call
execution
PASSIVE_LEVEL
Normal
thread
execution level
Each thread gets priority in the range 0-31 (lowest priority 0 is for Zero
Page Thread background process).
Real-time priorities – 16-31
Dynamic priorities – 0-15
Threads of real-time priority are interrupted only when appears process
of the higher priority. Such processes are to yield control by themselves.
For processes with dynamic priorities, dispatcher may increase priority of
long waiting process.