stackoom
  简体   繁体   中英

How to pass a variable-size array from Windows kernel driver to a user-mode process?

 原文  2018-06-19 17:26:11       c/ callback/ kernel/ windows-kernel/ usermode

Question

I'm learning Windows kernel programming, and I'm wondering how do I pass a byte array from a kernel driver to my user-mode application, where the kernel driver initiates the call?

If I were to do this among user-mode processes (say, from a service to a GUI app) I'd use a named pipe or a shared memory with a named event and a named mutex for synchronization. But I'm lost what to do on the kernel driver side.

Here's my actual example: I have a kernel callback function that can be called any time with a STRING . I then need to pass the string from within it to my currently running user-mode process and to alert it.

1 answers

solution1
 2  2018-06-20 21:53:51

There are tons of ways for kernel-mode to user-mode Inter-Process Communication, and different requirements can suit different techniques.

For starters, you have the option of named pipes (even in kernel-mode). However, there's something you should know... It isn't officially documented for a normal kernel-mode device driver (although there is a documented interface for Filesystem Mini-Filter device drivers).

If you want to use a named pipe from a normal kernel-mode device driver, you'll have to locate the address to NtCreateNamedPipeFile or rely on IoCreateFile (which NtCreateNamedPipeFile relies on internally, using an undocumented structure).

For using a named pipe from a Filesystem Mini-Filter device driver, you have FltCreateNamedPipeFile .

Moving on from the named pipes idea, you have the option of Local Procedure Calls! However, once again, another dead-end in terms of documentation. It is relatively straight forward to do it as a client in kernel-mode though. There's a documented interface for Ports with a Filesystem Mini-Filter device driver though: FltCreateCommunicationPort .

Moving on again, you could attach to the user-mode client and write directly to its memory.

If you really wanted, you could rely on something simple like a shared event to notify the user-mode client that you've just attached to it and written into its virtual memory.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to receive message from kernel in user-mode in c? Driver to User-Mode Communication Kernel-Mode to User-Mode communication what's the difference between the threads(and process) in kernel-mode and ones in user-mode? Pass variable-size buffer from SGX enclave to outside How does the user-mode kernel in UML interface with the underlying kernel on the host How to set keyboard indicator light from windows kernel mode driver? Increase thread quantum from user-mode WDM driver and user-mode communication: best practices and callback questions Is there a way to pass an entire file from file system mini filter driver (kernel mode) up to a user mode application?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM