After having finished with the initial resources on the windows internals, it is time for a developer to start learning about windows drivers. The goal of this post is to provide a list of links that can be used by somebody to get accustomed with the idea of a driver, the tools that he needs to use, etc.
A very important url for this case is http://www.osronline.com. At the top of that page it says “Everything (About) Windows Driver Development” and this is (almost 🙂 ) the case. In fact, this site has a lots of resources that are really useful both to new and to more experienced developers. The first thing that I suggest that you should do, after visiting this website is to become a member (by clicking on the “Join” button). Membership is free and it gives you access to a lot of additional helpful resources:
- First of all (and maybe most important for now) you’ll find a list of “fundamental” resources at http://www.osronline.com/section.cfm?section=26. This list is consisted of several interesting subjects, like Getting Started with Windows Drivers (which is the very first document that you should read, in order to get answers to lots of your questions about drivers), Exactly what is a Driver (which gives a simple technical overview of a driver) and also some basic information about what are the threads, the rings, page fault and real mode (even though I hope that you’ve learned these by looking at the resources that I mentioned in my previous posts).
- Another important link in the website is the listserv. There are 3 lists that are being maintained by OSR: ntdev (various windows system-level topics), windbg (windows debugger or windbg is a really important tool for driver debugging) and ntfsd (file systems and file system filter drivers). The range of the members in these lists is pretty wide, from beginners to veterans. MOST IMPORTANTLY, there are many Microsoft employees, who participate actively in the list and answer the questions. All of the lists are a MUST-join (especially the 2 first ones, if you are not interested in file system drivers).
- Apart from the above very important links there are some more like the NT Insider (similar to an online magazine that covers articles relative to driver development), Downloads (includes many useful utilities like the Driver loader) and Hector’s Memos (another interesting blog about driver development).
In addition, Microsoft also offers a lot of really valuable resources:
- By clicking here, you’ll get redirected to an article that provides all the introductory information that you need about drivers: types of drivers, development environment, debugging tools (windbg rocks!), etc. It’s more technical than the corresponding OSR paper, but it remains an all-encompassing easy-to-read paper.
- All the current windows drivers (excluding the legacy ones) are written in a way that is called the Windows Driver Model (WDM). However, the new model (from Windows Vista and afterwards it is the default model, however there will be versions for previous operating systems, too) is the Windows Driver Foundation (WDF). This model is much much simpler than WDM and is the model that will be used for drivers in the future (i.e. that’s the model that a new driver developer should become accustomed with!). This model allows both the creation of kernel-mode and user-mode drivers. The former framework is called Kernel-Mode Driver Framework (KMDF) and you can find an introduction here. The latter framework is called User-Mode Driver Framework (UMDF) and you can find an introduction here. Also, the UMDF Beta, which includes sample code, documentation, development tools, etc can be downloaded from here.
- Another very useful website with videos from Microsoft employees is https://channel9.msdn.com/. I think that the most interesting videos for driver developers are the ones in the “Going Deep” series and the ones marked with the “Drivers” tag. Some interesting relevant topics are (I’ll try to update this list int the future):
- Windows Vista’s internal architecture by Rob Short (corporate vice president)
- Windows I/O manager part 1 by Nar Ganapathy (architect)
- Windows I/O manager part 2 by Nar Ganapathy (architect)
- Windows Vista I/O by Nar Ganapathy (architect)
- User-Mode Driver Framework by Peter Wieland (UMDF Dev Lead)
- Kernel-Mode Driver Framework by Doron Holan (KMDF Dev Lead)
- PreFAST for Drivers by Donn Terry (Software Developer)
- I/O cancellation (whole team)