Discussion:
Execute user code from kernel
(too old to reply)
Giuseppe
2010-07-01 09:45:36 UTC
Permalink
To make more accurate the system should call a function from kernel -->
DpcForIsr (IRQL = DISPATCH_LEVEL) to user-level function.

If you can, what limitations are there?

Thanks




__________ Information from ESET NOD32 Antivirus, version of virus signature database 5242 (20100701) __________

The message was checked by ESET NOD32 Antivirus.

http://www.eset.com
Don Burn
2010-07-01 11:57:31 UTC
Permalink
You cannot execute code in user space at any level but PASSIVE.


Don Burn (MVP, Windows DKD)
Windows Filesystem and Driver Consulting
Website: http://www.windrvr.com
Blog: http://msmvps.com/blogs/WinDrvr
-----Original Message-----
Posted At: Thursday, July 01, 2010 5:46 AM
Posted To: microsoft.public.win32.programmer.kernel
Conversation: Execute user code from kernel
Subject: Execute user code from kernel
To make more accurate the system should call a function from kernel -->
DpcForIsr (IRQL = DISPATCH_LEVEL) to user-level function.
If you can, what limitations are there?
Thanks
__________ Information from ESET NOD32 Antivirus, version of virus
signature
database 5242 (20100701) __________
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
__________ Information from ESET Smart Security, version of virus
signature
database 5242 (20100701) __________
The message was checked by ESET Smart Security.
http://www.eset.com
Krzysztof Uchronski
2010-07-01 12:00:59 UTC
Permalink
This is bad idea. By doing that you are not only creating potential
security hole (imagine that your UM code you want to run from kernel has
been replaced with something else) but also destabilize the whole system
(again your UM code may be trashed and system crash is almost
guaranteed). On top of it there is of course a problem of context
DpcForIsr is running in (it's arbitrary), basically its code runs in the
context of whatever process happened to be an active one (and no you
can't switch contexts when you are at DISPATCH_LEVEL) - so you are
usually not in the right UM address space hence you can't safely access
your UM code.

Anyway, I would suggest to use inverted calls technique (there's nice
article from OSR guys) where one can "notify" UM mode component (from
KM) to do some work.

And the major question here is: what are you actually trying to do?

Kris

-----Original Message-----
From: Giuseppe [mailto:***@hi-net.it]
Posted At: Thursday, July 01, 2010 10:46 AM
Posted To: microsoft.public.win32.programmer.kernel
Conversation: Execute user code from kernel
Subject: Execute user code from kernel

To make more accurate the system should call a function from kernel -->
DpcForIsr (IRQL = DISPATCH_LEVEL) to user-level function.

If you can, what limitations are there?

Thanks




__________ Information from ESET NOD32 Antivirus, version of virus
signature database 5242 (20100701) __________

The message was checked by ESET NOD32 Antivirus.

http://www.eset.com
Giuseppe
2010-07-01 17:08:40 UTC
Permalink
I have to acquire an analog signal through A/D converter board, to perform
the operations and write the value in the D/A Converter board.
This should be done approximately every millisecond.
Currently the function is written in the kernel and works correctly even if
windows is loaded to 100%.

To increase flexibility and use floating point operations, I would transport
the user-level function.
I did not want to use real-time operating systems due to their complexity
and also can not integrate standard Windows applications.

Thanks.
Post by Krzysztof Uchronski
This is bad idea. By doing that you are not only creating potential
security hole (imagine that your UM code you want to run from kernel has
been replaced with something else) but also destabilize the whole system
(again your UM code may be trashed and system crash is almost
guaranteed). On top of it there is of course a problem of context
DpcForIsr is running in (it's arbitrary), basically its code runs in the
context of whatever process happened to be an active one (and no you
can't switch contexts when you are at DISPATCH_LEVEL) - so you are
usually not in the right UM address space hence you can't safely access
your UM code.
Anyway, I would suggest to use inverted calls technique (there's nice
article from OSR guys) where one can "notify" UM mode component (from
KM) to do some work.
And the major question here is: what are you actually trying to do?
Kris
-----Original Message-----
Posted At: Thursday, July 01, 2010 10:46 AM
Posted To: microsoft.public.win32.programmer.kernel
Conversation: Execute user code from kernel
Subject: Execute user code from kernel
To make more accurate the system should call a function from kernel -->
DpcForIsr (IRQL = DISPATCH_LEVEL) to user-level function.
If you can, what limitations are there?
Thanks
__________ Information from ESET NOD32 Antivirus, version of virus
signature database 5242 (20100701) __________
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
__________ Information from ESET NOD32 Antivirus, version of virus
signature database 5243 (20100701) __________
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
__________ Information from ESET NOD32 Antivirus, version of virus signature database 5243 (20100701) __________

The message was checked by ESET NOD32 Antivirus.

http://www.eset.com
Don Burn
2010-07-01 17:31:22 UTC
Permalink
You cannot get this to work, in fact you are lucky with current in
kernel setup, enough interrupts and DPC stuff can occur to cause you a
problem.

I'd suggest leaving this in the kernel, if you need floating point set
up your own worker thread with floating point. Then use an interlocked
list to insert requests into a queue that the thread processes.


Don Burn (MVP, Windows DKD)
Windows Filesystem and Driver Consulting
Website: http://www.windrvr.com
Blog: http://msmvps.com/blogs/WinDrvr
-----Original Message-----
Posted At: Thursday, July 01, 2010 1:09 PM
Posted To: microsoft.public.win32.programmer.kernel
Conversation: Execute user code from kernel
Subject: Re: Execute user code from kernel
I have to acquire an analog signal through A/D converter board, to
perform the
operations and write the value in the D/A Converter board.
This should be done approximately every millisecond.
Currently the function is written in the kernel and works correctly even if
windows is loaded to 100%.
To increase flexibility and use floating point operations, I would transport
the user-level function.
I did not want to use real-time operating systems due to their
complexity and
also can not integrate standard Windows applications.
Thanks.
Post by Krzysztof Uchronski
This is bad idea. By doing that you are not only creating potential
security hole (imagine that your UM code you want to run from kernel
has been replaced with something else) but also destabilize the
whole
Post by Krzysztof Uchronski
system (again your UM code may be trashed and system crash is almost
guaranteed). On top of it there is of course a problem of context
DpcForIsr is running in (it's arbitrary), basically its code runs in
the context of whatever process happened to be an active one (and no
you can't switch contexts when you are at DISPATCH_LEVEL) - so you
are
Post by Krzysztof Uchronski
usually not in the right UM address space hence you can't safely
access your UM code.
Anyway, I would suggest to use inverted calls technique (there's nice
article from OSR guys) where one can "notify" UM mode component (from
KM) to do some work.
And the major question here is: what are you actually trying to do?
Kris
-----Original Message-----
microsoft.public.win32.programmer.kernel
Conversation: Execute user code from kernel
Subject: Execute user code from kernel
To make more accurate the system should call a function from kernel -->
DpcForIsr (IRQL = DISPATCH_LEVEL) to user-level function.
If you can, what limitations are there?
Thanks
__________ Information from ESET NOD32 Antivirus, version of virus
signature database 5242 (20100701) __________
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
__________ Information from ESET NOD32 Antivirus, version of virus
signature database 5243 (20100701) __________
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
__________ Information from ESET NOD32 Antivirus, version of virus
signature
database 5243 (20100701) __________
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
__________ Information from ESET Smart Security, version of virus
signature
database 5244 (20100701) __________
The message was checked by ESET Smart Security.
http://www.eset.com
Pavel A.
2010-07-01 13:18:31 UTC
Permalink
Post by Giuseppe
To make more accurate the system should call a function from kernel -->
DpcForIsr (IRQL = DISPATCH_LEVEL) to user-level function.
If you can, what limitations are there?
Then, your "user" code must run in a special environment such as Windows
real-time add-on
(proprietary, costly, but perhaps exactly what you want).

-- pa
Continue reading on narkive:
Loading...