แชร์ผ่าน


Yet another verifier? Yeah, KMDF has one too!

One of the prominant design goals throughout KMDF's development cycle was to
create a system that had a built in and deeply integrated verifier from the start.
Furthermore, we had a goal to create a system that was easier to verify (as compared
to WDM) at runtime and at compile time. The WDM driver verifier (DV) is phenomenal
at checking for many common mistakes and is a very powerful tool, but there are
some things it cannot check for because the initial design decisions made in
creating WDM (and really when creating previous versions of NT) preclude these
checks. For instance, you can create and initialize a PIRP out of your own
buffer (via IoInitializeIrp(), so DV cannot
validate PIRP pointer values when they are passed to a kernel routine.

So, in that light, KMDF has its own verifier (KMDFDV).
KMDFDV verifiers KMDF specific contracts and behaviors, it is meant
to be an addition to DV; KMDFDV is not meant to replace DV. KMDFDV can be enabled
with or without DV being enabled on the driver. Just like DV, you should enable
KMDFDV while developing your driver so that you can catch your mistakes ealier
rather then later.

There are two new whitepapers on WHDC that describes how to
build a KMDF driver
and how to use the
KMDF debugger extension.
Currently, there is no UI to enable KMDFDV so you must edit the registry directly.
First, navigate to this path:

 
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\[your driver]\Parameters\WDF

If Parameters\WDF does not exist, you must
create this sub path yourself. Under this path, add the following value:

 
"VerifierOn" : REG_DWORD : 0x1

The value must be added before the driver loads. This means that unlike the
currently released versions of DV you do not need to reboot to enable KMDFDV.
If you cannot unload your driver, you must reboot for this value to take effect.
Once added, KMDFDV will be enabled on your driver until the value is removed and
your driver is unloaded. To verify that the KMDF verifier has been enabled on
your driver, break into the debugger and run !wdfkd.wdfdriverinfo. Here is
the output right after before I am returned from my driver's
DriverEntry() routine.

 
1: kd> !wdfdriverinfo wdfrawbusenumtest fff
----------------------------------
Default driver image name:   wdfrawbusenumtest
[...]
----------------------------------
WDF Verifier settings for wdfrawbusenumtest.sys is ON
  Pool tracking is ON
  Handle verification is ON
  IO verification is ON
  Lock verification is ON

Tomorrow I'll talk about the different checks that KMDFDV does and how to
track your object refereces while KMDFDV is enabled.

Comments

  • Anonymous
    May 18, 2006
    When you turn on the KMDF verifier(KMDFDV), a whole slew of behaviors are
    verified.  Unlike the WDM...

  • Anonymous
    October 18, 2012
    Hai. I wanted to know where can i get the KMDFDV tool that you have mentioned here.

  • Anonymous
    October 19, 2012
    wdfverifier.exe is included in the wdk. for instance, in the win8 wdk it can be found at C:Program Files (x86)Windows Kits8.0Toolsx86 C:Program Files (x86)Windows Kits8.0Toolsx64