| User Mode User mode layer of Windows 2000 is made up of a set of components
known as subsystems. There are two: Integral and Environmental.
A subsystem processes I/O requests by passing them to the appropriate kernel mode
driver through the I/O systems services. A subsystem is the layer that translates the
requests of end user applications for the kernel. End user applications have no need to
know about kernel mode operation because all communication between an end user application
and services offered by the kernel are relayed by a user mode subsystem.
Environmental Subsystems implement the interface required by an end user application
written to run under a specific operating system. An environmental subsystem is an
operating system emulator in that it presents an API (application programming interface)
required to run the program. Environmental subsystems accept the API calls made by the
program, convert them to an API call understood by Windows 2000, and then pass the
converted API to the Windows 2000 Executive running in kernel mode.
At present, Microsoft supports two Environmental Subsystems: Win32 and POSIX. Win32
supports WOW which means that it supports 32 bit windows applications, 16 bit windows
applications, and MS-DOS applications. POSIX (Portable Operating System Interface for Unix
standard) supports programs written to that interface.
Environmental subsystems and the programs that they support have no direct access to
hardware or device drivers and are limited to the amount of memory assigned to them. When
the system needs memory or CPU cycles, environmental subsystems, and the programs that run
using the provided API, lose -- they are forced to yield CPU and memory if necessary, and
are swapped to hard drive space.
Integral subsystems run in user mode but perform essential operating system functions.
The most important integral subsystems are the Server Service, the Workstation Service,
and the Security Subsystem (a collection of services and data structures.)
Server Service provides network resources to the network. Workstation Service uses
network resources found on the network. The Security subsystem accepts logon requests and
initiates logon authentication, as well as creating security tokens, and tracking rights
and permissions associated with user accounts. The Security Subsystem also tracks audited
system resources.
Kernel Mode
Kernel Mode encompasses 4 sub-systems:
- Windows 2000 Executive
- Hardware Abstraction Layer (HAL)
- Device Drivers
- Microkernel
Kernel mode subsystems run in a protected area of memory to provide services to user
mode subsystems which functionally protects and isolates the hardware from the software.
Windows 2000 Executive
The Executive provides most of the I/O and object management for the system including
security functions. This does not include keyboard and screen I/O. There are nine
components within the Executive:
- S - Security Reference Manager
- O - Object Manager
- P - Process Manager
- V - VMM - Virtual Memory Manager
- I - I/O Manager
- File Systems
- Device Drivers
- Cache manager
- P - Power Manager
- W - WM and GDI
- Windows Manager
- Graphical Device Interface
- I - IPC - Interprocess Communications Manager
- LPC - Local Procedure Call facility
- RPC - Remote Procedure Call facility
- P - Plug and Play Manager
HAL - Hardware Abstraction Layer
The HAL hides (virtualizes) hardware interface details from Windows. Different hardware
can run windows because the HAL presents a consistent interface for Windows across all
platforms. The HAL is platform specific. Support for the Alpha has been discontinued
(...after W2K SR1). The HAL handles caches, I/O buses, interrupt controllers, and other
platform specific devices.
Kernel Mode Drivers
Kernel Mode Device Drivers translate I/O requests into hardware functions. A Kernel
Mode Device Driver is a modular component with a well defined and specific set of
functionality requirements. Kernel mode device drivers meet the same design goals of
Windows 2000 itself, including;
- Portability among different platforms
- Hardware and software compatibility
- Continuously preemptible and interuptible without
exception
- Compatible with Symettric multiprocessing (SMP)
- Object-driven
- Packet-driven I/O with reusable IRPs
- Support for asynchronous I/O
Kernel mode device drivers are divided into three levels:
- highest level
- intermediate level
- lowest level
The Highest Level drivers require support from drivers in the other two layers.
This level includes File SyStem Drivers (FSD) for FAT, NTFS, and CDFS.
Intermediate Level drivers include virtual disk, mirror, or device-type specific
class drivers. These drivers get support from lower layer drivers and give support to
upper layer drivers. Intermediate Level drivers include PnP Function and filter drivers,
Windows Driver Model (WDM) software bus drivers, PNP software bus drivers, and
system-supplied class drivers that export system-defined WDM class/miniport drivers.
The Lowest-Level drivers include PnP hardware bus drivers, Legacy drivers, SCSI
host adaptors, and more. Lowest-level drivers don't require support from other
lowest-level drivers, and maintain function to control physical peripheral devices
directly such as a SCSI bus.
Windows Driver Model (WDM)
The Windows Driver Model (WDM) is a subset of Intermediate Level Kernel Mode drivers.
The WDM specification details an architecture for hardware drivers. WDM device drivers
have a common set of WDM I/O services and a planned binary compatibility between Windows
2000 and Windows 98 operating systems. This allows full compatibility for WDM-compatible
devices with a single driver written in either Windows 98 or Windows 2000.
There are 4 classes of WDM drivers:
- Miniport Drivers
- Class Drivers
- OS Services
- Virtualizaton drivers
The code for each WDM class abstracts many of the common details involved in
controlling similar hardware devices. Employing WDM, programmers write miniports (smaller
code segments) that talk to hardware directly and call the appropriate class driver to
perform the bulk of common tasks.
Miniport Drivers
Miniport Drivers include drivers for SCSI host adaptors, Network adaptors, and USB
adaptors and have the following attributes:
- indirect control of hardware through a specific bus
class driver
- source and binary compatibility across Microsoft
Windows platforms
- dynamically loadable and unloadable
- provide hardware-specific functionality
- capacity to expose multiple class interfaces
Class Drivers
class Drivers are drivers for drivers. A class driver provides an interface between
different layers of the WDM architecture. The lower layer of a class driver communicates
with the class-specific interface exposed by a miniport driver. The upper layer of a class
driver is OS specific. Class drivers have the following attributes:
- provide dynamic loading and unloading
- provide class-specific functionality (e.g.,
enumeration)
- Capacity to expose a single class-specific interface
to multiple client layers
OS Services
The OS Services layer of abstraction is always specific to the operating system. This
layer abstracts (hides and/or translates) all the operating specific functions from the
miniport layers beneath it. The functionality of this layer includes:
- thread managemenr
- heap management
- event services
Virtualization Drivers
The image for a Virtualization Driver is contained in a .VXD file. The function of a
virtualization driver is to virtualize the interfaces of legacy hardware and send
class-specific commands to the appropriate device. These drivers act as go-betweens to
allow legacy hardware or software to function with non-legacy components. Microsoft cites,
as an example, an MS-DOS program being controlled by a USB joystick using a Virtualization
Driver as the go-between.
The Microkernel translates information for the processor, Including I/O
requests.
|
Forums 
