Device driver

From The Right Wiki
(Redirected from Device drivers)
Jump to navigationJump to search
This article is about device drivers for hardware. For other software drivers, see Driver (software).
Operating systems

Error: Image is invalid or non-existent.

Common features

In the context of an operating system, a device driver is a computer program that operates or controls a particular type of device that is attached to a computer or automaton.[1] A driver provides a software interface to hardware devices, enabling operating systems and other computer programs to access hardware functions without needing to know precise details about the hardware being used. A driver communicates with the device through the computer bus or communications subsystem to which the hardware connects. When a calling program invokes a routine in the driver, the driver issues commands to the device (drives it). Once the device sends data back to the driver, the driver may invoke routines in the original calling program. Drivers are hardware dependent and operating-system-specific. They usually provide the interrupt handling required for any necessary asynchronous time-dependent hardware interface.[2]

Purpose

The main purpose of device drivers is to provide abstraction by acting as a translator between a hardware device and the applications or operating systems that use it.[1] Programmers can write higher-level application code independently of whatever specific hardware the end-user is using. For example, a high-level application for interacting with a serial port may simply have two functions for "send data" and "receive data". At a lower level, a device driver implementing these functions would communicate to the particular serial port controller installed on a user's computer. The commands needed to control a 16550 UART are much different from the commands needed to control an FTDI serial port converter, but each hardware-specific device driver abstracts these details into the same (or similar) software interface.

Development

Writing a device driver requires an in-depth understanding of how the hardware and the software works for a given platform function. Because drivers require low-level access to hardware functions in order to operate, drivers typically operate in a highly privileged environment and can cause system operational issues if something goes wrong. In contrast, most user-level software on modern operating systems can be stopped without greatly affecting the rest of the system. Even drivers executing in user mode can crash a system if the device is erroneously programmed. These factors make it more difficult and dangerous to diagnose problems.[3] The task of writing drivers thus usually falls to software engineers or computer engineers who work for hardware-development companies. This is because they have better information than most outsiders about the design of their hardware. Moreover, it was traditionally considered in the hardware manufacturer's interest to guarantee that their clients can use their hardware in an optimal way. Typically, the Logical Device Driver (LDD) is written by the operating system vendor, while the Physical Device Driver (PDD) is implemented by the device vendor. However, in recent years, non-vendors have written numerous device drivers for proprietary devices, mainly for use with free and open source operating systems. In such cases, it is important that the hardware manufacturer provide information on how the device communicates. Although this information can instead be learned by reverse engineering, this is much more difficult with hardware than it is with software. Microsoft has attempted to reduce system instability due to poorly written device drivers by creating a new framework for driver development, called Windows Driver Frameworks (WDF). This includes User-Mode Driver Framework (UMDF) that encourages development of certain types of drivers—primarily those that implement a message-based protocol for communicating with their devices—as user-mode drivers. If such drivers malfunction, they do not cause system instability. The Kernel-Mode Driver Framework (KMDF) model continues to allow development of kernel-mode device drivers, but attempts to provide standard implementations of functions that are known to cause problems, including cancellation of I/O operations, power management, and plug and play device support. Apple has an open-source framework for developing drivers on macOS, called I/O Kit. In Linux environments, programmers can build device drivers as parts of the kernel, separately as loadable modules, or as user-mode drivers (for certain types of devices where kernel interfaces exist, such as for USB devices). Makedev includes a list of the devices in Linux, including ttyS (terminal), lp (parallel port), hd (disk), loop, and sound (these include mixer, sequencer, dsp, and audio).[4] Microsoft Windows .sys files and Linux .ko files can contain loadable device drivers. The advantage of loadable device drivers is that they can be loaded only when necessary and then unloaded, thus saving kernel memory.

Privilege levels

Depending on the operating system, device drivers may be permitted to run at various different privilege levels. The choice of which level of privilege the drivers are in is largely decided by the type of kernel an operating system uses. An operating system which uses a monolithic kernel, such as the Linux kernel, will typically run device drivers with the same privilege as all other kernel objects. By contrast, a system designed around microkernel, such as Minix, will place drivers as processes independent from the kernel but that use it for essential input-output functionalities and to pass messages between user programs and each other.[5] On Windows NT, a system with a hybrid kernel, it is common for device drivers to run in either kernel-mode or user-mode.[6] The most common mechanism for segregating memory into various privilege levels is via protection rings. On many systems, such as those with x86 and ARM processors, switching between rings imposes a performance penalty, a factor that operating system developers and embedded software engineers consider when creating drivers for devices which are preferred to be run with low latency, such as network interface cards. The primary benefit of running a driver in user mode is improved stability, since a poorly written user-mode device driver cannot crash the system by overwriting kernel memory.[7]

Applications

Because of the diversity of modern hardware and operating systems, drivers operate in many different environments.[8] Drivers may interface with:

Common levels of abstraction for device drivers include:

  • For hardware:
    • Interfacing directly
    • Writing to or reading from a device control register
    • Using some higher-level interface (e.g. Video BIOS)
    • Using another lower-level device driver (e.g. file system drivers using disk drivers)
    • Simulating work with hardware, while doing something entirely different[9]
  • For software:
    • Allowing the operating system direct access to hardware resources
    • Implementing only primitives
    • Implementing an interface for non-driver software (e.g. TWAIN)
    • Implementing a language, sometimes quite high-level (e.g. PostScript)

So choosing and installing the correct device drivers for given hardware is often a key component of computer system configuration.[10]

Virtual device drivers

Virtual device drivers represent a particular variant of device drivers. They are used to emulate a hardware device, particularly in virtualization environments, for example when a DOS program is run on a Microsoft Windows computer or when a guest operating system is run on, for example, a Xen host. Instead of enabling the guest operating system to dialog with hardware, virtual device drivers take the opposite role and emulates a piece of hardware, so that the guest operating system and its drivers running inside a virtual machine can have the illusion of accessing real hardware. Attempts by the guest operating system to access the hardware are routed to the virtual device driver in the host operating system as e.g., function calls. The virtual device driver can also send simulated processor-level events like interrupts into the virtual machine. Virtual devices may also operate in a non-virtualized environment. For example, a virtual network adapter is used with a virtual private network, while a virtual disk device is used with iSCSI. A good example for virtual device drivers can be Daemon Tools. There are several variants of virtual device drivers, such as VxDs, VLMs, and VDDs.

Open source drivers

Solaris descriptions of commonly used device drivers:

  • fas: Fast/wide SCSI controller
  • hme: Fast (10/100 Mbit/s) Ethernet
  • isp: Differential SCSI controllers and the SunSwift card
  • glm: (Gigabaud Link Module[13]) UltraSCSI controllers
  • scsi: Small Computer Serial Interface (SCSI) devices
  • sf: soc+ or social Fiber Channel Arbitrated Loop (FCAL)
  • soc: SPARC Storage Array (SSA) controllers and the control device
  • social: Serial optical controllers for FCAL (soc+)

APIs

Identifiers

A device on the PCI bus or USB is identified by two IDs which consist of two bytes each. The vendor ID identifies the vendor of the device. The device ID identifies a specific device from that manufacturer/vendor. A PCI device has often an ID pair for the main chip of the device, and also a subsystem ID pair that identifies the vendor, which may be different from the chip manufacturer.

Security

Computers often have many diverse and customized device drivers running in their operating system (OS) kernel which often contain various bugs and vulnerabilities, making them a target for exploits.[17] Bring Your Own Vulnerable Driver (BYOVD) uses signed, old drivers that contain flaws that allow hackers to insert malicious code into the kernel.[18] Drivers that may be vulnerable include those for WiFi and Bluetooth,[19][20] gaming/graphics drivers,[21] and drivers for printers.[22] There is a lack of effective kernel vulnerability detection tools, especially for closed-source OSes such as Microsoft Windows[23] where the source code of the device drivers is mostly not public (open source)[24] and drivers often have many privileges.[25][26][27][28]

A group of security researchers considers the lack of isolation as one of the main factors undermining kernel security,[29] and published an isolation framework to protect operating system kernels, primarily the monolithic Linux kernel whose drivers they say get ~80,000 commits per year.[30][31]

This section is an excerpt from Kernel (operating system) § Protection.[edit]

An important consideration in the design of a kernel is the support it provides for protection from faults (fault tolerance) and from malicious behaviours (security). These two aspects are usually not clearly distinguished, and the adoption of this distinction in the kernel design leads to the rejection of a hierarchical structure for protection.[32] The mechanisms or policies provided by the kernel can be classified according to several criteria, including: static (enforced at compile time) or dynamic (enforced at run time); pre-emptive or post-detection; according to the protection principles they satisfy (e.g., Denning[33][34]); whether they are hardware supported or language based; whether they are more an open mechanism or a binding policy; and many more. Support for hierarchical protection domains[35] is typically implemented using CPU modes. Many kernels provide implementation of "capabilities", i.e., objects that are provided to user code which allow limited access to an underlying object managed by the kernel. A common example is file handling: a file is a representation of information stored on a permanent storage device. The kernel may be able to perform many different operations, including read, write, delete or execute, but a user-level application may only be permitted to perform some of these operations (e.g., it may only be allowed to read the file). A common implementation of this is for the kernel to provide an object to the application (typically so called a "file handle") which the application may then invoke operations on, the validity of which the kernel checks at the time the operation is requested. Such a system may be extended to cover all objects that the kernel manages, and indeed to objects provided by other user applications. An efficient and simple way to provide hardware support of capabilities is to delegate to the memory management unit (MMU) the responsibility of checking access-rights for every memory access, a mechanism called capability-based addressing.[36] Most commercial computer architectures lack such MMU support for capabilities. An alternative approach is to simulate capabilities using commonly supported hierarchical domains. In this approach, each protected object must reside in an address space that the application does not have access to; the kernel also maintains a list of capabilities in such memory. When an application needs to access an object protected by a capability, it performs a system call and the kernel then checks whether the application's capability grants it permission to perform the requested action, and if it is permitted performs the access for it (either directly, or by delegating the request to another user-level process). The performance cost of address space switching limits the practicality of this approach in systems with complex interactions between objects, but it is used in current operating systems for objects that are not accessed frequently or which are not expected to perform quickly.[37][38] If the firmware does not support protection mechanisms, it is possible to simulate protection at a higher level, for example by simulating capabilities by manipulating page tables, but there are performance implications.[39] Lack of hardware support may not be an issue, however, for systems that choose to use language-based protection.[40] An important kernel design decision is the choice of the abstraction levels where the security mechanisms and policies should be implemented. Kernel security mechanisms play a critical role in supporting security at higher levels.[36][41][42][43][44] One approach is to use firmware and kernel support for fault tolerance (see above), and build the security policy for malicious behavior on top of that (adding features such as cryptography mechanisms where necessary), delegating some responsibility to the compiler. Approaches that delegate enforcement of security policy to the compiler and/or the application level are often called language-based security. The lack of many critical security mechanisms in current mainstream operating systems impedes the implementation of adequate security policies at the application abstraction level.[41] In fact, a common misconception in computer security is that any security policy can be implemented in an application regardless of kernel support.[41]

According to Mars Research Group developers, a lack of isolation is one of the main factors undermining kernel security.[45] They propose their driver isolation framework for protection, primarily in the Linux kernel.[46][47]

See also

References

  1. 1.0 1.1 "What is all device driver?". WhatIs.com. TechTarget. Archived from the original on 13 February 2021. Retrieved 19 March 2018.
  2. EMC Education Services (2010). Information Storage and Management: Storing, Managing, and Protecting Digital Information. John Wiley & Sons. ISBN 9780470618332. Archived from the original on 2021-02-13. Retrieved 2020-11-10.
  3. Burke, Timothy (1995). Writing device drivers: tutorial and reference. Digital Press. ISBN 9781555581411. Archived from the original on 2021-01-26. Retrieved 2016-08-05.
  4. "MAKEDEV — Linux Command — Unix Command". Linux.about.com. 2009-09-11. Archived from the original on 2009-04-30. Retrieved 2009-09-17.
  5. Tanenbaum, Andrew; Woodhull, Albert (2006). Operating Systems, Design and Implementation (3rd. ed.). Upper Saddle River, NJ: Pearson Pretence Hall. p. 256. ISBN 0-13-142938-8.
  6. Yosifovich, Pavel; Ionescu, Alex; Russinovich, Mark; Solomon, David (2017). Windows Internals, Part 1 (Seventh ed.). Redmond, Washington: Microsoft Press. ISBN 978-0-7356-8418-8.
  7. "Introduction to the User-Mode Driver Framework (UMDF)". Microsoft. 2006-10-10. Archived from the original on 2010-01-07. Retrieved 2008-03-04.
  8. Deborah Morley (2009). Understanding Computers 2009: Today and Tomorrow. Cengage Learning. ISBN 9780324830132. Archived from the original on 2021-06-09. Retrieved 2020-11-10.
  9. Computer Peripherals and Interfaces. Technical Publications Pune. January 2008. pp. 5–8. ISBN 978-8184314748. Retrieved 2016-05-03.[permanent dead link]
  10. "What are Device Drivers and why do we need them?". drivers.com. April 17, 2015. Archived from the original on November 20, 2016. Retrieved March 19, 2018.
  11. "CCISS". SourceForge. 2010. Archived from the original on 2010-08-21. Retrieved 2010-08-11. Drivers for the HP (previously Compaq) Smart Array controllers which provide hardware RAID capability.
  12. Russell, Steve; et al. (2003-10-21). Abbreviations and acronyms. IBM International Technical Support Organization. p. 207. ISBN 0-7384-2684-9. Retrieved 2011-08-14. {{cite book}}: |work= ignored (help)[permanent dead link]
  13. "US Patent 5969841 - Gigabaud link module with received power detect signal". PatentStorm LLC. Archived from the original on 2011-06-12. Retrieved 2009-09-08. An improved Gigabaud Link Module (GLM) is provided for performing bi-directional data transfers between a host device and a serial transfer medium.
  14. "Unified Audio Model (Windows CE 5.0)". Microsoft Developer Network. Archived from the original on 2017-06-22. Retrieved 2016-09-19.
  15. Dell US. "What are DCH drivers and why do you need to know about them? | Dell US". www.dell.com. Retrieved 2020-10-29.
  16. "dxd - dynax driver framework: Main Page". dxd.dynax.at. Archived from the original on 2016-05-29. Retrieved 2016-09-19.
  17. Talebi, Seyed Mohammadjavad Seyed; Tavakoli, Hamid; Zhang, Hang; Zhang, Zheng; Sani, Ardalan Amiri; Qian, Zhiyun (2018). Charm: Facilitating Dynamic Analysis of Device Drivers of Mobile Systems. pp. 291–307. ISBN 9781939133045. Archived from the original on 5 November 2022. Retrieved 5 November 2022.
  18. Goodin, Dan (14 October 2022). "How a Microsoft blunder opened millions of PCs to potent malware attacks". Ars Technica. Archived from the original on 8 November 2022. Retrieved 8 November 2022.
  19. Ridley, Jacob (9 February 2022). "You're going to want to update your Wi-Fi and Bluetooth drivers today". PC Gamer. Archived from the original on 5 November 2022. Retrieved 5 November 2022.
  20. "Wireless 'BlueBorne' Attacks Target Billions of Bluetooth Devices". threatpost.com. Archived from the original on 5 November 2022. Retrieved 5 November 2022.
  21. Spadafora, Anthony (12 January 2022). "Installing gaming drivers might leave your PC vulnerable to cyberattacks". TechRadar. Archived from the original on 5 November 2022. Retrieved 5 November 2022.
  22. "HP patches vulnerable driver lurking in printers for 16 years". ZDNET. Archived from the original on 5 November 2022. Retrieved 5 November 2022.
  23. Pan, Jianfeng; Yan, Guanglu; Fan, Xiaocao (2017). Digtool: A {Virtualization-Based} Framework for Detecting Kernel Vulnerabilities. pp. 149–165. ISBN 9781931971409. Retrieved 5 November 2022.
  24. King, Bertel (18 June 2022). "Closed Source vs. Open Source Hardware Drivers: Why It Matters". MUO. Archived from the original on 5 November 2022. Retrieved 5 November 2022.
  25. Branscombe, Mary (7 April 2022). "How Microsoft blocks vulnerable and malicious drivers in Defender, third-party security tools and in Windows 11". TechRepublic. Archived from the original on 5 November 2022. Retrieved 5 November 2022.
  26. Goodin, Dan (5 October 2022). "No fix in sight for mile-wide loophole plaguing a key Windows defense for years". Ars Technica. Archived from the original on 5 November 2022. Retrieved 5 November 2022.
  27. Davenport, Corbin. ""Bring Your Own Vulnerable Driver" Attacks Are Breaking Windows". How-To Geek. Archived from the original on 5 November 2022. Retrieved 5 November 2022.
  28. "Windows 10 Security Alert: Vulnerabilities Found in Over 40 Drivers". BleepingComputer. Archived from the original on 5 November 2022. Retrieved 5 November 2022.
  29. "Fine-grained kernel isolation". mars-research.github.io. Archived from the original on 15 September 2022. Retrieved 15 September 2022.
  30. Fetzer, Mary. "Automatic device driver isolation protects against bugs in operating systems". Pennsylvania State University via techxplore.com. Archived from the original on 15 September 2022. Retrieved 15 September 2022.
  31. Huang, Yongzhe; Narayanan, Vikram; Detweiler, David; Huang, Kaiming; Tan, Gang; Jaeger, Trent; Burtsev, Anton (2022). "KSplit: Automating Device Driver Isolation" (PDF). Archived (PDF) from the original on 15 September 2022. Retrieved 15 September 2022.
  32. Wulf 1974 pp.337–345
  33. Denning 1976
  34. Swift 2005, p.29 quote: "isolation, resource control, decision verification (checking), and error recovery."
  35. Schroeder 72
  36. 36.0 36.1 Linden 76
  37. Eranian, Stephane; Mosberger, David (2002). "Virtual Memory in the IA-64 Linux Kernel". IA-64 Linux Kernel: Design and Implementation. Prentice Hall PTR. ISBN 978-0-13-061014-0.
  38. Silberschatz & Galvin, Operating System Concepts, 4th ed, pp. 445 & 446
  39. Hoch, Charles; J. C. Browne (July 1980). "An implementation of capabilities on the PDP-11/45". ACM SIGOPS Operating Systems Review. 14 (3): 22–32. doi:10.1145/850697.850701. S2CID 17487360.
  40. Schneider, Fred B.; Morrissett, Greg; Harper, Robert. "A Language-Based Approach to Security" (PDF). Archived (PDF) from the original on 2018-12-22.
  41. 41.0 41.1 41.2 Loscocco, P. A.; Smalley, S. D.; Muckelbauer, P. A.; Taylor, R. C.; Turner, S. J.; Farrell, J. F. (October 1998). "The Inevitability of Failure: The Flawed Assumption of Security in Modern Computing Environments". Proceedings of the 21st National Information Systems Security Conference. pp. 303–314. Archived from the original on 2007-06-21.
  42. Lepreau, Jay; Ford, Bryan; Hibler, Mike (1996). "The persistent relevance of the local operating system to global applications". Proceedings of the 7th workshop on ACM SIGOPS European workshop Systems support for worldwide applications - EW 7. pp. 133–140. doi:10.1145/504450.504477. ISBN 978-1-4503-7339-5. S2CID 10027108.
  43. Anderson, J. (October 1972). Computer Security Technology Planning Study (PDF) (Report). Vol. II. Air Force Electronic Systems Division. ESD-TR-73-51, Vol. II. Archived (PDF) from the original on 2011-07-21.
  44. Jerry H. Saltzer; Mike D. Schroeder (September 1975). "The protection of information in computer systems". Proceedings of the IEEE. 63 (9): 1278–1308. CiteSeerX 10.1.1.126.9257. doi:10.1109/PROC.1975.9939. S2CID 269166. Archived from the original on 2021-03-08. Retrieved 2007-07-15.
  45. "Fine-grained kernel isolation". mars-research.github.io. Retrieved 15 September 2022.
  46. Fetzer, Mary. "Automatic device driver isolation protects against bugs in operating systems". Pennsylvania State University via techxplore.com. Retrieved 15 September 2022.
  47. Huang, Yongzhe; Narayanan, Vikram; Detweiler, David; Huang, Kaiming; Tan, Gang; Jaeger, Trent; Burtsev, Anton (2022). "KSplit: Automating Device Driver Isolation" (PDF). Retrieved 20 December 2023.

External links

Retrieved from "https://rightwiki.org/index.php?title=Device_driver&oldid=3308831"