[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Bigger burger roll needed

To: TheGesus <thegesus@xxxxxxxxx>
Subject: Re: [Full-disclosure] Bigger burger roll needed
From: Steve Friedl <steve@xxxxxxxxxxx>
Date: Mon, 3 Oct 2005 13:09:45 -0700

On Mon, Oct 03, 2005 at 03:41:58PM -0400, TheGesus wrote:
> In NT4 they redesigned the GDI so that the user could bypass
> "userland" and talk straight to the kernel.
> 
> It's been so long I don't recall the exact details, but this re-hack
> paved the way for  DirectX and sped up the response of the new
> desktop, which of course was lifted from WIndows 95.
> 
> After NT4 anything that hooked into the GDI could BSOD.  New video
> driver?  BSOD.  New printer driver?  BSOD.  It was quite a mess.

This is only partly the case; this is the history.

In NT3.51, *all* GDI (printer and video) was done in userland, but
GDI calls involved an expensive context switch and/or local procedure
call. I guess for printer drivers this was not really a big deal,
but for video it matters a lot. Gamers care about this, right?

In NT4 all GDI dove into kernel space, and it provided a substantial
performance boost, but it completely sucked for print driver writers.
No thread support, no real support for floating point math, not any
performance difference to write home about, and a BSOD was as easy
as an assertion failure. Porting a complex user-mode driver to
kernel mode could be a daunting task.

Well, all that silly "but kernel-mode print drivers won't be as robust"
talk turned out to be true, so Windows 2000 supported both kernel mode
(version 2) and user mode (version 3) drivers. I assume that version 1
drivers were NT3.51 usermode.

XP is the same way, and in Server 2003 there is a Group Policy option
that disables kernel mode drivers, and I understand that Vista/Longhorn
will forbid kernel mode print drivers altogether.

Saying that the user "bypasses user mode and talks directly to the
kernel" is not really that meaningful: it doesn't talk "to the kernel",
just to the GDI, and it's not really any different from an IOCTL.

It wasn't terribly robust, but I don't think it was inherently insecure.

Steve (who writes print drivers too)

--- 
Stephen J Friedl | Security Consultant |  UNIX Wizard  |   +1 714 544-6561
www.unixwiz.net  | Tustin, Calif. USA  | Microsoft MVP | steve@xxxxxxxxxxx
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- RE: [Full-disclosure] Bigger burger roll needed
  - From: J. Oquendo
- Re: [Full-disclosure] Bigger burger roll needed
  - From: Valdis . Kletnieks
- Re: [Full-disclosure] Bigger burger roll needed
  - From: Steve Friedl
- Re: [Full-disclosure] Bigger burger roll needed
  - From: Valdis . Kletnieks
- Re: [Full-disclosure] Bigger burger roll needed
  - From: TheGesus

Prev by Date: [Full-disclosure] MDKSA-2005:171 - Updated kernel packages fix multiple vulnerabilities
Next by Date: Re: [Full-disclosure] RE: Full-Disclosure Digest, Vol 8, Issue 3
Previous by thread: Re: [Full-disclosure] Bigger burger roll needed
Next by thread: Re: [Full-disclosure] Bigger burger roll needed
Index(es):
- Date
- Thread