Method and system for monitoring and verifying software drivers
First Claim
1. A method for verifying kernel mode drivers within a computing system, the method comprising:
- receiving a request from a kernel mode driver, the request corresponding to a communication directed from the driver to a kernel component of an operating system;
determining that the kernel mode driver is to be monitored;
re-vectoring the request to a driver verifier;
the driver verifier validating one or more call parameters of the request wherein one or more rules are maintained and each of the one or more call parameters are tested against the one or more rules;
upon finding an invalid parameter, the driver verifier issuing a bug check;
determining whether the driver is to be tested for random failures;
upon determining the driver is to be tested for random failures, the driver verifier introducing a failure to the request; and
the driver verifier testing the kernel mode driver for one or more possible errors by conducting at least one pre-established kernel mode driver test.
3 Assignments
0 Petitions
Accused Products
Abstract
A method and system for verifying computer system drivers such as kernel mode drivers. A driver verifier sets up tests for specified drivers and monitors the driver'"'"'s behavior for selected violations that cause system crashes. In one test, the driver verifier allocates a driver'"'"'s memory pool allocations from a special pool bounded by inaccessible memory space to test for the driver'"'"'s accessing memory outside of the allocation. The driver verifier also marks the space as inaccessible when it is deallocated, detecting a driver that accesses deallocated space. The driver verifier may also provide extreme memory pressure on a specific driver, or randomly fail requests for pool memory. The driver verifier also checks call parameters for violations, performs checks to ensure a driver cleans up timers when deallocating memory and cleans up memory and other resources when unloaded. An I/O verifier is also described for verifying drivers use of I/O request packets.
-
Citations
19 Claims
-
1. A method for verifying kernel mode drivers within a computing system, the method comprising:
-
receiving a request from a kernel mode driver, the request corresponding to a communication directed from the driver to a kernel component of an operating system; determining that the kernel mode driver is to be monitored; re-vectoring the request to a driver verifier; the driver verifier validating one or more call parameters of the request wherein one or more rules are maintained and each of the one or more call parameters are tested against the one or more rules; upon finding an invalid parameter, the driver verifier issuing a bug check; determining whether the driver is to be tested for random failures; upon determining the driver is to be tested for random failures, the driver verifier introducing a failure to the request; and the driver verifier testing the kernel mode driver for one or more possible errors by conducting at least one pre-established kernel mode driver test. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A system for verifying kernel mode drivers, the system comprising one or more processors and computer memory and further comprising:
-
a re-vectoring component that receives a request from a kernel mode driver; a driver verifier operably coupled to the re-vectoring component to receive the request and conduct at least one test to monitor the kernel mode driver with respect to the request; wherein the driver verifier validates one or more parameters of the request; wherein one or more rules are maintained and each of the one or more call parameters are tested against the one or more rules; wherein the driver verifier determine whether the driver is to be tested for random failures; and wherein the driver verifier upon determining the driver is to be tested for random failures, introduce a failure to the request. - View Dependent Claims (17, 18, 19)
-
Specification