HowtosWindows Research Kernel @ HPI
We use Hyper-V to run some of our WRK-related experiments. In order to keep management simple, I created a virtual machine that contains all the setup for those experiments. After creating that image, I used Hyper-V (running on Windows Server 2008 R2) to export this machine to have the template image ready at hand. Once this was done, I thought I would be able to import that image multilple times so that would have enough instances for running our experiment (30 in our case). However, when I imported the second instance, Hyper-V failed to import the template since the VHD file already existed. In this post I will explain how you can easily import multiple virtual machines from one single template image using PowerShell.
Debugging the WRK on Mac OS requires two virtual machines (VM):
the WRK VM, which will be used to debug the kernel, and the debugger
VM, which hosts the kernel debugger. Both VMs will use their serial
port to communicate with each other. In a previous
post, we have shown for VirtualBox how to connect both serial
ports over a named pipe. Now, we are going to describe how to
configure VMware Fusion 3.0 virtual machines to accomplish the same
In a previous post, we showed you how to debug the WRK on a Mac OS system using Sun's VirtualBox. However, in that post, I only concentrated on how to link both virtual machines but not on how to create a WRK-ready virtual machine (VM), because I thought that this task is well documented on the WRK DVD. Unfortunately, on the latest revision of the WRK DVD (verion 1.3, series F), this documentation is missing. In general, this is not a problem, as Microsoft provides a WRK-ready Virtual PC image on the DVD, where all the settings have been done already, but it is of no help, if you plan to use VirtualBox in your environment. In this article, we want to re-iterate over the steps necessary to run the WRK in your virtual machine.
This article describes how to configure VirtualBox on a Mac OS X system that allows both developing and debugging the WRK at the same time.
The Windows Research Kernel contains multiple kernel modules,
e.g. for memory management or for the executive layer. Each module
has its own subdirectory in
base/ntos. If you want to
extend the WRK it might be useful to collect all your new files in a
new kernel module. This post explains the necessary steps for adding
a new kernel module. Basically, all it takes is tweaking a few
Michael created an exhaustive tutorial on how to create a new system service call in the Windows Research Kernel in his HowTo series. An important part is to define the system service dispatch table that contains the new system call, otherwise no user mode application could use it. Creating this dispatch table requires modifying two assembly language files, sysstubs.asm and systable.asm, which in our opinion has proven error prone and tedious.
Therefore, we created a tool that generates the system service table automatically when the WRK is built. It is available as binary for x86 platforms and as sources. It can be downloaded from wrktools.codeplex.com.
At HPI we use the WRK for our operating systems courses. An
essential part in our exercises is to extend and debug the WRK,
which is why we prepared some slides for our students on how to
configure a kernel debug session. Unfortunately the slides are in
German. As Google's translation service quality is questionable in
this regards, we briefly recap all necessary steps here.
Inspired by work of Thomas Friebel on Lock-Holder Preemption we did some experiments with the Windows Research Kernel:
- How can we measure the time a thread is spinning while waiting for a spin-lock?
- Does lock-holder-preemption occur on Windows systems (using VMware Workstation)?
Unfortunately, we could not boot the WRK with Xen. Therefore, the results of our initial experiments which are described in this post can not be compared directly to the work done by Thomas Friebel in the Linux/Xen environment.
In this post, some minor aspects which were forgotten in the first articles are described:
- Parameter handling - how does the kernel know about the amount of parameters of a system service routine?
- CPU independent optimized syscall invocation
- how to take advantage of special CPU instructions, like
In this post we describe a very simple, but complete example of the implementation of a new system service call with the WRK. The system service prints a debug message from within the kernel and can be called from user mode.
You can download the application and a WRK patch for the necessary kernel modifications.
The major advantage of the Windows Research Kernel (WRK) is that it allows modified builts satisfying particular needs of the research community. I was confronted with such a need in a recent project: Using kernel functions in a driver that are normally not exported by the kernel. As we have the WRK sources available, it should be no problem to define the export of my desired functions. But how to do that?
The kernel interface to user mode applications can be described by the set of system service calls. Implementing a new service call is the easiest way to expose new kernel functions to user mode programs.
This post describes the necessary steps to implement a new system service call in the WRK.
First, some background information about system service calls and system service dispatching in Windows is given. Afterwards, the user mode side of directly calling system services is described. Finally, the kernel mode side is examined and a detailed description of how new service calls can be implemented is given.
In some upcoming postings, we will describe simple demo modifications of the Windows Research Kernel. The examples will be downloadable from this site as kernel patches and small demo applications.
diff tool can be used to write the differences
between two source trees (normally a modified and an unmodified
version) into a single (text) file. With
created patch file can be applied to an unmodified source tree. In
this way, kernel modifications can be distributed without having to
provide the whole source code and without a common repository.