Sending IOCTL from IRQL=DISPATCH_LEVEL (KbFilter/KMDF)

Question

I am using the KbFilter example in the WDK, trying to send an IOCTL in a function that is called by KbFilter_ServiceCallback and therefore is executed at DISPATCH_LEVEL. The function just has to send an IOCTL and return, am not waiting for an output buffer to be filled so it can be asynchronous, fire and forget.

I am currently using the WDF functions WdfIoTargetFormatRequestForIoctl and WdfRequestSend to try and send at DISPATCH_LEVEL and getting nothing. The call to WdfRequestSend is succeeding but the IOCTL doesn't appear to be received.

Using either of WdfIoTargetSendIoctlSynchronously or the WDM pattern IoBuildDeviceIoControlRequest() and IoCallDriver() requires PASSIVE_LEVEL and the only way I know to call these at PASSIVE_LEVEL is to create a separate thread that runs at PASSIVE_LEVEL and pass it instructions via a buffer or a queue, synchronized with a spinlock and semaphore.

Can someone tell me if there is an easier way to pass IOCTLs to the drivers below my filter, or is the thread/queue approach the normal pattern when you need to do things at a higher IRQL? Under what circumstances can I use KeRaiseIrql and is this what I should use? Thanks.

Answer 1

Use IoAllocateIrp and IoCallDriver. They can be run at IRQL <= DISPATCH_LEVEL.

You cannot lower your IRQL (unless it is you who raised it). KeRaiseIrql is used only to raise IRQL. A call to KeRaiseIrql is valid if the caller specifies NewIrql >= CurrentIrql.

Be careful: Is your IOCTL expected at DISPATCH_LEVEL?

Here is a code snippet:

PIRP Irp = IoAllocateIrp(DeviceObject->StackSize, FALSE);

Irp->Tail.Overlay.Thread  = PsGetCurrentThread(); 
Irp->RequestorMode        = KernelMode; 
Irp->IoStatus.Status      = STATUS_NOT_SUPPORTED; 
Irp->IoStatus.Information = 0; 

PIO_STACK_LOCATION stack  = IoGetNextIrpStackLocation(Irp); 
stack->MajorFunction      = IRP_MJ_DEVICE_CONTROL; 
stack->Parameters.DeviceIoControl.IoControlCode = ...