Ensuring that Completion Processing is Performed at Safe IRQL
As noted in Writing Postoperation Callback Routines, the postoperation callback routine for an IRP-based I/O operation can be called at IRQL = DISPATCH_LEVEL, unless the minifilter driver's preoperation callback routine synchronized the operation by returning FLT_PREOP_SYNCHRONIZE or the operation is a create operation, which is inherently synchronous. (For more information about this return value, see Returning FLT_PREOP_SYNCHRONIZE.)
However, for IRP-based I/O operations that are not already synchronized, minifilter drivers can use to two techniques to ensure that completion processing is performed at IRQL <= APC_LEVEL.
The first technique is for the postoperation callback routine to pend the I/O operation until completion processing can be performed at IRQL <= APC_LEVEL. This technique is described in Pending an I/O Operation in a Postoperation Callback Routine.
The second technique is for the minifilter driver's postoperation callback routine to call FltDoCompletionProcessingWhenSafe. FltDoCompletionProcessingWhenSafe pends the I/O operation only if the current IRQL is >= DISPATCH_LEVEL. Otherwise, this routine executes the minifilter driver's SafePostCallback routine immediately. This technique is described in FltDoCompletionProcessingWhenSafe.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for