I'm noob on kernel-land of OS. Recently I've studied about how program works in kernel-land.
I know several windows api calls are just wrapper of system call for kernel-land. That finally execute syscall/sysret/sysenter to enter kernel-land, and kernel-land receiver(KiFastCallEntry and etc) receives it and throw it to handler which is responsible to parse and act with it.
But the other way for communicating kernel-land I know is IOCTL, like DeviceIoControl(). I've used it to communicate my custom device drivers.
My question is that, What is differences between syscall and DeviceIoControl()? Why two(or more) ways are available/splitted to communicate kernel-land in Windows? Can I use series of syscall for communicating my custom device drivers without calling DeviceIoControl?
Thanks for reading my question. Have a good day :)