|
Hi,Sir
Thank you for your greate job.
I want to write a driver to support multiple virtual video miniport devices.
Could you give me some advices? Actually, I am very confused to do this.
Best Regards
f ang
|
|
|
|
|
Hi. Were you debugging on win9x, i can't see even one debugger wchich will allow to do this effectively, like check on what thread is waiting, any debuger displaying handles, tried to use procexplorer to show handles with waitforsingleobiect,, not mentioning symbols for win98 avability
|
|
|
|
|
Windows 9x isn't the best platform to be debugging. The last time I checked a few years back, the WINDBG from MSDN actually worked you just had to copy it over (the install wouldn't work directly on the machine). It wasn't perfect, but you could at least set some break points and do some stepping of code. Some of it was slow though and you couldn't force a break in. The debug APIs are mostly the same so that's how the debugger can still at least do some control, but some extensions most likley won't work if they are looking for specific NT memory locations.
You can also try SoftICE for 9x, used to work pretty good as well as there is a debugger you can download from Microsoft for Windows 9x/ME but it does require a seperate machine as it is a kernel debugger. You may also want to try to find turbo debugger for windows or another free debugger somewhere, maybe ollydebug would work? Try http://programmerstools.org/[^] but I've been luckly and in recent years it's been rare that I have had to debug Windows 9x and the last time I even did was a few years back. All this stuff is on NT. I'm so spoiled now adays I shutter at just debugging a 2000 machine and that's still light years ahead of Windows 9x debugging!
Microsoft Vistual Studio 6.0 also had a debugger you could use in Windows 9x and seemed to work well, but it is kind of a heavy weight application to be installing on a test machien to debug, but it should also work for you.
8bc7c0ec02c0e404c0cc0680f7018827ebee
|
|
|
|
|
I would be interested in knowing what Compiler the author recommends be used to develop the examples in these articles.
The articles are in C and yet it appears that the current versions of MS Visual C++ cannot compile C language files anymore.
|
|
|
|
|
The new MS Visual C/C++ compilers should still be used to compile the only good high level language, C
The articles did use Visual Studio C/C++ 6.0 compiler however a few of the articles have recently been ported to using Visual Studio 2005/.NET. The only problems that people encountered were new command options that needed to be used and old command line options that needed to be removed. Also, for driver development depending on the environment you setup the compiler may add libraries which would make the executable not loadable in the kernel. Using the DDK environmnet instead should avoid this issue.
8bc7c0ec02c0e404c0cc0680f7018827ebee
|
|
|
|
|
I am a firmware guy who mostly uses the Windows desktop as a development cross compilation platform.
Thus, I have yet to figure out how to force the current versions of Microsoft Visual C++ to compile straight C.
Could you describe step by step how your examples could be compiled using the current Microsoft compilers or point to an article here which has already addressed this issue.Thanks.
|
|
|
|
|
|
So the C compilation capability is still there in the current MS Visual C++, but not fleshed out in the GUI.
One has to write one's own Nmake to activate the C compiler.
Does this means that for C compilation, the developer simply does not use the current MSVC++ GUI at all, and hand-types everything into his own array of makefiles and batch files ?
|
|
|
|
|
The GUI should still work, just create your files as ".C" and probably just have to select "C++ Project". So while the option to create a "C" project is not there, it's likely just implied with "C++" provided you name the files appropriately. THe only problem would be if they default some of the command line options inapproprately for C++, which would then just need to be changed.
I do not use the GUI and have not for a long time though. I like to use makefiles and build environments and work from the command line. It is much easier for me this way to build large projects and independent projects together (I just do nmake from top directory). The build environment I had was very simple I am actually thinking of switching to the latest DDK build environment, would be easier for other people to setup as well then.
Mostly I just use makefile, very little batch files unless really nesecary. So just do "nmake" and build the project. Any batch files would likely just be called from the makefiles anyway and not exposed to the developer. The batch files would also be dependent on the build environment, for example sometimes people use "perl" or "VB Script" to get called from their build environment or other exe files to do special things like build installation and setup programs, call install shield, or whatever they need to do.
8bc7c0ec02c0e404c0cc0680f7018827ebee
|
|
|
|
|
Thanks. I printed out and am about to read 5 of your device driver articles which appear very instructive so I just wanted to have that item ironed out beforehand.
This issue of Choice Of Compiler for various development intents and purposes would be a great article for some of the industrious people here to write.
Microsoft, Intel, Borland, Watcom etc.
However, I think you gave a strong recommendation that this work should be approached with not just Microsoft, but the most recent Microsoft.
|
|
|
|
|
I actually don't make any reccomendations for the compiler you use and actually when you use the makefile environment the compiler should be quite abstracted from the development. The developer can use whatever editor they want (I use SlickEdit for example) and then the build environment uses the correct compiler for the job. For example, I used an development environment before where some binaries were compiled using Intel (for optimiations of a particular componet) while majority of the project was done using VC. The makefiles just used the correct compiler. The developer also was pretty unware when the environment was ported from 6.0 to 2005 and it was likely done in a few projects at a time.
As for Borland and Watcom I really haven't used them or seen them being used since the DOS days. The makefile environment I have is again quite simple and in the makefiles I actually define directly the compiler and options. In a true environment the compiler is apart of the master build make files and the make files being used by the developer are attempted to be more independnet of being tied or defining the compiler (so the entire project cna be redefined much easier).
So, the articles I have were done in VC 6.0 and this is likely the easiest to use since they were made specifcally with that in mind. However you should be able to change the makefiles to make them build for any compiler with a little bit of work (Since I do not have a sophiscated build environment to make things more abstract).
8bc7c0ec02c0e404c0cc0680f7018827ebee
|
|
|
|
|
One more item: what is the best way to obtain or generate a compendium of all the MS Kernel Calls to some of which your articles refer ?
I find that when I try to print these pages Duplex, multi-pages per sheet, that it does not work and wastes paper.
Is there a downloadable list of these MS System Calls in PDF form somewhere ?
|
|
|
|
|
hello. this is a student in South Korea.
i am on a project to study.
it is a software security project which encrypts the exe file of a target software, so someone wouldn't be able to crack the software,
and it also solves the license problem.
here it's how it works.
first, it encrypts the exe file, so the PE structure of file is broken.
second, it merges a module which is going to check the user license and decrypt and run the target excutable image.
this looks like this right below.
+-----------------+
|-----module------|
|-----------------|
|target(encrypted)|
+-----------------+
when it's encrypt and merged, let's imagine the name of file is "calc.exe" which is the same with the name of target exe file.
third, the software is packaged and sold, so an end-user install the package and contacts to the website, gets a certificate.
when the certificate is given, another module encrypts calc.exe with MAC-address, the certificate and the PE image already encrypted before again.
fourth, end-user runs calc.exe and the module is going to be run, because the PE headers of the module is located at the front of calc.exe.
the module copy the target binary on hdd to memory and decrypts it.
then it checks MAC-address, the certificate and create a process from the decrypted excutable image.
the problem is this.
i don't have any knowledge to create a process from an image on memory.
win32 api function "CreateProcess()" doesn't provide that kind of way.
it needs the file path to create a process.
so, if you have any information or knowledge to create a process from an image on memory, or other ways that can solve this problem.
please reply to me.
to e-mail me use this address, "ika1984@hanafos.com".
thanks for reading this all.
-- modified at 20:57 Friday 24th November, 2006
-- modified at 20:59 Friday 24th November, 2006
-- modified at 20:59 Friday 24th November, 2006
-- modified at 21:01 Friday 24th November, 2006
-- modified at 21:02 Friday 24th November, 2006
-- modified at 21:04 Friday 24th November, 2006
-- modified at 21:05 Friday 24th November, 2006
Will, 2006
|
|
|
|
|
Hey There,
I am trying to run an .exe from my driver using ZwCreateFile. If it is a generic exe, like notepad.exe or calc.exe, it will work fine. If I try to execute one that is a "wrapper" exe, like a self-extracting zip file, or an exet for a .swf flash file that has a flash player embedded, it will not work. The self-extracting zip file will complain of a header corruption, and the .exe for flash will run the flash player but not load the .swf that is embedded in it. What are the differences in execution between these two types of exes that would preclude the "wrapper" exe from executing properly, while the "generic" exe executes fine.
-Jay
(patel at cs dot utk dot edu)
|
|
|
|
|
I tested ur code for TDI clients and it works for char buffers.
can it work for passing structure pointers like:
struct A{
char*pdata;
};
struct B{
struct A a;
}
I want to pass struct B across TDI driver. is it possible ? is there any memory mapping that happens ? How ?
I need to pass pointers data across network (IRP,URB) using TDI.. plz advise..
|
|
|
|
|
Hello Toby
I've read your article about device drivers, and it helped me a lot to understand how it goes. I'm looking for an example of a keyboard device driver, here is my idea, I want to build a Keyboard Device Driver to automate an application, in this application I have to press, lets say number 2 every 3 seconds.
Do you have any insight, any piece of code that may help me understand how will I make it? So far I've got no luck finding it on the internet.
Thanks in advance man.
Will I ever finish this Device Driver?
|
|
|
|
|
Hi Sir,
I was reading your great article about Driver Development Part I. And i was hoping to give me more tutorials about this interested subject. Or even complete the series .
Thanks in advance
Ahmed
Being the Best of Me
|
|
|
|
|
Hi Sir,
I want to restart my cable modem without using its power switch. Could you help me with this regard? Which is the easiest way?
a)any simple DOS command?
b) could we try using a telnet?
c) a simple c++ application?
|
|
|
|
|
Hi Toby,
Thanks for the great tutorials (still only half way through reading the first, though).
Just thought it may be quicker to ask: If you were writing a driver for a virtual game controller, where would you start? For a little more background, I want to process data coming from one or more real game controller, modify it the data coming from them and feed it back through a new game controller interface. It's the virtual controller that I'm suck on.
I assume that I would need to write a custom driver which can get data from a service based application, but I'm not sure how to proceed in terms of Windows recognising the driver as a valid games controller. Is this where HID drivers come in?
If you could point me in the right direction, I'd be grateful.
Thanks,
Nick
|
|
|
|
|
Hi
I am reading "Driver Development Part 1" document and it seems that I found a mistake, but I am not sure.
Driver Development Part 1 -> page 6 (Direct I/O)-> The paragraph before the last paragraph:
The way buffered I/O works is that it provides ......
I think it should be:
The way direct I/O works is that it provides ......
Am I right?
|
|
|
|
|
I'm a Vietnamese student, i know you through very great articles on code project.And my problem is creating a protecting module for my software to anti debug, anti read-write memory on it. I've seen many protect software use vxd and sys driver to hook the kernel API such as: WriteProcessMemory, ReadProcessMemory,... They also check the layout of the code to detect hooked/pacthed, monitor the entire memory range...I know what they do, but don't know how they do that. Can you give me a tutorial or an articles about prevent program form cheating, hook/patch, debug.
The most popular is GameQuard and it use uses a kernel driver by the name of nppt9x.vxd (Windows9x) and npptnt2.sys (Windows NT).
Thank you.
|
|
|
|
|
do you have any plans for updating this sample driver for windows 7 wddm? if not, any advice on where to find such a beast? please and thank you.
|
|
|
|
|
Thank you so very much for your driver tutorial!
|
|
|
|
|
Thank you for your Drivers article series.
It is very useful.
Dileepa Rnajan Dharmasiri (C++ Developer)
+94719140210
https://sites.google.com/site/drdileepaproject/
drdileepa@gmail.com
|
|
|
|
|
Hi. Thank you for your articles on drivers. I have a question. I need to gain access to video frame buffer (at least read only mode) in kernel mode. So I figured that I need to send IOCTL_VIDEO_MAP_VIDEO_MEMORY with the help of EngDeviceIoControl function (am I correct?). The problem is that I need a device handle for EngDeviceIoControl call (msdn says so). How do I get this handle?
|
|
|
|