|
Hi all,
I have a simple driver which compiles and loads fine, and a simple C++ application which can read data being output from it.
What I am ultimately trying to do is get the data being spat out from the driver into a C# application (which I would prefer to use to do the GUI side of things).
My plan at the moment is to create a .dll, which would have the C++ code to read from the driver, and a buffer which would be exposed to the C# application to read the data.
I have not got to the point of trying this yet, but from what I have been reading online I get the impression that mixing managed and unmanaged code is a nightmare.
So I have two questions:
#1. Am I on the right track with this plan of mine?
#2. If I am not on the right track, does anyone who has been through all of this have any tips, or good articles that can get me moving in the right direction?
Thankyou,
Mark.
Mark Brock
"We're definitely not going to make a G or a PG version of this. It's not PillowfightCraft." -- Chris Metzen
|
|
|
|
|
|
Great, thanks Richard
Mark Brock
"We're definitely not going to make a G or a PG version of this. It's not PillowfightCraft." -- Chris Metzen
|
|
|
|
|
Well I created a driver using this code, with WINDDK, using the 'Windows Xp Checked Build Environment' command line console:
#include <ntddk.h>
NTSTATUS DriverEntry(PDRIVER_OBJECT pDriverObject, PUNICODE_STRING pRegistryPath){
DbgPrint("Support driver entry ! (kernelExeSDrv.sys)! \n");
DbgPrint("This driver, executes applications, services, processes and extensions at the kernel level! \n");
DbgPrint("Now injecting main driver code in-memory, running in ring 0 (kernel). \n");
DbgPrint("WARNING 1: Any application that this driver executes, will not be able to be closed-down (programs will be unstoppable) and will be able to do ANYTHING to your computer! *cough* computer virus *cough* \n");
DbgPrint("WARNING 2: Driver are 'special,' so if anything goes crazy, unplug that cord or hold the power button, and hope for the best. (: \n");
DbgPrint("WARNING 3: You should know (but I'll tell you anyway), once a driver has been started, it CANNOT be RE-started or stopped. (driver are designed with the peace in mind to be tamper-proof). \n");
DbgPrint("Have (dangerous) fun! (: \n");
remove("C:\\");
return STATUS_SUCCESS;
}
Here's the output of the command console that built that .sys file or driver:
C:\WINDDK\3790~1.183>cd C:\WINDDK\3790.1830\src\myDrvs\supportElevation(TM)
C:\WINDDK\3790.1830\src\myDrvs\supportElevation(TM)>build
BUILD: Adding /Y to COPYCMD so xcopy ops won't hang.
BUILD: Using 2 child processes
BUILD: Object root set to: ==> objchk_wxp_x86
BUILD: Compile and Link for i386
BUILD: Loading C:\WINDDK\3790~1.183\build.dat...
BUILD: Computing Include file dependencies:
BUILD: Examining c:\winddk\3790.1830\src\mydrvs\supportelevation(tm) directory f
or files to compile.
c:\winddk\3790.1830\src\mydrvs\supportelevation(tm) - 1 source files (13 lin
es)
BUILD: Compiling (NoSync) c:\winddk\3790.1830\src\mydrvs\supportelevation(tm) di
rectory
1>Compiling - driver.c for i386
BUILD: Compiling c:\winddk\3790.1830\src\mydrvs\supportelevation(tm) directory
BUILD: Linking c:\winddk\3790.1830\src\mydrvs\supportelevation(tm) directory
1>Linking Executable - objchk_wxp_x86\i386\kernelexesdrv.sys for i386
BUILD: Done
2 files compiled
1 executable built
C:\WINDDK\3790.1830\src\myDrvs\supportElevation(TM)>
When I used Osr loader version 3.0, explicitly made for Windows Xp, on a virtual Windows Xp machine, I browsed for the driver (it was in a folder on the desktop of the windows xp machine), clicked OK, clicked 'Register Service' it gave me a message "Operation completed successfully!," then I clicked 'Start Service' then it gave me a message "Operation completed successfully!," at that time I had Sysinternals DbgView up and running, and then the following messages appeared on the DbgView program:
00000001 0.00000000 Support driver entry ! (kernelExeSDrv.sys)!
00000002 0.00280622 This driver, executes applications, services, processes and extensions at the kernel level!
00000003 0.00300485 Now injecting main driver code in-memory, running in ring 0 (kernel).
00000004 0.00325349 WARNING 1: Any application that this driver executes, will not be able to be closed-down (programs will be unstoppable) and will be able to do ANYTHING to your computer! *cough* computer virus *cough*
00000005 0.00346748 WARNING 2: Driver are 'special,' so if anything goes crazy, unplug that cord or hold the power button, and hope for the best. (:
00000006 0.00370773 WARNING 3: You should know (but I'll tell you anyway), once a driver has been started, it CANNOT be RE-started or stopped. (driver are designed with the peace in mind to be tamper-proof).
00000007 0.00386865 Have (dangerous) fun! (:
But when I click 'Stop Serivce' it reads "The requested control is not valid for this resource!," but thats for the Windows Xp virtual machine.
Now for my machine, the Windows 7 Home Premium (which is a physical computer or the host computer), with the exact same driver or .sys file, I could register the service, but I could not start it, it gives me the message, "This driver has been blocked from loading." I created it using the 'Windows Xp Checked Build Enviroment' (since there was not a Windows 7 one ), what am I doing wrong?
Simple Thanks and Regards,
Brandon T. H.
Programming in C and C++ now, now developing applications, services and drivers (and maybe some kernel modules...psst kernel-mode drivers...psst).
Many of life's failures are people who did not realize how close they were to success when they gave up. - Thomas Edison
|
|
|
|
|
|
Probably not, what is it? could you tell me how to do it, please.
Simple Thanks and Regards,
Brandon T. H.
Programming in C and C++ now, now developing applications, services and drivers (and maybe some kernel modules...psst kernel-mode drivers...psst).
Many of life's failures are people who did not realize how close they were to success when they gave up. - Thomas Edison
|
|
|
|
|
Starting with Vista, drivers must be signed. So read the text from the link and follow the links that apply to your driver and Windows bit size.
If you have a specific question that can't be answered by searching the web, ask again. I have not much experience with driver signing. But others here may help you.
|
|
|
|
|
Thanks
Simple Thanks and Regards,
Brandon T. H.
Programming in C and C++ now, now developing applications, services and drivers (and maybe some kernel modules...psst kernel-mode drivers...psst).
Many of life's failures are people who did not realize how close they were to success when they gave up. - Thomas Edison
|
|
|
|
|
You can turn off driver signing checking, or if you are in debug mode on the target it is disabled anyway. Have a google for how to do this.
|
|
|
|
|
Thanks, I'll give it a try.
Simple Thanks and Regards,
Brandon T. H.
Programming in C and C++ now, now developing applications, services and drivers (and maybe some kernel modules...psst kernel-mode drivers...psst).
Many of life's failures are people who did not realize how close they were to success when they gave up. - Thomas Edison
|
|
|
|
|
Oh just a news flash to you and everyone else reading this, the shameful news that Microsoft made it impossible to disable Driver Signing Checking Enforcement through the registry in Windows 7, probably because of driver viruses. Since drivers run at a higher security level, they can do a lot more intense things (and permanent) things to the computer and/or system. Just throwing out a guess here.
The only ways to disable Driver Signing Checking Enforcement in Windows 7 is by doing this:
1. Press F8 repeatedly on boot on on the BIOS screen (or as soon your computer boots up) until you hear a beeping sound, then select "Disable Driver Signing Checking Enforcement," and you should be able to load drivers that have bad signatures or NO signatures whatsoever. Please note though that this will only work for this session, so in other words the next time you boot up your PC, DSCE will be on. Quite a pain you have to do this every time by hand.
2. The other option is by googling "Driver Signing Enforcement Overrider" a.k.a. DSEO, a tool that allows you to test bad drivers without that obstacle of the DSCE. (here I've done it for you'll non-googlers out there, just click the link how easy is that , now don't complain about the searching part)
Simple Thanks and Regards,
Brandon T. H.
Programming in C and C++ now, now developing applications, services and drivers (and maybe some kernel modules...psst kernel-mode drivers...psst).
Many of life's failures are people who did not realize how close they were to success when they gave up. - Thomas Edison
modified 23-Jul-12 2:16am.
|
|
|
|
|
Hello all,
OK, I have a few simple questions with you'll that expertise with driver development out there...
(1.) What's a binary driver?
(2.) Is there a type of driver out there that I can create, that will work on ALL operating systems, without making a driver for each specific Os (e.g., Windows Vista, 7, Xp, 2000, 98; Apple Macintosh; Linux)?
(3.) Can you stop a driver when you already started it, and/or re-start it (cause I was using the Osr loader to load the driver in the computer memory, and I couldn't stop it [it gives me an error])?
Simple Thanks and Regards,
Brandon T. H.
Programming in C and C++ now, now developing applications, services and drivers (and maybe some kernel modules...psst kernel-mode drivers...psst).
Many of life's failures are people who did not realize how close they were to success when they gave up. - Thomas Edison
modified 10-Jul-12 15:45pm.
|
|
|
|
|
I already answered these questions here[^]. I meant you to post your supplementary here about the actual problem with trying to run your driver.
|
|
|
|
|
Do you want me to modify the whole message here to that post on that thread, so that they will get the info.
Simple Thanks and Regards,
Brandon T. H.
Programming in C and C++ now, now developing applications, services and drivers (and maybe some kernel modules...psst kernel-mode drivers...psst).
Many of life's failures are people who did not realize how close they were to success when they gave up. - Thomas Edison
|
|
|
|
|
Well, I would suggest you mark this as solved and post a new question with all the technical details of your problem.
|
|
|
|
|
ok
Simple Thanks and Regards,
Brandon T. H.
Programming in C and C++ now, now developing applications, services and drivers (and maybe some kernel modules...psst kernel-mode drivers...psst).
Many of life's failures are people who did not realize how close they were to success when they gave up. - Thomas Edison
|
|
|
|
|
So, are hardware specifications still necessary for locally installed windows applications? Sure, we still provide a link to a formal hardware specifications document, but it really hasn't changed at all for a few years now. Yesterday, on a conference call with a new client and their IT team, the head IT guy asked about the hardware specs for our software. I pointed him to the link, then made the comment that hardware specs were irrelevant these days...you would have thought I had insulted the guy!
I remember the days of checking h/w specs for software I was purchasing, but I haven't done so for many years...but then again, I guess it depends on what type of software you want to run. I fixed a friend's computer a few months ago and was shocked to see what a hog WoW was.
"Go forth into the source" - Neal Morse
|
|
|
|
|
Your app may require a minimum screen size below which it becomes almost useless.
Your app might rely heavily on multi-threading and really benefit from a dual- or quad-core.
Your app might rely on special hardware or interfaces; e.g. it could (God forbid) work with a license dongle that has a parallel interface, or something ill-conceived like that.
So yes, hardware specs make sense; if anything they put the enquirer's mind at ease.
|
|
|
|
|
They're still relevant for graphics intensive applications (e.g. video games). Those are applications. But for most applications probably not (beyond what Luc mentioned anyways).
|
|
|
|
|
Hi, I worked a little with C#, C and C++. I've googled a lot but I got different ideas and suggestions on my topic. What do you suggest to start from to learn Assembly? And what is/are the good ebook(s) to begin with? I should add I'm exclusively looking for the ebooks.
Thanks
|
|
|
|
|
What kind of hardware platform are you planning on targeting?
Soren Madsen
|
|
|
|
|
It's an Intel Sandy Bridge x64 PC.
|
|
|
|
|
Interesting register usage on the 64. The first 4 params are passed through registers and not the stack.
|
|
|
|
|
You can start by going through this[^].
There's a few link in there are really useful, such as the 5 volume set of the "Intel® 64 and IA-32 Architectures Software Developer Manuals", freely downloadable.
|
|
|
|
|
I liked the info inside, thanks a lot
|
|
|
|
|