Can windows driver check existance of semaphore in user mode space?

Question

Consider I create semaphore in user app that way:

semaphorNotificationHandle = CreateSemaphore(
            NULL,           // default security attributes
            0,  // initial count
            1,  // maximum count
            L"Global" L"mysemaphore");

My question is if it is possible for kernel mode driver to check if this semaphore exists?

In user mode it would be easy however is it doable in kernel mode driver? My first approach was this (on the kernel site):

HANDLE ghSemaphore = CreateSemaphore(
        NULL,           // default security attributes
        0,  // initial count
        1,  // maximum count
        L"Global" L"mysemaphore");

    if (GetLastError() == ERROR_ALREADY_EXISTS)
    {
        printf("semaphore already exists");
        //should return fail here 
        return TRUE;
    }

However I can not do it when in kernel mode, any suggestions? I'm ready to change anything about the design, it does not have to necessery be semaphore, It could be pipe or even some event object.

Does this answer your question? [Kernel mode - can it access to user mode?](https://stackoverflow.com/questions/15251527/kernel-mode-can-it-access-to-user-mode) — Robert Harvey, Jul 28 '22 at 15:22
@RobertHarvey Unfourtunetly, I don't think that's the answer — szefitoo, Jul 28 '22 at 15:30
yes, you can. despite `ZwOpenSemaphore` or `NtOpenSemaphore` not exported - the `ExSemaphoreObjectType` and `ObOpenObjectByName` is exported - so you can use this. another question - for what ? what next you will be done this this ? — RbMm, Jul 28 '22 at 16:11
@RbMm it's going to be a part of security protocol lets say, could you show me some code example how you would do it? If this semaphor exists it means that everything is fine, else I stop driver. — szefitoo, Jul 28 '22 at 16:26
`ObOpenObjectByName(ObjectAttributes, *ExSemaphoreObjectType, KernelMode, 0, DesiredAccess, 0, &SemaphoreHandle)` — RbMm, Jul 28 '22 at 16:30
*If this semaphor exists it means that everything is fine, else I stop driver.* - why not event object use for this ? — RbMm, Jul 28 '22 at 16:31
i didnt know there is such thing as event object, thats why lol — szefitoo, Jul 28 '22 at 16:47
@RbMm I can not find any information about **bold**'ObOpenObjectByName()' on the internet, in which lib is it? I can only find **bold** 'ObReferenceObjectByHandle ' — szefitoo, Jul 28 '22 at 17:00
of course in *ntoskrnl.lib* (exported by *ntoskrnl.exe*) and if search in google you find huge count of result about this api — RbMm, Jul 28 '22 at 17:03
Let us [continue this discussion in chat](https://chat.stackoverflow.com/rooms/246866/discussion-between-szefitoo-and-rbmm). — szefitoo, Jul 28 '22 at 17:09
A binary semaphore is a [mutex](https://learn.microsoft.com/en-us/windows/win32/sync/mutex-objects). — IInspectable, Jul 28 '22 at 23:51
@IInspectable yeah, but what does it have to do with my question? i just dont understand you sorry — szefitoo, Jul 29 '22 at 07:08
That was a general comment. Creating a semaphore with a maximum count of 1 is just a convoluted way of creating a mutex. A mutex has a streamlined interface, reducing complexity in client code. Though, as has been noted above, you probably shouldn't be using either one anyway. Also note that `L"Global" L"mysemaphore"` is the same as `L"Globalmysemaphore"`. It doesn't name an object in the global namespace. See [kernel object namespaces](https://learn.microsoft.com/en-us/windows/win32/termserv/kernel-object-namespaces) for details on how to properly construct names. — IInspectable, Jul 29 '22 at 07:33

Can windows driver check existance of semaphore in user mode space?

0 Answers0