Stack Overflow
Stack Overflow

Questions tagged [kernel-mode]

Kernel mode, also referred to as system mode, is one of the two distinct modes of operation of the CPU, in which core operating system components, including device drivers, execute.

Kernel mode, also referred to as system mode, is one of the two distinct modes of operation of the CPU, in which core operating system components, including device drivers, execute.

All code that runs in kernel mode shares a single virtual address space. This means that a kernel-mode driver is not isolated from other drivers and the operating system itself. If a kernel-mode driver accidentally writes to the wrong virtual address, data that belongs to the operating system or another driver could be compromised. If a kernel-mode driver crashes, the entire operating system crashes.

http://msdn.microsoft.com/en-us/library/windows/hardware/ff554836(v=vs.85).aspx
http://www.linfo.org/kernel_mode.html

144 questions
0
votes
1 answer

kernel driver: How get correct content of each variable in a struct?

I have the following code involving a struct including pointer variables and I am not able to retrieve the correct contents of each variable. Someone can help me please? struct MyData { ULONG Value[3]; wchar_t *Str1; int…
user3343424
0
votes
0 answers

How get address of SSDT Shadow on Windows 10?

Based in this article i'm using the following code to get address of shadow table and works perfectly from WinXP x86 until Win8.1 x86 (Operating systems that was tested), only on Win10 x86 that cannot found the address. #include #include…
user7649139
0
votes
1 answer

How to queue a kernel apc

Just want to understand APCs better. To queue a user mode APC, we can use the QueueUserAPC function. So how to queue a special/normal kernel mode APC? Thanks.
user1898814
  • 11
  • 2
0
votes
0 answers

Communication between two kernel-mode drivers

I have keyboard filter driver installed on my VMWare virtual machine on win 8.1. I'm able to print pressing keys on console by debug print. Now i need to move cursor using keyboard arrows. And here is the question, how to tell mouse driver that we…
jaayy
  • 11
  • 2
0
votes
2 answers

How do I get the disk drive serial number in filter driver?

I write a driver in windows, and I need disk drive serial number, for user mode I found this ansver. My question is it possible to translate the above code to kernel mode, and how? Is WMI query available in filter driver? Sample code can greatly…
codeDom
  • 1,623
  • 18
  • 54
0
votes
1 answer

User-mode synchronization vs. kernel mode synchronization (in Linux and Windows)

I have 2 questions about user mode synchronization and kernel mode synchronization. First: What is user mode synchronization and kernel mode synchronization? Second: What is differences between user-mode synchronization and kernel mode…
user6216601
0
votes
0 answers

Kernel call_usermodehelper fail to open GUI application

I use call_usermodehelper to open qt why I can't open? How to solve this problem? Or other way use kernel to open user-space application? #include #include #include MODULE_LICENSE("GPL"); static int…
呂孟穎
  • 1
0
votes
1 answer

how to write a windows kernel mode debugger?

I want to write a kernel mode debugger for windows like windbg. Is there any SDK or demo can help?
oppo
  • 169
  • 8
0
votes
1 answer

Kernel Mode - Physical Addresses or Virtual Addresses?

Does a code that runs on kernel mode uses Physical Addresses or Virtual Addresses? If it is virtual, which translation tables does it use? are they updated differently with comparison to user-mode tables? Thanks
user4241033
0
votes
2 answers

Errors compiling Linux Kernel mode program

I wish to access some registers of my ARM Cortex-A8 board which are by default in a non-accessible state. Ubuntu 9.10 runs on this board. So, to access them I have to in-turn change 1 other register settings (Allow-access-register) first. To change…
HaggarTheHorrible
  • 7,083
  • 20
  • 70
  • 81
0
votes
2 answers

USB storage device SerialNumber from minifilter driver (from USB device descriptor)

I want to extract a USB storage device serial number from inside a minifilter filesystem driver, inside the InstanceSetup callback using the technique described here the only difference is that I do it in kernel-mode. I use: status =…
clyfe
  • 23,695
  • 8
  • 85
  • 109
0
votes
0 answers

Reading the CTS line of RS232 at speed in c++

I’m a relative rs232 newbie. I have an elapsed time reader chip: http://www2.l-3com.com/edi/dyna-digital.htm that has been configured to spew out data on the CTS line of an RS232 com port every other 250ms with each data set lasting 62.5ms. The data…
user4292309
0
votes
2 answers

How to start a user mode program from kernel mode in windows

I have a driver (kernel mode)(KMDF) and i have a user preferences form. i need to start the activity from the driver code and get the preferences. so how do i start that user mode program from kernel in windows operating system ?
Eswar Yaganti
  • 2,536
  • 1
  • 20
  • 22
0
votes
2 answers

Mini-Filter intercept drag & drop file(s) to disk?

I am developing a mini-filter to intercept files and get the name of files which are dragged & dropped to a specific disk and get the file names. If I drag & drop a file, I can get this file name and intercept it successfully (That's mean this file…
GSP
  • 574
  • 3
  • 7
  • 34
0
votes
0 answers

How to get value of SymbolicLinkList from IoGetDeviceInterfaces routine?

I am developing mini-filter. I use IoGetDeviceInterfaces() to get device interface instances. When I check the status of this routine, It is success When I check SymbolicLinkList parameter, It is NOT NULL But when I print value of SymbolicLinkList…
GSP
  • 574
  • 3
  • 7
  • 34
1 2 3
9 10