Stack Overflow
Stack Overflow

Questions tagged [wdf]

Windows Driver Foundation (WDF) is a set of Microsoft tools that aid in the creation of device drivers for Windows 2000 and later versions of Windows

The Windows Driver Frameworks (WDF) is a:

  1. Software Model to create Windows drivers
  2. Runtime Environment that manages WDF-based Windows drivers

It consists of KMDF and UMDF for drivers to run in kernel and user mode respectively.

111 questions
0
votes
1 answer

PsLookupProcessByProcessId with DWORD pid? Parameter 1 requires HANDLE?

How do I go about using the function PsLookupProcessByProcessId() with a process id (DWORD pid) that I obtained from user-space? I coded a user-space c++ application that gets the process id of another application (calc.exe for example) and using…
BastardDaemons
  • 25
  • 1
  • 3
0
votes
1 answer

Unable to use "User Mode Debugger" in VS2013 on VirtualBox machine

Trying to configure Visual Studio 2013 (pro, FWIW) to debug a VirtualBox host. I followed this guide and set up the host correctly: It works for kernel mode, but not for user mode. Here is the debugger settings: When I use kernel mode it works (and…
Tar
  • 8,529
  • 9
  • 56
  • 127
0
votes
1 answer

SetupCopyOemINF preinstall not working Windows 7

I have Windows WDF device driver code, trying to make it work to preinstall (before the device is present). It starts by checking for the presence of valid device IDs, and for any that are found it does this: if (UpdateDriverForPlugAndPlayDevices(0,…
rwhenderson
  • 84
  • 1
  • 6
0
votes
1 answer

Why is there no WDM kernel-mode driver template in Windows Driver Kit?

I came across kernel-mode drivers with very little experience. Here's what I am trying to do: Have a user-mode application that loads the driver. Have the user-mode application write to it, in order to send it an instruction. Have the driver send…
Alexandru
  • 12,264
  • 17
  • 113
  • 208
0
votes
1 answer

Renaming a file that will be deleted in a minifilter drivers IRP_MJ_CLEANUP preop callback

My goal is to overwrite a files contents and name just before it is deleted - wiping deleted files. I am trying to use a minifilter driver and the pre-cleanup callback routine that gets called just before the final delete operation. So far I have…
ollo
  • 926
  • 1
  • 14
  • 33
0
votes
2 answers

Feasibility check for Filesystem Minifilter deletion Driver

I am using the delete minifilter example from msdn as a base: http://code.msdn.microsoft.com/windowshardware/Delete-File-System-b904651d What I need to accomplish is: Getting a handle to a delete candidate in the DfPreCleanupCallback. In…
ollo
  • 926
  • 1
  • 14
  • 33
0
votes
1 answer

How to find a bug in a WDF driver that causes a BSOD on Windows 8

I have to maintain a WDF driver. This is a no-hardware driver: the driver use a disk file which is mounted as a Windows partition. All the data written to the disk are encrypted by the driver. The driver run in kernel mode. The driver has been…
user3428478
  • 1
  • 1
0
votes
1 answer

Is any way to check if callbacks registered with ObRegisterCallbacks are still valid?

ObRegisterCallbacks‘s available since Vista SP1, permits to “register a list of callback routines for thread and process handle operations”. For example you are registering PsSetCreateProcessNotifyRoutine callback. You can unset it using software…
Nick Bondarenko
  • 6,211
  • 4
  • 35
  • 56
0
votes
1 answer

WDF - filter driver for sandbox

I want to intercept file (ReadFile, WriteFile) operations and registry calls of some program. I decided that filter driver will be the best solution. Is it possible to do that from WDF or I need to learn WDM? Are there any samples?
paralen
  • 117
  • 6
0
votes
1 answer

Storing data in Kernel mode driver

I have an array in my kernel mode driver. Is it possible for the driver to save the array data and on load restore the same?
Aster Veigas
  • 866
  • 3
  • 13
  • 34
0
votes
1 answer

Sending IOCTL to 64bit machine in C#

I'm sending IOCTL's to my keyboard filter driver and the code is as follows: Guid GUID_DEVINTERFACE_KBFILTER = new Guid(0x3fb7299d, 0x6847, 0x4490, 0xb0, 0xc9, 0x99, 0xe0, 0x98, 0x6a, 0xb8, 0x86); IntPtr handle = SetupDiGetClassDevs(ref…
Aster Veigas
  • 866
  • 3
  • 13
  • 34
0
votes
0 answers

How does a WDF driver release the resource acquired by user program?

The driver in the title works with a PCIe card to get some data from outside world to a PC. The driver will allocate tens of MB's memory when it starts up, then user program can map these memory to its own address space, then the data can be put…
Gang YIN
  • 2,509
  • 2
  • 21
  • 25
0
votes
1 answer

how to use MSbuild to build a Win8 driver without Visual studio installed

I want to build a KMDF driver by WDK8.0 without Visual Studio installed. I looked the msdn, it says the MSBuild do it. But since the WDK8.0 doesn't contain the compiler, how I can use MSbuild to build a driver without VS2012? Can anybody explain…
RolandXu
  • 3,566
  • 2
  • 17
  • 23
0
votes
1 answer

Windows kernel mode programming: Is a deadlock between drivers possible?

We're having some issues with our driver hanging while attempting to send a synchronous request to a lower level driver. The routine is currently being executed at DISPATCH_LEVEL when this routine is called. I've been reviewing the…
8bitcartridge
  • 1,629
  • 6
  • 25
  • 38
0
votes
1 answer

WDF Coinstaller issue

I'm having problem installing my KMDF 1.9 driver on a 32-bit Vista machine running KMDF 1.5. I was hoping the coinstaller should update the Vista machine to KMDF 1.9. But it does not. What have I missed? [Version] Signature = "$WINDOWS NT$" Class =…
user872661
  • 251
  • 2
  • 13
1 2 3 4 5 6
7
8