How to disable the connection to USB port storage, network and other devices ?

Hello,
I need to disable the connection to USB port storage, network and other devices excluding the smart card reader devices.
What is easiest way?

Maybe I can use UsbView from WDK to recognize the new connected device and
then send IOCTL to disable the device. I do not know exactly that IOCTL should be sent
for this purpose.
Should I write a class or a bus filter USB driver, or is there another solution?
Any advice would be greatly appreciated.

Best regards
Mark

Mark Shnaider
R&D Team Leader
Office: +972.3.927.543tel:
Mobile: +972.54.2448.543tel:
Email: xxxxx@arx.commailto:xxxxx</mailto:xxxxx></tel:></tel:>

You probably need to provide more information on your goal. “What a bigger problem you are trying to solve?”

If you want to disable a device (like in Device Manager) use could use CM API: https://msdn.microsoft.com/en-us/library/windows/hardware/ff549794(v=vs.85).aspx , especially CM_Disable_DevNode function.

DevCon WDK application looks a good example for this task.

You may filter the query request by modifying device descriptor in enumeration phase, you’ll need a driver to do this, or just disable the device after it get enumerated, can be performed in user application.

Thanks for your advices,
If I understand correctly I need write usb bus filter driver to filter the query request.
Please let me know, how can I disable device in user application.
(I do not know API for this purpose)

Best regards
Mark

-----Original Message-----
From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of xxxxx@hotmail.com
Sent: Monday, August 31, 2015 10:13
To: Windows System Software Devs Interest List
Subject: RE:[ntdev] How to disable the connection to USB port storage, network and other devices ?

You may filter the query request by modifying device descriptor in enumeration phase, you’ll need a driver to do this, or just disable the device after it get enumerated, can be performed in user application.


NTDEV is sponsored by OSR

Visit the list at: http://www.osronline.com/showlists.cfm?list=ntdev

OSR is HIRING!! See http://www.osr.com/careers

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer

Hm, here goes description of an application that probably does what you want to do:

https://msdn.microsoft.com/en-us/library/windows/hardware/ff544722(v=vs.85).aspx

The source for the application (you probably want file cmds.cpp, function cmdDisable).

Dependently on your goal, API you need could be:

  1. CM_Disable_DevNode (https://msdn.microsoft.com/en-us/library/windows/hardware/ff537996(v=vs.85).aspx) the lowest level documented API.

  2. SetupDiCallClassInstaller (https://msdn.microsoft.com/en-us/library/windows/hardware/ff550922(v=vs.85).aspx) higher level, more recommended API.

Filter driver sounds a bit overkill.

Sorry, didn’t paste the link to the source. Here it goes: https://github.com/Microsoft/Windows-driver-samples/tree/master/setup/devcon

@Mikae both of CM_Disable_DevNode and SetupDiCallClassInstaller seem to completely remove the device from device manager. However devcon creates the same effect like in right click and disable device (see photo). Do you have any idea why that happens?
My code for SetupDiCallClassInstaller:

BOOL changeDeviceState(PWCHAR instanceId, DWORD state) {
HDEVINFO DeviceInfoSet;
BOOL res;
SP_DEVINFO_DATA DeviceInfoData;

DeviceInfoSet = SetupDiCreateDeviceInfoList(NULL, NULL);
if (DeviceInfoSet == INVALID_HANDLE_VALUE) {
	return FALSE;
}

DeviceInfoData.cbSize = sizeof(SP_DEVINFO_DATA);
res = SetupDiOpenDeviceInfoW(DeviceInfoSet, (PCWSTR)instanceId, NULL, 0, &DeviceInfoData);
if (!res) {
	SetupDiDestroyDeviceInfoList(DeviceInfoSet);
	return FALSE;
}

SP_PROPCHANGE_PARAMS spPropChangeParams;
spPropChangeParams.ClassInstallHeader.cbSize = sizeof(SP_CLASSINSTALL_HEADER);
spPropChangeParams.ClassInstallHeader.InstallFunction = DIF_PROPERTYCHANGE;
spPropChangeParams.Scope = DICS_FLAG_GLOBAL;
spPropChangeParams.StateChange = state;

SetupDiSetClassInstallParams(DeviceInfoSet, &DeviceInfoData, (SP_CLASSINSTALL_HEADER*)&spPropChangeParams, sizeof(spPropChangeParams));
SetupDiCallClassInstaller(DIF_PROPERTYCHANGE, DeviceInfoSet, &DeviceInfoData);

//SetupDiRemoveDevice(DeviceInfoSet, &DeviceInfoData);
//SetupDiCallClassInstaller(DIF_REMOVE, &DeviceInfoData, NULL);
SetupDiDestroyDeviceInfoList(DeviceInfoSet);

return TRUE;

}

and for CM_Disable_DevNode:

BOOL changeDeviceState(PWCHAR instanceId, DWORD state) {

    DEVINST x;
CONFIGRET t= CM_Locate_DevNodeW(&x, instanceId, CM_LOCATE_DEVNODE_NORMAL);
if (state == DICS_DISABLE && t== CR_SUCCESS) {
	CONFIGRET y = CM_Disable_DevNode(x, CM_DISABLE_PERSIST);
	if (y == CR_SUCCESS) {
		log(INFO, "Bye %x",y);
	}
}
else if(t==CR_SUCCESS) {
	CONFIGRET y = CM_Enable_DevNode(x, 0);
	log(INFO, "enabled: %x", y);
}