Windows System Software -- Consulting, Training, Development -- Unique Expertise, Guaranteed Results
Before Posting...
Please check out the Community Guidelines in the Announcements and Administration Category.More Info on Driver Writing and Debugging
The free OSR Learning Library has more than 50 articles on a wide variety of topics about writing and debugging device drivers and Minifilters. From introductory level to advanced. All the articles have been recently reviewed and updated, and are written using the clear and definitive style you've come to expect from OSR over the years.
Check out The OSR Learning Library at: https://www.osr.com/osr-learning-library/
Control Flow Guard
Jimmy_James
Member - All Emails Posts: 109
in NTFSD
All,
I'm looking for information on Control Flow Guard (CFG). Specifically, I'm
wondering how widely it is supported for kernel mode drivers. In my search
I found the very userful post from Ken Johnson (
https://www.osronline.com/showthread.cfm?link=283374) which seems to state
that CFG is only supported for OSes hosted by hypervisor when HVCI is
enabled. I'm wondering if anyone has any updated information on this.
TIA!
I'm looking for information on Control Flow Guard (CFG). Specifically, I'm
wondering how widely it is supported for kernel mode drivers. In my search
I found the very userful post from Ken Johnson (
https://www.osronline.com/showthread.cfm?link=283374) which seems to state
that CFG is only supported for OSes hosted by hypervisor when HVCI is
enabled. I'm wondering if anyone has any updated information on this.
TIA!
Howdy, Stranger!
| Upcoming OSR Seminars | ||
|---|---|---|
| OSR has suspended in-person seminars due to the Covid-19 outbreak. But, don't miss your training! Attend via the internet instead! | ||
| Internals & Software Drivers | 7 February 2022 | Live, Online |
| Kernel Debugging | 21 March 2022 | Live, Online |
| Developing Minifilters | 23 May 2022 | Live, Online |
| Writing WDF Drivers | 12 September 2022 | Live, Online |
Comments
Kernel mode CFG requires HVCI to be enabled in order for kernel CFG to be enforced. (The root partition is also allowed to enable HVCI, and often does for client scenarios that involve HVCI, for example; HVCI is not a guest OS only capability.)
User mode CFG is independent of HVCI (though it does require NX enforcement for CFG to be effective; note that Windows has required processors to support NX for several releases now, and virtually all modern processors released in well over the last 10 years support NX).
Drivers and apps built with CFG instrumentation will work fine on old OS’s, or in configurations without CFG being enforced. The CFG instrumentation only “lights up” when paired with an OS with CFG enabled that wires up the support when loading images. Otherwise, the instrumentation is effectively a no-op if the image is used in a “CFG-unaware” environment.
- Ken
From: [email protected] [mailto:[email protected]com] On Behalf Of JIm james
Sent: Friday, February 02, 2018 3:50 PM
To: Windows File Systems Devs Interest List
Subject: [ntfsd] Control Flow Guard
All,
I'm looking for information on Control Flow Guard (CFG). Specifically, I'm wondering how widely it is supported for kernel mode drivers. In my search I found the very userful post from Ken Johnson (https://www.osronline.com/showthread.cfm?link=283374) which seems to state that CFG is only supported for OSes hosted by hypervisor when HVCI is enabled. I'm wondering if anyone has any updated information on this.
TIA!
--- NTFSD is sponsored by OSR MONTHLY seminars on crash dump analysis, WDF, Windows internals and software drivers! Details at To unsubscribe, visit the List Server section of OSR Online at