I'm new to windows driver development and so far it's a bit of a black box - I was hoping someone could point me in the right direction as to what type of driver I need to write, so that I can focus my learning.
My goal is to facilitate S3 sleep where the boot disk is hardware encrypted via https://github.com/Drive-Trust-Alliance/sedutil. I need to send and receive some SCSI commands to unlock the disk as soon as possible after waking, ideally before it is accessed at all.
As it stands, with these commands not sent to the disk, all read/write access will fail, and the machine BSODs soon after waking. Occasionally it is possible to get past the lock screen and see the desktop, but basic usermode is still not responding enough to unlock the disk (I've tried via PBT_APMRESUMEAUTOMATIC etc).
My question is basically: how low level do I need to go? Can I solve this with UMDF, or do I need to go to KMDF? Can it be done in some sort of standalone KMDF driver or is a storage filter driver better suited? In that case, should I aim for lower or upper filter?
As far as I understand, any type of driver is capable of sending the same scsi commands as a usermode application to unlock the drive, the challenge is making sure that it either happens very early on in the wake process, or better yet stalls all IO until the drive is unlocked. Is it necessary to be in the storage stack as a filter driver in order to stall all IO?
It looks like you're new here. If you want to get involved, click one of these buttons!
|Upcoming OSR Seminars|
|Developing Minifilters||29 July 2019||OSR Seminar Space|
|Writing WDF Drivers||23 Sept 2019||OSR Seminar Space|
|Kernel Debugging||21 Oct 2019||OSR Seminar Space|
|Internals & Software Drivers||18 Nov 2019||Dulles, VA|