The free OSR Learning Library has more than 50 articles on a wide variety of topics about writing and debugging device drivers and Minifilters. From introductory level to advanced. All the articles have been recently reviewed and updated, and are written using the clear and definitive style you've come to expect from OSR over the years.
Check out The OSR Learning Library at: https://www.osr.com/osr-learning-library/
I'm aware that the kernel stack is very limited - Are there any guidelines for when I should expand the stack? Can you give me some examples of real use cases?
I guess that in most cases it's pretty hard to know when you should expand the stack... well, I guess that the guideline is something like: In paths that you think the stack space can be large, call IoGetRemainingStackSize() to check the bytes left and call KeExpandKernelStackAndCalloutEx if necessary... The question is: In which cases do you think this check is necessary?
Also, when I do expand the stack, can I reference memory from the previous stack segment or is it not guaranteed to be valid?
|Upcoming OSR Seminars|
|OSR has suspended in-person seminars due to the Covid-19 outbreak. But, don't miss your training! Attend via the internet instead!|
|Internals & Software Drivers||30 Nov 2020||LIVE ONLINE|
|Writing WDF Drivers||7 Dec 2020||LIVE ONLINE|
|Developing Minifilters||Early 2021||LIVE ONLINE|