The free OSR Learning Library has more than 50 articles on a wide variety of topics about writing and debugging device drivers and Minifilters. From introductory level to advanced. All the articles have been recently reviewed and updated, and are written using the clear and definitive style you've come to expect from OSR over the years.
Check out The OSR Learning Library at: https://www.osr.com/osr-learning-library/
My driver uses ObRegisterCallbacks API to receive callbacks for process accesses. I use this driver to prevent the termination of the critical process in the system.
This driver works fine on Windows 10 64 bit platform. But on a Windows 10 ARM64 platform this driver fails.
The API returns the error code 0xC0000022 ie STATUS_ACCESS_DENIED. The error description says "The callback routines do not reside in a signed kernel binary image".
The driver is signed with the Microsoft certificate and still, the driver fails to register the callback using the ObRegisterCallbacks API.
Any help on this is appreciated.
|Upcoming OSR Seminars|
|OSR has suspended in-person seminars due to the Covid-19 outbreak. But, don't miss your training! Attend via the internet instead!|
|Developing Minifilters||24 May 2021||Live, Online|
|Writing WDF Drivers||14 June 2021||Live, Online|
|Internals & Software Drivers||27 September 2021||Live, Online|
|Kernel Debugging||15 November 2021||Live, Online|