Querying an ULONG value from the registry

Hello, everybody.

Im pretty new to kernel, and im using the registry to communicate between my um and my km because i dont want to deal with IoCtl.

I successfully retrieved a string from the registry using ZwQueryValueKey.

But now i cant figure out how to retrieve an ULONG. I want to pass a processID from my usermode to my kernelmode. Can someone help me out ?

Thanks for your help, Meiziro.

Without meaning to dampen your enthusiasm, this is both a very basic question and a very bad idea.

With this approach, you might as well sprint the process id into a string and atoi it out in KM using the REG_SZ values you already know how to use. The extra overhead will be the least of your issues. At the very least, remember that process id is ephemeral and can be recycled at any time. Also remember that there is no real way to synchronize access or be notified when changes are made in any kind of efficient way

You need to deal with ioctls or use filter manager’s message interface. Btw pid is pointer- sized, not ULONG