Another question

I want to use the FindWindow() to find a windows,and include <windows.h>,
but it can not be complied?
I have installed the MSVC 6.0 with SP4 and DDK for Win2K, and anyelse need?

Thanks!

Regards
misshome


You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com</windows.h>

If you are developing a kernel mode driver for Windows 2000/XP, you do NOT
include Windows.H, nor do you link with the libraries required for Win32K.
You include NtDdk.h or WDM.H and link with the libraries from the DDK. As to
doing FindWindow() in a driver … you don’t.

Gary G. Little
Staff Engineer
Broadband Storage, Inc.
xxxxx@Broadstor.com
xxxxx@inland.net

-----Original Message-----
From: xxxxx@i-net.com.cn [mailto:xxxxx@i-net.com.cn]
Sent: Thursday, July 12, 2001 2:02 AM
To: NT Developers Interest List
Subject: [ntdev] Another question

I want to use the FindWindow() to find a windows,and include <windows.h>,
but it can not be complied?
I have installed the MSVC 6.0 with SP4 and DDK for Win2K, and anyelse need?

Thanks!

Regards
misshome


You are currently subscribed to ntdev as: xxxxx@broadstor.com
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com


You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com</windows.h>

You meaning I can not use FindWindow() in the kernel driver?
But I have done it in a print driver for win9x,if can not call
FildWindows(),How to send a message to the Windows? Maybe there is another
way to do?
Could you tell me? Thanks!

Best regards
misshome

----- Original Message -----
From: “Gary Little”
To: “NT Developers Interest List”
Sent: Thursday, July 12, 2001 11:42 PM
Subject: [ntdev] RE: Another question

> If you are developing a kernel mode driver for Windows 2000/XP, you do NOT
> include Windows.H, nor do you link with the libraries required for Win32K.
> You include NtDdk.h or WDM.H and link with the libraries from the DDK. As
to
> doing FindWindow() in a driver … you don’t.
>
> Gary G. Little
> Staff Engineer
> Broadband Storage, Inc.
> xxxxx@Broadstor.com
> xxxxx@inland.net
>
>
> -----Original Message-----
> From: xxxxx@i-net.com.cn [mailto:xxxxx@i-net.com.cn]
> Sent: Thursday, July 12, 2001 2:02 AM
> To: NT Developers Interest List
> Subject: [ntdev] Another question
>
>
> I want to use the FindWindow() to find a windows,and include <windows.h>,
> but it can not be complied?
> I have installed the MSVC 6.0 with SP4 and DDK for Win2K, and anyelse
need?
>
> Thanks!
>
> Regards
> misshome
>
>
> —
> You are currently subscribed to ntdev as: xxxxx@broadstor.com
> To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com
>
> —
> You are currently subscribed to ntdev as: xxxxx@i-net.com.cn
> To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com


You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com</windows.h>

hi ,
If you are writing a kernel mode driver and you want
to call FindWindow(); you cant call a user mode
function in kernel mode.

– thanks and regards.

xxxxx@i-net.com.cn wrote:

I want to use the FindWindow() to find a windows,and
include <windows.h>,
> but it can not be complied?
> I have installed the MSVC 6.0 with SP4 and DDK for
> Win2K, and anyelse need?
>
> Thanks!
>
> Regards
> misshome
>
>
> —
> You are currently subscribed to ntdev as:
> xxxxx@yahoo.com
> To unsubscribe send a blank email to
leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com

__________________________________________________
Do You Yahoo!?
Get personalized email addresses from Yahoo! Mail
http://personal.mail.yahoo.com/


You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com</windows.h>

You can’t call FindWindow() because you do not link with the
libraries required for Win32K, NOT because of restrictions
in calling a user mode function from kernel mode…

Miguel Monteiro
xxxxx@criticalsoftware.com

Critical Software, S.A. - http://www.criticalsoftware.com
111 North Market Street, 6th floor, San Jose, CA, USA, 95113
Tel: +1.408.9711231, Fax +1.408.9383929
R. Pedro Nunes, IPN, 3030-199 Coimbra, Portugal
Tel: +351.239.700945 - Fax: +351.239.700905

DISCLAIMER: This mail contents represent
my own personal opinions and do not, in any way,
represent the opinion or policy of Critical Software, S.A.

“Humour and love are God’s answers
to Human weaknesses”

----- Original Message -----
From: “Rock”
To: “NT Developers Interest List”
Sent: Friday, July 13, 2001 12:54 PM
Subject: [ntdev] Re: Another question

hi ,
If you are writing a kernel mode driver and you want
to call FindWindow(); you cant call a user mode
function in kernel mode.

– thanks and regards.

xxxxx@i-net.com.cn wrote:
> I want to use the FindWindow() to find a windows,and
> include <windows.h>,
> but it can not be complied?
> I have installed the MSVC 6.0 with SP4 and DDK for
> Win2K, and anyelse need?
>
> Thanks!
>
> Regards
> misshome
>
>
> —
> You are currently subscribed to ntdev as:
> xxxxx@yahoo.com
> To unsubscribe send a blank email to
leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com

__________________________________________________
Do You Yahoo!?
Get personalized email addresses from Yahoo! Mail
http://personal.mail.yahoo.com/


You are currently subscribed to ntdev as: xxxxx@criticalsoftware.com
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com


You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com</windows.h>

Of course not!

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of
xxxxx@i-net.com.cn
Sent: Thursday, July 12, 2001 5:09 PM
To: NT Developers Interest List
Subject: [ntdev] RE: Another question

You meaning I can not use FindWindow() in the kernel driver?
But I have done it in a print driver for win9x,if can not
call FildWindows(),How to send a message to the Windows?
Maybe there is another way to do? Could you tell me? Thanks!

Best regards
misshome

----- Original Message -----
From: “Gary Little”
> To: “NT Developers Interest List”
> Sent: Thursday, July 12, 2001 11:42 PM
> Subject: [ntdev] RE: Another question
>
>
> > If you are developing a kernel mode driver for Windows
> 2000/XP, you do
> > NOT include Windows.H, nor do you link with the libraries
> required for
> > Win32K. You include NtDdk.h or WDM.H and link with the
> libraries from
> > the DDK. As
> to
> > doing FindWindow() in a driver … you don’t.
> >
> > Gary G. Little
> > Staff Engineer
> > Broadband Storage, Inc.
> > xxxxx@Broadstor.com
> > xxxxx@inland.net
> >
> >
> > -----Original Message-----
> > From: xxxxx@i-net.com.cn [mailto:xxxxx@i-net.com.cn]
> > Sent: Thursday, July 12, 2001 2:02 AM
> > To: NT Developers Interest List
> > Subject: [ntdev] Another question
> >
> >
> > I want to use the FindWindow() to find a windows,and include
> > <windows.h>, but it can not be complied? I have installed
> the MSVC 6.0
> > with SP4 and DDK for Win2K, and anyelse
> need?
> >
> > Thanks!
> >
> > Regards
> > misshome
> >
> >
> > —
> > You are currently subscribed to ntdev as: xxxxx@broadstor.com To
> > unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com
> >
> > —
> > You are currently subscribed to ntdev as: xxxxx@i-net.com.cn To
> > unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com
>
>
> —
> You are currently subscribed to ntdev as:
> xxxxx@storagecraft.com To unsubscribe send a blank email to
> leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com
>


You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com</windows.h>

I am glad you are not writing my drivr !!!

Sorry, I could not resist :slight_smile:

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Rock
Sent: Friday, July 13, 2001 4:55 AM
To: NT Developers Interest List
Subject: [ntdev] Re: Another question

hi ,
If you are writing a kernel mode driver and you want
to call FindWindow(); you cant call a user mode
function in kernel mode.

– thanks and regards.

xxxxx@i-net.com.cn wrote:
> I want to use the FindWindow() to find a windows,and
> include <windows.h>,
> > but it can not be complied?
> > I have installed the MSVC 6.0 with SP4 and DDK for
> > Win2K, and anyelse need?
> >
> > Thanks!
> >
> > Regards
> > misshome
> >
> >
> > —
> > You are currently subscribed to ntdev as: xxxxx@yahoo.com
> > To unsubscribe send a blank email to
> leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com
>
>
> __________________________________________________
> Do You Yahoo!?
> Get personalized email addresses from Yahoo! Mail
http://personal.mail.yahoo.com/


You are currently subscribed to ntdev as: xxxxx@storagecraft.com To
unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com


You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com</windows.h>

Wrong. Calling a user mode function from kernel mode is possible, but by
dirty hacking and I personally think this is an extremely bad idea.
Kernel-land and user-land are separated very well, this is a key to system
stability.
Win9x has weaker separation - and thus unstable.

Max

----- Original Message -----
From: “Miguel Monteiro”
To: “NT Developers Interest List”
Sent: Friday, July 13, 2001 4:54 PM
Subject: [ntdev] Re: Another question

> You can’t call FindWindow() because you do not link with the
> libraries required for Win32K, NOT because of restrictions
> in calling a user mode function from kernel mode…
>
> Miguel Monteiro
> xxxxx@criticalsoftware.com
> ------------------------------------------------------------
> Critical Software, S.A. - http://www.criticalsoftware.com
> 111 North Market Street, 6th floor, San Jose, CA, USA, 95113
> Tel: +1.408.9711231, Fax +1.408.9383929
> R. Pedro Nunes, IPN, 3030-199 Coimbra, Portugal
> Tel: +351.239.700945 - Fax: +351.239.700905
> ------------------------------------------------------------
> DISCLAIMER: This mail contents represent
> my own personal opinions and do not, in any way,
> represent the opinion or policy of Critical Software, S.A.
> ------------------------------------------------------------
> “Humour and love are God’s answers
> to Human weaknesses”
> ------------------------------------------------------------
>
> ----- Original Message -----
> From: “Rock”
> To: “NT Developers Interest List”
> Sent: Friday, July 13, 2001 12:54 PM
> Subject: [ntdev] Re: Another question
>
> hi ,
> If you are writing a kernel mode driver and you want
> to call FindWindow(); you cant call a user mode
> function in kernel mode.
>
> – thanks and regards.
>
> — xxxxx@i-net.com.cn wrote:
> > I want to use the FindWindow() to find a windows,and
> > include <windows.h>,
> > but it can not be complied?
> > I have installed the MSVC 6.0 with SP4 and DDK for
> > Win2K, and anyelse need?
> >
> > Thanks!
> >
> > Regards
> > misshome
> >
> >
> > —
> > You are currently subscribed to ntdev as:
> > xxxxx@yahoo.com
> > To unsubscribe send a blank email to
> leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com
>
>
> __________________________________________________
> Do You Yahoo!?
> Get personalized email addresses from Yahoo! Mail
> http://personal.mail.yahoo.com/
>
> —
> You are currently subscribed to ntdev as: xxxxx@criticalsoftware.com
> To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com
>
>
>
> —
> You are currently subscribed to ntdev as: xxxxx@storagecraft.com
> To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com
>


You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com</windows.h>

Libs for Win32K? Which libs would those be?

FindWindow() is in User32.lib, which links your code to User32.dll.
Not Win32k.sys, which would be dumb for several reasons:

  • Win32k.sys doesn’t exist on other Win32 platforms like 9x, CE, and NT
    3.x.
  • Win32k.sys resides in system space memory, which is not accessible
    from user-mode code.
  • Making a direct function call would skip the software interrupt gate
    used to transition from user-mode to privileged kernel-mode.

Linking User32.lib might make the driver compile, but that’s not to say
it’ll run right.

Calling user-mode functions from kernel-mode is an extremely risky
proposition. Again there’s the issue of the mode gate, and perhaps
reentrancy into the Win32 subsystem in the same thread may not be
supported. Also, user-mode code is pageable, so you couldn’t call it
from IRQL DISPATCH_LEVEL.

It just wasn’t designed to work, so you shouldn’t do it. Write a user-
mode agent to do user-mode stuff on behalf of your driver. Setup a
communication mechanism between the driver and user-mode code using
DeviceIoControl, events, memory, and other documented/supported features.


Dave Cox
Hewlett-Packard Co.
SSO/OVBU/SRM (Santa Barbara)
https://ecardfile.com/id/Dave+Cox

-----Original Message-----
From: Miguel Monteiro [mailto:xxxxx@criticalsoftware.com]
Sent: Friday, July 13, 2001 5:54 AM
To: NT Developers Interest List
Subject: [ntdev] Re: Another question

You can’t call FindWindow() because you do not link with the
libraries required for Win32K, NOT because of restrictions
in calling a user mode function from kernel mode…

Miguel Monteiro
xxxxx@criticalsoftware.com


You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com

Boy, people are in a bad humour mood these past few days, or what?..
I wasn’t advocating calling a user mode function from kernel mode as a
good practice - it isn’t (of course I wouldn’t recommended it). I simply
stated that it IS possible (Rock stated it was NOT possible). In a very
dirty (thank’s, Max) and ugly way, but you may cheat and lie to the OS,
twist up things and put it to work (is this “procedure” such an
unfamiliar
and evil thing to a device driver developer?..).

Max is right. David is right. Calling UM from KM is evil. I’m evil.
Peace on Earth… :slight_smile:

Miguel Monteiro
xxxxx@criticalsoftware.com

Critical Software, S.A. - http://www.criticalsoftware.com
111 North Market Street, 6th floor, San Jose, CA, USA, 95113
Tel: +1.408.9711231, Fax +1.408.9383929
R. Pedro Nunes, IPN, 3030-199 Coimbra, Portugal
Tel: +351.239.700945 - Fax: +351.239.700905

DISCLAIMER: This mail contents represent
my own personal opinions and do not, in any way,
represent the opinion or policy of Critical Software, S.A.

“Humour and love are God’s answers
to Human weaknesses”

On Friday, July 13, 2001 7:44 PM “Maxim S. Shatskih” wrote:

Wrong. Calling a user mode function from kernel mode is possible, but
by
dirty hacking and I personally think this is an extremely bad idea.
Kernel-land and user-land are separated very well, this is a key to
system
stability.
Win9x has weaker separation - and thus unstable.

Max

On Friday, July 13, 2001 8:49 PM “David Cox” wrote:

Libs for Win32K? Which libs would those be?

FindWindow() is in User32.lib, which links your code to User32.dll.
Not Win32k.sys, which would be dumb for several reasons:

  • Win32k.sys doesn’t exist on other Win32 platforms like 9x, CE, and
    NT
    3.x.
  • Win32k.sys resides in system space memory, which is not accessible
    from user-mode code.
  • Making a direct function call would skip the software interrupt gate
    used to transition from user-mode to privileged kernel-mode.

Linking User32.lib might make the driver compile, but that’s not to say
it’ll run right.

Calling user-mode functions from kernel-mode is an extremely risky
proposition. Again there’s the issue of the mode gate, and perhaps
reentrancy into the Win32 subsystem in the same thread may not be
supported. Also, user-mode code is pageable, so you couldn’t call it
from IRQL DISPATCH_LEVEL.

It just wasn’t designed to work, so you shouldn’t do it. Write a user-
mode agent to do user-mode stuff on behalf of your driver. Setup a
communication mechanism between the driver and user-mode code using
DeviceIoControl, events, memory, and other documented/supported
features.

-----Original Message-----
From: Miguel Monteiro [mailto:xxxxx@criticalsoftware.com]
Sent: Friday, July 13, 2001 5:54 AM
To: NT Developers Interest List
Subject: [ntdev] Re: Another question

You can’t call FindWindow() because you do not link with the
libraries required for Win32K, NOT because of restrictions
in calling a user mode function from kernel mode…

Miguel Monteiro
xxxxx@criticalsoftware.com


You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com

Well, there are some interesting very symbols being exported from
win32K.sys like _NtUserFindWindowEx. Also the we can see some window
messages at _NtUserMessageCall. These are system services used to export
win32k functionality. Now if we you can figure out the parameters for
_NtUserFindWindowEx and make sure the return satifies your requirement
you can see if the window exists from kernel mode. Well, the params for
_NtUserMessageCall are similar to SendMessage with some few twists,
unfortunately i have not looked at _NtUserFindWindowEx. i have the
impression that a lot can be done with windows in kernel mode if some
more light can be thrown on the workings of GDI services exported by
Win32k.sys through _KeServiceDescriptorTableShadow.

  • asit
    there is also the _gpsi structure that really needs some documenting. It
    has a lot of interesting information on system settings related to the
    GDI.

-----Original Message-----
From: Miguel Monteiro [mailto:xxxxx@criticalsoftware.com]
Sent: Monday, July 16, 2001 2:57 AM
To: NT Developers Interest List
Subject: [ntdev] Re: Another question

Boy, people are in a bad humour mood these past few days, or what?..
I wasn’t advocating calling a user mode function from kernel mode as a
good practice - it isn’t (of course I wouldn’t recommended it). I simply
stated that it IS possible (Rock stated it was NOT possible). In a very
dirty (thank’s, Max) and ugly way, but you may cheat and lie to the OS,
twist up things and put it to work (is this “procedure” such an
unfamiliar
and evil thing to a device driver developer?..).

Max is right. David is right. Calling UM from KM is evil. I’m evil.
Peace on Earth… :slight_smile:

Miguel Monteiro
xxxxx@criticalsoftware.com

Critical Software, S.A. - http://www.criticalsoftware.com
111 North Market Street, 6th floor, San Jose, CA, USA, 95113
Tel: +1.408.9711231, Fax +1.408.9383929
R. Pedro Nunes, IPN, 3030-199 Coimbra, Portugal
Tel: +351.239.700945 - Fax: +351.239.700905

DISCLAIMER: This mail contents represent
my own personal opinions and do not, in any way,
represent the opinion or policy of Critical Software, S.A.

“Humour and love are God’s answers
to Human weaknesses”

On Friday, July 13, 2001 7:44 PM “Maxim S. Shatskih” wrote:

Wrong. Calling a user mode function from kernel mode is possible, but
by
dirty hacking and I personally think this is an extremely bad idea.
Kernel-land and user-land are separated very well, this is a key to
system
stability.
Win9x has weaker separation - and thus unstable.

Max

On Friday, July 13, 2001 8:49 PM “David Cox” wrote:

Libs for Win32K? Which libs would those be?

FindWindow() is in User32.lib, which links your code to User32.dll.
Not Win32k.sys, which would be dumb for several reasons:

  • Win32k.sys doesn’t exist on other Win32 platforms like 9x, CE, and
    NT
    3.x.
  • Win32k.sys resides in system space memory, which is not accessible
    from user-mode code.
  • Making a direct function call would skip the software interrupt gate
    used to transition from user-mode to privileged kernel-mode.

Linking User32.lib might make the driver compile, but that’s not to say
it’ll run right.

Calling user-mode functions from kernel-mode is an extremely risky
proposition. Again there’s the issue of the mode gate, and perhaps
reentrancy into the Win32 subsystem in the same thread may not be
supported. Also, user-mode code is pageable, so you couldn’t call it
from IRQL DISPATCH_LEVEL.

It just wasn’t designed to work, so you shouldn’t do it. Write a user-
mode agent to do user-mode stuff on behalf of your driver. Setup a
communication mechanism between the driver and user-mode code using
DeviceIoControl, events, memory, and other documented/supported
features.

-----Original Message-----
From: Miguel Monteiro [mailto:xxxxx@criticalsoftware.com]
Sent: Friday, July 13, 2001 5:54 AM
To: NT Developers Interest List
Subject: [ntdev] Re: Another question

You can’t call FindWindow() because you do not link with the
libraries required for Win32K, NOT because of restrictions
in calling a user mode function from kernel mode…

Miguel Monteiro
xxxxx@criticalsoftware.com


You are currently subscribed to ntdev as: xxxxx@greenborder.com
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com


You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com

>_NtUserFindWindowEx and make sure the return satifies your requirement

you can see if the window exists from kernel mode. Well, the params for

For what?
Why not use a helper user mode app like the shell extension?
After all - you will have problems with your approach on Terminal Server.

Max


You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com

Of course, if a user mode application can be used then that is
definately the way to go.

  • asit

-----Original Message-----
From: Maxim S. Shatskih [mailto:xxxxx@storagecraft.com]
Sent: Wednesday, July 25, 2001 3:40 AM
To: NT Developers Interest List
Subject: [ntdev] Re: Another question

_NtUserFindWindowEx and make sure the return satifies your requirement
you can see if the window exists from kernel mode. Well, the params for

For what?
Why not use a helper user mode app like the shell extension?
After all - you will have problems with your approach on Terminal
Server.

Max


You are currently subscribed to ntdev as: xxxxx@greenborder.com
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com


You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com