@Aleh: If it works on Win10, I would love it. That’s wonderful news to me!
Here is the code I had which causes crash:
PVOID TargetImageBase = ImageInfo->ImageBase;
ULONG TargetImageSize = ImageInfo->ImageSize;
Addr = IoAllocateMdl(TargetImageBase, TargetImageSize, FALSE, FALSE, NULL);
MmProbeAndLockPages(Addr, KernelMode, IoWriteAccess);
MmMapLockedPagesSpecifyCache(Addr, KernelMode, 0, TargetImageBase, FALSE, 32);
Now I proceed to patch TargetImageBase.
What I’m doing wrong?
Thank you!!!
Nevermind, got it working. Thank you all!
> Android Tester:
What I’m doing wrong?
Don’t map entire driver image, it is a really bad idea.
Everything you need is a several bytes at entry point.
> Now I proceed to patch TargetImageBase.
Use the address returned from the MmMapLockedPagesSpecifyCache.
Am I wrong but can’t you detect a driver from it’s PE header heuristically
by looking at the subsystem to be Native and look if it imports ntoskrnl ?
Gabriel.
On Fri, Feb 12, 2016 at 9:15 PM, wrote:
> > Now I proceed to patch TargetImageBase.
>
> Use the address returned from the MmMapLockedPagesSpecifyCache.
>
> —
> NTDEV is sponsored by OSR
>
> Visit the list online at: <
> http://www.osronline.com/showlists.cfm?list=ntdev>
>
> MONTHLY seminars on crash dump analysis, WDF, Windows internals and
> software drivers!
> Details at http:
>
> To unsubscribe, visit the List Server section of OSR Online at <
> http://www.osronline.com/page.cfm?name=ListServer>
>
–
Bercea. G.</http:>
Pedantically speaking, with enough academic assumptions, it is entirely possible to produce a graph with sever perpendicular lines ? even in a Euclidian geometry as long as it has enough dimensions. The coulor problem is harder but again green ink need not produce green lines in all possible realities.
For the OP the result is the same however: if he understands what we are talking about (at any level) he can probably produce (or contribute to) a commercial product that may provide value to end user; if he cannot, then likely not.
Sent from Mailhttps: for Windows 10
From: xxxxx@hotmail.commailto:xxxxx
Sent: February 12, 2016 10:17 AM
To: Windows System Software Devs Interest Listmailto:xxxxx
Subject: RE:[ntdev] Block Load/Start of a driver
At the risk of becoming boring, I am going, once again, to refer to the following comedy sketch
www.ecnmag.com/blog/2014/04/watch-engineer-deal-moronic-requests-marketinghttp:
If these “market requirements” include “drawing seven red lines that are strictly perpendicular to one another, with at least one of them having been drawn in a form of a kitten because customers like cute animals, and doing all the above partly with green ink and partly with transparent one”…well, then these requirements are, indeed, different from an " academic exercise" of creating a solution that may actually work…
And where do you think one may get with a “solution” that renders most of the software installed on user’s machiue unusable, and, to make things even worse, does not allow a user to terminate(and sometimes even cleanly uninstall) itself???
Well, parsing PE header seems(at least to me) to be a trivial and straightforward task…
Anton Bassov
—
NTDEV is sponsored by OSR
Visit the list online at: http:
MONTHLY seminars on crash dump analysis, WDF, Windows internals and software drivers!
Details at http:
To unsubscribe, visit the List Server section of OSR Online at http:</http:></http:></http:></http:></mailto:xxxxx></mailto:xxxxx></https:>
> Pedantically speaking, with enough academic assumptions, it is entirely possible to
produce a graph with sever perpendicular lines ? even in a Euclidian geometry as long as
it has enough dimensions.
IIRC, it does not allow more than three, does it Therefore, I am afraid one may have to go through the whole trouble of developing the one with such definitions of “line” and “perpendicularity” that allow it…
The coulor problem is harder but again green ink need not produce green lines in
all possible realities.
What is “reality”??? Look - there is no concept of colour in the physical world. There are just
electromagnetic waves of various frequencies/wavelengths, materials with specular reflection and refraction coefficients at a given wavelength, surfaces of a smoothness that indicates the probabilistic relationship between specularly and diffusely reflected photons at a given wavelength,etc. The rest is just a question of our perception( that,btw, may vary wildly,depending on our state of mind at this particular time). If you need more precise info I would suggest,concening the former part, picking any book on optics/photometry/ray tracing/photon mapping. I would recommend Richard Tilley , as well as Peter Shirley, here. Concerning the latter one, Terrence McKenna seems (at least to me) to be the most obvious guide, and Tim Leary may be of help as well.
Therefore, all that one needs here is to find such a combination of material and surface that
a line, applied with what we believe is a green ink, will be perceived by us as a red one ( I assume we are in a “conventional” state of mind at the time of viewing it, so that parameters may be assumed to be constant). What I see as a more complex part of a problem is the requirement that both green and transparent ink must produce exactly the same visual effects (i.e the one of a red line) when applied to the same surface…
Anton Bassov
Conventional Euclidian geometry (at least here) has 10 dimensions (3 for position usually labeled x, y, z; 3 for velocity or momentum; three for acceleration; and one for time) but there is no how many can be considered for a given problem except it must be equal to or greater than one (I.e. an element of the set of Natural numbers)
Non-Euclidian geometries mess with the concepts of infinities, parallel lines, infinitesimals and other more fundamental concepts than number of dimensions but AFAIK there are none which allow a number of dimensions to be anything other than a Natural number. They can be useful for modeling certain kinds of problems, but normally engineers discard them as absurd since their definitions contradict our common sense ? perpendicular lines that intersect at multiple locations, parallel lines that meet, positive infinity being equal to negative infinity or an infinitesimal all ?feel? wrong and are of no use when programing a digital computer with a sequential language.
Sent from Mailhttps: for Windows 10
From: xxxxx@hotmail.commailto:xxxxx
Sent: February 13, 2016 12:29 AM
To: Windows System Software Devs Interest Listmailto:xxxxx
Subject: RE:[ntdev] Block Load/Start of a driver
> Pedantically speaking, with enough academic assumptions, it is entirely possible to
> produce a graph with sever perpendicular lines ? even in a Euclidian geometry as long as
> it has enough dimensions.
IIRC, it does not allow more than three, does it Therefore, I am afraid one may have to go through the whole trouble of developing the one with such definitions of “line” and “perpendicularity” that allow it…
> The coulor problem is harder but again green ink need not produce green lines in
> all possible realities.
What is “reality”??? Look - there is no concept of colour in the physical world. There are just
electromagnetic waves of various frequencies/wavelengths, materials with specular reflection and refraction coefficients at a given wavelength, surfaces of a smoothness that indicates the probabilistic relationship between specularly and diffusely reflected photons at a given wavelength,etc. The rest is just a question of our perception( that,btw, may vary wildly,depending on our state of mind at this particular time). If you need more precise info I would suggest,concening the former part, picking any book on optics/photometry/ray tracing/photon mapping. I would recommend Richard Tilley , as well as Peter Shirley, here. Concerning the latter one, Terrence McKenna seems (at least to me) to be the most obvious guide, and Tim Leary may be of help as well.
Therefore, all that one needs here is to find such a combination of material and surface that
a line, applied with what we believe is a green ink, will be perceived by us as a red one ( I assume we are in a “conventional” state of mind at the time of viewing it, so that parameters may be assumed to be constant). What I see as a more complex part of a problem is the requirement that both green and transparent ink must produce exactly the same visual effects (i.e the one of a red line) when applied to the same surface…
Anton Bassov
—
NTDEV is sponsored by OSR
Visit the list online at: http:
MONTHLY seminars on crash dump analysis, WDF, Windows internals and software drivers!
Details at http:
To unsubscribe, visit the List Server section of OSR Online at http:</http:></http:></http:></mailto:xxxxx></mailto:xxxxx></https:>
> Conventional Euclidian geometry (at least here) has 10 dimensions (3 for position usually
labeled x, y, z; 3 for velocity or momentum; three for acceleration; and one for time)
https://en.wikipedia.org/wiki/Euclidean_geometry
As you can see, it is all about the static Euclidian space per se - you seem to be confusing the Euclidian geometry with the Newtonian mechanics that deals with motion in this space and introduces time parameter into the play. In any case, you are the first person that I came across who thinks of velocity and acceleration as of “dimensions”…
https://en.wikipedia.org/wiki/Dimension
As you can see, unlike X,Y, Z and T parameters, velocity and acceleration cannot be thought as of “dimensions”, because the former parameters alone are sufficient for describing any object that may be moving within the Euclidian space…
In any case, all this is so incredibly unrelated to topics that are meant to be discussed on NTDEV that I start worrying about “The Hanging Judge’s” reaction…
Anton Bassov
Every time you post, you should worry about “The Hanging Judge’s” reaction.
Every. Single. Time.
Peter
OSR
@OSRDrivers
>> The coulor problem is harder but again green ink need not produce green lines in
> all possible realities.
What is “reality”???
…and the topic goes on drifting to discussion of the ideas of Hegel and Kant 
–
Maxim S. Shatskih
Microsoft MVP on File System And Storage
xxxxx@storagecraft.com
http://www.storagecraft.com
>Conventional Euclidian geometry (at least here) has 10 dimensions (3 for position usually labeled x,
y, z; 3 for velocity or momentum;
Oh sorry, this is the so-called “phase space”, this is a very special mathematical construct.
No need in special dimensions for acceleration, which is being deducible (according to Newton’s laws, or their more abstract Lagrange/Hamilton formalism) from velocities and coordinates.
that meet, positive infinity being equal to negative infinity
I think this is called “projective plane”?
–
Maxim S. Shatskih
Microsoft MVP on File System And Storage
xxxxx@storagecraft.com
http://www.storagecraft.com
>velocity and acceleration as of “dimensions”…
Treating velocities as dimensions is the “phase space” idea, widely used in differential equations theory and especially the Stability Theory, as also in relation to things like the Strange Attractor.
–
Maxim S. Shatskih
Microsoft MVP on File System And Storage
xxxxx@storagecraft.com
http://www.storagecraft.com
BTW, the idea is mainly based on Axiomatic geometry. So lifting or introducing axioms creates different forms of geometry. Algebraic geometry is one such, that has the concepts of negative and positive infinite meets, and parallel lines intersect.
Are they completely theoretical ? No. Early work on Robotics movements used Algebraic geometry. How much was used ? No idea?
-Pro
On Feb 14, 2016, at 12:48 PM, Maxim S. Shatskih wrote:
>
>> Conventional Euclidian geometry (at least here) has 10 dimensions (3 for position usually labeled x,
>> y, z; 3 for velocity or momentum;
>
> Oh sorry, this is the so-called “phase space”, this is a very special mathematical construct.
>
> No need in special dimensions for acceleration, which is being deducible (according to Newton’s laws, or their more abstract Lagrange/Hamilton formalism) from velocities and coordinates.
>
>> that meet, positive infinity being equal to negative infinity
>
> I think this is called “projective plane”?
>
> –
> Maxim S. Shatskih
> Microsoft MVP on File System And Storage
> xxxxx@storagecraft.com
> http://www.storagecraft.com
>
>
> —
> NTDEV is sponsored by OSR
>
> Visit the list online at: http:
>
> MONTHLY seminars on crash dump analysis, WDF, Windows internals and software drivers!
> Details at http:
>
> To unsubscribe, visit the List Server section of OSR Online at http:</http:></http:></http:>
> >What is “reality”???
…and the topic goes on drifting to discussion of the ideas of Hegel and Kant
As you must have realised from the references provided, in this respect the notions of reality and of our perception of the one were meant to be viewed in context of psychopharmacology (IIRC, “The Hanging Judge” has a keen interest in this topic, so that I believe that his reaction to it should not be negative), raher than philosophy (which, btw, I find incredibly boring, although the latter has been obviously inspired and heavily influenced by the former)…
>velocity and acceleration as of “dimensions”…
Treating velocities as dimensions is the “phase space” idea
Well,this is already a totally different thing - to put it simply, you can think of any possible state of a dynamic system, of any valid combination of its parameters,etc, just as of a point in multidimensional space. Therefore, for a mechanical system, you can think of this space as of all possible combinations of a position and momentum parameters, i.e. momentum becomes a dimension.
This is not the same thing as thinking of momentum/velocity/acceleration as of dimensions when
simply describing a moving object in Eucliidian space,right - for this part X,Y Z and T parameters alone will suffice.
BTW, you can laugh as much as you want, but whenever I type the word “space” I have a weird urge to prepend the one “address” to it, particularly when I speak about the Euclidian one…
Anton Bassov
> I have no DG-enabled machine for testing
DG is:
The use of NonPagedPoolNx is also the DG’s requirement, though not directly related to the above.
–
Maxim S. Shatskih
Microsoft MVP on File System And Storage
xxxxx@storagecraft.com
http://www.storagecraft.com
>BTW, the idea is mainly based on Axiomatic geometry. So lifting or introducing axioms
Yes.
Started from Lobachevsky mid-1800ies, who tried to prove the axiom of parallels by deducing it from the other axioms.
For this, he tried to build a geometry where the axiom of parallels if wrong, in an attempt to step on a contradiction finally.
He found NO contradictions.
Later somebody (Riemann?) have proved that, if you draw lines on a “pseudosphere” (a surface similar in shape to a chess pawn or a leg of the snifter glass), and not on a plane, then you get Lobachevsky’s geometry, the first non-Euclidian one.
“Projective plane” adds 1 imaginary point of “infinity”, where all parallels do intersect.
Algebraic geometry is one such,
One??? he-he-he, there are lots of algebraic geometries
–
Maxim S. Shatskih
Microsoft MVP on File System And Storage
xxxxx@storagecraft.com
http://www.storagecraft.com
>combinations of a position and momentum parameters, i.e. momentum becomes a dimension.
More so: in mechanical movement in usual space, not only the path shape is important, but also the velocity/acceleration while moving on this path.
With phase space, it is no more - only the shape is important.
to prepend the one “address” to it, particularly when I speak about the Euclidian one…
Non-Euclidian address space? funny.
–
Maxim S. Shatskih
Microsoft MVP on File System And Storage
xxxxx@storagecraft.com
http://www.storagecraft.com
Yep, modern non-euclidean geometry (particularly Algebraic ) is based on sphere
What I meant to say is that Algebraic geometry is one such non-euclidean ? There are other non-euclidean geometries ?
One fine point, IIRC is that there is only one branch of non-euclidean geometry that is called Algebraic geometry ( based on the basic axiomatics assumption).
When we talked about Projective geometry, we almost always talk about euclidean space.
When we talk about infinite dimensional space, we talk about cardinal infinite, so there is no need for FRACTIONAL dimensions, unless we consider non-recurring fractional part ( like pie ). So there is no need to think about FRACTIONAL dimensions, AFAIK.
Going to leave it here - it?s way too far out of this list?s main theme ?
-Pro
On Feb 15, 2016, at 2:38 AM, Maxim S. Shatskih wrote:
>
>> BTW, the idea is mainly based on Axiomatic geometry. So lifting or introducing axioms
>
> Yes.
>
> Started from Lobachevsky mid-1800ies, who tried to prove the axiom of parallels by deducing it from the other axioms.
>
> For this, he tried to build a geometry where the axiom of parallels if wrong, in an attempt to step on a contradiction finally.
>
> He found NO contradictions.
>
> Later somebody (Riemann?) have proved that, if you draw lines on a “pseudosphere” (a surface similar in shape to a chess pawn or a leg of the snifter glass), and not on a plane, then you get Lobachevsky’s geometry, the first non-Euclidian one.
>
> “Projective plane” adds 1 imaginary point of “infinity”, where all parallels do intersect.
>
>> Algebraic geometry is one such,
>
> One??? he-he-he, there are lots of algebraic geometries
>
> –
> Maxim S. Shatskih
> Microsoft MVP on File System And Storage
> xxxxx@storagecraft.com
> http://www.storagecraft.com
>
>
> —
> NTDEV is sponsored by OSR
>
> Visit the list online at: http:
>
> MONTHLY seminars on crash dump analysis, WDF, Windows internals and software drivers!
> Details at http:
>
> To unsubscribe, visit the List Server section of OSR Online at http:</http:></http:></http:>
Before I am hung by my own anointed hanging judge, one final comment
The relevance to this community hinges on the fact that the ability to apply abstract concepts to concrete problems is one of the tenants of engineering across all disciplines including software; and more specifically Windows KM programming. Recently we have variously derided the approaches taken by some developers, but this is another case where I have gone too far the other way ? mea culpa
For the curious, a common application of geometry to software engineering is in the use of formal methods to prove the correctness of software. This is typically not done for software written for Windows (or any other general purpose OS) as the use of virtual memory and other non-deterministic effect can invalidate the results completely, but for DOS or various embed environments, it is possible to consider all variables of a program as orthogonal and possibly bounded dimensions and the valid states of that program as a figure (possibly a surface or a volume depending on how you look at it) and ensure that none of the code can possibly cause the program to exceed that valid figure. All static code analysis works on these lines, as well as optimizing compilers, and notwithstanding the horrible bugs in the current implementation of Microsoft?s SAL this is an important technique for breaking down large (whole program) analysis into small (single function) analysis of figures.
Another possibly more common way to express the same thing is to describe a state machine. That is another way to describe the figure of valid software state but capitulated from a different point of view
There are various other uses for abstractions mathematical and otherwise in software and I am sure I need not enumerate them all ? even if I could
To the OP: I am sorry. At this point I have no idea of what your problem was or how might remedy it. I do hope that some of this discussion has been useful to you in some way since as Peter points out we do volunteer our time to help others by participating here rather than with any other aim.
Sent from Mailhttps: for Windows 10
From: prokashmailto:xxxxx
Sent: February 15, 2016 10:21 AM
To: Windows System Software Devs Interest Listmailto:xxxxx
Subject: Re: [ntdev] Block Load/Start of a driver
Yep, modern non-euclidean geometry (particularly Algebraic ) is based on sphere
What I meant to say is that Algebraic geometry is one such non-euclidean ? There are other non-euclidean geometries ?
One fine point, IIRC is that there is only one branch of non-euclidean geometry that is called Algebraic geometry ( based on the basic axiomatics assumption).
When we talked about Projective geometry, we almost always talk about euclidean space.
When we talk about infinite dimensional space, we talk about cardinal infinite, so there is no need for FRACTIONAL dimensions, unless we consider non-recurring fractional part ( like pie ). So there is no need to think about FRACTIONAL dimensions, AFAIK.
Going to leave it here - it?s way too far out of this list?s main theme ?
-Pro
> On Feb 15, 2016, at 2:38 AM, Maxim S. Shatskih wrote:
>
>> BTW, the idea is mainly based on Axiomatic geometry. So lifting or introducing axioms
>
> Yes.
>
> Started from Lobachevsky mid-1800ies, who tried to prove the axiom of parallels by deducing it from the other axioms.
>
> For this, he tried to build a geometry where the axiom of parallels if wrong, in an attempt to step on a contradiction finally.
>
> He found NO contradictions.
>
> Later somebody (Riemann?) have proved that, if you draw lines on a “pseudosphere” (a surface similar in shape to a chess pawn or a leg of the snifter glass), and not on a plane, then you get Lobachevsky’s geometry, the first non-Euclidian one.
>
> “Projective plane” adds 1 imaginary point of “infinity”, where all parallels do intersect.
>
>> Algebraic geometry is one such,
>
> One??? he-he-he, there are lots of algebraic geometries
>
> –
> Maxim S. Shatskih
> Microsoft MVP on File System And Storage
> xxxxx@storagecraft.com
> http://www.storagecraft.com
>
>
> —
> NTDEV is sponsored by OSR
>
> Visit the list online at: http:
>
> MONTHLY seminars on crash dump analysis, WDF, Windows internals and software drivers!
> Details at http:
>
> To unsubscribe, visit the List Server section of OSR Online at http:
—
NTDEV is sponsored by OSR
Visit the list online at: http:
MONTHLY seminars on crash dump analysis, WDF, Windows internals and software drivers!
Details at http:
To unsubscribe, visit the List Server section of OSR Online at http:</http:></http:></http:></http:></http:></http:></mailto:xxxxx></mailto:xxxxx></https:>