call function in system dll from driver

How i can call function in system dll (such as kernel32.dll) from kernel mode driver ? I find ZwCreateFile() but this is not work for my driver …


You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com

>How i can call function in system dll (such as kernel32.dll) from kernel

mode driver ? I find ZwCreateFile() but this is not work for my driver …

You can’t. Function in these Win32 libraries make assumptions about the
environment, which is wrong when a driver is running.

If you need Win32 operations done, you could write a service app, that
makes IOCTL calls to your driver, which can pass information back and forth
with a driver. Some of that information returned from a driver could
request the service to make the appropriate Win32 calls, and call the
driver back with the results.

If your just doing some sort of kludgy test, and don’t mind if your system
crashes periodically, you can pass the address of a user mode callback
function to a top level driver, and have the driver call the function. Keep
in mind you will be on the kernel stack, which is extremely limited in
size. This is also one reason why you can’t call user mode functions from a
driver. There are some debugging and measurement uses for this technique.

  • Jan

You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com