Hi,
Does anyone know of a way to disable hotpatching support for one of our
drivers only? Is there some sources flag that can be used? Thanks.
Best regards,
Alex Ionescu
Why the heck do you care? It is adding a few bytes to the beginning of a
function to have a place to put patch code, but it does not enable anyone to
patch your driver. The same protections of code pages that the OS has will
be used.
I’ve seen this asked before, and always wondered why someone would risk
messing up the build compilation settings, for this purpose.
–
Don Burn (MVP, Windows DDK)
Windows 2k/XP/2k3 Filesystem and Driver Consulting
Remove StopSpam from the email to reply
“Alex Ionescu [397670]” wrote in message
news:xxxxx@ntdev…
> Hi,
>
> Does anyone know of a way to disable hotpatching support for one of our
> drivers only? Is there some sources flag that can be used? Thanks.
>
> Best regards,
> Alex Ionescu
>
Alex,
Investigate the flags /hotpatch and /functionpadmin in i386mk.inc in
\bin.
(i.e. you would have to use a modified i386mk.inc.)
Jerry.
“Alex Ionescu [397670]”
Sent by: xxxxx@lists.osr.com
03/21/2006 02:05 PM
Please respond to
“Windows System Software Devs Interest List”
To
“Windows System Software Devs Interest List”
cc
Subject
[ntdev] Disabling Hotpatch in a module
Hi,
Does anyone know of a way to disable hotpatching support for one of our
drivers only? Is there some sources flag that can be used? Thanks.
Best regards,
Alex Ionescu
—
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
xxxxx@attotech.com wrote:
Alex,
Investigate the flags /hotpatch and /functionpadmin in i386mk.inc in
\bin.
>
> (i.e. you would have to use a modified i386mk.inc.)
>
> Jerry.
>
This would mean changing the WDK environment and/or system-wide changes,
which I don’t want. I was hoping for a makefile flag.
Best regards,
Alex Ionescu
Don Burn wrote:
Why the heck do you care? It is adding a few bytes to the beginning of a
function to have a place to put patch code, but it does not enable anyone to
patch your driver. The same protections of code pages that the OS has will
be used.I’ve seen this asked before, and always wondered why someone would risk
messing up the build compilation settings, for this purpose.
I’m not concerned about anyone “patching my driver”. This specific
driver simply doesn’t require it because it gets loaded by NTDLL before
the kernel loads, and gets deactivated before hotpatching is supported.
You can notice MS’s bootvid.dll also does not have hotpatching built in.
Best regards,
Alex Ionescu
I think underlying Don’s point is ‘why bother’? Is there some functional
reason for wanting to change the standard build environment?
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Alex Ionescu
[397670]
Sent: Thursday, March 23, 2006 12:44 PM
To: Windows System Software Devs Interest List
Subject: Re:[ntdev] Disabling Hotpatch in a module
Don Burn wrote:
Why the heck do you care? It is adding a few bytes to the beginning
of a
function to have a place to put patch code, but it does not enable
anyone to
patch your driver. The same protections of code pages that the OS has
will
be used.I’ve seen this asked before, and always wondered why someone would
risk
messing up the build compilation settings, for this purpose.
I’m not concerned about anyone “patching my driver”. This specific
driver simply doesn’t require it because it gets loaded by NTDLL before
the kernel loads, and gets deactivated before hotpatching is supported.
You can notice MS’s bootvid.dll also does not have hotpatching built in.
Best regards,
Alex Ionescu
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
I presume you mean ntldr and not ntdll?
-p
From: xxxxx@lists.osr.com on behalf of Alex Ionescu [397670]
Sent: Thu 3/23/2006 9:43 AM
To: Windows System Software Devs Interest List
Subject: Re:[ntdev] Disabling Hotpatch in a module
Don Burn wrote:
Why the heck do you care? It is adding a few bytes to the beginning of a
function to have a place to put patch code, but it does not enable anyone to
patch your driver. The same protections of code pages that the OS has will
be used.I’ve seen this asked before, and always wondered why someone would risk
messing up the build compilation settings, for this purpose.
I’m not concerned about anyone “patching my driver”. This specific
driver simply doesn’t require it because it gets loaded by NTDLL before
the kernel loads, and gets deactivated before hotpatching is supported.
You can notice MS’s bootvid.dll also does not have hotpatching built in.
Best regards,
Alex Ionescu
Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256
To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
My bad, yes, ntldr.
Best regards,
Alex Ionescu
Peter Wieland wrote:
I presume you mean ntldr and not ntdll?
-p
From: xxxxx@lists.osr.com on behalf of Alex Ionescu [397670]
Sent: Thu 3/23/2006 9:43 AM
To: Windows System Software Devs Interest List
Subject: Re:[ntdev] Disabling Hotpatch in a moduleDon Burn wrote:
>Why the heck do you care? It is adding a few bytes to the beginning of a
>function to have a place to put patch code, but it does not enable anyone to
>patch your driver. The same protections of code pages that the OS has will
>be used.
>
>I’ve seen this asked before, and always wondered why someone would risk
>messing up the build compilation settings, for this purpose.
>
>I’m not concerned about anyone “patching my driver”. This specific
driver simply doesn’t require it because it gets loaded by NTDLL before
the kernel loads, and gets deactivated before hotpatching is supported.
You can notice MS’s bootvid.dll also does not have hotpatching built in.Best regards,
Alex Ionescu
Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256
To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
Hi,
I don’t want to change the build environment. I simply don’t want/need
hotpatching in this driver. I’m merely asking if a simple makefile flag
exists, since MSFT builds some of their stuff without hotpatching, I’m
guessing there is.
Best regards,
Alex Ionescu
Roddy, Mark wrote:
I think underlying Don’s point is ‘why bother’? Is there some functional
reason for wanting to change the standard build environment?-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Alex Ionescu
[397670]
Sent: Thursday, March 23, 2006 12:44 PM
To: Windows System Software Devs Interest List
Subject: Re:[ntdev] Disabling Hotpatch in a moduleDon Burn wrote:
>Why the heck do you care? It is adding a few bytes to the beginning
of a
>function to have a place to put patch code, but it does not enable
anyone to
>patch your driver. The same protections of code pages that the OS has
will
>be used.
>
>I’ve seen this asked before, and always wondered why someone wouldrisk
>messing up the build compilation settings, for this purpose.
>
>I’m not concerned about anyone “patching my driver”. This specific
driver simply doesn’t require it because it gets loaded by NTDLL before
the kernel loads, and gets deactivated before hotpatching is supported.
You can notice MS’s bootvid.dll also does not have hotpatching built in.Best regards,
Alex Ionescu
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer