dispatching a DeviceIoControl request with METHOD_NEITHER (as kldbgdrv.sys))

OSR_Community_User · January 25, 2012, 12:44pm

Hi all, I’m trying to emulate the behaviour of windbg in local kernel debugging, with the minifilter technology.

So first of all, disassembling the kldbgdrv.sys I found out that it dispatchs an IOCTL 0x22c007.

This control code specifes method_neither (cos it just pass down to the filter a small buffer with the command for KdSystemDebugControl (some commands are deprecated but I’m using the ndk)).

So the first question, unrelated with the rest of the topic is: can I use the minifilter technology for this purpose? I’m not sure (but I don’t this so), that I could have some problem with the frame in the device stack).

The second, and more important is: how sould I use this buffer in Parameters.DeviceIoControl.Type3InputBuffer? Can I just probe and lock this buffer to use the command in KdSystemDebugControl?

Thanks, N

Scott_Noone_OSR · January 25, 2012, 1:41pm

FYI you’re way off the deep end into undocumented/unsupported/unsavory things (and, to be honest, I don’t even understand the question at all). I wouldn’t expect any help from the list with problems like this, so you probably want to find another site for these types of questions in the future.

I’m going to lock this thread to keep the noise down. If you have any questions feel free to contact me directly.

-scott