How does one go about generating a random value in kernel-mode?
Either ULONG RtlRandom ( PULONG seed ) or ULONG RtlRandomEx ( PULONG seed )
the Ex version only is in XP or later.
–
Don Burn (MVP, Windows DDK)
Windows 2k/XP/2k3 Filesystem and Driver Consulting
Remove StopSpam from the email to reply
“Søren Dreijer” wrote in message news:xxxxx@ntdev…
> How does one go about generating a random value in kernel-mode?
>
>
>
Thanks for the very fast reply!
I’m already attempting to use RtlRandom(), but according to MSDN the
function resides in the Installable File System Kit and I thought there was
a more “correct” function to use.
Also, where is the header file ntifs.h located?
“Don Burn” wrote in message news:xxxxx@ntdev…
> Either ULONG RtlRandom ( PULONG seed ) or ULONG RtlRandomEx ( PULONG
seed )
> the Ex version only is in XP or later.
>
>
> –
> Don Burn (MVP, Windows DDK)
> Windows 2k/XP/2k3 Filesystem and Driver Consulting
> Remove StopSpam from the email to reply
>
>
>
> “Søren Dreijer” wrote in message news:xxxxx@ntdev…
> > How does one go about generating a random value in kernel-mode?
> >
> >
> >
>
>
>
Oh, just noticed that one needs to order the IFS kit. Are there really no
other ways of generating a random number?
“Søren Dreijer” wrote in message news:xxxxx@ntdev…
> Thanks for the very fast reply!
>
> I’m already attempting to use RtlRandom(), but according to MSDN the
> function resides in the Installable File System Kit and I thought there
was
> a more “correct” function to use.
>
> Also, where is the header file ntifs.h located?
>
>
> “Don Burn” wrote in message news:xxxxx@ntdev…
> > Either ULONG RtlRandom ( PULONG seed ) or ULONG RtlRandomEx ( PULONG
> seed )
> > the Ex version only is in XP or later.
> >
> >
> > –
> > Don Burn (MVP, Windows DDK)
> > Windows 2k/XP/2k3 Filesystem and Driver Consulting
> > Remove StopSpam from the email to reply
> >
> >
> >
> > “Søren Dreijer” wrote in message
news:xxxxx@ntdev…
> > > How does one go about generating a random value in kernel-mode?
> > >
> > >
> > >
> >
> >
> >
>
>
>
The IFS kit will be part of the WDK. The call is not in the IFS kit, only
its definition is, the function is part of the kernel. There is an
artificial seperation of a number of calls into the IFS that are not
particularily file system specific. So look at any other Rtl call and clone
the declaration, then use it.
–
Don Burn (MVP, Windows DDK)
Windows 2k/XP/2k3 Filesystem and Driver Consulting
Remove StopSpam from the email to reply
“Søren Dreijer” wrote in message news:xxxxx@ntdev…
> Oh, just noticed that one needs to order the IFS kit. Are there really no
> other ways of generating a random number?
>
> “Søren Dreijer” wrote in message news:xxxxx@ntdev…
>> Thanks for the very fast reply!
>>
>> I’m already attempting to use RtlRandom(), but according to MSDN the
>> function resides in the Installable File System Kit and I thought there
> was
>> a more “correct” function to use.
>>
>> Also, where is the header file ntifs.h located?
>>
>>
>> “Don Burn” wrote in message news:xxxxx@ntdev…
>> > Either ULONG RtlRandom ( PULONG seed ) or ULONG RtlRandomEx ( PULONG
>> seed )
>> > the Ex version only is in XP or later.
>> >
>> >
>> > –
>> > Don Burn (MVP, Windows DDK)
>> > Windows 2k/XP/2k3 Filesystem and Driver Consulting
>> > Remove StopSpam from the email to reply
>> >
>> >
>> >
>> > “Søren Dreijer” wrote in message
> news:xxxxx@ntdev…
>> > > How does one go about generating a random value in kernel-mode?
>> > >
>> > >
>> > >
>> >
>> >
>> >
>>
>>
>>
>
>
>
Ah, perfect. It works like a charm.
Thanks!
“Don Burn” wrote in message news:xxxxx@ntdev…
> The IFS kit will be part of the WDK. The call is not in the IFS kit, only
> its definition is, the function is part of the kernel. There is an
> artificial seperation of a number of calls into the IFS that are not
> particularily file system specific. So look at any other Rtl call and
clone
> the declaration, then use it.
>
>
> –
> Don Burn (MVP, Windows DDK)
> Windows 2k/XP/2k3 Filesystem and Driver Consulting
> Remove StopSpam from the email to reply
>
>
>
> “Søren Dreijer” wrote in message news:xxxxx@ntdev…
> > Oh, just noticed that one needs to order the IFS kit. Are there really
no
> > other ways of generating a random number?
> >
> > “Søren Dreijer” wrote in message
news:xxxxx@ntdev…
> >> Thanks for the very fast reply!
> >>
> >> I’m already attempting to use RtlRandom(), but according to MSDN the
> >> function resides in the Installable File System Kit and I thought there
> > was
> >> a more “correct” function to use.
> >>
> >> Also, where is the header file ntifs.h located?
> >>
> >>
> >> “Don Burn” wrote in message news:xxxxx@ntdev…
> >> > Either ULONG RtlRandom ( PULONG seed ) or ULONG RtlRandomEx ( PULONG
> >> seed )
> >> > the Ex version only is in XP or later.
> >> >
> >> >
> >> > –
> >> > Don Burn (MVP, Windows DDK)
> >> > Windows 2k/XP/2k3 Filesystem and Driver Consulting
> >> > Remove StopSpam from the email to reply
> >> >
> >> >
> >> >
> >> > “Søren Dreijer” wrote in message
> > news:xxxxx@ntdev…
> >> > > How does one go about generating a random value in kernel-mode?
> >> > >
> >> > >
> >> > >
> >> >
> >> >
> >> >
> >>
> >>
> >>
> >
> >
> >
>
>
>
In addition the WDK beta is pretty much an open beta - so just sign up, get
the WDK and your troubles with respect to header file conflicts are pretty
much over.
=====================
Mark Roddy DDK MVP
Windows 2003/XP/2000 Consulting
Hollis Technology Solutions 603-321-1032
www.hollistech.com
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Don Burn
Sent: Monday, February 20, 2006 1:22 PM
To: Windows System Software Devs Interest List
Subject: Re:[ntdev] Generating random values in kernel-modeThe IFS kit will be part of the WDK. The call is not in the
IFS kit, only
its definition is, the function is part of the kernel. There is an
artificial seperation of a number of calls into the IFS that
are not particularily file system specific. So look at any
other Rtl call and clone the declaration, then use it.–
Don Burn (MVP, Windows DDK)
Windows 2k/XP/2k3 Filesystem and Driver Consulting Remove
StopSpam from the email to reply“S?ren Dreijer” wrote in message
> news:xxxxx@ntdev…
> > Oh, just noticed that one needs to order the IFS kit. Are
> there really no
> > other ways of generating a random number?
> >
> > “S?ren Dreijer” wrote in message
> news:xxxxx@ntdev…
> >> Thanks for the very fast reply!
> >>
> >> I’m already attempting to use RtlRandom(), but according
> to MSDN the
> >> function resides in the Installable File System Kit and I
> thought there
> > was
> >> a more “correct” function to use.
> >>
> >> Also, where is the header file ntifs.h located?
> >>
> >>
> >> “Don Burn” wrote in message news:xxxxx@ntdev…
> >> > Either ULONG RtlRandom ( PULONG seed ) or ULONG
> RtlRandomEx ( PULONG
> >> seed )
> >> > the Ex version only is in XP or later.
> >> >
> >> >
> >> > –
> >> > Don Burn (MVP, Windows DDK)
> >> > Windows 2k/XP/2k3 Filesystem and Driver Consulting
> >> > Remove StopSpam from the email to reply
> >> >
> >> >
> >> >
> >> > “S?ren Dreijer” wrote in message
> > news:xxxxx@ntdev…
> >> > > How does one go about generating a random value in kernel-mode?
> >> > >
> >> > >
> >> > >
> >> >
> >> >
> >> >
> >>
> >>
> >>
> >
> >
> >
>
>
>
> —
> Questions? First check the Kernel Driver FAQ at
> http://www.osronline.com/article.cfm?id=256
>
> You are currently subscribed to ntdev as: xxxxx@hollistech.com
> To unsubscribe send a blank email to xxxxx@lists.osr.com
>
S?ren Dreijer wrote:
Thanks for the very fast reply!
I’m already attempting to use RtlRandom(), but according to MSDN the
function resides in the Installable File System Kit and I thought there was
a more “correct” function to use.
All that means is that it is DOCUMENTED in the IFS kit. The capability
is always present.
If that still bothers you, you can certainly use the C run-time library
routine rand(), which is provided for kernel drivers in libcntpr.lib.
Alternatively, this same question was posted to
microsoft.public.development.device.drivers this week, and I posted a
simple linear congruential pseudo-random number generator in the thread:
–
Tim Roberts, xxxxx@probo.com
Providenza & Boekelheide, Inc.
Actually, rand is provided in the kernel but it is not thread safe, so I
would run like crazy from it.
–
Don Burn (MVP, Windows DDK)
Windows 2k/XP/2k3 Filesystem and Driver Consulting
Remove StopSpam from the email to reply
“Tim Roberts” wrote in message news:xxxxx@ntdev…
Søren Dreijer wrote:
>Thanks for the very fast reply!
>
>I’m already attempting to use RtlRandom(), but according to MSDN the
>function resides in the Installable File System Kit and I thought there was
>a more “correct” function to use.
>
>
All that means is that it is DOCUMENTED in the IFS kit. The capability
is always present.
If that still bothers you, you can certainly use the C run-time library
routine rand(), which is provided for kernel drivers in libcntpr.lib.
Alternatively, this same question was posted to
microsoft.public.development.device.drivers this week, and I posted a
simple linear congruential pseudo-random number generator in the thread:
http://groups.google.com/group/microsoft.public.development.device.drivers/browse_thread/thread/739555a15afaa770/bfea795d6256844c
–
Tim Roberts, xxxxx@probo.com
Providenza & Boekelheide, Inc.
> Alternatively, this same question was posted to
microsoft.public.development.device.drivers this week, and I posted a
simple linear congruential pseudo-random number generator in the thread:
Ah, great. I guess Google hasn’t been updated yet then. At least my search
results were limited
Actually, rand is provided in the kernel but it is not thread safe, so I
would run like crazy from it.
Yeah, that’s why I wanted a kernel function.
Thanks for the help, guys!
“Don Burn” wrote in message news:xxxxx@ntdev…
> Actually, rand is provided in the kernel but it is not thread safe, so I
> would run like crazy from it.
>
> –
> Don Burn (MVP, Windows DDK)
> Windows 2k/XP/2k3 Filesystem and Driver Consulting
> Remove StopSpam from the email to reply
>
>
>
> “Tim Roberts” wrote in message news:xxxxx@ntdev…
> Søren Dreijer wrote:
>
> >Thanks for the very fast reply!
> >
> >I’m already attempting to use RtlRandom(), but according to MSDN the
> >function resides in the Installable File System Kit and I thought there
was
> >a more “correct” function to use.
> >
> >
>
> All that means is that it is DOCUMENTED in the IFS kit. The capability
> is always present.
>
> If that still bothers you, you can certainly use the C run-time library
> routine rand(), which is provided for kernel drivers in libcntpr.lib.
> Alternatively, this same question was posted to
> microsoft.public.development.device.drivers this week, and I posted a
> simple linear congruential pseudo-random number generator in the thread:
>
>
http://groups.google.com/group/microsoft.public.development.device.drivers/b
rowse_thread/thread/739555a15afaa770/bfea795d6256844c
>
> –
> Tim Roberts, xxxxx@probo.com
> Providenza & Boekelheide, Inc.
>
>
>
>
>
I will. Thanks for the tip.
“Mark Roddy” wrote in message news:xxxxx@ntdev…
In addition the WDK beta is pretty much an open beta - so just sign up, get
the WDK and your troubles with respect to header file conflicts are pretty
much over.
=====================
Mark Roddy DDK MVP
Windows 2003/XP/2000 Consulting
Hollis Technology Solutions 603-321-1032
www.hollistech.com
> -----Original Message-----
> From: xxxxx@lists.osr.com
> [mailto:xxxxx@lists.osr.com] On Behalf Of Don Burn
> Sent: Monday, February 20, 2006 1:22 PM
> To: Windows System Software Devs Interest List
> Subject: Re:[ntdev] Generating random values in kernel-mode
>
> The IFS kit will be part of the WDK. The call is not in the
> IFS kit, only
> its definition is, the function is part of the kernel. There is an
> artificial seperation of a number of calls into the IFS that
> are not particularily file system specific. So look at any
> other Rtl call and clone the declaration, then use it.
>
>
> –
> Don Burn (MVP, Windows DDK)
> Windows 2k/XP/2k3 Filesystem and Driver Consulting Remove
> StopSpam from the email to reply
>
>
>
> “Søren Dreijer” wrote in message
> news:xxxxx@ntdev…
> > Oh, just noticed that one needs to order the IFS kit. Are
> there really no
> > other ways of generating a random number?
> >
> > “Søren Dreijer” wrote in message
> news:xxxxx@ntdev…
> >> Thanks for the very fast reply!
> >>
> >> I’m already attempting to use RtlRandom(), but according
> to MSDN the
> >> function resides in the Installable File System Kit and I
> thought there
> > was
> >> a more “correct” function to use.
> >>
> >> Also, where is the header file ntifs.h located?
> >>
> >>
> >> “Don Burn” wrote in message news:xxxxx@ntdev…
> >> > Either ULONG RtlRandom ( PULONG seed ) or ULONG
> RtlRandomEx ( PULONG
> >> seed )
> >> > the Ex version only is in XP or later.
> >> >
> >> >
> >> > –
> >> > Don Burn (MVP, Windows DDK)
> >> > Windows 2k/XP/2k3 Filesystem and Driver Consulting
> >> > Remove StopSpam from the email to reply
> >> >
> >> >
> >> >
> >> > “Søren Dreijer” wrote in message
> > news:xxxxx@ntdev…
> >> > > How does one go about generating a random value in kernel-mode?
> >> > >
> >> > >
> >> > >
> >> >
> >> >
> >> >
> >>
> >>
> >>
> >
> >
> >
>
>
>
> —
> Questions? First check the Kernel Driver FAQ at
> http://www.osronline.com/article.cfm?id=256
>
> You are currently subscribed to ntdev as: xxxxx@hollistech.com
> To unsubscribe send a blank email to xxxxx@lists.osr.com
>
Don Burn wrote:
Actually, rand is provided in the kernel but it is not thread safe, so I
would run like crazy from it.
“Run like crazy” is a bit much. It’s all about risk analysis. There is
a three-instruction window during which it is possible for two
simultaneous threads to get the same random number. If one is writing a
video poker machine or an encryption device, you bet that rand() should
be discarded early and enthusiastically.
But if one is generating random workloads or random delays for testing
purposes, there is nothing wrong with rand(). Truly random data SHOULD
repeat once in a while.
–
Tim Roberts, xxxxx@probo.com
Providenza & Boekelheide, Inc.