As mentioned by Martin you can have service application, Which can connect to your driver using FilterConnectCommunicationPort now you can trap notification in driver and send those notification to service and service in turn can do what ever you want to do in user mode …
I am new to driver development , I have implemented similar kind to solution for network drive. Hope this will help !
-Raj
-----Original Message-----
From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com]On Behalf Of Martin O’Brien
Sent: Friday, August 24, 2007 1:26 AM
To: Windows File Systems Devs Interest List
Subject: RE: [ntfsd] How To call User level functions from kernal level driver
Directly, no. This question comes a lot, and I believe what is always recommended in the end is to have a service in user mode.
mm
From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Kathiresan M
Sent: Thursday, August 23, 2007 09:39
To: Windows File Systems Devs Interest List
Subject: [ntfsd] How To call User level functions from kernal level driver
Hi all,
We are developing a kernel level minifilter driver to monitor registry operations. Problem here is with retrieving user name that belongs to the process that’s being accessed registry during all pre notifications. Using ZwQueryInformationToken I got the sid of the current user. I tried with SecLookUpAccountSid which gives buffer length of the user name and domain name in it’s first attempt but fails in the second attempt for retrieving user name and domain name with the known values of buffers.
I wonder how LookUpAccountSid works at user mode while SecLookUpAccountSid not works at kernel level.
Is my assumption about SecLookUpAccountSid is correct or is there any one who use this routine successfully?
Is there any possibility to call user mode function LookUpAccountSid from kernel level…? if possible can any one give me suggestions abt how to do all those thing since I m fresh to kernel level. I would feel happy if any one of u suggest me some articles or code which can explain interacting with usermode from kernel level with all basic level explanations. Expecting ur suggestions…!!
Thanks in Advance
kathir
http://www.patni.com
World-Wide Partnerships. World-Class Solutions.
This e-mail message may contain proprietary, confidential or legally privileged information for the sole use of the person or entity to whom this message was originally addressed. Any review, e-transmission dissemination or other use of or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you have received this e-mail in error kindly delete this e-mail from your records. If it appears that this mail has been forwarded to you without proper authority, please notify us immediately at xxxxx@patni.com and delete this mail.
NTFSD is sponsored by OSR
For our schedule debugging and file system seminars
(including our new fs mini-filter seminar) visit:
http://www.osr.com/seminars
You are currently subscribed to ntfsd as: unknown lmsubst tag argument: ‘’
To unsubscribe send a blank email to xxxxx@lists.osr.com
NTFSD is sponsored by OSR
For our schedule debugging and file system seminars
(including our new fs mini-filter seminar) visit:
http://www.osr.com/seminars
You are currently subscribed to ntfsd as: unknown lmsubst tag argument: ‘’
To unsubscribe send a blank email to xxxxx@lists.osr.com
CONFIDENTIALITY NOTICE: This communication may contain privileged or other confidential information.
If you have received it in error, please advise the sender by reply email and immediately delete the message and any attachments without copying or disclosing the contents.