Hi,all
How to create a new thread running in Ring0 in my VXD driver?
Thank u for u help.???
guodongzi@163.net
2002-08-08
Dont be lazy, check Win98 DDK help, you have clear documented API for this.
----- Original Message -----
From: “Crasher”
To: “NT Developers Interest List”
Sent: Thursday, August 08, 2002 4:29 AM
Subject: [ntdev] How to create a new thread running in Ring0 in my VXD
driver?
Hi,all
How to create a new thread running in Ring0 in my VXD driver?
Thank u for u help.¡¡¡¡
guodongzi@163.net
2002-08-08
—
You are currently subscribed to ntdev as: xxxxx@rdsor.ro
To unsubscribe send a blank email to %%email.unsub%%
Hi,Dan Partelly
Thanks for you email.
I’ve checked Win98 DDK and found VMMCreateThreadEx routine , but this function just can create a thread running in ring 3 , but I want create a trhead running in Ring0?
???
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Dont be lazy, check Win98 DDK help, you have clear documented API for this.
----- Original Message -----
From: “Crasher”
>To: “NT Developers Interest List”
>Sent: Thursday, August 08, 2002 4:29 AM
>Subject: [ntdev] How to create a new thread running in Ring0 in my VXD
>driver?
>
>
>Hi,all
>
>How to create a new thread running in Ring0 in my VXD driver?
>
>Thank u for u help.???
>guodongzi@163.net
>
>
>
>2002-08-08
>
>
>
>
>—
>You are currently subscribed to ntdev as: xxxxx@rdsor.ro
>To unsubscribe send a blank email to %email.unsub%
>
>
>
>
>—
>You are currently subscribed to ntdev as: guodongzi@163.net
>To unsubscribe send a blank email to %%email.unsub%%
= = = = = = = = = = = = = = = = = = = =
Crasher
guodongzi@163.net
2002-08-08
Ohh sorry , your right, this aint documented. In Win95 the VxD responsable
with thread scheduling is vwin32.vxd. The service you want to call is
_VWIN32_CreateRing0Thread, but be warned is tricky to use, can cause VMM
reneterancy … are you sure you need this ?
----- Original Message -----
From: “Crasher”
To: “NT Developers Interest List”
Sent: Thursday, August 08, 2002 7:51 AM
Subject: [ntdev] Re: How to create a new thread running in Ring0 in my VXD
driver?
Hi,Dan Partelly
Thanks for you email.
I’ve checked Win98 DDK and found VMMCreateThreadEx routine , but this
function just can create a thread running in ring 3 , but I want create a
trhead running in Ring0?
¡¡¡¡
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>Dont be lazy, check Win98 DDK help, you have clear documented API for this.
>
>----- Original Message -----
>From: “Crasher”
>To: “NT Developers Interest List”
>Sent: Thursday, August 08, 2002 4:29 AM
>Subject: [ntdev] How to create a new thread running in Ring0 in my VXD
>driver?
>
>
>Hi,all
>
>How to create a new thread running in Ring0 in my VXD driver?
>
>Thank u for u help.¡¡¡¡
>guodongzi@163.net
>
>
>
>2002-08-08
>
>
>
>
>—
>You are currently subscribed to ntdev as: xxxxx@rdsor.ro
>To unsubscribe send a blank email to %email.unsub%
>
>
>
>
>—
>You are currently subscribed to ntdev as: guodongzi@163.net
>To unsubscribe send a blank email to %%email.unsub%%
= = = = = = = = = = = = = = = = = = = =
Crasher
guodongzi@163.net
2002-08-08
—
You are currently subscribed to ntdev as: xxxxx@rdsor.ro
To unsubscribe send a blank email to %%email.unsub%%
It’s no so simple and easy as it may seem.
VMMCreateThreadEx service is the right thing you should use. This service is
used by the WDM emulation layer in Windows 98/Me by PsCreateSystemThread()
function. This service can create Ring0 thread by some tricky method. First
of all, DDK description of this service is totally wrong and misleading but
it gives some info how to create threads in Ring0. Futher I’ll try to
explain how to do this.
//
// For VMMCreateThreadEx
//
typedef
VOID
(__cdecl *THREADINITPROC)(
VOID
);
//
// Function prototype for using with the VMMCreateThreadEx service
//
typedef
VOID
(__stdcall *PKSTART_ROUTINE)(
PVOID StartContext
);
//
// Structure for InitCallback procedure from the VMMCreateThreadEx service
//
typedef struct _START_PARAMS {
PKSTART_ROUTINE StartRoutine;
PVOID StartContext;
} START_PARAMS,*PSTART_PARAMS;
START_PARAMS StartParams;
PTCB Ring0Thread;
VWIN32_EVENT Event;
//===================================================================
// FASTCALL calling method is used only for receiving start params in EDX
register
//===================================================================
VOID __fastcall CreateThreadWrapper(DWORD dwReserved,PSTART_PARAMS pSP)
{
KdPrint((“THREAD: CreateThreadWrapper(): entering…\n”));
(*pSP->StartRoutine)(pSP->StartContext);
VMMTerminateThread(Ring0Thread);
KdPrint((“THREAD: CreateThreadWrapper(): VMMTerminateThread has
failed\n”));
}
//===================================================================
//
//===================================================================
VOID __stdcall Ring0ThreadFunction(PVOID StartContext)
{
KdPrint((“THREAD: Ring0ThreadFunction(): entering…\n”));
// Allows thread to be preempted by another threads. Otherwise this
thread will
// stall all the system while cycling in “dead” loop.
//
_Begin_Preemptable_Code();
while (ulCounter > 0)
{
if (_VWIN32_WaitSingleObject((PVOID)&Event,0,FALSE) == 0)
{
KdPrint((“THREAD: Ring0ThreadFunction(): event
signaled…\n”));
break;
}
_outp(0xED,0);
ulCounter–;
}
KdPrint((“THREAD: Ring0ThreadFunction(): leaving…\n”));
_End_Preemptable_Code();
}
//===================================================================
//
//===================================================================
VOID __stdcall CreateRing0Thread(PRING0_PROC ThreadFunction)
{
g_Ring0Thread=VMMCreateThreadEx(0,0,0,0,0,0,0x10121973,
(THREADINITPROC)CreateThreadWrapper,(DWORD)&StartParams);
if (Ring0Thread == NULL)
{
KdPrint((“THREAD: CreateRing0Thread(): thread creation
failed\n”));
}
else
{
KdPrint((“THREAD: CreateRing0Thread(): Ring0Thread:
0x%08X\n”,Ring0Thread));
//
// Normally ring0 thread will have a priority 8, but if
needed it can be adjusted here
//
// Set_Thread_Win32_Pri(Ring0Thread,4);
// Adjust_Thread_Exec_Priority(Ring0Thread,0);
}
}
In Windows 98/Me you can also call WDM functions (but not all) straight from
your VXD module. In this case you simply include WDM.H file in your
C-sources and simply use WDM-functions, but you should link you project with
WDMVXD.LIB static library to resolve all links. If you have any question
about this subject feel free to ask me.
Konstantin Manurin
Programmer
Nival Interactive
mailto:xxxxx@nival.com
10a bld. 5, 1st Volokolamsky proezd
Moscow 123060 Russia
Tel: +7 (095) 363-9630
Fax: +7 (095) 363-9631
http://www.nival.com
http://www.etherlords.com
http://www.evil-islands.com
Dan Partelly
Thanks for you help! I’ll try it!
???
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Ohh sorry , your right, this aint documented. In Win95 the VxD responsable
with thread scheduling is vwin32.vxd. The service you want to call is
_VWIN32_CreateRing0Thread, but be warned is tricky to use, can cause VMM
reneterancy … are you sure you need this ?----- Original Message -----
From: “Crasher”
>To: “NT Developers Interest List”
>Sent: Thursday, August 08, 2002 7:51 AM
>Subject: [ntdev] Re: How to create a new thread running in Ring0 in my VXD
>driver?
>
>
>Hi,Dan Partelly
>
>Thanks for you email.
>I’ve checked Win98 DDK and found VMMCreateThreadEx routine , but this
>function just can create a thread running in ring 3 , but I want create a
>trhead running in Ring0?
>
>???
>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>
>>Dont be lazy, check Win98 DDK help, you have clear documented API for this.
>>
>>----- Original Message -----
>>From: “Crasher”
>>To: “NT Developers Interest List”
>>Sent: Thursday, August 08, 2002 4:29 AM
>>Subject: [ntdev] How to create a new thread running in Ring0 in my VXD
>>driver?
>>
>>
>>Hi,all
>>
>>How to create a new thread running in Ring0 in my VXD driver?
>>
>>Thank u for u help.???
>>guodongzi@163.net
>>
>>
>>
>>2002-08-08
>>
>>
>>
>>
>>—
>>You are currently subscribed to ntdev as: xxxxx@rdsor.ro
>>To unsubscribe send a blank email to email.unsub
>>
>>
>>
>>
>>—
>>You are currently subscribed to ntdev as: guodongzi@163.net
>>To unsubscribe send a blank email to email.unsub
>
>= = = = = = = = = = = = = = = = = = = =
>
>
> Crasher
> guodongzi@163.net
>2002-08-08
>
>
>
>
>—
>You are currently subscribed to ntdev as: xxxxx@rdsor.ro
>To unsubscribe send a blank email to email.unsub
>
>
>
>
>—
>You are currently subscribed to ntdev as: guodongzi@163.net
>To unsubscribe send a blank email to %%email.unsub%%
= = = = = = = = = = = = = = = = = = = =
Crasher
guodongzi@163.net
2002-08-08