Thank you for your reply! It made me further understand windows kernel
object. I like the comparision sample, Alex. I should be more careful in
the complier.
One more question: The event object I used is allowed to modify state by
both driver and application. In driver, in a seprated device-dedicated
thread, I used KeWaitForMultipleObjects to wait for event state signal(
there is only event object in the object array). Whatâs the parameter
WaitMode value should I set? KernelMode or UserMode? The driver is a
function driver. As I understand,Since I use UserMode in
ObReferenceObjectByHandle, I should use UserMode in
KeWaitForMultipleObjects as well. But in the object array, another event
object is created and Refered in KernelMode, I am afraid that I could
not use KeWaitForMultipleObjects for these event object together, am I ?
If driver wants to detect application set the event state signal, should
the driver use UserMode in the wait function? I used KernelMode
parameter, it also worked. Could you give me more explaination on this
parameter? Thank in advance !
Haikun
2006-2-20
-----?ÊŒ?Ô??-----
???: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] ??? xxxxx@Home
???ʱ??: 2006??2??18?? 0:23
?ŐŒ???: Windows System Software Devs Interest List
???: [ntdev] Re: [ntdev] ???: [ntdev] Is it possible to share kernel
object between driver and application?
In addition to what Arlie said:
,&Handle,sizeof(PHANDLE),
You should have sizeof(HANDLE), no âPâ, the call swallows the starting
address
of something and the length of this something, not the length of a
pointer
to that
something.
But lucky you are: sizeof(PHANDLE) happens to be equal to
sizeof(HANDLE).
Do not test your luck ike that:-)
(HANDLE)(*InputBuf),
Instead I would try (assuming InputBuf points to the start of the
buffer)
*((PHANDLE)InputBuf)
which is read by the compiler as âI know that the 4 bytes starting
at address contain a HANDLE value; extract that valueâ.
Your order to the compiler is different: âextract the value of a type
InputBuf points to and convert this value to a HANDLEâ
See the difference?
Either you first put water in a pot and then heat it up, or
you first heat the pot up and then put water into it.
You may be lucky this time also due to little-endianness (if your
InputBuf
is
of char* type and the handle value is small, which is probably the case,
like 0x30
or something, you will get the correct result), but again, let your
enemies
test
their luck like that:-)
----- Original Message -----
From: âHaikun Houâ
To: âWindows System Software Devs Interest Listâ
Sent: Friday, February 17, 2006 3:02 AM
Subject: [ntdev] ???: [ntdev] Is it possible to share kernel object
between
driver and application?
Hello everyone:
I did like this:
In application: Since I used a smartcard device, I used ScardControl
insdead of DeviceIOControl.
DWORD dwBytesReturn = 0;
HANDLE Handle = CreateEvent( NULL, TRUE, TRUE, âshare_eventâ);
SCardControl( CardHandle,
IOCTL_GETCANCELEVENT_HANDLE,&Handle,sizeof(PHANDLE),NULL,0,&dwBytesRetur
n);
In driver specific IOCTL case:
ntStatus = ObReferenceObjectByHandle( (HANDLE)(*InputBuf),
THREAD_ALL_ACCESS, *ExEventObjectType, UserMode, &Handles, NULL );
But the ântStatusâ is STATUS_ACCESS_DENIED. Whatâs the problem? I
didnât find any issures about it in that doc.
Thank you for your attentions!
Haikun
2006-2-17
-----?ÊŒ?Ô??-----
???: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] ??? xxxxx@Home
???ʱ??: 2006??2??16?? 2:54
?ŐŒ???: Windows System Software Devs Interest List
???: Re: [ntdev] Is it possible to share kernel object between driver
and application?
> a named event, it is only created in the object name space for your
> session (unless you put the right prefix on the name)
Ok, good point.
> You are also exposing yourself to another attack by an outside
> component by creating a named object
Oh! Forgot to mention it as âobviousâ.
Thanx, Doron.
----- Original Message -----
From: âDoron Holanâ
To: âWindows System Software Devs Interest Listâ
Sent: Wednesday, February 15, 2006 1:20 PM
Subject: RE: [ntdev] Is it possible to share kernel object between
driver
and application?
When you create a named event, it is only created in the object name
space
for your session (unless you put the right prefix on the name). You are
also exposing yourself to another attack by an outside component by
creating
a named object. If you have an unnamed handle and pass it to the
driver,
there is no way for another app to open up the event object.
d
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of xxxxx@Home
Sent: Wednesday, February 15, 2006 8:00 AM
To: Windows System Software Devs Interest List
Subject: Re: [ntdev] Is it possible to share kernel object between
driver
and application?
It has been already explained how to âconvertâ a user-mode handle
into something usable in the kernel thru ObRefByHandle.
This is what Oney describes and Microsoft recommends, see
http://download.microsoft.com/download/e/b/a/eba1050f-a31d-436b-9281-92c
dfeae4b45/KM-UMGuide.doc
There is another approach (letâs leave overlapped ioctls alone for now),
using named objects (events etc.),
see http://www.osronline.com/article.cfm?id=108.
Just out of interest: whatâs wrong with this second approach,
CreateEvent(⊠, âi-will-open-this-event-in-the-kernelâ),
paired with IoCreateNotificationEvent, except the obvious?
By âobviousâ I mean (a) your naming convention may not be good enough,
and
(b) performance issues.
Ok, what else, if anything?
----- Original Message -----
From: Yakov Kaabak
To: Windows System Software Devs Interest List
Sent: Wednesday, February 15, 2006 10:26 AM
Subject: RE: [ntdev] Is it possible to share kernel object between
driver
and application?
Yes, it is.
In user mode:
1. Create event/semaphore
2. Send handle to your driver by DeviceIoControl
In driver:
1. Apply ObReferenceObjectByHandle to received handle (while in dispatch
routine for the above DeviceIoControl)
2. Store the result (Object) and use it however you want (SetEvent,
WaitForSingleObject etc)
3. When you no longer need it, call ObDereferenceObject on it.
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Haikun Hou
Sent: Wednesday, February 15, 2006 4:59 AM
To: Windows System Software Devs Interest List
Subject: [ntdev] Is it possible to share kernel object between driver
and
application?
Hello everyone:
I want to know is it possible to share a kernel object, such as
Event/Samephore object between driver and application? As I understand,
to
use SDK API in driver is not good, but I donât know if this is allowed ?
Any attention will be appreciated !
Haikun
2006-2-15
â
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: unknown lmsubst tag argument:
ââ
To unsubscribe send a blank email to xxxxx@lists.osr.com
â
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: unknown lmsubst tag argument:
ââ
To unsubscribe send a blank email to xxxxx@lists.osr.com
â
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: unknown lmsubst tag argument:
ââ
To unsubscribe send a blank email to xxxxx@lists.osr.com
â
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: unknown lmsubst tag argument:
ââ
To unsubscribe send a blank email to xxxxx@lists.osr.com
â
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: xxxxx@todos.com.cn
To unsubscribe send a blank email to xxxxx@lists.osr.com
â
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: unknown lmsubst tag argument:
ââ
To unsubscribe send a blank email to xxxxx@lists.osr.com
â
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: xxxxx@todos.com.cn
To unsubscribe send a blank email to xxxxx@lists.osr.com