------ Original Message ------
From: “Tim Roberts”
To: “Windows System Software Devs Interest List”
Sent: 1/24/2017 10:32:27 AM
Subject: Re: [ntdev] TE.Host v5.8k for x64 Structured exception was
encountered: 0xE0434352
>
>How, exactly, are you installing this? What tool are you using?
Using VS2015’s “Deploy Package” option from the Build menu
>How did you get this dump?
From the VS2015 “Driver Test Group Explorer”.
>The stack here points to a signature
>verification problem, but the offsets are large enough that it looks
>like you don’t have the symbols loaded.
Certainly possible, as I just installed the OS, and then installed the
WDK_Test_Target_Setup, then had VS2015 “Prepare the target” by
installing all the stuff that IT needed.
>Have you run this in a
>debugger? Since this is in a .NET assembly, you may need to use the
>SOS
>tools to chase it.
This is how this works. I tell VS to build, and it builds the driver,
and then the package. I then tell it to deploy, and it connects to the
test VM, copies everything over, uninstalls the old instance of the
driver (there IS no old instance in this case), and then tries to
install the NEW version. When the new version fails, it copies the
error message back to the Test Group Explorer tab of VS. I have no idea
how I would debug this.
>
>Did you actually sign your driver? How did you do that?
>
Signing is one of the steps VS does when building the driver.
1>------ Build started: Project: KMDF Driver1, Configuration: Debug x64
------
1> Building ‘KMDF Driver1’ with toolset ‘WindowsKernelModeDriver10.0’
and the ‘Desktop’ target platform.
1> Stamping x64\Debug\KMDFDriver1.inf [Version] section with
DriverVer=01/24/2017,2.42.29.991
1> minispy.c
1> mspyLib.c
1> RegistrationData.c
1> Generating Code…
1> KMDF Driver1.vcxproj -> C:\Users\frank\Documents\Visual Studio
2015\Projects\KMDF Driver1\x64\Debug\KMDFDriver1.sys
1> KMDF Driver1.vcxproj -> C:\Users\frank\Documents\Visual Studio
2015\Projects\KMDF Driver1\x64\Debug\KMDFDriver1.pdb (Full PDB)
1> Done Adding Additional Store
1> Successfully signed: C:\Users\frank\Documents\Visual Studio
2015\Projects\KMDF Driver1\x64\Debug\KMDFDriver1.sys
1>
1> …
1> Signability test complete.
1>
1> Errors:
1> None
1>
1> Warnings:
1> None
1>
1> Catalog generation complete.
1> C:\Users\frank\Documents\Visual Studio 2015\Projects\KMDF
Driver1\x64\Debug\KMDF Driver1\kmdfdriver1.cat
1> Done Adding Additional Store
1> Successfully signed: C:\Users\frank\Documents\Visual Studio
2015\Projects\KMDF Driver1\x64\Debug\KMDF Driver1\kmdfdriver1.cat
1>
========== Build: 1 succeeded, 0 failed, 0 up-to-date, 0 skipped
==========
> How, exactly, are you installing this?
Using VS2015’s “Deploy Solution” option from the Build menu.
What tool are you using?
Visual Studio 2015.
How did you get this dump?
All output from the tools on the target machine are captured, and presented in a window called “Driver Test Group Explorer”. It shows all the results from the most recent deployments.
Have you run this in a debugger?
No, this runs on the target machine unattended. No development tools are installed on the target machine, just a “WDK Target” package that sets up the communications with the “host”.
Did you actually sign your driver? How did you do that?
Yes, it’s part of the Build Solution process. See here:
1>------ Build started: Project: KMDF Driver1, Configuration: Debug x64 ------
1> Building ‘KMDF Driver1’ with toolset ‘WindowsKernelModeDriver10.0’ and the ‘Desktop’ target platform.
1> Stamping x64\Debug\KMDFDriver1.inf [Version] section with DriverVer=01/25/2017,23.46.46.98
1> minispy.c
1> mspyLib.c
1> RegistrationData.c
1> Generating Code…
1> KMDF Driver1.vcxproj -> C:\Users\frank\Documents\Visual Studio 2015\Projects\KMDF Driver1\x64\Debug\KMDFDriver1.sys
1> KMDF Driver1.vcxproj -> C:\Users\frank\Documents\Visual Studio 2015\Projects\KMDF Driver1\x64\Debug\KMDFDriver1.pdb (Full PDB)
1> Done Adding Additional Store
1> Successfully signed: C:\Users\frank\Documents\Visual Studio 2015\Projects\KMDF Driver1\x64\Debug\KMDFDriver1.sys
1>
1> …
1> Signability test complete.
1>
1> Errors:
1> None
1>
1> Warnings:
1> None
1>
1> Catalog generation complete.
1> C:\Users\frank\Documents\Visual Studio 2015\Projects\KMDF Driver1\x64\Debug\KMDF Driver1\kmdfdriver1.cat
1> Done Adding Additional Store
1> Successfully signed: C:\Users\frank\Documents\Visual Studio 2015\Projects\KMDF Driver1\x64\Debug\KMDF Driver1\kmdfdriver1.cat
1>
========== Build: 1 succeeded, 0 failed, 0 up-to-date, 0 skipped ==========
It signs it with my cert, and then the deploy step makes sure that THAT cert is installed on the target machine as well.
Your minifilter is not a “KMDF” driver, so that is one problem. The second
problem is using the awful VS Driver Deployment to do anything.
Your minifilter can be installed using an inf file (assuming the inf file
is correctly composed) as described in some of the samples up on github,
e…g.
https://github.com/Microsoft/Windows-driver-samples/tree/master/filesys/miniFilter/NameChanger
Obviously for a released product you want to do this programatically, and
that is fairly trivial to do as well.
The simplest variation on program filter driver instal is “rundll32
setupapi.dll,InstallHinf DefaultInstall 132 mydrv.inf”.
Mark Roddy
On Fri, Jan 27, 2017 at 11:41 PM, wrote:
> > How, exactly, are you installing this?
>
> Using VS2015’s “Deploy Solution” option from the Build menu.
>
> > What tool are you using?
>
> Visual Studio 2015.
>
> > How did you get this dump?
>
> All output from the tools on the target machine are captured, and
> presented in a window called “Driver Test Group Explorer”. It shows all
> the results from the most recent deployments.
>
> > Have you run this in a debugger?
>
> No, this runs on the target machine unattended. No development tools are
> installed on the target machine, just a “WDK Target” package that sets up
> the communications with the “host”.
>
> > Did you actually sign your driver? How did you do that?
>
> Yes, it’s part of the Build Solution process. See here:
>
> 1>------ Build started: Project: KMDF Driver1, Configuration: Debug x64
> ------
> 1> Building ‘KMDF Driver1’ with toolset ‘WindowsKernelModeDriver10.0’ and
> the ‘Desktop’ target platform.
> 1> Stamping x64\Debug\KMDFDriver1.inf [Version] section with
> DriverVer=01/25/2017,23.46.46.98
> 1> minispy.c
> 1> mspyLib.c
> 1> RegistrationData.c
> 1> Generating Code…
> 1> KMDF Driver1.vcxproj -> C:\Users\frank\Documents\Visual Studio
> 2015\Projects\KMDF Driver1\x64\Debug\KMDFDriver1.sys
> 1> KMDF Driver1.vcxproj -> C:\Users\frank\Documents\Visual Studio
> 2015\Projects\KMDF Driver1\x64\Debug\KMDFDriver1.pdb (Full PDB)
> 1> Done Adding Additional Store
> 1> Successfully signed: C:\Users\frank\Documents\Visual Studio
> 2015\Projects\KMDF Driver1\x64\Debug\KMDFDriver1.sys
> 1>
> 1> …
> 1> Signability test complete.
> 1>
> 1> Errors:
> 1> None
> 1>
> 1> Warnings:
> 1> None
> 1>
> 1> Catalog generation complete.
> 1> C:\Users\frank\Documents\Visual Studio 2015\Projects\KMDF
> Driver1\x64\Debug\KMDF Driver1\kmdfdriver1.cat
> 1> Done Adding Additional Store
> 1> Successfully signed: C:\Users\frank\Documents\Visual Studio
> 2015\Projects\KMDF Driver1\x64\Debug\KMDF Driver1\kmdfdriver1.cat
> 1>
> ========== Build: 1 succeeded, 0 failed, 0 up-to-date, 0 skipped ==========
>
> It signs it with my cert, and then the deploy step makes sure that THAT
> cert is installed on the target machine as well.
>
> —
> NTDEV is sponsored by OSR
>
> Visit the list online at: http:> showlists.cfm?list=ntdev>
>
> MONTHLY seminars on crash dump analysis, WDF, Windows internals and
> software drivers!
> Details at http:
>
> To unsubscribe, visit the List Server section of OSR Online at <
> http://www.osronline.com/page.cfm?name=ListServer>
></http:></http:>