Driver proxy to avoid repeated code signing on Windows

views:

answers:

Driver proxy to avoid repeated code signing on Windows

Drivers on Windows should be signed and submitted to Microsoft for code signing and this is a requirement for 64 bit systems. The problem is that, when you have to update the driver, you have to submit it again, once for every release.

Is possible to build some kind of proxy or shim driver so that I have to sign and submit it only once, and then have my code in a separate module?

Of course I can't just move the working code in a DLL, as also dynamically loaded modules have to be signed in order to being executed in 64 bit kernel mode. What if I put my code in a raw file, load it in memory (allocated with execution flag enabled) and then execute it? Other ideas?

+1 A:

You don't have to submit a driver to Microsoft. You have to sign your driver with a cross-signing-certificate. You will get a nag screen this way, but this is not forbidden!

There were (are) several attempts to do just what you want to do. These are 'barely' tolerated, but these drivers may be banned any at time. (By revoking your signature)

The process is very easy :

Load the signed driver.
Provide a IoControl in which user mode programs can send memory to the kernel.
Change the execute bit of this memory, and just call an address in this memory.

Christopher 2010-07-01 15:06:28

The customer would avoid the warning even on 32 bit, so we have to submit the driver to WHQL. It is however a requirement the delivery of very fast updates and patches, even to the kernel-level code. Fortunately it would be a relatively low number of installed systems.Thank you for the easy steps!

Lorenzo 2010-07-01 18:12:13

ansaurus

tags:

views:

answers:

Driver proxy to avoid repeated code signing on Windows

related questions