tags:

views:

32

answers:

1
+1  Q: 

DDK/WDM import wink32.lib into driver

Hi everyone! Recently I was trying to use W32pServiceTable in my driver. I did imported wink32.lib in SOURCES:

TARGETNAME=exp
TARGETTYPE=DRIVER
TARGETLIB=$(DDK_LIB_PATH)\win32k.lib
SOURCES=Experimental.cpp
MSC_WARNING_LEVEL=/W3

And I declare in source file:

extern PDWORD W32pServiceTable;

But I am getting symbol unresolved. I read, that only GDI drivers can use wink32.lib. But I am pretty sure that other drivers can also link to that library(but I dont know how). I would be very grateful if You could help.

+1  A: 

This is true. Only GDI drivers can use win32k.sys, and vice versa - GDI drivers can be statically be linked only to win32k.sys.

The reason for this is that most of the Windows internals are loaded into the global memory space, whereas win32k.sys is loaded into the so-called "session space". Some info is here:

http://www.tar.hu/wininternals/ch07lev1sec4.html

In simple words - most of the windows components and drivers are loaded once for the whole system, whereas things like UI management, GDI and etc. - are loaded per session.

There's a tricky possibility during the runtime for GDI drivers to obtain pointers to ntoskrnl functions and use them, and vice versa - WDM drivers with some effort may use win32k functions (that will work for the 'current' session).

Anyway, why would you want to link to win32k? What functionality do you need?

valdo  2010-10-15 09:53:56
Thanks a lot, that's very helpful. Could You tell me something more about that trick, I mean a hint so I could search on that topic(sorry for my english). Someone told me, that I cannot use win32 in Kernel. I heard there are better ways to do that(documented), but using win32k is more exciting.
Vasilij  2010-10-15 18:00:41
My name is Vladislav, so my english is like yours :)
valdo  2010-10-15 19:06:39
The trick is actually to write two drivers: one GDI driver and one WDM driver. In the initialization of GDI driver you may use 'EngLoadImage' and 'EngFindImageProcAddress' to get a pointer to the function of the WDM driver, so that they can communicate.
valdo  2010-10-15 19:09:33
Heh :) Thanks for your advice. If they communicate they can exchange data. So that's the answer. Appreciate :)
Vasilij  2010-10-15 22:53:13
But you must be careful: during the runtime win32k and the GDI driver may be loaded multiple times, they also may be unloaded any moment. So that you should think do you **really** need to access the functionality of win32k from the WDM driver. On the other hand using functions of WDM driver from GDI seems to be safe.
valdo  2010-10-16 10:04:04

related questions

Verifying files for testing
How do you create your own moniker (URL Protocol) on Windows systems?
Windows Equivalent of 'nice'
Is this a good way to determine OS Architecture?
Dual vs. Quadcore on a Webserver
Is there a WMI Redistributable Package?
PHP Error - Uploading a file
Ruby On Rails with Windows Vista - Best Setup?
OpenVPN Config file to prevent timeout
How can I create Debian install packages in Windows for a Visual Studio project?
How do I configure and communicate with a serial port?
What's the best setup for Mono development on Windows?
Appropriate pagefile size for SQL Server
XML Editing/Viewing Software
Linux shell equivalent on IIS
What is a better file copy alternative than the Windows default?
Windows Help files - what are the options?
Heap corruption under Win32; how to locate?
Best way to access Exchange using PHP?
Get a preview jpeg of a pdf on windows?
WinForms ComboBox data binding gotcha
How do you schedule tasks in Windows?
Register Windows program with the mailto protocol programmatically
Embedding Windows Media Player for all Browsers
Best Subversion clients for Windows Vista (64bit)