[Compuware Corporation] [Compuware NuMega home page]                [NuMega Lab]
[teal]

 [DriverStudio]    [Image][Image]
   Home
 [Driver Products]        Driver Technical Tips
   DriverStudio          Some Notes on Loading Drivers and Security
   DriverBundle
   Previews              Windows 95 and Windows 98
   Compatibility         Windows 95 VxD writers enjoy the luxury of being able to summon
 [Downloads]             the services of a dynamically loadable VxD merely by calling the
                          familiar Win32 API CreateFile. For example, this call loads the
 Wizards                  driver named MYVXD:
   Utilities
   NT source                 HANDLE hVxD = CreateFile(
 examples                         "\\\\.\\MYVXD.VXD",
   VxD source                    // device driver name
 examples                         0,
   WDM source                    // access
 examples                         0,
 [Resources]                     // share mode
 Technical papers                 0,
   Useful links                  // security attributes
   Technical tips                CREATE_NEW,
 [Support]                       // create options
                                  FILE_FLAG_DELETE_ON_CLOSE,
 Support                          // flags
   Knowledge base                0);
   Problem                       // template
 submission
   Product
 registration             Another way to load and unload drivers on Windows 95 is to call
   Release notes         the services of VXDLDR, the system VxD responsible for managing
 [Shop NuMega]           dynamically loadable drivers. The application interface of
 Buy it!                  VXDLDR is relatively unknown, and not well documented. To use
   Price list            it, you must first obtain a handle to VXDLDR using CreateFile,
   How to buy            as shown in the code above. Then, to load a driver, call
   Sales offices         DeviceIoControl:

                                  DeviceIoControl(
 [Y2K Compliance]                         hldr,
                                          // handle
                                          VXDLDR_APIFUNC_LOADDEVICE,
 [More information]                       // control code (see vxdldr.h in DDK)
                                          (void *) VxDFile,
                                          // path of vxd file (No \\.\ prefix)
                                          strlen(VxDFile)+1,
                                          // input size
                                          NULL,
                                          // output buffer
                                          0,
                                          // output buffer size
                                          &nRet,
                                          // receives count returned
                                          NULL);
                                          // overlapped struct ptr

                          To unload the VxD, use control code VXDLDR_APIFUNC_UNLOADDEVICE,
                          and point the input buffer to a structure like this:

                                  struct UnloadInfo {
                                          LONG    vxdid;
                                          // device ID of VxD to unload, or -1 to use name
                                          CHAR    vxdname;
                                          // null terminated, case sensitive name of VxD
                                          };
                                          //   to unload if vxdid is -1

                          Since any application can load or unload a driver, there is no
                          protection against loading a device driver which might take full
                          control of the system, arbitrarily access any hardware, or in
                          other ways compromise the system While this makes VxDs very
                          powerful, it highlights the fact that Windows 95 was never meant
                          to be a secure system.

                          Windows NT
                          On Windows NT, you cannot cause a device driver to load merely
                          by calling CreateFile. Instead, a system component called the
                          Service Control Manager (SCM) is responsible for starting and
                          stopping kernel mode drivers. In the SCM's database, which is
                          maintained in the registry, there is an entry for each kernel
                          mode driver. The set of SCM APIs (CreateService, StartService,
                          ControlService, etc.) is well documented in the SDK.

                          The standard NT system command line utility NET.EXE can be used
                          to start and stop drivers for which there exists an entry in the
                          SCM database. For example,

                                  C:> net stop serial

                          stops the serial devices and unloads SERIAL.SYS. This level of
                          control is also available from control panel applets.

                          Each entry in the SCM driver database may contain security
                          information for the driver. By default, starting and stopping a
                          device driver requires administrator privileges. However, an
                          administrator can modify the security attributes of a driver
                          such that any user can start or stop it using SCM calls. In
                          other words, it is possible for unprivileged users to load and
                          unload drivers, provided that an administrator has previously
                          configured the driver to allow such access to that driver. You
                          can download a utility to do this.

                          The issue of loading and unloading is entirely separate from the
                          issue of creating a new SCM service. This is strictly for
                          administrators.

                          A Few More Tips
                          Here are some pointers for opening drivers by calling
                          CreateFile:

                             * On Windows 95, you will fail to open an already loaded VxD
                               if the name passed to CreateFile includes the .vxd
                               extension.
                             * To get automatic unloading of a VxD that you dynamically
                               load with CreateFile, include the flag
                               FILE_FLAG_DELETE_ON_CLOSE.
                             * There are no special privileges required for NT users to
                               open device objects with CreateFile. However, if a user
                               without administrator privileges calls CreateFile with
                               FILE_FLAG_DELETE_ON_CLOSE, the call will fail unless the
                               driver is unprotected. Use FILE_ATTRIBUTES_NORMAL.
                             * Finally, to improve source compatability between NT and 95,
                               you can create a symbolic link to your device object of
                               with a name of the form "DRIVER.VXD", which enables you to
                               use the same name for opening it on the two platforms.

                          Back to technical tip start page.

  DriverCentral  DriverStudio  Free downloads  Resources  Support and
                          Services  Shop NuMega
     Compuware NuMega  Tel: +1 603 578-8400  Updated: 9 August 1999 
                      Problems? Contact our webmaster.
