[Compuware Corporation] [Compuware NuMega home page] [NuMega Lab] [teal] [DriverStudio] [Image][Image] · Home [Driver Products] Driver Technical Tips · DriverStudio Some Notes on Loading Drivers and Security · DriverBundle · Previews Windows 95 and Windows 98 · Compatibility Windows 95 VxD writers enjoy the luxury of being able to summon [Downloads] · the services of a dynamically loadable VxD merely by calling the familiar Win32 API CreateFile. For example, this call loads the Wizards driver named MYVXD: · Utilities · NT source HANDLE hVxD = CreateFile( examples "\\\\.\\MYVXD.VXD", · VxD source // device driver name examples 0, · WDM source // access examples 0, [Resources] · // share mode Technical papers 0, · Useful links // security attributes · Technical tips CREATE_NEW, [Support] · // create options FILE_FLAG_DELETE_ON_CLOSE, Support // flags · Knowledge base 0); · Problem // template submission · Product registration Another way to load and unload drivers on Windows 95 is to call · Release notes the services of VXDLDR, the system VxD responsible for managing [Shop NuMega] · dynamically loadable drivers. The application interface of Buy it! VXDLDR is relatively unknown, and not well documented. To use · Price list it, you must first obtain a handle to VXDLDR using CreateFile, · How to buy as shown in the code above. Then, to load a driver, call · Sales offices DeviceIoControl: DeviceIoControl( [Y2K Compliance] hldr, // handle VXDLDR_APIFUNC_LOADDEVICE, [More information] // control code (see vxdldr.h in DDK) (void *) VxDFile, // path of vxd file (No \\.\ prefix) strlen(VxDFile)+1, // input size NULL, // output buffer 0, // output buffer size &nRet, // receives count returned NULL); // overlapped struct ptr To unload the VxD, use control code VXDLDR_APIFUNC_UNLOADDEVICE, and point the input buffer to a structure like this: struct UnloadInfo { LONG vxdid; // device ID of VxD to unload, or -1 to use name CHAR vxdname; // null terminated, case sensitive name of VxD }; // to unload if vxdid is -1 Since any application can load or unload a driver, there is no protection against loading a device driver which might take full control of the system, arbitrarily access any hardware, or in other ways compromise the system While this makes VxDs very powerful, it highlights the fact that Windows 95 was never meant to be a secure system. Windows NT On Windows NT, you cannot cause a device driver to load merely by calling CreateFile. Instead, a system component called the Service Control Manager (SCM) is responsible for starting and stopping kernel mode drivers. In the SCM's database, which is maintained in the registry, there is an entry for each kernel mode driver. The set of SCM APIs (CreateService, StartService, ControlService, etc.) is well documented in the SDK. The standard NT system command line utility NET.EXE can be used to start and stop drivers for which there exists an entry in the SCM database. For example, C:> net stop serial stops the serial devices and unloads SERIAL.SYS. This level of control is also available from control panel applets. Each entry in the SCM driver database may contain security information for the driver. By default, starting and stopping a device driver requires administrator privileges. However, an administrator can modify the security attributes of a driver such that any user can start or stop it using SCM calls. In other words, it is possible for unprivileged users to load and unload drivers, provided that an administrator has previously configured the driver to allow such access to that driver. You can download a utility to do this. The issue of loading and unloading is entirely separate from the issue of creating a new SCM service. This is strictly for administrators. A Few More Tips Here are some pointers for opening drivers by calling CreateFile: * On Windows 95, you will fail to open an already loaded VxD if the name passed to CreateFile includes the .vxd extension. * To get automatic unloading of a VxD that you dynamically load with CreateFile, include the flag FILE_FLAG_DELETE_ON_CLOSE. * There are no special privileges required for NT users to open device objects with CreateFile. However, if a user without administrator privileges calls CreateFile with FILE_FLAG_DELETE_ON_CLOSE, the call will fail unless the driver is unprotected. Use FILE_ATTRIBUTES_NORMAL. * Finally, to improve source compatability between NT and 95, you can create a symbolic link to your device object of with a name of the form "DRIVER.VXD", which enables you to use the same name for opening it on the two platforms. Back to technical tip start page. DriverCentral · DriverStudio · Free downloads · Resources · Support and Services · Shop NuMega Compuware NuMega · Tel: +1 603 578-8400 · Updated: 9 August 1999 · Problems? Contact our webmaster.