none
how to start? RRS feed

  • Question

  • I wanted to create a "do nothing"-NDIS-filter driver to start with (ndid) driver development. I thought, this is should be easy with Visual Studio 2015 and WDK 10. ... well, wasn't that easy. I had a lot of setup errors. But now it's working (kernel mode debugging over network). ... fine. Then I created a new ndis filter driver project. Found out, that it cannot be deployed and that I have to copy it on the target, right click the "inf" file and "install" the driver. Fine... worked... then they told me, that I should execute "net start <drivername>". Fine... -> error, not found ... and, well... this could be correct. I don't find anything about my driver in the registry. But the setupapi.dev doesn't contain errors... but, to me it looks as if only files are copied and nothing else is installed... so I guess I have to add something... but what is it? I've found a lot of documentation. But... all they say I have to add is already in this inf/driver ... can someone tell me what I have to add to such a new project (VS 2015, NDIS filter driver of WDK 10) to get a usable/installable driver??

    >>>  [Device Install (DiInstallDriver) - C:\Users\Besitzer\Desktop\tr2\tuenix.inf]
    >>>  Section start 2017/01/03 14:14:54.155
          cmd: "C:\Windows\System32\InfDefaultInstall.exe" "C:\Users\Besitzer\Desktop\tr2\tuenix.inf"
         ndv: Flags: 0x00000000
         ndv: INF path: C:\Users\Besitzer\Desktop\tr2\tuenix.inf
         inf: {SetupCopyOEMInf: C:\Users\Besitzer\Desktop\tr2\tuenix.inf} 14:14:54.171
         inf:      Copy style: 0x00000000
         sto:      {Setup Import Driver Package: C:\Users\Besitzer\Desktop\tr2\tuenix.inf} 14:14:54.171
         inf:           Opened INF: 'C:\Users\Besitzer\Desktop\tr2\tuenix.inf' ([strings])
         inf:           Provider: CompanyX
         inf:           Class GUID: {4D36E974-E325-11CE-BFC1-08002BE10318}
         inf:           Driver Version: 01/03/2017,14.13.44.995
         inf:           Catalog File: tuenix.cat
         sto:           {Copy Driver Package: C:\Users\Besitzer\Desktop\tr2\tuenix.inf} 14:14:54.202
         sto:                Driver Package = C:\Users\Besitzer\Desktop\tr2\tuenix.inf
         sto:                Flags          = 0x00000007
         sto:                Destination    = C:\Users\Besitzer\AppData\Local\Temp\{6b0a8df6-3d22-6d46-974c-e03ad16e2f5a}
         sto:                Copying driver package files to 'C:\Users\Besitzer\AppData\Local\Temp\{6b0a8df6-3d22-6d46-974c-e03ad16e2f5a}'.
         inf:                Opened INF: 'C:\Users\Besitzer\Desktop\tr2\tuenix.inf' ([strings])
         inf:                Opened INF: 'C:\Users\Besitzer\Desktop\tr2\tuenix.inf' ([strings])
         flq:                {FILE_QUEUE_COPY}
         flq:                     CopyStyle      - 0x00000000
         flq:                     SourceRootPath - 'C:\Users\Besitzer\Desktop\tr2'
         flq:                     SourceFilename - 'tuenix.cat'
         flq:                     TargetDirectory- 'C:\Users\Besitzer\AppData\Local\Temp\{6b0a8df6-3d22-6d46-974c-e03ad16e2f5a}'
         flq:                {FILE_QUEUE_COPY exit(0x00000000)}
         flq:                {FILE_QUEUE_COPY}
         flq:                     CopyStyle      - 0x00000000
         flq:                     SourceRootPath - 'C:\Users\Besitzer\Desktop\tr2'
         flq:                     SourceFilename - 'tuenix.inf'
         flq:                     TargetDirectory- 'C:\Users\Besitzer\AppData\Local\Temp\{6b0a8df6-3d22-6d46-974c-e03ad16e2f5a}'
         flq:                {FILE_QUEUE_COPY exit(0x00000000)}
         flq:                {FILE_QUEUE_COPY}
         flq:                     CopyStyle      - 0x00000000
         flq:                     SourceRootPath - 'C:\Users\Besitzer\Desktop\tr2'
         flq:                     SourceFilename - 'tuenix.sys'
         flq:                     TargetDirectory- 'C:\Users\Besitzer\AppData\Local\Temp\{6b0a8df6-3d22-6d46-974c-e03ad16e2f5a}'
         flq:                {FILE_QUEUE_COPY exit(0x00000000)}
         flq:                {FILE_QUEUE_COMMIT} 14:14:54.311
         flq:                     {FILE_QUEUE_COMMIT_COPY_SUBQUEUE}
         flq:                          Source Media:
         flq:                               SourcePath   - [C:\Users\Besitzer\Desktop\tr2]
         flq:                               SourceFile   - [tuenix.cat]
         flq:                               Flags        - 0x00000000
         flq:                          {FILE_QUEUE_COMMIT_COPY_FILE}
         flq:                               Copying 'C:\Users\Besitzer\Desktop\tr2\tuenix.cat' to 'C:\Users\Besitzer\AppData\Local\Temp\{6b0a8df6-3d22-6d46-974c-e03ad16e2f5a}\tuenix.cat'.
         flq:                               CopyFile: 'C:\Users\Besitzer\Desktop\tr2\tuenix.cat' to 'C:\Users\Besitzer\AppData\Local\Temp\{6b0a8df6-3d22-6d46-974c-e03ad16e2f5a}\SETF9FF.tmp'
         flq:                               MoveFile: 'C:\Users\Besitzer\AppData\Local\Temp\{6b0a8df6-3d22-6d46-974c-e03ad16e2f5a}\SETF9FF.tmp' to 'C:\Users\Besitzer\AppData\Local\Temp\{6b0a8df6-3d22-6d46-974c-e03ad16e2f5a}\tuenix.cat'
         flq:                          {FILE_QUEUE_COMMIT_COPY_FILE exit OK}
         flq:                          {FILE_QUEUE_COMMIT_COPY_FILE}
         flq:                               Copying 'C:\Users\Besitzer\Desktop\tr2\tuenix.inf' to 'C:\Users\Besitzer\AppData\Local\Temp\{6b0a8df6-3d22-6d46-974c-e03ad16e2f5a}\tuenix.inf'.
         flq:                               CopyFile: 'C:\Users\Besitzer\Desktop\tr2\tuenix.inf' to 'C:\Users\Besitzer\AppData\Local\Temp\{6b0a8df6-3d22-6d46-974c-e03ad16e2f5a}\SETFA20.tmp'
         flq:                               MoveFile: 'C:\Users\Besitzer\AppData\Local\Temp\{6b0a8df6-3d22-6d46-974c-e03ad16e2f5a}\SETFA20.tmp' to 'C:\Users\Besitzer\AppData\Local\Temp\{6b0a8df6-3d22-6d46-974c-e03ad16e2f5a}\tuenix.inf'
         flq:                          {FILE_QUEUE_COMMIT_COPY_FILE exit OK}
         flq:                          {FILE_QUEUE_COMMIT_COPY_FILE}
         flq:                               Copying 'C:\Users\Besitzer\Desktop\tr2\tuenix.sys' to 'C:\Users\Besitzer\AppData\Local\Temp\{6b0a8df6-3d22-6d46-974c-e03ad16e2f5a}\tuenix.sys'.
         flq:                               CopyFile: 'C:\Users\Besitzer\Desktop\tr2\tuenix.sys' to 'C:\Users\Besitzer\AppData\Local\Temp\{6b0a8df6-3d22-6d46-974c-e03ad16e2f5a}\SETFA40.tmp'
         flq:                               MoveFile: 'C:\Users\Besitzer\AppData\Local\Temp\{6b0a8df6-3d22-6d46-974c-e03ad16e2f5a}\SETFA40.tmp' to 'C:\Users\Besitzer\AppData\Local\Temp\{6b0a8df6-3d22-6d46-974c-e03ad16e2f5a}\tuenix.sys'
         flq:                          {FILE_QUEUE_COMMIT_COPY_FILE exit OK}
         flq:                     {FILE_QUEUE_COMMIT_COPY_SUBQUEUE exit OK}
         flq:                {FILE_QUEUE_COMMIT exit OK} 14:14:54.421
         sto:                Copied driver package. Time = 187 ms
         sto:           {Copy Driver Package: exit(0x00000000)} 14:14:54.436
         pol:           {Driver package policy check} 14:14:54.499
         pol:           {Driver package policy check - exit(0x00000000)} 14:14:54.499
         sto:           {Stage Driver Package: C:\Users\Besitzer\AppData\Local\Temp\{6b0a8df6-3d22-6d46-974c-e03ad16e2f5a}\tuenix.inf} 14:14:54.499
         inf:                Opened INF: 'C:\Users\Besitzer\AppData\Local\Temp\{6b0a8df6-3d22-6d46-974c-e03ad16e2f5a}\tuenix.inf' ([strings])
         inf:                Opened INF: 'C:\Users\Besitzer\AppData\Local\Temp\{6b0a8df6-3d22-6d46-974c-e03ad16e2f5a}\tuenix.inf' ([strings])
         inf:                {Query Configurability: C:\Users\Besitzer\AppData\Local\Temp\{6b0a8df6-3d22-6d46-974c-e03ad16e2f5a}\tuenix.inf} 14:14:54.499
         inf:                     Opened INF: 'C:\Users\Besitzer\AppData\Local\Temp\{6b0a8df6-3d22-6d46-974c-e03ad16e2f5a}\tuenix.inf' ([strings])
         inf:                     Schema extension {4d36e974-e325-11ce-bfc1-08002be10318} not found.
         inf:                     Driver package 'tuenix.inf' is configurable.
         inf:                {Query Configurability: exit(0x00000000)} 14:14:54.499
         sto:                Copying driver package files:
         sto:                     Source Path      = C:\Users\Besitzer\AppData\Local\Temp\{6b0a8df6-3d22-6d46-974c-e03ad16e2f5a}
         sto:                     Destination Path = C:\Windows\System32\DriverStore\Temp\{5ffd71bd-2936-544e-8055-79281d86fa61}
         flq:                {FILE_QUEUE_COPY}
         flq:                     CopyStyle      - 0x00000010
         flq:                     SourceRootPath - 'C:\Users\Besitzer\AppData\Local\Temp\{6b0a8df6-3d22-6d46-974c-e03ad16e2f5a}'
         flq:                     SourceFilename - 'tuenix.cat'
         flq:                     TargetDirectory- 'C:\Windows\System32\DriverStore\Temp\{5ffd71bd-2936-544e-8055-79281d86fa61}'
         flq:                {FILE_QUEUE_COPY exit(0x00000000)}
         flq:                {FILE_QUEUE_COPY}
         flq:                     CopyStyle      - 0x00000010
         flq:                     SourceRootPath - 'C:\Users\Besitzer\AppData\Local\Temp\{6b0a8df6-3d22-6d46-974c-e03ad16e2f5a}'
         flq:                     SourceFilename - 'tuenix.inf'
         flq:                     TargetDirectory- 'C:\Windows\System32\DriverStore\Temp\{5ffd71bd-2936-544e-8055-79281d86fa61}'
         flq:                {FILE_QUEUE_COPY exit(0x00000000)}
         flq:                {FILE_QUEUE_COPY}
         flq:                     CopyStyle      - 0x00000010
         flq:                     SourceRootPath - 'C:\Users\Besitzer\AppData\Local\Temp\{6b0a8df6-3d22-6d46-974c-e03ad16e2f5a}'
         flq:                     SourceFilename - 'tuenix.sys'
         flq:                     TargetDirectory- 'C:\Windows\System32\DriverStore\Temp\{5ffd71bd-2936-544e-8055-79281d86fa61}'
         flq:                {FILE_QUEUE_COPY exit(0x00000000)}
         flq:                {FILE_QUEUE_COMMIT} 14:14:54.515
         flq:                     {FILE_QUEUE_COMMIT_COPY_SUBQUEUE}
         flq:                          Source Media:
         flq:                               SourcePath   - [C:\Users\Besitzer\AppData\Local\Temp\{6b0a8df6-3d22-6d46-974c-e03ad16e2f5a}]
         flq:                               SourceFile   - [tuenix.cat]
         flq:                               Flags        - 0x00000000
         flq:                          {FILE_QUEUE_COMMIT_COPY_FILE}
         flq:                               Copying 'C:\Users\Besitzer\AppData\Local\Temp\{6b0a8df6-3d22-6d46-974c-e03ad16e2f5a}\tuenix.cat' to 'C:\Windows\System32\DriverStore\Temp\{5ffd71bd-2936-544e-8055-79281d86fa61}\tuenix.cat'.
         flq:                               CopyFile: 'C:\Users\Besitzer\AppData\Local\Temp\{6b0a8df6-3d22-6d46-974c-e03ad16e2f5a}\tuenix.cat' to 'C:\Windows\System32\DriverStore\Temp\{5ffd71bd-2936-544e-8055-79281d86fa61}\SETFABB.tmp'
         flq:                               MoveFile: 'C:\Windows\System32\DriverStore\Temp\{5ffd71bd-2936-544e-8055-79281d86fa61}\SETFABB.tmp' to 'C:\Windows\System32\DriverStore\Temp\{5ffd71bd-2936-544e-8055-79281d86fa61}\tuenix.cat'
         flq:                          {FILE_QUEUE_COMMIT_COPY_FILE exit OK}
         flq:                          {FILE_QUEUE_COMMIT_COPY_FILE}
         flq:                               Copying 'C:\Users\Besitzer\AppData\Local\Temp\{6b0a8df6-3d22-6d46-974c-e03ad16e2f5a}\tuenix.inf' to 'C:\Windows\System32\DriverStore\Temp\{5ffd71bd-2936-544e-8055-79281d86fa61}\tuenix.inf'.
         flq:                               CopyFile: 'C:\Users\Besitzer\AppData\Local\Temp\{6b0a8df6-3d22-6d46-974c-e03ad16e2f5a}\tuenix.inf' to 'C:\Windows\System32\DriverStore\Temp\{5ffd71bd-2936-544e-8055-79281d86fa61}\SETFABC.tmp'
         flq:                               MoveFile: 'C:\Windows\System32\DriverStore\Temp\{5ffd71bd-2936-544e-8055-79281d86fa61}\SETFABC.tmp' to 'C:\Windows\System32\DriverStore\Temp\{5ffd71bd-2936-544e-8055-79281d86fa61}\tuenix.inf'
         flq:                          {FILE_QUEUE_COMMIT_COPY_FILE exit OK}
         flq:                          {FILE_QUEUE_COMMIT_COPY_FILE}
         flq:                               Copying 'C:\Users\Besitzer\AppData\Local\Temp\{6b0a8df6-3d22-6d46-974c-e03ad16e2f5a}\tuenix.sys' to 'C:\Windows\System32\DriverStore\Temp\{5ffd71bd-2936-544e-8055-79281d86fa61}\tuenix.sys'.
         flq:                               CopyFile: 'C:\Users\Besitzer\AppData\Local\Temp\{6b0a8df6-3d22-6d46-974c-e03ad16e2f5a}\tuenix.sys' to 'C:\Windows\System32\DriverStore\Temp\{5ffd71bd-2936-544e-8055-79281d86fa61}\SETFADC.tmp'
         flq:                               MoveFile: 'C:\Windows\System32\DriverStore\Temp\{5ffd71bd-2936-544e-8055-79281d86fa61}\SETFADC.tmp' to 'C:\Windows\System32\DriverStore\Temp\{5ffd71bd-2936-544e-8055-79281d86fa61}\tuenix.sys'
         flq:                          {FILE_QUEUE_COMMIT_COPY_FILE exit OK}
         flq:                     {FILE_QUEUE_COMMIT_COPY_SUBQUEUE exit OK}
         flq:                {FILE_QUEUE_COMMIT exit OK} 14:14:54.561
         sto:                {DRIVERSTORE IMPORT VALIDATE} 14:14:54.561
         inf:                     Opened INF: 'C:\Windows\System32\DriverStore\Temp\{5ffd71bd-2936-544e-8055-79281d86fa61}\tuenix.inf' ([strings])
         sig:                     {_VERIFY_FILE_SIGNATURE} 14:14:54.577
         sig:                          Key      = tuenix.inf
         sig:                          FilePath = C:\Windows\System32\DriverStore\Temp\{5ffd71bd-2936-544e-8055-79281d86fa61}\tuenix.inf
         sig:                          Catalog  = C:\Windows\System32\DriverStore\Temp\{5ffd71bd-2936-544e-8055-79281d86fa61}\tuenix.cat
    !    sig:                          Verifying file against specific (valid) catalog failed! (0x800b0109)
         sig:                     {_VERIFY_FILE_SIGNATURE exit(0x800b0109)} 14:14:54.593
         sig:                     {_VERIFY_FILE_SIGNATURE} 14:14:54.593
         sig:                          Key      = tuenix.inf
         sig:                          FilePath = C:\Windows\System32\DriverStore\Temp\{5ffd71bd-2936-544e-8055-79281d86fa61}\tuenix.inf
         sig:                          Catalog  = C:\Windows\System32\DriverStore\Temp\{5ffd71bd-2936-544e-8055-79281d86fa61}\tuenix.cat
         sig:                          Success: File is signed in Authenticode(tm) catalog.
         sig:                     {_VERIFY_FILE_SIGNATURE exit(0xe0000241)} 14:14:54.593
         sig:                     Driver package is digitally signed by 'WDKTestCert mischa.zehnder,131257998364568337' (). Signer Score = 0x0F000000
         sig:                     Code Integrity State: Test Signing
         inf:                     Opened INF: 'C:\Windows\System32\DriverStore\Temp\{5ffd71bd-2936-544e-8055-79281d86fa61}\tuenix.inf' ([strings])
         sig:                     Validating driver package files against catalog 'tuenix.cat'.
         sig:                     Verified file 'tuenix.sys'.
         sig:                     Driver package is valid.
         sto:                {DRIVERSTORE IMPORT VALIDATE: exit(0x00000000)} 14:14:54.624
         sig:                Signer Score = 0x0F000000
         sig:                Signer Name  = WDKTestCert mischa.zehnder,131257998364568337
         sto:                {DRIVERSTORE IMPORT BEGIN} 14:14:54.624
         bak:                     System restore not required for signed driver package.
         sto:                {DRIVERSTORE IMPORT BEGIN: exit(0x00000000)} 14:14:54.640
         sto:                Importing driver package files:
         sto:                     Source Path      = C:\Windows\System32\DriverStore\Temp\{5ffd71bd-2936-544e-8055-79281d86fa61}
         sto:                     Destination Path = C:\Windows\System32\DriverStore\FileRepository\tuenix.inf_amd64_9ee22cce1eaa82a3
         cpy:                {Copy Directory: C:\Windows\System32\DriverStore\Temp\{5ffd71bd-2936-544e-8055-79281d86fa61}} 14:14:54.640
         cpy:                     Target Path = C:\Windows\System32\DriverStore\FileRepository\tuenix.inf_amd64_9ee22cce1eaa82a3
         cpy:                {Copy Directory: exit(0x00000000)} 14:14:54.640
         idb:                {Register Driver Package: C:\Windows\System32\DriverStore\FileRepository\tuenix.inf_amd64_9ee22cce1eaa82a3\tuenix.inf} 14:14:54.640
         inf:                     Opened INF: 'C:\Windows\System32\DriverStore\FileRepository\tuenix.inf_amd64_9ee22cce1eaa82a3\tuenix.inf' ([strings])
         idb:                     Created driver package object 'tuenix.inf_amd64_9ee22cce1eaa82a3' in DRIVERS database node.
         idb:                     Created driver INF file object 'oem7.inf' in DRIVERS database node.
         idb:                     Registered driver package 'tuenix.inf_amd64_9ee22cce1eaa82a3' with 'oem7.inf'.
         idb:                {Register Driver Package: exit(0x00000000)} 14:14:54.655
         idb:                {Publish Driver Package: C:\Windows\System32\DriverStore\FileRepository\tuenix.inf_amd64_9ee22cce1eaa82a3\tuenix.inf} 14:14:54.655
         idb:                     Opened driver package object 'tuenix.inf_amd64_9ee22cce1eaa82a3' in DRIVERS database node.
         idb:                     Opened driver INF file object 'oem7.inf' in DRIVERS database node.
         idb:                     Activating driver package 'tuenix.inf_amd64_9ee22cce1eaa82a3'.
         cpy:                     Published 'tuenix.inf_amd64_9ee22cce1eaa82a3\tuenix.inf' to 'oem7.inf'.
         inf:                     Opened INF: 'C:\Windows\System32\DriverStore\FileRepository\tuenix.inf_amd64_9ee22cce1eaa82a3\tuenix.inf' ([strings])
         idb:                     Indexed 2 device IDs for 'tuenix.inf_amd64_9ee22cce1eaa82a3'.
         sto:                     Flushed driver database node 'DRIVERS'. Time = 375 ms
         sto:                     Flushed driver database node 'SYSTEM'. Time = 125 ms
         idb:                {Publish Driver Package: exit(0x00000000)} 14:14:55.155
         sto:                Setting catalog hint 'oem7.cat' on files
         sto:                Catalog hint set on file 'C:\Windows\System32\DriverStore\FileRepository\tuenix.inf_amd64_9ee22cce1eaa82a3\tuenix.sys'
         sto:                {DRIVERSTORE IMPORT END} 14:14:55.155
         dvi:                     Flushing C:\Windows\System32\DriverStore\FileRepository\tuenix.inf_amd64_9ee22cce1eaa82a3\tuenix.sys to disk.
         dvi:                     Flushing C:\Windows\System32\DriverStore\FileRepository\tuenix.inf_amd64_9ee22cce1eaa82a3\tuenix.cat to disk.
         dvi:                     Flushing C:\Windows\inf\oem7.inf to disk.
         dvi:                     Flushing C:\Windows\System32\DriverStore\FileRepository\tuenix.inf_amd64_9ee22cce1eaa82a3\tuenix.inf to disk.
         dvi:                     Flushed all driver package files to disk. Time = 63 ms
         sig:                     Installed catalog 'tuenix.cat' as 'oem7.cat'.
         inf:                     Opened INF: 'C:\Windows\System32\DriverStore\FileRepository\tuenix.inf_amd64_9ee22cce1eaa82a3\tuenix.inf' ([strings])
         bak:                     No system restore point was set earlier.
         sto:                {DRIVERSTORE IMPORT END: exit(0x00000000)} 14:14:55.311
         sto:           {Stage Driver Package: exit(0x00000000)} 14:14:55.311
         ndv:           Doing device matching lookup
         sto:      {Setup Import Driver Package - exit (0x00000000)} 14:14:55.327
         inf:      Opened INF: 'C:\Users\Besitzer\Desktop\tr2\tuenix.inf' ([strings])
         inf:      Driver Store Path: C:\Windows\System32\DriverStore\FileRepository\tuenix.inf_amd64_9ee22cce1eaa82a3\tuenix.inf
         inf:      Published Inf Path: C:\Windows\INF\oem7.inf
         inf:      OEM source media location: C:\Users\Besitzer\Desktop\tr2\
         inf: {SetupCopyOEMInf exit (0x00000000)} 14:14:55.343
         inf: Opened INF: 'C:\Users\Besitzer\Desktop\tr2\tuenix.inf' ([strings])
    <<<  Section end 2017/01/03 14:14:55.358
    <<<  [Exit status: SUCCESS]

    Tuesday, January 3, 2017 1:34 PM

Answers

  • I assume this is a Windows Filtering Platform driver?  Your problems reflect why the common recommendation is to start with a sample, and modify it, since you then have a solid project and framework to begin with.   For the install problems you might want to take a look at WFPSamplerInstall.cmd file network/trans/WFPSampler/scripts/WFPSamplerInstall.cmd  this will do an install of a WFP driver, so is a good starting point.

    Don Burn Windows Driver Consulting Website: http://www.windrvr.com

    Tuesday, January 3, 2017 3:38 PM

All replies

  • I assume this is a Windows Filtering Platform driver?  Your problems reflect why the common recommendation is to start with a sample, and modify it, since you then have a solid project and framework to begin with.   For the install problems you might want to take a look at WFPSamplerInstall.cmd file network/trans/WFPSampler/scripts/WFPSamplerInstall.cmd  this will do an install of a WFP driver, so is a good starting point.

    Don Burn Windows Driver Consulting Website: http://www.windrvr.com

    Tuesday, January 3, 2017 3:38 PM
  • For ndis Filter Driver: NDIS template in VS

    would try instructions at
    https://github.com/Microsoft/Windows-driver-samples/blob/master/network/ndis/filter/README.md

    To get debug-output possibly one has to change filterDebugLevel in flt_dbg.c
    INT                 filterDebugLevel = DL_TRACE;

    No warranty
    With kind regards
    Tuesday, January 3, 2017 11:12 PM