none
Query regarding driver submission to WHQL RRS feed

  • Question

  • We have a file system minifilter driver which monitors I/O activity. This driver has two slightly different versions. Main version monitors all file systems activities. Second one ignores read events. Rest all is same between them. They even use the same altitude as well. Intention for second one was to avoid monitoring spurious read requests occurring in some customer environments. 

    We provide both drivers as part of installer. Second one has slightly different name than main version. If any customer wants to use second version, they rename it the to main version and install it.

    Now we would like to get certified for Secure Boot. Our HLK tests are passing without any issue. But I am not aware of how to create HLK package for second version. Can any body provide me some idea about how to proceed?
    Saturday, May 19, 2018 5:06 PM

Answers

  • When you say "they rename it to the main version and install it", does that mean they rename the .sys file before they install the package?  If so, then you will have to have two separate driver packages.  When you build a driver package, the signed .CAT file includes a CRC checksum for all of the binaries mentioned in the CAT.  After your file renaming, the checksum won't match and the signature will be invalid.

    Tim Roberts, Driver MVP Providenza & Boekelheide, Inc.

    Monday, May 21, 2018 7:52 PM

All replies

  • When you say "they rename it to the main version and install it", does that mean they rename the .sys file before they install the package?  If so, then you will have to have two separate driver packages.  When you build a driver package, the signed .CAT file includes a CRC checksum for all of the binaries mentioned in the CAT.  After your file renaming, the checksum won't match and the signature will be invalid.

    Tim Roberts, Driver MVP Providenza & Boekelheide, Inc.

    Monday, May 21, 2018 7:52 PM
  • Thanks Tim for your reply. I would like confirm that customers do rename SYS file before they install the driver using INF file. E.g. mydriver-noread.sys to mydriver.sys. But does CAT contains file name as well in addition to CRC checksum? If yes, then which CAT file should be used after renaming? I am afraid none of the CAT files will be valid if we rename SYS file. FYI, we do not use CAT file currently. We plan to use them going forward.

    Tuesday, May 22, 2018 3:53 PM
  • > customers do rename SYS file before they install the driver using INF file.

    Yeah, that cannot be made to work.  Altering the package voids the CAT file.  The CAT file contains an entry for every file that is mentioned in the INF file, including the file name and the checksum.

    One option is to set up two separate different driver packages, one for each flavor of SYS file.  The INFs can be identical.  Create a CAT file for each, pass both through HLK.  Let your customer pick which one to install.

    But given your description, would it be easier to set up a registry entry that tells the driver to skip the read monitoring?  You can supply a .REG file to toggle the value.  That way, you have one package and one CAT file.


    Tim Roberts, Driver MVP Providenza & Boekelheide, Inc.

    Friday, May 25, 2018 5:51 PM