none
Kernel Mode Service Documentation? RRS feed

  • Question

  • I am attempting to develop a kernel mode service for Windows 10 and I am having a hard time finding documentation on this. What I know so far is that it is not easy to do and it is in RING0, which is what I need for this project. It involves using the virtual machine extensions for x86 processors.

    Where is the documentation for this? I must be blind because I just can not find it at all.

    (Yes I know this is likely to cause many, many BSODs along the way)

    Saturday, November 25, 2017 4:42 AM

All replies

  • I can't help you much but anyone that can help will ask for a more specific description of what you need to do.



    Sam Hobbs
    SimpleSamples.Info


    Saturday, November 25, 2017 4:51 AM
  • Kernel mode has drivers, not services (even though they are registered with the service control manager). You don’t need VM extensions, just plain c/c++ and the right configuration. What are you trying to accomplish? To get started with writing drivers, start here https://msdn.microsoft.com/en-us/library/windows/hardware/ff557565(v=vs.85).aspx

    d -- This posting is provided "AS IS" with no warranties, and confers no rights.

    Saturday, November 25, 2017 2:21 PM
  • I can't help you much but anyone that can help will ask for a more specific description of what you need to do.



    Sam Hobbs
    SimpleSamples.Info


    I want to create a driver that does not have a device and acts as a service in the kernel in orderto  access VM extensions.

    Kernel mode has drivers, not services (even though they are registered with the service control manager). You don’t need VM extensions, just plain c/c++ and the right configuration. What are you trying to accomplish? To get started with writing drivers, start here https://msdn.microsoft.com/en-us/library/windows/hardware/ff557565(v=vs.85).aspx

    d -- This posting is provided "AS IS" with no warranties, and confers no rights.


    I want to make a driver that uses the VM extensions, which is why I need access to RING 0/kernel mode.


    • Edited by gudenau Monday, November 27, 2017 11:49 PM
    Monday, November 27, 2017 11:49 PM
  • What sort of VM extensions? HyperV or 3rd party hypervisor?

    -- pa

    Tuesday, November 28, 2017 12:02 AM
  • What sort of VM extensions? HyperV or 3rd party hypervisor?

    -- pa


    The extensions on the CPU themselves, I want to make my own VM software. But that is not the point here, I need to be able to get my code into the kernel and communicate with it from userspace.
    Tuesday, November 28, 2017 12:20 AM
  • I need to be able to get my code into the kernel and communicate with it from userspace.

    For this, just follow Doron's advice. 

    -- pa

    Tuesday, November 28, 2017 12:40 AM
  • Have you been to OSR? That is a useful and relevant site so you should look at it at least.


    Sam Hobbs
    SimpleSamples.Info

    Tuesday, November 28, 2017 12:44 AM
  •  so you should look at it at least.

    Heaven forbid. Thank you so much.

    -- pa


    • Edited by Pavel A Tuesday, November 28, 2017 4:06 PM
    Tuesday, November 28, 2017 12:47 AM
  • How do you believe you are going to get the CPU VM extensions assigned to your driver?  In Windows very bad things happen if you don't own the resources, and AFAIK there is no way to take control of those resources in the Windows kernel.    Think about the situation where someone mistakenly tries to install your driver on a copy of Windows running under HyperV or VMware.


    Don Burn Windows Driver Consulting Website: http://www.windrvr.com

    Tuesday, November 28, 2017 7:55 PM
  • How do you believe you are going to get the CPU VM extensions assigned to your driver?  In Windows very bad things happen if you don't own the resources, and AFAIK there is no way to take control of those resources in the Windows kernel.    Think about the situation where someone mistakenly tries to install your driver on a copy of Windows running under HyperV or VMware.


    Don Burn Windows Driver Consulting Website: http://www.windrvr.com


    You should be able to check weather or not the instructions are in use by something else. Either way, I will have warnings for this about other VM services.
    Sunday, December 3, 2017 11:37 PM
  • First how do you get the resources?  Bottom line, if you make the assumption of I will check then grab them someone else can make the same assumption.  I'm not sure how you think you check they are in use.


    Don Burn Windows Driver Consulting Website: http://www.windrvr.com

    Monday, December 4, 2017 3:50 PM