c:[["$","$Ld",null,{"page":"page"}],["$","$Le",null,{}],["$","div",null,{"className":"container shadow-4 rounded mt-3 mb-3 p-3 border border-primary","children":[[["$","$Lf","0",{"href":"../windows","className":"badge badge-primary m-1","children":"windows"}],["$","$Lf","1",{"href":"../kernel","className":"badge badge-primary m-1","children":"kernel"}],["$","$Lf","2",{"href":"../device-driver","className":"badge badge-primary m-1","children":"device-driver"}],["$","$Lf","3",{"href":"../drivers","className":"badge badge-primary m-1","children":"drivers"}]],["$","h1",null,{"className":"h1","dangerouslySetInnerHTML":{"__html":"DriverEntry caller"}}],["$","hr",null,{}],["$","div",null,{"dangerouslySetInnerHTML":{"__html":"

I am writing my first device driver.

\n\n

I am trying to figure out, which process generated a given IRP.

\n\n

Obj->MajorFunction[IRP_MJ_DIRECTORY_CONTROL] = dirCtl;\n\nNTSTATUS dirCtl(IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp);\n

\n\n

Given the DeviceObject/Irp how can I find out which user-land process tried to query a directory? (e.g. explorer.exe)

\n"}}],["$","hr",null,{}],["$","div",null,{"className":"h3","children":["Solution ",["$","li",null,{"className":"h3 fa fa-arrow-down"}]]}],["$","hr",null,{}],["$","div",null,{"dangerouslySetInnerHTML":{"__html":"

Most of the time PsGetCurrentProcessId() will do the trick since kernel is actually resides in process' memory space.

\n"}}],["$","br",null,{}],["$","ul",null,{"className":"list-group","children":[]}],["$","br",null,{}],["$","$L10",null,{}],["$","br",null,{}]]}],["$","$L11",null,{}],["$","$L12",null,{}],["$","$L13",null,{}],["$","div",null,{"className":"container ftr1","children":[["$","hr",null,{}],["$","footer",null,{"className":"bg-body-tertiary text-center text-lg-start","children":["$","div",null,{"className":"text-center p-3","children":["Content Source :",["$","a",null,{"className":"text-body","href":"https://stackoverflow.com","rel":"nofollow noreferrer noopener","id":"ftlk","style":{"color":"black"},"children":"Stackoverflow"}]," | ",["$","$Lf",null,{"href":"/privacy-policy","style":{"color":"blue !important"},"children":"Privacy Policy"}]," | ",["$","$Lf",null,{"href":"/terms-and-condition","style":{"color":"blue !important"},"children":"Terms and Condition"}]," | ",["$","$Lf",null,{"href":"/contact-us","style":{"color":"blue !important"},"children":"Contact Us"}]]}]}]]}],["$","$L14",null,{}],["$","$L15",null,{}]]