Search code examples
c++visual-studio-2013device-driver

Library for device drivers

I made a library for mapping into a memory address any PE format file, the thing is i did it only user land, using Visual Studio 2013 with standar .lib format. Does this means that my library cant be used inside a device driver?

For example i have the following snippet:

    HMODULE ntdllmod = LoadLibraryA("ntdll.dll");
    if (ntdllmod)
    {
        ZwQueryInformationProcess func = (ZwQueryInformationProcess)GetProcAddress(ntdllmod, "ZwQueryInformationProcess");
    }

This works well on user land, but on kernel i dont need to call GetProcAddress, i just can call ZwQueryInformationProcess directly, since its a ntoskrnl export... Cant i just do this for example?:

#IF USER_LAND
   HMODULE ntdllmod = LoadLibraryA("ntdll.dll");
   if (ntdllmod)
   {
       ZwQueryInformationProcess func = (ZwQueryInformationProcess)GetProcAddress(ntdllmod, "ZwQueryInformationProcess");
   }
#elif KERNEL_MODE
   //Run my Kernel version code here.

If this is not possible then how i can build a device driver library in VS2013? (cant find the option) Also any guide or reference for knowing how to link drivers library would help, assuming its different than a normal library.

EDIT: I already know about using ZwQueryInformationProcess, the question is if i can use the preprocessor directive #IF to generate a driver library or a user mode library and having both implementations in the same solution.

Thanks.

Solution

  • Yes, you can use #if to produce different code where necessary. You will probably have to define your own -D or #define to control whether the library is "kernel" or "user mode".

    It is often best to separate out the "functions that aren't generic" into one or a few modules (and including the files, say "usermode-stuff.c" and "kernel-stuff.c", respectively as part of the project source files), where the same type of function is declared for generic use. This avoids having a huge number of #if KERNEL_MODE all over the code, which can get quite messy after a while.

    Obviously, that in itself doesn't necessarily mean that you can do all the things you need, or that your project can be achieved - there isn't enough details in your question to answer that.