I am currently writing a kernel mode driver (software driver) with KMDF and since I am very new to this topic I want to ask you if my driver would be able to call OpenProcess and ReadProcessMemory on any running process or is there some way to prevent that my driver can call those functions on a process from kernel mode?
you can get target process pointer by call PsLookupProcessByProcessId. than call KeStackAttachProcess and direct read process memory. because this is user mode memory - mandatory do it in __try/__except block. finally call KeUnstackDetachProcess and ObfDereferenceObject for target process