Invalid DeviceExtension when Verifier is enabled

Hello all,

I’ve a weird problem, and this stems from driverA <->driverB communication. I basically need to get the PDO of driverB (which I stored in driverB’s device extension.
I was using the DeviceObject returned from IoGetDevicePointer’s DeviceObject->Extension, but if VERIFIER is enabled, it seems that the extensions are “zeroed out”.
The deviceobject still works, since I can make PnP calls to get PCIId and stuff. The device extension is non-null, and is pointing to some location, but it seems that the data in this location is Zeroed out of sorts

If VERIFIER is turned off, I can see valid data in the device-extension from driver B. Other then the device-extension muck-up, as far as I can tell, the deviceobject is generally correct (at least I can still use it to get the PCIId/InstanceId … to be able to tell that at least it’s the correct device)

//// [Driver A] //////
// On detect interface arrival (from DriverB)
// Open the device object
//
status = IoGetDeviceObjectPointer(
pSymbolicLink,
FILE_ALL_ACCESS,
&FileObject,
&DeviceObject
);
::
::
// GetPciId/InstanceId …etc …
::
::

pExtOut = (DEVICE_EXTENSION_OUTPUT *) pDevice->DeviceExtension;
if (pExtOut) {
PhysicalDeviceObject = pExtOut->PhysicalDeviceObject;

// NOTE: If VERIFIER is on, this returns NULL, if it’s not on, this works fine

// Get the BusNumber.
if (PhysicalDeviceObject != NULL) {

__try
{

IoGetDeviceProperty(PhysicalDeviceObject,
DevicePropertyBusNumber,
sizeof(ULONG),
(PVOID)&BusNumber,
&length);
}
::

/// [Driver B] ///

NTSTATUS HandleAddDevice( IN PDRIVER_OBJECT DriverObject,
IN PDEVICE_OBJECT PhysicalDeviceObject )
{
DEVICE_OBJECT * pDeviceObject;
NTSTATUS status;
DEVICE_EXTENSION * pDeviceExtension;

PAGED_CODE();

// Create the device object.
//
status = IoCreateDevice(
DriverObject,
sizeof(DEVICE_EXTENSION),
NULL,
THIS_DEVICE_TYPE,
0, // DeviceCharacteristics
TRUE, // exclusive
&pDeviceObject );

if (!NT_SUCCESS( status )) {
return status;
}

// Init the extension
pDeviceExtension = (DEVICE_EXTENSION *)pDeviceObject->DeviceExtension;

// Tell the extension who it belongs to
pDeviceExtension->pDriverObject = DriverObject;
pDeviceExtension->pDeviceObject = pDeviceObject; // save the object
pDeviceExtension->PhysicalDeviceObject = PhysicalDeviceObject;
pDeviceExtension->PnPState = NotStarted;

//
// Attach to the device stack
//
pDeviceExtension->pNextLowerDevice =
IoAttachDeviceToDeviceStack( pDeviceObject, PhysicalDeviceObject );

if(pDeviceExtension->pNextLowerDevice == NULL) {
status = STATUS_DEVICE_REMOVED;
goto error_exit;
}

// Complete the initialization
pDeviceObject->Flags &= ~DO_DEVICE_INITIALIZING;

}

If you have the device object for driver B, send a QDR/TargetDeviceRelations to B’s device object and the resulting relations list will contain the PDO. Remember to ObDereference the PDO when you are done.

d

-----Original Message-----
From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of xxxxx@yahoo.com
Sent: Thursday, October 23, 2014 3:33 PM
To: Windows System Software Devs Interest List
Subject: [ntdev] Invalid DeviceExtension when Verifier is enabled

Hello all,

I’ve a weird problem, and this stems from driverA <->driverB communication. I basically need to get the PDO of driverB (which I stored in driverB’s device extension.
I was using the DeviceObject returned from IoGetDevicePointer’s DeviceObject->Extension, but if VERIFIER is enabled, it seems that the extensions are “zeroed out”.
The deviceobject still works, since I can make PnP calls to get PCIId and stuff. The device extension is non-null, and is pointing to some location, but it seems that the data in this location is Zeroed out of sorts

If VERIFIER is turned off, I can see valid data in the device-extension from driver B. Other then the device-extension muck-up, as far as I can tell, the deviceobject is generally correct (at least I can still use it to get the PCIId/InstanceId … to be able to tell that at least it’s the correct device)

//// [Driver A] //////
// On detect interface arrival (from DriverB)
// Open the device object
//
status = IoGetDeviceObjectPointer(
pSymbolicLink,
FILE_ALL_ACCESS,
&FileObject,
&DeviceObject
);
::
::
// GetPciId/InstanceId …etc …
::
::

pExtOut = (DEVICE_EXTENSION_OUTPUT *) pDevice->DeviceExtension;
if (pExtOut) {
PhysicalDeviceObject = pExtOut->PhysicalDeviceObject;

// NOTE: If VERIFIER is on, this returns NULL, if it’s not on, this works fine

// Get the BusNumber.
if (PhysicalDeviceObject != NULL) {

__try
{

IoGetDeviceProperty(PhysicalDeviceObject,
DevicePropertyBusNumber,
sizeof(ULONG),
(PVOID)&BusNumber,
&length);
}
::

/// [Driver B] ///

NTSTATUS HandleAddDevice( IN PDRIVER_OBJECT DriverObject,
IN PDEVICE_OBJECT PhysicalDeviceObject ) {
DEVICE_OBJECT * pDeviceObject;
NTSTATUS status;
DEVICE_EXTENSION * pDeviceExtension;

PAGED_CODE();

// Create the device object.
//
status = IoCreateDevice(
DriverObject,
sizeof(DEVICE_EXTENSION),
NULL,
THIS_DEVICE_TYPE,
0, // DeviceCharacteristics
TRUE, // exclusive
&pDeviceObject );

if (!NT_SUCCESS( status )) {
return status;
}

// Init the extension
pDeviceExtension = (DEVICE_EXTENSION *)pDeviceObject->DeviceExtension;

// Tell the extension who it belongs to
pDeviceExtension->pDriverObject = DriverObject;
pDeviceExtension->pDeviceObject = pDeviceObject; // save the object
pDeviceExtension->PhysicalDeviceObject = PhysicalDeviceObject;
pDeviceExtension->PnPState = NotStarted;

//
// Attach to the device stack
//
pDeviceExtension->pNextLowerDevice =
IoAttachDeviceToDeviceStack( pDeviceObject, PhysicalDeviceObject );

if(pDeviceExtension->pNextLowerDevice == NULL) {
status = STATUS_DEVICE_REMOVED;
goto error_exit;
}

// Complete the initialization
pDeviceObject->Flags &= ~DO_DEVICE_INITIALIZING;

}


NTDEV is sponsored by OSR

Visit the list at: http://www.osronline.com/showlists.cfm?list=ntdev

OSR is HIRING!! See http://www.osr.com/careers

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer

IoGetDeviceObjectPointer returns the top device in the stack. With DV, there is a DV filter device attached.

On 24-Oct-2014 01:32, chenchew@ wrote:

Hello all,

I’ve a weird problem, and this stems from driverA <->driverB communication. I basically need to get the PDO of driverB (which I stored in driverB’s device extension.
I was using the DeviceObject returned from IoGetDevicePointer’s DeviceObject->Extension, but if VERIFIER is enabled, it seems that the extensions are “zeroed out”.
The deviceobject still works, since I can make PnP calls to get PCIId and stuff. The device extension is non-null, and is pointing to some location, but it seems that the data in this location is Zeroed out of sorts

If VERIFIER is turned off, I can see valid data in the device-extension from driver B. Other then the device-extension muck-up, as far as I can tell, the deviceobject is generally correct (at least I can still use it to get the PCIId/InstanceId … to be able to tell that at least it’s the correct device)

Yes, the verifier hooks and modifies stuff. So you’ll have to find a
reliable workaround.

– pa

Ty for the replies.
I was mucking around, and I discovered that when Verifier is enabled for my driver, it attaches verifier_filter driver, hence the pdevice object was actually pointing to the verifier filter (?? or sorts). (This is probably the the top device of stack as Alex pointed out).
I’ll give it a try on Doron’s suggestion on using the other method to reliably get the PDO.

  • Pat

Your method reaches into undocumented data structures, my method is the documented way to do this. It should be no debate as to which to use

d

Bent from my phone


From: xxxxx@yahoo.commailto:xxxxx
Sent: ?10/?24/?2014 4:31 PM
To: Windows System Software Devs Interest Listmailto:xxxxx
Subject: RE:[ntdev] Invalid DeviceExtension when Verifier is enabled

Ty for the replies.
I was mucking around, and I discovered that when Verifier is enabled for my driver, it attaches verifier_filter driver, hence the pdevice object was actually pointing to the verifier filter (?? or sorts). (This is probably the the top device of stack as Alex pointed out).
I’ll give it a try on Doron’s suggestion on using the other method to reliably get the PDO.

- Pat


NTDEV is sponsored by OSR

Visit the list at: http://www.osronline.com/showlists.cfm?list=ntdev

OSR is HIRING!! See http://www.osr.com/careers

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer</mailto:xxxxx></mailto:xxxxx>

A driver usually exposes data and functionnalities to other drivers through an INTERFACE (IRP_MN_QUERY_INTERFACE).

So another option is to handle the IRP_MN_QUERY_INTERFACE IRP in DriverB. DriverA would then send an IRP_MN_QUERY_INTERFACE IRP at the top of DriverB’s stack. The verifier, when attached, should normally just pass the IRP down to DriverB and you should get any kind of data that driverB would expose through it’s INTERFACE.