DriverPackageInstall and WFP driver installation.

Anand_Choubey · November 27, 2013, 11:07pm

Hi,

I am trying to install WFP based driver at win7/8 32/64 bit machine using wix.

First of all, I tried using difx/driver wix element but gets failed on windows 8 32 then wrote the simple c code using DriverPackageInstall but gets failed again.
DriverPackageInstall returns 2 i.e. inf file not found whereas cat/sys/inf files are kept in same directory.

OS setup log shows following errors:

>> [SetupCopyOEMInf - C:\Windows\system32\DRVSTORE\stadrv6x_014153B3089A3E17660F066993C1E0AC127EBF58\stadrv6x.inf]
>> Section start 2013/11/27 21:45:41.809
cmd: DriverInstall.exe
sto: {Import Driver Package: C:\Windows\system32\DRVSTORE\stadrv6x_014153B3089A3E17660F066993C1E0AC127EBF58\stadrv6x.inf} 21:45:43.884
sto: Driver Store = C:\Windows\System32\DriverStore [Online] (6.2.9200)
sto: Driver Package = C:\Windows\system32\DRVSTORE\stadrv6x_014153B3089A3E17660F066993C1E0AC127EBF58\stadrv6x.inf
sto: Architecture = x86
sto: Flags = 0x00000000
inf: Provider = MyCompany, Inc.
inf: Class GUID = {57465043-616c-6c6f-7574-5f636c617373}
inf: Driver Version = 11/26/2013,0.0.0.1
inf: Catalog File = stadrv6x.cat
inf: Version Flags = 0x00000010
flq: Copying ‘C:\Windows\system32\DRVSTORE\stadrv6x_014153B3089A3E17660F066993C1E0AC127EBF58\stadrv6x.cat’ to ‘C:\Users\MADHUS~1\AppData\Local\Temp{73fc221e-afc4-5445-b8bd-420963cfa358}\stadrv6x.cat’.
flq: Copying ‘C:\Windows\system32\DRVSTORE\stadrv6x_014153B3089A3E17660F066993C1E0AC127EBF58\stadrv6x.inf’ to ‘C:\Users\MADHUS~1\AppData\Local\Temp{73fc221e-afc4-5445-b8bd-420963cfa358}\stadrv6x.inf’.
!!! flq: Error installing file (0x00000002)
!!! flq: Error 2: The system cannot find the file specified.
! flq: SourceFile - ‘C:\Windows\system32\DRVSTORE\stadrv6x_014153B3089A3E17660F066993C1E0AC127EBF58\Stadrv6x32.sys’
! flq: TargetFile - ‘C:\Users\MADHUS~1\AppData\Local\Temp{73fc221e-afc4-5445-b8bd-420963cfa358}\Stadrv6x32.sys’
!!! cpy: Failed to copy file ‘C:\Windows\system32\DRVSTORE\stadrv6x_014153B3089A3E17660F066993C1E0AC127EBF58\Stadrv6x32.sys’ to ‘C:\Users\MADHUS~1\AppData\Local\Temp{73fc221e-afc4-5445-b8bd-420963cfa358}\Stadrv6x32.sys’. Error = 0x00000002
!!! flq: SPFQNOTIFY_COPYERROR: returned SPFQOPERATION_ABORT.
!!! flq: Error 995: The I/O operation has been aborted because of either a thread exit or an application request.
!!! flq: FileQueueCommit aborting!
!!! flq: Error 995: The I/O operation has been aborted because of either a thread exit or an application request.
!!! sto: Failed to copy driver package to ‘C:\Users\MADHUS~1\AppData\Local\Temp{73fc221e-afc4-5445-b8bd-420963cfa358}’. Error = 0x00000002
sto: {Import Driver Package: exit(0x00000002)} 21:45:45.787
!!! inf: Failed to import driver package into driver store
!!! inf: Error 2: The system cannot find the file specified.
<<< Section end 2013/11/27 21:45:45.880
<<< [Exit status: FAILURE(0x00000002)]

>> [SetupCopyOEMInf - C:\Windows\system32\DRVSTORE\stadrv6x_014153B3089A3E17660F066993C1E0AC127EBF58\stadrv6x.inf]
>> Section start 2013/11/27 21:45:45.880
cmd: DriverInstall.exe
<<< Section end 2013/11/27 21:45:45.880
<<< [Exit status: FAILURE(0x00000002)]

Could you please help me to find out actual cause?

Regards,
Anand Choubey

David_R_Cattley · November 29, 2013, 9:40pm

So are you saying this works on Win7?

Have you run ChkInf on this package?

The setupapi.*.log below is pretty clear: it says your .sys cannot be
copied.

!!! cpy: Failed to copy file
‘C:\Windows\system32\DRVSTORE\stadrv6x_014153B3089A3E17660F066993C1E0AC127EB
F58\Stadrv6x32.sys’ to
‘C:\Users\MADHUS~1\AppData\Local\Temp{73fc221e-afc4-5445-b8bd-420963cfa358}
\Stadrv6x32.sys’. Error = 0x00000002

Good Luck,
Dave Cattley

Anand_Choubey · December 1, 2013, 1:31pm

Thanks Dave!!!

I earlier ignored few chkinf warnings but after fixing those warning installation process little go head and failed with following error.

TEST: installing driver package.
LOG Event: 1, ENTER: DriverPackageInstallW
LOG Event: 1, Installing INF file ‘C:\Users\Madhusudhan\Desktop\sample\stadrv6x.inf’ (Plug and Play).
LOG Event: 1, Looking for Model Section [MyCompany.NTx86]…
LOG Event: 2, No device Ids found in INF ‘C:\Windows\System32\DriverStore\FileRe
pository\stadrv6x.inf_x86_996523d786c06672\stadrv6xr.inf’ for current platform.
LOG Event: 1, RETURN: DriverPackageInstallW (0xE0000301)
ERROR: failed with error code 0xE0000301.

AFAIK WFP driver is not associated with any device then what should be device Ids/hw-id?

Please give me some idea how to proceed?

Regards,
Anand Choubey

David_R_Cattley · December 1, 2013, 9:52pm

> AFAIK WFP driver is not associated with any device then what should be
device Ids/hw-id?

WFP callout drivers are not constrained to be in any kind of PnP driver.
For the most part they are just legacy (non-pnp) drivers unless they are
bundled into some other driver. There is no particular INF format and
most specifically no PnP “Class” support for WFP callout drivers.

You could use an INF of the NetClient or NetService class but what would be
the point? You do not need to participate in the binding process of NetCfg.

So unless this driver is associated with some sort of device, it should
probably just be installed using the SCM API directl

Good Luck,
Dave Cattley

Anand_Choubey · December 1, 2013, 10:44pm

Thanks Dave!

My driver is just callout non-pnp driver and SCM CreateService/StartService/DeleteService apis are working fine but real question is for me:

How to deal with MS signed driver? SCM apis installs driver without cat file checking and cat file is essential part of signed driver then how OS will check driver signing.

In other way round, If I try to install Verisign code signed driver using SCM api on 64bit machine with-out turn-off signing enforcement then still 64bit OS throws the error while calling StartService error code is 0x241. (Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. )

Could you please guide me?

Thanks again dave!

Regards,
Anand Choubey

Maxim_S_Shatskih · December 1, 2013, 10:57pm

> How to deal with MS signed driver? SCM apis installs driver without cat file checking and cat file is

essential part of signed driver then how OS will check driver signing.

No, KMCS works without .cat with the signature embedded to .sys

–
Maxim S. Shatskih
Microsoft MVP on File System And Storage
xxxxx@storagecraft.com
http://www.storagecraft.com

Anand_Choubey · December 1, 2013, 11:51pm

Thanks Maxim!!

>No, KMCS works without .cat with the signature embedded to .sys?
My MS code signing stuff is work in progress now.

Do you mean to say that MS will sign sys file along with cat file and KMCS will check MS embedded signature?
My Verisign code sign signed driver is not being accepted by OS 64bit and throws error 0x241 by StartService (Windows cannot verify the digital signature…).

Regards,
Anand Choubey

OSR_Community_User · December 1, 2013, 11:58pm

How are you signing your driver? The OSR archives will have a few threads on this topic and may also contain your answer.

~kenny

-----Original Message-----
From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of xxxxx@yahoo.com
Sent: Sunday, December 1, 2013 8:52 PM
To: Windows System Software Devs Interest List
Subject: RE:[ntdev] DriverPackageInstall and WFP driver installation.

Thanks Maxim!!

>No, KMCS works without .cat with the signature embedded to .sys?
My MS code signing stuff is work in progress now.

Do you mean to say that MS will sign sys file along with cat file and KMCS will check MS embedded signature?
My Verisign code sign signed driver is not being accepted by OS 64bit and throws error 0x241 by StartService (Windows cannot verify the digital signature…).

Regards,
Anand Choubey

NTDEV is sponsored by OSR

Visit the list at: http://www.osronline.com/showlists.cfm?list=ntdev

OSR is HIRING!! See http://www.osr.com/careers

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer

Maxim_S_Shatskih · December 2, 2013, 9:29am

> Do you mean to say that MS will sign sys file along with cat file and KMCS will check MS embedded

signature?

MS will not and does not sign KMCS.

You do it yourself using “signtool”.

The only thing you need is your company (or individual) certificate issues by some MS-supported authority. Verisign is supported (just ask for a correct certificate from them on purchase).

My Verisign code sign signed driver is not being accepted by OS 64bit and throws error 0x241 by
StartService (Windows cannot verify the digital signature…).

You have applied KMCS signature in a wrong way, you need to include the cross-cert.

Or, your Verisign cert is probably not KMCS-capable.

WHQL signature is by far another song. It is applied to .cat, it is checked on PnP driver package install (and shows the box of “Do you trust software from?”), and yes, you need to submit (and pay) to MS so hey will sign your package.

–
Maxim S. Shatskih
Microsoft MVP on File System And Storage
xxxxx@storagecraft.com
http://www.storagecraft.com

Anand_Choubey · December 2, 2013, 12:52pm

Thanks Maxim!!!

As you suggested, I found the issue in code signing certificate. After fixing the issue and now my wfp callout driver is signed using verisign code signing certificate along with cross signed certificate.

NOW I am able to start and the use the driver using StartService SCM apis after CreateService on Windows 8 64 bit machine without turning-off signing enforcement.

So Probable last questions would be: Do I need to go behind MS HCK signing even if my driver is working?

If yes, then what would be significance MS signed driver for non-pnp WFP callout driver using WFP HCK test cases?

Regards,
Anand Choubey

Tim_Roberts · December 2, 2013, 1:07pm

xxxxx@yahoo.com wrote:

So Probable last questions would be: Do I need to go behind MS HCK signing even if my driver is working?

If yes, then what would be significance MS signed driver for non-pnp WFP callout driver using WFP HCK test cases?

The difference is that you can put a Microsoft “Built For Windows” logo
on your packaging and your advertising material. If that is not
important to your marketing department, then there is no reason at all
to go through WHQL for a non-PnP driver.

–
Tim Roberts, xxxxx@probo.com
Providenza & Boekelheide, Inc.

Anand_Choubey · December 2, 2013, 1:59pm

Thanks Maxim, Tim, Dave!

All of you helped me to understand the system better and solved my problem.

Regards,
ANand Choubey

Maxim_S_Shatskih · December 2, 2013, 3:01pm

> So Probable last questions would be: Do I need to go behind MS HCK signing even if my driver is

Lack of “Do you trust the software from ThisCompany” dialog
a must for “Designed for Windows” logo certification of your product

–
Maxim S. Shatskih
Microsoft MVP on File System And Storage
xxxxx@storagecraft.com
http://www.storagecraft.com