Load Windows 8 driver on Windows 7 by ZwLoadDriver

All,

By MSDN (http://msdn.microsoft.com/en-us/library/windows/hardware/jj572863(v=vs.85).aspx), VS with Win8 WDK can build the driver for all OSes.
With the guideline, I can load Win8-WDK-build BootDevice driver on Windows 7.

However, Windows7 fails to load another Win8-WDK-build kernel mode driver by ZwLoadDriver() API with error of 0xC0000263 (Driver Entry Point Not Found)
Error message tells there is version mismatch.

I’d like to confirm that it is NOT possible or any mistake.

Thanks in advance.
Woojung

First, these drivers are built for Windows 7 right? Second is one of
these a KMDF driver? In general ZwLoadDriver is not the way to load
drivers (assuming you are calling it).

Don Burn
Windows Filesystem and Driver Consulting
Website: http://www.windrvr.com
Blog: http://msmvps.com/blogs/WinDrvr

“Woojung Huh” wrote in message news:xxxxx@ntdev:

> All,
>
> By MSDN (http://msdn.microsoft.com/en-us/library/windows/hardware/jj572863(v=vs.85).aspx), VS with Win8 WDK can build the driver for all OSes.
> With the guideline, I can load Win8-WDK-build BootDevice driver on Windows 7.
>
> However, Windows7 fails to load another Win8-WDK-build kernel mode driver by ZwLoadDriver() API with error of 0xC0000263 (Driver Entry Point Not Found)
> Error message tells there is version mismatch.
>
> I’d like to confirm that it is NOT possible or any mistake.
>
> Thanks in advance.
> Woojung

What Os target did you build for? If you built for w8, it won’t load by default downlevel because you are linking against bufferoverflowfastfail.lib which requires win8 loader support for the security cookie to initialize
d

From: xxxxx@lists.osr.com [xxxxx@lists.osr.com] on behalf of Don Burn [xxxxx@windrvr.com]
Sent: Wednesday, August 29, 2012 9:39 AM
To: Windows System Software Devs Interest List
Subject: Re:[ntdev] Load Windows 8 driver on Windows 7 by ZwLoadDriver

First, these drivers are built for Windows 7 right? Second is one of
these a KMDF driver? In general ZwLoadDriver is not the way to load
drivers (assuming you are calling it).

Don Burn
Windows Filesystem and Driver Consulting
Website: http://www.windrvr.com
Blog: http://msmvps.com/blogs/WinDrvr

“Woojung Huh” wrote in message news:xxxxx@ntdev:

> All,
>
> By MSDN (http://msdn.microsoft.com/en-us/library/windows/hardware/jj572863(v=vs.85).aspx), VS with Win8 WDK can build the driver for all OSes.
> With the guideline, I can load Win8-WDK-build BootDevice driver on Windows 7.
>
> However, Windows7 fails to load another Win8-WDK-build kernel mode driver by ZwLoadDriver() API with error of 0xC0000263 (Driver Entry Point Not Found)
> Error message tells there is version mismatch.
>
> I’d like to confirm that it is NOT possible or any mistake.
>
> Thanks in advance.
> Woojung

—
NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer

Thanks for all you replies.

Here are working scenarios.

1. Driver built with Win7 DDK works well with ZwLoadDriver() on Windows 7
2. Driver built with Win7 target on VS + Win8 WDK works well with ZwLoadDriver() on Windows 7
3. Driver built with Win8 target on VS + Win8 WDK works well with ZwLoadDriver() on Windows 8

Now I’m trying to have a single binary to work on all OSes.

And, by MSDN link I posted in original email, Changing to BufferOverFlowK.lib is option to run a driver on all version of Windows.
Am I missing something?

Thanks again.
Woojung

-----Original Message-----
From: xxxxx@lists.osr.com [mailto:bounce-511961-
xxxxx@lists.osr.com] On Behalf Of Doron Holan
Sent: Wednesday, August 29, 2012 12:58 PM
To: Windows System Software Devs Interest List
Subject: RE: Re:[ntdev] Load Windows 8 driver on Windows 7 by
ZwLoadDriver

What Os target did you build for? If you built for w8, it won’t load by default
downlevel because you are linking against bufferoverflowfastfail.lib which
requires win8 loader support for the security cookie to initialize
d

---

From: xxxxx@lists.osr.com [bounce-511958-
xxxxx@lists.osr.com] on behalf of Don Burn [xxxxx@windrvr.com]
Sent: Wednesday, August 29, 2012 9:39 AM
To: Windows System Software Devs Interest List
Subject: Re:[ntdev] Load Windows 8 driver on Windows 7 by ZwLoadDriver

First, these drivers are built for Windows 7 right? Second is one of
these a KMDF driver? In general ZwLoadDriver is not the way to load
drivers (assuming you are calling it).

Don Burn
Windows Filesystem and Driver Consulting
Website: http://www.windrvr.com
Blog: http://msmvps.com/blogs/WinDrvr

“Woojung Huh” wrote in message
> news:xxxxx@ntdev:
>
> > All,
> >
> > By MSDN (http://msdn.microsoft.com/en-
> us/library/windows/hardware/jj572863(v=vs.85).aspx), VS with Win8 WDK
> can build the driver for all OSes.
> > With the guideline, I can load Win8-WDK-build BootDevice driver on
> Windows 7.
> >
> > However, Windows7 fails to load another Win8-WDK-build kernel mode
> driver by ZwLoadDriver() API with error of 0xC0000263 (Driver Entry Point Not
> Found)
> > Error message tells there is version mismatch.
> >
> > I’d like to confirm that it is NOT possible or any mistake.
> >
> > Thanks in advance.
> > Woojung
>
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
>
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer

Build the driver for Win7 and it should work on Win8.

Don Burn
Windows Filesystem and Driver Consulting
Website: http://www.windrvr.com
Blog: http://msmvps.com/blogs/WinDrvr

“Woojung Huh” wrote in message news:xxxxx@ntdev:

> Thanks for all you replies.
>
> Here are working scenarios.
> 1. Driver built with Win7 DDK works well with ZwLoadDriver() on Windows 7
> 2. Driver built with Win7 target on VS + Win8 WDK works well with ZwLoadDriver() on Windows 7
> 3. Driver built with Win8 target on VS + Win8 WDK works well with ZwLoadDriver() on Windows 8
>
> Now I’m trying to have a single binary to work on all OSes.
>
> And, by MSDN link I posted in original email, Changing to BufferOverFlowK.lib is option to run a driver on all version of Windows.
> Am I missing something?
>
> Thanks again.
> Woojung
>
> > -----Original Message-----
> > From: xxxxx@lists.osr.com [mailto:bounce-511961-
> > xxxxx@lists.osr.com] On Behalf Of Doron Holan
> > Sent: Wednesday, August 29, 2012 12:58 PM
> > To: Windows System Software Devs Interest List
> > Subject: RE: Re:[ntdev] Load Windows 8 driver on Windows 7 by
> > ZwLoadDriver
> >
> >
> > What Os target did you build for? If you built for w8, it won’t load by default
> > downlevel because you are linking against bufferoverflowfastfail.lib which
> > requires win8 loader support for the security cookie to initialize
> > d
> >
> >
> > ________________________________________
> > From: xxxxx@lists.osr.com [bounce-511958-
> > xxxxx@lists.osr.com] on behalf of Don Burn [xxxxx@windrvr.com]
> > Sent: Wednesday, August 29, 2012 9:39 AM
> > To: Windows System Software Devs Interest List
> > Subject: Re:[ntdev] Load Windows 8 driver on Windows 7 by ZwLoadDriver
> >
> > First, these drivers are built for Windows 7 right? Second is one of
> > these a KMDF driver? In general ZwLoadDriver is not the way to load
> > drivers (assuming you are calling it).
> >
> >
> > Don Burn
> > Windows Filesystem and Driver Consulting
> > Website: http://www.windrvr.com
> > Blog: http://msmvps.com/blogs/WinDrvr
> >
> >
> > “Woojung Huh” wrote in message
> > news:xxxxx@ntdev:
> >
> > > All,
> > >
> > > By MSDN (http://msdn.microsoft.com/en-
> > us/library/windows/hardware/jj572863(v=vs.85).aspx), VS with Win8 WDK
> > can build the driver for all OSes.
> > > With the guideline, I can load Win8-WDK-build BootDevice driver on
> > Windows 7.
> > >
> > > However, Windows7 fails to load another Win8-WDK-build kernel mode
> > driver by ZwLoadDriver() API with error of 0xC0000263 (Driver Entry Point Not
> > Found)
> > > Error message tells there is version mismatch.
> > >
> > > I’d like to confirm that it is NOT possible or any mistake.
> > >
> > > Thanks in advance.
> > > Woojung
> >
> >
> > —
> > NTDEV is sponsored by OSR
> >
> > For our schedule of WDF, WDM, debugging and other seminars visit:
> > http://www.osr.com/seminars
> >
> > To unsubscribe, visit the List Server section of OSR Online at
> > http://www.osronline.com/page.cfm?name=ListServer
> >
> >
> >
> > —
> > NTDEV is sponsored by OSR
> >
> > For our schedule of WDF, WDM, debugging and other seminars visit:
> > http://www.osr.com/seminars
> >
> > To unsubscribe, visit the List Server section of OSR Online at
> > http://www.osronline.com/page.cfm?name=ListServer

Thanks Don.

OK. I missed this part. Sorry.
I need Win8 specific features and it should be compiled with Win8 target to work on Windows 8.
That makes me build two (Win7 & Win8) drivers and want to avoid it.

It doesn’t look there is silver bullet.

-----Original Message-----
From: xxxxx@lists.osr.com [mailto:bounce-511965-
xxxxx@lists.osr.com] On Behalf Of Don Burn
Sent: Wednesday, August 29, 2012 1:18 PM
To: Windows System Software Devs Interest List
Subject: RE:[ntdev] Re:Load Windows 8 driver on Windows 7 by
ZwLoadDriver

Build the driver for Win7 and it should work on Win8.

Don Burn
Windows Filesystem and Driver Consulting
Website: http://www.windrvr.com
Blog: http://msmvps.com/blogs/WinDrvr

“Woojung Huh” wrote in message
> news:xxxxx@ntdev:
>
> > Thanks for all you replies.
> >
> > Here are working scenarios.
> > 1. Driver built with Win7 DDK works well with ZwLoadDriver() on Windows 7
> > 2. Driver built with Win7 target on VS + Win8 WDK works well with
> ZwLoadDriver() on Windows 7
> > 3. Driver built with Win8 target on VS + Win8 WDK works well with
> ZwLoadDriver() on Windows 8
> >
> > Now I’m trying to have a single binary to work on all OSes.
> >
> > And, by MSDN link I posted in original email, Changing to
> BufferOverFlowK.lib is option to run a driver on all version of Windows.
> > Am I missing something?
> >
> > Thanks again.
> > Woojung
> >
> > > -----Original Message-----
> > > From: xxxxx@lists.osr.com [mailto:bounce-511961-
> > > xxxxx@lists.osr.com] On Behalf Of Doron Holan
> > > Sent: Wednesday, August 29, 2012 12:58 PM
> > > To: Windows System Software Devs Interest List
> > > Subject: RE: Re:[ntdev] Load Windows 8 driver on Windows 7 by
> > > ZwLoadDriver
> > >
> > >
> > > What Os target did you build for? If you built for w8, it won’t load by
> default
> > > downlevel because you are linking against bufferoverflowfastfail.lib
> which
> > > requires win8 loader support for the security cookie to initialize
> > > d
> > >
> > >
> > > ________________________________________
> > > From: xxxxx@lists.osr.com [bounce-511958-
> > > xxxxx@lists.osr.com] on behalf of Don Burn [xxxxx@windrvr.com]
> > > Sent: Wednesday, August 29, 2012 9:39 AM
> > > To: Windows System Software Devs Interest List
> > > Subject: Re:[ntdev] Load Windows 8 driver on Windows 7 by
> ZwLoadDriver
> > >
> > > First, these drivers are built for Windows 7 right? Second is one of
> > > these a KMDF driver? In general ZwLoadDriver is not the way to load
> > > drivers (assuming you are calling it).
> > >
> > >
> > > Don Burn
> > > Windows Filesystem and Driver Consulting
> > > Website: http://www.windrvr.com
> > > Blog: http://msmvps.com/blogs/WinDrvr
> > >
> > >
> > > “Woojung Huh” wrote in message
> > > news:xxxxx@ntdev:
> > >
> > > > All,
> > > >
> > > > By MSDN (http://msdn.microsoft.com/en-
> > > us/library/windows/hardware/jj572863(v=vs.85).aspx), VS with Win8
> WDK
> > > can build the driver for all OSes.
> > > > With the guideline, I can load Win8-WDK-build BootDevice driver on
> > > Windows 7.
> > > >
> > > > However, Windows7 fails to load another Win8-WDK-build kernel mode
> > > driver by ZwLoadDriver() API with error of 0xC0000263 (Driver Entry Point
> Not
> > > Found)
> > > > Error message tells there is version mismatch.
> > > >
> > > > I’d like to confirm that it is NOT possible or any mistake.
> > > >
> > > > Thanks in advance.
> > > > Woojung
> > >
> > >
> > > —
> > > NTDEV is sponsored by OSR
> > >
> > > For our schedule of WDF, WDM, debugging and other seminars visit:
> > > http://www.osr.com/seminars
> > >
> > > To unsubscribe, visit the List Server section of OSR Online at
> > > http://www.osronline.com/page.cfm?name=ListServer
> > >
> > >
> > >
> > > —
> > > NTDEV is sponsored by OSR
> > >
> > > For our schedule of WDF, WDM, debugging and other seminars visit:
> > > http://www.osr.com/seminars
> > >
> > > To unsubscribe, visit the List Server section of OSR Online at
> > > http://www.osronline.com/page.cfm?name=ListServer
>
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer

-----Original Message-----
From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Woojung Huh
Sent: Wednesday, August 29, 2012 11:24 AM
To: Windows System Software Devs Interest List
Subject: RE: RE:[ntdev] Re:Load Windows 8 driver on Windows 7 by ZwLoadDriver

OK. I missed this part. Sorry.
I need Win8 specific features and it should be compiled with Win8 target to work on Windows 8.
That makes me build two (Win7 & Win8) drivers and want to avoid it.

How did you expect to use Win8-specific features in a downlevel OS? If they are Win8-specific, by definition they are not in previous OS versions (FltCreateSectionForDataScan and friends, for example, at least at this time.)

Phil
Not speaking for LogRhythm, Inc.

You can play games with MmGetSystemRoutineAddress but as Phil pointed
out you can’t use a Win8 only feature in Win7. Why would you have ever
thought you could?

Don Burn
Windows Filesystem and Driver Consulting
Website: http://www.windrvr.com
Blog: http://msmvps.com/blogs/WinDrvr

“Woojung Huh” wrote in message news:xxxxx@ntdev:

> Thanks Don.
>
> OK. I missed this part. Sorry.
> I need Win8 specific features and it should be compiled with Win8 target to work on Windows 8.
> That makes me build two (Win7 & Win8) drivers and want to avoid it.
>
> It doesn’t look there is silver bullet.
>
>
> > -----Original Message-----
> > From: xxxxx@lists.osr.com [mailto:bounce-511965-
> > xxxxx@lists.osr.com] On Behalf Of Don Burn
> > Sent: Wednesday, August 29, 2012 1:18 PM
> > To: Windows System Software Devs Interest List
> > Subject: RE:[ntdev] Re:Load Windows 8 driver on Windows 7 by
> > ZwLoadDriver
> >
> > Build the driver for Win7 and it should work on Win8.
> >
> >
> > Don Burn
> > Windows Filesystem and Driver Consulting
> > Website: http://www.windrvr.com
> > Blog: http://msmvps.com/blogs/WinDrvr
> >
> >
> >
> >
> > “Woojung Huh” wrote in message
> > news:xxxxx@ntdev:
> >
> > > Thanks for all you replies.
> > >
> > > Here are working scenarios.
> > > 1. Driver built with Win7 DDK works well with ZwLoadDriver() on Windows 7
> > > 2. Driver built with Win7 target on VS + Win8 WDK works well with
> > ZwLoadDriver() on Windows 7
> > > 3. Driver built with Win8 target on VS + Win8 WDK works well with
> > ZwLoadDriver() on Windows 8
> > >
> > > Now I’m trying to have a single binary to work on all OSes.
> > >
> > > And, by MSDN link I posted in original email, Changing to
> > BufferOverFlowK.lib is option to run a driver on all version of Windows.
> > > Am I missing something?
> > >
> > > Thanks again.
> > > Woojung
> > >
> > > > -----Original Message-----
> > > > From: xxxxx@lists.osr.com [mailto:bounce-511961-
> > > > xxxxx@lists.osr.com] On Behalf Of Doron Holan
> > > > Sent: Wednesday, August 29, 2012 12:58 PM
> > > > To: Windows System Software Devs Interest List
> > > > Subject: RE: Re:[ntdev] Load Windows 8 driver on Windows 7 by
> > > > ZwLoadDriver
> > > >
> > > >
> > > > What Os target did you build for? If you built for w8, it won’t load by
> > default
> > > > downlevel because you are linking against bufferoverflowfastfail.lib
> > which
> > > > requires win8 loader support for the security cookie to initialize
> > > > d
> > > >
> > > >
> > > > ________________________________________
> > > > From: xxxxx@lists.osr.com [bounce-511958-
> > > > xxxxx@lists.osr.com] on behalf of Don Burn [xxxxx@windrvr.com]
> > > > Sent: Wednesday, August 29, 2012 9:39 AM
> > > > To: Windows System Software Devs Interest List
> > > > Subject: Re:[ntdev] Load Windows 8 driver on Windows 7 by
> > ZwLoadDriver
> > > >
> > > > First, these drivers are built for Windows 7 right? Second is one of
> > > > these a KMDF driver? In general ZwLoadDriver is not the way to load
> > > > drivers (assuming you are calling it).
> > > >
> > > >
> > > > Don Burn
> > > > Windows Filesystem and Driver Consulting
> > > > Website: http://www.windrvr.com
> > > > Blog: http://msmvps.com/blogs/WinDrvr
> > > >
> > > >
> > > > “Woojung Huh” wrote in message
> > > > news:xxxxx@ntdev:
> > > >
> > > > > All,
> > > > >
> > > > > By MSDN (http://msdn.microsoft.com/en-
> > > > us/library/windows/hardware/jj572863(v=vs.85).aspx), VS with Win8
> > WDK
> > > > can build the driver for all OSes.
> > > > > With the guideline, I can load Win8-WDK-build BootDevice driver on
> > > > Windows 7.
> > > > >
> > > > > However, Windows7 fails to load another Win8-WDK-build kernel mode
> > > > driver by ZwLoadDriver() API with error of 0xC0000263 (Driver Entry Point
> > Not
> > > > Found)
> > > > > Error message tells there is version mismatch.
> > > > >
> > > > > I’d like to confirm that it is NOT possible or any mistake.
> > > > >
> > > > > Thanks in advance.
> > > > > Woojung
> > > >
> > > >
> > > > —
> > > > NTDEV is sponsored by OSR
> > > >
> > > > For our schedule of WDF, WDM, debugging and other seminars visit:
> > > > http://www.osr.com/seminars
> > > >
> > > > To unsubscribe, visit the List Server section of OSR Online at
> > > > http://www.osronline.com/page.cfm?name=ListServer
> > > >
> > > >
> > > >
> > > > —
> > > > NTDEV is sponsored by OSR
> > > >
> > > > For our schedule of WDF, WDM, debugging and other seminars visit:
> > > > http://www.osr.com/seminars
> > > >
> > > > To unsubscribe, visit the List Server section of OSR Online at
> > > > http://www.osronline.com/page.cfm?name=ListServer
> >
> >
> > —
> > NTDEV is sponsored by OSR
> >
> > For our schedule of WDF, WDM, debugging and other seminars visit:
> > http://www.osr.com/seminars
> >
> > To unsubscribe, visit the List Server section of OSR Online at
> > http://www.osronline.com/page.cfm?name=ListServer

Thanks Don & Phil.

First of all, I’m not using Win8 feature on Win7.

Driver goes different code path and uses different OS defined structure per Window version.
For instance, Windows 8 WDK defined structure has more members in same structure than Windows 7.
(I’m afraid that I may not be able to write details. Sorry about it.)
Driver will determine version of OS by API RtlIsNtDdiVersionAvailable() and go different path.

My idea is building driver with Windows 8 WDK based on MSDN (http://msdn.microsoft.com/en-us/library/windows/hardware/jj572863(v=vs.85).aspx )
And, let it work on all version of OSes. Otherwise, I need to build two separate drivers, Win7 and Win8.

As I wrote in 1st email, Boot Device driver built with Windows 8 WDK with instruction in above link is working on Windows 7.
(It wasn’t working without changing link library.)
So, I was hopeful until getting error at ZwLoadDriver() to load another kernel mode driver which is built with Windows 8 WDK with modification of link library.

But, look like it is not possible at all.

Woojung

-----Original Message-----
From: xxxxx@lists.osr.com [mailto:bounce-511972-
xxxxx@lists.osr.com] On Behalf Of Don Burn
Sent: Wednesday, August 29, 2012 1:43 PM
To: Windows System Software Devs Interest List
Subject: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7 by
ZwLoadDriver

You can play games with MmGetSystemRoutineAddress but as Phil pointed
out you can’t use a Win8 only feature in Win7. Why would you have ever
thought you could?

Don Burn
Windows Filesystem and Driver Consulting
Website: http://www.windrvr.com
Blog: http://msmvps.com/blogs/WinDrvr

“Woojung Huh” wrote in message
> news:xxxxx@ntdev:
>
> > Thanks Don.
> >
> > OK. I missed this part. Sorry.
> > I need Win8 specific features and it should be compiled with Win8 target to
> work on Windows 8.
> > That makes me build two (Win7 & Win8) drivers and want to avoid it.
> >
> > It doesn’t look there is silver bullet.
> >
> >
> > > -----Original Message-----
> > > From: xxxxx@lists.osr.com [mailto:bounce-511965-
> > > xxxxx@lists.osr.com] On Behalf Of Don Burn
> > > Sent: Wednesday, August 29, 2012 1:18 PM
> > > To: Windows System Software Devs Interest List
> > > Subject: RE:[ntdev] Re:Load Windows 8 driver on Windows 7 by
> > > ZwLoadDriver
> > >
> > > Build the driver for Win7 and it should work on Win8.
> > >
> > >
> > > Don Burn
> > > Windows Filesystem and Driver Consulting
> > > Website: http://www.windrvr.com
> > > Blog: http://msmvps.com/blogs/WinDrvr
> > >
> > >
> > >
> > >
> > > “Woojung Huh” wrote in message
> > > news:xxxxx@ntdev:
> > >
> > > > Thanks for all you replies.
> > > >
> > > > Here are working scenarios.
> > > > 1. Driver built with Win7 DDK works well with ZwLoadDriver() on
> Windows 7
> > > > 2. Driver built with Win7 target on VS + Win8 WDK works well with
> > > ZwLoadDriver() on Windows 7
> > > > 3. Driver built with Win8 target on VS + Win8 WDK works well with
> > > ZwLoadDriver() on Windows 8
> > > >
> > > > Now I’m trying to have a single binary to work on all OSes.
> > > >
> > > > And, by MSDN link I posted in original email, Changing to
> > > BufferOverFlowK.lib is option to run a driver on all version of Windows.
> > > > Am I missing something?
> > > >
> > > > Thanks again.
> > > > Woojung
> > > >
> > > > > -----Original Message-----
> > > > > From: xxxxx@lists.osr.com [mailto:bounce-511961-
> > > > > xxxxx@lists.osr.com] On Behalf Of Doron Holan
> > > > > Sent: Wednesday, August 29, 2012 12:58 PM
> > > > > To: Windows System Software Devs Interest List
> > > > > Subject: RE: Re:[ntdev] Load Windows 8 driver on Windows 7 by
> > > > > ZwLoadDriver
> > > > >
> > > > >
> > > > > What Os target did you build for? If you built for w8, it won’t load by
> > > default
> > > > > downlevel because you are linking against bufferoverflowfastfail.lib
> > > which
> > > > > requires win8 loader support for the security cookie to initialize
> > > > > d
> > > > >
> > > > >
> > > > > ________________________________________
> > > > > From: xxxxx@lists.osr.com [bounce-511958-
> > > > > xxxxx@lists.osr.com] on behalf of Don Burn [xxxxx@windrvr.com]
> > > > > Sent: Wednesday, August 29, 2012 9:39 AM
> > > > > To: Windows System Software Devs Interest List
> > > > > Subject: Re:[ntdev] Load Windows 8 driver on Windows 7 by
> > > ZwLoadDriver
> > > > >
> > > > > First, these drivers are built for Windows 7 right? Second is one of
> > > > > these a KMDF driver? In general ZwLoadDriver is not the way to load
> > > > > drivers (assuming you are calling it).
> > > > >
> > > > >
> > > > > Don Burn
> > > > > Windows Filesystem and Driver Consulting
> > > > > Website: http://www.windrvr.com
> > > > > Blog: http://msmvps.com/blogs/WinDrvr
> > > > >
> > > > >
> > > > > “Woojung Huh” wrote in message
> > > > > news:xxxxx@ntdev:
> > > > >
> > > > > > All,
> > > > > >
> > > > > > By MSDN (http://msdn.microsoft.com/en-
> > > > > us/library/windows/hardware/jj572863(v=vs.85).aspx), VS with Win8
> > > WDK
> > > > > can build the driver for all OSes.
> > > > > > With the guideline, I can load Win8-WDK-build BootDevice driver on
> > > > > Windows 7.
> > > > > >
> > > > > > However, Windows7 fails to load another Win8-WDK-build kernel
> mode
> > > > > driver by ZwLoadDriver() API with error of 0xC0000263 (Driver Entry
> Point
> > > Not
> > > > > Found)
> > > > > > Error message tells there is version mismatch.
> > > > > >
> > > > > > I’d like to confirm that it is NOT possible or any mistake.
> > > > > >
> > > > > > Thanks in advance.
> > > > > > Woojung
> > > > >
> > > > >
> > > > > —
> > > > > NTDEV is sponsored by OSR
> > > > >
> > > > > For our schedule of WDF, WDM, debugging and other seminars visit:
> > > > > http://www.osr.com/seminars
> > > > >
> > > > > To unsubscribe, visit the List Server section of OSR Online at
> > > > > http://www.osronline.com/page.cfm?name=ListServer
> > > > >
> > > > >
> > > > >
> > > > > —
> > > > > NTDEV is sponsored by OSR
> > > > >
> > > > > For our schedule of WDF, WDM, debugging and other seminars visit:
> > > > > http://www.osr.com/seminars
> > > > >
> > > > > To unsubscribe, visit the List Server section of OSR Online at
> > > > > http://www.osronline.com/page.cfm?name=ListServer
> > >
> > >
> > > —
> > > NTDEV is sponsored by OSR
> > >
> > > For our schedule of WDF, WDM, debugging and other seminars visit:
> > > http://www.osr.com/seminars
> > >
> > > To unsubscribe, visit the List Server section of OSR Online at
> > > http://www.osronline.com/page.cfm?name=ListServer
>
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer

It is possible, build for w8 and set the KernelBufferOverflowLib property to BufferOverflowK.lib and you should load on w7

-----Original Message-----
From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Woojung Huh
Sent: Wednesday, August 29, 2012 11:06 AM
To: Windows System Software Devs Interest List
Subject: RE: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7 by ZwLoadDriver

Thanks Don & Phil.

First of all, I’m not using Win8 feature on Win7.

Driver goes different code path and uses different OS defined structure per Window version.
For instance, Windows 8 WDK defined structure has more members in same structure than Windows 7.
(I’m afraid that I may not be able to write details. Sorry about it.) Driver will determine version of OS by API RtlIsNtDdiVersionAvailable() and go different path.

My idea is building driver with Windows 8 WDK based on MSDN (http://msdn.microsoft.com/en-us/library/windows/hardware/jj572863(v=vs.85).aspx ) And, let it work on all version of OSes. Otherwise, I need to build two separate drivers, Win7 and Win8.

As I wrote in 1st email, Boot Device driver built with Windows 8 WDK with instruction in above link is working on Windows 7.
(It wasn’t working without changing link library.) So, I was hopeful until getting error at ZwLoadDriver() to load another kernel mode driver which is built with Windows 8 WDK with modification of link library.

But, look like it is not possible at all.

Woojung

-----Original Message-----
From: xxxxx@lists.osr.com [mailto:bounce-511972-
xxxxx@lists.osr.com] On Behalf Of Don Burn
Sent: Wednesday, August 29, 2012 1:43 PM
To: Windows System Software Devs Interest List
Subject: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7 by
ZwLoadDriver

You can play games with MmGetSystemRoutineAddress but as Phil pointed
out you can’t use a Win8 only feature in Win7. Why would you have
ever thought you could?

Don Burn
Windows Filesystem and Driver Consulting
Website: http://www.windrvr.com
Blog: http://msmvps.com/blogs/WinDrvr

“Woojung Huh” wrote in message
> news:xxxxx@ntdev:
>
> > Thanks Don.
> >
> > OK. I missed this part. Sorry.
> > I need Win8 specific features and it should be compiled with Win8
> > target to
> work on Windows 8.
> > That makes me build two (Win7 & Win8) drivers and want to avoid it.
> >
> > It doesn’t look there is silver bullet.
> >
> >
> > > -----Original Message-----
> > > From: xxxxx@lists.osr.com [mailto:bounce-511965-
> > > xxxxx@lists.osr.com] On Behalf Of Don Burn
> > > Sent: Wednesday, August 29, 2012 1:18 PM
> > > To: Windows System Software Devs Interest List
> > > Subject: RE:[ntdev] Re:Load Windows 8 driver on Windows 7 by
> > > ZwLoadDriver
> > >
> > > Build the driver for Win7 and it should work on Win8.
> > >
> > >
> > > Don Burn
> > > Windows Filesystem and Driver Consulting
> > > Website: http://www.windrvr.com
> > > Blog: http://msmvps.com/blogs/WinDrvr
> > >
> > >
> > >
> > >
> > > “Woojung Huh” wrote in message
> > > news:xxxxx@ntdev:
> > >
> > > > Thanks for all you replies.
> > > >
> > > > Here are working scenarios.
> > > > 1. Driver built with Win7 DDK works well with ZwLoadDriver() on
> Windows 7
> > > > 2. Driver built with Win7 target on VS + Win8 WDK works well
> > > > with
> > > ZwLoadDriver() on Windows 7
> > > > 3. Driver built with Win8 target on VS + Win8 WDK works well
> > > > with
> > > ZwLoadDriver() on Windows 8
> > > >
> > > > Now I’m trying to have a single binary to work on all OSes.
> > > >
> > > > And, by MSDN link I posted in original email, Changing to
> > > BufferOverFlowK.lib is option to run a driver on all version of Windows.
> > > > Am I missing something?
> > > >
> > > > Thanks again.
> > > > Woojung
> > > >
> > > > > -----Original Message-----
> > > > > From: xxxxx@lists.osr.com
> > > > > [mailto:bounce-511961- xxxxx@lists.osr.com] On Behalf Of
> > > > > Doron Holan
> > > > > Sent: Wednesday, August 29, 2012 12:58 PM
> > > > > To: Windows System Software Devs Interest List
> > > > > Subject: RE: Re:[ntdev] Load Windows 8 driver on Windows 7 by
> > > > > ZwLoadDriver
> > > > >
> > > > >
> > > > > What Os target did you build for? If you built for w8, it
> > > > > won’t load by
> > > default
> > > > > downlevel because you are linking against
> > > > > bufferoverflowfastfail.lib
> > > which
> > > > > requires win8 loader support for the security cookie to
> > > > > initialize d
> > > > >
> > > > >
> > > > > ________________________________________
> > > > > From: xxxxx@lists.osr.com [bounce-511958-
> > > > > xxxxx@lists.osr.com] on behalf of Don Burn [xxxxx@windrvr.com]
> > > > > Sent: Wednesday, August 29, 2012 9:39 AM
> > > > > To: Windows System Software Devs Interest List
> > > > > Subject: Re:[ntdev] Load Windows 8 driver on Windows 7 by
> > > ZwLoadDriver
> > > > >
> > > > > First, these drivers are built for Windows 7 right? Second is
> > > > > one of these a KMDF driver? In general ZwLoadDriver is not
> > > > > the way to load drivers (assuming you are calling it).
> > > > >
> > > > >
> > > > > Don Burn
> > > > > Windows Filesystem and Driver Consulting
> > > > > Website: http://www.windrvr.com
> > > > > Blog: http://msmvps.com/blogs/WinDrvr
> > > > >
> > > > >
> > > > > “Woojung Huh” wrote in message
> > > > > news:xxxxx@ntdev:
> > > > >
> > > > > > All,
> > > > > >
> > > > > > By MSDN (http://msdn.microsoft.com/en-
> > > > > us/library/windows/hardware/jj572863(v=vs.85).aspx), VS with
> > > > > Win8
> > > WDK
> > > > > can build the driver for all OSes.
> > > > > > With the guideline, I can load Win8-WDK-build BootDevice
> > > > > > driver on
> > > > > Windows 7.
> > > > > >
> > > > > > However, Windows7 fails to load another Win8-WDK-build
> > > > > > kernel
> mode
> > > > > driver by ZwLoadDriver() API with error of 0xC0000263 (Driver
> > > > > Entry
> Point
> > > Not
> > > > > Found)
> > > > > > Error message tells there is version mismatch.
> > > > > >
> > > > > > I’d like to confirm that it is NOT possible or any mistake.
> > > > > >
> > > > > > Thanks in advance.
> > > > > > Woojung
> > > > >
> > > > >
> > > > > —
> > > > > NTDEV is sponsored by OSR
> > > > >
> > > > > For our schedule of WDF, WDM, debugging and other seminars visit:
> > > > > http://www.osr.com/seminars
> > > > >
> > > > > To unsubscribe, visit the List Server section of OSR Online at
> > > > > http://www.osronline.com/page.cfm?name=ListServer
> > > > >
> > > > >
> > > > >
> > > > > —
> > > > > NTDEV is sponsored by OSR
> > > > >
> > > > > For our schedule of WDF, WDM, debugging and other seminars visit:
> > > > > http://www.osr.com/seminars
> > > > >
> > > > > To unsubscribe, visit the List Server section of OSR Online at
> > > > > http://www.osronline.com/page.cfm?name=ListServer
> > >
> > >
> > > —
> > > NTDEV is sponsored by OSR
> > >
> > > For our schedule of WDF, WDM, debugging and other seminars visit:
> > > http://www.osr.com/seminars
> > >
> > > To unsubscribe, visit the List Server section of OSR Online at
> > > http://www.osronline.com/page.cfm?name=ListServer
>
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer

—
NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer

> -----Original Message-----

From: xxxxx@lists.osr.com [mailto:bounce-511974-
xxxxx@lists.osr.com] On Behalf Of Woojung Huh
Sent: Wednesday, August 29, 2012 8:06 PM
To: Windows System Software Devs Interest List
Subject: RE: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7 by
ZwLoadDriver

So, I was hopeful until getting error at ZwLoadDriver() to load another kernel
mode driver which is built with Windows 8 WDK with modification of link
library.

It doesn’t work because there is minimal NT version in PE header and it is set to Win8 if you use Win8 target. OS simply checks this field and if higher than its version, it refuses to load the executable.

Built with the lowest target you need and everything else has to be done manually. Is it possible, I have driver build for XP which uses Win7 and Win8 features.

Michal

NOTE: The information in this message is intended for the personal and confidential use of the designated recipient(s) named above. To the extent the recipient(s) is/are bound by a non-disclosure agreement, or other agreement that contains an obligation of confidentiality, with AuthenTec, then this message and/or any attachments shall be considered confidential information and subject to the confidentiality terms of that agreement. If the reader of this message is not the intended recipient named above, you are notified that you have received this document in error, and any review, dissemination, distribution or copying of this message is strictly prohibited. If you have received this document in error, please delete the original message and notify the sender immediately.
Thank You!
AuthenTec, Inc. http://www.authentec.com/

Thanks Michal,
It explains.

It is still confusing me that Windows 7 loaded Win8-WDK-Built BootDevice driver.
Do you have any explanation about it?

Is loading driver mechanism different from BootDevice and other Kernel Device?

Thanks again.
Woojung

-----Original Message-----
From: xxxxx@lists.osr.com [mailto:bounce-511987-
xxxxx@lists.osr.com] On Behalf Of Vodicka, Michal
Sent: Wednesday, August 29, 2012 4:16 PM
To: Windows System Software Devs Interest List
Subject: RE: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7 by
ZwLoadDriver

> -----Original Message-----
> From: xxxxx@lists.osr.com [mailto:bounce-511974-
> xxxxx@lists.osr.com] On Behalf Of Woojung Huh
> Sent: Wednesday, August 29, 2012 8:06 PM
> To: Windows System Software Devs Interest List
> Subject: RE: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7 by
> ZwLoadDriver
>
> So, I was hopeful until getting error at ZwLoadDriver() to load another
kernel
> mode driver which is built with Windows 8 WDK with modification of link
> library.

It doesn’t work because there is minimal NT version in PE header and it is set
to Win8 if you use Win8 target. OS simply checks this field and if higher than
its version, it refuses to load the executable.

Built with the lowest target you need and everything else has to be done
manually. Is it possible, I have driver build for XP which uses Win7 and Win8
features.

Michal

NOTE: The information in this message is intended for the personal and
confidential use of the designated recipient(s) named above. To the extent
the recipient(s) is/are bound by a non-disclosure agreement, or other
agreement that contains an obligation of confidentiality, with AuthenTec,
then this message and/or any attachments shall be considered confidential
information and subject to the confidentiality terms of that agreement. If
the reader of this message is not the intended recipient named above, you
are notified that you have received this document in error, and any review,
dissemination, distribution or copying of this message is strictly prohibited. If
you have received this document in error, please delete the original message
and notify the sender immediately.
Thank You!
AuthenTec, Inc. http://www.authentec.com/

---

NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer

No idea. Are you sure that the boot driver was built for Win8 target? You can check its PE header. I guess link with some parameters can display it or there are free PE viewers somewhere.

Michal

-----Original Message-----
From: xxxxx@lists.osr.com [mailto:bounce-511988-
xxxxx@lists.osr.com] On Behalf Of Woojung Huh
Sent: Wednesday, August 29, 2012 10:21 PM
To: Windows System Software Devs Interest List
Subject: RE: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7 by
ZwLoadDriver

Thanks Michal,
It explains.

It is still confusing me that Windows 7 loaded Win8-WDK-Built BootDevice
driver.
Do you have any explanation about it?

Is loading driver mechanism different from BootDevice and other Kernel
Device?

Thanks again.
Woojung

> -----Original Message-----
> From: xxxxx@lists.osr.com [mailto:bounce-511987-
> xxxxx@lists.osr.com] On Behalf Of Vodicka, Michal
> Sent: Wednesday, August 29, 2012 4:16 PM
> To: Windows System Software Devs Interest List
> Subject: RE: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7 by
> ZwLoadDriver
>
> > -----Original Message-----
> > From: xxxxx@lists.osr.com [mailto:bounce-511974-
> > xxxxx@lists.osr.com] On Behalf Of Woojung Huh
> > Sent: Wednesday, August 29, 2012 8:06 PM
> > To: Windows System Software Devs Interest List
> > Subject: RE: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7 by
> > ZwLoadDriver
> >
> > So, I was hopeful until getting error at ZwLoadDriver() to load another
> kernel
> > mode driver which is built with Windows 8 WDK with modification of link
> > library.
>
> It doesn’t work because there is minimal NT version in PE header and it is set
> to Win8 if you use Win8 target. OS simply checks this field and if higher than
> its version, it refuses to load the executable.
>
> Built with the lowest target you need and everything else has to be done
> manually. Is it possible, I have driver build for XP which uses Win7 and Win8
> features.
>
> Michal
>
> NOTE: The information in this message is intended for the personal and
> confidential use of the designated recipient(s) named above. To the extent
> the recipient(s) is/are bound by a non-disclosure agreement, or other
> agreement that contains an obligation of confidentiality, with AuthenTec,
> then this message and/or any attachments shall be considered confidential
> information and subject to the confidentiality terms of that agreement. If
> the reader of this message is not the intended recipient named above, you
> are notified that you have received this document in error, and any review,
> dissemination, distribution or copying of this message is strictly prohibited. If
> you have received this document in error, please delete the original message
> and notify the sender immediately.
> Thank You!
> AuthenTec, Inc. http://www.authentec.com/
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer

---

NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer

NOTE: The information in this message is intended for the personal and confidential use of the designated recipient(s) named above. To the extent the recipient(s) is/are bound by a non-disclosure agreement, or other agreement that contains an obligation of confidentiality, with AuthenTec, then this message and/or any attachments shall be considered confidential information and subject to the confidentiality terms of that agreement. If the reader of this message is not the intended recipient named above, you are notified that you have received this document in error, and any review, dissemination, distribution or copying of this message is strictly prohibited. If you have received this document in error, please delete the original message and notify the sender immediately.
Thank You!
AuthenTec, Inc. http://www.authentec.com/

I had the same misconception until recently. Mm in kernel mode doesn’t look at the subsystem version in the PE header, so it doesn’t matter what the value is. You can build a driver with win8 as the os target and load it on win7 if everything aligns (note that you must probably do this aligning yourself). This is unlike user mode where the user mode loader will look at the subsystem version and fail versions that are newer than the OS

-----Original Message-----
From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Vodicka, Michal
Sent: Wednesday, August 29, 2012 1:26 PM
To: Windows System Software Devs Interest List
Subject: RE: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7 by ZwLoadDriver

No idea. Are you sure that the boot driver was built for Win8 target? You can check its PE header. I guess link with some parameters can display it or there are free PE viewers somewhere.

Michal

-----Original Message-----
From: xxxxx@lists.osr.com [mailto:bounce-511988-
xxxxx@lists.osr.com] On Behalf Of Woojung Huh
Sent: Wednesday, August 29, 2012 10:21 PM
To: Windows System Software Devs Interest List
Subject: RE: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7 by
ZwLoadDriver

Thanks Michal,
It explains.

It is still confusing me that Windows 7 loaded Win8-WDK-Built
BootDevice driver.
Do you have any explanation about it?

Is loading driver mechanism different from BootDevice and other Kernel
Device?

Thanks again.
Woojung

> -----Original Message-----
> From: xxxxx@lists.osr.com [mailto:bounce-511987-
> xxxxx@lists.osr.com] On Behalf Of Vodicka, Michal
> Sent: Wednesday, August 29, 2012 4:16 PM
> To: Windows System Software Devs Interest List
> Subject: RE: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7 by
> ZwLoadDriver
>
> > -----Original Message-----
> > From: xxxxx@lists.osr.com [mailto:bounce-511974-
> > xxxxx@lists.osr.com] On Behalf Of Woojung Huh
> > Sent: Wednesday, August 29, 2012 8:06 PM
> > To: Windows System Software Devs Interest List
> > Subject: RE: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7
> > by ZwLoadDriver
> >
> > So, I was hopeful until getting error at ZwLoadDriver() to load
> > another
> kernel
> > mode driver which is built with Windows 8 WDK with modification of
> > link library.
>
> It doesn’t work because there is minimal NT version in PE header and
> it is set to Win8 if you use Win8 target. OS simply checks this
> field and if higher than its version, it refuses to load the executable.
>
> Built with the lowest target you need and everything else has to be
> done manually. Is it possible, I have driver build for XP which uses
> Win7 and Win8 features.
>
> Michal
>
> NOTE: The information in this message is intended for the personal
> and confidential use of the designated recipient(s) named above. To
> the extent the recipient(s) is/are bound by a non-disclosure
> agreement, or other agreement that contains an obligation of
> confidentiality, with AuthenTec, then this message and/or any
> attachments shall be considered confidential information and subject
> to the confidentiality terms of that agreement. If the reader of
> this message is not the intended recipient named above, you are
> notified that you have received this document in error, and any
> review, dissemination, distribution or copying of this message is
> strictly prohibited. If you have received this document in error, please delete the original message and notify the sender immediately.
> Thank You!
> AuthenTec, Inc. http://www.authentec.com/
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer

---

NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer

NOTE: The information in this message is intended for the personal and confidential use of the designated recipient(s) named above. To the extent the recipient(s) is/are bound by a non-disclosure agreement, or other agreement that contains an obligation of confidentiality, with AuthenTec, then this message and/or any attachments shall be considered confidential information and subject to the confidentiality terms of that agreement. If the reader of this message is not the intended recipient named above, you are notified that you have received this document in error, and any review, dissemination, distribution or copying of this message is strictly prohibited. If you have received this document in error, please delete the original message and notify the sender immediately.
Thank You!
AuthenTec, Inc. http://www.authentec.com/

NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer

Strange. I’m almost sure that I had a problem with driver (not boot one) loading just because of this. But maybe I don’t remember it correctly and it was a user mode binary…

Michal

-----Original Message-----
From: xxxxx@lists.osr.com [mailto:bounce-511990-
xxxxx@lists.osr.com] On Behalf Of Doron Holan
Sent: Wednesday, August 29, 2012 10:31 PM
To: Windows System Software Devs Interest List
Subject: RE: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7 by
ZwLoadDriver

I had the same misconception until recently. Mm in kernel mode doesn’t look
at the subsystem version in the PE header, so it doesn’t matter what the value
is. You can build a driver with win8 as the os target and load it on win7 if
everything aligns (note that you must probably do this aligning yourself). This is
unlike user mode where the user mode loader will look at the subsystem
version and fail versions that are newer than the OS

-----Original Message-----
From: xxxxx@lists.osr.com [mailto:bounce-511989-
xxxxx@lists.osr.com] On Behalf Of Vodicka, Michal
Sent: Wednesday, August 29, 2012 1:26 PM
To: Windows System Software Devs Interest List
Subject: RE: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7 by
ZwLoadDriver

No idea. Are you sure that the boot driver was built for Win8 target? You can
check its PE header. I guess link with some parameters can display it or there
are free PE viewers somewhere.

Michal

> -----Original Message-----
> From: xxxxx@lists.osr.com [mailto:bounce-511988-
> xxxxx@lists.osr.com] On Behalf Of Woojung Huh
> Sent: Wednesday, August 29, 2012 10:21 PM
> To: Windows System Software Devs Interest List
> Subject: RE: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7 by
> ZwLoadDriver
>
> Thanks Michal,
> It explains.
>
> It is still confusing me that Windows 7 loaded Win8-WDK-Built
> BootDevice driver.
> Do you have any explanation about it?
>
> Is loading driver mechanism different from BootDevice and other Kernel
> Device?
>
> Thanks again.
> Woojung
>
> > -----Original Message-----
> > From: xxxxx@lists.osr.com [mailto:bounce-511987-
> > xxxxx@lists.osr.com] On Behalf Of Vodicka, Michal
> > Sent: Wednesday, August 29, 2012 4:16 PM
> > To: Windows System Software Devs Interest List
> > Subject: RE: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7 by
> > ZwLoadDriver
> >
> > > -----Original Message-----
> > > From: xxxxx@lists.osr.com [mailto:bounce-511974-
> > > xxxxx@lists.osr.com] On Behalf Of Woojung Huh
> > > Sent: Wednesday, August 29, 2012 8:06 PM
> > > To: Windows System Software Devs Interest List
> > > Subject: RE: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7
> > > by ZwLoadDriver
> > >
> > > So, I was hopeful until getting error at ZwLoadDriver() to load
> > > another
> > kernel
> > > mode driver which is built with Windows 8 WDK with modification of
> > > link library.
> >
> > It doesn’t work because there is minimal NT version in PE header and
> > it is set to Win8 if you use Win8 target. OS simply checks this
> > field and if higher than its version, it refuses to load the executable.
> >
> > Built with the lowest target you need and everything else has to be
> > done manually. Is it possible, I have driver build for XP which uses
> > Win7 and Win8 features.
> >
> > Michal
> >
> > NOTE: The information in this message is intended for the personal
> > and confidential use of the designated recipient(s) named above. To
> > the extent the recipient(s) is/are bound by a non-disclosure
> > agreement, or other agreement that contains an obligation of
> > confidentiality, with AuthenTec, then this message and/or any
> > attachments shall be considered confidential information and subject
> > to the confidentiality terms of that agreement. If the reader of
> > this message is not the intended recipient named above, you are
> > notified that you have received this document in error, and any
> > review, dissemination, distribution or copying of this message is
> > strictly prohibited. If you have received this document in error, please
delete the original message and notify the sender immediately.
> > Thank You!
> > AuthenTec, Inc. http://www.authentec.com/
> >
> > —
> > NTDEV is sponsored by OSR
> >
> > For our schedule of WDF, WDM, debugging and other seminars visit:
> > http://www.osr.com/seminars
> >
> > To unsubscribe, visit the List Server section of OSR Online at
> > http://www.osronline.com/page.cfm?name=ListServer
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer

NOTE: The information in this message is intended for the personal and
confidential use of the designated recipient(s) named above. To the extent the
recipient(s) is/are bound by a non-disclosure agreement, or other agreement
that contains an obligation of confidentiality, with AuthenTec, then this
message and/or any attachments shall be considered confidential information
and subject to the confidentiality terms of that agreement. If the reader of this
message is not the intended recipient named above, you are notified that you
have received this document in error, and any review, dissemination,
distribution or copying of this message is strictly prohibited. If you have
received this document in error, please delete the original message and notify
the sender immediately.
Thank You!
AuthenTec, Inc. http://www.authentec.com/

---

NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer

---

NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer

NOTE: The information in this message is intended for the personal and confidential use of the designated recipient(s) named above. To the extent the recipient(s) is/are bound by a non-disclosure agreement, or other agreement that contains an obligation of confidentiality, with AuthenTec, then this message and/or any attachments shall be considered confidential information and subject to the confidentiality terms of that agreement. If the reader of this message is not the intended recipient named above, you are notified that you have received this document in error, and any review, dissemination, distribution or copying of this message is strictly prohibited. If you have received this document in error, please delete the original message and notify the sender immediately.
Thank You!
AuthenTec, Inc. http://www.authentec.com/

I was in exactly the same mental context. I could have sworn I saw this behavior from Mm, but we went back and looked as far as win2k and it never looked at the subsystem version when loading an image

d

-----Original Message-----
From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Vodicka, Michal
Sent: Wednesday, August 29, 2012 2:01 PM
To: Windows System Software Devs Interest List
Subject: RE: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7 by ZwLoadDriver

Strange. I’m almost sure that I had a problem with driver (not boot one) loading just because of this. But maybe I don’t remember it correctly and it was a user mode binary…

Michal

-----Original Message-----
From: xxxxx@lists.osr.com [mailto:bounce-511990-
xxxxx@lists.osr.com] On Behalf Of Doron Holan
Sent: Wednesday, August 29, 2012 10:31 PM
To: Windows System Software Devs Interest List
Subject: RE: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7 by
ZwLoadDriver

I had the same misconception until recently. Mm in kernel mode doesn’t
look at the subsystem version in the PE header, so it doesn’t matter
what the value is. You can build a driver with win8 as the os target
and load it on win7 if everything aligns (note that you must probably
do this aligning yourself). This is unlike user mode where the user
mode loader will look at the subsystem version and fail versions that
are newer than the OS

-----Original Message-----
From: xxxxx@lists.osr.com [mailto:bounce-511989-
xxxxx@lists.osr.com] On Behalf Of Vodicka, Michal
Sent: Wednesday, August 29, 2012 1:26 PM
To: Windows System Software Devs Interest List
Subject: RE: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7 by
ZwLoadDriver

No idea. Are you sure that the boot driver was built for Win8 target?
You can check its PE header. I guess link with some parameters can
display it or there are free PE viewers somewhere.

Michal

> -----Original Message-----
> From: xxxxx@lists.osr.com [mailto:bounce-511988-
> xxxxx@lists.osr.com] On Behalf Of Woojung Huh
> Sent: Wednesday, August 29, 2012 10:21 PM
> To: Windows System Software Devs Interest List
> Subject: RE: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7 by
> ZwLoadDriver
>
> Thanks Michal,
> It explains.
>
> It is still confusing me that Windows 7 loaded Win8-WDK-Built
> BootDevice driver.
> Do you have any explanation about it?
>
> Is loading driver mechanism different from BootDevice and other
> Kernel Device?
>
> Thanks again.
> Woojung
>
> > -----Original Message-----
> > From: xxxxx@lists.osr.com [mailto:bounce-511987-
> > xxxxx@lists.osr.com] On Behalf Of Vodicka, Michal
> > Sent: Wednesday, August 29, 2012 4:16 PM
> > To: Windows System Software Devs Interest List
> > Subject: RE: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7
> > by ZwLoadDriver
> >
> > > -----Original Message-----
> > > From: xxxxx@lists.osr.com [mailto:bounce-511974-
> > > xxxxx@lists.osr.com] On Behalf Of Woojung Huh
> > > Sent: Wednesday, August 29, 2012 8:06 PM
> > > To: Windows System Software Devs Interest List
> > > Subject: RE: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7
> > > by ZwLoadDriver
> > >
> > > So, I was hopeful until getting error at ZwLoadDriver() to load
> > > another
> > kernel
> > > mode driver which is built with Windows 8 WDK with modification
> > > of link library.
> >
> > It doesn’t work because there is minimal NT version in PE header
> > and it is set to Win8 if you use Win8 target. OS simply checks
> > this field and if higher than its version, it refuses to load the executable.
> >
> > Built with the lowest target you need and everything else has to
> > be done manually. Is it possible, I have driver build for XP which
> > uses
> > Win7 and Win8 features.
> >
> > Michal
> >
> > NOTE: The information in this message is intended for the personal
> > and confidential use of the designated recipient(s) named above.
> > To the extent the recipient(s) is/are bound by a non-disclosure
> > agreement, or other agreement that contains an obligation of
> > confidentiality, with AuthenTec, then this message and/or any
> > attachments shall be considered confidential information and
> > subject to the confidentiality terms of that agreement. If the
> > reader of this message is not the intended recipient named above,
> > you are notified that you have received this document in error,
> > and any review, dissemination, distribution or copying of this
> > message is strictly prohibited. If you have received this document
> > in error, please
delete the original message and notify the sender immediately.
> > Thank You!
> > AuthenTec, Inc. http://www.authentec.com/
> >
> > —
> > NTDEV is sponsored by OSR
> >
> > For our schedule of WDF, WDM, debugging and other seminars visit:
> > http://www.osr.com/seminars
> >
> > To unsubscribe, visit the List Server section of OSR Online at
> > http://www.osronline.com/page.cfm?name=ListServer
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer

NOTE: The information in this message is intended for the personal and
confidential use of the designated recipient(s) named above. To the
extent the
recipient(s) is/are bound by a non-disclosure agreement, or other
agreement that contains an obligation of confidentiality, with
AuthenTec, then this message and/or any attachments shall be
considered confidential information and subject to the confidentiality
terms of that agreement. If the reader of this message is not the
intended recipient named above, you are notified that you have
received this document in error, and any review, dissemination,
distribution or copying of this message is strictly prohibited. If you
have received this document in error, please delete the original message and notify the sender immediately.
Thank You!
AuthenTec, Inc. http://www.authentec.com/

---

NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer

---

NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer

NOTE: The information in this message is intended for the personal and confidential use of the designated recipient(s) named above. To the extent the recipient(s) is/are bound by a non-disclosure agreement, or other agreement that contains an obligation of confidentiality, with AuthenTec, then this message and/or any attachments shall be considered confidential information and subject to the confidentiality terms of that agreement. If the reader of this message is not the intended recipient named above, you are notified that you have received this document in error, and any review, dissemination, distribution or copying of this message is strictly prohibited. If you have received this document in error, please delete the original message and notify the sender immediately.
Thank You!
AuthenTec, Inc. http://www.authentec.com/

NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer

Doron,
Thanks for sharing information.
Now it is confusing me more.

-----Original Message-----
From: xxxxx@lists.osr.com [mailto:bounce-511993-
xxxxx@lists.osr.com] On Behalf Of Doron Holan
Sent: Wednesday, August 29, 2012 5:16 PM
To: Windows System Software Devs Interest List
Subject: RE: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7 by
ZwLoadDriver

I was in exactly the same mental context. I could have sworn I saw this
behavior from Mm, but we went back and looked as far as win2k and it never
looked at the subsystem version when loading an image

d

-----Original Message-----
From: xxxxx@lists.osr.com [mailto:bounce-511992-
xxxxx@lists.osr.com] On Behalf Of Vodicka, Michal
Sent: Wednesday, August 29, 2012 2:01 PM
To: Windows System Software Devs Interest List
Subject: RE: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7 by
ZwLoadDriver

Strange. I’m almost sure that I had a problem with driver (not boot one)
loading just because of this. But maybe I don’t remember it correctly and it
was a user mode binary…

Michal

> -----Original Message-----
> From: xxxxx@lists.osr.com [mailto:bounce-511990-
> xxxxx@lists.osr.com] On Behalf Of Doron Holan
> Sent: Wednesday, August 29, 2012 10:31 PM
> To: Windows System Software Devs Interest List
> Subject: RE: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7 by
> ZwLoadDriver
>
> I had the same misconception until recently. Mm in kernel mode doesn’t
> look at the subsystem version in the PE header, so it doesn’t matter
> what the value is. You can build a driver with win8 as the os target
> and load it on win7 if everything aligns (note that you must probably
> do this aligning yourself). This is unlike user mode where the user
> mode loader will look at the subsystem version and fail versions that
> are newer than the OS
>
> -----Original Message-----
> From: xxxxx@lists.osr.com [mailto:bounce-511989-
> xxxxx@lists.osr.com] On Behalf Of Vodicka, Michal
> Sent: Wednesday, August 29, 2012 1:26 PM
> To: Windows System Software Devs Interest List
> Subject: RE: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7 by
> ZwLoadDriver
>
> No idea. Are you sure that the boot driver was built for Win8 target?
> You can check its PE header. I guess link with some parameters can
> display it or there are free PE viewers somewhere.
>
> Michal
>
> > -----Original Message-----
> > From: xxxxx@lists.osr.com [mailto:bounce-511988-
> > xxxxx@lists.osr.com] On Behalf Of Woojung Huh
> > Sent: Wednesday, August 29, 2012 10:21 PM
> > To: Windows System Software Devs Interest List
> > Subject: RE: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7 by
> > ZwLoadDriver
> >
> > Thanks Michal,
> > It explains.
> >
> > It is still confusing me that Windows 7 loaded Win8-WDK-Built
> > BootDevice driver.
> > Do you have any explanation about it?
> >
> > Is loading driver mechanism different from BootDevice and other
> > Kernel Device?
> >
> > Thanks again.
> > Woojung
> >
> > > -----Original Message-----
> > > From: xxxxx@lists.osr.com [mailto:bounce-511987-
> > > xxxxx@lists.osr.com] On Behalf Of Vodicka, Michal
> > > Sent: Wednesday, August 29, 2012 4:16 PM
> > > To: Windows System Software Devs Interest List
> > > Subject: RE: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7
> > > by ZwLoadDriver
> > >
> > > > -----Original Message-----
> > > > From: xxxxx@lists.osr.com [mailto:bounce-511974-
> > > > xxxxx@lists.osr.com] On Behalf Of Woojung Huh
> > > > Sent: Wednesday, August 29, 2012 8:06 PM
> > > > To: Windows System Software Devs Interest List
> > > > Subject: RE: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7
> > > > by ZwLoadDriver
> > > >
> > > > So, I was hopeful until getting error at ZwLoadDriver() to load
> > > > another
> > > kernel
> > > > mode driver which is built with Windows 8 WDK with modification
> > > > of link library.
> > >
> > > It doesn’t work because there is minimal NT version in PE header
> > > and it is set to Win8 if you use Win8 target. OS simply checks
> > > this field and if higher than its version, it refuses to load the executable.
> > >
> > > Built with the lowest target you need and everything else has to
> > > be done manually. Is it possible, I have driver build for XP which
> > > uses
> > > Win7 and Win8 features.
> > >
> > > Michal
> > >
> > > NOTE: The information in this message is intended for the personal
> > > and confidential use of the designated recipient(s) named above.
> > > To the extent the recipient(s) is/are bound by a non-disclosure
> > > agreement, or other agreement that contains an obligation of
> > > confidentiality, with AuthenTec, then this message and/or any
> > > attachments shall be considered confidential information and
> > > subject to the confidentiality terms of that agreement. If the
> > > reader of this message is not the intended recipient named above,
> > > you are notified that you have received this document in error,
> > > and any review, dissemination, distribution or copying of this
> > > message is strictly prohibited. If you have received this document
> > > in error, please
> delete the original message and notify the sender immediately.
> > > Thank You!
> > > AuthenTec, Inc. http://www.authentec.com/
> > >
> > > —
> > > NTDEV is sponsored by OSR
> > >
> > > For our schedule of WDF, WDM, debugging and other seminars visit:
> > > http://www.osr.com/seminars
> > >
> > > To unsubscribe, visit the List Server section of OSR Online at
> > > http://www.osronline.com/page.cfm?name=ListServer
> >
> > —
> > NTDEV is sponsored by OSR
> >
> > For our schedule of WDF, WDM, debugging and other seminars visit:
> > http://www.osr.com/seminars
> >
> > To unsubscribe, visit the List Server section of OSR Online at
> > http://www.osronline.com/page.cfm?name=ListServer
>
> NOTE: The information in this message is intended for the personal and
> confidential use of the designated recipient(s) named above. To the
> extent the
> recipient(s) is/are bound by a non-disclosure agreement, or other
> agreement that contains an obligation of confidentiality, with
> AuthenTec, then this message and/or any attachments shall be
> considered confidential information and subject to the confidentiality
> terms of that agreement. If the reader of this message is not the
> intended recipient named above, you are notified that you have
> received this document in error, and any review, dissemination,
> distribution or copying of this message is strictly prohibited. If you
> have received this document in error, please delete the original message
and notify the sender immediately.
> Thank You!
> AuthenTec, Inc. http://www.authentec.com/
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
>
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer

NOTE: The information in this message is intended for the personal and
confidential use of the designated recipient(s) named above. To the extent
the recipient(s) is/are bound by a non-disclosure agreement, or other
agreement that contains an obligation of confidentiality, with AuthenTec,
then this message and/or any attachments shall be considered confidential
information and subject to the confidentiality terms of that agreement. If
the reader of this message is not the intended recipient named above, you
are notified that you have received this document in error, and any review,
dissemination, distribution or copying of this message is strictly prohibited. If
you have received this document in error, please delete the original message
and notify the sender immediately.
Thank You!
AuthenTec, Inc. http://www.authentec.com/

---

NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer

---

NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer

It might be a usermode binary. IIRC Skywing once wrote about this.
Usually I can run drivers built for Win7 target on Vista (SP1), but not
usermode stuff.
– pa

On 30-Aug-2012 00:00, Vodicka, Michal wrote:

Strange. I’m almost sure that I had a problem with driver (not boot one) loading just because of this. But maybe I don’t remember it correctly and it was a user mode binary…

Michal

> -----Original Message-----
> From: xxxxx@lists.osr.com [mailto:bounce-511990-
> xxxxx@lists.osr.com] On Behalf Of Doron Holan
> Sent: Wednesday, August 29, 2012 10:31 PM
> To: Windows System Software Devs Interest List
> Subject: RE: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7 by
> ZwLoadDriver
>
> I had the same misconception until recently. Mm in kernel mode doesn’t look
> at the subsystem version in the PE header, so it doesn’t matter what the value
> is. You can build a driver with win8 as the os target and load it on win7 if
> everything aligns (note that you must probably do this aligning yourself). This is
> unlike user mode where the user mode loader will look at the subsystem
> version and fail versions that are newer than the OS
>
> -----Original Message-----

If use separate binaries, then you should alter the code paths by using
pragmas not if statements. That way, the Windows 7 compatible code is not
even compiled into the Windows 8 binary and vice versa.

If you use a single binary, then you need to ensure that you don’t
statically link against any API (DDI) that is not available on your minimum
target OS (Windows 7 in this case). Then user MmGetSystemRoutineAddress
(the equivalent of GetProcAddress in UM) to get function pointers to the
newer APIs you want and can call them if present. Note that it is usually
better practice to check for the presence of the APIs themselves rather than
a specific OS version when deciding which logic to follow as APIs can be
(and in some cases have been) back ported to older OSes via service packs,
or removed from later OSes. The ones you statically link against will be
verified by the loader, but when you dynamically link, you should make sure
that you get valid function pointers for everything you need to call in a
certain path

“Woojung Huh” wrote in message news:xxxxx@ntdev…

Thanks Don & Phil.

First of all, I’m not using Win8 feature on Win7.

Driver goes different code path and uses different OS defined structure per
Window version.
For instance, Windows 8 WDK defined structure has more members in same
structure than Windows 7.
(I’m afraid that I may not be able to write details. Sorry about it.)
Driver will determine version of OS by API RtlIsNtDdiVersionAvailable() and
go different path.

My idea is building driver with Windows 8 WDK based on MSDN
(http://msdn.microsoft.com/en-us/library/windows/hardware/jj572863(v=vs.85).aspx
)
And, let it work on all version of OSes. Otherwise, I need to build two
separate drivers, Win7 and Win8.

As I wrote in 1st email, Boot Device driver built with Windows 8 WDK with
instruction in above link is working on Windows 7.
(It wasn’t working without changing link library.)
So, I was hopeful until getting error at ZwLoadDriver() to load another
kernel mode driver which is built with Windows 8 WDK with modification of
link library.

But, look like it is not possible at all.

Woojung

-----Original Message-----
From: xxxxx@lists.osr.com [mailto:bounce-511972-
xxxxx@lists.osr.com] On Behalf Of Don Burn
Sent: Wednesday, August 29, 2012 1:43 PM
To: Windows System Software Devs Interest List
Subject: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7 by
ZwLoadDriver

You can play games with MmGetSystemRoutineAddress but as Phil pointed
out you can’t use a Win8 only feature in Win7. Why would you have ever
thought you could?

Don Burn
Windows Filesystem and Driver Consulting
Website: http://www.windrvr.com
Blog: http://msmvps.com/blogs/WinDrvr

“Woojung Huh” wrote in message
> news:xxxxx@ntdev:
>
> > Thanks Don.
> >
> > OK. I missed this part. Sorry.
> > I need Win8 specific features and it should be compiled with Win8 target
> > to
> work on Windows 8.
> > That makes me build two (Win7 & Win8) drivers and want to avoid it.
> >
> > It doesn’t look there is silver bullet.
> >
> >
> > > -----Original Message-----
> > > From: xxxxx@lists.osr.com [mailto:bounce-511965-
> > > xxxxx@lists.osr.com] On Behalf Of Don Burn
> > > Sent: Wednesday, August 29, 2012 1:18 PM
> > > To: Windows System Software Devs Interest List
> > > Subject: RE:[ntdev] Re:Load Windows 8 driver on Windows 7 by
> > > ZwLoadDriver
> > >
> > > Build the driver for Win7 and it should work on Win8.
> > >
> > >
> > > Don Burn
> > > Windows Filesystem and Driver Consulting
> > > Website: http://www.windrvr.com
> > > Blog: http://msmvps.com/blogs/WinDrvr
> > >
> > >
> > >
> > >
> > > “Woojung Huh” wrote in message
> > > news:xxxxx@ntdev:
> > >
> > > > Thanks for all you replies.
> > > >
> > > > Here are working scenarios.
> > > > 1. Driver built with Win7 DDK works well with ZwLoadDriver() on
> Windows 7
> > > > 2. Driver built with Win7 target on VS + Win8 WDK works well with
> > > ZwLoadDriver() on Windows 7
> > > > 3. Driver built with Win8 target on VS + Win8 WDK works well with
> > > ZwLoadDriver() on Windows 8
> > > >
> > > > Now I’m trying to have a single binary to work on all OSes.
> > > >
> > > > And, by MSDN link I posted in original email, Changing to
> > > BufferOverFlowK.lib is option to run a driver on all version of
> > > Windows.
> > > > Am I missing something?
> > > >
> > > > Thanks again.
> > > > Woojung
> > > >
> > > > > -----Original Message-----
> > > > > From: xxxxx@lists.osr.com [mailto:bounce-511961-
> > > > > xxxxx@lists.osr.com] On Behalf Of Doron Holan
> > > > > Sent: Wednesday, August 29, 2012 12:58 PM
> > > > > To: Windows System Software Devs Interest List
> > > > > Subject: RE: Re:[ntdev] Load Windows 8 driver on Windows 7 by
> > > > > ZwLoadDriver
> > > > >
> > > > >
> > > > > What Os target did you build for? If you built for w8, it won’t
> > > > > load by
> > > default
> > > > > downlevel because you are linking against
> > > > > bufferoverflowfastfail.lib
> > > which
> > > > > requires win8 loader support for the security cookie to initialize
> > > > > d
> > > > >
> > > > >
> > > > > ________________________________________
> > > > > From: xxxxx@lists.osr.com [bounce-511958-
> > > > > xxxxx@lists.osr.com] on behalf of Don Burn [xxxxx@windrvr.com]
> > > > > Sent: Wednesday, August 29, 2012 9:39 AM
> > > > > To: Windows System Software Devs Interest List
> > > > > Subject: Re:[ntdev] Load Windows 8 driver on Windows 7 by
> > > ZwLoadDriver
> > > > >
> > > > > First, these drivers are built for Windows 7 right? Second is one
> > > > > of
> > > > > these a KMDF driver? In general ZwLoadDriver is not the way to
> > > > > load
> > > > > drivers (assuming you are calling it).
> > > > >
> > > > >
> > > > > Don Burn
> > > > > Windows Filesystem and Driver Consulting
> > > > > Website: http://www.windrvr.com
> > > > > Blog: http://msmvps.com/blogs/WinDrvr
> > > > >
> > > > >
> > > > > “Woojung Huh” wrote in message
> > > > > news:xxxxx@ntdev:
> > > > >
> > > > > > All,
> > > > > >
> > > > > > By MSDN (http://msdn.microsoft.com/en-
> > > > > us/library/windows/hardware/jj572863(v=vs.85).aspx), VS with Win8
> > > WDK
> > > > > can build the driver for all OSes.
> > > > > > With the guideline, I can load Win8-WDK-build BootDevice driver
> > > > > > on
> > > > > Windows 7.
> > > > > >
> > > > > > However, Windows7 fails to load another Win8-WDK-build kernel
> mode
> > > > > driver by ZwLoadDriver() API with error of 0xC0000263 (Driver
> > > > > Entry
> Point
> > > Not
> > > > > Found)
> > > > > > Error message tells there is version mismatch.
> > > > > >
> > > > > > I’d like to confirm that it is NOT possible or any mistake.
> > > > > >
> > > > > > Thanks in advance.
> > > > > > Woojung
> > > > >
> > > > >
> > > > > —
> > > > > NTDEV is sponsored by OSR
> > > > >
> > > > > For our schedule of WDF, WDM, debugging and other seminars visit:
> > > > > http://www.osr.com/seminars
> > > > >
> > > > > To unsubscribe, visit the List Server section of OSR Online at
> > > > > http://www.osronline.com/page.cfm?name=ListServer
> > > > >
> > > > >
> > > > >
> > > > > —
> > > > > NTDEV is sponsored by OSR
> > > > >
> > > > > For our schedule of WDF, WDM, debugging and other seminars visit:
> > > > > http://www.osr.com/seminars
> > > > >
> > > > > To unsubscribe, visit the List Server section of OSR Online at
> > > > > http://www.osronline.com/page.cfm?name=ListServer
> > >
> > >
> > > —
> > > NTDEV is sponsored by OSR
> > >
> > > For our schedule of WDF, WDM, debugging and other seminars visit:
> > > http://www.osr.com/seminars
> > >
> > > To unsubscribe, visit the List Server section of OSR Online at
> > > http://www.osronline.com/page.cfm?name=ListServer
>
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer

OK, I will trust you Thanks for the correction.

Michal

-----Original Message-----
From: xxxxx@lists.osr.com [mailto:bounce-511993-
xxxxx@lists.osr.com] On Behalf Of Doron Holan
Sent: Wednesday, August 29, 2012 11:16 PM
To: Windows System Software Devs Interest List
Subject: RE: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7 by
ZwLoadDriver

I was in exactly the same mental context. I could have sworn I saw this behavior
from Mm, but we went back and looked as far as win2k and it never looked at
the subsystem version when loading an image

d

-----Original Message-----
From: xxxxx@lists.osr.com [mailto:bounce-511992-
xxxxx@lists.osr.com] On Behalf Of Vodicka, Michal
Sent: Wednesday, August 29, 2012 2:01 PM
To: Windows System Software Devs Interest List
Subject: RE: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7 by
ZwLoadDriver

Strange. I’m almost sure that I had a problem with driver (not boot one) loading
just because of this. But maybe I don’t remember it correctly and it was a user
mode binary…

Michal

> -----Original Message-----
> From: xxxxx@lists.osr.com [mailto:bounce-511990-
> xxxxx@lists.osr.com] On Behalf Of Doron Holan
> Sent: Wednesday, August 29, 2012 10:31 PM
> To: Windows System Software Devs Interest List
> Subject: RE: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7 by
> ZwLoadDriver
>
> I had the same misconception until recently. Mm in kernel mode doesn’t
> look at the subsystem version in the PE header, so it doesn’t matter
> what the value is. You can build a driver with win8 as the os target
> and load it on win7 if everything aligns (note that you must probably
> do this aligning yourself). This is unlike user mode where the user
> mode loader will look at the subsystem version and fail versions that
> are newer than the OS
>
> -----Original Message-----
> From: xxxxx@lists.osr.com [mailto:bounce-511989-
> xxxxx@lists.osr.com] On Behalf Of Vodicka, Michal
> Sent: Wednesday, August 29, 2012 1:26 PM
> To: Windows System Software Devs Interest List
> Subject: RE: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7 by
> ZwLoadDriver
>
> No idea. Are you sure that the boot driver was built for Win8 target?
> You can check its PE header. I guess link with some parameters can
> display it or there are free PE viewers somewhere.
>
> Michal
>
> > -----Original Message-----
> > From: xxxxx@lists.osr.com [mailto:bounce-511988-
> > xxxxx@lists.osr.com] On Behalf Of Woojung Huh
> > Sent: Wednesday, August 29, 2012 10:21 PM
> > To: Windows System Software Devs Interest List
> > Subject: RE: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7 by
> > ZwLoadDriver
> >
> > Thanks Michal,
> > It explains.
> >
> > It is still confusing me that Windows 7 loaded Win8-WDK-Built
> > BootDevice driver.
> > Do you have any explanation about it?
> >
> > Is loading driver mechanism different from BootDevice and other
> > Kernel Device?
> >
> > Thanks again.
> > Woojung
> >
> > > -----Original Message-----
> > > From: xxxxx@lists.osr.com [mailto:bounce-511987-
> > > xxxxx@lists.osr.com] On Behalf Of Vodicka, Michal
> > > Sent: Wednesday, August 29, 2012 4:16 PM
> > > To: Windows System Software Devs Interest List
> > > Subject: RE: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7
> > > by ZwLoadDriver
> > >
> > > > -----Original Message-----
> > > > From: xxxxx@lists.osr.com [mailto:bounce-511974-
> > > > xxxxx@lists.osr.com] On Behalf Of Woojung Huh
> > > > Sent: Wednesday, August 29, 2012 8:06 PM
> > > > To: Windows System Software Devs Interest List
> > > > Subject: RE: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7
> > > > by ZwLoadDriver
> > > >
> > > > So, I was hopeful until getting error at ZwLoadDriver() to load
> > > > another
> > > kernel
> > > > mode driver which is built with Windows 8 WDK with modification
> > > > of link library.
> > >
> > > It doesn’t work because there is minimal NT version in PE header
> > > and it is set to Win8 if you use Win8 target. OS simply checks
> > > this field and if higher than its version, it refuses to load the executable.
> > >
> > > Built with the lowest target you need and everything else has to
> > > be done manually. Is it possible, I have driver build for XP which
> > > uses
> > > Win7 and Win8 features.
> > >
> > > Michal
> > >
> > > NOTE: The information in this message is intended for the personal
> > > and confidential use of the designated recipient(s) named above.
> > > To the extent the recipient(s) is/are bound by a non-disclosure
> > > agreement, or other agreement that contains an obligation of
> > > confidentiality, with AuthenTec, then this message and/or any
> > > attachments shall be considered confidential information and
> > > subject to the confidentiality terms of that agreement. If the
> > > reader of this message is not the intended recipient named above,
> > > you are notified that you have received this document in error,
> > > and any review, dissemination, distribution or copying of this
> > > message is strictly prohibited. If you have received this document
> > > in error, please
> delete the original message and notify the sender immediately.
> > > Thank You!
> > > AuthenTec, Inc. http://www.authentec.com/
> > >
> > > —
> > > NTDEV is sponsored by OSR
> > >
> > > For our schedule of WDF, WDM, debugging and other seminars visit:
> > > http://www.osr.com/seminars
> > >
> > > To unsubscribe, visit the List Server section of OSR Online at
> > > http://www.osronline.com/page.cfm?name=ListServer
> >
> > —
> > NTDEV is sponsored by OSR
> >
> > For our schedule of WDF, WDM, debugging and other seminars visit:
> > http://www.osr.com/seminars
> >
> > To unsubscribe, visit the List Server section of OSR Online at
> > http://www.osronline.com/page.cfm?name=ListServer
>
> NOTE: The information in this message is intended for the personal and
> confidential use of the designated recipient(s) named above. To the
> extent the
> recipient(s) is/are bound by a non-disclosure agreement, or other
> agreement that contains an obligation of confidentiality, with
> AuthenTec, then this message and/or any attachments shall be
> considered confidential information and subject to the confidentiality
> terms of that agreement. If the reader of this message is not the
> intended recipient named above, you are notified that you have
> received this document in error, and any review, dissemination,
> distribution or copying of this message is strictly prohibited. If you
> have received this document in error, please delete the original message and
notify the sender immediately.
> Thank You!
> AuthenTec, Inc. http://www.authentec.com/
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
>
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer

NOTE: The information in this message is intended for the personal and
confidential use of the designated recipient(s) named above. To the extent the
recipient(s) is/are bound by a non-disclosure agreement, or other agreement
that contains an obligation of confidentiality, with AuthenTec, then this
message and/or any attachments shall be considered confidential information
and subject to the confidentiality terms of that agreement. If the reader of this
message is not the intended recipient named above, you are notified that you
have received this document in error, and any review, dissemination,
distribution or copying of this message is strictly prohibited. If you have
received this document in error, please delete the original message and notify
the sender immediately.
Thank You!
AuthenTec, Inc. http://www.authentec.com/

---

NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer

---

NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer

NOTE: The information in this message is intended for the personal and confidential use of the designated recipient(s) named above. To the extent the recipient(s) is/are bound by a non-disclosure agreement, or other agreement that contains an obligation of confidentiality, with AuthenTec, then this message and/or any attachments shall be considered confidential information and subject to the confidentiality terms of that agreement. If the reader of this message is not the intended recipient named above, you are notified that you have received this document in error, and any review, dissemination, distribution or copying of this message is strictly prohibited. If you have received this document in error, please delete the original message and notify the sender immediately.
Thank You!
AuthenTec, Inc. http://www.authentec.com/