I was in exactly the same mental context. I could have sworn I saw this behavior from Mm, but we went back and looked as far as win2k and it never looked at the subsystem version when loading an image
d
-----Original Message-----
From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Vodicka, Michal
Sent: Wednesday, August 29, 2012 2:01 PM
To: Windows System Software Devs Interest List
Subject: RE: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7 by ZwLoadDriver
Strange. I’m almost sure that I had a problem with driver (not boot one) loading just because of this. But maybe I don’t remember it correctly and it was a user mode binary…
Michal
-----Original Message-----
From: xxxxx@lists.osr.com [mailto:bounce-511990-
xxxxx@lists.osr.com] On Behalf Of Doron Holan
Sent: Wednesday, August 29, 2012 10:31 PM
To: Windows System Software Devs Interest List
Subject: RE: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7 by
ZwLoadDriver
I had the same misconception until recently. Mm in kernel mode doesn’t
look at the subsystem version in the PE header, so it doesn’t matter
what the value is. You can build a driver with win8 as the os target
and load it on win7 if everything aligns (note that you must probably
do this aligning yourself). This is unlike user mode where the user
mode loader will look at the subsystem version and fail versions that
are newer than the OS
-----Original Message-----
From: xxxxx@lists.osr.com [mailto:bounce-511989-
xxxxx@lists.osr.com] On Behalf Of Vodicka, Michal
Sent: Wednesday, August 29, 2012 1:26 PM
To: Windows System Software Devs Interest List
Subject: RE: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7 by
ZwLoadDriver
No idea. Are you sure that the boot driver was built for Win8 target?
You can check its PE header. I guess link with some parameters can
display it or there are free PE viewers somewhere.
Michal
> -----Original Message-----
> From: xxxxx@lists.osr.com [mailto:bounce-511988-
> xxxxx@lists.osr.com] On Behalf Of Woojung Huh
> Sent: Wednesday, August 29, 2012 10:21 PM
> To: Windows System Software Devs Interest List
> Subject: RE: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7 by
> ZwLoadDriver
>
> Thanks Michal,
> It explains.
>
> It is still confusing me that Windows 7 loaded Win8-WDK-Built
> BootDevice driver.
> Do you have any explanation about it?
>
> Is loading driver mechanism different from BootDevice and other
> Kernel Device?
>
> Thanks again.
> Woojung
>
> > -----Original Message-----
> > From: xxxxx@lists.osr.com [mailto:bounce-511987-
> > xxxxx@lists.osr.com] On Behalf Of Vodicka, Michal
> > Sent: Wednesday, August 29, 2012 4:16 PM
> > To: Windows System Software Devs Interest List
> > Subject: RE: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7
> > by ZwLoadDriver
> >
> > > -----Original Message-----
> > > From: xxxxx@lists.osr.com [mailto:bounce-511974-
> > > xxxxx@lists.osr.com] On Behalf Of Woojung Huh
> > > Sent: Wednesday, August 29, 2012 8:06 PM
> > > To: Windows System Software Devs Interest List
> > > Subject: RE: RE:[ntdev] RE:Re:Load Windows 8 driver on Windows 7
> > > by ZwLoadDriver
> > >
> > > So, I was hopeful until getting error at ZwLoadDriver() to load
> > > another
> > kernel
> > > mode driver which is built with Windows 8 WDK with modification
> > > of link library.
> >
> > It doesn’t work because there is minimal NT version in PE header
> > and it is set to Win8 if you use Win8 target. OS simply checks
> > this field and if higher than its version, it refuses to load the executable.
> >
> > Built with the lowest target you need and everything else has to
> > be done manually. Is it possible, I have driver build for XP which
> > uses
> > Win7 and Win8 features.
> >
> > Michal
> >
> > NOTE: The information in this message is intended for the personal
> > and confidential use of the designated recipient(s) named above.
> > To the extent the recipient(s) is/are bound by a non-disclosure
> > agreement, or other agreement that contains an obligation of
> > confidentiality, with AuthenTec, then this message and/or any
> > attachments shall be considered confidential information and
> > subject to the confidentiality terms of that agreement. If the
> > reader of this message is not the intended recipient named above,
> > you are notified that you have received this document in error,
> > and any review, dissemination, distribution or copying of this
> > message is strictly prohibited. If you have received this document
> > in error, please
delete the original message and notify the sender immediately.
> > Thank You!
> > AuthenTec, Inc. http://www.authentec.com/
> >
> > —
> > NTDEV is sponsored by OSR
> >
> > For our schedule of WDF, WDM, debugging and other seminars visit:
> > http://www.osr.com/seminars
> >
> > To unsubscribe, visit the List Server section of OSR Online at
> > http://www.osronline.com/page.cfm?name=ListServer
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
NOTE: The information in this message is intended for the personal and
confidential use of the designated recipient(s) named above. To the
extent the
recipient(s) is/are bound by a non-disclosure agreement, or other
agreement that contains an obligation of confidentiality, with
AuthenTec, then this message and/or any attachments shall be
considered confidential information and subject to the confidentiality
terms of that agreement. If the reader of this message is not the
intended recipient named above, you are notified that you have
received this document in error, and any review, dissemination,
distribution or copying of this message is strictly prohibited. If you
have received this document in error, please delete the original message and notify the sender immediately.
Thank You!
AuthenTec, Inc. http://www.authentec.com/
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
NOTE: The information in this message is intended for the personal and confidential use of the designated recipient(s) named above. To the extent the recipient(s) is/are bound by a non-disclosure agreement, or other agreement that contains an obligation of confidentiality, with AuthenTec, then this message and/or any attachments shall be considered confidential information and subject to the confidentiality terms of that agreement. If the reader of this message is not the intended recipient named above, you are notified that you have received this document in error, and any review, dissemination, distribution or copying of this message is strictly prohibited. If you have received this document in error, please delete the original message and notify the sender immediately.
Thank You!
AuthenTec, Inc. http://www.authentec.com/
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer