I read here that the inverse is possible, but how does one achieve such a thing? I'd hope there's a simple way, similar to calling from a loaded DLL, but my google research comes up with nothing. My only other thought is that one could pass some predefined constants through WriteFile or DeviceIoControl that the driver parses like a switch statement to execute the relevant function; does a more direct method exist?
Is it possible to call functions from a kernel mode driver in a user mode application on Windows?
1.8k Views Asked by FShrike At
1
There are 1 best solutions below
Related Questions in WINAPI
- How to immediately apply DISPLAYCONFIG_SCALING display scaling mode with SetDisplayConfig and DISPLAYCONFIG_PATH_TARGET_INFO
- Changing the theme of a #32768 (menu) window class at runtime
- Issue with GetOpenFileName while debugging
- How to populate a ListBox with SendMessage?
- Is there a function to end a child process?
- HDR video publishing
- Frameless Qt + WinAPI maximized window size is bigger than the availableGeometry()
- Mount .iso file with python
- What is Win32 x86-64 CONTEXT::VectorRegister for?
- WinAPI - right mouse drag & drop and IContextMenu
- Win32 per-filesystem cache tuning?
- Client connection timeout during Android & Windows PC communication via sockets
- MessageBoxEx sometimes shows as hollow window, border only, and only on Windows 11
- Win32api send message and Pydirectinput and Powertoy (Keyboard Manager ) Not working when open the application
- Would it be possible to run an application right after csrss.exe loads? (Windows)
Related Questions in DRIVER
- How to setup SLI on two GTX 560Ti's
- How can I set an uncommon screen resolution on GNU/Linux with an Arc 380 GPU and X11?
- Bluetooth Driver file corrupt or replaced
- Simba Driver Upgrade on Windows
- OpcUA The user identity token is not valid
- RPi Linux Audio driver for 8 channels Codec
- ORA-61754: Using JSON type collections on Oracle Database release 23c or later requires a SODA driver for Oracle Database release 23c or later
- create_ap wlan0: Could not connect to kernel driver
- How to fix Linux CMA on x86 with internal graphic card i915/hda_intel ioremap error?
- How to enable Swap APO in SYSVAD sample driver without enhancement tab in windows 11?
- RT linux isr routine
- I sent a bundle of data by using bulkTransfer, but received data in pieces
- Trying to do sudo make for linux driver
- Erreur "java.lang.ClassNotFoundException: org.postgresql.Driver"
- In Windows 10/11 is there a way to script a device to use a specific driver, even if its not marked as compatible?
Related Questions in NT-NATIVE-API
- How can I convert a native (NT) registry key name into a Win32 name?
- How to apply restrictions like set a timelimit for another apps, block certain URLs from my devlopment app in mobile devices?
- TerminateProcess with GetCurrentProcess() handle and with GetCurrentProcessId() handle
- Why are ZwQuerySystemInformation results delayed?
- How to open a process by name with NtOpenProcess
- NtQueryObject returns wrong insufficient required size via WOW64, why?
- NtOpenSymbolicLinkObject doesn't succeed to get symbolic link handle
- Close file handle of process from kernelmode driver on Windows
- Is there an easy way to call native NT API?
- How to fix exit code 0xc0000005 (STATUS_ACCESS_VIOLATION) on NtAllocateVirtualMemory?
- Running programs using RtlCreateUserProcess only works occasionally
- NtQueryInformationFile(FileBothDirectoryInformation) intermittently reports non-zero size (EndOfFile/AllocationSize) for certain subdirectories
- Is it possible to call functions from a kernel mode driver in a user mode application on Windows?
- Custom software driver communication with user client on Windows
- What does MmMapLockedPages do in UserMode?
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
The question is why would you want to do it? Generally if you have to rely on some mechanism like this, you need to revisit the design of the application/driver that you are writing.
The correct way to do something in context of your user mode application is exactly what you described. You can do a DeviceIoControl call to your driver and the driver validates all the parameters that you have passed, then carries out the operation on behalf of the user mode call.
If for some reason, you need to call into kernel directly, you will have to resort to undocumented methods. There are ways to hook into kernel dispatch table and overwrite one of the dispatch handler to redirect the call to your function. But I hope you never ever ship anything like this to your customer. This is good for learning how the dispatch table works, etc but introduces several security nightmares. Ultimately your software should not be responsible for someone's machine getting hacked.