0

I want call an exe with 2 parameters from a kernel mode driver and get back boolean (0 or 1 )result in the driver .

How to do it ?

harshit
  • 183
  • 2
  • 16
  • Why do you want to do this? If we had more context on what you're trying to achieve, it might be easier to give more constructive guidance. As it is, the answer to your question is "you can't", which isn't very helpful. – Stewart Jun 25 '12 at 14:04
  • @Stewart -- i have written a driver .. which has extracted a value from IRP buffer . now based on this keyword i have to pass o fail the irp ..... so i need to communicate with the database which is not easy from kernel mode driver............. so i am using an application or exe for doing this which will result in true or false based on which i will pass or fail the irp ...... so the linking bw the driver and the application is there to do now ............. – harshit Jun 26 '12 at 05:06

3 Answers3

0

You can't really start a user mode process from minifilter or any other kernel driver. You may want to rethink about your design.

This thread may help you: how to create a process which will run in kernel level in windows?

Community
  • 1
  • 1
Rohan
  • 52,392
  • 12
  • 90
  • 87
0

To the best of my knowledge only user mode processes typically start processes. There is only one time I can think of when the Windows kernel actually starts a process entirely from kernel mode without the help of a user mode process and that is when it starts SMSS during early boot, but SMSS must be considered to be special in this context because it does not run in the context of any particular subsystem. Once CSRSS is running, all processes are started with the cooperation of a user mode process. Starting a process from kernel mode would bypass win32 and CSRSS in user mode, which would make it very unlikely that process could do anything useful. Even if it could be done, since it isn't something the kernel does by itself more than once, it seems unlikely that it would be easy to do or documented.

Stewart
  • 3,978
  • 17
  • 20
0

kernel mode - user mode communication are maintained in another way. Basically in minifilters you must use this framework for communication - FltCreateCommunicationPort/FltSendMessage/etc read this materials http://download.microsoft.com/download/e/b/a/eba1050f-a31d-436b-9281-92cdfeae4b45/filterdriverdeveloperguide.doc (chapter about communication)

and

http://download.microsoft.com/download/f/0/5/f05a42ce-575b-4c60-82d6-208d3754b2d6/messagesupport.ppt

Evgenii Gostiukhin
  • 970
  • 4
  • 8