1

The problem is actually quite simple to formulate: I need to know current CPU and memory consumption of the whole system from kernel-mode driver under Windows. Of course, I have watched related question and tried this code. Results are not good: environment of Visual Studio 2013 for developing drivers does not know any headers from mentioned samples. E.g.:

#include "windows.h"

MEMORYSTATUSEX memInfo;
memInfo.dwLength = sizeof(MEMORYSTATUSEX);
GlobalMemoryStatusEx(&memInfo);
DWORDLONG totalVirtualMem = memInfo.ullTotalPageFile;

The code above is not compiling. I carefully examined almost all "Kernel-Mode Driver Reference" in MSDN searching for similar functions and did not succeed.

So, does anyone know how to get same information from kernel-mode driver under Windows?

Or this is impossible? (This is quite strange, if true.)

Community
  • 1
  • 1
grekhss
  • 165
  • 1
  • 11
  • 1
    You cannot use Win32 API in kernel mode. You have to use kernel API functions. Check WDK documentation. – Gonmator May 20 '14 at 12:09
  • 2
    The *documented* WDK functions focus on things that drivers should do. Which is *not* creating an operating system inside an operating system. NtQueryInformation() perhaps, it is undocumented and likely to be different across different Windows versions. – Hans Passant May 20 '14 at 12:16
  • It finally appeared that implementing service process in userspace is the easiest solution: it periodically provides driver data about CPU and memory consumption. – grekhss May 22 '14 at 11:30

1 Answers1

1

Those APIs aren't available to drivers, so it's not surprising that your attempt didn't build.

Memory management in kernel mode drivers is a lot more complicated than in user-mode applications. You should investigate pool tracking to see if there's a way to use the that to give you the info you want.

Michael Kohne
  • 11,888
  • 3
  • 47
  • 79