Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

API of system/iosubsys/esdi_506.pdr

0 views
Skip to first unread message

Marc

unread,
Apr 4, 2001, 11:06:12 AM4/4/01
to

I am developping a harddisk encryption program for Windows PCs. It
consists of two parts. One is a 16bit real mode BIOS patch that
enables the computer to boot from the encrypted harddrive. This
part is almost finished.

Windows however falls back into 16bit compatibility mode and refuses
to install the 32bit IDE drivers, even though not all drives are
encrypted (CDROM / CDWriters for example). Of course, Windows does
not know which units can be handled by its 32bit driver and which
can not.

Question A: Is there a way to explain IOS.vxd that although C:\IO.SYS
detected a BIOS INT13h patch at boot time (-> MBR), it is OK to mount
esdi_506.pdr for some units?

I can think of something along the lines of adding "mbrint13.sys" to
ios.ini and faking other TSRs (which?) installation check to trick
Windows into thinking that _some_ units are safe while others are not..

Can you fill the details?


Question B: what structure / API has esdi_506.pdr? Is there documentation
on .pdr files? I guess "pdr" could mean "port driver" or something similar.
I own IDAPro and, although I am not experienced programming Windows, I might
give it a try and disassemble the 32bit driver and attempt to patch in
hooks for the encryption.

I need to know more about .pdr files though before this has any chance of
success.

Thanks in advance for your attention.

Marc.


PS: If you're interested in beta-testing the 16bit version of my
encryption program (encrypts C: drive with swapfile and temp folders)
drop me an email. You have to install real mode drivers for your
CDROM though.

Lewin A.R.W. Edwards

unread,
Apr 9, 2001, 10:22:16 PM4/9/01
to
> Windows however falls back into 16bit compatibility mode and refuses
> to install the 32bit IDE drivers, even though not all drives are
> Question A: Is there a way to explain IOS.vxd that although C:\IO.SYS
> detected a BIOS INT13h patch at boot time (-> MBR), it is OK to mount
> esdi_506.pdr for some units?
> I can think of something along the lines of adding "mbrint13.sys" to
> ios.ini and faking other TSRs (which?) installation check to trick

The mbrint13.sys trick only works if a later safety test also passes
(Windows tries to read the hard disk through int13h real mode and also
through hardware. If the results are different it won't load the
protected-mode driver). The only way to get this working properly is to
write a protect-mode driver that will do the encryption for you, and hand
off during boot.

> Question B: what structure / API has esdi_506.pdr? Is there
documentation
> on .pdr files? I guess "pdr" could mean "port driver" or something
similar.

It's a miniport driver. You need the Windows 9x DDK to develop this further.
And this technology will not be portable to NT, so it is of limited
lifespan.

--
-- Lewin A.R.W. Edwards
Personal: http://www.larwe.com/ & http://www.zws.com/

0 new messages