Driver Logo
Avice Michonski
We know what it takes to end drunk driving, fight drugged driving and educate the next generation of drivers. But we still need help to reach the day that no one experiences a broken heart due to impaired driving.
Microsoft is committed to mitigating the attack surface for the Windows operating system, and ensuring that third party drivers meet a strong security bar is critical to accomplishing that goal. One step in setting this security bar is by adding a new requirement to the Windows Hardware Compatibility Program (WHCP) which states that all driver submissions must use the CodeQL engine on driver source code and fix any violations that are deemed "Must-Fix".
CodeQL, by GitHub, is a powerful semantic code analysis engine, and the combination of an extensive suite of high-value security queries along with a robust platform make it an invaluable tool for securing driver code.
Usage of CodeQL for the purpose of WHCP testing is acceptable under the Hardware Lab Kit (HLK) End User License Agreement. For WHCP participants, the HLK's EULA overwrites GitHub's CodeQL Terms and Conditions by stating that CodeQL can be used during automated analysis, CI or CD, as part of normal engineering processes for the purposes of analyzing drivers to be submitted and certified as part of the WHCP.
[NOTE] Usage of CodeQL for the purpose of certifying for the Windows Hardware Compatibility Program testing is acceptable under the Hardware Lab Kit (HLK) End User License Agreement. For WHCP participants, the HLK's EULA overwrites GitHub's CodeQL Terms and Conditions. The HLK EULA states that CodeQL can be used during automated analysis, CI or CD, as part of normal engineering processes for the purposes of analyzing drivers to be submitted and certified as part of the Windows Hardware Compatibility Program. For those following along for general use, please read the GitHub CodeQL Terms and Conditions and/or contact CodeQL.
CodeQL is a static analysis engine used by developers to perform security analysis on code outside of a live environment. CodeQL ingests code while it is compiling, and builds a database from it. The database becomes a directory containing queryable data, a source reference, and log files. Once the database is built, one can run analysis on it by utilizing CodeQL queries (also called checks or rules) which will determine if the source code contains violations or security vulnerabilities. CodeQL provides a library of standard queries which check for language correctness, symantics, and provides great value to developers who wish to ensure their code is free of bugs and vulnerabilities. CodeQL also provides the option to build custom queries, which is what the Windows Driver Developer Supplemental Repository contains: several suites of queries which are specific to driver code and are used in the WHCP program. CodeQL also provides a CodeQL command line tool (CLI) to easily perform CodeQL actions and/or perform large scale analysis.
Refer to the tables above to select which version of CodeQL CLI to use in accordance with the desired branch of Microsoft's driver queries; if you are performing analysis as part of the WHCP program, please refer to the table For Windows Hardware Compatibility Program Use otherwise use Main branch and CodeQL CLI v2.6.3. Using a different version may result in a database incompatible with these libraries.
[NOTE] This section is under maintenance as we upgrade the version of CodeQL the Windows Driver Developer Supplemental Tools repository is compatible with. We will be utilizing the new functionality of CodeQL packs which will change the method for downloading and installing this repository. We appreciate your patience if there are issues with the install, please reach out to us if you are having trouble: stlog...@microsoft.com.
[NOTE] Queries are classified using statuses such as "error" "warning" and "problem" but this classification is separate from how the Windows Hardware Compatibility Program and specifically the Static Tools Logo Test will grade the results. Any driver with defects from any query within the "Must-Fix" suite will not pass the Static Tools Logo Test and will fail to be certified, regardless of the query classification in the raw query file (ex. "warning").
The Static Tools Logo Test parses a Driver Verification Log (DVL) which is the compiled results from several static analysis engines which have run on the driver source code. There are three ways to convert your SARIF file to DVL format, select the one that best fits your setup.
In the driver project, navigate to project properties. In the Configuration pull down, select the build configuration that you wish to check with CodeQL, we recommend "Release. Creating the CodeQL database and running the queries takes a few minutes, so we don't recommend you run CodeQL on the Debug configuration of your project.
As part of the Microsoft CodeQL GitHub repository, we provide two query suites to simplify the end-to-end driver developer workflow. The windows_driver_recommended.qls query suite is a superset of all the queries Microsoft has deemed valuable for driver developers. The windows_driver_mustfix.qls query suite contains queries deemed "Must-Fix" for WHCP certification. Both the Mist-Fix and Recommended query suites are updated regularly.
These queries are part of the windows_driver_recommended.qls query suite in the Microsoft GitHub CodeQL repository. The "Common Weakness Enumeration" (CWE) column specifies what kinds of security issues the given query searches for. See Mitre's page on CWE for more details around CWEs.
Usage of CodeQL for the purpose of WHCP testing is acceptable under the Hardware Lab Kit (HLK) End User License Agreement. For WHCP participants, the HLK's EULA overwrites GitHub's CodeQL Terms and Conditions. The HLK EULA states that CodeQL can be used during automated analysis, CI or CD, as part of normal engineering processes for the purposes of analyzing drivers to be submitted and certified as part of the WHCP.
Every CodeQL query has varying levels of precision. Our goal is to minimize false positives, but occasionally they will occur. Our suite of "Must-Fix" queries have been developed and hand-picked for use with the WHCP program because our extensive testing results in nearly 0 false positives. If you are seeing false positives from a query in the set of "Must-Fix" queries, please email stlog...@microsoft.com immediately and we will work to get it resolved as soon as possible.
Queries are classified using statuses such as "error" "warning" and "problem" in CodeQL but this classification is separate from how the Windows Hardware Compatibility Program and specifically the Static Tools Logo Test will grade the results. Any driver with defects from any query within the "Must-Fix" suite will not pass the Static Tools Logo Test and will fail to be certified, regardless of the query classification in the raw query file (ex. "warning").
As part of the Windows Driver Kit (WDK) and Enterprise WDK (eWDK), Microsoft ships a component called dvl.exe which can be used to generate Driver Verification Logs (DVLs). Starting in WDK/eWDK preview versions 21342 and above, it is possible to generate a DVL from the command line outside of the context of msbuild or Visual Studio by passing a driver name and architecture. See Creating a Driver Verification Log for more details.
School districts across New York State are in urgent need of school bus drivers. Enjoy a rewarding career while meeting an important need in your community. Learn how you can help and start your career as a school bus driver.
Checkpoint locations are selected based on a history of DUI crashes and arrests. The primary purpose of checkpoints is not to make arrests, but to promote public safety by deterring drivers from driving impaired. During the checkpoint, officers will look for signs that drivers are under the influence of alcohol and/or drugs.
We had this issue with EVERY driver we installed on one of our models. Turns out, when whoever installed SP3 on this particular model PC, it became corrupt. So we had countless machines with corrupt SP3 installations. A simple reinstall of SP3 corrects the problem.
Our DisplayLink technology makes it simple to connect any display to any computer that supports USB or Wi-Fi and provides universal solutions for a range of corporate, home and embedded applications where easy connectivity of displays enhances productivity. With DisplayLink, expanding your visual workspace has never been easier or more affordable. Our technology makes it really easy to connect any display to any computer. We call this Plug and Display. Look for the DisplayLink certified Plug and Display logo on your favorite docking station.
df19127ead