Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

modprobe for Windows?

1,292 views
Skip to first unread message

Markus Flachs

unread,
Apr 20, 2007, 10:34:02 AM4/20/07
to
Hi!

I'd like to know if there exists some (command line) tool that can be used
to manually load kernel mode dlls (i.e. an export driver) into memory.

Background: I'm developing a highly modular system that is composed of up to
100 small components. Every module encapsulates some functionality and is
implemented as an export driver. Additionally they should be loaded and
unloaded at runtime to be able to reconfigure the system dynamically.

I know that I could install every module as a seperate service and then
start and stop it with "net start/stop <name>", but because of the huge
number of modules, I don't want to install and maintain a service for every
module.

Basically it would be perfect, if there would exist some kind of
"Linux-modprobe" for Windows that can load a driver from a given sys-file.
Does anyone know such a tool or can anyone give me a hint how to do it in
another way?

Thanks in advance

Don Burn

unread,
Apr 20, 2007, 10:48:04 AM4/20/07
to
Why in the world would you have a 100 kernel mode DLL's since you can only
reference them by linking it all together anyway? There is no kernel mode
equivalent of GetProcAddress so this seems like a very strange and poor
design.


--
Don Burn (MVP, Windows DDK)
Windows 2k/XP/2k3 Filesystem and Driver Consulting
Website: http://www.windrvr.com
Blog: http://msmvps.com/blogs/WinDrvr
Remove StopSpam to reply

"Markus Flachs" <n...@spam.com> wrote in message
news:A818FEA4-5B2C-46DC...@microsoft.com...

Doron Holan [MS]

unread,
Apr 20, 2007, 11:35:59 AM4/20/07
to
to further emphasize what don said, no such facility exists to dynamically
load/unload export drivers without some other driver explicitly referencing
the export driver. If there were such functionality, you would have unload
all drivers which reference the export driver to make sure there are no
dangling references to now unloaded code. 100 drivers is a very unmanagable
design, not to mention the memory and resource hit that would come from
loading them

d

--
Please do not send e-mail directly to this alias. this alias is for
newsgroup purposes only.
This posting is provided "AS IS" with no warranties, and confers no rights.


"Don Burn" <bu...@stopspam.windrvr.com> wrote in message
news:undF4s1g...@TK2MSFTNGP03.phx.gbl...

Markus Flachs

unread,
Apr 20, 2007, 1:56:05 PM4/20/07
to
Thanks for the replies!

I know that this design is not very efficient, but it is part of a research
project and it will never be part of a production system. Therefore memory or
performance is not an issue. It is solely about the modular design.

Just to clarify your answers: There is no way to load a pure export driver
(i.e. a simple kernel mode dll) and to call its DllInitialize function
without (statically) linking it to some other driver that explicitly
references this export driver?

Thanks for your answers.

Doron Holan [MS]

unread,
Apr 20, 2007, 11:11:50 PM4/20/07
to
correct, there is no way

d

--
Please do not send e-mail directly to this alias. this alias is for
newsgroup purposes only.
This posting is provided "AS IS" with no warranties, and confers no rights.

"Markus Flachs" <n...@spam.com> wrote in message

news:998C8CE5-D7CE-44F3...@microsoft.com...

Daniel Terhell

unread,
Apr 21, 2007, 10:45:35 AM4/21/07
to
You can dynamically load a driver using ZwLoadDriver, its DriverEntry
routine will be automatically called.

/Daniel


"Markus Flachs" <n...@spam.com> wrote in message

news:998C8CE5-D7CE-44F3...@microsoft.com...

Don Burn

unread,
Apr 21, 2007, 11:01:50 AM4/21/07
to

"Daniel Terhell" <dan...@resplendence.com> wrote in message
news:eT5MOPCh...@TK2MSFTNGP02.phx.gbl...

> You can dynamically load a driver using ZwLoadDriver, its DriverEntry
> routine will be automatically called.
>
> /Daniel
>
But that will not initailize a kernel mode DLL. Worse yet there is no
blessed solution for GetProcAddress or for handling unload being sure there
are no references. The OP says this is for research only, but it is
obviously a Linux design. I hope if it is research that it will not be
another of the stupid papers that goes "I took this package from Linux and
ported it to Windows where it performed poorly, this proves Linux is a
superior OS". I have seen to many of these from respected universities
lately.

Doron Holan [MS]

unread,
Apr 22, 2007, 3:11:30 AM4/22/07
to
ZwLoadDriver (and its counterpart ZwUnloadDriver) do not to reference
counting in terms of other calls to ZwLoadDriver for the same image. This
means that if driver one calls ZwLoadDriver (to load driver 2), driver 3 can
unload driver 2 while driver 1 is using it ... and then you crash.

d

--
Please do not send e-mail directly to this alias. this alias is for
newsgroup purposes only.
This posting is provided "AS IS" with no warranties, and confers no rights.

"Daniel Terhell" <dan...@resplendence.com> wrote in message
news:eT5MOPCh...@TK2MSFTNGP02.phx.gbl...

Markus Flachs

unread,
Apr 22, 2007, 6:10:03 AM4/22/07
to
Thank you all for explaining the problems with this approach to me. I think
it is time for some major redesign.

Markus

0 new messages