Update examples

Update configuration and turn off Spectre nonsense.
nil-ref · Apr 14, 2021 · 5e68087 · 5e68087
1 parent 3950888
commit 5e68087
Show file tree

Hide file tree

Showing 8 changed files with 94 additions and 54 deletions.
diff --git a/Bin/dummy.sys b/Bin/dummy.sys
diff --git a/Bin/dummy2.sys b/Bin/dummy2.sys
diff --git a/KDU.sha256 b/KDU.sha256
@@ -1,29 +1,29 @@
-6ce17d185826dc452c50b1908315ff151cd57319f11ab6eb337dbe180f111fd4 *Bin\dummy.sys
-eefc8b804938fa0976416ae18efa0e30e67b537e7ce50d94dba7022971d17f19 *Bin\dummy2.sys
+293cb9a86a3f89e377ef5c6716d70bbdfd9c57ff0a07d484bd8abc1f521e70cc *Bin\dummy.sys
+82370b38b940f98013a6506a82c35913ec810f312d93b93b5406f3caf07bda9f *Bin\dummy2.sys
 59820ce4905819c5be34e863f8301c052fac0d25dfcaa0f0cde1309ca44aced2 *Bin\kdu.exe
 d1de3738065ee9682af1efa91a14addcf50bfc5828cf78efd7b5182a714fcdfd *Bin\license.txt
 323d910f93683453d45239a0528d3c3cda7f2608fca864fd2a687184ffe129fe *Help\kdu1.png
 a1d7a51549914833a3414a93646952c25deabe072d8a271b54e10727f923b479 *Help\kdu2.png
 d2c38793dc0a55da29fd8336f397b9a9374690747d0d210d453f32c42cad9d84 *Help\kdu3.png
 41780c2b6c09c17117d168285703370543858324416bb24c29be366277196d1e *Help\kdu4.png
 98a5d939d5142b0e38172fe4756b98410cc53baaf649284e171e4db5eba1c9f6 *Source\KDU.sln
-9dfedec619c677089b2722762156f0751a2dffa0dc84b5666e5955fe6e27a63c *Source\Examples\BadRkDemo\main.c
+3e186d6b54256d7fae766b447be6d3997d2395374262da45189174596afe070a *Source\Examples\BadRkDemo\main.c
 025318c76a2e7e6d4bd8e777aedcb1763e249bc9063b3be89b6d5175740190df *Source\Examples\BadRkDemo\main.h
 b9a5697d15139e88b0c026fc8a5a8d7f9f880c93242ac3ec74ba688bbecb584e *Source\Examples\BadRkDemo\pgdemo.inf
 e90aca966ccb1efc1fec01dcb6199ee09cc439f39f07756a804b94b9b35620a8 *Source\Examples\BadRkDemo\pgdemo.sln
 05157daf616f7cd950ab168f4cba0c34eb7eb0c618e633ff88462a452e9c3a7e *Source\Examples\BadRkDemo\pgdemo.vcxproj
 86d1754e72e5a6d8a0a9052397052bd737b23491141122776b52287cd5ba4ca6 *Source\Examples\BadRkDemo\pgdemo.vcxproj.filters
 d0f1a6d6bb561abd2f989e4edfc6471dceab99c90b2e746bff9e194feff7203e *Source\Examples\BadRkDemo\pgdemo.vcxproj.user
 14eec2753d0e9b432c54c4a70fc59e3be75674313b6308a7a820e6682f775eb9 *Source\Examples\DummyDrv\dummy.sln
-e2575539ea5bd87a3a8316c28d6880e13ac0c284ce4bc98486a5a87e7f108bcd *Source\Examples\DummyDrv\dummy\dummy.vcxproj
+e990382856e2c6d15afbdc0714f0c06edc7cdc7b421c82d574eb3a662a37a162 *Source\Examples\DummyDrv\dummy\dummy.vcxproj
 2d469aafdb7e37a2d58d4e7875abbfd27599762333cba8e28376c16fa7446e9c *Source\Examples\DummyDrv\dummy\dummy.vcxproj.filters
 d45cf40c855a135898e4b35d0b5b2d00e3ad251a97d3f47990248116f22ff45e *Source\Examples\DummyDrv\dummy\dummy.vcxproj.user
-78ae87ff6fb04598b6bfc9dfe3a8fe7049d043fb6980ff666007f97eb8282dde *Source\Examples\DummyDrv\dummy\main.c
+cf6fb733bf24e69979280d6ab2c188d5cec00d76038aab977cdfe95f605e47d6 *Source\Examples\DummyDrv\dummy\main.c
 14eec2753d0e9b432c54c4a70fc59e3be75674313b6308a7a820e6682f775eb9 *Source\Examples\DummyDrv2\dummy.sln
-13775e41ece9ddfe2d58ed2de3b8d2c030407135c1e8b026c5cdebebb44cfdf9 *Source\Examples\DummyDrv2\dummy\dummy.vcxproj
+9566950e9dfc534f6a5d35cb254d923a324ccb7ef615fd5c929c23bf14c4243f *Source\Examples\DummyDrv2\dummy\dummy.vcxproj
 f53e8133a9d12b751445ed57f4574bbeba722d26096196f544ed1794adf699f4 *Source\Examples\DummyDrv2\dummy\dummy.vcxproj.filters
 d45cf40c855a135898e4b35d0b5b2d00e3ad251a97d3f47990248116f22ff45e *Source\Examples\DummyDrv2\dummy\dummy.vcxproj.user
-43ed54ded1bd812578d02b73d34725bbca25ca2cec6af9b9441518e9514d8f2a *Source\Examples\DummyDrv2\dummy\main.c
+1a429882d1bfd0455b00155d19dc4dd494e25e80a87fd3a0f9b318b33ac1b871 *Source\Examples\DummyDrv2\dummy\main.c
 103a979ec980d48e7c27199433b0ecbb1fdcdebf8ee96c84c8db2cae0aa4ced8 *Source\Examples\DummyDrv2\dummy\main.h
 10b9fe09b9357cb3c35a00a8b09ae24141ec5941a37c461c2a296d822aa2b512 *Source\Examples\DummyDrv2\dummy\r3request.c
 92e517579ae6d190df4d462168c614dbb990c2cc61c947b284cdf3c5545bef31 *Source\Hamakaze\compess.cpp

diff --git a/Source/Examples/BadRkDemo/main.c b/Source/Examples/BadRkDemo/main.c
@@ -1,12 +1,12 @@
 /*******************************************************************************
 *
-*  (C) COPYRIGHT AUTHORS, 2017 - 2020
+*  (C) COPYRIGHT AUTHORS, 2017 - 2021
 *
 *  TITLE:       MAIN.C
 *
-*  VERSION:     1.01
+*  VERSION:     1.02
 *
-*  DATE:        02 Feb 2020
+*  DATE:        02 Apr 2021
 *
 *  PatchGuard BSOD generator.
 *
@@ -503,7 +503,7 @@ NTSTATUS DriverEntry(
         DPFLTR_INFO_LEVEL, 
         "[PGDemo] %s IoCreateDeviceSecure(%wZ) = %lx\r\n", 
         __FUNCTION__, 
-        DevName, 
+        &DevName, 
         status);
 
     if (NT_SUCCESS(status)) {
@@ -515,7 +515,7 @@ NTSTATUS DriverEntry(
             DPFLTR_INFO_LEVEL, 
             "[PGDemo] %s IoCreateSymbolicLink(%wZ) = %lx\r\n", 
             __FUNCTION__, 
-            SymLink, 
+            &SymLink, 
             status);
 
         devobj->Flags |= DO_BUFFERED_IO;

diff --git a/Source/Examples/DummyDrv/dummy/dummy.vcxproj b/Source/Examples/DummyDrv/dummy/dummy.vcxproj
@@ -18,6 +18,7 @@
     <Configuration>Debug</Configuration>
     <Platform Condition="'$(Platform)' == ''">Win32</Platform>
     <RootNamespace>dummy</RootNamespace>
+    <WindowsTargetPlatformVersion>$(LatestTargetPlatformVersion)</WindowsTargetPlatformVersion>
   </PropertyGroup>
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
@@ -27,6 +28,7 @@
     <ConfigurationType>Driver</ConfigurationType>
     <DriverType>KMDF</DriverType>
     <DriverTargetPlatform>Desktop</DriverTargetPlatform>
+    <ALLOW_DATE_TIME>1</ALLOW_DATE_TIME>
   </PropertyGroup>
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
     <TargetVersion>Windows10</TargetVersion>
@@ -36,6 +38,8 @@
     <DriverType>KMDF</DriverType>
     <DriverTargetPlatform>Desktop</DriverTargetPlatform>
     <WholeProgramOptimization>true</WholeProgramOptimization>
+    <ALLOW_DATE_TIME>1</ALLOW_DATE_TIME>
+    <SpectreMitigation>false</SpectreMitigation>
   </PropertyGroup>
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
   <ImportGroup Label="ExtensionSettings">
@@ -56,9 +60,10 @@
     <DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
     <CodeAnalysisRuleSet>AllRules.ruleset</CodeAnalysisRuleSet>
     <RunCodeAnalysis>true</RunCodeAnalysis>
+    <EnableInf2cat>false</EnableInf2cat>
+    <TargetName>dummy</TargetName>
     <OutDir>.\output\$(Platform)\$(Configuration)\</OutDir>
     <IntDir>.\output\$(Platform)\$(Configuration)\</IntDir>
-    <EnableInf2cat>false</EnableInf2cat>
   </PropertyGroup>
   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
     <ClCompile>
@@ -68,7 +73,6 @@
       <BufferSecurityCheck>false</BufferSecurityCheck>
       <ExpandAttributedSource>true</ExpandAttributedSource>
       <AssemblerOutput>All</AssemblerOutput>
-      <BrowseInformation>true</BrowseInformation>
       <CompileAs>CompileAsC</CompileAs>
       <EnablePREfast>true</EnablePREfast>
       <TreatWarningAsError>false</TreatWarningAsError>

diff --git a/Source/Examples/DummyDrv/dummy/main.c b/Source/Examples/DummyDrv/dummy/main.c
@@ -1,14 +1,14 @@
 /*******************************************************************************
 *
-*  (C) COPYRIGHT AUTHORS, 2016 - 2020
+*  (C) COPYRIGHT AUTHORS, 2016 - 2021
 *
 *  TITLE:       MAIN.C
 *
-*  VERSION:     1.02
+*  VERSION:     1.03
 *
-*  DATE:        24 Jan 2020
+*  DATE:        02 Apr 2021
 *
-*  Example driver for driver loaders usage (TDL/Stryker/Diplodocus/KDU)
+*  Example driver for driver loaders usage (KDU/ALICE)
 *
 * THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF
 * ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED
@@ -36,6 +36,7 @@ NTSTATUS DriverEntry(
 )
 {
     PEPROCESS Process;
+    PETHREAD Thread;
     KIRQL Irql;
     PSTR sIrql;
 
@@ -48,17 +49,26 @@ NTSTATUS DriverEntry(
 
         DbgPrintEx(DPFLTR_DEFAULT_ID,
             DPFLTR_INFO_LEVEL,
-            "Hello from kernel mode, system range start is %p, code mapped at %p\r\n",
+            "[%s] Driver built at %s\r\n",
+            __FUNCTION__, __TIMESTAMP__); // Set DriverModel to allow timestamps.
+
+        DbgPrintEx(DPFLTR_DEFAULT_ID,
+            DPFLTR_INFO_LEVEL,
+            "[%s] System range start is %p, code mapped at %p\r\n",
+            __FUNCTION__,
             MmSystemRangeStart,
-            DriverEntry);
+            DriverEntry);       
 
         Process = PsGetCurrentProcess();
+        Thread = PsGetCurrentThread();
         DbgPrintEx(DPFLTR_DEFAULT_ID,
             DPFLTR_INFO_LEVEL,
-            "I'm at %s, Process : %lu (%p)\r\n",
-            __FUNCTION__,
-            (ULONG)PsGetCurrentProcessId(),
-            Process);
+            "[%s] Current Process : %lu (%p) Current Thread : %lu (%p)\r\n",
+            __FUNCTION__,           
+            HandleToULong(PsGetCurrentProcessId()),
+            Process,
+            HandleToULong(PsGetCurrentThreadId()),
+            Thread);
 
         switch (Irql) {
 
@@ -78,7 +88,8 @@ NTSTATUS DriverEntry(
 
         DbgPrintEx(DPFLTR_DEFAULT_ID,
             DPFLTR_INFO_LEVEL,
-            "KeGetCurrentIrql=%s\r\n",
+            "[%s] KeGetCurrentIrql=%s\r\n",
+            __FUNCTION__,
             sIrql);
     }
 

diff --git a/Source/Examples/DummyDrv2/dummy/dummy.vcxproj b/Source/Examples/DummyDrv2/dummy/dummy.vcxproj
@@ -27,6 +27,7 @@
     <ConfigurationType>Driver</ConfigurationType>
     <DriverType>KMDF</DriverType>
     <DriverTargetPlatform>Desktop</DriverTargetPlatform>
+    <ALLOW_DATE_TIME>1</ALLOW_DATE_TIME>
   </PropertyGroup>
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
     <TargetVersion>Windows10</TargetVersion>
@@ -36,6 +37,8 @@
     <DriverType>KMDF</DriverType>
     <DriverTargetPlatform>Desktop</DriverTargetPlatform>
     <WholeProgramOptimization>true</WholeProgramOptimization>
+    <ALLOW_DATE_TIME>1</ALLOW_DATE_TIME>
+    <SpectreMitigation>false</SpectreMitigation>
   </PropertyGroup>
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
   <ImportGroup Label="ExtensionSettings">

diff --git a/Source/Examples/DummyDrv2/dummy/main.c b/Source/Examples/DummyDrv2/dummy/main.c
@@ -1,14 +1,14 @@
 /*******************************************************************************
 *
-*  (C) COPYRIGHT AUTHORS, 2016 - 2020
+*  (C) COPYRIGHT AUTHORS, 2016 - 2021
 *
 *  TITLE:       MAIN.C
 *
-*  VERSION:     1.02
+*  VERSION:     1.03
 *
-*  DATE:        24 Jan 2020
+*  DATE:        02 Apr 2021
 *
-*  Example driver #2 for driver loaders usage (TDL/Stryker/Diplodocus/KDU)
+*  Example driver #2 for driver loaders usage (KDU/ALICE)
 *
 * THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF
 * ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED
@@ -64,7 +64,8 @@ VOID PrintIrql()
 
     DbgPrintEx(DPFLTR_DEFAULT_ID,
         DPFLTR_INFO_LEVEL,
-        "KeGetCurrentIrql=%u(%s)\r\n",
+        "[%s] KeGetCurrentIrql=%u(%s)\r\n",
+        __FUNCTION__,
         Irql,
         sIrql);
 }
@@ -92,7 +93,7 @@ NTSTATUS DevioctlDispatch(
 
     DbgPrintEx(DPFLTR_DEFAULT_ID,
         DPFLTR_INFO_LEVEL,
-        "%s IRP_MJ_DEVICE_CONTROL",
+        "[%s] IRP_MJ_DEVICE_CONTROL\r\n",
         __FUNCTION__);
 
     stack = IoGetCurrentIrpStackLocation(Irp);
@@ -116,7 +117,7 @@ NTSTATUS DevioctlDispatch(
 
             DbgPrintEx(DPFLTR_DEFAULT_ID,
                 DPFLTR_INFO_LEVEL,
-                "%s DUMMYDRV_REQUEST1 hit",
+                "[%s] DUMMYDRV_REQUEST1 hit\r\n",
                 __FUNCTION__);
 
             if (stack->Parameters.DeviceIoControl.InputBufferLength != sizeof(INOUT_PARAM)) {
@@ -126,7 +127,7 @@ NTSTATUS DevioctlDispatch(
 
             DbgPrintEx(DPFLTR_DEFAULT_ID,
                 DPFLTR_INFO_LEVEL,
-                "%s in params = %lx, %lx, %lx, %lx",
+                "[%s] Params = %lx, %lx, %lx, %lx\r\n",
                 __FUNCTION__,
                 rp->Param1,
                 rp->Param2,
@@ -147,7 +148,7 @@ NTSTATUS DevioctlDispatch(
 
             DbgPrintEx(DPFLTR_DEFAULT_ID,
                 DPFLTR_INFO_LEVEL,
-                "%s hit with invalid IoControlCode",
+                "[%s] Hit with invalid IoControlCode\r\n",
                 __FUNCTION__);
 
             status = STATUS_INVALID_PARAMETER;
@@ -200,7 +201,7 @@ NTSTATUS CreateDispatch(
 
     DbgPrintEx(DPFLTR_DEFAULT_ID,
         DPFLTR_INFO_LEVEL,
-        "%s Create",
+        "[%s] Create\r\n",
         __FUNCTION__);
 
     IoCompleteRequest(Irp, IO_NO_INCREMENT);
@@ -225,7 +226,7 @@ NTSTATUS CloseDispatch(
 
     DbgPrintEx(DPFLTR_DEFAULT_ID,
         DPFLTR_INFO_LEVEL,
-        "%s Close",
+        "[%s] Close\r\n",
         __FUNCTION__);
 
     IoCompleteRequest(Irp, IO_NO_INCREMENT);
@@ -250,36 +251,45 @@ NTSTATUS DriverInitialize(
     PDEVICE_OBJECT  devobj;
     ULONG           t;
 
+    PETHREAD        ThreadObject;
+    PEPROCESS       ProcessObject;
+
     //RegistryPath is NULL
     UNREFERENCED_PARAMETER(RegistryPath);
 
+    ProcessObject = PsGetCurrentProcess();
+    ThreadObject = PsGetCurrentThread();
+
     DbgPrintEx(DPFLTR_DEFAULT_ID,
         DPFLTR_INFO_LEVEL,
-        "%s\n",
-        __FUNCTION__);
+        "[%s] CurrentProcess : %lu (%p) CurrentThread : %lu (%p)\r\n",
+        __FUNCTION__,
+        HandleToUlong(PsGetCurrentProcessId()),
+        ProcessObject,
+        HandleToUlong(PsGetCurrentThreadId()),
+        ThreadObject);
 
     RtlInitUnicodeString(&DevName, L"\\Device\\TDLD");
     status = IoCreateDevice(DriverObject, 0, &DevName, FILE_DEVICE_UNKNOWN, FILE_DEVICE_SECURE_OPEN, TRUE, &devobj);
 
     DbgPrintEx(DPFLTR_DEFAULT_ID,
         DPFLTR_INFO_LEVEL,
-        "%s IoCreateDevice(%wZ) = %lx\n",
+        "[%s] IoCreateDevice(%wZ) = %lx\r\n",
         __FUNCTION__,
-        DevName,
+        &DevName,
         status);
 
-    if (!NT_SUCCESS(status)) {
+    if (!NT_SUCCESS(status))
         return status;
-    }
 
     RtlInitUnicodeString(&SymLink, L"\\DosDevices\\TDLD");
     status = IoCreateSymbolicLink(&SymLink, &DevName);
 
     DbgPrintEx(DPFLTR_DEFAULT_ID,
         DPFLTR_INFO_LEVEL,
-        "%s IoCreateSymbolicLink(%wZ) = %lx\n",
+        "[%s] IoCreateSymbolicLink(%wZ) = %lx\r\n",
         __FUNCTION__,
-        SymLink,
+        &SymLink,
         status);
 
     devobj->Flags |= DO_BUFFERED_IO;
@@ -316,22 +326,34 @@ NTSTATUS DriverEntry(
     UNREFERENCED_PARAMETER(DriverObject);
     UNREFERENCED_PARAMETER(RegistryPath);
 
-    PrintIrql();
-
     DbgPrintEx(DPFLTR_DEFAULT_ID,
         DPFLTR_INFO_LEVEL,
-        "%s\n",
-        __FUNCTION__);
+        "[%s] Driver built at %s\r\n",
+        __FUNCTION__, __TIMESTAMP__); // Set DriverModel to allow timestamps.
+
+    PrintIrql();
 
     RtlInitUnicodeString(&drvName, L"\\Driver\\TDLD");
     status = IoCreateDriver(&drvName, &DriverInitialize);
 
-    DbgPrintEx(DPFLTR_DEFAULT_ID,
-        DPFLTR_INFO_LEVEL,
-        "%s IoCreateDriver(%wZ) = %lx\n",
-        __FUNCTION__,
-        drvName,
-        status);
+    if (status == STATUS_OBJECT_NAME_COLLISION) {
+
+        DbgPrintEx(DPFLTR_DEFAULT_ID,
+            DPFLTR_INFO_LEVEL,
+            "[%s] Driver object %wZ already exist\r\n",
+            __FUNCTION__, &drvName);
+
+    }
+    else {
+
+        DbgPrintEx(DPFLTR_DEFAULT_ID,
+            DPFLTR_INFO_LEVEL,
+            "[%s] IoCreateDriver(%wZ) = %lx\r\n",
+            __FUNCTION__,
+            &drvName,
+            status);
+
+    }
 
     return status;
 }