Registry change notification

S

scm

Hi All,

Is there any way my driver to get notified for a change in tha value of a
particular key in the registry. I mean an API in kernel mode similar to user
mode API RegNotifyChangeKeyValue.

Any suggestions/hints would be appreciated.

Thanks.
 
K

Kirk Ferdmann

scm said:
Its an undocumented API. Can you give me some hints/links the prototype of
it.
Click to expand...

It's undocumented in DDK because drivers access their registry during
IRP_MN_START_DEVICE. PnP stops and restarts a device in the case of resource
rebalancing. By the same logic it's a good place to read the registry.

-Kirk
 
A

Arkady Frenkel

That documented in Gary Nebbett's "Windows NT/2000 Native API reference" and
you'll find prototype in google for sure.
Arkady
 
A

Arkady Frenkel

Really I didn't find ZwNotifyChangeKey on web , but it call
NtNotifyChangeKey() which have exactly the same format and you can see that
on
http://undocumented.ntinternals.net/

NTSYSAPI
NTSTATUS
NTAPI

NtNotifyChangeKey(

IN HANDLE KeyHandle,
IN HANDLE EventHandle,
IN PIO_APC_ROUTINE ApcRoutine,
IN PVOID ApcRoutineContext,
IN PIO_STATUS_BLOCK IoStatusBlock,
IN ULONG NotifyFilter,
IN BOOLEAN WatchSubtree,
OUT PVOID RegChangesDataBuffer,
IN ULONG RegChangesDataBufferLength,
IN BOOLEAN Asynchronous );


So simply set ZwNotifyChangeKey instead of NtNotifyChangeKey

Arkady
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Expiration notification 4
Resume watching TV after notification on Amazon Fire Cube? 0
Push notifications. 6
Graph control with input 4
copy buffer not from first element question 3
Access Access database alerts and notifications 1
Access Automatically Send a notification email once a record is added 0
Notification of invites in Google Calendar 9

Top