Driver Signing + Installation

[Guest]

Hi,

My image has enough components to allow end customers to install certain 3rd
party drivers.

The installations complete successfully but when the new device is plugged
in Windows prompts for the location of the driver (.sys) file(s).

Using utilities like "FileMon" and "RegMon" I've noticed that on full XP,
Windows searches the "...\system32\drivers" folder first and if it doesn't
find the files looks in the "program
files\<company>\<product>\<drivers>\<winxp>" location.

I haven't been able to find a location in the registry that holds this
alternate location which leads me to beleive that it is store else where.

Does anyone know what the mechanism is that performs the search in folders
other than the drivers folder? I think it might have to do with the security
catalog and driver signing but I'm not sure.

Thanks,
Ed.

 

[Guest]

Hi,

So I've done some digging and come up with the following.

When installing PnP drivers it is recommended (required) that the Windows
setup api function "SetupCopyOEMInf" be used.

This function interprets the inf file and creates an oem<#>.inf file that is
unique in the "\windows\inf" folder.

The function under full XP Pro also creates a file with the .pnf extension.
This is a pre-compiled version of the inf file. Opening this file in a hex
editor reveals that the source location of the driver file(s) is stored here.
So under normal operations XP Pro knows where to look next if the file is
not in the drivers folder.

As a third step under full XP Pro the function validates the digital
signature etc...

So far I've discovered that XPe does not provide the ability to generate pnf
files. Or aleast the functionality is turned off.

.....

Thanks,
Ed.

 

[KM]

Ed,

Your conclusion about PNF files is basically correct. Those are the compiled
versions of INF files with source paths info resolved.
Since PNF files are usually huge their support has been "removed" from XPe
to save some footprint.

However, I couldn't understand what exactly the purpose for your
investigation? Do you just want to tweak the New Hardware Wizard info?

If you want to modify drive installation source paths there, all you have to
do and to tweak the following key:
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup],"Installation
Sources" (note, it is a multi sz string). You can add your own paths there
(e.g., C:\i386). Then whenever the Found New Hardware wizard appears (e.g.,
you plug-in a new PnP device), you will see the added path in the specific
locations list.
Also, the "SourcePath" and "ServicePackSourcePath" values under the same key
have some effect on the installation.

KM

 

[Guest]

Thanks for the suggestion I will see if I can use the key to help aid with
driver installations.

The main reason I'm investigating the driver installation issue is this:
We support 20+ peripherals, namely pc cards, and are presented with the
problem of managing and distributing images with all the different versions
as they are updated.

Because we don't want to create a custom image for each customer it was
decided to create a generic image and allow end users to install their
specific hardware and drivers.

Unfortunately some of the driver installations we support don't provide
signed drivers so their installers indicated failures. The signed driver
installations always prompt for the location of the .sys files.

So I'm looking to implement the pnf driver signing framework, if possible,
to help aid the customer experience and lower our support call costs.


Thanks,
Ed.

Ed,

Your conclusion about PNF files is basically correct. Those are the compiled
versions of INF files with source paths info resolved.
Since PNF files are usually huge their support has been "removed" from XPe
to save some footprint.

However, I couldn't understand what exactly the purpose for your
investigation? Do you just want to tweak the New Hardware Wizard info?

If you want to modify drive installation source paths there, all you have to
do and to tweak the following key:
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup],"Installation
Sources" (note, it is a multi sz string). You can add your own paths there
(e.g., C:\i386). Then whenever the Found New Hardware wizard appears (e.g.,
you plug-in a new PnP device), you will see the added path in the specific
locations list.
Also, the "SourcePath" and "ServicePackSourcePath" values under the same key
have some effect on the installation.

KM

Hi,

So I've done some digging and come up with the following.

When installing PnP drivers it is recommended (required) that the Windows
setup api function "SetupCopyOEMInf" be used.

This function interprets the inf file and creates an oem<#>.inf file that
is
unique in the "\windows\inf" folder.

The function under full XP Pro also creates a file with the .pnf
extension.
This is a pre-compiled version of the inf file. Opening this file in a
hex
editor reveals that the source location of the driver file(s) is stored
here.
So under normal operations XP Pro knows where to look next if the file is
not in the drivers folder.

As a third step under full XP Pro the function validates the digital
signature etc...

So far I've discovered that XPe does not provide the ability to generate
pnf
files. Or aleast the functionality is turned off.

....

Thanks,
Ed.

 

[Guest]

I found the needle in the hay stack.

Once I knew what I was looking for it was easy to find
The way I got there was a long journey and included WinDbg. But good old
reliable Regmon had the answer all along but it was hidden among the noise.

Basically delete the following value:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup]
"MinimizeFootprint"=dword:00000001

This enables driver signing checking, pnf file creation and who knows what
else. It’s a very global switch and I'm not sure how big the image will
become and what other XP features listen to it. Personally I'm only going to
remove it after FBA. And that's if I can't convince the powers that be that
this is a silly idea.

Thanks,
Ed.

PS. Search words: Driver signing .pnf precompiled inf .inf

PPS. The setupapi has lots of interesting undocumented internal functions
that I found along my travels. WindDbg rocks! I only hope I don't have to
use it again on this project

GetEmbeddedFlags
LoadPrecompiledInf
SavePnf
PreprocessInf

Thanks for the suggestion I will see if I can use the key to help aid with
driver installations.

The main reason I'm investigating the driver installation issue is this:
We support 20+ peripherals, namely pc cards, and are presented with the
problem of managing and distributing images with all the different versions
as they are updated.

Because we don't want to create a custom image for each customer it was
decided to create a generic image and allow end users to install their
specific hardware and drivers.

Unfortunately some of the driver installations we support don't provide
signed drivers so their installers indicated failures. The signed driver
installations always prompt for the location of the .sys files.

So I'm looking to implement the pnf driver signing framework, if possible,
to help aid the customer experience and lower our support call costs.


Thanks,
Ed.

Ed,

Your conclusion about PNF files is basically correct. Those are the compiled
versions of INF files with source paths info resolved.
Since PNF files are usually huge their support has been "removed" from XPe
to save some footprint.

However, I couldn't understand what exactly the purpose for your
investigation? Do you just want to tweak the New Hardware Wizard info?

If you want to modify drive installation source paths there, all you have to
do and to tweak the following key:
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup],"Installation
Sources" (note, it is a multi sz string). You can add your own paths there
(e.g., C:\i386). Then whenever the Found New Hardware wizard appears (e.g.,
you plug-in a new PnP device), you will see the added path in the specific
locations list.
Also, the "SourcePath" and "ServicePackSourcePath" values under the same key
have some effect on the installation.

KM

Hi,

So I've done some digging and come up with the following.

When installing PnP drivers it is recommended (required) that the Windows
setup api function "SetupCopyOEMInf" be used.

This function interprets the inf file and creates an oem<#>.inf file that
is
unique in the "\windows\inf" folder.

The function under full XP Pro also creates a file with the .pnf
extension.
This is a pre-compiled version of the inf file. Opening this file in a
hex
editor reveals that the source location of the driver file(s) is stored
here.
So under normal operations XP Pro knows where to look next if the file is
not in the drivers folder.

As a third step under full XP Pro the function validates the digital
signature etc...

So far I've discovered that XPe does not provide the ability to generate
pnf
files. Or aleast the functionality is turned off.

....

Thanks,
Ed.


:

Hi,

My image has enough components to allow end customers to install certain
3rd
party drivers.

The installations complete successfully but when the new device is
plugged
in Windows prompts for the location of the driver (.sys) file(s).

Using utilities like "FileMon" and "RegMon" I've noticed that on full XP,
Windows searches the "...\system32\drivers" folder first and if it
doesn't
find the files looks in the "program
files\<company>\<product>\<drivers>\<winxp>" location.

I haven't been able to find a location in the registry that holds this
alternate location which leads me to beleive that it is store else where.

Does anyone know what the mechanism is that performs the search in
folders
other than the drivers folder? I think it might have to do with the
security
catalog and driver signing but I'm not sure.

Thanks,
Ed.