A
Aleksey Rechinsky
Hello!
Can somebody confirm or contradict these three statements:
1) ZwLoadDriver() interface remains unchanged from Win2000 to a latest
Win2003 (or to which version as you know?)
2) It's prototype is
NTSYSAPI NTSTATUS NTAPI ZwLoadDriver( IN PUNICODE_STRING
DriverServiceName );
where DriverServiceName is the name of driver under "Services" key in
registry. For example,
L"Registry\\Machine\\System\\CurrentControlSet\\Services\\Tcpip".
3) DriverEntry() routine of the driver to be loaded is always execute in
system thread context, no matter, where was the ZwLoadDriver() executed.
Any info would be very appreciated.
Thanks, Aleksey.
Can somebody confirm or contradict these three statements:
1) ZwLoadDriver() interface remains unchanged from Win2000 to a latest
Win2003 (or to which version as you know?)
2) It's prototype is
NTSYSAPI NTSTATUS NTAPI ZwLoadDriver( IN PUNICODE_STRING
DriverServiceName );
where DriverServiceName is the name of driver under "Services" key in
registry. For example,
L"Registry\\Machine\\System\\CurrentControlSet\\Services\\Tcpip".
3) DriverEntry() routine of the driver to be loaded is always execute in
system thread context, no matter, where was the ZwLoadDriver() executed.
Any info would be very appreciated.
Thanks, Aleksey.