George King

Yes, If you reshack it you can see If it´s v4 or v5. I’m always adding it to fileversion

Here is 7777.5 includes same mod as before to detect newer devices https://www.mediafire.com/file/8plxu62h3znudeh/ACPI2.0_v5_x86+x64_5.1+5.2.7z/file

There is nothing about move, only simple file copy from that location. This seems for me like corrupted flash drive? Are you sure that file is here after you unplug your USB stick? I just tried same on my side with preview5 ISO and everything that is placed in $OEM$ directory was properly copied to deployed system. Of course all files are still on USB.

Place it to standard $OEM$ location and reinstall When ACPI found in this location it's overwriten on possible places and repacked to SP3.cab too.

@Damnation I have installed XP 32bit on Asus K53SV and Acer Aspire One, these machines have SD card reader, but not compatible with that Generic driver. I have also Dell Latitude 7440 and here I can't reinstall it and it run Windows 7 x64. I don't know when I can reinstall this machine (my wife's laptop)

Yeah I was thinking about that.

@Damnation Thanks, downloaded your updated repo, I have compared it to one I downloaded from GitHub and there are missing some parts in wrk2003.c on your side. Is this code missing by accident or there is a reason for that? Missing part void WRK2003_Init(void) { #if (NTDDI_VERSION < NTDDI_VISTA) && defined(_X86_) #if (NTDDI_VERSION >= NTDDI_WINXP) && (NTDDI_VERSION <= NTDDI_WINXPSP4) ////////////////////////////////////////////////////// // KeInvalidateAllCaches gTramp_KeInvalidateAllCaches = (PFN_BOOLEAN) ModuleHexSearch(MODULE_NTOSKRNL, KeInvalidateAllCaches_magic1, sizeof(KeInvalidateAllCaches_magic1), KeInvalidateAllCaches_magic1mask); if (!gTramp_KeInvalidateAllCaches) gTramp_KeInvalidateAllCaches = (PFN_BOOLEAN) ModuleHexSearch(MODULE_NTOSKRNL, KeInvalidateAllCaches_magic2, sizeof(KeInvalidateAllCaches_magic2), KeInvalidateAllCaches_magic2mask); if (!gTramp_KeInvalidateAllCaches) gTramp_KeInvalidateAllCaches = (PFN_BOOLEAN) ModuleHexSearch(MODULE_NTOSKRNL, KeInvalidateAllCaches_magic3, sizeof(KeInvalidateAllCaches_magic3), KeInvalidateAllCaches_magic3mask); if (!gTramp_KeInvalidateAllCaches) gTramp_KeInvalidateAllCaches = (PFN_BOOLEAN) ModuleHexSearch(MODULE_NTOSKRNL, KeInvalidateAllCaches_magic4, sizeof(KeInvalidateAllCaches_magic4), KeInvalidateAllCaches_magic4mask); if (!gTramp_KeInvalidateAllCaches) KeBugCheckEx(0xDEADBEEFL, 5, 0, 0, 2); ////////////////////////////////////////////////////// #endif // WinXP RTM <> SP4 ////////////////////////////////////////////////////// // KeAlertThread gTramp_KeAlertThread = (PFN_BOOLEAN_PKTHREAD_KPROCESSOR_MODE) ModuleHexSearch(MODULE_NTOSKRNL, KeAlertThread_magic1, sizeof(KeAlertThread_magic1), KeAlertThread_magic1mask); if (!gTramp_KeAlertThread) gTramp_KeAlertThread = (PFN_BOOLEAN_PKTHREAD_KPROCESSOR_MODE) ModuleHexSearch(MODULE_NTOSKRNL, KeAlertThread_magic2, sizeof(KeAlertThread_magic2), KeAlertThread_magic2mask); if (!gTramp_KeAlertThread) gTramp_KeAlertThread = (PFN_BOOLEAN_PKTHREAD_KPROCESSOR_MODE) ModuleHexSearch(MODULE_NTOSKRNL, KeAlertThread_magic1chk, sizeof(KeAlertThread_magic1chk), KeAlertThread_magic1chkmask); if (!gTramp_KeAlertThread) KeBugCheckEx(0xDEADBEEFL, 5, 0, 0, 3); ////////////////////////////////////////////////////// ////////////////////////////////////////////////////// // KeTestAlertThread gTramp_KeTestAlertThread = (PFN_BOOLEAN_KPROCESSOR_MODE) ModuleHexSearch(MODULE_NTOSKRNL, KeTestAlertThread_magic1, sizeof(KeTestAlertThread_magic1), KeTestAlertThread_magic1mask); if (!gTramp_KeTestAlertThread) gTramp_KeTestAlertThread = (PFN_BOOLEAN_KPROCESSOR_MODE) ModuleHexSearch(MODULE_NTOSKRNL, KeTestAlertThread_magic2, sizeof(KeTestAlertThread_magic2), KeTestAlertThread_magic2mask); if (!gTramp_KeTestAlertThread) gTramp_KeTestAlertThread = (PFN_BOOLEAN_KPROCESSOR_MODE) ModuleHexSearch(MODULE_NTOSKRNL, KeTestAlertThread_magic1chk, sizeof(KeTestAlertThread_magic1chk), KeTestAlertThread_magic1chkmask); if (!gTramp_KeTestAlertThread) KeBugCheckEx(0xDEADBEEFL, 5, 0, 0, 4); ////////////////////////////////////////////////////// ////////////////////////////////////////////////////// // LpcRequestWaitReplyPortEx gTramp_LpcRequestWaitReplyPortEx = (PFN_NTSTATUS_PVOID_PPORT_MESSAGE_PPORT_MESSAGE) ModuleHexSearch(MODULE_NTOSKRNL, LpcRequestWaitReplyPortEx_magic1, sizeof(LpcRequestWaitReplyPortEx_magic1), LpcRequestWaitReplyPortEx_magic1mask); if (!gTramp_LpcRequestWaitReplyPortEx) gTramp_LpcRequestWaitReplyPortEx = (PFN_NTSTATUS_PVOID_PPORT_MESSAGE_PPORT_MESSAGE) ModuleHexSearch(MODULE_NTOSKRNL, LpcRequestWaitReplyPortEx_magic2, sizeof(LpcRequestWaitReplyPortEx_magic2), LpcRequestWaitReplyPortEx_magic2mask); if (!gTramp_LpcRequestWaitReplyPortEx) KeBugCheckEx(0xDEADBEEFL, 5, 0, 0, 5); ////////////////////////////////////////////////////// #endif // < Vista && x32 } P.S. Installing 32bit XP on my testing machine right now to see how it goes. I see method how you created that function for x86 in ASM. I hope it will work, then we will only need x64 ones and rearange your new functions in Extender. For example many of functions you added into < Vista are needed for < 8 too. But polishing process can be done in future

@Mov AX, 0xDEADAnd here is same check with Vista ntoskrnl.exe v6.0.6003.21442 (vistasp2_ldr_escrow.220307-1719) vs compiled ntoskrn8.sys x64 missing FsRtlInitializeExtraCreateParameter FsRtlInitializeExtraCreateParameterList FsRtlPrepareToReuseEcp FsRtlRegisterUncProviderEx2 IoRegisterFsRegistrationChangeMountAware KeConnectInterruptForHal KeFlushCurrentTbImmediately PsDereferenceKernelStack PsReferenceKernelStack RtlIsSandboxedToken x86 missing FsRtlInitializeExtraCreateParameter FsRtlInitializeExtraCreateParameterList FsRtlPrepareToReuseEcp FsRtlRegisterUncProviderEx2 IoRegisterFsRegistrationChangeMountAware KeConnectInterruptForHal KiMcaExceptionHandlerWrapper PsDereferenceKernelStack PsReferenceKernelStack RtlIsSandboxedToken Should I create merge request on GitHub project?

@Damnation Fully working code will be better as this SD/MMC driver can work on XP - 7 in both architecture. Currently I would like to see it under 7 first. With actual state it can be installed, but "connected disk device" can't be installed / started, I think it's caused by my blank function.

@Mov AX, 0xDEAD I have checked Windows 7 ntoskrnl.exe v6.1.7601.25920 (win7sp1_ldr_escrow.220316-1740) exports vs compiled ntoskrn8.sys This is full list of missing kernel functions that needs to be bypassed. x64 missing EtwSetInformation FsRtlPrepareToReuseEcp FsRtlRegisterUncProviderEx2 IoEnumerateRegisteredFiltersListEx IoRegisterFsRegistrationChangeMountAwareEx KeConnectInterruptForHal KeFlushCurrentTbImmediately PsDereferenceKernelStack PsReferenceKernelStack RtlIsSandboxedToken SeGetLogonSessionToken x86 missing EtwSetInformation FsRtlPrepareToReuseEcp FsRtlRegisterUncProviderEx2 IoEnumerateRegisteredFiltersListEx IoRegisterFsRegistrationChangeMountAwareEx KeConnectInterruptForHal KiMcaExceptionHandlerWrapper PsDereferenceKernelStack PsReferenceKernelStack RtlIsSandboxedToken SeGetLogonSessionToken Next I will check Vista kernel exports to see if there are some forgotten exports too.

@Damnation Hmm, OK, I have no idea how to rewrite it. Can you try please? 1>c:\users\administrator\desktop\ntoskrnl_emu-master\ntoskrn8.c(2503) : error C2109: subscript requires array or pointer type 1>c:\users\administrator\desktop\ntoskrnl_emu-master\ntoskrn8.c(2504) : error C2109: subscript requires array or pointer type 1>c:\users\administrator\desktop\ntoskrnl_emu-master\ntoskrn8.c(2505) : error C2676: binary '+' : 'IRP' does not define this operator or a conversion to a type acceptable to the predefined operator 1>c:\users\administrator\desktop\ntoskrnl_emu-master\ntoskrn8.c(2506) : error C2676: binary '+' : 'IRP' does not define this operator or a conversion to a type acceptable to the predefined operator 1>c:\users\administrator\desktop\ntoskrnl_emu-master\ntoskrn8.c(2506) : error C2065: 'CmpCompleteFlushAndPurgeIrp' : undeclared identifier 1>c:\users\administrator\desktop\ntoskrnl_emu-master\ntoskrn8.c(2507) : error C2676: binary '+' : 'IRP' does not define this operator or a conversion to a type acceptable to the predefined operator 1>c:\users\administrator\desktop\ntoskrnl_emu-master\ntoskrn8.c(2510) : error C2664: 'KeWaitForSingleObject' : cannot convert parameter 2 from 'int' to 'KWAIT_REASON' 1>c:\users\administrator\desktop\ntoskrnl_emu-master\ntoskrn8.c(2511) : error C2440: '=' : cannot convert from 'IRP' to 'unsigned long'

@Damnation Can you please try to get pseudo code for IoSynchronousCallDriver from Windows 8.0 ntoskrnl.exe? I have already added it as "return success" so now I have no missings imports in Windows 8.0 sdtor.sys build 8056 and only this one function need to be finished to get Generic SD/MMC driver for Windows XP - 7. I have added IoSynchronousCallDriver from Windows 8.0 DDK wdm.h to ntoskrn8.c wdm.h code from Windows 8.0 DDK #if (NTDDI_VERSION >= NTDDI_WIN8) NTKERNELAPI NTSTATUS IoSynchronousCallDriver( _In_ PDEVICE_OBJECT DeviceObject, _In_ PIRP Irp ); #endif Code adaptaion for ntoskrn8.c NTSTATUS IoSynchronousCallDriver_k8 ( PDEVICE_OBJECT DeviceObject, PIRP Irp ) { return STATUS_SUCCESS; } In ntoskrn_redirects.h I have added to section < Win8 x32/x64 Extender this k8_win8( IoSynchronousCallDriver, 8) + I have added mising Windows 7 kernel export With this I can install that driver, but there is still one not installed HDD device that can't be installed on my laptop with Windows 7. Same issue will be on XP too (probably). I think it's related to this newly added import as it currently does nothing. I can't get pseude code in IDA to start working on rewriting that function to readable code. Can you please have a look on it? We are small step from another Generic driver for XP. When we can get this driver to work I can try to install XP in 32bit UEFI on Intel compute stick @Mov AX, 0xDEAD Maybe you have better idea to acheive it? Modded driver for XP is attached Generic Windows8.0 build 8056 SD+MCC driver for Windows XP x86.7z

I have grabbed sdbus.sys + dumpsd.sys + sdbus.inf from Windows 8 build 7880, then I patched security cookie and ntoskrnl.exe import to ntoskrn8.sys on needed files. No missing imports at all. This is driver for PCI\CC_080500 + PCI\CC_080501 as SDA Standard Compliant SD Host Controller. And from Windows 8 build 8056 sdstor.sys + sdstor.inf, then I patched security cookie and ntoskrnl.exe import to ntoskrn.sys. No missing imports. This is driver for SD\CLASS_STORAGE + SD\CLASS_MMC as SD Storage Class Controller Drivers are unsigned and untested and only for x64 now. INFs are modded and install ntoskrn8.sys automatically. Try to integrate them with force unsigned switch (or NTLite) to boot.wim and let's see how it goes. https://www.mediafire.com/file/5a58l01bmwc0grn/Generic_MMC_x64.7z/file

@Mov AX, 0xDEAD I just compiled as Windows 7 x64 target and after that I modded driver to fix missing exports using ntoskrn8.sys. After using it new missing export appeared. In ntoskrnl_edirects.h I have added this line under Windows 7 x86/x64 exports bypass(EtwSetInformation) Now it's compiled again and no missing exports for my driver test

@Dave-H Can you try these patched files? I have patched it in ACPIEnableEnterACPIMode() to disable A5x11 BSOD. There are two different patches. Let me know if any of them will work. https://anonfiles.com/9cXeoadcy8/acpi_7777_experimental_patch_7z And here is another one with previous patches and patched all BSOD A5x11 in ACPIInitialize() https://anonfiles.com/Ddgdpad0y9/acpi_7777_experimental_patch2_7z P.S. Even if it works will be best to catch log from windbg, as this is only temporary fix when we have source code

Preview5 ISO contains latest v4 (without DDB hack) already inside ESD.

Use Booogy WMP11 Slipstreamer or OnePiece DXUPAC tool to create WMP11 addon.

True, it should be still in USB\sources\$OEM$\$$\system32\drivers files from $OEM$ are only copied to HDD

I have builded Certificates repack for my XP2ESD project. It's simple standalone WinRAR SFX to easily update SST files when needed. Last update 04.05.2022 11:05 https://www.mediafire.com/file/900h17opahb5uqf/WindowsRootsUpdate.exe/file

I'm sure I have included in that ISO v4 and send one with DDB hack too.

@Dietmar have you tried it with patched netio without msrpc needs?

Ok, waiting for @Damnation

@Dietmar Try to replace ntoskrnx.exe with this one https://anonfiles.com/R4974dc4y8/ntoskrnx_exe

@Dietmar It's only netio.sys https://anonfiles.com/Peec49cey9/netio_sys And here is also msrpc 5048 to give it a try without deleted import in netio https://anonfiles.com/35p248c9y6/msrpc_5048_sys

Then try to remove msrpc imports from netio.sys, Right lick in CFF Explorer and Delete import Descriptor. No idea what happends, just rebuild pe header and save to see if it works or fails