Mov AX, 0xDEAD Posted July 11, 2022 Author Posted July 11, 2022 19 minutes ago, George King said: I just tried to port sdbus.sys + sdstor.sys from Windows 8 build 8056 (first true Generic SD/MMC driver) to Windows 7 and XP and on Windows 7 are these functions needed to add into extender, otherwise there will be missing imports. PoFxIdleComponent IoSynchronousCallDriver PoFxSetDeviceIdleTimeout PoFxUnregisterDevice PoFxStartDevicePowerManagement PoUnregisterPowerSettingCallback PoFxActivateComponent KeLeaveGuardedRegion KeEnterGuardedRegion PoFxCompleteIdleCondition PoFxCompleteIdleState PoFxReportDevicePoweredOn PoFxCompleteDevicePowerNotRequired PoFxRegisterDevice IoGetActivityIdIrp RtlQueryRegistryValuesEx Most important is Win8 new Power Framework embeded to ntoskrnl it is complicated code with callbacks to user code(not sure 100%), it is hard to emulate it properly, you can try replace most of functions to dummy stubs, but do it just as a fun, no any guarantee
George King Posted July 11, 2022 Posted July 11, 2022 11 minutes ago, Mov AX, 0xDEAD said: Most important is Win8 new Power Framework embeded to ntoskrnl it is complicated code with callbacks to user code(not sure 100%), it is hard to emulate it properly, you can try replace most of functions to dummy stubs, but do it just as a fun, no any guarantee I tried it, but without success. This is what I used to add blank exports. I think there must be added real code for that.
Mov AX, 0xDEAD Posted July 11, 2022 Author Posted July 11, 2022 PoFxRegisterDevice - CALLBACKs Quote NTSTATUS PoFxRegisterDevice( _In_ PDEVICE_OBJECT Pdo, _In_ PPO_FX_DEVICE Device, _Out_ POHANDLE *Handle ); Device A pointer to a caller-allocated PO_FX_DEVICE structure that contains the registration information for the device. This structure contains pointers to a set of callback routines that are implemented by the device driver. PoFx calls these routines to communicate with the driver. PoFxIdleComponent - NO CALLBACKs PoFxSetDeviceIdleTimeout - NO CALLBACKs PoFxUnregisterDevice - NO CALLBACKs PoFxStartDevicePowerManagement - NO CALLBACKs PoRegisterPowerSettingCallback + PoUnregisterPowerSettingCallback - CALLBACKs, Vista+ new feature, not used in sdbus PoFxActivateComponent - NO CALLBACKs PoFxCompleteIdleCondition - NO CALLBACKs PoFxCompleteIdleState - NO CALLBACKs PoFxReportDevicePoweredOn - NO CALLBACKs PoFxCompleteDevicePowerNotRequired - NO CALLBACKs
George King Posted July 12, 2022 Posted July 12, 2022 (edited) On 7/11/2022 at 2:26 PM, Mov AX, 0xDEAD said: PoFxRegisterDevice - CALLBACKs PoFxIdleComponent - NO CALLBACKs PoFxSetDeviceIdleTimeout - NO CALLBACKs PoFxUnregisterDevice - NO CALLBACKs PoFxStartDevicePowerManagement - NO CALLBACKs PoRegisterPowerSettingCallback + PoUnregisterPowerSettingCallback - CALLBACKs, Vista+ new feature, not used in sdbus PoFxActivateComponent - NO CALLBACKs PoFxCompleteIdleCondition - NO CALLBACKs PoFxCompleteIdleState - NO CALLBACKs PoFxReportDevicePoweredOn - NO CALLBACKs PoFxCompleteDevicePowerNotRequired - NO CALLBACKs I just looked into wdm.h. This is what I can add and compile. It's far from my know how and it probably can't work. typedef PO_FX_COMPONENT_ACTIVE_CONDITION_CALLBACK, *PPO_FX_COMPONENT_ACTIVE_CONDITION_CALLBACK; typedef PO_FX_COMPONENT_IDLE_CONDITION_CALLBACK, *PPO_FX_COMPONENT_IDLE_CONDITION_CALLBACK; typedef PO_FX_COMPONENT_IDLE_STATE_CALLBACK, *PPO_FX_COMPONENT_IDLE_STATE_CALLBACK; typedef PO_FX_DEVICE_POWER_REQUIRED_CALLBACK, *PPO_FX_DEVICE_POWER_REQUIRED_CALLBACK; typedef PO_FX_DEVICE_POWER_NOT_REQUIRED_CALLBACK, *PPO_FX_DEVICE_POWER_NOT_REQUIRED_CALLBACK; typedef PO_FX_POWER_CONTROL_CALLBACK, *PPO_FX_POWER_CONTROL_CALLBACK; typedef struct _PO_FX_COMPONENT_IDLE_STATE { ULONGLONG TransitionLatency; ULONGLONG ResidencyRequirement; ULONG NominalPower; } PO_FX_COMPONENT_IDLE_STATE, *PPO_FX_COMPONENT_IDLE_STATE; typedef struct _PO_FX_COMPONENT_V1 { GUID Id; ULONG IdleStateCount; ULONG DeepestWakeableIdleState; PPO_FX_COMPONENT_IDLE_STATE IdleStates; } PO_FX_COMPONENT_V1, *PPO_FX_COMPONENT_V1; typedef struct _PO_FX_DEVICE_V1 { ULONG Version; ULONG ComponentCount; PPO_FX_COMPONENT_ACTIVE_CONDITION_CALLBACK ComponentActiveConditionCallback; PPO_FX_COMPONENT_IDLE_CONDITION_CALLBACK ComponentIdleConditionCallback; PPO_FX_COMPONENT_IDLE_STATE_CALLBACK ComponentIdleStateCallback; PPO_FX_DEVICE_POWER_REQUIRED_CALLBACK DevicePowerRequiredCallback; PPO_FX_DEVICE_POWER_NOT_REQUIRED_CALLBACK DevicePowerNotRequiredCallback; PPO_FX_POWER_CONTROL_CALLBACK PowerControlCallback; PVOID DeviceContext; PO_FX_COMPONENT_V1 Components[ANYSIZE_ARRAY]; } PO_FX_DEVICE, *PPO_FX_DEVICE; Edited July 12, 2022 by George King
Mov AX, 0xDEAD Posted July 13, 2022 Author Posted July 13, 2022 18 hours ago, George King said: I just looked into wdm.h. This is what I can add and compile. It's far from my know how and it probably can't work. @George King Ignore callback logic, let driver registers calbacks, but currenlty no way to call driver code from kernel. You can try sdbus driver with your simple stabs, they are OK, if you'l get error 10, you are unlucky, this means some condition fail in code driver, you never discover it without steb-by-step debugging
Andalu Posted July 17, 2022 Posted July 17, 2022 Where can I get the latest master? I'm still using the extender from February 2021 with included 80 functions and now I read that the one with 81 functions is old
George King Posted July 17, 2022 Posted July 17, 2022 (edited) 16 hours ago, Andalu said: Where can I get the latest master? I'm still using the extender from February 2021 with included 80 functions and now I read that the one with 81 functions is old Download project from GitHub and these files to get latest discussed sources with added missing exports for latest 6.0 and 6.1 kernels targets and new functions for porting Generic SD/MMC driver from Windows 8.0 build 8056 EDIT: Drivers collection included in XP2ESD v1.6 already contains compiled ntoskrn8.sys with these sources. I still haven't tried new SD/MMC driver on real HW. Probably will see in few days when I reformat my Windows 7 Dell laptop that have SD card reader that match Generic HWID. LatestChanges.7z Edited July 18, 2022 by George King 2
Andalu Posted July 18, 2022 Posted July 18, 2022 (edited) @George King Thanks Edit: I tried the Generic SD/MMC driver from Windows 8.0 build 8056 and it installs without issues on my old laptop (intel core2 duo): https://ibb.co/fdTYdCN Edited July 19, 2022 by Andalu 1
wyf180 Posted July 21, 2022 Posted July 21, 2022 On 7/11/2022 at 7:59 PM, George King said: Many thanks for that. I have added it to my source tree. Here are also modded drivers, that needs new extender with mentioned functions. Old ntoskrn8.sys for XP target is included, so needs to be recompiled with your new implementations. Generic_SD+MMC_6.2.8056.0.7z 207.09 kB · 10 downloads I tried the driver on qemu sd card,the sd bus driver can work but the mmc driver can't work
George King Posted July 21, 2022 Posted July 21, 2022 (edited) 2 hours ago, wyf180 said: I tried the driver on qemu sd card,the sd bus driver can work but the mmc driver can't work Have you added newly compiled ntoskrn8.sys from latest sources mentioned after that? Or have you tried these ported drivers from latest XP2ESD which already have it? Edited July 21, 2022 by George King
Mov AX, 0xDEAD Posted July 22, 2022 Author Posted July 22, 2022 On 7/17/2022 at 9:47 PM, Andalu said: Where can I get the latest master? I'm still using the extender from February 2021 with included 80 functions and now I read that the one with 81 functions is old Feb 2021 is last master, i didnt added new functions because theres is no new ported *chance to run on XP* drivers with missing imports. @George King try to port SecureDigital PCI driver, only one new IoSynchronousCallDriver function was posted on prev page, no more changes
Andalu Posted July 23, 2022 Posted July 23, 2022 (edited) 23 hours ago, Mov AX, 0xDEAD said: Feb 2021 is last master, i didnt added new functions because theres is no new ported *chance to run on XP* drivers with missing imports. @George King try to port SecureDigital PCI driver, only one new IoSynchronousCallDriver function was posted on prev page, no more changes So there is no possibility to get other drivers to use in XP via emu_extender? I also have one more question To get the win8_uaspstor.sys driver to work properly with win7_storport.sys v6.1.7601.25735 I applied a modification to storpor8.sys at offsets 3BE2 and 3BF8 by changing respectively 'ScsiPortMoveMemory' to 'StorPortMoveMemory' and 'ScsiPortNotification' to 'StorPortNotification'. To avoid conflicts with drivers already in the system, I renamed stoport.sys and storpor8.sys to something else and also the hexadecimal value referring to storport.sys within storpor8.sys itself. This mod also avoids system crashes when you reboot or shutdown the system with a UAS device still connected to the USB port as already reported some time ago by @pappyN4. I have tried the UAS driver on two intel systems for two months using all my UAS devices with no "apparent" problems detected. Here is the question: what can I test to be sure that the driver thus modded can be safely applied and that it is not instead an insane modification (and wasted time)? Thanks Edited July 23, 2022 by Andalu
wyf180 Posted July 24, 2022 Posted July 24, 2022 On 7/21/2022 at 8:25 PM, George King said: Have you added newly compiled ntoskrn8.sys from latest sources mentioned after that? Or have you tried these ported drivers from latest XP2ESD which already have it? I found the problem today:the mmc device was not emulated by qemu😁
Outbreaker Posted August 14, 2022 Posted August 14, 2022 (edited) On 6/17/2020 at 1:26 PM, Mov AX, 0xDEAD said: NTOSKRNL Emu_Extender If XXX.sys is driver made for Windows 8, change security_cookie to random value, security_cookie is constant 0x4EE640BB(x32) / 0x32A2DF2D992B(x64) inside file, change only first match ! I forgot on how to do this. I cannot find any of those entries with my Hex Editor (XVI32). Edited August 14, 2022 by Outbreaker
George King Posted August 14, 2022 Posted August 14, 2022 @Outbreaker I'm using HxD and search for all occurence in HEX for 4EE640BB in x86 driver works. Same for 32A2DF2D992B in x64 driver. What driver are you trying to port? 1
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now