Getting Started on Driver Development

c++ windows driver
17,559

Solution 1

One thing to beware of is the device driver development (architecture and tools) changes more than Win32 development ... so while Petzold's book from the 1990s is fine for Win32 and may be considered a timeless classic, the architecture for many kinds of drivers (printer drivers, network drivers, etc.) has varied in various O/S releases.

Here's a blog entry which reviews various books: Windows Device Drivers Book Reviews.

Don't forget the microsoft documentation included with the DDK: and, most importantly, the sample drivers (source code) included with the DDK. When I wanted to write a mock serial port driver, for example, I found the sample serial driver documentation combined with the DDK documentation was invaluable (and sufficient).

Solution 2

To learn kernel development well:

a. lots of samples kernel programs:

Windows DDK sample:

http://social.msdn.microsoft.com/Forums/en-US/softwaretesting/thread/08690203-1757-4129-b59a-6bae10bcdce8/

WDK samples:

http://msdn.microsoft.com/en-us/windows/hardware/gg487428

Or just search:

http://www.google.com/search?q=windows+ddk+samples

(because above URL may change, but Google will likely to return u the most appropriate/reachable one)

b. lots of debugging techniques, and among which I found the best is VMware (or VirtualBox) + windbg + serial port debugging:

http://www.google.com/search?q=windbg+vmware+kernel+debug

and this paper is classic for using VMWare + windbg (Lord of the Ring0):

http://silverstr.ufies.org/lotr0/windbg-vmware.html

c. as well as system admin tools which others have built:

http://technet.microsoft.com/en-us/sysinternals/bb545021

(In the past called SysInternals built by Mark Russinovich, co-author of "Windows Internal" - MUST READ!!)

http://technet.microsoft.com/en-us/sysinternals/bb963901

from these tools u have will immense debugging options.

d. Join the OSR mailing list (ntdev especially is very active, but there are others like windbg):

http://www.osronline.com/page.cfm?name=ListServer

e. Watch lots of video related to windows + kernel at channel9 (google returned over 1000 links):

http://www.google.com/search?q=site:channel9.msdn.com+kernel+video&num=100

f. Discussion forum like:

http://social.microsoft.com/Forums/en-us/kernel/threads

http://social.msdn.microsoft.com/Forums/en-US/wdk/threads

Subscribed to the free OSR magazine too (hardcopy). I have received mine since 1998 till now - and it is delivered half-way round the earth!

Solution 3

Personally the best way to start developing is by real-world exposure. Having this in mind I'd recomment this book

The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System

The Rootkit Arsenal Cover

It should be enough to get you started to have some code running which does "something" then after you have the general picture you might dwell on topics such as - Difference between Buffered/Neither/Direct methods and the peculiarities associated with them.

"Programming the windows driver model, 2nd edition" is also a great help when you need details regarding some specific topics. But first I believe the most important thing is to put things into context and then build on that.

Solution 4

I would search for tutorials with rich examples, like this one. The essence in windows driver development is to get the picture about layers and IRPs, IRQLs, and also to know terms like filter drivers. If you are looking for example codes, here is my Spodek driver code: sf.net link. You will find there a filter driver (for keyboard, keyb.c), kernel space queue (queue.c) and techniques to hide presence in system. It's a legacy (sys) driver though.

Solution 5

You should probably use the quite recent Windows Driver Foundation (WDF) framework instead of the older WDM framework. A good starting point is reading the WDF Overview Word documents.

If you want to read a book, "Developing Drivers with the Windows Driver Foundation" is the one you are looking for.

Share:
17,559
Billy ONeal
Author by

Billy ONeal

Credit for Avatar image: http://www.assaultandroidcactus.com/ I'm a Microsoft Software Development Engineer on the Trustworthy Computing Team. I've worked at several security related places previously, including Malware Bytes and PreEmptive Solutions. On StackOverflow I mostly answer c++ related questions, though I occasionally forray into c# and a couple of others. I am the author of pevFind, a component of the ComboFix malware removal tool, and volunteer at BleepingComputer.com as a malware response instructor. My Twitter account is @MalwareMinigun.

Updated on July 07, 2022

Comments

  • Billy ONeal
    Billy ONeal almost 2 years

    Does anyone have any books/tutorials which may be useful in getting started in Windows device driver development?

    For plain Win32/GUI development, Petzold's book seems to be the essential reference. Does such exist for drivers?

    I would like to note that I'm not actually talking to hardware -- I actually want to emulate a piece of hardware in software, but I'd like to see how things work in general first.

    Billy3

  • Billy ONeal
    Billy ONeal over 14 years
    Too bad I have to support Win2k :(
  • BCran
    BCran over 13 years
    I'd also add that it's a good idea to subscribe to the ntdev mailing list (osronline.com/cf.cfm?PageURL=showlists.CFM?list=NTDEV) because it can be a great source of information, as well as pointing out common mistakes.
  • AminM
    AminM almost 11 years
    Before anything you must familiar with Operating system concept and after that you must familiar with windows OS(read Mark Russinovich's windows internal)

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Send IOCTL to Windows device driver - CreateFile fails
How to setup timer resolution to 0.5 ms?
Is there an alternative to libusb-win32 for 64bit windows?
Pairing a bluetooth device in windows with c++
How do I convert a char string to a wchar_t string?
Utility to load .sys driver on Windows
How to Set Icon in a Windows Application using Visual Studio
How to set up CMake to cross compile with clang for ARM embedded on Windows?
Get pointer to IMAGE_DOS_HEADER with GetModuleHandle?
OpenCV undefined reference to Mat